Re: New DD applications from the team: wiene and sge
Hi Samuel and Team, On Sun, 2024-03-03 at 18:10 +, Samuel Henrique wrote: > Peter Wienemann and Sven Geuer just started their DD application: > https://nm.debian.org/process/1264 > https://nm.debian.org/process/1268 > > They are long time contributors and I'm happy we are having them as DDs. > > If you've interacted with them on the team, you can consider advocating. > > If you're a member of the team and are interested in applying for DM or DD, > please let me know and I can do an assessment for you. This will give you some > perspective on what's missing for someone to advocate, or maybe if all the > requirements are fulfilled, you could start your process too. > I want to make sure people's work doesn't get unnoticed in the team. > > For Peter and Sven, good luck on your DD exam now :) I am excited to let you know that Peter and me completed our exams successfully and have been granted DD access this morning. My appreciation goes to everybody I worked with during the last few years, especially Samuel, for their support and their highly valuable feedback to my work. I am looking forward to extending contributing to the team and the Debian Project in its entirety. Regards, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: REMINDER: Re: ITA: vpnc -- Cisco-compatible VPN client
Hello Samuel, On Thu, 2024-05-09 at 23:51 +0100, Samuel Henrique wrote: > Hello Sven, > > > Would you do a final review and grant DM rights to me? > > Done, I suggest in the future you try to minimize the amount of > "update > changelog" commits by only running gbp dch once you're about to > upload. This > will help considerably reduce the amount of commits (would be half of > them for > this upload). > > Thank you for contributing and for the reminder :) Thank you for granting the rights and for the advice. Cheers, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
REMINDER: Re: ITA: vpnc -- Cisco-compatible VPN client
Hello Samuel, I hope you find the time to deal with my request below soonish. On Thu, 2024-04-25 at 16:04 +0200, Sven Geuer wrote: > Hello Samuel, > > [...] > > > The vpnc package has been moved to the group recently [1] and I > updated > this repo with the changes from my personal repository plus I added > d/salsa-ci.yml. > > Would you do a final review and grant DM rights to me? > > [1] https://salsa.debian.org/pkg-security-team/vpnc > Thanks, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: ITA: vpnc -- Cisco-compatible VPN client
Hello Samuel, On Sun, 2024-03-03 at 20:35 +0100, Sven Geuer wrote: > Hello Samuel, > > On Sun, 2024-03-03 at 18:23 +, Samuel Henrique wrote: > > Hello Sven, > > > > > Would you be kind enough to review my work under my personal repo > > > [3]? > > > > > > If everything looks good to you, would you state you're agreeing > > > to > > > moving the repository from the Debian group to the Debian > > > Security > > > Tools Packaging Team? I would raise a ticket with the Salsa Team > > > then. > > > > Your fork is missing commits on the pristine-tar and upstream > > branches, but > > other than that, everything looks good. > > I just pushed these to branches, thanks for the hint. > > > > > I agree with the salsa move as well. > > Excellent! I will request the repo's move. > > The vpnc package has been moved to the group recently [1] and I updated this repo with the changes from my personal repository plus I added d/salsa-ci.yml. Would you do a final review and grant DM rights to me? [1] https://salsa.debian.org/pkg-security-team/vpnc Thanks, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
RFS: dfdatetime, new upstream release and RC bug fixed
Hello Team, I have been working on the dfdatetime package [1] and pushed the result to salsa, the CI pipeline was processed without any complaint. I would be pleased if one of the DDs would review my work and upload the package to unstable. https://salsa.debian.org/pkg-security-team/dfdatetime Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: ITA: vpnc -- Cisco-compatible VPN client
Hello Carlos, On Sun, 2024-03-03 at 16:10 -0300, Carlos Henrique Lima Melara wrote: > Hi, > > On Sun, Mar 03, 2024 at 06:23:55PM +, Samuel Henrique wrote: > > Hello Sven, > > > > > Would you be kind enough to review my work under my personal repo > > > [3]? > > > > > > If everything looks good to you, would you state you're agreeing > > > to > > > moving the repository from the Debian group to the Debian > > > Security > > > Tools Packaging Team? I would raise a ticket with the Salsa Team > > > then. > > > > Your fork is missing commits on the pristine-tar and upstream > > branches, but > > other than that, everything looks good. > > I've been working with forks in Debian and recently I found the > solution > to not have pristine-tar and upstream branches missing commits. Turns > out you can gbp push --debian-tag='' and it will push all branches > and > the head of your packaging branch. So you can do this without issuing > a > gbp tag :-) That's a very helpful finding. Thank you for sharing! > > Cheers, > Charles Cheers Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: ITA: vpnc -- Cisco-compatible VPN client
Hello Samuel, On Sun, 2024-03-03 at 18:23 +, Samuel Henrique wrote: > Hello Sven, > > > Would you be kind enough to review my work under my personal repo > > [3]? > > > > If everything looks good to you, would you state you're agreeing to > > moving the repository from the Debian group to the Debian Security > > Tools Packaging Team? I would raise a ticket with the Salsa Team > > then. > > Your fork is missing commits on the pristine-tar and upstream > branches, but > other than that, everything looks good. I just pushed these to branches, thanks for the hint. > > I agree with the salsa move as well. Excellent! I will request the repo's move. > > Cheers, > > -- > Samuel Henrique > Cheers, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: ccrypt updated, review and upload needed
Hello Arnaud, On Thu, 2024-02-29 at 08:37 +0700, Arnaud Rebillout wrote: > Hello Sven, > > Regarding your commit "Apply 'wrap-and-sort -a' to d/control": did > you > consider using the option -t of wrap-and-sort as well? From the man > page: > > -t, --trailing-comma: Add a trailing comma at the end of the > sorted > fields. This minimizes future differences in the VCS commits when > additional dependencies are appended or removed. > > [...] > > I just mention it in case you didn't know about it, in case it's > helpful. I know it can also be matter of taste, and I don't think the > pkg-security team has a documented preference. Maybe it's just my own > preference :) Actually I know about it while I am still unsure which way to prefer. I understand the technical argument to add the comma, yet it looks kind of ugly to me as a human reader. > Thanks for taking care of this package, have a nice > day/evening/night? ! My pleasure! Best, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
ccrypt updated, review and upload needed
Hello Team, I have been working on the ccrypt package [1] and pushed the result to salsa, the CI pipeline was processed without any complaint. I would be pleased if one of the DDs would review my work and upload the package to unstable. Sven [1] https://salsa.debian.org/pkg-security-team/ccrypt -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: ITA: vpnc -- Cisco-compatible VPN client
Hi Samuel, On Wed, 07 Feb 2024 15:23:16 +0100 Sven Geuer wrote: > [...] > > I forked the vpnc package from the Debian group [1] to my personal > projects [2] and started to work on it. > > In the end I would like to maintain the package under the umbrella of > the Debian Security Tools Packaging Team. > > @Samuel: When I am ready I intend to request a move of the repository > from the Debian group to the Debian Security Tools Packaging Team. > Let me know if you agree to this procedure. > > Sven > > [1] https://salsa.debian.org/debian/vpnc > [2] https://salsa.debian.org/sven-geuer/vpnc Would you be kind enough to review my work under my personal repo [3]? If everything looks good to you, would you state you're agreeing to moving the repository from the Debian group to the Debian Security Tools Packaging Team? I would raise a ticket with the Salsa Team then. Sven [3] https://salsa.debian.org/sven-geuer/vpnc -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Two bug fixes for ncrack
Hi again, On Sat, 2024-01-06 at 10:58 +0100, Sven Geuer wrote: > Hi Peter, > > On Fri, 2024-01-05 at 20:59 +, Peter Wienemann wrote: > > Dear security tools packaging team, > > > > I pushed two commits to the ncrack repository [0] fixing two bugs: > > > > https://bugs.debian.org/1058286 > > https://bugs.debian.org/1048666 > > > > #1058286 is an RC bug. The suggested fix for #1048666 works but it > > is > > not particularly nice. If someone knows a smarter way how to > > address > > this issue, I am eager to learn about it. > > > > Instead of extending d/rules I propose to drop the offending files in > advance by a patch. This way there is not need to save and restore > them. Refer to [1] as an example. > > You can create such a patch easily via 'dquilt shell'. See [2] and > [3] if you are not familiar with it. > > [1] > https://salsa.debian.org/debian-remote-team/tightvnc/-/blob/debian/master/debian/patches/remove-upstream-build-system.patch?ref_type=heads > [2] https://www.debian.org/doc/manuals/debmake-doc/ch03.en.html#quilt-setup > [3] https://manpages.debian.org/bookworm/quilt/quilt.1.en.html#shell > > An additional approach worth to explore is to patch upstream's Makefile.in files to do the clean job correctly. Some parts are already available as distclean targets. Cheers, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Two bug fixes for ncrack
Hi Peter, On Fri, 2024-01-05 at 20:59 +, Peter Wienemann wrote: > Dear security tools packaging team, > > I pushed two commits to the ncrack repository [0] fixing two bugs: > > https://bugs.debian.org/1058286 > https://bugs.debian.org/1048666 > > #1058286 is an RC bug. The suggested fix for #1048666 works but it is > not particularly nice. If someone knows a smarter way how to address > this issue, I am eager to learn about it. > Instead of extending d/rules I propose to drop the offending files in advance by a patch. This way there is not need to save and restore them. Refer to [1] as an example. You can create such a patch easily via 'dquilt shell'. See [2] and [3] if you are not familiar with it [1] https://salsa.debian.org/debian-remote-team/tightvnc/-/blob/debian/master/debian/patches/remove-upstream-build-system.patch?ref_type=heads [2] https://www.debian.org/doc/manuals/debmake-doc/ch03.en.html#quilt-setup [3] https://manpages.debian.org/bookworm/quilt/quilt.1.en.html#shell > Best regards, > > Peter > > [0] https://salsa.debian.org/pkg-security-team/ncrack > Cheers, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Bug#1032462: ITA: argon2 -- memory-hard hashing function
Hello Samuel, On Sun, 2023-10-29 at 18:05 +, Samuel Henrique wrote: > $ dcut dm --uid "Sven Geuer" --allow argon2 > Uploading commands file to ftp.upload.debian.org (incoming: > /pub/UploadQueue/) > Picking DM Sven Geuer with fingerprint > 3DF5E8AA43FC9FDFD086F195ADF50EDAF8ADD585 > Uploading samueloph-1698580851.dak-commands to ftp-master Cool! Thanks! > I have just one note about the changelog modification: I see that you > are often updating the changelog in the same commit where you do the > change referred to. > This will cause issues whenever you need to cherry-pick/merge a change > to a different branch, that's the case when dealing with backports > branches, for example. That's definitely a valid point which did not come to my mind. Will honor your input with my future work. Cheers! -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Bug#1032462: ITA: argon2 -- memory-hard hashing function
Hello Samuel, On Fri, 2023-10-27 at 01:00 +0100, Samuel Henrique wrote: > From Sven: > > To comply with DEP-14, I just created the branch debian/latest and > > intend to drop the branch debian/sid eventually. > > Can you please set debian/latest to 'default' and 'protected'? I > > don't > > have the rights to do this. > > Awesome, I've done these changes and also gave you Maintainer > permissions to the repo. I pushed my changes to the repo and removed the debian/sid branch. Can you please review my work [1]? If it is sound, would you mind to grant me DM rights for the package? Cheers, Sven [1] https://salsa.debian.org/pkg-security-team/argon2 -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Bug#1032462: ITA: argon2 -- memory-hard hashing function
Hello Samuel and Peter, On Fri, 2023-10-27 at 01:00 +0100, Samuel Henrique wrote: > From Sven: > > To comply with DEP-14, I just created the branch debian/latest and > > intend to drop the branch debian/sid eventually. > > Can you please set debian/latest to 'default' and 'protected'? I don't > > have the rights to do this. > > Awesome, I've done these changes and also gave you Maintainer > permissions to the repo. Thanks a lot! > From Peter: > > as you suspect the Linitian tag is only emitted if the number of > > changelog entries is one. The reason is that it is too late to switch to > > the suggested versioning scheme after the first upload. Once an upload > > with a date-based versioning scheme has been done, an epoch likely needs > > to be introduced in case upstream switches to a conventional versioning > > scheme. Therefore this Lintian hint become pointless after the first > > upload. Still the reasoning to avoid prefix-less date-based versioning > > schemes remains valid. > > Peter is correct, the main thing to have in mind is that having the > package version starting with "0~" is much less painful than dealing > with an epoch, so the lintian is hinting towards the idea that all > calver-versioned packages should be versioned like that (with "0~"). > > For the record, I remember Raphaël once mentioning on this list that > epochs are also troublesome for derivatives, but I don't know the > details on that (and it was a few years ago). > > Still, if you think there's an issue with this versioning (that > overcomes the benefit of it), Sven, feel free to raise your concerns > and we can drop it if it makes sense. My only concern would be to stay as close as possible with upstream and other distributions, Considering your arguments, I will retain the current versioning scheme. Thank you for your thoughts, Peter and Samuel! -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Bug#1032462: ITA: argon2 -- memory-hard hashing function
Hello Peter, On Mon, 2023-10-23 at 17:26 +, Peter Wienemann wrote: > Dear Sven, > > On 23.10.23 17:19, Sven Geuer wrote: > > I would prefer to remove the 0~ prefix from the package version, > > resulting in an upcoming version of 20190702+dfsg-4 instead of > > 0~20190702+dfsg-4. This would align the version in Debian to other > > distros, see [1] for details. > > > > Are there arguments to not change the versioning in this way? > > > > [1] https://repology.org/project/argon2/versions > > I see the same issue for dnstwist [0]. Still there is a good reason to > keep the present Debian versioning as it is - see the description of the > Lintian tag "new-package-uses-date-based-version-number" [1] for an > explanation. > Thanks for pointing this out. However, I am unsure if lintian would still complain in regards to argon2 (and also dnstwist) as the package is not a new one anymore. The explanation in [1] cleary states This package appears to be the first packaging of a new upstream software package (there is only one changelog entry and the Debian revision is 1) and uses a date-based versioning scheme such as MMDD-1. and upstream kept using the MMDD versioning scheme since the beginning in 2015 (they might change their mind, though). > Best regards, > > Peter > > [0] https://repology.org/project/dnstwist/versions > [1] > https://salsa.debian.org/lintian/lintian/-/blob/d44a4d1a4a053b39ca2acbfa0c67ac4b5e04df59/tags/n/new-package-uses-date-based-version-number.tag > @all: Are there other pros or cons? -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Bug#1032462: ITA: argon2 -- memory-hard hashing function
One more thing... I would prefer to remove the 0~ prefix from the package version, resulting in an upcoming version of 20190702+dfsg-4 instead of 0~20190702+dfsg-4. This would align the version in Debian to other distros, see [1] for details. Are there arguments to not change the versioning in this way? [1] https://repology.org/project/argon2/versions -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Bug#1032462: ITA: argon2 -- memory-hard hashing function
Hi Samuel, may I ping you about the my below request? On Mon, 2023-10-16 at 11:08 +0200, Sven Geuer wrote: > Hello Samuel, > > On Fri, 2023-10-13 at 13:37 +0200, Sven Geuer wrote: > > [...] > > I am fine with the salsa admins moving the package. Here's the > > issue > > I logged: > > https://salsa.debian.org/salsa/support/-/issues/356 > > > > the argon2 repository has been moved to the group. > > To comply with DEP-14, I just created the branch debian/latest and > intend to drop the branch debian/sid eventually. > > Can you please set debian/latest to 'default' and 'protected'? I > don't > have the rights to do this. > > Regards, > Sven > -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Bug#1032462: ITA: argon2 -- memory-hard hashing function
Hello Samuel, On Fri, 2023-10-13 at 13:37 +0200, Sven Geuer wrote: > [...] > I am fine with the salsa admins moving the package. Here's the issue > I logged: > https://salsa.debian.org/salsa/support/-/issues/356 > the argon2 repository has been moved to the group. To comply with DEP-14, I just created the branch debian/latest and intend to drop the branch debian/sid eventually. Can you please set debian/latest to 'default' and 'protected'? I don't have the rights to do this. Regards, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Bug#1032462: ITA: argon2 -- memory-hard hashing function
Hello Samuel, On Fri, 2023-10-13 at 02:42 +0100, Samuel Henrique wrote: > Hello Sven, > > > > @Samuel: Would you mind to create a repo under the group [3]? > > > > > > [1] https://salsa.debian.org/debian/argon2 > > > [2] https://salsa.debian.org/sven-geuer/argon2 > > > [3] https://salsa.debian.org/pkg-security-team > > > > I believe argon2 under my personal projects [1] is in a ready to be > > uploaded state > > > > Would you review my work, move it to the group's repository and > > grant > > me DM rights? > > Sorry about the delay in replying, and thank you for pinging me > again. > > Since the package is already pushed and set to the debian namespace, > we should follow the process to move it under the team instead of > creating a new one (on salsa, I mean). This way redirects will be > setup for the new location. > > You can do that by opening an issue like this: > https://salsa.debian.org/salsa/support/-/issues/352 > > After it's moved, we can start using the new Vcs field. > > It can take a few days for the salsa admins to perform the move, so > if > you would like to upload the package before that, I don't see an > issue > in changing the maintainer and keeping the Vcs pointing at the debian > namespace (that is, until the move is done). This would allow you to > get upload rights and upload the changes without getting blocked on > salsa admins. > > Let me know what you think. I am fine with the salsa admins moving the package. Here's the issue I logged: https://salsa.debian.org/salsa/support/-/issues/356 Thanks a lot! Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Bug#1032462: ITA: argon2 -- memory-hard hashing function
Hello Samuel, hope you are doing well. On Tue, 2023-10-03 at 23:15 +0200, Sven Geuer wrote: > X-Debbugs-CC: Debian QA Group , Samuel > Henrique , Debian Security Tools Packaging Team > , > > I forked the argon2 package from the Debian group [1] to my personal > projects [2] and started to work on it. > > In the end I would like to maintain the package under the umbrella of > the Debian Security Tools Packaging Team. > > @Samuel: Would you mind to create a repo under the group [3]? > > [1] https://salsa.debian.org/debian/argon2 > [2] https://salsa.debian.org/sven-geuer/argon2 > [3] https://salsa.debian.org/pkg-security-team I believe argon2 under my personal projects [1] is in a ready to be uploaded state Would you review my work, move it to the group's repository and grant me DM rights? Regards, Sven [1] https://salsa.debian.org/debian/argon2 -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Bug#1032462: ITA: argon2 -- memory-hard hashing function
X-Debbugs-CC: Debian QA Group , Samuel Henrique , Debian Security Tools Packaging Team , I forked the argon2 package from the Debian group [1] to my personal projects [2] and started to work on it. In the end I would like to maintain the package under the umbrella of the Debian Security Tools Packaging Team. @Samuel: Would you mind to create a repo under the group [3]? [1] https://salsa.debian.org/debian/argon2 [2] https://salsa.debian.org/sven-geuer/argon2 [3] https://salsa.debian.org/pkg-security-team -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Can't push to the proxytunnel project
Hello Samuel, On Sun, 2023-09-03 at 20:41 +0100, Samuel Henrique wrote: > [...] > > > Please double-check my permissions. > > Sorry, I got misled by salsa's UI, the issue was that the > debian/master branch was protected and only member with "Maintainer" > access could push to it, I have given you that permission and also > changed the branch to allow for push from "Developer" too (although > no > force-pushes allowed for either). I could push now. Thank you for the fix. > [...] > > > becoming a Debian Developer. [...] > > I still need to review your latest changes, it could be that more > contributions are required, but I'll let you know. > My main concern is that once you're a DM, some of your work might go > unnoticed and so I want to make sure that doesn't happen. Just take all the time you need. > [...] > Just in case you're not aware, DebConf has a bursary request system > where contributos can ask for Debian to pay for their accomodation, > food, and travel costs. It's common for accomodation and food to be > given to all contributors (not guaranteed though) and travel for a > good number of requesters. Thanks for the hint. I wasn't aware of this offer, indeed. Cheers, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Re: Can't push to the proxytunnel project
Hello Samuel, On Sun, 2023-09-03 at 15:06 +0100, Samuel Henrique wrote: > Hello Sven, > > I believe Raphaël has given you permissions just now. I am still experiencing the same error: remote: GitLab: You are not allowed to push code to protected branches on this project. Please double-check my permissions. > > On Sun, 3 Sept 2023 at 14:48, Sven Geuer > wrote: > > I could not figure out what the reason for this might be. Can you > > please have a look? > > It's likely because I tend to set expiration dates when handing out > permissions and yours expired. I do that as a safety measure (say, if > you stop using that salsa account) and I'm always happy to extend > them. > > This means that you have been contributing for a while, which is > great, and thank you for that! > > It also means I should reach out to you to see how's your interest in > becoming a Debian Developer. I can't say for sure whether I can > advocate yet, but if not, I can help you in what could be missing. I feel honored by your proposal, actually I did not expect my contributions already suffice to go this step. We can start the process at any time that suits you. > > Let me know what you think, and also let me know if you will be > attending DebConf23, by any chance. I have no plans to participate in the conference. > > Cheers, > Cheers, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
Can't push to the proxytunnel project
Hello Samuel, when trying to push to the proxytunnel project I receive the following error message: remote: GitLab: You are not allowed to push code to protected branches on this project. To ssh://salsa.debian.org/pkg-security-team/proxytunnel ! [remote rejected] debian/master -> debian/master (pre-receive hook declined) error: failed to push some refs to 'ssh://salsa.debian.org/pkg-security-team/proxytunnel' I could not figure out what the reason for this might be. Can you please have a look? Regards, Sven -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
tomb (2.8.1+dfsg1-1~bpo10+1) ready for upload
Hello Samuel, I prepared tomb (2.8.1+dfsg1-1~bpo10+1) for buster-backports [1]. Unfortunately my request to the backports team to get uploads permissions for tomb has not been answered yet. I therefore whould like to come back to your offer you doing the upload on my behalf. Many thanks in advance! Sven [1] https://salsa.debian.org/pkg-security-team/tomb/-/tree/debian/buster-backports -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585 signature.asc Description: This is a digitally signed message part
DD Ping: Review of Tomb for CVE-2020-28638
Hi Samuel + Team, I prepared fixed versions of tomb for unstable [1], 2.7+dfsg2-2, and buster-backports [2], 2.7+dfsg2-2~bpo10+1. Please review these. I added myself as uploader, so feel free to provide upload permissions to me. Regarding buster I assume I should provide a 2.5+dfsg1-3 on a debian/buster branch in the repository. I would only add the security fix, nothing else. Is this the way to go? Sven [1] https://salsa.debian.org/pkg-security-team/tomb/-/tree/debian/master [2] https://salsa.debian.org/pkg-security-team/tomb/-/tree/debian/buster-backports signature.asc Description: This is a digitally signed message part
Backports of testssl.sh
Hi Unit 193, Hello Team, as per the PTS [1] testssl.sh versions 3.0+dfsg1-1~bpo10+1 3.0.1+dfsg1-1~bpo10+1 3.0.2+dfsg1-1~bpo10+1 3.0.2+dfsg1-2~bpo10+1 had been accepted into buster-backports, while in the repository on Salsa there is no branch debian/buster-backports [2] and there are no tags [3] for those versions. I believe this should be fixed. @Unit 193, I am afraid this can only be fixed by you, as you uploaded the versions concerned aircrack-ng [4] or tomb [5] are good examples to see how it should look like. Regards, Sven [1] https://tracker.debian.org/pkg/testssl.sh [2] https://salsa.debian.org/pkg-security-team/testssl.sh/-/branches [3] https://salsa.debian.org/pkg-security-team/testssl.sh/-/tags [4] https://salsa.debian.org/pkg-security-team/aircrack-ng/-/tags [5] https://salsa.debian.org/pkg-security-team/tomb/-/tags signature.asc Description: This is a digitally signed message part
Re: Webhook for arno-iptables-firewall
Hello Samuel, thank you for the quick response. > [...] basically the commit title has to have the same closes > statement that you would put in changelog. [...] I'm pretty sure that's the reason for the missing notifications. Thanks for pointing this out. Also, thanks for refreshing my DM status at the arno project. Cheers, Sven Am Sonntag, den 07.06.2020, 17:50 +0100 schrieb Samuel Henrique: > Hello Sven, > > > from my observations when having pushed bug fixes for arno- > > iptables- > > firewall I suspect the tagpending webhook [1] is missing from the > > project as I never saw pending upload notifications. These > > notifications seem to show up regulary for other projects. > > > > Can you please check this? > > We periodically run a script that puts our packages in compliance > which does, besides other things, set the tagpending webhook, last > time I run this was about a month ago, so all the repos created > before > that should have it. > > I checked arno and it does have the webhook there, what I believe is > happening is that you're not using the format "closes: #" which is > what the webhook looks for, basically the commit title has to have > the > same closes statement that you would put in changelog. > > > At least for proxytunnel I can see it is set [2], while for arno- > > iptables-firewall I cannot even acess the settings [3]. > This is happening because you had "Maintainer" permissions on > proxytunnel and "Developer" on arno-iptables-firewall, I added the > given permission for you with an expiration date of Dec 2022. If by > that time you're not a DD, anybody will be happy to extend it. > > Tell me if you're still having issues, > > Regards, > signature.asc Description: This is a digitally signed message part
Webhook for arno-iptables-firewall
Hello Samuel, from my observations when having pushed bug fixes for arno-iptables- firewall I suspect the tagpending webhook [1] is missing from the project as I never saw pending upload notifications. These notifications seem to show up regulary for other projects. Can you please check this? At least for proxytunnel I can see it is set [2], while for arno- iptables-firewall I cannot even acess the settings [3]. Is this an intentional difference? Thanks, Sven [1] https://webhook.salsa.debian.org/tagpending/arno-iptables-firewall [2] https://salsa.debian.org/pkg-security-team/proxytunnel/hooks [3] https://salsa.debian.org/pkg-security-team/arno-iptables-firewall/edit signature.asc Description: This is a digitally signed message part
Re: DD Ping: please review proxytunnel
Hello Samuel, thank you for reviewing and uploading, and the DM permissions. > "v1.10.20200507" that happened a few days ago :) Yeah, upstream accepted the patches I provided almost instantly :-) Cheers, Sven Am Mittwoch, den 20.05.2020, 01:34 +0100 schrieb Samuel Henrique: > Hello Sven and Julian, > > Changes force-pushed to the team's repo and package uploaded. > > Julian, I noticed you will no longer be an Uploader of the package > with this new version, I've read your reply to the initial bug report > from Sven and I believe that's what you wanted. If not, please let us > know. > > Sven, you did a very good job on the package and I gave you DM > permission so you can work on the new upstream release > "v1.10.20200507" that happened a few days ago :) > > Regards, > > signature.asc Description: This is a digitally signed message part
Re: DD Ping: please review proxytunnel
Hello Julian, Don't worry! Many thanks for maintaining this package for all these years. Best, Sven Am Dienstag, den 19.05.2020, 07:21 +0100 schrieb Julian Gilbey: > On Sat, May 02, 2020 at 07:07:34PM +0200, Sven Geuer wrote: > > Hello Julian, > > > > any feedback from your side is equally very welcome. > > > > Cheers, > > Sven > > Hello Sven, > > I'm so sorry - I have been completely swamped by work, and haven't > had > time to look at this for you :-( > > Thanks so much for doing all this work! > > Best wishes, > >Julian > signature.asc Description: This is a digitally signed message part
Re: DD Ping: please review proxytunnel
Hello, thanks a lot for your review and the special hints to tools I were not aware of. I decided to follow your request A, as it gave me the opportunity to broaden my git skills. Needless to say I dealt with requests B, C and D. I hope everything is in order now. Please review my personal project proxytunnel [1] and push it to the team's repository. Also, please upload the package in case it is clean now. Regards, Sven [1] https://salsa.debian.org/sven-geuer-guest/proxytunnel Am Samstag, den 16.05.2020, 23:12 +0100 schrieb Samuel Henrique: > Hello Sven, > > I did a review on the package and I have a few comments, I'll split > them into letters to help the discussion: > > A) import of package to git > I believe the git repo was created by importing the latest dsc > instead of doing: > gbp import-dscs --debsnap --pristine-tar --debian- > branch=debian/master > proxytunnel > Which uses debsnap to import all previous dscs. > > The side effect of this is that you lose the tags pointing to the > previous releases and all of them gets bundled up in a single commit. > Fixing this requires recreating the git repo with that command, > re-applying your changes (you can chery-pick them after adding the > current work's remote and doing a git fetch), and force pushing the > branches. > > Now, I won' t ask you to do this, because the practical benefits are > not so big considering the latest release is from oldstable and the > extra work needed to do it. I'll leave it up to you to decide whether > or not to do so, and if you decide to do it, just push it to a new > repo under your account and ping me to force push it to our team's > repo. > > B) missing tags > Tags seems to be missing in the repo, can you do a git push --tags? > There should be tags for the upstream releases and for the debian > ones > (in this case, only the latest one). > > C) copyright > You can use the command "debmake -k" to check that some copyrights > declared are slightly wrong, note that debmake suggests the wrong > license and gets confused with the LICENSE.txt file but the findings > itself are correct. Some files declared as "GPL-2 with OpenSSL > exception" are actually "GPL-2+ with OpenSSL exception" and some MIT > are actually ISC. Small things but they need to be addressed. > > A suggestion I'd like to give is to keep the licenses' long > description at the end of the file, to ease the human reading, you > declare only what's the license name and then at the end of the file > you declare all the licenses' text. Like in this example: > https://salsa.debian.org/pkg-security-team/passwdqc/-/blob/be0495e28a511411732810614b7893f1c078f0fb/debian/copyright > > D) debhelper > Since you will have to push changes, you can take this opportunity to > also bump DH13. > > I believe that's all, you did a very good job with the package and > I'll be happy to upload it after you solve these small issues. > > Thanks for your work. > > Regards, > > > -- > Samuel Henrique > signature.asc Description: This is a digitally signed message part
Re: DD Ping: please review proxytunnel
Hello DD's, I'd like to ask again for reviewing my work on proxytunnel [1]. Samuel intended to do this but seems to be hindered by whatever circumstances. Regards, Sven [1] https://salsa.debian.org/pkg-security-team/proxytunnel Weitergeleitete Nachricht Von: Samuel Henrique An: Sven Geuer Betreff: Re: Maintaing proxytunnel through the team Datum: Mon, 4 May 2020 12:24:03 +0100 > Hello Sven, > > > Does this also mean you already gave upload rights for proxytunnel > > to > > me? > > No, the rule of thumb I like to follow is to sponsor at least one > upload of a given package before giving DM permission, I'm not sure > if > I will be able to review it today, but if somebody else sponsors this > upload, you can ask them for DM permission, otherwise I will likely > review it in the next couple of days :) > > Regards > > -- > Samuel Henrique > Am Samstag, den 02.05.2020, 19:07 +0200 schrieb Sven Geuer: > Hello DD's, > > I believe proxytunnel [1] is ready for review now. Please look at it. > Please check especially d/copyright, I've been trying hard but I > would > expect further corrections here. > > Hello Julian, > > any feedback from your side is equally very welcome. > > Cheers, > Sven > > [1] https://salsa.debian.org/pkg-security-team/proxytunnel signature.asc Description: This is a digitally signed message part
DD Ping: please review proxytunnel
Hello DD's, I believe proxytunnel [1] is ready for review now. Please look at it. Please check especially d/copyright, I've been trying hard but I would expect further corrections here. Hello Julian, any feedback from your side is equally very welcome. Cheers, Sven [1] https://salsa.debian.org/pkg-security-team/proxytunnel signature.asc Description: This is a digitally signed message part
Re: Maintaing proxytunnel through the team
Hi Samuel, please find my replies inline below. Am Mittwoch, den 22.04.2020, 01:34 +0100 schrieb Samuel Henrique: > Hello Sven, > > I believe the package is a fit for our team yes. > > The repository is created at > https://salsa.debian.org/pkg-security-team/proxytunnel > But before the push I'd like to ask you about the latest upstream > release imported: 1.9.1+git20200123.1.eff4d41 > > What's up with the "1.eff4d41" part? I didn't investigate but I > assume > the last one is part of the git commit hash, but I don't know about > the ".1.". > I feel like I'm missing something, generally I prefer to use only a > date for tarballs coming from git snapshots, and I believe they are > more clean, though I recognize it's not as precise as having the > commit id. It guarantees monotonically increasing version numbers. Please have a look at my previous post for details. > > The package is also not building for me, and I believe it's a general > issue, it's better if you take a look at that before we push it to > the > team's repo as you can freely mess with the git history for now. The package is work in progress. Even the patches were not adopted yet to the new upstream version. If you prefer I can continue to work on it as a personal project first, and come back to you when I have it ready to be reviewed. > > Thanks for your work, > Regards Sven signature.asc Description: This is a digitally signed message part
Re: Maintaing proxytunnel through the team
Hi Samuel, Julian and Marco Regarding >But I agree that the '.1.' is excessive (even though I have been > guilty of it myself - I was just copying what someone else had done > and presumed that it had a good reason...). The '.1.' helps to keep the version numbers monotonically increasing if there should be another version for the same date. For instance 1.2.3+git20200422.ef8a32b 1.2.3+git20200422.2193ffa is not monotonically increasing, but one enforces it this way 1.2.3+git20200422.1.ef8a32b 1.2.3+git20200422.2.2193ffa I agree you will really need this quite rarely. While the commit fingerprint is a must as it serves to uniquely identify a commit. @Samuel: If the teams prefers a different way to construct the version, I am happy to adopt this. Regards, Sven Am Mittwoch, den 22.04.2020, 16:55 +0100 schrieb Julian Gilbey: > On Wed, Apr 22, 2020 at 03:09:16PM +0200, Marcos Fouces wrote: > > Hi Julian and Samuel > > > > I found that there is 1493 binary packages that use the "git" > > string in > > the release number. There is some exotic variations (like this one > > 0.0~GOTK3~0~2~0+git20170418.0.96d4110-3) > > > > I believe that ".1." refered by Samuel could be considered as a > > kind of > > an epoch. This is useful because the characters of the commit > > cannot be > > used to sort releases. > > > > IMHO, there is no strong need to insert the date, some characters > > of > > commit id, a custom epoch... Using "git+date" should be enough in > > most > > cases. > > Hi Marcos, > > I have found that having a commit id in the package version can be > helpful: > > - sometimes there is more than one upstream commit in a day > > - sometimes the commit date is somewhat ambiguous, especially if the > commit was on a different branch and then merged into the master > branch at a later date - what is the date that should then be used? > Different maintainers have used different choices, but the commit > id > is unambiguous. > > These have arisen when I've been trying to compare a Debian package > to > the upstream original to track down some issue or other. > > But I agree that the '.1.' is excessive (even though I have been > guilty of it myself - I was just copying what someone else had done > and presumed that it had a good reason...). > > > If you add some more commits, you can add them as patches in > > d/patches > > and refer it in d/changelog. > > Or just release a new version? Or do you mean cherry-picking later > commits? > > Best wishes, > >Julian > signature.asc Description: This is a digitally signed message part
Re: Maintaing proxytunnel through the team
Re-sent with link [2] fixed. Am Dienstag, den 21.04.2020, 22:01 +0200 schrieb Sven Geuer: > Hello Samuel, > Hello Team, > > I've started to adopt the proxytunnel package [1] from Julian [2]. > > I believe it fits into the range of packages the team is maintaining > and like to suggest to introduce it to our repository. > > This is what proxytunnel's description says: > > Create tcp tunnels trough HTTPS proxies, for using with SSH > Proxytunnel is a program that connects stdin and stdout > to an origin server somewhere in the Internet through an industry > standard HTTPS proxy. It was originally written to be used > as an extension to SSH, to be used to SSH to a box at home. It's > possible to use proxytunnel along with other applications as well. > > I am currently working on the package as a personal project [3]. > Would > you mind to import it? > > Let me know what you think about my request. > > Thanks, > Sven > > [1] https://tracker.debian.org/pkg/proxytunnel > [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=958177 > [3] https://salsa.debian.org/sven-geuer-guest/proxytunnel signature.asc Description: This is a digitally signed message part
Maintaing proxytunnel through the team
Hello Samuel, Hello Team, I've started to adopt the proxytunnel package [1] from Julian [2]. I believe it fits into the range of packages the team is maintaining and like to suggest to introduce it to our repository. This is what proxytunnel's description says: Create tcp tunnels trough HTTPS proxies, for using with SSH Proxytunnel is a program that connects stdin and stdout to an origin server somewhere in the Internet through an industry standard HTTPS proxy. It was originally written to be used as an extension to SSH, to be used to SSH to a box at home. It's possible to use proxytunnel along with other applications as well. I am currently working on the package as a personal project [3]. Would you mind to import it? Let me know what you think about my request. Thanks, Sven [1] https://tracker.debian.org/pkg/proxytunnel [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=95817 [3] https://salsa.debian.org/sven-geuer-guest/proxytunnel signature.asc Description: This is a digitally signed message part
Re: small patch for arno
Hello Julia,
thank you for your email. Would you mind to open a bug against arno-
iptables-firewall containing the very same text you sent to me? This
would help to trigger the processes the Debian project has in place to
track and solve issues.
To open the bug please email to sub...@bugs.debian.org with adescriptive
subject and a body as follows
Package: arno-iptables-firewall
Version: 2.1.0-2
Please refer to [1] for more details and other methods of how to report
bugs in Debian.
Thanks,
Sven
[1] https://www.debian.org/Bugs/Reporting
Am Freitag, den 10.04.2020, 19:48 + schrieb Julia Longtin:
> 90-rpc.plugin does not see carriage return as a line break when
> running
> rpcinfo -p |awk "/tcp.*$service/"' { print $4 }' |uniq
>
> this causes arno to fail to start if you have NFS services, and have
> turned
> this plugin on.
>
> --- 90rpc.plugin~ 2020-01-03 10:38:03.0 +
> +++ 90rpc.plugin2020-04-10 20:34:11.124131255 +0100
> @@ -38,7 +38,7 @@
>
>echo "${INDENT}Enabling RPC service(s) $RPC_SERVICES for net(s)
> $RPC_NETS"
>
> - IFS=' ,'
> + IFS=$" ,\n"
>for service in $RPC_SERVICES; do
> ports="$(rpcinfo -p |awk "/tcp.*$service/"' { print $4 }'
> |uniq)"
> echo "${INDENT}Adding TCP ports $ports for RPC service $service"
>
> fixes it.
signature.asc
Description: This is a digitally signed message part
Re: I'm a DM now, was: Re: arno-iptables-firewall 2.0.3-3 ready for review and upload
Thanks a bunch, Samuel! Am Mittwoch, den 01.04.2020, 23:12 +0100 schrieb Samuel Henrique: > Hello Sven, > > $ dcut ftp-master dm --uid "debma...@g-e-u-e-r.de" --allow > arno-iptables-firewall > dcut ftp-master dm --uid "debma...@g-e-u-e-r.de" --allow arno- > iptables-firewall > Uploading commands file to ftp.upload.debian.org (incoming: > /pub/UploadQueue/) > Picking DM Sven Geuer with fingerprint > 3DF5E8AA43FC9FDFD086F195ADF50EDAF8ADD585 > Uploading samueloph-1585779012.dak-commands to ftp-master > > Done :) > > Feel free to ping the list, or me, if you have any trouble. > > Regards, > signature.asc Description: This is a digitally signed message part
I'm a DM now, was: Re: arno-iptables-firewall 2.0.3-3 ready for review and upload
Hello Samuel, Hello Team, just wanted to let you know I successfully finalized the process to become a DM. My key has been added to the active DM keyring according to a notification I received on Tuesday. Samuel, please enable upload rights for arno-iptables-firewall for me. I'd like to thank all of you who supported me to attain the necessary expertise to become a DM. Regards, Sven Am Montag, den 02.12.2019, 22:01 + schrieb Samuel Henrique: > Hello Sven, > > > > Your suggestion is an honor to me. I just studied what's on nm.d.o > > and > > intend to apply soon. > > > > It's all result of your hard work :) > > > PS.: If you've been contributing to the team for some time and > > > you feel like you're ready to become a DM/DD, feel free to ping > > > whoever worked more with you to discuss about it, sometimes > > > we just overlook things and forget to ask people to apply. > > I forgot to make it more clear, this PS. part is for the rest of the > team. > > I will advocate for you (Sven) as soon as you apply, just ping me. > For DM only one advocate is required, more is better, sometimes other > people from the team might do it when they see your application, or > you > might ask them directly, but you already have the required number of > advocates so you can start the process as soon as you want, it's your > call now to wait or not :) > > Regards, > signature.asc Description: This is a digitally signed message part
Re: arno-iptables-firewall 2.1.0-1 ready for review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Samuel, just discovered the Standards Version has been updated in the last two days, so I bumped it for arno-iptables-firewall right away. Sven Am Freitag, den 24.01.2020, 22:18 +0100 schrieb Sven Geuer: > Hi Samuel, > > I missed to push pristine-tar and upstream. It's fixed now. > > Sven > > Am Donnerstag, den 23.01.2020, 22:53 + schrieb Samuel Henrique: > > Hello Sven, > > > > I believe you forgot to push the pristine-tar branch, can you do > > it? > > > > Regards, > > > > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl4rcNUACgkQrfUO2vit 1YUoyw/8C/e/hLT7mvuxN0TjkBxGgl6WgDMlqK5EeLHXkMpFQlTi9YvaB432sh17 o3RGgq9xAozVlr++FCeezQ/Jxtrea4Xcmjywbxg4VlambFmGWsHr8smS6F7XAujA flcbDRYCNQKLdmzsVXE4MADx6n/joMcNsEU7lWw9Oxb4t5mA1uRcENGnD+AEaNi3 ewjMFLpRxFs3upoJVaz0cGpUvag01rVHFVEc4cxfMI7xUuAmA7yprEwjzuvWED3U 0kAyPkInjVsDv3vU8RnZN65Rqx92G/hISWDV/F93fL4JFlNGkB0fjB3Wt2c85wFy JHt4R3Jx8StpMh6jqe5e/6ybMgOAk8UuXxAP6mwgGkiBlQumqt6ajPv6/TYWC/s0 6A/Rd3LP47+tHMeiDrbDZrzUcWfI6ngxRWEdOQ/5U45MzGmfgjgqFRyfgSQc9oB3 dzvj3OTyeYmDIoKbGYWAyPYporXeh3cS5bRjJCX2DxrwHUaNttj+q+U+45mfWR58 7EdTXFX7KqKlMsktnhE+rLqPKDHkBjspYv4nnm3sQU1khEuTGGwhz5JhJfbQWAQS 0DY6j4iLLbFucdspCwvKhdwYcGEiJlZ5C58J47aOiICycb+io+3NHtlR5HfEYhC8 V1zdboa6WLbWEab4MnjrVBqbaHoh4QnAtx5FbW03yu+65XhJj1I= =G5ku -END PGP SIGNATURE-
Re: arno-iptables-firewall 2.1.0-1 ready for review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Samuel, I missed to push pristine-tar and upstream. It's fixed now. Sven Am Donnerstag, den 23.01.2020, 22:53 + schrieb Samuel Henrique: > Hello Sven, > > I believe you forgot to push the pristine-tar branch, can you do it? > > Regards, > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl4rXyEACgkQrfUO2vit 1YV29w//cEZfin0AFjy71AHh1XGjS+8rvWsyd63eUocCJoo4CnGQm/LTIubcOMhA B2qg1iXwiPiZASbzO29cIsFvUn8mtdGSlZ4rpiXEkXe6DQhRaZDUm0gGV/Ps2uDv Mis+rLFWIL6OXhmjGCwBuIO31YAVhcjsq6ecA3uNPIjXK0X6c9ZkCI1YXoUFCQQY bSjSKCTkuZEC0GeqEhDLRMgs7XGLUodvfSQskXBsaTPUvi0qgPnLqNjPpzK+gMV4 mojlXutu8siyhIdl4ULaqIZnpGdRf9Zb8jg6QEd0IptkeS4JS6EqVzCAuxjChVQd 9/Q7IX5Rs4iS5QWwnwjh6WhCH3yEOaGaSMxnpipHqWeEzr+YHWsuFZ0HMf/Bp4+8 CV4O4CaV8LsFp7E7G71CoJs+Xmq5IQuzcRp1d85zAtZaWn/8d+41lnxPVFge7Z/d V/C43w2vXj/JT3AvNF6SYRnxfTkuU9Sisa12i8AAC3WmfmacZxZkbuO0D78rAXOR Ec+zwEdMT//URdPbntmDu/GVqNYeWqdS8aPlq0Vkm5vGaBmTs9XKQ0fv3z3jLC8e DOf/ZjpeJo9ti1BeRdrxOctNT6tm790VxEHgr0yF3r1gUuVV4TDUJwTWF5Fl/dgB xjXMqatEaGibeYZWn3EkktBTfqBwL9LpIEIx0UktKb0iEJnc03o= =qtAb -END PGP SIGNATURE-
Re: 2nd REMINDER: tomb 2.7+dfsg2-1~bpo10+1 ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Eriberto, Am Freitag, den 13.12.2019, 19:31 -0300 schrieb Eriberto: > Hi Sven, > > Sorry, sorry, sorry... I was a bit busy in last days and I didn't see > your last message asking for an upload. I already estimated something like this :-) > > I just uploaded tomb to bpo. > > Please, let me know if you need more uploads. Thank you for uploading, nothing more in my queue at the moment. Cheers, Sven > > Cheers, > > Eriberto > > > Em sex., 13 de dez. de 2019 às 18:00, Sven Geuer > escreveu: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA512 > > > > Hi Team, > > > > I'd really appreciate if someone would do this review and upload. > > > > If there's anything I still can do about it, please let me know. > > > > Thanks, > > Sven > > > > Am Montag, den 02.12.2019, 21:16 +0100 schrieb Sven Geuer: > > > Hello Eriberto, > > > > > > may I ask you to do this review and upload? > > > > > > You already reviewed tomb 2.7+dfsg1-1 and 2.7+dfsg2-1, and there > > > is > > > only a small change to d/salsa-ci.yml for buster-backports. > > > > > > Regards, > > > Sven > > > > > > Am Mittwoch, den 13.11.2019, 20:21 +0100 schrieb Sven Geuer: > > > > Hello Team, > > > > > > > > I just learned how to control the distribution used to run the > > > > tests, > > > > piuparts test don't fail anymore. > > > > > > > > Please review and upload the tomb for buster-backports [1] > > > > > > > > Cheers, > > > > Sven > > > > > > > > [1] > > > > https://salsa.debian.org/pkg-security-team/tomb/tree/debian/buster-backports > > > > > > > > Am Mittwoch, den 13.11.2019, 20:00 +0100 schrieb Sven Geuer: > > > > > Hello Team, > > > > > > > > > > I prepared version 2.7+dfsg2-1~bpo10+1 of the package [1]. > > > > > Please > > > > > review and upload it although it fails the piuparts test in > > > > > salsa's > > > > > CI. > > > > > > > > > > From what I can see the reason for failing the test is that > > > > > it is > > > > > run > > > > > on the wrong distribution (sid) for buster-backports > > > > > packages. > > > > > > > > > > Excerpts from the logs [2]: > > > > > [...] > > > > > 0m0.0s INFO: Command line arguments: /usr/sbin/piuparts -- > > > > > mirror > > > > > ' > > > > > http://deb.debian.org/debian main' --scriptsdir > > > > > /etc/piuparts/scripts > > > > > --allow-database --warn-on-leftovers-after-purge --hard-link > > > > > -e > > > > > /tmp/debian-chroot --distribution sid '/builds/pkg-security- > > > > > team/tomb/debian/output/tomb-dbgsym_2.7+dfsg2- > > > > > 1~bpo10+1_amd64.deb' > > > > > [...] > > > > > The following packages have unmet dependencies: > > > > >tomb-dbgsym : Depends: tomb (= 2.7+dfsg2-1~bpo10+1) but > > > > > 2.7+dfsg2- > > > > > 1 > > > > > is to be installed > > > > > E: Unable to correct problems, you have held broken > > > > > packages. > > > > > [...] > > > > > > > > > > Cheers, > > > > > Sven > > > > > > > > > > [1] https://salsa.debian.org/pkg-security-team/tomb > > > > > [2] > > > > > https://salsa.debian.org/pkg-security-team/tomb/-/jobs/411827 > > -BEGIN PGP SIGNATURE- > > > > iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3z++wACgkQrfUO2vit > > 1YXC/g//ZL9KVy3HgQOf2SpXd2rJ+i6IeUkhdiaVXpwjQ5HuCA0LRLfBaMa6jH28 > > arcEex05h2Whb9ZolT8KLmto3RgN+ulklZC06KWByzhVL279qXcYN8y1jOwJud6O > > YLkQcVxnbfE42Ekp0Gv5oM26j+996VvrjSbadsnSsQl7YizbPGWncf8uzOtYBLir > > aNkh7H8vpJyY65ZDGx0UuMTpF3hzAPPjQsu1gaKPmwoyAqPnUh3BKNAipqTl1HKF > > BLUbz1JDqF9qu7O2uO9uBoHd+4HDEbxTtuJE62PGF0PcIJc85j3Nr/jB321+B0Jl > > fI5t2XcahIWeS4X+XgPBRsFJdnLMds2dKSA5oPaDvWNgB0+RmlhCJhPu2stCcP1g > > BP/U4hHF0b7Wq5/SceE18hZcQW27Jo6yO5xBx+77l/2CfRnvrlHB5TdMBdYouPgX > > ZqkUDgDclBEFQlH8p2fd720STAD10ONlJEFRQ+p5YS+d3ixk5bAZgU4Kevx8w5+G > > 6gNypHmbN4dPvgm3SzkSMU44L6x3uZ7JzVYvvagexQfVVH//mguBGNzgdKEDi2vA > > EIJg92SQLcFdfsaG4m7k3jQ5SSTbDLvt/HOiQl4X/VxnzxoNtbYtRN5JXlSSEXmM > > S/OlDRkCME/Ny+3xmIdHm6UZESq1fwBPZhehSrJr8AL4SUtw1bg= > > =S1VH > > -END PGP SIGNATURE- > > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl32D3MACgkQrfUO2vit 1YUxNA/+LBbJ0CqJwzBIspe7kouZLn7sMSUWj43QNDxGA37ffGlaB0mcRSdfmJHx AZOhIhVXwz/ucTUxsZElHg5pIdBLsiPeCossTgWMRbgranaTIHqZhPIUnZRsFbLl b1dPz12uhK3WXsmPedRpDNUyHz7gXGK1BHHV+HPy/wtszEMNUSSiFhchHBnvcIdr LLG1TDYZ1dbtBgFlhQrEnO6VNvzqdEHYsXkgryM3d+PsJUa03rrkQ6sA5fReFvQr 1jqChl5WNC9wpCRsI++aaAoT35D0C1Idro+Etla8tCeRhmKa++IoCTqzPt0tIWBw xtl9TNU7cvEDhQEYPA7a/oVOGw1jXTgfYvVx7TMVE/PACLULeiD7MegmsQkCZR2N 4+CRYnPfqf9jTCewxbULEhtJDDsF0ln2doh+fmGu8meTY9Hl+K+afzEgFPlao2xT hsx9PSJA1vVFjX4Cw/f+AWpncROg+4n46zBFmnHfdNgodd+1zZTeqjoS2qhf3RIt voNbMTeh9KwsHZPBxk9PlDx7EGMdWjpu0IRKeSz0kK9msC5lcnLxF63a320x0WW/ 00QL4OAuDP5th9J6FZHu4+yR5w9H4FcpVGEUc474+xJHlqG0psoP9aIPHM/V5jPU 6OZ1tss0gxWLO0C34ukR9BcnN9ErcMdzOlb8WC+aTl5SFZKRJWs= =cNFy -END PGP SIGNATURE-
2nd REMINDER: tomb 2.7+dfsg2-1~bpo10+1 ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Team, I'd really appreciate if someone would do this review and upload. If there's anything I still can do about it, please let me know. Thanks, Sven Am Montag, den 02.12.2019, 21:16 +0100 schrieb Sven Geuer: > Hello Eriberto, > > may I ask you to do this review and upload? > > You already reviewed tomb 2.7+dfsg1-1 and 2.7+dfsg2-1, and there is > only a small change to d/salsa-ci.yml for buster-backports. > > Regards, > Sven > > Am Mittwoch, den 13.11.2019, 20:21 +0100 schrieb Sven Geuer: > > Hello Team, > > > > I just learned how to control the distribution used to run the > > tests, > > piuparts test don't fail anymore. > > > > Please review and upload the tomb for buster-backports [1] > > > > Cheers, > > Sven > > > > [1] > > https://salsa.debian.org/pkg-security-team/tomb/tree/debian/buster-backports > > > > Am Mittwoch, den 13.11.2019, 20:00 +0100 schrieb Sven Geuer: > > > Hello Team, > > > > > > I prepared version 2.7+dfsg2-1~bpo10+1 of the package [1]. Please > > > review and upload it although it fails the piuparts test in > > > salsa's > > > CI. > > > > > > From what I can see the reason for failing the test is that it is > > > run > > > on the wrong distribution (sid) for buster-backports packages. > > > > > > Excerpts from the logs [2]: > > > [...] > > > 0m0.0s INFO: Command line arguments: /usr/sbin/piuparts --mirror > > > ' > > > http://deb.debian.org/debian main' --scriptsdir > > > /etc/piuparts/scripts > > > --allow-database --warn-on-leftovers-after-purge --hard-link -e > > > /tmp/debian-chroot --distribution sid '/builds/pkg-security- > > > team/tomb/debian/output/tomb-dbgsym_2.7+dfsg2- > > > 1~bpo10+1_amd64.deb' > > > [...] > > > The following packages have unmet dependencies: > > >tomb-dbgsym : Depends: tomb (= 2.7+dfsg2-1~bpo10+1) but > > > 2.7+dfsg2- > > > 1 > > > is to be installed > > > E: Unable to correct problems, you have held broken packages. > > > [...] > > > > > > Cheers, > > > Sven > > > > > > [1] https://salsa.debian.org/pkg-security-team/tomb > > > [2] https://salsa.debian.org/pkg-security-team/tomb/-/jobs/411827 > > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3z++wACgkQrfUO2vit 1YXC/g//ZL9KVy3HgQOf2SpXd2rJ+i6IeUkhdiaVXpwjQ5HuCA0LRLfBaMa6jH28 arcEex05h2Whb9ZolT8KLmto3RgN+ulklZC06KWByzhVL279qXcYN8y1jOwJud6O YLkQcVxnbfE42Ekp0Gv5oM26j+996VvrjSbadsnSsQl7YizbPGWncf8uzOtYBLir aNkh7H8vpJyY65ZDGx0UuMTpF3hzAPPjQsu1gaKPmwoyAqPnUh3BKNAipqTl1HKF BLUbz1JDqF9qu7O2uO9uBoHd+4HDEbxTtuJE62PGF0PcIJc85j3Nr/jB321+B0Jl fI5t2XcahIWeS4X+XgPBRsFJdnLMds2dKSA5oPaDvWNgB0+RmlhCJhPu2stCcP1g BP/U4hHF0b7Wq5/SceE18hZcQW27Jo6yO5xBx+77l/2CfRnvrlHB5TdMBdYouPgX ZqkUDgDclBEFQlH8p2fd720STAD10ONlJEFRQ+p5YS+d3ixk5bAZgU4Kevx8w5+G 6gNypHmbN4dPvgm3SzkSMU44L6x3uZ7JzVYvvagexQfVVH//mguBGNzgdKEDi2vA EIJg92SQLcFdfsaG4m7k3jQ5SSTbDLvt/HOiQl4X/VxnzxoNtbYtRN5JXlSSEXmM S/OlDRkCME/Ny+3xmIdHm6UZESq1fwBPZhehSrJr8AL4SUtw1bg= =S1VH -END PGP SIGNATURE-
REMINDER: tomb 2.7+dfsg2-1~bpo10+1 ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Eriberto, may I ask you to do this review and upload? You already reviewed tomb 2.7+dfsg1-1 and 2.7+dfsg2-1, and there is only a small change to d/salsa-ci.yml for buster-backports. Regards, Sven Am Mittwoch, den 13.11.2019, 20:21 +0100 schrieb Sven Geuer: > Hello Team, > > I just learned how to control the distribution used to run the tests, > piuparts test don't fail anymore. > > Please review and upload the tomb for buster-backports [1] > > Cheers, > Sven > > [1] > https://salsa.debian.org/pkg-security-team/tomb/tree/debian/buster-backports > > Am Mittwoch, den 13.11.2019, 20:00 +0100 schrieb Sven Geuer: > > Hello Team, > > > > I prepared version 2.7+dfsg2-1~bpo10+1 of the package [1]. Please > > review and upload it although it fails the piuparts test in salsa's > > CI. > > > > From what I can see the reason for failing the test is that it is > > run > > on the wrong distribution (sid) for buster-backports packages. > > > > Excerpts from the logs [2]: > > [...] > > 0m0.0s INFO: Command line arguments: /usr/sbin/piuparts --mirror ' > > http://deb.debian.org/debian main' --scriptsdir > > /etc/piuparts/scripts > > --allow-database --warn-on-leftovers-after-purge --hard-link -e > > /tmp/debian-chroot --distribution sid '/builds/pkg-security- > > team/tomb/debian/output/tomb-dbgsym_2.7+dfsg2-1~bpo10+1_amd64.deb' > > [...] > > The following packages have unmet dependencies: > >tomb-dbgsym : Depends: tomb (= 2.7+dfsg2-1~bpo10+1) but > > 2.7+dfsg2- > > 1 > > is to be installed > > E: Unable to correct problems, you have held broken packages. > > [...] > > > > Cheers, > > Sven > > > > [1] https://salsa.debian.org/pkg-security-team/tomb > > [2] https://salsa.debian.org/pkg-security-team/tomb/-/jobs/411827 > > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3lcQwACgkQrfUO2vit 1YXlmA/+Oz6Hg4DNVpehmp7xoA/x8aOAYHfB0coS75BWVsXgXVIUwNBgzpRcpkbe 40w5JvjA6xCYB7Zl84rah6LkQiifqcCphtbee+qG5w1hbD5d3hwbpuxqImY3v5lN WJHv91sAlkc/FLH9Hzjtj33G9l5UZ4J5ESecQC/C0ru35JSeFJhjIB0VPvnI36Pn Kyv2U4DwgdT8AaCy0wZI9mbQOsAOrQO4nzYdZkZWGFyo8gbIIYF4hOarT0kmHo28 IPjnit5JhZcJ51ojt9vH1GeqWeD1ne/YR90u+TUK97mlV0SAtjDF3cMEbTn1ezim Rt5W6JM6ednSJ3eRpk/cu41AGodQ3jWMvCPA2dXRa96yscgDxkbyG64FEL6bgQKs OE66ni8euw23+lJHY0/DS9U2ECFbQIVViMGC+ZUpshesXAq1Gsx/Z1mPXj0Ro0Dv gGRAkAqrPRwT8A/LMItyx1Ph3+SKQt7aCrPwmLxE1o+S6XqfXspxnIvbS+U3dS8z AboJyxXAAM5yFMdRLH0aVX3i8Q6iARRPZ7dhMtJ2IPMowoR+R9gKp+wVXNJfRqgg k+b+xBxOA185ZQ6JPi/uA79YOFznU9hir3CT3b/EEForQvW087MBl1tr8ntHKx7B ecZ6Qtq4y9JQhbh4agnM+o8RWv77fRnhp+d7EPL+7m9svbHIfRQ= =gW6F -END PGP SIGNATURE-
Re: arno-iptables-firewall 2.0.3-3 ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Samuel, Your suggestion is an honor to me. I just studied what's on nm.d.o and intend to apply soon. Regards, Sven Am Montag, den 02.12.2019, 00:22 + schrieb Samuel Henrique: > Also, would you like to apply for Debian Maintainer? > > https://nm.debian.org/ > > I'd like to give you upload permission for arno-iptables-firewall. > > This should reduce the delays in the upload :) > > I'm trying to take a look at the work people has done to the team, > sometimes we might miss people who should be DM/DDs already. > > PS.: If you've been contributing to the team for some time and > you feel like you're ready to become a DM/DD, feel free to ping > whoever worked more with you to discuss about it, sometimes > we just overlook things and forget to ask people to apply. > > Regards, > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3lbzcACgkQrfUO2vit 1YUeWQ/+PvRMXjcWliJN1MQ4RSdBm5aUpwuoL8jTNysOWEav6SwgJhU6v9gl+IS8 GCMO1Oy8ozjFhpnf12lBjZqcnuhcx7mBanFE2STNw/Xz4jBBwrPrbGwTjoYg0vdu yUZkd+wMcfUv53coMhhNfE5emXBhQVnu/T7SLbnc+15QyrYVbiOqPRFUPZ9DRFGF zVGU4h1nvvOvd58NidBd/uOox6tlNmTERdYjVD7rGcwROq8octcJXQhP9khcaaYY CBYeuCOfpcQa/JbETx5FhyTyDnYUGvVDx8Gnc/M/TKzYpWTQlymhc1OhYYwDGxc2 cur91YaKN682uwIvNcO0MHwO98DovogEVOhEzuLDCQ+Zd+nzDjLd4Ux+9HvyVZNA XLzQCe2AdIvSxf/ORw5jvDO5ttTxNqMHkAXPc0d4Z4YrpxxJwdnWZshvVuLssap+ Eblv24k4Gf12iEVI69eGp5IazNdpIVtw6PLBkCBSmLQY0whgf/x2f93uTbPsgMoQ xBqx89YWhf3FnzQ6AltqDz1x7tXDsYKLhHNy/VdHUpe5KqGgsGEbdzK2gzpG/Rix y+yImOs1ONHSMLfeo7zBR7B0l8dsfe8lg2rsqPD6z+kaALdUcCGJisFbJKceTnV4 abN92Seys4WdSQIR+TqbZpk5ewZAjgXNzwFkkJPsH4AB9//xIwk= =LsKo -END PGP SIGNATURE-
Re: tomb 2.7+dfsg2-1~bpo10+1 ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Team, I just learned how to control the distribution used to run the tests, piuparts test don't fail anymore. Please review and upload the tomb for buster-backports [1] Cheers, Sven [1] https://salsa.debian.org/pkg-security-team/tomb/tree/debian/buster-backports Am Mittwoch, den 13.11.2019, 20:00 +0100 schrieb Sven Geuer: > Hello Team, > > I prepared version 2.7+dfsg2-1~bpo10+1 of the package [1]. Please > review and upload it although it fails the piuparts test in salsa's > CI. > > From what I can see the reason for failing the test is that it is run > on the wrong distribution (sid) for buster-backports packages. > > Excerpts from the logs [2]: > [...] > 0m0.0s INFO: Command line arguments: /usr/sbin/piuparts --mirror ' > http://deb.debian.org/debian main' --scriptsdir /etc/piuparts/scripts > --allow-database --warn-on-leftovers-after-purge --hard-link -e > /tmp/debian-chroot --distribution sid '/builds/pkg-security- > team/tomb/debian/output/tomb-dbgsym_2.7+dfsg2-1~bpo10+1_amd64.deb' > [...] > The following packages have unmet dependencies: >tomb-dbgsym : Depends: tomb (= 2.7+dfsg2-1~bpo10+1) but 2.7+dfsg2- > 1 > is to be installed > E: Unable to correct problems, you have held broken packages. > [...] > > Cheers, > Sven > > [1] https://salsa.debian.org/pkg-security-team/tomb > [2] https://salsa.debian.org/pkg-security-team/tomb/-/jobs/411827 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3MV8kACgkQrfUO2vit 1YU3uw//QHDAtLE4qvWQm6ZjWwMcyWADYgB1UnKGgI77oUE2bF3bL12jUby9Agbi VVvvD2XIxJgV/pH6cORBmUAXIojlNLhP1w/Y38bd07XH5GCtWneGvW7pBroCEhE6 JVa5S2Wyg8Gk6p47mnWzkZjZZ9kYCZ2W5d5CDMShm1BX7m6h4kOuByn1fUARWVnE aD/+VMQTPNyZVif6Q+5Tt0WM1udJyyRwUIuj6E0quAUnvnoh0VhTPK4p+YvEn4NL u2FNC6lf4Lqg2FxjJfkgntemz3tGqyKhK0MLC8nWhWpnGJALdqjaZ17062nboUI6 NHe6xIYdyJBrvKyR6n+7ex/mcLRovXG62CSxaaMWTWfdb5Wo2h3ydE4FSKEUkNeo bBAaA/EiCywmW4qeD2G+UCwHIFYCw6vN0xVhkrlvWVtsxy/g6DWeAIf3PEnmK66y 3OlcNSQ5wGS3kDAjkYI5LUAeM0OocYVhRTxZRy9Q5wMMgHcCj+vI73uaYBOAsnjR FdX3m5ibDOD4BKDVtfSutOk8HZZ6Exun+vaiaeAop6uYY/qqGRwRy7OeSp+RCjvK i1XHodqBgskGRTBk/SR4ftl2Jz+KpS7bfSXEUqqFbtOxXepcRGffMhk6YTTrWts1 +iNYjWEyjmWIUMpHgmDLXizVFkEGXW9CVQFv7giQcxnbymwbMWc= =GkjK -END PGP SIGNATURE-
arno-iptables-firewall 2.0.3-3 ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Team, I pushed version 2.0.3-3 of arno-iptables-firewall to salsa [1]. Please review and upload it despite the failed autopkgtest in salsa's CI. I believe it fails due to the limited networking functionality provided by docker. The same test runs successful on my local machine with debci which uses lxc containers. I forward a log excerpt below: $ debci localtest ../build-area/arno-iptables-firewall_2.0.3- 3_amd64.changes autopkgtest [21:42:48]: version 5.11 autopkgtest [21:42:48]: host e580sg; command line: /usr/bin/autopkgtest - --no-built-binaries --user debci --apt-upgrade --output-dir=/tmp/debci- localtest.vqZrZowqZ7 --shell-fail ../build-area/arno-iptables- firewall_2.0.3-3_amd64.changes -- lxc --sudo --name ci-1573418568 autopkgtest-unstable-amd64 autopkgtest [21:42:59]: test bed setup [...] Setting up arno-iptables-firewall (2.0.3-3) ... Created symlink /etc/systemd/system/multi-user.target.wants/arno- iptables-firewall.service → /lib/systemd/system/arno-iptables- firewall.service. Setting up autopkgtest-satdep (0) ... Processing triggers for systemd (242-8) ... Processing triggers for libc-bin (2.29-3) ... (Reading database ... 12920 files and directories currently installed.) Removing autopkgtest-satdep (0) ... autopkgtest [21:43:18]: test test1: [--- checking the config file for expected content checking for expected iptables rules checking for expected ip6tables rules autopkgtest [21:43:19]: test test1: ---] autopkgtest [21:43:19]: test test1: - - - - - - - - - - results - - - - - - - - - - - test1PASS autopkgtest [21:43:19]: summary test1PASS I: test artifacts available at /tmp/debci-localtest.vqZrZowqZ7 Cheers, Sven [1] https://salsa.debian.org/pkg-security-team/arno-iptables-firewall -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3IeqYACgkQrfUO2vit 1YXk6w//acJu83XbBbcAOYfy59KVrhd3YRDRKkr+mMyag8SxfMo2fYDFjnM0G7R8 nBTgKRY5jH30ZP5I0AfJpzGX/Bg3WdglR2OJV6GnqsTPVoJFkpRM2pWbPXVC4ld0 XD1rzcD2V8OgYlAsNxqKX+YIu02hnSitGWPpXjJ95bKfFo1pfzyn4ydwGSALIbku fd7rZFISqqRUjdCfi86GBmzLbZj/kzBDAZg446QbaRilbyAn6G5KDAf5ju0IgwQJ CBTnYU38Tt0MleP/+PzaFi6jgU2DjsU++NdslIXwShYJTRMGLhkbgI5Cvf1aILH0 n2oXmY1AWjo/IxWUi+tdSkbj9qe1900MkDh+ZVukAvheu1jfhMdM+enbNMpCZIQR tIXW9T+eBVNfhY5VMp2wTqotid2XwlRx3gFMFdDPU6pGfvaVNmefQMTE4nCAPl7Q pS1GrQZc4+5dccZHh6MFBVrdCsC9rFknzqicjAGRq4aHTF4IpiGLJvc143TGB/CM MII8vkZS1jMxdjZl76Duq9ZecX1urkuulEsyURpq1xVckhLv7ZJeyF7hSbTH9Pb5 PGkVwuFFVgaVFQICKEaQEGyXiJI/GhgJPMOeZlOfMtAt3/sMADZeE7FJ5HgNOlFl nzxogkTfwlFD3VkjWo8BPS2qGUYeBvi0mGFit6Sc2ggLROEIkjA= =Ej0p -END PGP SIGNATURE-
Re: tomb (2.7+dfsg2-1) ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, Eriberto, Am Mittwoch, den 06.11.2019, 19:19 -0300 schrieb Eriberto: > Em qua., 6 de nov. de 2019 às 19:17, Eriberto > escreveu: > > Sorry. It was a mistake mine. > > Please, join the lines. > Done. Please review again. Thanks and sorry for the hassle Sven -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3EaR0ACgkQrfUO2vit 1YUxCg//aDD9DfDt+ePquTTSdp7DElqYCKSJjD9TD2OUR99zqosuezhJFD0uI9uc YV9ylg3UeltwIdt4pYsgP2s9aVKtpVTqcxCZKJEWZMUs+fXx9CuTDiBOjzK9m+Xx 5foBr1AEjuyY1rugAcfNkqknrFswqrb1OHTytsY0qJTpDIdFR2KM6JuxUOskzoaS KmuoOHnGZ98V7vUQmU+bsKjokVZeuc5VVXcK5TcAeF0Iu4x6hXSOjfejZh3oIaxi 6ESgSwcU5DUOQjoQUJJkCHCMACWLfkyj4QO7LIWfztSwqMbQTTK2RTjM9i7bBYX+ N372Xr9Aee42rYD2OaOStIs9wWZiBD+7KjmjukuJiWKkEftyQi/OqLb1cKWV1015 liBJ3gPdl48k6xyWe4ZgHHBhWo3jsNvg0WvuFnt5od7hChX5E3U9sAmg5cmQefhU RURDKIhURr1zQRZtYihuTsrBbqS9CYnxWckGJlXC8BAXFrfdJtJSeh8qYedkm4h9 sfFS6ZT7N9l+XYbswHkv1ZKY9jN7Fts483nH/mGdIUTZ0BLZ63FPoOjUgtQWVoNI 0KdsRzEcNcSbe+JCXVBv1L2k2XsC6hNxTZGq5itMoQC9YJwzigj0i0B+aloFzDqp OktfYIpkTENI4CrZsUFNy9BY7U9JgZwSA9lqOBpe0FxP73Eu+3E= =7p7B -END PGP SIGNATURE-
Re: tomb (2.7+dfsg2-1) ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Eriberto, I think I've covered all your requests. Please review what I pushed to salsa just minutes ago [1]. Cheers, Sven [1] https://salsa.debian.org/pkg-security-team/tomb Am Mittwoch, den 06.11.2019, 15:40 -0300 schrieb Eriberto: > Em ter., 5 de nov. de 2019 às 20:22, Sven Geuer > escreveu: > > Hi Eriberto, > > Hello Team, > > > > I believe I've sorted out all the copyright issues. As a result > > Tomb > > 2.7+dfsg1-1 became 2.7+dfsg2-1, I had to drop another doc file from > > the > > original upstream tarball. > > Hi Sven, > > Thanks a lot for your nice work. I have a last request before upload. > > 1. Please, group all files and authors by licensing. If possible, put > the files one per line and in sorted order. It is nice to make the > conference easier. See my example for GPL-2+: > > Files: extras/test/aggregate-results >extras/test/Makefile >extras/test/sharness extras/test/Makefile > Copyright: 2005-2012 Git project <https://git-scm.com> >2005-2012 Junio C Hamano >2008-2012 Git project <https://git-scm.com> >2011-2012 Mathias Lafeldt > License: GPL-2+ > > For GPL-3+ you will need 'Files: *' only, not a list of files. > Considering that GPL-3+ block will have several names, please, add a > Upstream-Contact field in header to indicate that 'Dyne.org > Foundation > ' is the main upstream. > > You can see the package volatility if you have doubts (but feel free > to ask me). > > 2. debian/*: I can't see Raphael Hertzog name in debian/changelog > working in 2019. If I am right, please, remove the 2019 year and put > Raphael's name before SZ Lin. If I am wrong, please, put Raphael's > name before SZ Lin. > > Cheers, > > Eriberto > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3DLfkACgkQrfUO2vit 1YV9IA//avLzC7WRp+/bRGKMT42OCR3QG7APwpPdsfjDvAdjuK4o9P183o+ncEKR 4lVJgXA12N8EbSLLw02ErCIfus/JocJ67S09XeIdItworlL8A+A0R6qrb3I9YA+i CYVc9b1g5UaRcNEGQ/jrcuMIfKZnN5qNRWGShUWyAInp+gkj70pQHCgcyTdkKn5Z 5uZZIW+Dfj+ekMCCMAN0dISdYBbpCXSzRwx/PItIH16pMGzSa6QnuKVXndZhfvUW pISvEklwRqILKj0yHlI6YVYgt+ZQBeRFVyudtzcE7E2M8QZkXIDL56zOFoDDnHox g3u+znMGerQNT/kAwF7oB6L6Y/y3pAZ3/TpZoNxCSBxVA8+7/gTNqCaTXzGMjnJS BQzWc+Ves81GkSwvOFU/pQXxTXpxLnIVsxov6byMGwMG2HcC5ArRqghLHT/xv8wV yDpHBBvwVfllYpxRCznzwcKcc5OeQlBUT/x34JXiX7ics8Nb7T4rHzL7xxxUGcIQ t3tCr4IOI1nSRNKeX5fGFSaWTlvjXk8DaQuQrO4fdc9Zh4vn52pjjqsT7RzYps3g J355zlsBEE7EGtR5RV8mtT5EUM5x7UTpNHLFniBndxBEm7K3lNZc8vF1NDPgGucn n8L7yroSRYlnNmdZqJz4Jl0pMLYhFCnInnPP+IDv6ErzVDI2/Wg= =4cbd -END PGP SIGNATURE-
tomb (2.7+dfsg2-1) ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Eriberto, Hello Team, I believe I've sorted out all the copyright issues. As a result Tomb 2.7+dfsg1-1 became 2.7+dfsg2-1, I had to drop another doc file from the original upstream tarball. Please review und upload [1]. Thanks, Sven [1] https://salsa.debian.org/pkg-security-team/tomb Am Montag, den 04.11.2019, 20:21 -0300 schrieb Eriberto: > Sorry but I forgot a detail... > > Please, update the block debian/* in debian/copyright file. You need > include Andreas and Raphael names and update some dates. Use: egrep > '(@|\[)' debian/changelog > > Cheers, > > Eriberto > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3CBEkACgkQrfUO2vit 1YXFxxAAusg4pcMmjLP2yB8rA3gtDEUQ0QMZ2bgSVCV7/xLTYQP/DoxBIpmkmDEm HvEhdadquzxN2Ms9bzzahY7bB2iM794Am4ZEtIXcIRp8s2BypPZlSb0+Bwn9gNCy cSSf8BSRgDZSJOoC3pupqUqx/4FVpvYT/JsfiYTMhfrEQmo/yr8d13JpP2WOmrmJ MRsHePPb8GLVbDBui+qw9JXHkaXyjQGaGXgiY48Zl9EMVLXvpDjFuwsIf3l53u/7 TTkLH8eBH+/MdTqioUBmDWbzxbraoIY5LbGPzRry8X0jC6zTTUL9kbQGvSKsWTgD oGOi/zDRIrftS5z4ISJdWNPxMNKIyWXFAuv94mJMdtaVFV3iXhavKgn9kfLXPRZD 3T11l6VLDUx6UdXMMDki/nFLI7zy4TeYWuiie6BP5Cg3tIx8W+7qtPM20RK9lLLw O9KW4BZKKl02c2u1K9/bfRUR/qytHhngPFMVkbW0hAmkuyP3/uAiOfk7hv8JuzYD 3ID0CR2nLmg+JHsZIc84/8f3kWU7SYqYMpLp0dpl4HPkztK8PsESearPaOIDhLcQ rbbnXn+aeH/0T3YOjUq5eaM54/6/ov2+3cGJxOOytMwD0GQqgbzwKDzy3Jh4CFEa 5U0JX7fMVYVv2QkC63ol4Hg5ma9rMFADYHo3LqFubtD9F6cLU7k= =R1gX -END PGP SIGNATURE-
Re: tomb (2.7+dfsg1-1) ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Eriberto, thank you for your quick feedback. I stumbled over doc/LinuxHDEncSettings.txt which contains a copyright note but without mentioning any license. How should I handle this case? Sven Am Montag, den 04.11.2019, 18:38 -0300 schrieb Eriberto: > Em seg., 4 de nov. de 2019 às 17:45, Sven Geuer > escreveu: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA512 > > > > Hello Team, > > > > I prepared version 2.7+dfsg1-1 of the package [1]. Please review > > and > > upload to unstable. > > > > Thanks, > > Sven > > > > [1] https://salsa.debian.org/pkg-security-team/tomb > > Hi Sven, > > Thanks for your work. Please, do some changes: > > 1. debian/copyright: > > - Update the upstream copyright years. > - Align vertically the names in debian/* to make easier the > conference. > - Put Samuel's name before your name in debian/* to make easier the > conference. > - Declare absent upstream names, as Federico Reiven. You can use --> > egrep -sriA25 '(copyright|public dom)' <-- in upstream source code > to > search all names. > > 2. Patches: > > - Please, declare in changelog all removed patches and the reason. > > Regards, > > Eriberto > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3ArVUACgkQrfUO2vit 1YW29Q/+KrPK/RHK+ZC3uPKmfAYZh1+G8oSARxLNQll3XdGgNV06mII12UXeevNZ WwrFOdRDe1MololTRAphnNi6JBZyKF/OePMNH8LCK8QXlvuRWsoSrN0FPiHWsQO3 0aayaDxgDuh9mf+sZXGxBQw3VF0ySKIFgJ3ASq9wFDOF7RTH3bK4hiBQVZVd+vrS sqnwdkIFDuZaz2oJRrDQ+9aw3VgGMJa3cU10Qsa3OJVDe3LTsKzwIEZ+28xBk9pR flcevfMmADc5t0OpBXpr5Ekqeaog1gKX1BFp/2NupdP/MGVnSXWnJjyr86FAR0tw B4lYC0fqiaS7xfl7ztOhjO/FL2sti5xcB3fuddsApixZ5kpCJqjBZMIOP8G0YmTR rJj8wh3EQCUhwRUKLqrxgdLnFTXo/+penbS11a+ua5sGAcAlh0UdZOA4o+tBYx1L vi4ce6W914W3IFt1WZiV9/tcvtRr7lDJsMy9CKoLO5t0Ri3lIrMqXXMAvuufPe6F hKpuUJ42eENhQuEQLmQ2t0HadLXbC/DVjVZ0iFiuupRXG4GGk1duElGjdBBdyRpy Orqjve8yaW6JS4ddQ8o36LX0mM7yDG5IgRSKWKOaCmOibV0QqrfFx8RUKtcQUYkT veIOI4yX9/iOsEz0VUR8SiS99QnoMWzausUajlQYAQIsQJVoCns= =xiQQ -END PGP SIGNATURE-
tomb (2.7+dfsg1-1) ready for review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Team, I prepared version 2.7+dfsg1-1 of the package [1]. Please review and upload to unstable. Thanks, Sven [1] https://salsa.debian.org/pkg-security-team/tomb -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl3AjdAACgkQrfUO2vit 1YXBrxAAljIeqIxMOvtzv1eD+ej76e4iDP8rExNGXFUNxldOr3DJWDq1R5wLDA3X P+2ZbATF/7DdJpZtXRP+kTJ1NpN12SlJlCE/i1aWhidIM/n36bjsPoU0UyLI2ath Zo5qO+4GyBQVPrSkWTWQrEFYKg6jQbdhaLrA7kC9IjnKNP/bzPwh7UPZHa/BREFd cMsoG8g+iyckxS63wzFizMki9exL+zsMqu8e/cSqh7kpD+K/H1i0D4u7ATLZFi7F bFHeyvPCM2xnRU7KBWgaJPaTNRr3ewvpkEUQ2XtKAq7MiDJmYBmJjxv1Gfz1SLJA WDbnLgCBdcU/2BQfJhR8lQsU4vGK5aGLJ/WqtVSqJDhXylAdylbjAP+hRvbE+KR3 kyc39TiGO94Ril07j2SY3zffBL5l8PFruj8FOd+4sSXOC+ok0B5TGm6Ff9P5CwQl 99BYZdP43Evrgc01TYNutR6OFzOFGykf6hfvYnfFF+9V9eMVmmffak1UANgTnUfN 6loAk4AqBIdbpv0f7XcZAPCTWvMMFSGZ3OhScnTH8YDJFOe1ddcvUYXPFMqIrYz6 J2rRFlGKZwcbTZLwcSOXGNvsnRzW+zdBnu4GACHIk/M6NTVTGwb5LhbkOOnQjd4N FmckpipPyoAjfXGgGM6rblFaaCFFtplMK3A9nYkxAY63VayVH78= =/z8d -END PGP SIGNATURE-
tomb (2.6+dfsg1-2~bpo10+1), please review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Team, I prepared the recent tomb version for buster-backports [1]. There are no changes relative to 2.6+dfsd1-2 but to d/changelog. Build and autopkgtest were successful in the buster build environment on my local system. Please review and upload to backports-new. Sven [1] https://salsa.debian.org/pkg-security-team/tomb/tree/debian/buster-backports -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl2aWS8ACgkQrfUO2vit 1YV0RA/+NRXJ0+c/P8K/izreHsrkHhI4qTas9H6NYNnVOFfn0eRt5ynCk4lUsVSy gRGPXzxOdskMHJIXUYyGZIszfBWwN4XGSH96p/f7sY15W5TFqBPaF0ngNuxxAFdb 6lfO0vQNEbKQ5W96xYe9tnMkvZoaq0tlPsqVr4GexPxfaCcqE67iHRei4TlxHK+U 6qNdaa8rh0GivHZh8KY+S1qWY/QWeUdqa6+agmZeFlPne/P60cMqVQadrBqp4qVG qB7rOe8AZVORYalY1GDMFYhXz7+y/iuCOOXDWzssEuoW6Moxw64i/dVoO59WKsv7 HonOze1T52GrdOW1SCtvvuaaOm8K/CFPPA4RLrwyNuXR0rMpC2x3hhQ4GTQZeOof wPybSrxcfwAr+DOvW/w6Xc/SnO4UNO9/WSGTrwnHu+C6NWssP8Zyh2eZ333j9J1f dnA/GiAqxAeB2DLC4QzF8rGaWr59+pRZK+qJEG9+XPpI8rh9jwN+XZCPPqkPhaMC Nc44WrP2iNg+KZESQGliSETchf65DCQ0PLPxlBjzz2ONB2VmlWlYIYM1xwCr9HA3 o61NO+CK8aU3bzdyn1R49hW09BnOlBUqrRMkSAhfsjnkInXVYEtTXPpZzcHZ3naM PadYkyvbFlEABCA6biY5ekaB7smWn2WH0mUNgCDMQjq8k28KCOo= =CNPu -END PGP SIGNATURE-
Re: [Fwd: Re: Tomb package 2.5 > 2.6]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi SZ, thanks for your review and thoughts Sven Am Samstag, den 05.10.2019, 20:43 +0800 schrieb SZ Lin (林上智): > Hi Sven, > > Sven Geuer 於 2019年10月4日 週五 上午3:12寫道: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA512 > > > > Hi Team, > > > > I received a request to bring tomb 2.6 to buster (see forwarded > > mail > > below). I believe backports is the way to go. Do you agree? > > I've skimmed the commits between 2.5 and 2.6, and many commits are > not related to security fixes. Therefore, I think buster-backport is > more > suitable for this case if you want to use tomb 2.6 in Debian 10. > > Moreover, if there is any specific security issue (e.g., CVE) need to > be fixed, > the buster-security is the way. > > SZ > > > @Dmitry: I'm not sure why you consider tomb 2.6 a security update. > > Anyway, to emphasize your request I suggest you open up a whishlist > > bug > > against tomb. > > > > Sven > > > > - Weitergeleitete Nachricht > > Von: Dmitry Elmanov > > An: Sven Geuer > > Betreff: Re: Tomb package 2.5 > 2.6 > > Datum: Thu, 3 Oct 2019 14:11:22 +0300 > > > > > Dear Sven > > > > > > Tomb 2.6 safely settled in the Testing. Thank you. > > > In my opinion, there are all signs that version 2.6 > > > is a "security update", and therefore may come to > > > a stable branch. Is it possible? Or backports...? > > > > > > Best regards, > > > Dmitry Elmanov > > > > > -BEGIN PGP SIGNATURE- > > > > iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl2WRakACgkQrfUO2vit > > 1YWS7g/9HoeQkkz14koe0iBfC6pqDFxgkLyFcdB4GOUF6eu3A6kHdSsfYDj4g33F > > kUwANU2aZ3ep3plkb6bS5SmpDRt3g1Mwvd+za0rlQNyEu2lnbqOUZKEqpcRg4xl7 > > BLkbevYeDCc36WOg2GgxtaQ0+PBeVTl0k19jeQgP0CIHcwKDGt3wkjS89NAsanqn > > IICiP3sLN3yFWtpPiK6KkUrQ0P2hCU7xDSdutKxNw0uRLzGL7iemX8vmD+SzjCDe > > QtZaY2HW3lrMPcPjWgbmj90y4wsufuEWduKGJSl0XWXDX/vhGQLBFOJMCb2C19lV > > kASTBzcldhxLakqeOkW4GomS2GajO1TQ//mY8P2/KIYjlIxEmt8XUxWjm3CU/F+O > > khPrC8ZNZ6eW+kf+Xw7suKKnTirSI5MvWKtnJRklh/ufVXlEY5ALAz/enesKQ6jx > > bMz4FwMM1amvc5qlsKOlFHMLUuDP2KxmHvcum5aZnbs0M5VLETviRKcRSrOWh9Yh > > YkB/scyHS0CYHDgOr1umpEeV7XcQSmlOpx6/yb3m4UrVnSMeCHCZI5tjSb43NFo2 > > yb3gjduPCsXJ0/Snpyw7MXeKemtFV4RJXp20StKokAB+bjyDVkhILDLTaay/Iw5t > > FvZPz0+s4NY8f547dRpofbjVdPbnulFlNP8Fgu2FN+oZr4b2NXM= > > =a+4B > > -END PGP SIGNATURE- > > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl2aVlEACgkQrfUO2vit 1YXsVw/9FdpZ6LMpTkF04OoyvLvi5H7l/++WOKZ2+B2iwjAYmkzeGq2Yz6V7sYBy yCZdVSl8KJ61OBdeh9g+mErfhnTh+MrOkce2P5mKG4bdNPzM9mZ+lxX6Dz6DbXl+ 6RYKWPIb6BarC5DbN31ncIqwnjZts1r7WmDRobF+aTd49OMg0zk6fwSBwHbyc9Au 6vkg9/cQrjTPCLhm9b+P+2fJiNbi5DWa5EsMZfVlHrYdpP5jd9kOw4fInDUhYoLF cfKMIvMdb2uVkkv+DPUy7BlWQ5bVjkxT8pYM4ybHuXC7v+8JME3PB0a4o/W49/yb CgKsOGgYIg1N6mC5sWoQ1M/z0QNSOGajc45S6FFtLAvz3Rk/9kpWmkBP0bcvneED 1rOQ2BcNpXK2jyw5lP06Ja3pSOMidGEDL/PQ/gNHuS4sA0ScqOuNoPjW/ikveE2Y bYMwQu+BnLbPgVBBjNcvUr0aS2zcfzXFY0oLbLvRTqZGbfkO+eWq16d15vU0eXHt Q1spwH6ckzpYr5Tt8Hj1qGkHIELmINZ2vVeCqZJd+zvQ5UiHvjQcheRLfPypjdgK 7ikpvRWYkVGsw/W1ljkjJDcYpQ2zyc+Xpdl9mUkcOI4uWsHegrOrdkTfZekZmfel 6zERY6rH4Z5GexfNBDoaHLAONY0mJuQgP4hktldyL0HSmjcsyh0= =o2KR -END PGP SIGNATURE-
[Fwd: Re: Tomb package 2.5 > 2.6]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Team, I received a request to bring tomb 2.6 to buster (see forwarded mail below). I believe backports is the way to go. Do you agree? @Dmitry: I'm not sure why you consider tomb 2.6 a security update. Anyway, to emphasize your request I suggest you open up a whishlist bug against tomb. Sven - Weitergeleitete Nachricht Von: Dmitry Elmanov An: Sven Geuer Betreff: Re: Tomb package 2.5 > 2.6 Datum: Thu, 3 Oct 2019 14:11:22 +0300 > Dear Sven > > Tomb 2.6 safely settled in the Testing. Thank you. > In my opinion, there are all signs that version 2.6 > is a "security update", and therefore may come to > a stable branch. Is it possible? Or backports...? > > Best regards, > Dmitry Elmanov > > > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl2WRakACgkQrfUO2vit 1YWS7g/9HoeQkkz14koe0iBfC6pqDFxgkLyFcdB4GOUF6eu3A6kHdSsfYDj4g33F kUwANU2aZ3ep3plkb6bS5SmpDRt3g1Mwvd+za0rlQNyEu2lnbqOUZKEqpcRg4xl7 BLkbevYeDCc36WOg2GgxtaQ0+PBeVTl0k19jeQgP0CIHcwKDGt3wkjS89NAsanqn IICiP3sLN3yFWtpPiK6KkUrQ0P2hCU7xDSdutKxNw0uRLzGL7iemX8vmD+SzjCDe QtZaY2HW3lrMPcPjWgbmj90y4wsufuEWduKGJSl0XWXDX/vhGQLBFOJMCb2C19lV kASTBzcldhxLakqeOkW4GomS2GajO1TQ//mY8P2/KIYjlIxEmt8XUxWjm3CU/F+O khPrC8ZNZ6eW+kf+Xw7suKKnTirSI5MvWKtnJRklh/ufVXlEY5ALAz/enesKQ6jx bMz4FwMM1amvc5qlsKOlFHMLUuDP2KxmHvcum5aZnbs0M5VLETviRKcRSrOWh9Yh YkB/scyHS0CYHDgOr1umpEeV7XcQSmlOpx6/yb3m4UrVnSMeCHCZI5tjSb43NFo2 yb3gjduPCsXJ0/Snpyw7MXeKemtFV4RJXp20StKokAB+bjyDVkhILDLTaay/Iw5t FvZPz0+s4NY8f547dRpofbjVdPbnulFlNP8Fgu2FN+oZr4b2NXM= =a+4B -END PGP SIGNATURE-
Re: tomb: Bug #935197 fixed, please review and upload new version
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Samuel, thanks for your congratulations :-) Sven Am Samstag, den 24.08.2019, 17:10 +0100 schrieb Samuel Henrique: > Hello Sven, > > Uploaded, thanks for your work, and congratulations on being listed > as an > Author[0]. > > [0] > https://github.com/dyne/Tomb/blame/187a627022f759f4f3b8b4fc1c07ccc2dc68ba03/AUTHORS.md#L31 > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl1i8TcACgkQrfUO2vit 1YUP/Q/6A300ALQx1PXQO8J8xj8UvmjNehxvydRdFfSm/n+AFI49AjpQQzp96nVQ LtN8B1l2T4mxNh0oqyDfuYFC5SDs54101Pfr7PY83MmAZuveTXuk3680vQcWYAMO oIlF4kqhyb0kVU+lIPNiSsk10U7yQCROG/OpeGvpAPb3hAko3BT9ii+oVhTx0JMn y2/znJXa3AMNl5gTyw1a9L36lPHEeOHyoRBmDQiTa0boxEFNLPyv+mDNAZAIAe5A aHkreztGQZpL20x0TaFfEmUbx3Link4SP0OwVb7LQMXVlKnbPrMO7Et4WXOgAv31 Zj5GYru1kBMJfZx7I6DDQzUaABMvOMr3/0YQ5Oe84QNknBgpdh/YAeeY6D0QwuDj 4N7hasMWAz3orXcIhhCK1wfk62a20qxMx9C1VE6xstN291HGErGUY6Gp3sz68rYI JZ4TOSFwk0aaNZ3bTNNHpTZtVFoceFQtaRcZgwZzeIZOwdUteCsENLgSYxxylP1e r+0CP4ugxWhAiMjpv695CqtcR8OhE7bg683UFtmOZm0ZisGoyUHPx2oVOBq3U3Jh jlp24lWdMRHrNHWaqCyx3Rc7X8Z4WbZUMlTtwQu58CZbk2QPZV98Y7X34wljTKdJ e5h7WoN6aOjAxS+UOossaOd6l17kGIBqa8YAJFnTFmeZTLU3MrU= =4XQx -END PGP SIGNATURE-
tomb: Bug #935197 fixed, please review and upload new version
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi Team, I prepared version 2.6+dfsg1-2 of tomb [1] to fix Bug #935197 [2]. Please review my changes and upload the source package. [1] https://salsa.debian.org/pkg-security-team/tomb [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935197 Thanks, Sven -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl1djOsACgkQrfUO2vit 1YVv8w/9ExXwJppqA9SVwhwF/sJ13CdeGXpf5z8T/qwZ1Ia7XKGV8K03zID7O0bx dfdwdsKc3W8igo+mrnndHWeIMcbgmcV1SFgIV5r9lYnvTT/vDGBK7UFKxOgkb9ze jAkIW1XE+h3YgzhJm+6CWQZkyjH5DnvQHDzPVdkgWBp0ZT95F1DJumVd1Yg7t6vK MshnY9ov8OgB2YLZFRnDcbG2mUV+QqL5KUaIlwoGahuf8dagejG7J0uGsD6Cetr2 pNW0wjpeadcwXoRhUKk4zY5+cFiEdEMSuvWvU/ALSGbAJon2K/tZP36yCuzOuYNe z+M98RcRLtOHmZE82hAvTTnTssHxHUnN+wzkjWfp+0R0HulrBeXQ7mBjO6cf89XA BgPLAP7C8l4Jlg4KGZ1Wbj9YcsnmqDly9Hj8Z/wfZLGFPN0UTrvTJaEZ+vzJJczJ WZ6Ng0H8YzXkRFzQyhtN/Nxy5Upb//nh1Wyp+7DXtrWGHsRE/4KG2RoxYK2gxZKd 0opOF2oqeGZ3VRLPd8nmv7FmOOh5tx/VKlqaDqGFrtbakrqWbwPX82weaUyEZu68 F9BtBQBArWOg1MheaZIw32I3meJJvAn58GIFLotiDGBKwqWkoZ1CVDsdHbDujJ4K 43PuSxjysT+x8Gw9kKiE5nV+QOJ5KCqK2/Y8QR+ap+s3sTVsQuA= =DziQ -END PGP SIGNATURE-
Re: Tomb 2.6+dfsg1-1 not migrated to testing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Samuel et all, it has been built for amd64 by buildd now. Unfortunately it's still not migrated. Any clue? Sven Am Sonntag, den 18.08.2019, 19:33 +0100 schrieb Samuel Henrique: > Hello Sven et all, > > After you sent this email somebody triggered a binNMU so now it > should be > all fine. > > I believe this happened because SZ Lin didn't make a source-only > upload, > and that is required for the testing migration now. > > Regards, > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl1a4UoACgkQrfUO2vit 1YUODQ/+KCI12XIMn2Ri5jFyM+t/weA4Z3AAYgAGwp5eWlF6L/QtGQ2kXPwk8GpB TGN5f4Olu+YEbwosAAkHbshIr2iG1Trak+Cubz04LCHRZwDSyWedestHwP8GuM00 jeRIfPFs0C3vhO8QVmFt2aZOH5/wRRDK04/WF0KD0sSRMBbcUrEiH0VHsEYNFBaE zuKQqDzpjPyBB48iTQup/L5fL6WzzSJpjcJVv6VaCkOJUpkghq+ble0q0Pw1uLoJ cBWaKTfO+R/t8WR5/ZTdCu9IKFIt+g4JumXU2EBatWIO5RK5H7GIorneyP0YDNKE XepucOR6h2Oas4jHWdfpAAGjB0ZTLCAKMqWVrhlT9WumWplY7UTjQBjTAUdH5zQt A9QU4ATSrz8msQcoPtYSg06tj9WzB6TCh5KjXnJCol8AmiOT5Gr6bGRUM5Ek89Qn Jjdm/WVSfE53ICAy+ghLqQudwocGpN7HNnANpct7Oc7xruSfNta5FU5Tsyz49py4 SdgHb9dc+z+18/RB8ihFc9/lNWwAHQVUk7cvPOAVqeu09IQz3aOGTPgpoXRs7s/F YDnPYc5Mj5E0diejDCbjK3A4flGpB8JVCVaqAR1DgSPdujdW5X453KpYiwazYtYR K5G1nnzSOl+IUZSPxO4EbDWapB42qNWmTVNBS0/Tur0ezPeKgQk= =VGf8 -END PGP SIGNATURE-
Tomb 2.6+dfsg1-1 not migrated to testing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi SZ, Tomb does not make it into testing, presumably due to "Not built on buildd: arch amd64 binaries uploaded by sz...@cs.nctu.edu.tw" to be found on tracker [1]. How can this be fixed? Is there a way to force buildd to build for amd64? Sven [1] https://tracker.debian.org/pkg/tomb -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl1ZGWMACgkQrfUO2vit 1YVB8BAAikKmblAJH3AllcNjE2/8dZNCK1oa3tUjJjCCTb5NXtOzBr6cMR4X4gr2 Fs5odDWKBLzqmW80LTJryDVyYiSqPV4/dG0RIJ5KjcsGXDrmPBYON9CdkcVya5VI vnZ/d29Z6AgWMXo08J3Z3CvL1+PShJkr89S78QMo5ipn2QMVU0m4ObwTrPgaJO3S bwTgpiB9o1EjLT/4dx4vL45vS+7UBeleSdkn08exOOHGWj06aIS5tDBQ8USpzHOD ONO877pPUxUgdesYQ2ZJ5FC51jRFfSYjkPnKRjGfmgVsolb0Zby0zXFzBQ/UnGFC 1uQR9ENRizrqEzyNagTzW7aOdRKis65R9JWSkuhSRIH2zEGorwsMtYW6DnhhT3U6 ce44jqarak52mjxKa77uxH3NF5APbgaq7HlE6fjX2nJzdN/SYN7dbOAEahxZvHSi QFilpJChfaVogQhhqtabPB3U39WfsgptW7TLuTIQuZ94/vO6zK0ZhUXpxaCYMWca LK1egwuNaPBpxrpZo+6bRVxY0VbG3MZbU/6hFaZj7tEZJPoyzZ3KGxd9gCk6FOja ZEfZ7DWU37EgHJ2uoFgeuw0LKQ3fwbpbFPu+WbUipYxDQBJ01XkuoFj6HqTgzPrO cWauU/JNtna0MXojVjtC7TRKcWhR1HWIKidwCoju983lnmfuIS8= =hjEO -END PGP SIGNATURE-
Re: 2. Reminder: tomb: all open bugs fixed, new upstream version, please review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi SZ, ftp-master did not recognize the bugs closed with the previous and unreleased version 2.5+dfsg1-3. Are special means required, so that bugs.debian.org will see and process them? Sven Am Mittwoch, den 07.08.2019, 19:30 +0200 schrieb Sven Geuer: > Hi SZ, > > than you for your review and your suggestions. > > I did sent the patches to upstream some time ago. They already found > their way into newer, still unreleased code. > > Sven > > Am Mittwoch, den 07.08.2019, 19:11 +0800 schrieb SZ Lin (林上智): > > Hi Sven, > > > > Sven Geuer 於 2019年8月4日 週日 下午5:15寫道: > > > -BEGIN PGP SIGNED MESSAGE- > > > Hash: SHA512 > > > > > > Hello Team, > > > > > > my latest work on tomb still needs to be reviewed and uploaded. > > > Please > > > see my previous mail on this topic, also forwarded below. > > > > > > I would appreciate receiving some feedback. > > > > Thank you for your efforts, the package has been uploaded to 7-days > > delayed queue. > > > > I've skimmed your changes and made some changes [1] > > > > [1] > > https://salsa.debian.org/pkg-security-team/tomb/tree/debian/master > > > > + * Remove unnecessary files in .pc > > + * d/control: > > +- Bump Standards-Version to 4.4.0 > > + * d/source/lintian-overrides > > +- Remove unnecessary lintian-override > > > > I think it's unnecessary to add that lintian-override, furthermore, > > the commit > > 75b44059225136575059477261767468d86aa63f contains multiple changes. > > Therefore, this modification cannot be reverted. It would be nice > > if > > you split into > > multiple commits next time. > > > > + * d/upstream/metadata: > > +- Tidy content of metadata > > > > Aside from that, I suggest you send d/patches back to upstream. > > > > SZ > > > > > Sven > > > > > > - Weitergeleitete Nachricht > > > Von: Sven Geuer > > > An: Debian Security Tools Packaging Team < > > > debian-security-tools@lists.debian.org> > > > Betreff: tomb: all open bugs fixed, new upstream version, please > > > review > > > Datum: Thu, 04 Jul 2019 22:30:23 +0200 > > > > > > > Hello Team, > > > > > > > > I fixed all currently open bugs and packaged the most recent > > > > upstream > > > > version of tomb [1] which came out during my work. Please > > > > review > > > > and > > > > upload. > > > > > > > > Because of bug #930782 [2] it should also go into Buster after > > > > this > > > > is > > > > released, I believe. Either with the next point release or via > > > > buster- > > > > backports. Which is the way to go? > > > > > > > > These are the changes: > > > > > > > > tomb (2.6+dfsg1-1) unstable; urgency=medium > > > > > > > > * Team upload. > > > > [Sven Geuer] > > > > * New upstream release > > > > - Adapt d/patches/* to new release > > > > * Add further missing dependencies and correct existing ones > > > > * Make package lintian clean > > > > - Add debian/tests/* for autopkgtest > > > > - Add linitian override for unavailabe upstream gpg > > > > signature > > > > - Fix for lintian info debian-watch-contains-dh_make- > > > > template > > > > - Add patch for three lintian infos spelling-error-in- > > > > manpage > > > > > > > > tomb (2.5+dfsg1-3) UNRELEASED; urgency=medium > > > > > > > > * Team upload. > > > > [ Sven Geuer ] > > > > * Add several missing Recommends and Suggests (Closes: > > > > #924042). > > > > - gettext-base, lsof, dcfldd, qrencode, unoconv, steghide, > > > > swish- > > > > e > > > > * d/control: > > > > - Bump Standards-Version to 4.3.0 > > > > - Bump DH version to 12 > > > > * d/compat: > > > > - Bump compat to 12 > > > > * d/copyright: > > > > - Normalize Copyright fields according to DEP-5 > > > > - Update * copyright > > > > - Update debian/* copyright > > > > * Add kdf helper binaries to the package (Closes: #9
Re: 2. Reminder: tomb: all open bugs fixed, new upstream version, please review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi SZ, than you for your review and your suggestions. I did sent the patches to upstream some time ago. They already found their way into newer, still unreleased code. Sven Am Mittwoch, den 07.08.2019, 19:11 +0800 schrieb SZ Lin (林上智): > Hi Sven, > > Sven Geuer 於 2019年8月4日 週日 下午5:15寫道: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA512 > > > > Hello Team, > > > > my latest work on tomb still needs to be reviewed and uploaded. > > Please > > see my previous mail on this topic, also forwarded below. > > > > I would appreciate receiving some feedback. > > Thank you for your efforts, the package has been uploaded to 7-days > delayed queue. > > I've skimmed your changes and made some changes [1] > > [1] > https://salsa.debian.org/pkg-security-team/tomb/tree/debian/master > > + * Remove unnecessary files in .pc > + * d/control: > +- Bump Standards-Version to 4.4.0 > + * d/source/lintian-overrides > +- Remove unnecessary lintian-override > > I think it's unnecessary to add that lintian-override, furthermore, > the commit > 75b44059225136575059477261767468d86aa63f contains multiple changes. > Therefore, this modification cannot be reverted. It would be nice if > you split into > multiple commits next time. > > + * d/upstream/metadata: > +- Tidy content of metadata > > Aside from that, I suggest you send d/patches back to upstream. > > SZ > > > Sven > > > > - Weitergeleitete Nachricht > > Von: Sven Geuer > > An: Debian Security Tools Packaging Team < > > debian-security-tools@lists.debian.org> > > Betreff: tomb: all open bugs fixed, new upstream version, please > > review > > Datum: Thu, 04 Jul 2019 22:30:23 +0200 > > > > > Hello Team, > > > > > > I fixed all currently open bugs and packaged the most recent > > > upstream > > > version of tomb [1] which came out during my work. Please review > > > and > > > upload. > > > > > > Because of bug #930782 [2] it should also go into Buster after > > > this > > > is > > > released, I believe. Either with the next point release or via > > > buster- > > > backports. Which is the way to go? > > > > > > These are the changes: > > > > > > tomb (2.6+dfsg1-1) unstable; urgency=medium > > > > > > * Team upload. > > > [Sven Geuer] > > > * New upstream release > > > - Adapt d/patches/* to new release > > > * Add further missing dependencies and correct existing ones > > > * Make package lintian clean > > > - Add debian/tests/* for autopkgtest > > > - Add linitian override for unavailabe upstream gpg signature > > > - Fix for lintian info debian-watch-contains-dh_make-template > > > - Add patch for three lintian infos spelling-error-in-manpage > > > > > > tomb (2.5+dfsg1-3) UNRELEASED; urgency=medium > > > > > > * Team upload. > > > [ Sven Geuer ] > > > * Add several missing Recommends and Suggests (Closes: > > > #924042). > > > - gettext-base, lsof, dcfldd, qrencode, unoconv, steghide, > > > swish- > > > e > > > * d/control: > > > - Bump Standards-Version to 4.3.0 > > > - Bump DH version to 12 > > > * d/compat: > > > - Bump compat to 12 > > > * d/copyright: > > > - Normalize Copyright fields according to DEP-5 > > > - Update * copyright > > > - Update debian/* copyright > > > * Add kdf helper binaries to the package (Closes: #924043) > > > - d/control: > > > - Change Architecture to 'any' > > > - Add required Build-Depends and Depends > > > - Add d/patches/include-kdf-binaries.patch > > > - d/rules: > > > - Add overrides for dh_auto_clean/build/install > > > * Fix default cipher > > > - Add d/patches/fix-default-cipher.patch (Closes: #930782) > > > - d/control: > > > - Correct cipher mentioned in the description > > > * Fix error messages on opening a new tomb (Closes: #931027) > > > - Add d/patches/fix-errors-on-open.patch > > > > > > Cheers, > > > Sven > > > > > > [1] https://salsa.debian.org/pkg-security-team/tomb > > > [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930782 > > > > -BEGIN PGP SIGNATUR
2. Reminder: tomb: all open bugs fixed, new upstream version, please review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Team, my latest work on tomb still needs to be reviewed and uploaded. Please see my previous mail on this topic, also forwarded below. I would appreciate receiving some feedback. Sven - Weitergeleitete Nachricht Von: Sven Geuer An: Debian Security Tools Packaging Team < debian-security-tools@lists.debian.org> Betreff: tomb: all open bugs fixed, new upstream version, please review Datum: Thu, 04 Jul 2019 22:30:23 +0200 > Hello Team, > > I fixed all currently open bugs and packaged the most recent upstream > version of tomb [1] which came out during my work. Please review and > upload. > > Because of bug #930782 [2] it should also go into Buster after this > is > released, I believe. Either with the next point release or via > buster- > backports. Which is the way to go? > > These are the changes: > > tomb (2.6+dfsg1-1) unstable; urgency=medium > > * Team upload. > [Sven Geuer] > * New upstream release > - Adapt d/patches/* to new release > * Add further missing dependencies and correct existing ones > * Make package lintian clean > - Add debian/tests/* for autopkgtest > - Add linitian override for unavailabe upstream gpg signature > - Fix for lintian info debian-watch-contains-dh_make-template > - Add patch for three lintian infos spelling-error-in-manpage > > tomb (2.5+dfsg1-3) UNRELEASED; urgency=medium > > * Team upload. > [ Sven Geuer ] > * Add several missing Recommends and Suggests (Closes: #924042). > - gettext-base, lsof, dcfldd, qrencode, unoconv, steghide, swish- > e > * d/control: > - Bump Standards-Version to 4.3.0 > - Bump DH version to 12 > * d/compat: > - Bump compat to 12 > * d/copyright: > - Normalize Copyright fields according to DEP-5 > - Update * copyright > - Update debian/* copyright > * Add kdf helper binaries to the package (Closes: #924043) > - d/control: > - Change Architecture to 'any' > - Add required Build-Depends and Depends > - Add d/patches/include-kdf-binaries.patch > - d/rules: > - Add overrides for dh_auto_clean/build/install > * Fix default cipher > - Add d/patches/fix-default-cipher.patch (Closes: #930782) > - d/control: > - Correct cipher mentioned in the description > * Fix error messages on opening a new tomb (Closes: #931027) > - Add d/patches/fix-errors-on-open.patch > > Cheers, > Sven > > [1] https://salsa.debian.org/pkg-security-team/tomb > [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930782 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl1GodsACgkQrfUO2vit 1YUgcxAAwk0HcqbSUIkwgxJoGdkWmU8LOdqJYaS9BxlP3/DmqoF139mFRFTv1LA+ YpwYBblGieTU4Q4xtiOhYdhKtzPTVyMq4/NOsL4BMgqEbXJDLWbvxZWvjHuj1R7k R32zmFBjk69+Ehe58RLen9+JaiEp1TUKZFrfdc22Ck9fYDwt8wxv2jU/azjJ3kwa X/ZNbEXaSzWFYlrKc8YQHUaFfNntEjqkxalKZ4siGFzd7LAOMx8DFTkuVsTsuAho Un4tPTUg3CU8h65r6sp6a1dilzw9R3+/eUZbEhDsyPinTqiOaYj1YhLl4vwNFSKW +XmJeyw5FG5qN6GAz1tocQXrYzxSiQoBiPS/3k1QBDqMQHWuSWaWX1rLGCAMQ7S2 qZQJTYPtJZKIeVmIfLh6XFFhMNaXpUG410hxT7DapfSFdZ1AfPpUB1jQSXjQFG8z QD3UtLxfu2jz+cKpRV8PrA8mydDfK8qmTp0wZBGToyR9dQvjGcZzfBe1ttKc9jbn nXVgDKTjIIx+LBfk2aTgze/E3V54SzdVgJEPH0wVj6zwm/QivIFSwPmfwoAmWp7M acFgqPrFOOjRxIPVsUfUV2iOqlBQ+7CFyUAzSJmahUJFMke7UOHHcoAh0GWTwTYH 6qzDkVm1ucGV0pHd/sGZsEYCopZG610caByPhb7IUGoH8l1V3po= =1yIC -END PGP SIGNATURE-
Reminder: tomb: all open bugs fixed, new upstream version, please review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Team, my latest work on tomb still needs to be reviewed and uploaded. Please see my previous mail on this topic, also forwarded below. I would appreciate receiving some feedback. Sven - Weitergeleitete Nachricht Von: Sven Geuer An: Debian Security Tools Packaging Team < debian-security-tools@lists.debian.org> Betreff: tomb: all open bugs fixed, new upstream version, please review Datum: Thu, 04 Jul 2019 22:30:23 +0200 > Hello Team, > > I fixed all currently open bugs and packaged the most recent upstream > version of tomb [1] which came out during my work. Please review and > upload. > > Because of bug #930782 [2] it should also go into Buster after this > is > released, I believe. Either with the next point release or via > buster- > backports. Which is the way to go? > > These are the changes: > > tomb (2.6+dfsg1-1) unstable; urgency=medium > > * Team upload. > [Sven Geuer] > * New upstream release > - Adapt d/patches/* to new release > * Add further missing dependencies and correct existing ones > * Make package lintian clean > - Add debian/tests/* for autopkgtest > - Add linitian override for unavailabe upstream gpg signature > - Fix for lintian info debian-watch-contains-dh_make-template > - Add patch for three lintian infos spelling-error-in-manpage > > tomb (2.5+dfsg1-3) UNRELEASED; urgency=medium > > * Team upload. > [ Sven Geuer ] > * Add several missing Recommends and Suggests (Closes: #924042). > - gettext-base, lsof, dcfldd, qrencode, unoconv, steghide, swish- > e > * d/control: > - Bump Standards-Version to 4.3.0 > - Bump DH version to 12 > * d/compat: > - Bump compat to 12 > * d/copyright: > - Normalize Copyright fields according to DEP-5 > - Update * copyright > - Update debian/* copyright > * Add kdf helper binaries to the package (Closes: #924043) > - d/control: > - Change Architecture to 'any' > - Add required Build-Depends and Depends > - Add d/patches/include-kdf-binaries.patch > - d/rules: > - Add overrides for dh_auto_clean/build/install > * Fix default cipher > - Add d/patches/fix-default-cipher.patch (Closes: #930782) > - d/control: > - Correct cipher mentioned in the description > * Fix error messages on opening a new tomb (Closes: #931027) > - Add d/patches/fix-errors-on-open.patch > > Cheers, > Sven > > [1] https://salsa.debian.org/pkg-security-team/tomb > [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930782 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl0riFIACgkQrfUO2vit 1YXk7g/9GC0xRHkRgCwJovssC3AeYhdQcu99DlXDZcxsIXMhNmBHWEHqfhCNBrLA XfZEN4O+Gy5qhfcICnHUwYhXbVrAyrFKNVF77ww+Hcd0neVLVBehVU6riblZ6U4P k4Uh5P4fCcEkG6gsCassd1VOVLuVJtB2f20OQfWogGTK+UFL+khy00ZJ2w+jWJVP xCMB/U+zBh5zf8yrOKjatadquAgALYMXLtJzE7PUnRI+2UwZB/1T+rt9P32Gqr64 tXjRrPlWFDBLQhk6zJrfmafN4SYx+SMv2RTBNsuvPb+TibgKKQZJAfnLEQdfMCRF A7j6SGt/G4INycOnRi9WZ0AAeWcMBb7GWEhhgQwRIs/wdz8LzKqytJ3Yfnat80Gr 3LUQbaVfNt9lCQBwuXiMiUvgX4fglvmPo9ksg2blcgDs7V3XgRM+oqkQKMATICIp Ku6GEH4xfLBT4HSc6O0+UNog/hhHaiY+CEdZcXu30DdulPZ1IN6gYIBiuBvluz64 IPkQS2TYZHj7daLGb1ZMQaz6CFlrrM3oJLJh5dFY1wn5LfWpWR4YXUcEPB0JlnUK /R8SD15116bvsP1TLNnKTcMqdwc/dpwV2xIDyxr8fdISXPcrvze56IcsqjJIm+7i r8rxX7WNF6x1VkfpJhO7+uglIXZUIOl0NSy/eTRAdxkB6P6utug= =5lcH -END PGP SIGNATURE-
tomb: all open bugs fixed, new upstream version, please review
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Team, I fixed all currently open bugs and packaged the most recent upstream version of tomb [1] which came out during my work. Please review and upload. Because of bug #930782 [2] it should also go into Buster after this is released, I believe. Either with the next point release or via buster- backports. Which is the way to go? These are the changes: tomb (2.6+dfsg1-1) unstable; urgency=medium * Team upload. [Sven Geuer] * New upstream release - Adapt d/patches/* to new release * Add further missing dependencies and correct existing ones * Make package lintian clean - Add debian/tests/* for autopkgtest - Add linitian override for unavailabe upstream gpg signature - Fix for lintian info debian-watch-contains-dh_make-template - Add patch for three lintian infos spelling-error-in-manpage tomb (2.5+dfsg1-3) UNRELEASED; urgency=medium * Team upload. [ Sven Geuer ] * Add several missing Recommends and Suggests (Closes: #924042). - gettext-base, lsof, dcfldd, qrencode, unoconv, steghide, swish-e * d/control: - Bump Standards-Version to 4.3.0 - Bump DH version to 12 * d/compat: - Bump compat to 12 * d/copyright: - Normalize Copyright fields according to DEP-5 - Update * copyright - Update debian/* copyright * Add kdf helper binaries to the package (Closes: #924043) - d/control: - Change Architecture to 'any' - Add required Build-Depends and Depends - Add d/patches/include-kdf-binaries.patch - d/rules: - Add overrides for dh_auto_clean/build/install * Fix default cipher - Add d/patches/fix-default-cipher.patch (Closes: #930782) - d/control: - Correct cipher mentioned in the description * Fix error messages on opening a new tomb (Closes: #931027) - Add d/patches/fix-errors-on-open.patch Cheers, Sven [1] https://salsa.debian.org/pkg-security-team/tomb [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930782 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAl0eYd8ACgkQrfUO2vit 1YVNjg/+NFHgFg77VmwGocoShTFugep2gRcFFWPTe/xvCCwMe7AFJVTk6fUADMvP 5NiT7gQtG9bm3AJk3+0JyEVvDYWBLjpFanONyt2iH+hDB7M/YxFxf3iqKlxN17Bx 4tAijQ+UARiboew63ldieX77Rr7IKZ310UvlFEh6b4l2e3CLF/liXSqIXqNIQ1W4 Bbpe30UE5JiKkdb4aFU/liCrpGGdqExG9jt9pHajBQ0NRzm4Wki9bygdfVUlZ4/p x3pvwp0p6nAOaT24OiSQT13wkvYUuBz8N8kf4GU/Ou8wzmSDNQvd1QLUW3QI9mv9 7MfOWrnRiAs04WdaEYZBEW9s0v5Rbm+8uSSJ0N3w9drvNvvTplDXp+M6Of4sIHjS 2w78hb0WmalFtNxJjsv7tw8ShiQQXKznJM5yz5hTp64OF1JksRt+6mUcxzNxGeIh 8II8cOEZUBDm2rhJSNCRcsv5bsV4+es76Oa3Pd8bTTBwfAXPhKoMlYccllQ0a4XI OWf5Lha3LQnZ2U2c9Bv4DcyVa7R8rOrTveXo88IZQE0F1AcAiBXG13kSNBBIzN29 UO50Fgh+/YhIWphykMRDLCAAoRSwZEySPFQzn5GboQ163EVY3mEfI/vaSxAdGbkg h2pGAfJisdLJ6dCw6aOqpH5DSTm1axveAXKrFPsOVU+s5E7Nbsc= =xhI0 -END PGP SIGNATURE-
Re: tomb: RC bug fixed, please review and upload
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Thursday 14.03.2019, 22:38 +0100 Raphael Hertzog wrote: > > Unfortunately we're now in deep freeze and we should only upload > mimimal set of changes. You have made more changes than just adding > the missing recommends/suggests so the package can't go > to buster. It could be uploaded to unstable but it would not be > unblocked > for testing/buster. Furthermore, I believe that #924042 is not > really release critical and I demoted it to important. > > The release team prefers that we don't upload to unstable packages > that > can't go into buster so that any future RC bugfix that we have to > handle > can be handled through unstable. Understood. I also doubted it being a real RC bug. Thank you, Raphaël. Cheers, Sven -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlyK1yIACgkQrfUO2vit 1YVghw/9EpFZXwH2KCSke+et0j+Eqs/hXbb5RUm82dvV6NfH4zpK+4wOBgAvjZtn 5QGmnZ4292vw0YIusZDTL11QNMNBgbzWsU8yG+jlTbhe8eNTQoZZeR7yHeOiJcff zzUGJQtVMIbegfo6L+b3ZfBsH7jEVEFzd3eGOf41hRYwUClUOO2ozdR/hGoTFHxF x49bP5TUcq7jGRU4nGdda04N8llTRYMXmxaGQ8jNUjffNTwMfTc+8yUPkG6RnoNj TFBAg1/EnrAvC6gmk8+J9zhdZLHzShNoehLSug/widc29/0Drje9GIBfk5VbV237 STfgXMRfs5z355bkgN6i7YerNX9XxTuBw8EEipQE+KNKh5l+NRyCDkb7A7eYfZIt R47RuzPPEVJOAvLFt1hhLmCM319CpgWb/Amm3N2W0fO+VR3aSHMLIkj5xjofuZo3 pR+Ycm81FFRabXJIROjWzKQGE9/YOfr3WeOWeHSSoT2YlOPxTKoMZaeBQWjrHnay 5c+jsdlI5lRiHoWaIaRA+Gb4vLpb8ofhN16UlLVtgl6nBCMQOhLqYDv66U9oj3Qo /URU7+SrcNcfmicwU7dAii7474VR07TiMDHdrzLHyalrVh3CUZkvBw/c0s0tzpM9 ZnuGbZ2f3zrQkdVjxwU+ulPUzOAFvsTqClGPil8iIIYjU0HVer8= =ALVs -END PGP SIGNATURE-
Re: tomb: RC bug fixed, please review and upload
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello Team,
is there still a chance to get this into buster?
Can someone please review and upload the fix?
Sven
On Sunday, 10.03.2019, 12:57 +0100 Sven Geuer wrote:
> Hello Team,
>
> I fixed bug #924042 in tomb [1]. Please review and upload.
>
> Cheers,
> Sven
>
> [1] https://salsa.debian.org/pkg-security-team/tomb
>
> On Friday, 08.03.2019, 20:34 +0100 Axel Beckert wrote:
> > Package: tomb
> > Version: 2.5+dfsg1-2
> > Severity: serious
> >
> > tomb's exhume subcommand calls steghide:
> >
> > ~ → tomb exhume /tmp/example.jpg
> > tomb [E] Steghide not installed: cannot exhume keys from images.
> > ~ → dgrep steghide tomb
> > /usr/bin/tomb: _deps=(gettext dcfldd shred steghide)
> > /usr/bin/tomb: # Check for steghide
> > /usr/bin/tomb: command -v steghide 1>/dev/null 2>/dev/null ||
> > STEGHIDE=0
> > /usr/bin/tomb:# Requires steghide(1) to be installed
> > /usr/bin/tomb: | steghide embed --embedfile - --coverfile
> > ${imagefile} \
> > /usr/bin/tomb: _warning "Encoding error: steghide reports
> > problems."
> > /usr/bin/tomb: TOMBKEY=$(steghide extract -sf $imagefile
> > -p
> > $tombpass -xf -)
> > /usr/bin/tomb: steghide extract -sf $imagefile -p ${tombpass} -xf
> > $destkey
> >
> > But steghide is neither in a Recommends or Suggests header.
> >
> > And when looking at that grep output above, it becomes clear that
> > there
> > are even more optional dependencies missing. Citing from tomb's
> > source
> > code:
> >
> > _list_optional_tools() {
> > typeset -a _deps
> > _deps=(gettext dcfldd shred steghide)
> > _deps+=(resize2fs tomb-kdb-pbkdf2 qrencode swish-e unoconv
> > lsof)
> > for d in $_deps; do
> > _print "`which $d`"
> > done
> > return 0
> > }
> >
> > So the following packages are missing in tomb's package relations.
> > I
> > leave the package maintainers to decide, which of them go into
> > Suggests
> > and which into Recommends:
> >
> > * gettext-base: /usr/bin/gettext
> > * dcfldd: /usr/bin/dcfldd
> > * steghide: /usr/bin/steghide
> > * qrencode: /usr/bin/qrencode
> > * unoconv: /usr/bin/unoconv
> > * lsof: /usr/bin/lsof
> > * swish-e: /usr/bin/swish-e
> >
> > Will file a separate bug report for the missing tomb-kdb-pbkdf2
> > binary.
> >
> > -- System Information:
> > Debian Release: buster/sid
> > APT prefers unstable
> > APT policy: (990, 'unstable'), (600, 'testing'), (500, 'unstable-
> > debug'), (500, 'buildd-unstable'), (110, 'experimental'), (1,
> > 'experimental-debug'), (1, 'buildd-experimental')
> > Architecture: amd64 (x86_64)
> >
> > Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores)
> > Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8),
> > LANGUAGE=C.UTF-8 (charmap=UTF-8)
> > Shell: /bin/sh linked to /bin/dash
> > Init: sysvinit (via /sbin/init)
> > LSM: AppArmor: enabled
> >
> > Versions of packages tomb depends on:
> > ii cryptsetup-bin 2:2.1.0-2
> > ii e2fsprogs 1.44.6-1
> > ii gnupg 2.2.13-1
> > ii pinentry-curses [pinentry] 1.1.0-1+b1
> > ii pinentry-fltk [pinentry]1.1.0-1+b1
> > ii pinentry-gnome3 [pinentry] 1.1.0-1+b1
> > ii pinentry-gtk2 [pinentry]1.1.0-1+b1
> > ii pinentry-qt [pinentry] 1.1.0-1+b1
> > ii pinentry-tty [pinentry] 1.1.0-1+b1
> > ii sudo1.8.27-1
> > ii zsh 5.7.1-1
> >
> > tomb recommends no packages.
> >
> > tomb suggests no packages.
> >
> > -- no debconf information
> >
> >
>
>
-BEGIN PGP SIGNATURE-
iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlyJT9oACgkQrfUO2vit
1YVbcw//cXdjsN2+pojZGQphu41iwbx2NMwnKqyexRksYFL/M/DJXQVdv7GUsvG7
4iJXvrIP6MF29u+2DJ78lidr96BPdSC0Kx/IVmBJjVAHpB7qVF7/WQCZ9DKHnmxV
v920cp/gvTIecNHEPJ7/cn9rQOnS+7MZjFhY4/KJ7ONZ07GWq3quVj87F1i3T3N9
OuUKh7dovlGAreNQTxuvJlOLnhA0nV8LoU9vc6tapLAGbxQSoJHRVr/sIJE0xQz2
duns5CMiBAcVJXW7GjXKEMGb+0OhRRRW0pQWnJl7Zrtex9UXhvXoJXkNJ07DFl8a
Kv6vTrn5ssMAfwHCm3eTs037BTv7Jom6/m74cmOtHp0eQMQ7DwJnpAyQOMaypluJ
wvRKhQrvQq7TaSP3zRxHBxaOuOdNoFgC4gQw/xMwph4MgsPBAbSbgLZKQ21qBRbx
4v1fKFFtSQTxmnl6fv26HcSzUvRb/cPH7FsML8iNYMk+JADH+cieZ//9qgTAejki
7QjwlyniyaVZS9988MWlY8JCFelzFvi8D31B0ci/XpGyiHEtRH9Szp094H7mGzzB
OHJ7DPaKF5crNwVPfmSqAnhyWEMFPS7UChSuDbRP7ElV4Fz9AHRfzl5G13S9HtHw
qmEQNXk5x853vcmNyhALtfKR7ntfplNo5YY4b/UeMdWZF3hkvYU=
=FKTr
-END PGP SIGNATURE-
cowpatty, aircrack-ng and arno-iptables-firewall: bpo9 tags missing?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Samuel, I wonder whether there should be tags in our repository marking the recent bpo9 uploads of cowpatty, aircrack-ng and arno-iptables- firewall. Please have a look. Cheers, Sven -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlxu+RUACgkQrfUO2vit 1YVEwg//X7bBkBp5v8QTq3vcjvHNGuU4F9rXo0ShF1GiXEtLWBB9BAbNj1tqmOn4 4bEfRdakT82K2vIoqIjQ8R+8NYCiCvEAkt0c1zIP8fv39A9868MJNY/uZ9onfENu q9BVdd1BgWrEWmawGZsAGnPx7r60/I5iieIqeSziajbLbgxJhU+6NRFIVdefcEZT YrPhX05bJI3/KAwER2fX1LV32C82DaeAu2e0tgoyZFqYxoWPLG0c7Odjk5ea7fpj jovbEc3CUaStYsUBnZadsEzcOw9ZKCuBox6Loz9GN18zXDmbpXoHVIgJHMPVL8sN PDXpA+RH+0unNb1L0nfBsO6nP3tYlD3RlqugUTslMWKu26s1UW9HRn8DUTkB6/kB wy6V41kZQvQa23fRqsQMdwL3Q0t2gEQ4criQM2TktrR8fDk9/S+Zw4BB60ve4RaZ nu8rC0HQ1zZSBThAQSXQdx1tAc9GHf2nOhWiF5ZiCHuMQn0oSeqmVUAMR/DJ6npj Z6GfADWzPzDoqrGXCU4K4Vffu14SYeZwGd5NOh098Nc/xbpmV54gpclKr4FaN0T/ QvJGjib2qIIAKVeOaudy8whKlfOpVy6njW8KbuncYIZK0ew2mjR7LFpKkB1zev+z 1f6VgsUOPiG4ixuFMf8amg4KxuZuya7lDFhna+005rCvMRTNsrI= =9hpJ -END PGP SIGNATURE-
[Fwd: Bug#921214: ed2k-hash: Incorrect hashes on amd64]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Team, just want to let you know I am working on this. Cheers, Sven - Weitergeleitete Nachricht Von: Josef Vitu Antwort an: Josef Vitu , 921...@bugs.debian.org An: Debian Bug Tracking System Betreff: Bug#921214: ed2k-hash: Incorrect hashes on amd64 Datum: Sun, 03 Feb 2019 09:21:29 +0100 > Package: ed2k-hash > Version: 0.4.0+ds-1 > Severity: important > Tags: patch upstream > > Dear Maintainer, > > the hashes computed by ed2k-hash version 0.4.0+ds-1 differ from the > ones computed by other software > (such as RHash) and also some older versions of the same package. > This issue is exactly the same > as in #562833 and the same patch fixes it: > > http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-p2p/ed2k_hash/files/ed2k_64bit.patch?rev=1.1=log > > -- System Information: > Debian Release: buster/sid > APT prefers testing > APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, > 'testing-debug'), (400, 'unstable'), (1, 'experimental-debug'), (1, > 'experimental') > Architecture: amd64 (x86_64) > Foreign Architectures: i386 > > Kernel: Linux 4.19.0-1-amd64 (SMP w/8 CPU cores) > Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), > LANGUAGE=en_US:en (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages ed2k-hash depends on: > ii libc6 2.28-5 > > ed2k-hash recommends no packages. > > ed2k-hash suggests no packages. > > -- debconf-show failed > > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlxgGAoACgkQrfUO2vit 1YUPXhAAhP29zzo8Di+ccOgK9/BBo8hpPMsGFt+EXZillVOURH90WBnO7RthfRre PmYb/Xr3XI31rzAX39/N11o/oI2apjcaBhqR7+u2/zNm+OVFOp3Jr8/qz7MLrQhd qeyoLcHuShzOH9fAFrJ4SUOUYaltQFS4AIR9KJkvIeOwNaCbdgta+bVg7n/bd4y0 PFf6HnrdAWLzwK4gWTWbqwYR1T9QFnM45S0a6GggghtCRh0Oz8cqEAdIx6CHX3am sifrxjGUmClW3dqPp16vvFOMlatC/tGheZfLtYMftGJNxLZ7ZKN1Bcr05YO9q2kc ywjig58N1IycKy/VSxr9CaV4WcwOAyFEh2S/SNGR4wY/IzVQcN+arZ/9ln/YHkcA LJJ6fS7f+Tq0Lt6M+0uc7xj/ZM/1OqC2TXc4Zoid10qSnOaPUbxQDP4C0vS3CT2J tyXT5EyvDC4qe//+tPHnILu040VMiAjwLPEVT13gzUzjsp+4etrfhW8aE2Mj35rn QV3tf7yipKlTxpM5vYoOhHzSemq5lUu2c2mHlNe2LuIy8VkMx1wvWNULFM/PpZyz nMTUx1lTWG7pJzd7Bc8B9f8xxDscfdZiXjJPVIXtJKqlmxn6C7B2Rtr9poI4yFna B0QTcEC1lxl1A6pCic9mxCUcjmUdOxuKcabivwHfj0DFylYrqx8= =8eLo -END PGP SIGNATURE-
Re: Request for review/upload of arno-iptables-firewall 2.0.3-2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Samuel, > Great, I'll sponsor once 2.0.3-1 hits testing, which should happen on > the > next 24 hours. Then we are able to prepare a backport of 2.0.3-1, > which I > think we should do (it may take sometime until the bpo package is > accepted). I've added a further change to 2.0.3-2 * d/control: Update debhelper Build-Depends from 12 to 12~. due to your question and Aleksey's answer regarding >> debhelper (>= 12~) >> > and > >> debhelper (>= 12) I believe we should not backport 2.0.3-1 anymore but start to do so with 2.0.3-2. Regards, Sven -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlxDHbgACgkQrfUO2vit 1YVwBhAAzb4sFuNrLT8LXf5E/gA5IwhDchBApgcNkV+U9LtzCBoiBw2vPjlRDLJ8 nD2pA405f6NxJ2IWBYaMiuQ3X6j7f0vg0C7+6DgIsyOkKE1VcD594ZhipWMM6tap CPZLjccZHyjM73/FL1mfHwdK6r8sR9793OykmGaHLc0X+uRDtgnro4NDf9HVjRNC nPgmeh6fPgChN6nWZXqtWJW2Qrc8w+svJizbG0JJ5/X8peO2bS5rT0mxv2+1IqiX ugv3XZzCllDdmIZd0Mf8Q0DujCarrQ2/QOUTh7jGNNWjt8SMGXEqHSjBmV1iNKe5 XSAcPH3CuDtJSSRDmIDyLaR1jFzrGZjtIJG+pp0tQ95lOE5R1/SeEfH4fcdJPrMz DYfpH5B/IcIK6BWObC6mtm4mfWO/fwR1Dwn4jrQC8f/FiwxBkwK/aLxGyKnkupkw f9gG7pO3S4rhgG550xfJehPKiiQTK8JIgu1MM9kqopFyPBKCwalwwLEauQ8ZwPEU 66qzIDVx9+uOxWJc4OZFHztGJxWxKhhvI3VkaROLPpUtvtSKSh1LZqkzYoe/qiiB S9l0HTZEs+kcZy/ttLFQust5y2/V+Oee2DEW+wY6GiDcCcv1f4Vk/rNPCkJHqBFa F+rfju3sBRCwDEiwDL2TgD3q+IOXY3uTt6jIg44iRGPw4yIDMDM= =rhj1 -END PGP SIGNATURE-
Request for review/upload of arno-iptables-firewall 2.0.3-2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Samuel, Hello Team, autopkgtest for arno-iptables-firewall had failed at Ubuntu [1] as I noticed yesterday. I managed to reproduce this locally, reworked the test and prepared arno-iptables-firewall 2.0.3-2. Please review and upload [2]. Best, Sven [1] https://autopkgtest.ubuntu.com/packages/arno-iptables-firewall [2] https://salsa.debian.org/pkg-security-team/arno-iptables-firewall -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlxA9kIACgkQrfUO2vit 1YViyw//aHJkQtgLkFDvemxqbY73ZOCF6wRQHJY3tTTq6JD/LeB9QYpZxkfyEUHU 4EdvXO9DNjwe1zktSbX6c99PF4tJhoEFQuwkclMKFg88G9iomowkjRjSCDyt/SLR kEOek5lPro9TNn4iDbNdpeZXIYxpYMP489P+hv0HjdFhW6NabPmJKHn49/YKvVkY U+aOnwzLz03qjYpgsbC8KIPoPwiuM5dryCt0Z7wRDWV/8xx5Cibklzql+6Pee51R bLilw/8TwkLhtX7wKbI7WSRauBXyNXVeInnvXGLqPaUqi7dd1BMw6FzHRJxdtH4P grof4mTSvpYuTw1XfdxHdQl/MuGTD8FgebJzv7YC/5Km965onViuZkFU6AayCcqR h/T7Z/GM5tF5IqWCrUoC0ULmZbWLfyol5DrnqbG+7z6R949NtGz9jCh5XgRbZ1FS pYmeOidPhqOcBRjzfSLX9203aYF6hVSQr8zIAttqIU92y4KnVYIuS3KFo1XC/e7V g+xq+kIfgNyfmEZp9uxL+RB8onAp/WxMoGdUvmBnt6jmnVCujkb85zhCKglUm8vx 4uUNemBKFikm0RVUytaCQwPlI1sEZ0rYoRf0v6vFb92/ZoLHbz/CJx+ACUa0v6Za p6bsepFhZ93ZH1N5KWwPbEUm91HIyoRcgy3PNNdwthTes4hBnIk= =Zilq -END PGP SIGNATURE-
Re: arno-iptables-firewall 2.0.3-1~rc4
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Samuel, On Monday, 14.01.2019, 21:08 + Samuel Henrique wrote: > Hello Sven, > > 1. prepare a 2.0.3-1~bpo9+1. This would only require DH level to be > > rolled back to 11. > > > > I'm lost here, why do we need to roll back to DH 11? I believe so as DH on stretch does not support level 12 according to the manpage [1]. In case that's not relevant ... > > > > 2. prepare a 2.0.1.f-2 from 2.0.1.f-1.1 patched for Bug #824684. > > This > > could be a minimal change leaving all the older packaging flaws in > > place. > > > > Let's just backport 2.0.3-1. ... I would branch a debian/stretch-bpo from 2.0.3-1 and prepare d/changelog accordingly. Or is this something I complete have to leave to you? Best, Sven [1] https://manpages.debian.org/stretch/debhelper/debhelper.7.en.html -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlw+KBgACgkQrfUO2vit 1YXPIA//Uxy1haWxmYcXcg1eVpYMxuG49XtmcfbV/Docl5961wYDaGooDBg74he6 TAZ9Qftp27aEMHQebxu/0qRMonq64K/HX9en8rGeJiXPQcWSx0nWMCHmxYDy+v7r hnUbuZzpHQrRGWxes+38JIoos1fCyP/N6zF2S9Zng3SVLKbECQpc6ZurWBaGk+2b qeXjpbjCl1zU4Hei3QW174mOHqqZJvZGT1H4Fk+M9q5dLmzKoXS0CuESKHS+l8R+ ZDQtZ5d33GciGcEgRrp8jqSy1XyWwF+qlzTsH27eFD06+CwmpCqqZkte5oEff63X /pkLsPFXn311W2FSA+NHSYlYdUbP3HG9jitk46daajUmSUZYc6EpSlXpFUOItqYh kND+7dlkJBapLnpsnuLvdNpu5WKuzAabLCXGkoZVpLmL7SrdJWoqZr3uG4W6t3ET NrIsOw4U+q+GRzyh8Lgd5q4vBZSFHmKpC5qYpXXywpXe7MyM3bzOdlerdETOs7e8 FTfhrozoFvbw6MB5+2axHmhAZ9eQFxEtCUxI6QXZu/N8pzubXl/edAr0ZLBZnDrk 0hdHIEoww5zWH47901y61cgjaRtNNDocSkmVf7CbHZGHWuGauOSYTqvBpk0myyZ0 ECPyuFDayvv002Txq+nTsIM3SWPvMrUSLXHYQvS25sicrVH3GTw= =0Q2z -END PGP SIGNATURE-
Re: arno-iptables-firewall 2.0.3-1~rc4
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Team, regarding the statement > Now it starts on system boot. and the question > Is it an idea to upload this new package to stretch-backports? I see two ways to go: 1. prepare a 2.0.3-1~bpo9+1. This would only require DH level to be rolled back to 11. 2. prepare a 2.0.1.f-2 from 2.0.1.f-1.1 patched for Bug #824684. This could be a minimal change leaving all the older packaging flaws in place. What is the preferred approach in your opinion? Best, Sven Am On Saturday, 12.01.2019, 18:54 +0100 Odd Martin Baanrud wrote: > Hello, > > Upgrading to the latest version of arno-iptables-firewall worked > fine. > Now it starts on system boot. > Thanks for a real cleanup! > > Is it an idea to upload this new package to stretch-backports? > It shouldn’t be a problem, since nothing has been changed in the > configuration area. > > Regards, Martin -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlw8+V0ACgkQrfUO2vit 1YVR1xAAgkJKdFxVTD2qopssSbPjfv0FvbioNnKfHDZKZpICSNGTePUcyYEWEVk5 yZeqpH9zhdW32L/RQVfPBG5lKK/B7wLxMGszhAvcH9vRcXh/u7fpTkhJf0WDAdOl 9WZGgKvlusPXcAkimV3gnGN20M2GLXks1oZvRv5bb3uxTAC2Fm04l6e3xd81FDOg AI0YwrBVb/pHShY9899WUrgWkqgZMcQ6X4/eEyH7Wh+CWQXHpf24XCVL1Q4rO9kM 9WuMlI8Julx3oD1Qklbe/drtvwBHYLGP/WFMUX0eq3sUEzoG+FpzA1l9lNXJuuBt M6N8252JbIYly4qqMkr3fR+VBRVsE6w6IGWDAaTb1Iat3zqLLv0hQm1waJrxjRXz ko3j6aWEo9Gm6fEvPacVuRMKpknREWF5nD3yZK4nEh1At69MtVlDK0Gkzg9Q7laW gTMNVdUTdAOBx6OFwS8bdaHKT2NCmpApwGeszL/Rf5eOaPc23LlXPXCvXv6XUkFX kkK7+ICWo8x+wCqx4uBo9HIynNHN7EdsbD7MrlzmtJALH645mAcXTphYqwHD+7Sg dLSDFd/ZPQzYrHFD8m/ZYRA0UOTse28s5L5131TkRVIoKuXaHJXpHF35LntWZdle 9XKfZ2dtRwGk1l4nvAQAbqaxwydUTiPCsxoXpS1q76J1jdkX6Js= =Y0P8 -END PGP SIGNATURE-
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Thanks a lot for uploading, Samuel! On Sunday, 13.01.2019, 23:36 + Samuel Henrique wrote: > Hello Everyone, > > Finally got some free time to review the package, I think everything > is ok, > I just did some little changes on d/copyright. > > Thank you everybody who helped review and test the package, and Sven > for > the packaging :) > > Uploaded. > -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlw89+MACgkQrfUO2vit 1YVO5RAAhAD7xu6TXINfQvl4U/+sOgnd3Guvno6euWiJKX/Bu8ZKVG93MT0UefPY nCCPb2Cnvk++h1LxdjnU2stEjKKLE5R2voR9Jpx83k1Uqdhy7s0dQloKPtTfTwUL 2sAopNeeZkqgwfpoFIW5Pxl+16Aqgp36vSQAVH6iF6kxGoN/8eO5Sl8ZSUbWsly7 o84QM2GUzJIGSF+GZtgXG29adqmo4kJJ7YrYcke44VNRnTusLbtBDh97E5noJKQa lT+vkBEOB8SkKfHQGoRFu/XV4MguHVCD0aDeqL62/4EDFVLS8JxTWMkv0hn1Ezmb f8a8SiXeOtP+RSLwh1yCYSqG4w7t1zbP6DG8O6+MKYhbfkeIepViV9rqwYNUmxkV 0WDNEz1kF9C1cw0Hw2ZIXIh0juFQ9MuVGA1qTVwbVZGhENdI5+5OkyJAYODMrfXK tR2HpbNGhXg5F7rZmHozqiaLjN0sFMXtE+t5/VqGRMMdIAI66pFhRA/NLozNWI3Q vp75+A/5Aui6mJ6k9pMBN2zwCd3PEwvJTNCmElyc1mbOXiPYdp6o79qAD+CbxEgz OuJIgeO8xiDIXl6/RZe87rrr3rqXJsOwCL7N7jm13ZFoO4k/Y0mn0fKk9JNbHgF0 4CiJdpABCfah31xXr1nAmHNPu9fo8uqJ0eecmdW66uBtt2RAhcI= =+7L7 -END PGP SIGNATURE-
Re: arno-iptables-firewall 2.0.3-1~rc4
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello Martin, thank you for testing and reporting. Regards, Sven On Saturday, 12.01.2019, 18:54 +0100 Odd Martin Baanrud wrote: > Hello, > > Upgrading to the latest version of arno-iptables-firewall worked > fine. > Now it starts on system boot. > Thanks for a real cleanup! > > Is it an idea to upload this new package to stretch-backports? > It shouldn’t be a problem, since nothing has been changed in the > configuration area. > > Regards, Martin -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAlw89qEACgkQrfUO2vit 1YX5FA//YzHfmMYPoE08xtvAEnQJA0+l/2P+sUqSqqrWfn3z2eKiF/iqo6ubA0th 5MgI3TyJQl9ChXV99cC+Vbvzz3dCueDNDqidhn7MOelkjllT8p5dcGlJEjqz2BL0 LlEsHNWdDEg8WA1DYPiT139GCONRKZF1THXbLfMW7Z6IlW4e3OUgUTm+nrQ0Jj0q 05kszRh1Ws+8O47JHB6pspv1YPzlIYanU6lsaWKmy/2OakfXDqOw4j5Gu82Fxvnz +FbXcYVIezWfkzc+ie3G2bxqBWBq/I2ywasuECjI71o04/b+37YuzyLAsmt/ZAK1 7sBcRvbZR+98VG+RF7qJRZ8/4FvGD2wyb0MoyJ8l/sGGr9RKq2HiJZcL9R4/yKG3 kZbBb1/X2IL3JIRS6VtoegqYYD1jKSvQ12ZW1sD+x3nLgCR9iktg27k3HKLIaol5 Nhih0iDH9M2ePXEQNrQ5N+FmkSx69Vim6t2tkztrU1xMmcf3IGfd1rDcIaUOTpVP M98P+IQe3Amm5CZrZbYUziupZ5P8DGGewF1mgKUXkm5xYVhzv/KjB9lc17DQVeWe jbv2fNijPVLw6W6ZJ8W7XGPlmdQeK0657VIIOtKYEqXF7iGRUYVwiaLNVoRdOcKe n20oLde134HN+jUiNm2K01/GHc2NJN1tjM2DQ2j2oQBT9JmzEyE= =nz/X -END PGP SIGNATURE-
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hello Team, a small fix to my previous post: > I managed to run autopkgtest through ssh to a Virtualbox VM. > > Steps: > > Set up an minimal VM by selecting ssh server from debian installer > with > user testbed and password xx where testbed is capable to sudo. > > Copy your local ~/.ssh/id_rsa.pub to > /home/testbed/.ssh/authorizes_keys > on the VM. > > You should now be able to ssh into the VM, details depend on your > virtual network configuration. In my enviroment a simple 'ssh sid' > does > the job. By testing this your local enviroment learns the VM's host > key. > > A this point you may want to take a snapshot of the VM to rollback > to > after a test. > > You then can run autopkgtest by: autopkgtest arno-iptables-firewall_2.0.3-1_amd64.changes -- ssh --capability=isolation-machine --capability=root-on-testbed -l testbed -P xx -H sid > As Aleksey mentioned in his latest post running the test blocks the > VM's ssh port in the end. Fortunately the firewall does not block > already established connections, so the test performs flawlessy. > > After each autopkgtest the testbed needs to be restored, by rolling > back the VM to the snapshot you took before, or by executing 'sudo > dpkg > --purge arno-iptables-firewall' on the VM's console. > > Best, > Sven
Re: arno-iptables-firewall 2.0.3-1~rc4
Hi Marcus, thanks a lot for your report. Sven Am Donnerstag, den 10.01.2019, 15:40 +0100 schrieb Marcus Frings: > Hi Sven, > > On Tue, 08 Jan 2019 19:33:43 +0100, Sven Geuer > > wrote: > > > Hi Marcus, > > arno-iptables-firewall has been accepted into experimental [1]. > > It would be of great help if you could test the new arno package > > and > > give feedback at debian-security-tools@lists.debian.org. > > Especially your experiences with upgrading from version 2.0.1.f or > > older is of interest. > > Thanks for contacting me, since I am the one who filed bug number > #862856 in 2017. Many thanks for your work on improving > arno-iptables-firewall in Debian and adopting it as new maintainer, > as > I had the impression that the package looked rather abandoned! I am > happy to give some feedback here. However, my feedback is purely > based > on my perspective as a regular user, and I did not investigate the > quality of the Debian packaging itself. > > After reading the changelog entry of your version, I upgraded from > version 2.0.1.f to yours on a couple of systems (all based on sid). > In > all cases the upgrade proceeded smoothly without problems. I am > running > your packaged version since two days now, and until now I have not > encountered any problem. > > Best regards, > Marcus > > PS: I am not subscribed to d-s-t@l.d.o, and unfortunately this > mailing > list is not available via the Gmane NNTP gateway, so please CC me in > future responses from the list (in case that there are any).
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hello Team, I managed to run autopkgtest through ssh to a Virtualbox VM. Steps: Set up an minimal VM by selecting ssh server from debian installer with user testbed and password xx where testbed is capable to sudo. Copy your local ~/.ssh/id_rsa.pub to /home/testbed/.ssh/authorizes_keys on the VM. You should now be able to ssh into the VM, details depend on your virtual network configuration. In my enviroment a simple 'ssh sid' does the job. By testing this your local enviroment learns the VM's host key. A this point you may want to take a snapshot of the VM to rollback to after a test. You then can run autopkgtest by: autopkgtest arno-iptables-firewall_2.0.3-1_amd64.changes -- ssh --capability=isolation-machine --capability=root-on-testbed -P xx -H sid As Aleksey mentioned in his latest post running the test blocks the VM's ssh port in the end. Fortunately the firewall does not block already established connections, so the test performs flawlessy. After each autopkgtest the testbed needs to be restored, by rolling back the VM to the snapshot you took before, or by executing 'sudo dpkg --purge arno-iptables-firewall' on the VM's console. Best, Sven
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hello Aleksey, Hello team, > I've reviewed a bit more: > [x] arno-iptables-firewall_2.0.3-1.dsc builds cleanly with pbuilder > [x] the package correctly builds twice by debuild within the source > tree > > I found strange thing. The content match, but checksum doesn't match > for > the previous release tarball: > $ pristine-tar checkout arno-iptables-firewall_2.0.1.f.orig.tar.gz > $ sha1sum arno-iptables-firewall_2.0.1.f.orig.tar.gz aif- > 2.0.1f.tar.gz > af32d7757a3e85a7b92b88c8e4dfdfd86bb32b16 > arno-iptables-firewall_2.0.1.f.orig.tar.gz > a18f94fb9324df8e8e4a28805b92269ff8bd1bc6 aif-2.0.1f.tar.gz > , where aif-2.0.1f.tar.gz is taken from upstream github tag [1] I used the previous release tarball from packages.debian.org [3]+[4]: $ sha1sum arno-iptables-firewall_2.0.1.f.orig.tar.gz af32d7757a3e85a7b92b88c8e4dfdfd86bb32b16 arno-iptables- firewall_2.0.1.f.orig.tar.gz This matches what is on salsa now. If I remember correctly upstream previously used to host its release tarballs on the homepage [5]. The Github repository was even unknown to me before I started to upgrade the package. So, maybe this glitch results from Github repacking the release. > > I'm experiencing some problems running autopkgtest: > > 1) failed to correctly setup serial console ttyS0/ttyS1 for qemu > debian-sid > image (autopkgtest fails to connect) I wasn't able to test this either as autopkgtest-build-qemu currently seems to be broken [6]. I could afford to ruin my usual netfilter rules and ran the test successfully on my local machine by: $ sudo autopkgtest arno-iptables-firewall_2.0.3-1_amd64.changes -- null > > 2) autopkgtest fails with ssh to a VirtualBox VM, using command: > autopkgtest arno-iptables-firewall_2.0.3-1_amd64.changes -- ssh > --capability=isolation-machine -l root -p 2022 -H 127.0.0.1 > > See the log [2]. It looks like autopkgtest doesn't not install > arno-iptables-firewall_2.0.3-1_all.deb > To run the test I've also removed the 'needs-root' restriction, since > the > option '--capability=root-on-testbed' is not enough. In my understanding it's up to autopkgtest to install a package, the test scripts itself should just test the installed package. I will try this on Virtualbox. Cheers, Sven > > > [1] > https://github.com/arno-iptables-firewall/aif/archive/2.0.1f.tar.gz > [2] https://paste.debian.net/1059405/ > > [3] https://packages.debian.org/buster/arno-iptables-firewall [4] http://deb.debian.org/debian/pool/main/a/arno-iptables-firewall/arno-iptables-firewall_2.0.1.f.orig.tar.gz [5] http://rocky.eld.leidenuniv.nl/ [6] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916493
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hi Samuel,
I removed pre-squeeze upgrade code
Regarding your change 'Bump DH level to 12' I believe debian/control
needs further changes.
The debhelper manpage says:
Changes from v11 are:
[...]
This change makes dh_installinit inject a misc:Pre-Depends
for init-system-helpers (>= 1.54~). Please ensure that the
package lists ${misc:Pre-Depends} in its Pre-Depends field
before upgrading to compat 12.
[...]
Please double-check.
Best,
Sven
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hi Samuel,
> Do you think these people could test the version in experimental? As
> far as
> I currently reviewed it looks like the only problem which may hit us
> is on
> upgrades of the package, I mean, I want to make sure that an upgrade
> of the
> package will not break any configuration file (which does not look
> like
> will happen but it's better if people actually tested on their
> systems).
I asked them (again) to do so.
>
> I've seen some {pre/post}{rmínstall} parts to deal with very old
> versions
> of configs from arno, and also a comment asking if that was needed, I
> didn't properly read the scripts yet but agree with you, we can
> remove that
> parts because they are for versions prior to old-old-stable. Feel
> free to
> remove them.
Will do.
Thank you for your time,
Sven
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hello everybody, are there still chances to get this into buster? Is there anybody who can help reviewing this package? I know there are people waiting for an updated/upgraded version in buster. Sven Am Mittwoch, den 02.01.2019, 01:01 + schrieb Samuel Henrique: > Hello Sven, > > I started looking at the package, but as there are a lot of changes > in > there, it will take some time until I can review and confirm that all > of > them are ok and we are close to the freeze. That's why I decided to > upload > the package to experimental for now, so it's also easier for other > people > to test the package. > > If anybody else from the team is also available, it would be great if > we > had more people reviewing it*, so we can make sure it will be > available on > Buster. I will try my best to review all of it and sponsor the > package > before 6th January nonetheless. > > Thanks for your work Sven. > > * Note that you don't have to be a DD or DM to review the package, > everyone > is welcomed and that's a good way of learning packaging, you also > don't > have to check everything, feel free to send checklists of the parts > you > checked and confirmed that are ok. >
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hi Team, one question, is it appropriate to close the RFS-Bug [1] by means of debian/changelog via * New maintainer. (Closes: #886951, #915718) ? [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915718 Sven
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Thank you so much, Raphael. Am Mittwoch, den 02.01.2019, 15:44 +0100 schrieb Raphael Hertzog: > Hi, > > On Mon, 31 Dec 2018, Sven Geuer wrote: > > Regarding joining the group I seem to miss the obvious. I didn't > > see > > how to do so on [2]. Please advice. > > I have added you to the team (there's no button to request to join, > you > have to ask here, I just clarified this on the wiki page). > > Cheers,
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hello Samuel,
thanks a lot for uploading!
Hello Aleksey,
find my replies inline below.
Am Mittwoch, den 02.01.2019, 17:01 +0300 schrieb Aleksey Kravchenko:
> Hello Sven,
>
> You should now switch the Vcs-* fields to the new repository
> https://salsa.debian.org/pkg-security-team/arno-iptables-firewall
>
> I beleave you should drop ~rc4 suffix after the package version
> (2.0.3-1).
> Now, for reviewing you use git commits, instead of uploading ~rc*
> packages
> to mentors.
Done. Also corrected Maintainer and moved myself to Uploaders.
>
> Samuel,
>
> > you also don't have to check everything, feel free to send
> > checklists of
> the parts you checked and confirmed that are ok.
> I've reviewed a bit.
>
> [x] upstream tarball is imported correctly (checksum match).
> [x] checked d/watch with uscan - works as expected, although it's
> unusual
> to see uupdate running from d/watch.
I followed
https://www.debian.org/doc/manuals/maint-guide/dother.en.html#watch
doing it this way.
> [x] fr.po and sv.po are correctly converted to uft8
> [x] d/control looks sane
> [x] new d/arno-iptables-firewall.logrotate looks good
>
> autopkgtest and d/templates look dependent on existence of ppp
> interface,
> so it should be verified.
ppp+ is the standard placeholder for a ppp interface that may become
available later. It's one of the features of arno-iptables-firewall
that it can deal with this.
Therefore autopkgtest does not need a real ppp either. It checks
whether the generated configuration file and the installed iptables
rules are as expected. No real network traffic is produced or consumed.
>
> The diff is big (>2200 lines) mostly because of two converted .po
> files
Contentwise nothing has changed there, it's only the conversion from
latin1 to utf8.
> and modified debian/{post,pre}* scripts.
> I think these scripts should be reviewed after all other changes.
These are constructed starting from fresh dh_make templates. Then I
imported logic from the previous scripts where appropriate or
rewrote/extended it. For easier review, may be it helps to diff with
option --ignore-space-change.
Best,
Sven
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hello Aleksey, Hello Team, I logged in to salsa.debian.org, created a repo for the package and pushed everything I have, including latest updates [1]. Please review and upload so that this package can go into buster. Regarding joining the group I seem to miss the obvious. I didn't see how to do so on [2]. Please advice. [1] https://salsa.debian.org/sven-geuer-guest/arno-iptables-firewall [2] https://salsa.debian.org/pkg-security-team Happy New Year to all of you! Sven Am Montag, den 31.12.2018, 04:59 +0300 schrieb Aleksey Kravchenko: > Hello Sven. > > On 29.12.2018 22:14, Sven Geuer wrote: > > I'd like to ask for a repository for arno-iptables-firewall under > > https://salsa.debian.org/pkg-security-team. I would then upload the > > version 2.0.1.f-1.1 currently in unstable and buster followed by my > > packaged 2.0.3-1 so that changes are easy to spot. > > First you should login to salsa.debian.org [1], then join the > pkg-security-team group [2]. > > Only Michael Prokop, Raphaël Hertzog and Gianfranco Costamagna have > the > rights to create repository. They seems to be busy at this time of > the > year, you should understand them ;) > > I see from description of arno-iptables-firewall [3] that it's indeed > security related: > > arno-iptables-firewall will setup and load a secure, restrictive > > firewall > > by just asking a few question. > > The package has very good popcon vote-rank 7931 [4] and has in the > debian bugtracker a demand [5] for new version. > > If you are in hurry (because of the buster freeze), you should setup > a > repository on your personal salsa page, then you can add it as > Vcs-Git/Vcs-Browser to your debian/control file, and then ask for > review/upload on this list. > > [1] https://salsa.debian.org/users/sign_in > [2] https://salsa.debian.org/pkg-security-team > [3] > https://tracker.debian.org/media/packages/a/arno-iptables-firewall/control-2.0.1.f-1.1 > [4] https://qa.debian.org/popcon.php?package=arno-iptables-firewall > [5] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886991 > > Best wishes, > Aleksey > >
Re: RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hello team, I'd like to ask for a repository for arno-iptables-firewall under https://salsa.debian.org/pkg-security-team. I would then upload the version 2.0.1.f-1.1 currently in unstable and buster followed by my packaged 2.0.3-1 so that changes are easy to spot. Looking forward to reveiving your feedback. Sven Am Samstag, den 22.12.2018, 18:03 +0100 schrieb Sven Geuer: > Hello team, > > I intent to adopt the orphaned package arno-iptables-firewall ( > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915718). > > Marcos proposed to maintain this package from within the pkg-security > team and I would love to follow his suggestion. > > Having read https://wiki.debian.org/Teams/pkg-security its still > unclear to me what the next steps shall be, starting with how to join > the team. > > Please give some pointers or hints how to proceed. > > Sven > >
RFS: arno-iptables-firewall/2.0.3-1 [ITA]
Hello team, I intent to adopt the orphaned package arno-iptables-firewall ( https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915718). Marcos proposed to maintain this package from within the pkg-security team and I would love to follow his suggestion. Having read https://wiki.debian.org/Teams/pkg-security its still unclear to me what the next steps shall be, starting with how to join the team. Please give some pointers or hints how to proceed. Sven
