On Tue, Feb 14, 2012 at 08:17:09PM +, Uoti Urpala wrote:
> Kurt Roeckx roeckx.be> writes:
> > > What affects the ABI is compiling the library in a way that does not
> > > support
> > > copy relocations. This can be done with visibility attributes
On Tue, Feb 14, 2012 at 11:09:44PM +, Sune Vuorela wrote:
> On 2012-02-14, Kurt Roeckx wrote:
> > It was always my understanding that protected wasn't useful,
> > because it's even more expensive.
>
> Can you come with a bit pointers or numbers about 'exp
On Wed, Feb 15, 2012 at 12:09:41AM +, Uoti Urpala wrote:
> > Anyway, the C standard says that there is a requirement that
> > both the DSO itself as all other objects must be able to take
> > the address of it and still get the same pointer. And this
> > obviously fails in your example.
>
> Y
On Wed, Feb 15, 2012 at 07:39:50PM +, Uoti Urpala wrote:
>
> The most obvious way how the non-fPIE case could theoretically work would be
> having
> such text relocations for main executable; without them you can't expect
> things
> to work without special tricks.
Yes, and I expect the tool
On Mon, Feb 20, 2012 at 12:47:31PM +0100, Jérémy Lal wrote:
> Hi,
> i am not able to tell if abi-compliance-checker is serious enough to
> be able to use its results to ensure ABI-compatibility of C++ libs.
> It gives informations like :
> http://www.upstream-tracker.org/versions/v8.html
It's the
On Mon, Apr 02, 2012 at 11:00:11PM +0900, Charles Plessy wrote:
>
> Nevertheless, facts such as protein sequences are not copyrightable. This is
> somewhat confirmed by the UniProt consortium itself on their website
> (http://www.uniprot.org/help/license), and my conclusion is that, in isolation
On Thu, Oct 11, 2012 at 01:19:58AM +0200, Christoph Anton Mitterer wrote:
> Hi folks.
>
> AFAICS, secure APT and similar things (e.g. dpkg's file hash sums) still
> use even MD5.
dpkg-genchanges and dak both generate md5, sha1 and sha256. So
.deb files themself are hashed by all 3 of them. A as
On Fri, Oct 12, 2012 at 12:42:57AM +0600, Andrey Rahmatullin wrote:
> On Thu, Oct 11, 2012 at 08:18:55PM +0200, Kurt Roeckx wrote:
> > There are also the md5sums files that are stored in the .deb file.
> > I'm not really sure what the real use case for them is and
> > wo
On Fri, Jan 18, 2013 at 10:11:50AM -0600, Paul Johnson wrote:
>
> $ dpkg -l | grep libc6
> ii libc6:amd64 2.13-37 amd64
> ii libc6:i3862.13-37 i386
> ii libc6-amd64 2.13-37 i386
> ii libc6-i3862.13-37 amd64
So you basicly have libc6 installed 4 times, twice for i386 and
twice
On Tue, Apr 24, 2012 at 12:56:19PM +0300, Timo Juhani Lindfors wrote:
> Hello,
>
> I think I found a bug in devotee (debian vote engine) that breaks the
> secrecy elections.
I just pushed a change for this issue to my git repo at:
http://anonscm.debian.org/gitweb/?p=users/kroeckx/devotee.git;a=su
On Sat, Mar 30, 2013 at 05:13:23PM +0200, Timo Juhani Lindfors wrote:
> Kurt Roeckx writes:
> > I just pushed a change for this issue to my git repo at:
> > http://anonscm.debian.org/gitweb/?p=users/kroeckx/devotee.git;a=summary
> >
> > I would be grateful if people c
On Sat, Mar 30, 2013 at 03:41:09PM +0100, Kurt Roeckx wrote:
> I just pushed a change for this issue to my git repo at:
> http://anonscm.debian.org/gitweb/?p=users/kroeckx/devotee.git;a=summary
>
> I would be grateful if people can review that.
>
> I also still need to do s
On Sun, Mar 31, 2013 at 01:03:52PM +0300, Timo Juhani Lindfors wrote:
> Kurt Roeckx writes:
> >> - md5_hex("$name $alias obfuscate\n"), "\n";
> >> + hmac_sha256_hex($name, "obfuscate"), "\n";
&
On Sat, Apr 13, 2013 at 06:52:01AM -0300, Ben Armstrong wrote:
> > - - -=-=-=-=-=- Don't Delete Anything Between These Lines =-=-=-=-=-=-=-=-
[...]
So you're the second person that doesn't follow the headers I've
set:
Reply-To: leader2...@vote.debian.org
Mail-Followup-To: leader2...@vote.debian.or
On Wed, May 08, 2013 at 05:27:01AM +0200, Adam Borowski wrote:
> On Wed, May 08, 2013 at 09:46:02AM +0800, Thomas Goirand wrote:
> > What I think should be fixed is the fact that it doesn't
> > appear in the filename. I never understood why they
> > don't. Did I miss something?
>
> Having a colon
On Fri, Dec 27, 2013 at 02:38:50PM +, Thorsten Glaser wrote:
> Steve Langasek dixit:
>
> >of GPLv3, and explicitly did not. In fact, the system library exception is
> >now defined even more narrowly than for GPLv2, so that it now covers only
> >language runtime libraries. I think this was a
On Sat, Dec 28, 2013 at 04:11:18PM -0500, Stephen M. Webb wrote:
> On 12/28/2013 03:53 PM, Clint Adams wrote:
> > On Sat, Dec 28, 2013 at 09:45:09AM +0100, David Weinehall wrote:
> >> As one of the "GPL v2 only" proponents, I take affront. I choose to
> >> license what little software I release as
On Sat, Dec 28, 2013 at 05:59:35PM -0500, Stephen M. Webb wrote:
> On 12/28/2013 04:15 PM, Kurt Roeckx wrote:
> > On Sat, Dec 28, 2013 at 04:11:18PM -0500, Stephen M. Webb wrote:
> >> On 12/28/2013 03:53 PM, Clint Adams wrote:
> >>> On Sat, Dec 28, 2013 at 09:45:09A
On Tue, Dec 31, 2013 at 08:59:53AM -0600, Matt Zagrabelny wrote:
> On Tue, Dec 31, 2013 at 8:54 AM, Clint Adams wrote:
> > On Sun, Dec 29, 2013 at 03:50:06AM +0100, David Weinehall wrote:
> >> Apart from the termination clause, the GPLv2 is far more concise,
> >> I don't see tivoization as a probl
On Thu, Jan 09, 2014 at 07:20:40PM +, Colin Watson wrote:
> On Thu, Jan 02, 2014 at 06:14:07PM +, Dimitri John Ledkov wrote:
> > The correct solution is for libtool package to be marked as
> > "multi-arch: allowed" without splitting this tiny package into two
> > even smaller packages.
>
>
On Thu, Jan 09, 2014 at 07:20:40PM +, Colin Watson wrote:
>
> Overall, I would therefore prefer option 1 (not the option I expected to
> prefer when I started analysing this!), because as far as I can see it
> will unblock cross-building for both packages that need /usr/bin/libtool
> and those
On Sun, Dec 22, 2013 at 08:12:40PM +0100, Andreas Metzler wrote:
> Hello,
>
> Debian ist still relying heavily on GnuTLS 2.12.x, and I do not think
> this is sustainable for much longer.
>
> State of Play:
> -
> In July 2011 with version 3.0 [1] GnuTLS switched to Nettle as only
> support
On Tue, Jan 21, 2014 at 08:31:56AM -0500, The Wanderer wrote:
> On 01/20/2014 09:34 PM, Paul Wise wrote:
>
> > On Tue, Jan 21, 2014 at 1:22 AM, Holger Levsen wrote:
> >
> >> wait, what? Do you have any vendor statements to support this 20%
> >> extra space?
> >
> > Flash is basically probabilist
On Tue, Feb 18, 2014 at 03:15:24PM +0100, Ondrej Surý wrote:
> Hi,
>
> I don't really want to open another can of worms, but what's the opinion
> of non-Linux ports maintainers on default init?
>
> Or maybe I should turn it another way:
>
> If we have working OpenRC on kFreeBSD and GNU Hurd, can
On Tue, Mar 04, 2014 at 08:10:47PM +0100, Ondrej Surý wrote:
> On Mon, Mar 3, 2014, at 19:13, Gunnar Wolf wrote:
> > As keyring maintainers, we no longer consider 1024D keys to be
> > trustable. We are not yet mass-removing them, because we don't want to
> > hamper the project's work, but we defini
On Wed, Mar 05, 2014 at 08:29:37AM +0100, Ondrej Surý wrote:
> On Tue, Mar 4, 2014, at 21:33, Gunnar Wolf wrote:
> > Ondrej Surý dijo [Tue, Mar 04, 2014 at 08:10:47PM +0100]:
> > > On Mon, Mar 3, 2014, at 19:13, Gunnar Wolf wrote:
> > > > As keyring maintainers, we no longer consider 1024D keys to
On Sun, Apr 20, 2014 at 07:07:45PM +0100, Steven Chamberlain wrote:
> Hi,
>
> But meanwhile, OpenBSD developers are extensively cleaning up OpenSSL
> 1.0.1g.
One of the problems with anything from OpenBSD is that they only
care about OpenBSD, and if you want to use that fork you'll
actually have
On Mon, Apr 21, 2014 at 02:38:52AM +0100, Steven Chamberlain wrote:
>
> They've ripped out this whole PRNG now to use the one from their own libc:
>
> http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/crypto/rand/rand_lib.c.diff?r1=1.14;r2=1.15
And I think just a change like that might wo
On Mon, Apr 21, 2014 at 12:34:12AM +0100, Kevin Chadwick wrote:
> previously on this list people contributed:
>
> > On Sun, Apr 20, 2014 at 07:07:45PM +0100, Steven Chamberlain wrote:
> > > Hi,
> > >
> > > But meanwhile, OpenBSD developers are extensively cleaning up OpenSSL
> > > 1.0.1g.
> >
>
On Sun, Jun 01, 2014 at 11:39:34AM -0700, Russ Allbery wrote:
> > How can we make the transition smooth ?
>
> > I have a package.install file that contains a line
> > /usr/lib/perl5/
>
> Build-Depends on perl (>= 5.20) would make the transition smooth for users
> and the buildds. The only drawba
On Tue, Jun 10, 2014 at 06:01:19PM +0200, Jakub Wilk wrote:
> * Vincent Danjean , 2014-06-10, 16:27:
> >>In healpix-cxx, I'm getting warnings from dh_shlibdeps about missing
> >>OpenMP symbols. See, for example, this excerpt from
> >>https://buildd.debian.org/status/fetch.php?pkg=healpix-cxx&arch=
On Thu, Jun 12, 2014 at 10:23:58AM +0200, Thorsten Glaser wrote:
> On Wed, 11 Jun 2014, Josh Triplett wrote:
>
> device is inferiour to the random devices on OpenBSD/MirBSD, so you
> should seed the aRC4 state with additional random bytes:
As far as I know, OpenBSD stopped using (A)RC4 for their
On Sun, Mar 27, 2011 at 12:27:15PM +0100, Roger Leigh wrote:
> On Sun, Mar 27, 2011 at 10:56:28AM +0200, Joerg Jaspert wrote:
> > - The long standing project of enabling autosigning for the buildds also
> > got finished. That means that packages successfully built can now be
> > uploaded automa
On Tue, Mar 29, 2011 at 05:52:23PM +0200, Julien Cristau wrote:
> As far as I can tell the problem is that you switched the mlton binary
> package to 'Architecture: all'. Which means it's available on all
> architectures already in the new version, even though it's not
> installable.
If I underst
On Tue, Mar 29, 2011 at 06:58:36PM +0200, Wesley W. Terpstra wrote:
> On Tue, Mar 29, 2011 at 6:42 PM, Kurt Roeckx wrote:
>
> > As long as the Packages file for the buildds mentions this arch
> > all package, no buildd can build it, because it only considers
> > insta
On Tue, Mar 29, 2011 at 07:54:59PM +0200, Wesley W. Terpstra wrote:
> The problem is that the buildds currently also see the newer
> > arch all version. But this version will go away after some
> > time and it will only see the version from unstable.
> >
>
> If I may ask, for what purpose do the
On Wed, Mar 30, 2011 at 06:45:50PM +0200, Wesley W. Terpstra wrote:
> On Tue, Mar 29, 2011 at 8:03 PM, Kurt Roeckx wrote:
>
> > On Tue, Mar 29, 2011 at 07:54:59PM +0200, Wesley W. Terpstra wrote:
> > > If I may ask, for what purpose do the buildds have a special list of
>
On Sat, Apr 02, 2011 at 08:28:41AM +0200, David Paleino wrote:
> Hi Paul,
>
> On Sat, 2 Apr 2011 17:09:02 +1300, Paul Waite wrote:
>
> > Debian wrote:
> > > - - -=-=-=-=-=- Don't Delete Anything Between These Lines
> > > =-=-=-=-=-=-=-=- 0942471d-23ab-4b5e-b5a8-02c2e74cb588
> > > [ x ] Choice 1:
On Sun, Apr 03, 2011 at 02:52:17AM +0200, Jérémy Lal wrote:
> Hi,
>
> openssl 1.0.0-d is in unstable and by default disables
> sslv2 methods, so what's the correct decision to make, regarding
> packages that use ssl as client or server :
>
> 1) patch package to disable code that use sslv2, and ex
On Wed, Apr 20, 2011 at 09:47:25AM +0100, Neil Williams wrote:
> 3) Comments should be used to describe the function of the program so
> that users who are unfamiliar with the program name will be able to
> understand how the program can help them achieve tasks or partake in an
> activity. Comments
On Tue, May 03, 2011 at 07:21:28AM +0200, Lucas Nussbaum wrote:
> (Ccing -devel@, since I have been asked about that by others)
>
> On 03/05/11 at 01:16 +0200, Rene Engelhard wrote:
> > tag 624997 - wheezy
> > thanks
> >
> > On Mon, May 02, 2011 at 02:39:43PM +0200, Lucas Nussbaum wrote:
> > > So
On Sat, May 14, 2011 at 04:55:01PM +0100, Roger Leigh wrote:
> Packages using /etc
> /etc/adjtime
That file should probably not be in /etc in the first place,
but be somewhere under /var/lib. Since FHS 2.2 it even mentions
that this file should be /var/lib/hwclock/adjtime.
Kurt
--
To UNSU
On Thu, Aug 04, 2011 at 12:02:25PM +0200, Olivier Sallou wrote:
> For info, executable is quite large 11MB (static) vs 2M (dynamic).
The 11MB probably contains a whole bunch of libraries instead,
making it larger. I don't see how this is relavant.
> Dynamic build exe is linked against:
> osallou
On Thu, Aug 18, 2011 at 11:56:41PM -0400, compn wrote:
> mplayer2 is a very poor fork name used to confuse users.
So you think Debian should rename the package to confuse people
even more?
Or is there some other reason you mailed this to the Debian list?
I suggest you take it up with the people
On Mon, Aug 29, 2011 at 01:06:15PM +0200, Lucas Nussbaum wrote:
> >
> > Sorry, but I disagree here. I don't think it is reasonable to expect
> > porters to check for build failures in general, especially as many of
> > them just happen because of generic maintainer errors and
> > cross-architectur
On Wed, Aug 31, 2011 at 04:30:56AM +, Felipe Sateler wrote:
>
> I think some clarification needs to be done for these types of errors. I
> sometimes get a (serious) bug reported against one of my packages because:
>
> 1. python errored out with a glibc-detected error
> 2. gcc broke in some w
On Wed, Aug 31, 2011 at 02:52:53PM +0100, Ian Jackson wrote:
> Let me make an alternative proposal:
>
> * The root cause bug in the BTS would be given a special tag
>("arch-blocker:" or something). I will call such a bug which
>is open and has existed in this state for 30 days a "ripe ar
On Tue, Aug 30, 2011 at 11:05:03AM +0200, Bernhard R. Link wrote:
>
> (And try to imagine how hard it would have been to introduce amd64
> if alpha had not elliminated in many years work most of the subtle
> 64 bit bugs found in most software, I doubt porters alone could have
> completed this in t
On Wed, Aug 31, 2011 at 02:42:41PM +0200, Lucas Nussbaum wrote:
> On 31/08/11 at 12:58 +0100, Ben Hutchings wrote:
> > On Wed, 2011-08-31 at 11:57 +0200, Lucas Nussbaum wrote:
> > [...]
> > > But a different thread library that has clear POSIX compliance bugs[*]
> > > is the kind of things that mak
On Thu, Sep 08, 2011 at 07:34:41PM +0200, Andreas Barth wrote:
>
> > - Being able to judge whether the maintainers have done their part in
> > reaching out to porters is a requisite for the above. And to do so, we
> > really need more visibility of those exchanges. According to devref
> > [1
On Sat, Sep 10, 2011 at 05:50:29PM +, brian m. carlson wrote:
> On Sat, Sep 10, 2011 at 01:27:01PM +, Felipe Sateler wrote:
> > On Thu, 08 Sep 2011 19:34:41 +0200, Andreas Barth wrote:
> > > I disagree with "let's first remove things". If a package like ruby
> > > doesn't build on sparc thi
On Fri, Nov 21, 2014 at 12:42:34PM +, Simon McVittie wrote:
> A couple of questions for people who know low-level things:
>
> * Of Debian's architectures (official and otherwise), which ones are
> known/defined/designed to be OK with unaligned accesses from
> user-space, and which ones (ca
On Wed, Apr 15, 2015 at 01:59:16PM +0100, Ian Jackson wrote:
> You can see the `options' file I passed, below. I have not verified
> the Secretary's quorum calculation.
devotee did a quorum calculation, but i will need to recalculate
it since there are DDs that don't have a key in the keyring.
On Thu, Jun 04, 2015 at 06:18:16PM +0200, Wouter Verhelst wrote:
> - There is no trust path from your already-installed distribution to the
> "archive" package (yes, I did sign the gpg keys; no, I don't consider
> that enough).
There are 2 popular methods for this:
- Have an "app store". We w
On Tue, Jul 21, 2015 at 04:50:42PM +, Thorsten Glaser wrote:
> Daniel Pocock pocock.pro> writes:
>
> > I looked at the package ssl-cert to try and understand and there I found
> > that it is using /etc/ssl/certs for server certs while other packages
>
> Do NOT do that.
>
> It's causing trou
On Thu, Jul 30, 2015 at 04:06:51PM +0200, Simon Richter wrote:
> Hi,
>
> On 30.07.2015 05:12, Nikolaus Rath wrote:
>
> > I'm looking at the bug overview page for src:python3-llfuse
> > (https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=python-llfuse). The
> > first thing it lists is the apparentl
Package: wnpp
Severity: wishlist
* Package name: postfix-mta-sts-resolver
Version : 0.2.4
* URL : https://github.com/Snawoot/postfix-mta-sts-resolver
* License : MIT
Programming Lang: python
Description : Daemon which provides TLS client policy for
I think the only sane things are:
- Use a hardware RNG (CPU, TPM, chaos key, ...)
- Credit a seed file stored during the previous boot
- Wait for new entropy from other sources
Note that is can be a combination of all 3.
We currently do not credit the seed file, for various good
reasons. We shoul
On Sun, Mar 03, 2019 at 08:19:44PM +, Ben Hutchings wrote:
> On Sun, 2019-03-03 at 18:59 +0100, Kurt Roeckx wrote:
> [...]
> > Most people will actually have at least 2 hardware RNGs: One in
> > the CPU and one in the TPM. We can make the kernel trust those as
> > entr
On Thu, Feb 25, 2021 at 03:55:17PM -0500, Sergio Durigan Junior wrote:
> As I said in the announcement message, I have proposed a Merge Request
> against elfutils in order to enable the automatic usage of our
> debuginfod server. I know that there are people who are not comfortable
> with having a
On Mon, Dec 30, 2019 at 02:52:54AM +, Paul Wise wrote:
> On Sun, Dec 29, 2019 at 1:29 PM Roberto C. Sánchez wrote:
>
> > Would it not be possible to eliminate the need for the second
> > unnecessary upload by requiring two signed .changes files to go into
> > NEW? A signed binary changes whic
On Mon, Dec 30, 2019 at 01:39:14PM +0100, Mattia Rizzolo wrote:
> On Mon, Dec 30, 2019 at 11:29:52AM +0100, Kurt Roeckx wrote:
> > Note that the name of the .changes file by the maintainer and the
> > buildd will be the same, and dak will reject it if that .changes
> >
Please ignore this e-mail. It never happened.
Kurt
On Wed, Aug 17, 2016 at 10:05:06PM +0200, ni...@thykier.net wrote:
> * If we were to enable -fPIE/-pie by default in GCC-6, should that change
>also apply to this port? [0]
If -fPIE is the default will -fPIC override it?
It will also default to tell the linker to use -pie, but then
don't do
On Tue, Nov 01, 2016 at 11:26:15PM +0100, Cyril Brulebois wrote:
> Hi,
>
> Just random thoughts…
>
> Kurt Roeckx (2016-11-01):
> > I just uploaded OpenSSL 1.1.0 to unstable. There are still many
> > packages that fail to build using OpenSSL 1.1.0. For most packag
On Tue, Nov 01, 2016 at 11:49:52PM +0100, Kurt Roeckx wrote:
> > > If you have any problems feel free to contact us.
> >
> > - are “you” ?
>
> Yes.
or openssl-us...@openssl.org
Kurt
On Wed, Nov 02, 2016 at 02:02:52PM -0300, Lisandro Damián Nicanor Pérez Meyer
wrote:
> On miércoles, 2 de noviembre de 2016 10:00:43 A. M. ART Bernhard Schmidt
> wrote:
> > Kurt Roeckx wrote:
> >
> > Hi,
> >
> > > There might also be packages for which
On Fri, Nov 11, 2016 at 01:23:31PM +0100, Jan Niehusmann wrote:
> Hi,
>
> But who knows which other packages are silently broken the same way?
At least something like that also came up with xmltooling.
It's probably caused by this:
curl_easy_setopt(easy, CURLOPT_SSL_CTX_FUNCTION, &sslCtxFunction_
On Mon, Nov 14, 2016 at 07:10:00PM +, Niels Thykier wrote:
>
> The alternative for ChaCha20 would be to adopt Cloudflare's patches[1],
> but that sort of assumes that you are only interested in openssl 1.1 for
> ChaCha20 (and not the other changes).
I'm not willing to maintain such a patch.
On Fri, Nov 18, 2016 at 02:22:23PM -0500, Zack Weinberg wrote:
> Daniel Pocock wrote:
> > I wanted to try compiling some upstream projects against OpenSSL 1.1.0
> > on jessie, without installing the package though. I tried the following:
> >
> > dget -x
> > http://http.debian.net/debian/pool/main/
On Fri, Nov 18, 2016 at 03:53:20PM +0100, Daniel Pocock wrote:
>
>
> I wanted to try compiling some upstream projects against OpenSSL 1.1.0
> on jessie, without installing the package though.
>
> I tried the following:
>
> dget -x
> http://http.debian.net/debian/pool/main/o/openssl/openssl_1.1.
On Fri, Nov 18, 2016 at 09:15:53PM +0100, Daniel Pocock wrote:
>
>
> On 18/11/16 21:10, Kurt Roeckx wrote:
> > On Fri, Nov 18, 2016 at 03:53:20PM +0100, Daniel Pocock wrote:
> >>
> >>
> >> I wanted to try compiling some upstream projects against OpenSS
On Fri, Nov 18, 2016 at 10:18:32PM +0100, Daniel Pocock wrote:
>
>
> On 18/11/16 22:12, Kurt Roeckx wrote:
> > On Fri, Nov 18, 2016 at 09:15:53PM +0100, Daniel Pocock wrote:
> >>
> >>
> >> On 18/11/16 21:10, Kurt Roeckx wrote:
> >>> On Fri,
On Sat, Nov 19, 2016 at 06:30:06PM +0100, Bernd Zeimetz wrote:
> On 11/17/2016 12:40 AM, Kurt Roeckx wrote:
> > On Mon, Nov 14, 2016 at 07:10:00PM +, Niels Thykier wrote:
> >>
> >> The alternative for ChaCha20 would be to adopt Cloudflare's patches[1],
> &
On Sat, Nov 19, 2016 at 10:32:58PM +0100, Ondrej Novy wrote:
> Hi,
>
> 2016-11-19 21:06 GMT+01:00 Kurt Roeckx :
>
> > Chacha20 would be a new feature. Following the policy that can't
> > be added in a 1.0.2 version, only bugs get fixed in it.
> >
>
> y
On Mon, Nov 21, 2016 at 11:30:13AM -0200, Henrique de Moraes Holschuh wrote:
> On Mon, Nov 21, 2016, at 11:06, Jan Niehusmann wrote:
> > On Mon, Nov 21, 2016 at 11:11:09AM +0100, Tino Mettler wrote:
> > > At the end I noticed that Qt will stay at 1.0 (by glancing into the
> > > changelog of the rel
On Wed, Dec 07, 2016 at 03:53:31PM +, Steve McIntyre wrote:
> AFAIK there are potentially still similar problems with ARMv5 - lack
> of architcture-defined barrier primitives for C++11 atomics to
> work. (I'd love to be corrected on this if people know better!) This
> is one of the key points h
Package: wnpp
Severity: normal
Hi,
I could really use some help with the ntp (network time protocol)
package. There have been various bugs filed, and I didn't have the
time to properly look at them and deal with them.
It's currently team maintained, but I've been the only one doing
anything the
Package: wnpp
I'm orphaning libtool.
It currently has 1 RC bug, and the last NMU at least seems to
cause a regression.
Kurt
On Tue, Feb 28, 2017 at 05:04:08AM +, Ben Hutchings wrote:
> On Mon, 2017-02-27 at 19:30 -0800, Russ Allbery wrote:
> > Ben Hutchings writes:
> > > On Mon, 2017-02-27 at 16:09 -0800, Russ Allbery wrote:
> > > > Daniel Pocock writes:
> > > > > However, at the time when I ran ntpdate, ntp was n
On Mon, Aug 07, 2017 at 09:59:20AM +0200, Leon Klingele wrote:
> Does this also apply for libssl?
This applies to libssl1.1 package and everything making use of it.
Kurt
On Mon, Aug 07, 2017 at 05:22:51PM +0200, Joerg Jaspert wrote:
> I wonder if there is a middle way that ensures that all new stuff does
> go TLS1.2 (or later, whenever), but does allow older stuff still to
> work. Which isnt the case if they are just disabled.
I could change the default settings t
On Mon, Aug 07, 2017 at 05:53:07PM +0200, Michael Meskes wrote:
> > > This will likely break certain things that for whatever reason
> > > still don't support TLS 1.2. I strongly suggest that if it's not
> > > supported that you add support for it, or get the other side to
> > > add support for it.
On Fri, Aug 11, 2017 at 01:34:53PM +0200, Sven Hartge wrote:
> Marco d'Itri wrote:
> > On Aug 09, Sven Hartge wrote:
>
> >> Looking at https://developer.android.com/about/dashboards/index.html
> >> there is still a marketshare of ~25% of smartphones based on Android
> >> 5.0 and 5.1 and 16% base
On Fri, Aug 11, 2017 at 08:41:10AM -0400, Wouter Verhelst wrote:
> On Mon, Aug 07, 2017 at 08:35:52PM +0200, Kurt Roeckx wrote:
> > On Mon, Aug 07, 2017 at 05:22:51PM +0200, Joerg Jaspert wrote:
> > > I wonder if there is a middle way that ensures that all new stuff does
> &g
On Tue, Aug 15, 2017 at 10:49:05PM +0900, Norbert Preining wrote:
> Hi Kurt,
>
> I read your announcement on d-d-a, but due to moving places
> I couldn't answer.
>
> I consider the unconditional deprecation of TLS 1.0 and 1.1
> a very wrong move.
>
> Be strict with what you are sending out, but
On Tue, Aug 15, 2017 at 10:43:08AM -0700, Michael Lustfield wrote:
> I don't think it was answered... Is there an actual reason that this needs
> to be handled urgently? Is TLSv1.0/v1.1 considered broken?
Yes.
Kurt
On Mon, Aug 07, 2017 at 08:35:52PM +0200, Kurt Roeckx wrote:
> On Mon, Aug 07, 2017 at 05:22:51PM +0200, Joerg Jaspert wrote:
> > I wonder if there is a middle way that ensures that all new stuff does
> > go TLS1.2 (or later, whenever), but does allow older stuff still to
> >
On Sun, Aug 20, 2017 at 09:14:47PM +0200, Michael Meskes wrote:
> > I might upload this soon. The intention is still to ship Buster
> > with TLS 1.0 and 1.1 completly disabled.
>
> Disabled by configuration or disabled by not compiling it in?
With "completly disabled" I mean at build time.
> It'
On Mon, Aug 21, 2017 at 09:30:41AM +0200, Vincent Bernat wrote:
> ❦ 15 juillet 2017 23:06 +0100, Chris Lamb :
>
> > Dear Niels,
> >
> >> You need the $group parameter (the 5th parameter to the run sub).
> >
> >
> >
> > Bingo, that works. Will tidy a bunch of things up and push it tomorrow.
> >
is
> "unversioned, incomplete, barely documented, and seems to be
> unmaintained" [3]. Kurt Roeckx proposed a patch to add a compatibility
> shim [4], and a number of other projects have done something similar,
> but the OpenSSH developers have explicitly said that they do no
Package: wnpp
Severity: wishlist
* Package name: ntpsec
Version : 0.9.1
* URL : https://www.ntpsec.org
* License : NTP / BSD 3-Clause / BSD 4-Clause
Description : a secure, hardened, and improved ntp daemon
I don't actually have the time to work on this cu
yashi
groonga (U)
Kevin Smith
swift-im (U)
Khalid Aziz
openhpi (U)
Kilian Krause
asterisk (U)
libexosip2 (U)
libzrtpcpp (U)
ptlib (U)
stunserver (U)
yate (U)
Klas Lindfors
yubico-piv-tool (U)
Krzysztof Burghardt
poco
Krzysztof Krzyzaniak (eloy)
light
On Sat, Jun 11, 2016 at 07:41:25PM +0200, Jérémy Lal wrote:
> 2016-06-11 14:30 GMT+02:00 Kurt Roeckx :
>
> >
> > Hi,
> >
> > The release of OpenSSL 1.1.0 is getting nearer. Some packages
> > will no longer build with the new version without changes. Most
&g
On Sat, Jun 11, 2016 at 08:33:07PM +0300, Antti Jarvinen wrote:
> Kurt Roeckx writes:
> > The release of OpenSSL 1.1.0 is getting nearer.
>
> Thanks for the warning, I'm finding myself listed.. For the
> problematic package I maintain the API changes are already fixed
On Wed, Jun 29, 2016 at 04:15:39AM +0200, Christian Seiler wrote:
> On 06/11/2016 02:30 PM, Kurt Roeckx wrote:
> > There is an upstream wiki page for this at:
> > https://wiki.openssl.org/index.php/1.1_API_Changes
> >
> > If things aren't clear, you have
On Sat, Sep 18, 2010 at 11:40:07AM +0200, Stefano Zacchiroli wrote:
>
> I'm hereby introducing two changes:
>
> a) dropping the name "Debian Contributor"
>(attachment 0001-remove-the-term-Debian-Contributor.patch)
>
> b) fixing punctuation as suggested by Kumar Appaiah [1], thanks!
>(att
301 - 397 of 397 matches
Mail list logo
