Re: Preparing to announce Squeeze LTS end-of-life
Hi, On Freitag, 12. Februar 2016, Markus Koschany wrote: > Am 12.02.2016 um 01:08 schrieb Holger Levsen: > > Moritz is right, we should't say "wheezy LTS will end in May 2018." now, > > but instead explicitly say "wheezy LTS will end of May 31 2018." > > > > And the announcement hasn't been sent yet…! > > As I said this should and will be corrected as part of the next wiki > update. I have just now amended the wiki to make it clear that Wheezy LTS support will end at the *end* of May 2018 and Jessie LTS support will end at the *end* of April/May 2020, so we don't have to have this discussion again in two years. > For now it should be clear that Wheezy LTS will be supported > until the end of May 2018. Sadly, if you only read the "Debian 6.0 Long Term Support reaching end-of- life" announcement, this is *not clear*, it just says "May 2018", despite we having discussed this well in time… oh well. I have fixed wiki.d.o/LTS now to be clear. I hope the announcement send at the start of Wheezy LTS (there will be one, right?) will be clear on this too. cheers, Holger signature.asc Description: This is a digitally signed message part.
Re: squeeze update of chrony?
Hi, On Fri, Feb 12, 2016 at 03:51:45PM -0500, Antoine Beaupré wrote: > On 2016-02-11 15:37:27, Vincent Blut wrote: > > On Thu, Feb 11, 2016 at 02:02:52PM -0500, Antoine Beaupré wrote: > >>On 2016-02-10 17:33:37, Vincent Blut wrote: > >>> Ok, it’s done. Please could you review and eventually upload if > >>> everything is good for you? Note that the concerned branch is > >>> *squeeze-lts* and the chrony-1.24 upstream tarball is in a branch named > >>> *upstream-1.24*. > >> > >>Hi! > > > > Hello Antoine, > > > > > >>I have tried to build the package using the git repo here: > >> > >>git://anonscm.debian.org/collab-maint/chrony.git > > > > Could you please give it another shot, I updated the series file? > > Alright, it works... > > >>... i guess i'm not familiar enough with non-quilt packages to handle > >>this, but I'd be curious to hear how you build the package from the git > >>repo. > > > > If you want to build it from the git tree, the following should suffice: > > $git clone https://anonscm.debian.org/git/collab-maint/chrony.git > > $git checkout squeeze-lts > > $gbp buildpackage --git-pbuilder --git-debian-branch=squeeze-lts > > --git-upstream-branch=upstream-1.24 > > Oddly, enough, that is worse for me - but it is probably related to my Can you post the invocation and the error you're seeing (probably better t git-buildpack...@packages.debian.org since this is off topic). > specific git-buildpackage setup (it tries to build in my sid > chroot). This works: > > DIST=squeeze ARCH=amd64 git-buildpackage --git-debian-branch=squeeze-lts > --git-upstream-branch=upstream-1.24 I think you don't have to pass the upstream branch at all since gbp will pick up the tag corrssponding with the version from the changelog so: gbp buildpackage --git-dist=squeeze --git-debian-branch=debian/squeeze-lts should be enough or gbp buildpackage --git-dist=DEP14 --git-debian-branch=debian/squeeze-lts so it will derive the distribution from the branch you're building from. Cheers, -- Guido
squeeze update of ntp?
Hello dear maintainer(s), The Debian LTS team would like to fix the security issues which are currently open in the Squeeze version of ntp: https://security-tracker.debian.org/tracker/source-package/ntp Would you like to take care of this yourself? Note that all of the squeeze-relevant issues are still open in the "newer" Debian releases (wheezy through sid). It would be nice to know if you have planned some work on these to avoid duplication. The LTS workflow is defined here: http://wiki.debian.org/LTS/Development If that workflow is a burden to you, feel free to just prepare an updated source package and send it to debian-lts@lists.debian.org (via a debdiff, or with an URL pointing to the source package, or even with a pointer to your packaging repository), and the members of the LTS team will take care of the rest. Indicate clearly whether you have tested the updated package or not. If you don't want to take care of this update, it's not a problem, we will do our best with your package. Just let us know whether you would like to review and/or test the updated package before it gets released. Thank you very much. Damyan Ivanov, on behalf of the Debian LTS team. PS: A member of the LTS team might start working on this update at any point in time. You can verify whether someone is registered on this update in this file: https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup signature.asc Description: PGP signature
Re: [pkg-ntp-maintainers] squeeze update of ntp?
On Sat, Feb 13, 2016 at 10:06:23AM +, Damyan Ivanov wrote: > Hello dear maintainer(s), > > The Debian LTS team would like to fix the security issues which are > currently open in the Squeeze version of ntp: > https://security-tracker.debian.org/tracker/source-package/ntp I was under the impression that squeeze LTS support ended? > Would you like to take care of this yourself? > > Note that all of the squeeze-relevant issues are still open in the > "newer" Debian releases (wheezy through sid). I'm waiting for upstream to actually fix things. I estimate it's going to take 2 months. They're all not that important. Kurt
Re: Preparing to announce Squeeze LTS end-of-life
Hi, Am 13.02.2016 um 09:23 schrieb Holger Levsen: > Hi, > > On Freitag, 12. Februar 2016, Markus Koschany wrote: [...] >> For now it should be clear that Wheezy LTS will be supported >> until the end of May 2018. > > Sadly, if you only read the "Debian 6.0 Long Term Support reaching end-of- > life" announcement, this is *not clear*, it just says "May 2018", despite we > having discussed this well in time… oh well. > > I have fixed wiki.d.o/LTS now to be clear. > > I hope the announcement send at the start of Wheezy LTS (there will be one, > right?) will be clear on this too. Yes, I hope so too. There will be another announcement when the security support of Wheezy is handed over to the LTS team and then it makes sense to mention the end-of-support date 31th of May 2018 again. Thanks for updating the wiki pages. I have mentioned the start of Wheezy LTS, 26th of April, now and added the information that the LTS team will assist the security team in the time between. Regards, Markus signature.asc Description: OpenPGP digital signature
Re: [pkg-ntp-maintainers] squeeze update of ntp?
-=| Kurt Roeckx, 13.02.2016 11:49:24 +0100 |=- > On Sat, Feb 13, 2016 at 10:06:23AM +, Damyan Ivanov wrote: > > Hello dear maintainer(s), > > > > The Debian LTS team would like to fix the security issues which are > > currently open in the Squeeze version of ntp: > > https://security-tracker.debian.org/tracker/source-package/ntp > > I was under the impression that squeeze LTS support ended? Ends on 29 February. See https://lists.debian.org/debian-announce/2016/msg2.html > > Note that all of the squeeze-relevant issues are still open in the > > "newer" Debian releases (wheezy through sid). > > I'm waiting for upstream to actually fix things. I estimate it's > going to take 2 months. When this happens, do you plan to do a wheezy-lts upload too? (wheeszy will gain LTS support in March). BTW CVE-2016-0727 seems to me to be Debian-specific, since the cron job is part of debian/. In case you missed it, there is a patch for it at http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ > They're all not that important. Cheers, dam signature.asc Description: Digital signature
Re: [pkg-ntp-maintainers] squeeze update of ntp?
On Sat, Feb 13, 2016 at 03:55:31PM +, Damyan Ivanov wrote: > -=| Kurt Roeckx, 13.02.2016 11:49:24 +0100 |=- > > On Sat, Feb 13, 2016 at 10:06:23AM +, Damyan Ivanov wrote: > > > Hello dear maintainer(s), > > > > > > The Debian LTS team would like to fix the security issues which are > > > currently open in the Squeeze version of ntp: > > > https://security-tracker.debian.org/tracker/source-package/ntp > > > > I was under the impression that squeeze LTS support ended? > > Ends on 29 February. See > https://lists.debian.org/debian-announce/2016/msg2.html > > > > Note that all of the squeeze-relevant issues are still open in the > > > "newer" Debian releases (wheezy through sid). > > > > I'm waiting for upstream to actually fix things. I estimate it's > > going to take 2 months. > > When this happens, do you plan to do a wheezy-lts upload too? (wheeszy > will gain LTS support in March). Yes. > BTW CVE-2016-0727 seems to me to be Debian-specific, since the cron > job is part of debian/. In case you missed it, there is a patch for it > at > http://www.halfdog.net/Security/2015/NtpCronjobUserNtpToRootPrivilegeEscalation/ Nobody seems to have informed me about this ... At first look this also doesn't seem that important. Kurt
Re: squeeze update of chrony?
On 2016-02-13 03:23:21, Guido Günther wrote: >> > If you want to build it from the git tree, the following should suffice: >> > $git clone https://anonscm.debian.org/git/collab-maint/chrony.git >> > $git checkout squeeze-lts >> > $gbp buildpackage --git-pbuilder --git-debian-branch=squeeze-lts >> > --git-upstream-branch=upstream-1.24 >> >> Oddly, enough, that is worse for me - but it is probably related to my > > Can you post the invocation and the error you're seeing (probably better > t git-buildpack...@packages.debian.org since this is off topic). I don't have it on hand now, but it was basically building with the sid chroot instead of the squeeze one. >> specific git-buildpackage setup (it tries to build in my sid >> chroot). This works: >> >> DIST=squeeze ARCH=amd64 git-buildpackage --git-debian-branch=squeeze-lts >> --git-upstream-branch=upstream-1.24 > > I think you don't have to pass the upstream branch at all since gbp will > pick up the tag corrssponding with the version from the changelog so: > > gbp buildpackage --git-dist=squeeze --git-debian-branch=debian/squeeze-lts > > should be enough or > > gbp buildpackage --git-dist=DEP14 --git-debian-branch=debian/squeeze-lts > > so it will derive the distribution from the branch you're building from. Interesting - seems like I missed some of the new developments in gbp land! :) I'll try that out next time (and try to document some of this too!) a. -- We are discreet sheep; we wait to see how the drove is going, and then go with the drove. - Mark Twain
email address
Please change my email address to: knutwu...@unitybox.de Thanks
