Bug#1057175: transition: libsfml

Package: release.debian.org Control: affects -1 + src:libsfml X-Debbugs-Cc: libs...@packages.debian.org User: release.debian@packages.debian.org Usertags: transition Severity: normal Hi, libsfml needs a transition due to an ABI bump from 2.5 to 2.6. It's currently in experimental and built ev

Bug#884635: transition: libupnp

Hi, On 05/11/2018 17:28, Uwe Kleine-König wrote: > Hello Emilio, > > [adding jcowgill to recipients] > > On 11/05/2018 04:37 PM, Emilio Pozuelo Monfort wrote: >> Please get this started, and bump the bug severities to serious. > > I never did a transition before, so I'm not entirely clear what

Bug#910271: transition: mbedtls

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi, mbedTLS needs a transition because upstream bumped the SONAME of libmbedtls in 2.13 due to some symbol changes. I have also changed the SONAME of libmbedcrypto to realign it with ups

Bug#893749: stretch-pu: package easytag/2.4.3-1+deb9u1

corruption. + (Closes: #855251) + + -- James Cowgill Mon, 24 Sep 2018 18:31:35 +0100 + easytag (2.4.3-1) unstable; urgency=medium * New upstream release. diff -Nru easytag-2.4.3/debian/gbp.conf easytag-2.4.3/debian/gbp.conf --- easytag-2.4.3/debian/gbp.conf 2016-12-05 20:47:35.0

Bug#898918: transition: libsfml

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi, libsfml 2.5 has bumped its SONAME and therefore needs a transition. The package is in experimental and has not yet failed on any release architecture (with mips64el and mipsel left t

Bug#896893: transition: ffmpeg

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi, FFmpeg 4.0 is the new major release of FFmpeg and as such upstream has bumped the SONAMEs of all libraries so there needs to be a transition. The new package is in experimental. It

Bug#895537: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u3

6~beta20.3-3+deb9u3) stretch; urgency=medium + + * Add patch to fix CVE-2018-10017 (Closes: #895406). +- up11: Out-of-bounds read loading IT / MO3 files with many pattern loops. + + -- James Cowgill Thu, 12 Apr 2018 10:14:53 +0100 + libopenmpt (0.2.7386~beta20.3-3+deb9u2) stretch; urgency=med

Bug#893749: stretch-pu: package easytag/2.4.3-1+deb9u1

Control: tags -1 moreinfo Hi, On 22/03/18 00:05, James Cowgill wrote: > Package: release.debian.org > Severity: normal > Tags: stretch > User: release.debian@packages.debian.org > Usertags: pu > > Hi, > > The purpose of this update to easytag is to fix #

Bug#893749: stretch-pu: package easytag/2.4.3-1+deb9u1

@ -1,3 +1,13 @@ +easytag (2.4.3-1+deb9u1) stretch; urgency=medium + + [ James Cowgill ] + * Disable OGG, OPUS and Speex. (Closes: #855251) + + [ Bruno Kleinert ] + * Do not mention OGG support in package description. (Closes: #886369) + + -- James Cowgill Thu, 08 Mar 2018 22:20:29 + + easyt

Bug#892703: nmu: lots of libraries on mips + mipsel for fpxx

Hi, On 15/03/18 10:27, Emilio Pozuelo Monfort wrote: > All the rest scheduled now, with slightly decreased build priority so it > doesn't > stall the rest of the packages for a couple of days. The build queue is > practically empty anyway so these should build rather quickly. Thanks! > BTW you

Bug#892703: nmu: lots of libraries on mips + mipsel for fpxx

Hi, On 12/03/18 11:50, James Cowgill wrote: > Control: retitle -1 nmu: lots of libraries on mips + mipsel for fpxx > > [+ CC debian-mips] > > Hi, > > On Mon, 12 Mar 2018 12:15:38 +0800 YunQiang Su wrote: >> Package: release.debian.org >> User: relea

Bug#892703: nmu: lots of libraries on mips + mipsel for fpxx

Control: retitle -1 nmu: lots of libraries on mips + mipsel for fpxx [+ CC debian-mips] Hi, On Mon, 12 Mar 2018 12:15:38 +0800 YunQiang Su wrote: > Package: release.debian.org > User: release.debian@packages.debian.org > Usertags: binnmu > Severity: normal > > For mips and mipsel, we are w

Bug#890448: transition: mbedtls

On 15/02/18 17:47, Emilio Pozuelo Monfort wrote: > Control: tags -1 confirmed > > On 14/02/18 22:01, James Cowgill wrote: >> Package: release.debian.org >> Severity: normal >> User: release.debian@packages.debian.org >> Usertags: transition >> >>

Bug#890448: transition: mbedtls

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi, mbedtls bumped the SONAME of one of its libraries (libmbedcrypto) so it needs a transition. The new version is currently in experimental. These reverse dependencies built successful

Bug#886237: transition: libgig

Hi Mattia, On 03/01/18 13:18, Mattia Rizzolo wrote: > Control: tag -1 moreinfo > > On Wed, Jan 03, 2018 at 12:55:40PM +0100, Jaromír Mikeš wrote: >> Can I upload new upstream version of gigedit now to experimental? ... >> I am not DD just having DM flag for qsampler > > Usually uploading to expe

Bug#885533: jessie-pu: package soundtouch/1.8.0-1+deb8u1

es: #870856) + - CVE-2017-9260 (Closes: #870857) + + -- James Cowgill Wed, 27 Dec 2017 16:37:31 + + soundtouch (1.8.0-1) unstable; urgency=low * New upstream release. diff -Nru soundtouch-1.8.0/debian/patches/cve-2017-92xx.patch soundtouch-1.8.0/debian/patches/cve-2017-92xx.patch --- s

Bug#885531: stretch-pu: package soundtouch/1.9.2-2+deb9u1

undtouch-1.9.2/debian/changelog 2017-12-27 16:34:15.0 + @@ -1,3 +1,13 @@ +soundtouch (1.9.2-2+deb9u1) stretch; urgency=medium + + [ Gabor Karsay ] + * Add patch to fix +- CVE-2017-9258 (Closes: #870854) +- CVE-2017-9259 (Closes: #870856) + - CVE-2017-9260 (Closes: #870857

Bug#884635: transition: libupnp

were filed by Sebastian Ramacher who (very kindly) did a rebuild of all the rdeps against pupnp 1.8. mpd, silverjuke and wmaloader all have bugs already filed against them. > James Cowgill (= maintainer of src:pupnp-1.8) already uploaded a version > of src:pupnp-1.8 providing libupnp-dev to

Bug#868468: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u2

On 15/07/17 20:50, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sat, 2017-07-15 at 20:37 +0100, James Cowgill wrote: >> Some more security issues were discovered in libopenmpt so it will need >> another stretch update. One of the issues looked potentially se

Bug#868468: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u2

atches (Closes: #867579). +- up8: Out-of-bounds read while loading a malfomed PLM file. +- up10: CVE-2017-11311: Arbitrary code execution by a crafted PSM file. + + -- James Cowgill Sat, 15 Jul 2017 18:33:57 +0100 + libopenmpt (0.2.7386~beta20.3-3+deb9u1) stretch; urgency=medium

Bug#865355: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u1

Hi again, On 25/06/17 23:11, James Cowgill wrote: > On 25/06/17 22:46, Cyril Brulebois wrote: >> James Cowgill (2017-06-20): >>> This update contains a number of security fixes to libopenmpt which >>> upstream has specifically asked me to get into stretch. Upstrea

Bug#865355: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u1

Hi, On 25/06/17 22:46, Cyril Brulebois wrote: > James Cowgill (2017-06-20): >> This update contains a number of security fixes to libopenmpt which >> upstream has specifically asked me to get into stretch. Upstream asked >> me to fix these earlier this month and sinc

Bug#865355: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u1

95). +- up1: Division by zero in temp calculation. +- up2: Infinite loop with cyclic plugin routing. +- up3: Excessive CPU consumption on malformed DMF and MDL files. +- up5: Excessive CPU consumption on malformed AMS files. +- up6: Invalid memory read when applying NNAs to effec

Bug#862167: jessie-pu: package polarssl/1.3.9-2.1+deb8u2

gelog --- polarssl-1.3.9/debian/changelog 2016-02-06 13:29:38.0 + +++ polarssl-1.3.9/debian/changelog 2017-05-09 09:42:21.0 +0100 @@ -1,3 +1,10 @@ +polarssl (1.3.9-2.1+deb8u2) jessie; urgency=high + + * Fix CVE-2017-2784: Freeing of memory allocated on stack when + val

Bug#862061: nmu: raincat_1.1.1.2-3

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Hi, raincat needs binNMUing against haskell-glut 2.7.0.10-4 to fix the RC bug #861957. This should pick up the fixes to haskell-glut in #861976 so raincat can start again. It needs binNMUing

Bug#860887: unblock: bind9/1:9.10.3.dfsg.P4-12.2

g 2017-04-18 16:42:50.0 +0100 @@ -1,3 +1,11 @@ +bind9 (1:9.10.3.dfsg.P4-12.2) unstable; urgency=medium + + * Non-maintainer upload. + * Replace 32_mips_atomic.diff with a version that uses C11 atomics. Fixes +hangs and crashes on MIPS. (Closes: #778720) + + -- James Cowgill T

Bug#859471: unblock: swh-plugins/0.4.17-2

stem libgsm. (Closes: #859395) + * Fix vocoder-ladspa Breaks/Replaces (replacing the faulty lmms +Breaks/Replaces). + + -- James Cowgill Mon, 03 Apr 2017 19:54:39 +0100 + swh-plugins (0.4.17-1) unstable; urgency=medium * Exclude .gitignore file from upstream tarball. diff -Nru swh-plugins-0

Bug#857579: unblock: mbedtls/2.4.2-1 (pre-approval)

Control: tags -1 - moreinfo Control: retitle -1 unblock: mbedtls/2.4.2-1 Hi, On 13/03/17 20:20, Niels Thykier wrote: > James Cowgill: >> Hi, >> >> I am wondering whether it's possible to include mbedtls 2.4.2 in >> stretch. While it does fix an RC security bug

Bug#856228: unblock: libnids/1.23-2.1

,3 +1,13 @@ +libnids (1.23-2.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix assembly of TCP streams on armhf by adding -fno-strict-aliasing. +(Closes: #851060) + * Fix use of "inline" with GCC >= 5 which causes undefined references in +applications linked ag

Bug#856204: unblock: libsfml/2.4.1+dfsg-3

+libsfml (2.4.1+dfsg-3) unstable; urgency=medium + + * Apply upstream patch to fix TransientContext deadlocks. (Closes: #855404) + + -- James Cowgill Mon, 20 Feb 2017 20:11:38 + + libsfml (2.4.1+dfsg-2) unstable; urgency=medium * Fix segfaults triggered by sf::Window::setIcon. (Closes

Bug#855258: unblock: spice/0.12.8-2.1

Control: tags -1 - moreinfo Hi, On Fri, 17 Feb 2017 21:11:44 +0100 Salvatore Bonaccorso wrote: > Hi Moarkus, hi Emilio, > > On Thu, Feb 16, 2017 at 10:50:34PM +0100, Markus Koschany wrote: > > On 16.02.2017 22:23, Emilio Pozuelo Monfort wrote: > > > Control: tags -1 moreinfo > > > > > > On 16/

Bug#855204: libpetsc3.7.5-dev: uninstallable - Depends: libopenmpi-dev (< 2.0.2~git.20161226)

On 15/02/17 13:41, Mattia Rizzolo wrote: > Control: reassign -1 release.debian.org > Control: forcemerge 854905 -1 > > On Wed, Feb 15, 2017 at 01:09:16PM +, James Cowgill wrote: >> Package: libpetsc3.7.5-dev >> Version: 3.7.5+dfsg1-3 >> Severity: serious >>

Bug#855087: unblock: mpv/0.23.0-2

=medium + + * Add patch from upstream fix segfaults on tv input. +Thanks to Frédéric Brière. (Closes: #853798) + + -- James Cowgill Mon, 13 Feb 2017 21:39:28 + + mpv (0.23.0-1) unstable; urgency=medium * New upstream release. diff -Nru mpv-0.23.0/debian/patches/07_segfaults-on-tv

Bug#855087: unblock: mpv/0.23.0-2

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please unblock package mpv This upload fixes important bug #853798 where mpv segfaults when used with particular tv input devices. The patch is backported from upstream 0.24.0 which wa

Bug#854505: unblock: make-dfsg/4.1-9.1

+make-dfsg (4.1-9.1) unstable; urgency=medium + + * Non-maintainer upload. + * Ensure the stack limit is reset when make re-execs itself. +(Closes: #853213) + + -- James Cowgill Tue, 31 Jan 2017 16:31:57 + + make-dfsg (4.1-9) unstable; urgency=low * Reword the manual page. While t

Bug#853152: unblock: codelite/10.0+dfsg-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hi, Please unblock package codelite. I recently uploaded a new version of codelite and was hoping for it to be included in stretch. It was uploaded "within the time" but unfortunately (?)

Bug#838109: release.debian.org: binNMU for ccache/amd64 to rebuild against stable

Hi, On Sun, 18 Sep 2016 00:03:17 +0100 "Adam D. Barratt" wrote: > Control: tags -1 + pending > > On Sat, 2016-09-17 at 13:00 +0100, Adam D. Barratt wrote: > > Whilst performing some checks during today's point release, we noticed > > that a new "ccache-dbgsym" binary package appeared on amd64.

Bug#852042: nmu: jackd2_1.9.10+20150825git1ed50c92~dfsg-4

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Control: block 848285 by -1 Hi, Please binNMU jackd2. It is affected by the RC bug #848285 which was caused by a GCC regression in gcc-6_6.2.0-13 and has now been fixed in gcc-6_6.3.0-3. It

Re: Bug#850887: Decide proper solution for binutils' mips* bug

Hi, On 12/01/17 14:54, Lisandro Damián Nicanor Pérez Meyer wrote: > I would like to point out that it would be preferable if, in case a patch is > preferable over going back to the last know version to work, either Matthias > or a mips porter points out which of the two proposed patches is prefe

Re: binutils on mips*

Hi, On 09/01/17 10:51, Julien Cristau wrote: > On 01/08/2017 11:40 PM, Matthias Klose wrote: >> On 08.01.2017 14:29, Lisandro Damián Nicanor Pérez Meyer wrote: >>> Matthias: this bug is stopping a lot of packages from migrating and in >>> doing >>> so near the freeze is hurting many teams (and t

Bug#850482: nmu: ardour_1:5.5.0~dfsg-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Hi, Please can ardour be binNMUed against fftw3 3.3.5-3. That version of fftw3 tightens the package dependencies which is needed for a new API used by ardour. Thanks, James nmu ardour_1:5

Bug#847001: nmu: libjack dependencies using new port_rename APIs

Package: release.debian.org User: release.debian@packages.debian.org Usertags: binnmu Severity: normal X-Debbugs-CC: pkg-multimedia-maintain...@lists.alioth.debian.org Hi, In #845654 and #845655, the dependencies generated by libjack were tightened after a new API was added to both jack imple

Bug#841979: jessie-pu: package minissdpd/1.2.20130907-3

ut-of-bounds memory access that crashes the minissdpd daemon. + + -- James Cowgill Mon, 24 Oct 2016 22:46:46 +0100 + minissdpd (1.2.20130907-3) unstable; urgency=medium * Removed $all from init.d script. diff -Nru minissdpd-1.2.20130907/debian/patches/CVE-2016-3178.patch minissdpd-1

Bug#839731: jessie-pu: package mpg123/1.20.1-2+deb8u1

ad. + * Fix DoS with crafted ID3v2 tags. (Closes: #838960) + + -- James Cowgill Tue, 04 Oct 2016 11:42:56 +0100 + mpg123 (1.20.1-2) unstable; urgency=medium * Team upload. diff -Nru mpg123-1.20.1/debian/patches/0002-dos-crafted-id3v2-tags.patch mpg123-1.20.1/debian/patches/0002-dos-crafted

Re: fact++ is marked for autoremoval from testing

Hi, On 29/08/16 09:43, Jonas Smedegaard wrote: > Hi, > > [please cc me on replies: I am not subscribed] > > I am puzzled about this one: > > Quoting Debian testing autoremoval watch (2016-08-29 06:39:03) >> fact++ 1.6.4~dfsg-1 is marked for autoremoval from testing on 2016-08-31 >> >> It (build

Bug#835784: nmu: mpv_0.20.0-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Hi, As I wrote in #835645, some of the ffmpeg symbols in 7:3.1.2-1 do not generate tight enough dependencies and if mpv is used with an old version of ffmpeg, it segfaults. This is fixed in

Re: Porter roll call for Debian Stretch

Hi, On 17/08/16 21:05, ni...@thykier.net wrote: > Like last release, we are doing a roll call for porters of all release > architectures. If you are an active porter behind one of the [release > architectures] for the entire lifetime of Debian Stretch (est. end of > 2020), please respond with a s

Bug#834105: transition: libsfml

On 12/08/16 09:33, Emilio Pozuelo Monfort wrote: > On 12/08/16 00:21, James Cowgill wrote: >> Package: release.debian.org >> Severity: normal >> User: release.debian@packages.debian.org >> Usertags: transition >> >> Hi, >> >> The new upstream

Bug#834105: transition: libsfml

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi, The new upstream version of libsfml bumped the SONAME and therefore requires a transition. These packages will need rebuilding: dolphin-emu extremetuxracer libcsfml marsshooter

Bug#827288: jessie-pu: package audiofile/0.3.6-2

-2+deb8u1) jessie; urgency=high + + * Team upload. + * Fix CVE-2015-7747: buffer overflow when changing both sample format and +number of channels. (Closes: #801102) + + -- James Cowgill Tue, 14 Jun 2016 16:39:49 +0100 + audiofile (0.3.6-2) unstable; urgency=low * Upload to unstable. diff

Bug#650601: fixed in elastix 4.8-3

Control: reopen -1 On Thu, 2016-01-07 at 15:50 +, Gert Wollny wrote: > Source: elastix > Source-Version: 4.8-3 > > We believe that the bug you reported is fixed in the latest version of > elastix, which is due to be installed in the Debian FTP archive. [...] >    [ Gert Wollny ] >    * Update

Bug#803997: transition: polarssl

Hi, On Mon, 2015-11-09 at 19:19 +0100, Emilio Pozuelo Monfort wrote: > On 04/11/15 04:02, James Cowgill wrote: > > Package: release.debian.org > > User: release.debian@packages.debian.org > > Usertags: transition > > Severity: normal > > Forwarded: https://re

Bug#803997: transition: polarssl

Package: release.debian.org User: release.debian@packages.debian.org Usertags: transition Severity: normal Forwarded: https://release.debian.org/transitions/html/auto-polarssl.html X-Debbugs-CC: polar...@packages.debian.org Hi, polarssl needs a library transition. The name of the upstream pro

Bug#791166: libsfml: library transition may be needed when GCC 5 is the default

Hi, Can I upload this to unstable (it's in experimental)? All the reverse dependencies build except python-sfml because cython is currently uninstallable (See #793227, #794511). https://release.debian.org/transitions/html/auto-libsfml.html Thanks, James signature.asc Description: This is a dig

Bug#794486: release.debian.org: auto transition trackers incorrectly handle addition of suffixes (including GCC 5 related transitions)

On Mon, 2015-08-03 at 18:09 +0200, Julien Cristau wrote: > On Mon, Aug 3, 2015 at 16:44:32 +0100, James Cowgill wrote: > > Package: release.debian.org > > User: release.debian@packages.debian.org > > Usertags: tools > > > > Hi, > > > > I don

Bug#794486: release.debian.org: auto transition trackers incorrectly handle addition of suffixes (including GCC 5 related transitions)

Package: release.debian.org User: release.debian@packages.debian.org Usertags: tools Hi, I don't think any of the automatic transition trackers for the libstdcxx / GCC 5 packages are working correctly. Currently cmake has been rebuilt against both the new versions of GCC 5 and libjsoncpp, an

Bug#736808: nmu: github-backup_1.20131203

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Hi, github-backup is still compiled against libicu48 on some architetures nmu github-backup_1.20131203 . amd64 i386 powerpc sparc . -m "rebuild against libicu52" James -- System Inform