reassign 1092330 libmimalloc2.0
retitle 1092330 libmimalloc2.0: fails to provide libmimalloc.so.2.0
severity 1092330 serious
affects 1092330 tex-common
thanks
mimalloc should have done a library transition, but instead it just
bumped the soname without changing the package name.
Hi,
* Otto Kekäläinen [250105 21:54]:
> Thanks for encouragement. I filed
> https://salsa.debian.org/salsa-ci-team/pipeline/-/issues/411 and will
> continue research on libfaketime/datefudge in CI there.
as we've seen in the time_t-64 transition, programs that interpose
library calls like this a
* Adam D. Barratt [250104 13:05]:
> Control: tags -1 + confirmed
>
> On Thu, 2025-01-02 at 19:25 +0100, Chris Hofstaedtler wrote:
> > grml-rescueboot can download Grml ISOs from the Internet.
> >
> > The recent Grml 2024.12 release has a) changed the architectures
&g
n regex
+ * Add NEWS entry about i386
+
+ -- Chris Hofstaedtler Thu, 02 Jan 2025 18:37:31 +0100
+
grml-rescueboot (0.5.2) unstable; urgency=medium
[ Allan Laal ]
diff -Nru grml-rescueboot-0.5.2/debian/NEWS
grml-rescueboot-0.5.2+deb12u1/debian/NEWS
--- grml-rescueboot-0.5.2/debian/NEWS 1970-0
On Fri, Dec 27, 2024 at 01:47:20PM +0200, Martin-Éric Racine wrote:
> > >> TBH, I'm not sure what you are trying to achieve with the Provides:
> > >> avahi-autoipd in dhcpcd-base.
> > >>
> > >> Answering that question might help with finding a proper solution.
> > >
> > > dhclient doesn't provide I
* Fabian Grünbichler [241123 15:31]:
> A) move i386 rustc to Rust's i586 target (which doesn't have SSE out of the
> box), instead of the i686-with-SSE2-disabled it currently uses
> B) bump the i386 baseline in Debian to require SSE2, and stop disabling SSE2
> there in rustc
> C) disable all opt
y them
+ * Use upstream's new --disable-makeinstall-tty-setgid.
+This fixes our wider mitigation for CVE-2024-28085.
+
+ -- Chris Hofstaedtler Thu, 21 Nov 2024 21:01:54 +0100
+
util-linux (2.38.1-5+deb12u2) bookworm; urgency=medium
* Add the following upstream patches to identify new Arm c
On Thu, Oct 31, 2024 at 08:44:11PM +, Adam D. Barratt wrote:
> On Sun, 2024-10-27 at 16:41 +0100, Chris Hofstaedtler wrote:
> > ema@ asked in #1085682 to improve reporting of ARM CPU core names in
> > lscpu for bookworm.
> >
> > Just as background: on x86, /proc/cpu
Hello!
I want to draw attention to, from my point of view, open
questions/problems with the s390x architecture.
In short, it seems to me, that:
a) there are no porters left (to fix serious problems)
b) various packages already ignore s390x (gnome? others?)
c) general, including upstreams, interes
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: util-li...@packages.debian.org, e...@debian.org
Control: affects -1 + src:util-linux
[ Reason ]
ema@ asked in #1085682 to improve reporting of ARM CPU core names in
Hi,
while investigating a test failure in ksh93u+m, it became clear that
packages last built before the time_t-64bit transition can have
latent bugs.
They might very well now FTBFS or fail at runtime (autopkgtest time
or later).
I believe FTBFS are bugs are probably caught by periodic rebuilds
do
Hallo Cyril,
* Cyril Brulebois [240813 20:56]:
> Chris Hofstaedtler (2024-08-13):
> > src:fuse (fuse 2.x) currently builds a udeb. Because of how the set of
> > key packages are calculated, this makes fuse automatically part of the
> > key package set.
> >
> &
Hi,
> On 2024-08-01 07:55:15 +0200, Hector Oron wrote:
> > Should Debian drop armel from the upcoming Debian release?
>
> Was there a conclusion to the discussion on d-arm@l.d.o? What is the
> opinion of the two porters that we currently have listed for armel
> (added to CC)?
fakeroot, a notable
Hi debian-boot,
src:fuse (fuse 2.x) currently builds a udeb. Because of how the set
of key packages are calculated, this makes fuse automatically part
of the key package set.
Given fuse3 has existed for a long time, maybe we could start
removing fuse in the next release cycle. For that, it would
* Bastian Germann [240806 22:12]:
> Control: tags -1 d-i
>
> Am 06.08.24 um 20:14 schrieb Chris Hofstaedtler:
> > libpcre3-udeb is indeed considered Priority: important and thus key.
> >
> > I'm sure release team will be happy to assist with the removal
Package: libeccodes-tools
Version: 2.36.1-1
X-Debbugs-CC: hel...@subdivi.de, debian-release@lists.debian.org
Hi,
libeccodes-tools is a key package, as such it pulls in its
dependencies into the key package set.
Currently it pulls mksh and possibly the listed alternatives pdksh |
zsh | ksh into t
On Tue, Aug 06, 2024 at 09:20:22AM +0100, Matthew Vernon wrote:
> On 06/08/2024 09:11, Bastian Germann wrote:
> > pcre3 is still showing up with "reason: priority" as key package in
> > https://udd.debian.org/cgi-bin/key_packages.yaml.cgi
> >
> > So this bug's severity will not take effect to auto
* Helmut Grohne [240603 23:11]:
> On Wed, May 29, 2024 at 03:14:59PM +0200, Helmut Grohne wrote:
> > Since noble includes these changes and I'd get this done sooner rather
> > than later, how about moving forward with June 5th after 22:30 UTC (such
> > that all buildds have regenerated their chroo
* Jun MO [240530 19:09]:
> On Thu, 30 May 2024 13:18:17 +0200, Vincent Lefevre wrote:
> > I agree, this may be useful. Unfortunately, the current status is
> > that one cannot have both: installing wtmpdb forces the upgrade of
> > util-linux to 2.40.1-3 (at least), where "last" is no longer instal
* Vincent Lefevre [240530 13:21]:
> On 2024-05-08 16:53:53 +0800, Jun MO wrote:
> > For last(1) my concern is that it will be helped to keep the original
> > last(1) for back-compatibility to read old wtmp files.
>
> I agree, this may be useful. Unfortunately, the current status is
> that one can
Source: mmdebstrap
Version: 1.4.3-6
Severity: serious
X-Debbugs-Cc: debian-release@lists.debian.org
Hi,
the autopkgtests for mmdebstrap as part of migration tests for
testing/amd64 fail with apt reporting 'Not found' errors.
As an example, for this scenario:
mmdebstrap 1.4.3-6
util-linux/2.40-8
On Fri, Apr 26, 2024 at 08:06:15PM +0100, RL wrote:
> the chkrootkit package provides several utilities for examining some of
> these files: chkutmp chkwtmp and check_wtmpx and chklastlog [a] -- it does
> not use pam but reads the files in /var/log
>
> How would I test these against the new files
Fellow Developers,
you are probably aware of the time_t-64bit migration :-)
However, this does not magically transition all data formats to 64bit
times. One such instance is the set of utmp/wtmp and lastlog files.
Thorsten Kukuk and others have been working on replacements for the
existing file f
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: tuxm...@packages.debian.org
Control: affects -1 + src:tuxmath
nmu tuxmath_2.0.3-9 . armel armhf s390x . unstable . -m "Rebuild for time_t"
Please rebuild tuxmath on the listed
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: lib...@packages.debian.org
Control: affects -1 + src:libnbd
nmu libnbd_1.20.0-1 . ANY . unstable . -m "Rebuild on buildds"
Please rebuild libnbd to replace the profile nocheck
Hi,
please schedule binNMUs for these source packages to transition back
from libuuid1t64 to libuuid1. Note that I've built this list based
on the amd64 Packages file. I'm not sure if skipping armel, armhf
would be helpful or not at this time.
The notable thing is e2fsprogs on archs where the ABI
Package: coreutils
Version: 9.4-1
Severity: serious
Tags: upstream
Control: affects -1 initramfs-tools scanbd
Hi,
cp and mv -n changed their behaviour with regard to their exit code
when doing nothing, and also now write to stderr.
This causes a few problems in existing packages:
1) initramfs-t
* Jonathan Wiltshire [230625 15:30]:
> Control: tag -1 confirmed
>
> On Sat, Jun 24, 2023 at 11:46:44PM +0200, Chris Hofstaedtler wrote:
> > Packaging bugs #1037292 and #1037539 have been discovered after the release,
> > this update will fix them in stable.
>
>
01 01:00:00.0 +0100
+++
multipath-tools-0.9.4/debian/patches/0006-multipathd.service-re-add-ExecStartPre.patch
2023-06-24 23:07:02.0 +0200
@@ -0,0 +1,28 @@
+From: Chris Hofstaedtler
+Date: Sat, 10 Jun 2023 12:42:40 +0200
+Subject: multipathd.service: re-add ExecStartPre
+
+Ups
437, see
+
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-02.html
+ (Closes: #1033941)
+* Fixes high CPU usage caused by serve-stale logic.
+* Fixes DNSSEC validation issues for some domains served by popular
+ DNS software by F5.
+* Downgr
/changelog 2023-02-13 08:48:21.0 +
@@ -1,3 +1,9 @@
+util-linux (2.38.1-5) unstable; urgency=medium
+
+ * Apply upstream patch to fix logger timestamp for stdin (Closes: #1030285)
+
+ -- Chris Hofstaedtler Mon, 13 Feb 2023 08:48:21 +
+
util-linux (2.38.1-4) unstable; urge
* Adam D. Barratt [220805 20:35]:
> Control: tags -1 + confirmed
>
> On Mon, 2022-07-18 at 11:49 +0200, Chris Hofstaedtler wrote:
[..]
> > jsvc just does not work except if on upgrades one keeps the JVM from
> > oldoldstable (openjdk 8).
>
> Please go ahead.
Uploaded.
Thanks,
Chris
* Chris Hofstaedtler [220718 12:02]:
> [ Tests ]
>
> I manually tested the built package on oldoldstable amd64.
Sorry, I got confused with the names. This should have read
oldstable (buster).
Chris
000
+
+++ commons-daemon-1.0.15/debian/changelog 2022-07-16 00:03:17.0
+
@@ -1,3 +1,10 @@
+commons-daemon (1.0.15-8+deb11u1) bullseye; urgency=medium
+
+ * Non-maintainer upload.
+ * Apply patch from unstable to fix JVM detection. (Closes: #935336)
+
+ -- Chris Hofstaedtler
Closes: #935336)
+
+ -- Chris Hofstaedtler Mon, 18 Jul 2022 09:35:49 +
+
commons-daemon (1.0.15-8) unstable; urgency=medium
* Team upload.
diff -Nru commons-daemon-1.0.15/debian/patches/debian-935336.patch
commons-daemon-1.0.15/debian/patches/debian-935336.patch
--- commons-daemon-1.0.15
* Chris Hofstaedtler [211005 00:18]:
> Will followup with the ftp.d.o bug#.
#995744.
Chris
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm
Dear Release Team,
please RM hardlink from testing, to allow util-linux to migrate.
src:util-linux now ships the hardlink program, and on upgrades hardlink
should get deconfigured/removed. See #
Hi,
* Sebastian Ramacher [210729 10:23]:
> On 2021-07-29 10:15:30, Chris Hofstaedtler wrote:
[..]
> Besides the missing unblocks, util-linux would be blocked by:
>
> autopkgtest for ocfs2-tools/1.8.6-6: amd64: Pass, arm64: Pass, armhf:
> Regression ♻ (reference ♻), i386: Pass
Hi,
* Cyril Brulebois [210729 00:43]:
> Chris Hofstaedtler (2021-07-28):
> > util-linux builds udebs. debian-boot@ is x-cc'ed.
>
> Thanks, Chris.
>
> No objections in theory; I'd be happy to have it in testing before Jul
> 31 (which is the tentative date
2021-07-28 19:09:07.0 +
@@ -1,3 +1,9 @@
+util-linux (2.36.1-8) unstable; urgency=medium
+
+ * Apply upstream patch for CVE-2021-37600 (Closes: #991619)
+
+ -- Chris Hofstaedtler Wed, 28 Jul 2021 19:09:07 +
+
util-linux (2.36.1-7) unstable; urgency=medium
* libmount: allow
* Adrian Bunk [210711 05:45]:
> * Cherrypick
> 78_01-Command-line-option-for-no-notifier-socket.-Bug-2616.patch from
> upstream GIT master. This allows one to disable creation of a
> daemon notifier socket by either setting notifier_socket to a empty value
> or specifying -oY com
.
+ * Apply patch from Ubuntu to fix FTBFS. (Closes: #986511)
+Thanks: Logan Rosen
+
+ -- Chris Hofstaedtler Sat, 24 Apr 2021 23:29:27 +
+
python-jenkinsapi (0.3.11-4) unstable; urgency=medium
* Fix FTBS due to pylint/python3 changes (Closes: #971179)
diff -Nru python-jenkinsapi-0.3.11/debian
@@
+inventor (2.1.5-10-23.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Remove arch-specific filter used when building the arch: all
+packages, hopefully fixing #889189.
+
+ -- Chris Hofstaedtler Sat, 24 Apr 2021 11:51:14 +
+
inventor (2.1.5-10-23) unstable; urgency=medium
Hi everyone,
* Lisandro Damián Nicanor Pérez Meyer [210423 21:06]:
> Hi! Indeed it's not working again, so reopening the bug.
>
> On Wed, 21 Apr 2021 10:12:03 + Damyan Ivanov wrote:
> > Sigh. Now git reverted to using /usr/lib again, and git-flow is broken.
It appears some more coordinatio
> $ debdiff snort_2.9.15.1-4_i386.deb snort_2.9.15.1-5_i386.deb
[..]
The debdiff does not seem to show any actual packaging changes. Are
you sure you diffed the correct files?
Chris
Dear Release Team,
currently, util-linux/2.36.1-7 is blocked from migration because of
a failed test of systemd/247.3-1 on ppc64el. I'm told
"networkd-test.py" is known to be flaky.
As I can't seem to make that happen reproducibly for ci.debian.net,
could you please mark the test as known bad on
Hi Paul,
* Paul Gevers [210208 21:13]:
> On 08-02-2021 09:32, Chris Hofstaedtler wrote:
> > I've uploaded that yesterday, and that was "just too late"?
>
> What makes you think so?
[..]
> Required age reduced by 3 days because of autopkgtest
> Not
Dear Release Team,
I must have misunderstood the exact timing requirements for
bullseye. However I persuaded upstream to maka a point release "for
us", so I'd be great if pdns 4.4.1-1 could actually make it into
bullseye.
I've uploaded that yesterday, and that was "just too late"?
Thanks,
Chris
Control: found -1 2.1.4-1
Control: tags -1 - unreproducible
* Chris Hofstaedtler [210207 18:19]:
> Thanks. However that info appears outdated, as on a current Debian
> unstable, I always get a `lo` interface with 127.0.0.1 and ::1
> bound. The tests want 127.0.0.1, so that works.
>
* Chris Hofstaedtler [201130 12:45]:
> Ah, pdns already has per-binary NEWS files - I've added it there.
>
> New debdiff attached. Please confirm.
I've uploaded this with the changed NEWS files. If you want to see
this changed anyhow, please let me know.
Best,
Chris
* Adam D. Barratt [201010 10:28]:
> On Tue, 2020-09-22 at 22:22 +0200, Chris Hofstaedtler wrote:
> > Maybe it should be pointed out in the stable update notes that
> > manual action is needed to remedy CVE-2019-10203 for existing
> > installations using postgres. "Man
ql.sql has to be
+manually applied to the backing PostgreSQL database. (Closes: #970729)
+ * Apply upstream patches to fix CVE-2020-17482 (Closes: #970737)
+
+ -- Chris Hofstaedtler Tue, 22 Sep 2020 19:07:45 +
+
pdns (4.1.6-3) unstable; urgency=medium
* Fix Denial of service via cr
* Paul Gevers [200905 20:22]:
> On 03-09-2020 18:12, Chris Hofstaedtler wrote:
> > * Xavier [200903 16:10]:
[..]
> ftp-master has an even stronger opinion, see
> https://ftp-master.debian.org/REJECT-FAQ.html (Non-Main II).
Thanks for the pointer. I guess the bugs severity should
* Xavier [200903 16:10]:
> > I must say I find it unacceptable that autopkgtests which are being
> > used to test migration from Debian unstable to Debian testing to rely
> > on code from random places on the Internet, which Debian Developers
> > have no control over.
>
> I understand your point
Control: reassign -1 release.debian.org
Hi,
versioning for (old)stable uploads is best discussed with the
Release team. Filing this against the `general` package does nothing
useful for this discussion, so I'm reassigning this bug.
I'd encourage a mail to debian-release@lists.debian.org instead,
ebian/changelog 2018-08-01 20:00:47.0 +
+++ gist-5.0.0/debian/changelog 2020-07-09 15:27:56.0 +
@@ -1,3 +1,9 @@
+gist (5.0.0-2+deb10u1) buster; urgency=medium
+
+ * Avoid deprecated authorization API (Closes: #964544)
+
+ -- Chris Hofstaedtler Thu, 09 Jul 2020 15:27:56
* Adam D. Barratt [200706 17:17]:
> Control: tags -1 + confirmed d-i
>
> On Sun, 2020-06-21 at 16:53 +0000, Chris Hofstaedtler wrote:
> > I'd like to push a fix for #959727 to buster. The bug causes us some
> > trouble with block devices that are -sometimes- missing.
/changelog 2020-06-21 16:41:48.0
+
@@ -1,3 +1,9 @@
+multipath-tools (0.7.9-3+deb10u1) buster; urgency=medium
+
+ * [775fe68] kpartx: use correct path to partx in udev rule (Closes: #959727)
+
+ -- Chris Hofstaedtler Sun, 21 Jun 2020 16:41:48 +
+
multipath-tools (0.7.9-3
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: binnmu
Severity: normal
Hello,
bsdmainutils 12.1.1 had to pass through NEW, please schedule a
binNMU to get rid of the amd64 binaries.
nmu bsdmainutils_12.1.1 . ANY . -m 'Rebuild on buildd network'
Thanks,
Chri
Hi Holger,
> i just dont think releasing d-s-s updates via point releases makes sense.
> and often they also dont warrant a security/lts update as they come with
> DSAs/DLAs and mostly the d-s-s updates are based on DSA/DLAs and thus such
> DSA/DLAs would just refer to the other ones.
May I ask y
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm
Dear (old-)Stable Release Managers,
please remove pdns-recursor with the next/last point release of stretch.
Security support has ended upstream, and it'd be better if people
wouldn't run DNS se
@@ -1,3 +1,12 @@
+pdns (4.1.6-3) unstable; urgency=medium
+
+ * Fix Denial of service via crafted zone records (CVE-2019-10162)
+using patch from upstream.
+ * Fix Denial of service via NOTIFY packets (CVE-2019-10163)
+using patch from upstream.
+
+ -- Chris Hofstaedtler Fri, 21 Jun 2019 19
+
+ [ Salvatore Bonaccorso ]
+ * Insufficient validation in the HTTP remote backend (CVE-2019-3871)
+(Closes: #924966)
+
+ -- Chris Hofstaedtler Sun, 31 Mar 2019 12:48:59 +
+
pdns (4.1.6-1) unstable; urgency=medium
* New upstream version 4.1.6
diff -Nru pdns-4.1.6/debian/patches/CVE-2019
* Adam D. Barratt [181224 18:37]:
> On Fri, 2018-11-23 at 17:54 +0000, Chris Hofstaedtler wrote:
> > pdns/4.0.3-1+deb9u3 [..]
>
> Please go ahead.
Thanks, uploaded.
Chris
* Adam D. Barratt [181224 18:45]:
> On Wed, 2018-12-05 at 21:14 +0100, Chris Hofstaedtler wrote:
> > pdns-recursor [..]
>
> Please go ahead.
Thanks, uploaded.
(I've fixed the suite in the changelog, oops.)
Chris
2018-11-10 16:05:33.0
+
@@ -1,3 +1,9 @@
+pdns-recursor (4.0.4-1+deb9u4) stretch-security; urgency=high
+
+ * Security upload for CVE-2018-10851 CVE-2018-14626 CVE-2018-14644 (Closes:
#913162).
+
+ -- Chris Hofstaedtler Sat, 10 Nov 2018 16:05:33 +
+
pdns-recursor (4.0.4-1+deb9u
1970-01-01 00:00:00.0 +
+++ pdns-4.0.3/debian/patches/911659-auth-reanimate-backends.patch
2018-11-10 13:36:22.0 +
@@ -0,0 +1,228 @@
+From 8e4c354790ff43ca750a58c504ee31e570462ff8 Mon Sep 17 00:00:00 2001
+From: Chris Hofstaedtler
+Date: Sat, 10 Nov 2018 15:26:01 +
* Cyril Brulebois [180728 17:36]:
> Adam D. Barratt (2018-07-28):
> > Control: tags -1 + moreinfo d-i
> >
> > On Mon, 2018-07-23 at 06:34 +0000, Chris Hofstaedtler wrote:
> > > The update would fix #859157, which is causing me headache on our
> > > produc
-0.6.4/debian/changelog 2018-07-23 06:16:34.0
+
@@ -1,3 +1,18 @@
+multipath-tools (0.6.4-5+deb9u1) stretch; urgency=medium
+
+ [ Chris Hofstaedtler ]
+ * Apply patch to avoid deadlock in udev triggers, based on upstream
+10704bae99cdcc809aaba0546017cb2eb416c551, with adaptions
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Security update using upstream patch, for CVE-2017-15091.
DSA has marked this no-DSA but suggested that this should
be fixed via stable-updates.
4.0.3-1+deb9u1 is already in p-u, t
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Security update for CVE-2017-15091. DSA has marked this
no-DSA but suggested this goes through (old)-stable-updates.
debdiff attached.
Thanks,
Chris
diff -Nru pdns-3.4.1/debian/cha
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Security update using upstream patch for CVE-2017-15093.
DSA has marked this non-DSA but suggested fixing this
through an (old)stable update.
debdiff attached.
Thanks,
Chris
diff -
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Security update using upstream patches to fix CVE-2017-15090,
CVE-2017-15092, CVE-2017-15093, CVE-2017-15094.
DSA has marked those as non-DSA but suggested fixing through
a stable u
* Adam D. Barratt [171029 19:16]:
> Control: tags -1 + confirmed
> Please make the changelog distribution "stretch", and feel free to
> upload.
Changed and uploaded, thanks.
> Does this also affect the package in jessie?
After asking upstream about this and checking the code in jessie,
this ap
74 matches
Mail list logo
