Bug#1056358: bookworm-pu: package needrestart/3.6-4+deb12u1
thanks for taking care! Am 21.11.2023 um 17:35 schrieb Antoine Beaupre: Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: needrest...@packages.debian.org, pmatth...@debian.org Control: affects -1 + src:needrestart [ Reason ] needrestart, starting with bookworm, supports more microcode checks than before. In particular, it now checks AMD CPUs. The amd64-microcode package seem to ship *less* firmware files than its Intel counterpart, which leads to *many* machines (half a dozen) in our fleet to suddenly start warning us about "UNKNOWN" firmware status. [ Impact ] Spurious warnings lead to alert fatigue and consequently untimely security upgrades, which is the main reason why I'm considering this serious enough to warrant a stable update. [ Tests ] The provided patches were tested in production on a fleet (~50 machines) of Debian bookworm servers on torproject.org. [ Risks ] Code is relatively simple. There's a risk that operators who did *not* install the amd64-microcode package will not get a warning, but that's consider an operator error, and out of scope for this. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [~] the issue is verified as fixed in unstable [ Changes ] There are three patches here: 1. 05-fix-AMD-ucode-checking-in-non-debug-mode.patch - fixes a bug where AMD microcode checks would fail unless -v is passed 2. 06-uCode-fix-uninitialized-value-in-logging-of-processo.patch - fix uninitialized variable error, required for the other patches to work 3. 07-mark-unavailable-firmware-as-CURRENT.patch - do not mark unavailable firmware as "UNKNOWN" The first and second patches have shipped into unstable with the -6 release, the last patch is pending. [ Other info ] anarcat@angela:dist$ debdiff needrestart_3.6-4.dsc needrestart_3.6-4+deb12u1.dsc| diffstat dpkg-source: warning: extracting unsigned source package (/home/anarcat/dist/needrestart_3.6-4+deb12u1.dsc) changelog |6 patches/05-fix-AMD-ucode-checking-in-non-debug-mode.patch | 33 + patches/06-uCode-fix-uninitialized-value-in-logging-of-processo.patch | 30 patches/07-mark-unavailable-firmware-as-CURRENT.patch | 61 ++ patches/series|3 5 files changed, 133 insertions(+) We might also want to consider updating to the unstable version directly, as the patch is relatively similar, in fact it's currently *smaller* because it's lacking the third patch here: anarcat@angela:dist[1]$ debdiff needrestart_3.6-4.dsc needrestart_3.6-6.dsc | diffstat NEWS |8 -- changelog| 26 +++ control |1 patches/05-fix-AMD-ucode-checking-in-non-debug-mode.diff | 33 ++ patches/06-uCode-fix-uninitialized-value-in-logging-of-processo.diff | 30 + patches/series |2 6 files changed, 91 insertions(+), 9 deletions(-)
Re: Bug#1039604: glusterfs: Drop support for 32-bit architectures
Hello, Am 15.07.2023 um 08:54 schrieb Michael Tokarev: Yes, I use libglusterfs-dev in Build-Depends of samba and qemu. I think it is already reduced to 64bits on ubuntu for samba (or, rather, i386 is excluded). The question is: how to specify dependencies properly and more important, how to specify lists of files to install? I have uploaded glusterfs 11.0-1 to experimental, it is limited to these architectures: amd64 arm64 ppc64el ppc64 riscv64 mips64el s390x ia64 sparc64 So if nobody rises up I would start to fill bugs for the reverse dependencies in the next days and after that uploading glusterfs 11.x to unstable. What happens with stable, there I do not have an answer, yet. Right now I have: d/control: Build-Depends: libglusterfs-dev d/foo.install: /usr/lib/foo/gluster.so I can change the first one to be something like Build-Depends: libglusterfs-dev [amd64 arm64] So in your depends you should use: libglusterfs-dev [amd64 arm64 ppc64el ppc64 riscv64 mips64el s390x ia64 sparc64] (with a few questions remaining: what is the complete list? How about non-linux?). But what to do with the second, - move the handling to d/rules, like if [ -f debian/tmp/usr/lib/foo/gluster.so ]; then install -D debian/tmp/usr/lib/foo/gluster.so -t debian/foo/usr/lib/foo/ fi IMO the best way would be continue to use dh_install, there you can also limit the architectures: [amd64 arm64 ppc64el ppc64 riscv64 mips64el s390x ia64 sparc64] debian/tmp/usr/lib/foo/gluster.so You way would work, too. But if you want to build the glusterfs module, but it is not available (for whatever reason) you wouldnt notice it.
Re: Bug#1039604: glusterfs: Drop support for 32-bit architectures
*ping* (also adding some other maintainers of reverse depends) Am 04.07.2023 um 16:12 schrieb Patrick Matthäi: Hey, (@debian-release, pls CC me) Am 27.06.2023 um 20:13 schrieb Sergio Durigan Junior: Source: glusterfs Version: 10.3-5 Severity: important Hi, Upstream glusterfs has given several indications that they do not care about/support 32-bit architectures, as can be seen in this (non-exhaustive) list of issues: - https://github.com/gluster/glusterfs/issues/3911 - https://github.com/gluster/glusterfs/issues/702 Moreover, in Ubuntu, where glusterfs is built for armhf, some issues have been filed about problems related to this lack of 32-bit support, like: - https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1991441 - https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1951408 The underlying issue in these two bugs happen to be correlated: glusterfs requires that the host supports 64-bit atomic operations, but armhf and other 32-bit architectures don't offer such feature. Therefore, I would like to request that the support for 32-bit architecture in Debian's glusterfs package be dropped, please. A quick investigation tells me that these packages will likely need to be adjusted because they depend on glusterfs: Reverse-Build-Depends * fio (for libglusterfs-dev) * libvirt (for libglusterfs-dev) * nfs-ganesha (for libglusterfs-dev) * qemu (for libglusterfs-dev) * qemu (for glusterfs-common) * tgt (for libglusterfs-dev) * uwsgi (for libglusterfs-dev) Reverse-Build-Depends-Arch * samba (for libglusterfs-dev) Let me know if there's anything I can do to help here. Thanks, OK I think this is a realy bad situation, also just so short after the bookworm release.. @Release team: What is your opinion about it, should we remove glusterfs on 32 bit platforms from bookworm? How should we coordinate it also with the other reverse dependencies? Or should we leave it as it is (for bookworm) and change it for the upcoming releases?
Re: Bug#1039604: glusterfs: Drop support for 32-bit architectures
Hey, (@debian-release, pls CC me) Am 27.06.2023 um 20:13 schrieb Sergio Durigan Junior: Source: glusterfs Version: 10.3-5 Severity: important Hi, Upstream glusterfs has given several indications that they do not care about/support 32-bit architectures, as can be seen in this (non-exhaustive) list of issues: - https://github.com/gluster/glusterfs/issues/3911 - https://github.com/gluster/glusterfs/issues/702 Moreover, in Ubuntu, where glusterfs is built for armhf, some issues have been filed about problems related to this lack of 32-bit support, like: - https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1991441 - https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1951408 The underlying issue in these two bugs happen to be correlated: glusterfs requires that the host supports 64-bit atomic operations, but armhf and other 32-bit architectures don't offer such feature. Therefore, I would like to request that the support for 32-bit architecture in Debian's glusterfs package be dropped, please. A quick investigation tells me that these packages will likely need to be adjusted because they depend on glusterfs: Reverse-Build-Depends * fio (for libglusterfs-dev) * libvirt (for libglusterfs-dev) * nfs-ganesha (for libglusterfs-dev) * qemu (for libglusterfs-dev) * qemu (for glusterfs-common) * tgt (for libglusterfs-dev) * uwsgi (for libglusterfs-dev) Reverse-Build-Depends-Arch * samba (for libglusterfs-dev) Let me know if there's anything I can do to help here. Thanks, OK I think this is a realy bad situation, also just so short after the bookworm release.. @Release team: What is your opinion about it, should we remove glusterfs on 32 bit platforms from bookworm? How should we coordinate it also with the other reverse dependencies? Or should we leave it as it is (for bookworm) and change it for the upcoming releases?
Bug#1036989: unblock: needrestart/3.6-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: tho...@fiasko-nw.net
Please unblock package needrestart
[ Reason ]
In the past I have used the wrong version number, to remove a leftover config
file.
Also this update should close two noisy bugs (ignore serial-getty) and
especially
make the VM & microcode detection work again (just produced by a small typo).
[ Impact ]
Some smaller but noisy bugs.
[ Tests ]
Automated: debian/tests/sanity-test.sh
I also manual tested the update
[ Risks ]
Small diffs, I do not see a risk here.
[ Checklist ]
[x ] all changes are documented in the d/changelog
[x ] I reviewed all changes and I approve them
[x ] attach debdiff against the package in testing
unblock needrestart/3.6-4
diff -Nru needrestart-3.6/debian/changelog needrestart-3.6/debian/changelog
--- needrestart-3.6/debian/changelog2023-01-12 11:08:33.0 +0100
+++ needrestart-3.6/debian/changelog2023-05-31 16:47:03.0 +0200
@@ -1,3 +1,15 @@
+needrestart (3.6-4) unstable; urgency=medium
+
+ * Remove leftover conffile 30-pacman with 3.6-4.
+Closes: #1036526
+ * Add patch 03-ignore-serial-getty from Helmut Grohne to ignore serial-getty.
+Closes: #1035721
+ * Add upstream patch 04-vm-detection to fix a typo, which prevents the VM and
+microcode detection.
+Closes: #1026026
+
+ -- Patrick Matthäi Wed, 31 May 2023 16:47:03 +0200
+
needrestart (3.6-3) unstable; urgency=medium
* Adjust debian/watch to work again with GitHub.
diff -Nru needrestart-3.6/debian/needrestart.postinst
needrestart-3.6/debian/needrestart.postinst
--- needrestart-3.6/debian/needrestart.postinst 2023-01-12 11:08:33.0
+0100
+++ needrestart-3.6/debian/needrestart.postinst 2023-05-31 16:47:03.0
+0200
@@ -2,6 +2,6 @@
set -e
-dpkg-maintscript-helper rm_conffile /etc/needrestart/hook.d/30-pacman 3.5-4 --
"$@"
+dpkg-maintscript-helper rm_conffile /etc/needrestart/hook.d/30-pacman 3.6-4 --
"$@"
#DEBHELPER#
diff -Nru needrestart-3.6/debian/needrestart.postrm
needrestart-3.6/debian/needrestart.postrm
--- needrestart-3.6/debian/needrestart.postrm 2023-01-12 11:08:33.0
+0100
+++ needrestart-3.6/debian/needrestart.postrm 2023-05-31 16:47:03.0
+0200
@@ -2,6 +2,6 @@
set -e
-dpkg-maintscript-helper rm_conffile /etc/needrestart/hook.d/30-pacman 3.5-4 --
"$@"
+dpkg-maintscript-helper rm_conffile /etc/needrestart/hook.d/30-pacman 3.6-4 --
"$@"
#DEBHELPER#
diff -Nru needrestart-3.6/debian/needrestart.preinst
needrestart-3.6/debian/needrestart.preinst
--- needrestart-3.6/debian/needrestart.preinst 2023-01-12 11:08:33.0
+0100
+++ needrestart-3.6/debian/needrestart.preinst 2023-05-31 16:47:03.0
+0200
@@ -2,6 +2,6 @@
set -e
-dpkg-maintscript-helper rm_conffile /etc/needrestart/hook.d/30-pacman 3.5-4 --
"$@"
+dpkg-maintscript-helper rm_conffile /etc/needrestart/hook.d/30-pacman 3.6-4 --
"$@"
#DEBHELPER#
diff -Nru needrestart-3.6/debian/patches/03-ignore-serial-getty.diff
needrestart-3.6/debian/patches/03-ignore-serial-getty.diff
--- needrestart-3.6/debian/patches/03-ignore-serial-getty.diff 1970-01-01
01:00:00.0 +0100
+++ needrestart-3.6/debian/patches/03-ignore-serial-getty.diff 2023-05-31
16:47:03.0 +0200
@@ -0,0 +1,13 @@
+Subject: do not restart serial-getty@*.service
+Author: Helmut Grohne
+
+--- a/ex/needrestart.conf
b/ex/needrestart.conf
+@@ -98,6 +98,7 @@ $nrconf{override_rc} = {
+
+ # gettys
+ qr(^getty@.+\.service) => 0,
++qr(^serial-getty@.+\.service) => 0,
+
+ # systemd --user
+ qr(^user@\d+\.service) => 0,
diff -Nru needrestart-3.6/debian/patches/04-vm-detection.diff
needrestart-3.6/debian/patches/04-vm-detection.diff
--- needrestart-3.6/debian/patches/04-vm-detection.diff 1970-01-01
01:00:00.0 +0100
+++ needrestart-3.6/debian/patches/04-vm-detection.diff 2023-05-31
16:47:03.0 +0200
@@ -0,0 +1,22 @@
+From 27bf4678bb92f68dfadd04ab04e96cba6ea2c376 Mon Sep 17 00:00:00 2001
+From: zxyrepf <53189615+zxyr...@users.noreply.github.com>
+Date: Sun, 24 Jul 2022 08:30:19 +
+Subject: [PATCH] Fix VM detection regression introduced in f54d85c
+
+---
+ needrestart | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/needrestart b/needrestart
+index 64509ba..bcec62b 100755
+--- a/needrestart
b/needrestart
+@@ -51,7 +51,7 @@ my $is_tty = (-t *STDERR || -t *STDOUT || -t *STDIN);
+ my $is_vm;
+ my $is_container;
+
+-if($is_systemd && -x q(/usr/bin/systemds-detect-virt)) {
++if($is_systemd && -x q(/usr/bin/systemd-detect-virt)) {
+ # check if we are inside of a vm
+ my $ret = system(qw(/usr/bin/systemd-detect-virt --vm --quiet));
+ unless($? == -1 || $? & 127) {
diff -Nru needrestart-3.6/debian/patches/series
needrestart-3.6/debian/patches/series
-
Bug#1036675: unblock: manaplus/2.1.3.17-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package manaplus [ Reason ] fonts-mplus removed the ttf versions of the required fonts, this also results in broken symlinks. I am shipping the embedded version of both font files again [ Impact ] Broken/missing fonts [ Tests ] Manual [ Risks ] -Standards-Version: 4.6.1 +Standards-Version: 4.6.2 I hope this is okay, or had to create an extra branch just for that ;) [ Checklist ] [x ] all changes are documented in the d/changelog [x ] I reviewed all changes and I approve them [x ] attach debdiff against the package in testing unblock manaplus/2.1.3.17-5 diff -Nru manaplus-2.1.3.17/debian/changelog manaplus-2.1.3.17/debian/changelog --- manaplus-2.1.3.17/debian/changelog 2022-09-15 09:04:25.0 +0200 +++ manaplus-2.1.3.17/debian/changelog 2023-05-24 10:40:29.0 +0200 @@ -1,3 +1,11 @@ +manaplus (2.1.3.17-5) unstable; urgency=high + + * Bump Standards-Version to 4.6.2. + * Fix broken symlinks to mplus fonts by shipping the embedded versions. +Closes: #1035874 + + -- Patrick Matthäi Wed, 24 May 2023 10:40:29 +0200 + manaplus (2.1.3.17-4) unstable; urgency=medium * Fix FTBFS with last upload. diff -Nru manaplus-2.1.3.17/debian/control manaplus-2.1.3.17/debian/control --- manaplus-2.1.3.17/debian/control2022-09-15 09:04:25.0 +0200 +++ manaplus-2.1.3.17/debian/control2023-05-24 10:40:29.0 +0200 @@ -3,7 +3,7 @@ Priority: optional Homepage: http://manaplus.org/ Maintainer: Patrick Matthäi -Standards-Version: 4.6.1 +Standards-Version: 4.6.2 Rules-Requires-Root: no Build-Depends: debhelper-compat (= 13), libcurl4-gnutls-dev, @@ -41,7 +41,6 @@ fonts-dejavu-core, fonts-liberation Recommends: manaplus, - fonts-mplus, fonts-wqy-microhei Description: Extended client for Evol Online and The Mana World (data files) ManaPlus is an extended client for Evol Online, The Mana World, and similar diff -Nru manaplus-2.1.3.17/debian/manaplus-data.install manaplus-2.1.3.17/debian/manaplus-data.install --- manaplus-2.1.3.17/debian/manaplus-data.install 2022-09-15 09:04:25.0 +0200 +++ manaplus-2.1.3.17/debian/manaplus-data.install 2023-05-24 10:40:29.0 +0200 @@ -9,3 +9,4 @@ usr/share/manaplus/data/sfx/system usr/share/manaplus/data/perserver usr/share/manaplus/data/translations +usr/share/manaplus/data/fonts/mplus-1p-*.ttf diff -Nru manaplus-2.1.3.17/debian/manaplus-data.links manaplus-2.1.3.17/debian/manaplus-data.links --- manaplus-2.1.3.17/debian/manaplus-data.links2022-09-15 09:04:25.0 +0200 +++ manaplus-2.1.3.17/debian/manaplus-data.links2023-05-24 10:40:29.0 +0200 @@ -6,6 +6,4 @@ usr/share/fonts/truetype/liberation/LiberationSans-Regular.ttf usr/share/manaplus/data/fonts/liberationsans.ttf usr/share/fonts/truetype/liberation/LiberationMono-Bold.ttf usr/share/manaplus/data/fonts/liberationsansmono-bold.ttf usr/share/fonts/truetype/liberation/LiberationMono-Regular.ttf usr/share/manaplus/data/fonts/liberationsansmono.ttf -usr/share/fonts/truetype/mplus/mplus-1p-bold.ttf usr/share/manaplus/data/fonts/mplus-1p-bold.ttf -usr/share/fonts/truetype/mplus/mplus-1p-regular.ttf usr/share/manaplus/data/fonts/mplus-1p-regular.ttf usr/share/fonts/truetype/wqy/wqy-microhei.ttc usr/share/manaplus/data/fonts/wqy-microhei.ttf diff -Nru manaplus-2.1.3.17/debian/not-installed manaplus-2.1.3.17/debian/not-installed --- manaplus-2.1.3.17/debian/not-installed 2022-09-15 09:04:25.0 +0200 +++ manaplus-2.1.3.17/debian/not-installed 2023-05-24 10:40:29.0 +0200 @@ -9,8 +9,6 @@ usr/share/manaplus/data/fonts/liberationsansmono.ttf usr/share/manaplus/data/fonts/dejavuserifcondensed-bold.ttf usr/share/manaplus/data/fonts/wqy-microhei.ttf -usr/share/manaplus/data/fonts/mplus-1p-bold.ttf -usr/share/manaplus/data/fonts/mplus-1p-regular.ttf usr/share/manaplus/data/fonts/dejavusansmono-bold.ttf usr/share/manaplus/data/fonts/liberationsans.ttf usr/share/manaplus/data/fonts/dejavuserifcondensed.ttf
Bug#1036673: unblock: glusterfs/10.3-5
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package glusterfs
[ Reason ]
I have applied a patch from 10.4, which fixes a security issue as described in
CVE-2023-26253, #1031731 and https://github.com/gluster/glusterfs/issues/3954
[ Impact ]
Stack buffer overflow
[ Tests ]
Manual and tests driven by upstream
[ Risks ]
Small patch already shipped by upstream, I do not see a risk
[ Checklist ]
[x ] all changes are documented in the d/changelog
[x ] I reviewed all changes and I approve them
[x ] attach debdiff against the package in testing
unblock glusterfs/10.3-5
diff -Nru glusterfs-10.3/debian/changelog glusterfs-10.3/debian/changelog
--- glusterfs-10.3/debian/changelog 2023-01-06 15:56:57.0 +0100
+++ glusterfs-10.3/debian/changelog 2023-05-24 10:48:08.0 +0200
@@ -1,3 +1,12 @@
+glusterfs (10.3-5) unstable; urgency=high
+
+ * Add upstream patch 09-CVE-2023-26253: Resolve asan bug in during receive
+event notification, which results in a stack-buffer-overflow. This
+addresses CVE-2023-26253.
+Closes: #1031731
+
+ -- Patrick Matthäi Wed, 24 May 2023 10:48:08 +0200
+
glusterfs (10.3-4) unstable; urgency=medium
* Add adduser dependency on glusterfs-common.
diff -Nru glusterfs-10.3/debian/patches/09-CVE-2023-26253.diff
glusterfs-10.3/debian/patches/09-CVE-2023-26253.diff
--- glusterfs-10.3/debian/patches/09-CVE-2023-26253.diff1970-01-01
01:00:00.0 +0100
+++ glusterfs-10.3/debian/patches/09-CVE-2023-26253.diff2023-05-24
10:48:08.0 +0200
@@ -0,0 +1,67 @@
+From 0cbf51a9827af0e3a35f5cfa823bfa39740bbc58 Mon Sep 17 00:00:00 2001
+From: mohit84
+Date: Thu, 30 Mar 2023 13:02:19 +0530
+Subject: [PATCH] fuse: Resolve asan bug in during receive event notification
+ (#4024)
+
+The fuse xlator notify function tries to assign data object to graph
+object without checking an event. In case of upcall event data object
+represents upcall object so during access of graph object the process
+crashed for asan build.
+
+Solution: Access the graph->id only while an event is associated
+specifically to fuse xlator
+
+> Fixes: #3954
+> Change-Id: I6b2869256b26d22163879737dcf163510d1cd8bf
+> Signed-off-by: Mohit Agrawal moagr...@redhat.com
+> (Reviewed on upstream link #4019)
+
+Fixes: #3954
+Change-Id: I6b2869256b26d22163879737dcf163510d1cd8bf
+---
+ xlators/mount/fuse/src/fuse-bridge.c | 14 +++---
+ 1 file changed, 11 insertions(+), 3 deletions(-)
+
+diff --git a/xlators/mount/fuse/src/fuse-bridge.c
b/xlators/mount/fuse/src/fuse-bridge.c
+index 89e7725ca7c..583a135fac2 100644
+--- a/xlators/mount/fuse/src/fuse-bridge.c
b/xlators/mount/fuse/src/fuse-bridge.c
+@@ -6484,6 +6484,7 @@ notify(xlator_t *this, int32_t event, void *data, ...)
+ int32_t ret = 0;
+ fuse_private_t *private = NULL;
+ gf_boolean_t start_thread = _gf_false;
++gf_boolean_t event_graph = _gf_true;
+ glusterfs_graph_t *graph = NULL;
+ struct pollfd pfd = {0};
+
+@@ -6492,9 +6493,6 @@ notify(xlator_t *this, int32_t event, void *data, ...)
+
+ graph = data;
+
+-gf_log("fuse", GF_LOG_DEBUG, "got event %d on graph %d", event,
+- ((graph) ? graph->id : 0));
+-
+ switch (event) {
+ case GF_EVENT_GRAPH_NEW:
+ break;
+@@ -6584,9 +6582,19 @@ notify(xlator_t *this, int32_t event, void *data, ...)
+ }
+
+ default:
++/* Set the event_graph to false so that event
++ debug msg would not try to access invalid graph->id
++ while data object is not matched to graph object
++ for ex in case of upcall event data object represents
++ gf_upcall object
++*/
++event_graph = _gf_false;
+ break;
+ }
+
++gf_log("fuse", GF_LOG_DEBUG, "got event %d on graph %d", event,
++ ((graph && event_graph) ? graph->id : -1));
++
+ return ret;
+ }
+
diff -Nru glusterfs-10.3/debian/patches/series
glusterfs-10.3/debian/patches/series
--- glusterfs-10.3/debian/patches/series2023-01-06 15:56:57.0
+0100
+++ glusterfs-10.3/debian/patches/series2023-05-24 10:48:08.0
+0200
@@ -4,3 +4,4 @@
06-spelling-error.diff
07-spelling-error.diff
08-bash-term-in-posix-shell.diff
+09-CVE-2023-26253.diff
Bug#1033570: unblock: kdenlive/22.12.3-2
Am 15.04.2023 um 21:51 schrieb Paul Gevers: Control: tags -1 confirmed Hi Patrick, Thanks. On 14-04-2023 10:45, Patrick Matthäi wrote: You may have guessed from the silence (see also our FAQ [1]) that we're not enthusiastic about mlt. I'm currently leaning towards the tpu route for kdenlive. Please upload the version you have in unstable to testing-proposed-uploads with only an added changelog entry. I prefer a +deb12u1 version bump (because that will automatically be synced to unstable), but I can live with ~deb12u1 too if you prefer that. Paul Thank you, I have uploaded it :) PS: It works better with testing-proposed-updates instead of testing-proposed-uploads :D
Bug#1033570: unblock: kdenlive/22.12.3-2
Hello Paul, Am 12.04.2023 um 21:09 schrieb Paul Gevers: Control: tags -1 moreinfo Hi Patrick On 27-03-2023 17:06, Patrick Matthäi wrote: as mentioned in my unblock #1033554 for mlt I were a bit too stupid to read the freeze policy correctly. I would like to see kdenlive 22.12.3-2 in bookworm, it just fixes some upstream bugs and two Debian bugs (missing dependencies). Can you please elaborate? It appears that this is a bug fix only release, can you confirm? What's the upstream policy for such releases? I didn't spot any upstream changelog, can you describe what the changes are supposed to achieve? Yes, normaly the minor versions just contains bugfixes. Here are the release notes: https://kdenlive.org/de/2023/03/kdenlive-22-12-3/ The debdiff is - except of the translation files - small. Might have been nice to filter them out :). Attached :) Fixing annoying upstream bugs and missing dependencies in the packaging. Any pointers to which bugs those are? * Fix subtitle scrolling. Commit. <http://commits.kde.org/kdenlive/bdbf0bf5122ae5fce7334203a7d990dd7032a129> * Fix language model combobox too small. Commit. <http://commits.kde.org/kdenlive/7432631c675d034bfbf266443cc2f7ab6774128b>Fixes bug #465787 <https://bugs.kde.org/465787> * Scroll timeline when moving a subtitle. Related to #1634. Commit. <http://commits.kde.org/kdenlive/b53e78e697793e8fff51dc5ef7cc8eb3584147df> * Fix subtitles overlap on import. Commit. <http://commits.kde.org/kdenlive/ffda87a8de2bed6812edc23cc9536a01d3d58f0c> * Fix subtitle move regression. Commit. <http://commits.kde.org/kdenlive/cbc0201a7179834dc63a517919238400bb233d5b> * Fix subtitle offset on group move. Commit. <http://commits.kde.org/kdenlive/56d4646ec9ac56b09c64a7cae39fda98848e927e> * Fix subtitles snapping. Commit. <http://commits.kde.org/kdenlive/c3cfcd9e0254b2b74a5b58d49591bbc08d4c719c> * Fix compilation. Commit. <http://commits.kde.org/kdenlive/7e2421b2aa82e2658a31291f0a769543e3cddada> * Fix crash and offset when moving a group with subtitle. Commit. <http://commits.kde.org/kdenlive/998ddfa5e0471b7dba34ebb16909931cae3d7922> [ Risks ] If mlt is not allowed to enter bookworm the "risk" would be that I would like to request a upload of this kdenlive version directly to testing? You may have guessed from the silence (see also our FAQ [1]) that we're not enthusiastic about mlt. I'm currently leaning towards the tpu route for kdenlive. Paul [1] https://release.debian.org/testing/FAQ.html Yes especially for the mlt case it is understandable for me. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog:https://www.linux-dev.org/ E-Mail:pmatth...@debian.org patr...@linux-dev.org */ diff -Nru kdenlive-22.12.2/debian/changelog kdenlive-22.12.3/debian/changelog --- kdenlive-22.12.2/debian/changelog 2023-02-03 09:49:23.0 +0100 +++ kdenlive-22.12.3/debian/changelog 2023-03-10 09:43:45.0 +0100 @@ -1,3 +1,19 @@ +kdenlive (22.12.3-2) unstable; urgency=medium + + * Add missing dependency on qml-module-org-kde-newstuff. +Closes: #1032470 + + -- Patrick Matthäi Fri, 10 Mar 2023 09:43:45 +0100 + +kdenlive (22.12.3-1) unstable; urgency=medium + + * New upstream release. + * Add dependency on qml-module-org-kde-kcm. + Closes: #1030782 + * Update signing-key.asc. + + -- Patrick Matthäi Tue, 07 Mar 2023 09:13:27 +0100 + kdenlive (22.12.2-1) unstable; urgency=medium * New upstream release. diff -Nru kdenlive-22.12.2/debian/control kdenlive-22.12.3/debian/control --- kdenlive-22.12.2/debian/control 2023-02-03 09:49:23.0 +0100 +++ kdenlive-22.12.3/debian/control 2023-03-10 09:43:45.0 +0100 @@ -60,6 +60,8 @@ qml-module-qtquick-dialogs, qml-module-qtquick-layouts, qml-module-qtquick-window2, + qml-module-org-kde-kcm, + qml-module-org-kde-newstuff, breeze, breeze-icon-theme (>= 4:5.83.0), kinit, diff -Nru kdenlive-22.12.2/debian/upstream/signing-key.asc kdenlive-22.12.3/debian/upstream/signing-key.asc --- kdenlive-22.12.2/debian/upstream/signing-key.asc2023-02-03 09:49:23.0 +0100 +++ kdenlive-22.12.3/debian/upstream/signing-key.asc2023-03-10 09:43:45.0 +0100 @@ -11,19 +11,147 @@ P0B3l1E4Ccw1ne2/O1BdsnXeUaI3YVYz9aZkVlL7ywda3h/goRKxc1b18bmgu/Ed QmcTEMj29B3szMpetWNt1ZbaMJzfDw+z+SiQ3toOTUiqMuWq+l+JK0dVUzOvpGhG VHv5m9CtJFP671ivEc4it0hJRH5kdW9aNbeG0g9TxHQqQMJIpeLvRq5WKwARAQAB -tCFBbGJlcnQgQXN0YWxzIENpZCA8YWFjaWRAa2RlLm9yZz6JAlQEEwEIAD4CGwMF -CwkIBwIGFQgJCgsCBBYCAwECHgECF4AWIQTKJixsg95NL7KKMyo6ak24Oeqm1wUC -Yv52/wUJDRPXIAAKCRA6ak24Oeqm1zksD/95HdsLbCMlQWImftxAY0wUNVLTvt7+ -9rjpt/unyCqdtD9uS7J6Tfldmd2zPxIJFxpDx3AK5gJGAl8hBuARBTG6mzDSyohy -0ldLAroab2zKn/hGfnAlxZtsa8DGmNhKKb8zEyKraM2grdc2bCF/sQ5yKmC0THAQ -wMBjLHoszKYV+y/R34o1nZZaufPrNWMPd3hmiyCl5vzmRDQJatmkDvueY
Bug#1033555: unblock: fraqtive/0.4.8.1-1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package fraqtive
This is just a short maintainance release from upstream after many
years, mainly just merged already in Debian applied patches, so that
fraqtive still builds in modern environments.
As described in my mlt unblock request I thought it will migrate after
20 days and it looks cleaner for me to have the new upstream release, why
I had done this upload for targeting bookworm
[ Reason ]
New upstream release, which just covers already applied patches.
[ Impact ]
No impact here
[ Tests ]
Tested if it still starts, manual
[ Risks ]
I do not see any risk
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock fraqtive/0.4.8.1-1
diff -Nru fraqtive-0.4.8/configure fraqtive-0.4.8.1/configure
--- fraqtive-0.4.8/configure2008-03-21 11:49:25.78354 +0100
+++ fraqtive-0.4.8.1/configure 2023-03-06 09:30:22.0 +0100
@@ -81,7 +81,7 @@
if test "$version" != "**Unknown**"; then
major=`echo $version | sed -e "s/\([0-9][0-9]*\).*/\1/"`
minor=`echo $version | sed -e "s/[0-9][0-9]*\.\([0-9][0-9]*\).*/\1/"`
-if test $major -eq 4 -a $minor -ge 3; then
+if test $major -eq 5; then
QMAKE=$i
break
fi
@@ -89,7 +89,7 @@
done
if test -z "$QMAKE"; then
-echo "*** ERROR: Cannot find 'qmake' from Qt 4.3 or newer." >&2
+echo "*** ERROR: Cannot find 'qmake' from Qt 5." >&2
exit 1
fi
diff -Nru fraqtive-0.4.8/debian/changelog fraqtive-0.4.8.1/debian/changelog
--- fraqtive-0.4.8/debian/changelog 2023-01-12 11:07:55.0 +0100
+++ fraqtive-0.4.8.1/debian/changelog 2023-03-13 12:00:59.0 +0100
@@ -1,3 +1,11 @@
+fraqtive (0.4.8.1-1) unstable; urgency=medium
+
+ * New upstream release.
+- Remove merged patch 03-use-qt5.
+- Remove merged patch 04-fix-includes.
+
+ -- Patrick Matthäi Mon, 13 Mar 2023 12:00:59 +0100
+
fraqtive (0.4.8-17) unstable; urgency=medium
* Adjust debian/watch to work again with GitHub.
diff -Nru fraqtive-0.4.8/debian/patches/03-use-qt5.diff
fraqtive-0.4.8.1/debian/patches/03-use-qt5.diff
--- fraqtive-0.4.8/debian/patches/03-use-qt5.diff 2023-01-12
11:07:55.0 +0100
+++ fraqtive-0.4.8.1/debian/patches/03-use-qt5.diff 1970-01-01
01:00:00.0 +0100
@@ -1,19 +0,0 @@
-Description: Fix build system to use Qt5 instead of Qt4
-Author: Sune Vuorela
-Forwarded: yes
-
-Origin: other
-Last-Update: 2018-08-15
-
fraqtive-0.4.8.orig/configure
-+++ fraqtive-0.4.8/configure
-@@ -81,7 +81,7 @@ for i in $paths; do
- if test "$version" != "**Unknown**"; then
- major=`echo $version | sed -e "s/\([0-9][0-9]*\).*/\1/"`
- minor=`echo $version | sed -e "s/[0-9][0-9]*\.\([0-9][0-9]*\).*/\1/"`
--if test $major -eq 4 -a $minor -ge 3; then
-+if test $major -eq 5 -a $minor -ge 3; then
- QMAKE=$i
- break
- fi
diff -Nru fraqtive-0.4.8/debian/patches/04-fix-includes.diff
fraqtive-0.4.8.1/debian/patches/04-fix-includes.diff
--- fraqtive-0.4.8/debian/patches/04-fix-includes.diff 2023-01-12
11:07:55.0 +0100
+++ fraqtive-0.4.8.1/debian/patches/04-fix-includes.diff1970-01-01
01:00:00.0 +0100
@@ -1,30 +0,0 @@
-Description: Add missing includes
- Qt5 has had a bit of includes cleanups. Apply those.
-Author: Sune Vuorela
-Forwarded: yes
-
-Origin: other
-Forwarded: no
-Last-Update: 2018-08-15
-
fraqtive-0.4.8.orig/src/configurationdata.cpp
-+++ fraqtive-0.4.8/src/configurationdata.cpp
-@@ -27,6 +27,7 @@
-
- #include
- #include
-+#include
-
- ConfigurationData::ConfigurationData()
- {
fraqtive-0.4.8.orig/src/fractalgenerator.h
-+++ fraqtive-0.4.8/src/fractalgenerator.h
-@@ -22,6 +22,7 @@
- #include
- #include
- #include
-+#include
-
- #include "abstractjobprovider.h"
- #include "datastructures.h"
diff -Nru fraqtive-0.4.8/debian/patches/series
fraqtive-0.4.8.1/debian/patches/series
--- fraqtive-0.4.8/debian/patches/series2023-01-12 11:07:55.0
+0100
+++ fraqtive-0.4.8.1/debian/patches/series 2023-03-13 12:00:59.0
+0100
@@ -1,5 +1,3 @@
01-desktop-keywords.diff
02-spelling-error.diff
-03-use-qt5.diff
-04-fix-includes.diff
05-fix-ftbfs.diff
diff -Nru fraqtive-0.4.8/.gitignore fraqtive-0.4.8.1/.gitignore
--- fraqtive-0.4.8/.gitignore 1970-01-01 01:00:00.0 +0100
+++ fraqtive-0.4.8.1/.gitignore 2023-03-06 09:30:22.0 +0100
@@ -0,0 +1,12 @@
+debug
+release
+src/fraqtive_pch.h.cpp
+src/fraqtive.vcxproj
+src/fraqtive.vcxproj.filters
+src/fraqtive.vcxproj.user
+tmp
+.qmake.stash
+config.pri
+configure-msvc.bat
+fraqtive.sln
+fraqtive.v12.suo
diff -Nru fraqtive-0.4.8/src/configurationdata.cpp
fraq
Bug#1033554: unblock: mlt/7.14.0-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package mlt First I am very sorry for this mess! I missunderstood the text in the time of the soft freeze and thought key packages with autopkgtests only and that non key-packages will still migrate after 20 days.. After I have done those uploads I still wanted to see in bookworm it was already too late.. My fault and also a good hint for me to indroduce autopkgtests in my packages So the problem is now, mlt 7.14 about 7.12 has some fixed bugs and improvided ffmpeg support for further releases. And now it is already in unstable.. Sorry.. I have done this update along with kdenlive (unblock for it follows), because it has a bugfix release. Which is not complicated, but if you dont see a chance to let 7.14 to bookworm I had for example to do a upload of kdenlive directly to testing? [ Reason ] Several fixed bugs. [ Impact ] It is uploaded to unstable, could be problematic for the release process (dependencies) if updates are required. [ Tests ] I have tested mlt on my system along with kdenlive. [ Risks ] It is a new upstream release, which also introduces new features, compability with ffmpeg 6.0 (which would be nice for later backports in bookworm), risk that something new could break something else. But it looks good from my view [ Checklist ] [x] all changes are documented in the d/changelog [y] I reviewed all changes and I approve them (as possible for myself with the upstream code) [x] attach debdiff against the package in testing unblock mlt/7.14.0-1 mlt.debdiff.gz Description: application/gzip
Bug#1030755: RM: roaraudio/1.0~beta12-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove the package from testing. I have decided that it is better to release bookworm without the whole roaraudio stuff, because of the lack of users, reverse dependencies, support and missing releases. The last reverse dependency (cmus) also removed the support now with #1030662
Bug#1030666: RM: vclt-tools/0.1.4-9
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove the package from testing. I have decided that it is better to release bookworm without the whole roaraudio stuff, because of the lack of users, reverse dependencies, support and missing releases.
Bug#1030665: RM: roarplaylistd/0.1.9-10
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove the package from testing. I have decided that it is better to release bookworm without the whole roaraudio stuff, because of the lack of users, reverse dependencies, support and missing releases.
Bug#1030664: RM: muroard/0.1.14-9
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove the package from testing. I have decided that it is better to release bookworm without the whole roaraudio stuff, because of the lack of users, reverse dependencies, support and missing releases.
Bug#1030662: RM: ckport/0.1~rc1-11
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove the package from testing. I have decided that it is better to release bookworm without the whole roaraudio stuff, because of the lack of users, reverse dependencies, support and missing releases.
Bug#1030663: RM: muroar/0.1.13-8
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm Please remove the package from testing. I have decided that it is better to release bookworm without the whole roaraudio stuff, because of the lack of users, reverse dependencies, support and missing releases.
Bug#1029147: bullseye-pu: package needrestart/3.5-4+deb11u3
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
[ Reason ]
needrestart on stable reports a uninitialized perl warning on some amd64
systems when using option "-b"
[ Tests ]
Verified on my own Ryzen notebook: stable not working and patch approved
[ Checklist ]
[x ] *all* changes are documented in the d/changelog
[x ] I reviewed all changes and I approve them
[x ] attach debdiff against the package in (old)stable
[x ] the issue is verified as fixed in unstable
debdiff against current stable version:
diff -Naur tags/3.5-4+deb11u2/debian/changelog
branches/bullseye/debian/changelog
--- tags/3.5-4+deb11u2/debian/changelog 2022-05-29 09:57:10.173934775 +0200
+++ branches/bullseye/debian/changelog 2023-01-18 16:18:34.571042767 +0100
@@ -1,3 +1,11 @@
+needrestart (3.5-4+deb11u3) bullseye; urgency=medium
+
+ * Add patch 10-amd-reporting from George Robbert to fix a Perl warning on
+AMD64 systems.
+Closes: #1026927
+
+ -- Patrick Matthäi Wed, 18 Jan 2023 16:18:28 +0100
+
needrestart (3.5-4+deb11u2) bullseye; urgency=medium
* Add upstream patch 09-cgroupv2 to fix broken detection with cgroupv2.
diff -Naur tags/3.5-4+deb11u2/debian/patches/10-amd-reporting.diff
branches/bullseye/debian/patches/10-amd-reporting.diff
--- tags/3.5-4+deb11u2/debian/patches/10-amd-reporting.diff 1970-01-01
01:00:00.0 +0100
+++ branches/bullseye/debian/patches/10-amd-reporting.diff 2023-01-18
15:56:59.058848074 +0100
@@ -0,0 +1,22 @@
+# Fix Perl warning with needrestart -b on AMD64 systems.
+# Closes: #1026927
+
+diff -Naur needrestart-3.5.orig/perl/lib/NeedRestart/uCode/AMD.pm
needrestart-3.5/perl/lib/NeedRestart/uCode/AMD.pm
+--- needrestart-3.5.orig/perl/lib/NeedRestart/uCode/AMD.pm 2020-03-22
17:40:19.0 +0100
needrestart-3.5/perl/lib/NeedRestart/uCode/AMD.pm 2023-01-18
15:53:14.522822806 +0100
+@@ -173,13 +173,13 @@
+ _scan_ucodes();
+ }
+
+-my %vars = ( CURRENT => sprintf( "0x%08x", $ucode ), );
++my %vars = ( CURRENT => sprintf( "0x%08x", $ucode ), AVAIL =>
"unavailable");
+
+ # check for microcode updates
+ if ( exists( $_ucodes->{cpuid}->{$cpuid} ) ) {
+ my $prid = $_ucodes->{cpuid}->{$cpuid};
+ if ( exists( $_ucodes->{prid}->{$prid} ) ) {
+-$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} ),
++$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} );
+
+ print STDERR "$LOGPREF #$info->{processor} found ucode
$vars{AVAIL}\n" if ($debug);
+ if ( $_ucodes->{prid}->{$prid} > $ucode ) {
diff -Naur tags/3.5-4+deb11u2/debian/patches/series
branches/bullseye/debian/patches/series
--- tags/3.5-4+deb11u2/debian/patches/series2022-05-29 09:57:10.233934382
+0200
+++ branches/bullseye/debian/patches/series 2023-01-18 15:56:00.978841509
+0100
@@ -7,3 +7,4 @@
07-runit.diff
08-anchor-interp-re.diff
09-cgroupv2.diff
+10-amd-reporting.diff
Bug#1011198: bullseye-pu: package needrestart/3.5-4+deb11u2
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: tho...@fiasko-nw.net
Hello,
we require a small update for stable of needrestart to fix #1005953
This update already includes the security update from yesterday (3.5-4+deb11u1),
to be on the safe side I attached the full debdiff (with the approved security
update).
[ Reason ]
It is required, because the initial changes were introduced with a systemd
update
[ Impact ]
Detection of restarts does not work as excepted in every case
[ Tests ]
Manual tested by myself, patch already in unstable/testing
[ Risks ]
No risk
[ Checklist ]
[x ] *all* changes are documented in the d/changelog
[x ] I reviewed all changes and I approve them
[x ] attach debdiff against the package in (old)stable
[x ] the issue is verified as fixed in unstable
diff -Naur tags/3.5-4/debian/changelog branches/bullseye/debian/changelog
--- tags/3.5-4/debian/changelog 2021-04-12 10:08:42.636804816 +0200
+++ branches/bullseye/debian/changelog 2022-05-18 08:34:23.358456321 +0200
@@ -1,3 +1,17 @@
+needrestart (3.5-4+deb11u2) bullseye; urgency=medium
+
+ * Add upstream patch 09-cgroupv2 to fix broken detection with cgroupv2.
+Closes: #1005953
+
+ -- Patrick Matthäi Wed, 18 May 2022 08:32:47 +0200
+
+needrestart (3.5-4+deb11u1) bullseye-security; urgency=high
+
+ * Add patch 08-anchor-interp-re to fix not anchored regular expressions.
+This fixes CVE-2022-30688.
+
+ -- Patrick Matthäi Thu, 13 May 2022 10:50:07 +0200
+
needrestart (3.5-4) unstable; urgency=medium
* New source only upload.
diff -Naur tags/3.5-4/debian/patches/08-anchor-interp-re.diff
branches/bullseye/debian/patches/08-anchor-interp-re.diff
--- tags/3.5-4/debian/patches/08-anchor-interp-re.diff 1970-01-01
01:00:00.0 +0100
+++ branches/bullseye/debian/patches/08-anchor-interp-re.diff 2022-05-18
08:31:50.143457667 +0200
@@ -0,0 +1,42 @@
+# Upstream patch to fix not anchored regular expressions.
+
+diff --git a/perl/lib/NeedRestart/Interp/Perl.pm
b/perl/lib/NeedRestart/Interp/Perl.pm
+index 40aabb4..5031679 100644
+--- a/perl/lib/NeedRestart/Interp/Perl.pm
b/perl/lib/NeedRestart/Interp/Perl.pm
+@@ -43,7 +43,7 @@ sub isa {
+ my $pid = shift;
+ my $bin = shift;
+
+-return 1 if($bin =~ m@/usr/(local/)?bin/perl@);
++return 1 if($bin =~ m@^/usr/(local/)?bin/perl(5[.\d]*)?$@);
+
+ return 0;
+ }
+diff --git a/perl/lib/NeedRestart/Interp/Python.pm
b/perl/lib/NeedRestart/Interp/Python.pm
+index 559666c..a30121d 100644
+--- a/perl/lib/NeedRestart/Interp/Python.pm
b/perl/lib/NeedRestart/Interp/Python.pm
+@@ -42,7 +42,7 @@ sub isa {
+ my $pid = shift;
+ my $bin = shift;
+
+-return 1 if($bin =~ m@/usr/(local/)?bin/python@);
++return 1 if($bin =~ m@^/usr/(local/)?bin/python([23][.\d]*)?$@);
+
+ return 0;
+ }
+diff --git a/perl/lib/NeedRestart/Interp/Ruby.pm
b/perl/lib/NeedRestart/Interp/Ruby.pm
+index d02973d..72920f3 100644
+--- a/perl/lib/NeedRestart/Interp/Ruby.pm
b/perl/lib/NeedRestart/Interp/Ruby.pm
+@@ -42,7 +42,7 @@ sub isa {
+ my $pid = shift;
+ my $bin = shift;
+
+-return 1 if($bin =~ m@/usr/(local/)?bin/ruby@);
++return 1 if($bin =~ m@^/usr/(local/)?bin/ruby$@);
+
+ return 0;
+ }
+
diff -Naur tags/3.5-4/debian/patches/09-cgroupv2.diff
branches/bullseye/debian/patches/09-cgroupv2.diff
--- tags/3.5-4/debian/patches/09-cgroupv2.diff 1970-01-01 01:00:00.0
+0100
+++ branches/bullseye/debian/patches/09-cgroupv2.diff 2022-05-18
08:32:21.755251053 +0200
@@ -0,0 +1,24 @@
+From 29fcd57cd89a962bb94adbf116acd9a61036b6eb Mon Sep 17 00:00:00 2001
+From: Thomas Liske
+Date: Mon, 16 May 2022 20:00:17 +0200
+Subject: [PATCH] [Core] Make cgroup detection for services and user sessions
+ cgroup v2 aware.
+
+closes #203, closes #213
+---
+ needrestart | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/needrestart b/needrestart
+index 6bf2e6b..bc690aa 100755
+--- a/needrestart
b/needrestart
+@@ -648,7 +648,7 @@ if(defined($opt_l)) {
+ my ($rc) = map {
+ chomp;
+ my ($id, $type, $value) = split(/:/);
+- if($type ne q(name=systemd)) {
++ if($id != 0 && $type ne q(name=systemd)) {
+ ();
+ }
+ else {
diff -Naur tags/3.5-4/debian/patches/series
branches/bullseye/debian/patches/series
--- tags/3.5-4/debian/patches/series2021-04-12 10:08:42.636804816 +0200
+++ branches/bullseye/debian/patches/series 2022-05-18 08:32:36.875152228
+0200
@@ -5,3 +5,5 @@
05-ignore-nvidia-memfd.diff
06-dont-restart-bluetooth.diff
07-runit.diff
+08-anchor-interp-re.diff
+09-cgroupv2.diff
Bug#991915: unblock: otrs2/6.0.32-6
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package otrs2 It fixes three open CVEs, I hope you can still include it for bullseye changelog |8 patches/16-CVE-2021-36091.diff | 31 +++ patches/17-CVE-2021-21440.diff | 56 patches/18-CVE-2021-21443.diff | 24 patches/series |3 +++ 5 files changed, 122 insertions(+) unblock otrs2/6.0.32-6 -- System Information: Debian Release: 10.10 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-17-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled otrs2.diff.gz Description: application/gzip
Bug#990037: Acknowledgement (unblock: kid3/3.8.5-2)
retitle 990037 unblock: kid3/3.8.5-3
thanks
Am 18.06.21 um 16:15 schrieb Debian Bug Tracking System:
Thank you for filing a new Bug report with Debian.
You can follow progress on this Bug here: 990037:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990037.
Hi,
sorry pls unblock 3.8.5-3. I have added a missing breaks / replaces for
safety (apt and apt-get do not complain, hmkay):
diff -Naur 3.8.5-2/debian/changelog 3.8.5-3/debian/changelog
--- 3.8.5-2/debian/changelog 2021-06-18 15:59:46.355258057 +0200
+++ 3.8.5-3/debian/changelog 2021-06-19 13:17:55.952281139 +0200
@@ -1,3 +1,9 @@
+kid3 (3.8.5-3) unstable; urgency=medium
+
+ * Add missing breaks and replaces from the last upload.
+
+ -- Patrick Matthäi Sat, 19 Jun 2021 13:17:06 +0200
+
kid3 (3.8.5-2) unstable; urgency=medium
* Cleanup manpage installing. The old method is obsolet and buggy. All
diff -Naur 3.8.5-2/debian/control 3.8.5-3/debian/control
--- 3.8.5-2/debian/control 2021-06-18 15:59:46.351258076 +0200
+++ 3.8.5-3/debian/control 2021-06-19 13:17:56.008280861 +0200
@@ -32,8 +32,12 @@
Architecture: any
Depends: ${shlibs:Depends},
${misc:Depends}
-Breaks: kid3 (<< 3.0.2-2)
-Replaces: kid3 (<< 3.0.2-2)
+Breaks: kid3 (<< 3.8.5-2),
+ kid3-cli (<< 3.8.5-2),
+ kid3-qt (<< 3.8.5-2)
+Replaces: kid3 (<< 3.8.5-2),
+ kid3-cli (<< 3.8.5-2),
+ kid3-qt (<< 3.8.5-2)
Description: Audio tag editor core libraries and data
With Kid3, an ID3 tag editor for KDE you can:
* Edit ID3v1.1 tags in your MP3 files
Bug#990037: unblock: kid3/3.8.5-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package kid3. It fixes the fucked-up manpages about the whole packaging and simplifies it by just installing all manpage stuff to the kid3-core package. The old behaviour was required in the past, but it is obsolete and simplified by upstream since a longer time, but it wasn't adopted to the packaging. diff -Naur 3.8.5-1/debian/changelog 3.8.5-2/debian/changelog --- 3.8.5-1/debian/changelog2021-02-01 11:45:07.735498453 +0100 +++ 3.8.5-2/debian/changelog2021-06-18 15:59:46.355258057 +0200 @@ -1,3 +1,11 @@ +kid3 (3.8.5-2) unstable; urgency=medium + + * Cleanup manpage installing. The old method is obsolet and buggy. All +manpages are now installed to the kid3-core package. +Closes: #990018 + + -- Patrick Matthäi Fri, 18 Jun 2021 15:56:17 +0200 + kid3 (3.8.5-1) unstable; urgency=medium * New upstream release. diff -Naur 3.8.5-1/debian/kid3-cli.install 3.8.5-2/debian/kid3-cli.install --- 3.8.5-1/debian/kid3-cli.install 2021-02-01 11:45:07.835497918 +0100 +++ 3.8.5-2/debian/kid3-cli.install 2021-06-18 15:59:46.351258076 +0200 @@ -1 +1 @@ -/usr/bin/kid3-cli +usr/bin/kid3-cli diff -Naur 3.8.5-1/debian/kid3-cli.manpages 3.8.5-2/debian/kid3-cli.manpages --- 3.8.5-1/debian/kid3-cli.manpages2021-02-01 11:45:07.771498261 +0100 +++ 3.8.5-2/debian/kid3-cli.manpages1970-01-01 01:00:00.0 +0100 @@ -1,2 +0,0 @@ -deb/kid3-cli.1 -deb/kid3-cli.de.1 diff -Naur 3.8.5-1/debian/kid3-core.install 3.8.5-2/debian/kid3-core.install --- 3.8.5-1/debian/kid3-core.install2021-02-01 11:45:07.735498453 +0100 +++ 3.8.5-2/debian/kid3-core.install2021-06-18 15:59:46.355258057 +0200 @@ -1,4 +1,10 @@ -/usr/lib/kid3/* -/usr/share/dbus-1/interfaces/org.kde.Kid3.xml -/usr/share/kid3/translations/* -/usr/share/kid3/qml/script/* +usr/lib/kid3/* +usr/share/dbus-1/interfaces/org.kde.Kid3.xml +usr/share/kid3/translations/* +usr/share/kid3/qml/script/* +usr/share/man/*/man1/kid3-cli.1.gz +usr/share/man/*/man1/kid3-qt.1.gz +usr/share/man/*/man1/kid3.1.gz +usr/share/man/man1/kid3-cli.1.gz +usr/share/man/man1/kid3-qt.1.gz +usr/share/man/man1/kid3.1.gz diff -Naur 3.8.5-1/debian/kid3.install 3.8.5-2/debian/kid3.install --- 3.8.5-1/debian/kid3.install 2021-02-01 11:45:07.791498153 +0100 +++ 3.8.5-2/debian/kid3.install 2021-06-18 15:59:46.287258395 +0200 @@ -1,6 +1,6 @@ -/usr/bin/kid3 -/usr/share/icons/hicolor/*/apps/kid3.* -/usr/share/applications/org.kde.kid3.desktop -/usr/share/metainfo/org.kde.kid3.appdata.xml -/usr/share/doc/HTML/*/kid3/* -/usr/share/kxmlgui5/kid3/kid3ui.rc +usr/bin/kid3 +usr/share/icons/hicolor/*/apps/kid3.* +usr/share/applications/org.kde.kid3.desktop +usr/share/metainfo/org.kde.kid3.appdata.xml +usr/share/doc/HTML/*/kid3/* +usr/share/kxmlgui5/kid3/kid3ui.rc diff -Naur 3.8.5-1/debian/kid3.manpages 3.8.5-2/debian/kid3.manpages --- 3.8.5-1/debian/kid3.manpages2021-02-01 11:45:07.719498539 +0100 +++ 3.8.5-2/debian/kid3.manpages1970-01-01 01:00:00.0 +0100 @@ -1,2 +0,0 @@ -deb/kid3.1 -deb/kid3.de.1 diff -Naur 3.8.5-1/debian/kid3-qt.install 3.8.5-2/debian/kid3-qt.install --- 3.8.5-1/debian/kid3-qt.install 2021-02-01 11:45:07.947497319 +0100 +++ 3.8.5-2/debian/kid3-qt.install 2021-06-18 15:59:46.351258076 +0200 @@ -1,5 +1,5 @@ -/usr/bin/kid3-qt -/usr/share/doc/kid3-qt/* -/usr/share/applications/org.kde.kid3-qt.desktop -/usr/share/metainfo/org.kde.kid3-qt.appdata.xml -/usr/share/icons/hicolor/*/apps/kid3-qt.* +usr/bin/kid3-qt +usr/share/doc/kid3-qt/* +usr/share/applications/org.kde.kid3-qt.desktop +usr/share/metainfo/org.kde.kid3-qt.appdata.xml +usr/share/icons/hicolor/*/apps/kid3-qt.* diff -Naur 3.8.5-1/debian/kid3-qt.manpages 3.8.5-2/debian/kid3-qt.manpages --- 3.8.5-1/debian/kid3-qt.manpages 2021-02-01 11:45:07.855497812 +0100 +++ 3.8.5-2/debian/kid3-qt.manpages 1970-01-01 01:00:00.0 +0100 @@ -1,2 +0,0 @@ -deb/kid3-qt.1 -deb/kid3-qt.de.1 diff -Naur 3.8.5-1/debian/not-installed 3.8.5-2/debian/not-installed --- 3.8.5-1/debian/not-installed2021-02-01 11:45:07.927497426 +0100 +++ 3.8.5-2/debian/not-installed1970-01-01 01:00:00.0 +0100 @@ -1,24 +0,0 @@ -usr/share/man/pt/man1/kid3-cli.1.gz -usr/share/man/pt/man1/kid3.1.gz -usr/share/man/pt/man1/kid3-qt.1.gz -usr/share/man/man1/kid3-cli.1.gz -usr/share/man/man1/kid3.1.gz -usr/share/man/man1/kid3-qt.1.gz -usr/share/man/ca/man1/kid3-cli.1.gz -usr/share/man/ca/man1/kid3.1.gz -usr/share/man/ca/man1/kid3-qt.1.gz -usr/share/man/nl/man1/kid3-cli.1.gz -usr/share/man/nl/man1/kid3.1.gz -usr/share/man/nl/man1/kid3-qt.1.gz -usr/share/man/it/man1/kid3-cli.1.gz -usr/share/man/it/man1/kid3.1.gz -usr/share/man/it/man1/kid3-qt.1.gz -usr/share/man/sv/man1/kid3-cli.1.gz -usr/share/man/sv/man1/kid3.1.gz -usr/share/man/sv/man1/kid3-qt.1.gz -usr/share/man/de/man1/kid3-cli.1.gz -usr/share/man/de/man1/kid3.1.gz -usr/share/man/de/man1/kid3-qt.1.gz -usr/share/man/uk/man1
Bug#990030: unblock: otrs2/6.0.32-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package otrs2 It fixes two security issues with the upstream patches. changelog | 15 ++ patches/14-ZSA-2021-03.diff | 100 patches/15-ZSA-2021-06.diff | 92 patches/series |2 4 files changed, 209 insertions(+) Full diff attached. Thanks :) unblock otrs2/6.0.32-5 -- System Information: Debian Release: 10.10 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled otrs.diff.gz Description: application/gzip
Bug#989376: unblock: glusterfs/9.2-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package glusterfs Hi, sadly I need again an unblock of an upstream release. It is again a bugfix only release (also one important [0] bug introduced with 9.1, sic...). The upstream changelog could be found here [1]. The filtered diffstat: $ diff -Naur glusterfs-9.1/ glusterfs-9.2/ -x tests -x .pc -x ChangeLog -x VERSION -x glusterfs.spec |diffstat api/src/glfs-fops.c |3 cli/src/cli-rpc-ops.c |6 configure | 20 - contrib/umountd/Makefile |8 debian/changelog |6 extras/group-distributed-virt |1 extras/group-gluster-block|1 extras/group-virt.example |1 rpc/rpc-lib/src/protocol-common.h |3 xlators/cluster/afr/src/afr-dir-read.c| 11 xlators/cluster/afr/src/afr-inode-read.c | 254 +- xlators/features/index/src/index.c| 79 +- xlators/features/locks/src/posix.c| 25 +- xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c |6 xlators/mgmt/glusterd/src/glusterd-store.c| 12 + xlators/mount/fuse/src/fuse-bridge.c |3 xlators/mount/fuse/src/fuse-bridge.h | 21 + xlators/protocol/client/src/client-helpers.c | 10 xlators/protocol/client/src/client-lk.c | 85 --- xlators/protocol/client/src/client.h |8 xlators/storage/posix/src/posix-inode-fd-ops.c| 10 21 files changed, 337 insertions(+), 236 deletions(-) I have attached the full diff. [0]: https://github.com/gluster/glusterfs/issues/2351 [1]: https://docs.gluster.org/en/latest/release-notes/9.2/ unblock glusterfs/9.2-1 -- System Information: Debian Release: 10.9 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled glusterfs92.diff.gz Description: application/gzip
Bug#988708: unblock: otrs2/6.0.32-4
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package otrs2 It fixes the debian/watch location on github, fixed symlinks to the dejavu fonts (#985751) and adds an upstream patch 13-CVE-2021-21252 to fix a small security issue in an embedded JS lib (#980891). changelog | 16 + otrs2.links| 17 - patches/13-CVE-2021-21252.diff | 583 + patches/series |1 watch |2 5 files changed, 609 insertions(+), 10 deletions(-) unblock otrs2/6.0.32-4 -- System Information: Debian Release: 10.9 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled otrs2.diff.gz Description: application/gzip
Bug#987988: unblock: glusterfs/9.1-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package glusterfs. It is a new upstream release, which has to be included in bullseye, because it fixes some high severity bugs. I have filtered the attached full diff with: diff -Naur glusterfs-9.0/ glusterfs-9.1/ -x ChangeLog -x VERSION -x glusterfs.spec* -x tests* The changelog for all applied changes and commits can be found here: https://docs.gluster.org/en/latest/release-notes/9.1/#issues-addressed-in-this-release You can "ignore" the biggest line change in the configure scripts, it addresses https://github.com/gluster/glusterfs/issues/2063 Normaly I forget to add the new dependency liburing-dev with 9.0-1, because of this bug. But to keep the functionality of the current testing state (liburing-dev is deactivated) I pass now for bullseye --disable-linux-io_uring in debian/rules. cli/src/cli-cmd-parser.c |3 configure| 88 +++--- configure.ac | 20 +- contrib/umountd/Makefile |8 debian/changelog | 14 + debian/rules |2 extras/hook-scripts/set/post/S32gluster_enable_shared_storage.sh |2 libglusterfs/src/glusterfs/syscall.h |3 libglusterfs/src/libglusterfs.sym|1 libglusterfs/src/syscall.c |6 xlators/cluster/afr/src/afr-common.c |3 xlators/cluster/afr/src/afr-inode-write.c| 40 ++-- xlators/cluster/afr/src/afr-self-heal-data.c |6 xlators/cluster/afr/src/afr-transaction.c|2 xlators/cluster/afr/src/afr.c|8 xlators/cluster/afr/src/afr.h|2 xlators/cluster/dht/src/dht-common.c |8 xlators/cluster/ec/src/ec.c |2 xlators/features/locks/src/posix.c |1 xlators/storage/posix/src/posix-inode-fd-ops.c | 14 + 20 files changed, 127 insertions(+), 106 deletions(-) unblock glusterfs/9.1-2 -- System Information: Debian Release: 10.9 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled glusterfs.diff.gz Description: application/gzip
Bug#987987: unblock: needrestart/3.5-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package needrestart
It adds some upstream patches to fix some small bugs:
$ diff -Naur 3.5-2/ 3.5-4/ |diffstat
changelog | 24
patches/02-ruby-relative-path.diff | 19
patches/03-fix-wrong-default-comment.diff | 21 ++
patches/04-verbose-and-verbosity-confusion.diff | 19
patches/05-ignore-nvidia-memfd.diff | 20 +
patches/06-dont-restart-bluetooth.diff | 25
patches/07-runit.diff | 36
patches/series |6
watch |2 -
9 files changed, 171 insertions(+), 1 deletion(-)
I have attached the full diff.
unblock needrestart/3.5-4
-- System Information:
Debian Release: 10.9
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-16-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Naur 3.5-2/debian/changelog 3.5-4/debian/changelog
--- 3.5-2/debian/changelog 2020-11-19 15:10:20.971201274 +0100
+++ 3.5-4/debian/changelog 2021-04-12 10:08:42.636804816 +0200
@@ -1,3 +1,27 @@
+needrestart (3.5-4) unstable; urgency=medium
+
+ * New source only upload.
+
+ -- Patrick Matthäi Mon, 12 Apr 2021 10:04:21 +0200
+
+needrestart (3.5-3) unstable; urgency=medium
+
+ * debian/watch: Adjust github URL.
+ * Add stable upstream patch 02-ruby-relative-path to fix detection for ruby
+script started from relative paths.
+ * Add stable upstream patch 03-fix-wrong-default-comment to fix comment for
+default value of skip_mapfiles.
+ * Add stable upstream patch 04-verbose-and-verbosity-confusion to fix
+verbose/verbosity confusion in needrestart.conf.
+ * Add stable upstream patch 05-ignore-nvidia-memfd to ignore memfd used by
+nvidia binary drivers.
+ * Add stable upstream patch 06-dont-restart-bluetooth to ignore restarting
+bluetooth by default.
+ * Add stable upstream patch 07-runit to add support for runit.
+Closes: #972685
+
+ -- Patrick Matthäi Fri, 09 Apr 2021 11:17:52 +0200
+
needrestart (3.5-2) unstable; urgency=medium
* Adjust lintian overrides.
diff -Naur 3.5-2/debian/patches/02-ruby-relative-path.diff
3.5-4/debian/patches/02-ruby-relative-path.diff
--- 3.5-2/debian/patches/02-ruby-relative-path.diff 1970-01-01
01:00:00.0 +0100
+++ 3.5-4/debian/patches/02-ruby-relative-path.diff 2021-04-12
10:08:42.636804816 +0200
@@ -0,0 +1,19 @@
+commit 6c32e54d57af4f70e0bb4e8504d752d394c773e5
+Author: Alexander Neumann
+Date: Wed May 20 12:10:30 2020 +0200
+
+[Interp] Fix detection for ruby script started from relative paths.
+
+diff --git a/perl/lib/NeedRestart/Interp/Ruby.pm
b/perl/lib/NeedRestart/Interp/Ruby.pm
+index a333504..88d39c6 100644
+--- a/perl/lib/NeedRestart/Interp/Ruby.pm
b/perl/lib/NeedRestart/Interp/Ruby.pm
+@@ -171,7 +171,7 @@ sub files {
+ print STDERR "$LOGPREF #$pid: could not get a source file, skipping\n"
if($self->{debug});
+ return ();
+ }
+-my $src = $ARGV[0];
++my $src = abs_path($ARGV[0]);
+ unless(-r $src && -f $src) {
+ chdir($cwd);
+ print STDERR "$LOGPREF #$pid: source file '$src' not found, skipping\n"
if($self->{debug});
diff -Naur 3.5-2/debian/patches/03-fix-wrong-default-comment.diff
3.5-4/debian/patches/03-fix-wrong-default-comment.diff
--- 3.5-2/debian/patches/03-fix-wrong-default-comment.diff 1970-01-01
01:00:00.0 +0100
+++ 3.5-4/debian/patches/03-fix-wrong-default-comment.diff 2021-04-12
10:08:42.636804816 +0200
@@ -0,0 +1,21 @@
+commit 621e7bf65b86adcd2fc0448944d1ac9659e1d317
+Author: iasdeoupxe <39667843+iasdeou...@users.noreply.github.com>
+Date: Sat Apr 4 21:16:31 2020 +0200
+
+[Core] Fix comment for default value of `skip_mapfiles`.
+
+diff --git a/ex/needrestart.conf b/ex/needrestart.conf
+index b327855..c83bddb 100644
+--- a/ex/needrestart.conf
b/ex/needrestart.conf
+@@ -165,8 +165,8 @@ $nrconf{blacklist_mappings} = [
+ ];
+
+ # Verify mapped files in fileystem:
+-# 0 : enabled (default)
+-# -1: ignore non-existing files, workaround for chroots and broken grsecurity
kernels
++# 0 : enabled
++# -1: ignore non-existing files, workaround for chroots and broken grsecurity
kernels (default)
+ # 1 : disable check completely, rely on content of maps file only
+ $nrconf{skip_mapfiles} = -1;
+
diff -Naur 3.5-2/debian/patches/04-verbose-and-verbosity-confusion.diff
3.5-4/debian/patches
Bug#986664: unblock: luckybackup/0.5.0-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package luckybackup This release just fixes the start-as-root command, which was not working anymore. full diff: diff -Naur '--exclude=.svn' 0.5.0-4/debian/changelog 0.5.0-5/debian/changelog --- 0.5.0-4/debian/changelog2020-11-19 15:10:17.755212916 +0100 +++ 0.5.0-5/debian/changelog2021-03-18 15:31:40.217179052 +0100 @@ -1,3 +1,10 @@ +luckybackup (0.5.0-5) unstable; urgency=medium + + * Add patch 02-fix-pkexec from Bob to fix starting luckybackup as superuser. +Closes: #985169 + + -- Patrick Matthäi Thu, 18 Mar 2021 15:26:12 +0100 + luckybackup (0.5.0-4) unstable; urgency=medium * Adjust lintian overrides. diff -Naur '--exclude=.svn' 0.5.0-4/debian/patches/02-fix-pkexec.diff 0.5.0-5/debian/patches/02-fix-pkexec.diff --- 0.5.0-4/debian/patches/02-fix-pkexec.diff 1970-01-01 01:00:00.0 +0100 +++ 0.5.0-5/debian/patches/02-fix-pkexec.diff 2021-03-18 15:31:40.201179138 +0100 @@ -0,0 +1,11 @@ +# Fix luckybackup is not starting as superuser. Tested on KDE. +# Closes: #985169 + +diff -Naur luckybackup-0.5.0.orig/menu/luckybackup-pkexec luckybackup-0.5.0/menu/luckybackup-pkexec +--- luckybackup-0.5.0.orig/menu/luckybackup-pkexec 2018-11-02 15:36:19.0 +0100 luckybackup-0.5.0/menu/luckybackup-pkexec 2021-03-18 15:23:14.183871758 +0100 +@@ -1,3 +1,3 @@ + #!/bin/sh +-pkexec "/usr/bin/luckybackup" "$@" + ++pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY "/usr/bin/luckybackup" "$@" diff -Naur '--exclude=.svn' 0.5.0-4/debian/patches/series 0.5.0-5/debian/patches/series --- 0.5.0-4/debian/patches/series 2020-11-19 15:10:17.747212945 +0100 +++ 0.5.0-5/debian/patches/series 2021-03-18 15:31:40.205179117 +0100 @@ -1 +1,2 @@ 01-spelling-error.diff +02-fix-pkexec.diff unblock luckybackup/0.5.0-5 -- System Information: Debian Release: 10.9 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#986663: unblock: kdenlive/20.12.3-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package kdenlive This is a KDE applications bugfix release. The changelog is here: https://kdenlive.org/de/2021/03/kdenlive-20-12-3-ist-da/ There are many fixes, so I considered to upload the whole release, also if the diff is a little bit bigger (if you exclude the .ui and .qml files it is much smaller). There were also user requests asking me to include this release in bullseye. The filtered diffstat: $ diff -Naur kdenlive-20.12.2 kdenlive-20.12.3 --exclude="*.po" --exclude="*.docbook" --exclude=.pc|diffstat CMakeLists.txt |2 data/effects/CMakeLists.txt|1 data/effects/typewriter.xml| 19 ++ data/org.kde.kdenlive.appdata.xml |2 debian/changelog |6 debian/files |1 src/assets/keyframes/view/keyframeview.cpp | 14 +- src/assets/view/widgets/keyframewidget.cpp | 13 + src/bin/model/markerlistmodel.cpp |2 src/bin/model/subtitlemodel.cpp| 35 - src/bin/model/subtitlemodel.hpp|9 + src/core.cpp |2 src/dialogs/profilesdialog.cpp | 12 - src/dialogs/subtitleedit.cpp | 52 ++- src/dialogs/titletemplatedialog.cpp|8 - src/doc/documentchecker.cpp|1 src/doc/kdenlivedoc.cpp|4 src/effects/effectstack/view/collapsibleeffectview.cpp | 11 - src/jobs/audiothumbjob.cpp |4 src/jobs/loadjob.cpp |4 src/jobs/transcodeclipjob.cpp | 11 - src/lib/audio/audioStreamInfo.cpp |2 src/main.cpp |2 src/mainwindow.cpp |7 - src/mltconnection.cpp |5 src/monitor/monitor.cpp|3 src/monitor/view/SceneToolBar.qml |1 src/monitor/view/kdenliveclipmonitor.qml |2 src/profiles/profilemodel.cpp | 12 - src/timecodedisplay.cpp|2 src/timeline2/model/groupsmodel.cpp|2 src/timeline2/model/timelinemodel.cpp | 26 +++ src/timeline2/model/timelinemodel.hpp |6 src/timeline2/view/qml/SubTitle.qml| 54 +++ src/timeline2/view/qml/Timeline.js |2 src/timeline2/view/qml/timeline.qml| 86 +--- src/timeline2/view/qml/timelineitems.cpp |3 src/timeline2/view/timelinecontroller.cpp | 21 ++- src/timeline2/view/timelinewidget.cpp |8 + src/timeline2/view/timelinewidget.h|1 src/titler/graphicsscenerectmove.cpp | 20 ++ src/titler/titlewidget.cpp |5 src/ui/editsub_ui.ui | 119 + src/ui/profiledialog_ui.ui | 24 +++ src/ui/titlewidget_ui.ui | 98 ++ src/widgets/colorpickerwidget.cpp |5 46 files changed, 593 insertions(+), 136 deletions(-) I have attached the diff. unblock kdenlive/20.12.3-1 -- System Information: Debian Release: 10.9 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled kdenlive.diff.gz Description: application/gzip
Bug#983876: unblock: otrs2/6.0.32-1
Hi
Am 16.03.21 um 20:28 schrieb Paul Gevers:
Control: tags -1 moreinfo
Hi Patrick,
On 15-03-2021 15:12, Patrick Matthäi wrote:
reopen #983876
thanks
Am 02.03.21 um 19:38 schrieb Paul Gevers:
Hi Patrick,
On 02-03-2021 16:58, Patrick Matthäi wrote:
I just uploaded the otrs2 6.0.32 package to experimental. Could I have your
ACK for bullseye? :-)
otrs2 is neither a key package [1], nor listed on the (build-)essential
list [1]. As long as you follow the soft freeze rules [3] and ensure
that the package migrates before the start of the hard freeze
(12-03-2021), there is nothing for us to unblock. I'm wondering if and
suspect that you are asking our permission to upload a new upstream
source. It's hardly doable for us to do that for all packages in Debian,
so we expect you honor the freeze rules and make the judgement yourself
if a new upstream version for your package is appropriate at this state.
Paul
[1] https://udd.debian.org/cgi-bin/key_packages.yaml.cgi
[2] https://release.debian.org/bullseye/essential-and-build-essential.txt
[3] https://release.debian.org/bullseye/freeze_policy.html#soft
Hi,
I uploaded the release to unstable just one hour after your mail and
there were still 10 days for the package to migrate. But the migration
process was not done before the freeze so now I need an unblock:
* Migration status for otrs2 (6.0.30-2 to 6.0.32-2): BLOCKED: Needs an
approval (either due to a freeze, the source suite or a manual hint)
* Too young, only 12 of 20 days old
Now it needs also 10 days more, but in two days 6.0.30 should be
AUTORMed from testing :(
The diff is not reviewable:
5637 files changed, 151250 insertions(+), 29937 deletions(-)
If you think you can provide a diff that can be reviewed, please provide
one, but please show how you filtered the diff too.
Paul
I have attached a filtered diff. Steps to reproduce:
1) find otrs2-6.0.32/ -type f -exec sed 's/Copyright (C) 2001-2021 OTRS
AG/Copyright (C) 2001-2020 OTRS AG/g' -i {} \;
To filter out copyright changes on most files (a few small ones are
still in the diff)
2) diff -Naur otrs2-6.0.30/ otrs2-6.0.32/ -x ckeditor-4.7.0 -x
ckeditor-4.16.0 -x "*.png" -x "*.po" -x ARCHIVE -x development -x
Selenium -x spec -x auto_build -x CHANGES.md -x .pc -x .gitignore -x
.github -x AUTHORS.md -x CONTRIBUTING.md -x README.md -x RELEASE -x
.mailmap -x .otrs-ci.yml -x database -x test -x .weblate
Many changes are not relevant for Debian (readme files, test,
auto_build, spec, development, .github etc), many other changes are just
product name changes, also in database. ckeditor is relevant for this
release, but..
3) all other changes are mostly only removing the not working "OTRS
Business" solution stuff and updating the ckeditor to 4.16.0, which is
security relevant
This is the filtered diffstat:
Kernel/Config/Defaults.pm | 2
Kernel/Config/Files/XML/Calendar.xml | 2
Kernel/Config/Files/XML/Framework.xml | 63 +++-
Kernel/Config/Files/XML/Ticket.xml | 18
Kernel/Modules/AdminDynamicField.pm | 20 -
Kernel/Modules/AgentTicketZoom.pm | 12 ---
Kernel/Modules/PictureUpload.pm | 3
Kernel/Output/HTML/Notification/AgentOTRSBusiness.pm | 16
Kernel/Output/HTML/Notification/PackageManagerCheckNotVerifiedPackages.pm |
53 --
Kernel/Output/HTML/Templates/Standard/AdminAppointmentNotificationEvent.tt |
8 --
Kernel/Output/HTML/Templates/Standard/AdminCloudServices.tt | 8 --
Kernel/Output/HTML/Templates/Standard/AdminDynamicField.tt | 32
Kernel/Output/HTML/Templates/Standard/AdminGenericInterfaceWebservice.tt |
14 ---
Kernel/Output/HTML/Templates/Standard/AdminNotificationEvent.tt | 8 --
Kernel/Output/HTML/Templates/Standard/AdminPackageManager.tt | 47
+---
Kernel/Output/HTML/Templates/Standard/AdminProcessManagement.tt | 11 --
Kernel/Output/HTML/Templates/Standard/AdminSystemConfiguration.tt | 2
Kernel/Output/HTML/Templates/Standard/AdminSystemConfigurationDeployment.tt |
9 +-
Kernel/Output/HTML/Templates/Standard/AgentAppointmentEdit.tt | 6 -
Kernel/Output/HTML/Templates/Standard/Copyright.tt | 4 -
Kernel/Output/HTML/Templates/Standard/CustomerFooter.tt | 13 ---
Kernel/Output/HTML/Templates/Standard/Error.tt | 36 -
Kernel/Output/HTML/Templates/Standard/Footer.tt | 13 ---
Kernel/Output/HTML/Templates/Standard/Header.tt | 5 -
Kernel/Output/HTML/Templates/Standard/Installer.tt | 75
++--
Kernel/Output/HTML/Templates/Standard/InstallerFinish.tt | 7 -
Kernel/Output/HTML/Templates/Standard/SystemConfiguration/SettingsList.tt |
4 -
Kernel/Output/HTML/Templates/Standard/SystemConfiguration/Sidebar/OTRSBusinessTeaser.tt
| 19 -
Kernel/Output/HTML/TicketMenu/TeaserAttachmentView.pm | 31
Kernel/Output/PDF/Ticket.pm | 33 +++-
Kernel/System/CommunicationChannel.pm | 6 -
Kernel/System/Conso
Bug#983876: unblock: otrs2/6.0.32-1
reopen #983876 thanks Am 02.03.21 um 19:38 schrieb Paul Gevers: Hi Patrick, On 02-03-2021 16:58, Patrick Matthäi wrote: I just uploaded the otrs2 6.0.32 package to experimental. Could I have your ACK for bullseye? :-) otrs2 is neither a key package [1], nor listed on the (build-)essential list [1]. As long as you follow the soft freeze rules [3] and ensure that the package migrates before the start of the hard freeze (12-03-2021), there is nothing for us to unblock. I'm wondering if and suspect that you are asking our permission to upload a new upstream source. It's hardly doable for us to do that for all packages in Debian, so we expect you honor the freeze rules and make the judgement yourself if a new upstream version for your package is appropriate at this state. Paul [1] https://udd.debian.org/cgi-bin/key_packages.yaml.cgi [2] https://release.debian.org/bullseye/essential-and-build-essential.txt [3] https://release.debian.org/bullseye/freeze_policy.html#soft Hi, I uploaded the release to unstable just one hour after your mail and there were still 10 days for the package to migrate. But the migration process was not done before the freeze so now I need an unblock: * Migration status for otrs2 (6.0.30-2 to 6.0.32-2): BLOCKED: Needs an approval (either due to a freeze, the source suite or a manual hint) * Too young, only 12 of 20 days old Now it needs also 10 days more, but in two days 6.0.30 should be AUTORMed from testing :(
Bug#983876: unblock: otrs2/6.0.32-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hello release team, I try to citize from my mails to the security team:, it's about #982927: Yesterday I had a videocall with the owner and lead developer of OTOBO. They want to support me keeping the otrs2 source package in a good shape for Bullseye, so that users of the package dont have to worry now. Kicking the package out of Debian would not be optimal. They also showed me https://github.com/znuny/Znuny (https://www.znuny.com/) - they also forked OTRS CE 6 and fixing bugs and security bugs, also all known open bugs in CVE/Debian atm. So the plan would be now: * Switch the source of the otrs2 package to the znuny one, so that we have releases based on an open(source) maintained safe codebase => can I get the go from you for that? * otrs packaging at all is obsolete for bullseye+1. I will package otobo, also with otobo support, and we will work on a easy way so that users later can migrate from otrs to otobo We also spoke about the open security issues, there is indeed one in the CKEditor, but: #980891: They way otrs uses this library it should not be possible to attack the user, mostly only the attacker himself #982586: Thats a wrong information from the OTRS AG, because it does not affect otrs 6 CE. It depends on that you use an external interface, which is available in OTRS 7 and 8 (not free) and maybe in the not-free otrs 6 package via addon, but not in the community edition, which is also packaged in Debian. XX itself is not helpful at all anymore and just wrote me ** I hope switching as fast as possible to the znuny fork for the otrs2 source package is also an option for you, I dont want to release bullseye without it - I just uploaded the otrs2 6.0.32 package to experimental. Could I have your ACK for bullseye? :-) -- System Information: Debian Release: 10.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-14-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#931678: buster-pu: package qdirstat/1.5-1+deb10u1
Hi Am 25.04.2020 um 21:31 schrieb Adam D. Barratt: > Control: tags -1 + confirmed > > On Thu, 2019-08-08 at 11:23 +0200, Patrick Matthäi wrote: >> Control: tags -1 - moreinfo >> >> Am 09.07.2019 um 10:41 schrieb Patrick Matthäi: >>> Control: tags -1 - moreinfo >>> >>> Am 09.07.2019 um 10:30 schrieb Adam D. Barratt: >>>> Control: tags -1 + moreinfo >>>> >>>> On 2019-07-09 09:22, Patrick Matthäi wrote: >>>>> upstream just fixed a bug in qdirstat, where user configured >>>>> MIME >>>>> categories >>>>> are not saved properly, as described here: >>>>> https://github.com/shundhammer/qdirstat/issues/109 >>>> This doesn't appear to be fixed in unstable yet, which is (as >>>> ever) a >>>> prerequisite. Please let us know, and remove the moreinfo tag, >>>> once it >>>> is. >>>> >>>> Regards, >>>> >>>> Adam >>> Heh, you were too fast ;) I were just building other packages, just >>> uploaded the new upstream version right now: >>> qdirstat_1.5.90-1_amd64.changes >> Oh forgot to CC the bug.. ;) >> > Apologies for the long delay. Please go ahead. > > Regards, > > Adam Uploaded now :) -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: https://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#931678: buster-pu: package qdirstat/1.5-1+deb10u1
Control: tags -1 - moreinfo Am 09.07.2019 um 10:41 schrieb Patrick Matthäi: > Control: tags -1 - moreinfo > > Am 09.07.2019 um 10:30 schrieb Adam D. Barratt: >> Control: tags -1 + moreinfo >> >> On 2019-07-09 09:22, Patrick Matthäi wrote: >>> upstream just fixed a bug in qdirstat, where user configured MIME >>> categories >>> are not saved properly, as described here: >>> https://github.com/shundhammer/qdirstat/issues/109 >> This doesn't appear to be fixed in unstable yet, which is (as ever) a >> prerequisite. Please let us know, and remove the moreinfo tag, once it >> is. >> >> Regards, >> >> Adam > Heh, you were too fast ;) I were just building other packages, just > uploaded the new upstream version right now: > qdirstat_1.5.90-1_amd64.changes Oh forgot to CC the bug.. ;) -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#931678: buster-pu: package qdirstat/1.5-1+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hello,
upstream just fixed a bug in qdirstat, where user configured MIME categories
are not saved properly, as described here:
https://github.com/shundhammer/qdirstat/issues/109
Upstream patch:
https://github.com/shundhammer/qdirstat/commit/7ce3d1ebe51e55951c7b6d318dc8870b6f1eea77
I have prepared this patch:
diff -Naur '--exclude=.svn' tags/1.5-1/debian/changelog
branches/buster/debian/changelog
--- tags/1.5-1/debian/changelog 2018-11-08 12:20:05.069481981 +0100
+++ branches/buster/debian/changelog2019-07-09 10:18:06.341381029 +0200
@@ -1,3 +1,10 @@
+qdirstat (1.5-1+deb10u1) UNRELEASED; urgency=medium
+
+ * Add upstream patch 01-mime-categories-save to fix a bug where user
+configured MIME categories are not saved.
+
+ -- Patrick Matthäi Tue, 09 Jul 2019 10:16:47 +0200
+
qdirstat (1.5-1) unstable; urgency=medium
* New upstream release.
diff -Naur '--exclude=.svn'
tags/1.5-1/debian/patches/01-mime-categories-save.diff
branches/buster/debian/patches/01-mime-categories-save.diff
--- tags/1.5-1/debian/patches/01-mime-categories-save.diff 1970-01-01
01:00:00.0 +0100
+++ branches/buster/debian/patches/01-mime-categories-save.diff 2019-07-09
10:15:19.878253032 +0200
@@ -0,0 +1,419 @@
+From 7ce3d1ebe51e55951c7b6d318dc8870b6f1eea77 Mon Sep 17 00:00:00 2001
+From: Stefan Hundhammer
+Date: Mon, 1 Jul 2019 17:08:19 +0200
+Subject: [PATCH] Turned MimeCategorizer into a singleton to properly save
+ config (GitHub issue #109)
+
+---
+ src/FileDetailsView.cpp| 11 ++
+ src/FileDetailsView.h | 2 --
+ src/FileTypeStats.cpp | 4 ++--
+ src/MainWindow.cpp | 8 ++-
+ src/MainWindow.h | 2 --
+ src/MimeCategorizer.cpp| 23 +--
+ src/MimeCategorizer.h | 40 --
+ src/MimeCategoryConfigPage.cpp | 4 ++--
+ src/MimeCategoryConfigPage.h | 12 --
+ src/TreemapView.cpp| 18 +--
+ src/TreemapView.h | 15 -
+ 11 files changed, 59 insertions(+), 80 deletions(-)
+
+diff --git a/src/FileDetailsView.cpp b/src/FileDetailsView.cpp
+index 0b8f60a..93788c4 100644
+--- a/src/FileDetailsView.cpp
b/src/FileDetailsView.cpp
+@@ -23,8 +23,7 @@ FileDetailsView::FileDetailsView( QWidget * parent ):
+ QStackedWidget( parent ),
+ _ui( new Ui::FileDetailsView ),
+ _pkgUpdateTimer( new AdaptiveTimer( this ) ),
+-_labelLimit( 40 ),
+-_mimeCategorizer( 0 )
++_labelLimit( 40 )
+ {
+ CHECK_NEW( _ui );
+ CHECK_NEW( _pkgUpdateTimer );
+@@ -423,13 +422,7 @@ QString FileDetailsView::limitText( const QString &
longText )
+
+ QString FileDetailsView::mimeCategory( FileInfo * file )
+ {
+-if ( ! _mimeCategorizer )
+-{
+-_mimeCategorizer = new MimeCategorizer( this );
+-CHECK_NEW( _mimeCategorizer );
+-}
+-
+-MimeCategory * category = _mimeCategorizer->category( file );
++MimeCategory * category = MimeCategorizer::instance()->category( file );
+
+ return category ? category->name() : "";
+ }
+diff --git a/src/FileDetailsView.h b/src/FileDetailsView.h
+index e36792c..f677b92 100644
+--- a/src/FileDetailsView.h
b/src/FileDetailsView.h
+@@ -16,7 +16,6 @@
+
+ namespace QDirStat
+ {
+-class MimeCategorizer;
+ class AdaptiveTimer;
+
+ /**
+@@ -153,7 +152,6 @@ namespace QDirStat
+ Ui::FileDetailsView * _ui;
+ AdaptiveTimer * _pkgUpdateTimer;
+ int _labelLimit;
+-MimeCategorizer * _mimeCategorizer;
+
+ }; // class FileDetailsView
+ } // namespace QDirStat
+diff --git a/src/FileTypeStats.cpp b/src/FileTypeStats.cpp
+index d50821f..f453776 100644
+--- a/src/FileTypeStats.cpp
b/src/FileTypeStats.cpp
+@@ -21,8 +21,8 @@ FileTypeStats::FileTypeStats( QObject * parent ):
+ QObject( parent ),
+ _totalSize( 0LL )
+ {
+-_mimeCategorizer = new MimeCategorizer( this );
+-CHECK_NEW( _mimeCategorizer );
++_mimeCategorizer = MimeCategorizer::instance();
++CHECK_PTR( _mimeCategorizer );
+
+ _otherCategory = new MimeCategory( tr( "Other" ) );
+ CHECK_NEW( _otherCategory );
+diff --git a/src/MainWindow.cpp b/src/MainWindow.cpp
+index fdce914..b405565 100644
+--- a/src/MainWindow.cpp
b/src/MainWindow.cpp
+@@ -103,10 +103,7 @@ MainWindow::MainWindow():
+ _ui->dirTreeView->setCleanupCollection( _cleanupCollection );
+ _ui->treemapView->setCleanupCollection( _cleanupCollection );
+
+-_mimeCategorizer = new MimeCategorizer();
+-CHECK_NEW( _mimeCategorizer );
+-
+-_ui->treemapView->setMimeCategorizer( _mimeCategorizer );
++_ui->breadcrumbNavigator->clear();
+
+ #ifdef Q_OS_MACX
+ // This makes the application to look like more "native" on macOS
+@@ -132,6 +129,7 @@ Ma
Bug#930523: unblock: znc/1.7.2-3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package znc
It fixes a critical security bug. Fix is also accepted for stable + testing
by the security team.
diff:
diff -Naur '--exclude=.svn' 1.7.2-2/debian/changelog 1.7.2-3/debian/changelog
--- 1.7.2-2/debian/changelog2019-03-26 12:58:06.264919659 +0100
+++ 1.7.2-3/debian/changelog2019-06-14 13:06:35.239889318 +0200
@@ -1,3 +1,10 @@
+znc (1.7.2-3) unstable; urgency=high
+
+ * Add upstream patch CVE-2019-12816 to fix a remote code execution by
+elevating privileges as described in CVE-2019-12816.
+
+ -- Patrick Matthäi Fri, 14 Jun 2019 11:14:11 +0200
+
znc (1.7.2-2) unstable; urgency=high
* Add upstream patch 01-CVE-2019-9917 to fix a crash on invalid encoding,
diff -Naur '--exclude=.svn' 1.7.2-2/debian/patches/02-CVE-2019-12816.diff
1.7.2-3/debian/patches/02-CVE-2019-12816.diff
--- 1.7.2-2/debian/patches/02-CVE-2019-12816.diff 1970-01-01
01:00:00.0 +0100
+++ 1.7.2-3/debian/patches/02-CVE-2019-12816.diff 2019-06-14
13:06:35.251889255 +0200
@@ -0,0 +1,88 @@
+# Fix security issue which causes elevating privileges by existing remote
+# non-admin user, and remote code execution.
+
+diff -Naur znc-1.7.2.orig/include/znc/Modules.h znc-1.7.2/include/znc/Modules.h
+--- znc-1.7.2.orig/include/znc/Modules.h 2019-06-13 11:13:33.035495175
+0200
znc-1.7.2/include/znc/Modules.h2019-06-13 11:16:33.966506967 +0200
+@@ -1600,6 +1600,7 @@
+ private:
+ static ModHandle OpenModule(const CString& sModule, const CString&
sModPath,
+ CModInfo& Info, CString& sRetMsg);
++static bool VerifyModuleName(const CString& sModule, CString& sRetMsg);
+
+ protected:
+ CUser* m_pUser;
+diff -Naur znc-1.7.2.orig/src/Modules.cpp znc-1.7.2/src/Modules.cpp
+--- znc-1.7.2.orig/src/Modules.cpp 2019-06-13 11:13:32.979495481 +0200
znc-1.7.2/src/Modules.cpp 2019-06-13 11:16:33.970506945 +0200
+@@ -1624,11 +1624,30 @@
+ return nullptr;
+ }
+
++bool CModules::VerifyModuleName(const CString& sModule, CString& sRetMsg) {
++for (unsigned int a = 0; a < sModule.length(); a++) {
++if (((sModule[a] < '0') || (sModule[a] > '9')) &&
++((sModule[a] < 'a') || (sModule[a] > 'z')) &&
++((sModule[a] < 'A') || (sModule[a] > 'Z')) && (sModule[a] !=
'_')) {
++sRetMsg =
++t_f("Module names can only contain letters, numbers and "
++"underscores, [{1}] is invalid")(sModule);
++return false;
++}
++}
++
++return true;
++}
++
+ bool CModules::LoadModule(const CString& sModule, const CString& sArgs,
+ CModInfo::EModuleType eType, CUser* pUser,
+ CIRCNetwork* pNetwork, CString& sRetMsg) {
+ sRetMsg = "";
+
++if (!VerifyModuleName(sModule, sRetMsg)) {
++return false;
++}
++
+ if (FindModule(sModule) != nullptr) {
+ sRetMsg = t_f("Module {1} already loaded.")(sModule);
+ return false;
+@@ -1781,6 +1800,10 @@
+
+ bool CModules::GetModInfo(CModInfo& ModInfo, const CString& sModule,
+ CString& sRetMsg) {
++if (!VerifyModuleName(sModule, sRetMsg)) {
++return false;
++}
++
+ CString sModPath, sTmp;
+
+ bool bSuccess;
+@@ -1799,6 +1822,10 @@
+
+ bool CModules::GetModPathInfo(CModInfo& ModInfo, const CString& sModule,
+ const CString& sModPath, CString& sRetMsg) {
++if (!VerifyModuleName(sModule, sRetMsg)) {
++return false;
++}
++
+ ModInfo.SetName(sModule);
+ ModInfo.SetPath(sModPath);
+
+@@ -1911,15 +1938,8 @@
+ // Some sane defaults in case anything errors out below
+ sRetMsg.clear();
+
+-for (unsigned int a = 0; a < sModule.length(); a++) {
+-if (((sModule[a] < '0') || (sModule[a] > '9')) &&
+-((sModule[a] < 'a') || (sModule[a] > 'z')) &&
+-((sModule[a] < 'A') || (sModule[a] > 'Z')) && (sModule[a] !=
'_')) {
+-sRetMsg =
+-t_f("Module names can only contain letters, numbers and "
+-"underscores, [{1}] is invalid")(sModule);
+-return nullptr;
+-}
++if (!VerifyModuleName(sModule, sRetMsg)) {
++return nullptr;
+ }
+
+ // The second argument to dlopen() has a long history. It seems clear
diff -Naur '--exclude=.svn' 1.7.2-2/debian/patches/series
1.7.2-3/debian/patches/series
--- 1.7.2-2/debian/patches/series 2019-03-26 12:58:06.280919560 +0100
+++ 1.7.2-3/debian/patches/series 2019-06-14 13:06:35.251889255 +0200
@@ -1 +1,2 @@
01-CVE-2019-9917.diff
+02-CVE-2019-12816.diff
Bug#928967: unblock: needrestart/3.4-4
Am 14.05.2019 um 19:45 schrieb Jonathan Wiltshire: > Control: tag -1 moreinfo > > On Tue, May 14, 2019 at 11:25:57AM +0200, Patrick Matthäi wrote: >> +needrestart (3.4-3~bpo9+1) stretch-backports; urgency=medium >> + >> + * Rebuild for stretch-backports. >> + >> + -- Patrick Matthäi Wed, 24 Apr 2019 10:04:02 +0200 >> + > This changelog entry should not be present; 3.4-3~bpo9+1 is not an > ancestor of 3.4-4. > > Thanks, Wow. For me it is important to have the whole history present in the changelog. That this is a blocker... So just for this I have uploaded now 3.4-5 which is more funnier, since now the 3.4-3~bpo9+1 changelog entry is mentioned twice: needrestart (3.4-5) unstable; urgency=medium . * Remove 3.4-3~bpo9+1 changelog entry. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#928967: unblock: needrestart/3.4-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package needrestart
It fixes an upstream bug which leads to a false positive, see #928225
diff -Naur '--exclude=.svn' 3.4-3/debian/changelog 3.4-4/debian/changelog
--- 3.4-3/debian/changelog 2019-04-18 11:17:08.756032831 +0200
+++ 3.4-4/debian/changelog 2019-05-09 11:26:38.505949290 +0200
@@ -1,3 +1,18 @@
+needrestart (3.4-4) unstable; urgency=medium
+
+ * Add upstream patch 05-strip-leading-zeroes to remove leading zero before
+testing in map_files.
+Closes: #928225
+ * Merge 3.4-3~bpo9+1 changelog.
+
+ -- Patrick Matthäi Thu, 09 May 2019 11:18:46 +0200
+
+needrestart (3.4-3~bpo9+1) stretch-backports; urgency=medium
+
+ * Rebuild for stretch-backports.
+
+ -- Patrick Matthäi Wed, 24 Apr 2019 10:04:02 +0200
+
needrestart (3.4-3) unstable; urgency=medium
* Add upstream patch 04-restore-cwd to restore the cwd when skipping
diff -Naur '--exclude=.svn' 3.4-3/debian/patches/05-strip-leading-zeroes.diff
3.4-4/debian/patches/05-strip-leading-zeroes.diff
--- 3.4-3/debian/patches/05-strip-leading-zeroes.diff 1970-01-01
01:00:00.0 +0100
+++ 3.4-4/debian/patches/05-strip-leading-zeroes.diff 2019-05-09
11:26:38.541949067 +0200
@@ -0,0 +1,23 @@
+From 017c9a11d9a3961477ed79200b2bce8963483575 Mon Sep 17 00:00:00 2001
+From: Thomas Liske
+Date: Fri, 3 May 2019 22:28:21 +0200
+Subject: [PATCH] [Core] Remove leading zero before testing in map_files
+ (Debian Bug#928225 by Alexander Galanin ).
+
+---
+ needrestart | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/needrestart b/needrestart
+index 2fc3379..ed18920 100755
+--- a/needrestart
b/needrestart
+@@ -504,6 +504,8 @@ if(defined($opt_l)) {
+
+ # check for outdated lib mappings
+ unless($nrconf{skip_mapfiles} == 1) {
++ $maddr =~ s/^0+([^-])/$1/;
++ $maddr =~ s/-0+(.)/-$1/;
+ my @paths = ("/proc/$pid/map_files/$maddr",
"/proc/$pid/root/$path");
+ my ($testp) = grep { -e $_; } @paths;
+ unless($testp) {
diff -Naur '--exclude=.svn' 3.4-3/debian/patches/series
3.4-4/debian/patches/series
--- 3.4-3/debian/patches/series 2019-04-18 11:17:08.756032831 +0200
+++ 3.4-4/debian/patches/series 2019-05-09 11:26:38.517949215 +0200
@@ -2,3 +2,4 @@
02-ignore-networking.diff
03-typo-env-var.diff
04-restore-cwd.diff
+05-strip-leading-zeroes.diff
unblock needrestart/3.4-4
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Bug#928223: unblock / pre approval: otrs2/6.0.16-2
tags -1 - moreinfo thanks Am 09.05.2019 um 10:31 schrieb Holger Levsen: > control: tags -1 moreinfo > > On Thu, May 09, 2019 at 10:06:50AM +0200, Patrick Matthäi wrote: >> Am 08.05.2019 um 15:50 schrieb Holger Levsen: >>> control: tags -1 - moreinfo >> Means this I should upload it now to buster/testing? > well, sorry, I have misread your last emails to this bug and thought you > had already uploaded. But yes, you can now upload to buster and then you > remove the moreinfo tag again so that the RT team knows to look at this > bug again. > > sorry for the noise. No problem, uploaded now :) -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ signature.asc Description: OpenPGP digital signature
Bug#928223: unblock / pre approval: otrs2/6.0.16-2
Am 08.05.2019 um 15:50 schrieb Holger Levsen: > control: tags -1 - moreinfo > thanks Means this I should upload it now to buster/testing? -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ signature.asc Description: OpenPGP digital signature
Bug#928223: unblock / pre approval: otrs2/6.0.16-2
Am 05.05.2019 um 21:55 schrieb pmatth...@debian.org: > Thanks but I have to upload it to testing, because in unstable is > already a new upstream release which was declined for migration > > Thanks but I have to upload it to testing, because in unstable is already a > new upstream release which was declined for migration > > > Am 05.05.2019 14:35 schrieb Ivo De Decker : >> Control: tags -1 confirmed moreinfo >> >> Hi, >> >> On Tue, Apr 30, 2019 at 09:55:58AM +0200, Patrick Matthäi wrote: >>> I would like to upload the attached diff to fix several security issues in >>> the >>> buster otrs2 version. >> Please go ahead and remove the moreinfo tag from this bug once the package >> is >> in unstable. >> >> Thanks, >> >> Ivo >> Seems like my smartphone missformated the message a little bit. But now I see that my message didn't arrived the BTS, but the mail log says it was accepted?: May 5 21:56:03 srv1 postfix/smtp[27139]: 9BB041001F9: to=<928...@bugs.debian.org>, relay=buxtehude.debian.org[209.87.16.39]:25, delay=3.3, delays=0.4/0.03/2/0.79, dsn=2.0.0, status=sent (250 OK id=1hNNEx-00081f-JX) -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#928223: unblock / pre approval: otrs2/6.0.16-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, I would like to upload the attached diff to fix several security issues in the buster otrs2 version. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled buster.diff.gz Description: application/gzip
Bug#926708: unblock: otrs2/6.0.17-1
Am 09.04.2019 um 18:51 schrieb Ivo De Decker: > Hi, > > On 4/9/19 2:59 PM, Patrick Matthäi wrote: >> Am 09.04.2019 um 14:46 schrieb Ivo De Decker: > >>> Being in non-free doesn't give you an exception to the freeze. >> Sorry you are right, I totaly forget it.. >> It was an exception for fglrx in the past-past, but because it was also >> closed source, so no fixes could be adapted. >> >> I will prepare a diff along with other security fixes (I think there >> will be one in the next time) if they are out > > OK. Do you have an idea about the timeframe of this future release? > > I will prepare an upload for tomorrow and ask for a pre approval. Should I open a new bug then or use this? -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#927121: unblock: glusterfs/5.5-3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package glusterfs
It adds one upstream patch - which is now in the 5.6 release - to fix this
critical
bug: https://bugzilla.redhat.com/show_bug.cgi?id=1673058
See also: https://review.gluster.org/#/c/glusterfs/+/22404/
diff -Naur '--exclude=.svn' 5.5-2/debian/changelog 5.5-3/debian/changelog
--- 5.5-2/debian/changelog 2019-04-09 13:47:11.558039914 +0200
+++ 5.5-3/debian/changelog 2019-04-15 10:23:28.871148221 +0200
@@ -1,3 +1,10 @@
+glusterfs (5.5-3) unstable; urgency=medium
+
+ * Add upstream patch 05-client-rpc-payload-wire to fix the payload being sent
+on the wire.
+
+ -- Patrick Matthäi Mon, 15 Apr 2019 10:07:38 +0200
+
glusterfs (5.5-2) unstable; urgency=medium
* Uploading to unstable.
diff -Naur '--exclude=.svn'
5.5-2/debian/patches/05-client-rpc-payload-wire.diff
5.5-3/debian/patches/05-client-rpc-payload-wire.diff
--- 5.5-2/debian/patches/05-client-rpc-payload-wire.diff1970-01-01
01:00:00.0 +0100
+++ 5.5-3/debian/patches/05-client-rpc-payload-wire.diff2019-04-15
10:23:28.943147770 +0200
@@ -0,0 +1,1619 @@
+commit 1fba86169b0850c3fcd02e56d0ddbba3efe9ae78
+Author: Poornima G
+Date: Sun Mar 24 09:40:50 2019 +0530
+
+client-rpc: Fix the payload being sent on the wire
+
+The fops allocate 3 kind of payload(buffer) in the client xlator:
+- fop payload, this is the buffer allocated by the write and put fop
+- rsphdr paylod, this is the buffer required by the reply cbk of
+ some fops like lookup, readdir.
+- rsp_paylod, this is the buffer required by the reply cbk of fops like
+ readv etc.
+
+Currently, in the lookup and readdir fop the rsphdr is sent as payload,
+hence the allocated rsphdr buffer is also sent on the wire, increasing
+the bandwidth consumption on the wire.
+
+With this patch, the issue is fixed.
+
+Fixes: bz#1673058
+Change-Id: Ie8158921f4db319e60ad5f52d851fa5c9d4a269b
+Signed-off-by: Poornima G
+
+diff --git a/xlators/protocol/client/src/client-handshake.c
b/xlators/protocol/client/src/client-handshake.c
+index ed9d0a5d9..e1334f9e3 100644
+--- a/xlators/protocol/client/src/client-handshake.c
b/xlators/protocol/client/src/client-handshake.c
+@@ -34,7 +34,6 @@ typedef struct client_fd_lk_local {
+ clnt_fd_ctx_t *fdctx;
+ } clnt_fd_lk_local_t;
+
+-
+ int32_t
+ client3_getspec(call_frame_t *frame, xlator_t *this, void *data)
+ {
+@@ -201,8 +200,8 @@ clnt_release_reopen_fd(xlator_t *this, clnt_fd_ctx_t
*fdctx)
+ req.fd = fdctx->remote_fd;
+
+ ret = client_submit_request(this, , frame, conf->fops,
GFS3_OP_RELEASE,
+-clnt_release_reopen_fd_cbk, NULL, NULL, 0,
NULL,
+-0, NULL, (xdrproc_t)xdr_gfs3_releasedir_req);
++clnt_release_reopen_fd_cbk, NULL,
++(xdrproc_t)xdr_gfs3_releasedir_req);
+ out:
+ if (ret) {
+ clnt_fd_lk_reacquire_failed(this, fdctx, conf);
+@@ -486,8 +485,8 @@ protocol_client_reopendir(clnt_fd_ctx_t *fdctx, xlator_t
*this)
+ frame->local = local;
+
+ ret = client_submit_request(this, , frame, conf->fops,
GFS3_OP_OPENDIR,
+-client3_3_reopendir_cbk, NULL, NULL, 0, NULL,
0,
+-NULL, (xdrproc_t)xdr_gfs3_opendir_req);
++client3_3_reopendir_cbk, NULL,
++(xdrproc_t)xdr_gfs3_opendir_req);
+ if (ret) {
+ gf_msg(this->name, GF_LOG_ERROR, 0, PC_MSG_DIR_OP_FAILED,
+"failed to send the re-opendir request");
+@@ -547,8 +546,8 @@ protocol_client_reopenfile(clnt_fd_ctx_t *fdctx, xlator_t
*this)
+ local->loc.path);
+
+ ret = client_submit_request(this, , frame, conf->fops, GFS3_OP_OPEN,
+-client3_3_reopen_cbk, NULL, NULL, 0, NULL, 0,
+-NULL, (xdrproc_t)xdr_gfs3_open_req);
++client3_3_reopen_cbk, NULL,
++(xdrproc_t)xdr_gfs3_open_req);
+ if (ret) {
+ gf_msg(this->name, GF_LOG_ERROR, 0, PC_MSG_DIR_OP_FAILED,
+"failed to send the re-open request");
+@@ -745,8 +744,8 @@ protocol_client_reopendir_v2(clnt_fd_ctx_t *fdctx,
xlator_t *this)
+ frame->local = local;
+
+ ret = client_submit_request(this, , frame, conf->fops,
GFS3_OP_OPENDIR,
+-client4_0_reopendir_cbk, NULL, NULL, 0, NULL,
0,
+-NULL, (xdrproc_t)xdr_gfx_opendir_req);
++client4_0_reopendir_cbk, NULL,
++(xdrproc_t)xdr_gfx_opendir_req);
+ if (ret) {
+ gf_msg(this->name, GF_LOG_ERROR, 0, PC_MSG_DIR_OP_FAILED,
+
Bug#927119: unblock: apt-dater/1.0.4-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package apt-dater. It adds missing README.* files and fixes a bug, where you can not create new sessions, because of an old deprecated configuration for tmux. diff -Naur '--exclude=.svn' 1.0.4-1/debian/apt-dater.docs 1.0.4-2/debian/apt-dater.docs --- 1.0.4-1/debian/apt-dater.docs 2019-02-11 10:58:30.644694694 +0100 +++ 1.0.4-2/debian/apt-dater.docs 2019-04-15 10:23:54.946984935 +0200 @@ -1,3 +1,2 @@ README -README.tclfilter -README.xmlreport +README.* diff -Naur '--exclude=.svn' 1.0.4-1/debian/changelog 1.0.4-2/debian/changelog --- 1.0.4-1/debian/changelog2019-02-11 10:58:30.624694772 +0100 +++ 1.0.4-2/debian/changelog2019-04-15 10:23:54.906985186 +0200 @@ -1,3 +1,12 @@ +apt-dater (1.0.4-2) unstable; urgency=medium + + * Install missing docs. +Closes: #924176 + * Add patch 01-tmux-options to fix an error with tmux 2.4, because of an old +invalid option. + + -- Patrick Matthäi Mon, 15 Apr 2019 10:07:25 +0200 + apt-dater (1.0.4-1) unstable; urgency=medium * New upstream release. diff -Naur '--exclude=.svn' 1.0.4-1/debian/patches/01-tmux-options.diff 1.0.4-2/debian/patches/01-tmux-options.diff --- 1.0.4-1/debian/patches/01-tmux-options.diff 1970-01-01 01:00:00.0 +0100 +++ 1.0.4-2/debian/patches/01-tmux-options.diff 2019-04-15 10:23:54.906985186 +0200 @@ -0,0 +1,15 @@ +# tmux 2.4 changed this option, we need it for new created sessions +# or tmux will fail with an unknown option error. + +diff -Naur apt-dater-1.0.4.orig/conf/tmux.conf apt-dater-1.0.4/conf/tmux.conf +--- apt-dater-1.0.4.orig/conf/tmux.conf2019-02-10 22:16:03.0 +0100 apt-dater-1.0.4/conf/tmux.conf 2019-04-15 10:02:11.499131926 +0200 +@@ -11,7 +11,7 @@ + set -g terminal-overrides 'xterm*:smcup@:rmcup@' + + set-option -g history-limit 1 +-set-option -g set-remain-on-exit on ++set-hook -g session-created 'set remain-on-exit on' + + # Make C-a q kill the pane (simular to GNU screen) + bind-key q confirm-before -p "kill-pane #P? (y/n)" kill-pane diff -Naur '--exclude=.svn' 1.0.4-1/debian/patches/series 1.0.4-2/debian/patches/series --- 1.0.4-1/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ 1.0.4-2/debian/patches/series 2019-04-15 10:23:54.906985186 +0200 @@ -0,0 +1 @@ +01-tmux-options.diff unblock apt-dater/1.0.4-2 -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#926708: unblock: otrs2/6.0.17-1
Am 09.04.2019 um 14:46 schrieb Ivo De Decker: > Hi, > > On Tue, Apr 09, 2019 at 01:41:44PM +0200, Patrick Matthäi wrote: >> Please unblock package otrs2 >> >> It fixes a security bug along with other upstream fixes: >> https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework/ >> >> This shouldn't be a problem, since it is non-free? > No. And you know this. You tried the exact same thing for stretch: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858891 > > Being in non-free doesn't give you an exception to the freeze. Sorry you are right, I totaly forget it.. It was an exception for fglrx in the past-past, but because it was also closed source, so no fixes could be adapted. I will prepare a diff along with other security fixes (I think there will be one in the next time) if they are out -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#926708: unblock: otrs2/6.0.17-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package otrs2 It fixes a security bug along with other upstream fixes: https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework/ This shouldn't be a problem, since it is non-free? unblock otrs2/6.0.17-1 -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#925525: unblock: glusterfs/5.5-1
Am 06.04.2019 um 13:42 schrieb Ivo De Decker: > Control: tags -1 moreinfo > > Hi, > > On Tue, Mar 26, 2019 at 11:33:20AM +0100, Patrick Matthäi wrote: >> I would like to upload glusterfs 5.5-1 (currently in experimental) to sid and >> target this release for buster. It is a bugfix only release, also for a >> regression, and has got small changes: > You didn't explain what changes are important enough to ask for an unblock. > Please elaborate. > > The diff is small, so it might be suitable. > > Cheers, > > Ivo Hi, there are several fixes: https://docs.gluster.org/en/latest/release-notes/5.5/ They also state, that 5.4 was never offical announced, because of the regressions in it, which prevents rolling upgrades: https://bugzilla.redhat.com/show_bug.cgi?id=1679968 https://bugzilla.redhat.com/show_bug.cgi?id=1684569 https://bugzilla.redhat.com/show_bug.cgi?id=1684385 -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#925587: unblock: znc/1.7.2-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package znc
It fixes a security bug:
diff -Naur '--exclude=.svn' 1.7.2-1/debian/changelog 1.7.2-2/debian/changelog
--- 1.7.2-1/debian/changelog2019-01-28 10:58:47.648083837 +0100
+++ 1.7.2-2/debian/changelog2019-03-26 12:58:06.264919659 +0100
@@ -1,3 +1,11 @@
+znc (1.7.2-2) unstable; urgency=high
+
+ * Add upstream patch 01-CVE-2019-9917 to fix a crash on invalid encoding,
+which fixes CVE-2019-9917.
+Closes: #925285
+
+ -- Patrick Matthäi Tue, 26 Mar 2019 12:46:42 +0100
+
znc (1.7.2-1) unstable; urgency=medium
* New upstream release.
diff -Naur '--exclude=.svn' 1.7.2-1/debian/patches/01-CVE-2019-9917.diff
1.7.2-2/debian/patches/01-CVE-2019-9917.diff
--- 1.7.2-1/debian/patches/01-CVE-2019-9917.diff1970-01-01
01:00:00.0 +0100
+++ 1.7.2-2/debian/patches/01-CVE-2019-9917.diff2019-03-26
12:58:06.272919610 +0100
@@ -0,0 +1,108 @@
+# Don't crash if user specified invalid encoding.
+# References: CVE-2019-9917
+# Closes: #925285
+# URL:
https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973
+
+diff -Naur znc-1.7.2.orig/modules/controlpanel.cpp
znc-1.7.2/modules/controlpanel.cpp
+--- znc-1.7.2.orig/modules/controlpanel.cpp2019-01-27 10:20:05.0
+0100
znc-1.7.2/modules/controlpanel.cpp 2019-03-26 12:42:34.298707717 +0100
+@@ -495,7 +495,7 @@
+ #ifdef HAVE_ICU
+ else if (sVar == "clientencoding") {
+ pUser->SetClientEncoding(sValue);
+-PutModule("ClientEncoding = " + sValue);
++PutModule("ClientEncoding = " + pUser->GetClientEncoding());
+ }
+ #endif
+ else
+diff -Naur znc-1.7.2.orig/src/IRCNetwork.cpp znc-1.7.2/src/IRCNetwork.cpp
+--- znc-1.7.2.orig/src/IRCNetwork.cpp 2019-01-27 10:20:05.0 +0100
znc-1.7.2/src/IRCNetwork.cpp 2019-03-26 12:42:34.302707692 +0100
+@@ -1482,9 +1482,9 @@
+ }
+
+ void CIRCNetwork::SetEncoding(const CString& s) {
+-m_sEncoding = s;
++m_sEncoding = CZNC::Get().FixupEncoding(s);
+ if (GetIRCSock()) {
+-GetIRCSock()->SetEncoding(s);
++GetIRCSock()->SetEncoding(m_sEncoding);
+ }
+ }
+
+diff -Naur znc-1.7.2.orig/src/User.cpp znc-1.7.2/src/User.cpp
+--- znc-1.7.2.orig/src/User.cpp2019-01-27 10:20:05.0 +0100
znc-1.7.2/src/User.cpp 2019-03-26 12:42:34.302707692 +0100
+@@ -1253,9 +1253,9 @@
+ void CUser::SetDenySetBindHost(bool b) { m_bDenySetBindHost = b; }
+ void CUser::SetDefaultChanModes(const CString& s) { m_sDefaultChanModes = s; }
+ void CUser::SetClientEncoding(const CString& s) {
+-m_sClientEncoding = s;
++m_sClientEncoding = CZNC::Get().FixupEncoding(s);
+ for (CClient* pClient : GetAllClients()) {
+-pClient->SetEncoding(s);
++pClient->SetEncoding(m_sClientEncoding);
+ }
+ }
+ void CUser::SetQuitMsg(const CString& s) { m_sQuitMsg = s; }
+diff -Naur znc-1.7.2.orig/src/znc.cpp znc-1.7.2/src/znc.cpp
+--- znc-1.7.2.orig/src/znc.cpp 2019-01-27 10:20:05.0 +0100
znc-1.7.2/src/znc.cpp 2019-03-26 12:42:34.302707692 +0100
+@@ -2092,18 +2092,36 @@
+ m_uiForceEncoding++;
+ #ifdef HAVE_ICU
+ for (Csock* pSock : GetManager()) {
+-if (pSock->GetEncoding().empty()) {
+-pSock->SetEncoding("UTF-8");
+-}
++pSock->SetEncoding(FixupEncoding(pSock->GetEncoding()));
+ }
+ #endif
+ }
+ void CZNC::UnforceEncoding() { m_uiForceEncoding--; }
+ bool CZNC::IsForcingEncoding() const { return m_uiForceEncoding; }
+ CString CZNC::FixupEncoding(const CString& sEncoding) const {
+-if (sEncoding.empty() && m_uiForceEncoding) {
++if (!m_uiForceEncoding) {
++return sEncoding;
++}
++if (sEncoding.empty()) {
+ return "UTF-8";
+ }
++const char* sRealEncoding = sEncoding.c_str();
++if (sEncoding[0] == '*' || sEncoding[0] == '^') {
++sRealEncoding++;
++}
++if (!*sRealEncoding) {
++return "UTF-8";
++}
++#ifdef HAVE_ICU
++UErrorCode e = U_ZERO_ERROR;
++UConverter* cnv = ucnv_open(sRealEncoding, );
++if (cnv) {
++ucnv_close(cnv);
++}
++if (U_FAILURE(e)) {
++return "UTF-8";
++}
++#endif
+ return sEncoding;
+ }
+
+diff -Naur znc-1.7.2.orig/test/integration/tests/scripting.cpp
znc-1.7.2/test/integration/tests/scripting.cpp
+--- znc-1.7.2.orig/test/integration/tests/scripting.cpp2019-01-27
10:20:05.0 +0100
znc-1.7.2/test/integration/tests/scripting.cpp 2019-03-26
12:42:34.302707692 +0100
+@@ -55,6 +55,13 @@
+ ircd.Write(":n!u@h PRIVMSG nick :Hi\xF0, github issue #1229");
+ // "replacement character"
+ client.ReadUntil("Hi\xEF\xBF\xBD, github issue");
++
++/
Bug#925525: unblock: glusterfs/5.5-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hello, I would like to upload glusterfs 5.5-1 (currently in experimental) to sid and target this release for buster. It is a bugfix only release, also for a regression, and has got small changes: $ diff -Naur glusterfs-5.4/ glusterfs-5.5/ --exclude=.pc --exclude=tests --exclude=ChangeLog --exclude=VERSION --exclude=debian --exclude=configure --exclude=Makefile --exclude=glusterfs.spec|diffstat events/src/peer_eventsapi.py |8 +-- extras/systemd/glusterd.service.in |5 +--- extras/systemd/glustereventsd.service.in |7 ++ libglusterfs/src/common-utils.c| 15 - libglusterfs/src/common-utils.h|4 +-- libglusterfs/src/globals.h |4 ++- rpc/xdr/src/glusterfs3.h |2 + rpc/xdr/src/glusterfs4-xdr.x |1 xlators/cluster/afr/src/afr-self-heal-data.c | 28 +++-- xlators/mgmt/glusterd/src/glusterd-brick-ops.c |2 - xlators/mgmt/glusterd/src/glusterd-handshake.c |2 - xlators/mgmt/glusterd/src/glusterd-utils.c | 12 +++--- 12 files changed, 52 insertions(+), 38 deletions(-) If you agree with it I would prepare a 5.5-2 for unstable. -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#925449: unblock: kdenlive/18.12.3-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package kdenlive Hello, before my VAC I were a bit late with the upload. Please unblock kdenlive 18.12.3-1, it only contains updated translations: $ diff -Naur kdenlive-18.12.2/ kdenlive-18.12.3/|diffstat CMakeLists.txt|2 data/kdenlive_wipes.knsrc |2 debian/changelog |6 po/ca/kdenlive.po |8 - po/ca@valencia/kdenlive.po|8 - po/da/kdenlive.po | 119 --- po/es/docs/kdenlive/index.docbook | 300 -- po/gl/kdenlive.po | 59 +++ po/id/kdenlive.po | 113 +- po/nl/kdenlive.po | 10 - po/pt_BR/kdenlive.po | 122 +++ po/uk/kdenlive.po |4 po/zh_CN/kdenlive.po |4 13 files changed, 418 insertions(+), 339 deletions(-) unblock kdenlive/18.12.3-1 -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#919643: transition: glusterfs
Am 18.01.2019 um 10:20 schrieb Emilio Pozuelo Monfort: > On 18/01/2019 09:33, Patrick Matthäi wrote: >> Package: release.debian.org >> Severity: normal >> User: release.debian@packages.debian.org >> Usertags: transition >> >> Hello, >> >> glusterfs 5.2-2 has been accepted in experimental. >> For closing #918503 and #881526, which makes life of other maintainers easier >> and smaller dependencies on standard systems I would like to upload it to sid >> along with the new bugfix release 5.3 and have the changes in buster. >> There is no soname change, but now the libraries are seperated in single >> packages and I also provide libglusterfs-dev again. >> >> The reverse dependencies just have to switch their build dependency from >> glusterfs-common to libglusterfs-dev: > Can't you make glusterfs-common depend on libglusterfs-dev (until the buster > release) so that rdeps don't fail to build if you upload this? Then they can > update their build-dep asynchronously. > > Just considering this because there's no real transition per se, particularly > if > you address that concern. > > Cheers, > Emili So you mean: * 5.3-1: upload to sid with glusterfs-common depending on libglusterfs-dev * Let 5.3-1 migrate to buster and filling bugs against rdeps to change their deps * If all bugs are closed make a new upload removing the -commong -> -dev dep If you mean this I would start with it -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#919643: transition: glusterfs
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hello, glusterfs 5.2-2 has been accepted in experimental. For closing #918503 and #881526, which makes life of other maintainers easier and smaller dependencies on standard systems I would like to upload it to sid along with the new bugfix release 5.3 and have the changes in buster. There is no soname change, but now the libraries are seperated in single packages and I also provide libglusterfs-dev again. The reverse dependencies just have to switch their build dependency from glusterfs-common to libglusterfs-dev: uwsgi-plugin-glusterfs samba-vfs-modules qemu-block-extra nfs-ganesha-gluster libvirt-daemon-driver-storage-gluster fio gfio Could I go ahead? -- System Information: Debian Release: 9.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-8-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Re: New proposed-updates diff: otrs2 3.3.9-3+deb8u1
Am 08.06.2017 um 18:44 schrieb Adam D. Barratt: > On 2017-06-08 11:02, Debian Queue Viewer wrote: >> Version in base suite: 3.3.9-3 >> >> Base version: otrs2_3.3.9-3 >> Target version: otrs2_3.3.9-3+deb8u1 > [...] >> +otrs2 (3.3.9-3+deb8u1) jessie-security; urgency=high >> + >> + * Add patch 17-CVE-2017-9324: >> +This fixes OSA-2017-03, also known as CVE-2017-9324: An attacker >> with >> +agent permission is capable by opening a specific URL in a >> browser to >> +gain administrative privileges / full access. Afterward, all system >> +settings can be read and changed. >> +Closes: #864319 > > I'm afraid that I'm confused by this upload. > > It claims to be for stable-security, but was uploaded directly to > ftp-master. If it's for security, then it should have been uploaded to > the security queues. > > If, on the other hand, this was intended for proposed-updates then a) > the distribution should be "jessie", not "jessie-security" and b) it > should have been discussed in a p-u bug, not simply uploaded. > > Regards, > > Adam Hi Adam, yes -security is aware of it. On my first try I have uploaded everthing to ftp-master :/
Re: Bug#864319: CVE-2017-9324
Am 06.06.2017 um 22:37 schrieb Moritz Muehlenhoff: > Package: otrs > Severity: grave > Tags: security > > Hi, > details are sparse on this one, could you get in touch with upstream to > isolate this to the change in question? > https://www.otrs.com/security-advisory-2017-03-security-update-otrs-versions/ > > Cheers, > Moritz I will try. On which way should I fix Stretch? stretch-security updates or direct upload to Stretch? -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#863444: unblock: apt-dater/1.0.3-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package apt-dater
This update adds one upstream patch to fix the broken Tcl filters in the UI.
They are failing because of incorrect return values.
diff -Naur '--exclude=.svn' 1.0.3-3/debian/changelog 1.0.3-4/debian/changelog
--- 1.0.3-3/debian/changelog2016-11-22 11:33:34.715749952 +0100
+++ 1.0.3-4/debian/changelog2017-05-26 16:00:16.415094385 +0200
@@ -1,3 +1,9 @@
+apt-dater (1.0.3-4) unstable; urgency=medium
+
+ * Add upstream patch 03-broken-tcl-filters to fix broken Tcl filters.
+
+ -- Patrick Matthäi <pmatth...@debian.org> Fri, 26 May 2017 15:54:42 +0200
+
apt-dater (1.0.3-3) unstable; urgency=medium
* Replace patch 01-grep-syntax-error with 02-fix-default-err-pattern from
diff -Naur '--exclude=.svn' 1.0.3-3/debian/patches/03-broken-tcl-filters.diff
1.0.3-4/debian/patches/03-broken-tcl-filters.diff
--- 1.0.3-3/debian/patches/03-broken-tcl-filters.diff 1970-01-01
01:00:00.0 +0100
+++ 1.0.3-4/debian/patches/03-broken-tcl-filters.diff 2017-05-26
16:00:16.411094403 +0200
@@ -0,0 +1,21 @@
+# Upstream fix for Tcl filters never matching due to broken return code
+# handling.
+# URL:
https://github.com/DE-IBH/apt-dater/commit/c6c41e8fe32b6c80ed6629f0b88e3a429a85a779
+
+diff --git a/src/ui.c b/src/ui.c
+index edf92e2..037340c 100644
+--- a/src/ui.c
b/src/ui.c
+@@ -2813,10 +2813,10 @@ void applyFilter(GList *hosts) {
+ case TCL_OK:
+ case TCL_RETURN:
+ filtered = atoi(Tcl_GetStringResult(tcl_interp)) > 0;
+- ;;
++ break;
+ default:
+ filtered = FALSE;
+- ;;
++ break;
+ }
+
+ if(filtered != n->filtered) {
diff -Naur '--exclude=.svn' 1.0.3-3/debian/patches/series
1.0.3-4/debian/patches/series
--- 1.0.3-3/debian/patches/series 2016-11-22 11:33:34.715749952 +0100
+++ 1.0.3-4/debian/patches/series 2017-05-26 16:00:16.411094403 +0200
@@ -1 +1,2 @@
02-fix-default-err-pattern.diff
+03-broken-tcl-filters.diff
unblock apt-dater/1.0.3-4
-- System Information:
Debian Release: 8.8
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Bug#863443: unblock: needrestart/2.11-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package needrestart It fixes a RC bug by blacklisting for oneshot services, while it is closing one important and one serious bug. It also adds a patch (already in jessie-bpo) to fix a Perl warning, which only affects Perl 5.20.x, it makes backports easier. diff -Naur '--exclude=.svn' 2.11-2/debian/changelog 2.11-3/debian/changelog --- 2.11-2/debian/changelog 2017-01-24 10:56:05.028489330 +0100 +++ 2.11-3/debian/changelog 2017-05-26 15:59:51.615213743 +0200 @@ -1,3 +1,23 @@ +needrestart (2.11-3) unstable; urgency=high + + * Add patch 03-perl-warning to fix a warning from Perl triggered in version +5.20. + * Merge 2.11-2~bpo8+1 changelog. + * Add patch 04-ignore-systemd-services to ignore apt-daily.service, +apt-daily-upgrade.service, unattended-upgrades.service and +rc-local.service. +Closes: #862840, #852864 + + -- Patrick Matthäi <pmatth...@debian.org> Fri, 26 May 2017 15:45:04 +0200 + +needrestart (2.11-2~bpo8+1) jessie-backports; urgency=medium + + * Rebuild for jessie-backports. + * Add patch 03-perl-warning to fix a warning from Perl triggered in version +5.20. + + -- Patrick Matthäi <pmatth...@debian.org> Mon, 06 Feb 2017 10:42:32 +0100 + needrestart (2.11-2) unstable; urgency=high * Add patch 02-install-restart-d to fix installation of restart.d/ script diff -Naur '--exclude=.svn' 2.11-2/debian/patches/03-perl-warning.diff 2.11-3/debian/patches/03-perl-warning.diff --- 2.11-2/debian/patches/03-perl-warning.diff 1970-01-01 01:00:00.0 +0100 +++ 2.11-3/debian/patches/03-perl-warning.diff 2017-05-26 15:59:51.615213743 +0200 @@ -0,0 +1,14 @@ +# Fix warning in Perl 5.20.x. Not triggered in 5.24.x. + +diff -Naur needrestart-2.11.orig/ex/needrestart.conf needrestart-2.11/ex/needrestart.conf +--- needrestart-2.11.orig/ex/needrestart.conf 2017-01-17 16:00:20.0 +0100 needrestart-2.11/ex/needrestart.conf 2017-02-06 10:40:29.008100902 +0100 +@@ -150,7 +150,7 @@ + qr(^/\[aio\]), + + # Oil Runtime Compiler's JIT files +-qr(/orcexec\.[\w\d]+( \(deleted\))?$), ++qr#/orcexec\.[\w\d]+( \(deleted\))?$#, + ]; + + # Verify mapped files in fileystem: diff -Naur '--exclude=.svn' 2.11-2/debian/patches/04-ignore-systemd-services.diff 2.11-3/debian/patches/04-ignore-systemd-services.diff --- 2.11-2/debian/patches/04-ignore-systemd-services.diff 1970-01-01 01:00:00.0 +0100 +++ 2.11-3/debian/patches/04-ignore-systemd-services.diff 2017-05-26 15:59:51.607213783 +0200 @@ -0,0 +1,24 @@ +# Ignore / Blacklist apt-daily.service, apt-daily-upgrade.service, +# unattended-upgrades.service and rc-local.service. +# Closes: #852864 +# Closes: #862840 + +diff -Naur needrestart-2.11.orig/ex/needrestart.conf needrestart-2.11/ex/needrestart.conf +--- needrestart-2.11.orig/ex/needrestart.conf 2017-05-26 15:46:38.987005457 +0200 needrestart-2.11/ex/needrestart.conf 2017-05-26 15:49:06.062305440 +0200 +@@ -121,6 +121,15 @@ + qr(^emergency\.service$) => 0, + qr(^rescue\.service$) => 0, + ++ # Do not restart oneshot service apt-daily, unattended-upgrades.service ++ # and apt-daily-upgrade.service,see #862840 ++ qr(^apt-daily\.service$) => 0, ++ qr(^apt-daily-upgrade\.service$) => 0, ++ qr(^unattended-upgrades\.service$) => 0, ++ ++ # Ignore rc-local.service, see #852864 ++ qr(^rc-local\.service$) => 0, ++ + # don't restart systemd-logind, see #798097 + qr(^systemd-logind) => 0, + }; diff -Naur '--exclude=.svn' 2.11-2/debian/patches/series 2.11-3/debian/patches/series --- 2.11-2/debian/patches/series2017-01-24 10:56:05.020489378 +0100 +++ 2.11-3/debian/patches/series2017-05-26 15:59:51.607213783 +0200 @@ -1,2 +1,4 @@ 01-use-invoke-rc-d.diff 02-install-restart-d.diff +03-perl-warning.diff +04-ignore-systemd-services.diff unblock needrestart/2.11-3 -- System Information: Debian Release: 8.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#862994: unblock: geoip-database/20170512-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package geoip-database It includes again the most up to date database. diff -Naur '--exclude=.svn' 20170418-1/debian/changelog 20170512-1/debian/changelog --- 20170418-1/debian/changelog 2017-04-18 14:25:18.737430740 +0200 +++ 20170512-1/debian/changelog 2017-05-12 11:00:13.763515841 +0200 @@ -1,3 +1,9 @@ +geoip-database (20170512-1) unstable; urgency=low + + * New upstream release. + + -- Patrick Matthäi <pmatth...@debian.org> Fri, 12 May 2017 10:39:40 +0200 + geoip-database (20170418-1) unstable; urgency=low unblock geoip-database/20170512-1 -- System Information: Debian Release: 8.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#861223: unblock: geoip-database/20170418-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package geoip-database It just includes updated database files: diff -Naur '--exclude=.svn' 20170216-1/debian/changelog 20170418-1/debian/changelog --- 20170216-1/debian/changelog 2017-02-16 10:26:38.513839065 +0100 +++ 20170418-1/debian/changelog 2017-04-18 14:25:18.737430740 +0200 @@ -1,3 +1,15 @@ +geoip-database (20170418-1) unstable; urgency=low + + * New upstream release. + + -- Patrick Matthäi <pmatth...@debian.org> Tue, 18 Apr 2017 14:21:28 +0200 + +geoip-database (20170407-1) unstable; urgency=low + + * New upstream release. + + -- Patrick Matthäi <pmatth...@debian.org> Fri, 07 Apr 2017 10:45:29 +0200 + geoip-database (20170216-1) unstable; urgency=low * New upstream release. unblock geoip-database/20170418-1 -- System Information: Debian Release: 8.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#859764: unblock: libphysfs/2.0.3-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package libphysfs It adds a patch to fix a buffer overflow when using zlib. It is also required for the manaplus package to work correct again with newer versions. diff -Nru libphysfs-2.0.3/debian/changelog libphysfs-2.0.3/debian/changelog --- libphysfs-2.0.3/debian/changelog2016-12-23 09:24:38.0 +0100 +++ libphysfs-2.0.3/debian/changelog2017-04-03 19:48:25.0 +0200 @@ -1,3 +1,10 @@ +libphysfs (2.0.3-5) unstable; urgency=low + + * Add patch 02-zip-seek to fix a buffer overflow in physfs with zlib version +>= 1.2.11. + + -- Patrick Matthäi <pmatth...@debian.org> Mon, 03 Apr 2017 19:48:04 +0200 + libphysfs (2.0.3-4) unstable; urgency=medium * Enable full hardening. diff -Nru libphysfs-2.0.3/debian/patches/02-zip-seek.diff libphysfs-2.0.3/debian/patches/02-zip-seek.diff --- libphysfs-2.0.3/debian/patches/02-zip-seek.diff 1970-01-01 01:00:00.0 +0100 +++ libphysfs-2.0.3/debian/patches/02-zip-seek.diff 2017-04-03 19:48:25.0 +0200 @@ -0,0 +1,19 @@ +# Fix buffer overflow in physfs if you use zlib >= 1.2.11. +# +# zlib link: https://github.com/madler/zlib/issues/206 +# Upstream report: http://icculus.org/pipermail/physfs/2017-January/001215.html +# Author and patch founder: http://manaplus.org/physfs_bugs + +diff -r 34ebe997c5c0 archivers/zip.c +--- a/archivers/zip.c Fri Jan 01 12:53:41 2016 -0500 b/archivers/zip.c Wed Jan 25 20:56:26 2017 +0300 +@@ -327,7 +327,8 @@ + return(0); + + inflateEnd(>stream); +-memcpy(>stream, , sizeof (z_stream)); ++inflateCopy(>stream, ); ++inflateEnd(); + finfo->uncompressed_position = finfo->compressed_position = 0; + } /* if */ + diff -Nru libphysfs-2.0.3/debian/patches/series libphysfs-2.0.3/debian/patches/series --- libphysfs-2.0.3/debian/patches/series 2016-12-23 09:24:38.0 +0100 +++ libphysfs-2.0.3/debian/patches/series 2017-04-03 19:48:25.0 +0200 @@ -1 +1,2 @@ 01-do-not-link-against-curses.diff +02-zip-seek.diff unblock libphysfs/2.0.3-5 -- System Information: Debian Release: 8.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#858891: unblock: non-free otrs2/5.0.17-1
Am 28.03.2017 um 13:22 schrieb Adam D. Barratt: > Control: tags -1 + moreinfo > > On 2017-03-28 10:50, Patrick Matthäi wrote: >> Please unblock package otrs2 >> >> diff -Naur '--exclude=.svn' 5.0.16-1/debian/changelog >> 5.0.17-1/debian/changelog >> --- 5.0.16-1/debian/changelog 2017-01-24 12:35:19.080487907 +0100 >> +++ 5.0.17-1/debian/changelog 2017-03-09 15:04:58.892151472 +0100 > > That is *not* the actual debdiff, which is: > > 377 files changed, 27837 insertions(+), 15899 deletions(-) > > why did you not include it, as requested? > Sorry I thought it would be superfluous here (too big), because it is just a new upstream release (but also with a important change [0]). I hope now it is still the case, that there are lower requirements for non-free unblock requests like in the past? [0]: https://bugs.otrs.org/show_bug.cgi?id=10691 -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#858891: unblock: non-free otrs2/5.0.17-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package otrs2 diff -Naur '--exclude=.svn' 5.0.16-1/debian/changelog 5.0.17-1/debian/changelog --- 5.0.16-1/debian/changelog 2017-01-24 12:35:19.080487907 +0100 +++ 5.0.17-1/debian/changelog 2017-03-09 15:04:58.892151472 +0100 @@ -1,3 +1,16 @@ +otrs2 (5.0.17-1) unstable; urgency=low + + * New upstream release. + * Merge 5.0.16-1~bpo8+1 changelog. + + -- Patrick Matthäi <pmatth...@debian.org> Thu, 09 Mar 2017 14:56:10 +0100 + +otrs2 (5.0.16-1~bpo8+1) jessie-backports; urgency=medium + + * Rebuild for jessie-backports. + + -- Patrick Matthäi <pmatth...@debian.org> Mon, 06 Feb 2017 10:35:25 +0100 + otrs2 (5.0.16-1) unstable; urgency=low * New upstream release. unblock otrs2/5.0.17-1 -- System Information: Debian Release: 8.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#856917: unblock: kdenlive/16.12.2-1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package kdenlive
As explained in my last unblock request for this package (16.12.1-3)
16.12.2-1 is nearly 16.12.1-3 just with the merged patches. So it is
easier to maintain the stable branch from KDE.
diff -Naur '--exclude=.svn' 16.12.1-3/debian/changelog
16.12.2-1/debian/changelog
--- 16.12.1-3/debian/changelog 2017-02-07 13:57:52.242304197 +0100
+++ 16.12.2-1/debian/changelog 2017-02-16 10:27:08.993661078 +0100
@@ -1,3 +1,16 @@
+kdenlive (16.12.2-1) unstable; urgency=low
+
+ * New upstream release.
+- Drop patches, which are now included in 16.12.2:
+ 01-nvidia-crash-375094, 02-nvidia-crash-movit-1,
+ 03-frame-extract-remember-folder, 04-playlist-clip-expand,
+ 05-monitor-length-375163, 06-playaction-not-pausing,
+ 07-nvidia-crash-movit-2, 08-title-clip-select-twice,
+ 09-aspect-transparency-issues, 10-crash-razor-multiple-clips,
+ 11-project-archiving-fix.
+
+ -- Patrick Matthäi <pmatth...@debian.org> Thu, 16 Feb 2017 10:12:19 +0100
+
kdenlive (16.12.1-3) unstable; urgency=low
* Add upstream patch 08-title-clip-select-twice:
diff -Naur '--exclude=.svn'
16.12.1-3/debian/patches/01-nvidia-crash-375094.diff
16.12.2-1/debian/patches/01-nvidia-crash-375094.diff
--- 16.12.1-3/debian/patches/01-nvidia-crash-375094.diff2017-02-07
13:57:52.310303805 +0100
+++ 16.12.2-1/debian/patches/01-nvidia-crash-375094.diff1970-01-01
01:00:00.0 +0100
@@ -1,55 +0,0 @@
-commit 8a20fca86e9e2ce3d04b3e024b0752e19f9d8c8e
-Author: Jean-Baptiste Mardelle <j...@kdenlive.org>
-Date: Mon Jan 16 20:06:00 2017 +0100
-
-Revert "Fix warning about QOffscreenSurface thread"
-Caused startup crash on NVidia cards
-CCBUG: 375094
-
-This reverts commit 6675c4a509046aa3b57c60cbc3f31435e09c2df7.
-
-diff --git a/src/monitor/glwidget.cpp b/src/monitor/glwidget.cpp
-index e4089e6..cd4f56a 100644
a/src/monitor/glwidget.cpp
-+++ b/src/monitor/glwidget.cpp
-@@ -109,7 +109,6 @@ GLWidget::GLWidget(int id, QObject *parent)
- mlt_properties_set_data(mlt_global_properties(), "glslManager", NULL,
0, NULL, NULL);
- emit gpuNotSupported();
- }
--connect(this, SIGNAL(sceneGraphInitialized()), SLOT(createOffscreen()));
- connect(this, SIGNAL(sceneGraphInitialized()), SLOT(initializeGL()),
Qt::DirectConnection);
- connect(this, SIGNAL(beforeRendering()), SLOT(paintGL()),
Qt::DirectConnection);
- }
-@@ -143,17 +142,14 @@ void GLWidget::updateAudioForAnalysis()
- m_frameRenderer->sendAudioForAnalysis =
KdenliveSettings::monitor_audio();
- }
-
--void GLWidget::createOffscreen()
-+void GLWidget::initializeGL()
- {
-+if (m_isInitialized || !isVisible() || !openglContext()) return;
- if (!m_offscreenSurface.isValid()) {
- m_offscreenSurface.setFormat(openglContext()->format());
- m_offscreenSurface.create();
-+openglContext()->makeCurrent(this);
- }
--}
--
--void GLWidget::initializeGL()
--{
--if (m_isInitialized || !isVisible() || !openglContext()) return;
- initializeOpenGLFunctions();
- qDebug() << "OpenGL vendor: " << QString::fromUtf8((const char*)
glGetString(GL_VENDOR));
- qDebug() << "OpenGL renderer: " << QString::fromUtf8((const char*)
glGetString(GL_RENDERER));
-diff --git a/src/monitor/glwidget.h b/src/monitor/glwidget.h
-index dc1e0e2..d12500a 100644
a/src/monitor/glwidget.h
-+++ b/src/monitor/glwidget.h
-@@ -182,7 +182,6 @@ private slots:
- void updateTexture(GLuint yName, GLuint uName, GLuint vName);
- void paintGL();
- void onFrameDisplayed(const SharedFrame );
--void createOffscreen();
-
- protected:
- void resizeEvent(QResizeEvent* event);
diff -Naur '--exclude=.svn'
16.12.1-3/debian/patches/02-nvidia-crash-movit-1.diff
16.12.2-1/debian/patches/02-nvidia-crash-movit-1.diff
--- 16.12.1-3/debian/patches/02-nvidia-crash-movit-1.diff 2017-02-07
13:57:52.250304150 +0100
+++ 16.12.2-1/debian/patches/02-nvidia-crash-movit-1.diff 1970-01-01
01:00:00.0 +0100
@@ -1,44 +0,0 @@
-commit 754b8eeed8c1a874a5535eb5136b02841a812180
-Author: Jean-Baptiste Mardelle <j...@kdenlive.org>
-Date: Fri Jan 20 01:15:01 2017 +0100
-
-Fix NVIDIA crash with GPU accel (movit)
-
-diff --git a/src/main.cpp b/src/main.cpp
-index fc93963..b081e05 100644
a/src/main.cpp
-+++ b/src/main.cpp
-@@ -44,7 +44,7 @@ int main(int argc, char *argv[])
- // Force QDomDocument to use a deterministic XML attribute order
- extern Q_CORE_EXPORT QBasicAtomicInt qt_qhash_seed;
- qt_qhash_seed.store(0);
--
-+QCoreApplication::setAttribute(Qt::AA_ShareOpenGLContexts, true);
- #if defined(Q_OS_UNIX) && !defined(Q_OS_MAC)
- QCoreApplication::setAttribute(Qt::AA_X11InitThreads);
- #endif
-diff --git a/src/mltcontroller
Bug#856916: unblock: geoip-database/20170216-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package geoip-database It just updates the databases: diff -Naur '--exclude=.svn' 20170111-1/debian/changelog 20170216-1/debian/changelog --- 20170111-1/debian/changelog 2017-01-11 15:32:05.357721942 +0100 +++ 20170216-1/debian/changelog 2017-02-16 10:26:38.513839065 +0100 @@ -1,3 +1,9 @@ +geoip-database (20170216-1) unstable; urgency=low + + * New upstream release. + + -- Patrick Matthäi <pmatth...@debian.org> Thu, 16 Feb 2017 10:15:37 +0100 + unblock geoip-database/20170216-1 -- System Information: Debian Release: 8.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#855185: unblock: kdenlive/16.12.1-3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hello,
please unblock kdenlive 16.12.1-3. It adds eleven upstream patches to fix
regressions with nvidia cards and various other bugs. On the other side I
would like to ask if I get a pre-approval for uploading kdenlive 16.12.2
(KDE Applications upgrade) to unstable/testing, which includes nearly all
of those eleven patches. It is nearly only a bugfix release.
diff -Naur '--exclude=.svn' 16.12.1-1/debian/changelog
16.12.1-3/debian/changelog
--- 16.12.1-1/debian/changelog 2017-01-17 16:07:03.280587938 +0100
+++ 16.12.1-3/debian/changelog 2017-02-07 13:57:52.242304197 +0100
@@ -1,3 +1,33 @@
+kdenlive (16.12.1-3) unstable; urgency=low
+
+ * Add upstream patch 08-title-clip-select-twice:
+Fix title clip items need to be selected twice before allowing move.
+ * Add upstream patch 09-aspect-transparency-issues:
+Fix various aspect ratio issues and transparency of composite transition in
+some cases.
+ * Add upstream patch 10-crash-razor-multiple-clips:
+Fix crash on razor with multiple clips selected.
+ * Add upstream patch 11-project-archiving-fix:
+Fix color clips incorrectly detected and warn before overwriting project
+file.
+
+ -- Patrick Matthäi <pmatth...@debian.org> Tue, 07 Feb 2017 13:23:05 +0100
+
+kdenlive (16.12.1-2) unstable; urgency=low
+
+ * Add this upstream patches, to fix some minor bugs and crashes, if you are
+using a nvidia card with movit.
+- 01-nvidia-crash-375094.
+ Closes: #853768
+- 02-nvidia-crash-movit-1.
+- 03-frame-extract-remember-folder.
+- 04-playlist-clip-expand.
+- 05-monitor-length-375163.
+- 06-playaction-not-pausing.
+- 07-nvidia-crash-movit-2.
+
+ -- Patrick Matthäi <pmatth...@debian.org> Wed, 01 Feb 2017 11:16:36 +0100
+
kdenlive (16.12.1-1) unstable; urgency=low
* New upstream release.
diff -Naur '--exclude=.svn'
16.12.1-1/debian/patches/01-nvidia-crash-375094.diff
16.12.1-3/debian/patches/01-nvidia-crash-375094.diff
--- 16.12.1-1/debian/patches/01-nvidia-crash-375094.diff1970-01-01
01:00:00.0 +0100
+++ 16.12.1-3/debian/patches/01-nvidia-crash-375094.diff2017-02-07
13:57:52.310303805 +0100
@@ -0,0 +1,55 @@
+commit 8a20fca86e9e2ce3d04b3e024b0752e19f9d8c8e
+Author: Jean-Baptiste Mardelle <j...@kdenlive.org>
+Date: Mon Jan 16 20:06:00 2017 +0100
+
+Revert "Fix warning about QOffscreenSurface thread"
+Caused startup crash on NVidia cards
+CCBUG: 375094
+
+This reverts commit 6675c4a509046aa3b57c60cbc3f31435e09c2df7.
+
+diff --git a/src/monitor/glwidget.cpp b/src/monitor/glwidget.cpp
+index e4089e6..cd4f56a 100644
+--- a/src/monitor/glwidget.cpp
b/src/monitor/glwidget.cpp
+@@ -109,7 +109,6 @@ GLWidget::GLWidget(int id, QObject *parent)
+ mlt_properties_set_data(mlt_global_properties(), "glslManager", NULL,
0, NULL, NULL);
+ emit gpuNotSupported();
+ }
+-connect(this, SIGNAL(sceneGraphInitialized()), SLOT(createOffscreen()));
+ connect(this, SIGNAL(sceneGraphInitialized()), SLOT(initializeGL()),
Qt::DirectConnection);
+ connect(this, SIGNAL(beforeRendering()), SLOT(paintGL()),
Qt::DirectConnection);
+ }
+@@ -143,17 +142,14 @@ void GLWidget::updateAudioForAnalysis()
+ m_frameRenderer->sendAudioForAnalysis =
KdenliveSettings::monitor_audio();
+ }
+
+-void GLWidget::createOffscreen()
++void GLWidget::initializeGL()
+ {
++if (m_isInitialized || !isVisible() || !openglContext()) return;
+ if (!m_offscreenSurface.isValid()) {
+ m_offscreenSurface.setFormat(openglContext()->format());
+ m_offscreenSurface.create();
++openglContext()->makeCurrent(this);
+ }
+-}
+-
+-void GLWidget::initializeGL()
+-{
+-if (m_isInitialized || !isVisible() || !openglContext()) return;
+ initializeOpenGLFunctions();
+ qDebug() << "OpenGL vendor: " << QString::fromUtf8((const char*)
glGetString(GL_VENDOR));
+ qDebug() << "OpenGL renderer: " << QString::fromUtf8((const char*)
glGetString(GL_RENDERER));
+diff --git a/src/monitor/glwidget.h b/src/monitor/glwidget.h
+index dc1e0e2..d12500a 100644
+--- a/src/monitor/glwidget.h
b/src/monitor/glwidget.h
+@@ -182,7 +182,6 @@ private slots:
+ void updateTexture(GLuint yName, GLuint uName, GLuint vName);
+ void paintGL();
+ void onFrameDisplayed(const SharedFrame );
+-void createOffscreen();
+
+ protected:
+ void resizeEvent(QResizeEvent* event);
diff -Naur '--exclude=.svn'
16.12.1-1/debian/patches/02-nvidia-crash-movit-1.diff
16.12.1-3/debian/patches/02-nvidia-crash-movit-1.diff
--- 16.12.1-1/debian/patches/02-nvidia-crash-movit-1.diff 1970-01-01
01:00:00.0 +0100
+++ 16.12.1-3/debian/patches/02-nvidia-crash-movit-1.diff 2017-02-07
13:57:52.250304150 +0100
@@ -0,0 +1,44 @@
+commit 754b8eeed8c1a874a5
Bug#855184: unblock: mlt/6.4.1-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package mlt
It adds two upstream patches to fix crashes of kdenlive/mlt.
diff --git a/debian/changelog b/debian/changelog
index f423448..378dc92 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+mlt (6.4.1-2) unstable; urgency=low
+
+ * Add upstream patch 01-crash-affine to fix a crash in affine due to relaxed
+constraints.
+ * Add upstream patch 02-crash-clipinfo-update to fix a crash in kdenlive when
+a clip has no resource.
+
+ -- Patrick Matthäi <pmatth...@debian.org> Tue, 07 Feb 2017 13:13:57 +0100
+
mlt (6.4.1-1) unstable; urgency=medium
* New upstream release.
diff --git a/debian/patches/01-crash-affine.diff
b/debian/patches/01-crash-affine.diff
new file mode 100644
index 000..ba13782
--- /dev/null
+++ b/debian/patches/01-crash-affine.diff
@@ -0,0 +1,40 @@
+commit ab626f7543e0498e3ca3842ba69ad2f2e66ce227
+Author: Dan Dennedy <d...@dennedy.org>
+Date: Sun Jan 29 00:43:28 2017 -0800
+
+Fix crash in affine due to relaxed constraints.
+
+diff --git a/src/modules/plus/transition_affine.c
b/src/modules/plus/transition_affine.c
+index 8c8820e..91607fd 100644
+--- a/src/modules/plus/transition_affine.c
b/src/modules/plus/transition_affine.c
+@@ -1,6 +1,6 @@
+ /*
+ * transition_affine.c -- affine transformations
+- * Copyright (C) 2003-2016 Meltytech, LLC
++ * Copyright (C) 2003-2017 Meltytech, LLC
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+@@ -552,8 +552,8 @@ static int transition_get_image( mlt_frame a_frame,
uint8_t **image, mlt_image_f
+
+ // Affine boundaries
+ float minima = 0;
+- float xmax = b_width;
+- float ymax = b_height;
++ float xmax = b_width - 1;
++ float ymax = b_height - 1;
+
+ // Set the interpolation function
+ if ( interps == NULL || strcmp( interps, "nearest" ) == 0 ||
strcmp( interps, "neighbor" ) == 0 || strcmp( interps, "tiles" ) == 0 ||
strcmp( interps, "fast_bilinear" ) == 0 )
+@@ -567,9 +567,7 @@ static int transition_get_image( mlt_frame a_frame,
uint8_t **image, mlt_image_f
+ else if ( strcmp( interps, "bilinear" ) == 0 )
+ {
+ interp = interpBL_b32;
+- // uses floorf. Values should be >= 0 and < max + 1.
+- xmax += 0.99;
+- ymax += 0.99;
++ // uses floorf.
+ }
+ else if ( strcmp( interps, "bicubic" ) == 0 || strcmp(
interps, "hyper" ) == 0 || strcmp( interps, "sinc" ) == 0 || strcmp( interps,
"lanczos" ) == 0 || strcmp( interps, "spline" ) == 0 )
+ {
diff --git a/debian/patches/02-crash-clipinfo-update.diff
b/debian/patches/02-crash-clipinfo-update.diff
new file mode 100644
index 000..3a89684
--- /dev/null
+++ b/debian/patches/02-crash-clipinfo-update.diff
@@ -0,0 +1,19 @@
+commit bf2749ab998446f13ba20c8cbc33a8c4d1c36963
+Author: Jean-Baptiste Mardelle <j...@kdenlive.org>
+Date: Sun Feb 5 22:54:50 2017 +0100
+
+Fix crash in ClipInfo::update method when clip has no resource
+
+diff --git a/src/mlt++/MltPlaylist.cpp b/src/mlt++/MltPlaylist.cpp
+index 5676060..111d3f5 100644
+--- a/src/mlt++/MltPlaylist.cpp
b/src/mlt++/MltPlaylist.cpp
+@@ -71,7 +71,7 @@ void ClipInfo::update( mlt_playlist_clip_info *info )
+ producer = new Producer( info->producer );
+ cut = new Producer( info->cut );
+ start = info->start;
+- resource = strdup( info->resource );
++ resource = info->resource ? strdup( info->resource ) : 0;
+ frame_in = info->frame_in;
+ frame_out = info->frame_out;
+ frame_count = info->frame_count;
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..5a09da5
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1,2 @@
+01-crash-affine.diff
+02-crash-clipinfo-update.diff
unblock mlt/6.4.1-2
-- System Information:
Debian Release: 8.7
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Bug#836823: jessie-pu: package glusterfs/3.5.2-2+deb8u2
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Hello,
I want to upload glusterfs 3.5.2-2+deb8u3, could I go ahead?
diff:
diff -Naur '--exclude=.svn' tags/3.5.2-2+deb8u2/debian/changelog
branches/jessie/debian/changelog
--- tags/3.5.2-2+deb8u2/debian/changelog2016-05-27 15:14:36.603900286
+0200
+++ branches/jessie/debian/changelog2016-09-06 11:17:26.419773790 +0200
@@ -1,3 +1,11 @@
+glusterfs (3.5.2-2+deb8u3) jessie-proposed-updates; urgency=medium
+
+ * quota: Fix could not start auxiliary mount issue by adding upstream patch
+03-quota-fix-could-not-start-auxiliary-mount-issue.
+Closes: #825834
+
+ -- Patrick Matthäi <pmatth...@debian.org> Tue, 06 Sep 2016 11:17:19 +0200
+
glusterfs (3.5.2-2+deb8u2) jessie-proposed-updates; urgency=medium
* Add missing glusterd hook script to glusterfs-server package.
diff -Naur '--exclude=.svn'
tags/3.5.2-2+deb8u2/debian/patches/03-quota-fix-could-not-start-auxiliary-mount-issue.diff
branches/jessie/debian/patches/03-quota-fix-could-not-start-auxiliary-mount-issue.diff
---
tags/3.5.2-2+deb8u2/debian/patches/03-quota-fix-could-not-start-auxiliary-mount-issue.diff
1970-01-01 01:00:00.0 +0100
+++
branches/jessie/debian/patches/03-quota-fix-could-not-start-auxiliary-mount-issue.diff
2016-09-06 11:15:30.760415715 +0200
@@ -0,0 +1,37 @@
+From e61a2171f2389ec6cf1be962b68609c2e763cbd9 Mon Sep 17 00:00:00 2001
+From: Manikandan Selvaganesh <mselv...@redhat.com>
+Date: Mon, 11 Jan 2016 18:08:27 +0530
+Subject: [PATCH] quota : fix could not start auxiliary mount issue
+
+In versions older than 3.7, when trying to enable
+quota, the following message appears :"quota: Could
+not start quota auxiliary mount". It was because,
+/var/run/gluster was not getting created in cli side.
+In 3.7, the code has been moved to glusterd and we are
+making use of sys_mkdir.
+
+3.6 fix -> http://review.gluster.org/#/c/13308/
+
+
+Change-Id: Id4360409f76b57c0f676fe2b859f3647c4340575
+BUG: 1117888
+Signed-off-by: Manikandan Selvaganesh <mselv...@redhat.com>
+Reviewed-on: http://review.gluster.org/13215
+Smoke: Gluster Build System <jenk...@build.gluster.com>
+CentOS-regression: Gluster Build System <jenk...@build.gluster.com>
+NetBSD-regression: NetBSD Build System <jenk...@build.gluster.org>
+Reviewed-by: Niels de Vos <nde...@redhat.com>
+Reviewed-by: Vijaikumar Mallikarjuna <vmall...@redhat.com>
+---
+
+--- a/cli/src/cli-cmd-volume.c
b/cli/src/cli-cmd-volume.c
+@@ -1029,7 +1029,7 @@ gf_cli_create_auxiliary_mount (char *vol
+ }
+
+ GLUSTERD_GET_QUOTA_AUX_MOUNT_PATH (mountdir, volname, "/");
+-ret = mkdir (mountdir, 0777);
++ret = mkdir_p (mountdir, 0700, _gf_true);
+ if (ret && errno != EEXIST) {
+ gf_log ("cli", GF_LOG_ERROR, "Failed to create auxiliary
mount "
+ "directory %s. Reason : %s", mountdir,
diff -Naur '--exclude=.svn' tags/3.5.2-2+deb8u2/debian/patches/series
branches/jessie/debian/patches/series
--- tags/3.5.2-2+deb8u2/debian/patches/series 2016-05-27 15:14:36.623900149
+0200
+++ branches/jessie/debian/patches/series 2016-09-06 11:15:16.372495549
+0200
@@ -1,2 +1,3 @@
01-CVE-2014-3619.diff
02-nfs-unix-domain-socket-created-as-fifo.diff
+03-quota-fix-could-not-start-auxiliary-mount-issue.diff
-- System Information:
Debian Release: 8.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Bug#825523: jessie-pu: package glusterfs/3.5.2-2+deb8u1
Am 27.05.2016 um 15:08 schrieb Adam D. Barratt: > Control: tags -1 + confirmed > > On Fri, 2016-05-27 at 14:57 +0200, Patrick Matthäi wrote: >> to fix the bug #824823 I would like to upload glusterfs/3.5.2-2+deb8u2 if you >> agree with it: > The metadata for that bug suggests that it also affects the package in > unstable. I can see from looking at the later source package that this > isn't the case, but please add an appropriate fixed version to the bug > (which really should have been done anyway). The only affected version is the stable version (later upstream installed the files per default). I already set the fixed header while you wrote this ;) > >> diff -Naur '--exclude=.svn' tags/3.5.2-2+deb8u1/debian/changelog >> branches/jessie/debian/changelog >> --- tags/3.5.2-2+deb8u1/debian/changelog2015-07-29 >> 23:23:00.579388299 +0200 >> +++ branches/jessie/debian/changelog2016-05-27 14:55:21.543800538 +0200 >> @@ -1,3 +1,10 @@ >> +glusterfs (3.5.2-2+deb8u2) jessie-proposed-updates; urgency=medium >> + >> + * Add missing glusterd hook script to glusterfs-server package. >> +Closes: #824823 > Please go ahead. Thanks, uploaded! > > Regards, > > Adam > -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#825523: jessie-pu: package glusterfs/3.5.2-2+deb8u1
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu Hello, to fix the bug #824823 I would like to upload glusterfs/3.5.2-2+deb8u2 if you agree with it: diff -Naur '--exclude=.svn' tags/3.5.2-2+deb8u1/debian/changelog branches/jessie/debian/changelog --- tags/3.5.2-2+deb8u1/debian/changelog2015-07-29 23:23:00.579388299 +0200 +++ branches/jessie/debian/changelog2016-05-27 14:55:21.543800538 +0200 @@ -1,3 +1,10 @@ +glusterfs (3.5.2-2+deb8u2) jessie-proposed-updates; urgency=medium + + * Add missing glusterd hook script to glusterfs-server package. +Closes: #824823 + + -- Patrick Matthäi <pmatth...@debian.org> Fri, 27 May 2016 14:35:11 +0200 + glusterfs (3.5.2-2+deb8u1) jessie-proposed-updates; urgency=medium * Add upstream patch 02-nfs-unix-domain-socket-created-as-fifo to fix a bug diff -Naur '--exclude=.svn' tags/3.5.2-2+deb8u1/debian/glusterfs-server.install branches/jessie/debian/glusterfs-server.install --- tags/3.5.2-2+deb8u1/debian/glusterfs-server.install 2015-07-29 23:23:00.507388486 +0200 +++ branches/jessie/debian/glusterfs-server.install 2016-05-27 14:48:23.954671677 +0200 @@ -6,3 +6,4 @@ etc/glusterfs/glusterfs-georep-logrotate etc/glusterfs/gluster-rsyslog-7.2.conf etc/glusterfs/gluster-rsyslog-5.8.conf +extras/hook-scripts/S56glusterd-geo-rep-create-post.sh var/lib/glusterd/hooks/1/gsync-create/post/ -- System Information: Debian Release: 8.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Re: Bug#814589: otrs2: source-less files; undocumented copyrights/licenses; abuse of lintian-overrides; systematic DFSG violations
Am 03.03.2016 um 14:31 schrieb Julien Cristau: On Wed, Mar 2, 2016 at 12:36:46 +0100, Patrick Matthäi wrote: @Debian release team: I would like to request a strech ignore for this bug. I am aware of these problems, but I am not able to fix them nor did anyone ever offered me help with this JS foo. If it would not be possible I had to resign otrs packaging in Debian. There's two issues as I understand it: - embedded copies of third-party code - lack of source for some of them The former is not necessarily RC, and I'm not thrilled about ignoring the latter. Not to mention we're months away from freeze, so this isn't the time to consider stretch-ignore tags, there's plenty of time to fix bugs still. Thanks for your answer. I will try to fix the serious bugs in the next time. Just get a new notebook after my workstation crashed...
Re: Bug#814589: otrs2: source-less files; undocumented copyrights/licenses; abuse of lintian-overrides; systematic DFSG violations
Am 15.02.2016 um 14:14 schrieb Dmitry Smirnov: I am aware of those issues, that is also why the embedded-code-copies bug is marked as "need help". And this is why I provided some hints how you can address those problems in my bug report. This is why I wrote to you after when I stabilised "ckeditor" so you could use it. I can use it, until ckeditor OR otrs upstreams broke it again, like with jquery. Also it would prevent backports of otrs to jessie. and mostly it is not possible to replace the libjs thirdparty foo with the packages from Debian, mostly because of version missmatches. Hold on, you are answering the least important concern. There are cases when replacing bundled library with system one could be fragile or not suitable. But you can't ship and use untrusted pre-minified upstream files with who- knows-what... You reported a very general bug about the whole javascript mess. Replacing ckeditor will not solve the other problems or all those minified files and so on. Nobody is willed (or in my case able) to fix those JS issues, which appear here and then with different versions in different places (ugly JS sh..). At least I gave you "ckeditor" didn't I? That's one less problem to deal with... See above. If everything is simple for you and just replacements have to be done (which is not the case) then I would be happy to welcome you on the otrs-packaging board. It is simple enough. Although some system libraries should be safe to use you do not have to use only system libraries. But you have to get rid of non-DFSG precompiled binaries. I appreciate your invitation but unfortunately I have no time for otrs. IMO minified files are not as evil as the embedded libs, which should be addressed first. Just a short example: With 5.0.1-2 I had to drop (and inform the security team) about removing again the use of the libjs-jquery* packages from Debian, because of #802938 I agree that using "libjs-jquery-ui" package of different version than bundled one is fragile. Though with "libjs-jquery" you'd probably be safe as long as you do not cross 1.9.0 boundary. However you must not use pre-minified "jquery-ui.js" as it is shipped in orig.tar. As very minimum you have to replace it with original uncompressed version that you have to ship in "debian/missing-sources" and ideally report pre-built binaries as bug to upstream. If you believe in minification then you can minify on build time. You can not trust source- less, unreadable, unmodifiable pre-built binaries. I suppose lintian already warned you long before I did. I wrote the following wiki page that I use when I make upstream bug reports about minified binaries -- I hope you might find it useful: https://wiki.debian.org/onlyjob/no-minification Investing work in removing those files will not realy help and just burden the whole packaging and eat time to fix realy serious issues - like embedded libs. @Debian release team: I would like to request a strech ignore for this bug. I am aware of these problems, but I am not able to fix them nor did anyone ever offered me help with this JS foo. If it would not be possible I had to resign otrs packaging in Debian. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#799758: jessie-pu: package apt-dater-host/1.0.0-2
Am 10.10.2015 um 21:58 schrieb Adam D. Barratt: Control: tags -1 + confirmed On Tue, 2015-09-22 at 10:20 +0200, Patrick Matthäi wrote: could I upload this package for the next jessie-pu? It fixes #794630 Please go ahead. Regards, Adam Thanks, uploaded! -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */
Bug#799758: jessie-pu: package apt-dater-host/1.0.0-2
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Hello,
could I upload this package for the next jessie-pu? It fixes #794630
Thanks :)
Full diff:
diff -Naur '--exclude=.svn' tags/1.0.0-2/debian/changelog
branches/jessie/debian/changelog
--- tags/1.0.0-2/debian/changelog 2014-10-29 09:32:46.208286390 +0100
+++ branches/jessie/debian/changelog2015-09-22 10:18:16.324279386 +0200
@@ -1,3 +1,11 @@
+apt-dater-host (1.0.0-2+deb8u1) stable; urgency=low
+
+ * Add patch 01-jessie-kernel-detection to fix Linux Kernel status detection
+with newer Jessie images. Thanks to Robert Bihlmeyer.
+Closes: #794630
+
+ -- Patrick Matthäi <pmatth...@debian.org> Tue, 22 Sep 2015 10:17:50 +0200
+
apt-dater-host (1.0.0-2) unstable; urgency=low
* Move needrestart from depends to recommends.
diff -Naur '--exclude=.svn'
tags/1.0.0-2/debian/patches/01-jessie-kernel-detection.diff
branches/jessie/debian/patches/01-jessie-kernel-detection.diff
--- tags/1.0.0-2/debian/patches/01-jessie-kernel-detection.diff 1970-01-01
01:00:00.0 +0100
+++ branches/jessie/debian/patches/01-jessie-kernel-detection.diff
2015-09-22 10:15:08.152818869 +0200
@@ -0,0 +1,24 @@
+# Fix Linux Kernel status detection with newer Debian jessie kernel images.
+# Closes: #794630
+
+diff -Naur apt-dater-host-1.0.0.orig/dpkg/apt-dater-host
apt-dater-host-1.0.0/dpkg/apt-dater-host
+--- apt-dater-host-1.0.0.orig/dpkg/apt-dater-host 2014-09-24
23:05:00.0 +0200
apt-dater-host-1.0.0/dpkg/apt-dater-host 2015-09-22 09:54:39.688185200
+0200
+@@ -368,7 +368,7 @@
+ else {
+ my $vstr = `cat $verfile`;
+ unless($vstr =~ /^\S+ \S+ \S+ \(Debian ([^\)]+)\)/ ||
+- $vstr =~ /^\S+ \S+ \S+ \(debian-kernel\@lists\.debian\.org\) .+
Debian (\S+)$/) {
++ $vstr =~ /^\S+ \S+ \S+ \(debian-kernel\@lists\.debian\.org\) .+
Debian (\S+)(?: \(\d{4}-\d\d-\d\d\))?$/) {
+ print "$infostr 2 $version\n";
+ return;
+ }
+@@ -376,7 +376,7 @@
+ }
+
+ my $reboot = 0;
+-unless(open(HDPKG, "dpkg-query -W -f='\${Version} \${Status;20}
\${Maintainer} \${Provides}\n' 'linux-image*'|grep -E 'install ok installed
(Debian|Ubuntu) Kernel Team'|grep linux-image|")) {
++ unless(open(HDPKG, "dpkg-query -W -f='\${Version} \${Status;20}
\${Maintainer} \${Provides}\n' 'linux-image*'|")) {
+ print "$infostr 9 $version\n";
+ return;
+ }
diff -Naur '--exclude=.svn' tags/1.0.0-2/debian/patches/series
branches/jessie/debian/patches/series
--- tags/1.0.0-2/debian/patches/series 1970-01-01 01:00:00.0 +0100
+++ branches/jessie/debian/patches/series 2015-09-22 10:15:08.152818869
+0200
@@ -0,0 +1 @@
+01-jessie-kernel-detection.diff
-- System Information:
Debian Release: 8.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Bug#791064: Re-opening #791064
Am 05.08.2015 um 13:06 schrieb Adam D. Barratt: Please don't close transition bugs in your uploads. The transition isn't over just because you've uploaded to unstable. Oups sorry. This close was meant as libraries renamed. Sorry for the noise -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55c1ee6e.60...@debian.org
Bug#793995: jessie-pu: package kdenlive/0.9.10-2
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu Hello, in order to fix bug #779918 (effects not localized) in jessie an enormous patch has to be applied: https://raw.githubusercontent.com/NeptuneOS/kde-patches/master/kdenlive/fix_localization.diff The diffstat for it would look like: bs/kdenlive.po | 3572 ++-- ca/kdenlive.po | 3186 - ca@valencia/kdenlive.po | 3186 - da/kdenlive.po | 4242 - de/kdenlive.po | 4625 ++-- el/kdenlive.po | 3714 ++--- es/kdenlive.po |4 et/kdenlive.po | 4114 fi/kdenlive.po | 3414 +-- fr/kdenlive.po | 3858 +++--- ga/kdenlive.po | 1756 ++--- gl/kdenlive.po | 3804 +++--- he/kdenlive.po | 3642 ++-- hr/kdenlive.po | 252 - hu/kdenlive.po | 6058 it/kdenlive.po | 3822 +++--- ja/kdenlive.po |6 lt/kdenlive.po | 978 +++ mr/kdenlive.po | 512 ++-- nds/kdenlive.po | 1252 - nl/kdenlive.po | 4716 ++--- pl/kdenlive.po | 4582 ++-- ro/kdenlive.po | 1866 +++--- ru/kdenlive.po | 3850 +++--- sk/kdenlive.po |6 sl/kdenlive.po | 3460 +-- sv/kdenlive.po | 3792 +++--- tr/kdenlive.po | 3268 - ug/kdenlive.po | 546 ++-- uk/kdenlive.po | 3862 +++--- zh_CN/kdenlive.po | 3552 ++-- zh_TW/kdenlive.po | 3438 +-- 32 files changed, 46450 insertions(+), 46485 deletions(-) Is this a valid candidate for jessie-pu? -- System Information: Debian Release: 8.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150729165047.12060.91533.report...@srv1.linux-dev.org
Bug#794003: jessie-pu: package glusterfs/3.5.2-2
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Hello,
this patch fixes a serious problem in glusterfs if you use it as nfs volume:
if you create a unix domain socket on it, it was created as fifo, which also
breaks
some applications.
Could I go ahead?
Full diff:
diff -Naur '--exclude=.svn' tags/3.5.2-2/debian/changelog
branches/jessie/debian/changelog
--- tags/3.5.2-2/debian/changelog 2015-04-13 18:13:29.875908738 +0200
+++ branches/jessie/debian/changelog2015-07-29 19:24:05.806056263 +0200
@@ -1,3 +1,10 @@
+glusterfs (3.5.2-2+deb8u1) jessie-proposed-updates; urgency=medium
+
+ * Add upstream patch 02-nfs-unix-domain-socket-created-as-fifo to fix a bug
+on using glusterfs as nfs volume: unix domain sockets were created as FIFO.
+
+ -- Patrick Matthäi pmatth...@debian.org Wed, 29 Jul 2015 19:22:33 +0200
+
glusterfs (3.5.2-2) unstable; urgency=high
* Add patch 01-CVE-2014-3619 to fix a fragment header infinite loop DoS in
diff -Naur '--exclude=.svn'
tags/3.5.2-2/debian/patches/02-nfs-unix-domain-socket-created-as-fifo.diff
branches/jessie/debian/patches/02-nfs-unix-domain-socket-created-as-fifo.diff
--- tags/3.5.2-2/debian/patches/02-nfs-unix-domain-socket-created-as-fifo.diff
1970-01-01 01:00:00.0 +0100
+++
branches/jessie/debian/patches/02-nfs-unix-domain-socket-created-as-fifo.diff
2015-07-29 19:19:02.776245063 +0200
@@ -0,0 +1,124 @@
+# nfs: a unix-domain-socket should not be created as fifo
+# BUG: https://bugzilla.redhat.com/show_bug.cgi?id=1244118
+# GERRIT: http://review.gluster.org/#/c/11710/
+
+diff -Naur glusterfs-3.5.2.orig/tests/bugs/nfs/socket-as-fifo.py
glusterfs-3.5.2/tests/bugs/nfs/socket-as-fifo.py
+--- glusterfs-3.5.2.orig/tests/bugs/nfs/socket-as-fifo.py 1970-01-01
01:00:00.0 +0100
glusterfs-3.5.2/tests/bugs/nfs/socket-as-fifo.py 2015-07-29
19:15:26.424372604 +0200
+@@ -0,0 +1,33 @@
++#!/usr/bin/env python
++#
++# Create a unix domain socket and test if it is a socket (and not a
fifo/pipe).
++#
++# Author: Niels de Vos nde...@redhat.com
++#
++
++import os
++import stat
++import sys
++import socket
++
++ret = 1
++
++if len(sys.argv) != 2:
++print 'Usage: %s socket' % (sys.argv[0])
++sys.exit(ret)
++
++path = sys.argv[1]
++
++sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
++sock.bind(path)
++
++stbuf = os.stat(path)
++mode = stbuf.st_mode
++
++if stat.S_ISSOCK(mode):
++ret = 0
++
++sock.close()
++os.unlink(path)
++
++sys.exit(ret)
+diff -Naur glusterfs-3.5.2.orig/tests/bugs/nfs/socket-as-fifo.t
glusterfs-3.5.2/tests/bugs/nfs/socket-as-fifo.t
+--- glusterfs-3.5.2.orig/tests/bugs/nfs/socket-as-fifo.t 1970-01-01
01:00:00.0 +0100
glusterfs-3.5.2/tests/bugs/nfs/socket-as-fifo.t2015-07-29
19:15:26.424372604 +0200
+@@ -0,0 +1,22 @@
++#!/bin/bash
++
++. $(dirname $0)/../../include.rc
++. $(dirname $0)/../../volume.rc
++. $(dirname $0)/../../nfs.rc
++
++cleanup;
++
++TEST glusterd
++TEST pidof glusterd
++
++TEST $CLI volume create $V0 $H0:$B0/$V0
++TEST $CLI volume start $V0
++EXPECT_WITHIN $NFS_EXPORT_TIMEOUT 1 is_nfs_export_available;
++TEST mount_nfs $H0:/$V0 $N0 nolock
++
++# this is the actual test
++TEST $(dirname $0)/socket-as-fifo.py $N0/not-a-fifo.socket
++
++TEST umount_nfs $N0
++
++cleanup
+diff -Naur glusterfs-3.5.2.orig/xlators/nfs/server/src/nfs3.c
glusterfs-3.5.2/xlators/nfs/server/src/nfs3.c
+--- glusterfs-3.5.2.orig/xlators/nfs/server/src/nfs3.c 2014-07-31
13:05:35.0 +0200
glusterfs-3.5.2/xlators/nfs/server/src/nfs3.c 2015-07-29
19:15:26.428372528 +0200
+@@ -3030,7 +3030,7 @@
+ }
+
+
+-int
++static int
+ nfs3_mknod_reply (rpcsvc_request_t *req, nfsstat3 stat, struct nfs3_fh *fh,
+ struct iatt *buf, struct iatt *preparent,
+ struct iatt *postparent)
+@@ -3126,7 +3126,7 @@
+ }
+
+
+-int
++static int
+ nfs3_mknod_device (nfs3_call_state_t *cs)
+ {
+ int ret = -EFAULT;
+@@ -3157,12 +3157,11 @@
+ }
+
+
+-int
+-nfs3_mknod_fifo (nfs3_call_state_t *cs)
++static int
++nfs3_mknod_fifo (nfs3_call_state_t *cs, mode_t mode)
+ {
+ int ret = -EFAULT;
+ nfs_user_t nfu = {0, };
+-mode_t mode = S_IFIFO;
+
+ if (!cs)
+ return ret;
+@@ -3181,7 +3180,7 @@
+ }
+
+
+-int
++static int
+ nfs3_mknod_resume (void *carg)
+ {
+ nfsstat3stat = NFS3ERR_SERVERFAULT;
+@@ -3200,8 +3199,10 @@
+ ret = nfs3_mknod_device (cs);
+ break;
+ case NF3SOCK:
++ret = nfs3_mknod_fifo (cs, S_IFSOCK);
++break;
+ case NF3FIFO:
+-ret = nfs3_mknod_fifo (cs);
++ret = nfs3_mknod_fifo (cs, S_IFIFO);
+ break;
+ default:
+ ret = -EBADF;
diff -Naur
Bug#794003: jessie-pu: package glusterfs/3.5.2-2
Am 29.07.2015 um 20:47 schrieb Adam D. Barratt: Control: tags -1 -moreinfo +confirmed On Wed, 2015-07-29 at 20:30 +0200, Patrick Matthäi wrote: Am 29.07.2015 um 20:09 schrieb Adam D. Barratt: Do those two changes have anything to do with fixing the bug? I have asked upstream: no The diff for nfs3.c is now just: Thanks. Please go ahead. Thanks, uploaded. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer E-Mail: pmatth...@debian.org patr...@linux-dev.org */ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55b92424.5090...@debian.org
Bug#791064: guichan: library transition may be needed when GCC 5 is the default
found #791064 0.8.2-14 user release.debian@packages.debian.org usertag #791064 + transition block #791064 by #790756 reassign #791064 release.debian.org tag #791064 + moreinfo thanks [please CC me, I am not subscribed] Am 03.07.2015 um 15:10 schrieb Matthias Klose: Package: src:guichan Version: 0.8.2-13 Severity: important Tags: sid stretch User: debian-...@lists.debian.org Usertags: libstdc++-cxx11 - If a library transition is needed, please prepare for the change. Rename the library package, append v5 to the name of the package (e.g. libfoo2 - libfoo2v5). Such a change can be avoided, if you have a soversion bump and you upload this version instead of the renamed package. Prepare a patch and attach it to this issue (mark this issue with patch), so that it is possible to NMU such a package. We'll probably have more than hundred transitions triggered. Then reassign the issue to release.debian.org and properly tag it as a transition issue, by sending an email to cont...@bugs.debian.org: user release.debian@packages.debian.org usertag this issue + transition block this issue by 790756 reassign this issue release.debian.org Hello, patch for v5 suffix - as commited in my SVN - attached. BUT I would like to upload the full -15 revision if the transition starts, because of another issue: * Add patch 02-extended-utf8-support to enhance UTF8 support. Closes: #702994 That fits perfectly into this transition. So how could we continue? -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer E-Mail: pmatth...@debian.org patr...@linux-dev.org */ Index: debian/libguichan-sdl-0.8.1-1.lintian-overrides === --- debian/libguichan-sdl-0.8.1-1.lintian-overrides (Revision 6178) +++ debian/libguichan-sdl-0.8.1-1.lintian-overrides (Revision 6179) @@ -1,3 +0,0 @@ -libguichan-sdl-0.8.1-1: no-symbols-control-file usr/lib/*/libguichan_sdl-0.8.1.so.1.1.0 -libguichan-sdl-0.8.1-1: hardening-no-fortify-functions usr/lib/*/libguichan_sdl-0.8.1.so.1.1.0 -libguichan-sdl-0.8.1-1: dev-pkg-without-shlib-symlink usr/lib/*/libguichan_sdl-0.8.1.so.1.1.0 usr/lib/*/libguichan_sdl-0.8.1.so Index: debian/libguichan-opengl-0.8.1-1.lintian-overrides === --- debian/libguichan-opengl-0.8.1-1.lintian-overrides (Revision 6178) +++ debian/libguichan-opengl-0.8.1-1.lintian-overrides (Revision 6179) @@ -1,2 +0,0 @@ -libguichan-opengl-0.8.1-1: no-symbols-control-file usr/lib/*/libguichan_opengl-0.8.1.so.1.1.0 -libguichan-opengl-0.8.1-1: dev-pkg-without-shlib-symlink usr/lib/*/libguichan_opengl-0.8.1.so.1.1.0 usr/lib/*/libguichan_opengl-0.8.1.so Index: debian/libguichan-allegro-0.8.1-1.lintian-overrides === --- debian/libguichan-allegro-0.8.1-1.lintian-overrides (Revision 6178) +++ debian/libguichan-allegro-0.8.1-1.lintian-overrides (Revision 6179) @@ -1,2 +0,0 @@ -libguichan-allegro-0.8.1-1: no-symbols-control-file usr/lib/*/libguichan_allegro-0.8.1.so.1.1.0 -libguichan-allegro-0.8.1-1: dev-pkg-without-shlib-symlink usr/lib/*/libguichan_allegro-0.8.1.so.1.1.0 usr/lib/*/libguichan_allegro-0.8.1.so Index: debian/libguichan-sdl-0.8.1-1.install === --- debian/libguichan-sdl-0.8.1-1.install (Revision 6178) +++ debian/libguichan-sdl-0.8.1-1.install (Revision 6179) @@ -1 +0,0 @@ -usr/lib/*/libguichan_sdl-*.so.* Index: debian/libguichan-opengl-0.8.1-1.install === --- debian/libguichan-opengl-0.8.1-1.install(Revision 6178) +++ debian/libguichan-opengl-0.8.1-1.install(Revision 6179) @@ -1 +0,0 @@ -usr/lib/*/libguichan_opengl-*.so.* Index: debian/libguichan-allegro-0.8.1-1.install === --- debian/libguichan-allegro-0.8.1-1.install (Revision 6178) +++ debian/libguichan-allegro-0.8.1-1.install (Revision 6179) @@ -1 +0,0 @@ -usr/lib/*/libguichan_allegro-*.so.* Index: debian/libguichan-0.8.1-1.lintian-overrides === --- debian/libguichan-0.8.1-1.lintian-overrides (Revision 6178) +++ debian/libguichan-0.8.1-1.lintian-overrides (Revision 6179) @@ -1,3 +0,0 @@ -libguichan-0.8.1-1: no-symbols-control-file usr/lib/*/libguichan-0.8.1.so.1.1.0 -libguichan-0.8.1-1: hardening-no-fortify-functions usr/lib/*/libguichan-0.8.1.so.1.1.0 -libguichan-0.8.1-1: dev-pkg-without-shlib-symlink usr/lib/*/libguichan-0.8.1.so.1.1.0 usr/lib/*/libguichan-0.8.1.so Index: debian/libguichan-0.8.1-1.install === --- debian/libguichan-0.8.1-1.install (Revision 6178) +++ debian/libguichan-0.8.1-1.install (Revision 6179
Bug#794003: jessie-pu: package glusterfs/3.5.2-2
Am 29.07.2015 um 20:09 schrieb Adam D. Barratt:
Do those two changes have anything to do with fixing the bug?
I have asked upstream: no
The diff for nfs3.c is now just:
diff -Naur glusterfs-3.5.2.orig/xlators/nfs/server/src/nfs3.c
glusterfs-3.5.2/xlators/nfs/server/src/nfs3.c
--- glusterfs-3.5.2.orig/xlators/nfs/server/src/nfs3.c 2014-07-31
13:05:35.0 +0200
+++ glusterfs-3.5.2/xlators/nfs/server/src/nfs3.c 2015-07-29
20:25:20.525530253 +0200
@@ -3158,11 +3158,10 @@
int
-nfs3_mknod_fifo (nfs3_call_state_t *cs)
+nfs3_mknod_fifo (nfs3_call_state_t *cs, mode_t mode)
{
int ret = -EFAULT;
nfs_user_t nfu = {0, };
-mode_t mode = S_IFIFO;
if (!cs)
return ret;
@@ -3200,8 +3199,10 @@
ret = nfs3_mknod_device (cs);
break;
case NF3SOCK:
+ret = nfs3_mknod_fifo (cs, S_IFSOCK);
+break;
case NF3FIFO:
-ret = nfs3_mknod_fifo (cs);
+ret = nfs3_mknod_fifo (cs, S_IFIFO);
break;
default:
ret = -EBADF;
--
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi
GNU/Linux Debian Developer
E-Mail: pmatth...@debian.org
patr...@linux-dev.org
*/
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/55b91bc1.60...@debian.org
Bug#787008: pu: package needrestart/1.2-8+deb8u1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: pu Hello release team, needrestart=1.2-8+deb8u1 fixes two issues where Perl warnings and errors occur and especially it fixes #781657, where the used Perl module fails to sort the kernel version correctly (3.aa.bb 4.0).. Upstream decided to adopt the mechanism of Dpkg::Version to keep changes and dependencies in his code as minimal as possible. debdiff attached. -- System Information: Debian Release: 7.8 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150527173655.13384.51922.report...@srv1.linux-dev.org
Bug#787008: Acknowledgement (pu: package needrestart/1.2-8+deb8u1)
Sorry, diff was missing in my last mail.
--
/*
Mit freundlichem Gruß / With kind regards,
Patrick Matthäi
GNU/Linux Debian Developer
Blog: http://www.linux-dev.org/
E-Mail: pmatth...@debian.org
patr...@linux-dev.org
*/
diff -Naur '--exclude=.svn' tags/1.2-8/debian/changelog branches/jessie/debian/changelog
--- tags/1.2-8/debian/changelog 2015-04-13 18:13:30.339892538 +0200
+++ branches/jessie/debian/changelog 2015-05-27 19:28:45.169677116 +0200
@@ -1,3 +1,16 @@
+needrestart (1.2-8+deb8u1) stable; urgency=low
+
+ * Add patch 17-fix-interp-use-undef-in-chdir to fix warnings and errors if a
+process has not got a valid cwd.
+Closes: #779832
+ * Add patch 18-fix-kernel-version-sorting to fix the Linux kernel version
+sorting, so that 4.0 is also considered to be higher than 3.19.x.
+Closes: #781657
+ * Add patch 20-fix-perl-warning-dangling-kernel to fix Perl warnings while
+scanning dangling kernel symlinks.
+
+ -- Patrick Matthäi pmatth...@debian.org Wed, 27 May 2015 19:21:57 +0200
+
needrestart (1.2-8) unstable; urgency=low
* Add patch 16-fix-progressbar-regression to improve detection if invoked
diff -Naur '--exclude=.svn' tags/1.2-8/debian/patches/17-fix-interp-use-undef-in-chdir.diff branches/jessie/debian/patches/17-fix-interp-use-undef-in-chdir.diff
--- tags/1.2-8/debian/patches/17-fix-interp-use-undef-in-chdir.diff 1970-01-01 01:00:00.0 +0100
+++ branches/jessie/debian/patches/17-fix-interp-use-undef-in-chdir.diff 2015-04-13 18:13:30.307893655 +0200
@@ -0,0 +1,57 @@
+# The Interp implementations did not check if scanned processes have
+# a valid cwd. This results in a broken scan and warnings on STDERR.
+# Closes: #779832
+---
+ perl/lib/NeedRestart/Interp/Perl.pm | 4
+ perl/lib/NeedRestart/Interp/Python.pm | 4
+ perl/lib/NeedRestart/Interp/Ruby.pm | 4
+ 3 files changed, 12 insertions(+)
+
+diff --git a/perl/lib/NeedRestart/Interp/Perl.pm b/perl/lib/NeedRestart/Interp/Perl.pm
+index 4ca9c72..27bea27 100644
+--- a/perl/lib/NeedRestart/Interp/Perl.pm
b/perl/lib/NeedRestart/Interp/Perl.pm
+@@ -84,6 +84,10 @@ sub files {
+ my $self = shift;
+ my $pid = shift;
+ my $ptable = nr_ptable_pid($pid);
++unless($ptable-{cwd}) {
++ print STDERR $LOGPREF #$pid: could not get current working directory, skipping\n if($self-{debug});
++ return ();
++}
+ my $cwd = getcwd();
+ chdir($ptable-{cwd});
+
+diff --git a/perl/lib/NeedRestart/Interp/Python.pm b/perl/lib/NeedRestart/Interp/Python.pm
+index 92bd9b0..79e0dcb 100644
+--- a/perl/lib/NeedRestart/Interp/Python.pm
b/perl/lib/NeedRestart/Interp/Python.pm
+@@ -83,6 +83,10 @@ sub source {
+ my $self = shift;
+ my $pid = shift;
+ my $ptable = nr_ptable_pid($pid);
++unless($ptable-{cwd}) {
++ print STDERR $LOGPREF #$pid: could not get current working directory, skipping\n if($self-{debug});
++ return ();
++}
+ my $cwd = getcwd();
+ chdir($ptable-{cwd});
+
+diff --git a/perl/lib/NeedRestart/Interp/Ruby.pm b/perl/lib/NeedRestart/Interp/Ruby.pm
+index 6b0d0ab..9fed677 100644
+--- a/perl/lib/NeedRestart/Interp/Ruby.pm
b/perl/lib/NeedRestart/Interp/Ruby.pm
+@@ -80,6 +80,10 @@ sub source {
+ my $self = shift;
+ my $pid = shift;
+ my $ptable = nr_ptable_pid($pid);
++unless($ptable-{cwd}) {
++ print STDERR $LOGPREF #$pid: could not get current working directory, skipping\n if($self-{debug});
++ return ();
++}
+ my $cwd = getcwd();
+ chdir($ptable-{cwd});
+
+--
+2.1.4
+
diff -Naur '--exclude=.svn' tags/1.2-8/debian/patches/18-fix-kernel-version-sorting.diff branches/jessie/debian/patches/18-fix-kernel-version-sorting.diff
--- tags/1.2-8/debian/patches/18-fix-kernel-version-sorting.diff 1970-01-01 01:00:00.0 +0100
+++ branches/jessie/debian/patches/18-fix-kernel-version-sorting.diff 2015-04-13 18:13:30.307893655 +0200
@@ -0,0 +1,117 @@
+# Take version number comparing stuff from Dpkg::Version to sort kernel
+# versions correctly (i.e. 4.0 3.19.x).
+# Closes: #781657
+---
+ perl/lib/NeedRestart/Kernel.pm | 63 +
+ perl/lib/NeedRestart/Kernel/Linux.pm| 2 +-
+ perl/lib/NeedRestart/Kernel/kFreeBSD.pm | 2 +-
+ 3 files changed, 65 insertions(+), 2 deletions(-)
+
+diff --git a/perl/lib/NeedRestart/Kernel.pm b/perl/lib/NeedRestart/Kernel.pm
+index 5c601ac..cacd7e7 100644
+--- a/perl/lib/NeedRestart/Kernel.pm
b/perl/lib/NeedRestart/Kernel.pm
+@@ -42,6 +42,7 @@ our @ISA = qw(Exporter);
+
+ our @EXPORT = qw(
+ nr_kernel_check
++nr_kernel_vcmp
+ NRK_UNKNOWN
+ NRK_NOUPGRADE
+ NRK_ABIUPGRADE
+@@ -74,4 +75,66 @@ sub nr_kernel_check($$) {
+ return (NRK_UNKNOWN, %vars);
+ }
+
++## The following version number comparing stuff was taken from Dpkg::Version.
++## The code has been adopted to be usable in needrestart w/o any additional
++## dependencies.
++
++sub _nr_kversion_order {
++my ($x) = @_;
++
++if ($x eq '~') {
++return
Fwd: glusterfs is marked for autoremoval from testing
Hello, please CC me, I am not subscribed to this list. glusterfs is since ~ 8 days in the status building on arm64. Could someone stop this process and re-add it to the buildd queue? Weitergeleitete Nachricht Betreff:glusterfs is marked for autoremoval from testing Datum: Tue, 31 Mar 2015 04:39:03 + Von:Debian testing autoremoval watch nore...@release.debian.org An: gluste...@packages.debian.org glusterfs 3.5.2-1 is marked for autoremoval from testing on 2015-04-30 It is affected by these RC bugs: 781018: glusterfs: CVE-2014-3619: fragment header infinite loop DoS
Bug#781082: unblock: needrestart/1.2-8
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package needrestart
It fixes a regression if needrestart is invoked in noninteractive mode.
diff -Naur '--exclude=.svn' 1.2-7/debian/changelog 1.2-8/debian/changelog
--- 1.2-7/debian/changelog 2014-12-18 21:53:53.165140592 +0100
+++ 1.2-8/debian/changelog 2015-03-24 10:27:26.043543580 +0100
@@ -1,3 +1,11 @@
+needrestart (1.2-8) unstable; urgency=low
+
+ * Add patch 16-fix-progressbar-regression to improve detection if invoked
+noninteractive and prevent debconf tried to be used in such cases. The
+reload action is set to list only if it was inter-active.
+
+ -- Patrick Matthäi pmatth...@debian.org Tue, 24 Mar 2015 10:24:33 +0100
+
needrestart (1.2-7) unstable; urgency=low
* Add missing second patch 15-fix-progressbar-non-interactive to fix #768124.
diff -Naur '--exclude=.svn'
1.2-7/debian/patches/16-fix-progressbar-regression.diff
1.2-8/debian/patches/16-fix-progressbar-regression.diff
--- 1.2-7/debian/patches/16-fix-progressbar-regression.diff 1970-01-01
01:00:00.0 +0100
+++ 1.2-8/debian/patches/16-fix-progressbar-regression.diff 2015-03-24
10:27:26.063543578 +0100
@@ -0,0 +1,55 @@
+# Improve detection if invoked noninteractive and prevent debconf tried to be
+# used in such cases. The reload action is set to list only if it was inter-
+# active.
+# Related: #768124
+
+---
+ needrestart| 4 +++-
+ perl/lib/NeedRestart/UI.pm | 2 +-
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/needrestart b/needrestart
+index a1c43d9..a31a8bc 100755
+--- a/needrestart
b/needrestart
+@@ -39,6 +39,7 @@ $Getopt::Std::STANDARD_HELP_VERSION++;
+
+ my $LOGPREF = '[main]';
+ my $is_systemd = -d qq(/run/systemd/system);
++my $is_tty = (-t *STDERR || -t *STDOUT || -t *STDIN);
+
+ sub HELP_MESSAGE {
+ print USG;
+@@ -131,6 +132,7 @@ $nrconf{ui} = qq(NeedRestart::UI::stdio)
if($nrconf{verbose});
+ die Hook directory '$nrconf{hook_d}' is invalid!\n unless(-d
$nrconf{hook_d} || $opt_b);
+ $opt_r = $nrconf{restart} unless(defined($opt_r));
+ die ERROR: Unknown restart option '$opt_r'!\n unless($opt_r =~ /^(l|i|a)$/);
++$opt_r = 'l' if(!$is_tty $opt_r eq 'i');
+
+ $nrconf{defno}++ if($opt_n);
+
+@@ -142,7 +144,7 @@ chomp($runlevel);
+ $runlevel = 2 unless($runlevel =~ s/^.+run-level (\S)\s.+$/$1/);
+
+ # get UI
+-my $ui = ($opt_b ? NeedRestart::UI-new(1) : needrestart_ui($nrconf{verbose},
$nrconf{ui}));
++my $ui = ($opt_b ? NeedRestart::UI-new(1) : needrestart_ui($nrconf{verbose},
($is_tty ? $nrconf{ui} : 'NeedRestart::UI::stdio')));
+ die Error: no UI class available!\n unless(defined($ui));
+
+ # enable/disable checks
+diff --git a/perl/lib/NeedRestart/UI.pm b/perl/lib/NeedRestart/UI.pm
+index 08004f9..d7e8e77 100644
+--- a/perl/lib/NeedRestart/UI.pm
b/perl/lib/NeedRestart/UI.pm
+@@ -42,7 +42,7 @@ sub progress_prep($$$) {
+ my $self = shift;
+ my ($max, $out) = @_;
+
+-unless($self-{debug} || !exists($ENV{COLUMNS}) || !exists($ENV{LINES})) {
++unless($self-{debug} || !(-t *STDERR)) {
+ # restore terminal if required (debconf)
+ unless(-t *STDIN) {
+ open($self-{fhin}, '', \*STDIN) || die Can't dup stdin: $!\n;
+--
+2.1.4
+
diff -Naur '--exclude=.svn' 1.2-7/debian/patches/series
1.2-8/debian/patches/series
--- 1.2-7/debian/patches/series 2014-12-18 21:53:53.169140561 +0100
+++ 1.2-8/debian/patches/series 2015-03-24 10:27:26.063543578 +0100
@@ -13,3 +13,4 @@
13-falsepos-aio-fix.diff
14-wpa_supplicant-override.diff
15-fix-progressbar-non-interactive.diff
+16-fix-progressbar-regression.diff
unblock needrestart/1.2-8
-- System Information:
Debian Release: 7.8
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/20150324093006.22078.2831.report...@srv1.linux-dev.org
Bug#781030: unblock: glusterfs/3.5.2-2
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package glusterfs
It fixes CVE-2014-3619 and closes #781018
diff -Naur '--exclude=.svn' 3.5.2-1/debian/changelog 3.5.2-2/debian/changelog
--- 3.5.2-1/debian/changelog2014-08-01 13:17:51.262203834 +0200
+++ 3.5.2-2/debian/changelog2015-03-23 15:47:19.949358143 +0100
@@ -1,3 +1,11 @@
+glusterfs (3.5.2-2) unstable; urgency=high
+
+ * Add patch 01-CVE-2014-3619 to fix a fragment header infinite loop DoS in
+glusterfs as described in CVE-2014-3619.
+Closes: #781018
+
+ -- Patrick Matthäi pmatth...@debian.org Mon, 23 Mar 2015 15:35:25 +0100
+
glusterfs (3.5.2-1) unstable; urgency=medium
* New upstream release.
diff -Naur '--exclude=.svn' 3.5.2-1/debian/patches/01-CVE-2014-3619.diff
3.5.2-2/debian/patches/01-CVE-2014-3619.diff
--- 3.5.2-1/debian/patches/01-CVE-2014-3619.diff1970-01-01
01:00:00.0 +0100
+++ 3.5.2-2/debian/patches/01-CVE-2014-3619.diff2015-03-23
15:47:19.953358498 +0100
@@ -0,0 +1,55 @@
+# Upstream patch to fix CVE-2014-3619 (fragment header infinite loop DoS)
+# URL: https://bugzilla.redhat.com/show_bug.cgi?id=1138145
+# Patch: http://review.gluster.org/#/c/8662/4
+
+diff -Naur glusterfs-3.5.2.orig/rpc/rpc-transport/socket/src/socket.c
glusterfs-3.5.2/rpc/rpc-transport/socket/src/socket.c
+--- glusterfs-3.5.2.orig/rpc/rpc-transport/socket/src/socket.c 2014-07-31
13:05:35.0 +0200
glusterfs-3.5.2/rpc/rpc-transport/socket/src/socket.c 2015-03-23
15:28:00.765389702 +0100
+@@ -375,10 +375,11 @@
+ /* first call after passing SP_STATE_READING_FRAGHDR */
+ in-ra_max = min (RPC_FRAGSIZE (in-fraghdr), GF_SOCKET_RA_MAX);
+ /* Note that the in-iobuf is the primary iobuf into which
+- headers are read into. By using this itself as our
++ headers are read into, and in-frag.fragcurrent points to
++ some position in the buffer. By using this itself as our
+ read-ahead cache, we can avoid memory copies in iov_load
+ */
+- in-ra_buf = iobuf_ptr (in-iobuf);
++ in-ra_buf = in-frag.fragcurrent;
+ }
+
+ /* fill read-ahead */
+@@ -1986,9 +1987,22 @@
+ goto out;
+ }
+
++if (in-iobuf == NULL) {
++/* first fragment */
++frag-fragcurrent = iobuf_ptr (iobuf);
++} else {
++/* second or further fragment */
++memcpy(iobuf_ptr (iobuf), iobuf_ptr (in-iobuf),
++ in-total_bytes_read -
RPC_FRAGSIZE(in-fraghdr));
++iobuf_unref (in-iobuf);
++frag-fragcurrent = (char *) iobuf_ptr (iobuf) +
++in-total_bytes_read -
RPC_FRAGSIZE(in-fraghdr);
++frag-pending_vector-iov_base =
frag-fragcurrent;
++in-pending_vector = frag-pending_vector;
++}
++
+ in-iobuf = iobuf;
+ in-iobuf_size = 0;
+-frag-fragcurrent = iobuf_ptr (iobuf);
+ in-record_state = SP_STATE_READING_FRAG;
+ /* fall through */
+
+@@ -2003,6 +2017,9 @@
+ frag-bytes_read = 0;
+
+ if (!RPC_LASTFRAG (in-fraghdr)) {
++in-pending_vector = in-vector;
++in-pending_vector-iov_base = in-fraghdr;
++in-pending_vector-iov_len =
sizeof(in-fraghdr);
+ in-record_state = SP_STATE_READING_FRAGHDR;
+ break;
+ }
diff -Naur '--exclude=.svn' 3.5.2-1/debian/patches/series
3.5.2-2/debian/patches/series
--- 3.5.2-1/debian/patches/series 1970-01-01 01:00:00.0 +0100
+++ 3.5.2-2/debian/patches/series 2015-03-23 15:47:19.953358498 +0100
@@ -0,0 +1 @@
+01-CVE-2014-3619.diff
unblock glusterfs/3.5.2-2
-- System Information:
Debian Release: 7.8
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/20150323144848.19138.64292.report...@srv1.linux-dev.org
Bug#780775: unblock: geoip-database/20150317-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package geoip-database Again just an update of the csv data as in #777118 unblock geoip-database/20150317-1 -- System Information: Debian Release: 7.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150319092504.9699.92956.report...@srv1.linux-dev.org
Bug#777118: pre-approval: geoip-database/something
tag #777118 - moreinfo thanks Am 08.02.2015 um 22:49 schrieb Ivo De Decker: Please upload the new version and remove the moreinfo tag from this bug once the new version is in unstable. We will review this request at that point. Thanks, uploaded. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54d8a3ef.6030...@debian.org
Bug#777118: pre-approval: geoip-database/something
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hello release team, I am asking for a pre-approval to upload a new database version to sid with 10-day aging. Changes are just in the provided upstream .csv files (except debian/changelog). In the past release I were allowed to upload newer database versions, so that $release does not come with a too much outdated version. What is your opinion? -- System Information: Debian Release: 7.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150205093730.3940.12838.report...@srv1.linux-dev.org
Bug#776408: unblock: geoip-database/20141027-2
Am 27.01.2015 um 19:54 schrieb Niels Thykier: On 2015-01-27 19:31, Patrick Matthäi wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package geoip-database It fixes the RC bug #775638 [...] Unblocked, thanks. ~Niels Much thanks for your unblocks. Is there still a chance - like last release - to upload and unblock a new database version? Surely after this release entered jessie and after that with 10day-aging. This is meant as pre-approval request :) -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ signature.asc Description: OpenPGP digital signature
Bug#776404: unblock: geoip/1.6.2-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package geoip
It fixes the RC bug #775851
diff -Naur '--exclude=.svn' 1.6.2-3/debian/changelog 1.6.2-4/debian/changelog
--- 1.6.2-3/debian/changelog2015-01-05 10:19:53.916837259 +0100
+++ 1.6.2-4/debian/changelog2015-01-27 12:25:28.416240069 +0100
@@ -1,3 +1,10 @@
+geoip (1.6.2-4) unstable; urgency=high
+
+ * Fix for generating v6 and city database.
+Closes: #775851
+
+ -- Patrick Matthäi pmatth...@debian.org Tue, 27 Jan 2015 12:20:30 +0100
+
geoip (1.6.2-3) unstable; urgency=low
* geoip-generator: Add support for skipping locations if the location ID is
diff -Naur '--exclude=.svn' 1.6.2-3/debian/src/geoip-csv-to-dat.cpp
1.6.2-4/debian/src/geoip-csv-to-dat.cpp
--- 1.6.2-3/debian/src/geoip-csv-to-dat.cpp 2015-01-05 10:19:53.920837251
+0100
+++ 1.6.2-4/debian/src/geoip-csv-to-dat.cpp 2015-01-27 12:25:28.440240068
+0100
@@ -705,8 +705,18 @@
// location info's out of order).
std::vectorint location_pos;
+ // Set of location IDs that are actually going to be used;
+ // we'll silently ignore any locations not in this set.
+ std::setint needed_locations;
+
city_dat_writer(const char *dat_file_name, GeoIPDBTypes
database_type);
+ // Notify of a location ID we need -- this MUST be
+ // called for every location ID you care about before
+ // the location CSV is read; any ID not explicitly
+ // notified will be discarded.
+ void notify_need_location(int loc_id);
+
void serialize_location_info(std::vectorstd::string info,
const char *input_file_name,
int input_line_number);
@@ -722,6 +732,11 @@
: dat_writer(dat_file_name, database_type)
{ }
+void city_dat_writer::notify_need_location(int loc_id)
+{
+ needed_locations.insert(loc_id);
+}
+
void city_dat_writer::finalize_location_offsets(binary_trie trie)
{
// We're going to convert the location numbers in the trie
@@ -751,7 +766,11 @@
int loc_id = it-edges[0] - 0x100;
if (loc_id = location_pos.size() ||
location_pos[loc_id] == -1)
error(EX_DATAERR, 1, Location %d exists in
blocks but not in locations, loc_id);
- it-edges[0] = location_pos[loc_id] + trie_size;
+
+ int offset = location_pos[loc_id] + trie_size;
+ if (offset 0xFF)
+ error(EX_DATAERR, 1, Overflow! Offset for
location %d too large (0x%x 0xFF), loc_id, offset);
+ it-edges[0] = offset;
}
// Any other value would indicate a non-leaf node
@@ -761,7 +780,11 @@
int loc_id = it-edges[1] - 0x100;
if (loc_id = location_pos.size() ||
location_pos[loc_id] == -1)
error(EX_DATAERR, 1, Location %d exists in
blocks but not in locations, loc_id);
- it-edges[1] = location_pos[loc_id] + trie_size;
+
+ int offset = location_pos[loc_id] + trie_size;
+ if (offset 0xFF)
+ error(EX_DATAERR, 1, Overflow! Offset for
location %d too large (0x%x 0xFF), loc_id, offset);
+ it-edges[1] = offset;
}
// Any other value would indicate a non-leaf node
}
@@ -812,8 +835,16 @@
const char *input_file_name,
int input_line_number)
{
- // First, we save the offset of this location block.
+ // First, we determine the offset of this location block.
int loc_id = ::atoi(info[0].c_str());
+
+ if (needed_locations.find(loc_id) == needed_locations.end()) {
+ // We don't need this location, so we skip serializing
+ // it altogether.
+
+ return;
+ }
+
if (loc_id = location_pos.size()) {
// We need to add to the location table (this is the
// usual case).
@@ -881,8 +912,8 @@
// Area code and metro code
if (info[1] == US) {
- int area_code = ::atoi(info[7].c_str());
- int metro_code = ::atoi(info[8].c_str());
+ int metro_code = ::atoi(info[7].c_str());
+ int area_code = ::atoi(info[8].c_str());
int area_metro_combined = metro_code * 1000 + area_code;
location_stream.put((area_metro_combined 0) 0xFF);
location_stream.put((area_metro_combined 8) 0xFF);
@@ -959,6 +990,7
Bug#776408: unblock: geoip-database/20141027-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package geoip-database It fixes the RC bug #775638 diff -Naur '--exclude=.svn' 20141027-1/debian/changelog 20141027-2/debian/changelog --- 20141027-1/debian/changelog 2014-10-29 09:32:47.040286367 +0100 +++ 20141027-2/debian/changelog 2015-01-27 19:30:00.475552430 +0100 @@ -1,3 +1,10 @@ +geoip-database (20141027-2) unstable; urgency=high + + * Set minimum required geoip version for building this package to 1.6.2-4. +Closes: #775638 + + -- Patrick Matthäi pmatth...@debian.org Tue, 27 Jan 2015 19:20:47 +0100 + geoip-database (20141027-1) unstable; urgency=low * New upstream release. diff -Naur '--exclude=.svn' 20141027-1/debian/control 20141027-2/debian/control --- 20141027-1/debian/control 2014-10-29 09:32:47.044286367 +0100 +++ 20141027-2/debian/control 2015-01-27 19:30:00.475552430 +0100 @@ -4,8 +4,8 @@ Homepage: http://www.maxmind.com/ Maintainer: Patrick Matthäi pmatth...@debian.org Build-Depends: debhelper (= 9), - geoip-bin (= 1.6.2-2), - libgeoip-dev (= 1.6.2-2) + geoip-bin (= 1.6.2-4), + libgeoip-dev (= 1.6.2-4) Standards-Version: 3.9.6 Package: geoip-database unblock geoip-database/20141027-2 -- System Information: Debian Release: 7.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150127183155.7111.11332.report...@srv1.linux-dev.org
Bug#776008: unblock: needrestart/1.2-7
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package needrestart
It fixes:
* Add missing second patch 15-fix-progressbar-non-interactive to fix #768124.
The patch was not completely added with 1.2-3.
Closes: #768124
--- 1.2-6/debian/changelog 2014-12-04 14:15:54.812814981 +0100
+++ 1.2-7/debian/changelog 2014-12-18 21:53:53.165140592 +0100
@@ -1,3 +1,11 @@
+needrestart (1.2-7) unstable; urgency=low
+
+ * Add missing second patch 15-fix-progressbar-non-interactive to fix #768124.
+The patch was not completely added with 1.2-3.
+Closes: #768124
+
+ -- Patrick Matthäi pmatth...@debian.org Thu, 18 Dec 2014 21:44:56 +0100
+
needrestart (1.2-6) unstable; urgency=high
* Add patch 10-respect-override-auto to not restart services with overrides
diff -Naur '--exclude=.svn'
1.2-6/debian/patches/15-fix-progressbar-non-interactive.diff
1.2-7/debian/patches/15-fix-progressbar-non-interactive.diff
--- 1.2-6/debian/patches/15-fix-progressbar-non-interactive.diff
1970-01-01 01:00:00.0 +0100
+++ 1.2-7/debian/patches/15-fix-progressbar-non-interactive.diff
2014-12-18 21:53:53.169140561 +0100
@@ -0,0 +1,18 @@
+# Disable progress bar while running non-interactive.
+# Closes: #768124
+
+diff --git a/perl/lib/NeedRestart/UI.pm b/perl/lib/NeedRestart/UI.pm
+index 2441755..55f170e 100644
+--- a/perl/lib/NeedRestart/UI.pm
b/perl/lib/NeedRestart/UI.pm
+@@ -42,7 +42,7 @@ sub progress_prep($$$) {
+ my $self = shift;
+ my ($max, $out) = @_;
+
+-unless($self-{debug}) {
++unless($self-{debug} || !exists($ENV{COLUMNS}) || !exists($ENV{LINES}))
{
+ # restore terminal if required (debconf)
+ unless(-t *STDIN) {
+ open($self-{fhin}, '', \*STDIN) || die Can't dup stdin: $!\n;
+--
+2.1.3
diff -Naur '--exclude=.svn' 1.2-6/debian/patches/series
1.2-7/debian/patches/series
Bug#774249: unblock/pre-approval: geoip/1.6.2-3
tags #774249 - moreinfo thanks Am 02.01.2015 um 23:56 schrieb Ivo De Decker: Control: tags -1 confirmed moreinfo Hi, On Tue, Dec 30, 2014 at 07:44:42PM +0100, Patrick Matthäi wrote: I am asking for a pre-approval for geoip. It just fixes (or better it adds support) a problem on generating the database, if upstream csv is not correct built, as it is the case since two months now.. The fix is also in experimental since the 13.11.2014 (introduced with version 1.6.3-2). Would you allow this change? If yes I would upload it to unstable and mail you again after it has been altered. Yes, but please file a bug for the issue you are fixing, so it can be properly tracked. Please remove the moreinfo tag from this bug once the upload of the new version is unstable. Cheers, Ivo Thanks, I have uploaded 1.6.2-3 and the issue is tracked in #774611 -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54aa57e8.4070...@debian.org
Bug#774249: unblock/pre-approval: geoip/1.6.2-3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hello,
I am asking for a pre-approval for geoip. It just fixes (or better it adds
support) a problem
on generating the database, if upstream csv is not correct built, as it is the
case since
two months now..
The fix is also in experimental since the 13.11.2014 (introduced with version
1.6.3-2).
Would you allow this change? If yes I would upload it to unstable and mail you
again after it has been altered.
diff -Naur '--exclude=.svn' tags/1.6.2-2/debian/changelog
branches/jessie/debian/changelog
--- tags/1.6.2-2/debian/changelog 2014-10-27 19:31:48.626784609 +0100
+++ branches/jessie/debian/changelog2014-12-30 19:35:21.634201307 +0100
@@ -1,3 +1,10 @@
+geoip (1.6.2-3) unstable; urgency=low
+
+ * geoip-generator: Add support for skipping locations if the location ID is
+not correctly ordered in the upstream CSV.
+
+ -- Patrick Matthäi pmatth...@debian.org Tue, 30 Dec 2014 19:35:02 +0100
+
geoip (1.6.2-2) unstable; urgency=low
* Add patch for geoip-csv-to-dat to add support for building GeoIP city DB.
diff -Naur '--exclude=.svn' tags/1.6.2-2/debian/src/geoip-csv-to-dat.cpp
branches/jessie/debian/src/geoip-csv-to-dat.cpp
--- tags/1.6.2-2/debian/src/geoip-csv-to-dat.cpp2014-10-27
19:31:48.626784609 +0100
+++ branches/jessie/debian/src/geoip-csv-to-dat.cpp 2014-12-30
19:32:51.588379341 +0100
@@ -694,12 +694,15 @@
class city_dat_writer : public dat_writer
{
public:
- // All serialized location information
+ // All serialized location information, in one big
+ // undifferentiated block
std::stringstream location_stream;
// Seek offset of each location within
// location_stream (relative to the beginning of
- // location_stream)
+ // location_stream). An offset of -1 means that that
+ // location is not in the table (can happen if the
+ // location info's out of order).
std::vectorint location_pos;
city_dat_writer(const char *dat_file_name, GeoIPDBTypes
database_type);
@@ -744,14 +747,22 @@
{
if (it-edges[0] == 0x100) // No data
it-edges[0] = trie_size;
- else if (it-edges[0] 0x100) // Ptr to location block
- it-edges[0] = location_pos[it-edges[0] - 0x100 -
1] + trie_size;
+ else if (it-edges[0] 0x100) { // Ptr to location block
+ int loc_id = it-edges[0] - 0x100;
+ if (loc_id = location_pos.size() ||
location_pos[loc_id] == -1)
+ error(EX_DATAERR, 1, Location %d exists in
blocks but not in locations, loc_id);
+ it-edges[0] = location_pos[loc_id] + trie_size;
+ }
// Any other value would indicate a non-leaf node
if (it-edges[1] == 0x100) // No data
it-edges[1] = trie_size;
- else if (it-edges[1] 0x100) // Ptr to location block
- it-edges[1] = location_pos[it-edges[1] - 0x100 -
1] + trie_size;
+ else if (it-edges[1] 0x100) { // Ptr to location block
+ int loc_id = it-edges[1] - 0x100;
+ if (loc_id = location_pos.size() ||
location_pos[loc_id] == -1)
+ error(EX_DATAERR, 1, Location %d exists in
blocks but not in locations, loc_id);
+ it-edges[1] = location_pos[loc_id] + trie_size;
+ }
// Any other value would indicate a non-leaf node
}
}
@@ -801,19 +812,33 @@
const char *input_file_name,
int input_line_number)
{
- // There's nothing wrong with location info being out of
- // order, but currently we don't support it (i.e. the code
- // won't work if the info's out of order). Sanity check that
- // things are in order.
+ // First, we save the offset of this location block.
int loc_id = ::atoi(info[0].c_str());
- if (loc_id != location_pos.size() + 1) {
- error_at_line(EX_DATAERR, 0, input_file_name, input_line_number,
- Location info not in order (currently not
supported));
- return;
- }
+ if (loc_id = location_pos.size()) {
+ // We need to add to the location table (this is the
+ // usual case).
+
+ while(loc_id location_pos.size()) {
+ // If some numbers were skipped in the data,
+ // then we need to add some empty locations to
+ // the table before we find our
Bug#773700: unblock: otrs2/3.3.9-3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package otrs2. -security also ACKed this upload.
diff -Naur '--exclude=.svn' 3.3.9-2/debian/changelog 3.3.9-3/debian/changelog
--- 3.3.9-2/debian/changelog2014-10-29 09:32:47.224286362 +0100
+++ 3.3.9-3/debian/changelog2014-12-18 19:57:30.862192259 +0100
@@ -1,3 +1,13 @@
+otrs2 (3.3.9-3) unstable; urgency=medium
+
+ * Add patch 16-CVE-2014-9324.diff which fixes CVE-2014-9324, also known as
+OSA-2014-06:
+An attacker with valid OTRS credentials could access and manipulate ticket
+data of other users via the GenericInterface, if a ticket webservice is
+configured and not additionally secured.
+
+ -- Patrick Matthäi pmatth...@debian.org Thu, 18 Dec 2014 19:02:56 +0100
+
otrs2 (3.3.9-2) unstable; urgency=low
* Drop libjs-jquery dependency and use the emebedded version again to avoid
diff -Naur '--exclude=.svn' 3.3.9-2/debian/patches/16-CVE-2014-9324.diff
3.3.9-3/debian/patches/16-CVE-2014-9324.diff
--- 3.3.9-2/debian/patches/16-CVE-2014-9324.diff1970-01-01
01:00:00.0 +0100
+++ 3.3.9-3/debian/patches/16-CVE-2014-9324.diff2014-12-18
19:57:30.874192201 +0100
@@ -0,0 +1,1528 @@
+# Upstream patch to fix CVE-2014-9324, also known as OSA-2014-06:
+# An attacker with valid OTRS credentials could access and manipulate ticket
+# data of other users via the GenericInterface, if a ticket webservice is
+# configured and not additionally secured.
+# URL:
+# https://www.otrs.com/security-advisory-2014-06-incomplete-access-control/
+
+diff -Naur otrs2-3.3.9.orig/Kernel/GenericInterface/Operation/Ticket/Common.pm
otrs2-3.3.9/Kernel/GenericInterface/Operation/Ticket/Common.pm
+--- otrs2-3.3.9.orig/Kernel/GenericInterface/Operation/Ticket/Common.pm
2014-09-03 15:15:41.0 +0200
otrs2-3.3.9/Kernel/GenericInterface/Operation/Ticket/Common.pm
2014-12-18 18:54:26.386869907 +0100
+@@ -1369,6 +1369,17 @@
+
+ =item CheckCreatePermissions ()
+
++Tests if the user have the permissions to create a ticket on a determined
queue
++
++my $Result = $CommonObject-CheckCreatePermissions(
++Ticket = $TicketHashReference,
++UserID = 123, # or 'CustomerLogin'
++UserType = 'Agent', # or 'Customer'
++);
++
++returns:
++$Success = 1# if everything is OK
++
+ =cut
+
+ sub CheckCreatePermissions {
+@@ -1413,6 +1424,45 @@
+ return 1;
+ }
+
++=item CheckAccessPermissions()
++
++Tests if the user have access permissions over a ticket
++
++my $Result = $CommonObject-CheckAccessPermissions(
++TicketID = 123,
++UserID = 123, # or 'CustomerLogin'
++UserType = 'Agent', # or 'Customer'
++);
++
++returns:
++$Success = 1# if everything is OK
++
++=cut
++
++sub CheckAccessPermissions {
++my ( $Self, %Param ) = @_;
++
++# check needed stuff
++for my $Needed (qw(TicketID UserID UserType)) {
++if ( !$Param{$Needed} ) {
++return;
++}
++}
++
++my $TicketPermissionFunction = 'TicketPermission';
++if ( $Param{UserType} eq 'Customer' ) {
++$TicketPermissionFunction = 'TicketCustomerPermission';
++}
++
++my $Access = $Self-{TicketObject}-$TicketPermissionFunction(
++Type = 'ro',
++TicketID = $Param{TicketID},
++UserID = $Param{UserID},
++);
++
++return $Access;
++}
++
+ =begin Internal:
+
+ =item _ValidateUser()
+diff -Naur
otrs2-3.3.9.orig/Kernel/GenericInterface/Operation/Ticket/TicketCreate.pm
otrs2-3.3.9/Kernel/GenericInterface/Operation/Ticket/TicketCreate.pm
+--- otrs2-3.3.9.orig/Kernel/GenericInterface/Operation/Ticket/TicketCreate.pm
2014-09-03 15:15:41.0 +0200
otrs2-3.3.9/Kernel/GenericInterface/Operation/Ticket/TicketCreate.pm
2014-12-18 18:54:26.390869876 +0100
+@@ -238,6 +238,7 @@
+ );
+ }
+
++my $PermissionUserID = $UserID;
+ if ( $UserType eq 'Customer' ) {
+ $UserID = $Self-{ConfigObject}-Get('CustomerPanelUserID')
+ }
+@@ -304,7 +305,7 @@
+ # check create permissions
+ my $Permission = $Self-{TicketCommonObject}-CheckCreatePermissions(
+ Ticket = $Ticket,
+-UserID = $UserID,
++UserID = $PermissionUserID,
+ UserType = $UserType,
+ );
+
+diff -Naur
otrs2-3.3.9.orig/Kernel/GenericInterface/Operation/Ticket/TicketGet.pm
otrs2-3.3.9/Kernel/GenericInterface/Operation/Ticket/TicketGet.pm
+--- otrs2-3.3.9.orig/Kernel/GenericInterface/Operation/Ticket/TicketGet.pm
2014-09-03 15:15:41.0 +0200
otrs2-3.3.9/Kernel/GenericInterface/Operation/Ticket/TicketGet.pm
2014-12-18 18:54:26.390869876 +0100
+@@ -271,6 +271,24 @@
+ ErrorMessage = TicketGet: Structure for TicketID is not
correct
Bug#772030: unblock: needrestart/1.2-6
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package needrestart
It fixes some grave and a few important bugs (patchset 13+14 are also
important).
diffstat:
changelog| 16 +
patches/10-respect-override-auto.diff| 31 +++
patches/11-systemd-journald-workaround.diff | 21 ++
patches/12-ignore-systemd-user-sessions.diff | 21 ++
patches/13-falsepos-aio-fix.diff | 19
patches/14-wpa_supplicant-override.diff | 17 ++
patches/series |5
7 files changed, 130 insertions(+)
full diff:
diff -Naur '--exclude=.svn' 1.2-5/debian/changelog 1.2-6/debian/changelog
--- 1.2-5/debian/changelog 2014-12-04 13:52:42.079128087 +0100
+++ 1.2-6/debian/changelog 2014-12-04 14:15:54.812814981 +0100
@@ -1,3 +1,19 @@
+needrestart (1.2-6) unstable; urgency=high
+
+ * Add patch 10-respect-override-auto to not restart services with overrides
+in auto mode.
+Closes: #770937
+ * Add patch 11-systemd-journald-workaround to add systemd-journald to
+override_rc as a workaround tue to #771122.
+Closes: #771254
+ * Add patch 12-ignore-systemd-user-sessions to ignore user sessions.
+Closes: #771348
+ * Add patch 13-falsepos-aio-fix to skip POSIX async I/O mappings to prevent
+false positive restarts.
+ * Add patch 14-wpa_supplicant-override to ignore wpa_supplicant.
+
+ -- Patrick Matthäi pmatth...@debian.org Thu, 04 Dec 2014 14:07:10 +0100
+
needrestart (1.2-5) unstable; urgency=high
* Add patch 08-fix-broken-debconf to fix a debconf hang up if no kernel image
diff -Naur '--exclude=.svn' 1.2-5/debian/patches/10-respect-override-auto.diff
1.2-6/debian/patches/10-respect-override-auto.diff
--- 1.2-5/debian/patches/10-respect-override-auto.diff 1970-01-01
01:00:00.0 +0100
+++ 1.2-6/debian/patches/10-respect-override-auto.diff 2014-12-04
14:15:54.892814609 +0100
@@ -0,0 +1,31 @@
+# Don't restart services with overrides in auto mode.
+# Closes: #770937
+
+diff --git a/needrestart b/needrestart
+index 32bbd13..558f4f6 100755
+--- a/needrestart
b/needrestart
+@@ -516,6 +516,20 @@ if(defined($opt_l)) {
+ next;
+ }
+
++ # don't restart greylisted services...
++ my $restart = !$nrconf{defno};
++ foreach my $re (keys %{$nrconf{override_rc}}) {
++ next unless($rc =~ /$re/);
++
++ $restart = $nrconf{override_rc}-{$re};
++ last;
++ }
++ # ...but complain about them
++ unless($restart) {
++ $ui-notice(Skipping $rc...);
++ next;
++ }
++
+ my @cmd = restart_cmd($rc);
+ next unless($#cmd -1);
+
+--
+2.1.3
+
diff -Naur '--exclude=.svn'
1.2-5/debian/patches/11-systemd-journald-workaround.diff
1.2-6/debian/patches/11-systemd-journald-workaround.diff
--- 1.2-5/debian/patches/11-systemd-journald-workaround.diff1970-01-01
01:00:00.0 +0100
+++ 1.2-6/debian/patches/11-systemd-journald-workaround.diff2014-12-04
14:15:54.880814664 +0100
@@ -0,0 +1,21 @@
+# Add systemd-journald to override_rc as a workaround due to Debian Bug#771122.
+# Closes: #771254
+
+diff --git a/ex/needrestart.conf b/ex/needrestart.conf
+index 235ce8c..c99cffd 100644
+--- a/ex/needrestart.conf
b/ex/needrestart.conf
+@@ -81,6 +81,10 @@ $nrconf{override_rc} = {
+ # misc
+ q(^zfs-fuse) = 0,
+ q(^mythtv-backend) = 0,
++
++# workaround for broken systemd-journald
++# (see also Debian Bug#771122 #771254)
++q(^systemd-journald) = 0,
+ };
+
+ # Disable interpreter scanners.
+--
+2.1.3
+
diff -Naur '--exclude=.svn'
1.2-5/debian/patches/12-ignore-systemd-user-sessions.diff
1.2-6/debian/patches/12-ignore-systemd-user-sessions.diff
--- 1.2-5/debian/patches/12-ignore-systemd-user-sessions.diff 1970-01-01
01:00:00.0 +0100
+++ 1.2-6/debian/patches/12-ignore-systemd-user-sessions.diff 2014-12-04
14:15:54.900814569 +0100
@@ -0,0 +1,21 @@
+# Ignore pids of user sessions completely.
+# Closes: #771348
+
+diff --git a/needrestart b/needrestart
+index 558f4f6..932e595 100755
+--- a/needrestart
b/needrestart
+@@ -351,6 +351,10 @@ if(defined($opt_l)) {
+ if($value =~ m@/([^/]+\.service)$@) {
+ ($1);
+ }
++ elsif($value =
m@/user-(\d+).slice/session-(\d+).scope@) {
++ print STDERR $LOGPREF #$pid is ignored; part
of user session: uid=$1 sess=$2\n if($nrconf{verbose});
++ next;
++ }
+ else {
+ print STDERR $LOGPREF #$pid
Bug#770355: pre-approval: apt-dater/0.9.0-8
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hello,
as I have asked some days ago I have to upload a new apt-dater release
directly to jessie to avoid later problems in the archive.
I have finished my work and the excepted changelog, diff etc would be:
changelog:
apt-dater (0.9.0-8) testing; urgency=low
* Drop binary package apt-dater-host. It is superseded by the new
src:apt-dater-host package.
- Drop obsolete patch 04-wheezy-kernel.
- Drop debconf templates.
-- Patrick Matthäi pmatth...@debian.org Thu, 13 Nov 2014 23:35:09 +0100
diffstat:
diff -Naur tags/0.9.0-7/ branches/jessie/ --exclude=.svn|diffstat
apt-dater-host.config | 28 ---
apt-dater-host.install|1
apt-dater-host.manpages |1
apt-dater-host.postinst | 40
apt-dater-host.postrm |7
apt-dater-host.templates |9 --
changelog |9 ++
control | 20 --
patches/04-wheezy-kernel.diff | 18
patches/series|1
po/POTFILES.in|1
po/cs.po | 36 -
po/da.po | 37 --
po/de.po | 39 ---
po/es.po | 59 --
po/fr.po | 40
po/it.po | 39 ---
po/ja.po | 36 -
po/nl.po | 38 ---
po/pt.po | 37 --
po/pt_BR.po | 38 ---
po/ru.po | 41 -
po/sv.po | 40
po/templates.pot | 33 ---
po/vi.po | 38 ---
rules |5 ---
sudo/apt-dater-host | 11 ---
27 files changed, 9 insertions(+), 693 deletions(-)
full diff (OK I have excluded po/, since it is just removed and I do not want
to spam):
diff -Naur '--exclude=.svn' '--exclude=po'
tags/0.9.0-7/debian/apt-dater-host.config
branches/jessie/debian/apt-dater-host.config
--- tags/0.9.0-7/debian/apt-dater-host.config 2014-02-13 19:43:24.116063923
+0100
+++ branches/jessie/debian/apt-dater-host.config1970-01-01
01:00:00.0 +0100
@@ -1,28 +0,0 @@
-#!/bin/sh
-
-set -e
-
-. /usr/share/debconf/confmodule
-
-# Default value is true (enabled).
-ASSUME_YES=true
-
-if [ -f /etc/apt-dater-host.conf ] ; then
- # Get the current setted value.
- CURRENT_VALUE=$(grep '^$ASSUMEYES' /etc/apt-dater-host.conf|cut -d'='
-f2-|sed 's/;//g'|tr -d \n)
-
- if [ $CURRENT_VALUE = 0 ]; then
- # Overwrite default value, if it is not enabled.
- ASSUME_YES=false
- fi
-fi
-
-db_set apt-dater-host/assume_yes $ASSUME_YES
-
-db_input medium apt-dater-host/assume_yes || true
-
-db_go
-
-#DEBHELPER#
-
-exit 0
diff -Naur '--exclude=.svn' '--exclude=po'
tags/0.9.0-7/debian/apt-dater-host.install
branches/jessie/debian/apt-dater-host.install
--- tags/0.9.0-7/debian/apt-dater-host.install 2014-02-13 19:43:24.116063923
+0100
+++ branches/jessie/debian/apt-dater-host.install 1970-01-01
01:00:00.0 +0100
@@ -1 +0,0 @@
-debian/sudo/apt-dater-host etc/sudoers.d/
diff -Naur '--exclude=.svn' '--exclude=po'
tags/0.9.0-7/debian/apt-dater-host.manpages
branches/jessie/debian/apt-dater-host.manpages
--- tags/0.9.0-7/debian/apt-dater-host.manpages 2014-02-13 19:43:24.080064509
+0100
+++ branches/jessie/debian/apt-dater-host.manpages 1970-01-01
01:00:00.0 +0100
@@ -1 +0,0 @@
-man/apt-dater-host.1
diff -Naur '--exclude=.svn' '--exclude=po'
tags/0.9.0-7/debian/apt-dater-host.postinst
branches/jessie/debian/apt-dater-host.postinst
--- tags/0.9.0-7/debian/apt-dater-host.postinst 2014-02-13 19:43:24.348060150
+0100
+++ branches/jessie/debian/apt-dater-host.postinst 1970-01-01
01:00:00.0 +0100
@@ -1,40 +0,0 @@
-#!/bin/sh
-
-set -e
-
-. /usr/share/debconf/confmodule
-
-
-do_hostconfig() {
- db_get apt-dater-host/assume_yes
-
- case ${RET} in
- true)
- ASSUME_YES=1
- ;;
- false)
- ASSUME_YES=0
- ;;
- esac
-
- sed s/^\$ASSUMEYES=.*/\$ASSUMEYES=${ASSUME_YES};/ -i
/etc/apt-dater-host.conf
-}
-
-
-case $1 in
- configure)
- do_hostconfig;
- ;;
-
- abort-upgrade|abort-remove|abort-deconfigure)
- ;;
-
- *)
- echo postinst called with unknown argument \`$1
Bug#768817: unblock: geoip/1.6.2-2
Am 18.11.2014 um 21:21 schrieb Adam D. Barratt: Control: tags -1 + moreinfo On Sun, 2014-11-09 at 14:34 +0100, Patrick Matthäi wrote: on the 14.10.2014 I have recieved patches from two contributors to support the building of the GeoIP City and ASN database in a DFSG free way, which is realy great! To clarify, these are completely new data files relative to the version in jessie at the moment? Yes and no, it also could replace recommends/suggests on geoip-database-contrib (from contrib), since some packages also require the ASN and city database. For example ntop and python-django. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer Blog: http://www.linux-dev.org/ E-Mail: pmatth...@debian.org patr...@linux-dev.org */ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/546c82a2.9000...@debian.org
Bug#769723: unblock: kid3/3.1.1-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package kid3 It adds the missing manpages (where kid3.1 itself links to). diff -Naur '--exclude=.svn' 3.1.1-1/debian/changelog 3.1.1-2/debian/changelog --- 3.1.1-1/debian/changelog2014-11-11 22:43:22.053641657 +0100 +++ 3.1.1-2/debian/changelog2014-11-13 21:55:16.879633742 +0100 @@ -1,3 +1,9 @@ +kid3 (3.1.1-2) unstable; urgency=low + + * Add missing kid3-core manpages. Thanks to Achim Bohnet. + + -- Patrick Matthäi pmatth...@debian.org Thu, 13 Nov 2014 21:44:24 +0100 + kid3 (3.1.1-1) unstable; urgency=medium * New upstream release. diff -Naur '--exclude=.svn' 3.1.1-1/debian/kid3-core.manpages 3.1.1-2/debian/kid3-core.manpages --- 3.1.1-1/debian/kid3-core.manpages 1970-01-01 01:00:00.0 +0100 +++ 3.1.1-2/debian/kid3-core.manpages 2014-11-13 21:55:16.879633742 +0100 @@ -0,0 +1,2 @@ +kid3-build/doc/en/kid3-core.1 +kid3-build/doc/de/kid3-core.de.1 unblock kid3/3.1.1-2 -- System Information: Debian Release: 7.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141115213831.6984.46770.report...@srv1.linux-dev.org
Bug#768809: unblock: apt-dater-host/1.0.0-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package apt-dater-host It downgrades an unnecessary depends to recommends. diff -Naur '--exclude=.svn' 1.0.0-1/debian/changelog 1.0.0-2/debian/changelog --- 1.0.0-1/debian/changelog2014-09-30 18:14:31.514082024 +0200 +++ 1.0.0-2/debian/changelog2014-10-27 19:39:36.294846175 +0100 @@ -1,3 +1,10 @@ +apt-dater-host (1.0.0-2) unstable; urgency=low + + * Move needrestart from depends to recommends. +Closes: #764323 + + -- Patrick Matthäi pmatth...@debian.org Mon, 27 Oct 2014 19:36:22 +0100 + apt-dater-host (1.0.0-1) unstable; urgency=medium * Initial release. diff -Naur '--exclude=.svn' 1.0.0-1/debian/control 1.0.0-2/debian/control --- 1.0.0-1/debian/control 2014-09-30 18:14:31.518081945 +0200 +++ 1.0.0-2/debian/control 2014-10-27 19:39:36.334845484 +0100 @@ -13,9 +13,9 @@ openssh-server, lsb-release, libimvirt-perl, - needrestart, libapt-pkg-perl Recommends: imvirt, + needrestart, sudo Description: host helper application for apt-dater apt-dater provides an easy to use ncurses frontend for managing package unblock apt-dater-host/1.0.0-2 -- System Information: Debian Release: 7.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141109131019.20569.90026.report...@srv1.linux-dev.org
Bug#768810: unblock: kdenlive/0.9.10-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package kdenlive diff -Naur '--exclude=.svn' 0.9.10-1/debian/changelog 0.9.10-2/debian/changelog --- 0.9.10-1/debian/changelog 2014-09-30 18:14:30.166108722 +0200 +++ 0.9.10-2/debian/changelog 2014-10-27 18:51:31.240128352 +0100 @@ -1,3 +1,11 @@ +kdenlive (0.9.10-2) unstable; urgency=medium + + * Add libv4l-dev as build dependency for webcam support. + * Exclude docbook files from dh_compress. +Closes: #765974 + + -- Patrick Matthäi pmatth...@debian.org Mon, 27 Oct 2014 18:25:52 +0100 + kdenlive (0.9.10-1) unstable; urgency=medium * New upstream release. diff -Naur '--exclude=.svn' 0.9.10-1/debian/control 0.9.10-2/debian/control --- 0.9.10-1/debian/control 2014-09-30 18:14:30.162108802 +0200 +++ 0.9.10-2/debian/control 2014-10-27 18:51:31.216128795 +0100 @@ -14,6 +14,7 @@ libqt4-dev, shared-desktop-ontologies, libx11-dev, + libv4l-dev, libqt4-opengl-dev, libqjson-dev diff -Naur '--exclude=.svn' 0.9.10-1/debian/rules 0.9.10-2/debian/rules --- 0.9.10-1/debian/rules 2014-09-30 18:14:30.162108802 +0200 +++ 0.9.10-2/debian/rules 2014-10-27 18:51:31.180129460 +0100 @@ -13,6 +13,9 @@ override_dh_auto_configure: dh_auto_configure -- $(EXTRAFLAGS) +override_dh_compress: + dh_compress -X.docbook + override_dh_install: rm -f $(CURDIR)/debian/tmp/usr/share/doc/kde/HTML/*/kdenlive/common cp $(CURDIR)/data/kdenlive.menu $(CURDIR)/debian/ unblock kdenlive/0.9.10-2 -- System Information: Debian Release: 7.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141109131258.20642.5597.report...@srv1.linux-dev.org
