Re: [Summary]: Supporting alternative zlib implementations

On 2024-11-25 22:03:32 [+0100], To debian-devel@lists.debian.org wrote: > On 2024-11-24 21:36:25 [+0100], To debian-devel@lists.debian.org wrote: > … > > I've been looking at cdebootstrap. It is one of the failing. This > happens in the rules files: > | ( echo -n "misc:Built-Using="; dpkg-query -

Re: [Summary]: Supporting alternative zlib implementations

On 2024-11-24 21:36:25 [+0100], To debian-devel@lists.debian.org wrote: … I've been looking at cdebootstrap. It is one of the failing. This happens in the rules files: | ( echo -n "misc:Built-Using="; dpkg-query -f='${source:Package} (= | ${source:Version}), ' -W libc6-dev libdebian-installer4-de

Re: [Summary]: Supporting alternative zlib implementations

On 2024-11-23 00:05:48 [+0100], To debian-devel@lists.debian.org wrote: > On 2024-11-22 12:29:51 [+0100], Guillem Jover wrote: > > Hi! > Hi, Hi, > > WIP package at . > > just built that. … One thing I didn't debug and it might be expecte

Re: [Summary]: Supporting alternative zlib implementations

On 2024-11-22 12:29:51 [+0100], Guillem Jover wrote: > Hi! Hi, … > WIP package at . just built that. … > * To consider a switch we'd need to do a mass rebuild of the > archive. Ideally running autopkgtests and similar to exercise th

Re: Supporting alternative zlib implementations

On 2024-09-26 01:35:45 [+0200], Fay Stegerman wrote: > For example, ZIP files or Android APKs built on a Debian system will have a > different compressed stream, like the test files you mention. Which will > likely > break Reproducible Builds tooling like apksigcopier [1] and > reproducible-apk-t

Re: Should OpenSSL/ libssl3 depend on brotli?

On 2024-09-07 01:25:29 [+0200], Guillem Jover wrote: > Hi! Hi Guillem, > Perhaps an alternative option would be to switch coreutils to use > libmd instead of libcrypto? It seems to contain all the needed algos > that are currently used by coreutils, and it is already part of the > pseudo-essential

Should OpenSSL/ libssl3 depend on brotli?

Hi, Is it okay for libssl3 do depend on libbrotli? It would increase minimal installs by ~900KiB on amd64. tl;dr coreutils build-depends on libssl-dev which makes libssl essential. libssl already supports compression via libz and zstd. Both libraries are already pulled in by dpkg so letting libss

Re: 64-bit time_t transition in progress

On 2024-02-02 08:43:52 [-0800], Steve Langasek wrote: > Hello, Hi, > debian-devel-announce wouldn't let me attach the file, but for those on > debian-devel at least, you can find the dd-list of to-be-NMUed source > packages attached. OpenSSL is on the list. I did not see a NMU bug report. Was the

Re: 64-bit time_t transition in progress

On 2024-02-02 10:12:18 [-0800], Steve Langasek wrote: > Sorry, I mean to add: in the specific case of clamav, the source in > experimental has a new soname. So the patch will definitely not apply; and > we will want to NMU clamav to unstable, with a rename of whatever runtime > library package is

Re: OpenSSL 3.0 - Apache 2.0 vs GPL 2 (Re: Bug#995636: transition: openssl)

On 2021-10-05 20:03:49 [+0200], Michael Biebl wrote: > Hi Kurt, hi Luca, hi everyone, Hi Michael, > That said, I'm not a lawyer and reading license texts hurts my brain. > So my goal is is mainly to raise awareness of this issue and seek input from > the community. GPL code which linked against O

Re: @debian.org mail

On 2019-06-03 11:37:39 [-0400], Sam Hartman wrote: > I'd much rather pay money and allow members who do want to use their own > infrastructure to do so rather than set up an SPF record and force > everyone to go through the debian mxes. With my kernel.org address I get mail forwarding and a SMTP s

Re: FYI/RFC: early-rng-init-tools

On 2019-02-24 19:52:59 [+], Thorsten Glaser wrote: > tl;dr: it adds entropy during initramfs/as early as possible during > boot *and* tells the kernel it did so, to make its crng initialised, > and ensures a subsequent boot has a different seed, also updated > periodically and on shutdown for a

Re: libnode *might* need abi bump related to openssl 1.1.1 api break... or not...

On 2019-02-18 11:08:30 [+0100], Jérémy Lal wrote: > hi ! Hi, > It happens that that api breakage has been reverted and is merged in > openssl 1.1.1 stable branch: > https://github.com/openssl/openssl/commit/37857e9b5258da148e5d3699b6acdf8787417eb2 > > If openssl releases this and the release goes

Re: Can aolserver4 be considered superseded and removed?

On 2018-07-19 21:11:01 [+0200], To Héctor Romojaro Gómez wrote: > On 2018-07-19 13:52:04 [+0200], Francesco P. Lovergine wrote: > > > > I am currious now if I am allowed to reassing [2] over to > > > > ftp.debian.org > > > > for the removal. > > > > > > Fine for me, let's wait for Frankie's opinio

Re: Can aolserver4 be considered superseded and removed?

On 2018-07-19 13:52:04 [+0200], Francesco P. Lovergine wrote: > > > I am currious now if I am allowed to reassing [2] over to > > > ftp.debian.org > > > for the removal. > > > > Fine for me, let's wait for Frankie's opinion. > > I would propose a replace roadmap for people using aolserver4 (in bo

Re: Can aolserver4 be considered superseded and removed?

On 2018-02-27 18:34:13 [+0100], Héctor Romojaro Gómez wrote: > El mar, 27-02-2018 a las 17:36 +0100, Francesco P. Lovergine escribió: > > [...] > > > > I would suggest to provide a migration package for AOLserver users > > with a NEWS document about possible issues due to known problems. > > Agre

Re: GCC and binutils updates for buster

On 2018-07-16 17:59:28 [+0200], Matthias Klose wrote: > architectures. Some notes on other candidates for release architectures: > > - armel: The armv4t default isn't used very much anymore, and we had >issues in the past. Would things get better with armv5te as default or is the lack of FP

Re: Status of wvstreams

I'm forwarding this to d-devel@ to reach a broader audience since my initial email received no feedback. Hi, wvstreams has a RC bug due to the openssl transition. There seems not to be any upstream activity, the last commit on github was from 2011. It has one reverse dependency which is wvdial. w

Re: Planning the removal of c_rehash | mass bug filling

On 2018-04-25 15:44:33 [-0700], Brian Murray wrote: > I thought it was worth mentioning that the behavior of 'openssl rehash' > when encountering a duplicate certificate was to return 1 while > 'c_rehash' would return 0. I say was because I filed an upstream bug[1] > about it which was resolved. >

Re: Planning the removal of c_rehash | mass bug filling

On 2018-04-09 15:55:14 [-0500], Michael Shuler wrote: > It was purely a conservative duplication of existing symlinks. I can > drop the old md5 symlinks, if there's a consensus that they are no > longer needed in unstable. Based on my research I think you can drop the old links since they were on

Re: Planning the removal of c_rehash | mass bug filling

On 2018-04-06 10:05:35 [-0500], Michael Shuler wrote: > If you could go ahead and file this bug for ca-certificates, I'd like to > include the bug number in the changelog for this commit on the next > upload, which should be soon. > > https://salsa.debian.org/debian/ca-certificates/commit/1bc87e0b

Planning the removal of c_rehash | mass bug filling

Hi, the openssl package provides the c_rehash script which creates the links from .Y to the actual certificate in /etc/ssl/certs/. During the transition from 0.9.8 to 1.0.0 the hash (for the X part) changed from md5 to sha1. Since that transition in Debian the c_rehash script provides both

Re: Spam targeting nnn-done@bugs.d.o

On 2018-02-25 09:32:32 [-0800], Don Armstrong wrote: > On Sun, 25 Feb 2018, Sebastian Andrzej Siewior wrote: > > Would it work to rescrict the done/close-@ even more? Like to > > pgp-signed messages only? I'm not asking for a valid DD signatures or > > so - just any si

Can aolserver4 be considered superseded and removed?

Hi Francesco, I stumbled upon aolserver4 because aolserver4-nsopenssl is bot building against openssl 1.1 and the former is the only user. The first upload of aolserver4 4.5.1 was in 2009. I assume that this was the last release of the server by upstream. The homepage referenced in the package pro

Re: Spam targeting nnn-done@bugs.d.o

On 2018-02-21 10:53:49 [-0800], Don Armstrong wrote: > We basically already do this with our ZIPFILE, MSWORD, and ZIPCOMPRESSED > rules: > > https://salsa.debian.org/debbugs-team/antispam/spamassassin_config/blob/master/common/virus_spam#L115 > > Speaking on behalf of owner@, we're always looking

Re: Bug#754513: RFP: libressl -- SSL library, forked from OpenSSL

On 2017-10-17 11:51:19 [+0100], Colin Watson wrote: > > I didn't even figure out if they want to alter their code or not. > > > https://lists.mindrot.org/pipermail/openssh-unix-dev/2017-October/036370.html let me check. > I don't see any benefit in conducting a discussion in which we assume >

Re: Bug#754513: RFP: libressl -- SSL library, forked from OpenSSL

On 2017-10-16 17:29:09 [+0100], Colin Watson wrote: > [I won't quote everything, but people replying to this should probably > read the bug log in the BTS first.] It was a lot to read and "they" stumbled over details. > While there does exist a skeletal compatibility layer linked from the > upstr

Re: [Pkg-ace-devel] Status of the ACE package | Is the ACE team still active ?

I dropped Marek from Cc because the email delivery times out. On 2017-09-01 13:41:18 [+0200], Thomas Girard wrote: > hello, Hi, > I don't have much time for ACE packaging and I don't use it anymore. I should > probably remove myself from uploaders. Okay. > Are you willing to step in? no, not r

Status of the ACE package | Is the ACE team still active ?

Hi, I am trying to figure out if someone knows about the whereabouts of the Debian ACE packaging team. Johnny Willemsen contacted me because he had problems to get in touch with the ACE team[0]. He is part of the upstream team and is interested in getting the package in shape again. It currently s

Re: Evaluation (Re: Proposal: A new approach to differential debs)

On 2017-08-16 00:21:09 [+0200], Julian Andres Klode wrote: > libreoffice-core (size only): > > -rw-r--r-- 1 jak jak 29M Jul 22 20:02 libreoffice-core_5.3.5~rc1-3_amd64.deb > -rw-r--r-- 1 jak jak 31M Jul 16 00:10 libreoffice-core_5.4.0~rc2-1_amd64.deb > -rw-r--r-- 1 jak jak 31M Jul 28 18:29 l

Re: OpenSSL disables TLS 1.0 and 1.1

On 2017-08-07 09:59:20 [+0200], Leon Klingele wrote: > Does this also apply for libssl? Yes, libssl1.1 and all its users to be exact. libssl1.0 does not have this change but we plan to have it removed for Buster. Sebastian

Re: installing kernel debug symbols on stretch?

On 2017-01-14 11:06:51 [+0100], Daniel Pocock wrote: … > deb http://debug.mirrors.debian.org/debian-debug/ stretch-debug main > non-free contrib not that this changes anything, but I assumed that deb http://deb.debian.org/debian-debug stretch-debug main was the way to use for stretch+. But

Re: Feedback on 3.0 source format problems

On 2017-01-03 16:58:21 [+], Ian Jackson wrote: > Looked at another way, it is trying to be a version control system, > layered on top of the Debian archive. But it is only about a quarter > of a VCS. There are no formal interfaces to do proper VCS operations. > If there is a formal interface,

Re: testing OpenSSL 1.1.0 on jessie

On 2016-11-18 15:53:20 [+0100], Daniel Pocock wrote: > Is this correct? I have thrown it on sbuild with a Jessie environment and I got more header files. There is a build log [0] around and this directory cointains also the resulting .deb files. [0] https://breakpoint.cc/openssl-110c-rebuild-for-

Re: OpenSSL 1.1.0

On 2016-11-16 12:26:55 [+], Ian Jackson wrote: > If we decide to wind back the transition and the openssl maintainers > continue not to be available (within the short timeframes required), > we have a lot of people who could competently prepare an NMU. NMU openssl back to 1.0.2 or its rdeps to

Re: OpenSSL 1.1.0

On 2016-11-16 19:49:44 [+0200], Adrian Bunk wrote: > The problem are not specific bugs, the problem is the whole size of the > problem: > > 1. Sorting out what packages have to stay at 1.0.2 > The majority of OpenSSL-using packages in stretch might end up > using 1.0.2 - sorting this out is part

Re: OpenSSL 1.1.0

On 2016-11-15 00:16:14 [+0200], Adrian Bunk wrote: > And since 80% of all OpenSSL-using packages in unstable are still > using libssl1.0.2 (binNMUs have not yet happened), all runtime > issues observed so far are only the tip of the iceberg. > Bugs like "With Kurt's patch, apache2 crashes on startu

Re: OpenSSL 1.1.0 / transition process

On 2016-11-15 17:42:59 [+0100], Daniel Pocock wrote: > Would the OpenSSL maintainers and/or release managers consider making a > wiki page about the transition with the most common questions about it, > similar to the upstream wiki but with a Debian focus? I started one at https://wiki.deb

missing -dbgsym packages on uploads by maintainer(s)

there are a bunch of package which were missing -dbgsym packages on their arch upload. The buildd built them on the remaining architectures. Here are a few examples: - missing on amd64: aptly, meep, xdelta3 - missing on i386: chasen, cronutils, maildrop my understanding is that those are built and

Re: OpenSSL 1.1.0

On 2016-11-02 14:02:52 [-0300], Lisandro Damián Nicanor Pérez Meyer wrote: > Today we the Qt/KDE team were hit but this same thing in the middle of our > transition: libpq-dev pulls in libssl-dev which makes Qt5 FTBFS. https://anonscm.debian.org/cgit/pkg-postgresql/postgresql.git/commit/?id=8b539f

Re: OpenSSL 1.1.0

On 2016-11-02 11:16:18 [+0100], Ondřej Surý wrote: > On Tue, Nov 1, 2016, at 23:49, Kurt Roeckx wrote: > > All the filed bugs already contain a link to the porting guide. > > Is this https://wiki.openssl.org/index.php/1.1_API_Changes a migration > guide? > This is a very *poor* migration guide and

Newer version of xz-utils for Stretch / NMU a wishlist bug

Hi, we have xz-utils 5.1.1alpha+20120614 since Wheezy. Upstream ist at 5.2.2 right now. There is a wishlist bug #731634 [0] asking for something newer. By the end of JAN I prepared a 5.2.2 package and pointed Jonathan to it and from his response he liked it. Now. A few people pinged about an uploa

Re: openssl 1.1.0

On 2016-08-23 20:47:08 [+0200], Jörg Frings-Fürst wrote: > please can someone give me a short summary for the openssl transition. > > I see a short discussion at 2016-06 here, but not with a clear > procedure. 1.1.0 has been released and has been uploaded to experimental. I plan to rebuild build-

Re: LFS status, and enabling it opportunistically on next SONAME bump

On 2015-07-25 05:54:49 [+0200], Guillem Jover wrote: > Hi! Hi Guillem, > > As for the severity: Surely, it could be bumped, but given it is not a > > tag people can always trivially fix (possibly breaking ABI is not my > > definition of "trivial"), I am not necessarily convince it is in our > > be

Re: LFS status, and enabling it opportunistically on next SONAME bump

On Sun, Jul 12, 2015 at 07:37:23PM +0200, Guillem Jover wrote: > Hi! Hi, > Our Large File Support on some 32-bit architectures is a bit poor, and > this has been going on for a while now: > > That tag has severity min

Re: jessie for x32

On 2015-02-23 14:20:09 [+0100], Rene Engelhard wrote: > > But I'd be surprised if it worked even then, you did pot the brigdes > (containing > asm) to apply to x32s ABI and calling conventions, didn't you? > > See http://cgit.freedesktop.org/libreoffice/core/tree/bridges/source/cpp_uno using li

Automatic restart of services after a library upgrade

Lets say there is a daemon / service D which is using library L. Both are in separate packages. Security updates are handled via unattended-upgrades. Now lets assume that unattended-upgrades upgrades L. After that upgrade it does not restart D which means D remains vulnerable until the box restarts

Bug#775867: ITP: libtomsfastmath -- Fast multiple-precision integer library.

Package: wnpp Owner: Sebastian Andrzej Siewior Severity: wishlist * Package name: libtomsfastmath0 Version : 0.12 Upstream Author : Tom St Denis * URL : http://www.libtom.net/?page=features&newsitems=5&whatfile=tfm * License : Public Domain Programm

Re: Possible abuse of dpkg-deb -z9 for xz compressed binary packages

On 2014-09-25 22:23:19 [+0800], Thomas Goirand wrote: > On 09/25/2014 06:02 PM, Wouter Verhelst wrote: > As wrote by others earlier, that's the amount of memory needed for > compression. 65 MB of RAM is needed for decompression. That's nothing!!! just imagine you have one of the recent smaller box

Re: Possible abuse of dpkg-deb -z9 for xz compressed binary packages

On 2014-09-02 14:08:57 [+0900], Changwoo Ryu wrote: > "dh_builddeb -- -Zxz -Sextreme -z9" has been introduced to the > pkg-font team when dpkg-deb default is not xz. > > In my quick experiments with some font packages, "-Sextream -z9" > option still gives ~4% smaller size than the default. IMO th

Re: /usr/share/info/dir.gz if install-info is installed

* Ian Jackson | 2010-09-15 11:56:49 [+0100]: >Julien Cristau wrote: >> I'd say they're serious bugs if packages in the archive suffer from >> the misbuild, and normal ones if not. > >I agree. Okay. In that case I open this weekend bugs against the packages I identified [0] with severity serious

Re: /usr/share/info/dir.gz if install-info is installed

* Bernhard R. Link | 2010-09-15 17:05:05 [+0200]: >Or is there no lintian >run for buildd (i.e. unsourcefull) uploads yet? [0] says "Those automated rejects will only be done on sourceful uploads to unstable and experimental." So I would say no, there isn't. [0] http://ftp-master.debian.org/#r

Re: /usr/share/info/dir.gz if install-info is installed

* Peter Samuelson | 2010-09-14 16:19:54 [-0500]: > >[Sebastian Andrzej Siewior] >> Sounds reasonable. However sometimes package maintainer argueue that the >> policy says "clean build environment" and having package X intalled is >> no longer clean (thus I

Re: /usr/share/info/dir.gz if install-info is installed

* Cyril Brulebois | 2010-09-14 12:53:20 [+0200]: >Sebastian Andrzej Siewior (14/09/2010): >> > packages really ought to build if that package is installed??? >> This is true. However you can't install two packages containing this >> file. > >Sorry, I sh

Re: /usr/share/info/dir.gz if install-info is installed

* Cyril Brulebois | 2010-09-14 12:10:01 [+0200]: >Hi, Hi, >Sebastian Andrzej Siewior (14/09/2010): >> So this is to let you know, to remove this package in order to avoid >> further problems :) > >packages really ought to build if that package is installed??? This is

Re: /usr/share/info/dir.gz if install-info is installed

* Aurelien Jarno | 2010-09-14 11:59:51 [+0200]: >install-info is not present on the kfreebsd-i386 buildds, though it is >not possible that it was installed at some point. Maybe it got removed in the meantime. If you look at [0] you see dir.gz. If you look at build log from himalia1[1] and grep fo

/usr/share/info/dir.gz if install-info is installed

Hello, I just built docbook2x and gettext and both contained the file mentioned in subject. install-info created dir which got gzip later in the build process. The strance thing is the almost none of the buildds ship this file. According to [0] only s390(lxdebian) ships this file in gettext and qi

Re: Removal of not+kfreebsd and linux-gnu dependency, bugs already filled

* Julien Cristau | 2010-07-02 16:20:24 [+0100]: >> This started as Kyle (Cc) filled #585767 because some packages failed to >> build on powerpcspe (not official, in debian-ports atm). The gnu >> triplet there is powerpc-linux-gnuspe so type-handling provides >> not+linux-gnu. This is also the case

Removal of not+kfreebsd and linux-gnu dependency, bugs already filled

Hi, first of all, I'm really sorry for filling 23 bugs without discussing this here. This started as Kyle (Cc) filled #585767 because some packages failed to build on powerpcspe (not official, in debian-ports atm). The gnu triplet there is powerpc-linux-gnuspe so type-handling provides not+linux-g