Re: Fixing Linux getrandom() in stable

On Sun, 2018-05-13 at 23:48 +0300, Adrian Bunk wrote: > On Wed, May 09, 2018 at 11:46:00PM +0100, Ben Hutchings wrote: [...] > > # Options for a new fix > > > > It is unlikely that any further fix will be forthcoming on the kernel > > side, so I believe that we need to do one of: > > > > 1. Add

Re: Fixing Linux getrandom() in stable

(Quoting somewhat out of order) On Sun, May 13, 2018 at 09:23:39PM +, Thorsten Glaser wrote: > > It’s also no solution for the arc4random API… seems like a cultural > clash (BSD expectations vs. what Linux can actually deliver). It's instructive to look how OpenBSD solves this problem.

Re: Fixing Linux getrandom() in stable

Theodore Y. Ts'o dixit: >that problems helps most of our users, and we shouldn't let the >perfect be the enemy of the good. Agreed. Start small, then enhance one bootloader at a time. Or boot protocol, I assume. >Also note that the bootloader has depend on userspace to refresh the >seed

Re: Fixing Linux getrandom() in stable

Adrian Bunk dixit: >As an example, what happens if I debootstrap and deploy the resulting >filesytem to a large number of identical embedded systems without >entropy sources? Just get into a habit of not doing so, for example by modifying the image during each writing process. Having the

NEW changes in oldstable-new

Processing changes file: adminer_3.3.3-1+deb8u1_amd64.changes ACCEPT Processing changes file: firefox-esr_52.8.0esr-1~deb8u1_amd64.changes ACCEPT Processing changes file: firefox-esr_52.8.0esr-1~deb8u1_arm64.changes ACCEPT Processing changes file: firefox-esr_52.8.0esr-1~deb8u1_armel.changes

NEW changes in stable-new

Processing changes file: firefox-esr_52.8.0esr-1~deb9u1_amd64.changes ACCEPT Processing changes file: firefox-esr_52.8.0esr-1~deb9u1_arm64.changes ACCEPT Processing changes file: firefox-esr_52.8.0esr-1~deb9u1_armel.changes ACCEPT Processing changes file:

Bug#894159: transition: icu

On Thu, May 3, 2018 at 8:36 AM Emilio Pozuelo Monfort wrote: > Control: tags -1 confirmed > On 01/05/18 19:29, László Böszörményi (GCS) wrote: > > OK, the fresh transition testing is the following. > Alright, let's do this. I was off the grid on the weekend, but a quick

Re: Fixing Linux getrandom() in stable

On Wed, May 09, 2018 at 11:46:00PM +0100, Ben Hutchings wrote: >... > # Security flaw and initial fix > > Recently it was discovered that getrandom() could return successfully > before the RNG was really ready to produce unpredictable data. This > issue was designated as CVE-2018-1108, and was

Bug#893804: jessie-pu: package adminer/3.3.3-1+deb8u1

Control: tags -1 + pending On Mon, 2018-05-07 at 17:08 +0100, Chris Lamb wrote: > Hi Adam, > > > Please go ahead; sorry for the delay. > > adminer_3.3.3-1+deb8u1_amd64.changes uploaded. > and flagged for acceptance. Regards, Adam

Processed: Re: Bug#893804: jessie-pu: package adminer/3.3.3-1+deb8u1

Processing control commands: > tags -1 + pending Bug #893804 [release.debian.org] jessie-pu: package adminer/3.3.3-1+deb8u1 Added tag(s) pending. -- 893804: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893804 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems

Bug#894713: stretch-pu: apache2/2.4.25-3+deb9u5

Hi, On Tuesday, 3 April 2018 14:07:33 CEST Stefan Fritsch wrote: > I would like to do an upgrade of apache2 in stretch that upgrades the > complete mod_http2 and mod_proxy_http2 modules from the versions from > 2.4.25 to the versions from 2.4.33. > > The reason is that the fix for CVE-2018-1302

Re: Fixing Linux getrandom() in stable

On Sun, 2018-05-13 at 11:27 +0200, Yves-Alexis Perez wrote: > On Wed, 2018-05-09 at 23:46 +0100, Ben Hutchings wrote: > > It is unlikely that any further fix will be forthcoming on the kernel > > side, so I believe that we need to do one of: > > > > 1. Add entropy to the kernel during boot;

Processed: block 894159 with 888908

Processing commands for cont...@bugs.debian.org: > block 894159 with 888908 Bug #894159 [release.debian.org] transition: icu 894159 was blocked by: 898369 898465 894159 was not blocking any bugs. Added blocking bug(s) of 894159: 888908 > thanks Stopping processing here. Please contact me if you

Processed: transition: gdal

Processing control commands: > block -1 by 896577 Bug #898566 [release.debian.org] transition: gdal 898566 was not blocked by any bugs. 898566 was not blocking any bugs. Added blocking bug(s) of 898566: 896577 -- 898566: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898566 Debian Bug

Bug#898566: transition: gdal

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Control: block -1 by 896577 For the Debian GIS team I'd like to transition to GDAL 2.3.0. Like the previous transition to GDAL 2.2.3 (#884504), there is no SONAME bump, only the virtual

Bug#894159: Bug#898542: qt4-x11: FTBFS with libicu60

El dom., 13 de may. de 2018 10:51, John Paul Adrian Glaubitz < glaub...@physik.fu-berlin.de> escribió: > Control: tags 898542 +patch > > On 05/13/2018 03:35 PM, John Paul Adrian Glaubitz wrote: > > openSUSE seems to have a patch [1] we can use that is also already used > > in Fedora. I'll test

Processed: ICU transition: ICU version is part of the boost ABI

Processing control commands: > reassign 898465 src:icu 60.1-1 Bug #898465 [src:icu] ICU must not migrate to testing before the boost ABI breakage is resolved Ignoring request to reassign bug #898465 to the same package Bug #898465 [src:icu] ICU must not migrate to testing before the boost ABI

Bug#894159: ICU transition: ICU version is part of the boost ABI

Control: reassign 898465 src:icu 60.1-1 Control: retitle 898369 boost: ICU version used is part of the ABI Control: retitle 898465 ICU must not migrate to testing before the boost ABI breakage is resolved Control: affects 898369 libmapnik3.0 viking Control: block 898465 by 898369 Control: block

Processed: ICU transition: ICU version is part of the boost ABI

Processing control commands: > reassign 898465 src:icu 60.1-1 Bug #898465 [src:icu] ICU must not migrate to testing before the boost ABI breakage is resolved Ignoring request to reassign bug #898465 to the same package Bug #898465 [src:icu] ICU must not migrate to testing before the boost ABI

Processed: ICU transition: ICU version is part of the boost ABI

Processing control commands: > reassign 898465 src:icu 60.1-1 Bug #898465 [viking] symbol lookup error: /usr/lib/libmapnik.so.3.0: undefined symbol Bug reassigned from package 'viking' to 'src:icu'. No longer marked as found in versions viking/1.6.2-3. Ignoring request to alter fixed versions of

Bug#894159: Bug#898542: qt4-x11: FTBFS with libicu60

Control: tags 898542 +patch On 05/13/2018 03:35 PM, John Paul Adrian Glaubitz wrote: openSUSE seems to have a patch [1] we can use that is also already used in Fedora. I'll test it. Attaching openSUSE's patch which fixes the problem for me. Adrian -- .''`. John Paul Adrian Glaubitz : :' :

Bug#894159: Bug#898542: qt4-x11: FTBFS with libicu60

On 05/13/2018 03:08 PM, Lisandro Damián Nicanor Pérez Meyer wrote: > I have not checked if other distros ship a patch for this (or maybe > they switched to the embedded copy, if applicable). I will at some > point but I can't promise being fast here. openSUSE seems to have a patch [1] we can use

Bug#894159: Bug#898542: qt4-x11: FTBFS with libicu60

Hi John! This seems to be related to the icu transition, so CCing the bug. On 13 May 2018 at 07:02, John Paul Adrian Glaubitz wrote: > Source: qt4-x11 > Version: 4:4.8.7+dfsg-16 > Severity: serious > Justification: fails to build from source > > Hi! > > qt4-x11

Re: Fixing Linux getrandom() in stable

On Wed, 2018-05-09 at 23:46 +0100, Ben Hutchings wrote: > It is unlikely that any further fix will be forthcoming on the kernel > side, so I believe that we need to do one of: > > 1. Add entropy to the kernel during boot; either: >a. Improve systemd-random-seed >b. Recommend use of

Bug#898500: marked as done (nmu: bash_4.4.18-2)

Your message dated Sun, 13 May 2018 10:35:19 +0200 with message-id <387f6192-0f2e-2971-9269-defbbcb47...@debian.org> and subject line Re: Bug#898500: nmu: bash_4.4.18-2 has caused the Debian Bug report #898500, regarding nmu: bash_4.4.18-2 to be marked as done. This means that you claim that the