Bug#747543: marked as done (O: sitecopy -- program for managing a WWW site via FTP, SFTP, DAV or HTTP)
Your message dated Sun, 13 Jul 2014 06:48:28 + with message-id and subject line Bug#747543: fixed in sitecopy 1:0.16.6-7 has caused the Debian Bug report #747543, regarding O: sitecopy -- program for managing a WWW site via FTP, SFTP, DAV or HTTP to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 747543: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747543 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: wnpp Severity: normal I intend to orphan the sitecopy package. The package description is: Sitecopy is for copying locally stored websites to remote servers. With a single command, the program will synchronize a set of local files to a remote server by performing uploads and remote deletes as required. The aim is to remove the hassle of uploading and deleting individual files using an FTP client. Sitecopy will also optionally try to spot files you move locally, and move them remotely. . Sitecopy is designed to not care about what is actually on the remote server - it simply keeps a record of what it THINKS is in on the remote server, and works from that. --- End Message --- --- Begin Message --- Source: sitecopy Source-Version: 1:0.16.6-7 We believe that the bug you reported is fixed in the latest version of sitecopy, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 747...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Christian Marillat (supplier of updated sitecopy package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sun, 13 Jul 2014 08:38:39 +0200 Source: sitecopy Binary: sitecopy Architecture: source i386 Version: 1:0.16.6-7 Distribution: unstable Urgency: medium Maintainer: Christian Marillat Changed-By: Christian Marillat Description: sitecopy - program for managing a WWW site via FTP, SFTP, DAV or HTTP Closes: 747543 Changes: sitecopy (1:0.16.6-7) unstable; urgency=medium . * New maintainer (Closes: #747543) Checksums-Sha1: c399037accadb2889483a36d389bc436e81fb252 1922 sitecopy_0.16.6-7.dsc e15ae8d96d3afa5154de831b839c67ad2e0dc0a5 24416 sitecopy_0.16.6-7.debian.tar.xz 97be8d47296de0b2dd32c21e4638d0fdf04e52b1 126440 sitecopy_0.16.6-7_i386.deb Checksums-Sha256: 9810311c893d97760174b042e26b24365e7b949e22f497e8aa282e5afcde60e9 1922 sitecopy_0.16.6-7.dsc d29c5fb052675cadcdce3de6c424b9e9297abbb9fe945b7c18562a256a70f42c 24416 sitecopy_0.16.6-7.debian.tar.xz 32a1583ecef8d47414bf3f6385238f1c105020eb25e58fd49ae6bc112e514fac 126440 sitecopy_0.16.6-7_i386.deb Files: 163da7ece50e91cb25472fe86dc7be6d 126440 web extra sitecopy_0.16.6-7_i386.deb 17860911299caef19dec085afecf8604 1922 web extra sitecopy_0.16.6-7.dsc 755c1478487abbd7f25c24d11fed881f 24416 web extra sitecopy_0.16.6-7.debian.tar.xz -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIVAwUBU8Ip/VyAjCtlVYEXAQixXBAA3rRcmoL5G1VQEcRbkQzOd/nGuj3b4gAX FPSHZBX1oaowJec7SH4HuOScpW7xjGKu3Mm8nqB5wgyXlkeUujFcb038zkGA9c1I PugX9LeCeccsFgrzIZCMZSThKvJnsIhvllOnYsfPBsxOClkx7IVuQ3lAKyyVNQK7 PML40S1ztgDd799WHiITrJRImn0ZZ7rkqWlhZA62Uxkm7WlXz+rDd8QR053kBFuU wEotiP/Z8edGg+ARaDj+tfjx9NbeLBGjXT9mLg9qULZc4651l5+KWw5nHlWPjONt CaxDnvCucX09yJ5UvS+tzFsIMZsgeOT98pYcRmUSksCbWJgSrS7//zpW7Wxy1jy1 VJUnU5mn7bIBMKSmcdsjQ/yiFGJfJFl84nnyYuFHTA8lxSjI8u+ghflYDDt77vfW 8m0U8XmNp2AySG7k9rX6d9HS8X7ZK5iuNDAILqjyM50LpD4lcSc1Csn2ur35xMQL RUuoqNwhGjDCAHiQtZYw6SBvjCFDJrCSmArdRYYldlg8fLqJCae+exg/qSYqW4mM jlHzXLldPtlaW0k5spaZmbbs1Hhrx1+cwREN5IfwkZulUG/kKIHixacf24W0u6pq Z0bKLQo+F+khaQSz950Powef8cRZfkNfQZ0KnEjGvDADjxjCEduUpnoSmm4dpzSk maWpx6POets= =V1sW -END PGP SIGNATURE End Message ---
Processed: Debian bugs #754473, #754652
Processing commands for cont...@bugs.debian.org: > block 754473 by 754652 Bug #754473 [wnpp] ITA: uriparser -- URI parsing library compliant with RFC 754473 was not blocked by any bugs. 754473 was not blocking any bugs. Added blocking bug(s) of 754473: 754652 > -- Stopping processing here. Please contact me if you need assistance. -- 754473: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754473 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.c.140523340113419.transcr...@bugs.debian.org
Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Hi,
Thomas Goirand:
> Well, I don't agree with this view. If LibreSSL pretends to be a
> replacement for OpenSSL, then they should care about being ABI
> compatible, so we can easily switch from one implementation to the
> other.
That depends. If the ABI in question includes calls or constants which are
the security equivalent of gets() or scanf("%s") or …, then no.
> As Kurt wrote, GNUTLS becomes a better alternative then.
Does gnutls have an openssl shim which actually works as a generic
replacement? I dimly recall a couple of not-so-nice incompatibilities …
> Therefore, I'd very much prefer if we used OpenSSL *or* LibreSSL, but not
> have the choice between the 2, otherwise, that's a recipe for disaster.
>
Well …
> Please don't upload LibreSSL to Sid *ever*, unless we collectively
> decide that we are switching away from OpenSSL (and for which a
> discussion would have to start).
>
… while IMHO it's possible to safely mix openssl and libressl if we prepare
for that (i.e. make sure that _everything_ in libressl is only exported
with properly versioned symbols), again IMHO the time and effort required
for _that_ would be better spent evaluating the changes both projects made
and then deciding which of the two shall be in Debian.
Both efforts have started fairly recently, so it's kind of premature to do
that now; and while IANARTM (Release Team Member) transitioning the whole
of Debian to libressl closer to the release would not be a good idea even
if we decide it's (going to be) the better alternative.
--
-- Matthias Urlichs
--
To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140713061751.ga15...@smurf.noris.de
Processed: Debian Bugs #754473, #754515
Processing commands for cont...@bugs.debian.org: > unblock 754473 by 754515 Bug #754473 [wnpp] ITA: uriparser -- URI parsing library compliant with RFC 754473 was blocked by: 754515 754473 was not blocking any bugs. Removed blocking bug(s) of 754473: 754515 > -- Stopping processing here. Please contact me if you need assistance. -- 754473: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754473 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.c.14052316554156.transcr...@bugs.debian.org
Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
On 07/12/2014 08:46 PM, Toni Mueller wrote: > As libressl is currently under > heavy development, it is imho not to be expected to have that stable ABI > you are asking for. Well, I don't agree with this view. If LibreSSL pretends to be a replacement for OpenSSL, then they should care about being ABI compatible, so we can easily switch from one implementation to the other. Just like for MariaDB / MySQL in fact (not sure if these are still ABI compatible though). If that's not the case, then it looses a lot of its purpose. As Kurt wrote, GNUTLS becomes a better alternative then. > OTOH, one guy already switched his entire Linux > system over, so far with no visible adverse effects. And then? This gives no clue if he had to rebuild everything that build-depended on OpenSSL... On 07/13/2014 01:15 AM, Russ Allbery wrote: > If you start using both for different packages, then you end up with > shared libraries conflicting over which libssl they want to use, and > then bad things start happening. Exactly! I fully agree with you on this. This reminds me issues I had with mod-log-sql linked to MySQL and php as well, and when they were built against different versions... BOOM! I certainly do *not* want this kind of things to happen in Debian. Therefore, I'd very much prefer if we used OpenSSL *or* LibreSSL, but not have the choice between the 2, otherwise, that's a recipe for disaster. Please don't upload LibreSSL to Sid *ever*, unless we collectively decide that we are switching away from OpenSSL (and for which a discussion would have to start). Cheers, Thomas Goirand (zigo) -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/53c20278.1010...@debian.org
Bug#673750: marked as done (O: gnade -- GNat Ada Database Environment)
Your message dated Sun, 13 Jul 2014 01:34:47 + with message-id and subject line Bug#754525: Removed package(s) from unstable has caused the Debian Bug report #673750, regarding O: gnade -- GNat Ada Database Environment to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 673750: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=673750 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: wnpp Stephen Leake writes on [1]: I don't have time or energy for this anymore. Someone will need to take over maintenance of my packages. [1] http://lists.debian.org/debian-ada/2012/04/msg00043.html -- Ludovic Brenta. --- End Message --- --- Begin Message --- Version: 1.6.2-9+rm Dear submitter, as the package gnade has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/754525 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org. Debian distribution maintenance software pp. Scott Kitterman (the ftpmaster behind the curtain)--- End Message ---
Bug#754622: ITP: google-android-sdk-docs-installer -- Install Google build-tools for Android
Package: wnpp Severity: wishlist Owner: "Hans-Christoph Steiner" * Package name: google-android-sdk-docs-installer Version : 20.0.0 Upstream Author : Google, Inc. * URL : https://developer.android.com/sdk/index.html * License : public domain Programming Lang: make Package source : http://anonscm.debian.org/gitweb/?p=android-tools/google-android-sdk-docs-installer -- Install Google build-tools for Android.git Description : Android SDK Documentation from Google This package will download the Android SDK Documentation from Google and create a Debian package. This package also aims to strip out all calls to the networking, including tracking services like Google Analytics and Doubleclick. These documentation files still require the Google "jsapi", which is only available by fetching it each time from http://www.google.com/jsapi. This package forces it to use https://, but otherwise, these docs have to phone home in order for any of the javascript to work. . WARNING: Installing this Debian package causes docs-L_r01.zip to be downloaded from dl-ssl.google.com. The End User License Agreement of this binary package is available at developer.android.com. The code in the documentation is licensed under the Apache 2.0, and the content is licensed under Creative Commons CC-BY 2.5. The CC-BY 2.5 license is non-free but can be legally distributed by Debian. This package avoids the issue all together since each user directly downloads the files from Google, and must agree to Google's license. signature.asc Description: OpenPGP digital signature
Bug#754595: RFP: easymercurial -- Easy to use mercurial GUI
Package: wnpp Severity: wishlist * Package name: easymercurial Version : 1.3.0 Upstream Author : Chris Cannam , Jari Korhonen * URL : http://easyhg.org/ * License : GPL Programming Lang: Python Description : Easy to use mercurial GUI EasyMercurial is a simple user interface for the Mercurial distributed version control system. The program is designed for non-advanced users of distributed version control. I'm happy to put in a bit of effort in getting this Debian-ised, assuming there are no issues i have overlooked. I don't think I can provide stable maintenance, as I am not sufficiently python proficient - particularly . -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712210522.6227.42074.reportbug@midipc
Processed: limit package to wnpp, tagging 754564
Processing commands for cont...@bugs.debian.org: > limit package wnpp Limiting to bugs with field 'package' containing at least one of 'wnpp' Limit currently set to 'package':'wnpp' > tags 754564 + pending Bug #754564 [wnpp] ITP: libinline-c-perl -- C Language Support for Inline Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 754564: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754564 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.c.140518053320596.transcr...@bugs.debian.org
Bug#754574: ITP: node-uid-safe -- UIDs generator for URL and Cookie middlewares - Node.js module
Package: wnpp Severity: wishlist Owner: Leo Iannacone X-Debbugs-CC: debian-de...@lists.debian.org * Package name: node-uid-safe Version : 1.0.1 Upstream Author : Jonathan Ong (http://jongleberry.com) * URL : https://github.com/crypto-utils/uid-safe * License : Expat Programming Lang: JavaScript Description : UIDs generator for URL and Cookie middlewares - Node.js module This modules provides a generator to create cryptographically secure UIDs safe for both cookie and URL usage. . This is in contrast to modules such as rand-token whose UIDs are actually skewed due to the use of `%` and unnecessarily truncate the UID . Node.js is an event-based server-side JavaScript engine. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/53c1553d.49c6b40a.4fc9.e...@mx.google.com
Bug#754573: ITP: python-rfc3986 -- validating URI references per RFC 3986
Package: wnpp Severity: wishlist Owner: Thomas Goirand * Package name: python-rfc3986 Version : 0.2.0 Upstream Author : Ian Cordasco * URL : https://github.com/sigmavirus24/rfc3986 * License : Apache-2.0 Programming Lang: Python Description : validating URI references per RFC 3986 This package provides a Python implementation of RFC 3986, including validation and authority parsing. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712152021.16558.62224.report...@buzig.gplhost.com
Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
On Jul 12, Toni Mueller wrote: > On Sat, Jul 12, 2014 at 07:43:44AM +0200, Marco d'Itri wrote: > > On Jul 12, Toni Mueller wrote: > > > * Package name: libressl > > I am highly doubtful at best. > > in which respect, and why? I think some people are jumping ahead to "oh no! we're replacing OpenSSL?". That's something to be have some rough plan for in case we eventually want to do that. But for now I don't think it's a reason not to package it or even allow it into sid/testing. > > What are your plans exactly? > > My plan is to first build the package(s) and upload to experimental, so > people can start to play with it. It is definitely an interesting piece of software, with some different design choices being made here and there. It even adds some new features (new ciphers and elliptic curves for example) and the utilities are useful standalone (such as for an SSL CA). People can start to play around with it and maybe to try to rebuild packages against it locally. It couldn't be a drop-in replacement for OpenSSL's libssl and libcrypto because the ABI will differ. The source API is being kept as similar as possible so in theory: > Packages currently build-depending on openssl should be able to > build-depend on "openssl-dev | libressl-dev". that sounds like it should just work. Or otherwise, it could reveal if a package uses some 'unsafe' part of the API that OpenBSD has removed during their cleanup. Any incompatibilities or run-time differences are likely interesting to both SSL libraries as it could indicate a bug somewhere. Probably only a minority of people would want to rebuild many packages on their system against LibreSSL. But having it packaged, and co-installable helps people who want to do this. Similarly there is support in the Exim packaging to rebuild with OpenSSL instead of GnuTLS. Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712140150.ga15...@squeeze.pyro.eu.org
Bug#754564: ITP: libinline-c-perl -- C Language Support for Inline
Package: wnpp Owner: gregor herrmann Severity: wishlist X-Debbugs-CC: debian-de...@lists.debian.org,debian-p...@lists.debian.org * Package name: libinline-c-perl Version : 0.58 Upstream Author : Ed J * URL : https://metacpan.org/release/Inline-C * License : Artistic or GPL-1+ Programming Lang: Perl Description : C Language Support for Inline Inline::C is a module that allows one to write Perl subroutines in C. The Inline module supports multiple programming languages and each language has its own support module. This module allows one to use Inline with the C programming language. signature.asc Description: Digital Signature
Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Hi, On Sat, Jul 12, 2014 at 07:43:44AM +0200, Marco d'Itri wrote: > On Jul 12, Toni Mueller wrote: > > * Package name: libressl > I am highly doubtful at best. in which respect, and why? > What are your plans exactly? My plan is to first build the package(s) and upload to experimental, so people can start to play with it. > Would it have the same SONAME of openssl and conflict+provide it? I would like to make it co-installable with OpenSSL, but in general, this should be a drop-in replacement until APIs really diverge in a visible way. Yes, it would provide 'openssl', but I intend to place them into a different directory, so you might have to use LD_PATH to get them. Whether it has to conflict with openssl, I'll figure out that later, if otherwise the case would arise that a binary might get libssl from one package, and libcrypto from the other. So far, it looks like a recompile could be necessary. But since the upstream package has seen the light of day only yesterday (see http://article.gmane.org/gmane.os.openbsd.announce/186 for the announcement), things are not yet stable. For the technical side of the discussion, you can read http://dir.gmane.org/gmane.os.openbsd.tech). > Would it be a totally different library which packages would > build-depend on? Packages currently build-depending on openssl should be able to build-depend on "openssl-dev | libressl-dev". For recent versions of OpenSSH, it already works, and another user writes: "Just switched my slackware 14.1 box over to libressl instead of openssl and it's working great so far, no problems at all." So I guess usability is already good. But imho, it does have to stand the test of time, and receive independent review, and much more exposure. Which is one reason why I think it is a very good idea to expose it to the Debian and related communities. Kind regards, --Toni++ -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712130429.gc10...@spruce.wiehl.oeko.net
Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Hi Kurt, [ I have trimmed the Cc list - we are all on devel@, anyway, right? ] On Sat, Jul 12, 2014 at 02:15:13PM +0200, Kurt Roeckx wrote: > On Sat, Jul 12, 2014 at 01:53:45PM +0200, Toni Mueller wrote: > > On Sat, Jul 12, 2014 at 01:25:47PM +0200, Kurt Roeckx wrote: > > > What are you doing with the binaries, include files, man pages, > > > ...? Will they conflict with the ones from openssl? > > > > my intention is to package this stuff so one can have both openssl and > > libressl installed in parallel. libressl currently has libraries with > > these sonames: > > > > libssl.so.26 > > libcrypto.so.29 > > I don't really like it, since it could potentionally clash with > the ones provided by openssl. But it seems unlikely that openssl > will ever use that as soname. > > I had the feeling openbsd didn't care much about ABI stability, > and that being at 26 and 29 already doesn't give me a good feeling > either. I hope you don't have to go and change the binary package > names each time you upload a new version. Actually, these version numbers typically correspond with the version numbers in the rest of their system. As libressl is currently under heavy development, it is imho not to be expected to have that stable ABI you are asking for. OTOH, one guy already switched his entire Linux system over, so far with no visible adverse effects. > I was never very happy with it either. But it has very recently > changed, and I think it's going in the right direction. I'm now > also in the openssl development team. Good. That does help to improve my trust with it. > I'm not really sure what you mean by this. I'm pretty sure the > openssl development team has a pretty good understanding of > security and I don't see anybody adding a backdoor in it. Ok, but for whatever reason, they have an imho not as shiny track record, as has OpenBSD. Which is no wonder, given all the revelations we have had recently, but hey, sometimes one has to make a decision. > > FWIW, I have well over a decade of very good experience with OpenBSD > > Not everybody has the same experience with them. Yes. Not everybody has an intention to use LibreSSL, either, but regarding crypto, they usually know their stuff well above average. See eg. their OpenSSH, which has seen very widespread adoption. > I think GnuTLS is actually a better alternative and wish there > were more people developing and using it. But developing GnuTLS is a full-time job, and then there's the control problem with the FSF - you are certainly aware about the problems the original upstream ran into when he wanted to break loose from the FSF (for a reason I have forgotten). LibreSSL is a much lower-hanging fruit, as it is supposed to be mostly, or entirely, plug-compatible with OpenSSL. To me, the playing field largely looks like this atm: * GnuTLS, with an API incompatible with OpenSSL, thus requiring huge amounts of work to make significant use of it. * MatrixSSL, which once had a dubious license, and which still did not come out too well in the SSL lib comparison I recently saw (see the list archive), * the now newly staffed OpenSSL project, with their mixed track record (eg. "FIPS"), and now * LibreSSL, which sounds much like an OpenSSL on a diet, and with some exercise, and promising thrust behind it, but mostly simply a drop-in. And I guess the BoringSSL people will chime in sooner or later, too... Kind regards, --Toni++ -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712124645.gb10...@spruce.wiehl.oeko.net
Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
On Sat, Jul 12, 2014 at 02:15:13PM +0200, Kurt Roeckx wrote: > On Sat, Jul 12, 2014 at 01:53:45PM +0200, Toni Mueller wrote: > > There are a number of reasons for that, but one has been that I was > > unhappy about the perceived 'closedness' of the project > > I was never very happy with it either. But it has very recently > changed, and I think it's going in the right direction. I'm now > also in the openssl development team. I'm not sure that you saw this, but we recently published a roadmap document: https://www.openssl.org/about/roadmap.html Kurt -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712122257.ga19...@roeckx.be
Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
On Sat, Jul 12, 2014 at 01:53:45PM +0200, Toni Mueller wrote: > > Hi Kurt, > > On Sat, Jul 12, 2014 at 01:25:47PM +0200, Kurt Roeckx wrote: > > What are you doing with the binaries, include files, man pages, > > ...? Will they conflict with the ones from openssl? > > my intention is to package this stuff so one can have both openssl and > libressl installed in parallel. libressl currently has libraries with > these sonames: > > libssl.so.26 > libcrypto.so.29 I don't really like it, since it could potentionally clash with the ones provided by openssl. But it seems unlikely that openssl will ever use that as soname. I had the feeling openbsd didn't care much about ABI stability, and that being at 26 and 29 already doesn't give me a good feeling either. I hope you don't have to go and change the binary package names each time you upload a new version. > > If you're interested in maintaining such a package, why did you > > never respond to the RFH for openssl? > > There are a number of reasons for that, but one has been that I was > unhappy about the perceived 'closedness' of the project I was never very happy with it either. But it has very recently changed, and I think it's going in the right direction. I'm now also in the openssl development team. > I generally trust > the OpenBSD folks, who are the vast majority behind LibreSSL, much more > with respect to their ability to understand security and pursuing a "no > backdoors" philosophy than most other people. I'm not really sure what you mean by this. I'm pretty sure the openssl development team has a pretty good understanding of security and I don't see anybody adding a backdoor in it. > FWIW, I have well over a > decade of very good experience with OpenBSD Not everybody has the same experience with them. > although I prefer Debian > for most purposes, including a general slant towards "copyleft" (GPL) > instead of "copyright" (BSD). They simply provide one of the, or the > one, most viable alternatives to OpenSSL, thus helping to break down the > obviously unhealthy monopoly that currently is OpenSSL. I think GnuTLS is actually a better alternative and wish there were more people developing and using it. > @Kurt: That should imho go to devel@, not only to you and the BTS. I did intend to send it to the list, but forgot to Cc it, so doing that now. Kurt -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712121513.ga18...@roeckx.be
Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Hi Kurt, On Sat, Jul 12, 2014 at 01:25:47PM +0200, Kurt Roeckx wrote: > What are you doing with the binaries, include files, man pages, > ...? Will they conflict with the ones from openssl? my intention is to package this stuff so one can have both openssl and libressl installed in parallel. libressl currently has libraries with these sonames: libssl.so.26 libcrypto.so.29 > If you're interested in maintaining such a package, why did you > never respond to the RFH for openssl? There are a number of reasons for that, but one has been that I was unhappy about the perceived 'closedness' of the project, and my general feeling that I would like to have an alternative to openssl, which has been festering for several years now. For a while, I was hoping for libgnutls, but after the wakeup call, sent by heartbeat, I tried to figuere out which would be the best way forward, and I generally trust the OpenBSD folks, who are the vast majority behind LibreSSL, much more with respect to their ability to understand security and pursuing a "no backdoors" philosophy than most other people. FWIW, I have well over a decade of very good experience with OpenBSD, although I prefer Debian for most purposes, including a general slant towards "copyleft" (GPL) instead of "copyright" (BSD). They simply provide one of the, or the one, most viable alternatives to OpenSSL, thus helping to break down the obviously unhealthy monopoly that currently is OpenSSL. @Marco et al: I'll answer your other questions RSN, but the first portable release has only appeared yesterday, so it'll take some time until the dust settles. And no, I don't think we should go into production and switch to LibreSSL right now. But we should definitely have it. @Kurt: That should imho go to devel@, not only to you and the BTS. Kind regards, --Toni++ -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712115345.ga10...@spruce.wiehl.oeko.net
Bug#754556: ITP: python-mpop -- Meteorological Post-Processing Package (MPoP)
Package: wnpp Severity: wishlist Owner: Antonio Valentino * Package name: python-mpop Version : 1.0.0 Upstream Author : Martin Raspaud * URL : https://github.com/mraspaud/mpop * License : GPL Programming Lang: Python Description : Meteorological Post-Processing Package (MPoP) The Meteorological Post-Processing package is a Python library for generating RGB products for meteorological remote sensing. As such it can create RGB composites directly from satellite instrument channels, or take advantage of precomputed PGEs. It is designed to be easily extendable to support any meteorological satellite by the creation of plugins. In the base distribution, it is provided support for Meteosat 7, 8, 9, MTSAT1R, MTSAT2, GOES 11, GOES 12, GOES 13 through the use of mipp, and Noaa 15, 16, 17, 18, 19, and Metop A through the use of aapp and ahamap. Reprojection of data is also available through the use of the pyresample package. This package is part of the PyTroll toolset. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/53c11c4d.7080...@tiscali.it
Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
On Sat, Jul 12, 2014 at 12:06:27AM +0200, Toni Mueller wrote: > Package: wnpp > Severity: wishlist > Owner: Toni Mueller > > * Package name: libressl > Version : 2.0.0 > Upstream Author : The OpenBSD project, the OpenSSL project et al. > * URL : http://www.libressl.org/ > * License : BSD, OpenSSL, SSLeay, Public Domain. > Programming Lang: C > Description : SSL library, forked from OpenSSL > > > LibreSSL strives to maintain API compatibility with OpenSSL, but > do away with all the cruft. > > After a long series of OpenSSL problems, recently highlighted by > the infamous Heartbleed bug, a group inside OpenBSD decided to > fork OpenSSL and adapt the code to modern coding standards. > Along the way, a lot of compatibility with older architectures > and toolchains was discarded. I assume that since it's named libressl that the soname will contain "libressl.so"? What about the crypto library? librecrypto.so? What are you doing with the binaries, include files, man pages, ...? Will they conflict with the ones from openssl? If you're interested in maintaining such a package, why did you never respond to the RFH for openssl? Kurt -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712112547.ga17...@roeckx.be
Processed: your mail
Processing commands for cont...@bugs.debian.org: > owner 652029 ! Bug #652029 [wnpp] O: ddns3-client -- Issues dynamic DNS v3 requests Owner recorded as Sidharth Krishnan <91s...@gmail.com>. > retitle 652029 ITA:ddns3-client -- Issues dynamic DNS v3 requests Bug #652029 [wnpp] O: ddns3-client -- Issues dynamic DNS v3 requests Changed Bug title to 'ITA:ddns3-client -- Issues dynamic DNS v3 requests' from 'O: ddns3-client -- Issues dynamic DNS v3 requests' > thanks Stopping processing here. Please contact me if you need assistance. -- 652029: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652029 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.c.140516014826547.transcr...@bugs.debian.org
Bug#754551: ITP: node-ms -- milliseconds conversion utility
Package: wnpp Severity: wishlist Owner: Leo Iannacone X-Debbugs-CC: debian-de...@lists.debian.org * Package name: node-ms Version : 0.6.2 Upstream Author : Guillermo Rauch * URL : https://github.com/guille/ms.js * License : Expat Programming Lang: JavaScript Description : milliseconds conversion utility - Node.js module This module provides a tiny milliseconds conversion utility able to transorm a string with a valid time unit to the equivalent number of milliseconds and vice versa. . Node.js is an event-based server-side JavaScript engine. . Node.js is an event-based server-side JavaScript engine. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/53c10a02.c759b40a.5c57.9...@mx.google.com
Bug#754547: ITP: python-oslo.i18n -- Oslo Internationalization Utilities
Package: wnpp Severity: wishlist Owner: Thomas Goirand * Package name: python-oslo.i18n Version : 0.1.0 Upstream Author : OpenStack Development Mailing List * URL : https://github.com/openstack/oslo.i18n * License : Apache-2.0 Programming Lang: Python Description : Oslo Internationalization Utilities The oslo.i18n library contain utilities for working with internationalization (i18n) features, especially translation for text strings in an application or library. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712091756.9745.4070.report...@buzig.gplhost.com
Bug#754541: ITA: mrxvt
Package: wnpp Severity: normal -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712084740.7184.57369.report...@debiansid.dell-inspiron-1525
Bug#754539: ITA: vdesk
Package: wnpp Severity: normal -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712082322.6281.2111.report...@debiansid.dell-inspiron-1525
Bug#754537: ITP: python-requests-mock -- mock out responses from the requests package
Package: wnpp Severity: wishlist Owner: Thomas Goirand * Package name: python-requests-mock Version : 0.4.0 Upstream Author : Jamie Lennox * URL : https://github.com/jamielennox/requests-mock * License : Apache-2.0 Programming Lang: Python Description : mock out responses from the requests package requests-mock provides a building block to stub out the HTTP requests_ portions of your testing code. Everything in requests_ eventually goes through an adapter to do the transport work. requests-mock creates a custom adatper that allows you to predefine responses when certain URIs are called. There are then a number of methods provided to get the adapter used. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712075620.3430.55167.report...@buzig.gplhost.com
Bug#754534: ITA: b43-fwcutter -- Utility for extracting Broadcom 43xx firmware
Package: wnpp Severity: normal I intend to orphan the b43-fwcutter package. The package description is: fwcutter is a tool which can extract firmware from various source files. It's written for BCM43xx driver files. It grabs firmware for BCM43xx from website and install it. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140712073236.4228.51029.report...@debiansid.dell-inspiron-1525
