Dear all,
I have recently uploaded glibc 2.19-18+deb8u4 to jessie-proposed-updates
fixing an old security bug in pt_chown, aka CVE-2013-2207 [1]. This bug
has been opened for a lot of time, as the fix which is simply to remove
pt_chown has a tendency to break systems [2]. Indeed not using pt_chown
Sergey, I think it's about time you stop your repeated ad-hominem attacks
against me, and continue this discussion only if you have new technical
arguments to support your case.
--
Ondřej Surý
On 29 Feb 2016 18:27, at 18:27, Sergey B Kirpichev wrote:
>On Mon, Feb 29, 2016 at 06:02:40PM +0
Control: reassign -1 php7.0-dev
Control: unarchive 814271
Control: forcemerge 814271 -1
Control: affects -1 php-geoip
On Mon, 29 Feb 2016, Sergey B Kirpichev wrote:
> On Mon, Feb 29, 2016 at 05:22:19PM +0100, Michael Banck wrote:
> > It pretty clearly says:
> >
> > | serious; is a severe violatio
On 29 February 2016 at 18:26, Sergey B Kirpichev wrote:
> On Mon, Feb 29, 2016 at 06:02:40PM +0100, Andrew Shadura wrote:
>> there are no releases of non-release architectures
>
> AFAIK, there is no defined release archs for stretch yet, so
> "non-release arch" doesn't make sense before freeze.
>
On Mon, Feb 29, 2016 at 06:02:40PM +0100, Andrew Shadura wrote:
> there are no releases of non-release architectures
AFAIK, there is no defined release archs for stretch yet, so
"non-release arch" doesn't make sense before freeze.
But the whole point was not about severity. One maintainer
clearl
Hi d-d,
I feel this one needs to be clarified as it might sound like those
packages were hijacked or something.
On Mon, Feb 29, 2016, at 17:57, Sergey B Kirpichev wrote:
> Yes, _in the package maintainer's_ ... I was package maintainer. Till
> now, so you shouln't worry about my opinions anymor
Thanks Fabian, that make sense, we also having a look at this
eric
-Original Message-
From: Fabian Greffrath [mailto:fab...@debian.org]
Sent: Monday, February 29, 2016 8:46 AM
To: Eric Mittelette
Cc: debian-devel@lists.debian.org
Subject: Re: RE: Debian package on Windows
Hi there,
fo
On 29 February 2016 at 17:57, Sergey B Kirpichev wrote:
> On Mon, Feb 29, 2016 at 05:22:19PM +0100, Michael Banck wrote:
>> It pretty clearly says:
>>
>> | serious; is a severe violation of Debian policy (roughly, it violates
>> | a "must" or "required" directive), or, in the package maintainer's
On Mon, Feb 29, 2016 at 05:22:19PM +0100, Michael Banck wrote:
> It pretty clearly says:
>
> | serious; is a severe violation of Debian policy (roughly, it violates
> | a "must" or "required" directive), or, in the package maintainer's or
> | release manager's opinion, makes the package unsuitable
Hi there,
for my occasional development on Windows I use Msys2 which have Arch's
pacman package management system ported to Windows and even provide a
huge repository of pre-compiled package. It's not APT, but at least a
reasonable packaging system and a bash shell on Windows to begin with.
;)
Be
On Mon, Feb 29, 2016 at 10:42 PM, Ghislain Vaillant wrote:
> Cc: debian-devel@lists.debian.org, pkg-fonts-de...@lists.alioth.debian.org
Please use X-Debbugs-CC instead of CC next time:
https://www.debian.org/Bugs/Reporting#xcc
Apologies for the earlier broken mail.
--
bye,
pabs
https://wiki.
On Mon, Feb 29, 2016 at 10:42 PM, Ghislain Vaillant wrote:
> Cc: debian-devel@lists.debian.org, pkg-fonts-de...@lists.alioth.debian.org
Please use
--
bye,
pabs
https://wiki.debian.org/PaulWise
http://bonedaddy.net/pabs3/
http://wiki.openmoko.org/wiki/User:PaulWise
> On Mon, Feb 29, 2016, at 14:46, Sergey B Kirpichev wrote:
> > On Mon, Feb 29, 2016 at 02:28:08PM +0100, Ondřej Surý wrote:
> > > It's not how important they seem to *me*, but to the release team.
> > > The FTBFS on non-release archs are not "serious"
> >
> > I don't see that here:
> > https://ww
On Mon, Feb 29, 2016 at 03:56:57PM +0100, Ondřej Surý wrote:
> I simply cannot fix
I'm not about requesting a fix from you. Just about accepting that
there is a problem ("We won't hide problems", remember?). But it seems
you know better how to do the work and I'm just in a wrong place
as a co-ma
Sergey,
please, I already have explained to you, that the bug has been fixed in
php7.0-dev version 7.0.3-4 and higher, and there's nothing that can be
done before the kfreebsd-* builds are not stuck at the perl and snmp
transitions there are blocking php7.0 builds.
As you clearly don't belive me,
Package: wnpp
Severity: wishlist
* Package name: elusive-icons
Version : 2.0.0
Upstream Author : The Redux Team
* URL : http://elusiveicons.com/
* License : SIL OFL 1.1, Expat
Programming Lang: Text + CSS
Description : the iconic font and CSS framework
Hi,
Nico Schlömer writes:
> I'd like to play around with the (new) auto dbgsym packages, and for
> starters build Mixxx [1] on launchpad's Xenial environment (featuring
> debhelper 9.20160115ubuntu2). Instead of an auto dbg package, however, I'm
> getting
> ```
> dh_gencontrol debug symbol wrapper
Package: wnpp
Severity: wishlist
Owner: "Víctor Cuadrado Juan"
* Package name: python-jellyfish
Version : 0.5.2
Upstream Author : James Turk
* URL : https://github.com/jamesturk/jellyfish
* License : BSD-2-clause
Programming Lang: C, Python
Description
Hi everyone,
I'd like to play around with the (new) auto dbgsym packages, and for
starters build Mixxx [1] on launchpad's Xenial environment (featuring
debhelper 9.20160115ubuntu2). Instead of an auto dbg package, however, I'm
getting
```
dh_gencontrol debug symbol wrapper: no debian/mixxx-dbgsym,
Your message dated Mon, 29 Feb 2016 09:51:54 +
with message-id <1456739514.3098.91.ca...@decadent.org.uk>
and subject line Re: Bug#816247: general: hardening distro is an afterthought
has caused the Debian Bug report #816247,
regarding general: hardening distro is an afterthought
to be marked a
Richard Jasmin, on Sun 28 Feb 2016 22:42:00 -0600, wrote:
>(With hardened by default config for source builds)
Hardening does break some packages, you can't just go away with forcing
it.
Samuel
Quoting Paul Wise (2016-02-29 04:30:02)
> On Mon, Feb 29, 2016 at 5:05 AM, Antonio Terceiro wrote:
>
>> IMO both in this specific case, and in the general case, the correct
>> technical decision is to track the actual upstream as a proper
>> Javascript package (supporting both browser usage and N
22 matches
Mail list logo
