[Pkg-javascript-devel] Processed: limit package to libjs-jquery-tablesorter, found 731095 in 11-3
Processing commands for cont...@bugs.debian.org: > limit package libjs-jquery-tablesorter Limiting to bugs with field 'package' containing at least one of 'libjs-jquery-tablesorter' Limit currently set to 'package':'libjs-jquery-tablesorter' > # The version of this package in Debian fails for me because > jquery.tablesorter.pager.js in Debian's tablesorter is not compatible with > Debian's jquery (3.1.1-2) > found 731095 11-3 Bug #731095 [libjs-jquery-tablesorter] Please consider switching tablesorter to alternate upstream Marked as found in versions jquery-goodies/11-3. > thanks Stopping processing here. Please contact me if you need assistance. -- 731095: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731095 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
[Pkg-javascript-devel] Bug#863575: unblock: node-concat-stream/1.5.1-2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package node-concat-stream Node-concat-stream is vunerable to Uninitialized Memory Exposure (CWE-201). This was reported in bug https://bugs.debian.org/cgi- bin/bugreport.cgi?archive=no&bug=863481. This was fixed upstream, and a version of the fixing commit is included in this version as a patch. The patch has been tested with the upstream testsuite, which unfortunately has to be disabled as the testing framework (node-tape) does not exist in testing. More information can be found in the attached debdiff (between tesing & unstable), in the patch description. unblock node-concat-stream/1.5.1-2 -- System Information: Debian Release: stretch/sid APT prefers yakkety-updates APT policy: (500, 'yakkety-updates'), (500, 'yakkety-security'), (500, 'yakkety'), (100, 'yakkety-backports') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.4.0-24-generic (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) diff -Nru node-concat-stream-1.5.1/debian/changelog node-concat-stream-1.5.1/debian/changelog --- node-concat-stream-1.5.1/debian/changelog 2015-11-08 17:03:58.0 +0100 +++ node-concat-stream-1.5.1/debian/changelog 2017-05-28 16:19:49.0 +0200 @@ -1,3 +1,12 @@ +node-concat-stream (1.5.1-2) unstable; urgency=high + + * Apply upstream fix for Uninitialized Memory Exposure weakness CWE-201 +(Closes: #863481) + * Use stretch git branch + * Use Ubuntu email address + + -- Ross Gammon Sun, 28 May 2017 16:19:49 +0200 + node-concat-stream (1.5.1-1) unstable; urgency=low * Initial release (Closes: #796351) diff -Nru node-concat-stream-1.5.1/debian/control node-concat-stream-1.5.1/debian/control --- node-concat-stream-1.5.1/debian/control 2015-11-08 17:03:58.0 +0100 +++ node-concat-stream-1.5.1/debian/control 2017-05-28 16:19:49.0 +0200 @@ -2,13 +2,13 @@ Section: web Priority: optional Maintainer: Debian Javascript Maintainers -Uploaders: Ross Gammon +Uploaders: Ross Gammon Build-Depends: debhelper (>= 9), dh-buildinfo, nodejs Standards-Version: 3.9.6 Homepage: https://github.com/maxogden/concat-stream#readme -Vcs-Git: git://anonscm.debian.org/pkg-javascript/node-concat-stream.git +Vcs-Git: git://anonscm.debian.org/pkg-javascript/node-concat-stream.git -b stretch Vcs-Browser: https://anonscm.debian.org/cgit/pkg-javascript/node-concat-stream.git Package: node-concat-stream diff -Nru node-concat-stream-1.5.1/debian/gbp.conf node-concat-stream-1.5.1/debian/gbp.conf --- node-concat-stream-1.5.1/debian/gbp.conf 2015-11-08 17:03:58.0 +0100 +++ node-concat-stream-1.5.1/debian/gbp.conf 2017-05-28 16:19:49.0 +0200 @@ -6,7 +6,7 @@ # The default name for the Debian branch is "master". # Change it if the name is different (for instance, "debian/unstable"). -debian-branch = master +debian-branch = stretch # git-import-orig uses the following names for the upstream tags. # Change the value if you are not using git-import-orig diff -Nru node-concat-stream-1.5.1/debian/patches/series node-concat-stream-1.5.1/debian/patches/series --- node-concat-stream-1.5.1/debian/patches/series 2015-11-08 17:03:58.0 +0100 +++ node-concat-stream-1.5.1/debian/patches/series 2017-05-28 16:19:49.0 +0200 @@ -1 +1,2 @@ readable-stream.patch +to-string_numbers.patch diff -Nru node-concat-stream-1.5.1/debian/patches/to-string_numbers.patch node-concat-stream-1.5.1/debian/patches/to-string_numbers.patch --- node-concat-stream-1.5.1/debian/patches/to-string_numbers.patch 1970-01-01 01:00:00.0 +0100 +++ node-concat-stream-1.5.1/debian/patches/to-string_numbers.patch 2017-05-28 16:19:49.0 +0200 @@ -0,0 +1,81 @@ +Description: to-string numbers written to the stream + Node-concat-stream is vulnerable to Uninitialized Memory Exposure. This + possible memory disclosure vulnerability exists when a value of type number + is provided to the stringConcat() method and results in concatination of + uninitialized memory to the stream collection. + This is a result of unobstructed use of the Buffer constructor, whose + insecure default constructor increases the odds of memory leakage. + See https://snyk.io/vuln/npm:concat-stream:20160901 for further details. +Origin: upstream, https://github.com/maxogden/concat-stream/ +Bug: https://github.com/maxogden/concat-stream/issues/55 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863481 +Applied-Upstream: https://github.com/maxogden/concat-stream/pull/47/commits/3e285ba5e5b10b7c98552217f5c1023829efe69e +Last-Update: 2017-05-28 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- node-concat-stream.orig/index.js node-concat-stream/index.js +@@ -73,6 +73,10 @@ + return /Array\]$/.test(Object.prototype.toString.call(arr)) + } + ++function isBufferish (p) { ++ return
[Pkg-javascript-devel] node-stream-array_1.1.2-1_amd64.changes ACCEPTED into unstable, unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Mon, 22 May 2017 15:57:53 +0530 Source: node-stream-array Binary: node-stream-array Architecture: source all Version: 1.1.2-1 Distribution: unstable Urgency: low Maintainer: Debian Javascript Maintainers Changed-By: Pirate Praveen Description: node-stream-array - Pipe an Array through Node.js streams Closes: 863120 Changes: node-stream-array (1.1.2-1) unstable; urgency=low . * Initial release (Closes: #863120) Checksums-Sha1: 96f4a98998e409fbc45e47577343c60126cb6548 2166 node-stream-array_1.1.2-1.dsc 839043c693cc9fc4120632460cba01a0651fa9c7 3799 node-stream-array_1.1.2.orig.tar.gz 7526b6c447d9297d30f86e782039011feb4e9a0d 2244 node-stream-array_1.1.2-1.debian.tar.xz b53ea6c5114ed368963eaab0e8a14e3659e7578b 3930 node-stream-array_1.1.2-1_all.deb 4395461393beb1074a04954f60d25c3005afde8b 6256 node-stream-array_1.1.2-1_amd64.buildinfo Checksums-Sha256: 45e47b690c0d0406d087dd572d52de68037328c4f7279ee848ee797da4471c75 2166 node-stream-array_1.1.2-1.dsc 235d19fd09aad84e30342308f2478836b251306243a6b10a055aab9dbce6ccce 3799 node-stream-array_1.1.2.orig.tar.gz 5f9e4cee67a3718f24ce446093bcbcd8dc8d3851afcbb46307c0c1d61078ebb0 2244 node-stream-array_1.1.2-1.debian.tar.xz 02db59a997bf2f2e8383e8357bbd2c5a152d152d15e8790a631fd80464bce421 3930 node-stream-array_1.1.2-1_all.deb 677ade384d1a5808ee6d51cd8118e4721f6092f33a10d730321d68d2f1aa3b66 6256 node-stream-array_1.1.2-1_amd64.buildinfo Files: 5267fe3bf2d6263a4bda84c84778762c 2166 web optional node-stream-array_1.1.2-1.dsc a1844d7f95da9db476dbfb7499c43b0b 3799 web optional node-stream-array_1.1.2.orig.tar.gz 13dcfdbebb156542643e38a1366cf9df 2244 web optional node-stream-array_1.1.2-1.debian.tar.xz e053a84ec7d126cc53d0767173c40287 3930 web optional node-stream-array_1.1.2-1_all.deb f285f2f6918525399945adb9c388132f 6256 web optional node-stream-array_1.1.2-1_amd64.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEKnl0ri/BUtd4Z9pKzh+cZ0USwioFAlkiwTIACgkQzh+cZ0US wiqGew//YYsADcsOz45GSo1wGJKNn3/C8irRRi3tJ0+J7t1G6ntt+DbpPtWcl0rf pBTyZWF4v/YXTWRdrWeLnbrsQ8fd+ILP0BazZnYs1RRETfkkwFWcDwhWRHR5kc+q B5qrNascmvI2U5UwSUe/uVsovQGGY5WBm9UDNvwPc1EhPb6NX22jBcSugblfhZhU 4MzVr35Ai4LESUe9xoRrVoAtVZxlheT/LS/iw0oJqm5f/CRnlc8Bwafx1flKwD8w YtQQ23MVeK1Dvxc/Vf0UmfibI4Xqrhy4FP0eq2qN0NC6PW9w9+yUl2uxNzC2vE8U suMbrWdlhxWg/WmVIaAJSlWC75EAqzMu/4EzLHr4UixG8QQdn+68n5JVAPQfE3Pk YnGC5HIUPCpSFFtDEC3gJQvtzWfdwnVxwRDDKifh9/ARmTE1wYJiIxuWbt4ZTSfr sdy5wnftopSEnlZQg3B14VJ73VVI2XHVGS385e0vgZHpwseDBBfhnPPJYmr0z+Qk y46Lw1/m7wL7FPyV3jucl2gcco8KfSfGAbm3Lq3GFbN56EnUQ3Uk7QBM3a7HDp/i RV68BzzdcBCMjLEOnlGoRUkzreXIrl9gnoWyLhWt0HVJHcHJfgjeizfph8d/c4fT X0JDQeaUKntwochYTaKaqaK6Os0d1oVCjJvRETpSuvUduO9gmtw= =FrRE -END PGP SIGNATURE- Thank you for your contribution to Debian. -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
[Pkg-javascript-devel] Bug#863481: marked as done ([node-concat-stream] Uninitialized Memory Exposure)
Your message dated Sun, 28 May 2017 18:18:33 + with message-id and subject line Bug#863481: fixed in node-concat-stream 1.5.1-2 has caused the Debian Bug report #863481, regarding [node-concat-stream] Uninitialized Memory Exposure to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 863481: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863481 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: node-concat-stream Version: 1.5.1-1 Severity: grave Tags: patch security fixed-upstream fixed-in-experimental X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org forwarded: https://snyk.io/vuln/npm:concat-stream:20160901 Overview concat-stream is writable stream that concatenates strings or binary data and calls a callback with the result. Affected versions of the package are vulnerable to Uninitialized Memory Exposure. A possible memory disclosure vulnerability exists when a value of type number is provided to the stringConcat() method and results in concatination of uninitialized memory to the stream collection. This is a result of unobstructed use of the Buffer constructor, whose insecure default constructor increases the odds of memory leakage. signature.asc Description: This is a digitally signed message part. --- End Message --- --- Begin Message --- Source: node-concat-stream Source-Version: 1.5.1-2 We believe that the bug you reported is fixed in the latest version of node-concat-stream, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 863...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ross Gammon (supplier of updated node-concat-stream package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 28 May 2017 16:19:49 +0200 Source: node-concat-stream Binary: node-concat-stream Architecture: source Version: 1.5.1-2 Distribution: unstable Urgency: high Maintainer: Debian Javascript Maintainers Changed-By: Ross Gammon Description: node-concat-stream - writable stream that concatenates strings Closes: 863481 Changes: node-concat-stream (1.5.1-2) unstable; urgency=high . * Apply upstream fix for Uninitialized Memory Exposure weakness CWE-201 (Closes: #863481) * Use stretch git branch * Use Ubuntu email address Checksums-Sha1: 7f4787bb95c36d6f76ea569a31afd81db798adfb 2086 node-concat-stream_1.5.1-2.dsc f87920b89e12d1c2612f6112ea5b7589e45f8c05 3688 node-concat-stream_1.5.1-2.debian.tar.xz 613ca2b2000d4e010bdc22d60cef4d956a0f2b60 4470 node-concat-stream_1.5.1-2_source.buildinfo Checksums-Sha256: 3e6a7e63ac32de60027497a65fd4381a75a628c6d0ab3850835abcc648f3ad14 2086 node-concat-stream_1.5.1-2.dsc c9e4aee1134fa86470d33cd96f23142856ec97cf66c792aa66845399c9f3f5ec 3688 node-concat-stream_1.5.1-2.debian.tar.xz 6b4269f8e7cf5004a381760d6c13601c78e25480fe85515e3792c7182c60b819 4470 node-concat-stream_1.5.1-2_source.buildinfo Files: 37f094fe1d17acfd9cebf4d100448267 2086 web optional node-concat-stream_1.5.1-2.dsc 998cd9f11f3789a60911885de84acfa2 3688 web optional node-concat-stream_1.5.1-2.debian.tar.xz 2d7cf31b12bebbbf04c740ae22950b31 4470 web optional node-concat-stream_1.5.1-2_source.buildinfo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJZKw1ZAAoJEHM+a/k86PbZ4bIP/i0wRHAMIDp4VhfDkSp4nEMC onjNF1AuuSB1FH52EgTORIsvbi3FKeZMgXL2fzSp9n/OjZUUFhb7hdEPQSSYSU4N w0rOW15fj4tA1Jw/900cr2zigMkcQF+m+HYp8Zt4yEWTG0tOdvnR8FV7GG+bcERt P16Agka91uHuw+sKuWBnjHXkfipMXi+S33iO1noaWotGa0CY+ftE5yqYcIc1KMet kjZgIrBswjgGYwA+77Rvfw38VbKAxhXtwF2fqAMmz8PSLorK+9dg4GEsl3ATZZmF HNsFmovEr5M7ULn19/bo+zeTRkGG/I8hXohYR1rqTU9hwB9aLSlPJPyLt0kT5E3h m/6MCIq5sl8hs/YYPfRkLAqGh8qOlAJfwkXQdgPY1u39OCEMXcLPStq5vtMJ1gpL PcSH7o/6g3v6CuLKaR1mTFBbeXZdDOjGEup89ByC1xhC/XVTziuYhsWUN0m8xTEM 8FqZrKO9hutGFjhSdfzdD58i2oISewuRxrIDFJ58U0WX6W5zb14zLNfLHFsR3pXK YDZFG8SsDtuFZrLioS4gt9MdTpGyzPleJHn9p0Gt/2mYC/KZJrRNLXvlXHe/2++v ui260xlF9z/lBre16g2Kj3QqkNN0iWSiGefS0cxg4EBDbOAVqqeFhumoqQWoH7j7 dLfPfvURcnumTQ0E8+uz =cL0d -END PGP SIGNATURE End Message --- -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pk
[Pkg-javascript-devel] node-concat-stream_1.5.1-2_source.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 28 May 2017 16:19:49 +0200 Source: node-concat-stream Binary: node-concat-stream Architecture: source Version: 1.5.1-2 Distribution: unstable Urgency: high Maintainer: Debian Javascript Maintainers Changed-By: Ross Gammon Description: node-concat-stream - writable stream that concatenates strings Closes: 863481 Changes: node-concat-stream (1.5.1-2) unstable; urgency=high . * Apply upstream fix for Uninitialized Memory Exposure weakness CWE-201 (Closes: #863481) * Use stretch git branch * Use Ubuntu email address Checksums-Sha1: 7f4787bb95c36d6f76ea569a31afd81db798adfb 2086 node-concat-stream_1.5.1-2.dsc f87920b89e12d1c2612f6112ea5b7589e45f8c05 3688 node-concat-stream_1.5.1-2.debian.tar.xz 613ca2b2000d4e010bdc22d60cef4d956a0f2b60 4470 node-concat-stream_1.5.1-2_source.buildinfo Checksums-Sha256: 3e6a7e63ac32de60027497a65fd4381a75a628c6d0ab3850835abcc648f3ad14 2086 node-concat-stream_1.5.1-2.dsc c9e4aee1134fa86470d33cd96f23142856ec97cf66c792aa66845399c9f3f5ec 3688 node-concat-stream_1.5.1-2.debian.tar.xz 6b4269f8e7cf5004a381760d6c13601c78e25480fe85515e3792c7182c60b819 4470 node-concat-stream_1.5.1-2_source.buildinfo Files: 37f094fe1d17acfd9cebf4d100448267 2086 web optional node-concat-stream_1.5.1-2.dsc 998cd9f11f3789a60911885de84acfa2 3688 web optional node-concat-stream_1.5.1-2.debian.tar.xz 2d7cf31b12bebbbf04c740ae22950b31 4470 web optional node-concat-stream_1.5.1-2_source.buildinfo -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBCgAGBQJZKw1ZAAoJEHM+a/k86PbZ4bIP/i0wRHAMIDp4VhfDkSp4nEMC onjNF1AuuSB1FH52EgTORIsvbi3FKeZMgXL2fzSp9n/OjZUUFhb7hdEPQSSYSU4N w0rOW15fj4tA1Jw/900cr2zigMkcQF+m+HYp8Zt4yEWTG0tOdvnR8FV7GG+bcERt P16Agka91uHuw+sKuWBnjHXkfipMXi+S33iO1noaWotGa0CY+ftE5yqYcIc1KMet kjZgIrBswjgGYwA+77Rvfw38VbKAxhXtwF2fqAMmz8PSLorK+9dg4GEsl3ATZZmF HNsFmovEr5M7ULn19/bo+zeTRkGG/I8hXohYR1rqTU9hwB9aLSlPJPyLt0kT5E3h m/6MCIq5sl8hs/YYPfRkLAqGh8qOlAJfwkXQdgPY1u39OCEMXcLPStq5vtMJ1gpL PcSH7o/6g3v6CuLKaR1mTFBbeXZdDOjGEup89ByC1xhC/XVTziuYhsWUN0m8xTEM 8FqZrKO9hutGFjhSdfzdD58i2oISewuRxrIDFJ58U0WX6W5zb14zLNfLHFsR3pXK YDZFG8SsDtuFZrLioS4gt9MdTpGyzPleJHn9p0Gt/2mYC/KZJrRNLXvlXHe/2++v ui260xlF9z/lBre16g2Kj3QqkNN0iWSiGefS0cxg4EBDbOAVqqeFhumoqQWoH7j7 dLfPfvURcnumTQ0E8+uz =cL0d -END PGP SIGNATURE- Thank you for your contribution to Debian. -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
[Pkg-javascript-devel] Processing of node-concat-stream_1.5.1-2_source.changes
node-concat-stream_1.5.1-2_source.changes uploaded successfully to localhost along with the files: node-concat-stream_1.5.1-2.dsc node-concat-stream_1.5.1-2.debian.tar.xz node-concat-stream_1.5.1-2_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
[Pkg-javascript-devel] node-create-hmac_1.1.4-2_source.changes REJECTED
node-create-hmac_1.1.4-2.dsc: Invalid size hash for node-create-hmac_1.1.4.orig.tar.gz: According to the control file the size hash should be 1990, but node-create-hmac_1.1.4.orig.tar.gz has 1978. If you did not include node-create-hmac_1.1.4.orig.tar.gz in your upload, a different version might already be known to the archive software. === Please feel free to respond to this email if you don't understand why your files were rejected, or if you upload new files which address our concerns. -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
[Pkg-javascript-devel] Processing of node-create-hmac_1.1.4-2_source.changes
node-create-hmac_1.1.4-2_source.changes uploaded successfully to localhost along with the files: node-create-hmac_1.1.4-2.dsc node-create-hmac_1.1.4-2.debian.tar.xz node-create-hmac_1.1.4-2_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
[Pkg-javascript-devel] Processing of node-create-hmac_1.1.4-2_source.changes
node-create-hmac_1.1.4-2_source.changes uploaded successfully to localhost along with the files: node-create-hmac_1.1.4-2.dsc node-create-hmac_1.1.4-2.debian.tar.xz node-create-hmac_1.1.4-2_amd64.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
[Pkg-javascript-devel] node-readable-stream_2.2.9-1_amd64.changes is NEW
binary:node-readable-stream is NEW. binary:node-readable-stream is NEW. source:node-readable-stream is NEW. Your package has been put into the NEW queue, which requires manual action from the ftpteam to process. The upload was otherwise valid (it had a good OpenPGP signature and file hashes are valid), so please be patient. Packages are routinely processed through to the archive, and do feel free to browse the NEW queue[1]. If there is an issue with the upload, you will receive an email from a member of the ftpteam. If you have any questions, you may reply to this email. [1]: https://ftp-master.debian.org/new.html or https://ftp-master.debian.org/backports-new.html for *-backports -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
[Pkg-javascript-devel] Processing of node-readable-stream_2.2.9-1_amd64.changes
node-readable-stream_2.2.9-1_amd64.changes uploaded successfully to localhost along with the files: node-readable-stream_2.2.9-1.dsc node-readable-stream_2.2.9.orig.tar.gz node-readable-stream_2.2.9-1.debian.tar.xz node-readable-stream_2.2.9-1_all.deb node-readable-stream_2.2.9-1_amd64.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
Re: [Pkg-javascript-devel] Bug#863481: Bug#863481: [node-concat-stream] Uninitialized Memory Exposure
Hi Bastien, On 05/27/2017 09:47 PM, roucaries bastien wrote: > I can do it but I do not know that is the best: > - let 1.6 go to unstable > - patch old version > > Could you ask release team. > > The debdiff between the two version is so small that I have doubt > I had almost finished the email to the release team, when I did some final checks. And whilst I agree the unrelated changes upstream are very small, I unfortunately enabled the testsuite in 1.6 (in experimental) now that node-tape is available in unstable. As node-tape is not available in testing (stretch), I would have to disable the tests when moving to unstable. All in all, I think it will be easier to create a stretch branch in git & add a patch which will also make the unblocking process easier. I will work on that today. But if I run out of time, please feel free to take it forward. Regards, Ross -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel
[Pkg-javascript-devel] RFS: node-raw-loader -- raw loader module for webpack
Hello, I've finished packaging node-raw-loader (a dependency of webpack; ITP #863466), and I'm currently looking for a sponsor for it. If anyone is interested, please let me know! Alioth SCM: https://anonscm.debian.org/cgit/pkg-javascript/node-raw-loader.git/ Package DSC (mentors.debian.net): https://mentors.debian.net/debian/pool/main/n/node-raw-loader/node-raw-loader_0.5.1-1.dsc Sincerely, Daniel Ring -- Pkg-javascript-devel mailing list Pkg-javascript-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel