Emilio Pozuelo Monfort writes:
> Go ahead.
Hi,
The transition is now complete in unstable.
--
Regards,
Feri.
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
X-Debbugs-Cc: pkg-shibboleth-de...@lists.alioth.debian.org
Control: affects -1 + src:xml-security-c
Control: affects -1 + src:xmltooling
Control: affects -1 + src:opensaml
Control: affects
"Adam D. Barratt" writes:
> Assuming that all of the changes are in unstable (or not required
> there), please go ahead.
Hi Adam,
All three patches are cherry-picks (although one required manual
backporting) from 2.1.6, which is already in testing.
Source-only upload done, hope it's all right.
Control: tag -1 - confirmed
Jonathan Wiltshire writes:
> On Wed, Jul 05, 2023 at 07:14:09PM +0200, Ferenc Wágner wrote:
>
>> Shortly after the release of bookworm we got a report that Pacemaker
>> regressed in certain migration scenarios when compared to the bullseye
>
ot (Closes: #1040165)
+
+ -- Ferenc Wágner Sun, 02 Jul 2023 21:39:59 +0200
+
pacemaker (2.1.5-1) unstable; urgency=medium
* [5792d59] Work around lazy loading of GitHub release pages in watch file
diff -Nru pacemaker-2.1.5/debian/gbp.conf pacemaker-2.1.5/debian/gbp.conf
--- pacemaker-2.1.5/debi
Ferenc Wágner writes:
> Sebastian Ramacher writes:
>
>> ACK, please go ahead.
>
> Great, shibboleth-sp was uploaded and is already fully green in the
> transition tracker. Please schedule the binNMUs for
> shibboleth-resolver.
Hi,
The transition tracker is already a
Sebastian Ramacher writes:
> ACK, please go ahead.
Great, shibboleth-sp was uploaded and is already fully green in the
transition tracker. Please schedule the binNMUs for
shibboleth-resolver.
--
Thanks,
Feri.
control: tags -1 - moreinfo
Sebastian Ramacher writes:
> On 2023-01-24 17:17:36 +0100, Ferenc Wágner wrote:
>
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: transition
>>
>> When reporti
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
When reporting #1028286 (transition: xml-security-c) I totally missed
that one of the mentioned planned upper layer uploads is the
shibboleth-sp 3.3 -> 3.4 upgrade, wh
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
In a recent message [1] Shibboleth upstream strongly recommended
building xml-security-c without Xalan support to reduce the attack
surface of Shibboleth installations
"Adam D. Barratt" writes:
> I'm not hugely happy that this has ended up not being in stretch, to
> be quite honest.
Agreed. I was pushing for it in vain, unfortunately.
> We're in the process of organising the final point release for buster,
> as support for it moves over to the LTS team, so p
24-0+deb9u1 in
+stretch added the new file /usr/lib/ocf/resource.d/pacemaker/ifspeed to
+pacemaker, while it resides in pacemaker-resource-agents in buster.
+(Closes: #985173)
+
+ -- Ferenc Wágner Sun, 28 Mar 2021 03:21:46 +0200
+
pacemaker (2.0.1-5+deb10u1) buster-security; u
y, it
+results in a potential denial of service condition exploitable by
+a remote, unauthenticated attacker.
+ Thanks to Scott Cantor (Closes: #987608)
+ * [3a6ac33] Refresh our patches
+
+ -- Ferenc Wágner Tue, 27 Apr 2021 12:11:06 +0200
+
shibboleth-sp (3.2.1+dfsg1-1) unstable; urge
n/changelog
shibboleth-sp-3.2.1+dfsg1/debian/changelog
--- shibboleth-sp-3.2.0+dfsg1/debian/changelog 2021-01-06 14:18:54.0
+0100
+++ shibboleth-sp-3.2.1+dfsg1/debian/changelog 2021-03-17 14:29:08.0
+0100
@@ -1,3 +1,12 @@
+shibboleth-sp (3.2.1+dfsg1-1) unstable; urgency=high
+
+
ot;
diff -Nru libqb-2.0.2/debian/changelog libqb-2.0.3/debian/changelog
--- libqb-2.0.2/debian/changelog2020-12-26 16:07:32.0 +0100
+++ libqb-2.0.3/debian/changelog2021-03-04 06:11:31.0 +0100
@@ -1,3 +1,11 @@
+libqb (2.0.3-1) unstable; urgency=medium
+
+ * [f0b428b] Ne
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
The recent 3.2 release of the Shibboleth SP is a minor release, but due
to the internal structure of the stack it entails the usual three
transitions for xmltooling, o
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
I'd like to transition to libqb version 2. The dependency list is
fairly short, and mostly contains packages under the HA Team umbrella.
The only breakage is caused b
7.3/debian/changelog 2020-07-04 12:47:24.0
+0200
@@ -1,3 +1,10 @@
+xml-security-c (1.7.3-4+deb9u3) stretch; urgency=medium
+
+ * [02c3993] New patch: Fix a length bug in concat method.
+Thanks to Scott Cantor (Closes: #922984 )
+
+ -- Ferenc Wágner Sat, 04 Jul 2020 12:47:24 +0
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Dear Release Team,
The 3.1 release of the Shibboleth software stack changed the ABI and API
of all the components. It's pretty self-contained in Debian, though.
The affected packages (x
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear Stable Release Team,
I'v got a bold request: please let me update Kronosnet in buster from
1.8-2 to 1.13-something to fix #946222. During the buster freeze
period, upstream re
(3.0.1-2+deb10u1) buster; urgency=medium
+
+ * [f826af9] This branch is for buster updates
+ * [bfbfd3e] New patch: totemsrp: Reduce MTU to left room second mcast.
+Thanks to Jan Friesse (Closes: #950476)
+
+ -- Ferenc Wágner Sun, 02 Feb 2020 12:32:26 +0100
+
corosync (3.0.1-2) unstable
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear Stable Release Team,
I'm looking for guidance first: I'd like to fix #950135 (libxmltooling8:
Race condition bug in new session cookie feature leads to SP crash) in
buster. Th
TUARIO-496
+CVE: not assigned
+Thanks to Scott Cantor (Closes: #913136)
+
+ -- Ferenc Wágner Mon, 10 Dec 2018 11:45:41 +0100
+
xml-security-c (1.7.3-4+deb9u1) stretch-security; urgency=high
* [93b87c6] New patch: Default KeyInfo resolver doesn't check for empty
diff -Nru
xml-security
] Backport three more patches from upstream fixing memory safety
+bugs.
+Clearing up fallout from the preceding security fixes.
+Thanks to Ken Gaillot
+
+ -- Ferenc Wágner Sun, 02 Jun 2019 14:01:06 +0200
+
pacemaker (2.0.1-4) unstable; urgency=high
* [54ace53] Fix check for already
+1,35 @@
+2019-04-25 Christine Caulfield
+
+ version: bump soname for 1.0.5 release
+
+2019-04-23 Ferenc Wágner
+
+ Let remote_tempdir() assume a NUL-terminated name
+ This is the case already. We also fix a buffer overflow opportunity in
+ the memcpy() call by this
by the kernel
+
+ -- Ferenc Wágner Wed, 03 Apr 2019 10:33:30 +0200
+
kronosnet (1.8-1) unstable; urgency=medium
* [ff7beff] New upstream release (1.8)
diff -Nru
kronosnet-1.8/debian/patches/send-test-skip-the-SCTP-test-if-SCTP-is-not-supported-by-.patch
kronosnet-1.8/debian/patches/send-tes
25354)
+
+ -- Ferenc Wágner Mon, 01 Apr 2019 13:39:28 +0200
+
pacemaker (2.0.1-1) unstable; urgency=medium
* [7d6ff2e] New upstream release (2.0.1)
diff -Nru pacemaker-2.0.1/debian/control pacemaker-2.0.1/debian/control
--- pacemaker-2.0.1/debian/control 2019-03-04 21:30:38.0
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package opensaml
Dear Release Team,
To fix their latest security bug, Shibboleth upstream made a coordinated
patch release of the full stack, as usual. You already unblocke
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package shibboleth-sp
Dear Release Team,
When upstream fixed #924346 in xmltooling, they also fixed the same
problem (uncaught parser exceptions) in shibboleth-sp to prevent
class and propagates an
+unexpected exception type.
+This generally manifests as a crash in the calling code, which in the
+Service Provider software's case is usually the shibd daemon process,
+but can be Apache in some cases. Note that the crash occurs prior to
+evaluat
000 +0100
@@ -1,3 +1,9 @@
+pacemaker (2.0.1-1) unstable; urgency=medium
+
+ * [7d6ff2e] New upstream release (2.0.1)
+
+ -- Ferenc Wágner Mon, 04 Mar 2019 21:34:46 +0100
+
pacemaker (2.0.1~rc5-1) unstable; urgency=medium
* [79e9089] Drop duplicate external library linkages
diff -Nru pacemaker-
Emilio Pozuelo Monfort writes:
> On 15/01/2019 17:23, wf...@niif.hu wrote:
>
>> The uploads are done, but the testing migration of pacemaker and pcs
>> probably deadlocked due to the autopkgtest of the latter. Unstable pcs
>> needs unstable pacemaker, so they can only go together, which may nee
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi Release Team,
We'd like to transition to Pacemaker 2. The ben file below is mostly
equivalent to that of auto-pacemaker, but misses pacemaker-dev, because
I'm not sure how to handle
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
nmu pam-mysql_0.8.1-1 . ANY . unstable . -m "Rebuild against MariaDB 10.3
(switch to internal implementaion of some dropped symbols)"
Emilio Pozuelo Monfort writes:
> On 02/01/2019 15:21, Ferenc Wágner wrote:
>
>> please schedule a rebuild of sheepdog and dlm on all relevant
>> architectures, that should finish it.
>
> Done.
Thanks, the rebuilds went through just fine, I think we can close this
tra
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Hi,
First of all, I'm sorry for inadvertently starting the Corosync
transition. It isn't a problematic one, though: please schedule a
rebuild of sheepdog and dlm on all relevant archite
Control: tags -1 - moreinfo
"Adam D. Barratt" writes:
> On Wed, 2018-02-28 at 06:45 +0100, Salvatore Bonaccorso wrote:
>
>> FTR, there was a xmltooling DSA yesterday including the fix. But I
>> guess the basic question remains if xmltooling still can be updated
>> to 1.6.3 (or now 1.6.4 based ve
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Dear Release Team,
The Security Team advised that CVE-2018-0486 should be fixed by a stable
update, because it isn't exploitable in the stretch version of the
Shibboleth stack, but
Emilio Pozuelo Monfort writes:
> On 19/11/17 22:04, Ferenc Wágner wrote:
>
>> On Wed, 15 Nov 2017 20:08:28 + Bill Blough wrote:
>>
>>> The package has been uploaded to unstable [...]
>>
>> xmltooling, opensaml2 and shibboleth-sp2 must be rebuilt agai
On Wed, 15 Nov 2017 20:08:28 + Bill Blough wrote:
> The package has been uploaded to unstable [...]
Dear Release Team,
xmltooling, opensaml2 and shibboleth-sp2 must be rebuilt again in this
order to correctly pick up the new xerces library.
Meanwhile I'd like to upload their latest upstrea
Shall I file a serious bug against libshibsp7 to keep it out of testing
until these binNMUs are scheduled?
--
Thanks,
Feri
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
Hello,
A recenty reported bug in shibboleth-sp2 turned out to be two identical
problems in the pkg-config files shipped by xmltooling and opensaml2.
Since it breaks upgrades, I decided to fi
Emilio Pozuelo Monfort writes:
> On 03/09/16 15:58, Ferenc Wágner wrote:
>
>> I'm finished with the uploads. Xmltooling, opensaml2 and shibboleth-sp2
>> all built on the testing architectures. Please trigger rebuilds of
>> shibboleth-resolver and moonshot-gss-eap
I'm finished with the uploads. Xmltooling, opensaml2 and shibboleth-sp2
all built on the testing architectures. Please trigger rebuilds of
shibboleth-resolver and moonshot-gss-eap (possibly also opensaml2 on
powerpcspe, if you handle ports).
--
Thanks,
Feri
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
xmltooling 1.6, opensaml2 2.6 and shibboleth-sp2 2.6 each change their SONAME
in this new version of this software stack. The new stack is already in
experimental, and the two external d
.4.40/debian/changelog
@@ -1,3 +1,12 @@
+openldap (2.4.40-3.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Disable schema checking for reloading the dumped data during upgrades,
+to avoid interrupting the upgrade procedure of partial replicas.
+(Closes: #614569).
+
+ -- Ferenc W
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package sblim-wbemcli
This new revision fixes #768203 by declaring Breaks+Replaces
python-pywbem (<< 0.8.0~dev650-1~) to seamlessly overwrite
/usr/bin/wbemcli during upgrades
47 matches
Mail list logo
