Processed: Re: Bug#794913: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP

2015-08-10 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> severity 794913 important
Bug #794913 [libphonenumber6] libphonenumber6: please use libboost-date-time 
1.57 or 1.58
Severity set to 'important' from 'normal'
> tag 794913 - security
Bug #794913 [libphonenumber6] libphonenumber6: please use libboost-date-time 
1.57 or 1.58
Removed tag(s) security.
> forcemerge 794900 794913
Bug #794900 {Done: tony mancill } [libphonenumber6] 
libphonenumber6: Uninstallable in unstable due to libstdc++6 and 
libboost-date-time1.55.0 dependency
Bug #794900 {Done: tony mancill } [libphonenumber6] 
libphonenumber6: Uninstallable in unstable due to libstdc++6 and 
libboost-date-time1.55.0 dependency
Added tag(s) sid and stretch.
Bug #794913 [libphonenumber6] libphonenumber6: please use libboost-date-time 
1.57 or 1.58
Marked Bug as done
Marked as fixed in versions libphonenumber/6.3~svn698-4.
Merged 794900 794913
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
794900: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794900
794913: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794913
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#794913: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP

2015-08-10 Thread Rene Engelhard 
severity 794913 important
tag 794913 - security
forcemerge 794900 794913
thanks

[ I am not the maintainer, but... ]

Hi,

On Sun, Aug 09, 2015 at 03:22:08PM +0200, Christoph Anton Mitterer wrote:
> Simon McVittie was so kind to disable libphonenumber6 in evolution for
> now and rebuild the package with that.
> So I guess the severity of this can be lowered again, as this doesn't
> block updating anymore :)

And

libphonenumber6 | 6.3~svn698-4| sid | amd64, arm64, armel, armhf, i386, 
powerpc, ppc64el, s390x

is fixed. No idea why the maintainer didn't close, I feel free to do so.

Regards,

Rene

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processed: Re: Bug#794913: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP

2015-08-09 Thread Debian Bug Tracking System 
Processing control commands:

> severity -1 normal
Bug #794913 [libphonenumber6] libphonenumber6: please use libboost-date-time 
1.57 or 1.58 ASAP
Severity set to 'normal' from 'critical'
> retitle -1 libphonenumber6: please use libboost-date-time 1.57 or 1.58
Bug #794913 [libphonenumber6] libphonenumber6: please use libboost-date-time 
1.57 or 1.58 ASAP
Changed Bug title to 'libphonenumber6: please use libboost-date-time 1.57 or 
1.58' from 'libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP'

-- 
794913: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794913
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#794913: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP

2015-08-09 Thread Christoph Anton Mitterer 
Control: severity -1 normal
Control: retitle -1 libphonenumber6: please use libboost-date-time 1.57 or 1.58

Simon McVittie was so kind to disable libphonenumber6 in evolution for
now and rebuild the package with that.
So I guess the severity of this can be lowered again, as this doesn't
block updating anymore :)

Cheers,
Chris.

smime.p7s
Description: S/MIME cryptographic signature
__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#794913: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP

2015-08-07 Thread jnqnfe 
Hey. Although there may not be security issues within this package
itself, and while the descriptions of severity [1] may not perfectly
cover this unfortunate scenario, an update to this package (and others)
is urgently needed in order for Sid users to be able to install
critical security patches (since rolling back the gcc5 transition
temporarily I imagine isn't going to happen); and since this bug report
is all about fixing this dependency breakage issue, I feel that it is
perfectly appropriate to raise the severity as I have in order to help
ensure that the maintainers take proper note of the urgency for which
resolution of this issue is needed. Frankly I don't give a damn if the
maintainer disagrees with the severity, they can ignore or change it,
and at least it may have helped grab their attention. I think it's
perfectly worth risking making them a little annoyed over a possibly
inappropriately set severity level if it helps to make them aware of
the security issues going on here.

Regards :)

[1] https://www.debian.org/Bugs/Developers#severities

On Sat, 2015-08-08 at 02:47 +0200, Christoph Anton Mitterer wrote:
> Hey.
> 
> I appreciate that you try to push in that matter,... but strictly
> speaking, there is no security issue in this package, and also the
> severity wouldn't be justified.
> 
> Some maintainers may not be too happy about that...
> 
> 
> Cheers,
> Chris.

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#794913: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP

2015-08-07 Thread Christoph Anton Mitterer 
Hey.

I appreciate that you try to push in that matter,... but strictly
speaking, there is no security issue in this package, and also the
severity wouldn't be justified.

Some maintainers may not be too happy about that...


Cheers,
Chris.

smime.p7s
Description: S/MIME cryptographic signature
__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#794913: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP

2015-08-07 Thread jnqnfe 
Control: severity -1 critical
Control: tags -1 + security

As described in the bug report, the libboost-date-time1.55.0 package is
incompatible with GCC5 and will not be fixed, requiring a transition to
1.57 or 1.58. Unfortunately the GCC5 transition has already been taking
place on Sid (with libstdc++6 specifying a break against libboost-date
-time1.55.0), despite libreoffice and it's libphonenumber6 and libcmis
-0.5-5 dependencies not being ready for a 1.57/1.58 transition. This
has resulted in Sid users being unable to install a bunch of updates
for the past few days, now including security updates (e.g. the CVE
-2015-4495 emergency patch to iceweasel). Hence I'm taking the liberty
of pushing up the severity on this. We need to get libreoffice and it's
dependencies transitioned to a boost 1.57/1.58 ASAP.

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Processed: Re: Bug#794913: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP

2015-08-07 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> notfound 794913 0.5.0-2
Bug #794913 [libphonenumber6] libphonenumber6: please use libboost-date-time 
1.57 or 1.58 ASAP
There is no source info for the package 'libphonenumber6' at version '0.5.0-2' 
with architecture ''
Unable to make a source version for version '0.5.0-2'
No longer marked as found in versions 0.5.0-2.
> found 794913 6.3~svn698-3+b1
Bug #794913 [libphonenumber6] libphonenumber6: please use libboost-date-time 
1.57 or 1.58 ASAP
Marked as found in versions libphonenumber/6.3~svn698-3.
> stop
Stopping processing here.

Please contact me if you need assistance.
-- 
794913: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=794913
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.

Bug#794913: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP

2015-08-07 Thread Christoph Anton Mitterer 
Subject: libphonenumber6: please use libboost-date-time 1.57 or 1.58 ASAP
Package: libphonenumber6
Version: 0.5.0-2
Severity: important


Hi.

libphonenumber6, depended upon by whole evolution, depends on
libboost-date-time1.55.0 which itself is not compatible
with the new libstdc++6 from GCC5.
Apparently this won't be reseloved (see #793222 or #794774).


That blocks upgrading to to current libstdc++6 (without removing
a large number of packages) and thus also prevents other
packages (that already depend on newer libstdc++6) with important
security updates to be installed.
  
Cheers,
Chris

smime.p7s
Description: S/MIME cryptographic signature
__
This is the maintainer address of Debian's Java team
. 
Please use
debian-j...@lists.debian.org for discussions and questions.