On Sun, Feb 17, 2013 at 8:50 AM, Philipp Kern wrote:
> On Sat, Feb 16, 2013 at 04:20:45PM -0500, Michael Gilbert wrote:
>> On Sat, Feb 16, 2013 at 4:18 PM, Michael Gilbert wrote:
>> >> I've attached an updated proposed patch, which also fixes #698582 (and
>> >&g
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal
Please remove djmount (it has no reverse dependencies). It embeds
libupnp, which has an incredibly large number of security issues,
which aren't being fixed in a timely manner in this package (b
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal
Please remove xgks (and consequently its reverse-dependency
ferret-vis). It has multiple license problems that aren't being
addressed in a timely manner (bug #699066).
Thanks,
Mike
--
To UNS
On Sat, Feb 16, 2013 at 4:18 PM, Michael Gilbert wrote:
>> I've attached an updated proposed patch, which also fixes #698582 (and
>> consequentially #700363).
>
> File attached.
Really attached this time ...
isc-dhcp.patch
Description: Binary data
On Sat, Feb 16, 2013 at 4:02 PM, Michael Gilbert wrote:
> On Sat, Jan 19, 2013 at 7:46 AM, Philipp Kern wrote:
>> So "-1" will fire up dhclient, try to get a lease for a preset amount of
>> time (i.e. querying multiple times) and then fork for continuously
>>
On Sat, Jan 19, 2013 at 7:46 AM, Philipp Kern wrote:
> So "-1" will fire up dhclient, try to get a lease for a preset amount of
> time (i.e. querying multiple times) and then fork for continuously
> renewing the lease or exit with failure code 2?
Actually, the preset amount of time (if you want t
On Tue, Dec 25, 2012 at 4:01 PM, Julien Cristau wrote:
> On Tue, Dec 25, 2012 at 10:11:22 -0500, Michael Gilbert wrote:
>
>> Package: release.debian.org
>> User: release.debian@packages.debian.org
>> Usertags: tpu
>> Severity: normal
>>
>> I pl
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: tpu
Severity: normal
I plan to upload a tpu for isc-dhcp fixing two important issues. One
fixes an unclean error situation, and the other sets up the default
dhclient configuration to work in ipv6-only configuratio
package: release.debian.org
severity: normal
Please consider tagging #599523 wheezy-ignore. Update-manager has
been unmaintained for a long time now, and the way to fix that is to
remove it in favor of something like packagekit, which looks like the
preferred future plan, but that won't happen ti
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: binnmu
Severity: normal
nmu tsung_1.4.2-1 . ALL . -m "Rebuild with newer erlang (see: #695284)"
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contac
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: tpu
Severity: normal
I plan to upload a tpu for oss4 fixing two release critical issues.
Please review the proposed patch attached.
Thanks,
Mike
oss4.patch
Description: Binary data
> The package in wheezy contains incorrect (outdated) information w.r.t.
> to support for legacy hardware (as it was written before AMD released
> the beta driver) and is therefore misleading the users on upgrades.
>
> There are also some (partial) upgrade issues with the 32-bit stuff on amd64
Cou
On Sat, Dec 1, 2012 at 3:46 PM, Tobias Hansen wrote:
> Can this bug be tagged wheezy-ignore? From the bug report:
Please submit a release.debian.org bug report to better track this request.
Thanks,
Mike
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "uns
On Sun, Dec 2, 2012 at 7:42 AM, Anton Gladky wrote:
> Dear release-team,
>
> please, consider a granting a wheezy-ignore tag for bugs
> #617613 (freecad) and #618968 (netgen).
>
> Both bugs are license issues, which are, seems to be "fixed",
> but not in Wheezy. It is impossible to make a new uploa
On Sat, Nov 3, 2012 at 3:34 AM, Michael Gilbert wrote:
> On Sat, Nov 3, 2012 at 3:18 AM, Niels Thykier wrote:
>> Could you please file an RC bug against ruby-pgplot about the build
>> failure first?
>
> #692190
The binary package removals fixed this.
Best wishes,
Mike
--
>> I've prepared a new version of gcc-mingw-w64, fixing the RC bug
>> #690148 (/usr/share/doc/gcc-mingw32 used to be a directory but is now
>> a symlink). While I'm at it I'd also like to add symlinks to the
>> gcc-mingw32 package to fully replace the version in Squeeze, which
>> would also fix #68
On Fri, Nov 23, 2012 at 6:14 PM, Christoph Egger wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
>
> Please unblock package kfreebsd-8
>
> This is a security update.
>
> unblock kfreebsd-8/8.3-6
You don't need to send unb
On Mon, Nov 19, 2012 at 3:06 PM, Julien Cristau wrote:
> On Sat, Nov 17, 2012 at 22:58:48 -0500, Michael Gilbert wrote:
>
>> On Sat, Nov 17, 2012 at 7:03 PM, Norbert Preining wrote:
>> > May I remind you Michael about the proper NMU procedure??? It seems that
>> &
On Sat, Nov 17, 2012 at 7:03 PM, Norbert Preining wrote:
> May I remind you Michael about the proper NMU procedure??? It seems that your
> D-D courses have been become a bit forgotten.
You're a DD. You have the power to cancel stuff in the deferred
queue. That's why it's deferred: to give you a
On Mon, Nov 12, 2012 at 8:09 PM, Norbert Preining wrote:
> On Mo, 12 Nov 2012, Michael Gilbert wrote:
>> The 5 most recent uploads have been nmus and the last maintainer
>> upload was in 2008, which is likely why you haven't heard from the
>> maintainer. The package s
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal
Please consider removing simgear/2.4.0-1.3 from testing. It has 2 rc
bugs, #667526 and #669024. Also, a new upstream 2.6.0 was uploaded to
unstable after the freeze and has its own rc bug #6900
On Sat, Nov 3, 2012 at 3:18 AM, Niels Thykier wrote:
> Could you please file an RC bug against ruby-pgplot about the build
> failure first?
#692190
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal
Please remove ruby-pgplot. It has all kind of unfixed build issues
and multiple failed attempts at uploads to get the package in a
working state after rc fix for #675390:
https://buildd.debian.o
From: "Adam D. Barratt"
> That bug is less than 24 hours old at this point. On the other hand, the
> package was orphaned 48 hours before that and hasn't been touched in
> nearly two years. :-(
I considered it from the perspective of how long it would likely take
to figure out the real licensing
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal
Please remove sea-defender. I includes a few non-free files
(#692078). It is a leaf package and has not been included in a stable
release yet.
Best wishes,
Mike
--
To UNSUBSCRIBE, email to
On Mon, Oct 29, 2012 at 12:32 AM, Thiago Bellini Ribeiro wrote:
> There's a very important problem on alsa/pulseaudio on multi-arch.
> I did a little search, and it appears that this package (more
> especificaly, libopenjpeg2) is the last dependency missing in
> multi-arch for us to be able to inst
On Tue, Oct 30, 2012 at 5:30 AM, Sebastian Wiesinger wrote:
> * Ondřej Surý [2012-10-30 10:13]:
>> I can do a manual code review for debian-release team if they are interested.
>>
>> I concur with LaMont that we need latest 9.8.x branch to keep the
>> sanity of the maintainer.
>
> That is no probl
On Sun, Oct 28, 2012 at 3:01 PM, Scott Kitterman wrote:
> Please unblock package dkimpy
>
> This upload fixes two grave upstream issues (one of which has
> securtyy implicaitions).
>
> unblock dkimpy/0.5.2-1
I think you mean 0.5.3-1?
Best wishes,
Mike
--
To UNSUBSCRIBE, email to debian-release
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal
It has a lot of prebuilt java and javascript files including
yuicompressor and itself in many places:
http://bugs.debian.org/691493
It also includes a source file with a non-free license (althou
control: retitle -1 unblock: openjpeg/1.3+dfsg-4.6
On Sun, Oct 14, 2012 at 5:38 AM, Julien Cristau wrote:
> On Sat, Oct 13, 2012 at 17:59:37 -0400, Michael Gilbert wrote:
>> Please review the attached patch, and let me know if it is ok to
>> upload to unstable. The security issu
Hi,
Jakub Wilk has been filing a lot of RC bugs on packages with
incomplete copyright files. Some examples:
http://bugs.debian.org/690394
http://bugs.debian.org/690371
http://bugs.debian.org/690370
Now, these are mostly easy fixes and of course in the end completeness
is useful, but with so many
> Needing to debug the tools is both a lot more unlikely than debugging
> the library or something that uses it, and easy enough to build a debug
> version of the tool (which you need to do anyway to debug). So I don't
> think this is a problem.
Please review the attached patch, and let me know i
On Fri, Oct 12, 2012 at 4:05 AM, Julien Cristau wrote:
> On Thu, Oct 11, 2012 at 20:34:08 -0400, Michael Gilbert wrote:
>
>> So, the -dbg issue has to do with way in which debug files are
>> compared betwen different arch m-a:same packages. At compat level 9
>> hashes
On Wed, Sep 26, 2012 at 2:50 PM, Julien Cristau wrote:
> On Wed, Sep 19, 2012 at 01:27:15 -0400, Michael Gilbert wrote:
>
>> On Thu, Aug 16, 2012 at 5:18 AM, Jon Severinsson wrote:
>> > Release note that this bug blocks sound from working in wine and other i386
>> > a
On Sat, Sep 22, 2012 at 2:31 PM, Jonathan Nieder wrote:
> Hi Michael,
>
> Michael Gilbert wrote:
>
>> Bug #612918 involves a violation of the FHS (using a file in /etc as a
>> state file), thus violating debian policy. Apparently there was going
>> to be some involve
package: release.debian.org
severity: normal
Bug #612918 involves a violation of the FHS (using a file in /etc as a
state file), thus violating debian policy. Apparently there was going
to be some involved upstream work to correct the problem, but after
over a year, that appears not to have happe
On Thu, Aug 16, 2012 at 5:18 AM, Jon Severinsson wrote:
> Release note that this bug blocks sound from working in wine and other i386
> applications on amd64 in wheezy for many configurations (including mine).
>
> That is because libopenjpeg2 is required by libavcodec53 which is required by
> libas
On Fri, Sep 14, 2012 at 7:46 PM, Raphael Geissert wrote:
> Hi,
>
> I'm rejecting your isc-dhcp upload to the security archive for the following
> reasons:
>
> * Uploads must be coordinated and ACKed by the security team. Unless I'm
> missing something, it didn't happen this way.
> * Incorrect versi
On Sun, Aug 19, 2012 at 12:23 PM, Cyril Brulebois wrote:
>> Anyway, it was close.
>
> “close” isn't exactly “well before” as you previously claimed.
Wording mistake. Sorry.
> I don't see any reasons why the version currently sitting in testing
> would not be the version in wheezy. Which should a
On Sun, Aug 19, 2012 at 6:25 AM, Cyril Brulebois wrote:
> Michael Gilbert (18/08/2012):
>> Andrew hasn't yet made it clear which version he's been planning to
>> support in wheezy [0], but he did upload this one well before the
>> freeze.
>
> Nice try:
> [
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package isc-dhcp
Andrew hasn't yet made it clear which version he's been planning to
support in wheezy [0], but he did upload this one well before the
freeze. Unfortunately
On Tue, Jul 17, 2012 at 10:52 AM, Julien Cristau wrote:
> On Tue, Jul 17, 2012 at 10:22:01 -0400, Michael Gilbert wrote:
>
>> I'm trying to be as reactive as I can about breakages I cause
>> (although I admit that 've been too trigger-happy with openjpeg and
>>
On Tue, Jul 17, 2012 at 6:01 AM, Cyril Brulebois wrote:
> As I already said elsewhere, bumping debhelper and enabling multiarch is
> what I consider invasive changes, with possible breakages in the reverse
> dependencies, which one might only notice long after they are
> introduced. Even for the sa
On Mon, Jul 16, 2012 at 3:17 PM, Michael Gilbert wrote:
> On Mon, Jul 16, 2012 at 3:09 PM, Philipp Kern wrote:
>> On Sun, Jul 15, 2012 at 07:05:35PM -0400, Michael Gilbert wrote:
>>> We are still in the early freeze where riskier changes are allowable, aren't
>>&g
On Mon, Jul 16, 2012 at 3:09 PM, Philipp Kern wrote:
> On Sun, Jul 15, 2012 at 07:05:35PM -0400, Michael Gilbert wrote:
>> We are still in the early freeze where riskier changes are allowable, aren't
>> we?
>
> No. There's no such thing as an early freeze that allo
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package sane-backends
It sets sane-utils as multi-arch: foreign, which is currently blocking
multiarch ia32-libs. It also fixes a kfreebsd build failure.
unblock sane-backe
Hi,
Given the reservations expressed lately with respect to multiarch
conversions, I would like to request advance feedback on a possible
lesstif2 nmu enabling multiarch. This is bug #677788, which is one of
the final blockers for ia32-libs. There is already a patch created by
Peter Samuelson th
retitle 681717 unblock: openjpeg/1.3+dfsg-4.5
thanks
On Sun, Jul 15, 2012 at 5:59 PM, Cyril Brulebois wrote:
> Hello.
>
> Michael Gilbert (15/07/2012):
>> Package: release.debian.org
>> User: release.debian@packages.debian.org
>> Usertags: unblock
>> Seve
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package chromium-browser
This is a new upstream stable release that fixes multiple security
issues, and an rc build failure on arm was fixed.
unblock chromium-browser/20.0.1
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package wine
It fixes an rc issue and fixes some other important issues.
unblock wine/1.4.1-2
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a s
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal
Please unblock package openjpeg
The unstable version enables multiarch and fixes a security issue.
unblock openjpeg/1.3+dfsg-4.4
--
To UNSUBSCRIBE, email to debian-release-requ...@lists
On Sun, Jul 8, 2012 at 9:59 AM, Cyril Brulebois wrote:
> Michael Gilbert (02/07/2012):
>> Please unblock package freeglut
>>
>> It fixes 3 bugs: an rc issue (#678571), a release goal (#677735), and
>> an old bug (#331244).
>
> Rewriting the build syste
debdiff attached this time.
freeglut.patch
Description: Binary data
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: freeze-exception
Severity: normal
Please unblock package freeglut
It fixes 3 bugs: an rc issue (#678571), a release goal (#677735), and
an old bug (#331244).
Thanks,
Mike
unblock freeglut/2.6.0-3
--
To UNSUBS
On Fri, Jun 29, 2012 at 2:46 PM, Julien Cristau wrote:
> Said approval will not come before wheezy is released.
Based on the release team's decision about the 1.5 (non)transition,
I've refreshed the nmu for 1.3 and uploaded again to delayed/5.
Please see attached patch.
Best wishes,
Mike
openjp
On Fri, Jun 29, 2012 at 12:11 PM, Michael Gilbert wrote:
> On Fri, Jun 29, 2012 at 3:50 AM, Mathieu Malaterre wrote:
>> Well for me working on #669348 would be make so much more sense
>> (fixing CVEs and tons of bugs), but if you have time for this, go
>> ahead...
>
> Wh
On Fri, Jun 29, 2012 at 3:50 AM, Mathieu Malaterre wrote:
> Well for me working on #669348 would be make so much more sense
> (fixing CVEs and tons of bugs), but if you have time for this, go
> ahead...
What exactly needs working on for #669348? It seems like an immediate
step to push forward tha
On Thu, Jun 14, 2012 at 3:43 PM, Philipp Kern wrote:
> On Thu, Jun 14, 2012 at 01:59:25PM -0400, Michael Gilbert wrote:
>> I did not suggest that. Anyway, maybe this will be a bit clearer.
>> Let's say an existing package is at version +b1 on amd64, and it needs
>> t
On Thu, Jun 14, 2012 at 1:07 PM, Julien Cristau wrote:
> On Thu, Jun 14, 2012 at 12:25:42 -0400, Michael Gilbert wrote:
>
>> Wouldn't the ideal solution be non-architecture-specific changelogs?
>
> No, that would be very much non-ideal. One should be able to schedule
&g
On Thu, Jun 14, 2012 at 12:40 PM, Cyril Brulebois wrote:
> Michael Gilbert (14/06/2012):
>> package (version) sid; urgency=low
>>
>> * Binary-only non-maintainer upload; no source changes.
>>
>> -- Debian Release Team Tue, 05 Jun
>> 2012 16:33:05 +
On Fri, Jun 8, 2012 at 6:17 PM, Philipp Kern wrote:
> On Sat, Jun 09, 2012 at 04:36:40AM +0800, Aron Xu wrote:
>> Does this mean M-A:same packages should be prevented from being
>> binNMUed, but only source upload can be accepted?
>
> You cannot deprive the Release Team of this tool. Also multiarch
On Tue, Jun 12, 2012 at 11:45 AM, David Kalnischkies wrote:
> On Mon, Jun 11, 2012 at 9:40 PM, Michael Gilbert wrote:
>> In particular, I filed a bug against dpkg requesting that it produce
>> more informative error messages in these cases [0], but I wonder if a
>> part of t
Hi,
We've been getting a few bug reports from users attempting to install
multiarch wine who have yet to manually enable multiarch itself.
Obviously that is a failure on their part, and is easily correctable.
However, I wonder if we can't make such migrations a bit more
straightforward?
In partic
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: binnmu
Severity: normal
nmu libgpm2_1.20.4-4 . i386 amd64 . -m "Rebuild with newer gzip
(closes: #664134)"
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (
We currently have a team working on NMUing wine for the wheezy
release. 1.0 is currently in testing, 1.2 is in unstable, and our
goal is to get 1.4 into the release. Our 1.4 package is already
uploaded to deferred [0], but due to appropriate NMU delays it will be
7 days before it goes in.
Once i
On Mon, Jan 16, 2012 at 9:06 AM, Michael Gilbert wrote:
>> DSA 2388 appears to have resolved all of those issues, so I guess we
>> could look at an update containing just the insecure tempfile change?
>
> Yes, that's correct. I'll ready a new package.
Please re
On Sun, Jan 15, 2012 at 12:21 PM, Adam D. Barratt wrote:
> On Sat, 2011-09-17 at 14:50 -0400, Michael Gilbert wrote:
>> I've decided that it's too risky to disable t1lib in lenny as the
>> version of freetype there has some known issues.
>>
>> Attached is a
2012/1/1 Moritz Mühlenhoff
> On Sat, Dec 31, 2011 at 05:19:21PM -0500, Michael Gilbert wrote:
>> Package: release.debian.org
>> User: release.debian@packages.debian.org
>> Usertags: rm
>> Severity: normal
>>
>> Please remove amsn from testing. Based
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal
Please remove amsn from testing. Based on the maintainer's opinion,
and the fact that hasn't gotten any security support in 5 years, it
should be removed. See http://bugs.debian.org/557754.
Th
retitle 649460 release.debian.org: arch-specific output in dependency analysis
thanks
On Thu, Nov 24, 2011 at 3:18 AM, Adam D. Barratt wrote:
> Dependency analysis only derives its output from Sources + i386, which is
> precisely _why_ it's showing ia32-libs-dev as unavailable. It's not being
> m
Maybe the real issue here is that the build-depends dependency
analysis is only done on i386 (according to the wording "including
build-depends; i386 only"), and the ia32-libs-dev package of course
doesn't exist there?
Anyway, I think my original point remains. For the dependency
analysis to be u
On Thu, Nov 24, 2011 at 1:18 AM, Adam D. Barratt wrote:
> On Wed, 2011-11-23 at 23:59 -0500, Michael Gilbert wrote:
>> On Mon, Nov 21, 2011 at 2:44 AM, Adam D. Barratt wrote:
>> > The reason that wine-unstable isn't migrating is listed at the top of
>> > the page:
&
On Mon, Nov 21, 2011 at 2:44 AM, Adam D. Barratt wrote:
> In any case, you appear to have overlooked the fundamental issue. The
> reason that wine-unstable isn't migrating has nothing to do with
> kfreebsd-amd64. I assume you're deducing this from the "dependency
> analysis" section - the section
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: britney
Severity: wishlist
Hi,
Hi, wine is held back because of a lot of missing packages in testing,
but only on kfreebsd-amd64 [0]. It took me a while to realize this
was the underlying problem since the stateme
On Sun, Oct 30, 2011 at 3:09 AM, Raphael Hertzog wrote:
> On Sat, 29 Oct 2011, Michael Gilbert wrote:
>> You could also make a case from a terminological perspective as well.
>> Unstable is where development in Debian is supposed to happen, so it's
>> perfectly accep
On Sat, Oct 29, 2011 at 2:58 PM, Julien Cristau wrote:
> On Sat, Oct 29, 2011 at 13:38:47 -0400, Michael Gilbert wrote:
>
>> On Fri, Oct 21, 2011 at 3:12 PM, Julien Cristau wrote:
>> > +commit 03ff880e8bf20cdecaf27f03391ea31545ecc22c
>> > +Author: Matthieu Herrb
>
On Sat, Oct 29, 2011 at 7:10 AM, Stefano Zacchiroli wrote:
> What worries me is that there is multi-arch work in dpkg, work that has
> its origins in Debian. That work is ready enough to be deployed in
> popular Debian derivatives such as Ubuntu, but is not in Debian proper
> yet. That is bad for D
On Fri, Oct 21, 2011 at 3:12 PM, Julien Cristau wrote:
> +commit 03ff880e8bf20cdecaf27f03391ea31545ecc22c
> +Author: Matthieu Herrb
> +Date: Mon Oct 17 22:27:35 2011 +0200
> +
> + Fix CVE-2011-4029: File permission change vulnerability.
> +
> + Use fchmod() to change permissions of the loc
Michael Gilbert wrote:
> > In any case, I'm not entirely convinced that a NEWS file is the
> > right location to be making a statement that seems in danger of
> > approaching "this package isn't getting security support in lenny".
>
> So, an EOL co
Adam D. Barratt wrote:
> [Apologies for the delay in getting back to you on this]
>
> On Sat, 2011-09-17 at 14:50 -0400, Michael Gilbert wrote:
> > I've decided that it's too risky to disable t1lib in lenny as the
> > version of freetype there has some known issu
I've decided that it's too risky to disable t1lib in lenny as the
version of freetype there has some known issues.
Attached is a new debdiff for this proposed-update.
Best wishes,
Mike
xpdf-lenny.debdiff
Description: Binary data
On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote:
> [1] http://wiki.debian.org/Hardening
It looks like we're duplicating wiki work. The page I created
yesterday is much more comprehensive and detailed right now:
http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
Best wishes,
Mike
On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote:
> Hi,
>
> I would like to propose a release goal of enabling hardening build flags[1]
> for all C/C++ packages in the archive[2].
I think "all C/C++ packages" is an impossibility in the wheezy
timeframe, and we should be honest about that. So
Adam D. Barratt wrote:
> Thanks for working on this. As a general comment, if you're submitting
> patches for both stable and oldstable please do so using two different
> bugs; otherwise we can't track the acceptance and release status in a
> sane way.
Ok, I'll do that in the future.
> I'd be
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Severity: normal
I've prepared proposed updates for the stable xpdf packages fixing a
few security issues. See attached debdiffs.
Best wishes,
Mike
xpdf-lenny.debdiff
Description: Binary data
xpdf-squeeze.d
tag 637040 -moreinfo
thanks
On Wed, Aug 17, 2011 at 5:26 PM, Julien Cristau wrote:
> As said on irc, filing (non-RC for now) bugs against the reverse
> dependencies and providing patches as much as possible should happen
> prior to any removal. Tagging moreinfo for now.
Bugs are now submitted (w
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: rm
Severity: normal
Hi,
t1lib has a significant set of security vulnerablities [0] and there
is no sign of them ever getting fixed with upstream missing in action
for over three years now. Because of these issues,
Kumar Appaiah wrote:
> Hi.
>
> On Wed, Apr 13, 2011 at 09:05:06AM -0400, Michael Gilbert wrote:
> > Steve McIntyre wrote:
> > > Right. Are you deliberately trying to stall all development, or does
> > > it just appear that way?
> >
> > I fail to
Gustavo Noronha Silva wrote:
> > > On 04/13/2011 01:40 AM, Michael Gilbert wrote:
> > > >> I plan to upload webkit 1.3.x (soon to be 1.4.0) to unstable.
> > What
> > > >> this involves:
> > > >
> > > > I would
Steve McIntyre wrote:
> On Wed, Apr 13, 2011 at 07:41:15AM -0400, Michael Gilbert wrote:
> >Mehdi Dogguy wrote:
> >
> >> On 04/13/2011 01:40 AM, Michael Gilbert wrote:
> >> > Gustavo Noronha Silva wrote:
> >> >
> >> >> Pa
Mehdi Dogguy wrote:
> On 04/13/2011 01:40 AM, Michael Gilbert wrote:
> > Gustavo Noronha Silva wrote:
> >
> >> Package: release.debian.org
> >> Severity: normal
> >> User: release.debian@packages.debian.org
> >> Usertags: transition
> &
sean finney wrote:
> hi -release team,
>
> On Sat, Apr 09, 2011 at 10:13:19AM +0100, Neil McGovern wrote:
> > > Once again, we will use feedb...@release.debian.org and welcome all
> > > comments before 11th April.
> > >
> >
> > We've had a rather poor response to this request, so I'd encourage
Gustavo Noronha Silva wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: transition
>
> I plan to upload webkit 1.3.x (soon to be 1.4.0) to unstable. What
> this involves:
I would prefer to stick with 1.2.x for the time being since
Scott Kitterman wrote:
> I noticed that this is still listed at http://wiki.debian.org/ReleaseGoals.
>
> Obviously that was a Squeeze goal. The equivalent goal for Wheezy should be
> python2.7 as default and python2.5 and python2.6 removed.
Is it out of the question to target python3.x as the
On Mon, 28 Mar 2011 22:21:14 +0100 Jonathan Wiltshire wrote:
> On Mon, Mar 28, 2011 at 10:41:23PM +0200, Matthijs Möhlmann wrote:
> > CVE-2011-1081:
> > modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers
> > to cause a denial of service (daemon crash) via a relative Disting
On Tue, 11 Jan 2011 00:40:42 +0100, Moritz Muehlenhoff wrote:
> On Mon, Jan 10, 2011 at 11:12:39PM +0100, Josselin Mouette wrote:
> > Heya,
> >
> > Le lundi 10 janvier 2011 à 20:56 +0100, Moritz Muehlenhoff a écrit :
> > > As such, browsers built upon the webkit, qtwebkit
> > > and khtml engines
On Thu, Dec 23, 2010 at 5:14 PM, Jonas Smedegaard wrote:
> Hi Julien,
>
> On Thu, Dec 23, 2010 at 10:34:50PM +0100, Julien Cristau wrote:
>>
>> On Fri, Dec 17, 2010 at 20:15:19 -0500, Michael Gilbert wrote:
>>
>>> On Sun, Dec 12, 2010 at 3:31 PM, Michael Gilbe
On Thu, 23 Dec 2010 17:28:01 +0100, Julien Cristau wrote:
> On Wed, Dec 22, 2010 at 15:40:55 +, Jonathan Wiltshire wrote:
>
> > This patch has come from two upstream commits to fix the CVE and the
> > debdiff for an nmu is attached. If it's ok with you, I'll go ahead with if
> > the maintainer
Can someone from the release team please take a look at #555668. I
think this bug can be marked squeeze-ignore or downgraded.
Thanks,
Mike
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock fakeroot. It fixes bug #605077, which isn't RC, but it
does fix an important regression from lenny's fakeroot and the diff is
small. Hopefully it is a sufficiently non-invas
101 - 200 of 277 matches
Mail list logo