On Thu, Aug 12, 2004 at 03:27:19PM +0200, Eduard Bloch wrote:
> Hello,
>
> could you please remove the packages for Mono from Sarge (and only
> Sarge)? Or manually force the current versions into Sarge? The current
> versions there are completely outdated and buggy and the newer ones do
Please fi
On Thu, Aug 12, 2004 at 03:15:19PM +0200, Adrian Bunk wrote:
> >...
>
> You will never find all issues in the BTS.
>
> E.g. the BTS doesn't tell you that the unstable package of SpamAssassin
> contains a fix for a potential DoS attack.
Your answer isn't constructive in anyway. What are you try
On Thu, Aug 12, 2004 at 04:14:40PM +0200, Adrian Bunk wrote:
[...]
> How does the release team ensure that you won't release Debian 3.1 with
> known serious problems already fixed in unstable (e.g #237071 or the
> potential DoS attack in SpamAssassin)?
Basically letting it going to Sarge:
Steve Langasek wrote:
> Many thanks for tackling this.
>
> On Wed, Aug 11, 2004 at 10:42:03PM -0300, Joey Hess wrote:
> > We have now finished checking all the DSAs since woody's release, except
> > for a few that we didn't reach any conclusions on. That the following
> > DSAs seem to still be unf
On Thu, Aug 12, 2004 at 04:14:40PM +0200, Adrian Bunk wrote:
> On Thu, Aug 12, 2004 at 02:51:56PM +0100, Colin Watson wrote:
> > That's OK, but please take your disagreement with that and your posts
> > that stem from this disagreement off this mailing list. Right now, it is
> > simply not in the l
On Thu, Aug 12, 2004 at 04:01:45PM +0200, Guido Trotter wrote:
> Since directory-administrator does not work correctly with openldap
> 2.1 (and above), and openldap 2.1 is the default sarge ldap server i
> think that it should be removed.
>
> I've raised the severity of #195825 so it doesn't enter
On Thu, Aug 12, 2004 at 04:05:48PM +0200, Adrian Bunk wrote:
> On Thu, Aug 12, 2004 at 02:21:24PM +0200, Andreas Barth wrote:
> > #237071 is _not_ required for security suports. Furthermore, there is
> > some difference between "keeping track" and "fixing everything".
>
> It's not required for sec
On Thu, Aug 12, 2004 at 02:51:56PM +0100, Colin Watson wrote:
>...
> > The Debian release management thinks freezing testing is less work.
> > That's OK (I have no influence on it - I'm not even a Debian developer),
> > but I do not plan to do anything of the work that is only caused by the
> > f
On Thu, Aug 12, 2004 at 02:21:24PM +0200, Andreas Barth wrote:
> * Adrian Bunk ([EMAIL PROTECTED]) [040812 14:10]:
> > On Thu, Aug 12, 2004 at 01:21:22PM +0200, Andreas Barth wrote:
> > > * Adrian Bunk ([EMAIL PROTECTED]) [040812 12:25]:
>
> > > Why do you think this task is not worked on, if you'
On Thu, Aug 12, 2004 at 03:27:19PM +0200, Eduard Bloch wrote:
> Hello,
>
> could you please remove the packages for Mono from Sarge (and only
> Sarge)? Or manually force the current versions into Sarge? The current
> versions there are completely outdated and buggy and the newer ones do
> not get
Hi,
Since directory-administrator does not work correctly with openldap 2.1 (and
above), and openldap 2.1 is the default sarge ldap server i think that it should
be removed.
I've raised the severity of #195825 so it doesn't enter testing again before
it's fixed. Can you please remove it?
Thanks
Hi, Adrian Bunk wrote:
> BTW: Who had the idea of including three different versions of GnuTLS in
> sarge?
Nobody. The former maintainer didn't track Upstream; about a month ago,
I took over and started pushing for inclusion of the latest versions.
Since that was somewhat late, we now have
On Thu, Aug 12, 2004 at 03:00:45PM +0200, Adrian Bunk wrote:
> On Thu, Aug 12, 2004 at 02:23:00PM +0200, Jeroen van Wolffelaar wrote:
> > I made a list of RC bugs that are still unfixed in sarge after they were
> > fixed for over a month in sid. You would have known that if you
> > subscribed to th
Hello,
could you please remove the packages for Mono from Sarge (and only
Sarge)? Or manually force the current versions into Sarge? The current
versions there are completely outdated and buggy and the newer ones do
not get into Sarge because s390 buildd ignores them for unknown reason
and ARM is
On Thu, Aug 12, 2004 at 04:06:18PM +0300, Riku Voipio wrote:
> > If such an easy and clearly RC bug as #237071 which is already fixed in
> > unstable isn't adressed in testing until today, something is definitely
> > going wrong. And if it was Jeroen's job as you said, he isn't doing it
> > prop
> If such an easy and clearly RC bug as #237071 which is already fixed in
> unstable isn't adressed in testing until today, something is definitely
> going wrong. And if it was Jeroen's job as you said, he isn't doing it
> properly.
> It will be worse between "28 August 2004" and "16 September
On Thu, Aug 12, 2004 at 02:23:00PM +0200, Jeroen van Wolffelaar wrote:
>
> Rather than complaining and posing that people aren't doing their jobs,
> and asking "which member of e release team is responsible for doing this
> task?", you could _help_ instead.
If the release management has announced
On Thu, Aug 12, 2004 at 02:21:24PM +0200, Andreas Barth wrote:
> * Adrian Bunk ([EMAIL PROTECTED]) [040812 14:10]:
> >
> > It will be worse between "28 August 2004" and "16 September 2004"
> > when many hundred packages with a more recent version than in unstable
> > whether sarge have to be eval
On Thu, Aug 12, 2004 at 02:02:38PM +0200, Adrian Bunk wrote:
> On Thu, Aug 12, 2004 at 01:21:22PM +0200, Andreas Barth wrote:
> > * Adrian Bunk ([EMAIL PROTECTED]) [040812 12:25]:
> > AFAICS, Jeroen is keeping overall track now.
> >...
> > > Since I astonishingly discovered that this task hasn't b
* Adrian Bunk ([EMAIL PROTECTED]) [040812 14:10]:
> On Thu, Aug 12, 2004 at 01:21:22PM +0200, Andreas Barth wrote:
> > * Adrian Bunk ([EMAIL PROTECTED]) [040812 12:25]:
> > Why do you think this task is not worked on, if you're not subscribed
> > to -release? (And of course, Jeroen is not member o
On Thu, Aug 12, 2004 at 01:21:22PM +0200, Andreas Barth wrote:
> * Adrian Bunk ([EMAIL PROTECTED]) [040812 12:25]:
> > it's obvious that freezing testing requires the extra amount of work for
> > someone to check every single frozen package with a more recent version
> > in unstable whether sarg
* Adrian Bunk ([EMAIL PROTECTED]) [040812 12:25]:
> it's obvious that freezing testing requires the extra amount of work for
> someone to check every single frozen package with a more recent version
> in unstable whether sarge lacks required fixes.
>
> They might be RC bugs like #237071, but it
Hi,
it's obvious that freezing testing requires the extra amount of work for
someone to check every single frozen package with a more recent version
in unstable whether sarge lacks required fixes.
They might be RC bugs like #237071, but it's also possible that an
upload fixed a security bug [
On Thu, Aug 12, 2004 at 11:40:53AM +0200, Christian Hammers wrote:
> On Wed, Aug 11, 2004 at 10:42:03PM -0300, Joey Hess wrote:
> > We have now finished checking all the DSAs since woody's release, except
> > for a few that we didn't reach any conclusions on. That the following
> > DSAs seem to sti
Hello
On Wed, Aug 11, 2004 at 10:42:03PM -0300, Joey Hess wrote:
> We have now finished checking all the DSAs since woody's release, except
> for a few that we didn't reach any conclusions on. That the following
> DSAs seem to still be unfixed in sarge:
>
> mysql-dfsg 4.0.18-6 needed, have 4.0.18
Arnaud Vandyck wrote:
tomcat4 4.1.24-2 needed, have 4.0.4-4 for DSA-395
tomcat4 4.1.16-1 needed, have 4.0.4-4 for DSA-225
Can we upload a new release of the package in unstable or is there a
special procedure?
Even if all RC bugs in tomcat4 and its dependencies are closed, it will
not autom
On Thu, Aug 12, 2004 at 11:18:49AM +0200, Arnaud Vandyck wrote:
> Joey Hess <[EMAIL PROTECTED]> writes:
> > We have now finished checking all the DSAs since woody's release, except
> > for a few that we didn't reach any conclusions on. That the following
> > DSAs seem to still be unfixed in sarge:
Joey Hess <[EMAIL PROTECTED]> writes:
> We have now finished checking all the DSAs since woody's release, except
> for a few that we didn't reach any conclusions on. That the following
> DSAs seem to still be unfixed in sarge:
>
> tomcat4 4.1.24-2 needed, have 4.0.4-4 for DSA-395
> tomcat4 4.1.16-
>On Wed, Aug 11, 2004 at 10:42:03PM -0300, Joey Hess wrote:
>> We have now finished checking all the DSAs since woody's release, except
>> for a few that we didn't reach any conclusions on. That the following
>> DSAs seem to still be unfixed in sarge:
>
>> php4 4:4.3.8-1 needed, have 4:4.3.4-4 for
Joey Hess <[EMAIL PROTECTED]> writes:
> [11 Jun 2003] DSA-316 nethack - buffer overflow, incorrect permissions
> {CAN-2003-0358 CAN-2003-0359}
> - nethack 3.4.1-1
> NOTE: DSA contains some strange non-nethack version numbers
We have a number of nathack variants sharing the same
On Thu, Aug 12, 2004 at 08:12:48AM +0200, Andreas Metzler wrote:
> Hello,
> now with gcc resolved this makes sense again, this has been ready for
> quite some time.
> easy pcsc-lite/1.2.9-beta5-1 muscleframework/1.1.5-4 etoken/0.3.9-2
> pcsc-tools/1.3.4-2 opensc/0.8.1-7 xcardii/0.9.9-5
Eagerly h
Hello,
now with gcc resolved this makes sense again, this has been ready for
quite some time.
easy pcsc-lite/1.2.9-beta5-1 muscleframework/1.1.5-4 etoken/0.3.9-2
pcsc-tools/1.3.4-2 opensc/0.8.1-7 xcardii/0.9.9-5
cu andreas
--
"See, I told you they'd listen to Reason," [SPOILER] S
Hi Joey,
Many thanks for tackling this.
On Wed, Aug 11, 2004 at 10:42:03PM -0300, Joey Hess wrote:
> We have now finished checking all the DSAs since woody's release, except
> for a few that we didn't reach any conclusions on. That the following
> DSAs seem to still be unfixed in sarge:
> php4 4
33 matches
Mail list logo
