Bug#1054119: data loss patch for qpdf targeted at stable (11.3.0)

I'll reply to this instead of starting over. > On Tue, 2023-10-17 at 07:32 -0400, Jay Berkenbilt wrote: > > The attached patch to qpdf 11.3.0 fixes a bug that could potentially > > result in loss of data. I'd like permission from the release team to > > . . . > >

Bug#1054119: data loss patch for qpdf targeted at stable (11.3.0)

would be hard to detect. Please let me know if I should proceed with an update to stable. --Jay Berkenbilt (a.k.a. q...@debian.org)--- libqpdf/QPDFTokenizer.cc.orig 2023-10-17 07:19:31.829119946 -0400 +++ libqpdf/QPDFTokenizer.cc 2023-10-17 07:20:55.689510562 -0400 @@ -739,17 +739,22 @@

Re: Should qpdf depend on gnutls?

Yeah, that's what what I decided to do. Thanks. On Thu, Apr 9, 2020, at 2:08 PM, Florian Weimer wrote: > * Jay Berkenbilt: > > > I'm about to release qpdf 10. Someone contributed an openssl crypto > > provider. Do you think I should build with the qpdf packages for &g

Re: Should qpdf depend on gnutls?

ts installed on anyone's system since openssl is basically always going to be there. Opinions welcome. Thanks! On Sun, Nov 10, 2019, at 9:10 PM, Jay Berkenbilt wrote: > Okay, thanks for all the response, public and private. There seems to be > broad consensus to use the gnutls crypto and

Re: Should qpdf depend on gnutls?

Okay, thanks for all the response, public and private. There seems to be broad consensus to use the gnutls crypto and disable the native one, so that's what I'll do. Appreciate the advice! --Jay On Sun, Nov 10, 2019 at 2:05 PM Moritz Mühlenhoff wrote: > On Sat, Nov 09, 2019 at 07:

Should qpdf depend on gnutls?

option of building with only gnutls and dropping native crypto, but I have also enjoyed the fact that qpdf has so few build dependencies. It is possible that a future version of qpdf may support digital signature, in which case I will definitely have to add either openssl or gnutls as a dependency. --Jay

Bug#929252: unblock: qpdf/8.4.2-1

On Mon, May 27, 2019 at 4:14 PM Paul Gevers wrote: > Control: tags -1 moreinfo > > On Sun, 19 May 2019 20:43:29 -0400 Jay Berkenbilt wrote: > > The changes between qpdf 8.4.0 and 8.4.2 are bug fixes, but I am > > asking for consideration because this update includes f

Bug#805093: transition: qpdf

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition The latest version of qpdf includes an soname bump. The qpdf transition is very small. The only other source package with a dependency on libqpdf is cups-filters. qpdf 6.0.0 with libqpdf1

Bug#757025: icu 53 is no longer current

I am not going to be able to handle the ICU transition and am looking for a new maintainer for ICU (an RFA is open). Whoever takes over ICU will have to manage the transition to whatever version of ICU is current at the time, and it will have to be handled after jessie is released. -- To UNSUBSC

Bug#775968: unblock: icu/52.1-7

7:22.0 -0400 +++ icu-52.1/debian/changelog 2015-01-21 21:47:39.0 -0500 @@ -1,3 +1,10 @@ +icu (52.1-7) unstable; urgency=high + + * Patch to CVE-2014-6591, CVE-2014-6585 a font parsing bug. +(Closes: #775884) + + -- Jay Berkenbilt Wed, 21 Jan 2015 21:33:19 -0500 + icu (52.1-6) unst

Bug#774235: unblock: tiff/4.0.3-12

n bmp2tiff. CVE-2014-9330. (Closes: #773987) + + -- Jay Berkenbilt Tue, 30 Dec 2014 11:32:04 -0500 + tiff (4.0.3-11) unstable; urgency=medium * Don't crash on JPEG => non-JPEG conversion (Closes: #741451) diff -Nru tiff-4.0.3/debian/patches/CVE-2014-9330.patch tiff-4.0.3/debian/patches/

Bug#773837: unblock: tiff/4.0.3-11

ff-4.0.3/debian/changelog 2014-06-29 17:32:44.0 -0400 +++ tiff-4.0.3/debian/changelog 2014-12-23 15:52:13.0 -0500 @@ -1,3 +1,10 @@ +tiff (4.0.3-11) unstable; urgency=medium + + * Don't crash on JPEG => non-JPEG conversion (Closes: #741451) + * Thanks Tomasz Buchert

Bug#769618: unblock: qpdf/5.1.2-2

/Content in the page dictionary, enabling printing of files with blank pages as produced by some software. (Closes: #769599) -- Jay Berkenbilt Fri, 14 Nov 2014 21:07:25 -0500 -- unblock qpdf/5.1.2-2 -- System Information: Debian Release: jessie/sid APT prefers unstable APT

Bug#757025: transition: icu

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition ICU version 53 is out, and this is the latest version of ICU that will be available before the freeze for Jesse, so this will be the only remaining ICU transition the Jesse freeze.. (ICU

Re: dropping libtiff4-dev transitional package

Emilio Pozuelo Monfort wrote: > On 23/06/14 21:20, Jay Berkenbilt wrote: >> >> There are 27 packages (including 1 "pending upload") left that still >> have build dependencies on libtiff4-dev: >> >> https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=libti

dropping libtiff4-dev transitional package

;serious" since they will be FTBFS. I'm thinking most people will probably fix their packages soon after this, and I can work on NMUs for the rest after a little more time. I think we should act soon if we want go get the libtiff4-dev transitional out of the archive before jessie. Any o

Bug#717923: tiff transition apparently nearing completion

me to request removal? -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140122153512.0235710083.qww314...@jberkenbilt-linux.appiancorp.com

Re: permission to do a vips upload to proposed-updates (bug 714984)

"Adam D. Barratt" wrote: > On 2013-12-21 14:49, Adam D. Barratt wrote: >> On 2013-12-20 22:02, Jay Berkenbilt wrote: >>> "Adam D. Barratt" wrote: >>> >>>> Before giving a final ack, please could you provide a source >>>

Re: permission to do a vips upload to proposed-updates (bug 714984)

"Adam D. Barratt" wrote: > Before giving a final ack, please could you provide a source debdiff of > the package you're proposing to upload, preferably versioned as 7.28.5-1 > +deb7u1? Attached. Thanks! -- Jay Berkenbilt diff -Nru vips-7.28.5/debian/changelog vips

permission to do a vips upload to proposed-updates (bug 714984)

rrent vips in jessie and sid are not affected by this problem, nor is the version in squeeze. This problem only affects the version in wheezy. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble?

Bug#717923: transition: tiff 4.x (libtiff5)

Julien Cristau wrote: > On Tue, Dec 3, 2013 at 16:02:17 -0500, Jay Berkenbilt wrote: > >> If you're good with this plan, give me the word, and I will do the >> upload. I can probably take care of the mass bug filing...I can script >> it locally unless

Bug#729531: transition: icu

and let us know when icu 52 is installed on all archs > so we can start the rebuilds. ICU 52 is installed on all architectures now. Thanks! -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Cont

Bug#717923: transition: tiff 4.x (libtiff5)

Julien Cristau wrote: > Hi Jay, > > first, sorry for not handling this sooner. Apology accepted. I know you guys have too much to do and not enough resources. > > On Fri, Jul 26, 2013 at 11:33:03 -0400, Jay Berkenbilt wrote: > >> Rationale for

Bug#729531: ICU 52.1 in experimental

I neglected to mention that ICU 5.2 is packaged and in experimental. When I get the green light from the release team to upload, it should be ready to go. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Troubl

Bug#729531: transition: icu

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition I'd like to upgrade the version of ICU from 4.8 to 52. They changed their version numbering scheme essentially multiplying everything by 10. We skipped a few versions (49, 50, 51) becaus

Re: tiff 4.x (libtiff5) transition

so I can and will go with your modification unless someone tells me not to. I am assuming this is not an invitation to proceed yet, right? I am holding off on doing it until I actually get an explicit go-ahead. If I'm supposed to take this as a green light, please let me know. -- Jay Berkenbi

Bug#717923: transition: tiff 4.x (libtiff5)

et on this as soon as possible, but I understand that there are many competing priorities and will certainly work with the release team to get this done at the appropriate time and in the appropriate way. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.

Bug#717922: transition: qpdf

Package: release.debian.org Usertags: transition I have uploaded qpdf 5.0.0-2 to unstable. This is a transition from libqpdf10 to libqpdf13. It's source compatible, and the one package (cups-filters) that build depends on libqpdf-dev just needs a binary NMU. (I'm not even sure I have to tell yo

Re: Why does libgeotiff-dev depend on libtiff5-dev ?

ll never be a copy of the library. I am going to try to resolve this. Maybe I will ask the release team if I should make libtiff5-dev an alias to libtiff5-alt-dev, assuming they do not reply to that suggestion from this message. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-re

Re: tiff 4.x (libtiff5) transition

ven up waiting and am going to push forward. Thanks. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130601145540.0542213282.qww314159@soup

Re: tiff 4.x (libtiff5) transition

I'm not sure where the tiff transition falls on your long list, but I thought I'd add a little more information on what issues we may encounter. Jay Berkenbilt wrote: > Wasting no time, I'd like to remind the release team that I'm really > hoping Jessie will ship wi

tiff 4.x (libtiff5) transition

But someone on the release team with more experience in planning and managing transitions like this may come up with something better that I have overlooked. I'd obviously like to get on this as soon as possible, but I understand that there are many competing priorities and will certainly wor

Bug#703631: unblock: icu/4.8.1.1-12

6 14:58:26.0 -0400 +++ icu-4.8.1.1/debian/changelog 2013-03-21 11:29:08.0 -0400 @@ -1,3 +1,10 @@ +icu (4.8.1.1-12) unstable; urgency=high + + * Add patch to address CVE-2013-0900, a threading race condition. +(Closes: #702346) + + -- Jay Berkenbilt Thu, 21 Mar 2013 11:29:08 -040

Bug#703199: unblock: icu/4.8.1.1-11

icu-4.8.1.1/debian/changelog 2012-11-17 14:37:40.0 -0500 +++ icu-4.8.1.1/debian/changelog 2013-03-16 14:58:26.0 -0400 @@ -1,3 +1,10 @@ +icu (4.8.1.1-11) unstable; urgency=medium + + * Fix crash on rendering incremental Malayalam text input. Thanks Colin +Watson. (Closes: #702

Bug#699044: unblock: tiff/4.0.2-6, tiff3/3.9.6-11

debian/changelog2013-01-26 12:32:35.0 -0500 @@ -1,3 +1,11 @@ +tiff3 (3.9.6-11) unstable; urgency=high + + * Fix /usr/share/doc symlink to directory transition. When upgrading +from very old versions (pre 3.8.2-8), /usr/share/doc may contain +symbolic links that should be removed.

Bug#695988: unblock: tiff3/3.9.6-10

an/changelog 2012-12-15 06:13:58.0 -0500 @@ -1,3 +1,11 @@ +tiff3 (3.9.6-10) unstable; urgency=high + + * Add fix for CVE-2012-5581, reimplementing DOTRANGE handling to make it +safer. Thanks to Red Hat security team for backporting the fix. +(Closes: #694693) + + -- Jay Berkenbil

Bug#693551: unblock: icu/4.8.1.1-10

"optional" package that fixes an "important" bug and that can go into wheezy through unstable, I believe it should be eligible for an unblock request. The debdiff is attached. Thanks for considering it. -- Jay Berkenbilt diff -Nru icu-4.8.1.1/debian/changelog icu-4.8.1.1/de

Bug#693541: unblock: tiff/4.0.2-5

prepare this upload. (Closes: #692345) + + -- Jay Berkenbilt Sat, 17 Nov 2012 12:40:25 -0500 + tiff (4.0.2-4) unstable; urgency=high * Previous change was uploaded with the wrong CVE number. I updated the diff -Nru tiff-4.0.2/debian/patches/CVE-2012-4564.patch tiff-4.0.2/debian/patches/CVE

Bug#689752: unblock tiff3-3.9.6-9 and tiff-4.0.2-4

few seconds too late. So those versions only lived a few minutes. The bug was only reported against the tiff package but affects both tiff and tiff3. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Conta

Bug#685847: freeze exception for psutils to fix RC bug

repackaging of the upstream source tarball, which was basically just to remove the offending files. Then I added a patch to fix the Makefile to remove references to those files, refreshed the other patches with quilt refresh -p1, and updated the watch file to add dversionmangle. -- Jay

Re: request unblock for icu 4.8.1.1-9 (bug #683901)

"Adam D. Barratt" wrote: > On Tue, 2012-08-14 at 08:49 -0400, Jay Berkenbilt wrote: >> At the request of Ansgar Burchardt, I re-uploaded ICU with xz >> compression to save space on the first CD. The upload includes no other >> changes. I'm requesting

request unblock for icu 4.8.1.1-9 (bug #683901)

At the request of Ansgar Burchardt, I re-uploaded ICU with xz compression to save space on the first CD. The upload includes no other changes. I'm requesting a freeze exception for this version. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org w

Re: freeze exception qpdf versioned symbols?

Jonathan Nieder wrote: > Hi, > > Jay Berkenbilt wrote: > >> Okay, I've attached two files here. The first is a copy of >> version-symbols.patch with the real changes, so this excludes the >> changes to the regenerated configure file. The second file is a sou

Re: freeze exception qpdf versioned symbols?

Julien Cristau wrote: > Hi Jay, > > with no reverse dependencies for libqpdf3 in the archive at this point, > I think this can wait until wheezy+1. > > Cheers, > Julien Okay, works for me. The next upload will most likely be 3.0.0, which has versioned symbols. -- Jay

freeze exception for tiff3 and tiff for security bugs

the patch should work for the version of tiff in stable. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120721214405.1487172600.qww314159@soup

Re: freeze exception qpdf versioned symbols?

Jay Berkenbilt wrote: > Okay, I've attached two files here. The first is a copy of > version-symbols.patch with the real changes, so this excludes the > changes to the regenerated configure file. The second file is a source > debdiff. . . . > > If it looks good, I

Re: freeze exception qpdf versioned symbols?

ll in the versioned library. If it looks good, I'll proceed with the upload. -- Jay Berkenbilt Index: qpdf-2.3.1/autoconf.mk.in === --- qpdf-2.3.1.orig/autoconf.mk.in 2011-12-28 17:19:40.0 -0500 +++ qpdf-2.3.1

freeze exception qpdf versioned symbols?

ymbol versions enabled regardless, and as I said, there are no packages in the archive at all, let alone library packages, that currently depend on qpdf. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble?

Re: short-term plans for libtiff

ries will live in that directory, but it is a side effect of having libdir set in the libtiff.la file there, which is needed for libtool to link with the correct -ltiff. This situation will cause lintian errors, but the problem will go away after the libtiff transition is complete. -- Jay Berkenbilt ,

Re: short-term plans for libtiff

Cyril Brulebois wrote: > Hi Jay, > > Jay Berkenbilt (19/05/2012): >> Can you think of any reason that this could possibly cause any harm? >> I don't think it will since it won't have any impact at all on >> packages that don't explicitly build depen

short-term plans for libtiff

a bad idea for some reason, I would really like to find a solution so that vips and nip2 (among others) can have bigtiff support before wheezy. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Cont

Re: versioned tiff uploaded to experimental

Julien Cristau wrote: > On Mon, Feb 20, 2012 at 09:56:58 -0500, Jay Berkenbilt wrote: > >> Do I have to do anything to ask for all tiff reverse dependencies to be >> automatically rebuild (other than mentioning it here)? I expect the >> uploads within half an hour. &g

Re: versioned tiff uploaded to experimental

Julien Cristau wrote: > On Sun, Jan 29, 2012 at 07:05:25 -0500, Jay Berkenbilt wrote: > > [snip] >> Any objections to this plan? I would probably wait until after wheezy >> to work on removal of tiff3, but I guess we could move libtiff-dev to >> libtiff5-dev sooner th

Re: versioned tiff uploaded to experimental

Jay Berkenbilt wrote: > [please cc me on responses; I am not subscribed to debian-release] > > I have uploaded tiff3_3.9.5-3 with libtiff4, libtiff4-dev, and > libtiffxx0c2 and tiff_4.0.0-1 with libtiff5, libtiff-dev, libtiffxx5, > libtiff-tools, libtiff-doc, and libtiff-opengl

versioned tiff uploaded to experimental

, as soon as upstream release 3.9.6, I'll upload that to unstable and let the release team know that they can start binary NMUs of everything that links with tiff. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe"

Re: intention for tiff packages

Julien Cristau wrote: > On Mon, Jan 23, 2012 at 11:00:53 -0500, Jay Berkenbilt wrote: > >> Upstream has committed symbol versioning for both the 3.9.x branch and >> the trunk (4.0.0) and is prepared to release 3.9.6 and 4.0.1 with symbol >> versioning once we sign

Re: intention for tiff packages

Jay Berkenbilt wrote: > Julien Cristau wrote: > >> On Sat, Jan 21, 2012 at 19:10:00 -0500, Jay Berkenbilt wrote: >> >>> Julien Cristau wrote: >>> >>> > As I said previously, if versioned symbols don't happen (in both the old >>>

Re: intention for tiff packages

Julien Cristau wrote: > On Sat, Jan 21, 2012 at 19:10:00 -0500, Jay Berkenbilt wrote: > >> Julien Cristau wrote: >> >> > As I said previously, if versioned symbols don't happen (in both the old >> > and new versions), then the transition is unlikely to

Re: intention for tiff packages

Jay Berkenbilt wrote: >> As I said previously, if versioned symbols don't happen (in both the old >> and new versions), then the transition is unlikely to happen too. It >> was done for png and jpeg, so it's not like it'd be a first. > > I have the skill

Re: intention for tiff packages

ing us on the right path, even if it means that getting tiff 4.0 into unstable will take a long time. I wish I had never suggested doing anything else. Just my realization that no one really has time to do this forced me down the dark path of looking for an easy solution. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120121191000.3089338302.qww314159@soup

intention for tiff packages

uire features from tiff 4.x. We can help debian be the leader of getting the world to upgrade to the new version of the tiff packages. Thanks. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120121113810.3089362963.qww314159@soup

Re: potential tiff transition, tiff 4.0.0 strategy

Julien Cristau wrote: > On Tue, Dec 13, 2011 at 09:02:50 -0500, Jay Berkenbilt wrote: > >> So, what is the recommendation of the release team? If you agree that >> we should do a transition as soon as possible after the final 4.0.0 is >> released (so that wheezy can ha

potential tiff transition, tiff 4.0.0 strategy

So, what is the recommendation of the release team? If you agree that we should do a transition as soon as possible after the final 4.0.0 is released (so that wheezy can have 4.x), do you have any guesses as to when you would be ready for an upload? -- Jay Berkenbilt -- To UNSUBSCRIBE

Bug#628529: transition: ICU transition (4.4 -> 4.8)

On 11/08/2011 05:46 PM, Julien Cristau wrote: > On Sat, Sep 10, 2011 at 13:04:13 -0400, Jay Berkenbilt wrote: > >> Julien Cristau wrote: >> >>> On 05/29/2011 10:19 PM, Jay Berkenbilt wrote: >>>> I'd like to schedule a transition for ICU from 4.4 to 4.8.

Bug#628529: transition: ICU transition (4.4 -> 4.8)

Julien Cristau wrote: > On 05/29/2011 10:19 PM, Jay Berkenbilt wrote: >>I'd like to schedule a transition for ICU from 4.4 to 4.8. . . . >> > This can't really happen as long as icu itself FTBFS on one of the > release architectures, so marking the corresponding

binNMU on tiff

Please see bug 640225. A request is made there to binNMU tiff so it no longer links with libjpeg.so.62. I believe that is the correct solution, rather than having me do a new upload. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of

ICU transition

mostly for interfaces that have been deprecated for a long time, and this is pretty much comparable to earlier ICU releases. I will wait to upload ICU to unstable until I get an okay from the release team and until I hear from openoffice.org maintainers. -- Jay Berkenbilt -- To UNSUBSCRIBE

libjpeg-dev dependency (bug 610862)

ons of the above), but I thought by using libjpeg-dev, I was protecting my package against having to be re-uploaded in the event of a jpeg transition. I could look at the current state, but that doesn't necessarily tell me what the long-term plans are. -- Jay Berkenbilt -- To UNSUBSCRIBE,

Re: fixing 604471/591615 (Malayalam rendering problem) in squeeze

og entry in the unstable package's changelog. My original message is below for reference. --Jay Jay Berkenbilt wrote: > There is a bug in ICU 4.4, for which we have a small and minimally > invasive patch, that causes OpenOffice.org rendering of Malayalam to not > work. The repor

fixing 604471/591615 (Malayalam rendering problem) in squeeze

n a point release of squeeze. I've copied the reporter so he can clarify/correct anything I may have said here. Please advise as to whether I should upload a to t-p-u. I'll upload to unstable either way. --Jay --- Begin Message --- Jay Berkenbilt said on Mon, Nov 22, 2010 at 11:12:12AM -

tiff-3.9.4-5: fixes RC Bug 600188

I've just uploaded tiff-3.9.4-5, which fixes RC bug 600188, CVE-2010-3087. The change adds a single patch. I uploaded with urgency high and am requesting a freeze exception. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subje

backport of CVE-2010-3364 to vips/nip2 in stable

er to ever run these wrapper scripts. Their main goal is to allow running vips or nip2 when relocated to a non-standard location. So it wouldn't offend me at all if you just decided to disregard the change for stable and testing. -- Jay Berkenbilt diff -urN ../vips-7.14.5.orig/debian/cha

backport of CVE-2010-3364 to vips/nip2 in testing

er versions. I will also be contacting the security team about fixing it in stable. -- Jay Berkenbilt Index: debian/changelog === --- debian/changelog (.../tags/7.20.7-1) (revision 1488) +++ debian/changelog (.../branches/7.20) (re

tiff-3.9.4-4 fixes CVE-2010-3364

umber in the changelog. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101002134407.0289400883.qww314...@soup

Re: freeze exceptions: qpdf, tiff

Julien Cristau wrote: > Seems we're just talking past each other. > > On Sat, Aug 21, 2010 at 10:53:20 -0400, Jay Berkenbilt wrote: > >> I interpreted "shlibs bump" to mean changing the SONAME. Do you mean >> something different? > > I wasn't

Re: freeze exceptions: qpdf, tiff

doubt, you can run nm -D --demangle on the old and new shared libraries, observe that the only method that disappeared from the old is QPDFWriter::disableIncompatbleEncryption(float), and then verify by looking at QPDFWriter.hh in 2.1.5 that this was in fact a private method. I designed QPDF's AP

Re: freeze exceptions: qpdf, tiff

Julien Cristau wrote: > On Fri, Aug 20, 2010 at 16:27:13 -0400, Jay Berkenbilt wrote: > >> For qpdf, this is a new upstream version that is binary compatible with >> the old one. qpdf is isolated in the dependency tree (no other packages >> depend on it), and I am upstr

freeze exceptions: qpdf, tiff

very safe. Thanks for your consideration. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100820162713.2402820247.qww314...@motoko.argon.local

please unblock tiff

I have uploaded tiff-3.9.4-2 to fix CVE-2010-2233. Please unblock so the security fix can be propagated to testing. I did the upload with urgency=high. Thanks. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe"

icu package RC bug and fix

a patch that removes *.gif from the list of installed docs and that changes the build dependency on doxygen to be >= 1.7.1. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas..

Re: ICU status check

"Adam D. Barratt" wrote: > On Fri, June 25, 2010 22:46, Jay Berkenbilt wrote: >> So, I don't want to nag since I know the release team is busy managing >> many conflicting priorities, but I'd like to get some sense of when I >> can upload ICU 4.4. If it

ICU status check

some sense of when I can upload ICU 4.4. If it's "soon", I'll wait on uploading the 4.6 test releases. If not, then I may just go ahead and start on 4.6 with experimental. However, I will still want to upload 4.4 to unstable. Thanks. -- Jay Berkenbilt -- To UNSUBSCRIBE

Re: permission to upload ICU 4.4 to unstable

Jay Berkenbilt wrote: > ICU 4.4 was released a few weeks ago. There are very few changes from > 4.4.rc1. I'm going to do one upload of 4.4 to experimental to make sure > it builds properly on all platforms. If all goes well, I'd like to go > ahead and upload to unstabl

permission to upload ICU 4.4 to unstable

d with the upgrade. As before, there are no API changes for people who stick to published interfaces, so binary NMUs for reverse dependencies should be adequate, as it has been for the last few ICU transitions. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.

ICU transition for squeeze?

ore significant transition that I plan not to start until after squeeze is released. I'll contact the release team separately about preparing for that. Maybe we can learn from the jpeg8 transition, but I'll save the details for another message. -- Jay Berkenbilt -- To UNSUBSCRIBE,

Re: xerces-c2-2.8.0-3+lenny1: permission to upload to stable

"Adam D. Barratt" wrote: > On Sun, 2010-02-07 at 13:30 -0500, Jay Berkenbilt wrote: >> "Adam D. Barratt" wrote: >> >> > Please prepare an update (built against stable, either on a stable >> > system or in a chroot), and send a debdiff agai

Re: xerces-c2-2.8.0-3+lenny1: permission to upload to stable

.0-3+lenny1) stable; urgency=low + + * Apply patch to correct CVE-2009-1885: DoS attack from nested DTDs. + + -- Jay Berkenbilt Sat, 06 Feb 2010 22:01:25 -0500 + xerces-c2 (2.8.0-3) unstable; urgency=low * Change priority from extra to optional as priority optional packages only i

xerces-c2-2.8.0-3+lenny1: permission to upload to stable

changing its name based on the different packaging of the older version. [note to self: ~/tmp/xerces-c2-2.8.0-3+lenny1.patch] -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

does qpdf need a hint?

needing a manual push before. In any case, I'd be grateful if someone could look into why this isn't transitioning. I can't see any reason that it shouldn't. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "uns

Re: version screwup: any recourse besides epoch?

Andreas Metzler wrote: > On 2009-08-21 Jay Berkenbilt wrote: >> Jay Berkenbilt wVrote: > >> > I screwed up and released tiff 3.9.0beta+deb1 to experimental earlier >> > this week instead of 3.9.0~beta+deb1. Now I'd like to upload 3.9.0 to > [...] >&g

Re: version screwup: any recourse besides epoch?

Jay Berkenbilt wrote: > I screwed up and released tiff 3.9.0beta+deb1 to experimental earlier > this week instead of 3.9.0~beta+deb1. Now I'd like to upload 3.9.0 to > unstable. I really don't want to introduce an epoch. Is it possible to > make 3.9.0beta+deb1 just disap

version screwup: any recourse besides epoch?

g scheme. Advice welcome. I'll delay my 3.9.0 upload a bit until I get an answer. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: scheduling ICU 4.2 transition

I have uploaded ICU 4.2.1 to unstable. Once it builds, it should be possible to initiate rebuilds of its reverse dependencies. Thanks. -- Jay Berkenbilt -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Conta

Re: scheduling ICU 4.2 transition

eal with it or possibly leave an RC buggy version of 4.0.1 sitting in squeeze for however long the transition takes. Hopefully in one week when I get back, it will still be a good time. I will plan on uploading then unless I hear otherwise. Thanks! --Jay -- To UNSUBSCRIBE, email

Re: scheduling ICU 4.2 transition

n, I'll just check the status of those and not ask again until they are through. Thanks! --Jay -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

scheduling ICU 4.2 transition

ntly in experimental. Thanks. --Jay --- Begin Message --- I sent the message below to debian-release 11 days ago requesting permission to upload ICU 4.2.1 to unstable. I understand and fully support the new policy of getting advance permission and trying to coordinate transitions, but I'm un

Re: scheduling ICU 4.2 transition

Rene Engelhard wrote: > Hi, > > Jay Berkenbilt wrote: >> permission to upload ICU 4.2.1 to unstable. I understand and fully >> support the new policy of getting advance permission and trying to >> coordinate transitions, but I'm unsure of how long I should expe

Re: scheduling ICU 4.2 transition

ngs moving. Please see this message as a gentle tug from someone who wants to cause as little disruption as possible rather than as a complaint or criticism. -- Jay Berkenbilt Jay Berkenbilt wrote: > I'd like to get a place in line for doing a transition to ICU 4.2. I > re

Re: excuses.php is confused about ICU

t > the rules mentioned above regarding changelog ordering still apply). Yes, I see that now. Thanks! --Jay -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

scheduling ICU 4.2 transition

rly. Also, openoffice.org previously reported that it worked with 4.2. In any case, I won't upload to unstable before I hear back from the release team. I'll be uploading 4.2.1 to experimental in the mean time unless you say, "yeah, go ahead and upload to unstable". :-)

  1   2   3   >