nue to use it, installing from somewhere else,
effectively being at even higher risk than with the Debian
archive's (semi-) patched version.
Of course if we can't offer any support I guess it's still better
to get rid of it than giving a false impression of
support/security.
Best,
Hug
ree to tell me if I should cancel it.
Thank you very much for this NMU. I am completely overloaded with work
currently and could not find time to handle this. Feel free to upload to
unstable right away!
Best Regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 360
Control: tag -1 pending
Hello,
Bug #947533 in kupfer reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/packages/kupfer/-/commit/6ede52261a379e73640e72
Hi Lucas,
thanks a lot for this bug report. I will do my best to sort this out during
the week-end.
cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
tracker as well.
regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
signature.asc
Description: PGP signature
osing Bleachbit would be a significant source of annoyance for
many Debian users (popcon 2754 at the moment).
May I add the py2keep flag, until the Bleachbit Py3 migration completes?
regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA
Control: tag -1 pending
Hello,
Bug #885261 in bleachbit reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/applications/bleachbit/commit/b42ee7491361fc
they seem to be working on
> it).
>
> It would be super nice to have this new version packaged from a user's
> perspective and, also, from an archive/distribution/removal perspective
> also.
thanks for the heads up. 3.0 will be in the archive asap, I'm working on it.
c
Hi Fabian,
> Am Donnerstag, den 29.08.2019, 08:04 -0400 schrieb Hugo Lefeuvre:
> > Fabian (faad2 maintainer and upstream), do you want to handle this?
> > Otherwise I can NMU a second time with this patch.
>
> please go ahead with a second NMU. I am a bit short on time cu
ttps://launchpad.net/ubuntu/+source/faad2/2.8.8-3.1ubuntu1
> I rebased it with the upstream version
Fabian (faad2 maintainer and upstream), do you want to handle this?
Otherwise I can NMU a second time with this patch.
cheers,
Hugo
--
Hugo Lefeuvre (hle)|
gards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
signature.asc
Description: PGP signature
Control: tag -1 pending
Hello,
Bug #932732 in python-slugify reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/modules/python-slugify/commit/c8552707e
Source: python-slugify
Version: 3.0.2-1
Severity: grave
Hi,
autopkgtests are failing since 3.0.2-1. This is related to the
text-unidecode dependency not being satisfied (instead we use unidecode)
and might break other packages.
I'm working on it.
regards,
Hugo
--
Hi Salvatore,
> CVE-2016-10745 was assigned for this issue.
Thanks for the information.
I just noticed you added CVE-2016-10745 to the tracker. I am fairly
confused, do you know why this CVE was not referenced in the tracker?
Or did you just request it?
cheers,
Hugo
--
H
> This should help confirming vulnerability in other suites.
2.7.3-1 and all later releases affected. In addition, both 2.7.3-1 and
2.8-1 are affected by the previous str.format issue[0].
[0] https://palletsprojects.com/blog/jinja-281-released/
--
Hugo Lefeuvre (
p(dic) }}')
>>> t.render(dic={"x": User('joe')})
"{'SECRET_KEY': '12345'}"
Expected behaviour would be jinja2.exceptions.SecurityError.
Adapted from[0].
regards,
Hugo
[0] https://palletsprojects.com/blog/jinja-281-released/
--
aged). Those new release effectively only
> consists of the fixes for the recent CVEs. (Yes, I know that the freeze
> already started.)
Agree. I will look into it if I manage to find time for this.
thanks
regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 36
Control: tag -1 pending
Hello,
Bug #920337 in python-igraph reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/modules/python-igraph/commit/4e6b96a3240
Control: tag -1 pending
Hello,
Bug #905222 in spambayes reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/applications/spambayes/commit/da6655f931a97a
ase/local/include/python$py_version_short$abiflags/$dist_name'
and
'$base/include/python$py_version_short$abiflags/$dist_name'
Matthias: should we open a python3-stdlib-extensions bug ? Do you think
this issue can be fixed in time for Buster or should we upload a temporary
fix for
Control: tag -1 pending
Hello,
Bug #912410 in python-igraph reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/python-team/modules/python-igraph/commit/0a493106dbb
(we did not get it back in time for the soft freeze).
There is definitely no reason why bleachbit wouldn't be included in
Buster: this issue appears to affect the stretch version, not the one
from unstable.
regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_
right now. Not good during the freeze. :/
Of course I would be glad to maintain this package under the Debian Science
Team umbrella. Feel free to upload.
Thanks a lot for taking care of this issue.
Best Regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 360B
--
Hugo Lefeuvre (hle)|www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
signature.asc
Description: PGP signature
< 9.0, jetty9 has <= 9.2.24).
FTR FileSessionDataStore was introduced in
fa8232d3c81608c25d9e8c66cdfe8ab7a66c892b and the vulnerable code in
54a56314627f0a2c33ca67d813e3396f6bc03274.
regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B
ion issues,
plastimatch seems to to use deprecated directives), so I couldn't really
test it.
You can find test packages here[0]. Can you try them ?
Regards,
Hugo
[0] https://people.debian.org/~hle/testpkg/dlib/
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0
Hi Samuel, Sebastian,
Thanks for the patch. I'll take a look at it and upload the fix tomorrow
if everything is fine.
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
signature.asc
Description: PGP signature
right asap.
Thanks.
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
signature.asc
Description: PGP signature
catchlog package has no reasons of existing in
unstable since we ship pytest 3.3.2, and we should let it get removed
from unstable. Also, removing pytest-catchlog from the dependencies of
your package should be fine.
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/
l start
working on a patch (and will probably adopt python-catchlog at the
same time).
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
signature.asc
Description: PGP signature
ake some time.
Thanks !
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
signature.asc
Description: PGP signature
I've had a look at your patch, looks fine to me.
Thanks !
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
signature.asc
Description: PGP signature
Hi,
Thanks for reporting this bug. Christoph, special acknowledgments for
the patch !
I'll look into this and upload a fixed version asap.
Regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
signatur
Hi Chris,
Thanks for noticing this ! It looks like I have copy-and-pasted
the Python 2 dependencies without updating the variables... :)
I'll upload a fixed package.
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B
debdiff in attachment.
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
diff -Nru quagga-1.1.1/debian/changelog quagga-1.1.1/debian/changelog
--- quagga-1.1.1/debian/changelog 2017-04-05 13:41:14.0 +0200
Hi,
I have just uploaded python-rarfile 3.0-1, which drops the unrar-free
dependency.
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ 9C4F C8BF A4B0 8FC5 48EB 56B8 1962 765B B9A8 BACA
signature.asc
Description: PGP signature
d85aa13c810fa52a507751f98777fa19d16664c5
Author: Hugo Lefeuvre
Date: Wed Apr 12 13:01:38 2017 +0200
Add forgotten Closes statement in d/changelog
diff --git a/debian/changelog b/debian/changelog
index 54ce9ce..668a9c5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,7 +5,8
good idea indeed.
Thanks !
Cheers,
Hugo
[0] http://noir.liw.fi/
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
--- a/sx/pisa3/pisa_parser.py 2017-02-08 15:38:26.127678118 +0100
+++ b/sx/pisa3/pisa_parser.py 2017-02-08 15:38:49
nd.
Thanks for your reminder.
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: PGP signature
.
Regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: PGP signature
df4abc5675b0bc3ee1b1b8b0bcacf7ad05a01a13
Author: Hugo Lefeuvre
Date: Sat Oct 8 15:49:59 2016 +0200
Make sphinxdoc stops accessing the internet during build.
diff --git a/debian/changelog b/debian/changelog
index a2ded96..1c5546d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+elib.intl
oad it using dget:
dget http://http.kali.org/pool/main/d/doona/doona_1.0+git20160212-0kali1.dsc
the shasums differ, but the contents of the tarballs are identical, according
to diff -r.
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC
I would even upload it with urgency=high).
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: PGP signature
> Please try to improve the changelog a little bit.
Fixed. Thanks for the hint.
Cheers,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: PGP signature
43aee16edc28ebbe90922b6ac67b274f168a5f74
Author: Hugo Lefeuvre
Date: Sun Sep 11 22:16:04 2016 +0200
Close #836824.
diff --git a/debian/changelog b/debian/changelog
index 9cf7a1b..a6536ef 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,6 @@
python-pyotp (2.2.1-1) unstable; urgency=medium
Hi Santiago,
It looks like packaging the new upstream release fixes the issue.
If you want, you can try to build the version on the repository[0]
before I upload it.
Regards,
Hugo
[0] https://anonscm.debian.org/git/python-modules/packages/python-pyotp.git/
--
Hugo Lefeuvre (hle
62655487f43dd2e608c473f4577502b62cb35525
Author: Hugo Lefeuvre
Date: Wed Aug 24 11:58:52 2016 +0200
Fix FTBFS on i386.
* Fix FTBFS on i386 (Closes: #806383).
* debian/control:
- Add myself to the uploaders.
- Bump Standards-Version to 3.9.8.
- Update Homepage field
bc4fc3d4ec627b43c4f6cca96b26db8517a6542c
Author: Hugo Lefeuvre
Date: Fri Jul 15 16:47:41 2016 +0200
Fix FTBFS on 32-bits platforms.
diff --git a/debian/changelog b/debian/changelog
index 86cc477..e5a2a4e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+python-pyotp (2.1.1-2) unstable
2141af53ebe5dd082dce27cbd2c98a2009cfbaa0
Author: Hugo Lefeuvre
Date: Mon Aug 22 21:28:55 2016 +0200
New upstream release.
* New upstream release.
* debian/control:
- Remove Cornelius Koelbel from the Maintainer field. His e-mail address
was not valid anymore (Closes
2141af53ebe5dd082dce27cbd2c98a2009cfbaa0
Author: Hugo Lefeuvre
Date: Mon Aug 22 21:28:55 2016 +0200
New upstream release.
* New upstream release.
* debian/control:
- Remove Cornelius Koelbel from the Maintainer field. His e-mail address
was not valid anymore (Closes
Hi,
It looks like upstream commited a fix. I'll prepare a patched version of
the package.
Regards,
HUgo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: PGP signature
to the security team.
Regards,
Hugo
--
Hugo Lefeuvre (hle)|www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: PGP signature
d69e8e5db8a296ddde93c3440a6a625a156f4a1e
Author: Hugo Lefeuvre
Date: Sun Nov 29 23:47:45 2015 +0100
Upload to unstable.
diff --git a/debian/changelog b/debian/changelog
index 5c383b0..c47646c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+cssutils (1.0-4) unstable; urgency=high
Hi Chris,
Thanks for reporting bugs.
I'll upload the package currently in experimental to Unstable.
Regards,
Hugo
--
Hugo Lefeuvre (hugo6390)|www.hugo6390.org
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: Digital signature
pends: python3-django-celery-transactions (0.3.2-1)
python3-django-celery
python3-django-celery-transactions
So, I think we should contact their maintainers before doing anything, to see
what we can do to avoid their removal.
Regards,
Hugo
--
Hugo Lefeuvre (hugo6390)|www.hugo6390.org
Hi,
> The diff looks ok, and I do support this. Please push it to the release
> team. I really think this is the most reasonable course of action we can
> do in Jessie.
Done[0].
Cheers,
Hugo
[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793117
--
Hugo Lefeuvre
to just make the package stops building python3-memcache. I
haven't reverted the upstream changes you made on the package; I think
it wouldn't be really useful, and it will surely make the backporting
process harder.
Thanks !
Cheers,
Hugo
--
Hugo Lefeuvre (hugo6390)|w
, we risk memcached to be removed
> from testing for a wrong reason. Can you do such update, with "fixed"
> and "found" commands to the BTS?
#788561 is now marked as fixed in 1.54+20150423+git+48e882719c-2. Is it
enough ?
Cheers,
Hugo
[0] https://qa.debian.org/popcon.php?pac
Hi Hilko,
This bug should be closed by 3.0.3+dfsg-0.1, but the changelog
doesn't mentions the bug. So, 3.0.3+dfsg-0.1 can't migrate to
Testing[0].
I think we should close it manually.
Regards,
Hugo
[0] https://release.debian.org/migration/testing.pl?package=capstone
--
Hi Laurent,
I'm probably wrong, but it seems that libappstream-glib-dev already has a
dependency against
libarchive-dev[0].
Cheers,
Hugo
[0]
http://anonscm.debian.org/cgit/pkg-packagekit/appstream-glib.git/tree/debian/control#n59
--
Hugo Lefeuvre (hugo6390)|www.hugo639
repare a new version of the package to mention
the deprecation of -d.
Best Regards,
Hugo
--
Hugo Lefeuvre (hugo6390)|www.hugo6390.org
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: Digital signature
> Removing '-d' indeed prevents the issue and parcellite works then as
> expected.
So, Petr, can we close this bug ? I'll mention this deprecation in the
README.Debian to make it clear for all users.
--
Hugo Lefeuvre (hugo6390)|www.hugo6390.org
4096/ ACB7 B67
bug has absolutely nothing to
do with parcelliterc.
PS: Please, don't CC me; I'm already receiving all messages sent to
785...@bugs.debian.org.
--
Hugo Lefeuvre (hugo6390)|www.hugo6390.org
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
signature.asc
Description: Digital signature
I successfully reproduced this bug on an i3 Jessie laptop.
After looking at it, I've noticed that this bug was due to some recent
changes in glib. So I'll forward this bug as soon as possible.
Regards,
Hugo
--
Hugo Lefeuvre (hugo6390)|www.hugo6390.org
4096/ ACB7 B67F
Hi Petr,
Thanks for reporting bugs.
Could you provide more informations about parcellite's crash ? What
happens if you directly call parcellite from the CLI (with the 'parcellite'
command) ?
Best Regards,
Hugo
--
Hugo Lefeuvre (hugo6390)|www.hugo6390.org
4096/
an.org/cgit/collab-maint/mlterm.git/tree/debian/mlterm-im-ibus.preinst
--
Hugo Lefeuvre (hugo6390)|www.hugo6390.org
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
#!/bin/sh
set -e
case "$1" in
install|upgrade)
# dpkg does not replace directories by
r.
The removal of unrar-free will also cause problems for its reverse
dependencies:
python-rarfile
python3-rarfile
zipper.app
unp
qcomicbook
krusader
ark
amavisd-new
Regards,
Hugo
--
Hugo Lefeuvre (hugo6390)|www.hugo6390.org
4096/ ACB7 B67F 197F 9B32 1533 431C AC90
67 matches
Mail list logo