Hi,
Here is my ELTS report for November.
I was allocated 6 hours. I have spent 0.5 of them in the following
tasks:
* CVE triage for libsndfile and sysstat.
For a variety of reasons, among others the difficulties to find ELTS work,
I'll temporarily pause my ELTS involvement and focus again on De
Hi,
Here is my LTS report for November.
I was allocated 15 hours. I have spent all of them in the following
tasks:
* openjpeg2:
Continue my investigations on CVE-2018-18088, finish patch and get it
reviewed by upstream (actually merged). Triage CVE-2018-5785 as not
affecting Jessie (vulne
On 2018-11-26 21:20:14, Holger Levsen wrote:
> On Mon, Nov 26, 2018 at 04:04:48PM -0500, Antoine Beaupré wrote:
>> Did you try "--exclude linux linux 4.9"? That should work.
>
> doh, it does. Thanks! (Though I think thats somewhat unusual... but meh.)
that's the way all python-argparsed-based comm
On Mon, Nov 26, 2018 at 04:04:48PM -0500, Antoine Beaupré wrote:
> Did you try "--exclude linux linux 4.9"? That should work.
doh, it does. Thanks! (Though I think thats somewhat unusual... but meh.)
> > (the diff is +linux-4.9 instead of twice +linux)
> oops. fixed.
great, thank you!
--
chee
On 2018-11-26 20:48:07, Holger Levsen wrote:
> On Fri, Nov 23, 2018 at 11:06:43AM -0500, Antoine Beaupré wrote:
>> $ ./bin/review-update-needed --exclude linux linux-4.9 --lts --unclaim 3w
>> [...]
>> Editing file to unclaim: salt
>>
>> I've pushed that, I hope it works for you.
>
> this indeed wo
On Fri, Nov 23, 2018 at 11:06:43AM -0500, Antoine Beaupré wrote:
> $ ./bin/review-update-needed --exclude linux linux-4.9 --lts --unclaim 3w
> [...]
> Editing file to unclaim: salt
>
> I've pushed that, I hope it works for you.
this indeed works, however I didnt find a way to ignore both linux an
On Fri, Nov 23, 2018 at 10:54:47AM -0500, Antoine Beaupré wrote:
> Ah okay, so the lack of locales package could explain the problem then?
I suppose so.
> > If the unsorted order is the same as the one in data/dla-needed.txt I'd
> > want that.
> Okay, so do we change the default or add a "--sort
On Fri, Nov 23, 2018 at 11:06:43AM -0500, Antoine Beaupré wrote:
> > commandline param with a list of (src) packages to ignore.
> Okay, I added a --exclude param. Example without:
[...]
> With:
> $ ./bin/review-update-needed --exclude linux linux-4.9 --lts --unclaim
[...]
> I've pushed that, I hope
On 2018-11-22 21:00:15, Holger Levsen wrote:
> On Thu, Nov 22, 2018 at 11:54:16AM -0500, Antoine Beaupré wrote:
>> Right. That's the one I had in mind as well. :)
>
> :)
>
>> So how *do* we make that "whitelist"? Commandline param? And what will
>> it list? Packages? People? Package/people combinat
On Thu, Nov 22, 2018 at 11:25:52AM -0500, Antoine Beaupré wrote:
> > However no changes were made.
>
> Yeah, that's a total, typical, python unicode crash. :p Could you give
> me more information on your locale? It looks like you don't have a UTF-8
> locale, which will, naturally, cause problems w
On Thu, Nov 22, 2018 at 11:54:16AM -0500, Antoine Beaupré wrote:
> Right. That's the one I had in mind as well. :)
:)
> So how *do* we make that "whitelist"? Commandline param? And what will
> it list? Packages? People? Package/people combination?
commandline param with a list of (src) packages
On 2018-11-20 16:17:57, Holger Levsen wrote:
> Hi,
>
> So I ran it asking it to unclaim packages which didnt see activity in
> dla-needed.txt for more than 3 weeks. These are the results from running
> ./bin/review-update-needed --lts --unclaim 1814400
[...]
> -linux (Ben Hutchings)
> +linux
> a
On 2018-11-20 16:06:53, Holger Levsen wrote:
> hi,
>
> this reply is mostly about using the tool itself, see below. I will now write
> another mail about the results from using it...
>
[...]
> So, third, what did "./bin/review-update-needed --unclaim --lts" do? Too
> much, so I ran (in a sid schr
Hi,
El 20/11/18 a las 16:17, Holger Levsen escribió:
> Hi,
>
> On Mon, Nov 19, 2018 at 06:50:16PM -0500, Antoine Beaupré wrote:
> > Automatic unclaimer
> > ---
> >
> > After an internal discussion about work procedures, a friend pointed me
> > at the [don't lick the cookie][6] ar
Hi Hugo,
On Tue, Nov 20, 2018 at 05:46:21PM +0100, Hugo Lefeuvre wrote:
> > -libav (Hugo Lefeuvre)
> > +libav
> > AFAICS this is a legit unclaim. Hugo, would you mind to unclaim this?
> I don't mind. This is probably the best thing to do.
ok, done, thanks. And: feel free to reclaim this package a
Hi Holger,
> So I ran it asking it to unclaim packages which didnt see activity in
> dla-needed.txt for more than 3 weeks. These are the results from running
> ./bin/review-update-needed --lts --unclaim 1814400
>
> -libav (Hugo Lefeuvre)
> +libav
> last NOTE: 20180529: Just contacted some of the
Hi,
On Mon, Nov 19, 2018 at 06:50:16PM -0500, Antoine Beaupré wrote:
> Automatic unclaimer
> ---
>
> After an internal discussion about work procedures, a friend pointed me
> at the [don't lick the cookie][6] article which I found really
> interesting. The basic idea is that our p
hi,
this reply is mostly about using the tool itself, see below. I will now write
another mail about the results from using it...
On Mon, Nov 19, 2018 at 06:50:16PM -0500, Antoine Beaupré wrote:
> Automatic unclaimer
> ---
>
> After an internal discussion about work procedures, a
An early report, this month, as I've ran out of work hours earlier than
expected...
GnuPG & Enigmail
To get Enigmail working properly with the Thunderbird upload from last
week, we need GnuPG 2.1 in jessie. I [backported GnuPG 2.1][] to Debian
jessie directly, using work already
Brian May writes:
> Ok, thanks for your comments. I will do this.
It looks like my changes have been merged upstream:
https://gitlab.com/libtiff/libtiff/merge_requests/7
I will look at patching Wheezy.
--
Brian May
"Roberto C. Sánchez" writes:
> The severity of the problem seems to be not that high, and the bug
> report is nearly six months with practically no response from upstream.
> It might be best to clean up the patch, post it to BugZilla and give it
> some time for others to comment.
Ok, thanks for
Hi,
November 2017 was my 15th month as a payed Debian LTS contributor.
I was allocated 13 hours. I have spent all of them doing the following
tasks:
* Prepare and upload quagga update 0.99.22.4-1+wheezy3+deb7u2 (DLA 1152-1).
* Reproduce various issues in lame and organize next upload with the s
Hi Brian,
On Tue, Nov 21, 2017 at 08:12:16AM +1100, Brian May wrote:
> In November I spent my 10 hours mainly working on CVE-2017-9935 /
> tiff. I have understood the problem and I have changes that should fix
> the problem now, that I am currently testing. A multi image tiff
> function can have m
"Roberto C. Sánchez" writes:
> I am nearly done with the package I am currently working on. Also, I
> previously did updates for tiff/tiff3, including looking into
> CVE-2017-9935. I would be glad to take over from here.
Ok, sure.
Please find attached my full diff. It includes lots of extra p
On Tue, Nov 21, 2017 at 08:12:16AM +1100, Brian May wrote:
>
> As I am out of hours for this month, if anybody would like to take over,
> please let me know and I will present you with all my work. Otherwise I
> will continue next month.
Brian,
I am nearly done with the package I am currently wo
In November I spent my 10 hours mainly working on CVE-2017-9935 /
tiff. I have understood the problem and I have changes that should fix
the problem now, that I am currently testing. A multi image tiff
function can have multiple transfer functions, but we assume it only has
one.
My current fix inv
This month I had 10 hours and I spent my 10 hours on the following
projects:
* Researched CVE-2016-9013 in python-django and found to be not worthy of
fixing.
* Upload fixed version of python-django.
* CVE-2016-9014: DNS rebinding vulnerability when DEBUG=True.
* Upload fixed version of lynx-c
27 matches
Mail list logo
