On Sun, Jun 09, 2013 at 07:20:16PM +0200, Michael Banck wrote:
> > Is there any policy within Debian about such matters, particularly for
> > packages that are a default part of the distribution? Is it too late to
> > remove this popup from wheezy?
>
> I think the best approach would be sudo and
On Fri, 7 Jun 2013 17:07:09 +0200, Bastien ROUCARIES wrote:
> Le 7 juin 2013 09:28, "Atsuhito Kohda" a
> écrit :
>>
>> Yes, but it looks to me there is not practical information.
>
> Did you see the wiki?
Sorry for late reply.
If you mean
http://lintian.debian.org/tags/font-adobe-copyrighted-fr
Michael Banck writes:
>> I think the best approach would be sudo and requesting the user for
>> their own password - and probably be more informative about why the
>> password is needed or what is being installed.
>
> By the way, this seems to be the case for my wheezy installation,
> however, I a
On 2013-06-10 09:29, Atsuhito Kohda wrote:
> On Fri, 7 Jun 2013 17:07:09 +0200, Bastien ROUCARIES wrote:
>
>> Le 7 juin 2013 09:28, "Atsuhito Kohda" a
>> écrit :
>>>
>>> Yes, but it looks to me there is not practical information.
>>
>> Did you see the wiki?
>
> Sorry for late reply.
> If you mea
On 08-06-13 00:33, Manuel A. Fernandez Montecelo wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Debian SDL packages maintainers
>
>
> * Package name: libsdl2-mixer
> Version : 2.0.0~rc1
> Upstream Author : Sam Lantinga
> * URL : http://www.libsdl.org/tmp/SDL_mi
Hi Niels,
On Mon, 10 Jun 2013 09:36:07 +0200, Niels Thykier wrote:
> The "wiki" would probably be [1].
Ah, I remembered I've seen it. I forgot to write down its URL.
(But there were long long list of packages in the bottom
when I saw it if I remebered it correctly.)
> As for lintian.d.o being
A few points:
1) if your user is part of sudo group, most of the time gnome will ask for
your user's password instead of root's.
2) Debian is a finite set of software. It provides packages (literally
thousands of them) that are stable, safe and malicious pop-ups free. It
also provides packages ena
On Mon, Jun 10, 2013 at 09:59:22AM +0200, Wouter Verhelst wrote:
> On 08-06-13 00:33, Manuel A. Fernandez Montecelo wrote:
> > * Package name: libsdl2-mixer
>
> Isn't this packaged already? You don't need to file WNPP bugs for SONAME
> bumps...
It's a massive new major release. Think perl5 v
On Sun, Jun 9, 2013 at 2:46 PM, Vincent Bernat wrote:
> ❦ 9 juin 2013 11:45 CEST, Bjørn Mork :
>
> > You do of course not have to agree. This is my personal opinion only.
> > But I believe it is useful to read Jamie Zawinski's view on screensavers
> > and toolkit library dependencies, and try
Le dimanche 26 mai 2013 à 20:02 +0200, Bastien ROUCARIES a écrit :
> Maybe crypto consolidation arround libnss will greatly help here.
> jessie release goal ?
If we consolidate on a crypto library, it would be good for it to use
ca-certificates and not a pre-compiled list of certificates.
--
.
On 10-06-13 10:32, Adam Borowski wrote:
> On Mon, Jun 10, 2013 at 09:59:22AM +0200, Wouter Verhelst wrote:
>> On 08-06-13 00:33, Manuel A. Fernandez Montecelo wrote:
>>> * Package name: libsdl2-mixer
>>
>> Isn't this packaged already? You don't need to file WNPP bugs for SONAME
>> bumps...
>
>
Hi,
Le dimanche 09 juin 2013 à 18:45 +0200, Daniel Pocock a écrit :
> There have been multiple complaints about the new Gnome popup asking for
> the root password
>
> I opened a bug for discussion about the issue, but it was closed by
> another DD (not the maintainer) - [1]. Other users have co
On Mon, Jun 10, 2013 at 11:06:24AM +0200, Wouter Verhelst wrote:
> On 10-06-13 10:32, Adam Borowski wrote:
> > On Mon, Jun 10, 2013 at 09:59:22AM +0200, Wouter Verhelst wrote:
> >> On 08-06-13 00:33, Manuel A. Fernandez Montecelo wrote:
> >>> * Package name: libsdl2-mixer
> >>
> >> Isn't this p
http://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html
On Mon, Jun 10, 2013 at 1:04 AM, Jerome BENOIT wrote:
> Hello List,
>
> I am not so sure what I must understand by `bump the SONAME':
> given that libtool machinery is employed, does is mean that
> `current' must be
On 10/06/13 01:04, Jerome BENOIT wrote:
> Hello List,
>
> I am not so sure what I must understand by `bump the SONAME':
> given that libtool machinery is employed, does is mean that
> `current' must be increased by one ?
You really should read [1] if you're maintaining shared libraries in Debian
On Mon, Jun 10, 2013 at 11:04 AM, Josselin Mouette wrote:
> Le dimanche 26 mai 2013 à 20:02 +0200, Bastien ROUCARIES a écrit :
>> Maybe crypto consolidation arround libnss will greatly help here.
>> jessie release goal ?
>
> If we consolidate on a crypto library, it would be good for it to use
> c
Le lundi 10 juin 2013 à 11:47 +0200, Bastien ROUCARIES a écrit :
> On Mon, Jun 10, 2013 at 11:04 AM, Josselin Mouette wrote:
> > Le dimanche 26 mai 2013 à 20:02 +0200, Bastien ROUCARIES a écrit :
> >> Maybe crypto consolidation arround libnss will greatly help here.
> >> jessie release goal ?
> >
We'll need binaries for sdl 1 and 2 coexisting from two different source
packages I believe.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/0d0aca7b-918f-4ba1-80e1-f1f
Le 2013-06-10 10:18, Ondřej Surý a écrit :
systemd does not rely on a toolkit. So, most of the arguments
listed by
Jamie do not hold. I suppose that you are mostly worried by libdbus
since other libraries are already used in other critical
daemons.
Personally I would be more worried about libp
I reported a bug involving private data disclosure, more precisely,
on some network, when printing a file with CUPS 1.6, the file is
printed on a wrong printer[*]. The bug severity was downgraded to
important (i.e. non-RC), despite the obvious security problem. The
given reason was that this kind o
On 10/06/13 10:21, Alexey Serikov wrote:
> A few points:
>
> 1) if your user is part of sudo group, most of the time gnome will ask
> for your user's password instead of root's.
> 2) Debian is a finite set of software. It provides packages (literally
> thousands of them) that are stable, safe and m
On Mon, Jun 10, 2013 at 05:12:22PM +0800, Chow Loong Jin wrote:
> > >>> * Package name: libsdl2-mixer
> > >>
> > >> Isn't this packaged already? You don't need to file WNPP bugs for SONAME
> > >> bumps...
> > >
> > > It's a massive new major release. Think perl5 vs perl6.
> >
> > The point i
On 10/06/13 12:34, Daniel Pocock wrote:
> a) a web site displaying a "PolicyKit" popup that resembles the wording
> of the Debian popup
GNOME Shell does mitigate this by using a distinctive UI for
"system-modal dialogs", which makes use of the fact that the Shell is
the window compositor in order
Hello sir/ Ma'm
I'm Shivam Pandya, and study in my last year, I want to develop a OS in my
final year project, I found debian from wiki, Can you help me out from
this. can you please guide me that how could I develop (re distribute) my
own one, what steps needed if I use Windows.?
--
*Thanks &
On Mon, Jun 10, 2013 at 11:41:12AM +0200, Emilio Pozuelo Monfort wrote:
> You really should read [1] if you're maintaining shared libraries in Debian
> (it's a bit outdated but most things are still relevant). [2] is also a good
> read, specially if you're doing upstream development, patching the l
On 10/06/13 14:12, Simon McVittie wrote:
> On 10/06/13 12:34, Daniel Pocock wrote:
>> a) a web site displaying a "PolicyKit" popup that resembles the wording
>> of the Debian popup
> GNOME Shell does mitigate this by using a distinctive UI for
> "system-modal dialogs", which makes use of the fact t
Daniel Pocock wrote:
> It was also demonstrated with Windows 7 that users could be tricked by
> web sites that simply dimmed the background of the browser window - so
> it is not a perfect solution and I would personally prefer to see users
> referred to initiate "su" or "sudo" on their own.
Initi
On Mon, Jun 10, 2013 at 1:15 PM, Vincent Lefevre wrote:
> I reported a bug involving private data disclosure, more precisely,
> on some network, when printing a file with CUPS 1.6, the file is
> printed on a wrong printer[*]. The bug severity was downgraded to
> important (i.e. non-RC), despite th
On 10/06/13 13:54, Daniel Pocock wrote:
> That screenshot appears to be Gnome 3. I log in with Gnome Classic so
> maybe I'm experiencing something different.
I did say "GNOME Shell". The "fallback" GNOME 3.4 session (which might
well be called "Classic" in the UI in wheezy) doesn't use Shell, so
It's amazing how much simpler Debian life becomes if one simply ignores
bug severities entirely. Of course harder to do nearer to release, but
we live in a time of relative luxury right now…
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Troubl
On Mon, Jun 10, 2013 at 03:05:05PM +0100, Jonathan Dowland wrote:
> It's amazing how much simpler Debian life becomes if one simply ignores
> bug severities entirely.
Life for the maintainer or for the user?
--
WBR, wRAR
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a
(I have CC'd cups-client@packages.)
Vincent Lefevre writes ("Bug severity and private data disclosure"):
> I reported a bug involving private data disclosure, more precisely,
> on some network, when printing a file with CUPS 1.6, the file is
> printed on a wrong printer[*]. The bug severity was do
Simon McVittie writes ("Re: security policy / root passwords"):
> * splitting privileged actions into an unprivileged GUI and a
> privileged daemon, rather than running the GUI with privileges
> (supported and encouraged by PK, not well-supported by sudo or su)
This gives me anothe
On 2013-06-10 15:05:05 +0100, Jonathan Dowland wrote:
> It's amazing how much simpler Debian life becomes if one simply ignores
> bug severities entirely. Of course harder to do nearer to release, but
> we live in a time of relative luxury right now…
This is important for apt-listbugs, which takes
On 2013-06-10 15:11:26 +0100, Ian Jackson wrote:
> I agree with you that that bug is a potential security vulnerability.
> I think the maintainer adopted an overly-close and legalistic reading
> of the bug severity guidelines. On the other hand I think the
> maintainer makes good points about the
Simon McVittie writes:
> * ability to use system-modal prompting or a secure input path
> (partially done by PK under GNOME Shell, likely to get better
> under Wayland, not supported by sudo or su)
Not relevant to the current discussion but this got me curious: can the
input path
Hi Ian,
Le lundi, 10 juin 2013 16.11:26, Ian Jackson a écrit :
> (I have CC'd cups-client@packages.)
(I'd prefer the discussion to happen on the bug.)
> I'm not sure exactly what consequences you think should have flowed
> from the bug's RC severity. Do you think the release should have been
>
On 10/06/13 15:36, Timo Juhani Lindfors wrote:
> Simon McVittie writes:
>> * ability to use system-modal prompting or a secure input path
>> (partially done by PK under GNOME Shell, likely to get better
>> under Wayland, not supported by sudo or su)
>
> Not relevant to the current
Package: wnpp
Severity: wishlist
Owner: Vasudev Kamath
* Package name: fonts-sarai
Version : 1.0
Upstream Author : IndLinux Team
* URL :
http://indlinux.svn.sourceforge.net/viewvc/indlinux/trunk/fonts/sarai/
* License : GPL-2
Programming Lang: font
Descrip
Vincent Lefevre (10/06/2013):
> I reported a bug involving private data disclosure, more precisely,
> on some network, when printing a file with CUPS 1.6, the file is
> printed on a wrong printer[*]. The bug severity was downgraded to
> important (i.e. non-RC), despite the obvious security problem
On Mon, Jun 10, 2013 at 05:42:55PM +0600, Andrey Rahmatullin wrote:
> On Mon, Jun 10, 2013 at 05:12:22PM +0800, Chow Loong Jin wrote:
> > > >>> * Package name: libsdl2-mixer
> > > >>
> > > >> Isn't this packaged already? You don't need to file WNPP bugs for
> > > >> SONAME
> > > >> bumps...
>
On 2013-06-10 17:16:12 +0200, Cyril Brulebois wrote:
> Since you seem concerned about apt-listbugs, make it support listing
> security bugs (optionally with a given severity threshold, so as to
> ignore minor or normal bug reports tagged security), and there you go.
>
> [ From a quick look at the
On Mon, Jun 10, 2013 at 12:22 PM, Vincent Bernat wrote:
> Le 2013-06-10 10:18, Ondřej Surý a écrit :
>
>
> systemd does not rely on a toolkit. So, most of the arguments
>>> listed by
>>> Jamie do not hold. I suppose that you are mostly worried by libdbus
>>> since other libraries are already use
Helmut Grohne writes ("boot ordering and resolvconf"):
> Why is this assumption problematic?
>
> A number of DNS caches (dnsmasq, pdns-server, pdnsd, and unbound) employ
> a technique to update /etc/resolv.conf with themselves. This updating
> happens after the respective cache is started. Usually
Vincent Lefevre writes ("Re: Bug severity and private data disclosure"):
> Note that this is a regression. Using the testing version (= stable
> currently) is fine w.r.t. this bug.
Oh, I see. In that case I agree with you. Have you asked the release
team ? They are the right people for this esc
On Mon, Jun 10, 2013 at 04:15:27PM +0200, Vincent Lefevre wrote:
> > It's amazing how much simpler Debian life becomes if one simply ignores
> > bug severities entirely. Of course harder to do nearer to release, but
> > we live in a time of relative luxury right now…
>
> This is important for apt-
On Mon, Jun 10, 2013 at 11:17:26PM +0800, Chow Loong Jin wrote:
> > > > >>> * Package name: libsdl2-mixer
> > > > >>
> > > > >> Isn't this packaged already? You don't need to file WNPP bugs for
> > > > >> SONAME
> > > > >> bumps...
> > > > >
> > > > > It's a massive new major release. Think
Thanks all for opinions! From my point of view, this tool will not be
used (hopefully) too often, but sometimes it is really necessary to try
it out before uploading a new source version.
On 06/09/2013 08:44 PM, Kurt Roeckx wrote:
> I have very mixed feelings about this. I do in general think tha
On Mon, 10 Jun 2013, Thomas Goirand wrote:
> On 06/10/2013 03:21 AM, Michael Stapelberg wrote:
> > Thomas Goirand writes:
> >> In this blog post, you tell that it's possible not to use all the
> >> components of systemd. Then, the immediate question that pops to my
> >> mind: what are *your* inten
On Jun 10, 2013 1:28 PM, "Andrey Rahmatullin" wrote:
>
> On Mon, Jun 10, 2013 at 04:15:27PM +0200, Vincent Lefevre wrote:
> > > It's amazing how much simpler Debian life becomes if one simply
ignores
> > > bug severities entirely. Of course harder to do nearer to release, but
> > > we live in a ti
On Mon, Jun 10, 2013 at 02:40:17PM -0400, James McCoy wrote:
> > > > It's amazing how much simpler Debian life becomes if one simply
> ignores
> > > > bug severities entirely. Of course harder to do nearer to release, but
> > > > we live in a time of relative luxury right now…
> > >
> > > This is i
On 10/06/13 16:51, Simon McVittie wrote:
> On 10/06/13 15:36, Timo Juhani Lindfors wrote:
>> Simon McVittie writes:
>>> * ability to use system-modal prompting or a secure input path
>>> (partially done by PK under GNOME Shell, likely to get better
>>> under Wayland, not supporte
No need to CC me here, see Mail-Followup-To.
On Mon, Jun 10, 2013 at 05:36:46PM +0100, Ian Jackson wrote:
> I think this is a somewhat different problem to the one you originally
> state. The real problem here is that resolv.conf is changing and
> programs don't have the means to cope.
Thanks fo
Hi,
On Mon, Jun 10, 2013 at 07:56:24PM +0200, Anton Gladky wrote:
> So, I think the developer should have a set of tools (including gb and
> even "slight" removal commands), which allow him to do the most of
> packaging work without worrying other teams/developers. And, of course,
> those tools sh
On 2013-06-10 23:28:28 +0600, Andrey Rahmatullin wrote:
> On Mon, Jun 10, 2013 at 04:15:27PM +0200, Vincent Lefevre wrote:
> > This is important for apt-listbugs, which takes into account RC bugs by
> > default
> Which too is not ideal: for example, I don't think users should care about
> such RC
Hello,
just like to add that today this "feature" with the popup blocked my gnome
within the suspend procedure, which I did not see but got a hot running laptop
in the bag. When I opened the laptop again I saw the problem and when clicking
on cancel, the laptop finally when to suspend.
I thin
On Mon, Jun 10, 2013 at 08:04:27AM +0800, Chow Loong Jin wrote:
> On Sun, Jun 09, 2013 at 01:06:40PM -0700, Robert Holtzman wrote:
> > [...]
> > In my gross stupidity this seems like a nonissue. How does a popup
> > asking for your root p/w differ from using the CLI, typing "su" and
> > being asked
Hi Daniel,
On Mon, Jun 10, 2013 at 09:24:39PM +0200, Daniel Pocock wrote:
> Every copy of jessie could be distributed with one of the red hoods
> referred to in this article:
>
> http://www.guardian.co.uk/world/2013/jun/09/edward-snowden-nsa-whistleblower-surveillance
>
> I presume it has some k
Am 10.06.2013 11:10, schrieb Josselin Mouette:
> I consider it a bug, and one that we should aim to fix in the first
> wheezy point release.
nod. that said, the first point release is basically done, so this will
have to wait for 7.2
--
Why is it that all of the instruments seeking intelligent
On Mon, Jun 10, 2013 at 10:43:57PM +0200, Philipp Kern wrote:
> Hi,
>
> On Mon, Jun 10, 2013 at 07:56:24PM +0200, Anton Gladky wrote:
> > So, I think the developer should have a set of tools (including gb and
> > even "slight" removal commands), which allow him to do the most of
> > packaging work
On Mon, Jun 10, 2013 at 11:31:07PM +0600, Andrey Rahmatullin wrote:
> On Mon, Jun 10, 2013 at 11:17:26PM +0800, Chow Loong Jin wrote:
> > > > > >>> * Package name: libsdl2-mixer
> > > > > >>
> > > > > >> Isn't this packaged already? You don't need to file WNPP bugs for
> > > > > >> SONAME
> >
On Mon, Jun 10, 2013 at 09:45:35PM +0200, Helmut Grohne wrote:
> [...]
> > A. resolv.conf is a static file which changes only very rarely.
> > Implications:
> > 1. Existing DNS client applications do not need to change.
> > 2. DNS service should always be provided at a fixed address
> >
On 06/11/2013 02:23 AM, Henrique de Moraes Holschuh wrote:
> On Mon, 10 Jun 2013, Thomas Goirand wrote:
>> On 06/10/2013 03:21 AM, Michael Stapelberg wrote:
>>> Thomas Goirand writes:
In this blog post, you tell that it's possible not to use all the
components of systemd. Then, the immed
Package: wnpp
Severity: wishlist
Owner: Nobuhiro Iwamatsu
* Package name: dh-rebar
Version : 0.0.1
Upstream Author : Nobuhiro Iwamatsu
* URL : http://anonscm.debian.org/git/pkg-leofs/dh-rebar.git
* License : MIT/X
Programming Lang: Perl
Description : h
Thomas Goirand wrote:
> On 06/11/2013 02:23 AM, Henrique de Moraes Holschuh wrote:
> > On Mon, 10 Jun 2013, Thomas Goirand wrote:
> >> Then which component would you install, and activate by default? Which
> >> component will you make only installable if the user decides to do it
> >> actively (for
Johareez Special Shop Now! (http://www.johareez.com/)
If you are having trouble viewing this email, click here to view it online.
(http://www.johareez.com/newslettertemplates/434)
To ensure emails are delivered, please add promo_speci...@johareez.com to your
address book.
http://www.johareez.com
]] Thomas Goirand
> If what you say above is right (I have no opinion on that yet, I just
> trust what you say), then this renders the "systemd is modular" argument
> completely useless, because practically, the user wont be able to
> choose. Which is why I was asking specifically Michael about t
67 matches
Mail list logo
