X-Debbugs-Cc: debian-release@lists.debian.org
Control: reassign -1 pyside2
Control: affects -1 freecad
This has been introduced by the upload of pyside3, which changed the
libary name without managing that reverse dependencies so that they rebuilt.
Dear pyside2 maintainers, please be more thought
22, 2024 at 08:50:35AM +0200, Emilio Pozuelo Monfort wrote:
> Control: tags -1 confirmed
>
> On 19/05/2024 23:08, Tobias Frost wrote:
> > Package: release.debian.org
> > Severity: normal
> > X-Debbugs-Cc: opencasc...@packages.debian.org
> > Control: a
now, there is also a patch for freecad (#1071283)
Package: release.debian.org
Severity: normal
X-Debbugs-Cc: opencasc...@packages.debian.org
Control: affects -1 + src:opencascade
User: release.debian@packages.debian.org
Usertags: transition
Control: block 1071284 by -1
Control: block 1071223 by -1
Control: block 1071470 by -1
Control: block 10
upload by the Security Team.
+ * Import upstream patch for CVE-2023-40225, forwarding malformed
+Content-Length Headers. Closes: #1043502.
+ * Import upstream patch for CVE-2023-45539, accepting invalid requests
+ containing '#' as part of the URI component.
+
+ -- Tobias Frost
oad by the Security Team.
+ * Import upstream patch for CVE-2023-40225, forwarding malformed
+Content-Length Headers. Closes: #1043502.
+ * Import upstream patch for CVE-2023-45539, accepting invalid requests
+ containing '#' as part of the URI component.
+
+ -- Tobias Frost M
upload by the Security Team.
+ * Apply upstream fix for CVE-2023-30577 (Closes: #1055253)
+
+ -- Tobias Frost Sun, 03 Dec 2023 14:17:07 +0100
+
amanda (1:3.5.1-11) unstable; urgency=medium
* d/p/49-fix-CVE-2022-37705_part_2: 48-fix-CVE-2022-37705 broken one use
diff -Nru amanda-3.5.1/debian/
avid Bürgin ]
+ * Add patch "rev-ares-deletion.patch" for CVE-2022-48521:
+Delete Authentication-Results headers in reverse (Closes: #1041107).
+
+ -- Tobias Frost Fri, 01 Dec 2023 19:17:01 +0100
+
opendkim (2.11.0~beta2-4) unstable; urgency=medium
* Update debhelper-comp
"rev-ares-deletion.patch" for CVE-2022-48521:
+Delete Authentication-Results headers in reverse (Closes: #1041107).
+
+ -- Tobias Frost Sat, 25 Nov 2023 17:19:13 +0100
+
opendkim (2.11.0~beta2-8) unstable; urgency=medium
[ David Bürgin ]
diff -Nru opendkim-2.11.0~beta2/debian/patc
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: freer...@packages.debian.org, t...@security.debian.org
Control: affects -1 + src:freerdp2
I'm asking for pre-approval to update freerdp2 from 2.10.0 to
2.11.2.
The
Frost Sat, 09 Sep 2023 19:07:01 +0200
+
timg (1.4.5-1) unstable; urgency=medium
[ Tobias Frost ]
diff -Nru timg-1.4.5/debian/patches/CVE-2023-40968.patch
timg-1.4.5/debian/patches/CVE-2023-40968.patch
--- timg-1.4.5/debian/patches/CVE-2023-40968.patch 1970-01-01
01:00:00.0
gelog 2023-07-11 19:55:30.0 +0200
@@ -1,3 +1,15 @@
+yajl (2.1.0-3+deb11u2) bullseye; urgency=medium
+
+ [Tobias Frost]
+ * Non-maintainer upload.
+ * Cherry pick John's CVE fixes from 2.1.0-4 and 2.1.0-5
+
+ [John Stamp]
+ * Patch CVE-2017-16516 and CVE-2022-24795 (Closes: #1040036
gelog 2023-07-01 14:55:44.0 +0200
+++ yajl-2.1.0/debian/changelog 2023-07-10 18:06:21.0 +0200
@@ -1,3 +1,15 @@
+yajl (2.1.0-3+deb12u2) bookworm; urgency=medium
+
+ [Tobias Frost]
+ * Non-maintainer upload.
+ * Cherry pick John's CVE fixes from 2.1.0-4 and 2.1.0-5
+
+ [
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: libnginx-mod-http-modsecur...@packages.debian.org, Ervin Hegedüs
Control: affects -1 + src:libnginx-mod-http-modsecurity
Control: block 1040799 by -1
nmu libnginx-mod-http-mod
( sent to early) please do a binnmu for bookworm:
nmu libnginx-mod-http-modsecurity_1.0.3-1+b1 . ANY . bookworm . -m "rebuild
against pcre2 (Closes: #1037226)"
and for unstable:
nmu libnginx-mod-http-modsecurity_1.0.3-1+b1 . ANY . unstable . -m "rebuild
against pcre2 (Closes: #1037226)"
On Mon, 10 Jul 2023 21:08:14 +0100 "Adam D. Barratt"
wrote:
> Control: tags -1 + bookworm moreinfo
>
> On Mon, 2023-07-10 at 21:55 +0200, Ervin Hegedüs wrote:
> > nmu libnginx-mod-http-modsecurity_1.0.3-1+b1 . ANY . bookworm . -m
> > "Closes: 1037226"
>
> *Please* include information in binNMU
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: y...@packages.debian.org
Control: affects -1 + src:yajl
[ Reason ]
This upload is part of fixing yajl for every release. So far sid, bookworm
(#1040136), buster (DLA-
mport upstream patch for CVE-2023-33460. (Closes: #1039984)
+ * Fix d/control Homepage field (Closes: #1040034)
+
+ -- Tobias Frost Sat, 01 Jul 2023 14:55:44 +0200
+
yajl (2.1.0-3) unstable; urgency=medium
[ Jelmer Vernooij ]
diff -Nru yajl-2.1.0/debian/control yajl-2.1.0/debian/control
---
On Wed, 24 May 2023 16:52:06 +0200 Tobias Frost
wrote:
> Please unblock package libsepol
>
> It fixes #1031798, inaccurate copyright file.
>
> No other changes done.
>
> [ Checklist ]
> [x] all changes are documented in the d/changelog
> [x] I reviewed all change
On Wed, 24 May 2023 17:55:48 +0200 Tobias Frost
wrote:
> Please unblock package camping
>
> It fixes a broken symlink to a font. (#861040)
> This had been fixed already earlier, (2.1.580-1.1)
> but that NMU has not been incoroporated in the package and lost.
> The nmu is
=medium
+
+ * Non-maintainer upload.
+ * Fix "Inaccurate copyright file" (Closes: #1031798)
+
+ -- Tobias Frost Wed, 24 May 2023 16:43:03 +0200
+
libsepol (3.4-2) unstable; urgency=medium
* fix validation of user declarations in modules, patch proposed upstream
diff -Nru libsepol-
-24 17:43:23.0 +0200
@@ -1,3 +1,10 @@
+camping (2.3-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix broken font symlink (Closes: #861040)
+
+ -- Tobias Frost Wed, 24 May 2023 17:43:23 +0200
+
camping (2.3-1) unstable; urgency=medium
* Team upload.
diff -Nru
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: libse...@packages.debian.org
Control: affects -1 + src:libsepol
Please unblock package libsepol
It fixes #1031798, inaccurate copyright file.
No other changes done.
[ Checkl
1-7) unstable; urgency=medium
+
+ * Update broken symlink /usr/bin/occt-draw to new version
+ occt-draw-7.6" (Closes: #1036581)
+
+ -- Tobias Frost Tue, 23 May 2023 09:45:56 +0200
+
opencascade (7.6.3+dfsg1-6) unstable; urgency=medium
* Let libocct-data-exchange-dev Conflicts: wit
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: opencasc...@packages.debian.org
Control: affects -1 + src:opencascade
Please unblock package opencascade
Helmut Grohne reported in #1035009 a missing Conflict: on several
pack
-assets-1.7.6+git20221024+dfsg/debian/changelog2023-05-09
17:19:28.0 +0200
@@ -1,3 +1,10 @@
+retroarch-assets (1.7.6+git20221024+dfsg-3) unstable; urgency=medium
+
+ * Team upload.
+ * Add Depends: fonts-droid-fallback (Closes: #1035793)
+
+ -- Tobias Frost Tue, 09 May 2023 17:19:28 +0200
+
+ * Cherry-pick fixes for broken htmlwriter and dbfilter. (Closes: #1035333)
+
+ -- Tobias Frost Mon, 01 May 2023 10:00:20 +0200
+
solarpowerlog (0.25-1) unstable; urgency=medium
* New upstream release.
diff -Nru solarpowerlog-0.25/debian/patches/fix_dbwriter.patch
solarpowerlog-0.25/debian
23:29:29.0 +0100
+++ widelands-1.1/debian/changelog 2023-04-04 16:15:53.0 +0200
@@ -1,3 +1,10 @@
+widelands (2:1.1-3) unstable; urgency=medium
+
+ * Team upload.
+ * Fix version constraint in dir_to_symlink. (Closes: #1033879)
+
+ -- Tobias Frost Tue, 04 Apr 2023 16:15:53
building twice from source tree, delete created files.
+ * Replace link to unifont.ttf with unifont.otf. (Closes: #1033833)
+
+ -- Tobias Frost Mon, 03 Apr 2023 19:23:41 +0200
+
unknown-horizons (2019.1-5) unstable; urgency=medium
* Team upload.
diff -Nru unknown-horizons-2019.1/debian/clean
On Sat, Apr 01, 2023 at 08:13:23PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sat, 2023-02-25 at 21:16 +0100, Tobias Frost wrote:
> > After fixing CVE-2023-22742 for LTS and ELTS, I'd like to see
> > this CVE also fixed in stable, for consisten
On Fri, Mar 17, 2023 at 09:15:36PM +0100, Salvatore Bonaccorso wrote:
> Yes this is correct, you do not need to mention it. I just wanted to
> make double sure it's as well on the radar (and have not checked if
> you have uploaded with -v to incude the intermediate changelog entries
> as well).
I
Am 17. März 2023 19:18:50 UTC schrieb Salvatore Bonaccorso :
>
>On Thu, Mar 16, 2023 at 04:06:29PM +0100, Tobias Frost wrote:
>> Package: release.debian.org
>> Severity: normal
>> Tags: bullseye
>> User: release.debian@packages.debian.org
>> Userta
00b06f5, pf_mask 0x07, 2023-01-04, rev 0x002c, size 219136
+
+ -- Tobias Frost Tue, 14 Mar 2023 19:17:02 +0100
+
+intel-microcode (3.20221108.1) unstable; urgency=medium
+
+ * New upstream microcode datafile 20221108
+* New Microcodes:
+ sig 0x000606c1, pf_mask 0x10, 2022-08-07, rev 0x1000
Control: tag -1 -moreinfo
>
> On Sun, Mar 12, 2023 at 06:56:21PM +0100, Tobias Frost wrote:
> > I've uploaded intel-microcode to DELAYED/5, ETA will be Mar 17 ~18:00 CET
> > Please unblock package intel-microcode once it hits unstable.
>
> Please remove the moreinf
-01-04, rev 0x002c
+sig 0x000b06f5, pf_mask 0x07, 2023-01-04, rev 0x002c
+
+ -- Tobias Frost Sun, 12 Mar 2023 18:16:50 +0100
+
intel-microcode (3.20221108.2) unstable; urgency=medium
* Move source and binary from non-free/admin to non-free-firmware/admin
Binary files /tmp/qNbFv9J1
2-24 16:11:52.0
+0100
@@ -1,3 +1,10 @@
+libgit2 (1.1.0+dfsg.1-4+deb11u1) bullseye-security; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Backport patch for CVE-2023-22742 (Closes: #1029368)
+
+ -- Tobias Frost Fri, 24 Feb 2023 16:11:52 +0100
+
libgit2 (1.1.0+dfsg.1-4
Hi Sebastian
>
> Please go ahead.
>
Thanks, I've uploaded it to unstable.
--
tobi
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: gnome-shell-pomod...@packages.debian.org
Control: affects -1 + src:gnome-shell-pomodoro
Please unblock package gnome-shell-pomodoro
There is currently an nasty bug in this gno
+
+ [ Ervin Hegedus ]
+ * Fix CVE-2022-48279: Added multipart_part_headers.patch
+
+ [ Tobias Frost ]
+ * Fix CVE-2023-24021, cherry-picking upstream commit. (Closes: #1029329)
+ * Fix typo in CVE number in 2.9.3-3+deb11u1 entry. (s/--/-/)
+
+ -- Tobias Frost Fri, 27 Jan 2023 10:09:29 +0100
+
On Thu, Jan 19, 2023 at 09:08:20PM +0100, Salvatore Bonaccorso wrote:
> Hi Tobi,
>
> Small formal review:
>
> On Thu, Jan 19, 2023 at 08:52:37PM +0100, Tobias Frost wrote:
> > forgot to attach the diff
> >
>
> > diff -Nru libapreq2-2.13/debian/chang
) UNRELEASED; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Backport fix for CVE-2022-22728. (Closes: #1018191)
+
+ -- Tobias Frost Thu, 19 Jan 2023 20:25:21 +0100
+
libapreq2 (2.13-7) unstable; urgency=high
* Source-only upload.
diff -Nru libapreq2-2.13/debian/patches/10-CVE
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: libapr...@packages.debian.org, Salvatore Bonaccorso
Control: affects -1 + src:libapreq2
I've uploaded prepared an security update of libapreq2 for LTS and ELTS.
The
Hi Sebastian,
thanks for the go ahead!
On Wed, 4 Jan 2023 19:42:13 +0100 Sebastian Ramacher
wrote:
> Control: tags -1 confirmed
>
> Please go ahead.
Uploaded to unstable and it has been built on all archs already… :)
I guess it is ready to schedule the binNMUs :)
--
Cheers,
tobi
On Thu, Jan 05, 2023 at 02:29:42PM +0100, Sebastian Ramacher wrote:
>
> From recent memory and assuming there are no issues with d/copyright,
> binary-NEW uploads to experimental have been processed swiftly.
This is also my experience that binary-NEW uploads for
library SONAME bumps are handled v
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
X-Debbugs-Cc: log4...@packages.debian.org
Control: affects -1 + src:log4cxx
Hi,
I'm currently preparing for log4cxx13 -> log4cxx15 transition.
(SO_NAME 14 had been skipped by upstream)
022-12-07 17:24:59.0
+0100
@@ -1,3 +1,10 @@
+virglrenderer (0.8.2-5+deb11u1) bullseye; urgency=medium
+
+ * Non-maintainer upload by the LTS Security Team.
+ * Cherry-pick upstream fix for CVE-2022-0135. (Closes: #1009073)
+
+ -- Tobias Frost Wed, 07 Dec 2022 17:24:59 +0100
+
virglre
control: block -1 by 1023365
FWWIW, wxwidget 3.2 breaks at least prusa-slicer (#1022234, #1023365).
Upstream explictily says it does not (yet) support wxwidgets 3.2. [1]
Just mentioning here, as it *builds* fine against wxwigets3.0, but does
not work (instant crashes).
Prusa-Slicer is for many
2022-10-31 17:33:32.0
+0100
@@ -1,3 +1,12 @@
+clickhouse (18.16.1+ds-7.2+deb11u1) bullseye-security; urgency=medium
+
+ * Non-maintainer upload by the Security Team.
+ * Add Salsa CI config for bullseye.
+ * Fix CVE-2021-42387, CVE-2021-42388, CVE-2021-43304, CVE-2021-43305
+ (Cl
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: 1019...@bugs.debian.org
nmu openmpi_4.1.0-10 . ANY . unstable . -m "Rebuild with fixed dh-fotran-mod
(See #1019050)""
As reported in #1019721, openmpi is affected by #1019050,
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Now that pmix has been reverted, deal.ii can be rebuilt against opencascade
7.6.3, to
make it installable again.
Please add an additional
Dep-Wait on pmix > 4.2.0+really.4.1.2-1~
as pmix
On Tue, 23 Aug 2022 18:01:23 +0200 Drew Parsons wrote:
> Source: pmix
> Followup-For: Bug #1017356
> Control: reopen -1
> Control: found 1017356 pmix/4.2.0-2
>
> Adrian's last comments still apply all the same.
> The problem is still there.
>
> (tests of version 4.2.0-1 in experimental get run i
ave not recompiled netgen yet.
--
Thanks
tobi
On Tue, Aug 16, 2022 at 09:10:33PM +0200, Sebastian Ramacher wrote:
> On 2022-07-18 14:26:26 +0200, Tobias Frost wrote:
> > Hi Release team,
> >
> > opencascade has a new release with bumps so name to 7.6 The transition
>
if really needed, with a Dep-Wait on netgen >=
6.2.2006+really6.2.1905+dfsg-5.1, as some ports have not recompiled netgen yet.
--
Thanks
tobi
On Tue, Aug 16, 2022 at 09:10:33PM +0200, Sebastian Ramacher wrote:
> On 2022-07-18 14:26:26 +0200, Tobias Frost wrote:
> > Hi
Hi,
On Mon, Aug 01, 2022 at 08:29:45AM +0100, Graham Inggs wrote:
> Control: tags -1 confirmed
>
> Hi Tobi
>
> On Sun, 31 Jul 2022 at 16:51, Tobias Frost wrote:
> > I've uploading 7.6.3 right now to experimental; as I removed the confirmed
> > tag, please
On Sun, Jul 31, 2022 at 02:02:22PM +0200, Tobias Frost wrote:
(...)
> as NEW will be involved)
Silly me, NEW is not involved...
I've uploading 7.6.3 right now to experimental; as I removed the confirmed tag,
please reACK
the "go ahead" -- I've tested that all r-depends
Control: tags -1 -confirmed
On Fri, Jul 22, 2022 at 02:42:13PM +0200, Graham Inggs wrote:
> Control: tags -1 confirmed
>
> Hi Tobi
>
> On Mon, 18 Jul 2022 at 14:30, Tobias Frost wrote:
> > opencascade has a new release with bumps so name to 7.6 The transition
> >
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Control: block 1014964 by -1
Hi Release team,
opencascade has a new release with bumps so name to 7.6 The transition tracker
[1]
correctly picked it up already after the upload to exper
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
I'm preparing the transistion for log4cxx from SONAME 12 to SONAME 13.
I have built the r-deps locally with the result indicated below:
solarpowerlog-- builds fine
ros-rosconsole
On Sun, Jan 09, 2022 at 02:46:47PM +0100, Sebastian Ramacher wrote:
> Please go ahead
Done and it seems that all rebuild have been scheduled and completed already!
Thanks especially for that quick turnaround!
Cheers,
--
tobi
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
X-Debbugs-Cc: ros-roscons...@packages.debian.org,
Hi,
I'm planning to transit liblog4cxx 0.11 -> 0.12.
https://release.debian.org/transitions/html/auto-log4cxx.html
list 3 reverse depen
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Hi,
dovecot-anitspam seems to need a binNMU for the new dovecot version recently
uploaded...
nmu dovecot-antispam_2.0+20171229-1+b8 . ANY . unstable . -m "rebuild for
dovecot-abi-2.3.abiv1
Control: tags 990027 -moreinfo
I've just uploaded the package.
Cheers,
tobi
On Tue, Jun 22, 2021 at 08:30:56AM +0200, David Bürgin wrote:
> Package: sponsorship-requests
> Severity: normal
>
> Dear mentors,
>
> I am looking for a sponsor for my package "opendmarc":
>
> * Package name: op
On Fri, Jun 11, 2021 at 10:44:10PM +0200, Bastian Germann wrote:
> On Mon, 31 May 2021 19:41:53 +0200 Tobias Frost wrote:
> > The diff looks good, but there are some formalities…
> >
> > - Can you file an "Stable Proposed Updates" unblock request to get an
> &g
Control: tags 989681 -moreinfo
Uploaded; Thanks Håvard for the fix!
--
tobi
On Sat, 29 May 2021 15:11:30 +0100 "Adam D. Barratt"
wrote:
> Please go ahead.
>
Thanks, Adam.
I've just sponsored the uploaded for Håvard.
--
Cheers,
tobi
Am 3. November 2020 10:35:16 MEZ schrieb Sebastian Ramacher
:
>Control: forwarded -1
>https://release.debian.org/transitions/html/auto-log4cplus.html
>Control: tags -1 + confirmed
>
>please go ahead with the upload to unstable.
>
>Cheers
Thanks Sebastian!
uploaded and all buildds are happy alrea
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi release-team,
transition time again :)
This time, log4cplus…
https://release.debian.org/transitions/html/auto-log4cplus.html
seems to have picked it up correctly.
I've rebuilt the
On Tue, 15 Sep 2020 21:29:50 +0200 Emilio Pozuelo Monfort
> > Waiting for the green light from you ;-)
>
> Go ahead.
the new log4xx 0.11 is now in unstable and has built on all release archs.
(So, I guess the binmnu party can start now ;-)
Cheers,
--
tobi
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hello release team!
I'm preparing the transition of log4cxx. It's already showing up
on https://release.debian.org/transitions/html/auto-log4cxx.html, so
ben seems to be hapy…
Building
On Mon, 27 Apr 2020 21:42:53 +0200 Tobias Frost wrote:
> The following packages of Dependency level 2 could already be binNMUed:
> gmsh_4.5.6+ds1
> kicad_5.1.5+dfsg1-2
Sorry for the noise, I just realized that that has happened already.
Read: You are awesome!)
netgen is now in
On Sat, Apr 25, 2020 at 02:29:53PM +0200, Emilio Pozuelo Monfort wrote:
> Control: tags -1 confirmed
> Go ahead.
Thanks!
opencascade is now in unstable and all archs have successuflly built.
The following packages of Dependency level 2 could already be binNMUed:
gmsh_4.5.6+ds1
kicad_5.1.5+dfsg1
Update:
deal.ii -- patch available (unrelated to opencascade, just exposed by it)
freecad -- same as deal.ii. Also patch available. However, due to pyside2 it
will remain RC buggy.
So theoretically the transistion would be ready…
Let me know when I can proceed.
--
tobi
> deal.ii_9.1.1-9 ✔ (BDs on gmsh)
that should have been
> deal.ii_9.1.1-9 ✘
(need to investigate this one, but first glance does not look like it is
caused by opencascade.)
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi Release team,
opencascade has a new release with bumps so name to 7.4 The transition tracker
[1]
correctly picked it up already after the upload to experimental.
[1] https://release
.0 +0200
@@ -1,3 +1,10 @@
+epsilon (0.7.1-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Apply patch from BTS to fix, thanks doko for the patch (Closes: #924650)
+
+ -- Tobias Frost Sat, 06 Apr 2019 12:38:25 +0200
+
epsilon (0.7.1-1) unstable; urgency=medium
* Ne
+ CVE-2018-20549 (Closes: #917807)
+
+ -- Tobias Frost Sat, 06 Apr 2019 22:18:41 +0200
+
libcaca (0.99.beta19-2) unstable; urgency=medium
* debian/patches/100_doxygen.diff: remove deprecated Doxygen variables.
diff -Nru libcaca-0.99.beta19/debian/patches/CVE-2018-20544.patch
libcaca-0.9
ch. (Closes: #882324)
+
+ -- Tobias Frost Fri, 05 Apr 2019 18:04:57 +0200
+
amavisd-new (1:2.11.0-6) unstable; urgency=medium
* Fix start-stop-daemon insecure error. Closes: #921016.
diff -Nru amavisd-new-2.11.0/debian/patches/0010-fix-882324.patch
amavisd-new-2.11.0/debian/patches/0010-fix-8823
f /tmp" by only using the fall back to $HOME.
+ This is patch 0002-disable-insecure-temp-file.patch
+(Closes: #924076)
+
+ -- Tobias Frost Fri, 05 Apr 2019 20:27:01 +0200
+
tvtime (1.0.11-4) unstable; urgency=medium
* QA upload.
diff -Nru tvtime-1.0.11/debian/control tvtime-1
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Hi Release team,
I think that the binNMU for freeimage against libraw19 did not work; the
package has downloaded and installed libraw16 during build, instead of
*19. Can you please check if
Control: reassign -1 libwine
Control: retitle -1 libwine: Does not declare a Depends: on libpng
Hi Gianfranceo,
let me reassign this bug to the wine party people, because I think it is a bug
there, at least it should be investigated why the package is using libpng but
not
declaring a Depends on i
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Seems so that a binNMU is required for wine. (See #823991)
nmu wine_1.8.1-2 . ANY . unstable . -m "Rebuild against libpng1.6."
-- System Information:
Debian Release: stretch/sid
APT prefe
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Maintainer obviously not built on an up-to-date system.
nmu libapache2-mod-qos_11.25-1 . amd64 . -m "Rebuild against libpng1.6"
Dear Sergey,
This bug could have been easily avoided.
plea
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
While working on decrufting gdcm I noticed that there is a package in need of
a binnmu -- it still Depends on gdcm 2.4
(gdcm was only lately fixed for hurd, that's why it missed it)
nmu vtk-
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm
As discussed on #debian-games and as debian-games member, I ask warzone2100 to
be removed from testing to help in the libpng transition (removal of libpng
1.2)
Warzone21000 is currently RC (FTBF
Am Mittwoch, den 06.04.2016, 15:33 + schrieb Gianfranco Costamagna:
> Hi,
>
>
> > Ack. :)
>
>
>
> I don't let you change your mind now :)
> uploaded on debomatic-amd64, and on unstable a few seconds ago.
>
> lets the *fun* start!
>
> BTW I added me and Tobias in uploaders list, as per pr
On Sun, 3 Apr 2016 09:55:55 +0200 Gianfranco Costamagna wrote:
with an ftpmaster *really fast* accept we are
> now in place and ready for the transition.
>
> I think we are ready for the ack.
>
> thanks,
>
> Gianfranco
>
I agree with Gianfranco, "NOW" would be a great time to start that
adven
> Hi Gianfranco,
>
> Of course they can B-D on libpng16-devtools (but requires several sourceful
> uploads during the transition), but than we have that nasty SONAME back in the
> B-depdencies...
> Should we provide also a SONAME-neutral package name here?
Ähm, we have already a Provides: libpng-d
Hi Gianfranco,
I've just got a change to take a look at the new libpng package.
A remark:
- The change that libbpng-dev only recommends libpng16-devtools will cause
some build failures, as several packages needs the devtool to be pulled in but
do not declare a dependency on this.
Of course they
On Sat, 26 Mar 2016 00:50:58 +0100 Emilio Pozuelo Monfort binary-NEW shouldn't be a big deal. Just make sure to upload to
experimental.
OK, then let's follow Gianfrancos proposoal!
Beside that, here's a last report on the rebuilding on my server:
(I need to free up space on the server for other
On Wed, 23 Mar 2016 21:58:56 +0100 Gianfranco Costamagna wrote:
>
> 1) provide a real libpng-dev and upload on experimental in 7 days
starting now.
> (I'm going to upload on deferred/7 in a few minutes/hours)
>
Hi Gianfranco,
what bothers me is that having a real libpng-dev package requires us
Am Sonntag, den 31.01.2016, 17:52 + schrieb Mattia Rizzolo:
> On Sun, Jan 31, 2016 at 05:46:07PM +0100, Tobias Frost wrote:
> > Still FTBFS are, I've put an analysis why so on the titanpad [1],
> > but
> > those are all _not_ libpng related and many of those packages
TL;DL:
13 FTBFS left, but those are not libpng's fault.
Out of those 13 packages, only 5 are in testing right now.
(I think that's all I can do from my side for now, so I'l pause the
efforts waiting for the other parties involved.)
Details:
The stats are now, and this is the best we can curre
).
IMHO also the udeb part is ready for the transition, but I'm not in the
d-i topics.
--
tobi
On Tue, 26 Jan 2016 22:05:22 +0100 Tobias Frost
wrote:
> Hallo KiBi,
>
> On Tue, 26 Jan 2016 10:51:11 +0100 Cyril Brulebois
> wrote:
>
> > Has anyone tested a debian
for the transition, but I'm not in the
d-i topics.
--
tobi
On Tue, 26 Jan 2016 22:05:22 +0100 Tobias Frost
wrote:
> Hallo KiBi,
>
> On Tue, 26 Jan 2016 10:51:11 +0100 Cyril Brulebois
> wrote:
>
> > Has anyone tested a debian installer build where some packa
Am Dienstag, den 26.01.2016, 22:25 + schrieb Gianfranco Costamagna:
> Hi Tobias
>
> > +libpng1.6 (1.6.20-1.2)
> > unstable; urgency=medium
>
> Do you want to go on unstable or it is a typo?
>
> Gianfranco
Typo
Am Dienstag, den 26.01.2016, 20:45 +1100 schrieb Aníbal Monsalve
Salazar:
> On Tue, 2016-01-26 10:23:13 +0100, Tobias Frost wrote:
> > > Tobias Frost (2016-01-25):
> > > > Dear release-team,
> > > >
> > > > Now that all NMUs are in DELAYED for all
Hallo KiBi,
On Tue, 26 Jan 2016 10:51:11 +0100 Cyril Brulebois
wrote:
> Has anyone tested a debian installer build where some packages were
> built against libpng12-0-udeb and some other against libpng16-16-
udeb?
> Does that work? Or are we looking at a giant transition where
everything
> must
Am Dienstag, den 26.01.2016, 18:07 +0100 schrieb Emilio Pozuelo
Monfort:
> On 26/01/16 17:54, Gianfranco Costamagna wrote:
> > Hi Emilio!
> >
> >
> > > Can send another summary with your proposed plan here? Currently
> > > libpng12-dev
> > > provides libpng-dev but libpng16-dev doesn't. Are you g
> Tobias Frost (2016-01-25):
>> Dear release-team,
>>
>> Now that all NMUs are in DELAYED for all fixables.
>> I think we are ready to throw the switch.
>
> You haven't answered <20160106232316.ga28...@mraw.org>.
>
> Mraw,
> KiBi.
>
Dear release-team,
Now that all NMUs are in DELAYED for all fixables.
I think we are ready to throw the switch.
Please let us know and assign us the transition slot :)
Please assign a slot.
Here's the actual summary [1]
Built: 474
Failed: 34
OK: 440
The failed ones split up as follow:
NMUs:
1 - 100 of 140 matches
Mail list logo
