clojure1.2 changed in unstable: FTBFS -> unreproducible

2015-09-11 Thread Reproducible builds folks
More information on https://reproducible.debian.net/unstable/amd64/clojure1.2, feel free to reply to this email to get more help. __ This is the maintainer address of Debian's Java team . Please use debian-j...@lists.d

Bug#798721: marked as done (maven-processor-plugin: Missing Build-Depends on junit4)

2015-09-11 Thread Debian Bug Tracking System
Your message dated Fri, 11 Sep 2015 23:08:31 +0100 with message-id <1442009311.2628556.381405537.28a38...@webmail.messagingengine.com> and subject line has caused the Debian Bug report #798721, regarding maven-processor-plugin: Missing Build-Depends on junit4 to be marked as done. This means tha

Bug#798721: maven-processor-plugin: Missing Build-Depends on junit4

2015-09-11 Thread Chris Lamb
Source: maven-processor-plugin Version: 2.0.8-1 Severity: serious Justification: fails to build from source User: reproducible-bui...@lists.alioth.debian.org Usertags: ftbfs X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org Tags: patch Dear Maintainer, maven-processor-plugin fails to buil

Re: Bug#793984: jessie-pu: package groovy/1.8.6-4

2015-09-11 Thread Miguel Landaeta
On Mon, Aug 31, 2015 at 06:56:38PM +0200, Moritz Muehlenhoff wrote: > > Moving the rdeps to groovy2 seems the better fix to me (#793911). I agree on that and I believe debian-java is working towards that goal. However, I have not figured yet out how to fix CVE-2015-3253 since groovy FTBFS in str

Bug#793630: groovy 1.8.6 and libcommons-cli-java 1.3.1 FTBFS

2015-09-11 Thread Miguel Landaeta
On Tue, Aug 25, 2015 at 11:52:47PM +0200, Markus Koschany wrote: > > I suggest to ask the release team for an exception and to provide the > security fix via testing-proposed-updates. The CVE-fix appears to be > straightforward and could be uploaded afterwards to stable-proposed-updates. Thanks f

joda-convert 1.7-1 MIGRATED to testing

2015-09-11 Thread Debian testing watch
FYI: The status of the joda-convert source package in Debian's testing distribution has changed. Previous version: 1.5-1 Current version: 1.7-1 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receiv

libjoda-time-java 2.8.2-2 MIGRATED to testing

2015-09-11 Thread Debian testing watch
FYI: The status of the libjoda-time-java source package in Debian's testing distribution has changed. Previous version: 2.7-2 Current version: 2.8.2-2 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will

Bug#795851: openjfx: FTBFS with Gradle 2.5

2015-09-11 Thread Markus Koschany
Am 10.09.2015 um 23:17 schrieb Miguel Landaeta: > Hi Markus, > > On Thu, Sep 10, 2015 at 08:24:52PM +0200, Markus Koschany wrote: >> *ping* > > (ahem, reappearing after my vacations) Welcome back and don't forget to sign my key. :-) Cheers, Markus signature.asc Description: OpenPGP digital

eclipse-cdt 8.6.0-1 MIGRATED to testing

2015-09-11 Thread Debian testing watch
FYI: The status of the eclipse-cdt source package in Debian's testing distribution has changed. Previous version: 8.5.0-1 Current version: 8.6.0-1 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will rec

Processed: Blocking bug of paranamer 2.8

2015-09-11 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > block 798670 by 798672 Bug #798670 [src:libparanamer-java] libparanamer-java: updating to latest upstream release 2.8 798670 was not blocked by any bugs. 798670 was not blocking any bugs. Added blocking bug(s) of 798670: 798672 > thanks Stopping

Bug#798674: apache-directory-server: please enable apacheds-all jar in libapacheds-java.poms

2015-09-11 Thread Markus Koschany
Source: apache-directory-server Version: 2.0.0~M15-1 Severity: wishlist Hi, I am currently packaging the undertow web server which is a prerequisite for packaging syncany. I'm not sure yet, if I really want to maintain both packages but to make it happen, undertow requires the artifact apacheds-a

Bug#798672: qdox: please upgrade qdox to version 2.x

2015-09-11 Thread Markus Koschany
Source: qdox Version: 1.12.1-1 Severity: wishlist Hi, while I was working on an update of paranamer, I discovered that this would require an update of qdox as well. We need the latest upstream release https://github.com/codehaus/qdox/releases/tag/qdox-2.0-M3 I am filing this bug report as a r

Bug#798670: libparanamer-java: updating to latest upstream release 2.8

2015-09-11 Thread Markus Koschany
Source: libparanamer-java Version: 2.7+repack-1 Severity: wishlist This bug report is a request to package a newer upstream release of libparanamer-java and a reminder to update the qdox package. While I was packaging the new release, I discovered that the new version, 2.8, required an updated qd

Bug#798650: CVE-2015-5262: https calls ignore http.socket.timeout during SSL Handshake

2015-09-11 Thread Guido Günther
Hi, On Fri, Sep 11, 2015 at 04:20:42PM +0200, Emmanuel Bourg wrote: > Le 11/09/2015 15:12, Guido Günther a écrit : > > > Please see https://bugzilla.redhat.com/show_bug.cgi?id=1259892 > > Thank you for the report Guido. A hanging connection is certainly > annoying but I fail to understand why it'

Bug#798658: libcommons-net-java-doc: fails to upgrade from 'sid' - trying to overwrite /usr/share/doc-base/libcommons-net-java

2015-09-11 Thread Andreas Beckmann
Package: libcommons-net-java-doc Version: 3.3-1 Severity: serious User: debian...@lists.debian.org Usertags: piuparts Hi, during a test with piuparts I noticed your package fails to upgrade from 'sid' to 'experimental'. It installed fine in 'sid', then the upgrade to 'experimental' fails because

Bug#798650: CVE-2015-5262: https calls ignore http.socket.timeout during SSL Handshake

2015-09-11 Thread Emmanuel Bourg
Le 11/09/2015 15:12, Guido Günther a écrit : > Please see https://bugzilla.redhat.com/show_bug.cgi?id=1259892 Thank you for the report Guido. A hanging connection is certainly annoying but I fail to understand why it's flagged as a security vulnerability. Note that according to HTTPCLIENT-1478 [

Bug#798650: CVE-2015-5262: https calls ignore http.socket.timeout during SSL Handshake

2015-09-11 Thread Guido Günther
Source: commons-httpclient Version: 3.1-11 Severity: important Please see https://bugzilla.redhat.com/show_bug.cgi?id=1259892 Cheers, -- Guido -- System Information: Debian Release: 8.1 APT prefers stable APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'unstable'), (500, 'testi

openjfx changed in unstable: unreproducible -> FTBFS

2015-09-11 Thread Reproducible builds folks
More information on https://reproducible.debian.net/unstable/amd64/openjfx, feel free to reply to this email to get more help. __ This is the maintainer address of Debian's Java team . Please use debian-j...@lists.debi

Processed: closure-linter: Section should be “web”

2015-09-11 Thread Debian Bug Tracking System
Processing control commands: > reassign -1 closure-linter Bug #798627 [closure-compiler] closure-compiler: Section should be “web” Bug reassigned from package 'closure-compiler' to 'closure-linter'. No longer marked as found in versions 2.3.13-2. Ignoring request to alter fixed versions of bug #79

Bug#798627: closure-linter: Section should be “web”

2015-09-11 Thread Ben Finney
Control: reassign -1 closure-linter Control: retitle -1 closure-linter: Section should be “web” Control: notfound -1 closure-compiler/2.3.13-2 Control: found -1 closure-linter/2.3.13-2 I muddled the package and version in the initial report. Reassigning and setting metadata correctly for ‘closure-

Bug#798627: closure-compiler: Section should be “web”

2015-09-11 Thread Ben Finney
Package: closure-compiler Version: 2.3.13-2 Severity: minor The section “python” is for packages that install primarily resources (e.g. libraries) for Python programmers. The package ‘closure-linter’ installs primarily a library for JavaScript programmers, not Python programmers. By the section d

Bug#798628: closure-compiler: Section should be “web”

2015-09-11 Thread Ben Finney
Package: closure-compiler Version: 20130227+dfsg1-8 Severity: minor The section “java” is for packages that install primarily resources (e.g. libraries) for Java programmers. The package ‘closure-compiler’ installs primarily a library for JavaScript programmers, not Java programmers. By the secti