Package: wnpp
Severity: wishlist
Owner: Alessandro Ghedini
* Package name: honggfuzz
Version : 1.9
Upstream Author : Robert Swiecki
* URL : https://github.com/google/honggfuzz
* License : Apache 2.0
Programming Lang: C
Description : security oriented
Package: kcov
Severity: important
Hello,
The kcov package appears to not be maintained anymore (several RC bugs, very old
upstream version, ...) so I intend to take over its maintainance as per the
package salvaging procedure outlined in the Developer's Reference [0].
Please let me know if you o
Control: forwarded -1 https://github.com/curl/curl/pull/4111
Control: tags -1 pending
On Wed, Apr 03, 2019 at 09:48:15PM +, Bjarni Ingi Gislason wrote:
> Package: curl
> Version: 7.64.0-2
> Severity: normal
> Tags: patch
>
> Dear Maintainer,
>
>* What led up to the situation?
>
> Warnin
On Sat, Apr 20, 2019 at 01:39:36PM +0200, Guillem Jover wrote:
> Source: curl
> Source-Version: 7.64.0-2
> Severity: serious
> Control: affects -1 rtorrent
>
> Hi!
Hello,
> I've started noticing rtorrent busy-looping at some points after
> finishing a torrent. stracing and gdb'ing the process it
7.64.0/debian/changelog 2019-02-06 22:33:05.0 +
+++ curl-7.64.0/debian/changelog 2019-03-07 20:02:35.0 +
@@ -1,3 +1,9 @@
+curl (7.64.0-2) unstable; urgency=medium
+
+ * Fix infinite loop when fetching URLs with unreachable IPv6 (Closes: #922554)
+
+ -- Alessandro Ghedini
forwarded -1 https://github.com/curl/curl/pull/3528
kthxbye
On Tue, Feb 05, 2019 at 01:58:50PM -0400, David Bremner wrote:
> Package: curl
> Version: 7.63.0-1
> Severity: normal
>
> Seen on #zsh / arch, verified also present in Debian; presumably an upstream
> bug.
>
> ╭─ rocinante:~
> ╰─% cur
On Sun, Dec 09, 2018 at 04:28:00PM -0500, Boyuan Yang wrote:
> X-Debbugs-CC: gh...@debian.org
>
> Hi Alessandro,
Hello,
> On Thu, 08 Jun 2017 18:38:55 +0200 "W. Martin Borgert" <
> deba...@debian.org> wrote:
> > Package: xclip
> > Version: 0.12+svn84-4
> > Severity: wishlist
> >
> > Upstream mo
On Wed, Nov 28, 2018 at 07:19:25PM +, Witold Baryluk wrote:
> Package: curl
> Version: 1.1.1a-1
> Severity: important
>
>
> Hi,
>
> I discovered that during test with curl, that curl in Debian doesn't support
> TLSv1.3.
It works for me:
% curl --tlsv1.3 -vso /dev/null https://www.cloudfl
On Thu, Nov 01, 2018 at 08:01:24PM +, Luca Boccassi wrote:
> Control: tags -1 patch
>
> On Tue, 12 Apr 2016 17:11:45 +1200 Jeremy Kuek com> wrote:
> > Package: libcurl3
> > Version: 7.38.0-4+deb8u3
> > Severity: wishlist
> >
> > Dear Maintainer,
> >
> > My system has 2 network interfaces, o
On Thu, Sep 20, 2018 at 09:09:39PM +0200, Jean Baptiste Favre wrote:
> Source: jansson
> Severity: wishlist
>
> Dear Maintainer,
>
> Next release of trafficserver provides a plugin depending on jansson.
> Currently, jansson seems to be built staticaly:
>
> checking jansson.h usability... yes
> c
Package: wnpp
Severity: normal
I intend to orphan the hsetroot package since I don't use thi myself anymore.
You can find the sources on salsa:
https://salsa.debian.org/debian/hsetroot
The package description is:
hsetroot is a tool which allows you to compose wallpapers ("root pixmaps")
for X.
On Wed, Jul 18, 2018 at 05:47:58PM +0200, Ansgar Burchardt wrote:
> Hi,
>
> I can confirm that the patch referenced at [1] seems to fix the problem
> (upstream commit 64aa729bfae71561505a40c12755bd6b55bb3061).
>
> I'll try to prepare a NMU for valgrind; maybe already this evening if I
> have time
On Thu, Jun 28, 2018 at 09:55:01PM -0300, Adilson dos Santos Dantas wrote:
> Package: upower
> Version: 0.99.8-1
> Severity: important
>
> Dear Maintainer,
>
> After upgrading upower to 0.99.8-1, my KDE power saving settings stops
> working.
> There is no reaction when I unplug and plug back my
On Mon, May 28, 2018 at 01:09:14PM +0200, Emilio Pozuelo Monfort wrote:
> Control: tags -1 - confirmed
>
> On 23/05/18 13:07, Emilio Pozuelo Monfort wrote:
> > On 23/04/18 20:38, Emilio Pozuelo Monfort wrote:
> >> On 01/03/18 22:31, Alessandro Ghedini wrote:
> >
On Thu, Mar 01, 2018 at 09:31:20PM +, Alessandro Ghedini wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: transition
>
> Hello,
>
> I'd like to request a transition for curl in order to unblock t
On Sat, Feb 24, 2018 at 12:50:41PM +, Alessandro Ghedini wrote:
> On Wed, Feb 21, 2018 at 11:14:24AM -0800, Steve Langasek wrote:
> > Hi again,
> >
> > On Tue, Feb 20, 2018 at 06:16:34PM -0800, Steve Langasek wrote:
> > > So, despite Julien's valid objectio
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hello,
I'd like to request a transition for curl in order to unblock the migration
to OpenSSL 1.1 (#871056). This is necessary due to the fact that the curl ABI
exposes a structure inher
Control: owner -1 !
Since there hasn't been an update in over a year, I'm going to reassign this
ticket to myself. I already uploaded the initial version to NEW. For those
interested, here is the salsa repo:
https://salsa.debian.org/debian/universal-ctags
Btw, I'm open to co-maintaining this w
On Wed, Feb 21, 2018 at 11:14:24AM -0800, Steve Langasek wrote:
> Hi again,
>
> On Tue, Feb 20, 2018 at 06:16:34PM -0800, Steve Langasek wrote:
> > So, despite Julien's valid objection that core library conflicts cause
> > dist-upgrades to be more brittle, I think the right answer here is:
>
> >
Package: wnpp
Severity: normal
I intend to orphan the xcompmgr package since I do not use it anymore.
The package description is:
xcompmgr is the standard composition manager for the X Composite extension,
which allows clients to modify what is drawn to the screen before it
happens. This comp
On Sun, Dec 17, 2017 at 11:16:29PM +0200, Adrian Bunk wrote:
> On Fri, Dec 08, 2017 at 05:44:55PM +0100, Ondřej Surý wrote:
> > Hi,
> >
> > just innocent bystander here with an observation:
> >
> > These two options:
> >
> > a)
> > > I do agree it's the correct solution though, and it would be a
On Sat, Dec 02, 2017 at 06:09:39PM +0100, Julien Cristau wrote:
> On Thu, Nov 23, 2017 at 15:49:26 +, Ian Jackson wrote:
> > Reasons I am aware that it *might* be a bad idea are:
> >
> > 1. libcurl exposes parts of the openssl ABI, via
> >CURLOPT_SSL_CTX_FUNCTION, and this would be an impl
On Thu, Nov 23, 2017 at 07:10:51PM +, Ian Jackson wrote:
> Adrian Bunk writes ("Re: Proposed (lib)curl switch to openssl 1.1"):
> > What I suggest above would be a transition that should be coordinated
> > with the release team like other transitions.
>
> I'm not 100% opposed to doing this as
Package: wnpp
Severity: normal
I don't quite have the time or interest to continue maintaining this, so I
request an adopter for the imlib2 package.
The package description is:
Imlib2 is a library that does image file loading and saving as well as
rendering, manipulation, arbitrary polygon supp
Package: wnpp
Severity: wishlist
Owner: Alessandro Ghedini
* Package name: pulsemixer
Version : 1.3.0
Upstream Author : George Filipkin
* URL : https://github.com/GeorgeFilipkin/pulsemixer
* License : MIT
Programming Lang: Python
Description : command
On Sat, Sep 09, 2017 at 04:11:59PM +0100, Wookey wrote:
> Package: curl
> Version: 7.52.1-5
> Severity: normal
> Tags: patch
>
> curl needs dh-exec to build, because curl.install is
> #!/usr/bin/dh-exec
> usr/bin/curl
> usr/share/zsh/*
Don't know where this comes from, but that's not the content
On Sun, Aug 20, 2017 at 11:01:28AM -0400, John David Anglin wrote:
> Package: curl
> Version: 7.52.1-5
> Followup-For: Bug #872502
>
> Dear Maintainer,
>
> See buildd log here:
> https://buildd.debian.org/status/fetch.php?pkg=curl&arch=hppa&ver=7.55.0-1&stamp=1503192493&raw=0
>
> "|| defined(__h
On Sun, Mar 12, 2017 at 02:11:48PM +, Alessandro Ghedini wrote:
> On Fri, Mar 03, 2017 at 09:41:03AM +0100, lcf wrote:
> > Package: curl
> > Version: 7.52.1-3
> > Severity: important
> >
> > Dear Maintainer,
> >
> > When establishing https connect
On Fri, Mar 03, 2017 at 09:41:03AM +0100, lcf wrote:
> Package: curl
> Version: 7.52.1-3
> Severity: important
>
> Dear Maintainer,
>
> When establishing https connection X.509 certificates using md5RSA should be
> rejected and connection should be terminated.
>
> curl 7.52.1 can do that, when i
On Tue, Nov 22, 2016 at 09:06:05AM +, Debian Bug Tracking System wrote:
> iptables (1.6.0+snapshot20161117-3) unstable; urgency=medium
> .
>* [21fdc57] libxtables12: breaks and replaces libxtables11 (Closes:
> #845278)
This isn't actually fixed, "<<" doesn't mean what you think it m
Package: node-grunt-cli
Version: 1.2.0-1
Severity: grave
Justification: renders package unusable
Hello,
when trying to install the package I get:
The following packages have unmet dependencies:
node-grunt-cli : Depends: node-findup-sync (>= 0.3.0) but 0.1.3-1 is to be
installed
E: Unable
On Sun, Oct 02, 2016 at 07:31:17PM +0200, Guido Günther wrote:
> On Sun, Oct 02, 2016 at 11:42:49AM +0100, Alessandro Ghedini wrote:
> > Package: git-buildpackage
> > Version: 0.8.4
> > Severity: normal
> >
> > Hello,
> >
> > I have the following
Package: git-buildpackage
Version: 0.8.4
Severity: normal
Hello,
I have the following values in my gbp.conf:
[DEFAULT]
...
export-dir = ~/devel/debian/build-area
tarball-dir = ~/devel/debian/build-area
However when building a package I now get:
% gbp buildpackage --git-
ream, encoding=encoding)
> AttributeError: 'file' object has no attribute 'readable'
> gpg: Signature made Sat 03 Sep 2016 12:33:10 BST
> gpg:using RSA key 6F0CCBE021624728
> gpg:issuer "gh...@debian.org"
> gpg: Good signature
> [..]
>
> The full build log (including tcpdump output) is attached.
Possible patch attached, could you please test it?
Thanks
From dcb559a161960ff387d2b1552ec4c81b54db4554 Mon Sep 17 00:00:00 2001
From: Alessandro Ghedini
Date: Sun, 28 Aug 2016 14:45:15 +0100
Subject: [PATCH 1/2] D
On Tue, Aug 02, 2016 at 06:52:39PM +0100, Alessandro Ghedini wrote:
> and when building the keyrings from the git repository it appears four times:
>
> % gpg2 --no-default-keyring --keyring output/keyrings/debian-keyring.gpg
> --list-keys gh...@debian.org
> pub rsa4096/AFA51B
rsa4096/AFA51BD6CDE573CB 2010-10-29 [SC]
uid [ unknown] Alessandro Ghedini
uid [ unknown] Alessandro Ghedini
uid [ unknown] Alessandro Ghedini
sub rsa4096/386B706D9A7BDF04 2010-10-29 [E]
sub ed25519/1730268A0D03529E 2015-09-23 [A]
sub
On Wed, Jul 06, 2016 at 11:15:44am +0200, gustavo panizzo wrote:
> > * I think the examples/ directory should be included in the package but
> >installed as examples files. See dh_installexamples(1) for more
> > information,
> >but basically you'd need to create an *.examples file under d
On Mon, Jul 04, 2016 at 09:52:50AM +0200, gustavo panizzo wrote:
> On Mon, Jul 04, 2016 at 12:57:47AM +0100, Alessandro Ghedini wrote:
> >
> > Any news about this? I'd be interested in using such package :)
> >
> > Cheers
>
> Packaging is ready wa
Hello,
On Mon, Dec 28, 2015 at 02:04:06pm +0800, gustavo panizzo wrote:
> Package: wnpp
> Severity: wishlist
> Owner: gustavo panizzo
>
> * Package name: golang-github-docopt-docopt-go
> Version : 0.6.1
> Upstream Author : Keith Batten
> * URL : http://docopt.org
> *
On Sat, Apr 09, 2016 at 10:03:08am +, Mateusz Łukasik wrote:
> tag 816973 pending
> thanks
>
> Hello,
>
> Bug #816973 reported by you has been fixed in the Git repository. You can
> see the changelog below, and you can check the diff of the fix at:
>
> http://git.debian.org/?p=pkg-multi
On Sun, Jan 03, 2016 at 05:30:58PM +0800, Tianming Xie wrote:
> Package: mpv
> Version: 0.14.0-1
> Severity: normal
>
> Dear Maintainer,
>
> After upgraded to the current version, mpv can never load external ASS
> subtitle
> file any more, neither a subtitle file located beside the corresponding
On Fri, Jan 08, 2016 at 01:31:48PM +1100, Martin Schwenke wrote:
> Package: valgrind
> Version: 1:3.11.0-1
> Severity: important
>
> When I run valgrind against anything, I see warnings like this:
>
> $ valgrind -q /bin/echo
> --14923-- WARNING: Serious error when reading debug info
> --14923-- W
On Fri, Oct 23, 2015 at 03:25:53PM +0200, Mathieu Malaterre wrote:
> Package: valgrind
> Version: 1:3.11.0-1
> Tags: upstream
>
> Seems like gcc 5 is doing something funky
> (/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21):
>
> ==3674==
> ==3674== HEAP SUMMARY:
> ==3674== in use at exit: 72,70
On Fri, Oct 23, 2015 at 05:06:17PM +1100, Sylvain BERTRAND wrote:
> Package: mpv
> Version: 0.6.2-2
>
> mpv fill memory while playing a vp9/opus/webm video file.
> totem is fine, it seems mpv is fine while playing an avc/aac/mp4 video file.
It's probably a ffmpeg issue, but could you upload somew
On Fri, Dec 04, 2015 at 05:52:36PM +0100, gregor herrmann wrote:
> On Wed, 02 Dec 2015 17:20:31 +0100, Sylvestre Ledru wrote:
>
> > >> Does this make sense? (Adding Alessandro as well as both upstream and
> > >> DD.)
> > > That's even better, indeed! Sylvestre can better comment on the approach,
On Thu, Oct 29, 2015 at 07:52:23pm +, luca wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Dear release team,
>
> We would like to update libvdpau in jessie to address a segmentation fault in
> a
> parti
On Tue, Oct 06, 2015 at 05:14:15PM +0100, Luca Boccassi wrote:
> On Tue, 2015-10-06 at 14:18 +0200, Svante Signell wrote:
> >
> > Currently czmq is not available for GNU/Hurd due to an unsupported OS
> > error and a build dependency on zeromq3.
> >
> > zeromq3 FTBFS due to an unsupported OS error
Control: tags - fixed-upstream
On Sun, Sep 27, 2015 at 11:08:14am -0500, Herminio Hernandez Jr. wrote:
> I tried with both option and video playback was extremely slow and out of sync
> with the audio. Below is the output I got.
So, even with --hwdec=no mpv decides to fallback to vo=sdl and the e
On Wed, Sep 30, 2015 at 10:05:09PM +0200, Tomasz Buchert wrote:
> On 30/09/15 21:31, Alessandro Ghedini wrote:
> > On Wed, Sep 30, 2015 at 01:00:55pm +0200, Tomasz Buchert wrote:
> > > Package: curl
> > > Version: 7.44.0-2
> > > Severity: normal
> > >
On Wed, Sep 30, 2015 at 01:00:55pm +0200, Tomasz Buchert wrote:
> Package: curl
> Version: 7.44.0-2
> Severity: normal
>
> Hi,
> curl --http2 does not work for me.
Works fine here with e.g. https://www.google.com, https://http2.golang.org and
https://http2.cloudflare.com.
> I have nghttpx proxy
On Sat, Sep 26, 2015 at 05:18:01pm -0500, Herminio Hernandez Jr wrote:
> Package: mpv
> Version: 0.11.0-1
> Severity: normal
>
> Dear Maintainer,
>
> I am can no longer play videos on mplayer with the --vo x11 option. I am
> running Sid on PowerPC and the video card I have crashes when I have har
On Fri, Sep 25, 2015 at 11:45:09am +0200, Raphaël Hertzog wrote:
> Package: valgrind
> Version: 1:3.10.1-4
> Severity: wishlist
> User: de...@kali.org
> Usertags: origin-kali
>
> Hello,
>
> I just noticed[1] that there's a new upstream version of valgrind:
> http://valgrind.org/downloads/valgrind
On Thu, Sep 10, 2015 at 08:05:22am +0200, Daniel Stenberg wrote:
> Seeing that nghttp2 was just updated in Sid to 1.3.0, is there a chance now
> for curl to get HTTP/2 enabled?
Uploaded curl 7.44.0-2 just now, with HTTP/2 support enabled
Chers
signature.asc
Description: Digital signature
Control: tags -1 fixed-upstream
On Thu, Sep 10, 2015 at 03:29:57pm +0200, Andre Naujoks wrote:
> Hi.
>
> Sorry for the noise. I just noticed, that this fix is already in the
> upstream svn. Not yet released though.
>
> I don't know how something like this is handled, so .. - again - sorry
> for
On Sat, Sep 05, 2015 at 12:55:43PM +0100, Luca Boccassi wrote:
> On Thu, 2015-09-03 at 14:49 +0200, Alessandro Ghedini wrote:
> > Source: libvdpau
> > Severity: important
> > Tags: security, fixed-upstream
> >
> > Hi,
> >
> > the followin
Source: libvdpau
Severity: important
Tags: security, fixed-upstream
Hi,
the following vulnerabilities were published for libvdpau.
CVE-2015-5198[0]:
incorrect check for security transition
CVE-2015-5199[1]:
directory traversal in dlopen
CVE-2015-5200[2]:
vulnerability in trace functionality
A
Control: forwarded -1
https://release.debian.org/transitions/html/auto-ecasound.html
On Mon, Aug 24, 2015 at 10:25:46am +0100, Simon McVittie wrote:
> On Wed, 19 Aug 2015 at 10:17:19 +0100, Simon McVittie wrote:
> > In the case of ecasound, the C++ dependencies don't seem to have been
> > flagged
On Sun, Aug 23, 2015 at 05:32:18PM +0200, Julien Cristau wrote:
> On Fri, Nov 21, 2014 at 16:02:15 +0100, Alessandro Ghedini wrote:
>
> > diff --git a/debian/patches/22_systemd_service.diff
> > b/debian/patches/22_systemd_service.diff
> > new file mode 100644
&g
Control: block -1 by 784666
On Fri, Aug 21, 2015 at 10:59:41am +0200, Arnout Engelen wrote:
> Package: curl
> Version: 7.44.0-1
> Severity: normal
>
> Dear Maintainer,
>
> When making a request with '--http2', I get the error message
> "curl: (1) Unsupported protocol".
Unfortunately the version
On Sat, Aug 15, 2015 at 05:00:29PM +0200, Marcel Partap wrote:
> Package: libasound2-plugin-equal
> Version: 0.6-6
> Severity: wishlist
>
> The main reasons being that
> a) it is a hidden gem that should not hide in the dark (libs section)
> b) it easily gets removed accidently by marking all pack
On Tue, Aug 18, 2015 at 01:32:19pm +0200, Vincent Lefevre wrote:
> Package: lynx-cur
> Version: 2.8.9dev6-3
> Severity: serious
> Tags: security
>
> If I run
>
> lynx https://www.vinc17.net:4434/
>
> I get
>
> SSL error:The certificate is NOT trusted. The certificate chain is revoked.
> -
On Sat, Aug 08, 2015 at 09:25:01pm +0200, Bastien ROUCARIES wrote:
> Dear security team
>
> I am looking for a sponsor for my package "imagemagick" about a
> security fix and I am waiting for your green light.. Fixing #770009
> help buildd but is not a security fix (but nevertheless it will hel
Control: found -1 opensaml2/2.4.3-4
Control: fixed -1 opensaml2/2.4.3-4+deb7u1
Control: fixed -1 opensaml2/2.5.3-2+deb8u1
On Fri, Aug 07, 2015 at 12:36:18pm +0200, Sergio Gelato wrote:
> Package: opensaml2
> Version: 2.5.3-2
> Severity: serious
> Tags: security
>
> The upstream security advisory
reopen 791026
user release.debian@packages.debian.org
usertag 791026 + transition
block 791026 by 790756
reassign 791026 release.debian.org
kthxbye
On Fri, Jul 03, 2015 at 01:09:43pm +, Matthias Klose wrote:
> Package: src:ecasound
> Version: 2.9.1-5
> Severity: important
> Tags: sid stret
On mer, lug 01, 2015 at 01:17:10 +, Franz Schrober wrote:
> Package: curl
> Version: 7.43.0-1
> Severity: normal
Hi Franz,
sorry for the delay, I seem to have missed the report when you submitted it...
> sid seems to be changed from curl-openssl to curl-gnutls. As result client
> certificate
predictable temporary file
> vulnerability
>
> It has been closed by Alessandro Ghedini .
>
> Their explanation is attached below along with your original report.
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please
On Thu, Jul 30, 2015 at 08:24:34PM +0100, Luca Boccassi wrote:
> On Thu, 2015-07-30 at 16:58 +0200, Alessandro Ghedini wrote:
> > * The -dev package should just be named libczmq-dev (i.e. without the
> > version),
> > this way next time the project bumps the SONAME it&#
On Thu, Jul 23, 2015 at 03:58:55AM +0100, Luca Boccassi wrote:
> owner 630761 luca.bocca...@gmail.com
> thanks
Note that you need to CC cont...@bugs.debian.org for this to work, or you can
use the "Control" pseudo-header.
> Hello,
Hi,
> I took the liberty of upgrading the repository on Alioth [
Control: tags -1 fixed-upstream
On Mon, Jun 29, 2015 at 06:01:04pm +0200, Guillem Jover wrote:
> Package: mpv
> Version: 0.9.2-1+ffmpeg
> Severity: normal
>
> Hi!
>
> [ First of all, thanks for providing a ffmpeg version of the package,
> there's quite some media that does not play correctly w
Source: tidy
Version: 20091223cvs-1.2
Severity: important
Tags: security upstream patch
Hi,
the following vulnerabilities were published for tidy.
CVE-2015-5522[0]:
AddressSanitizer: heap-buffer-overflow WRITE of size 1
CVE-2015-5523[1]:
small file can lead to a 4 Gb allocation; potential DoS
Control: forwarded -1 https://github.com/mpv-player/mpv/issues/2110
Sorry for the delay.
On mer, lug 01, 2015 at 10:35:13 +0200, Andreas Cadhalpun wrote:
> Hi Guillem,
>
> On 30.06.2015 23:14, Andreas Cadhalpun wrote:
> > On 30.06.2015 21:40, Guillem Jover wrote:
> >> Perhaps, but the comment at
Control: tags -1 pending
On mer, giu 24, 2015 at 12:24:57 -0300, Juan Picca wrote:
> Package: jansson
> Version: 2.7-3
> Severity: wishlist
> Tags: patch
> User: reproducible-bui...@lists.alioth.debian.org
> Usertags: timestamps
>
> Hi!
>
> While working on the "reproducible builds" effort [1],
On Thu, Jun 18, 2015 at 09:17:40PM +0200, Daniele Tricoli wrote:
> On Wednesday 17 June 2015 22:49:24 Moritz Mühlenhoff wrote:
> > Any feedback from your sponsor?
>
> Sorry I was a bit busy so I finalized the package only now. :(
>
> Already sent an RFS and Piotr is usually very fast, so it shoul
Control: reassign -1 libnettle4
Control: forcemerge 787620 -1
On Wed, Jun 10, 2015 at 03:31:13PM +0200, nfb wrote:
> Package: mpv
> Version: 0.9.2-1
> Severity: important
>
> Hi,
> after today's upgrade which installed libnettle6 as dependency, i get
> segmentation fault running mpv.
> Here is th
On lun, giu 08, 2015 at 03:29:02 +0200, Raphael Hertzog wrote:
> On Mon, 08 Jun 2015, Alessandro Ghedini wrote:
> > On lun, giu 08, 2015 at 02:36:17 +0200, Raphael Hertzog wrote:
> > > Dear members of the security team,
> > >
> > > Craig told me (cf message
On Mon, Jun 08, 2015 at 03:10:53PM +0200, Alessandro Ghedini wrote:
> On lun, giu 08, 2015 at 02:36:17 +0200, Raphael Hertzog wrote:
> > Dear members of the security team,
> >
> > Craig told me (cf message below) that you refused new upstream releases of
> > Wordpres
On lun, giu 08, 2015 at 02:36:17 +0200, Raphael Hertzog wrote:
> Dear members of the security team,
>
> Craig told me (cf message below) that you refused new upstream releases of
> Wordpress to fix security issues in stable/oldstable. Since we already did
> that in the past with Yves-Alexis Perez,
On dom, giu 07, 2015 at 01:44:36 +0200, Vincent Lefevre wrote:
> On 2015-06-07 11:40:56 +0200, Alessandro Ghedini wrote:
> > I can't reproduce any of this. Can you please run the command above
> > with the "-v" option and post the output?
>
> xvii:~> curl
On dom, giu 07, 2015 at 12:21:15 +0200, Vincent Lefevre wrote:
> Control: retitle -1 no longer works with https - breaks bti and curl
>
> On 2015-06-07 00:16:15 +0200, Vincent Lefevre wrote:
> > After the upgrade to libcurl3-gnutls 7.42.1-2+b1, bti no longer works
> > at all. For instance:
> [...]
Control: reassign -1 openssl
Control: forcemerge 768476 -1
Control: affects -1 + libcurl3
On gio, giu 04, 2015 at 11:52:27 +0100, Peter T. Breuer wrote:
> Versions of packages libcurl3:i386 depends on:
> ii libc6 2.19-18
> ii libcomerr21.42.12-1.1
> ii libgssapi-krb5-2 1.12
On lun, mag 25, 2015 at 01:46:47 +0200, Bálint Réczey wrote:
> Hi Alessandro,
>
> 2015-05-24 12:50 GMT+02:00 Alessandro Ghedini :
> > Source: ffmpeg
> > Version: 7:2.6.3-1+b1
> > Severity: wishlist
> >
> > Hello,
> >
> > I was looking at the v
Source: ffmpeg
Version: 7:2.6.3-1+b1
Severity: wishlist
Hello,
I was looking at the various dependencies of the -ffmpeg packages, and it seems
to me some of them are a bit superfluous. For example:
- Do we really need 2 different MP3 encoders (libmp3lame and libshine)?
- Given the libmp3lame sup
Control: tags -1 fixed-upstream
On Fri, May 22, 2015 at 10:29:16PM +1000, Dmitry Smirnov wrote:
> Package: curl
> Version: 7.42.1-2
> Severity: normal
> X-Debbugs-CC: arno.schnei...@hs-augsburg.de
>
> Command
>
> curl https://moodle.hs-augsburg.de/
>
> returns the following error:
>
>
On sab, mag 23, 2015 at 03:02:17 +0300, Yuriy M. Kaminskiy wrote:
> Package: mpv
> Version: 0.6.2-2
> Severity: normal
>
> Dear Maintainer,
>
> mpv --vo=opengl-old fails to render OSD (draws empty rectangles instead)
> when sub-option rectangle is 1 (it is set to 1 by default on some
> video-card
On sab, mag 23, 2015 at 02:15:05 +0300, Yuriy M. Kaminskiy wrote:
> Package: mpv
> Version: 0.6.2-2
> Severity: normal
>
> Dear Maintainer,
>
> $ mpv --vo=opengl-old:force-pbo=yes any-video.avi
> [...]
> AO: [alsa] 48000Hz stereo 2ch float
> VO: [opengl-old] 1280x720 => 1280x720 yuv420p
> mpv: ..
On Sat, May 16, 2015 at 03:43:37PM +0200, Alessandro Ghedini wrote:
> On Sat, May 16, 2015 at 03:07:57PM +0200, Sebastian Ramacher wrote:
> > On 2015-05-15 15:22:28, Alessandro Ghedini wrote:
> > > On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
> &g
On Sat, May 16, 2015 at 03:07:57PM +0200, Sebastian Ramacher wrote:
> On 2015-05-15 15:22:28, Alessandro Ghedini wrote:
> > On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
> > > Version: 6:11.3-1
> > >
> > > On 2015-05-14 20:41:15,
Control: retitle -1 nghttp2: new upstream release v1.0.0
On Thu, May 07, 2015 at 06:08:47PM +0200, Alessandro Ghedini wrote:
> Source: nghttp2
> Version: 0.6.7-1
> Severity: wishlist
>
> Hello,
>
> upstream has released several new upstream versions, would it be possible t
On Fri, May 15, 2015 at 11:05:17AM +0200, Sebastian Ramacher wrote:
> Version: 6:11.3-1
>
> On 2015-05-14 20:41:15, Arne Wichmann wrote:
> > Package: libavcodec56
> > Version: 6:11.3-2
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> >
> > Hi, as far as I can see thi
On Sun, May 10, 2015 at 09:12:43PM +0100, Steven Chamberlain wrote:
> Dear Security Team,
>
> This bug was reopened because the original fix from upstream was found
> to be incomplete.
>
> Please may I upload to wheezy-security with the attached debdiff,
> replacing the CVE-2015-1414 patch with t
Source: nghttp2
Version: 0.6.7-1
Severity: wishlist
Hello,
upstream has released several new upstream versions, would it be possible to
update the Debian package?
Thanks
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental'
Control: tags -1 wontfix
On mar, mag 05, 2015 at 01:23:46 +0200, Vincent Lefevre wrote:
> On 2015-05-04 19:57:25 +0200, Alessandro Ghedini wrote:
> > On lun, mag 04, 2015 at 12:28:02 +0200, Vincent Lefevre wrote:
> > > OK, if I understand, it just supports OCSP stapling, not pl
Control: tags -1 pending
On Mon, May 04, 2015 at 07:53:23PM +0200, Jérémy Bobbio wrote:
> Source: mpv
> Version: 0.9.1-1
> Severity: wishlist
> Tags: patch
> User: reproducible-bui...@lists.alioth.debian.org
> Usertags: timestamps
>
> Hi!
>
> While working on the “reproducible builds” effort [1]
On lun, mag 04, 2015 at 12:28:02 +0200, Vincent Lefevre wrote:
> On 2015-05-04 10:57:36 +0200, Alessandro Ghedini wrote:
> > --cert-status only checks for the status_request TLS extension which is not
> > supported by most servers (which means curl will fail by default on most
>
On Mon, May 04, 2015 at 03:15:19AM +0200, Vincent Lefevre wrote:
> Control: retitle -1 curl should check certificate revocation status by default
>
> On 2014-04-26 13:19:35 +0200, Alessandro Ghedini wrote:
> > TL;DR: let's do OCSP instead of downloading CRLs. It would still
On Mon, May 04, 2015 at 09:09:04AM +0200, Mike Gabriel wrote:
> Package: security-tracker
> Severity: wishlist
> Tags: patch
>
> Hi,
>
> attached is a patch that adds manual DLA/DSA id override support if an
> upload tackles a regression already announce via an earlier DSA/DLA.
>
> Current use c
On Sat, May 02, 2015 at 12:48:22PM +0200, Alessandro Ghedini wrote:
> Package: apt
> Version: 1.0.9.9
> Severity: normal
>
> Hello,
>
> it seems that the "changelog" command of apt-get is broken:
>
> > % apt-get changelog debhelper
&g
Control: tags -1 pending
On mer, apr 29, 2015 at 09:56:51 +0200, Mathieu Malaterre wrote:
> Package: valgrind
> Version: 1:3.10.0-4
> Severity: normal
>
> Dear Maintainer,
>
> It feels like there is a missing suppression for openmp on valgring+openmp
> (jessie amd64). Steps:
>
> $ cat t.c
> in
Package: apt
Version: 1.0.9.9
Severity: normal
Hello,
it seems that the "changelog" command of apt-get is broken:
> % apt-get changelog debhelper
> Err Changelog per debhelper
> (http://packages.debian.org/changelogs/pool/main/d/debhelper/debhelper_9.20150501/changelog)
> 404 Not Found
> Err
1 - 100 of 756 matches
Mail list logo
