Re: [php-maint] php5 testing transition

On Sun, May 6, 2012 10:00, Thijs Kinkhorst wrote: > On Sat, May 5, 2012 20:49, Adam D. Barratt wrote: >> On Sat, 2012-05-05 at 20:39 +0200, Ondrej Sury wrote: >>> > For some reason I had it in my head that 5.4.2 was the upstream >>> version >>> > with the

Re: [php-maint] php5 testing transition

On Sat, May 5, 2012 20:49, Adam D. Barratt wrote: > On Sat, 2012-05-05 at 20:39 +0200, Ondrej Sury wrote: >> > For some reason I had it in my head that 5.4.2 was the upstream >> version >> > with the fixed fix rather than the not-quite fixed fix. >> >> I think this is the case (e.g. 5.4.2 is the fi

Re: php5 testing transition

Hi Adam, On Sat, May 5, 2012 16:24, Adam D. Barratt wrote: > I'd like to try and get php5 migrated to testing over the next couple of > days. This does mean aging the 5.4.2-1 upload somewhat, but 5.4.1~rc1-1 > had been in unstable for a month already and the diff from that looks > sane enough onc

urgency bump samba for CVE-2012-1182

Dear release team, Can you consider to urgency bump samba/2:3.6.4-1 for security issue CVE-2012-1182? The debdiff is indeed 2 MB, however, this is because the bug is in the source for generated code which makes the resulting diff rather large. The upstream release contains no other changes. I'm at

Re: Proposal to get Wheezy Alpha1 done

On Sat, March 17, 2012 18:37, Otavio Salvador wrote: > Hi Release Team, > > On Sun, Mar 11, 2012 at 14:55, Otavio Salvador > wrote: >>  * on 03/17 try to get the packages migrated to testing > > Please age the following packages: Perhaps you want to consider gnupg 1.4.12 too? It has been in unsta

Re: Planning for final lenny point release (5.0.10)

On Wed, February 15, 2012 13:49, Thijs Kinkhorst wrote: > On Wed, February 15, 2012 13:42, Adam D. Barratt wrote: >> On 15.02.2012 12:31, Goswin von Brederlow wrote: >>> Should ia32-libs be updated? >> >> It was last updated in January. Thijs, would you be interes

Re: Planning for final lenny point release (5.0.10)

On Wed, February 15, 2012 13:42, Adam D. Barratt wrote: > [Recipient list and quoting both savagely trimmed] > > On 15.02.2012 12:31, Goswin von Brederlow wrote: >> "Adam D. Barratt" writes: >> >>> On Mon, 2011-12-12 at 23:05 +, Adam D. Barratt wrote: Working on the four-monthly schedule

Bug#657077: transition: php5 5.4

On Tue, February 7, 2012 09:37, Ondřej Surý wrote: > On Tue, Feb 7, 2012 at 09:09, Thijs Kinkhorst wrote: >>>>> I'm pretty sure something like that was done for python.  I don't >>>>> think >>>>> perl breaks source level compatibil

Bug#657077: transition: php5 5.4

>>> I'm pretty sure something like that was done for python.  I don't >>> think >>> perl breaks source level compatibility to anywhere near the same extent >>> (could be wrong, though). > > http://wiki.debian.org/PHP/54Transition The links to packages with an epoch'ed version are broken. Thijs

Re: [SRM] proposed update backuppc for squeeze

On Wed, January 11, 2012 21:38, Adam D. Barratt wrote: > On Wed, 2012-01-11 at 20:39 +0100, Thijs Kinkhorst wrote: >> I propose attached NMU for backuppc for squeeze. This is meant to >> address >> #654692, a bug where backuppc produces corrupted tarballs. For me this

[SRM] proposed update backuppc for squeeze

654692, #558431) + * Fix XSS issue (CVE-2011-3361 CVE-2011-4923, + closes: #641450, #646865) + + -- Thijs Kinkhorst Wed, 11 Jan 2012 20:17:35 +0100 + backuppc (3.1.0-9) unstable; urgency=low * chown/chmod only the needed dirs. Closes: #531948 only in patch2: unchanged: --- backup

Re: [SRM] updating ia32-libs and ia32-libs-gtk

Hi, On Wed, January 4, 2012 23:13, Adam D. Barratt wrote: > On Tue, 2012-01-03 at 06:58 +0100, Thijs Kinkhorst wrote: >> I now uploaded ia32-libs and ia32-libs-gtk for squeeze and ia32-libs for >> lenny. I've added proposed-updates to the lenny sources but I don't

Re: [SRM] updating ia32-libs and ia32-libs-gtk

On Thu, December 29, 2011 14:45, Thijs Kinkhorst wrote: > On Thu, December 29, 2011 13:18, Philipp Kern wrote: >> On Thu, Dec 29, 2011 at 12:51:23PM +0100, Thijs Kinkhorst wrote: >>> > Given that this will be the final point release for lenny, might it >>> be >&g

Re: [SRM] updating ia32-libs and ia32-libs-gtk

On Thu, December 29, 2011 13:18, Philipp Kern wrote: > On Thu, Dec 29, 2011 at 12:51:23PM +0100, Thijs Kinkhorst wrote: >> > Given that this will be the final point release for lenny, might it be >> > worth making an exception this time and also including packages from >>

Re: [SRM] updating ia32-libs and ia32-libs-gtk

On Wed, December 28, 2011 21:04, Adam D. Barratt wrote: > On Wed, 2011-12-28 at 18:04 +0100, Thijs Kinkhorst wrote: >> As for lenny, only an update to ia32-libs is needed: >> >> ia32-libs (2.7+lenny3) oldstable; urgency=low >> >> * Update packages to th

Re: Proposed update to python-debian

On Thu, December 29, 2011 09:10, Adam D. Barratt wrote: > On 28.12.2011 23:45, John Wright wrote: >> Attached is a patch to the python-debian package which I intend to >> upload to stable. > > Apparently you already _have_ uploaded it. > > Eight hours is really not a long enough time to have waited

Re: [SRM] updating ia32-libs and ia32-libs-gtk

Op woensdag 28 december 2011 13:08:05 schreef Thijs Kinkhorst: > As usual I'd like to upload new versions of ia32-libs* to refresh the > included packages w.r.t. stable/security updates. The resulting > changelogs of ia32-libs and ia32-libs-gtk are included below. > ia32-l

[SRM] updating ia32-libs and ia32-libs-gtk

o-4squeeze3) squeeze; urgency=low ] * Non-maintainer upload by the Security Team. * Fix CVE-2011-3210: SSL memory handling for (EC)DH ciphersuites [ pam (1.1.1-6.1+squeeze1) stable-security; urgency=low ] * Non-maintainer upload by the Security Team * Fix CVE-2011-3148 and CVE-2011-3149 -- T

Re: Multiarch support in dpkg — really in time for wheezy?

Op zondag 06 november 2011 13:57:06 schreef Raphael Hertzog: > For the release team: while multiarch is not yet fully merged, there has > been some visible progress over the last 2 weeks. About one third of the > commits have been merged on master already (pushes happened on 24/10, > 27/10, 30/10,

Re: Bug#587315: 'multipath: unknown hardware handler type' with hardware_handler "1 hp-sw"

On Mon, October 31, 2011 08:11, Ritesh Raj Sarraf wrote: > Hello Release Team, > > I would like to propose an update to the multipath-tools package for > Squeeze. This proposed upload fixes 2 issues: > > * [b5f7694] Change HP hardware hanlder to hp_sw. > Thanks to Phil (Closes: 587315) I can a

Re: Bug#645881: critical update 29 available

On Wed, October 19, 2011 14:15, Matthias Klose wrote: > On 10/19/2011 02:09 PM, Thijs Kinkhorst wrote: >> Have we been in contact with Oracle upstream and explained that we are >> eager to comply with their wish to move entirely to openjdk for our next >> release, but have the

Re: Bug#645881: critical update 29 available

On Wed, October 19, 2011 12:50, Sylvestre Ledru wrote: > CC debian release & security > > Le mercredi 19 octobre 2011 à 12:21 +0200, Thijs Kinkhorst a écrit : >> Upstream has released Java SE 6 update 29 yesterday: >> http://www.oracle.com/technetwork/topics/security/j

Re: Update for dokuwiki/lenny

On Fri, October 7, 2011 20:17, Tanguy Ortolo wrote: > Tanguy Ortolo, 2011-10-07 09:48 UTC+0200: >> Thijs Kinkhorst, 2011-10-07 09:14 UTC+0200: >> > Are you sure everything went OK? Nothing to see on security-master. >> >> Strange, I am sure that it uploaded fine,

Re: Update for dokuwiki/lenny

On Thu, October 6, 2011 21:21, Tanguy Ortolo wrote: > Thijs Kinkhorst, 2011-10-06 14:34 UTC+0200: >> OK. Tanguy, if you update your target distribution to oldstable-security >> and upload to security-master, we can release it. > > Thank you Philipp, I have just done so. Ar

Re: Update for dokuwiki/lenny

On Thu, October 6, 2011 14:23, Philipp Kern wrote: > Hi, > > On Wed, Oct 05, 2011 at 11:56:14AM +0200, Tanguy Ortolo wrote: >> My last update of dokuwiki/lenny, which fixed a security flaw and was >> released with Lenny 5.0.9, unfortunately introduced a quite important >> regression, breaking any w

[SRM] updating ia32-libs for stable

Hi, I realise I'm late to the party, but I didn't have (make?) time before. As in earlier stable updates I propose to update the packages contained in ia32-libs to their most up to date versions. The changelog entries for ia32-libs and ia32-libs-gtk are attached. ia32-libs-core doesn't have chang

Re: [SRM] proposed stable update ca-certificates

On Fri, September 16, 2011 08:04, Raphael Geissert wrote: > On Wednesday 14 September 2011 02:40:32 Thijs Kinkhorst wrote: >> On Tue, September 13, 2011 19:38, Raphael Geissert wrote: >> >> I've attached my proposed change. Please review and let me know if I >> can

Re: [SRM] proposed stable update ca-certificates

On Tue, September 13, 2011 19:38, Raphael Geissert wrote: >> I've attached my proposed change. Please review and let me know if I can >> upload. > > I think it needs to be uploaded via the sec archive, and the +nmu3 version > removed from it. IIRC when syncing sec-master to ftp-master all versions

[SRM] proposed stable update ca-certificates

0090814+nmu3squeeze1/debian/changelog 2011-09-13 11:32:01.0 +0200 @@ -1,3 +1,11 @@ +ca-certificates (20090814+nmu3squeeze1) stable; urgency=low + + * Non-maintainer upload. + * No-change upload with incremented version number to avoid a +version number conflict with '20090814+nmu3'

Re: ca-certificates version number reuse

On Sun, September 4, 2011 00:42, Philipp Kern wrote: > On Sat, Sep 03, 2011 at 03:16:20PM +0200, Thijs Kinkhorst wrote: >> > You'll need a new DSA mail, though, that's the only "drawback". >> We could upload ca-certificates 20090814+nmu3squeeze1 to ftp-maste

Re: ca-certificates version number reuse

On Thu, September 1, 2011 22:24, Philipp Kern wrote: > On Thu, Sep 01, 2011 at 01:35:51PM -0500, Raphael Geissert wrote: >> ftpmasters: we would also need you to remove +nmu3 from the security >> archive, >> wouldn't we? > > You just need to supersede the build with a newer version as Julien said.

ca-certificates version number reuse

Hi, After the ca-certficates update to stable was installed into the archive, it was found out that its version number 20090814+nmu3 had already been used in the first upload to unstable after the squeeze release. This is unfortunate, but because the update has already been installed into the secu

Re: LFS and IPv6 goals

On Tue, August 9, 2011 00:43, Andreas Barth wrote: > * Thijs Kinkhorst (th...@debian.org) [110808 10:35]: >> Hi, >> >> On Mon, August 1, 2011 23:07, Neil McGovern wrote: >> > Carried forward from last release: >> > - IPv6 support >> > - Large Fi

LFS and IPv6 goals

Hi, On Mon, August 1, 2011 23:07, Neil McGovern wrote: > Carried forward from last release: > - IPv6 support > - Large File Support I'm wondering why these two are still goals for the current cycle. I think it's safe to say that their intent has already been achieved (make Debian generally work w

Re: [SRM] proposed stable update openldap

diff -u openldap-2.4.23/debian/changelog openldap-2.4.23/debian/changelog --- openldap-2.4.23/debian/changelog +++ openldap-2.4.23/debian/changelog @@ -1,3 +1,10 @@ +openldap (2.4.23-7.2) stable; urgency=low + + * Non-maintainer upload targeted at stable. + * Fix "dpkg-reconfigure slapd". C

Re: [SRM] ia32-libs update for 6.0.2

On Thu, June 9, 2011 23:06, Philipp Kern wrote: > On Thu, Jun 09, 2011 at 10:06:03PM +0200, Thijs Kinkhorst wrote: >> Let me know whether I can proceed. > > Yeah. I've uploaded it now. > I cannot guarantee that we don't accept something new afterwards Sure, I'll

[SRM] ia32-libs update for 6.0.2

r overflow in Fax4Decode * CVE-2011-1167: Buffer overflow with thunder encoded files -- Thijs Kinkhorst Thu, 09 Jun 2011 22:01:50 +0200 Let me know whether I can proceed. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe&

Re: [SRM] proposed stable update openldap

On Mon, May 30, 2011 15:10, Thijs Kinkhorst wrote: > On Mon, May 30, 2011 13:24, Adam D. Barratt wrote: >>> - A grave problem when reconfiguring the package. >> >> This (#596343) seems okay, but doesn't appear to have been fixed in >> unstable yet, which is gen

Re: [SRM] proposed stable update openldap

On Mon, May 30, 2011 13:24, Adam D. Barratt wrote: >> - A grave problem when reconfiguring the package. > > This (#596343) seems okay, but doesn't appear to have been fixed in > unstable yet, which is generally a pre-requisite for applying the fix to > stable. Are there any plans to do that in the

[SRM] proposed stable update openldap

] * Fix "dpkg-reconfigure slapd". Closes: #596343 -- Thijs Kinkhorst Wed, 25 May 2011 16:40:39 +0200 Cheers, Thijs openldap_stable.debdiff Description: Binary data

Re: [SRM] update for ia32-libs in upcoming point release

On Fri, March 11, 2011 13:12, Philipp Kern wrote: > On Thu, Mar 10, 2011 at 11:12:17PM +0100, Thijs Kinkhorst wrote: > +ia32-libs-gtk (20110202) UNRELEASED; urgency=high > ^^ > +ia32-libs (20110202) UNRELEASED;

[SRM] update for ia32-libs in upcoming point release

08305 + + [Michal Simunek] + + * Czech debconf translations. #608495 + + -- Thijs Kinkhorst Wed, 09 Mar 2011 23:08:01 +0100 + ia32-libs (20110117) unstable; urgency=low * Do not disable secure APT when downloading packages (closes: #610089) diff -Nru ia32-libs-20110117/debian/copyright

Re: Stable update of dajaxice

On Sunday 27 February 2011 15:49:28 Angel Abad wrote: > > Please upload the package to security-master then. Note that you need to > > change the target in the changelog and build the package with full source > > (-sa flag). Full checklist of packages for security-master is here: > > http://www.deb

Re: Stable update of dajaxice

Hi Angel, On Thursday 24 February 2011 12:27:21 Angel Abad wrote: > 2011/2/24 Adam D. Barratt : > > Hi, > > > > On Thu, February 24, 2011 10:16, Angel Abad wrote: > >> I've prepared an upload to stable for package dajaxice, since > >> python-django was patched for problems related with crsf cooki

Re: [SECURITY] [DSA-2158-1] cgiirc security update

On Wednesday 23 February 2011 10:12:08 Philipp Kern wrote: > Hi, > > On Wed, Feb 09, 2011 at 09:32:48PM +, Steve Kemp wrote: > > Michael Brooks (Sitewatch) discovered a reflective XSS flaw in > > cgiirc, a web based IRC client, which could lead to the execution > > of arbitrary javascript. > >

Bug#611851: unblock: ia32-libs-core/20110202

On Wed, February 2, 2011 22:14, Goswin von Brederlow wrote: > PS: The sources are on mentors and need a sponsor for the upload. Thijs? > > unblock ia32-libs-core/20110202 > unblock ia32-libs/20110202 > unblock ia32-libs-gtk/20110202 I would sponsor this if the release team acks that it is still po

Uploading sssd to tpu for security issue

.2.1-4+squeeze1) testing; urgency=medium + + * Non-maintainer upload by the Security Team + * Fix CVE-2010-4341 (Closes: #610032) + + -- Thijs Kinkhorst Mon, 31 Jan 2011 20:48:45 +0100 + sssd (1.2.1-4) unstable; urgency=low * Add patch from Stephen Gallagher to ensure LDAP authentication dif

Re: Bug#609641: Sudo gid security issue

On Wednesday 26 January 2011 00:20:34 Bdale Garbee wrote: > On Tue, 25 Jan 2011 21:25:29 +0100, Moritz Mühlenhoff wrote: > > What's the status? > > Uploading 1.7.4p4-2.squeeze.1 with just the relevant patch cherry-picked > now, with distribution set to testing. Hopefully that does it. Let me >

Bug#610562: unblock: spip/2.1.1-3

Dear release team, On Wednesday 19 January 2011 23:24:14 Romain Beauxis wrote: > Thus, I kindly request the unblocking of spip 2.1.1-3 and its migration to > testing in the purpose of shipping a fixed spip package in Debian squeeze. Please unblock this to address a security issue. Cheers, Thij

Re: permission to upload bip/0.8.2-1squeeze3 to testing proposed updates

Dear release team, On Wednesday 19 January 2011 01:59:18 Pierre-Louis Bonicoli wrote: > I am the upstream and sponsored Debian maintainer of Bip. > > A user of bip reported a bug which can be used to do a remote DOS of > bip. Bug is present in bip/0.8.2-1squeeze2. > > debdiff (bip/0.8.2-1squeeze

Re: Fixes for RT 3.x issue CVE-2011-0009

On Thu, January 20, 2011 09:28, Dominic Hargreaves wrote: > On Tue, Jan 18, 2011 at 10:50:58PM +, Dominic Hargreaves wrote: >> Sorry, I got the timing wrong. It's tomorrow, Wednesday, that I believe >> the planned release is. I'll email both you and the stable release >> managers after then and

Re: Squeeze updates for ia32-libs{,-gtk}

On Tuesday 18 January 2011 14:54:12 Philipp Kern wrote: > > I've refreshed the packages and added two changes that I think are > > important for proper support for the squeeze lifetime: adding > > security.debian.org to the mirrors list and not disabling secure APT to > > download the packages. Ple

Bug#609839: Bug#609641: Sudo gid security issue

On Tuesday 18 January 2011 10:52:21 Bdale Garbee wrote: > On Tue, 18 Jan 2011 09:20:21 +0100, "Thijs Kinkhorst" wrote: > > I see that the security issue in #609641 / CVE-2011-0010 is fixed in sid > > but not in squeeze (lenny not affected). Would you be able to provide

Unbloack evince for security issue

Hi, Please unblock evince/2.30.3-2 which fixes a security issue. Thanks, Thijs -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/9e2bb951e9bc80aa9abb429c4ea3ec20.s

Re: [SRM] Updating ia32-libs* in lenny

On Sun, January 16, 2011 14:41, Philipp Kern wrote: > Hi, > > On Sun, Jan 16, 2011 at 01:30:30AM +0100, Thijs Kinkhorst wrote: >> On Sun, January 16, 2011 00:28, Philipp Kern wrote: >> > On Sat, Jan 15, 2011 at 07:07:50PM +0100, Thijs Kinkhorst wrote: >> >> ia3

Re: [SRM] Updating ia32-libs* in lenny

On Sun, January 16, 2011 00:34, Moritz Mühlenhoff wrote: > On Sun, Jan 16, 2011 at 12:28:06AM +0100, Philipp Kern wrote: >> Hi, >> >> On Sat, Jan 15, 2011 at 07:07:50PM +0100, Thijs Kinkhorst wrote: >> > As you may or may not know the ia32-libs and ia32-libs-gtk p

[SRM] Updating ia32-libs* in lenny

Hi, As you may or may not know the ia32-libs and ia32-libs-gtk packages in lenny are in a suboptimal state. It boils down to that they contain the 'current' versions of other packages, they have been last updated well before lenny's release and hence don't include the most recent versions. For squ

Clarification request regarding translation updates

Hi, The release team has sent a (in my reading) pretty unambiguous statement to DDA that only uploads that fix RC bugs will be unblocked. However, I've seen a number of unblocks for translation updates since. So it's unclear to me now whether I should be uploading updates for Debconf po transla

Re: Bug#596899: Please unblock ia32-libs/20101012

On Thursday 16 December 2010 11:55:05 Goswin von Brederlow wrote: > On the note of ia32-libs-gtk. It seems that was rejected by an > overzelous lintian check. It doesn't depend on libc (no kidding :). > I will have to check that and add lintian overrides to it or get lintian > fixed. Is there prog

Please unblock simplesamlphp/1.6.3-1 (security)

Hi, simplesamlphp/1.6.3-1 has been uploaded in which the only code change is an XSS security fix. Other changes are confined to documentation so it didn't seem opportune to extract the fix only. Thanks, Thijs -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject o

Re: Bug#596899: Please unblock ia32-libs/20101012

On Wednesday 15 December 2010 15:29:00 Thijs Kinkhorst wrote: > I've also sponsored ia32-libs-gtk/20101125 which could also need an > unblock. Unfortunately this got rejected: Reject Reasons: ia32-libs-gtk: lintian output: 'missing-dependency-on-libc needed by ./lib3

Re: Bug#596899: Please unblock ia32-libs/20101012

On Tuesday 07 December 2010 18:01:05 Goswin von Brederlow wrote: > Uploading ia32-libs-core_20101207_source to mentors. Sponsors > welcome. I have uploaded this now. I think this needs unblocking so that ia32-libs can also migrate. I've also sponsored ia32-libs-gtk/20101125 which could also need

Re: Bug#596899: Please unblock ia32-libs/20101012

On Thursday 18 November 2010 22:24:01 Thijs Kinkhorst wrote: > On Wednesday 17 November 2010 14:26:07 Goswin von Brederlow wrote: > > ia32-libs-core (20101117) unstable; urgency=low > > ia32-libs (20101117) unstable; urgency=low > > I just uploaded these to sid. I think

Re: Bug#596899: Please unblock ia32-libs/20101012

On Wednesday 17 November 2010 14:26:07 Goswin von Brederlow wrote: > ia32-libs-core (20101117) unstable; urgency=low > ia32-libs (20101117) unstable; urgency=low I just uploaded these to sid. I hope they can be unblocked and their urgency pushed by the release team if they think it's appropria

Re: security support for squeeze?

On Saturday 13 November 2010 16:20:52 Adam D. Barratt wrote: > On Sat, 2010-11-13 at 14:57 +0100, Thijs Kinkhorst wrote: > > The situation with sun-java-6 is not quite as you describe - although due > > to its non-freeness we've not been able to present updates as DSA's,

Re: Bug#602067: unblock: couchdb/0.11.0-2.2

On Monday 01 November 2010 22:18:55 Serafeim Zanikolas wrote: > On Mon, Nov 01, 2010 at 09:13:19PM +0100, Julien Cristau wrote: > [..] > > > Hrm, except now there's a window where gid root has write access. Which > > it isn't supposed to have, afaik. > > Right. Will change it then to 750. > cou

Bug#602593: pu: package sun-java6/6-22-0lenny1

On Friday 12 November 2010 06:55:48 Torsten Werner wrote: > On Thu, Nov 11, 2010 at 8:16 PM, Adam D. Barratt > > wrote: > > On Sat, 2010-11-06 at 11:19 +0100, Torsten Werner wrote: > >> a new version of sun-java6 for stable is available at > >> . > > > > There

Re: security support for squeeze?

On Wednesday 10 November 2010 22:08:05 Michael Gilbert wrote: > > Finally, are there other packages we know have limited security support, > > and should be mentioned there? > > You may want to mention that openjdk-6 and sun-java-6 don't receive > security support/updates. I'm not sure if whether

Bug#596899: Please unblock ia32-libs/20101012

On Saturday 13 November 2010 00:10:56 Julien Cristau wrote: > Dropping wine means dropping those, fwiw. Not that I really care, but > if somebody does want to keep wine in squeeze the build fix seems > trivial enough... For the record, the build fix has been uploaded to delayed/7 last week; not

Bug#596899: Please unblock ia32-libs/20101012

On Tue, November 9, 2010 05:21, Michael Gilbert wrote: > On Mon, Nov 8, 2010 at 3:22 PM, Julien Cristau wrote: >> On Mon, Nov  8, 2010 at 19:02:08 +0100, Moritz Muehlenhoff wrote: >> >>> Given that wine in Squeeze is the vintage 1.0 release that already >>> shipped >>> with Lenny, we should rather

Please unblock ia32-libs/20101012

Hi, A lesson we learned from Lenny is that ia32-libs is hardly security supportable if the libraries it contained aren't as much up to date as their 'normal' stable versions as possible. In the ideal situation we would release with a ia32-libs being completely up to date with the normal package ve

please unblock msttcorefonts/3.3

Hi, Please unblock msttcorefonts/3.3, an updated Debconf translation only. Thanks, Thijs signature.asc Description: This is a digitally signed message part.

Re: Dropping the .0 on release numbers?

On tiisdei 14 Septimber 2010, Gunnar Wolf wrote: > So, for the past years we have had x.0.y with growing `y' for point > releases, and skiping to (x+1).0.0. And the zero in the middle carries > no meaning anymore. It also doesn't do any harm, does it? I would vastly prefer not to change our versi

Re: potential freeze-exception for phpmyadmin/3.3.6-1

On snein 29 Augustus 2010, Thijs Kinkhorst wrote: > On snein 29 Augustus 2010, Marc 'HE' Brockschmidt wrote: > > > Please let me know if it would be acceptable to upload to unstable > > > targeted at squeeze. > > > > Please go ahead with the

security unblock: serendipity/1.5.3-2

Hi, Please unblock serendipity/1.5.3-2, which fixes a security issue. Debdiff attached. Thanks, Thijs diff -Nru serendipity-1.5.3/debian/changelog serendipity-1.5.3/debian/changelog --- serendipity-1.5.3/debian/changelog 2010-05-12 18:57:11.0 +0200 +++ serendipity-1.5.3/debian/changelog

Re: Bug#581659: freeze exception request for uruk 20100831-2 (was: Re: freeze exception [...])

On Tue, August 31, 2010 14:53, Joost van Baal wrote: > Could you please allow uruk 20100831-2 in squeeze? Just to add a data point: we've been using this package (except the documentation / update-rc.d improvements of today) for a while already in production, both on IPv4-only and on IPv6-enabled

Re: potential freeze-exception for phpmyadmin/3.3.6-1

On snein 29 Augustus 2010, Marc 'HE' Brockschmidt wrote: > > Please let me know if it would be acceptable to upload to unstable > > targeted at squeeze. > > Please go ahead with the upload. Thanks for the quick response! phpmyadmin/4:3.3.6-1 has just been accepted. Cheers, Thijs signature.a

Re: [Pkg-gnupg-maint] Bug#592902: Bug#387688: Add gnupg as apt dependency in Squeeze to be able to solve #387688 in Squeeze+1?

On Sun, August 22, 2010 00:46, Carsten Hey wrote: > * Build a new package gpgv-tiny, configured with --without-readline. Just wondering here if there would be any need for a regular 'gpgv' package if 'gpgv-tiny' exists. In other words, we could already build gpgv separately, without readline, rig

Re: libmikmod/stable on hppa version problem

On freed 16 July 2010, Adam D. Barratt wrote: > > I guess that only a manual build of a binNMU old scheme on hppa will > > save you from having a sourceful upload and rebuilds on all > > architectures. Probably the hppa buildd admins (in Cc) can help here? > > One issue is that any further updates

libmikmod/stable on hppa version problem

Hi release team, We have run into a problem with libmikmod on stable-security in the most recent DSA. That was released with the version number 3.1.11-a-6+lenny1, following the usual scheme. However, as it seems hppa had a version that used the old binNMU numbering scheme: 3.1.11-a-6.0.1, which

Re: simplesamlphp not migrating to testing

On snein 27 Juny 2010, Sven Joachim wrote: > On 2010-06-27 19:36 +0200, Thijs Kinkhorst wrote: > > On snein 27 Juny 2010, Julien Cristau wrote: > >> > My package simplesamlphp is not migrating to testing: > >> > > >> > > >> > Excuse

Re: simplesamlphp not migrating to testing

On snein 27 Juny 2010, Julien Cristau wrote: > > My package simplesamlphp is not migrating to testing: > > > > Excuse for simplesamlphp > > > > * 23 days old (needed 10 days) > > * simplesamlphp/i386 unsatisfiable Depends: php5-mhash (>= 5.2.0) > > * Valid candidate > > > > In squeez

simplesamlphp not migrating to testing

Hi, My package simplesamlphp is not migrating to testing: Excuse for simplesamlphp * 23 days old (needed 10 days) * simplesamlphp/i386 unsatisfiable Depends: php5-mhash (>= 5.2.0) * Valid candidate In squeeze php5-mhash is provided by php5, in Lenny this is a separate package. I w

[SRM] Update for mailman to address #581988

econd Mime-Version header to some types of message. This in +turn is a trigger to some SPAM filters to ban the message. +(Closes: #581988, #310180). + + -- Thijs Kinkhorst Mon, 17 May 2010 22:51:56 +0200 + mailman (1:2.1.11-11) unstable; urgency=high [ Debconf Translations ] diff

Bug#579681: pu: package sun-java5/1.5.0-22-0lenny1

> the non-free Sun JDKs often have security issues and can only be updated > through new upstream versions since we do not have source code. 1.5.0-22 > will be the last upstream update because this version has been declared > EOL (end of life). The security team asked me to update the package > thr

Re: Hardware trouble ries.debian.org - ftpmaster.debian.org / release.d.o services back this weekend

On sneon 3 April 2010, Russ Allbery wrote: > Thijs Kinkhorst writes: > > That is good news. Forgive me if this has been considered or decided > > already, or even talked about somewhere that I missed - but will all > > packages that were uploaded to sid before the outa

Re: Hardware trouble ries.debian.org - ftpmaster.debian.org / release.d.o services back this weekend

Hi all, Joerg Jaspert wrote: > I expect the services on it to be back in action somewhere during the > Saturday, at latest Sunday. That is good news. Forgive me if this has been considered or decided already, or even talked about somewhere that I missed - but will all packages that were uploade

please unblock gnupg/1.4.9-4 (udebs)

Hi, gnupg/1.4.9-4 has been in unstable for 20 days without newly reported problems, but is blocked because it has udebs. Can it please be unblocked? cheers, Thijs signature.asc Description: This is a digitally signed message part.

please unblock phpbb3/3.0.2-4

Hi, Please unblock phpbb3/3.0.2-4, just uploaded to sid, it addresses two security bug(let)s backported from the latest upstream release. thanks, Thijs signature.asc Description: This is a digitally signed message part.

please unblock gnutls26/2.4.2-5

Hi, Please unblock gnutls26/2.4.2-5 (and probably bump its urgency to be in time). It fixes release critical bug #509593. I've explained in the bug log why I think this should indeed be fixed before the release: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=509593#37 but to summarise: the prob

Re: unblock mailman/1:2.1.11-11

On tiisdei 27 Jannewaris 2009, Adeodato Simó wrote: > * Thijs Kinkhorst [Tue, 27 Jan 2009 09:41:57 +0100]: > > Hi, > > > > I'm sorry to bother you again but another debconf translation update has > > come in for mailman. So please unblock mailman/1:2.1.11-11 > &g

Re: sudo 1.6.9p17-2

On tiisdei 27 Jannewaris 2009, Martin Zobel-Helas wrote: > Hi, > > On Wed Jan 28, 2009 at 06:14:36 +1100, Bdale Garbee wrote: > > Please allow this new sudo upload into testing as soon as possible, it > > includes a patch from upstream that fixes a privilege escalation security > > issue present in

Re: Please allow biofox 1.1.5-1 in Lenny.

On tiisdei 27 Jannewaris 2009, Charles Plessy wrote: > I did this on the simple assumption that what was good before would be good > later until the next deadline, which is D-I RC2, as in the previous updates > I made nobody told me anything about this kind of issue. Also, I did not > expect this i

Re: Please allow biofox 1.1.5-1 in Lenny.

On Tue, January 27, 2009 14:55, Charles Plessy wrote: > I was thinking that changes like the one I made would be accepted until > "Deep freeze", since this is the only planned change of unblock policy > that was announced: > http://lists.debian.org/debian-devel-announce/2008/12/msg6.html Perha

unblock mailman/1:2.1.11-11

Hi, I'm sorry to bother you again but another debconf translation update has come in for mailman. So please unblock mailman/1:2.1.11-11 thanks, Thijs signature.asc Description: This is a digitally signed message part.

Re: [php-maint] php5 packages for lenny, redux

On moandei 26 Jannewaris 2009, sean finney wrote: > i just did another upload.  i guess i don't get the accept/reject > notifications for these, so let me know if there's any more problems. It arrived and is building now. Thijs signature.asc Description: This is a digitally signed message part

Re: Pre-approval for squirrelmail-plugins

On Monday 26 January 2009 11:24, Jan Hauke Rahm wrote: > I tried to discuss this with my sponsor (in CC) but he didn't answer for > a few days and to not delay release I want to ask you directly: I've been away for the weekend. > I'm maintaing a few squirrelmail plugins which are automatically >

translation unblocks

Hi, Please unblock for translation updates: msttcorefonts/2.7 mailman/1:2.1.11-10 The latter also removes a spurius 'rm' as discussed in <20090107151049.ge22...@chistera.yi.org> on this list. thanks, Thijs pgp8pyqBAPzmk.pgp Description: PGP signature

Re: Pre-approval for apt 0.7.21: "Valid-Until" feature and proxy changes

On Thursday 15 January 2009 22:37, Eugene V. Lyubimkin wrote: > Florian Weimer wrote: > > And if Valid-Until is only checked against the real-time clock, the > > attacker can still feed bad data over NTP, so it's not even a complete > > defense. 8-( As there are questions about the implementation,

please unblock puppet/0.24.5-3

Hi, puppet/0.24.5-3 addresses a release critical bug, but I'm not sure if it's on your radar because the bug has been downgraded as a result of this upload. The bug in question is #509566; the changelog is below. thanks, Thijs puppet (0.24.5-3) unstable; urgency=medium * Set wait for cert t

<    1   2   3   >