-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2014-07-29 03:20, Marco d'Itri wrote:
>> if they are not drop in replacements, and it would also be a
>> pain if
>>> higher up packages link-in both ffmpeg & libav and some
>>> clashing symbols are present...
> This is why the new ffmpeg will use
On 29 Jul 2014 16:44, "Wouter Verhelst" wrote:
> No, I don't.
>
> What brian really wants is apache2 or apache2-bin. In the case of
> apache2-bin, he needs an additional dependency on libapache2-mod-wsgi.
>
> Really, it should be
>
> apache2 | libapache2-mod-wsgi, apache2 | apache2-bin
>
> to do s
Andreas Cadhalpun wrote:
> According to the changelog[1], there have been 8 security updates for
> ffmpeg in squeeze.
There would have been more but the code has evolved too much for it to be
feasible to backport the patches. Not to mention that some bugs that are being
fixed are, for example,
Brian May wrote:
>* "apache2-reverse-dependency-calls-invoke-rc.d" - due to legacy fall back
>code that restarts Apache2.2 automatically.
Yeah, I'm overriding this one too.
>* "non-standard-apache2-configuration-name" - due to the fact I need to
>supply different configuration files for apache2.
On 29 July 2014 18:42, Thorsten Glaser wrote:
> No. Use in one shared config file.
> At least that's what I've been told, and what makes sense to me.
>
I wasn't aware of IfVersion. Thanks for the tip.
--
Brian May
Package: wnpp
Owner: Hilko Bengen
Severity: wishlist
* Package name: sslsplit
Version : 0.4.8
Upstream Author : Daniel Roethlisberger
* URL or Web page : http://www.roe.ch/SSLsplit
* License : BSD-2-clause
Description : transparent and scalable SSL/TLS interception
At Tue, 29 Jul 2014 17:29:46 +1000,
Brian May wrote:
>
> On 29 Jul 2014 16:44, "Wouter Verhelst" wrote:
> > No, I don't.
> >
> > What brian really wants is apache2 or apache2-bin. In the case of
> > apache2-bin, he needs an additional dependency on libapache2-mod-wsgi.
> >
> > Really, it should b
On Jul 29, "\"IOhannes m zmölnig (Debian/GNU)\"" wrote:
> > This is why the new ffmpeg will use different symbols. Again, read
> > the first message.
> according to the first message, this is *not* true.
It is:
- To avoid potential problems when a program is linked against
FFmpeg libr
Package: wnpp
Severity: wishlist
Owner: Ansgar Burchardt
* Package name: dune-grid-glue
Upstream Author : Christian Engwer ,
Oliver Sander
* URL : http://www.dune-project.org/modules/dune-grid-glue/
* License : likely GPL-2 with an exception or LGPL
(Couldn't add the correct pseudo-header to ask the BTS to CC'
debian-devel, so doing it now, with BTS notification attached)
Package: wnpp
Owner: "Clément Hermann (nodens)"
Severity: wishlist
Package: wnpp
Severity: wishlist
Owner: "Clément Hermann (nodens)"
* Package name: openpgp-applet
Hi Dimitri,
On 29.07.2014 03:12, Dimitri John Ledkov wrote:
I don't have an opinion about ffmpeg vs libav, apart from how hard the
soname transitions are, especially in ubuntu where we somehow ended up
with ex-multimedia packages around that either never were in debian,
or have been long removed
Hi Raphael,
On 29.07.2014 09:47, Raphael Geissert wrote:
Andreas Cadhalpun wrote:
According to the changelog[1], there have been 8 security updates for
ffmpeg in squeeze.
There would have been more
You're right, my calculation is slightly flawed.
but the code has evolved too much for it t
Package: wnpp
Severity: wishlist
Owner: Eduard Bloch
* Package name: bcmwl
Version : 6.30.223.141+bdcom-0ubuntu3
Upstream Author : Broadcom Corporation, http://www.broadcom.com
* URL : http://www.broadcom.com/support/802.11/linux_sta.php
* License : open source
On Tue, Jul 29, 2014 at 6:10 PM, Andreas Cadhalpun <
andreas.cadhal...@googlemail.com> wrote:
> I don't have an opinion about ffmpeg vs libav, apart from how hard the
>> soname transitions are, especially in ubuntu where we somehow ended up
>> with ex-multimedia packages around that either never
Control: tags -1 moreinfo
Control: severity -1 wishlist
Am 28.07.2014 um 22:10 schrieb Michael
Gilbert:python-pyasn1-modules_0.0.5-0ubuntu3_source.changes
> package: src:gcc-4.4, src:gcc-4.6, src:gcc-4.7, src:gcc-4.8, src:gcc-4.9
> severity: serious
> tags: security
>
> Several integer overflow i
On Tuesday 29 July 2014 18:43:17 Andreas Cadhalpun wrote:
> On 29.07.2014 09:47, Raphael Geissert wrote:
> > Andreas Cadhalpun wrote:
> >> According to the changelog[1], there have been 8 security updates for
> >> ffmpeg in squeeze.
> >
> > There would have been more
>
> You're right, my calculat
Hi!
As I'm not sure if this is being worked on, or even a known issue due
to the migration away from ravel, as I did't find any mention on the
BTS or RT, I'm just posting it here, so that others might also get
aware of any answer/status.
The SSH upload queue on
ssh.upload.debian.org:/srv/upload.d
On 29.07.2014 21:59, Raphael Geissert wrote:
On Tuesday 29 July 2014 18:43:17 Andreas Cadhalpun wrote:
On 29.07.2014 09:47, Raphael Geissert wrote:
Andreas Cadhalpun wrote:
According to the changelog[1], there have been 8 security updates for
ffmpeg in squeeze.
There would have been more
Y
Hi
whoever uploaded the following to ssh.upload.debian.org may want to do
so again (if you haven't already), as there was a bug in the config
after the move of ssh.upload.debian.org to coccia, deleting them...
spice-vdagent_0.15.0-1.1_amd64.changes
spice-vdagent_0.15.0-1.1_amd64.changes
udpkg_1.1
Andreas Cadhalpun writes:
> Given the amount of software in Debian and thus the amount of security
> fixes necessary for a stable release, I think that the additional
> stable-security uploads for FFmpeg in the order of 10 per release will
> be hardly noticeable.
Er, 8 security updates over the
Hi Russ,
On 29.07.2014 23:30, Russ Allbery wrote:
Andreas Cadhalpun writes:
Given the amount of software in Debian and thus the amount of security
fixes necessary for a stable release, I think that the additional
stable-security uploads for FFmpeg in the order of 10 per release will
be hardly
Andreas Cadhalpun writes:
> I must have failed to make my point again. :(
> As far as I know there are hundreds of security updates (for all packages
> together) in the lifetime of a stable release. Compared to that 10 is not
> large. And, as I already mentioned, I think that some of the FFmpeg
>
Russ Allbery writes:
> Is upstream aware that this is a really bad track record and trying to
> do something proactive to increase the quality of the code, like
> comprehensive auditing, or proactive rewrites to use more secure coding
> practices such as some of the work that the LibreSSL team ha
On 29 July 2014 09:40, Brian May wrote:
> if [ -e /usr/share/apache2/apache2-maintscript-helper ] ; then
> . /usr/share/apache2/apache2-maintscript-helper
> apache2_invoke enconf package.conf
> elif dpkg-query -f '${Version}' -W 'apache2.2-common' > /dev/null 2>&1 ;
> then
> # if t
On 30.07.2014 00:54, Russ Allbery wrote:
Andreas Cadhalpun writes:
I must have failed to make my point again. :(
As far as I know there are hundreds of security updates (for all packages
together) in the lifetime of a stable release. Compared to that 10 is not
large. And, as I already mentione
On 29 July 2014 19:04, Jeroen Dekkers wrote:
> As far as I can see this is a bug in the apache2 packaging. The httpd
> virtual package should be provided by the apache2 package, not the
> apache2-bin package, because the apache2-bin package doesn't provide a
> working webserver. Bug report I just
On Wed, Jul 30, 2014 at 02:12:25AM +0200, Andreas Cadhalpun wrote:
> On 30.07.2014 00:54, Russ Allbery wrote:
> >Andreas Cadhalpun writes:
> >
> >>I must have failed to make my point again. :(
> >>As far as I know there are hundreds of security updates (for all packages
> >>together) in the lifeti
Hello,
Any reason why MariaDB 10.0.10 (uploaded to experimental) is still
stucked in the NEW queue? I would really like to see this version of
MariaDB in the next stable release so let me know if any help is
needed. Thanks for all your work!
Cheers,
--
Arnaud Fontaine
--
To UNSUBSCRIBE, email
Quoting Brian May (2014-07-30 02:54:10)
> On 29 July 2014 19:04, Jeroen Dekkers <[1]jer...@dekkers.ch> wrote:
>
> As far as I can see this is a bug in the apache2 packaging. The httpd
> virtual package should be provided by the apache2 package, not the
> apache2-bin package, because
What we do to combat that is All patches going into FFmpeg are
> reviewed with security in mind
>
> The codebase was repeatledly tested with fuzzed files to uncover all
> kinds of anomalies, all such found anomalies where fixed. Also
> independant of googles fuzzing efforts, some of our users ha
30 matches
Mail list logo
