At 2007-02-04 12:07, [EMAIL PROTECTED] said:
> Ohh I thought it was essential. I'll add it as a recommend.
great!
> > If you try to add cron-apt to a machine which doesn't have cron, it
> > would be nice to get a little prompt from apt-get.
>
> Hmm. I wonder where I should add that one.
i thin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
At 2007-02-05 09:12, [EMAIL PROTECTED] said:
> The advantage of this setup over one with only one dnscache is that
> you can make changes to the dnscache redirection configuration,
> which requires a restart of dnscache to take effect, without losing
Package: silc-toolkit
Followup-For: Bug #413790
i've just placed a diff that seems to build a deb for the latest
upstream package here:
http://lair.fifthhorseman.net/~dkg/src/silc/silc-toolkit-packaging-v1.0.2.diff
it's based off of the diff from 0.9.12-6, with a couple minor changes
to debian
Package: mpd
Severity: wishlist
libvorbisidec-dev (a.k.a. "tremor" -- a library for integer-only
vorbis decoding) is now available in testing. i'm the maintainer.
Please consider building mpd against it on architectures which
commonly lack an FPU. arm is the example i'm thinking of.
I run deb
Package: dspam
Version: 3.6.8-5
Severity: wishlist
Version 3.8.0 of dspam is now available:
http://dspam.nuclearelephant.com/download.shtml
We should probably treat this new release as an opportunity to think
through some of the packaging questions that have come up on the list
over the last c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun 2007-04-15 10:21:38 -0400, Matthijs Mohlmann wrote:
> I have a few production environments where I can test it. But I'll
> set it up first in a test environment. I can run some automated
> tests with the test environment.
That would be great!
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This tripped me up recently too, but i found i needed a different
patch:
0 aesop:~# diff -u /etc/init.d/xendomains{.orig,}
- --- /etc/init.d/xendomains.orig 2007-04-18 12:04:04.0 -0400
+++ /etc/init.d/xendomains 2007-04-18 13:00:28.
Package: trac
Version: 0.10.3-1
Severity: wishlist
trac 0.10.4 was just released.
I was able to cleanly upgrade on debian with:
apt-get source trac
(cd trac-0.10.3 && uscan)
(cd trac-0.10.4 && debuild -uc -us)
sudo dpkg --install trac_0.10.4-1_all.deb
trac-admin /path/to/my/tracenv upgrade
and
Package: ccs
Version: 1.03.00-2
Severity: important
squeak is a debian system running lenny/sid. i was trying to install
gnbd-server, and it failed due to some problem with ccs:
[0 [EMAIL PROTECTED] ~]# apt-get install gnbd-server
Reading package lists... Done
Building dependency tree... Done
Package: inkscape
Version: 0.45-1
Severity: minor
When the --without-gui option is delivered, and no $DISPLAY is set,
inkscape still produces an error message to stderr about the display.
This seems like extra noise to me, since inkscape has explicitly been
told to not use a display.
If you are
Package: screen
Version: 4.0.3-0.3+b1
Severity: minor
Tags: patch
there's a minor bug in the screen man page about software flow control
for serial terminals.
The attached diff should fix things.
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing'), (2
Package: inkscape
Version: 0.45-1
Severity: wishlist
Tags: patch
I can't believe i'm asking this, because i really hate non-metric
units. But sadly, there are some institutions here in the US which
really prefer measurements to be in feet or yards. Inkscape would be
more useful for creating dia
Can you give some documentation of this behavior? Steps to reproduce?
What configuration are you running dspam in? is it an LMTP
pass-through? Where are you placing the DSPAM signature? if the
DSPAM signature is in the body, that would be a good reason to include
an extra newline, yes?
Does t
Package: dspam
Version: 3.6.8-2
Severity: important
dspam can violate the LMTP protocol on delivery by producing lines
longer than 1000 characters. It can do this even if it is fed proper,
LMTP-compliant data as input.
I have a dspam setup listening on a unix socket via LMTP, and
delivering via
Package: dspam
Version: 3.6.8-2
Severity: important
Sorry to be reporting another problem without a fix yet:
i have a system running dspam 3.6.8 in daemon mode, listening on a
local UNIX socket via LMTP, feeding to clamav, and delivering to
another UNIX socket via LMTP.
It runs fine under moder
dspam appears to add a trailing newline to the message body as it
passes through dspam's LMTP processing, regardless of the location of
the dspam signature.
It may also do this in non-LMTP cases, but i have not had a chance to
test any other cases.
I first saw this problem mentioned as debian bug
It turns out that this behavior is only triggered when
signatureLocation=message. You can see jonz's suggestion for a
workaround here:
http://thread.gmane.org/gmane.mail.spam.dspam.devel/2539/focus=2546
So it's possible to avoid this bug by setting
signatureLocation=headers in /etc/dspam/dspam.c
according to FHS 2.3 [0]:
The contents of the root filesystem must be adequate to boot,
restore, recover, and/or repair the system.
if LVM is needed in the boot, /var is a separate partition, and LVM
cannot operate without its cache, archives, and backups, it would seem
that LVM must store
Perhaps i'm not following the thread on bug #367610 properly, but it
sounds to me like this isn't actually a subversion bug any more, but
rather an apache bug. Is this correct?
If so, can bug 367610 be closed (or reassigned)? Or does svn 1.4.0
still failing on ia64, even with the libapr fix?
W
Hi folks--
i can also duplicate this bug on a mixed sarge/sarge-backports machine
with a serial console.
I haven't had the chance yet to try the workaround jan wagner has
suggested. The errors from the console look like this:
...
00:06: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A
hw_random: RNG
i just wanted to followup to confirm Jan Wagner's workaround. When i
blacklist 8250_pnp, i can boot successfully with 2.6.17-2-686.
i blacklisted 8250_pnp in two spots: /etc/hotplug/blacklist.d/8250_pnp, and
also in /etc/modprobe.d/blacklist (i'm running backported udev and not
hotplug on this sy
I just built the trac package from a combination of:
a) the official 0.10 release tarball
(http://ftp.edgewall.com/pub/trac/trac-0.10.tar.gz)
b) the beta1 diff.gz in experimental (0.10~b1-1)
(ftp://ftp.debian.org/debian/pool/main/t/trac/trac_0.10~b1-1.diff.gz)
the diff applies fine (o
i appreciate why this was fixed, but it seems like it's still a bit
buggy because there are now two different dependencies on libsvn0 for
subversion. From a mixed etch/sid system:
[0 [EMAIL PROTECTED] ~]$ apt-cache show subversion | grep ^Depend
Depends: libsvn0 (= 1.3.2-5+b1), libapr0 (>= 2.0.55
i agree with Sam Morris that this bug should be treated as a security
concern.
checkrestart appears to be used primarily as a security audit tool: to
find outdated versions of libraries still in use, particularly after
security upgrades. It fails to report the things it claims to be able
to detec
i'm running a mixed etch/sid system, and could not reproduce this
problem with bash_completion turned on.
below reflects my hitting the tab key:
[0 [EMAIL PROTECTED] ~]$ dpkg -l bash grep dpkg libphp-pclzip
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Installed/Config-files/Unpacked/Fa
i tried to upgrade my instance of trac today from 0.10-1 to 0.10-2,
and apt wants to remove libapache2-mod-python (i have version 3.2.10-1
installed, which is the etch version).
i'm not sure i understand why the removal is being requested, but if i
were to agree with it, it would make trac unusabl
On October 20, [EMAIL PROTECTED] said:
> A new upload has been made that i believe solves the problem. Check
> under incoming.debian.org
Yep. That does it for me. I'll remember the versioned Conflicts:
approach for next time i see something like this. Thanks, Jesus.
--dkg
--
To UNS
I can confirm this.
the precise error messages in my syslog look like this:
Oct 24 09:03:07 squeak udevd[4790]: add_to_rules: invalid SUBSYSTEMS operation
Oct 24 09:03:07 squeak udevd[4790]: add_to_rules: invalid rule
'/etc/udev/rules.d/z60_openct.rules:49'
Oct 24 09:03:07 squeak udevd[4790]: ad
Package: libpg-perl
Version: 1:2.1.1-2
Severity: minor
Tags: patch
The synopsis from "perldoc Pg" doesn't work properly, because "print"
should not be assigned to. Removing the assignment operator (=) makes
it functional but ugly, as it prints the information without newlines
between the rows.
On 12/23/2013 06:48 AM, Arno Töll wrote:
> thanks for that suggestion. I added your patch for the upcoming package
> upload.
great, thank you!
> I did, however, add the full keyring of Apache developers that
> /could/ sign a release as listed in http://www.apache.org/dist/httpd/KEYS
While we're
On 12/24/2013 10:17 PM, Neil Roeth wrote:
> This command will illustrate the problem: wget -O- -q
> https://api.dreamhost.com/
I can confirm that 3.2.7 seems to hang for me, when i do:
gnutls-cli --priority NORMAL api.dreamhost.com
However, i can connect cleanly with:
gnutls-cli --priority NO
On 12/24/2013 07:34 AM, Patrick Frank wrote:
> Setting up runit (2.1.1-6.2) ...
> /var/lib/dpkg/info/runit.postinst: 48: kill: Operation not permitted
>
> dpkg: error processing package runit (--configure):
> subprocess installed post-installation script returned error exit status 1
hmm, i wonde
Hi apache folks--
In http://bugs.debian.org/732450, debian is preparing to
cryptographically verify OpenPGP signatures on apache upstream tarballs.
As part of the dicsussion, it's become clear that some of the keys in
https://www.apache.org/dist/httpd/KEYS are weak by any modern
consideration of
On 12/26/2013 06:18 PM, Nick Kew wrote:
> You're ahead of us. Individual Apache folks like Jim have taken
> responsibility and moved to 4096-bit keys, but we haven't as a
> community had the discussion that might lead to pruning KEYS.
> My inclination is to say NO to requiring anyone to remove old
I'm uploading the same NMU of NSS now as 3.15.3.1-1.1, adding several
useful utilities to libnss3-tools (http://bugs.debian.org/701141).
The changes are available in git (including a signed tag) at:
git://lair.fifthhorseman.net/~dkg/nss
They should be able to be directly pulled into the pkg-moz
Package: xserver-xorg-video-ati
Version: 1:7.2.0-1+b2
Severity: normal
When i have xserver-xorg-video-ati installed, i get the following
crash when starting X (this output was gathered via "startx" as root
from a virtual terminal):
X.Org X Server 1.14.5
Release Date: 2013-12-12
X Protocol Version
bian/changelog 2014-01-07 05:23:50.0 -0500
+++ gnupg-1.4.16/debian/changelog 2014-01-20 22:17:40.0 -0500
@@ -1,3 +1,10 @@
+gnupg (1.4.16-1.1) unstable; urgency=low
+
+ * Non-Maintainer Upload.
+ * Initialize trustdb before clearing it (Closes: #735363)
+
+ -- Daniel
Package: xul-ext-noscript
Version: 2.6.8.14-1
Severity: wishlist
Tags: patch
Dear Maintainer,
Using noscript with iceweasel's search provider set to a search engine
that really wants you to use javascript is a drag.
The DuckDuckGo search engine has a nice non-javascript interface, but
it is not
hi Mike and other mozilla maintainers for debian.
I submitted https://bugs.debian.org/739395 to xul-ext-noscript,
proposing a default search provider which is DuckDuckGo's non-javascript
interface. David Prévot suggested that i ask for its inclusion into the
iceweasel package directly.
I'm attac
Package: python-redis
Version: 2.9.1-1
Severity: wishlist
Hi Chris--
https://pypi.python.org/pypi/redis/ indicates that python's redis
library should be compatible with python 3.2 and 3.3. it would be
great if the debian packaging could build a python3-redis binary
package as well.
You can find
---
checks/watch-file.desc | 4 +++-
checks/watch-file.pm | 3 ++-
t/tests/watch-file-pubkey-missing/desc | 2 +-
3 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/checks/watch-file.desc b/checks/watch-file.desc
index 668169e..86a0960 100644
--- a/che
Package: wnpp
Severity: wishlist
Owner: Daniel Kahn Gillmor
* Package name: trac-navadd
Version : 0.3
Upstream Author : Ryan J. Ollos
* URL : https://trac-hacks.org/wiki/NavAddPlugin
* License : BSD
Programming Lang: Python
Description : Add custom
On 02/22/2014 02:51 AM, Erik de Castro Lopo wrote:
> I run debian testing on a dual G5 powermac.
>
> Just upgraded from linux-image-3.4-trunk-powerpc64 to
> linux-image-3.12-1-powerpc64 and found the same issue. The windfarm
> modules are loading but the about 30 seconds to a couple of minutes
>
Control: tag 739828 + upstream
On 02/22/2014 06:15 PM, Steven Chamberlain wrote:
> Enigmail today claims a message is signed with *my own* signature,
> but it is not. A screenshot is attached, and the actual message is:
> http://lists.debian.org/handler.737580.d737580.13930828232967.ackd...@bugs.
Control: forwarded 739828 http://sourceforge.net/p/enigmail/bugs/138/
Control: fixed 739828 1.6-1
On Sat 2014-02-22 22:42:40 -0500, Daniel Kahn Gillmor wrote:
> I dug around a bit to try to find a reference for it, but i haven't been
> able to find an explicit reference to the upstr
On 02/23/2014 09:10 PM, Mike Hommey wrote:
> If we start doing this for ddg, we'd need to do this for all the others
> where it's possible. Multiplying the number of search engine and
> creating confusion to users is not the best use of resources imho.
>
> That being said, that's something ddg sho
Package: sks
Version: 1.1.4-2.1
Severity: normal
On the sks-devel mailing list, there are regular configuration
failures due to poor autotuning of database configuration parameters.
The latest thread starts here:
https://lists.nongnu.org/archive/html/sks-devel/2014-02/msg00039.html
As packagers
Package: lists.debian.org
Severity: normal
Thanks to listmasters and the DSA for rolling out https on
lists.debian.org, and for enabling STS on the site.
I note that the archive footers in each message still use the http
links, though.
Please make the archive footers use https instead of http, t
Package: wnpp
Severity: wishlist
Owner: Daniel Kahn Gillmor
* Package name: python-expiringdict
Version : 1.1
Upstream Author : Rackspace, Anton Efimenko
* URL : https://github.com/mailgun/expiringdict
* License : Apache 2.0
Programming Lang: Python
Package: wnpp
Severity: wishlist
Owner: Daniel Kahn Gillmor
* Package name: python-dnsq
Version : 1.1
Upstream Author : Russell Jones
* URL : https://github.com/mailgun/dnsq
* License : Apache 2.0
Programming Lang: Python
Description : Python DNS
Package: wnpp
Severity: wishlist
Owner: Daniel Kahn Gillmor
* Package name: python-flanker
Version : 0.4.9
Upstream Author : Russell Jones
* URL : https://github.com/mailgun/flanker
* License : Apache 2.0
Programming Lang: Python
Description : e-mail
Package: snapshot.debian.org
Severity: wishlist
It would be nice to be able to protect the confidentiality of
connections and specific retrievals for snapshot.debian.org. Can we
enable https for this service?
Thanks for maintaining the snapshot archive,
--dkg
-- System Information:
Package: python-lxml
Version: 3.3.1-1
Severity: normal
Tags: upstream
When lxml moved to 3.3.1, xml2rfc broke with the following message:
==
ERROR: test_header_footer (__main__.WriterDraftTest)
---
Package: wnpp
Severity: wishlist
Owner: Daniel Kahn Gillmor
* Package name: golang-go-vhost
Version : 0.0~git1.abc5f6a77596abb
Upstream Author : Alan Shreve
* URL : https://git
* License : Apache 2.0
Programming Lang: Go
Description : library for
Package: wnpp
Severity: wishlist
Owner: Daniel Kahn Gillmor
* Package name: slt
Version : 0.0~git20140226
Upstream Author : Alan Shreve
* URL : https://github.com/inconshreveable/slt
* License : Apache 2.0
Programming Lang: Go
Description : TLS
This avoids failure when importing with --always-trust on gpg 1.4.16,
as reported in http://bugs.debian.org/735363
---
g10/trustdb.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 0bf92e4..828b90f 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -927,6 +
as reported by Jakub Wilk in http://bugs.debian.org/736247, there is a
TOCTOU failure in python's xdg module (see attached message).
Could a CVE be assigned to this?
--dkg
--- Begin Message ---
Package: python-xdg
Version: 0.25-3
Severity: important
Tags: security
xdg.BaseDirectory.get_
Package: python3-postgresql
Version: 1.0.2-1+b3
Severity: wishlist
according to https://pypi.python.org/pypi/py-postgresql, version 1.1.0
of py-postgresql has been available since 2012-10-08.
It would be great to have this in debian.
Regards,
--dkg
-- System Information:
Debian Release
Package: python3-postgresql
Version: 1.0.2-1+b3
Severity: normal
Tags: patch
python3-postgresql uses github for releases now, see:
http://lists.pgfoundry.org/pipermail/python-general/2012-October/001002.html
Below is a patch to debian/watch to use this new release mechanism:
Index: debian/watch
Package: python-gnutls
Version: 1.2.4-1
Severity: normal
libgnutls26 is an older API that is unsupported upstream. Please
rebuild python-gnutls against libgnutls28-dev, which is the
upstream-supported API.
Thanks,
--dkg
-- System Information:
Debian Release: jessie/sid
APT prefers testing
On 01/24/2014 10:32 AM, Dimitri John Ledkov wrote:
> Please see all the discussion around license incompatibilities of
> gnutls28 vs 26, and openssl.
I'm aware of that discussion, thanks :)
> GnuTLS 28 is GPLv3 only, and if python-gnutls is rebuild against 28,
> then all reverse-dependencies must
Package: androidsdk-tools
Version: 22.2+git20130830~92d25d6-1
Severity: normal
the normal "android" script that a user might want to launch expects
to find sdkmanager.jar someplace. debian doesn't ship that at all
currently, under any name that i can see.
It looks like debian is shipping our .ja
On Fri 2014-01-17 18:21:04 -0500, Daniel Kahn Gillmor wrote:
> On 01/15/2014 04:24 PM, Carsten Schoenert wrote:
>
>> are this segfaults also happen with the current 24.2.0?
>
> yep, i just had one. :(
And here's a backtrace from another one, from icedove 24.2.0-1 :
Package: twinkle
Version: 1:1.4.2-3
Severity: grave
Justification: renders package unusable
0 root@alice:~# apt-get install twinkle/unstable
Reading package lists... Done
Building dependency tree
Reading state information... Done
Selected version '1:1.4.2-3' (Debian:unstable [amd64]) for 't
Package: jitsi
Version: 2.4.4997-1
Severity: normal
Using a user account that has no pre-existing ~/.jitsi, I did the
shortest invocation possible: I launched Jitsi from the console,
declined to set up any accounts, and then closed the application using
"File|Quit".
The result was a large stream
On 01/27/2014 05:24 PM, Guido Günther wrote:
> Hi Daniel,
> On Sat, Jan 25, 2014 at 10:33:59AM -0500, Daniel Kahn Gillmor wrote:
>> #3 0x736a1a2b in FormatFileSize (size=,
>> useKB=useKB@entry=true, formattedSize=...)
>> at
>> /build/icedove-twtUo
Package: jitsi
Version: 2.4.4997-1
Severity: normal
When starting a text chat with a SIP contact, i get the following
messages to stderr:
11:11:27.218 SEVERE: [35] plugin.spellcheck.ChatAttachments.getFormatting().73
Spell checker dictionary failed to be accessed
java.lang.NullPointerException
Package: wnpp
Severity: wishlist
* Package name: fonts-oswald
Version : 3.0
Upstream Author : Vernon Adams
* URL : http://oswaldfont.com/,
https://github.com/vernnobile/OswaldFont
* License : OFL 1.1
Programming Lang: sourceforge
Description : A modern
Hi Jan--
On 02/06/2014 06:14 PM, Jan Nordholz wrote:
> Package: gnutls26
> Version: 2.12.23-10
[...]
> Better not be an early adopter and create certificates with SHA512...
> downgraded the certificate's hash algorithm, and it works flawlessly again.
>
> This error message "Insufficient credenti
Source: android-tools
Version: 4.2.2+git20130529
Severity: normal
according to https://android.googlesource.com/platform/system/core and
https://android.googlesource.com/platform/system/extras, version 4.4.2
is tagged and available.
Please update the debian package!
Thanks,
--dkg
-- Sy
Package: android-tools-adb
Version: 4.2.2+git20130529
Severity: normal
Dear Maintainer,
"adb start-server" starts the adb service with a unix-domain socket by
default (local:5037 maps to /tmp/5037). This is potentially a risky
process (e.g. like the symlink attack from the logfile mentioned in
#
On 02/10/2014 11:11 AM, gregor herrmann wrote:
> On Sun, 26 Jan 2014 18:11:28 +0100, gregor herrmann wrote:
>
>> When I add the 'fingerprint' directive to ~/.gnupg/gpg.conf (which
>> additionally outputs the fingerprint for --list-keys etc.), mutt
>> can't open encrypted mails anymore.
>
> Seems
Control: tags 737494 + unreproducible moreinfo
Control: severity 737494 normal
I just tried installing monkeysphere on a stock wheezy system, setting
up monkeysphere-authentication with an identity certifier. then i
upgraded it to jessie, all without a problem.
I'm unable to reproduce the issue.
On Mon 2013-12-02 13:04:46 -0500, Daniel Kahn Gillmor wrote:
> libnss3-tools 2:3.15.3-1 is now in both jessie and sid, but it doeesn't
> address this change. Would you like me to do an NMU of 2:3.15.3-1.1
> to resolve it?
i've gone ahead and made that NMU, with the attache
(Closes: #678147).
+
+ -- Daniel Kahn Gillmor Thu, 05 Dec 2013 13:56:15 -0500
+
wpa (1.0-3) unstable; urgency=high
* ship forgotten README-P2P.
diff -Nru wpa-1.0/debian/config/wpasupplicant/kfreebsd wpa-1.0/debian/config/wpasupplicant/kfreebsd
--- wpa-1.0/debian/config/wpasupplicant/kfree
Package: dpkg-dev
Version: 1.17.3
Severity: normal
When building C++ projects using debhelper within an up-to-date sid
cowbuilder these days, i often get the following message during
dh_shlibdeps:
dh_makeshlibs
dh_shlibdeps
dpkg-shlibdeps: error: no dependency information found for
/usr/li
On 12/06/2013 07:13 PM, Michael Shuler wrote:
> #2 - All CAs included in ca-certificates are available to have the trust
> turned off. If you have a concern about a particular CA and do not
> trust them, disable that CA.
can we ship CAs marked as "disabled" by default? my impression is that
ever
Package: bugs-everywhere
Version: 1.1.1-2
Severity: normal
0 dkg@alice:~/src/monkeysphere/monkeysign$ be help
Usage Error:
Unknown command 'html'
(No module named jinja2)
For usage information, try
be help html
0 dkg@alice:~/src/monkeysphere/monkeysign$
after installing python-jinja2, i get th
On 12/06/2013 08:11 PM, Michael Shuler wrote:
> On 12/06/2013 06:21 PM, Daniel Kahn Gillmor wrote:
>> can we ship CAs marked as "disabled" by default?
>
> I think this would prove to be a rather severe disservice to Debian
> users, making all SSL connections fail
On 12/06/2013 10:15 PM, Michael Shuler wrote:
> Thanks for the clarification, I misunderstood. This would be possible,
> but it makes for an interesting question of toggling other CAs, which I
> don't care to take on, since it seems to be a rather polar and emotional
> conversation.
Deciding to e
Package: wnpp
Severity: normal
I request an adopter for the python-qrencode package.
The package description is:
This package contains modules that allow you to use the Qrencode QR
Code generator library in Python programs.
there are alternatives available: it looks like python-qrcode has a
mo
On 12/07/2013 07:54 AM, Raphael Geissert wrote:
> On Saturday 07 December 2013 01:21:52 Daniel Kahn Gillmor wrote:
>> The other way to maintain the same CA set is for Someone™ to fix #704180
>
> While I like that solution (having to modify nss to add/remove certs is a
> PITA),
Package: scorched3d
Version: 43.3+dfsg-1
Severity: normal
Dear Maintainer,
I launched scorched3d and then clicked "Play"
after a few seconds, i got a dialog box showing the following crazy
message (dozens of newlines included, the dialog box was insanely
tall):
---
The S
On 12/08/2013 10:16 PM, David Prévot wrote:
> Since it is easier to find/produce collisions with compressed files,
> some projects do a checksum on the tar file and not on the compressed
> file, see:
>
> http://cryptography.hyperlink.cz/2004/otherformats.html
This note is about bad properties of
On Wed 2013-12-04 17:13:24 -0500, Mike Hommey wrote:
> On Thu, Dec 05, 2013 at 06:56:40AM +0900, Mike Hommey wrote:
>> On Tue, Dec 03, 2013 at 02:09:41PM -0500, Daniel Kahn Gillmor wrote:
>> > On Mon 2013-12-02 13:04:46 -0500, Daniel Kahn Gillmor wrote:
>> > > libn
Hi Martin--
On 12/13/2013 09:21 AM, Martin Vegter wrote:
> Package: enigmail
> Version: 2:1.5.1+id17-3~deb7u1
>
> When I start Icedove a window opens prompting me for my OpenPGP
> passphrase. Similarly, when I select an encrypted message in my "sent"
> folder I am again asked for my passphrase.
>
On 12/14/2013 05:01 AM, Martin Vegter wrote:
> Yes, the button is still there. It is the "Decrypt" button (Decrypt or
> verify the message with OpenPGP), I think same as when you click the
> "OpenPGP menu" -> "Decrypt/Verify"
OK, you're talking about the button in the top-level toolbar when
lookin
On 12/13/2013 03:33 AM, Thijs Kinkhorst wrote:
> Well, the idea of making it invalid was to see if the download would
> actually fail on that.
uscan should fail (return non-zero) if pgpsigmangleurl is present and
anything prevents full validation of the upstream source.
This won't stop the file f
--- Begin Message ---
On 16/12/13 06:25, Alan Ianson wrote:
> Package: iceweasel
> Version: 17.0.10esr-1~deb7u1
> Severity: normal
>
> Dear Maintainer,
> *** Please consider answering these questions, where appropriate ***
>
>Iceweasel doesn't let me log into the secure website of my master c
On 12/17/2013 04:55 AM, Stuart Pook wrote:
> In any case I'm confused. No non-root user can create special devices no
> matter what the value on nodev is. Fakeroot needs to simulate the create of
> special devices I think.
sure. and it does, even when /tmp is mounted nodev (though of course
the
Werner Koch reported using a slightly different patch to disable
TLS compression in pound, as found here:
http://lists.gnupg.org/pipermail/gnupg-users/2013-December/048433.html
--dkg
--- a/config.c 2013-12-17 13:15:09.0 +0100
+++ b/config.c 2013-12-17 13:20:16.0 +0100
@@ -76,
Control: tags 732429 + moreinfo
On 12/17/2013 06:26 PM, Antoine Beaupré wrote:
>* What was the outcome of this action?
>
> the build failed with some error, which i lost because i closed the
> terminal.
can you supply the error message and its context please? it sounds like
you have the infr
Package: src:openssh
Version: 1:6.4p1-1
Severity: normal
Tags: patch
uscan from devscripts 2.13.3 has the ability to check OpenPGP
signatures on new upstream releases.
on openssh-unix-dev, damien miller announced a new key that will be
used to sign forthcoming releases of OpenSSH:
https://lists.
RL to the signature is well-known.
debian-policy should recommend that package maintainers regularly
verify these signatures for new versions, and mention the files used.
A proposed patch for debian-policy is attached.
commit f267cc2134197533bce3af8152aef15217967813
Author: Daniel Kahn Gillmor
Package: maint-guide
Version: 1.2.31
Severity: normal
Tags: patch
Since devscripts 2.13.3 (see #610712), uscan has supported the ability
to automatically verify upstream's cryptographic signatures if the
signing key and URL to the signature is well-known.
The maint-guide should recommend that pa
ent [ssh-client] 1:6.4p1-1
ii svn-buildpackage 0.8.5
pn w3m
-- debconf-show failed
commit 20a435df7093fb0048bf6471e9ca6f3fc17ee3b6
Author: Daniel Kahn Gillmor
Date: Wed Dec 18 02:21:50 2013 -0500
uscan checks for likely upstream signatures if none are
Package: src:apache2
Version: 2.4.6-3
Severity: normal
Tags: patch
uscan from devscripts 2.13.3 has the ability to check OpenPGP
signatures on new upstream releases.
It looks like Jim Jagielski is signing apache2 releases (at least
those from 2.2 onward, which are all that we care about) with his
On 12/18/2013 09:06 AM, Osamu Aoki wrote:
> On Tue, Dec 17, 2013 at 11:41:01PM -0500, Daniel Kahn Gillmor wrote:
>> The maint-guide should recommend that package maintainers regularly
>> verify these signatures for new versions, and mention the files used.
>
> I agree.
On 12/18/2013 02:54 PM, Antoine Beaupré wrote:
> anarcat@desktop008:~$ mkdir "test space"
> anarcat@desktop008:~$ cd "test space"
> anarcat@desktop008:test space$ git clone git://finestructure.net/debirf
> Cloning into 'debirf'...
> remote: Counting objects: 2964, done.
> remote: Compressing object
Control: retitle 732429 fakeroot fails when state file has whitespace
Control: reassign 732429 fakeroot
Control: affects 732429 debirf
On 12/18/2013 02:59 PM, Daniel Kahn Gillmor wrote:
>> debirf> loading profile 'test'...
>> debirf> creating debirf root...
>> d
101 - 200 of 4410 matches
Mail list logo
