Bug#815613: wheezy-pu: package clamav/0.99+dfsg-0+deb7u2
On 2016-02-22 22:42:47 [+], Adam D. Barratt wrote: > Please go ahead. Thanks, done. > Regards, > > Adam Sebastian
Re: wheezy-security to wheezy-lts transition
Hi, On Montag, 22. Februar 2016, Guido Günther wrote: > > As I understand it, the plan is for wheezy-lts to re- use > > security.d.o:wheezy/updates directly, rather than a separate suite on > > ftp-master. Is that correct? > > I think so. See > > > https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=prep- wheezy-lts;users=de > bian-...@lists.debian.org does that even work? AIUI this would require LTS uploaders to have access to security.d.o, which won't happen because of embargoed issues… cheers, Holger (currently offline, so writing this from memory without much checking…) signature.asc Description: This is a digitally signed message part.
Re: wheezy-security to wheezy-lts transition
Hi, On Tue, 23 Feb 2016, Guido Günther wrote: > > > > > > https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=prep-wheezy-lts;users=debian-...@lists.debian.org > > > > While these two are long-standing enhancement bugs which would make > > the security team work much easier, they are unrelated to the plan > > outlined above. > > I'm confused now. Arent these two bugs requirements to implement > 1) and 3) from Raphael's BoF summary: > >1/ the ftpmasters would reconfigure the suite to drop the "policy queue" >in front of the repositories so that uploads are immediately accepted >exactly like the current squeeze-lts repository (Ansgar told us this >was easy to do) >This solves problems 4 and 1 because LTS members no longer need shell >access if there is "approval" step in the workflow. > >3/ the ftpmasters will fix dak to also send the ACCEPTED mails to the >person who signed the upload (this was already part of their plans >even before this discussion, this now gives them one reason more >to actually do it before the Wheezy LTS period start, aka in February >2016) So #796784 is related to 3 but #796095 is not really related to 1 (except maybe as a possible regression that we would like to avoid but that is only barely relevant for LTS as we had very few DM uploads in squeeze-lts AFAIK). As I wrote in my notes, Ansgar told us that the configuration change was easy and I thus expect that it does not need any preparation work. But it would be nice to see #796784 fixed now that there's a working patch... Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Re: wheezy-security to wheezy-lts transition
On Mon, 22 Feb 2016, Holger Levsen wrote: > does that even work? AIUI this would require LTS uploaders > to have access to security.d.o, which won't happen because > of embargoed issues… Access to security.d.o is only needed if you have to approve the uploads. Here the suite will be reconfigured to work like squeeze-lts, i.e. unsupervised upload rights to all DD. So shell access will not be required. > Holger (currently offline, so writing this from > memory without much checking…) This was documented in the notes posted after the Debconf BoF. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
About packages that depend on mysql-* / mariadb / virtual-mysql-*
Hello release team! The meeting minutes from last month gave me the impression that you will eventually ask me to do something regarding MySQL/MariaDB: http://meetbot.debian.net/debian-release/2016/debian-release.2016-01-27-18.59.html "ACTION: jmw will mail release team and include pkg-mysql-maint about moving to mariadb dependencies" I just wanted to let you know, that I am available to help you with whatever you intend to request. So far I haven't though seen any communication from the release team regarding this topic. What is the status? - Otto Additional details about current dependencies: # Dependency review There are 289 packages that include any mysql-5.6 originated binary package in their dependencies. If libmysqlclient18 is excluded and only actual important Depends is only considered, the list is 50 packages long. # Debian sid 31.1.2016: apt-cache rdepends -i libmysqld-dev libmysqld-pic mysql-client mysql-client-5.6 mysql-client-core-5.6 mysql-common mysql-server mysql-server-5.6 mysql-server-core-5.6 mysql-source-5.6 mysql-testsuite mysql-testsuite-5.6 | grep -v '^[ ]*mysql-' | grep '^ ' | cut -c 3- | sort -u acidbase akonadi-backend-mysql audiolink auth2db-common automysqlbackup bacula-director-mysql beancounter biomaj cqrlog dbconfig-mysql dotclear dpm-name-server-mysql dpm-server-mysql dpsyco-mysql drupal7 jffnms kamailio-mysql-modules lcmaps-plugins-jobrep-admin lfc-server-mysql libmysqlclient18 libreoffice-canzeley-client mariadb-common moodle ndoutils-nagios3-mysql netmrg ocsinventory-reports opendnssec-enforcer-mysql openstack-cloud-services openstack-compute-node pdns-backend-mysql percona-xtrabackup-test phpbb3 phpgacl pinba-engine-mysql-5.6 piwi postfixadmin postfix-cluebringer-mysql redmine-mysql roundcube-mysql rt4-db-mysql scuttle semanticscuttle spotweb sqitch stacks-web webgui wordpress yubikey-ksm yubikey-val zoneminder
Bug#797906: jessie-pu: package dolibarr/3.5.5+dfsg1-2
To fix opened securities hole into dolibarr stable package, i prepared the
following 3 patch. This patch is now already included into unstable.
It fixes the following CVE:
* Fix CVE-2016-1912 (Closes: #812496)
* Fix CVE-2015-8685 (Closes: #812449)
* Fix CVE-2015-3935 (Closes: #787762)
This is the debdiff. Can my mentor (Raphael Hertzog) push the new package
with this patch into stable ?
diff -Nru dolibarr-3.5.5+dfsg1/debian/changelog
dolibarr-3.5.5+dfsg1/debian/changelog
--- dolibarr-3.5.5+dfsg1/debian/changelog 2014-12-07 15:52:53.0
+0100
+++ dolibarr-3.5.5+dfsg1/debian/changelog 2016-02-08 21:30:58.0
+0100
@@ -1,3 +1,11 @@
+dolibarr (3.5.5+dfsg1-1+deb8u1) UNRELEASED; urgency=high
+
+ * Fix CVE-2016-1912 (Closes: #812496)
+ * Fix CVE-2015-8685 (Closes: #812449)
+ * Fix CVE-2015-3935 (Closes: #787762)
+
+ -- Laurent Destailleur (eldy) Tue, 08 Sep
2015 15:22:52 +0200
+
dolibarr (3.5.5+dfsg1-1) unstable; urgency=medium
* New upstream release with 3.5.5
diff -Nru dolibarr-3.5.5+dfsg1/debian/patches/FIX-4291-GETPOSTs.patch
dolibarr-3.5.5+dfsg1/debian/patches/FIX-4291-GETPOSTs.patch
--- dolibarr-3.5.5+dfsg1/debian/patches/FIX-4291-GETPOSTs.patch 1970-01-01
01:00:00.0 +0100
+++ dolibarr-3.5.5+dfsg1/debian/patches/FIX-4291-GETPOSTs.patch 2016-02-08
21:30:58.0 +0100
@@ -0,0 +1,35 @@
+diff --git a/htdocs/admin/agenda_extsites.php
b/htdocs/admin/agenda_extsites.php
+index ac105cf..bf68c61 100644
+--- a/htdocs/admin/agenda_extsites.php
b/htdocs/admin/agenda_extsites.php
+@@ -1,6 +1,7 @@
+
+- * Copyright (C) 2011-2014 Juanjo Menent
++/* Copyright (C) 2008-2011 Laurent Destailleur <
e...@users.sourceforge.net>
++ * Copyright (C) 2011-2014 Juanjo Menent
++ * Copyright (C) 2016 Raphaël Doursenaud <
rdoursen...@gpcsolutions.fr>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+@@ -88,7 +89,7 @@
+ // Save nb of agenda
+ if (! $error)
+ {
+-
$res=dolibarr_set_const($db,'AGENDA_EXT_NB',trim(GETPOST('AGENDA_EXT_NB','alpha')),'chaine',0,'',$conf->entity);
++
$res=dolibarr_set_const($db,'AGENDA_EXT_NB',trim(GETPOST('AGENDA_EXT_NB','int')),'chaine',0,'',$conf->entity);
+ if (! $res > 0) $error++;
+ if (empty($conf->global->AGENDA_EXT_NB)) $conf->global->AGENDA_EXT_NB=5;
+
$MAXAGENDA=empty($conf->global->AGENDA_EXT_NB)?5:$conf->global->AGENDA_EXT_NB;
+@@ -201,9 +202,9 @@
+ // Nb
+ print ''.$langs->trans("AgendaExtNb",$key)."";
+ // Name
+- print '';
++ print '';
+ // URL
+- print '';
++ print '';
+ // Color (Possible colors are limited by Google)
+ print '';
+ //print $formadmin->selectColor($conf->global->$color,
"google_agenda_color".$key, $colorlist);
diff -Nru dolibarr-3.5.5+dfsg1/debian/patches/Fix-787762-CVE20153935.patch
dolibarr-3.5.5+dfsg1/debian/patches/Fix-787762-CVE20153935.patch
--- dolibarr-3.5.5+dfsg1/debian/patches/Fix-787762-CVE20153935.patch 1970-01-01
01:00:00.0 +0100
+++ dolibarr-3.5.5+dfsg1/debian/patches/Fix-787762-CVE20153935.patch 2016-02-08
21:30:58.0 +0100
@@ -0,0 +1,22 @@
+diff --git a/debian/changelog b/debian/changelog
+index 7d3e2e1..09dd3e0 100644
+--- a/htdocs/societe/societe.php
b/htdocs/societe/societe.php
+@@ -272,7 +272,7 @@
+ $num = $db->num_rows($resql);
+ $i = 0;
+
+- $params =
"&socname=".$socname."&search_nom=".$search_nom."&search_town=".$search_town;
++ $params =
"&socname=".urlencode($socname)."&search_nom=".urlencode($search_nom)."&search_town=".urlencode($search_town);
+ $params.= ($sbarcode?"&sbarcode=".$sbarcode:"");
+ $params.= '&search_idprof1='.$search_idprof1;
+ $params.= '&search_idprof2='.$search_idprof2;
+@@ -348,7 +348,7 @@
+ print '';
+ print '';
+ if (! empty($search_nom_only) && empty($search_nom))
$search_nom=$search_nom_only;
+- print '';
++ print '';
+ print '';
+ // Barcode
+ if (! empty($conf->barcode->enabled))
diff -Nru
dolibarr-3.5.5+dfsg1/debian/patches/FIX-CVE-CVE20158685-CVE-2016-1912.patch
dolibarr-3.5.5+dfsg1/debian/patches/FIX-CVE-CVE20158685-CVE-2016-1912.patch
---
dolibarr-3.5.5+dfsg1/debian/patches/FIX-CVE-CVE20158685-CVE-2016-1912.patch
1970-01-01
01:00:00.0 +0100
+++
dolibarr-3.5.5+dfsg1/debian/patches/FIX-CVE-CVE20158685-CVE-2016-1912.patch
2016-02-08
21:30:58.0 +0100
@@ -0,0 +1,37 @@
+diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
+index 7fba7f5..90eac77 100644
+--- a/htdocs/main.inc.php
b/htdocs/main.inc.php
+@@ -80,13 +80,15 @@
+ // For SQL Injection (only GET and POST are used to be included into
bad escaped SQL requests)
+ if ($type != 2)
+ {
+-$sql_inj += preg_match('/delete[\s]+from/i', $val);
+-$sql_inj += preg_match('/create[\s]+table/i', $val);
+-$sql_inj += preg_match('/update.+set.+=/i', $val);
+-$sql_inj += preg_match('/insert[\s]+into/i', $val);
+-$sql_inj += preg_match('/select.+from/i', $val);
+-$sql_inj += preg_match('/union.+select/i', $val);
+-
Bug#797906: jessie-pu: package dolibarr/3.5.5+dfsg1-2
On 2016-02-23 12:29, Laurent Destailleur (aka Eldy) wrote: To fix opened securities hole into dolibarr stable package, i prepared the following 3 patch. This patch is now already included into unstable. It fixes the following CVE: * Fix CVE-2016-1912 (Closes: #812496) * Fix CVE-2015-8685 (Closes: #812449) * Fix CVE-2015-3935 (Closes: #787762) This is the debdiff. Can my mentor (Raphael Hertzog) push the new package with this patch into stable ? Are you asking about stable or stable-security? Your changelog doesn't say either but you appear to have CCed the Security Team whilst following up to a release.debian.org bug. Regards, Adam
Bug#797906: jessie-pu: package dolibarr/3.5.5+dfsg1-2
On Tue, 23 Feb 2016, Adam D. Barratt wrote: > Are you asking about stable or stable-security? Your changelog doesn't say > either but you appear to have CCed the Security Team whilst following up to > a release.debian.org bug. It was mostly meant for the security team for now. They haven't said whether a DSA is possible (given the supplementary CVE that appeared in the mean time) or if they prefer to push this through stable-proposed-updates. The release.d.o was kept for discussion of a later upstream bugfix release (that could be combined with the CVE fixes if security team doesn't want to make a DSA). Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: http://www.freexian.com/services/debian-lts.html Learn to master Debian: http://debian-handbook.info/get/
Bug#815400: transition: ros-ros-comm
Hi, Thanks for the quick confirmation. I've uploaded the package to unstable and pushed one rdepends which wouldn't build oherwise. Can someone start the binNMUs or do I need to do something else? Cheers Jochen signature.asc Description: PGP signature
Processed: Re: Bug#815598: jessie-pu: package clamav/0.99+dfsg-0+deb8u2
Processing control commands: > tag -1 pending Bug #815598 [release.debian.org] jessie-pu: package clamav/0.99+dfsg-0+deb8u2 Added tag(s) pending. -- 815598: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815598 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#815598: jessie-pu: package clamav/0.99+dfsg-0+deb8u2
Control: tag -1 pending On Mon, Feb 22, 2016 at 23:04:18 +0100, Sebastian Andrzej Siewior wrote: > On 2016-02-22 21:43:45 [+], Adam D. Barratt wrote: > > Please go ahead. > Thanks, done. > Marked for accept. Cheers, Julien
Processed: Re: Bug#815613: wheezy-pu: package clamav/0.99+dfsg-0+deb7u2
Processing control commands: > tag -1 pending Bug #815613 [release.debian.org] wheezy-pu: package clamav/0.99+dfsg-0+deb7u2 Added tag(s) pending. -- 815613: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815613 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#815613: wheezy-pu: package clamav/0.99+dfsg-0+deb7u2
Control: tag -1 pending On Tue, Feb 23, 2016 at 09:45:39 +0100, Sebastian Andrzej Siewior wrote: > On 2016-02-22 22:42:47 [+], Adam D. Barratt wrote: > > Please go ahead. > > Thanks, done. > Marked for accept. Cheers, Julien
NEW changes in stable-new
Processing changes file: clamav_0.99+dfsg-0+deb8u2_all.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: clamav_0.99+dfsg-0+deb7u2_all.changes ACCEPT
Re: About packages that depend on mysql-* / mariadb / virtual-mysql-*
Hi,
there are a few more bits forgotten in the mysql-5.5 -> mysql-5.6
transition. E.g. digikam has
Build-Depends: mysql-server-core-5.5 | mysql-server-core
which is not satisfiable in stretch (any only by chance still works in sid).
Luckily this seems to be the only package in stretch affected by this.
I didn't check sid, there seem to be several false positives due to old
source packages being still available in sid (for Built-Using or
outdated binaries on some platforms).
No bug filed so far against digikam, maybe Otto can do this.
For simplifying potential transitions between mysql and mariadb I'd
suggest to introduce a set of default-mysql-* (or mysql-default-* or
whatever you like) packages, probably comparable to mpi-default-{dev,bin}.
IMO, these should be real packages that depend on the corresponding
package from the (currently) preferred implementation. Unique virtual
packages could work, too, but might make things more complicated.
The virtual-mysql-* packages are not unique (there are multiple
providers), so they cannot be used as the first alternative (or only)
dependency.
All packages that are not specific to one of the two implementations
(i.e. can work with both alternatives equally), should have such a
*-default-* package as the first alternative in their (Build-)Depends.
If the packages have to be touched anyway to fix versions or add
(mariadb) alternatives, maybe such an approach with *-default-* could be
considered as a more generic solution.
Andreas
Bug#796952: english language release notes pdf file is not english (https://www.debian.org/releases/stable/amd64/release-notes.en.pdf)
Hi, Julien Cristau wrote: > On Sun, Feb 21, 2016 at 14:45:17 +0900, Norbert Preining wrote: > > > Hi Julien, > > > > > > > provide a patch against the release notes, I'd happily apply that. > > > > > > > > Sure enough, can you please tell me where to get the sources that > > > > Here we go. > > > > There are several options - both boil down to changing the fonts to > > opentype/truetype fonts. In all cases > > --param=xetex.font='some long code.' > > needs to be added to the Makefile around line 80. > > > Thanks! I've applied your variant2 patch and installed fonts-sil-charis > on www-master. > > Cheers, > Julien Julien's commit fixed the problem for the jessie release-notes, so I close all the relevant bugs with this mail. Beside this, the same bug has to be fixed in the trunk branch of release-notes as well, to make sure the problem does not re-occur after the release of Stretch. To keep track of this, and as a reminder, I have filed a new bugreport, http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815691 Holger -- Created with Sylpheed 3.5.0 under D E B I A N L I N U X 8 . 0 " J E S S I E " . Registered Linux User #311290 - https://linuxcounter.net/
Bug#814930: jessie-pu: package hplip/3.15.11+repack0-1
Hi Julien (2016.02.20_17:04:29_+0200) > How much do the changes affect existing code paths for already-supported > printers? There's a reasonable amount of code churn: __init__.py |2 align.py| 12 base/LedmWifi.py| 138 +- base/__init__.py|2 base/avahi.py | 64 - base/codes.py | 19 base/device.py | 257 +--- base/dime.py| 11 base/exif.py| 54 base/g.py | 117 +- base/imagesize.py |4 base/ldif.py| 44 base/logger.py | 34 base/magic.py | 1746 +++--- base/maint.py | 73 - base/mdns.py| 219 ++- base/mfpdtf.py | 12 base/models.py | 39 base/module.py | 91 + base/os_utils.py| 14 base/password.py| 64 - base/pexpect.py | 1384 base/pexpect/__init__.py| 2051 base/pkit.py| 53 base/pml.py | 40 base/queues.py | 143 +- base/services.py| 28 base/six.py | 632 +++ base/sixext.py | 183 +++ base/slp.py | 59 - base/smart_install.py | 23 base/status.py | 321 - base/strings.py | 18 base/tui.py | 37 base/utils.py | 370 -- base/validation.py | 18 base/vcard.py | 46 base/wifi.py| 81 - check-plugin.py | 21 check.py| 349 ++ clean.py| 18 colorcal.py | 15 config_usb_printer.py |9 copier/__init__.py |2 copier/copier.py| 10 dat2drv.py | 36 devicesettings.py | 25 diagnose_plugin.py |2 diagnose_queues.py |8 doctor.py | 52 fab.py | 111 - fax/__init__.py |2 fax/backend/hpfax.py| 51 fax/coverpages.py |2 fax/fax.py | 108 - fax/faxdevice.py| 12 fax/ledmfax.py | 130 +- fax/ledmsoapfax.py | 25 fax/marvellfax.py | 117 +- fax/pmlfax.py | 57 - fax/soapfax.py | 124 +- faxsetup.py |4 firmware.py | 18 hpdio.py| 28 hpssd.py| 32 info.py | 16 install.py | 16 installer/__init__.py |2 installer/core_install.py | 529 + installer/dcheck.py | 27 installer/pluginhandler.py | 88 - installer/text_install.py | 199 ++- levels.py | 21 linefeedcal.py |8 logcapture.py | 93 + makecopies.py | 19 makeuri.py | 16 pcard/__init__.py |2 pcard/photocard.py | 12 pkservice.py|4 plugin.py | 68 - plugins/Deskjet_460.py |4 plugins/Officejet_H470.py |4 plugins/__init__.py |2 plugins/dj450.py|4 plugins/powersettings.py|2 plugins/powersettings2.py |2 plugins/powersettingsdialog.py |8 plugins/powersettingsdialog_base.py |2 pqdiag.py |8 print.py|7 printsettings.py|7 prnt/__init__.py|2 prnt/colorcal.py|2 prnt/cups.py| 49 prnt/ldl.py |2 prnt/pcl.py | 31 probe.py|2 query.py| 10 scan.py | 84 - scan/__init__.py|2 scan/sane.py| 82 - sendfax.py | 59 - setup.py
Bug#798404: jessie-pu: package conkeror/1.0~~pre-1+git141025-1+deb8u1
Hi,
Julien Cristau wrote:
> > diff -Nru conkeror-1.0~~pre-1+git141025/debian/changelog
> > conkeror-1.0~~pre-1+git141025/debian/changelog
> > --- conkeror-1.0~~pre-1+git141025/debian/changelog 2014-10-25
> > 18:37:02.0 +0200
> > +++ conkeror-1.0~~pre-1+git141025/debian/changelog 2015-09-08
> > 22:02:37.0 +0200
> > @@ -1,3 +1,11 @@
> > +conkeror (1.0~~pre-1+git141025-1+deb8u1) stable-proposed-updates;
> > urgency=medium
>
> Please use "jessie" as the distribution, and feel free to upload.
Done.
> > + * Cherry-pick 6906955e from upstream master branch to fix matching of
> > +module load error messages to work with Firefox 36 and later
> > +(including the ESR release 38.x in Debian Jessie).
I've also allowed myself to add the missing bug report number here and
in the DEP3 patch header. No further differences compared to the
originally posted debdiff. Full, new debdiff as uploaded follows:
diff -Nru conkeror-1.0~~pre-1+git141025/debian/changelog
conkeror-1.0~~pre-1+git141025/debian/changelog
--- conkeror-1.0~~pre-1+git141025/debian/changelog 2014-10-25
18:37:02.0 +0200
+++ conkeror-1.0~~pre-1+git141025/debian/changelog 2016-02-23
21:01:37.0 +0100
@@ -1,3 +1,11 @@
+conkeror (1.0~~pre-1+git141025-1+deb8u1) jessie; urgency=medium
+
+ * Cherry-pick 6906955e from upstream master branch to fix matching of
+module load error messages to work with Firefox 36 and later
+(including the ESR release 38.x in Debian Jessie). (Closes: #795597)
+
+ -- Axel Beckert Tue, 08 Sep 2015 22:00:42 +0200
+
conkeror (1.0~~pre-1+git141025-1) unstable; urgency=low
* New upstream snapshot
diff -Nru
conkeror-1.0~~pre-1+git141025/debian/patches/cherry-pick-6906955e-fix-load-error-messages-with-ff36.diff
conkeror-1.0~~pre-1+git141025/debian/patches/cherry-pick-6906955e-fix-load-error-messages-with-ff36.diff
---
conkeror-1.0~~pre-1+git141025/debian/patches/cherry-pick-6906955e-fix-load-error-messages-with-ff36.diff
1970-01-01 01:00:00.0 +0100
+++
conkeror-1.0~~pre-1+git141025/debian/patches/cherry-pick-6906955e-fix-load-error-messages-with-ff36.diff
2016-02-23 21:01:16.0 +0100
@@ -0,0 +1,27 @@
+Origin: commit 6906955ef78caeb357b729e1f608dfe1f0171dcc
+Author: Jeremy Maitin-Shepard
+Date: Thu Feb 26 19:10:05 2015 -0800
+Description: application.js: fix matching of module load error messages to
work with Firefox 36
+ Firefox 36 includes the path in some error messages, causing them to
+ no longer precisely match the strings that had been specified. Using
+ String.prototype.startsWith fixes the problem.
+Bug-Debian: https://bugs.debian.org/795597
+
+diff --git a/components/application.js b/components/application.js
+index 962ca73..bd9f30c 100644
+--- a/components/application.js
b/components/application.js
+@@ -161,10 +161,9 @@ application.prototype = {
+ return;
+ }
+ } catch (e if (typeof e == 'string' &&
+- {"ContentLength not available (not a local
URL?)":true,
+-"Error creating channel (invalid URL
scheme?)":true,
+-"Error opening input stream (invalid
filename?)":true}
+- [e])) {
++ (e.startsWith("ContentLength not available
(not a local URL?)") ||
++e.startsWith("Error creating channel (invalid
URL scheme?)") ||
++e.startsWith("Error opening input stream
(invalid filename?)" {
+ // null op. (suppress error, try next path)
+ }
+ if (autoext)
diff -Nru conkeror-1.0~~pre-1+git141025/debian/patches/series
conkeror-1.0~~pre-1+git141025/debian/patches/series
--- conkeror-1.0~~pre-1+git141025/debian/patches/series 2014-06-14
11:58:40.0 +0200
+++ conkeror-1.0~~pre-1+git141025/debian/patches/series 2016-02-23
18:51:14.0 +0100
@@ -1,2 +1,3 @@
sensible-editor-xdg-open.diff
deb-webjumps.diff
+cherry-pick-6906955e-fix-load-error-messages-with-ff36.diff
Regards, Axel
--
,''`. | Axel Beckert , http://people.debian.org/~abe/
: :' : | Debian Developer, ftp.ch.debian.org Admin
`. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5
`-| 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
signature.asc
Description: Digital signature
Bug#815400: transition: ros-ros-comm
On 23/02/16 15:24, Jochen Sprickerhof wrote: > Hi, > > Thanks for the quick confirmation. I've uploaded the package to unstable > and pushed one rdepends which wouldn't build oherwise. Can someone start > the binNMUs or do I need to do something else? Scheduled. Emilio
NEW changes in oldstable-new
Processing changes file: clamav_0.99+dfsg-0+deb7u2_i386.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_powerpc.changes ACCEPT
NEW changes in stable-new
Processing changes file: clamav_0.99+dfsg-0+deb8u2_amd64.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb8u2_arm64.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb8u2_armel.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb8u2_armhf.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb8u2_i386.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb8u2_mipsel.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb8u2_powerpc.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb8u2_ppc64el.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb8u2_s390x.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: clamav_0.99+dfsg-0+deb7u2_amd64.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_armel.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_armhf.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_ia64.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_kfreebsd-amd64.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_kfreebsd-i386.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_mips.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_mipsel.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_s390.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_s390x.changes ACCEPT Processing changes file: clamav_0.99+dfsg-0+deb7u2_sparc.changes ACCEPT
NEW changes in stable-new
Processing changes file: clamav_0.99+dfsg-0+deb8u2_mips.changes ACCEPT
Bug#815720: transition: python3.5-only
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition python3-defaults now no longer depends on python3.4, making python3.5 the only supported python3 version. python3.4 should be removed before stretch is released (mostly by binNMUing, and then removing python3.4). not urgent, just adding this in the bug tracker.
Bug#796952: english language release notes pdf file is not english (https://www.debian.org/releases/stable/amd64/release-notes.en.pdf)
Hi Norbert, Am Mi. Feb. 24 01:08:41 2016 GMT+0100 schrieb Norbert Preining: > Hi Holger, > > >Beside this, the same bug has to be fixed in the trunk branch of > >release-notes as well, to make sure the problem does not re-occur after > >the release of Stretch. > > As I wrote in my last email, this is not the case in unstable or testing, as > dvipdfmx has been fixed, as well as the font squeeze between gs fonts and TeX > Live fonts has been resolved. > > To repeat, there is no problem on Stretch, at least for the moment. Before > release it would be a good idea to throw an eye onto one of the PDFs, though. I got your point: there is no problem on testing and unstable. But in that moment, when Stretch is getting stable, we have the same situation again, where pdfs might be crippled: the machine www- master, which builds the release-notes, is running Jessie (at least for some months, until DSA has upgraded all machines to Stretch), and when the release-notes trunk was not fixed before, the pdfs are crippled again. Thanks for your work ! Holger -- Sent from my Jolla phone http://www.jolla.com/
Bug#796952: english language release notes pdf file is not english (https://www.debian.org/releases/stable/amd64/release-notes.en.pdf)
Hi Holger, > the machine www- master, which builds the release-notes, is running > Jessie (at least for some months, until DSA has upgraded all machines > to Stretch), and when the release-notes trunk was not fixed before, the > pdfs are crippled again. Ahh --- I see. Sorry for the noise, I didn't know about this. Yes, in this case one needs to be careful after release. Norbert PREINING, Norbert http://www.preining.info JAIST, Japan TeX Live & Debian Developer GPG: 0x860CDC13 fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13
Bug#815728: jessie-pu: package debmirror/1:2.16+deb8u1
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
As the new debmirror maintainer, I'd like to fix a couple of problems
with the version in stable. One is serious and causes debmirror to sit
in an infinite loop when run against the current Debian archive
(#808216, #815149). While the other doesn't have quite such dire
consequences, a current desktop system with the appstream package
installed needs to have the DEP-11 metadata files present in order for
"apt update" to succeed (#814416).
I think it makes sense to fix both of these in stable, and my proposed
patch follows. Both changes are cherry-picks from unstable.
diff -Nru debmirror-2.16/debian/changelog debmirror-2.16+deb8u1/debian/changelog
--- debmirror-2.16/debian/changelog 2013-08-26 17:41:08.0 +0100
+++ debmirror-2.16+deb8u1/debian/changelog 2016-02-24 07:28:48.0
+
@@ -1,3 +1,10 @@
+debmirror (1:2.16+deb8u1) stable; urgency=medium
+
+ * Tolerate unknown lines in *.diff/Index (closes: #808216, #815149).
+ * Mirror DEP-11 metadata files (closes: #814416).
+
+ -- Colin Watson Wed, 24 Feb 2016 07:28:42 +
+
debmirror (1:2.16) unstable; urgency=low
* Fix confusing output with --precleanup.
diff -Nru debmirror-2.16/debmirror debmirror-2.16+deb8u1/debmirror
--- debmirror-2.16/debmirror2013-06-23 17:34:26.0 +0100
+++ debmirror-2.16+deb8u1/debmirror 2016-02-24 07:27:41.0 +
@@ -671,6 +671,10 @@
# info. Files also get registered in %files.
my %i18n_get;
+# Hash to record which DEP-11 metadata files need to be downloaded. Files
+# also get registered in %files.
+my %dep11_get;
+
# Separate hash for files belonging to Debian Installer images.
# This data is not cached.
my %di_files;
@@ -1092,7 +1096,7 @@
# for the ftp method.
$do_dry_run = $dry_run;
-# Determine size of Contents and Translation files to get.
+# Determine size of Contents, Translation, and DEP-11 files to get.
if ($getcontents) {
# Updates of Contents files using diffs are done here; only full downloads
# are delayed.
@@ -1126,6 +1130,7 @@
next unless exists $distset{$dist}{mirror};
foreach my $section (@sections) {
i18n_from_release($dist,"$section/i18n");
+dep11_from_release($dist,"$section/dep11");
}
}
@@ -1296,16 +1301,17 @@
}
}
-# With pre-mirror cleanup Contents and Translation files need to be
+# With pre-mirror cleanup Contents, Translation, and DEP-11 files need to be
# downloaded before the cleanup as otherwise they would be deleted
# because they haven't been registered yet.
# With post-mirror cleanup it's more neat to do all downloads together.
# This could be simplified if we could register the files earlier.
-# Download Contents and Translation files.
+# Download Contents, Translation, and DEP-11 files.
init_connection();
get_contents_files() if ($getcontents);
get_i18n_files();
+get_dep11_files();
# Pre-mirror cleanup
if ($pre_cleanup) {
@@ -1982,7 +1988,7 @@
}
}
-sub link_translation_into_snapshot {
+sub link_auxfile_into_snapshot {
my ($file,$dist,$distpath,$filename,$mirrordir,$tempdir) = @_;
my $next = get_next_snapshot($dist);
my $target_path = "$mirrordir/dists/$dist/$next/$distpath";
@@ -2421,12 +2427,67 @@
if (! check_i18n("$tempdir/$file", $i18n_get{$file}{size},
$i18n_get{$file}{sha1})) {
remote_get("$file");
if ($debmarshal) {
- link_translation_into_snapshot($file,
- $i18n_get{$file}{dist},
- $i18n_get{$file}{distpath},
- $i18n_get{$file}{filename},
- $mirrordir,
- $tempdir);
+link_auxfile_into_snapshot($file,
+ $i18n_get{$file}{dist},
+ $i18n_get{$file}{distpath},
+ $i18n_get{$file}{filename},
+ $mirrordir,
+ $tempdir);
+ }
+}
+ }
+}
+
+sub dep11_from_release {
+ my ($dist,$distpath) = @_;
+ my $subdir = "dists/$dist/$distpath";
+ my $compdir = $tempdir."/".$subdir;
+ my ($size, $filename);
+ my $exclude = "(".join("|", @excludes).")" if @excludes;
+ my $include = "(".join("|", @includes).")" if @includes;
+
+ # Create dep11 directories
+ make_dir($subdir);
+ make_dir($compdir);
+
+ # Search for DEP-11 files in file_lists
+ foreach my $path (keys %file_lists) {
+next if length($compdir)+1>length($path); # the +1 stands for the slash
after $compdir
+next if substr($path, 0, length($compdir)) ne $compdir;
+
+my $filename = substr($path, length($compdir)+1,
length($path)-length($compdir)-1);
+next if $filename !~ /\.(?:gz|bz2|xz)$/;
+my $all_arches = "(".join("|", map(quotemeta, @arches)).")";
+next if $filename =~ /^Components-/ a
