Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

On Mon, 28 Apr 2014 23:01:58 -0700, Manoj Srivastava wrote: > Stephen Kitt >mingw-w64 This one is due to missing B-D-I... Regards, Stephen signature.asc Description: PGP signature

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

Manoj Srivastava writes: > On Tue, Apr 29 2014, Felipe Sateler wrote: >> On Mon, 28 Apr 2014 23:01:58 -0700, Manoj Srivastava wrote: >> >> >>> Felipe Sateler >>>csound (U) >>>pulseaudio (U) > Add to that: >> Kari Pahula >>gecode >> Russ Allbery >>krb5 (U) > Missing Buil

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

On Tue, Apr 29 2014, Felipe Sateler wrote: > On Mon, 28 Apr 2014 23:01:58 -0700, Manoj Srivastava wrote: > > >> Felipe Sateler >>csound (U) >>pulseaudio (U) Add to that: > Kari Pahula >gecode > Russ Allbery >krb5 (U) Missing Build-Depends-Indep is a common pattern among

Re: concurrent installation of different pkg versions

On 04/26/2014 01:39 AM, Daniel Pocock wrote: > > > With all the talk about removing jquery from source packages, one thing > that does arise is the question of how to support different jquery versions. > > This is not just a JavaScript issue though. Maybe we can have > > libjs-jquery-1.7 >

Re: OpenStack needs for backport repo (was: concurrent installation of different pkg versions)

On 04/26/2014 01:39 AM, Daniel Pocock wrote: > There was even a debate about this on the backports list recently in the > context of how to support different versions of OpenStack (not installed > concurrently though, but just making perhaps the most recent 2 releases > available to users on wheezy

Re: concurrent installation of different pkg versions

Jeremy Stanley writes: > An academic librarian friend of mine has been working with the various > departments at his institution to start producing and archiving > virtual machine images preconfigured for running the software used to > generate results corresponding to various publications, I'm

Re: concurrent installation of different pkg versions

On Sat, Apr 26, 2014 at 06:21:33AM -0700, Russ Allbery wrote: > Steve Langasek writes: > > On Sat, Apr 26, 2014 at 02:07:22PM +0900, Charles Plessy wrote: > >> it would be a great advantage for Debian over the other distributions > >> to have the capacity to install multiple versions concurrently

Re: mirror.debian.net down?

On 29/04/14 23:22, Luca Filipozzi wrote: > It should be mostly corrected now although one name server is still not > transferring properly. > > Technicians have been deployed. Thank you! So I presume it will be coming back. If there is any more you can tell me about this DNS zone, it would be n

Re: concurrent installation of different pkg versions

On 2014-04-27 20:50:38 -0700 (-0700), Russ Allbery wrote: [...] > Containers would be a better environment, but you have to make > them very, very simple to set up. [...] An academic librarian friend of mine has been working with the various departments at his institution to start producing and ar

Re: Hardened OpenSSL fork

Here's a good catch I think: http://freshbsd.org/commit/openbsd/b6c83fa20a2269dadd0a9a73049813c75c2bcbbb SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS disables a workaround for the weakness described in https://www.openssl.org/~bodo/tls-cbc.txt which, I think, was exploited by the BEAST attack ~9 years later

Bug#746433: ITP: php-fxsl -- XSL wrapper and extension to XSLTProcessor

Package: wnpp Severity: wishlist Owner: David Prévot Control: block 746419 by -1 * Package name: php-fxsl Version : 1.1.0 Upstream Author : Arne Blankerts * URL : https://github.com/theseer/fXSL * License : BSD-3-clause Programming Lang: PHP Description

Re: mirror.debian.net down?

Hi, It's a consequence of service provider's automated (and hasty) provisioning. It should be mostly corrected now although one name server is still not transferring properly. Technicians have been deployed. Luca On Tue, Apr 29, 2014 at 10:40:38PM +0100, Steven Chamberlain wrote: > Dear DSA, >

Re: Re: Hardened OpenSSL fork

On Mon, 28 Apr 2014 16:52:10 + (UTC), daThorsten Glaser wrote: > For their OpenSSL fork, specifically, they rely on some system > properties such as their RNG’s behaviour way too much [...] I would think Linux and FreeBSD have much better PRNGs now than what has been done until now in OpenSSL.

Re: Source Requirements

Andreas Barth writes: > * Dimitri John Ledkov (x...@debian.org) [140429 23:34]: >> of course not, do a bootstrap each time, or provide a separate >> bootstrap package in the archive, such that other people can reproduce >> the boostrap process. circular build-dependency on one-self is always >> b

Re: Source Requirements

* Dimitri John Ledkov (x...@debian.org) [140429 23:34]: > On 29 April 2014 21:02, Thomas Koch wrote: > > On Tuesday, April 29, 2014 02:26:49 AM Scott Kitterman wrote: > >> Recently there have been a number of questions about source requirements > >> for the Debian archive. The FTP master view of

Re: Source Requirements

On Tue, Apr 29, 2014 at 2:34 PM, Dimitri John Ledkov wrote: > On 29 April 2014 21:02, Thomas Koch wrote: >> On Tuesday, April 29, 2014 02:26:49 AM Scott Kitterman wrote: >>> Recently there have been a number of questions about source requirements >>> for the Debian archive. The FTP master view o

mirror.debian.net down?

Dear DSA, I'm suddenly unable to resolve records under the mirror.debian.net DNS zone. It is apparently not a zone registered in Debian LDAP, so 'seems to be DSA territory' according to http://wiki.debian.org/DebianGeoMirror I couldn't find any announcement relating to it, so wonder if it is an

Re: Source Requirements

On 29 April 2014 21:02, Thomas Koch wrote: > On Tuesday, April 29, 2014 02:26:49 AM Scott Kitterman wrote: >> Recently there have been a number of questions about source requirements >> for the Debian archive. The FTP master view of this are based on both >> item 1 of the social contract (Debian

Re: goals for hardening Debian: ideas and help wanted

Le mardi 29 avril 2014 à 15:35 +, Thorsten Glaser a écrit : > > A wide misconception. Chroots are easily implemented and add security > > almost for free > Bwahahahahahahahahahahahahahahahahahaha! > > (To casual observers: the entire paragraph is very wrong.) Maybe you should go read a book

Re: goals for hardening Debian: ideas and help wanted

previously on this list Marko Randjelovic contributed: > Well, we have the word "hardening" in the subject, I'm not sure > what OP meant, probably he ment more "security" then "hardening", > but grsecurity which is mentioned in wiki[1] contains features to > prevent breaking out of chroot, so comb

Bug#746419: ITP: php-dox -- documentation generation framework and tool

Package: wnpp Severity: wishlist Owner: David Prévot Control: block 744876 by -1 * Package name: php-dox Version : 0.6.5 Upstream Author : Arne Blankerts * URL : http://phpdox.de/ * License : BSD-3-clause Programming Lang: PHP Description : documentati

Re: Source Requirements

On Tuesday, April 29, 2014 02:26:49 AM Scott Kitterman wrote: > Recently there have been a number of questions about source requirements > for the Debian archive. The FTP master view of this are based on both > item 1 of the social contract (Debian will remain 100% free) and item 2 of > the DFSG (

Bug#746414: ITP: phpcpd -- copy and paste detector (CPD) for PHP code

Package: wnpp Severity: wishlist Owner: David Prévot Control: block 744876 by -1 * Package name: phpcpd Version : 2.0.0 Upstream Author : Sebastian Bergmann * URL : https://github.com/sebastianbergmann/phploc * License : BSD-3-clause Programming Lang: PHP

Re: goals for hardening Debian: ideas and help wanted

On Tue, April 29, 2014 18:45, Russ Allbery wrote: > Marko Randjelovic writes: > >> I added this: > >> "Debian policy should require that in every source package all security >> packages should be clearly marked as such in standard and easily >> parsable way with optional further references." > > I

Re: New Cinnamon Maintainer, looking for help

Hi, I've been working with Maxy in creating these packages and I can answer your questions. On Tue, Apr 29, 2014 at 3:07 PM, Jonathan Dowland wrote: > Hi, yes, I realise you can't push to that repo, so you have another. That's > not > my point. There's nothing stopping your other repo from bein

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

* Manoj Srivastava , 2014-04-28, 23:01: Moritz Muehlenhoff fbi A bashism ("echo -e") in mk/Autoconf.mk slightly corrupts the first line of Make.config: -e LIB := lib Apparently the new make doesn't like it. Beware of #584233 when fixing this bug. -- Jakub Wilk -- To UNSUBSCR

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

On Mon, Apr 28, 2014 at 11:01:58PM -0700, Manoj Srivastava wrote: > David Suárez kindly did an archive rebuild with the new > version of make in experimental, and the results of the build are at: > http://aws-logs.debian.net/ftbfs-logs/results-make4/ > > The summary: 73 packag

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

On Mon, 28 Apr 2014 23:01:58 -0700, Manoj Srivastava wrote: > Felipe Sateler >csound (U) >pulseaudio (U) On both I'm getting this: dpkg-buildpackage: warning: debian/rules must be updated to support the 'build-arch' and 'build-indep' targets (at least 'build-arch' seems to be missing

Re: goals for hardening Debian: ideas and help wanted

* Thorsten Glaser , 2014-04-29, 15:35: A wide misconception. Chroots are easily implemented and add security almost for free (often /dev/log is all that is needed) and so can be used by default without any potential problems, they also never bring new risks and always make life difficult for an

Re: Gcc and undefined behavior

On Mon, Apr 28, 2014 at 16:45:56 +, Thorsten Glaser wrote: > Shachar Shemesh debian.org> writes: > > > the changes there is a runtime check for undefined behavior. Just > > compile with -fsanitize=undefined, and your program will crash with > > log if it performs an operation that

Re: goals for hardening Debian: ideas and help wanted

Marko Randjelovic writes: > I added this: > "Debian policy should require that in every source package all security > packages should be clearly marked as such in standard and easily > parsable way with optional further references." I don't agree with this statement. I think there are far more

Re: goals for hardening Debian: ideas and help wanted

previously on this list Thorsten Glaser contributed: > > A wide misconception. Chroots are easily implemented and add security > > almost for free (often /dev/log is all that is needed) and so can be > > used by default without any potential problems, they also never bring > > new risks and always

Re: goals for hardening Debian: ideas and help wanted

On Tue, 29 Apr 2014 11:52:14 + Patrick Schleizer wrote: > Marko Randjelovic: > > I was thinking about some kind > > of wizard: > > > > - create a chroot if doesn't already exist > > - create a launcher for your DE > > - create a shell script to run a program from terminal or a simple WM > >

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

On Mon, Apr 28, 2014 at 23:01:58 -0700, Manoj Srivastava wrote: > Debian X Strike Force >xserver-xorg-video-vmware > I've split the rule in http://anonscm.debian.org/gitweb/?p=pkg-xorg/driver/xserver-xorg-video-vmware.git;a=commitdiff;h=f9208ee13d7ecb6efac784514897c824c65e9365 Hopefully that

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

Manoj Srivastava writes: > Russ Allbery >krb5 (U) Missing build dependency on Python, unrelated to make. I'll file a bug to make sure this gets fixed. -- Russ Allbery (r...@debian.org) -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.

Re: goals for hardening Debian: ideas and help wanted

previously on this list Thorsten Glaser contributed: > > "Debian policy should require that in every source package all security > > packages should be clearly marked as such in standard and easily parsable > > way with optional further references." > > Veto because the security impact of bugs

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

On Mon, Apr 28, 2014 at 11:01:58PM -0700, Manoj Srivastava wrote: > Kari Pahula >gecode That one failed due to missing Build-Depends-Indep and the build attempted to call debian/rules build-indep. I don't think that make 4.0 had anything to do with that failure. -- To UNSUBSCRIBE, email t

Re: goals for hardening Debian: ideas and help wanted

Kevin Chadwick yahoo.co.uk> writes: > > > > > Security and chroots aren't things I would associate, you need better. > > A wide misconception. Chroots are easily implemented and add security > almost for free (often /dev/log is all that is needed) and so can be > used by default without any pote

Re: ProposalL /usr/bin/open as an alternative for xdg-open and run-mailcap.

Tollef Fog Heen err.no> writes: > > “openvt” is used to start a program on a new virtual terminal, and according to > > its manual page, it has been renamed from “open” at the end of the XXth > > century. The changelog of the kbd package confirms the impression that it > > has been phased out ef

Re: goals for hardening Debian: ideas and help wanted

Marko Randjelovic eunet.rs> writes: > On Tue, 29 Apr 2014 11:35:26 +0800 > Paul Wise debian.org> wrote: > > On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: > > > > > - security patches should be clearly marked as such in every *.patch > > > file > > > > That sounds like a good idea,

Re: New Cinnamon Maintainer, looking for help

On Tue, Apr 29, 2014 at 10:46:25AM +0200, Maximiliano Curia wrote: > ¡Hola Jonathan! > > El 2014-04-28 a las 16:13 +0100, Jonathan Dowland escribió: > > The current package is maintained in git already at > > . I haven't > > checked bu

Re: ProposalL /usr/bin/open as an alternative for xdg-open and run-mailcap.

]] Charles Plessy > Hello kbd maintainers, xdg-utils maintainers and everybody, > > The “kbd” package ships a symbolic link from /bin/open to /bin/openvt. > > “openvt” is used to start a program on a new virtual terminal, and according > to > its manual page, it has been renamed from “open” at

Re: Gcc and undefined behavior

previously on this list Vincent Lefevre contributed: > > Plus, crashing in a screensaver is bad :D > > The sanitizers should be used only for testing / debugging, or > possibly for critical applications where it may be better to crash > (in a controlled way) than behave erratically with possibl

Re: goals for hardening Debian: ideas and help wanted

On Tue, 29 Apr 2014 00:20:05 + Jacob Appelbaum wrote: > > > > Tor provides privacy and more likely lowers security so which threat > > against contributors or contributor actions is the Tor policy aimed to > > protect? > > I'm confused, what? How does Tor lower security and at the same time

Re: Hardened OpenSSL fork

previously on this list Thomas Goirand contributed: > > OpenBSD developers are extensively cleaning up OpenSSL 1.0.1g > > I'm not so sure if "cleaning-up" really means removing 90k lines of code > without extensive checks. I'd very much prefer some unit tests added to > the current code base, o

Re: goals for hardening Debian: ideas and help wanted

previously on this list people contributed: > > - easy create and run programs from chroot and alternate users > > Could you detail what you mean by this? It sounds like you want either > virtual machines or something like docker.io: > > https://packages.debian.org/sid/docker.io > > > > > > h

Re: goals for hardening Debian: ideas and help wanted

* Jacob Appelbaum , 2014-04-29, 00:20: On 4/25/14, Kevin Chadwick wrote: Tor provides privacy and more likely lowers security so which threat against contributors or contributor actions is the Tor policy aimed to protect? I'm confused, what? How does Tor lower security and at the same time,

Bug#746355: ITP: ruby-awesome-nested-set -- awesome nested set implementation for Active Record

Package: wnpp Severity: wishlist Owner: "Ondřej Surý" -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 * Package name: ruby-awesome-nested-set Version : 2.1.6 Upstream Author : Collective Idea * URL : https://rubygems.org/gems/awesome_nested_set * License : MIT

Re: concurrent installation of different pkg versions

On 28/04/14 21:16, Jonas Smedegaard wrote: > Quoting Daniel Pocock (2014-04-28 20:10:09) >> On 28/04/14 18:59, Gunnar Wolf wrote: >>> Paul Wise dijo [Sat, Apr 26, 2014 at 11:41:17AM +0800]: > a generalized approach is needed. Multiple versions of a package seems undesirable to me, for the

Re: goals for hardening Debian: ideas and help wanted

On Tue, Apr 29, 2014 at 4:22 PM, Marko Randjelovic wrote: > Cencerely, I never heard about Docker before, I didn't mean > about VMs and I meant about chrooting. I was thinking about some kind > of wizard: > > - create a chroot if doesn't already exist > - create a launcher for your DE > - create a

Re: Hardened OpenSSL fork

On 04/21/2014 02:07 AM, Steven Chamberlain wrote: > OpenBSD developers are extensively cleaning up OpenSSL 1.0.1g I'm not so sure if "cleaning-up" really means removing 90k lines of code without extensive checks. I'd very much prefer some unit tests added to the current code base, or a *long* audi

Bug#746343: ITP: aptly -- Manage package repositories

Package: wnpp Severity: wishlist Owner: Sebastien Delafond * Package name: aptly Version : 0.5 Upstream Author : Andrey Smirnov * URL : http://www.aptly.info * License : MIT Programming Lang: Go Description : Manage package repositories Aptly is a swis

Re: New Cinnamon Maintainer, looking for help

¡Hola Jonathan! El 2014-04-28 a las 16:13 +0100, Jonathan Dowland escribió: > The current package is maintained in git already at > . I haven't > checked but in an ideal world your repository would be a clone of this, to > make > even

Re: goals for hardening Debian: ideas and help wanted

On Tue, 29 Apr 2014 11:35:26 +0800 Paul Wise wrote: > On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: > > > - security patches should be clearly marked as such in every *.patch > > file > > That sounds like a good idea, could you add it to the wiki page? I added this: "Debian poli

ProposalL /usr/bin/open as an alternative for xdg-open and run-mailcap.

Hello kbd maintainers, xdg-utils maintainers and everybody, The “kbd” package ships a symbolic link from /bin/open to /bin/openvt. “openvt” is used to start a program on a new virtual terminal, and according to its manual page, it has been renamed from “open” at the end of the XXth century. The

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

On 29/04/14 08:01, Manoj Srivastava wrote: > Debian GNOME Maintainers >libgksu (U) make[1]: Entering directory '/«PKGBUILDDIR»' Makefile:733: *** missing separator (did you mean TAB instead of 8 spaces?). Stop. That's a problem in libgksu using spaces rather than tabs in ./Makefile.am. Pre

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

Hi, Am Montag, den 28.04.2014, 23:01 -0700 schrieb Manoj Srivastava: > Debian Haskell Group >haskell-tasty-golden >haskell-terminal-progress-bar related to dependencies on the systems locale, it seems. Not related to make. Greetings, Joachim -- Joachim "nomeata" Breitner Debian Develo