Quoting Olivier Berger ([EMAIL PROTECTED]):
> Hi.
>
> Just to let you know I have included all translations updates (+ tickets
> tagged as pending), tested again and improved slight bits of the
> package, and prepared a NMU 4.1.2-3.2 source package I just sent to
> Christian Perrier for upload.
Hi.
Just to let you know I have included all translations updates (+ tickets
tagged as pending), tested again and improved slight bits of the
package, and prepared a NMU 4.1.2-3.2 source package I just sent to
Christian Perrier for upload.
I hope it fixes those pending issues and will make its wa
Le samedi 28 juin 2008 à 14:52 +0200, Christian Perrier a écrit :
> Quoting Olivier Berger ([EMAIL PROTECTED]):
> > OK.
> >
> > I've done some more tests, and changed some bits again in the templates
> > (and scripts), to adjust to latest maintainer's (and others') remarks,
> > and hope to have so
Quoting Olivier Berger ([EMAIL PROTECTED]):
> OK.
>
> I've done some more tests, and changed some bits again in the templates
> (and scripts), to adjust to latest maintainer's (and others') remarks,
> and hope to have something stable now to be able to provide a fix for
> this bug (and update of t
Quoting Olivier Berger ([EMAIL PROTECTED]):
> I guess that if you provide a 4.2 package soon, at the same time as the
> patch for 4.1.2 is prepared, uploading by your sponsor should be
> coordinated with Christian Perrier's one, to avoir locking each-other.
> I'd propose 4.1.2-3.2 to be going to t
(keeping [EMAIL PROTECTED] out of the CCs as I think
this becomes quite specific to twiki's packaging and not so much about
translations)
Le samedi 28 juin 2008 à 18:04 +1000, Sven Dowideit a écrit :
> I would suggest using 'TWiki Configure User & Password' and setting the
> configure save pwd to
Le samedi 28 juin 2008 à 08:37 +0100, Justin B Rye a écrit :
> Olivier Berger wrote:
> > *Should be "apache" in all three.*
> >
> > By "apache user", I mean something which relates to Require user in the
> > apache.conf section of the 'configure' script... of course, this assumes
> > that it's run
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was hoping to have time for this today, but it seems not to be.
I would suggest using 'TWiki Configure User & Password' and setting the
configure save pwd to the same thing. (and making the username for it
'admin')
That way it will not need to chan
Olivier Berger wrote:
> *Should be "apache" in all three.*
>
> By "apache user", I mean something which relates to Require user in the
> apache.conf section of the 'configure' script... of course, this assumes
> that it's running apache and no other web server ;)
>
> In any case, that's meant to
Le vendredi 27 juin 2008 à 19:22 +0200, Christian Perrier a écrit :
> Quoting Olivier Berger ([EMAIL PROTECTED]):
>
> > > I think that the twiki/apacheUserCreationNote becomes useless now.
> > > It is needed by the following bit of code:
> > >
> > > # add info due to 3-4 bug reports
> > > db_inpu
Quoting Olivier Berger ([EMAIL PROTECTED]):
> > I think that the twiki/apacheUserCreationNote becomes useless now.
> > It is needed by the following bit of code:
> >
> > # add info due to 3-4 bug reports
> > db_input high twiki/apacheUserCreationNote || true
> >
> >
> > This is clear and blatant
Quoting Olivier Berger ([EMAIL PROTECTED]):
> P.S.: will 10 days be enough ? ;)
For the translation update round, yes, imho.
If you've settled on a last version from the exchanges with Justin
(and my last comment about the debconf note where as I said, I leave
it up to you to decide), then plea
Le vendredi 27 juin 2008 à 15:18 +0100, Justin B Rye a écrit :
> > Template: twiki/configuser
> > Type: string
> > Default: configuser
> > #flag:comment:2
> > # Translators, do not translate "'configure'" script's name
> > _Description: Apache user allowed access to 'configure' script
>
Olivier Berger wrote:
> I propose a new version of the templates, in attachment, due to several
> changes that I think were problematic. My explanations bellow on why.
Well, I suspected I was out of my depth, and now I know.
> Template: twiki/configuser
> Type: string
> Default: configuser
> #fla
Hi.
Thanks for the suggestions for the templates, and your comments.
I propose a new version of the templates, in attachment, due to several
changes that I think were problematic. My explanations bellow on why.
I hope it's syntaxically correct, as I didn't test it in a new package.
Le vendredi
(Justin's mail was sent to dle only. It is quoted at the end of this answer)
Quoting Justin B Rye ([EMAIL PROTECTED]):
> Christian Perrier wrote:
> > OK, as there are templates changes, this is a good occasion to review
> > the entire templates set for this package, as it doesn't follow the
> > us
(dsebian-l10n-english CC'ed)
> I have put some more efforts in trying to propose a cleaner fix for that
> bug.
>
> You'll find the improved patch to be applied to the package's sources in
> attachment.
>
> Note that it now manages debconf better, asking password twice, and
> comparing inputs.
>
Le mercredi 11 juin 2008 à 15:48 +0200, Olivier Berger a écrit :
> Hello.
>
> I assume that my RTFM argument made its point, and the realty of the
> issue is acknowledged, so I'm trying get back to the proposal for a
> solution.
>
SNIP
> I have reviewed my previous proposed patch, and am proposi
Hello.
I assume that my RTFM argument made its point, and the realty of the
issue is acknowledged, so I'm trying get back to the proposal for a
solution.
As the maintainer seems reactive, there may no longer be a need for a
NMU (which I proposed when I received no reaction to my initial private
r
Le mardi 10 juin 2008 à 18:53 +1000, Sven Dowideit a écrit :
> I still contend that
>
> "Allow from 127.0.0.1"
>
> does _not_ constitute open to anyone on the internet.
Right. But see bellow...
> While hard coding
> TWikiGuest with a password of guest is not in any sense a good thing,
> fro
I still contend that
"Allow from 127.0.0.1"
does _not_ constitute open to anyone on the internet. While hard coding
TWikiGuest with a password of guest is not in any sense a good thing,
from what I've noticed of other debian packages (and the fact that this
was the case when I inherited the
Le mardi 10 juin 2008 à 17:39 +1000, Sven Dowideit a écrit :
> odd,
>
> I'm under the impression that I did respond, and indicated taht I don't
> see it as a major issue.
OK, here I strongly disagree.
You say you don't see as a "major issue" that anyone on the Internet can
access and change a
Also, the patch was found, by you to be defective. So I was expecting to
see another round.
Olivier Berger wrote:
Package: twiki
Version: 1:4.1.2-3.1
Severity: grave
Tags: security
Justification: user security hole
In current state of the Debian package, if nothing is changed manually to the
odd,
I'm under the impression that I did respond, and indicated taht I don't
see it as a major issue. no-one on the security team suggested it was
either, leading me to believe that we had a consensus.
Sven
Olivier Berger wrote:
Package: twiki
Version: 1:4.1.2-3.1
Severity: grave
Tags: sec
Package: twiki
Version: 1:4.1.2-3.1
Severity: grave
Tags: security
Justification: user security hole
In current state of the Debian package, if nothing is changed manually to the
default setup configured by the package, then TWiki's configure script is
accessible easily to unauthorized people, t
25 matches
Mail list logo
