Re: Bug#839226: [PATCH] cups : SSL is vulnerable to POODLE

2016-09-30 Thread Moritz Mühlenhoff
Hi Didier, > Have we removed protocols' support in {old,}stable before?. We have done that on a case-by-case basis via point updates in the past, seems also fine here. Cheers, Moritz

Re: Porter roll call for Debian Stretch

2016-09-30 Thread Milan Kupcevic
On 09/20/2016 05:46 PM, John Paul Adrian Glaubitz wrote: > On 09/20/2016 11:16 PM, Niels Thykier wrote: >>- powerpc: No porter (RM blocker) > > I'd be happy to pick up powerpc to keep it for Stretch. I'm already > maintaining powerpcspe which is very similar to powerpc. > Thank you Adrian

Re: Porter roll call for Debian Stretch

2016-09-30 Thread Mathieu Malaterre
Adrian, On Fri, Sep 30, 2016 at 10:34 PM, John Paul Adrian Glaubitz wrote: [...] > On the other hand, some packages dropped support for PowerPC32 like Mono > but this isn't a concern for most users, I would say. [...] Thanks very much for stepping up as porter, you

Re: Porter roll call for Debian Stretch

2016-09-30 Thread John Paul Adrian Glaubitz
On 09/30/2016 09:04 PM, Niels Thykier wrote: > As for "porter qualification" > = > > We got burned during the Jessie release, where a person answered the > roll call for sparc and we kept sparc as a release architecture for > Jessie. However, we ended up with a

Re: Porter roll call for Debian Stretch

2016-09-30 Thread Niels Thykier
Niels Thykier: > [...] > > As for "porter qualification" > = > > We got burned during the Jessie release, where a person answered the > roll call for sparc and we kept sparc as a release architecture for > Jessie. However, we ended up with a completely broken and

Re: Porter roll call for Debian Stretch

2016-09-30 Thread Adam D. Barratt
On Fri, 2016-09-30 at 19:04 +, Niels Thykier wrote: > As for "porter qualification" > = > > We got burned during the Jessie release, where a person answered the > roll call for sparc and we kept sparc as a release architecture for > Jessie. However, we ended up

Re: Porter roll call for Debian Stretch

2016-09-30 Thread Niels Thykier
John Paul Adrian Glaubitz: > On 09/30/2016 06:08 PM, Niels Thykier wrote: >> I strongly /suspect/ that "no porters" for powerpc will imply the >> removal of powerpc for Stretch. It may or may not be moved to ports >> (assuming someone is willing to support it there). > > So, I take this as a

Re: Enabling PIE by default for Stretch

2016-09-30 Thread Matthias Klose
[CCing porters, please also leave feedback in #835148 for non-release architectures] On 29.09.2016 21:39, Niels Thykier wrote: > Hi, > > As brought up on the meeting last night, I think we should try to go for > PIE by default in Stretch on all release architectures! > * It is a substantial

Re: Porter roll call for Debian Stretch

2016-09-30 Thread John Paul Adrian Glaubitz
On 09/30/2016 06:08 PM, Niels Thykier wrote: > I strongly /suspect/ that "no porters" for powerpc will imply the > removal of powerpc for Stretch. It may or may not be moved to ports > (assuming someone is willing to support it there). So, I take this as a "no" for the offer from me and

Re: Enabling PIE by default for Stretch

2016-09-30 Thread Bálint Réczey
Hi Florian, 2016-09-30 13:22 GMT+02:00 Florian Weimer : > * Niels Thykier: > >> As brought up on the meeting last night, I think we should try to go for >> PIE by default in Stretch on all release architectures! >> * It is a substantial hardening feature >> * Upstream has

Re: Enabling PIE by default for Stretch

2016-09-30 Thread Florian Weimer
* Niels Thykier: > Florian Weimer: >> * Niels Thykier: >> >>> [...] >> >> Do you think that PIE-by-default makes BIND_NOW-by-default >> unnecessary? >> >> (The argument is that with PIE, it is much more difficult to get a >> controlled GOT write.) >> > > Is this an implicit "Why did you not

Re: Porter roll call for Debian Stretch

2016-09-30 Thread Niels Thykier
Mathieu Malaterre: > Hi all, > > [...] > > [Let's assume that we can't find a powerpc porter in time for Stretch.] > > 1. Will `powperpc` automatically be downgraded to simple port ? Or is > this also not automated and the port may simply be removed (eg. sparc) > ? > 2. Apart from loosing the

Re: Enabling PIE by default for Stretch

2016-09-30 Thread Niels Thykier
Florian Weimer: > * Niels Thykier: > >> [...] > > Do you think that PIE-by-default makes BIND_NOW-by-default > unnecessary? > > (The argument is that with PIE, it is much more difficult to get a > controlled GOT write.) > Is this an implicit "Why did you not include BIND_NOW-by-default in

Bug#839242: jessie-pu: package linkchecker/9.3-1

2016-09-30 Thread Antoine Beaupré
Package: release.debian.org Severity: normal Tags: jessie patch User: release.debian@packages.debian.org Usertags: pu linkchecker, a package to check links in a webpage, suffers from a serious bug (#839241) which makes it impossible to check any HTTPS webpage or any page that contains a HTTPS

Bug#839243: transition: bullet

2016-09-30 Thread Markus Koschany
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hello, I would like to request a transition slot for the new upstream release of Bullet 2.83.7. The new binary packages are currently awaiting approval in the NEW queue. The

Re: Bug#839226: [PATCH] cups : SSL is vulnerable to POODLE

2016-09-30 Thread Didier 'OdyX' Raboud
Version: 2.0.2-1 Hi Frederic, hi Stable & LTS teams, Frederic's suggestion is to patch CUPS to disable SSLv3 and RC4 algorithms to protect CUPS from the POODLE vulnerability. Have we removed protocols' support in {old,}stable before? Ubuntu applied this patch in Ubuntu Trusty, and RedHat did

Bug#836996: transition: evolution-data-server 3.21.x

2016-09-30 Thread Michael Biebl
Am 29.09.2016 um 23:40 schrieb Emilio Pozuelo Monfort: > On 08/09/16 00:03, Michael Biebl wrote: >> Please let us know when we can start with the transition. > > Let's do this! > Woohoo, thanks a lot. I've uploaded evolution-data-server, evolution and evolution-ews in the mean time.

Re: Porter roll call for Debian Stretch

2016-09-30 Thread Christian Zigotzky
You have a porter for PowerPC. See email from Adrian. ;-) -- Christian Sent from my iPhone > On 30 Sep 2016, at 10:03, Mathieu Malaterre wrote: > > Hi all, > >> On Fri, Sep 23, 2016 at 3:54 PM, Matthias Klose wrote: >>> On 20.09.2016 23:46, John Paul

Re: Enabling PIE by default for Stretch

2016-09-30 Thread Florian Weimer
* Niels Thykier: > As brought up on the meeting last night, I think we should try to go for > PIE by default in Stretch on all release architectures! > * It is a substantial hardening feature > * Upstream has vastly reduced the performance penalty for x86 > * The majority of all porters

Re: Porter roll call for Debian Stretch

2016-09-30 Thread Mathieu Malaterre
Hi all, On Fri, Sep 23, 2016 at 3:54 PM, Matthias Klose wrote: > On 20.09.2016 23:46, John Paul Adrian Glaubitz wrote: >> On 09/20/2016 11:16 PM, Niels Thykier wrote: >>>- powerpc: No porter (RM blocker) >> >> I'd be happy to pick up powerpc to keep it for Stretch. I'm

Bug#839032: nmu: several Octave add-on packages

2016-09-30 Thread Rafael Laboissière
* Emilio Pozuelo Monfort [2016-09-29 18:59]: On 27/09/16 23:35, Rafael Laboissière wrote: Due to the change of GNU triplet on *-i386, several Octave-related packages need to be rebuilt on i386. The reason is that the location of arch-specific files in Octave add-ons