Processed: block by other unblock request
Processing commands for cont...@bugs.debian.org: > block 1034196 by 1034127 Bug #1034196 [release.debian.org] unblock: openrefine/3.6.2-2 1034196 was not blocked by any bugs. 1034196 was not blocking any bugs. Added blocking bug(s) of 1034196: 1034127 > thanks Stopping processing here. Please contact me if you need assistance. -- 1034196: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034196 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Re: unblock request for fai 6.0.1
Hi, On 03-04-2023 21:51, la...@debian.org wrote: this is a unblock request for fai 6.0.1. unblocked (but the comment for dracut applies too). Paul OpenPGP_signature Description: OpenPGP digital signature
Re: unblock request for dracut 059-4
Hi Thomas, On 03-04-2023 21:59, la...@debian.org wrote: this is a unblock request for dracut 059-4. Please, next time file an unblock bug report (using $(reportbug release.debian.org). Messages like these tend to get lost on our high volume mail list, particularly if they *look* like unblock bug reports. Anyways, unblocked. Paul OpenPGP_signature Description: OpenPGP digital signature
unblock request for dracut 059-4
Hi release team,
this is a unblock request for dracut 059-4.
This version is in unstable for 24 days.
Attached is the debdiff from 059-3 to 059-4
It fixes a wrong path in the debian patch
which closes #1029413 and #1030191
The debdiff is included after the diffstat
best regards Thomas
$ debdiff dracut_059-3.dsc dracut_059-4.dsc|diffstat
changelog |8
patches/initrd-not-initramfs.patch | 14 +++---
2 files changed, 15 insertions(+), 7 deletions(-)
diff -Nru dracut-059/debian/changelog dracut-059/debian/changelog
--- dracut-059/debian/changelog 2023-01-09 20:56:29.0 +0100
+++ dracut-059/debian/changelog 2023-03-09 19:13:42.0 +0100
@@ -1,3 +1,11 @@
+dracut (059-4) unstable; urgency=low
+
+ * Fix file name in patch initrd-not-initramfs.patch
+Closes: #1029413, #1030191
+Thanks to nabijaczleweli for for the patch
+
+ -- Thomas Lange Thu, 09 Mar 2023 19:13:42 +0100
+
dracut (059-3) unstable; urgency=low
* control: add breaks + replaces, Closes: #1028303
diff -Nru dracut-059/debian/patches/initrd-not-initramfs.patch
dracut-059/debian/patches/initrd-not-initramfs.patch
--- dracut-059/debian/patches/initrd-not-initramfs.patch2022-12-26
12:51:37.0 +0100
+++ dracut-059/debian/patches/initrd-not-initramfs.patch2023-03-09
18:09:34.0 +0100
@@ -16,7 +16,7 @@
outfile="$dracutsysrootdir/lib/modules/${kernel}/initrd"
elif [[ -e $dracutsysrootdir/boot/vmlinuz-${kernel} ]]; then
-outfile="$dracutsysrootdir/boot/initramfs-${kernel}.img"
-+outfile="$dracutsysrootdir/boot/initrd-${kernel}"
++outfile="$dracutsysrootdir/boot/initrd.img-${kernel}"
elif [[ -z $dracutsysrootdir ]] \
&& [[ $MACHINE_ID ]] \
&& mountpoint -q /efi; then
@@ -25,7 +25,7 @@
outfile="/boot/efi/${MACHINE_ID}/${kernel}/initrd"
else
-outfile="$dracutsysrootdir/boot/initramfs-${kernel}.img"
-+outfile="$dracutsysrootdir/boot/initrd-${kernel}"
++outfile="$dracutsysrootdir/boot/initrd.img-${kernel}"
fi
fi
fi
@@ -36,7 +36,7 @@
_/boot/efi/__/__/initrd_,
_/lib/modules/__/initrd_ or
-_/boot/initramfs-__.img_ and contains the kernel modules
of
-+_/boot/initrd-__ and contains the kernel modules of
++_/boot/initrd.img-__ and contains the kernel modules of
the currently active kernel with version __.
If the initramfs image already exists, dracut will display an error message,
and
@@ -47,7 +47,7 @@
_/boot/efi///initrd_,
_/lib/modules//initrd_ or
-_/boot/initramfs-.img_.
-+_/boot/initrd-_.
++_/boot/initrd.img-_.
OPTIONS
---
@@ -59,8 +59,8 @@
image="/lib/modules/${KERNEL_VERSION}/initramfs.img"
-elif [[ -f /boot/initramfs-${KERNEL_VERSION}.img ]]; then
-image="/boot/initramfs-${KERNEL_VERSION}.img"
-+elif [[ -f /boot/initrd-${KERNEL_VERSION} ]]; then
-+image="/boot/initrd-${KERNEL_VERSION}"
++elif [[ -f /boot/initrd.img-${KERNEL_VERSION} ]]; then
++image="/boot/initrd.img-${KERNEL_VERSION}"
elif [[ $MACHINE_ID ]] \
&& mountpoint -q /efi; then
image="/efi/${MACHINE_ID}/${KERNEL_VERSION}/initrd"
@@ -73,7 +73,7 @@
-elif [[ -f /boot/initramfs-${KERNEL_VERSION}.img ]]; then
-IMG="/boot/initramfs-${KERNEL_VERSION}.img"
+elif [[ -f /boot/initrd.img-${KERNEL_VERSION} ]]; then
-+IMG="/boot/initrd-${KERNEL_VERSION}"
++IMG="/boot/initrd.img-${KERNEL_VERSION}"
elif mountpoint -q /efi; then
IMG="/efi/$MACHINE_ID/$KERNEL_VERSION/initrd"
elif mountpoint -q /boot/efi; then
unblock request for fai 6.0.1
Hi release team,
this is a unblock request for fai 6.0.1.
This version is in unstable for 25 days.
Attached is the debdiff from 6.0 to 6.0.1
- It fixes a small perl syntax error in install_packages
- It add comments into disk_config/* files which goes into the fai-doc package
- The year in prcopyleft was set to 2023
$ debdiff fai_6.0.dsc fai_6.0.1.dsc|diffstat
bin/install_packages |2 +-
debian/changelog | 12
examples/simple/disk_config/FAIBASE |3 +++
examples/simple/disk_config/FAIBASE_EFI |3 +++
examples/simple/disk_config/ROCKY |3 +++
examples/simple/scripts/GRUB_EFI/10-setup |5 +
lib/prcopyleft|4 ++--
7 files changed, 29 insertions(+), 3 deletions(-)
diff -Nru fai-6.0/bin/install_packages fai-6.0.1/bin/install_packages
--- fai-6.0/bin/install_packages2022-11-13 18:48:57.0 +0100
+++ fai-6.0.1/bin/install_packages 2023-02-23 16:31:07.0 +0100
@@ -204,7 +204,7 @@
my $packlist = join(' ',@{$pkglist});
if ($atype eq "hold") {
- my $hold = join " hold\n", @{$list{hold}}, "";
+ my $hold = join " hold\n", @{$list{hold}{$pkgopt}}, "";
execute("echo \"$hold\" | $rootcmd $command{hold}");
next;
}
diff -Nru fai-6.0/debian/changelog fai-6.0.1/debian/changelog
--- fai-6.0/debian/changelog2023-01-13 22:45:03.0 +0100
+++ fai-6.0.1/debian/changelog 2023-03-08 19:38:00.0 +0100
@@ -1,3 +1,15 @@
+fai (6.0.1) unstable; urgency=low
+
+ [ Joerg Behrmann ]
+ * install_packages: fix wrong type of perl variable, Closes: #1032267
+
+ [ Thomas Lange ]
+ * prtcopyleft: year++
+ * disk_config/*: add comment about mkfs option that is needed when using
+older Debian releases, Closes: #1031415
+
+ -- Thomas Lange Wed, 08 Mar 2023 19:38:00 +0100
+
fai (6.0) unstable; urgency=low
[ Thomas Lange ]
diff -Nru fai-6.0/examples/simple/disk_config/FAIBASE
fai-6.0.1/examples/simple/disk_config/FAIBASE
--- fai-6.0/examples/simple/disk_config/FAIBASE 2019-03-26 16:32:51.0
+0100
+++ fai-6.0.1/examples/simple/disk_config/FAIBASE 2023-02-21
22:06:49.0 +0100
@@ -2,6 +2,9 @@
#
#
+# you may want to add "-O ^metadata_csum_seed" to createopts if the target
+# system is older than bullseye. See #866603, #1031415, #1031416 for more info.
+
disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid
primary / 2G-50G ext4 rw,noatime,errors=remount-ro
diff -Nru fai-6.0/examples/simple/disk_config/FAIBASE_EFI
fai-6.0.1/examples/simple/disk_config/FAIBASE_EFI
--- fai-6.0/examples/simple/disk_config/FAIBASE_EFI 2022-11-09
10:41:39.0 +0100
+++ fai-6.0.1/examples/simple/disk_config/FAIBASE_EFI 2023-02-21
22:07:05.0 +0100
@@ -2,6 +2,9 @@
#
# p=
+# you may want to add "-O ^metadata_csum_seed" to createopts if the target
+# system is older than bullseye. See #866603, #1031415, #1031416 for more info.
+
disk_config disk1 disklabel:gpt bootable:1 fstabkey:uuid
p=efi /boot/efi 512M vfat rw
diff -Nru fai-6.0/examples/simple/disk_config/ROCKY
fai-6.0.1/examples/simple/disk_config/ROCKY
--- fai-6.0/examples/simple/disk_config/ROCKY 2022-05-28 18:25:13.0
+0200
+++ fai-6.0.1/examples/simple/disk_config/ROCKY 2023-02-21 22:08:38.0
+0100
@@ -2,6 +2,9 @@
#
#
+# you may want to add "-O ^metadata_csum_seed" to createopts if the target
+# system is older than bullseye. See #866603, #1031415, #1031416 for more info.
+
disk_config disk1 disklabel:msdos bootable:1 fstabkey:label
primary / 4G-50Gext4 rw,noatime,errors=remount-ro createopts="-L
ROOT"
diff -Nru fai-6.0/examples/simple/scripts/GRUB_EFI/10-setup
fai-6.0.1/examples/simple/scripts/GRUB_EFI/10-setup
--- fai-6.0/examples/simple/scripts/GRUB_EFI/10-setup 2022-11-27
20:21:24.0 +0100
+++ fai-6.0.1/examples/simple/scripts/GRUB_EFI/10-setup 2023-01-17
12:15:57.0 +0100
@@ -69,5 +69,10 @@
fi
fi
$ROOTCMD update-grub
+if [[ $BOOT_DEVICE =~ '/dev/loop' ]]; then
+:
+else
+efibootmgr -v
+fi
exit $error
diff -Nru fai-6.0/lib/prcopyleft fai-6.0.1/lib/prcopyleft
--- fai-6.0/lib/prcopyleft 2022-05-26 21:45:20.0 +0200
+++ fai-6.0.1/lib/prcopyleft2023-01-14 14:03:09.0 +0100
@@ -3,7 +3,7 @@
#*
#
# This script is part of FAI (Fully Automatic Installation)
-# (c) 2003-2022 by Thomas Lange, la...@cs.uni-koeln.de
+# (c) 2003-2023 by Thomas Lange, la...@cs.uni-koeln.de
# Universitaet zu Koeln
#
#*
@@ -17,7 +17,7 @@
-
Fully Automatic Installation -
Bug#991409: marked as done (unblock request: msmtp/1.8.11-2.1)
Your message dated Tue, 27 Jul 2021 19:33:34 +
with message-id
and subject line unblock msmtp
has caused the Debian Bug report #991409,
regarding unblock request: msmtp/1.8.11-2.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
991409: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991409
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi,
Please unblock the package msmtp.
[ Reason ]
The version presently in bullseye does not understand lowercase SMTP
commands. It violates RFC821 [1] from 1982 and later applicable specs
such as RFC5321. [2]
[ Impact ]
Users of the version in bullseye cannot send emails via SMTP port 25
locally when software sends mixed or lowercase commands. The issue was
discovered when sending key expiration reminders to Debian
contributors via Python's smtplib [3][4] but probably affects
additional programs, modules and libraries. The faulty behavior is
further detailed in Bug#985468 [5] and the links provided therein.
[6][7]
[ Tests ]
I personally used the patched version on half a dozen machines since
March, and have had no issues with it.
[ Risks ]
The commit cherry-picked here [8] was accepted by upstream over a year
ago. It replaces several instances of 'strcmp' with the case
insensitive equivalent 'strcasecmp'. The risk of breakage is probably
low.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
The debdiff for the sources is shown at the bottom of this message.
For easier perusal I also attached the actual patch.
unblock thunderbird/1:78.12.0-1
[1] https://tools.ietf.org/html/rfc821
[2] https://tools.ietf.org/html/rfc5321
[3] https://bugs.debian.org/892058
[4] https://salsa.debian.org/lechner/key-expirations
[5] https://bugs.debian.org/985468
[6] https://bugs.python.org/issue29860
[7] https://github.com/marlam/msmtp-mirror/issues/45
[8]
https://github.com/marlam/msmtp-mirror/commit/7dcfd522efc13fde4df448d834bc6ba2b205
* * *
$ debdiff msmtp_1.8.11-2.dsc msmtp_1.8.11-2.1.dsc
diff -Nru msmtp-1.8.11/debian/changelog msmtp-1.8.11/debian/changelog
--- msmtp-1.8.11/debian/changelog 2020-08-20 07:24:11.0 -0700
+++ msmtp-1.8.11/debian/changelog 2021-03-18 09:01:45.0 -0700
@@ -1,3 +1,12 @@
+msmtp (1.8.11-2.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Cherry-pick 7dcf from upstream for the bullseye release. Brings
+msmtp into conformance with RFC821, which states that "Commands and
+replies are not case sensitive." (Closes: #985468)
+
+ -- Felix Lechner Thu, 18 Mar 2021 09:01:45 -0700
+
msmtp (1.8.11-2) unstable; urgency=medium
* Fix build options to re-enable TLS support via GnuTLS, IDN and SASL.
diff -Nru
msmtp-1.8.11/debian/patches/7dcfd522efc13fde4df448d834bc6ba2b205-adjusted.diff
msmtp-1.8.11/debian/patches/7dcfd522efc13fde4df448d834bc6ba2b205-adjusted.diff
---
msmtp-1.8.11/debian/patches/7dcfd522efc13fde4df448d834bc6ba2b205-adjusted.diff
1969-12-31 16:00:00.0 -0800
+++
msmtp-1.8.11/debian/patches/7dcfd522efc13fde4df448d834bc6ba2b205-adjusted.diff
2021-03-18 09:01:45.0 -0700
@@ -0,0 +1,70 @@
+Description: Cherry-pick 7dcf from upstream for bullseye, adjusted
+Author: Felix Lechner
+Origin:
https://github.com/marlam/msmtp-mirror/commit/7dcfd522efc13fde4df448d834bc6ba2b205.diff
+Bug: https://github.com/marlam/msmtp-mirror/issues/45
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/src/msmtpd.c
b/src/msmtpd.c
+@@ -26,6 +26,7 @@
+ #include
+ #include
+ #include
++#include
+ #include
+ #include
+ #include
+@@ -186,18 +187,18 @@ int msmtpd_session(FILE* in, FILE* out,
+ fprintf(out, "220 localhost ESMTP msmtpd\r\n");
+ if (read_smtp_cmd(in, buf, SMTP_BUFSIZE) != 0)
+ return 1;
+-if (strncmp(buf, "EHLO ", 5) != 0 && strncmp(buf, "HELO ", 5) != 0) {
++if (strncasecmp(buf, "EHLO ", 5) != 0 && strncasecmp(buf, "HELO
", 5) != 0) {
+ fprintf(out, "500 Expected EHLO or HELO\r\n");
+ return 1;
+ }
+ fprintf(out, "250 localhost\r\n");
+ if (read_smtp_cmd(in, buf, SMTP_BUFSIZE) != 0)
+ return 1;
+-if (strncmp(buf, "MAIL FROM:", 10) != 0 && strcmp(buf, "QUIT")
Bug#991409: unblock request: msmtp/1.8.11-2.1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hi,
Please unblock the package msmtp.
[ Reason ]
The version presently in bullseye does not understand lowercase SMTP
commands. It violates RFC821 [1] from 1982 and later applicable specs
such as RFC5321. [2]
[ Impact ]
Users of the version in bullseye cannot send emails via SMTP port 25
locally when software sends mixed or lowercase commands. The issue was
discovered when sending key expiration reminders to Debian
contributors via Python's smtplib [3][4] but probably affects
additional programs, modules and libraries. The faulty behavior is
further detailed in Bug#985468 [5] and the links provided therein.
[6][7]
[ Tests ]
I personally used the patched version on half a dozen machines since
March, and have had no issues with it.
[ Risks ]
The commit cherry-picked here [8] was accepted by upstream over a year
ago. It replaces several instances of 'strcmp' with the case
insensitive equivalent 'strcasecmp'. The risk of breakage is probably
low.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
The debdiff for the sources is shown at the bottom of this message.
For easier perusal I also attached the actual patch.
unblock thunderbird/1:78.12.0-1
[1] https://tools.ietf.org/html/rfc821
[2] https://tools.ietf.org/html/rfc5321
[3] https://bugs.debian.org/892058
[4] https://salsa.debian.org/lechner/key-expirations
[5] https://bugs.debian.org/985468
[6] https://bugs.python.org/issue29860
[7] https://github.com/marlam/msmtp-mirror/issues/45
[8]
https://github.com/marlam/msmtp-mirror/commit/7dcfd522efc13fde4df448d834bc6ba2b205
* * *
$ debdiff msmtp_1.8.11-2.dsc msmtp_1.8.11-2.1.dsc
diff -Nru msmtp-1.8.11/debian/changelog msmtp-1.8.11/debian/changelog
--- msmtp-1.8.11/debian/changelog 2020-08-20 07:24:11.0 -0700
+++ msmtp-1.8.11/debian/changelog 2021-03-18 09:01:45.0 -0700
@@ -1,3 +1,12 @@
+msmtp (1.8.11-2.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Cherry-pick 7dcf from upstream for the bullseye release. Brings
+msmtp into conformance with RFC821, which states that "Commands and
+replies are not case sensitive." (Closes: #985468)
+
+ -- Felix Lechner Thu, 18 Mar 2021 09:01:45 -0700
+
msmtp (1.8.11-2) unstable; urgency=medium
* Fix build options to re-enable TLS support via GnuTLS, IDN and SASL.
diff -Nru
msmtp-1.8.11/debian/patches/7dcfd522efc13fde4df448d834bc6ba2b205-adjusted.diff
msmtp-1.8.11/debian/patches/7dcfd522efc13fde4df448d834bc6ba2b205-adjusted.diff
---
msmtp-1.8.11/debian/patches/7dcfd522efc13fde4df448d834bc6ba2b205-adjusted.diff
1969-12-31 16:00:00.0 -0800
+++
msmtp-1.8.11/debian/patches/7dcfd522efc13fde4df448d834bc6ba2b205-adjusted.diff
2021-03-18 09:01:45.0 -0700
@@ -0,0 +1,70 @@
+Description: Cherry-pick 7dcf from upstream for bullseye, adjusted
+Author: Felix Lechner
+Origin:
https://github.com/marlam/msmtp-mirror/commit/7dcfd522efc13fde4df448d834bc6ba2b205.diff
+Bug: https://github.com/marlam/msmtp-mirror/issues/45
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/src/msmtpd.c
b/src/msmtpd.c
+@@ -26,6 +26,7 @@
+ #include
+ #include
+ #include
++#include
+ #include
+ #include
+ #include
+@@ -186,18 +187,18 @@ int msmtpd_session(FILE* in, FILE* out,
+ fprintf(out, "220 localhost ESMTP msmtpd\r\n");
+ if (read_smtp_cmd(in, buf, SMTP_BUFSIZE) != 0)
+ return 1;
+-if (strncmp(buf, "EHLO ", 5) != 0 && strncmp(buf, "HELO ", 5) != 0) {
++if (strncasecmp(buf, "EHLO ", 5) != 0 && strncasecmp(buf, "HELO
", 5) != 0) {
+ fprintf(out, "500 Expected EHLO or HELO\r\n");
+ return 1;
+ }
+ fprintf(out, "250 localhost\r\n");
+ if (read_smtp_cmd(in, buf, SMTP_BUFSIZE) != 0)
+ return 1;
+-if (strncmp(buf, "MAIL FROM:", 10) != 0 && strcmp(buf, "QUIT") != 0) {
++if (strncasecmp(buf, "MAIL FROM:", 10) != 0 && strcasecmp(buf,
"QUIT") != 0) {
+ fprintf(out, "500 Expected MAIL FROM: or QUIT\r\n");
+ return 1;
+ }
+-if (strcmp(buf, "QUIT") == 0) {
++if (strcasecmp(buf, "QUIT") == 0) {
+ fprintf(out, "221 Bye\r\n");
+ return 0;
+ }
+@@ -235,19 +236,19 @@ int msmtpd_session(FILE* in, FILE* out,
+ return 1;
+ }
+ if (!recipient_was_seen) {
+-if (strncmp(buf, "RCPT TO:", 8) != 0) {
++if (strncasecmp(buf, "RCPT TO:", 8) != 0) {
+ fprintf(out, "500 Expected RCPT TO:\r\n");
+ free(cmd);
+ return 1;
+ }
+ } else {
+-if (strncmp(buf, "RCPT TO:", 8) != 0 && strcmp(buf,
"DATA") != 0) {
++if (strncasecmp(buf, "RCPT TO:", 8) != 0 &&
strcasecmp(buf, "DATA") != 0) {
+ fpr
Processed: Block fix by unblock request
Processing commands for cont...@bugs.debian.org: > block 991332 by 991359 Bug #991332 [liquidsoap] Liquidsoap is searching at the wrong place for pervasives script libraries 991332 was not blocked by any bugs. 991332 was not blocking any bugs. Added blocking bug(s) of 991332: 991359 > End of message, stopping processing here. Please contact me if you need assistance. -- 991332: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991332 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#991027: marked as done (kubernetes 1.20.5+really1.20.2-1 unblock request)
Your message dated Tue, 13 Jul 2021 19:34:31 +0200 with message-id <969439f4-e5a7-231e-b8ac-60ec0e0e6...@debian.org> and subject line Re: Bug#991027: kubernetes 1.20.5+really1.20.2-1 unblock request has caused the Debian Bug report #991027, regarding kubernetes 1.20.5+really1.20.2-1 unblock request to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 991027: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991027 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: t...@security.debian.org, Please unblock package kubernetes 1.20.5+really1.20.2-1 [ Reason ] In view of the difference between Debian vs. Kubernetes security release cadence it makes more sense to not have the server binaries in stable but only in unstable/fasttrack. [ Impact ] The only change is two binary packages, namely kubernetes-master and kubernetes-node are dropped. [ Tests ] Manual [ Risks ] Low. The two removed binary packages are leaf with likely very few users. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] unblock kubernetes/1.20.5+really1.20.2-1 -- LÉNÁRT, János kubernetes_1.20.2-1_vs_1.20.5+really1.20.2-1.debdiff Description: Binary data --- End Message --- --- Begin Message --- Hi Janos, On 13-07-2021 11:11, Janos LENART wrote: > Please unblock package kubernetes 1.20.5+really1.20.2-1 Thanks for the reminder, I forgot. Unblocked. Paul OpenPGP_signature Description: OpenPGP digital signature --- End Message ---
Bug#991027: kubernetes 1.20.5+really1.20.2-1 unblock request
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: t...@security.debian.org, Please unblock package kubernetes 1.20.5+really1.20.2-1 [ Reason ] In view of the difference between Debian vs. Kubernetes security release cadence it makes more sense to not have the server binaries in stable but only in unstable/fasttrack. [ Impact ] The only change is two binary packages, namely kubernetes-master and kubernetes-node are dropped. [ Tests ] Manual [ Risks ] Low. The two removed binary packages are leaf with likely very few users. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] unblock kubernetes/1.20.5+really1.20.2-1 -- LÉNÁRT, János kubernetes_1.20.2-1_vs_1.20.5+really1.20.2-1.debdiff Description: Binary data
Re: unblock request for fai 5.10.2
Hi Thomas
On 2021-05-12 22:43:52, la...@debian.org wrote:
> Hi release team,
>
> this is a unblock request for fai 5.10.2.
> This version is in unstable since 28 days and has following diffs to
> the former version 5.10.1.
>
> There are two changes from 5.10.1 to 5.10.2.
>
> * make bullseye the default release, Closes: #986884
> * mount efivarfs when needed, Closes: #986820
>
> Here are the debdiffs. The changes in files under example/ are
> only doc changes because those file are in the package fai-doc.
Unblocked, but please file an unblock bug report next time. Requests
might otherwise be lost due to the high noise on the mailing list during
the freeze.
Cheers
>
>
> $ debdiff fai_5.10.1.dsc fai_5.10.2.dsc|diffstat
> bin/fai |7 ++-
> conf/NFSROOT |2 +-
> conf/nfsroot.conf|2 +-
> conf/sources.list| 10 +-
> debian/changelog |7 +++
> examples/simple/class/DEBIAN.var |2 +-
> examples/simple/files/etc/fai/nfsroot.conf/FAISERVER |2 +-
> examples/simple/files/etc/rc.local/FAISERVER |2 +-
> examples/simple/hooks/savelog.LAST.sh|1 -
> lib/subroutines |4 ++--
> lib/updatebase |3 +++
> utils/mkdebmirror|4 ++--
> 12 files changed, 30 insertions(+), 16 deletions(-)
>
>
>
> diff -Nru fai-5.10.1/bin/fai fai-5.10.2/bin/fai
> --- fai-5.10.1/bin/fai2021-03-12 17:54:14.0 +0100
> +++ fai-5.10.2/bin/fai2021-04-12 22:07:57.0 +0200
> @@ -123,6 +123,11 @@
> ip -4 addr change "$addr" dev "$iface" valid_lft forever
> preferred_lft forever
> done
>
> +# enable EFI variables
> +if [ -d /sys/firmware/efi ]; then
> + mount -t efivarfs none /sys/firmware/efi/efivars
> +fi
> +
> # tune some nfs parameters
> mount -oremount,ro,noatime /live/image
>
> @@ -139,7 +144,7 @@
> # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> usage() {
> cat <<-EOF
> -fai $FAI_VERSION. Copyright (C) 1999-2016 Thomas Lange
> +fai $FAI_VERSION. Copyright (C) 1999-2021 Thomas Lange
> Usage: $0 [options] [action]
>
> Options:
> diff -Nru fai-5.10.1/conf/NFSROOT fai-5.10.2/conf/NFSROOT
> --- fai-5.10.1/conf/NFSROOT 2021-03-03 01:57:58.0 +0100
> +++ fai-5.10.2/conf/NFSROOT 2021-04-12 22:07:57.0 +0200
> @@ -56,7 +56,7 @@
> grub-efi-amd64-bin
> efibootmgr
> linux-image-amd64
> -#linux-image-amd64/buster-backports # if you want to use a newer kernel
> +#linux-image-amd64/bullseye-backports # if you want to use a newer kernel
>
> PACKAGES install-norec ARM64
> grub-efi-arm64
> diff -Nru fai-5.10.1/conf/nfsroot.conf fai-5.10.2/conf/nfsroot.conf
> --- fai-5.10.1/conf/nfsroot.conf 2021-03-03 00:46:13.0 +0100
> +++ fai-5.10.2/conf/nfsroot.conf 2021-04-12 22:07:57.0 +0200
> @@ -1,7 +1,7 @@
> # For a detailed description see nfsroot.conf(5)
>
> # " " for debootstrap
> -FAI_DEBOOTSTRAP="buster http://deb.debian.org/debian";
> +FAI_DEBOOTSTRAP="bullseye http://deb.debian.org/debian";
> FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'
>
> NFSROOT=/srv/fai/nfsroot
> diff -Nru fai-5.10.1/conf/sources.list fai-5.10.2/conf/sources.list
> --- fai-5.10.1/conf/sources.list 2021-02-02 14:31:58.0 +0100
> +++ fai-5.10.2/conf/sources.list 2021-04-12 22:07:57.0 +0200
> @@ -1,11 +1,11 @@
> # These lines should work for many sites
>
> -deb http://deb.debian.org/debian buster main contrib non-free
> -deb http://deb.debian.org/debian-security buster/updates main contrib
> non-free
> -#deb http://deb.debian.org/debian buster-backports main contrib non-free
> +deb http://deb.debian.org/debian bullseye main contrib non-free
> +deb http://deb.debian.org/debian-security bullseye-security main contrib
> non-free
> +#deb http://deb.debian.org/debian bullseye-backports main contrib non-free
>
> # from bullseye on you need
> #deb http://deb.debian.org/debian-security bullseye-security main contrib
> non-free
>
> -# repository that may contain newer fai packages for buster
> -deb http://fai-project.org/download buster koeln
> +# repository that may contain newer fai packages for bullseye
> +deb http://fai-project.org/download bulls
unblock request for fai 5.10.2
Hi release team,
this is a unblock request for fai 5.10.2.
This version is in unstable since 28 days and has following diffs to
the former version 5.10.1.
There are two changes from 5.10.1 to 5.10.2.
* make bullseye the default release, Closes: #986884
* mount efivarfs when needed, Closes: #986820
Here are the debdiffs. The changes in files under example/ are
only doc changes because those file are in the package fai-doc.
$ debdiff fai_5.10.1.dsc fai_5.10.2.dsc|diffstat
bin/fai |7 ++-
conf/NFSROOT |2 +-
conf/nfsroot.conf|2 +-
conf/sources.list| 10 +-
debian/changelog |7 +++
examples/simple/class/DEBIAN.var |2 +-
examples/simple/files/etc/fai/nfsroot.conf/FAISERVER |2 +-
examples/simple/files/etc/rc.local/FAISERVER |2 +-
examples/simple/hooks/savelog.LAST.sh|1 -
lib/subroutines |4 ++--
lib/updatebase |3 +++
utils/mkdebmirror|4 ++--
12 files changed, 30 insertions(+), 16 deletions(-)
diff -Nru fai-5.10.1/bin/fai fai-5.10.2/bin/fai
--- fai-5.10.1/bin/fai 2021-03-12 17:54:14.0 +0100
+++ fai-5.10.2/bin/fai 2021-04-12 22:07:57.0 +0200
@@ -123,6 +123,11 @@
ip -4 addr change "$addr" dev "$iface" valid_lft forever
preferred_lft forever
done
+# enable EFI variables
+if [ -d /sys/firmware/efi ]; then
+ mount -t efivarfs none /sys/firmware/efi/efivars
+fi
+
# tune some nfs parameters
mount -oremount,ro,noatime /live/image
@@ -139,7 +144,7 @@
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
usage() {
cat <<-EOF
-fai $FAI_VERSION. Copyright (C) 1999-2016 Thomas Lange
+fai $FAI_VERSION. Copyright (C) 1999-2021 Thomas Lange
Usage: $0 [options] [action]
Options:
diff -Nru fai-5.10.1/conf/NFSROOT fai-5.10.2/conf/NFSROOT
--- fai-5.10.1/conf/NFSROOT 2021-03-03 01:57:58.0 +0100
+++ fai-5.10.2/conf/NFSROOT 2021-04-12 22:07:57.0 +0200
@@ -56,7 +56,7 @@
grub-efi-amd64-bin
efibootmgr
linux-image-amd64
-#linux-image-amd64/buster-backports # if you want to use a newer kernel
+#linux-image-amd64/bullseye-backports # if you want to use a newer kernel
PACKAGES install-norec ARM64
grub-efi-arm64
diff -Nru fai-5.10.1/conf/nfsroot.conf fai-5.10.2/conf/nfsroot.conf
--- fai-5.10.1/conf/nfsroot.conf2021-03-03 00:46:13.0 +0100
+++ fai-5.10.2/conf/nfsroot.conf2021-04-12 22:07:57.0 +0200
@@ -1,7 +1,7 @@
# For a detailed description see nfsroot.conf(5)
# " " for debootstrap
-FAI_DEBOOTSTRAP="buster http://deb.debian.org/debian";
+FAI_DEBOOTSTRAP="bullseye http://deb.debian.org/debian";
FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'
NFSROOT=/srv/fai/nfsroot
diff -Nru fai-5.10.1/conf/sources.list fai-5.10.2/conf/sources.list
--- fai-5.10.1/conf/sources.list2021-02-02 14:31:58.0 +0100
+++ fai-5.10.2/conf/sources.list2021-04-12 22:07:57.0 +0200
@@ -1,11 +1,11 @@
# These lines should work for many sites
-deb http://deb.debian.org/debian buster main contrib non-free
-deb http://deb.debian.org/debian-security buster/updates main contrib non-free
-#deb http://deb.debian.org/debian buster-backports main contrib non-free
+deb http://deb.debian.org/debian bullseye main contrib non-free
+deb http://deb.debian.org/debian-security bullseye-security main contrib
non-free
+#deb http://deb.debian.org/debian bullseye-backports main contrib non-free
# from bullseye on you need
#deb http://deb.debian.org/debian-security bullseye-security main contrib
non-free
-# repository that may contain newer fai packages for buster
-deb http://fai-project.org/download buster koeln
+# repository that may contain newer fai packages for bullseye
+deb http://fai-project.org/download bullseye koeln
diff -Nru fai-5.10.1/debian/changelog fai-5.10.2/debian/changelog
--- fai-5.10.1/debian/changelog 2021-03-12 21:18:30.0 +0100
+++ fai-5.10.2/debian/changelog 2021-04-14 13:58:20.0 +0200
@@ -1,3 +1,10 @@
+fai (5.10.2) unstable; urgency=medium
+
+ * make bullseye the default release, Closes: #986884
+ * mount efivarfs when needed, Closes: #986820
+
+ -- Thomas Lange Wed, 14 Apr 2021 13:58:20 +0200
+
fai (5.10.1) unstable; urgency=high
[ Andreas Beckmann ]
diff -Nru fai-5.10.1/examples/simple/class/DEBIAN.var
fai-5.10.2/examples/simple/class/DEBIAN.var
--- fai-5.10.1/examples/simple/class/DEBIAN.var 2021-01-31 23:59:33.0
+0100
+++ fai-5.10.2/examples/simple/class/DEBIAN.var 2021-04-12 21:51:09.
Re: [d-i] Unblock request for jabber-muc
On Thu, 2021-02-25 at 07:51 +0200, Graham Inggs wrote: > Hi Willem > > On Tue, 23 Feb 2021 at 23:02, Paul Gevers wrote: > > > > Hi Willem, > > > > On 20-02-2021 10:18, Willem van den Akker wrote: > > > Please unblock jabber-muc 0.8-8. > > > > > > This upload has the following modifications > > > > > > * debian/patches > > > - fix for ftbfs with GCC10 (Closes: #957384). > > > Thanks to Logan Rosen. > > > * debian/control > > > - bump standards to 4.5.1. > > > - set debhelper-compat to level 13. > > > * debian/compat > > > - removed. > > > > I'm afraid you missed the deadline. > > We reconsidered your request and unblocked jabber-muc. > > Regards > Graham Hi Graham, Thanks! Greetings, Willem
Re: [d-i] Unblock request for jabber-muc
Hi Willem On Tue, 23 Feb 2021 at 23:02, Paul Gevers wrote: > > Hi Willem, > > On 20-02-2021 10:18, Willem van den Akker wrote: > > Please unblock jabber-muc 0.8-8. > > > > This upload has the following modifications > > > > * debian/patches > > - fix for ftbfs with GCC10 (Closes: #957384). > > Thanks to Logan Rosen. > > * debian/control > > - bump standards to 4.5.1. > > - set debhelper-compat to level 13. > > * debian/compat > > - removed. > > I'm afraid you missed the deadline. We reconsidered your request and unblocked jabber-muc. Regards Graham
Re: [d-i] Unblock request for jabber-muc
Hi Willem, On 20-02-2021 10:18, Willem van den Akker wrote: > Please unblock jabber-muc 0.8-8. > > This upload has the following modifications > > * debian/patches > - fix for ftbfs with GCC10 (Closes: #957384). > Thanks to Logan Rosen. > * debian/control > - bump standards to 4.5.1. > - set debhelper-compat to level 13. > * debian/compat > - removed. I'm afraid you missed the deadline. https://release.debian.org/bullseye/freeze_policy.html#soft Paul PS: please use reportbug next time, e-mail has a high chance to get lost. OpenPGP_signature Description: OpenPGP digital signature
[d-i] Unblock request for jabber-muc
Dear Release Team
Please unblock jabber-muc 0.8-8.
This upload has the following modifications
* debian/patches
- fix for ftbfs with GCC10 (Closes: #957384).
Thanks to Logan Rosen.
* debian/control
- bump standards to 4.5.1.
- set debhelper-compat to level 13.
* debian/compat
- removed.
The debdiff is attached.
TIA
Willem vdAkker
diff -Nru jabber-muc-0.8/debian/changelog jabber-muc-0.8/debian/changelog
--- jabber-muc-0.8/debian/changelog 2021-02-09 07:56:50.0 +0100
+++ jabber-muc-0.8/debian/changelog 2019-05-12 10:15:20.0 +0200
@@ -1,16 +1,3 @@
-jabber-muc (0.8-8) unstable; urgency=medium
-
- * debian/patches
-- fix for ftbfs with GCC10 (Closes: #957384).
- Thanks to Logan Rosen.
- * debian/control
-- bump standards to 4.5.1.
-- set debhelper-compat to level 13.
- * debian/compat
-- removed.
-
- -- Willem van den Akker Tue, 09 Feb 2021 07:56:50 +0100
-
jabber-muc (0.8-7) unstable; urgency=medium
* debian/patch
diff -Nru jabber-muc-0.8/debian/compat jabber-muc-0.8/debian/compat
--- jabber-muc-0.8/debian/compat 1970-01-01 01:00:00.0 +0100
+++ jabber-muc-0.8/debian/compat 2018-01-17 13:23:36.0 +0100
@@ -0,0 +1 @@
+11
diff -Nru jabber-muc-0.8/debian/control jabber-muc-0.8/debian/control
--- jabber-muc-0.8/debian/control 2021-02-09 07:56:50.0 +0100
+++ jabber-muc-0.8/debian/control 2018-02-05 17:16:56.0 +0100
@@ -3,11 +3,11 @@
Priority: optional
Maintainer: Debian XMPP Maintainers
Uploaders: Willem van den Akker
-Build-Depends: debhelper-compat (=13), libglib2.0-dev, libexpat1-dev, libidn11-dev
+Build-Depends: debhelper (>= 11), libglib2.0-dev, libexpat1-dev, libidn11-dev
Vcs-Browser: https://salsa.debian.org/xmpp-team/jabber-muc
Vcs-Git: https://salsa.debian.org/xmpp-team/jabber-muc.git
Homepage: https://web.archive.org/web/https://download.gna.org/mu-conference/
-Standards-Version: 4.5.1
+Standards-Version: 4.1.3
Package: jabber-muc
Architecture: any
diff -Nru jabber-muc-0.8/debian/patches/gcc_10.diff jabber-muc-0.8/debian/patches/gcc_10.diff
--- jabber-muc-0.8/debian/patches/gcc_10.diff 2021-02-09 07:52:16.0 +0100
+++ jabber-muc-0.8/debian/patches/gcc_10.diff 1970-01-01 01:00:00.0 +0100
@@ -1,51 +0,0 @@
a/include/jcomp-compat.h
-+++ b/include/jcomp-compat.h
-@@ -66,6 +66,6 @@
- handel hds;
- };
-
--int deliver__flag;
-+extern int deliver__flag;
-
- typedef void(*shutdown_func)(void *arg);
a/src/conference_user.c
-+++ b/src/conference_user.c
-@@ -19,7 +19,7 @@
- */
-
- #include "conference.h"
--extern int deliver__flag;
-+int deliver__flag;
-
- cnu con_user_new(cnr room, jid id)
- {
a/include/jcomp.h
-+++ b/include/jcomp.h
-@@ -98,7 +98,7 @@
- #define _STREAM_ERROR 4
- #define _STREAM_SHUTDOWN 5
-
--jcr_instance jcr;
-+extern jcr_instance jcr;
-
- void log_debug(char *, const char *, ...) G_GNUC_PRINTF(2, 3);
- void log_warn(char *, const char *, ...) G_GNUC_PRINTF(2, 3);
a/src/conference.c
-+++ b/src/conference.c
-@@ -20,6 +20,8 @@
-
- #include "conference.h"
-
-+jcr_instance jcr;
-+
- void con_server_browsewalk(gpointer key, gpointer data, gpointer arg)
- {
- cnr room = (cnr)data;
-@@ -1064,7 +1066,6 @@
- /*** everything starts here ***/
- void conference(instance i, xmlnode x)
- {
-- extern jcr_instance jcr;
- cni master;
- xmlnode cfg;
- jid sadmin;
diff -Nru jabber-muc-0.8/debian/patches/series jabber-muc-0.8/debian/patches/series
--- jabber-muc-0.8/debian/patches/series 2021-02-09 07:52:16.0 +0100
+++ jabber-muc-0.8/debian/patches/series 2019-05-12 10:13:37.0 +0200
@@ -1,3 +1,2 @@
cflags_hardening.diff
cross.diff
-gcc_10.diff
Processed: lets link sa-exim RC bug to exim unblock request
Processing commands for cont...@bugs.debian.org: > block 926878 by 926952 Bug #926878 [release.debian.org] unblock: exim4/4.92-5 926878 was not blocked by any bugs. 926878 was not blocking any bugs. Added blocking bug(s) of 926878: 926952 > thanks Stopping processing here. Please contact me if you need assistance. -- 926878: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926878 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#927259: marked as done (release.debian.org: unblock request: nheko)
Your message dated Tue, 23 Apr 2019 05:37:00 +
with message-id <9c4dd4c5-0301-74a6-c2dc-72f0ab552...@thykier.net>
and subject line Re: Bug#927259: release.debian.org: unblock request: nheko
has caused the Debian Bug report #927259,
regarding release.debian.org: unblock request: nheko
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
927259: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927259
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Hello release team.
I would like to upload a new version of nheko to fix #926671. It is an
"important" bug (though in reality, it could be argued that it is
"serious", as Matrix will be bumping the default room version soon,
which will cause the bug to manifest much more commonly, making the
program less usable).
The fix is to apply a small patch from upstream. Attached is a debdiff.
In addition to the above issue, I would like to also include fixes for
the following bugs, which are not included in the attached debdiff, but
are fairly trivial:
- #926659 - incorrectly named file (debian/README.sources instead of
debian/README.source) -- has an obvious fix
- #926680 - a working directory is not properly cleaned up if the build
fails -- I would just add the working directory to the list of files
that are "rm -rf"-ed in override_dh_auto_clean.
-- System Information:
Debian Release: 9.8
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (300, 'testing'), (200,
'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en_GB (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru nheko-0.6.3/debian/changelog nheko-0.6.3/debian/changelog
--- nheko-0.6.3/debian/changelog 2019-02-08 15:35:59.0 -0500
+++ nheko-0.6.3/debian/changelog 2019-04-08 18:00:01.0 -0400
@@ -1,3 +1,9 @@
+nheko (0.6.3-2) unstable; urgency=medium
+
+ * Support v3 rooms (Closes: #926671)
+
+ -- Hubert Chathi Mon, 08 Apr 2019 18:00:01 -0400
+
nheko (0.6.3-1) unstable; urgency=medium
* New upstream release.
diff -Nru nheko-0.6.3/debian/patches/series nheko-0.6.3/debian/patches/series
--- nheko-0.6.3/debian/patches/series 2019-02-08 15:35:01.0 -0500
+++ nheko-0.6.3/debian/patches/series 2019-04-08 17:57:30.0 -0400
@@ -1,2 +1,3 @@
no_rpath
nlohmann-json
+v3_support
diff -Nru nheko-0.6.3/debian/patches/v3_support nheko-0.6.3/debian/patches/v3_support
--- nheko-0.6.3/debian/patches/v3_support 1969-12-31 19:00:00.0 -0500
+++ nheko-0.6.3/debian/patches/v3_support 2019-04-08 17:56:34.0 -0400
@@ -0,0 +1,27 @@
+Author: redsky17
+Bug: https://github.com/Nheko-Reborn/mtxclient/issues/3
+Bug-Debian: https://bugs.debian.org/926671
+Description: Fix Room v3 Issue
+ This at least partially addresses #3. I have a feeling that
+ additional updates will be needed at some point, but this
+ fixes the issue where mtxclient would throw an exception for
+ unrecognized event id formats, which caused nheko to crash.
+Origin: backport, https://github.com/Nheko-Reborn/mtxclient/commit/67d39691666bcdf3cc660db19ccc0d9941df13fd
+Last-Update: 2019-04-08
+
+diff --git a/mtxclient/include/mtx/identifiers.hpp b/mtxclient/include/mtx/identifiers.hpp
+index 87acc43..7885885 100644
+--- a/mtxclient/include/mtx/identifiers.hpp
b/mtxclient/include/mtx/identifiers.hpp
+@@ -90,7 +90,10 @@ parse(const std::string &id)
+ identifier.hostname_ = id.substr(parts + 1);
+ identifier.id_= id;
+ } else {
+-throw std::invalid_argument(id + ": invalid format\n");
++// V3 event ids don't use ':' at all, don't parse them the same way.
++identifier.localpart_ = id;
++identifier.hostname_ = id;
++identifier.id_ = id;
+ }
+
+ return identifier;
--- End Message ---
--- Begin Message ---
Hubert Chathi:
> Control: tags -1 - moreinfo
>
> On Sat, 20 Apr 2019 18:20:00 +, Niels Thykier said:
>
>> Please go ahead with the upload including the two extra changes you
>> mentioned above and remove the moreinfo tag when it is in unstable and
>> ready to be unblocked.
>
> Done. Thank you for approving the changes.
>
>
Bug#927259: release.debian.org: unblock request: nheko
Control: tags -1 - moreinfo
On Sat, 20 Apr 2019 18:20:00 +, Niels Thykier said:
> Please go ahead with the upload including the two extra changes you
> mentioned above and remove the moreinfo tag when it is in unstable and
> ready to be unblocked.
Done. Thank you for approving the changes.
> For future reference: We generally prefer seeing the debdiff before
> approving the changes. Had the two extra changes not been obvious
> from your description, then it would have been necessary for me to ask
> you for the full debdiff. Please make it easier for us by always
> including the changes you want us to consider (modulo filterdiff of
> auto-generated files).
Noted. I wasn't sure about the process, but will do so in the future.
For reference, here is the complete debdiff.
--
Hubert Chathi -- https://www.uhoreg.ca/
Jabber: hub...@uhoreg.ca -- Matrix: @uhoreg:matrix.org
PGP/GnuPG key: 4096R/F24C F749 6C73 DDB8 DCB8 72DE B2DE 88D3 113A 1368
diff -Nru nheko-0.6.3/debian/changelog nheko-0.6.3/debian/changelog
--- nheko-0.6.3/debian/changelog 2019-02-08 15:35:59.0 -0500
+++ nheko-0.6.3/debian/changelog 2019-04-22 14:42:00.0 -0400
@@ -1,3 +1,11 @@
+nheko (0.6.3-2) unstable; urgency=medium
+
+ * Support v3 rooms (Closes: #926671)
+ * debian/rules: clean up fakehome (Closes: #926680)
+ * debian/README.source: fix filename (Closes: #926659)
+
+ -- Hubert Chathi Mon, 22 Apr 2019 14:42:00 -0400
+
nheko (0.6.3-1) unstable; urgency=medium
* New upstream release.
diff -Nru nheko-0.6.3/debian/patches/series nheko-0.6.3/debian/patches/series
--- nheko-0.6.3/debian/patches/series 2019-02-08 15:35:01.0 -0500
+++ nheko-0.6.3/debian/patches/series 2019-04-08 17:57:30.0 -0400
@@ -1,2 +1,3 @@
no_rpath
nlohmann-json
+v3_support
diff -Nru nheko-0.6.3/debian/patches/v3_support nheko-0.6.3/debian/patches/v3_support
--- nheko-0.6.3/debian/patches/v3_support 1969-12-31 19:00:00.0 -0500
+++ nheko-0.6.3/debian/patches/v3_support 2019-04-08 17:56:34.0 -0400
@@ -0,0 +1,27 @@
+Author: redsky17
+Bug: https://github.com/Nheko-Reborn/mtxclient/issues/3
+Bug-Debian: https://bugs.debian.org/926671
+Description: Fix Room v3 Issue
+ This at least partially addresses #3. I have a feeling that
+ additional updates will be needed at some point, but this
+ fixes the issue where mtxclient would throw an exception for
+ unrecognized event id formats, which caused nheko to crash.
+Origin: backport, https://github.com/Nheko-Reborn/mtxclient/commit/67d39691666bcdf3cc660db19ccc0d9941df13fd
+Last-Update: 2019-04-08
+
+diff --git a/mtxclient/include/mtx/identifiers.hpp b/mtxclient/include/mtx/identifiers.hpp
+index 87acc43..7885885 100644
+--- a/mtxclient/include/mtx/identifiers.hpp
b/mtxclient/include/mtx/identifiers.hpp
+@@ -90,7 +90,10 @@ parse(const std::string &id)
+ identifier.hostname_ = id.substr(parts + 1);
+ identifier.id_= id;
+ } else {
+-throw std::invalid_argument(id + ": invalid format\n");
++// V3 event ids don't use ':' at all, don't parse them the same way.
++identifier.localpart_ = id;
++identifier.hostname_ = id;
++identifier.id_ = id;
+ }
+
+ return identifier;
diff -Nru nheko-0.6.3/debian/README.source nheko-0.6.3/debian/README.source
--- nheko-0.6.3/debian/README.source 1969-12-31 19:00:00.0 -0500
+++ nheko-0.6.3/debian/README.source 2019-02-08 15:35:01.0 -0500
@@ -0,0 +1,13 @@
+nheko for Debian
+
+
+Since nheko is currently the only package that uses mtxclient, and nheko links
+to it statically, we include the sources for mtxclient with nheko's source. If
+you have separate tarballs for nheko and mtxclient, the tarball for nheko
+should be named normally for an orig.tar.* file, and the tarball for
+matrix-structs should be named nheko_.orig-mtxclient.tar.*. If
+you have an unpacked source (with the appropriate version of mtxclient placed
+in the mtxclient directory), then you can run "debian/rules make-orig-source"
+to create the tarballs for nheko and mtxclient.
+
+ -- Hubert Chathi , Wed, 26 Sep 2018 19:38:58 -0400
diff -Nru nheko-0.6.3/debian/README.sources nheko-0.6.3/debian/README.sources
--- nheko-0.6.3/debian/README.sources 2019-02-08 15:35:01.0 -0500
+++ nheko-0.6.3/debian/README.sources 1969-12-31 19:00:00.0 -0500
@@ -1,13 +0,0 @@
-nheko for Debian
-
-
-Since nheko is currently the only package that uses mtxclient, and nheko links
-to it statically, we include the sources for mtxclient with nheko's source. If
-you have separate tarballs for nheko and mtxclient, the tarball for nheko
-should be named normally for an orig.tar.* file, and the tarball for
-matrix-structs should be named nheko_.orig-mtxclient.tar.*. If
-you have an unpacked source (with the appropriate version of mtxclient placed
-in the mtxclient directory), then you can
Processed: Re: Bug#927259: release.debian.org: unblock request: nheko
Processing control commands: > tags -1 - moreinfo Bug #927259 [release.debian.org] release.debian.org: unblock request: nheko Removed tag(s) moreinfo. -- 927259: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927259 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#927259: release.debian.org: unblock request: nheko
Control: tags -1 moreinfo confirmed Hubert Chathi: > Package: release.debian.org > Severity: normal > > Hello release team. > > I would like to upload a new version of nheko to fix #926671. It is an > "important" bug (though in reality, it could be argued that it is > "serious", as Matrix will be bumping the default room version soon, > which will cause the bug to manifest much more commonly, making the > program less usable). > > The fix is to apply a small patch from upstream. Attached is a debdiff. > > In addition to the above issue, I would like to also include fixes for > the following bugs, which are not included in the attached debdiff, but > are fairly trivial: > > - #926659 - incorrectly named file (debian/README.sources instead of > debian/README.source) -- has an obvious fix > - #926680 - a working directory is not properly cleaned up if the build > fails -- I would just add the working directory to the list of files > that are "rm -rf"-ed in override_dh_auto_clean. > > [...] > Hi, Please go ahead with the upload including the two extra changes you mentioned above and remove the moreinfo tag when it is in unstable and ready to be unblocked. For future reference: We generally prefer seeing the debdiff before approving the changes. Had the two extra changes not been obvious from your description, then it would have been necessary for me to ask you for the full debdiff. Please make it easier for us by always including the changes you want us to consider (modulo filterdiff of auto-generated files). Thanks, ~Niels
Processed: Re: Bug#927259: release.debian.org: unblock request: nheko
Processing control commands: > tags -1 moreinfo confirmed Bug #927259 [release.debian.org] release.debian.org: unblock request: nheko Added tag(s) moreinfo and confirmed. -- 927259: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927259 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#927259: release.debian.org: unblock request: nheko
Package: release.debian.org
Severity: normal
Hello release team.
I would like to upload a new version of nheko to fix #926671. It is an
"important" bug (though in reality, it could be argued that it is
"serious", as Matrix will be bumping the default room version soon,
which will cause the bug to manifest much more commonly, making the
program less usable).
The fix is to apply a small patch from upstream. Attached is a debdiff.
In addition to the above issue, I would like to also include fixes for
the following bugs, which are not included in the attached debdiff, but
are fairly trivial:
- #926659 - incorrectly named file (debian/README.sources instead of
debian/README.source) -- has an obvious fix
- #926680 - a working directory is not properly cleaned up if the build
fails -- I would just add the working directory to the list of files
that are "rm -rf"-ed in override_dh_auto_clean.
-- System Information:
Debian Release: 9.8
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (300, 'testing'), (200,
'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en_GB (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru nheko-0.6.3/debian/changelog nheko-0.6.3/debian/changelog
--- nheko-0.6.3/debian/changelog 2019-02-08 15:35:59.0 -0500
+++ nheko-0.6.3/debian/changelog 2019-04-08 18:00:01.0 -0400
@@ -1,3 +1,9 @@
+nheko (0.6.3-2) unstable; urgency=medium
+
+ * Support v3 rooms (Closes: #926671)
+
+ -- Hubert Chathi Mon, 08 Apr 2019 18:00:01 -0400
+
nheko (0.6.3-1) unstable; urgency=medium
* New upstream release.
diff -Nru nheko-0.6.3/debian/patches/series nheko-0.6.3/debian/patches/series
--- nheko-0.6.3/debian/patches/series 2019-02-08 15:35:01.0 -0500
+++ nheko-0.6.3/debian/patches/series 2019-04-08 17:57:30.0 -0400
@@ -1,2 +1,3 @@
no_rpath
nlohmann-json
+v3_support
diff -Nru nheko-0.6.3/debian/patches/v3_support nheko-0.6.3/debian/patches/v3_support
--- nheko-0.6.3/debian/patches/v3_support 1969-12-31 19:00:00.0 -0500
+++ nheko-0.6.3/debian/patches/v3_support 2019-04-08 17:56:34.0 -0400
@@ -0,0 +1,27 @@
+Author: redsky17
+Bug: https://github.com/Nheko-Reborn/mtxclient/issues/3
+Bug-Debian: https://bugs.debian.org/926671
+Description: Fix Room v3 Issue
+ This at least partially addresses #3. I have a feeling that
+ additional updates will be needed at some point, but this
+ fixes the issue where mtxclient would throw an exception for
+ unrecognized event id formats, which caused nheko to crash.
+Origin: backport, https://github.com/Nheko-Reborn/mtxclient/commit/67d39691666bcdf3cc660db19ccc0d9941df13fd
+Last-Update: 2019-04-08
+
+diff --git a/mtxclient/include/mtx/identifiers.hpp b/mtxclient/include/mtx/identifiers.hpp
+index 87acc43..7885885 100644
+--- a/mtxclient/include/mtx/identifiers.hpp
b/mtxclient/include/mtx/identifiers.hpp
+@@ -90,7 +90,10 @@ parse(const std::string &id)
+ identifier.hostname_ = id.substr(parts + 1);
+ identifier.id_= id;
+ } else {
+-throw std::invalid_argument(id + ": invalid format\n");
++// V3 event ids don't use ':' at all, don't parse them the same way.
++identifier.localpart_ = id;
++identifier.hostname_ = id;
++identifier.id_ = id;
+ }
+
+ return identifier;
Re: unblock request: python-scipy/1.1.0-4 skimage/0.14.2-2: autopkgtest passes (Re: bug#919929)
On 2019-03-16 22:07, Paul Gevers wrote: On 16-03-2019 13:48, Drew Parsons wrote: Is there enough will to add more scipy patches for the buster release to reduce the remaining DeprecationWarnings? (they don't break tests, they're just annoying) Or should we just let it go at this point and let them get cleared in future versions?) I'd let it be for now. No problem, will do (more precisely, not do). That being the case, in the interests of making a stable release that passes it own tests, I'd like to request an unblock for python-scipy/1.1.0-4 (together with skimage/0.14.2-2) skimage was already unblocked. I'll unblock python-scipy as well. Thanks Paul. Looks like we'll be able to close Bug#919929 once python-scipy/1.1.0-4 is settled into testing. Drew
Re: unblock request: python-scipy/1.1.0-4 skimage/0.14.2-2: autopkgtest passes (Re: bug#919929)
Hi Drew, On 16-03-2019 13:48, Drew Parsons wrote: >> The numpy.sparse tests pass with this patch, and most of the matrix >> PendingDeprecationWarnings are gone (the upstream patch missed >> integrate/tests/test_ivp.py, but the remaining warnings are few enough >> to not need to worry about). > > Well, turns out the other warnings worried Aurelien enough to file > Bug#924396. > > Is there enough will to add more scipy patches for the buster release to > reduce the remaining DeprecationWarnings? (they don't break tests, > they're just annoying) > Or should we just let it go at this point and let them get cleared in > future versions?) I'd let it be for now. > That being the case, in the interests of making a stable release that > passes it own tests, I'd like to request an unblock for > python-scipy/1.1.0-4 (together with skimage/0.14.2-2) skimage was already unblocked. I'll unblock python-scipy as well. Paul signature.asc Description: OpenPGP digital signature
unblock request: python-scipy/1.1.0-4 skimage/0.14.2-2: autopkgtest passes (Re: bug#919929)
On 2019-03-11 14:39, Drew Parsons wrote: I've adapted the 3 patches and pushed to salsa, matrix_API_614847c5.patch matrix_API_more_e0cfa29e2.patch matrix_API_filter_check_87e48c3c5.patch https://salsa.debian.org/python-team/modules/python-scipy/tree/master/debian/patches ... The numpy.sparse tests pass with this patch, and most of the matrix PendingDeprecationWarnings are gone (the upstream patch missed integrate/tests/test_ivp.py, but the remaining warnings are few enough to not need to worry about). Well, turns out the other warnings worried Aurelien enough to file Bug#924396. Is there enough will to add more scipy patches for the buster release to reduce the remaining DeprecationWarnings? (they don't break tests, they're just annoying) Or should we just let it go at this point and let them get cleared in future versions?) ... With these patches, the sparse matrix tests pass. There remain three errors unrelated to sparse matrix: spatial/tests/test__plotutils.py::TestPlotting::test_delaunay FAILED [ 76%] spatial/tests/test__plotutils.py::TestPlotting::test_voronoi FAILED [ 76%] spatial/tests/test__plotutils.py::TestPlotting::test_convex_hull FAILED [ 76%] ,,, > with suppress_warnings as sup: E AttributeError: __enter__ Apart from that, I'm happy to upload the sparse matrix patches once the s390x update reaches testing. Those errors must have been local to me. scipy 1.1.0-4 now passes debci tests cleanly. That being the case, in the interests of making a stable release that passes it own tests, I'd like to request an unblock for python-scipy/1.1.0-4 (together with skimage/0.14.2-2) Drew
Processed: That unblock request got somehow lost
Processing commands for cont...@bugs.debian.org: > unblock 827061 by 851084 Bug #827061 [release.debian.org] transition: openssl 827061 was blocked by: 828530 828272 828600 835797 828454 844271 828392 843871 828546 828531 828362 828502 828504 828366 828271 844366 828422 835796 828368 844916 828430 828590 828448 828541 828607 828279 835790 841635 828601 828521 828420 828280 844948 828564 850882 828556 828467 844534 822380 828242 844503 828407 828373 828505 844301 828389 828428 828598 828237 828230 828540 828597 828440 828390 844870 844906 828231 828473 843988 844345 828577 828232 828291 828490 828612 845030 835585 851080 828295 828234 828240 828289 828514 827068 828374 828449 828345 828587 828450 828283 828388 828506 851091 828578 828233 828323 828309 828352 845016 828393 828494 828508 828567 828582 846769 828613 828455 828542 828599 828337 828466 828604 828357 828439 828566 828496 828262 828379 828256 844909 851082 828252 828378 828491 844347 828356 828432 828583 828614 844664 828277 828270 828260 828447 828465 828288 851089 828568 828492 851092 851086 828534 844838 828437 828593 828248 828243 828320 828258 836419 828228 828304 828391 828452 844706 828486 828354 851081 851090 828482 828278 828468 844877 828511 828453 828501 828518 828433 828307 828405 814600 828284 828303 828235 828239 850883 828398 828551 828238 828381 828586 828620 828589 828250 828395 828333 844254 828340 828549 844936 828435 828384 828562 835785 828292 828348 828579 828516 843532 828507 828350 835798 828585 845729 835800 844800 844928 828286 828415 828478 828302 828571 828349 828525 828532 828264 828254 828313 828427 828519 828517 828617 828325 828300 844663 844845 828572 828351 828399 828558 850881 828411 851087 828555 828484 828244 828574 828344 828470 828584 828246 828383 828489 828570 828581 828347 828251 828410 828515 828358 828608 828550 844311 828594 844975 828529 828533 828588 828479 828611 828580 835804 828361 828619 828336 828426 828527 828615 828610 828360 835789 828602 828380 828363 828512 828463 835811 828397 828139 828335 845106 828423 828526 828359 828474 829452 844907 828536 828500 828554 828460 828265 828553 828229 828290 828376 828499 828365 828419 844815 837960 828444 828421 828443 828528 828377 828287 828609 828319 844947 828338 835786 828385 844836 828306 844926 828298 844904 828539 828127 828559 828249 828274 828285 835793 828596 828382 828294 828314 828326 828592 828412 828268 835549 828462 828259 828396 828503 828341 828618 828404 844951 828417 844931 828576 828261 828545 828487 828403 828547 828318 828355 828414 828297 828255 828575 828563 828524 844949 828458 844945 828330 828346 828387 828476 828573 828488 828459 808669 828310 851084 828445 828523 828424 828538 828429 828324 828509 828301 828241 828543 828342 851083 828464 828409 828400 828083 828591 828595 835794 828315 828535 828461 828548 828316 828386 828493 828317 844213 828537 828456 828402 828457 828416 828276 846113 828371 828282 828418 850880 828565 828446 828305 843682 828616 828401 828552 828603 828331 828434 848681 828367 828497 828321 843852 828451 828269 828369 844018 828253 828322 828561 828343 828364 828436 828495 835799 828293 828605 828267 828339 828485 844833 828372 828431 828606 828257 828334 828442 844234 828438 828394 828469 828082 828544 828311 851085 828406 828370 809271 828281 828308 828569 828375 828472 851088 828328 844920 828263 828275 828510 828296 828480 829465 827061 was not blocking any bugs. Removed blocking bug(s) of 827061: 851084 > unblock 827061 by 828451 Bug #827061 [release.debian.org] transition: openssl 827061 was blocked by: 828530 828510 828618 828372 828345 828467 828430 844836 828240 828478 828404 828544 828518 828238 828529 843532 828542 835585 828579 828559 828523 828479 828290 828456 828528 828589 828286 828602 828553 835804 828444 828407 828442 828561 828399 828447 828608 846113 844904 828342 828348 814600 828402 828593 844945 828543 828083 828532 828405 851089 828263 828331 828139 835811 828503 828574 844948 828387 828443 844213 851083 828248 828393 828534 828357 828562 828607 844347 844503 828262 828416 828265 828598 828324 828314 835549 828495 828418 828254 828307 828278 828317 828434 828476 828577 844928 828563 828591 828251 828573 828369 828494 828410 828318 828600 828536 828499 828276 828313 828362 828396 828287 828414 828611 844870 828506 828373 844907 828419 828605 828367 844663 828487 828354 828319 828512 844345 828302 828306 828298 828308 828320 828289 828267 828473 828261 844906 828274 851082 828458 828385 828438 828539 828255 828462 828604 828422 828469 828609 828382 828082 828455 828433 828288 828526 828259 828566 851092 828377 850880 828582 828310 828507 828468 844366 844271 828301 843682 828555 828291 828398 828237 828256 828337 828581 828341 835794 844664 828233 850882 828588 828565 841635 843852 828371 828264 828590 828610 828599 828527 828548 828508 828491 828395 828349 848681 828344 828361 828420 828351 829465 835798 828445 851085 82
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
Hello Niels, Niels Thykier [2015-04-17 17:55 +0200]: > Just to clarify, are we still intending to do a systemd update prior to > Jessie with -17 and then now also a p-u (i.e. for 8.1) for ecryptfs? That's still my intent, yes, primarily to avoid people who have this set up in wheezy already (#751707 has at least two reporters) upgrade and find their swap partition gone and boot stuck. > If we are /not/ pulling systemd for Jessie release next release, we can > document the issue for the release notes (possibly as a "non-standard" > setup given d-i in Debian does not create this kind of disks, if I > understand the discussion correctly). That's possible as well, of course. In this case you should revert to sysvinit (or upstart) straight after upgrading, *before* you reboot (after it's too late). I documented the manual upgrade fix on the LP bug a while ago: https://launchpad.net/bugs/953875 (in the description). Maybe some bits could also be stolen from there. Thanks, Martin -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150417172230.gq3...@piware.de
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
On 2015-04-17 15:44, Martin Pitt wrote: > Hello all, > > Cyril Brulebois [2015-04-17 14:15 +0200]: >> I tried to follow the code path in Ubuntu, which offers this option, to >> track down where the offset can come from; and see whether Debian was >> affected. I didn't mean to imply that Debian proposes the same option, >> as it does not. > > Ah ok, that explains the confusion. So let's fix ecryptfs in a > post-release update, I'll file a bug with the references and > explanations. > >> systemd| 215-16 | testing >> systemd| 215-16 | unstable > > -17 uploaded with the originally attached patch. The only difference > is the s/UNRELEASED/unstable/ and the timestamp in the changelog. > > Thanks, and sorry for the late timing again! > > Martin > Hi, Just to clarify, are we still intending to do a systemd update prior to Jessie with -17 and then now also a p-u (i.e. for 8.1) for ecryptfs? If we are /not/ pulling systemd for Jessie release next release, we can document the issue for the release notes (possibly as a "non-standard" setup given d-i in Debian does not create this kind of disks, if I understand the discussion correctly). Thanks, ~Niels -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/55312cee.5000...@thykier.net
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
Hello all, Cyril Brulebois [2015-04-17 14:15 +0200]: > I tried to follow the code path in Ubuntu, which offers this option, to > track down where the offset can come from; and see whether Debian was > affected. I didn't mean to imply that Debian proposes the same option, > as it does not. Ah ok, that explains the confusion. So let's fix ecryptfs in a post-release update, I'll file a bug with the references and explanations. > systemd| 215-16 | testing > systemd| 215-16 | unstable -17 uploaded with the originally attached patch. The only difference is the s/UNRELEASED/unstable/ and the timestamp in the changelog. Thanks, and sorry for the late timing again! Martin -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) signature.asc Description: Digital signature
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
On 17/04/15 13:51, Martin Pitt wrote: > BTW, 215-16 still didn't hit testing, so I didn't upload -17 yet. I'll > do as soon as it migrates. systemd| 215-16 | testing | source, amd64, arm64, armel, armhf, i386, mips, mipsel, powerpc, ppc64el, s390x systemd| 215-16 | unstable | source, amd64, arm64, armel, armhf, i386, mips, mipsel, powerpc, ppc64el, s390x, sparc Emilio -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/5530fa98.3060...@debian.org
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
Martin Pitt (2015-04-17): > I just tried the current rc2 installer (netinst image/graphical) and > it does not actually ask me whether I want to encrypt my home > direction. It seems you got this option? I tried to follow the code path in Ubuntu, which offers this option, to track down where the offset can come from; and see whether Debian was affected. I didn't mean to imply that Debian proposes the same option, as it does not. > BTW, 215-16 still didn't hit testing, so I didn't upload -17 yet. I'll > do as soon as it migrates. systemd| 215-16 | testing systemd| 215-16 | unstable Mraw, KiBi. signature.asc Description: Digital signature
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
Martin Pitt [2015-04-16 14:53 -0500]: > Hello Cyril, > > Cyril Brulebois [2015-04-16 19:40 +0200]: > > Anyway, asking for home encryption indeed leads to swap encryption, > > through a ecryptfs-setup-swap call, which in turn triggers: I just tried the current rc2 installer (netinst image/graphical) and it does not actually ask me whether I want to encrypt my home direction. It seems you got this option? If the installer calls ecryptfs-setup-swap, then IMHO we should also fix ecryptfs-utils by the release. If the installer doesn't offer this, but people run ecryptfs-setup-swap manually after installation, then a post-release fix is fine of course. But either way I'd rather like to see the systemd fix in the release proper, as it breaks existing installations with that config. BTW, 215-16 still didn't hit testing, so I didn't upload -17 yet. I'll do as soon as it migrates. Thanks, Martin -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) signature.asc Description: Digital signature
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
On Thu, Apr 16, 2015 at 10:05:17PM +0200, Cyril Brulebois wrote: > Martin Pitt (2015-04-16): > > Hello Cyril, > > > > Cyril Brulebois [2015-04-16 19:40 +0200]: > > > Anyway, asking for home encryption indeed leads to swap encryption, > > > through a ecryptfs-setup-swap call, which in turn triggers: > > > |echo "cryptswap$i UUID=$uuid /dev/urandom > > > swap,offset=1024,cipher=aes-xts-plain64" >> /etc/crypttab > > > `---[ src/utils/ecryptfs-setup-swap ]--- > > > > > > The same file in the Debian package has no offset, so I guess that means > > > Debian is rather safe. > > > > Well, it actually means that it's even more broken :-( If you don't > > specify an offset at all, then you can only boot this system once. > > Then your partition will be overwritten with random data entirely, and > > the next time you won't have any matching UUID any more, and you again > > get a hanging boot (this affects sysvinit and upstart too). I. e. you > > will have exactly the same effect. > > > > So to properly fix this, we need: > > > > (1) the fix to add the offset=: > > https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/840 > > > > (Updating the used cipher would also be a good idea, but not > > essential) > > > > This fix alone is sufficient under sysvinit and upstart. > > > > (2) this systemd fix to actually respect offset= when booting under > > systemd. > > Huh? Last I checked, guided encrypted LVM just works… Worked for me about a month ago. -- Len Sorensen -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150416205818.gu29...@csclub.uwaterloo.ca
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
Cyril Brulebois [2015-04-16 22:05 +0200]: > Huh? Last I checked, guided encrypted LVM just works… Yes, that's fine -- this creates an encrypted PV which then contains unencrypted root, swap, and home partitions. This error happens if you don't encrypt the full disk (with cryptsetup/LUKS), but just encrypt your home directory (with ecryptfs). The latter will create an encrypted swap partition with a random key, otherwise you'd find part of your /home data in your swap partition. Martin P. S. Swap partitions, will you please just die. Most systems don't need them any more, and those who do are better of with the "swapspace" package or similar. But that's waay out of reach for Jessie :-) -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) signature.asc Description: Digital signature
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
Martin Pitt (2015-04-16): > Hello Cyril, > > Cyril Brulebois [2015-04-16 19:40 +0200]: > > Anyway, asking for home encryption indeed leads to swap encryption, > > through a ecryptfs-setup-swap call, which in turn triggers: > > |echo "cryptswap$i UUID=$uuid /dev/urandom > > swap,offset=1024,cipher=aes-xts-plain64" >> /etc/crypttab > > `---[ src/utils/ecryptfs-setup-swap ]--- > > > > The same file in the Debian package has no offset, so I guess that means > > Debian is rather safe. > > Well, it actually means that it's even more broken :-( If you don't > specify an offset at all, then you can only boot this system once. > Then your partition will be overwritten with random data entirely, and > the next time you won't have any matching UUID any more, and you again > get a hanging boot (this affects sysvinit and upstart too). I. e. you > will have exactly the same effect. > > So to properly fix this, we need: > > (1) the fix to add the offset=: > https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/840 > > (Updating the used cipher would also be a good idea, but not > essential) > > This fix alone is sufficient under sysvinit and upstart. > > (2) this systemd fix to actually respect offset= when booting under > systemd. Huh? Last I checked, guided encrypted LVM just works… Mraw, KiBi. signature.asc Description: Digital signature
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
Hello Cyril, Cyril Brulebois [2015-04-16 19:40 +0200]: > Anyway, asking for home encryption indeed leads to swap encryption, > through a ecryptfs-setup-swap call, which in turn triggers: > |echo "cryptswap$i UUID=$uuid /dev/urandom > swap,offset=1024,cipher=aes-xts-plain64" >> /etc/crypttab > `---[ src/utils/ecryptfs-setup-swap ]--- > > The same file in the Debian package has no offset, so I guess that means > Debian is rather safe. Well, it actually means that it's even more broken :-( If you don't specify an offset at all, then you can only boot this system once. Then your partition will be overwritten with random data entirely, and the next time you won't have any matching UUID any more, and you again get a hanging boot (this affects sysvinit and upstart too). I. e. you will have exactly the same effect. So to properly fix this, we need: (1) the fix to add the offset=: https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/840 (Updating the used cipher would also be a good idea, but not essential) This fix alone is sufficient under sysvinit and upstart. (2) this systemd fix to actually respect offset= when booting under systemd. Thanks, Martin -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) signature.asc Description: Digital signature
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
(Cc: debian-boot@ added.) Martin Pitt (2015-04-16): > Hello release team, (With my d-i release manager hat.) > yesterday I discovered that systemd breaks a common way of setting up > plain cryptsetup partitions. Turns out that this has already been > known for a while, but the impact wasn't appreciated enough: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751707 > > What happens is that systemd's cryptsetup integration ignores the > "offset=" parameter in crypttab and instead uses the whole device. So > if you had a swap or other partition underneath in order to identify > the partition via UUID or label instead of an unreliable hardcoded > device name, switching to systemd destroys the underlying metadata, > and causes a boot hang as crypttab now refers to a nonexisting > UUID/label. This is quite a common way to set up encrypted swap, the > way that ecryptfs' own swap setup tool does it (the Ubuntu installer > calls that if you select "encrypt my home directory"; I'm not sure > whether Debian's installer does the same). Grepping for hash= in partman-* d-i packages led to partman-crypto, which seems responsible for this (no surprise here): http://anonscm.debian.org/cgit/d-i/partman-crypto.git/tree/finish.d/crypto_config There's no offset= there. Looking into partman-* in Ubuntu vivid, it turns out that one of them look at user-setup, and that's where the following is defined: | Template: user-setup/encrypt-home | Type: boolean | Default: false | # :sl2: | _Description: Encrypt your home directory? `---[ debian/user-setup-udeb.templates ]--- which is then used in user-setup-apply where there's a lot more (encryption-related) code than in Debian, which e.g. calls adduser with an option to encrypt home, which then calls some commands from the ecryptfs-utils package, but I don't see any offset in the ecryptfs-setup-private script. Anyway, asking for home encryption indeed leads to swap encryption, through a ecryptfs-setup-swap call, which in turn triggers: |echo "cryptswap$i UUID=$uuid /dev/urandom swap,offset=1024,cipher=aes-xts-plain64" >> /etc/crypttab `---[ src/utils/ecryptfs-setup-swap ]--- The same file in the Debian package has no offset, so I guess that means Debian is rather safe. > IMHO this qualifies as data loss, and we cannot repair this > automatically after the damage happened. So I'd really like to fix > this in jessie, and I upgraded it to RC. > > The patch is quite straightforward. It got a first review by upstream, > I made it a bit more defensive since the first version, and it'll > probably land today. I attached my test script to the upstream bug [1] > which allows you to play around with various offset= options and > verify that it doesn't destroy the initial part of the partition. > > I realize this is a somewhat awkward timing as we want to deep-freeze > in two days, and this means an udeb change (although only formally as > there are no effective changes in udev). 215-16 should go into testing > tonight, and I'm prepared to upload 215-17 with that fix right after > that with urgency=high. > > What would you recommend how to proceed? Provided a review by the release team, I'm OK with letting this go into testing between D-I Jessie RC3 (to be released at the end of this week) and a possible extra debian-installer upload (before the release). I'm not exactly entirely sure how to deal with D-I for Jessie past RC3 anyway: - Do nothing? - BinNMU to make sure it's built against last-migrated components? - Sourceful upload in case there's any changes staged in git during the last week? (I hope that won't be necessary.) Mraw, KiBi. signature.asc Description: Digital signature
Bug#782712: pre-upload unblock request: systemd/215-17 for RC bug #751707
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Hello release team,
yesterday I discovered that systemd breaks a common way of setting up
plain cryptsetup partitions. Turns out that this has already been
known for a while, but the impact wasn't appreciated enough:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751707
What happens is that systemd's cryptsetup integration ignores the
"offset=" parameter in crypttab and instead uses the whole device. So
if you had a swap or other partition underneath in order to identify
the partition via UUID or label instead of an unreliable hardcoded
device name, switching to systemd destroys the underlying metadata,
and causes a boot hang as crypttab now refers to a nonexisting
UUID/label. This is quite a common way to set up encrypted swap, the
way that ecryptfs' own swap setup tool does it (the Ubuntu installer
calls that if you select "encrypt my home directory"; I'm not sure
whether Debian's installer does the same).
IMHO this qualifies as data loss, and we cannot repair this
automatically after the damage happened. So I'd really like to fix
this in jessie, and I upgraded it to RC.
The patch is quite straightforward. It got a first review by upstream,
I made it a bit more defensive since the first version, and it'll
probably land today. I attached my test script to the upstream bug [1]
which allows you to play around with various offset= options and
verify that it doesn't destroy the initial part of the partition.
I realize this is a somewhat awkward timing as we want to deep-freeze
in two days, and this means an udeb change (although only formally as
there are no effective changes in udev). 215-16 should go into testing
tonight, and I'm prepared to upload 215-17 with that fix right after
that with urgency=high.
What would you recommend how to proceed?
Thank you in advance!
Martin
[1] https://bugs.freedesktop.org/show_bug.cgi?id=87717
--
Martin Pitt| http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
diff --git a/debian/changelog b/debian/changelog
index 29ff5a3..103d8ce 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+systemd (215-17) UNRELEASED; urgency=medium
+
+ * cryptsetup: Implement offset and skip options. (Closes: #751707,
+LP: #953875)
+
+ -- Martin Pitt Thu, 16 Apr 2015 07:12:08 -0500
+
systemd (215-16) unstable; urgency=medium
[ Christian Seiler ]
diff --git a/debian/patches/cryptsetup-Implement-offset-and-skip-options.patch
b/debian/patches/cryptsetup-Implement-offset-and-skip-options.patch
new file mode 100644
index 000..f392bbc
--- /dev/null
+++ b/debian/patches/cryptsetup-Implement-offset-and-skip-options.patch
@@ -0,0 +1,66 @@
+From: Martin Pitt
+Date: Thu, 16 Apr 2015 06:44:07 -0500
+Subject: cryptsetup: Implement offset and skip options
+
+These are useful for plain devices as they don't have any metadata by
+themselves. Instead of using an unreliable hardcoded device name in crypttab
+you can then put static metadata at the start of the partition for a stable
+UUID or label.
+
+https://bugs.freedesktop.org/show_bug.cgi?id=87717
+https://bugs.debian.org/751707
+https://launchpad.net/bugs/953875
+---
+ src/cryptsetup/cryptsetup.c | 21 +++--
+ 1 file changed, 19 insertions(+), 2 deletions(-)
+
+diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
+index a67d85e..6257c81 100644
+--- a/src/cryptsetup/cryptsetup.c
b/src/cryptsetup/cryptsetup.c
+@@ -50,12 +50,12 @@ static bool arg_discards = false;
+ static bool arg_tcrypt_hidden = false;
+ static bool arg_tcrypt_system = false;
+ static char **arg_tcrypt_keyfiles = NULL;
++static uint64_t arg_offset = 0;
++static uint64_t arg_skip = 0;
+ static usec_t arg_timeout = 0;
+
+ /* Options Debian's crypttab knows we don't:
+
+-offset=
+-skip=
+ precheck=
+ check=
+ checkargs=
+@@ -168,6 +168,20 @@ static int parse_one_option(const char *option) {
+ return 0;
+ }
+
++} else if (startswith(option, "offset=")) {
++
++if (safe_atou64(option+7, &arg_offset) < 0) {
++log_error("offset= parse failure, refusing.");
++return -EINVAL;
++}
++
++} else if (startswith(option, "skip=")) {
++
++if (safe_atou64(option+5, &arg_skip) < 0) {
++log_error("skip= parse failure, refusing.");
++return -EINVAL;
++}
++
+ } else if (!streq(option, "none"))
+ log_error("Encountered unknown /etc/crypttab option '%s',
ignoring.", option);
+
+@@ -403,6 +417,9 @@ static int attach_luks_or_plain(struct crypt_device *cd,
+ } else
+ params.hash = "ripemd160";
+
++params.offset = arg_offset;
++par
Re: Unblock request for drupal7 7.32-1+deb8u3
On 2015-03-19 18:05, Gunnar Wolf wrote: > Hi, > > I have uploaded to unstable Drupal7 version 7.32-1+deb8u3, which fixes > the following security issue: > >https://www.drupal.org/SA-CORE-2015-001 > > I have backported 7.35 changes and applied them over 7.32, which is > currently in Jessie; I'm attaching the diff in question. > > Please unblock drupal7 and allow this fix to migrate into Jessie! > > Thanks, > Unblocked, thanks. For future cases, please file an unblock bug for it, as they are easier for us to track. Thanks, ~Niels -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/550b0438.4060...@thykier.net
Unblock request for drupal7 7.32-1+deb8u3
Hi,
I have uploaded to unstable Drupal7 version 7.32-1+deb8u3, which fixes
the following security issue:
https://www.drupal.org/SA-CORE-2015-001
I have backported 7.35 changes and applied them over 7.32, which is
currently in Jessie; I'm attaching the diff in question.
Please unblock drupal7 and allow this fix to migrate into Jessie!
Thanks,
diff --git a/debian/changelog b/debian/changelog
index 37c56f5..5e4f3b2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+drupal7 (7.32-1+deb8u3) unstable; urgency=medium
+
+ * Added missing DEP3 headers to SA-CORE-2015-001 patch
+
+ -- Gunnar Wolf Thu, 19 Mar 2015 09:54:35 -0600
+
+drupal7 (7.32-1+deb8u2) unstable; urgency=high
+
+ * Backported from 7.35: SA-CORE-2015-001 (Access bypass on password
+reset URLs; Open redirect)
+
+ -- Gunnar Wolf Wed, 18 Mar 2015 14:20:17 -0600
+
drupal7 (7.32-1+deb8u1) unstable; urgency=high
* Updated the VCS URL in debian/control as git.debian.org is deprecated
diff --git a/debian/patches/SA-CORE-2015-001 b/debian/patches/SA-CORE-2015-001
new file mode 100644
index 000..fd3de3d
--- /dev/null
+++ b/debian/patches/SA-CORE-2015-001
@@ -0,0 +1,606 @@
+Origin: vendor
+Forwarded: not-needed
+From: Gunnar Wolf
+Last-Update: 2015-03-19
+Description: Fixes SA-CORE-2015-001 (Access bypass on password resetURLs; Open redirect)
+ Backporting the diff between 7.34 and 7.35, applying it to the
+ currently frozen version (7.32). For further details, the advisory is
+ in:
+ .
+ http://drupal.org/SA-CORE-2015-001
+ A CVE advisory ID has not yet been issued.
+
+Index: drupal7/includes/bootstrap.inc
+===
+--- drupal7.orig/includes/bootstrap.inc
drupal7/includes/bootstrap.inc
+@@ -2487,6 +2487,26 @@ function _drupal_bootstrap_variables() {
+ // Load bootstrap modules.
+ require_once DRUPAL_ROOT . '/includes/module.inc';
+ module_load_all(TRUE);
++
++ // Sanitize the destination parameter (which is often used for redirects) to
++ // prevent open redirect attacks leading to other domains. Sanitize both
++ // $_GET['destination'] and $_REQUEST['destination'] to protect code that
++ // relies on either, but do not sanitize $_POST to avoid interfering with
++ // unrelated form submissions. The sanitization happens here because
++ // url_is_external() requires the variable system to be available.
++ if (isset($_GET['destination']) || isset($_REQUEST['destination'])) {
++require_once DRUPAL_ROOT . '/includes/common.inc';
++// If the destination is an external URL, remove it.
++if (isset($_GET['destination']) && url_is_external($_GET['destination'])) {
++ unset($_GET['destination']);
++ unset($_REQUEST['destination']);
++}
++// If there's still something in $_REQUEST['destination'] that didn't come
++// from $_GET, check it too.
++if (isset($_REQUEST['destination']) && (!isset($_GET['destination']) || $_REQUEST['destination'] != $_GET['destination']) && url_is_external($_REQUEST['destination'])) {
++ unset($_REQUEST['destination']);
++}
++ }
+ }
+
+ /**
+Index: drupal7/includes/common.inc
+===
+--- drupal7.orig/includes/common.inc
drupal7/includes/common.inc
+@@ -2182,14 +2182,20 @@ function url($path = NULL, array $option
+ 'prefix' => ''
+ );
+
++ // A duplicate of the code from url_is_external() to avoid needing another
++ // function call, since performance inside url() is critical.
+ if (!isset($options['external'])) {
+-// Return an external link if $path contains an allowed absolute URL. Only
+-// call the slow drupal_strip_dangerous_protocols() if $path contains a ':'
+-// before any / ? or #. Note: we could use url_is_external($path) here, but
+-// that would require another function call, and performance inside url() is
+-// critical.
++// Return an external link if $path contains an allowed absolute URL. Avoid
++// calling drupal_strip_dangerous_protocols() if there is any slash (/),
++// hash (#) or question_mark (?) before the colon (:) occurrence - if any -
++// as this would clearly mean it is not a URL. If the path starts with 2
++// slashes then it is always considered an external URL without an explicit
++// protocol part.
+ $colonpos = strpos($path, ':');
+-$options['external'] = ($colonpos !== FALSE && !preg_match('![/?#]!', substr($path, 0, $colonpos)) && drupal_strip_dangerous_protocols($path) == $path);
++$options['external'] = (strpos($path, '//') === 0)
++ || ($colonpos !== FALSE
++&& !preg_match('![/?#]!', substr($path, 0, $colonpos))
++&& drupal_strip_dangerous_protocols($path) == $path);
+ }
+
+ // Preserve the original path before altering or aliasing.
+@@ -2227,6 +2233,11 @@ function url($path = NULL, array $option
+ return $path . $options['fragment'];
+ }
+
++ // Strip leading slashes f
Bug#779658: marked as done (unblock: request-tracker4/4.2.8-3)
Your message dated Tue, 03 Mar 2015 21:01:46 +0100
with message-id <54f6132a.9090...@thykier.net>
and subject line Re: Bug#779658: unblock: request-tracker4/4.2.8-3
has caused the Debian Bug report #779658,
regarding unblock: request-tracker4/4.2.8-3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
779658: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779658
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package request-tracker4. It fixes multiple
security issues.
unblock request-tracker4/4.2.8-3
Debdiff:
diff -Nru request-tracker4-4.2.8/debian/changelog
request-tracker4-4.2.8/debian/changelog
--- request-tracker4-4.2.8/debian/changelog 2015-01-01 17:47:33.0
+0100
+++ request-tracker4-4.2.8/debian/changelog 2015-02-26 11:05:27.0
+0100
@@ -1,3 +1,11 @@
+request-tracker4 (4.2.8-3) unstable; urgency=high
+
+ * Fix remote DoS via email gateway (CVE-2014-9472)
+ * Fix information discloure revealing RSS feed URLs (CVE-2015-1165)
+ * Fix privilege escalation via RSS feed URLs (CVE-2015-1464)
+
+ -- Dominic Hargreaves Thu, 26 Feb 2015 10:05:25 +
+
request-tracker4 (4.2.8-2) unstable; urgency=medium
[ Niko Tyni ]
diff -Nru request-tracker4-4.2.8/debian/.git-dpm
request-tracker4-4.2.8/debian/.git-dpm
--- request-tracker4-4.2.8/debian/.git-dpm 2015-01-01 17:46:41.0
+0100
+++ request-tracker4-4.2.8/debian/.git-dpm 2015-02-19 17:43:53.0
+0100
@@ -1,6 +1,6 @@
# see git-dpm(1) from git-dpm package
-559785c4e88364b835823521a0e1648db985b05e
-559785c4e88364b835823521a0e1648db985b05e
+5324f915dd17ae61679a97226cd9fce35934cc7b
+5324f915dd17ae61679a97226cd9fce35934cc7b
21890d09947710ac3f48ddd306fe5b6a50f5bbe9
21890d09947710ac3f48ddd306fe5b6a50f5bbe9
request-tracker4_4.2.8.orig.tar.gz
diff -Nru request-tracker4-4.2.8/debian/patches/sec-2015-02-05-1.diff
request-tracker4-4.2.8/debian/patches/sec-2015-02-05-1.diff
--- request-tracker4-4.2.8/debian/patches/sec-2015-02-05-1.diff 1970-01-01
01:00:00.0 +0100
+++ request-tracker4-4.2.8/debian/patches/sec-2015-02-05-1.diff 2015-02-19
17:43:53.0 +0100
@@ -0,0 +1,30 @@
+From d9cbc2f4f4df2b75e4527c2fb4f19dc087a1655e Mon Sep 17 00:00:00 2001
+From: Alex Vandiver
+Date: Mon, 1 Dec 2014 16:58:43 -0500
+Subject: Hide utf8 warnings during attempted decoding
+
+EncodeFromToWithCroak is used to exploratorily attempt to decode unknown
+byte strings. This operation, under Encode::FB_DEFAULT, may generate
+warnings -- lots of warnings. This can lead to denial of service in
+some situations. This vulnerability has been assigned CVE-2014-9472.
+
+Unfortunately, "no warnings 'utf8'" does not work to quiet them until
+Encode 2.64; simply skip warnings of this type in the logging handler.
+
+Patch-Name: sec-2015-02-05-1.diff
+---
+ lib/RT.pm |1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/RT.pm b/lib/RT.pm
+index 803d54b..3aa7542 100644
+--- a/lib/RT.pm
b/lib/RT.pm
+@@ -374,6 +374,7 @@ sub InitSignalHandlers {
+ ## mechanism (see above).
+
+ $SIG{__WARN__} = sub {
++return if $_[0] and $_[0] =~ /^Code point \S+ is not Unicode, may not
be portable/;
+ # use 'goto &foo' syntax to hide ANON sub from stack
+ unshift @_, $RT::Logger, qw(level warning message);
+ goto &Log::Dispatch::log;
diff -Nru request-tracker4-4.2.8/debian/patches/sec-2015-02-05-2.diff
request-tracker4-4.2.8/debian/patches/sec-2015-02-05-2.diff
--- request-tracker4-4.2.8/debian/patches/sec-2015-02-05-2.diff 1970-01-01
01:00:00.0 +0100
+++ request-tracker4-4.2.8/debian/patches/sec-2015-02-05-2.diff 2015-02-19
17:43:53.0 +0100
@@ -0,0 +1,46 @@
+From af54a6d17773f5c9f8f785c8ccd9d1067679ce77 Mon Sep 17 00:00:00 2001
+From: Alex Vandiver
+Date: Fri, 30 Jan 2015 15:03:16 -0500
+Subject: Prevent text content from being interpreted as HTML by RSS clients
+
+The ->Content method is used to obtain the data to use in the RSS
+ tag. However, most RSS feed readers display the contents
+of the tag using a HTML rendering engine; this allows
+textual content to be mistakenly rendered as HTML. This specifically
+includes links, which RSS readers may not hide the "Referer" header of,
+exposing the RSS feed URL and thus allowing for information disclosure.
+This vulnerability has been assigned CVE-2015-1165.
+
+Escape the textual content so that it is not interpreted as HTML
Bug#779658: unblock: request-tracker4/4.2.8-3
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package request-tracker4. It fixes multiple
security issues.
unblock request-tracker4/4.2.8-3
Debdiff:
diff -Nru request-tracker4-4.2.8/debian/changelog
request-tracker4-4.2.8/debian/changelog
--- request-tracker4-4.2.8/debian/changelog 2015-01-01 17:47:33.0
+0100
+++ request-tracker4-4.2.8/debian/changelog 2015-02-26 11:05:27.0
+0100
@@ -1,3 +1,11 @@
+request-tracker4 (4.2.8-3) unstable; urgency=high
+
+ * Fix remote DoS via email gateway (CVE-2014-9472)
+ * Fix information discloure revealing RSS feed URLs (CVE-2015-1165)
+ * Fix privilege escalation via RSS feed URLs (CVE-2015-1464)
+
+ -- Dominic Hargreaves Thu, 26 Feb 2015 10:05:25 +
+
request-tracker4 (4.2.8-2) unstable; urgency=medium
[ Niko Tyni ]
diff -Nru request-tracker4-4.2.8/debian/.git-dpm
request-tracker4-4.2.8/debian/.git-dpm
--- request-tracker4-4.2.8/debian/.git-dpm 2015-01-01 17:46:41.0
+0100
+++ request-tracker4-4.2.8/debian/.git-dpm 2015-02-19 17:43:53.0
+0100
@@ -1,6 +1,6 @@
# see git-dpm(1) from git-dpm package
-559785c4e88364b835823521a0e1648db985b05e
-559785c4e88364b835823521a0e1648db985b05e
+5324f915dd17ae61679a97226cd9fce35934cc7b
+5324f915dd17ae61679a97226cd9fce35934cc7b
21890d09947710ac3f48ddd306fe5b6a50f5bbe9
21890d09947710ac3f48ddd306fe5b6a50f5bbe9
request-tracker4_4.2.8.orig.tar.gz
diff -Nru request-tracker4-4.2.8/debian/patches/sec-2015-02-05-1.diff
request-tracker4-4.2.8/debian/patches/sec-2015-02-05-1.diff
--- request-tracker4-4.2.8/debian/patches/sec-2015-02-05-1.diff 1970-01-01
01:00:00.0 +0100
+++ request-tracker4-4.2.8/debian/patches/sec-2015-02-05-1.diff 2015-02-19
17:43:53.0 +0100
@@ -0,0 +1,30 @@
+From d9cbc2f4f4df2b75e4527c2fb4f19dc087a1655e Mon Sep 17 00:00:00 2001
+From: Alex Vandiver
+Date: Mon, 1 Dec 2014 16:58:43 -0500
+Subject: Hide utf8 warnings during attempted decoding
+
+EncodeFromToWithCroak is used to exploratorily attempt to decode unknown
+byte strings. This operation, under Encode::FB_DEFAULT, may generate
+warnings -- lots of warnings. This can lead to denial of service in
+some situations. This vulnerability has been assigned CVE-2014-9472.
+
+Unfortunately, "no warnings 'utf8'" does not work to quiet them until
+Encode 2.64; simply skip warnings of this type in the logging handler.
+
+Patch-Name: sec-2015-02-05-1.diff
+---
+ lib/RT.pm |1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/lib/RT.pm b/lib/RT.pm
+index 803d54b..3aa7542 100644
+--- a/lib/RT.pm
b/lib/RT.pm
+@@ -374,6 +374,7 @@ sub InitSignalHandlers {
+ ## mechanism (see above).
+
+ $SIG{__WARN__} = sub {
++return if $_[0] and $_[0] =~ /^Code point \S+ is not Unicode, may not
be portable/;
+ # use 'goto &foo' syntax to hide ANON sub from stack
+ unshift @_, $RT::Logger, qw(level warning message);
+ goto &Log::Dispatch::log;
diff -Nru request-tracker4-4.2.8/debian/patches/sec-2015-02-05-2.diff
request-tracker4-4.2.8/debian/patches/sec-2015-02-05-2.diff
--- request-tracker4-4.2.8/debian/patches/sec-2015-02-05-2.diff 1970-01-01
01:00:00.0 +0100
+++ request-tracker4-4.2.8/debian/patches/sec-2015-02-05-2.diff 2015-02-19
17:43:53.0 +0100
@@ -0,0 +1,46 @@
+From af54a6d17773f5c9f8f785c8ccd9d1067679ce77 Mon Sep 17 00:00:00 2001
+From: Alex Vandiver
+Date: Fri, 30 Jan 2015 15:03:16 -0500
+Subject: Prevent text content from being interpreted as HTML by RSS clients
+
+The ->Content method is used to obtain the data to use in the RSS
+ tag. However, most RSS feed readers display the contents
+of the tag using a HTML rendering engine; this allows
+textual content to be mistakenly rendered as HTML. This specifically
+includes links, which RSS readers may not hide the "Referer" header of,
+exposing the RSS feed URL and thus allowing for information disclosure.
+This vulnerability has been assigned CVE-2015-1165.
+
+Escape the textual content so that it is not interpreted as HTML by RSS
+readers. This is suprior to requesting ->Content( Type => "text/html" )
+because it is guaranteed to not contain links, and thus not suffer from
+the above Referer disclosure.
+
+Patch-Name: sec-2015-02-05-2.diff
+---
+ share/html/Search/Elements/ResultsRSSView |9 -
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/share/html/Search/Elements/ResultsRSSView
b/share/html/Search/Elements/ResultsRSSView
+index 45e7369..7381ba7 100644
+--- a/share/html/Search/Elements/ResultsRSSView
b/share/html/Search/Elements/ResultsRSSView
+@@ -128,10 +128,17 @@ $r->content_type('application/rss+xml; charset=utf-8');
+ while ( my $Ticket = $Tickets->Next()) {
+ my $creator_str = $Ticket->CreatorObj->Format;
+ $creator_str =~ s/[\r\n]//g;
++
++# Get
Re: Possible unblock request of snort+daq into testing?
On Mon, Feb 09, 2015 at 12:20:43AM +0100, Mehdi Dogguy wrote: > Back in November 2014, Ivo described the solution to have snort and daq > into Jessie (See [1]). Unfortunately, this didn't happen and he was forced > to remove the packages from Jessie, as announced. We understand that the > outcome will not benefit for our users and we carefully read your arguments. > But we cannot accept the packages into Jessie now, especially when the > recommended solutions have not been implemented. It is rather late now and > we are focused on reducing Jessie's RC bugs only. I hope you will understand > our position too. Ok. Fully understood, thanks for the reply. Regards Javier signature.asc Description: Digital signature
Re: question regarding unblock request for library
On Fri, Jan 23, 2015 at 00:56:24 +0100, IOhannes m zmölnig wrote: > dear release team, > > sorry for this untimely interrupt, i figure you are busy working on > getting jessie out. > > > summary: a *library* package (libassimp3) has been reported to have some > symbols dropped. this makes the library unusable in certain cases. > does this qualify for a unblock request? > > > longer explanation: > the dropped symbols are only with resp. to the accompanying header > files, not to older package versions. (so its not a soname-bump problem, > but a mismatch between headers and library). > the original reporter[1] was kind enough to report this with severity > "important" (thus not affecting the freeze), but i am wondering if the > severity should be escalated to "serious", due to the nature of libraries. > luckily, i am not aware of any packages that depend on this library > outside its source package, so the bug seems to not affect other > packages (their FTBFS would have flagged the underlying problem earlier). > otoh, the bug is still a bummer for anybody who wants to develop against > this library (like the bug reporter) > > the fix is quite minimal, as it adds 1 (one) line to the version-script > used for tightening the exports, and 7 (seven) lines to the symbols-file > for the newly exported symbols. > > > if you could drop me a note whether i should keep pestering you with my > little problem or not, i would be thankful. > If this doesn't affect any other package I don't think it's suitable, sorry. Next time please do attach a diff, it's much easier to understand what this is about when seeing a patch than with just an abstract explanation. Cheers, Julien signature.asc Description: Digital signature
Bug#775271: my unblock request for mate-themes 1.9.3-1
Dear Ivo, On So 08 Feb 2015 23:24:52 CET, Ivo De Decker wrote: On Sun, Feb 08, 2015 at 07:15:59PM +0100, Mike Gabriel wrote: Dear release time, I am curious how we / the release team shall/will handle #775271. I have not received any notice on my unblock request for mate-themes 1.9.3-1 so far. Did processing it slip through? I (and the MATE pkg team) would be happy to receive some feedback on our request, if possible. Thanks!!! My local jessie notebook has been running with that new mate-themes version for a while now and I would love to have other Debian users benefit from the GTK3 improvements made in that version of mate-themes (esp. the CSD relevant parts). As we are very late in the freeze, it's really to late to add these kinds of changes. If you have targeted fixes for concrete bugs, we might be able to consider them. From a policy point of view, I clearly understand your position. From a technical point of view, we really need an exception here (and possibly a third opinion?). Would it really make a difference presenting you a stack of more than appx. 15-20 patches (and relating bugs) providing the fixes that 1.9.3 of mate-themes introduces [1]? This new mate-themes version is a must for the MATE that currently is in Debian jessie. Please note that 1.9.3 has been an upstream maintenance release targetting Debian jessie. The fact that Debian received GTK3.14 last minute before the freeze (and the not always continuous availability of volunteers' working power) caused the delay here. Otherwise, we will have to provide CSD and popover support (and that means a fully working MATE theming for GTK3 applications) via jessie-backports or an external .deb archive (which would be quite suboptimal). Thanks for your time! Mike [1] https://github.com/mate-desktop/mate-themes/commits/mate-themes-gtk3.14-1.9.3?page=1 -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb pgpfqsXivT0Zm.pgp Description: Digitale PGP-Signatur
Re: Possible unblock request of snort+daq into testing?
Le 2015-01-28 01:59, Javier Fernández-Sanguino Peña a écrit : Dear Release Managers, Snort and Daq where removed from testing on December 7th following an upload to the daq library which did not follow the freeze policy. Currently, both Snort (2.9.7.0-4) and daq (2.0.4-3) have been available in unstable for more than a month. Both bugs are RC-free. I would like to know if it would be OK for me to request an unblock request for these packages in order for them to be included (again) into testing. Back in November 2014, Ivo described the solution to have snort and daq into Jessie (See [1]). Unfortunately, this didn't happen and he was forced to remove the packages from Jessie, as announced. We understand that the outcome will not benefit for our users and we carefully read your arguments. But we cannot accept the packages into Jessie now, especially when the recommended solutions have not been implemented. It is rather late now and we are focused on reducing Jessie's RC bugs only. I hope you will understand our position too. [1] https://lists.debian.org/debian-release/2014/11/msg00406.html Kind regards, -- Mehdi -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/0932e435b9f721b851d07444e1089...@dogguy.org
Processed: Re: Bug#775271: my unblock request for mate-themes 1.9.3-1
Processing control commands: > tags -1 moreinfo Bug #775271 [release.debian.org] unblock (pre-approval): mate-themes/1.9.3-1 Added tag(s) moreinfo. -- 775271: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775271 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b775271.14234342998341.transcr...@bugs.debian.org
Bug#775271: my unblock request for mate-themes 1.9.3-1
Control: tags -1 moreinfo Hi, On Sun, Feb 08, 2015 at 07:15:59PM +0100, Mike Gabriel wrote: > Dear release time, > I am curious how we / the release team shall/will handle #775271. I have not > received any notice on my unblock request for mate-themes 1.9.3-1 so far. > > Did processing it slip through? I (and the MATE pkg team) would be happy to > receive some feedback on our request, if possible. Thanks!!! > > My local jessie notebook has been running with that new mate-themes version > for a while now and I would love to have other Debian users benefit from the > GTK3 improvements made in that version of mate-themes (esp. the CSD relevant > parts). As we are very late in the freeze, it's really to late to add these kinds of changes. If you have targeted fixes for concrete bugs, we might be able to consider them. Cheers, Ivo -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150208222452.gu31...@ugent.be
Bug#775271: my unblock request for mate-themes 1.9.3-1
Dear release time, I am curious how we / the release team shall/will handle #775271. I have not received any notice on my unblock request for mate-themes 1.9.3-1 so far. Did processing it slip through? I (and the MATE pkg team) would be happy to receive some feedback on our request, if possible. Thanks!!! My local jessie notebook has been running with that new mate-themes version for a while now and I would love to have other Debian users benefit from the GTK3 improvements made in that version of mate-themes (esp. the CSD relevant parts). Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976148 GnuPG Key ID 0x25771B13 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1423419359.1969.6.camel@Nokia-N900
Possible unblock request of snort+daq into testing?
Dear Release Managers, Snort and Daq where removed from testing on December 7th following an upload to the daq library which did not follow the freeze policy. Currently, both Snort (2.9.7.0-4) and daq (2.0.4-3) have been available in unstable for more than a month. Both bugs are RC-free. I would like to know if it would be OK for me to request an unblock request for these packages in order for them to be included (again) into testing. Please consider the following: - The Snort version provided in Unstable is fully supported upstream - The 'daq' library is only used by Snort, introducing this new library does not disturb in any way other packages in the distribution. - The Snort version currently available in Stable (2.9.2.2-3) is not supported for new rule updates from snort.org Users running this or the version that was available in testing (2.9.5.3-3) are not supported either. The current situation (i.e. no new version of Snort available in testing) leaves Debian users without an upgrade path. Their only options are to build Snort from upstream sources or manually backport the unstable packages. I understand that this case might not be fully in line with the freeze policy, but I think it is in the best interest of our stable users that a popular IT security tool is provided both for those that require updates or want to install and protect their systems. IMHO our users should not be impacted by maintainer's mistakes and they should be our top priority. Thanks for considering it. Best regards, Javier signature.asc Description: Digital signature
question regarding unblock request for library
dear release team, sorry for this untimely interrupt, i figure you are busy working on getting jessie out. summary: a *library* package (libassimp3) has been reported to have some symbols dropped. this makes the library unusable in certain cases. does this qualify for a unblock request? longer explanation: the dropped symbols are only with resp. to the accompanying header files, not to older package versions. (so its not a soname-bump problem, but a mismatch between headers and library). the original reporter[1] was kind enough to report this with severity "important" (thus not affecting the freeze), but i am wondering if the severity should be escalated to "serious", due to the nature of libraries. luckily, i am not aware of any packages that depend on this library outside its source package, so the bug seems to not affect other packages (their FTBFS would have flagged the underlying problem earlier). otoh, the bug is still a bummer for anybody who wants to develop against this library (like the bug reporter) the fix is quite minimal, as it adds 1 (one) line to the version-script used for tightening the exports, and 7 (seven) lines to the symbols-file for the newly exported symbols. if you could drop me a note whether i should keep pestering you with my little problem or not, i would be thankful. thanks for all the great work and making jessie the best debian ever! fgamdsr IOhannes [1] https://bugs.debian.org/775890 signature.asc Description: OpenPGP digital signature
Bug#774452: marked as done (unblock: request-tracker4/4.2.8-2)
Your message dated Fri, 2 Jan 2015 23:25:13 +0100 with message-id <2015010510.ge8...@ugent.be> and subject line Re: Bug#774452: unblock: request-tracker4/4.2.8-2 has caused the Debian Bug report #774452, regarding unblock: request-tracker4/4.2.8-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 774452: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774452 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package request-tracker4 This is a minimal fix for RC bug #773343. debdiff attached. unblock request-tracker4/4.2.8-2 -- System Information: Debian Release: 7.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash diff --git a/debian/.git-dpm b/debian/.git-dpm index 940ddc8..823d680 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm @@ -1,6 +1,6 @@ # see git-dpm(1) from git-dpm package -6a66d91a35305fa792d34896879244ef18f2df10 -6a66d91a35305fa792d34896879244ef18f2df10 +559785c4e88364b835823521a0e1648db985b05e +559785c4e88364b835823521a0e1648db985b05e 21890d09947710ac3f48ddd306fe5b6a50f5bbe9 21890d09947710ac3f48ddd306fe5b6a50f5bbe9 request-tracker4_4.2.8.orig.tar.gz diff --git a/debian/changelog b/debian/changelog index e65f2d5..4b7de26 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +request-tracker4 (4.2.8-2) unstable; urgency=medium + + [ Niko Tyni ] + * Fix upgrade problems caused by a bug in the wheezy +rt4-extension-assettracker installation procedure. (Closes: #773343) + * Break all versions of rt4-extension-assettracker: its upstream +says RT 4.2 isn't supported anymore and recommends RT-Extension-Assets +instead. (See #748737) + + -- Dominic Hargreaves Thu, 01 Jan 2015 16:47:30 + + request-tracker4 (4.2.8-1) unstable; urgency=medium * New upstream release diff --git a/debian/control b/debian/control index 50b359a..d248a15 100644 --- a/debian/control +++ b/debian/control @@ -201,6 +201,7 @@ Recommends: cron-daemon Suggests: rt4-doc-html Conflicts: request-tracker, request-tracker3.2 (<< 3.2.2-3), libdatetime-locale-perl (<< 1:0.44), libdatetime-perl (<< 2:0.4900) Replaces: request-tracker +Breaks: rt4-extension-assettracker Description: extensible trouble-ticket tracking system Request Tracker (RT) is a ticketing system which enables a group of people to intelligently and efficiently manage diff --git a/debian/patches/assettracker-sysgroups.diff b/debian/patches/assettracker-sysgroups.diff new file mode 100644 index 000..3bd0323 --- /dev/null +++ b/debian/patches/assettracker-sysgroups.diff @@ -0,0 +1,26 @@ +From 559785c4e88364b835823521a0e1648db985b05e Mon Sep 17 00:00:00 2001 +From: Niko Tyni +Date: Sat, 27 Dec 2014 23:19:03 +0200 +Subject: Fix upgrade problems caused by an RTx::AssetTracker installation bug + +The setup of the wheezy rt4-extension-assettracker package +(RTx::AssetTracker 2.0.0b2) accidentally inserted two pairs of system role +accounts, causing upgrade failures on SQLite backends due to uniqueness +constraint violations. + +Bug-Debian: https://bugs.debian.org/773343 +Patch-Name: assettracker-sysgroups.diff +--- + etc/upgrade/4.1.0/schema.SQLite |3 +++ + 1 file changed, 3 insertions(+) + create mode 100644 etc/upgrade/4.1.0/schema.SQLite + +diff --git a/etc/upgrade/4.1.0/schema.SQLite b/etc/upgrade/4.1.0/schema.SQLite +new file mode 100644 +index 000..b38fded +--- /dev/null b/etc/upgrade/4.1.0/schema.SQLite +@@ -0,0 +1,3 @@ ++-- fix uniqueness constraint violations due to accidentally doubled system groups ++-- see https://bugs.debian.org/773343 ++UPDATE Groups set Instance=1 WHERE Domain='RTx::AssetTracker::System-Role' AND Description IS Null; diff --git a/debian/patches/series b/debian/patches/series index 047eb7c..ddd900e 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -9,3 +9,4 @@ no_test_web_installer.diff fix_lintian_privacy_break_logo_error.diff debianize_UPGRADING-4.2.diff font_path.diff +assettracker-sysgroups.diff diff --git a/etc/upgrade/4.1.0/schema.SQLite b/etc/upgrade/4.1.0/schema.SQLite new file mode 100644 index 000..b38fded --- /dev/null +++ b/etc/upgrade/4.1.0/schema.SQLite @@ -0,0 +1,3 @@ +-- fix uniqueness constraint violations due to acciden
Bug#774452: unblock: request-tracker4/4.2.8-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package request-tracker4 This is a minimal fix for RC bug #773343. debdiff attached. unblock request-tracker4/4.2.8-2 -- System Information: Debian Release: 7.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash diff --git a/debian/.git-dpm b/debian/.git-dpm index 940ddc8..823d680 100644 --- a/debian/.git-dpm +++ b/debian/.git-dpm @@ -1,6 +1,6 @@ # see git-dpm(1) from git-dpm package -6a66d91a35305fa792d34896879244ef18f2df10 -6a66d91a35305fa792d34896879244ef18f2df10 +559785c4e88364b835823521a0e1648db985b05e +559785c4e88364b835823521a0e1648db985b05e 21890d09947710ac3f48ddd306fe5b6a50f5bbe9 21890d09947710ac3f48ddd306fe5b6a50f5bbe9 request-tracker4_4.2.8.orig.tar.gz diff --git a/debian/changelog b/debian/changelog index e65f2d5..4b7de26 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +request-tracker4 (4.2.8-2) unstable; urgency=medium + + [ Niko Tyni ] + * Fix upgrade problems caused by a bug in the wheezy +rt4-extension-assettracker installation procedure. (Closes: #773343) + * Break all versions of rt4-extension-assettracker: its upstream +says RT 4.2 isn't supported anymore and recommends RT-Extension-Assets +instead. (See #748737) + + -- Dominic Hargreaves Thu, 01 Jan 2015 16:47:30 + + request-tracker4 (4.2.8-1) unstable; urgency=medium * New upstream release diff --git a/debian/control b/debian/control index 50b359a..d248a15 100644 --- a/debian/control +++ b/debian/control @@ -201,6 +201,7 @@ Recommends: cron-daemon Suggests: rt4-doc-html Conflicts: request-tracker, request-tracker3.2 (<< 3.2.2-3), libdatetime-locale-perl (<< 1:0.44), libdatetime-perl (<< 2:0.4900) Replaces: request-tracker +Breaks: rt4-extension-assettracker Description: extensible trouble-ticket tracking system Request Tracker (RT) is a ticketing system which enables a group of people to intelligently and efficiently manage diff --git a/debian/patches/assettracker-sysgroups.diff b/debian/patches/assettracker-sysgroups.diff new file mode 100644 index 000..3bd0323 --- /dev/null +++ b/debian/patches/assettracker-sysgroups.diff @@ -0,0 +1,26 @@ +From 559785c4e88364b835823521a0e1648db985b05e Mon Sep 17 00:00:00 2001 +From: Niko Tyni +Date: Sat, 27 Dec 2014 23:19:03 +0200 +Subject: Fix upgrade problems caused by an RTx::AssetTracker installation bug + +The setup of the wheezy rt4-extension-assettracker package +(RTx::AssetTracker 2.0.0b2) accidentally inserted two pairs of system role +accounts, causing upgrade failures on SQLite backends due to uniqueness +constraint violations. + +Bug-Debian: https://bugs.debian.org/773343 +Patch-Name: assettracker-sysgroups.diff +--- + etc/upgrade/4.1.0/schema.SQLite |3 +++ + 1 file changed, 3 insertions(+) + create mode 100644 etc/upgrade/4.1.0/schema.SQLite + +diff --git a/etc/upgrade/4.1.0/schema.SQLite b/etc/upgrade/4.1.0/schema.SQLite +new file mode 100644 +index 000..b38fded +--- /dev/null b/etc/upgrade/4.1.0/schema.SQLite +@@ -0,0 +1,3 @@ ++-- fix uniqueness constraint violations due to accidentally doubled system groups ++-- see https://bugs.debian.org/773343 ++UPDATE Groups set Instance=1 WHERE Domain='RTx::AssetTracker::System-Role' AND Description IS Null; diff --git a/debian/patches/series b/debian/patches/series index 047eb7c..ddd900e 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -9,3 +9,4 @@ no_test_web_installer.diff fix_lintian_privacy_break_logo_error.diff debianize_UPGRADING-4.2.diff font_path.diff +assettracker-sysgroups.diff diff --git a/etc/upgrade/4.1.0/schema.SQLite b/etc/upgrade/4.1.0/schema.SQLite new file mode 100644 index 000..b38fded --- /dev/null +++ b/etc/upgrade/4.1.0/schema.SQLite @@ -0,0 +1,3 @@ +-- fix uniqueness constraint violations due to accidentally doubled system groups +-- see https://bugs.debian.org/773343 +UPDATE Groups set Instance=1 WHERE Domain='RTx::AssetTracker::System-Role' AND Description IS Null;
Bug#773285: marked as done (unattended-upgrades unblock request)
Your message dated Tue, 16 Dec 2014 13:42:38 + with message-id <1653d74611fc166cf68e690c4ac81...@mail.adsl.funky-badger.org> and subject line Re: Bug#773285: unattended-upgrades unblock request has caused the Debian Bug report #773285, regarding unattended-upgrades unblock request to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 773285: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773285 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi release team, I would like to ask for allow unattended-upgrades 0.83.3 into testing. Version 0.83 has a regression when it sends out the summary mail of the completed upgrade. The full changelog: unattended-upgrades (0.83.3) unstable; urgency=medium [ Alexandre Detiste ] * add Raspbian template [ Michael Vogt ] * Attach all dpkg log to the summary mail on minimal-upgrades-steps mode (closes: #759693) -- Michael Vogt Wed, 10 Dec 2014 21:36:34 +0100 unattended-upgrades (0.83.2) unstable; urgency=medium [ Martin-Éric Racine ] * debian/changelog: - updated to the DEP-5 format [ Alexandre Detiste ] * Fix spurious newlines -- Michael Vogt Wed, 26 Nov 2014 10:19:48 +0100 unattended-upgrades (0.83.1) unstable; urgency=medium * unattended-upgrade: - fix regression and only send out the most recent dpkg log part when sending the summary mail (closes: #759693) * README.md: - improve documentation * debian/control: - update Vcs-Bzr location -- Michael Vogt Mon, 24 Nov 2014 11:09:41 +0100 Thanks for your consideration, Michael signature.asc Description: Digital signature --- End Message --- --- Begin Message --- On 2014-12-16 13:28, Michael Vogt wrote: I would like to ask for allow unattended-upgrades 0.83.3 into testing. It's been there since last night's britney. :) Regards, Adam--- End Message ---
Bug#773285: unattended-upgrades unblock request
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi release team, I would like to ask for allow unattended-upgrades 0.83.3 into testing. Version 0.83 has a regression when it sends out the summary mail of the completed upgrade. The full changelog: unattended-upgrades (0.83.3) unstable; urgency=medium [ Alexandre Detiste ] * add Raspbian template [ Michael Vogt ] * Attach all dpkg log to the summary mail on minimal-upgrades-steps mode (closes: #759693) -- Michael Vogt Wed, 10 Dec 2014 21:36:34 +0100 unattended-upgrades (0.83.2) unstable; urgency=medium [ Martin-Éric Racine ] * debian/changelog: - updated to the DEP-5 format [ Alexandre Detiste ] * Fix spurious newlines -- Michael Vogt Wed, 26 Nov 2014 10:19:48 +0100 unattended-upgrades (0.83.1) unstable; urgency=medium * unattended-upgrade: - fix regression and only send out the most recent dpkg log part when sending the summary mail (closes: #759693) * README.md: - improve documentation * debian/control: - update Vcs-Bzr location -- Michael Vogt Mon, 24 Nov 2014 11:09:41 +0100 Thanks for your consideration, Michael signature.asc Description: Digital signature
Bug#770732: marked as done (piuparts and jessie, pre-upload unblock request questions)
Your message dated Wed, 03 Dec 2014 21:02:59 +0100 with message-id <547f6c73.3070...@thykier.net> and subject line Re: Bug#770732: piuparts and jessie, pre-upload unblock request questions has caused the Debian Bug report #770732, regarding piuparts and jessie, pre-upload unblock request questions to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 770732: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770732 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- package: release.debian.org x-debbugs-cc: piuparts-de...@lists.alioth.debian.org Dear release team, until a very few days ago, it didnt occur to me at all, that piuparts 0.60 ain't suitable for the release, but now Andreas Beckmann pointed out, that: - testing = jessie, that will be wrong soon - we have several custom-scripts dealing with init-systems... (the custom scripts are not used by piuparts by defaults but can be used easily and are in use on piuparts.d.o) - there are a few new patterns of ignored files to avoid false positives. Currently 0.60 is in sid+jessie, and piuparts.d.o runs the develop branch of piuparts.git (with the above changes and a few more as explained below). I'm happy to create a new jessie-branch and cherry-pick whatever you deem suitable for 0.61 in sid and then jessie (and keep running the develop branch on piuparts.d.o). To keep maintaining these two branches more, I'd like to discuss which changes are acceptable to keep the diff at a minimum or maybe not have one... currently we have: Comments inline the changelog, in the lines starting with # [ Holger Levsen ] * piuparts.py: Add "/var/cache/apt/archives/partial/" to ignored files. (Closes: #767489) # one-liner to ignored patterns, it's important to not have false positives... * piuparts.py and piuparts-report: Detect four more (in)adequate issues: - broken-binfmt-detector - broken-binfmt-interpreter - missing-alternative - program-name-collision (Closes: #767499) # probably just a normal bug... but trivial changes at least ;) * distros.conf: Remove unneeded URI for squeeze-lts, it just uses the default repository. # trivial config change removing one line only relevant for those who test # squeeze-lts... * instances/pejacevic+slaves: Do not reschedule passed squeeze logs anymore. # trivial config change only relevant for hosts called pejacevic+piu- slave-(bm|1und1)-(a|1) [ Andreas Beckmann ] * piuparts.py: - Add to ignored_files: + /etc/modules-load.d/modules.conf (dangling symlink to ../modules) # one-liner to ignored patterns, it's important to not have false positives... - Create /etc/resolv.conf in the chroot using only the nameserver entries found on the host. # arguely a normal bug and unfilled :/ The patch is trivial and still looked good on a 3rd look ;) * lib/dwke.py: Fix parsing known_problems/*.conf using EXCLUDE_PATTERN. # an (unfiled) important bug in piuparts-report leading to wrongly detected problems... * Add "AddDefaultCharset utf-8" to the apache2 configuration snipplet example, so that logfiles are displayed as UTF-8. # just an example configuration change * pre_install_foreign_architecture: New script to enable foreign architectures for testing cross toolchain packages. * pre_remove_40_find_unowned_lib_links, unowned_lib_symlink_*.conf: New script and reports for unowned symlinks in [/usr]/lib[/]. # these custom scripts are not used by piuparts by defaults but can be used # easily and are in use on piuparts.d.o) * Rework the file-rc/sysvinit/upstart/systemd specific exceptions. # custom-scripts dealing with initsystems... [ Michael Prokop ] * Support new scripts directive 'post_chroot_unpack', useful for adding apt-keys for custom apt repositories. (Closes: #767485) * Add custom-scripts/scripts-unused-examples/post_chroot_unpack_key_setup.sh # this is really a wishlist bug and my only argument for including it is that # a.) the change to piuparts.py is rather trivial and b.) the feature is # really very nice to have... and c.) maintaining deltas is annoying. So... to summarize, I think these are all important bugfixes or documentation changes (counting the custom-scripts as documentation) except for: - the new scripts directive 'post_chroot_unpack' from Michael Prokop - creating resolv.conf for the minimal chroot - #767499 (detect more adequate tags) These are definitly normal/wishlist fixes but the changes are trivial and I would like t
Bug#770732: piuparts and jessie, pre-upload unblock request questions
control: tags -1 - moreinfo Hi Niels, On Samstag, 29. November 2014, Niels Thykier wrote: > I have read the fulldiff (from your other mail) and ack on those. > Please upload them to unstable /before/ the 5th of December and remove > the "moreinfo" tag once it has been accepted into unstable. uploaded+accepted. Andreas has added quite some useful scripts improvements for jessie (plus 1388 lines changed in piuparts.conf.anbe), please shout if you need help making sense out of it... ;-) Thanks for your "endless" work on jessie! cheers, Holger signature.asc Description: This is a digitally signed message part.
Processed: Re: Bug#770732: piuparts and jessie, pre-upload unblock request questions
Processing control commands: > tags -1 - moreinfo Bug #770732 [release.debian.org] piuparts and jessie, pre-upload unblock request questions Removed tag(s) moreinfo. -- 770732: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770732 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b770732.141763490027833.transcr...@bugs.debian.org
Processed: Re: Bug#770732: piuparts and jessie, pre-upload unblock request questions
Processing control commands: > tags -1 confirmed moreinfo Bug #770732 [release.debian.org] piuparts and jessie, pre-upload unblock request questions Added tag(s) confirmed and moreinfo. -- 770732: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770732 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b770732.141721929329236.transcr...@bugs.debian.org
Bug#770732: piuparts and jessie, pre-upload unblock request questions
Control: tags -1 confirmed moreinfo On 2014-11-23 18:44, Holger Levsen wrote: > package: release.debian.org > x-debbugs-cc: piuparts-de...@lists.alioth.debian.org > > Dear release team, > > until a very few days ago, it didnt occur to me at all, that piuparts 0.60 > ain't suitable for the release, but now Andreas Beckmann pointed out, that: > > [...] > > Does that sound sound? (=to upload all these changes to sid, targeted at > jessie) > > I'll happily follow your advice (whatever it will be) and maintain two > branches as/if needed... obviously I'd rather not have to and I'm also really > sorry I just fully realized yesterday, but life is as it is! :-) > > > [...] > > cheers, > Holger > Hi Holger, I have read the fulldiff (from your other mail) and ack on those. Please upload them to unstable /before/ the 5th of December and remove the "moreinfo" tag once it has been accepted into unstable. Thanks, ~Niels -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54790cd2.1020...@thykier.net
Bug#770732: piuparts and jessie, pre-upload unblock request questions
I forgot:
$ git diff 0.60..develop|diffstat
README.txt |
3
README_pejacevic.txt |
3
README_server.txt|
2
bug-templates/removal_makes_files_disappear.mail |
2
conf/distros.conf|
2
conf/piuparts-master.conf|
4
custom-scripts/scripts-leftovers/post_remove_cleanup |
3
custom-scripts/scripts-no-usr-share-doc/post_setup_disable_usr_share_doc |
14 +
custom-scripts/scripts-unused-examples/post_chroot_unpack_key_setup.sh |
9
custom-scripts/scripts/post_distupgrade_experimental |
6
custom-scripts/scripts/post_purge_exceptions |
30 --
custom-scripts/scripts/post_remove_exceptions|
18 +
custom-scripts/scripts/post_remove_extras|
3
custom-scripts/scripts/pre_install_database-server |
25 ++
custom-scripts/scripts/pre_install_exceptions|
123 ++
custom-scripts/scripts/pre_install_extras|
9
custom-scripts/scripts/pre_install_foreign_architecture |
45 +++
custom-scripts/scripts/pre_remove_40_find_unowned_lib_links |
15 +
custom-scripts/scripts/pre_remove_exceptions |
16 -
debian/changelog |
39 +++
htdocs/index.tpl |
2
instances/piuparts.conf.pejacevic|
4
instances/piuparts.conf.piu-slave-1und1-01 |
4
known_problems/broken_binfmt_detector_inadequate_issue.conf |
11
known_problems/broken_binfmt_interpreter_inadequate_issue.conf |
11
known_problems/missing_alternative_inadequate_issue.conf |
11
known_problems/module_build_error_issue.conf |
2
known_problems/program_name_collision_inadequate_issue.conf |
11
known_problems/unowned_lib_symlink_error.conf|
12
known_problems/unowned_lib_symlink_issue.conf|
12
piuparts-report.py |
10
piuparts.1.txt |
2
piuparts.py |
37 ++-
piupartslib/dwke.py |
2
34 files changed, 377 insertions(+), 125 deletions(-)
$ git log 0.60..develop|grep ^commit|wc -l
31
$ git diff 0.60..develop *.py > pydiff
$ git diff 0.60..develop > fulldiff
# see attached
diff --git a/piuparts-report.py b/piuparts-report.py
index 8212273..390304b 100644
--- a/piuparts-report.py
+++ b/piuparts-report.py
@@ -425,12 +425,16 @@ linktarget_by_template = [
("boring_obsolete_conffile_file_inadequate_issue.tpl", "...and logfile contains tag from adequate 'obsolete-conffile-file'"),
("boring_broken_symlink_file_inadequate_issue.tpl", "...and logfile contains tag from adequate 'broken-symlink-file'"),
("bin_or_sbin_binary_requires_usr_lib_library_inadequate_issue.tpl", "but adequate found a binary in /bin or /sbin that requires a /usr/lib library"),
-("library_not_found_inadequate_issue.tpl", "but adequate couldn't find a required library"),
-("ldd_inadequate_issue.tpl", "but adequate encountered unexpected ldd warnings"),
("incompatible_licenses_inadequate_issue.tpl", "but adequate found a license incompatibility"),
+("broken_binfmt_detector_inadequate_issue.tpl", "but adequate did not find the detector registered with update_binfmts"),
+("broken_binfmt_interpreter_inadequate_issue.tpl", "but adequate did not find the interpreter registered with update_binfmts"),
+("missing_alternative_inadequate_issue.tpl", "but adequate found a missing alternative"),
("missing_copyright_file_inadequate_issue.tpl", "but adequate couldn't find a copyright file"),
+("program_name_collision_inadequate_issue.tpl", "but adequate found a program name collision"),
("py_file_not_bytecompiled_inadequate_issue.tpl", "but adequate found a .py file that is not byte-compiled"),
("pyshared_file_not_bytecompiled_inadequate_issue.tpl", "but adequate found a .py file in /usr/share/pyshared that is not byte-compiled"),
+("ldd_inadequate_issue.tpl", "but adequate encountered unexpected ldd warnings"),
+("library_not_found_inadequate_issue.tpl", "but adequate couldn't find a required library"),
("undefined_symbol_inadequat
Bug#770732: piuparts and jessie, pre-upload unblock request questions
package: release.debian.org x-debbugs-cc: piuparts-de...@lists.alioth.debian.org Dear release team, until a very few days ago, it didnt occur to me at all, that piuparts 0.60 ain't suitable for the release, but now Andreas Beckmann pointed out, that: - testing = jessie, that will be wrong soon - we have several custom-scripts dealing with init-systems... (the custom scripts are not used by piuparts by defaults but can be used easily and are in use on piuparts.d.o) - there are a few new patterns of ignored files to avoid false positives. Currently 0.60 is in sid+jessie, and piuparts.d.o runs the develop branch of piuparts.git (with the above changes and a few more as explained below). I'm happy to create a new jessie-branch and cherry-pick whatever you deem suitable for 0.61 in sid and then jessie (and keep running the develop branch on piuparts.d.o). To keep maintaining these two branches more, I'd like to discuss which changes are acceptable to keep the diff at a minimum or maybe not have one... currently we have: Comments inline the changelog, in the lines starting with # [ Holger Levsen ] * piuparts.py: Add "/var/cache/apt/archives/partial/" to ignored files. (Closes: #767489) # one-liner to ignored patterns, it's important to not have false positives... * piuparts.py and piuparts-report: Detect four more (in)adequate issues: - broken-binfmt-detector - broken-binfmt-interpreter - missing-alternative - program-name-collision (Closes: #767499) # probably just a normal bug... but trivial changes at least ;) * distros.conf: Remove unneeded URI for squeeze-lts, it just uses the default repository. # trivial config change removing one line only relevant for those who test # squeeze-lts... * instances/pejacevic+slaves: Do not reschedule passed squeeze logs anymore. # trivial config change only relevant for hosts called pejacevic+piu- slave-(bm|1und1)-(a|1) [ Andreas Beckmann ] * piuparts.py: - Add to ignored_files: + /etc/modules-load.d/modules.conf (dangling symlink to ../modules) # one-liner to ignored patterns, it's important to not have false positives... - Create /etc/resolv.conf in the chroot using only the nameserver entries found on the host. # arguely a normal bug and unfilled :/ The patch is trivial and still looked good on a 3rd look ;) * lib/dwke.py: Fix parsing known_problems/*.conf using EXCLUDE_PATTERN. # an (unfiled) important bug in piuparts-report leading to wrongly detected problems... * Add "AddDefaultCharset utf-8" to the apache2 configuration snipplet example, so that logfiles are displayed as UTF-8. # just an example configuration change * pre_install_foreign_architecture: New script to enable foreign architectures for testing cross toolchain packages. * pre_remove_40_find_unowned_lib_links, unowned_lib_symlink_*.conf: New script and reports for unowned symlinks in [/usr]/lib[/]. # these custom scripts are not used by piuparts by defaults but can be used # easily and are in use on piuparts.d.o) * Rework the file-rc/sysvinit/upstart/systemd specific exceptions. # custom-scripts dealing with initsystems... [ Michael Prokop ] * Support new scripts directive 'post_chroot_unpack', useful for adding apt-keys for custom apt repositories. (Closes: #767485) * Add custom-scripts/scripts-unused-examples/post_chroot_unpack_key_setup.sh # this is really a wishlist bug and my only argument for including it is that # a.) the change to piuparts.py is rather trivial and b.) the feature is # really very nice to have... and c.) maintaining deltas is annoying. So... to summarize, I think these are all important bugfixes or documentation changes (counting the custom-scripts as documentation) except for: - the new scripts directive 'post_chroot_unpack' from Michael Prokop - creating resolv.conf for the minimal chroot - #767499 (detect more adequate tags) These are definitly normal/wishlist fixes but the changes are trivial and I would like to include them as pre-approved-changes ;-) Does that sound sound? (=to upload all these changes to sid, targeted at jessie) I'll happily follow your advice (whatever it will be) and maintain two branches as/if needed... obviously I'd rather not have to and I'm also really sorry I just fully realized yesterday, but life is as it is! :-) Oh and "btw", regarding the freeze policy and getting stuff in until the 5th of December and January: do you mean in jessie or in sid by these dates? (And if you mean in jessie again (like for the 5th of November/26th of October deadline...), I think a loud clarification now would be nice and quite appreciated by some.) cheers, Holger signature.asc Description: This is a digitally signed message part.
Bug#769138: unblock request for bind9
This is the related unblock request for bind9 itself: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769583 -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54665125.2020...@pocock.pro
Re: Unblock Request for sisu 5.7.1-2
On Thu, Nov 6, 2014 at 12:28:20 -0500, Ralph Amissah wrote: > Please unblock sisu 5.7.1-2 for Jessie. > https://tracker.debian.org/pkg/sisu > Please file a bug per https://lists.debian.org/debian-devel-announce/2014/11/msg3.html Cheers, Julien -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141106232608.gg3...@betterave.cristau.org
Re: Unblock Request for sisu 5.7.1-2
On 06/11/14 17:28, Ralph Amissah wrote: Please unblock sisu 5.7.1-2 for Jessie. Follow the procedure and file an unblock bug. Emilio -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/545c034c.6050...@debian.org
Unblock Request for sisu 5.7.1-2
Please unblock sisu 5.7.1-2 for Jessie. https://tracker.debian.org/pkg/sisu It includes 2 rather small but significant cleanup bug fixes made for Jessie: #767761 * bug report & closure: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767761 * summary from debian/changelog: * v5 v6: ao, composite documents, on --verbose report loading of .sst files, fix * without fix sisu reports loading of .ssm & .ssi files but not .sst (sub-documents are imported correctly and resulting document outputs are correct and unaffected, but unless aware of this bug it would seem otherwise until the correct operation of sisu was manually verified e.g. by examining documents produced); (issue somewhat mitigated by not being the most common sisu operation) * sisu is in development freeze, this fix is provided for Debian Jessie (Closes: #767761) * git diff http://git.sisudoc.org/gitweb/?p=code/sisu.git;a=commitdiff;h=e206fef8ba35e5061c7da11b1a294d9897de22e9 [note the upstream changelog and other upstream changes are not included in the Debian package 5.7.1-2] http://git.sisudoc.org/gitweb/?p=code/sisu.git;a=commitdiff;h=50c16e307e865717acf8e84d470086bd41fb244a #767776 * bug report & closure: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767776 * summary from debian/changelog: * debian/control sisu description, minor refinement * (Closes: #767776) * git diff http://git.sisudoc.org/gitweb/?p=code/sisu.git;a=commitdiff;h=3ea8131db1832021127f6908b6d2b33d4024778a Note other upstream changes provided by 5.7.2 are not included in the Debian package 5.7.1-2 Thanks, Ralph Amissah P.S. other links: http://sources.debian.net/src/sisu/5.7.1-2/debian/changelog/ upstream git repo http://git.sisudoc.org/gitweb/?p=code/sisu.git;a=summary http://git.sisudoc.org/gitweb/?p=code/sisu.git;a=log signature.asc Description: Digital signature
Bug#767430: marked as done (Pre-upload unblock request: solaar/0.9.2+dfsg-4)
Your message dated Fri, 31 Oct 2014 20:49:20 +0100
with message-id <5453e7c0.8050...@thykier.net>
and subject line Re: Bug#767430: Pre-upload unblock request: solaar/0.9.2+dfsg-4
has caused the Debian Bug report #767430,
regarding Pre-upload unblock request: solaar/0.9.2+dfsg-4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
767430: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767430
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Dear release team,
The localisation teams have provided me with updated debconf templates
for solaar, and the Portuguese team have even provided a full
translation for the upstream binary. Would this be suitable for a
Jessie unblock? I'm attaching the full patch, with important elements
detailed as follows:
$ git diff --stat debian/0.9.2+dfsg-3
debian/changelog| 21 ++
debian/control | 16 +-
debian/patches/series | 1 +
debian/patches/translation-pt.patch | 482
debian/po/cs.po | 75 +
debian/po/da.po | 76 +
debian/po/de.po | 76 +
debian/po/en.po | 70 ++--
debian/po/fr.po | 79 +
debian/po/it.po | 120 +++
debian/po/nl.po | 86 +
debian/po/pt.po | 80 +
debian/po/pt_BR.po | 77 +
debian/po/ru.po | 79 +
debian/po/templates.pot | 41 +--
debian/rules| 1 +
debian/solaar.templates | 39 ++-
17 files changed, 1354 insertions(+), 65 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 2fa424f..2c62bd1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,24 @@
+solaar (0.9.2+dfsg-4) unstable; urgency=low
+
+ [ Stephen Kitt ]
+ * Add Portuguese translation (closes: #761589).
+
+ [ Christian Perrier ]
+ * Debconf templates and debian/control reviewed by the debian-l10n-
+english team as part of the Smith review project. Closes: #761939
+ * [Debconf translation updates]
+ * Russian (Yuri Kozlov). Closes: #764788
+ * Italian (Beatrice Torracca). Closes: #764939
+ * Danish (Joe Hansen). Closes: #764964
+ * German (Chris Leick). Closes: #765927
+ * Dutch; (Frans Spiesschaert). Closes: #766057
+ * Portuguese (Paulo Tomé). Closes: #766589
+ * Czech (Michal Simunek). Closes: #766592
+ * Brazilian Portuguese (Adriano Rafael Gomes). Closes: #766602
+ * French (Jean-Pierre Giraud). Closes: #766722
+
+ -- Stephen Kitt Wed, 29 Oct 2014 20:37:13 +0100
+
solaar (0.9.2+dfsg-3) unstable; urgency=medium
* According to the included meta-data, the SVG files are licensed
diff --git a/debian/control b/debian/control
index bbc1f14..e6bc4b7 100644
--- a/debian/control
+++ b/debian/control
@@ -20,9 +20,9 @@ Recommends: gir1.2-notify-0.7, consolekit (>= 0.4.3) |
systemd (>= 44),
python-dbus (>= 1.1.0), upower
Suggests: gir1.2-appindicator3-0.1, solaar-gnome3 (= ${source:Version})
Description: Logitech Unifying Receiver peripherals manager for Linux
- Solaar is a Linux device manager for Logitech's Unifying Receiver peripherals.
- It is able to pair/unpair devices to the receiver, and for some devices read
- battery status.
+ Solaar is a Linux device manager for Logitech's Unifying Receiver wireless
+ peripherals. It is able to pair/unpair devices to the receiver, and for
+ some devices to read battery status.
Package: solaar-gnome3
Architecture: all
@@ -31,9 +31,9 @@ Depends: ${misc:Depends}, solaar (= ${source:Version}),
gir1.2-appindicator3-0.1, gnome-shell (>= 3.4) | unity (>= 5.10),
${solaar:Gnome-Icon-Theme}
Enhances: solaar
-Description: gnome-shell/Unity integration for Solaar
- Solaar is a Linux device manager for Logitech's Unifying Receiver peripherals.
- It is able to pair/unpair devices to the receiver, and for some devices read
- battery status.
+Description: GNOME Shell/Unity integration for Solaar
+ Solaar is a Linux device manager for Logitech's Unifying Receiver wireless
+ peripherals. It is able to pair/unpair devices to the receiver, and for
+ some devices to read battery status.
.
- This metapackage ensures integration with gnome-shell/Unity.
+ This metapackage ensures integration with GNOME Shell/Unity.
diff --git a/debian/rules b/debian/rules
index 3c
Bug#767430: Pre-upload unblock request: solaar/0.9.2+dfsg-4
Hi Niels, On Fri, 31 Oct 2014 07:34:23 +0100, Niels Thykier wrote: > On 2014-10-31 00:24, Stephen Kitt wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: unblock > > > > Dear release team, > > > > The localisation teams have provided me with updated debconf templates > > for solaar, and the Portuguese team have even provided a full > > translation for the upstream binary. Would this be suitable for a > > Jessie unblock? I'm attaching the full patch, with important elements > > detailed as follows: > > > > [...] > > > > unblock solaar/0.9.2+dfsg-4 > > > > (I haven't uploaded this to unstable yet; I'm waiting to find out if > > everything here is suitable.) > > I am happy to accept the presented debdiff via unstable at this point in > the freeze. Please upload it to unstable and let us know when it has > been accepted. Thanks, I've uploaded it and it's been accepted into unstable. Regards, Stephen signature.asc Description: PGP signature
Processed: Re: Bug#767430: Pre-upload unblock request: solaar/0.9.2+dfsg-4
Processing control commands: > tags -1 confirmed Bug #767430 [release.debian.org] Pre-upload unblock request: solaar/0.9.2+dfsg-4 Added tag(s) confirmed. -- 767430: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767430 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b767430.14147372789632.transcr...@bugs.debian.org
Bug#767430: Pre-upload unblock request: solaar/0.9.2+dfsg-4
Control: tags -1 confirmed On 2014-10-31 00:24, Stephen Kitt wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Dear release team, > > The localisation teams have provided me with updated debconf templates > for solaar, and the Portuguese team have even provided a full > translation for the upstream binary. Would this be suitable for a > Jessie unblock? I'm attaching the full patch, with important elements > detailed as follows: > > [...] > > unblock solaar/0.9.2+dfsg-4 > > (I haven't uploaded this to unstable yet; I'm waiting to find out if > everything here is suitable.) > > Regards, > > Stephen > > > [...] Hi Stephen, I am happy to accept the presented debdiff via unstable at this point in the freeze. Please upload it to unstable and let us know when it has been accepted. Thanks, ~Niels -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54532d6f.9010...@thykier.net
Bug#767430: Pre-upload unblock request: solaar/0.9.2+dfsg-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Dear release team,
The localisation teams have provided me with updated debconf templates
for solaar, and the Portuguese team have even provided a full
translation for the upstream binary. Would this be suitable for a
Jessie unblock? I'm attaching the full patch, with important elements
detailed as follows:
$ git diff --stat debian/0.9.2+dfsg-3
debian/changelog| 21 ++
debian/control | 16 +-
debian/patches/series | 1 +
debian/patches/translation-pt.patch | 482
debian/po/cs.po | 75 +
debian/po/da.po | 76 +
debian/po/de.po | 76 +
debian/po/en.po | 70 ++--
debian/po/fr.po | 79 +
debian/po/it.po | 120 +++
debian/po/nl.po | 86 +
debian/po/pt.po | 80 +
debian/po/pt_BR.po | 77 +
debian/po/ru.po | 79 +
debian/po/templates.pot | 41 +--
debian/rules| 1 +
debian/solaar.templates | 39 ++-
17 files changed, 1354 insertions(+), 65 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 2fa424f..2c62bd1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,24 @@
+solaar (0.9.2+dfsg-4) unstable; urgency=low
+
+ [ Stephen Kitt ]
+ * Add Portuguese translation (closes: #761589).
+
+ [ Christian Perrier ]
+ * Debconf templates and debian/control reviewed by the debian-l10n-
+english team as part of the Smith review project. Closes: #761939
+ * [Debconf translation updates]
+ * Russian (Yuri Kozlov). Closes: #764788
+ * Italian (Beatrice Torracca). Closes: #764939
+ * Danish (Joe Hansen). Closes: #764964
+ * German (Chris Leick). Closes: #765927
+ * Dutch; (Frans Spiesschaert). Closes: #766057
+ * Portuguese (Paulo Tomé). Closes: #766589
+ * Czech (Michal Simunek). Closes: #766592
+ * Brazilian Portuguese (Adriano Rafael Gomes). Closes: #766602
+ * French (Jean-Pierre Giraud). Closes: #766722
+
+ -- Stephen Kitt Wed, 29 Oct 2014 20:37:13 +0100
+
solaar (0.9.2+dfsg-3) unstable; urgency=medium
* According to the included meta-data, the SVG files are licensed
diff --git a/debian/control b/debian/control
index bbc1f14..e6bc4b7 100644
--- a/debian/control
+++ b/debian/control
@@ -20,9 +20,9 @@ Recommends: gir1.2-notify-0.7, consolekit (>= 0.4.3) |
systemd (>= 44),
python-dbus (>= 1.1.0), upower
Suggests: gir1.2-appindicator3-0.1, solaar-gnome3 (= ${source:Version})
Description: Logitech Unifying Receiver peripherals manager for Linux
- Solaar is a Linux device manager for Logitech's Unifying Receiver peripherals.
- It is able to pair/unpair devices to the receiver, and for some devices read
- battery status.
+ Solaar is a Linux device manager for Logitech's Unifying Receiver wireless
+ peripherals. It is able to pair/unpair devices to the receiver, and for
+ some devices to read battery status.
Package: solaar-gnome3
Architecture: all
@@ -31,9 +31,9 @@ Depends: ${misc:Depends}, solaar (= ${source:Version}),
gir1.2-appindicator3-0.1, gnome-shell (>= 3.4) | unity (>= 5.10),
${solaar:Gnome-Icon-Theme}
Enhances: solaar
-Description: gnome-shell/Unity integration for Solaar
- Solaar is a Linux device manager for Logitech's Unifying Receiver peripherals.
- It is able to pair/unpair devices to the receiver, and for some devices read
- battery status.
+Description: GNOME Shell/Unity integration for Solaar
+ Solaar is a Linux device manager for Logitech's Unifying Receiver wireless
+ peripherals. It is able to pair/unpair devices to the receiver, and for
+ some devices to read battery status.
.
- This metapackage ensures integration with gnome-shell/Unity.
+ This metapackage ensures integration with GNOME Shell/Unity.
diff --git a/debian/rules b/debian/rules
index 3c127b6..2526e9c 100755
--- a/debian/rules
+++ b/debian/rules
@@ -18,6 +18,7 @@ override_dh_auto_build:
override_dh_auto_clean:
./tools/clean.sh
+ debconf-updatepo
dh_auto_clean
override_dh_auto_install:
unblock solaar/0.9.2+dfsg-4
(I haven't uploaded this to unstable yet; I'm waiting to find out if
everything here is suitable.)
Regards,
Stephen
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable'), (200, 'unstable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.17-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff --git a/debian/changelog b/debian/changelog
index 2fa424f..2c62bd1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,24 @@
+solaar (0.9.2+dfsg-4) unstable
Re: unblock request for kfreebsd-downloader 9.0-3+deb70.1
2013/6/20 Adam D. Barratt : > Out of interest, where did you get the version scheme "+deb70.1" from? I > don't think I've seen that one before (our suggested version would have been > +deb7u1, as per dev-ref). Steven just pointed out (correctly). I take note that +deb7u1 is preferred. Hopefully I can even apply this, if memory serves ;-) -- Robert Millan -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caofdtxoknwavkhsouyob8soe3nnhnx6vk2ax_yno-tyzcpv...@mail.gmail.com
Re: unblock request for kfreebsd-downloader 9.0-3+deb70.1
On 20/06/13 13:06, Adam D. Barratt wrote: > On 2013-06-20 0:25, Robert Millan wrote: >> +kfreebsd-downloader (9.0-3+deb70.1) stable; urgency=low >> + >> + * Switch to people.debian.org URL for kernel.txz download. >> +(Closes: #712816) > > Out of interest, where did you get the version scheme "+deb70.1" from? I > don't think I've seen that one before (our suggested version would have > been +deb7u1, as per dev-ref). It was probably based on the last kfreebsd-9 security upload (9.0-10+deb70.1). Not sure where that one came from either :) Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/51c308f4.7070...@pyro.eu.org
Re: unblock request for kfreebsd-downloader 9.0-3+deb70.1
On 2013-06-20 0:25, Robert Millan wrote: +kfreebsd-downloader (9.0-3+deb70.1) stable; urgency=low + + * Switch to people.debian.org URL for kernel.txz download. +(Closes: #712816) Out of interest, where did you get the version scheme "+deb70.1" from? I don't think I've seen that one before (our suggested version would have been +deb7u1, as per dev-ref). Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/a9e261f01df9935943734325b2b31...@mail.adsl.funky-badger.org
unblock request for kfreebsd-downloader 9.0-3+deb70.1
Apologies for sending the request after uploading, but as I tend to do
this about once every few years, I forget very easily.
kfreebsd-downloader broke because the URL it relied on is now
returning 404 error. So, a different URL is being used now.
Debdiff:
diff -Nru kfreebsd-downloader-9.0/debian/changelog
kfreebsd-downloader-9.0/debian/changelog
--- kfreebsd-downloader-9.0/debian/changelog2012-06-10
21:11:35.0 +0200
+++ kfreebsd-downloader-9.0/debian/changelog2013-06-19
23:59:48.0 +0200
@@ -1,3 +1,10 @@
+kfreebsd-downloader (9.0-3+deb70.1) stable; urgency=low
+
+ * Switch to people.debian.org URL for kernel.txz download.
+(Closes: #712816)
+
+ -- Robert Millan Wed, 19 Jun 2013 23:56:56 +0200
+
kfreebsd-downloader (9.0-3) unstable; urgency=high
* Split versioned packages to make it possible to install multiple
diff -Nru kfreebsd-downloader-9.0/debian/postinst.in
kfreebsd-downloader-9.0/debian/postinst.in
--- kfreebsd-downloader-9.0/debian/postinst.in 2012-02-03
20:46:19.0 +0100
+++ kfreebsd-downloader-9.0/debian/postinst.in 2013-06-19
23:43:42.0 +0200
@@ -28,7 +28,7 @@
# Download
mkdir -p ${cachedir}
- wget
http://ftp.freebsd.org/pub/FreeBSD/releases/@ARCH@/@ARCH@/@RELEASE@/kernel.txz
\
+ wget
http://people.debian.org/~rmh/kfreebsd-downloader/@ARCH@/@RELEASE@/kernel.txz
\
-c -O ${cachedir}/kernel.txz
# Verify
--
Robert Millan
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/caofdtxnkvan511uw1mpvxcq2am+sqkgfip-qupbrgo0zy1s...@mail.gmail.com
Bug#703034: marked as done (apt unblock request)
Your message dated Thu, 14 Mar 2013 18:52:10 +0100 with message-id <20130314175210.gj5...@radis.cristau.org> and subject line Re: Bug#703034: apt unblock request has caused the Debian Bug report #703034, regarding apt unblock request to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 703034: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703034 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: important User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: de...@lists.debian.org Hello Release Team, unblock apt 0.9.7.8 Ansgar Burchardt found a flaw in the InRelease verification code (CVE-2013-1051) effecting apt in testing and unstable. [stable isn't effected as it has no support for it] As a proper fix for this will be relatively big we propose to fix this for testing by disabling InRelease support for now. This can be revised of course if so desired after an experimental upload which reintroduces a fixed InRelease handling we are working on currently. Thanks and sorry for the inconvenience, The APT team (David & Michael) --- End Message --- --- Begin Message --- On Thu, Mar 14, 2013 at 14:59:35 +0100, Michael Vogt wrote: > Package: release.debian.org > Severity: important > User: release.debian@packages.debian.org > Usertags: unblock > X-Debbugs-Cc: de...@lists.debian.org > > > Hello Release Team, > > unblock apt 0.9.7.8 > > > Ansgar Burchardt found a flaw in the InRelease verification code > (CVE-2013-1051) effecting apt in testing and unstable. > [stable isn't effected as it has no support for it] > > As a proper fix for this will be relatively big we propose to fix this > for testing by disabling InRelease support for now. > :( Unblocked. Note that "criticial" is not a proper urgency setting. Cheers, Julien signature.asc Description: Digital signature --- End Message ---
Bug#703034: apt unblock request
Package: release.debian.org Severity: important User: release.debian@packages.debian.org Usertags: unblock X-Debbugs-Cc: de...@lists.debian.org Hello Release Team, unblock apt 0.9.7.8 Ansgar Burchardt found a flaw in the InRelease verification code (CVE-2013-1051) effecting apt in testing and unstable. [stable isn't effected as it has no support for it] As a proper fix for this will be relatively big we propose to fix this for testing by disabling InRelease support for now. This can be revised of course if so desired after an experimental upload which reintroduces a fixed InRelease handling we are working on currently. Thanks and sorry for the inconvenience, The APT team (David & Michael) -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130314135935.GI7623@bod
Re: unblock request for mixmaster-3.0.0-6
On 2013-02-15 13:24, Colin Tuckley wrote: > Last week I uploaded a new version of the mixmaster package to unstable > to close bug #690206. > > Since then Osamu Aoki has suggested to me in an email that I should ask > for an unblock request for this upload. > > The bug was not RC but it probably should have been since the problem > caused a SegFault on architectures where "char" defaults to "unsigned" > (for example armel). It is basically a one line change, see debdiff below. > > Please consider unblocking mixmaster-3.0.0-6 so that it can transition > to testing and be a part of the new release. > > regards, > > Colin > > debdiff: > > [...] Hi, Seems reasonable, unblocked and thanks. Next time, please consider filing an unblock bug against release.debian.org (reportbug has a template for it) - bugs are easier for us to track and refer to. ~Niels -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/511e2b30.6070...@thykier.net
unblock request for mixmaster-3.0.0-6
Last week I uploaded a new version of the mixmaster package to unstable
to close bug #690206.
Since then Osamu Aoki has suggested to me in an email that I should ask
for an unblock request for this upload.
The bug was not RC but it probably should have been since the problem
caused a SegFault on architectures where "char" defaults to "unsigned"
(for example armel). It is basically a one line change, see debdiff below.
Please consider unblocking mixmaster-3.0.0-6 so that it can transition
to testing and be a part of the new release.
regards,
Colin
debdiff:
diff -u mixmaster-3.0.0/debian/changelog mixmaster-3.0.0/debian/changelog
--- mixmaster-3.0.0/debian/changelog
+++ mixmaster-3.0.0/debian/changelog
@@ -1,3 +1,10 @@
+mixmaster (3.0.0-6) unstable; urgency=low
+
+ * fix segfault on architectures where the default for "char"
+is not "signed" (Closes: #690206)
+
+ -- Colin Tuckley Fri, 08 Feb 2013 13:59:24 +
+
mixmaster (3.0.0-5) unstable; urgency=low
* Ack NMU
only in patch2:
unchanged:
--- mixmaster-3.0.0.orig/Src/menustats.c
+++ mixmaster-3.0.0/Src/menustats.c
@@ -307,7 +307,7 @@
/* Displays the choice of stats sources */
#define MAXPING (26 * 2)
void update_stats() {
- char c;
+ signed char c;
BUFFER *inifile;
BUFFER *pingernames;
BUFFER *goodpingers;
--
Colin Tuckley | +44(0)1223 830814 | PGP/GnuPG Key Id
Debian Developer | +44(0)7799 143369 | 0x1B3045CE
Ever stop to think, and forget to start again?
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/511e28f4.4010...@debian.org
Re: unblock request for rinse 2.0.1-1
On Sat, Feb 9, 2013 at 22:12:09 +0100, Thomas Lange wrote: > Hi release team, > > this release fixes an important bug (#685640) and fixes some broken > URLs in a config file #693353. > Unblocked. Note that we prefer if unblock requests are filed as bugs against the release.debian.org pseudo-package. Cheers, Julien signature.asc Description: Digital signature
unblock request for rinse 2.0.1-1
Hi release team, this release fixes an important bug (#685640) and fixes some broken URLs in a config file #693353. -- regards Thomas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20758.48041.466680.670...@kueppers.informatik.uni-koeln.de
Re: Unblock request for polarssl 1.1.4-2
On Thu, 2013-02-07 at 22:53 +0100, Roland Stigge wrote: > polarssl 1.1.4-2 just hit unstable. Fixes security bug #699887, > CVE-2013-0169, so please unblock. Unblocked; thanks. Please consider filing a usertagged unblock tag (e.g. via reportbug) in future. They're much easier for us to keep track of. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1360274369.14861.11.ca...@jacala.jungle.funky-badger.org
Unblock request for polarssl 1.1.4-2
Hi, polarssl 1.1.4-2 just hit unstable. Fixes security bug #699887, CVE-2013-0169, so please unblock. Thanks! (Will contact the security team separately for the respective security update for the version in stable.) Roland -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5114226f.2090...@antcom.de
Re: unblock request: ace 6.0.3+dfsg-0.1
On Sat, 2013-01-26 at 15:55 +0100, Ralf Treinen wrote: > please unblock ace version 6.0.3+dfsg-0.1. This version fixes two > release critical bugs: > > #697848 and #697847 > > Fixing these bugs meant essentially to repack the source and to drop > files with non-free licence or without source (hence the new orig tarball). > Allmost all other changes to the package are a consequence of that. I tried > to keep changes as conservative as possible. Already done earlier this morning. :-) Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1359212391.28246.32.ca...@jacala.jungle.funky-badger.org
Bug#693787: Unblock request for dovecot
On Wed, 19 Dec 2012, Julien Cristau wrote: Something should be done about 693114. If you don't think it's a blocker then I would suggest to either close it (if it's invalid/documented) or downgrade to important? I'll downgrade it because it is a real issue but one which I think requires a policy change rather than a technical fix. I'll ask on -devel if I'm on the right track. Thanks for all your help. -- Jaldhar H. Vyas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.DEB.2.02.1212191113230.25785@kubuntu
Bug#693787: Unblock request for dovecot
On Wed, Dec 19, 2012 at 10:15:14 -0500, Jaldhar H. Vyas wrote: > Also it is a conffile and I was worried it might cause a problem if > I removed it and a user decided to add TCP wrapper support > themselves and then a later version of this package included it > again and ended up overwriting their changes. > It being a conffile means dpkg will never overwrite user changes. Unblocked anyway. Something should be done about 693114. If you don't think it's a blocker then I would suggest to either close it (if it's invalid/documented) or downgrade to important? Cheers, Julien signature.asc Description: Digital signature
Bug#693787: Unblock request for dovecot
On Wed, 19 Dec 2012, Julien Cristau wrote: On Mon, Dec 17, 2012 at 03:16:41 -0500, Jaldhar H. Vyas wrote: On Sun, 2 Dec 2012, Julien Cristau wrote: -6 has been uploaded with all the requested changes. dovecot-core.postinst still references conf.d/10-tcpwrapper.conf. Is that intentional? I guess it's harmless since the file is all commented out by default, but it might be confusing to users... Yes. It won't do anything anyway because dovecot is no longer compiled with libwrap and as you say it is all commented out so I left it alone. Also it is a conffile and I was worried it might cause a problem if I removed it and a user decided to add TCP wrapper support themselves and then a later version of this package included it again and ended up overwriting their changes. -- Jaldhar H. Vyas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.DEB.2.02.1212191005120.25785@kubuntu
Bug#693787: Unblock request for dovecot
On Mon, Dec 17, 2012 at 03:16:41 -0500, Jaldhar H. Vyas wrote: > On Sun, 2 Dec 2012, Julien Cristau wrote: > > -6 has been uploaded with all the requested changes. > dovecot-core.postinst still references conf.d/10-tcpwrapper.conf. Is that intentional? I guess it's harmless since the file is all commented out by default, but it might be confusing to users... Cheers, Julien signature.asc Description: Digital signature
Bug#693787: Unblock request for dovecot
On Sun, 2 Dec 2012, Julien Cristau wrote: -6 has been uploaded with all the requested changes. -- Jaldhar H. Vyas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.DEB.2.02.1212170315530.13001@kubuntu
Bug#696072: marked as done (unblock: request-tracker4/4.0.7-4)
Your message dated Sun, 16 Dec 2012 14:37:40 +
with message-id <1355668660.32176.39.ca...@jacala.jungle.funky-badger.org>
and subject line Re: Bug#696072: unblock: request-tracker4/4.0.7-4
has caused the Debian Bug report #696072,
regarding unblock: request-tracker4/4.0.7-4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
696072: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696072
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package request-tracker4
This contains fixes for important bugs only. debdiff against 4.0.7-2
(the version currently in testing) attached.
unblock request-tracker4/4.0.7-4
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
diff -Nru request-tracker4-4.0.7/debian/changelog request-tracker4-4.0.7/debian/changelog
--- request-tracker4-4.0.7/debian/changelog 2012-10-23 10:59:00.0 +0100
+++ request-tracker4-4.0.7/debian/changelog 2012-12-16 14:08:32.0 +
@@ -1,3 +1,18 @@
+request-tracker4 (4.0.7-4) unstable; urgency=low
+
+ * Add extra robustness to hostname handling (Closes: 685502)
+
+ -- Dominic Hargreaves Sun, 16 Dec 2012 14:08:31 +
+
+request-tracker4 (4.0.7-3) unstable; urgency=low
+
+ * Cherry-pick fix from 4.0.8 fixing duplicate transaction creation
+bug (Closes: #691701)
+ * Remove unused code which uses Digest::SHA1 which in turn has been
+removed from Debian (Closes: #694484)
+
+ -- Dominic Hargreaves Mon, 10 Dec 2012 14:13:24 +
+
request-tracker4 (4.0.7-2) unstable; urgency=high
* Multiple security fixes for:
diff -Nru request-tracker4-4.0.7/debian/config request-tracker4-4.0.7/debian/config
--- request-tracker4-4.0.7/debian/config 2012-10-15 17:50:27.0 +0100
+++ request-tracker4-4.0.7/debian/config 2012-12-16 14:01:42.0 +
@@ -112,7 +112,7 @@
db_version 2.0
db_capb backup
-hostname="$(hostname -f)"
+hostname="$(hostname -f || true)"
hostname="${hostname:-$(hostname)}"
# sane startup defaults
diff -Nru request-tracker4-4.0.7/debian/patches/68_lock_transaction_updates request-tracker4-4.0.7/debian/patches/68_lock_transaction_updates
--- request-tracker4-4.0.7/debian/patches/68_lock_transaction_updates 1970-01-01 01:00:00.0 +0100
+++ request-tracker4-4.0.7/debian/patches/68_lock_transaction_updates 2012-11-20 18:01:28.0 +
@@ -0,0 +1,185 @@
+From b99af56fa6fed07f2ea055e0abed393ce3c6fb4a Mon Sep 17 00:00:00 2001
+From: Alex Vandiver
+Date: Fri, 16 Mar 2012 16:57:07 -0400
+Subject: [PATCH] Lock transaction updates so scrips get a consistent snapshot
+
+Previously, nothing prevented multiple transactions from being run on
+the system concurrently, and making identical changes. This could lead
+to multiple Corrrespondences, followed by multiple "Status changed from
+new to open" transactions. Prevent this by always running
+->_NewTransaction in a database transaction, and ensuring that it takes
+a write lock on the row before running scrips and purges the cache.
+This ensures a coherent and serial execution of scrips.
+---
+ lib/RT/Record.pm | 35 +++
+ lib/RT/Ticket.pm | 10 +++---
+ t/ticket/race.t | 51 +++
+ 3 files changed, 93 insertions(+), 3 deletions(-)
+ create mode 100644 t/ticket/race.t
+
+diff --git a/lib/RT/Record.pm b/lib/RT/Record.pm
+index 29cff47..c116ee8 100644
+--- a/lib/RT/Record.pm
b/lib/RT/Record.pm
+@@ -1413,8 +1413,35 @@ sub _DeleteLink {
+ }
+
+
++=head1 LockForUpdate
+
++In a database transaction, gains an exclusive lock on the row, to
++prevent race conditions. On SQLite, this is a "RESERVED" lock on the
++entire database.
+
++=cut
++
++sub LockForUpdate {
++my $self = shift;
++
++my $pk = $self->_PrimaryKey;
++my $id = @_ ? $_[0] : $self->$pk;
++$self->_expire if $self->isa("DBIx::SearchBuilder::Record::Cachable");
++if (RT->Config->Get('DatabaseType') eq "SQLite") {
++# SQLite does DB-level locking, upgrading the transaction to
++# "RESERVED" on the first UPDATE/INSERT/DELETE. Do a no-op
++# UPDATE to force the upgad
Bug#696072: unblock: request-tracker4/4.0.7-4
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package request-tracker4
This contains fixes for important bugs only. debdiff against 4.0.7-2
(the version currently in testing) attached.
unblock request-tracker4/4.0.7-4
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
diff -Nru request-tracker4-4.0.7/debian/changelog request-tracker4-4.0.7/debian/changelog
--- request-tracker4-4.0.7/debian/changelog 2012-10-23 10:59:00.0 +0100
+++ request-tracker4-4.0.7/debian/changelog 2012-12-16 14:08:32.0 +
@@ -1,3 +1,18 @@
+request-tracker4 (4.0.7-4) unstable; urgency=low
+
+ * Add extra robustness to hostname handling (Closes: 685502)
+
+ -- Dominic Hargreaves Sun, 16 Dec 2012 14:08:31 +
+
+request-tracker4 (4.0.7-3) unstable; urgency=low
+
+ * Cherry-pick fix from 4.0.8 fixing duplicate transaction creation
+bug (Closes: #691701)
+ * Remove unused code which uses Digest::SHA1 which in turn has been
+removed from Debian (Closes: #694484)
+
+ -- Dominic Hargreaves Mon, 10 Dec 2012 14:13:24 +
+
request-tracker4 (4.0.7-2) unstable; urgency=high
* Multiple security fixes for:
diff -Nru request-tracker4-4.0.7/debian/config request-tracker4-4.0.7/debian/config
--- request-tracker4-4.0.7/debian/config 2012-10-15 17:50:27.0 +0100
+++ request-tracker4-4.0.7/debian/config 2012-12-16 14:01:42.0 +
@@ -112,7 +112,7 @@
db_version 2.0
db_capb backup
-hostname="$(hostname -f)"
+hostname="$(hostname -f || true)"
hostname="${hostname:-$(hostname)}"
# sane startup defaults
diff -Nru request-tracker4-4.0.7/debian/patches/68_lock_transaction_updates request-tracker4-4.0.7/debian/patches/68_lock_transaction_updates
--- request-tracker4-4.0.7/debian/patches/68_lock_transaction_updates 1970-01-01 01:00:00.0 +0100
+++ request-tracker4-4.0.7/debian/patches/68_lock_transaction_updates 2012-11-20 18:01:28.0 +
@@ -0,0 +1,185 @@
+From b99af56fa6fed07f2ea055e0abed393ce3c6fb4a Mon Sep 17 00:00:00 2001
+From: Alex Vandiver
+Date: Fri, 16 Mar 2012 16:57:07 -0400
+Subject: [PATCH] Lock transaction updates so scrips get a consistent snapshot
+
+Previously, nothing prevented multiple transactions from being run on
+the system concurrently, and making identical changes. This could lead
+to multiple Corrrespondences, followed by multiple "Status changed from
+new to open" transactions. Prevent this by always running
+->_NewTransaction in a database transaction, and ensuring that it takes
+a write lock on the row before running scrips and purges the cache.
+This ensures a coherent and serial execution of scrips.
+---
+ lib/RT/Record.pm | 35 +++
+ lib/RT/Ticket.pm | 10 +++---
+ t/ticket/race.t | 51 +++
+ 3 files changed, 93 insertions(+), 3 deletions(-)
+ create mode 100644 t/ticket/race.t
+
+diff --git a/lib/RT/Record.pm b/lib/RT/Record.pm
+index 29cff47..c116ee8 100644
+--- a/lib/RT/Record.pm
b/lib/RT/Record.pm
+@@ -1413,8 +1413,35 @@ sub _DeleteLink {
+ }
+
+
++=head1 LockForUpdate
+
++In a database transaction, gains an exclusive lock on the row, to
++prevent race conditions. On SQLite, this is a "RESERVED" lock on the
++entire database.
+
++=cut
++
++sub LockForUpdate {
++my $self = shift;
++
++my $pk = $self->_PrimaryKey;
++my $id = @_ ? $_[0] : $self->$pk;
++$self->_expire if $self->isa("DBIx::SearchBuilder::Record::Cachable");
++if (RT->Config->Get('DatabaseType') eq "SQLite") {
++# SQLite does DB-level locking, upgrading the transaction to
++# "RESERVED" on the first UPDATE/INSERT/DELETE. Do a no-op
++# UPDATE to force the upgade.
++return RT->DatabaseHandle->dbh->do(
++"UPDATE " .$self->Table.
++" SET $pk = $pk WHERE 1 = 0");
++} else {
++return $self->_LoadFromSQL(
++"SELECT * FROM ".$self->Table
++." WHERE $pk = ? FOR UPDATE",
++$id,
++);
++}
++}
+
+ =head2 _NewTransaction PARAMHASH
+
+@@ -1441,6 +1468,11 @@ sub _NewTransaction {
+ @_
+ );
+
++my $in_txn = RT->DatabaseHandle->TransactionDepth;
++RT->DatabaseHandle->BeginTransaction unless $in_txn;
++
++$self->LockForUpdate;
++
+ my $old_ref = $args{'OldReference'};
+ my $new_ref = $args{'NewReference'};
+ my $ref_type = $args{'ReferenceType'};
+@@ -1487,6 +1519,9 @@ sub _NewTransaction
Processed: changes to make udd pickup unblock request
Processing commands for cont...@bugs.debian.org: > # changes to make the unblock requests match the udd queries > # this should really be fixed some other way > # sorry for the noise > retitle 694490 unblock: aephea/10.008-2 Bug #694490 [release.debian.org] release.debian.org: unblock: aephea/10.008-2 Changed Bug title to 'unblock: aephea/10.008-2' from 'release.debian.org: unblock: aephea/10.008-2' > retitle 693787 unblock: dovecot/1:2.1.7-5 Bug #693787 [release.debian.org] Unblock: dovecot 1:2.1.7-5 Changed Bug title to 'unblock: dovecot/1:2.1.7-5' from 'Unblock: dovecot 1:2.1.7-5' > retitle 694322 unblock: rgl/0.92.798-1 Bug #694322 [release.debian.org] unblock: src:rgl/0.92.798-1 Changed Bug title to 'unblock: rgl/0.92.798-1' from 'unblock: src:rgl/0.92.798-1' > thanks Stopping processing here. Please contact me if you need assistance. -- 693787: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693787 694322: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694322 694490: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694490 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.13554060521772.transcr...@bugs.debian.org
Bug#693787: Unblock request for dovecot
On Mon, Nov 26, 2012 at 23:04:07 -0500, Jaldhar H. Vyas wrote: > > > >+if [ "$1" = "triggered" ]; then > >+if [ -x "/etc/init.d/dovecot" ]; then > >+if [ -x /usr/sbin/invoke-rc.d ]; then > >+invoke-rc.d dovecot start > >+else > >+/etc/init.d/dovecot start > >+fi > >+fi > >+fi > > > >How can this ever work in postrm? (as far as I know only postinst can > >be called this way, and anyway starting a daemon in postrm doesn't seem > >to make much sense) > > Dovecot starts a number of daemon processes. If e.g. you removed > imapd, you might still keep the pop3d, managesieved and so on. > postrm is never called with $1 == "triggered", so afaict this is dead code. > > >The switch to triggers is not appropriate at this stage IMO anyway, and > >should be deferred to the next release. > > > > I can take it out. > Yes please. > > >The hurd fix is probably not something for right now either. > > > > Fixing FTBS on hurd was a release goal no? IIRC the bug was high > severity but if it is not considered important I can take this out. > Yes please. > >The tcp wrappers change doesn't seem appropriate either. > > > > It's only an extra cflag really but I can take it out if necessary. > Yes please. > >Not sure I'm happy about adding hardening this late. > > This was also a release goal wasn't it? > It was, but it also has potentially wide reaching implications. I suppose for a network daemon it kind of makes sense, so maybe leave it in… > > > >+ chmod 0700 debian/dovecot-core/etc/dovecot/private > > > >You seem to run dh_fixperms afterwards, because as far as I can tell the > >deb has > > > >drwxr-xr-x root/root 0 2012-11-14 23:09 ./etc/dovecot/private/ > > > > Hmm I thought it was doing the right thing but I can change it if > necessary. > Well I guess you added the chmod for a reason. Cheers, Julien signature.asc Description: Digital signature
Re: Unblock request for dovecot
On Mon, 26 Nov 2012, Julien Cristau wrote: + echo "You already have ssl certs for dovecot." + echo "However you should move them out of /etc/ssl" + echo "and into /etc/dovecot and update the configuration" + echo "in /etc/dovecot/conf.d/10-ssl.conf accordingly." + echo "See /usr/share/dovecot-core/NEWS.Debian for details." 1) people are not going to see this, in the middle of dist-upgrading a thousand packages It should really use debconf but I thought it would be considered too much of a change. 2) the path to NEWS.Debian is wrong Yes this was reported as #693621, unfortunately after I had already made this upload. +if [ "$1" = "triggered" ]; then +if [ -x "/etc/init.d/dovecot" ]; then +if [ -x /usr/sbin/invoke-rc.d ]; then +invoke-rc.d dovecot start +else +/etc/init.d/dovecot start +fi +fi +fi How can this ever work in postrm? (as far as I know only postinst can be called this way, and anyway starting a daemon in postrm doesn't seem to make much sense) Dovecot starts a number of daemon processes. If e.g. you removed imapd, you might still keep the pop3d, managesieved and so on. The switch to triggers is not appropriate at this stage IMO anyway, and should be deferred to the next release. I can take it out. --- dovecot-2.1.7/debian/dovecot-managesieved.README.Debian 1970-01-01 00:00:00.0 + +++ dovecot-2.1.7/debian/dovecot-managesieved.README.Debian 2012-11-14 20:10:38.0 + @@ -0,0 +1,17 @@ +Removing dovecot-managesieved +- + +If you remove (i.e. with dpkg -r or aptitude remove) this package you will +get an error something like this: + +doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: +service(managesieve-login): executable is empty + +To avoid it, make sure +/etc/dovecot/conf.d/etc/dovecot/conf.d/20-managesieve.conf has been deleted, +moved or completely commented out first. Alternatively, purge the package +instead of removing it. + +If you do not do this, dovecot-core will be left in an unconfigured state +because the error will cause a trigger to fail. To fix this simply reinstall +dovecot-core. This seems rather broken, why can't it be fixed properly instead? That's the way dovecot works and believe me Marco and I spent a lot of time trying to figure out a better solution. Possibly dovecot 2.2.x is better but that's obviously out of the question right? The hurd fix is probably not something for right now either. Fixing FTBS on hurd was a release goal no? IIRC the bug was high severity but if it is not considered important I can take this out. The tcp wrappers change doesn't seem appropriate either. It's only an extra cflag really but I can take it out if necessary. Not sure I'm happy about adding hardening this late. This was also a release goal wasn't it? + chmod 0700 debian/dovecot-core/etc/dovecot/private You seem to run dh_fixperms afterwards, because as far as I can tell the deb has drwxr-xr-x root/root 0 2012-11-14 23:09 ./etc/dovecot/private/ Hmm I thought it was doing the right thing but I can change it if necessary. If I make these changes as -6, will the RMs allow it for wheezy? -- Jaldhar H. Vyas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.DEB.2.02.1211262249450.30396@kubuntu
Re: Unblock request for dovecot
On Mon, Nov 19, 2012 at 22:32:15 -0500, Jaldhar H. Vyas wrote: > [CCs requested as I am not subscribed to the list.] > > Dear RMs, I know the time is late and this is a long shot but I am > requesting that the current version of dovecot 1:2.1.7-5 be > unblocked for > testing because: > + echo "You already have ssl certs for dovecot." + echo "However you should move them out of /etc/ssl" + echo "and into /etc/dovecot and update the configuration" + echo "in /etc/dovecot/conf.d/10-ssl.conf accordingly." + echo "See /usr/share/dovecot-core/NEWS.Debian for details." 1) people are not going to see this, in the middle of dist-upgrading a thousand packages 2) the path to NEWS.Debian is wrong +if [ "$1" = "triggered" ]; then +if [ -x "/etc/init.d/dovecot" ]; then +if [ -x /usr/sbin/invoke-rc.d ]; then +invoke-rc.d dovecot start +else +/etc/init.d/dovecot start +fi +fi +fi How can this ever work in postrm? (as far as I know only postinst can be called this way, and anyway starting a daemon in postrm doesn't seem to make much sense) The switch to triggers is not appropriate at this stage IMO anyway, and should be deferred to the next release. --- dovecot-2.1.7/debian/dovecot-managesieved.README.Debian 1970-01-01 00:00:00.0 + +++ dovecot-2.1.7/debian/dovecot-managesieved.README.Debian 2012-11-14 20:10:38.0 + @@ -0,0 +1,17 @@ +Removing dovecot-managesieved +- + +If you remove (i.e. with dpkg -r or aptitude remove) this package you will +get an error something like this: + +doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf: +service(managesieve-login): executable is empty + +To avoid it, make sure +/etc/dovecot/conf.d/etc/dovecot/conf.d/20-managesieve.conf has been deleted, +moved or completely commented out first. Alternatively, purge the package +instead of removing it. + +If you do not do this, dovecot-core will be left in an unconfigured state +because the error will cause a trigger to fail. To fix this simply reinstall +dovecot-core. This seems rather broken, why can't it be fixed properly instead? The hurd fix is probably not something for right now either. The tcp wrappers change doesn't seem appropriate either. Not sure I'm happy about adding hardening this late. + chmod 0700 debian/dovecot-core/etc/dovecot/private You seem to run dh_fixperms afterwards, because as far as I can tell the deb has drwxr-xr-x root/root 0 2012-11-14 23:09 ./etc/dovecot/private/ No comment on the pigeonhole thing. Cheers, Julien signature.asc Description: Digital signature
Processed: set unblock request as blocker
Processing commands for cont...@bugs.debian.org: > block 680632 by 694124 Bug #680632 [jless] jless: [regression] jless hangs if it reaches 524289 bytes Bug #684633 [jless] jless: hangs with 1MB file, and should consider its future 680632 was not blocked by any bugs. 680632 was not blocking any bugs. Added blocking bug(s) of 680632: 694124 684633 was not blocked by any bugs. 684633 was not blocking any bugs. Added blocking bug(s) of 684633: 694124 > thanks Stopping processing here. Please contact me if you need assistance. -- 680632: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680632 684633: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684633 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.135391106013370.transcr...@bugs.debian.org
Re: Unblock request for dovecot
On Sun, 25 Nov 2012, Mehdi Dogguy wrote: FWIW, It can't be unblocked because of #693114. Please open an "unblock" bugreport against release.debian.org when icedove is ready. If you like I can change the severity of the bug but that's about it. As I wrote in that bug report, there is no solution that will work for everyone because the root of the problem is that in Debian, mailboxes in /var/mail are owned by group mail and this is not going to change in the near term and perhaps not ever. So I merely documented the situation. I don't know what else I can do to make it "readier". On Sun, 25 Nov 2012, Adam D. Barratt wrote: There's also the fact that the diff is 62 files changed, 15366 insertions(+), 32254 deletions(-) mostly due to patches/pigeonhole.patch |46454 +- pigeonhole is a third-party addon to dovecot which is patched into the source. Pigeonhole 0.31 which is what is included in that patch is recommended by its author due to reported segfaults in the previous version. If we don't add it now, we will only have to add it in a point-release anyway (or a security update if the segfaults should prove exploitable.) -- Jaldhar H. Vyas -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.DEB.2.02.1211251655250.3950@kubuntu
Re: Unblock request for dovecot
On Sun, 2012-11-25 at 22:06 +0100, Mehdi Dogguy wrote: > On 11/20/2012 04:32 AM, Jaldhar H. Vyas wrote: > > Dear RMs, I know the time is late and this is a long shot but I am > > requesting that the current version of dovecot 1:2.1.7-5 be unblocked for > > testing because... > > FWIW, It can't be unblocked because of #693114. > > Please open an "unblock" bugreport against release.debian.org when icedove > is ready. s/icedove/dovecot/ ... There's also the fact that the diff is 62 files changed, 15366 insertions(+), 32254 deletions(-) mostly due to patches/pigeonhole.patch |46454 +- Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1353878649.18815.104.ca...@jacala.jungle.funky-badger.org
Re: Unblock request for dovecot
On 11/20/2012 04:32 AM, Jaldhar H. Vyas wrote: > Dear RMs, I know the time is late and this is a long shot but I am > requesting that the current version of dovecot 1:2.1.7-5 be unblocked for > testing because... FWIW, It can't be unblocked because of #693114. Please open an "unblock" bugreport against release.debian.org when icedove is ready. Thanks for your work, -- Mehdi Dogguy مهدي الدڤي http://dogguy.org/ -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/50b28873.1030...@debian.org
