Accepted libapt-pkg-perl 0.1.36 (source amd64) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 18 Jun 2019 13:14:33 +1000 Source: libapt-pkg-perl Binary: libapt-pkg-perl libapt-pkg-perl-dbgsym Architecture: source amd64 Version: 0.1.36 Distribution: unstable Urgency: medium Maintainer: Brendan O'Dea Changed-By: Brendan

Accepted freeorion 0.4.8-3 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 23 Jun 2019 01:52:26 +0200 Source: freeorion Architecture: source Version: 0.4.8-3 Distribution: unstable Urgency: medium Maintainer: Debian Games Team Changed-By: Markus Koschany Closes: 930417 Changes: freeorion (0.4.8-3)

Accepted openjdk-13 13~26-1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 22 Jun 2019 17:37:51 +0200 Source: openjdk-13 Architecture: source Version: 13~26-1 Distribution: experimental Urgency: medium Maintainer: OpenJDK Team Changed-By: Matthias Klose Changes: openjdk-13 (13~26-1) experimental;

Accepted acpid 1:2.0.31-1.1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 20:46:50 + Source: acpid Architecture: source Version: 1:2.0.31-1.1 Distribution: experimental Urgency: medium Maintainer: Debian Acpi Team Changed-By: Dmitry Bogatov Closes: 923871 Changes: acpid

Accepted docker.io 18.09.1+dfsg1-7.1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 23 Jun 2019 01:25:10 +0800 Source: docker.io Architecture: source Version: 18.09.1+dfsg1-7.1 Distribution: unstable Urgency: medium Maintainer: Dmitry Smirnov Changed-By: Shengjing Zhu Closes: 929662 Changes: docker.io

Bug#930908: general: incorrect rules for %s in /etc/mailcap yielding potentially unquoted metacharacters

On 2019-06-22 10:51:35 +0200, Vincent Lefevre wrote: > The /etc/mailcap file contains many rules with '%s' instead of %s, > for instance: > > text/*; less '%s'; needsterminal > audio/ogg; ogginfo '%s'; copiousoutput > > This is incorrect. [...] I suppose that the update-mime script could

Accepted installation-guide 20190622 (source all) into unstable

-guide-mips64el installation-guide-mipsel installation-guide-ppc64el installation-guide-s390x Architecture: source all Version: 20190622 Distribution: unstable Urgency: medium Maintainer: Debian Install System Team Changed-By: Samuel Thibault Description: installation-guide-amd64 - Debian

Accepted debian-cd 3.1.24 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 22 Jun 2019 18:19:21 +0100 Source: debian-cd Architecture: source Version: 3.1.24 Distribution: unstable Urgency: medium Maintainer: Debian CD Group Changed-By: Steve McIntyre <93...@debian.org> Changes: debian-cd (3.1.24)

Accepted par 1.52-4 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 18:51:07 +0200 Source: par Architecture: source Version: 1.52-4 Distribution: experimental Urgency: low Maintainer: Andreas Metzler Changed-By: Andreas Metzler Closes: 615256 738479 889678 902676 Changes: par

Accepted openjdk-11 11.0.4+8-1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 22 Jun 2019 17:58:57 +0200 Source: openjdk-11 Architecture: source Version: 11.0.4+8-1 Distribution: unstable Urgency: medium Maintainer: OpenJDK Team Changed-By: Matthias Klose Changes: openjdk-11 (11.0.4+8-1) unstable;

Accepted zfs-linux 0.8.1-1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 18 Jun 2019 16:20:51 +0800 Source: zfs-linux Architecture: source Version: 0.8.1-1 Distribution: experimental Urgency: medium Maintainer: Debian ZFS on Linux maintainers Changed-By: Mo Zhou Changes: zfs-linux (0.8.1-1)

Accepted mariadb-10.3 1:10.3.16-1 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 16:45:18 +0200 Source: mariadb-10.3 Binary: libmariadb-dev libmariadbclient-dev libmariadb-dev-compat libmariadb3 libmariadbd19 libmariadbd-dev mariadb-common mariadb-client-core-10.3 mariadb-client-10.3

Accepted streamlink 1.1.1+dfsg-1~exp1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 19 Jun 2019 21:58:59 +0200 Source: streamlink Architecture: source Version: 1.1.1+dfsg-1~exp1 Distribution: experimental Urgency: low Maintainer: Alexis Murzeau Changed-By: Alexis Murzeau Changes: streamlink

Accepted node-d3-scale 1.0.7-2 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 18:53:26 +0530 Source: node-d3-scale Architecture: source Version: 1.0.7-2 Distribution: experimental Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Pirate Praveen Changes: node-d3-scale

Bug#930918: ITP: ruby-webpacker -- use webpack to manage app-like JavaScript modules in Rails

Package: wnpp Severity: wishlist Owner: Jongmin Kim * Package name: ruby-webpacker Version : 4.0.7 Upstream Author : David Heinemeier Hansson * URL : https://github.com/rails/webpacker * License : Expat Programming Lang: Ruby Description : use webpack

Accepted stellarium 0.19.1-1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 14:44:19 +0200 Source: stellarium Architecture: source Version: 0.19.1-1 Distribution: experimental Urgency: medium Maintainer: Debian Astro Maintainers Changed-By: Tomasz Buchert Changes: stellarium (0.19.1-1)

Accepted node-d3-shape 1.3.5-1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 18:38:27 +0530 Source: node-d3-shape Architecture: source Version: 1.3.5-1 Distribution: experimental Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Pirate Praveen Changes: node-d3-shape

Accepted hwinfo 21.66-1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 13:26:19 +0200 Source: hwinfo Architecture: source Version: 21.66-1 Distribution: experimental Urgency: medium Maintainer: Sebastien Badia Changed-By: Tomasz Buchert Changes: hwinfo (21.66-1) experimental;

Accepted nghttp2 1.39.1-1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 13:14:11 +0200 Source: nghttp2 Architecture: source Version: 1.39.1-1 Distribution: experimental Urgency: medium Maintainer: Tomasz Buchert Changed-By: Tomasz Buchert Changes: nghttp2 (1.39.1-1) experimental;

Bug#930912: ITP: psu-targets -- adds power supply targets to systemd

Package: wnpp Severity: wishlist Owner: Stephan Lachnit -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: psu-targets Version : 1 Upstream Author : Stephan Lachnit * URL : https://github.com/stephanlachnit/psu-targets * License : GPL-3

Accepted node-d3-timer 1.0.9-1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 16:08:04 +0530 Source: node-d3-timer Architecture: source Version: 1.0.9-1 Distribution: experimental Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Pirate Praveen Changes: node-d3-timer

Bug#930908: general: incorrect rules for %s in /etc/mailcap yielding potentially unquoted metacharacters

On 2019-06-22 10:51:35 +0200, Vincent Lefevre wrote: > execve("/home/vinc17/bin/sh.screen", ["sh", "-c", "less > ''/var/tmp/_.txt''"], 0x564ffe666f40 /* 132 vars */) = 0 > > i.e. the filename is eventually not quoted! > > Here the filename is sanitized, but I'm not sure that this is always >

Accepted node-d3-voronoi 1.1.4-1 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 15:03:15 +0530 Source: node-d3-voronoi Architecture: source Version: 1.1.4-1 Distribution: experimental Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Pirate Praveen Changes:

Accepted libreoffice 1:6.3.0~beta2-2 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 10:39:57 +0200 Source: libreoffice Architecture: source Version: 1:6.3.0~beta2-2 Distribution: experimental Urgency: medium Maintainer: Debian LibreOffice Maintainers Changed-By: Rene Engelhard Changes:

Accepted numlockx 1.2-8 (source) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 10:53:32 +0200 Source: numlockx Architecture: source Version: 1.2-8 Distribution: unstable Urgency: low Maintainer: Andreas Metzler Changed-By: Andreas Metzler Closes: 846260 923349 Changes: numlockx (1.2-8)

Bug#930908: general: incorrect rules for %s in /etc/mailcap yielding potentially unquoted metacharacters

On 2019-06-22 10:51:35 +0200, Vincent Lefevre wrote: [...] > as seen in strace output: > > execve("/home/vinc17/bin/sh.screen", ["sh", "-c", "less > ''/var/tmp/_.txt''"], 0x564ffe666f40 /* 132 vars */) = 0 FYI, the sh.screen is due to a modification I've done and is used as a sh wrapper to

Accepted node-d3-zoom 1.7.3-2 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 14:20:19 +0530 Source: node-d3-zoom Architecture: source Version: 1.7.3-2 Distribution: experimental Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Pirate Praveen Changes: node-d3-zoom

Processed: Re: general: incorrect rules for %s in /etc/mailcap yielding potentially unquoted metacharacters

Processing commands for cont...@bugs.debian.org: > affects 930908 mutt Bug #930908 [general] general: incorrect rules for %s in /etc/mailcap yielding potentially unquoted metacharacters Added indication that 930908 affects mutt > End of message, stopping processing here. Please contact me if

Bug#930908: general: incorrect rules for %s in /etc/mailcap yielding potentially unquoted metacharacters

Package: general Severity: grave Tags: security Justification: user security hole Affects: mutt The /etc/mailcap file contains many rules with '%s' instead of %s, for instance: text/*; less '%s'; needsterminal audio/ogg; ogginfo '%s'; copiousoutput This is incorrect. For instance, Mutt quotes

Accepted mikutter 3.9.0~alpha2+dfsg-1 (source all) into unstable

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Sat, 22 Jun 2019 16:43:08 +0900 Source: mikutter Binary: mikutter Architecture: source all Version: 3.9.0~alpha2+dfsg-1 Distribution: unstable Urgency: medium Maintainer: HIGUCHI Daisuke (VDR dai) Changed-By: HIGUCHI Daisuke (VDR

Accepted node-d3-selection 1.4.0-2 (source) into experimental

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 22 Jun 2019 13:21:30 -0400 Source: node-d3-selection Architecture: source Version: 1.4.0-2 Distribution: experimental Urgency: medium Maintainer: Debian Javascript Maintainers Changed-By: Nilesh Changes: node-d3-selection

Re: Re: Programs contain ads - acceptable for packaging for Debian?

This applies to any program which downloads ads from the network at runtime. Serious problems with this: * We don't know what ads might be displayed and whether we would think them inappropriate, offensive, legally risky, or whatever. * Downloading ads at runtime is a security risk: it

Bug#930900: ITP: cni-plugins -- CNI (Container Networking Infrastructure) Plugins

Package: wnpp Severity: wishlist Owner: Nicolas Braud-Santoni -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: cni-plugins Version : 0.8.1 Upstream Author : The CNI team * URL : https://github.com/containernetworking/plugins * License :

Bug#930899: ITP: podman -- Tool for running OCI-based containers

Package: wnpp Severity: wishlist Owner: Nicolas Braud-Santoni -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: podman Version : 1.4.2 Upstream Author : The github.com/containers authors * URL : https://github.com/containers/podman * License :

Bug#930898: ITP: conmon -- OCI container runtime monitor

Package: wnpp Severity: wishlist Owner: Nicolas Braud-Santoni -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: conmon Version : 0.3.0 Upstream Author : The github.com/containers authors * URL : https://github.com/containers/conmon * License :