Re: Cool stuff (was: Re: Graphing Debian Keyring)
On Fri, Mar 14, 2008 at 07:33:30AM +0100, Andreas Tille wrote: > I would be in great favour of this. (I like goodies.debian.net, but > no strong opinion about the name). The question is: Is there anybody > who would actually _do_ the initial collection, which seems to be quite > a hard job? I at least would welcome a place where I can put some of my stuff somewhere. Ciao, Enrico -- GPG key: 1024D/797EBFAB 2000-12-05 Enrico Zini <[EMAIL PROTECTED]> signature.asc Description: Digital signature
Re: dpkg semi-hijack - an announcement (also, triggers)
On Fri, Mar 14, 2008 at 06:14:26AM +0200, Guillem Jover wrote: > I seems I'll need to clarify this as well To be honest, I'd love to see you ignore this entire thread if it means you'll spend time whipping the triggers stuff into whatever shape you think it needs to be in to go into sid. Perhaps you and Ian can decide on an intermediary who knows the dpkg code base and can help get this done? Simon. -- Think of me as CVS with a brain and with some taste. - Linus Torvalds signature.asc Description: Digital signature
Re: table view wnpp page now on wnpp.debian.net
On 13 Mar 2008, at 9:33 pm, Sebastian Pipping wrote: Tim Cutts wrote: A minor niggle, but the colours you have chosen are not good for the 5% of your male viewers who have deuteranopia or protanopia, the two most common forms of colour-blindness. I don't have either condition myself, but I've been bitten by this before in web pages I've created... in particular the green and yellow shades are almost identical for people with either condition. Hm, can you help with creating a good set of colors? There are a number of programs around which can help with this. I use Color Oracle: http://colororacle.cartography.ch/ It sits in a Gnome panel, and will temporarily change your entire display's colours to simulate three different kinds of colour blindness. Tim -- The Wellcome Trust Sanger Institute is operated by Genome Research Limited, a charity registered in England with number 1021457 and a company registered in England with number 2742969, whose registered office is 215 Euston Road, London, NW1 2BE. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the Security Team
Steve Langasek wrote: >> The Security Team is now using Request Tracker to coordinate work >> and our RT processes have already been refined a lot. >> If you're a package maintainer working towards a security update, >> you're now encouraged to open a ticket directly. You will be kept in >> CC during the life time of the ticket. If you're opening a ticket for >> a security problem, which is not yet publicly known, e.g. if you've >> discovered it by yourself or if you have been contacted by upstream, >> please open a ticket in the "Security - Private" queue. These >> issues will only be visible by the Security Team. > >> If you're opening a ticket for a security problem which is publicly >> known, e.g. if it's announced on the project web site, please open a >> ticket in the "Security" queue. These issues will be visible publicly. > > As far as I can see, this announcement mail doesn't mention where the RT > instance is running, nor the means of opening a ticket in the appropriate > queue. Where is this information available? We're using the official rt.debian.org. Full details will be folded into the developer's reference soon. >> We're planning to improve our quality assurance process for security >> updates by providing a public security update beta test program in >> addition to the existing QA done for security updates. >> During the preparation of security updates, there's an inherent delay >> between the initial upload of the fixed packages and the time until >> the packages have been built on porter machines. This time gap will be >> used for a new security update beta program. The test program will be >> targeted at large installations, which install security updates in a >> test environment before installing them into the production >> environment. This test group will be initially limited. > > Is this meant to apply only to unembargoed security updates? AIUI, the > practice today is that for embargoed security updates, all of the binaries > are kept in the queue until they're ready for release; so I don't really see > a gap when the security update is public but the binary packages aren't > built? Yes, this is limited to non-embargoed security issues. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the Security Team
On 2008-03-11, Don Armstrong <[EMAIL PROTECTED]> wrote: > On Sun, 09 Mar 2008, Moritz Muehlenhoff wrote: >> If you're opening a ticket for a security problem which is publicly >> known, e.g. if it's announced on the project web site, please open a >> ticket in the "Security" queue. These issues will be visible >> publicly. > > Is there any particular reason why we're duplicating this information > that should already be present in the bts as bugs with severity > serious tagged security marked found in a version in stable in RT? > > If there are some change to the BTS needed for the security team to > track the non-embargoed issues more easily, I'd be glad to make (or at > the very least discuss) them. > > From where I sit it seems non-ideal for both the security team and > maintainers (as well as anyone else who is interested) to put this > information in a system which isn't tied in strongly with the BTS or > otherwise is unable to track package versioning. This doesn't intend to duplicate information from the BTS. The RT queues even contain direct links to the BTS. RT is used to distribute work among the members of the security team and to keep pending issues more organized. RT mostly replaces sending to mail to [EMAIL PROTECTED] if a maintainer wants to assist in preparing a security update. Mail doesn't scale very well, so we've had occasional smaller issues being lost in the noise. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
live-magic: python-error during post-install
#apt-get install live-magic ... Richte live-magic ein (0.3-1) ... Compiling /var/lib/python-support/python2.3/livemagic/model/key_var_config_file.py ... File "/var/lib/python-support/python2.3/livemagic/model/key_var_config_file.py", line 28 @staticmethod ^ SyntaxError: invalid syntax -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: live-magic: python-error during post-install
On Fri, 14 Mar 2008 14:15:10 +0100, Rudi Effe <[EMAIL PROTECTED]> wrote: > #apt-get install live-magic > ... > > Richte live-magic ein (0.3-1) ... > Compiling > /var/lib/python-support/python2.3/livemagic/model/key_var_config_file.py > ... > > File > "/var/lib/python-support/python2.3/livemagic/model/key_var_config_file.py", > line 28 > @staticmethod > ^ > SyntaxError: invalid syntax You should file a bug report against this package to denote incompatibility with python2.3. As a work-around, you could just uninstall python2.3 if you don't use it anymore. You will be left with python2.4 which should work fine. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
good nahty db acw Cuties ug fhyk z.
u, kind ozjs Schoolgirl dx emslt http://www.vidrohot.cn fu r j. zzekw ssn eom jqpb pb gz. lxtem dux np awmsq, ig ea jflix pe oygay ckpe kqtbn. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the Security Team
On Fri, 14 Mar 2008, Moritz Muehlenhoff wrote: > This doesn't intend to duplicate information from the BTS. The RT > queues even contain direct links to the BTS. RT is used to > distribute work among the members of the security team and to keep > pending issues more organized. You could actually do all of that pretty easily using usertags or similar, but it's your process. The main reason that I wanted to clarify this is because the instructions sound like RT should be used in lieu of the BTS, which isn't such a great idea. The secondary reason is that it's very useful to see in a single location the exact status of non-embargoed security bugs; using RT means that someone who is interested has to find the RT bug which corresponds to the package they're interested in and then check the corresponding BTS bug (though I suppose this could be mitigated by adding a reverse link to the RT bug from the bts using the forwarded field or similar.) > RT mostly replaces sending to mail to [EMAIL PROTECTED] if a > maintainer wants to assist in preparing a security update. Mail doesn't > scale very well, so we've had occasional smaller issues being lost in > the noise. I agree that some method of tracking what the stable security team is working on is a good idea; e-mail definetly doesn't scale. Don Armstrong -- This can't be happening to me. I've got tenure. -- James Hynes _Publish and Perish_ http://www.donarmstrong.com http://rzlab.ucr.edu -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the Security Team
Hi Don, * Don Armstrong <[EMAIL PROTECTED]> [2008-03-14 20:42]: > On Fri, 14 Mar 2008, Moritz Muehlenhoff wrote: [...] > The secondary reason is that it's very useful to see in a single > location the exact status of non-embargoed security bugs; using RT > means that someone who is interested has to find the RT bug which > corresponds to the package they're interested in and then check the > corresponding BTS bug (though I suppose this could be mitigated by > adding a reverse link to the RT bug from the bts using the forwarded > field or similar.) That's what the security tracker is for. http://security-tracker.debian.net/tracker/ http://security-tracker.debian.net/tracker/ Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. pgpjXrX7ffNWJ.pgp Description: PGP signature
Bug#470995: ITP: devotee -- Debian voting system
Package: wnpp Severity: wishlist Owner: Michael Casadevall <[EMAIL PROTECTED]> * Package name: devotee Version : 0.1patch2 Upstream Author : Manoj Srivastava <[EMAIL PROTECTED]> * URL : http://www.debian.org/ * License : GPL Programming Lang: (C, C++, C#, Perl, Python, etc.) Description : Debian voting system Devotee is the debian voting system, used when offical matters are called to a vote. It intergrates with LDAP, and GPG, and isolates each voting task into a seperate program to ensure votes are not lost due to an error in devotee. -- System Information: Debian Release: lenny/sid APT prefers gutsy-updates APT policy: (500, 'gutsy-updates'), (500, 'gutsy-security'), (500, 'gutsy-backports'), (500, 'gutsy') Architecture: i386 (i686) Kernel: Linux 2.6.22-14-generic (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
