On Mon, Jan 02, 2012 at 04:42:53PM +, Adam D. Barratt wrote:
Thanks for this. Looking at the changelog for 1.8.3-1, I'm guessing
that this is the same issue that's resolved in that upload,
Actually no. The security tracker (and bug report) thinks 1.8.2-2 is
vulnerable, while it isn't, as I
Processing commands for cont...@bugs.debian.org:
# Failed to set blocking bugs of 654237: failed to get lock on
/org/bugs.debian.org/spool/lock/654237 -- Unable to lock
/org/bugs.debian.org/spool/lock/654237 Resource temporarily unavailable.
unblock 654237 by 614474 554340 614458 631029
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I'd like to update libmtp 1.0.3 in Squeeze to add support for
Motorola Xoom devices, please see bug#650152.
The patch made by Jonathan Nieder is minimalistic and non-invasive,
you find it
Dear release team,
Are these bugs really blocking the upload of libav 0.8? Note that the
packages do not need to be rebuilt, they should work just fine with the
new libraries.
Please clarify.
Cheers,
Reinhard
On Di, Jan 03, 2012 at 08:22:04 (CET), Debian Bug Tracking System wrote:
Hi,
I'm working through the list of build failures for armhf while we
bring up the new architecture, and I've just got to drift. I'm
concerned about the status of this package:
* the last maintainer upload into Debian was nearly 4 years ago
* there is an RC bug open against it for months
unblock 654237 by 654230 641508 651625 652763 652061
quit
Hi Reinhard,
Reinhard Tartler wrote:
Are these bugs really blocking the upload of libav 0.8?
I am not the release team, but probably no. Once there are only a few
left, the release team might signal that it is a convenient enough
time
Processing commands for cont...@bugs.debian.org:
unblock 654237 by 654230 641508 651625 652763 652061
Bug #654237 [release.debian.org] transition: libav 0.8
Was blocked by: 654215 654183 654230 654220 641508 654219 654213 654233 654223
654212 651625 654232 652763 654229 653887 654221 654224
On Fri, Dec 23, 2011 at 04:47:04PM +, Steve McIntyre wrote:
Hi,
I'm working through the list of build failures for armhf while we
bring up the new architecture, and I've just got to sra-sdk. I'm
concerned about the status of this package:
* the only maintainer upload into Debian was many
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: pu
Hi!
I'd like to fix CVE-2011-0766 (see
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628456 for details) in a
point update. The debdiff for a new version is attached.
-- System Information:
On Mon, 2012-01-02 at 16:07 -0700, John Wright wrote:
On Mon, Jan 02, 2012 at 06:41:30PM +, Adam D. Barratt wrote:
Looking at the debdiff of the uploaded package, I noticed that it
contains a copy of the patch itself (including the changelog entry),
together with the applied changes.
* Sam Hartman:
Florian Weimer noticed that the krb5 changelog in squeeze was missing a
CVE that was fixed in the patch applied.
He proposes to make a new upload that corrects the changelog so that
people who track security issues from the changelog will find the fix:
Sorry, there seems to be
Hi.
Florian Weimer noticed that the krb5 changelog in squeeze was missing a
CVE that was fixed in the patch applied.
He proposes to make a new upload that corrects the changelog so that
people who track security issues from the changelog will find the fix:
I have updated the changelog to this:
Any feedback on this?
On 31/12/11 14:30, Nicholas Bamber wrote:
As per the attached email, I wonder if you would be interested in point
releases for the old versions of maradns to fix #653838 and what the
relevant timescales would be.
There is also the question of unarchiving and fixing
* Sam Hartman:
Florian == Florian Weimer f...@deneb.enyo.de writes:
Florian * Sam Hartman:
Florian Weimer noticed that the krb5 changelog in squeeze was
missing a CVE that was fixed in the patch applied. He proposes
to make a new upload that corrects the changelog so
Florian == Florian Weimer f...@deneb.enyo.de writes:
Florian * Sam Hartman:
Florian Weimer noticed that the krb5 changelog in squeeze was
missing a CVE that was fixed in the patch applied. He proposes
to make a new upload that corrects the changelog so that people
who
On Tue, Jan 3, 2012 at 19:33:31 +, Nicholas Bamber wrote:
Any feedback on this?
You'll get mail when there's feedback, no need to be impatient.
Cheers,
Julien
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On Tue, 03 Jan 2012 20:54:12 +0100, Moritz Muehlenhoff wrote:
On Tue, 19 Apr 2011 19:48:35 +0200, Salvatore Bonaccorso wrote:
As this about SQL injection weaknesses, should the severity be raised
to grave, as security bug?
Hm, probably yes.
Upstream Changes has more infos:
* Adam D. Barratt:
On Tue, 2012-01-03 at 20:09 +0100, Florian Weimer wrote:
* Sam Hartman:
Florian Weimer noticed that the krb5 changelog in squeeze was missing a
CVE that was fixed in the patch applied.
He proposes to make a new upload that corrects the changelog so that
people who
On Tue, 03 Jan 2012 21:14:23 +0100, gregor herrmann wrote:
Looking at the diff again (attached for reference), it's quite long
and also includes documentation fixes.
2nd attempt
gr
--
.''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key ID: 0x8649AA06
: :' : Debian GNU/Linux user,
On Tue, 03 Jan 2012 21:14:23 +0100, gregor herrmann wrote:
Looking at the diff again (attached for reference), it's quite long
and also includes documentation fixes.
I guess we have to look a bit to trim it down to the relevant parts.
Quick attempt (I looked at the diff in upstream 0.67 -
Florian == Florian Weimer f...@deneb.enyo.de writes:
Florian * Adam D. Barratt:
On Tue, 2012-01-03 at 20:09 +0100, Florian Weimer wrote:
* Sam Hartman:
Florian Weimer noticed that the krb5 changelog in squeeze was
missing a CVE that was fixed in the patch applied.
On Tue, 2012-01-03 at 21:20 +0100, Florian Weimer wrote:
* Adam D. Barratt:
On Tue, 2012-01-03 at 20:09 +0100, Florian Weimer wrote:
Sorry, there seems to be a slight misunderstanding. The changelog was
indeed incorrect, but even that upload never made it to the archive.
[...]
We
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Hi dear release team,
as mentionned previously on IRC, the new 0.73-1 jimtcl creates a
mini-transition. It's only build reverse dependency, win32-loader only needs a
binNMU. Please
On Tue, 03 Jan 2012 21:35:07 +0100, gregor herrmann wrote:
Looking at the diff again (attached for reference), it's quite long
and also includes documentation fixes.
I guess we have to look a bit to trim it down to the relevant parts.
Quick attempt (I looked at the diff in upstream 0.67 -
armhf has now pretty much cleared the needs-build queue (the only things
left are non-free stuff and recently added stuff) and has built arround
89% of the archive (placing it between kfreebsd and ia64) with about
99.5% up to date (placing it between amd64 and i386). Would now be a
good time
Le Tue, Jan 03, 2012 at 05:09:18PM +, Steve McIntyre a écrit :
Please re-consider if this package should be in the archive or not.
Ping?
Dear Steve and everybody,
sorry, I have replied to the list only, probably due to my abuse of Alsacian
wine in the previous weeks.
My answer is
On Tue, 2012-01-03 at 22:00 +, peter green wrote:
armhf has now pretty much cleared the needs-build queue (the only things
left are non-free stuff and recently added stuff) and has built arround
89% of the archive (placing it between kfreebsd and ia64) with about
99.5% up to date
On Tue, Jan 3, 2012 at 10:54 PM, Adam D. Barratt
a...@adam-barratt.org.uk wrote:
(fwiw, the not-yet-built list includes webkit and ruby1.9.1, each of
which have a number of other packages directly or indirectly stuck
behind them).
ahh... webkit. do you have a system anywhere that has 2gb of
On Tue, Jan 3, 2012 at 11:04 PM, Luke Kenneth Casson Leighton
l...@lkcl.net wrote:
anything outside of that - even by a marginal amount - will result in
the build machine absolutely thrashing its nuts off.
[for anything in excess of 24 hours].
--
To UNSUBSCRIBE, email to
Luke Kenneth Casson Leighton wrote:
On Tue, Jan 3, 2012 at 10:54 PM, Adam D. Barratt
a...@adam-barratt.org.uk wrote:
(fwiw, the not-yet-built list includes webkit and ruby1.9.1, each of
which have a number of other packages directly or indirectly stuck
behind them).
ahh... webkit.
* Adam D. Barratt:
Apologies if I'm missing something, but if the packages are already in
the queue on security-master, wouldn't it be simpler (and possibly more
logical) to release them from there? Hmmm, looking at the tracker,
maybe because they're just DoS issues?
Yes, and we'd have to
31 matches
Mail list logo