Re: Bug reported on 2.2.1-8+deb7u1 (scheduled for (old)stable releases)

2013-06-17 Thread Alberto Gonzalez Iniesta 
On Sat, Jun 15, 2013 at 08:34:12PM +0100, Adam D. Barratt wrote:
> [Mail-Followup-To overridden, as iirc you're not reading -release]
> 
> On 2013-06-15 20:11, Alberto Gonzalez Iniesta wrote:
> >Dear SRM, I have just received this [1] bug report. I'm AFK this
> >weekend, don't know if I would be able to test tomorrow (hope so),
> >please consider holding (if possible) this upgrade to (old)stable
> >just
> >in case the report is right. The bug solution could wait till next
> >release(s).
> [...]
> >[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712414
> 
> Unfortunately the stable point release has already happened; indeed,
> the bug log indicates that the reporter is running a system updated
> after the release (hence the reference to 7.1 as Debian version).
> 
> If the report does transpire to be accurate then we can look at
> releasing a fix via stable-updates if appropriate.

Seems that the bug affects some specific configurations, did't find out
with yet. Should we avoid the release of 2.1.3-2+squeeze2 for the time
being?

Thanks,

Alberto


-- 
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com

Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D  4BF2 009B 3375 6B9A AA55


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130617082610.gr4...@lib.inittab.org

Re: Current and upcoming toolchain changes for jessie

2013-06-17 Thread Matthias Klose 
Am 15.06.2013 03:22, schrieb Stephan Schreiber:
> GCC-4.8 should become the default on ia64 soon; some other changes are 
> desirable:
> - The transition of gcc-4.8/libgcc1 to libunwind8.
> - A removal of the libunwind7 dependency of around 4600 packages on ia64 - 
> when
> they are updated next time after the transition. The libc6.1 should (likely)
> depend on libunwind8 after that in order to guarantee that libunwind8 is 
> installed.

unless some ia64 porter steps up, it doesn't make sense to invest time into the
ia64 port. So better drop ia64 now, and don't bother with libunwind on ia64.

  Matthias


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/51bf06cd.3070...@debian.org

Re: Why does libgeotiff-dev depend on libtiff5-dev ?

2013-06-17 Thread Jay Berkenbilt 
"Francesco P. Lovergine"  wrote:

> On Sat, Jun 15, 2013 at 10:00:26PM +0100, Alastair McKinstry wrote:
>> I'm unfamiliar with the history of libtiff4 / tiff5, but libgd-dev
>> depends on libtiff-dev ;
>> can anyone answer:
>> (1) why does libgeotiff-dev depend on libtiff5-dev?
>
> Because it needs a working bigtiff support, which is only provided by libtiff5
>
>> (2) why libtiff5-dev not provide the virtual libtiff-dev?
>> 
>
> Because in wheezy the tiff maintainer would not accept the migration to the
> current library for all rdeps, which is understandable.

The release team would not let me, which is also understandable.

> The 5 flavor is of primary interest for gis-related programs.
> Something that definitevely needs to be managed for jessie, because
> sometimes one could need to link gis-related and other libraries. To
> support that decision let me remember all of you that tiff5 is
> compatible at source level with tiff4.

Please instead build-depend on libtiff5-alt-dev and use pkg-config to
find libtiff.  Then you will be all set for the transition when it
occurs.  For additional details, please see README.Debian in the tiff
package and
.

The release team has not yet found the time to reply to my message of
May 6 on when they will be ready to think about the tiff transition or
whether my plans for the transition are okay.  (It is not my intention
to be critical of the release team.  They do a great job and are
volunteers with limited time just like the rest of us.)  In the mean
time, we will continue to have issues like this popping up as people
stumble over the current confusion.  If I had known over a year ago when
I put the first version of libtiff5-dev into debian that it was going to
be this long before the transition could happen, I would have not made a
libtiff5-dev and instead only made a libtiff5-alt-dev, but it's too late
for that now, I'm afraid.  I suppose I could make libtiff5-dev an alias
for libtiff5-alt-dev, but that would break any packages that aren't
using pkg-config to find -ltiff.

Please note that if you build depend on libtiff5-alt-dev, you will get a
lintian error about use of a runpath.  This is harmless as the runpath
points to a location where there will never be a copy of the library.  I
am going to try to resolve this.

Maybe I will ask the release team if I should make libtiff5-dev an alias
to libtiff5-alt-dev, assuming they do not reply to that suggestion from
this message.

-- 
Jay Berkenbilt 


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20130617101759.0237414693.qww314...@jberkenbilt-linux.appiancorp.com

Re: Why does libgeotiff-dev depend on libtiff5-dev ?

2013-06-17 Thread Neil McGovern 
Hi Jay,

On Mon, Jun 17, 2013 at 10:18:05AM -0400, Jay Berkenbilt wrote:
> The release team has not yet found the time to reply to my message of
> May 6 on when they will be ready to think about the tiff transition or
> whether my plans for the transition are okay.  (It is not my intention
> to be critical of the release team.  They do a great job and are
> volunteers with limited time just like the rest of us.)

Apologies for the lack of reply - we've been quite busy with the point
release recently, and still slightly recovering from the release itself.
I imagine that your mail has been overlooked due to it not having a
current open bug.

Would it be possible to run "reportbug release.debian.org", and open a
new transition bug?

Thanks,
Neil
-- 


signature.asc
Description: Digital signature

Re: Bug reported on 2.2.1-8+deb7u1 (scheduled for (old)stable releases)

2013-06-17 Thread Alberto Gonzalez Iniesta 
On Mon, Jun 17, 2013 at 10:26:10AM +0200, Alberto Gonzalez Iniesta wrote:
> On Sat, Jun 15, 2013 at 08:34:12PM +0100, Adam D. Barratt wrote:
> > [Mail-Followup-To overridden, as iirc you're not reading -release]
> > 
> > On 2013-06-15 20:11, Alberto Gonzalez Iniesta wrote:
> > >Dear SRM, I have just received this [1] bug report. I'm AFK this
> > >weekend, don't know if I would be able to test tomorrow (hope so),
> > >please consider holding (if possible) this upgrade to (old)stable
> > >just
> > >in case the report is right. The bug solution could wait till next
> > >release(s).
> > [...]
> > >[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712414
> > 
> > Unfortunately the stable point release has already happened; indeed,
> > the bug log indicates that the reporter is running a system updated
> > after the release (hence the reference to 7.1 as Debian version).
> > 
> > If the report does transpire to be accurate then we can look at
> > releasing a fix via stable-updates if appropriate.
> 
> Seems that the bug affects some specific configurations, did't find out
> with yet. Should we avoid the release of 2.1.3-2+squeeze2 for the time
> being?

Back again.

The problem was a bug in the code that was triggered when GCC was
updated after the first build of openvpn-2.2.1-8.

The patch is here: https://community.openvpn.net/openvpn/ticket/297

I have already a package for Wheezy, please find attached the debdiff
for it.

Please let me know how I should proceed now.

The bug does not affect 2.1.3-2+squeeze2 (since the gcc version is
older) so the package can be included in the next Squeeze point release.

Thanks,

Alberto
-- 
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com

Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D  4BF2 009B 3375 6B9A AA55
diff -Nru openvpn-2.2.1/debian/changelog openvpn-2.2.1/debian/changelog
--- openvpn-2.2.1/debian/changelog  2013-06-04 09:46:37.0 +
+++ openvpn-2.2.1/debian/changelog  2013-06-17 15:48:39.0 +
@@ -1,3 +1,10 @@
+openvpn (2.2.1-8+deb7u2) wheezy; urgency=low
+
+  * Applied upstream patch to fix UDP fails.
+Thanks Gert Doering for the pointer (Closes: #712414)
+
+ -- Alberto Gonzalez Iniesta   Mon, 17 Jun 2013 15:46:47 
+
+
 openvpn (2.2.1-8+deb7u1) wheezy; urgency=low
 
   * Applied upstream patch to fix use of non-constant-time memcmp
diff -Nru openvpn-2.2.1/debian/patches/openvpn-2.3.1-udp-send.patch 
openvpn-2.2.1/debian/patches/openvpn-2.3.1-udp-send.patch
--- openvpn-2.2.1/debian/patches/openvpn-2.3.1-udp-send.patch   1970-01-01 
00:00:00.0 +
+++ openvpn-2.2.1/debian/patches/openvpn-2.3.1-udp-send.patch   2013-06-17 
15:45:58.0 +
@@ -0,0 +1,41 @@
+Index: openvpn-2.2.1/socket.c
+===
+--- openvpn-2.2.1.orig/socket.c2013-06-17 15:45:42.0 +
 openvpn-2.2.1/socket.c 2013-06-17 15:45:53.908830414 +
+@@ -3079,6 +3079,7 @@
+   struct iovec iov;
+   struct msghdr mesg;
+   struct cmsghdr *cmsg;
++  union openvpn_pktinfo opi;
+ 
+   iov.iov_base = BPTR (buf);
+   iov.iov_len = BLEN (buf);
+@@ -3088,11 +3089,10 @@
+ {
+ case AF_INET:
+   {
+-struct openvpn_in4_pktinfo msgpi4;
+ mesg.msg_name = &to->dest.addr.sa;
+ mesg.msg_namelen = sizeof (struct sockaddr_in);
+-mesg.msg_control = &msgpi4;
+-mesg.msg_controllen = sizeof msgpi4;
++mesg.msg_control = &opi;
++mesg.msg_controllen = sizeof (struct openvpn_in4_pktinfo);
+ mesg.msg_flags = 0;
+ cmsg = CMSG_FIRSTHDR (&mesg);
+ cmsg->cmsg_len = sizeof (struct openvpn_in4_pktinfo);
+@@ -3118,12 +3118,11 @@
+ #ifdef USE_PF_INET6
+ case AF_INET6:
+   {
+-struct openvpn_in6_pktinfo msgpi6;
+ struct in6_pktinfo *pkti6;
+ mesg.msg_name = &to->dest.addr.sa;
+ mesg.msg_namelen = sizeof (struct sockaddr_in6);
+-mesg.msg_control = &msgpi6;
+-mesg.msg_controllen = sizeof msgpi6;
++mesg.msg_control = &opi;
++mesg.msg_controllen = sizeof (struct openvpn_in6_pktinfo);
+ mesg.msg_flags = 0;
+ cmsg = CMSG_FIRSTHDR (&mesg);
+ cmsg->cmsg_len = sizeof (struct openvpn_in6_pktinfo);
diff -Nru openvpn-2.2.1/debian/patches/series 
openvpn-2.2.1/debian/patches/series
--- openvpn-2.2.1/debian/patches/series 2013-05-17 11:32:40.0 +
+++ openvpn-2.2.1/debian/patches/series 2013-06-17 15:45:52.0 +
@@ -10,3 +10,4 @@
 manpage_fixes.patch
 use-dpkg-buildflags.patch
 cve-2013-2061.patch
+openvpn-2.3.1-udp-send.patch

Re: Dropping kfreebsd-8?

2013-06-17 Thread Moritz Mühlenhoff 
On Mon, Jun 17, 2013 at 12:00:45AM +0100, Steven Chamberlain wrote:
> On 16/06/13 19:57, Moritz Mühlenhoff wrote:
> > Wheezy has both kfreebsd-8 and kfreebsd-9. Shouldn't kfreebsd-8 be dropped 
> > now?
> 
> Some other things I'm wondering about are:
> 
> stable updates - would we need to keep kfreebsd-8 at least in sid to be
> able to do these? 

No, these can also happen for packages, which were removed from sid.

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130617162538.GA4557@pisco.westfalen.local

Re: Bug reported on 2.2.1-8+deb7u1 (scheduled for (old)stable releases)

2013-06-17 Thread Adam D. Barratt 

On 2013-06-17 17:22, Alberto Gonzalez Iniesta wrote:
On Mon, Jun 17, 2013 at 10:26:10AM +0200, Alberto Gonzalez Iniesta 
wrote:

On Sat, Jun 15, 2013 at 08:34:12PM +0100, Adam D. Barratt wrote:
> If the report does transpire to be accurate then we can look at
> releasing a fix via stable-updates if appropriate.

[...]

The problem was a bug in the code that was triggered when GCC was
updated after the first build of openvpn-2.2.1-8.

The patch is here: https://community.openvpn.net/openvpn/ticket/297

I have already a package for Wheezy, please find attached the debdiff
for it.

Please let me know how I should proceed now.


Please go ahead with the upload; thanks.

Once the package has built on all architectures, we can look at pushing 
it to stable-updates for users who want to update sooner than the next 
point release.


Regards,

Adam


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/e7030b02efb3f70a31b0473946f14...@mail.adsl.funky-badger.org

Bug#712597: pu: package libmodule-signature-perl/0.68-1+deb7u1

2013-06-17 Thread Salvatore Bonaccorso 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: pu

Hi Stable Release Managers

libmodule-signature-perl/0.73-1 fixed CVE-2013-2145 see #711239 for
the corresponding Debian bugreport. Would it be possible to have
libmodule-signature-perl also updated for stable trough a spu?

Attached is the proposed debdiff. I can remove the debian/gbp.conf
part (which I have added for handling in the pkg-perl git repos, but
can be ommited).

Regards,
Salvatore
diff -Nru libmodule-signature-perl-0.68/debian/changelog libmodule-signature-perl-0.68/debian/changelog
--- libmodule-signature-perl-0.68/debian/changelog	2011-05-14 14:57:44.0 +0200
+++ libmodule-signature-perl-0.68/debian/changelog	2013-06-17 20:13:51.0 +0200
@@ -1,3 +1,12 @@
+libmodule-signature-perl (0.68-1+deb7u1) wheezy; urgency=low
+
+  * Team upload.
+  * Add CVE-2013-2145.patch.
+CVE-2013-2145: Fixes arbitrary code execution when verifying SIGNATURE.
+(Closes: #711239)
+
+ -- Salvatore Bonaccorso   Sun, 16 Jun 2013 22:51:28 +0200
+
 libmodule-signature-perl (0.68-1) unstable; urgency=low
 
   [ Jotam Jr. Trejo ]
diff -Nru libmodule-signature-perl-0.68/debian/gbp.conf libmodule-signature-perl-0.68/debian/gbp.conf
--- libmodule-signature-perl-0.68/debian/gbp.conf	1970-01-01 01:00:00.0 +0100
+++ libmodule-signature-perl-0.68/debian/gbp.conf	2013-06-17 20:13:51.0 +0200
@@ -0,0 +1,2 @@
+[DEFAULT]
+debian-branch = wheezy
diff -Nru libmodule-signature-perl-0.68/debian/patches/CVE-2013-2145.patch libmodule-signature-perl-0.68/debian/patches/CVE-2013-2145.patch
--- libmodule-signature-perl-0.68/debian/patches/CVE-2013-2145.patch	1970-01-01 01:00:00.0 +0100
+++ libmodule-signature-perl-0.68/debian/patches/CVE-2013-2145.patch	2013-06-17 20:13:51.0 +0200
@@ -0,0 +1,46 @@
+Description: Fix CVE-2013-2145
+ Fix arbitrary code execution when verifying SIGNATURE
+Origin: upstream, commit:575f7bd6ba4cc7c92f841e8758f88a131674ebf2, commit:cbd06b392a73c63159dc5c20ff5b3c8fc88c4896, commit:8ff56de7668ff60fbc1afe5b965a3c865662dd24
+Bug-Debian: http://bugs.debian.org/711239
+Forwarded: not-needed
+Author: Salvatore Bonaccorso 
+Last-Update: 2013-06-16
+Applied-Upstream: 0.73
+
+--- a/lib/Module/Signature.pm
 b/lib/Module/Signature.pm
+@@ -18,6 +18,7 @@
+ 
+ use ExtUtils::Manifest ();
+ use Exporter;
++use File::Spec;
+ 
+ @EXPORT_OK  = (
+ qw(sign verify),
+@@ -514,18 +515,23 @@
+ 
+ sub _digest_object {
+ my($algorithm) = @_;
++
++# Avoid loading Digest::* from relative paths in @INC.
++local @INC = grep { File::Spec->file_name_is_absolute($_) } @INC;
++
++# Constrain algorithm name to be of form ABC123.
++my ($base, $variant) = ($algorithm =~ /^([_a-zA-Z]+)([0-9]+)$/g)
++or die "Malformed algorithm name: $algorithm (should match /\\w+\\d+/)";
++
+ my $obj = eval { Digest->new($algorithm) } || eval {
+-my ($base, $variant) = ($algorithm =~ /^(\w+?)(\d+)$/g) or die;
+ require "Digest/$base.pm"; "Digest::$base"->new($variant)
+ } || eval {
+ require "Digest/$algorithm.pm"; "Digest::$algorithm"->new
+ } || eval {
+-my ($base, $variant) = ($algorithm =~ /^(\w+?)(\d+)$/g) or die;
+ require "Digest/$base/PurePerl.pm"; "Digest::$base\::PurePerl"->new($variant)
+ } || eval {
+ require "Digest/$algorithm/PurePerl.pm"; "Digest::$algorithm\::PurePerl"->new
+ } or do { eval {
+-my ($base, $variant) = ($algorithm =~ /^(\w+?)(\d+)$/g) or die;
+ warn "Unknown cipher: $algorithm, please install Digest::$base, Digest::$base$variant, or Digest::$base\::PurePerl\n";
+ } and return } or do {
+ warn "Unknown cipher: $algorithm, please install Digest::$algorithm\n"; return;
diff -Nru libmodule-signature-perl-0.68/debian/patches/series libmodule-signature-perl-0.68/debian/patches/series
--- libmodule-signature-perl-0.68/debian/patches/series	1970-01-01 01:00:00.0 +0100
+++ libmodule-signature-perl-0.68/debian/patches/series	2013-06-17 20:13:51.0 +0200
@@ -0,0 +1 @@
+CVE-2013-2145.patch

Bug#712604: nmu: python-scientific_2.9.2-4

2013-06-17 Thread Picca Frédéric-Emmanuel 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu

Hello

It seems that with the latest python the extensions are expected to be under
/usr/lib/python2.x/site-package//gnukfreebsd9 instead of gnukfreebsd8 
(when the package was uploaded)
the first effect is that the package is broken under kfreebsd but also that it 
cause FTBFS for other packages.
like the current state of mmtk.

I do not know if other packages are affected by this problem, and I do not know 
if this nmu is the
right way to deal with this issue.
I am trying to find a better to way to deal with this with the upstream (move 
the Extension in the right
 namespace instead of building this kind of Extension)

thanks

Frederic

nmu python-scientific_2.9.2-4 . kfreebsd-amd64 kfreebsd-i386 . -m "Rebuild to 
take into account the new toolchain"

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 
'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.9-1-486
Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130617200427.7295.88312.reportbug@mordor

Bug#706142: pu: telepathy-idle/0.1.11-2+deb7u1

2013-06-17 Thread Simon McVittie 
On 16/06/13 19:11, Adam D. Barratt wrote:> On Sun, 2013-06-16 at 14:10
+0100, Simon McVittie wrote:
>> Assuming my backport gets accepted into wheezy-backports, does the
>> attached debdiff look OK?
>
> Yes, thanks.

Uploaded.

S


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/51bf78dc.9000...@debian.org

Bug#712615: transition: perl 5.18

2013-06-17 Thread Dominic Hargreaves 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Dear release team,

As discussed briefly in the thread starting at
,
now seems like a good time to get the perl 5.18 transition on the
roadmap. The rebuild testing, across all packages which need to be
rebuilt as part of the transition as well as all other lib*-perl
packages, is now complete and the status is at

http://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=perl-5.18-transition;users=debian-p...@lists.debian.org

As of today, blockers appear to be in the following packages:

- perlipq
- qpid-cpp
- libdbd-anydata-perl
- libgd-gd2-noxpm-perl
- libgd-gd2-perl
- nfqueue-bindings
- libtemplate-perl
- libdata-alias-perl
- libscalar-number-perl
- libembperl-perl
- subversion
- graphviz

with around 40-50 other packages which will start FTBFS with perl 5.18
but which don't need to be rebuilt.

I don't yet have a fixed idea of when we'd prefer the transition
to happen, but progress on fixing blockers is steady thanks mainly to
the pkg-perl team. Maybe 1-2 months from now?

Ben file:

title = "perl";
is_affected = .depends ~ /perlapi-5.14|libperl5.14/ | .depends ~ 
/perlapi-5.18|libperl5.18/;
is_good = .depends ~ /perlapi-5.18|libperl5.18/;
is_bad = .depends ~ /perlapi-5.14|libperl5.14/;


-- System Information:
Debian Release: 7.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/20130617220100.30558.51010.report...@callisto.larted.org.uk

Processed: block 712615 with 707406 708841 708572 709047 709048 676274 708025 708596 708839 709668 705364 707502

2013-06-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 712615 with 707406 708841 708572 709047 709048 676274 708025 708596 
> 708839 709668 705364 707502
Bug #712615 [release.debian.org] transition: perl 5.18
712615 was not blocked by any bugs.
712615 was not blocking any bugs.
Added blocking bug(s) of 712615: 708839, 707406, 708596, 709047, 709668, 
708841, 709048, 708572, 705364, 708025, 676274, and 707502
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
712615: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712615
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.13715078242033.transcr...@bugs.debian.org

Bug#712622: pu: package wv2/0.4.2.dfsg.1-9.1

2013-06-17 Thread Olly Betts 
Package: release.debian.org
Severity: serious
User: release.debian@packages.debian.org
Usertags: pu

README.Debian says that src/generator/generator_wword{6,8}.htm have been
removed from the repacked wv2_0.4.2.dfsg.1.orig.tar.bz2, but they are
still present.

These two files are based on documents copyright Microsoft.  I can't see
a clear licence statement, but it seems unlikely their licence would fit
the DFSG or that talking to Microsoft would get them released under such
a licence.

README.Debian shows the intent was clearly that these files be removed.

I have uploaded 0.4.2.dfsg.2-1 to unstable and it has migrated to testing
but this issue still affects wheezy (and squeeze - I'll open a separate
bug for that proposed update in a moment).

The bug against wv2 for this issue is:

http://bugs.debian.org/710470

Cheers,
Olly


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130617232318.21426.31901.reportbug@debian

Bug#712623: opu: package wv2/0.4.2.dfsg.1-1

2013-06-17 Thread Olly Betts 
Package: release.debian.org
Severity: serious
User: release.debian@packages.debian.org
Usertags: opu

README.Debian says that src/generator/generator_wword{6,8}.htm have been
removed from the repacked wv2_0.4.2.dfsg.1.orig.tar.bz2, but they are
still present.

These two files are based on documents copyright Microsoft.  I can't see
a clear licence statement, but it seems unlikely their licence would fit
the DFSG or that talking to Microsoft would get them released under such
a licence.

README.Debian shows the intent was clearly that these files be removed.

I have uploaded 0.4.2.dfsg.2-1 to unstable and it has migrated to testing
but this issue still affects squeeze.

The bug against wv2 for this issue is:

http://bugs.debian.org/710470

Cheers,
Olly


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130617233231.21502.31681.reportbug@debian

Processed: block 708536 with 711761

2013-06-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 708536 with 711761
Bug #708536 [release.debian.org] transition: python3-defaults (add python3.3 to 
supported python3)
708536 was blocked by: 712014 711926 707315 708011
708536 was not blocking any bugs.
Added blocking bug(s) of 708536: 711761
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
708536: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708536
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.137153272413868.transcr...@bugs.debian.org

Processed: block 708536 with 692381

2013-06-17 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> block 708536 with 692381
Bug #708536 [release.debian.org] transition: python3-defaults (add python3.3 to 
supported python3)
708536 was blocked by: 711926 712014 708011 707315 711761
708536 was not blocking any bugs.
Added blocking bug(s) of 708536: 692381
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
708536: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708536
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.137153277213990.transcr...@bugs.debian.org