> 1 file changed, 7 insertions(+)
unblock xwayland/2:22.1.9-1
diff -Nru xwayland-22.1.8/composite/compwindow.c xwayland-22.1.9/composite/compwindow.c
--- xwayland-22.1.8/composite/compwindow.c 2023-02-07 08:30:43.0 +0100
+++ xwayland-22.1.9/composite/compwindow.c 2023-03-29 14:22:52.0 +0
hangelog
@@ -1,3 +1,10 @@
+xorg-server (2:21.1.7-2) unstable; urgency=high
+
+ * composite: Fix use-after-free of the COW
+ZDI-CAN-19866/CVE-2023-1393
+
+ -- Julien Cristau Wed, 29 Mar 2023 15:11:07 +0200
+
xorg-server (2:21.1.7-1) unstable; urgency=medium
* New upstream release
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: ca-certifica...@packages.debian.org, jcris...@debian.org
Control: affects -1 + src:ca-certificates
Please unblock package ca-certificates
[ Reason ]
Update root CA store, and
Control: tag -1 confirmed
On Sun, Mar 27, 2022 at 09:04:03PM +0200, Salvatore Bonaccorso wrote:
> Okay attached the alternative, and only cherry-pick the 014 patch
> upstream to address #1003012. Would that be acceptable instead?
>
That's fine, thanks.
Cheers,
Julien
Hi,
Specifically, we were hoping to better understand the risk of openssl
changes breaking existing setups. It's possible the issues with gnutls
and libnet-ssleay-perl tests were narrowly scoped enough that that risk
is low, but we're just not sure right now. Other input would be
welcome.
Thank
On Mon, Mar 21, 2022 at 03:46:01PM +0100, Michael Biebl wrote:
>
> Am 21.03.22 um 15:36 schrieb Julien Cristau:
>
> > Yes. Thanks for the due diligence.
>
> Just a quick question:
> Which version number should I pick?
>
> a/ 1.30.6-1~deb11u1
> b/ 1.30.6-1+deb1
Control: tag -1 confirmed
On Mon, Mar 21, 2022 at 03:28:48PM +0100, Michael Biebl wrote:
>
> Hi Julien
>
> Am 18.03.22 um 16:46 schrieb Julien Cristau:
> > Control: tag -1 moreinfo
> >
> > Hi Michael,
> >
> > Sorry it took so long to get to this. I
Control: tag -1 moreinfo
On Sat, Feb 26, 2022 at 03:25:09PM +0100, Salvatore Bonaccorso wrote:
> There was a request in #1003012 to fix an issue in bash corrupting
> multibyte characters in command substitutions.
>
> While looking at it I'm proposing here instead of only picking the 014
> patch,
Control: tag -1 confirmed
On Tue, Jan 18, 2022 at 02:46:06PM +0100, Michael Biebl wrote:
> * Demote systemd-timesyncd from Depends to Recommends.
> This avoids a dependency cycle between systemd and systemd-timesyncd and
> thus makes dist upgrades more predictable and robust.
> It al
On Sun, Jan 30, 2022 at 07:23:20PM +0100, Christian Göttsche wrote:
> [ Reason ]
> Logrotate does not reject invalid files as configuration files and
> tries to parse at least parts of them.
> Those files for example might be crafted coredumps, placed in
> /etc/logrotate.d/ via an unsafe core dump
Control: tag -1 confirmed
On Fri, Jan 14, 2022 at 09:00:40AM +0300, Nicholas Guriev wrote:
> [ Reason ]
> Telegram migrated from 32-bit user identifiers to 64-bit introducing
> backward
> incompatible changes in their API. Because of that, a version of the
> package
> currently in bullseye almost
Control: tag -1 confirmed
On Fri, Jan 07, 2022 at 12:37:35AM -0500, Scott Kitterman wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bullseye
> User: release.debian@packages.debian.org
> Usertags: pu
>
> I've put together my usual postfix post-release update. Because I'm
> beh
Control: tag -1 confirmed
On Thu, Dec 23, 2021 at 10:58:17PM -0600, Richard Laager wrote:
> [ Reason ]
> gbonds is a program to track U.S. Savings Bonds and show their current
> redemption value. To do so, it needs updated valuation data from the
> U.S. Treasury twice a year. For nearly 30 years
Control: tag -1 confirmed
On Mon, Nov 22, 2021 at 01:29:56AM +0100, Jordi Mallach wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bullseye
> User: release.debian@packages.debian.org
> Usertags: pu
>
> [ Reason ]
>
> As we did early during the freeze, nano's upstream Benno Sch
On Fri, Mar 18, 2022 at 04:46:47PM +0100, Julien Cristau wrote:
> Control: tag -1 moreinfo
>
> Hi Michael,
>
> Sorry it took so long to get to this. I've got a couple of questions
> from the NEWS file; will keep looking at the actual diff though.
>
Nothing else jum
Control: tag -1 moreinfo
Hi Michael,
Sorry it took so long to get to this. I've got a couple of questions
from the NEWS file; will keep looking at the actual diff though.
On Mon, Sep 20, 2021 at 01:09:00PM +0200, Michael Biebl wrote:
> ===
> NetworkMa
Control: severity -1 normal
Control: retitle -1 bullseye-pu: package glewlwyd/2.5.2-2+deb11u3
Control: tag -1 moreinfo
On Thu, Mar 17, 2022 at 09:17:12PM -0400, Nicolas Mora wrote:
> [ Reason ]
> Possible buffer overflow on signature verification during webauthn assertion
>
> [ Impact ]
> Possibi
Control: tag -1 moreinfo
On Tue, Feb 22, 2022 at 10:45:21PM +0100, Patrick Franz wrote:
> A bug in plasma-discover causes a Denial of Service attack
> against the KDE servers. 3 packages needs to be patch to
> mitigate the attack: knewstuff, plasma-desktop and
> plasma-discover.
> This update fixe
Control: tag -1 confirmed
On Tue, Feb 22, 2022 at 10:38:05PM +0100, Patrick Franz wrote:
> [ Reason ]
> A bug in plasma-discover causes a Denial of Service attack
> against the KDE servers. 3 packages needs to be patch to
> mitigate the attack: knewstuff, plasma-desktop and
> plasma-discover.
>
On Fri, Jan 28, 2022 at 05:38:02PM +0100, Julien Cristau wrote:
> +xserver-xorg-video-intel (2:2.99.917+git20200714-1+deb11u1) bullseye;
> urgency=medium
I should have said, this is currently in pu-new.
Cheers,
Julien
ntel-2.99.917+git20200714/debian/changelog
@@ -1,3 +1,10 @@
+xserver-xorg-video-intel (2:2.99.917+git20200714-1+deb11u1) bullseye;
urgency=medium
+
+ [ Julien Cristau ]
+ * Fix SIGILL crash on non-SSE2 CPUs (closes: #979276)
+
+ -- Julien Cristau Wed, 26 Jan 2022 17:56:02 +0100
+
xserver-xorg-
On Mon, Dec 06, 2021 at 02:20:16PM +0100, Hilko Bengen wrote:
> * Julien Cristau:
>
> > Control: tag -1 confirmed
> >
> > On Wed, Dec 01, 2021 at 07:38:23PM +0100, Christoph Biedl wrote:
> >> Christoph Biedl wrote...
> >>
> >> > About next
Control: tag -1 - moreinfo
Control: tag -1 + confirmed
On Sun, Dec 05, 2021 at 11:32:03PM +0100, Michael Biebl wrote:
> Hi Sven,
>
> thanks for chiming in
>
> On 05.12.21 21:46, Sven Hoexter wrote:
> > Regarding the patch proposed here, I would use an alternation for the
> > recommends, exfatpro
On Sat, Dec 04, 2021 at 12:28:27AM +0800, Shengjing Zhu wrote:
> On Fri, Dec 03, 2021 at 04:32:16PM +0100, Julien Cristau wrote:
> > Control: tag -1 confirmed
> >
> > On Sat, Sep 11, 2021 at 06:04:13PM +0800, Shengjing Zhu wrote:
> > > +golang-1.15 (1.15.15-1~deb
Control: tag -1 confirmed
Hi Thomas,
A couple of comments on the diff below, otherwise fine to go ahead.
On Fri, Sep 10, 2021 at 09:50:25PM +0200, Thomas Goirand wrote:
> diff -Nru python-eventlet-0.26.1/debian/greendns.orig.py
> python-eventlet-0.26.1/debian/greendns.orig.py
> --- python-event
On Tue, Sep 07, 2021 at 12:27:05AM +0530, Nilesh Patra wrote:
> diff -Nru segemehl-0.3.4/debian/patches/arm64.patch
> segemehl-0.3.4/debian/patches/arm64.patch
> --- segemehl-0.3.4/debian/patches/arm64.patch 1970-01-01 05:30:00.0
> +0530
> +++ segemehl-0.3.4/debian/patches/arm64.patch 202
Control: tag -1 confirmed
On Mon, Sep 06, 2021 at 04:21:15PM +, Jakub Ružička wrote:
> [ Reason ]
> Fixing bug #991463 (CVE-2021-40083) - potential DoS.
>
> [ Impact ]
> Vulnerability to DoS attack.
>
> [ Tests ]
> I've tested the fix manually by running the deckard (DNS test harness)
> test
Control: tag -1 confirmed
On Wed, Dec 01, 2021 at 07:38:23PM +0100, Christoph Biedl wrote:
> Christoph Biedl wrote...
>
> > About next steps, I would do the upload in the next days. Let me know if
> > you prefer other things to happen first or instead.
>
> To avoid this gets lost I've just uploa
Control: tag -1 confirmed
On Sat, Sep 11, 2021 at 06:04:13PM +0800, Shengjing Zhu wrote:
> +golang-1.15 (1.15.15-1~deb11u1) bullseye; urgency=medium
This looks fine to me, go ahead.
Cheers,
Julien
Control: tag -1 confirmed
On Tue, Aug 31, 2021 at 12:12:58AM +0800, Shengjing Zhu wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bullseye
> User: release.debian@packages.debian.org
> Usertags: pu
> X-Debbugs-Cc: z...@debian.org
>
> [ Reason ]
> Two fixes related to Fcitx5, th
Control: tag -1 moreinfo
Hi Michael,
On Fri, Aug 27, 2021 at 01:58:19PM +0200, Michael Biebl wrote:
> I'd like to make a stable upload for udisks2, fixing #992152:
> "udisks2: please update Recommends on exfat-utils to exfatprogs for Linux
> kernel 5"
>
> This issue has already been fixed in un
Control: tag -1 confirmed
On Thu, Aug 19, 2021 at 11:09:16AM -0600, dann frazier wrote:
> [ Reason ]
> Fixes a security issue, CVE-2019-11098.
>
> [ Risks ]
> The most likely issue is that we introduce a regression that causes
> some VMs to fail to boot.
>
Assuming no such issues have been repor
Control: tag -1 moreinfo
Hi Thomas,
On Tue, Aug 17, 2021 at 12:57:50PM +0200, Thomas Goirand wrote:
> Also, I would like to get Nova upgraded to the latest point
> release, to fix numerous small issues. The release notes for
> Nova are there:
>
> https://docs.openstack.org/releasenotes/nova/vict
cc: rustc and firefox maintainers
On Tue, Nov 23, 2021 at 03:20:45PM -0500, Roberto C. Sanchez wrote:
> In preparing the rustc 1.51 upload/backport (to support backports of the
> latest firefox-esr and thunderbird packages) it has been suggested that
> to avoid some issues associated with providin
On Mon, Nov 01, 2021 at 12:01:51AM +0100, Christoph Biedl wrote:
> Adam D. Barratt wrote...
>
> > Do you already have a proposed new upload / debdiff?
>
> After many more tests and some more discussion with Hilko, find attached
> a debdiff that in my opinion is ready for upload. The patch itself
On Mon, Apr 19, 2021 at 06:28:05PM +0200, Julian Andres Klode wrote:
> On Mon, Apr 19, 2021 at 06:08:23PM +0200, Julien Cristau wrote:
> > On Mon, Apr 19, 2021 at 06:01:18PM +0200, Julian Andres Klode wrote:
> > > I see. Nobody pinged me since then, but it is indeed fixed in the
On Mon, Apr 19, 2021 at 06:01:18PM +0200, Julian Andres Klode wrote:
> I see. Nobody pinged me since then, but it is indeed fixed in the
> 1.8.5 stable update that at least one release team member was
> not exited about.
>
> https://salsa.debian.org/apt-team/apt/-/compare/1.8.2.2...1.8.5
>
> So i
Control: clone -1 -2
Control: reassign -2 protobuf2 2.6.1-4
Control: severity -2 serious
Control: retitle -2 protobuf2: unsuitable for release
Control: close -1
On Mon, Mar 29, 2021 at 10:48:28AM +0200, Emmanuel Bourg wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian..
On Fri, Mar 19, 2021 at 04:14:31PM +, Steve McIntyre wrote:
> In fact, how about: we *could* go ahead with the 10.9 point release as
> already planned, and expect to do a 10.10 a couple of weeks later with
> basically *just* the shim/SB changes? I'm OK to go with that option if
> that's our pre
Control: tag -1 moreinfo
On Thu, Feb 25, 2021 at 04:42:55PM +, Chris Lamb wrote:
> Please consider python-django (1:1.11.29-1+deb10u1) for buster:
>
> python-django (1:1.11.29-1+deb10u1) buster; urgency=high
> .
> * CVE-2021-23336: Prevent a web cache poisoning attack via "parameter
On Wed, Mar 03, 2021 at 10:52:39AM +0100, Ansgar wrote:
> I've Cc'ed debian-release@ as it is already past soft freeze, but I
> think just renaming the source packages would be unlikely to break
> anything.
>
That makes sense to me, and seems worth it to make the security team and
ftpmaster's life
On Tue, Feb 02, 2021 at 09:45:42AM +0100, Christoph Biedl wrote:
> Dominic Hargreaves wrote...
>
> > Do the gnupg1 maintainers agree that it should be removed from bullseye?
>
> IMnsHO it's a bad idea to remove gnupg1 any time soon. While it
> certainly should not be used for encryption, it's sti
On Tue, Oct 20, 2020 at 05:54:19PM +0200, Michael Biebl wrote:
> So I decided to do that, and NMU enigmail.
> I used Gregors patches from [1] (thanks for that!) with some minor changes
> - Updated to 2.2.4 (instead of 2.2.2)
> - Marked the upload as NMU (versioned as 2:2.2.4-0.1) and removed Gregor
Hi Carsten,
can you explain the jsunit situation a bit more? As far as I can tell the
issue is:
(thunderbird:2216): Gtk-WARNING **: 09:59:23.024: Could not load a pixbuf from
/org/gtk/libgtk/theme/Adwaita/assets/bullet-symbolic.svg.
showing up on stderr during the test, e.g. in
https://ci.de
package release.debian.org
tags 970424 = buster pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian buster.
Thanks for your contribution!
Upload details
==
Package: llvm-toolchain-7
Version: 7.0.1-8
On Mon, May 4, 2020 at 18:30:23 +0200, Andrej Shadura wrote:
> On Mon, May 04, 2020 at 03:35:25PM +0200, Julien Cristau wrote:
> > On Mon, May 04, 2020 at 03:30:53PM +0200, Andrej Shadura wrote:
> > > Synapse 0.99 was never meant to be a properly usable release in buster,
>
On Mon, May 04, 2020 at 03:30:53PM +0200, Andrej Shadura wrote:
> Synapse 0.99 was never meant to be a properly usable release in buster,
> and it was only included as some sort of a plug to make upgrades a tiny
> bit easier for users — they were supposed to upgrade the package to the
> version fro
Control: tag -1 moreinfo
On Mon, Apr 13, 2020 at 05:40:43PM +0200, Hilmar Preuße wrote:
> Am 12.04.2020 um 23:45 teilte Adam D. Barratt mit:
>
> Hi Adam,
>
> > I'm afraid that I'm slightly confused on this point:
> >
> > adsb@coccia:~$ grep debconf
> > proftpd-dfsg-1.3.6c/debian/proftpd-basic.
Control: tag -1 moreinfo
Hi Mike,
On Sat, Apr 25, 2020 at 09:57:01PM +0200, Mike Gabriel wrote:
> Package: release.debian.org
> Severity: normal
> Tags: stretch
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Dear release team,
>
> this is a follow-up for #927433 (about +deb9u
Control: tag -1 confirmed
On Tue, Feb 05, 2019 at 12:56:50PM +0800, gustavo panizzo wrote:
> hello
>
> On Mon, Feb 04, 2019 at 05:05:25PM +0100, Bastian Blank wrote:
> > On Mon, Feb 04, 2019 at 10:55:26PM +0800, gustavo panizzo wrote:
> > > On Mon, Feb 04, 2019 at 09:59:06AM +, Adam D. Barrat
Control: tag -1 confirmed
On Sat, May 05, 2018 at 06:38:25PM +0200, Jochen Sprickerhof wrote:
> Package: release.debian.org
> Severity: normal
> Tags: stretch
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Dear release team,
>
> in #894656 I was asked to add libvtk6-qt-dev as
Control: reassign -1 pu: libdbi/0.9.0-4+deb9u2
Control: tag -1 confirmed
On Fri, Nov 09, 2018 at 07:29:32AM +0100, László Böszörményi wrote:
> On Sat, Oct 6, 2018 at 7:07 PM Adam D. Barratt
> wrote:
> >
> > László: ping?
> >
> > On Mon, 2018-04-02 at 15:20 +0200,
Control: tag -1 moreinfo
On Wed, Apr 04, 2018 at 10:25:30PM +0200, Philipp Huebner wrote:
> Hi,
>
> Am 02.04.2018 um 12:57 schrieb Julien Cristau:
> > On Thu, Mar 15, 2018 at 14:51:10 +0100, Philipp Huebner wrote:
> >> I would like to fix #883987 in boost1.62 for Stret
Control: tag -1 confirmed
On Wed, Mar 14, 2018 at 06:48:51PM +0200, Adrian Bunk wrote:
> Package: release.debian.org
> Severity: normal
> Tags: stretch
> User: release.debian@packages.debian.org
> Usertags: pu
>
> * Add runtime depends on python{3,}-pkg-resources (Closes: #879224).
Please
Control: tag -1 confirmed
On Tue, Feb 27, 2018 at 08:47:39PM +0200, Adrian Bunk wrote:
> Package: release.debian.org
> Severity: normal
> Tags: stretch
> User: release.debian@packages.debian.org
> Usertags: pu
>
>* libswt-webkit-gtk-3-jni: Add the missing dependency
> on libwebkitgtk
Control: tag -1 confirmed
On Sun, Mar 04, 2018 at 11:08:00AM +0100, Carsten Leonhardt wrote:
> Control: tags -1 - moreinfo
>
> "Adam D. Barratt" writes:
>
> > - --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
> > + --oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP
On Sun, Nov 24, 2019 at 10:06:51AM +0100, Thomas Goirand wrote:
> On 11/23/19 6:09 PM, Julien Cristau wrote:
> > Control: tag -1 moreinfo
> >
> > On Mon, Nov 04, 2019 at 11:53:52AM +0100, Thomas Goirand wrote:
> >> We would like to update Nova in Buster for 2 rea
Control: tag -1 moreinfo
On Thu, Mar 05, 2020 at 11:40:44AM +0100, Ondřej Surý wrote:
> Hi,
>
> recently, there was a bug #952946 filled against BIND 9 (and other packages)
> about license problem with OASIS PKCS#11 (pkcs11.h) that has incompatible
> license. Upstream has already fixed that in t
On Fri, Jan 31, 2020 at 02:26:18PM +0100, Ben Hutchings wrote:
> I failed to update wireless-regdb for some time, as it needed some
> significant work to prepare for the regulatory database being directly
> loaded by the kernel (instead of by crda). This was introduced in
> Linux 4.15, but is curr
On Sun, Feb 16, 2020 at 04:27:11PM +, Ben Hutchings wrote:
> This was discussed on IRC with Julien Cristau, but unfortunately I
> didn't save a log. The main points that came up were:
>
> * Executables built for the O32 FP64 ABI require this kernel config
> change and o
Control: tag -1 moreinfo
Hi Bernd,
On Tue, Jan 07, 2020 at 11:37:45PM +0100, Bernd Zeimetz wrote:
> I have a bit complicated idea for a buster-pu: ceph.
> Buster shipped with 12.2.11 and last April upstream released 12.2.12 as
> bugfix release. As usual with ceph, the diff is *huge*, but it is a
Control: tag -1 moreinfo
On Sun, Dec 15, 2019 at 08:12:19PM +0100, Christian Göttsche wrote:
> Package: release.debian.org
> Severity: normal
> Tags: buster
> User: release.debian@packages.debian.org
> Usertags: pu
>
> With version 3.14.0 [1] logrotate split the configuration for btmp and
> w
On Fri, Feb 07, 2020 at 05:21:21PM -0500, Antoine Beaupré wrote:
> [sorry for the dupe, hit send by mistake :(]
>
> On 2019-11-24 12:13:20, Antoine Beaupré wrote:
> > On 2019-11-23 18:34:25, Julien Cristau wrote:
> >> I'm a bit uneasy about a blanket "
Control: reassign -1 reportbug
Yay me.
On Fri, Mar 13, 2020 at 07:36:28PM +0100, Julien Cristau wrote:
> On Sat, Dec 02, 2017 at 07:14:01PM +0100, Julien Cristau wrote:
> > Package: release.debian.org
> > Severity: wishlist
> >
> > I brought this up in Cambridge, fi
On Sat, Dec 02, 2017 at 07:14:01PM +0100, Julien Cristau wrote:
> Package: release.debian.org
> Severity: wishlist
>
> I brought this up in Cambridge, filing here so we can discuss specifics.
>
> At Mozilla we're using a template in bugzilla [1] for requests to
> cher
On Wed, Feb 12, 2020 at 03:24:42PM +0100, Laurent Bigonville wrote:
> libgusb is carrying in debian a patch[0] to revert/fix an after the fact
> change that was done upstream in the versioning of the symbols.
>
> I don't think we should/can carry this patch forever and due to the fact
> that the n
19:44:37 AEDT Julien Cristau wrote:
> > On Fri, Jan 10, 2020 at 03:57:01PM +1100, Stuart Prescott wrote:
> > > Package: release.debian.org
> > > Severity: normal
> > > User: release.debian@packages.debian.org
> > > Usertags: binnmu
> > >
>
On Fri, Jan 10, 2020 at 03:57:01PM +1100, Stuart Prescott wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: binnmu
>
> nmu schroedinger-coordgenlibs_1.3-1 . ANY . unstable . -m "Rebuild against
> libschroedinger-maeparser-dev >= 1.2
On Mon, Jan 06, 2020 at 09:42:29PM +, Adam D. Barratt wrote:
> Hi,
>
> It's (really past) time to consider a date for the next point releases
> for buster and stretch.
>
> I've listed some suggested dates below; please indicate which you would
> be available for.
>
> - January 25th
> - Febru
On Thu, Jan 09, 2020 at 01:38:53PM +, Ximin Luo wrote:
> Paul Gevers:
> > Hi all,
> >
> > On 05-01-2020 14:39, Ximin Luo wrote:
> >> Paul Gevers:
> >>> [..]
> >>>
> >>> [1] Now thunderbird is blocked by rust-cbindgen (last version migrated
> >>> in September with uploads since October), which
On Sat, Jan 04, 2020 at 05:02:56PM +0100, Paul Gevers wrote:
> As thunderbird should really migrate some time soon, are you aware of
> the missing pieces for that to happen and share that with us? If
> possible, can you please avoid uploading updates that can wait a bit and
> that interfere with th
Control: tag -1 moreinfo
On Sat, Nov 16, 2019 at 05:36:13PM +0100, Mattia Rizzolo wrote:
> Limnoria is affected by a security issue the security team deemed not
> DSA-worthy. See https://security-tracker.debian.org/tracker/CVE-2019-19010
>
What's the test coverage like for this code, and what's
Control: tag -1 confirmed
On Sat, Nov 16, 2019 at 04:06:59PM +0300, Dmitry Shachnev wrote:
> I would like to update qtbase-opensource-src in Buster, to fix the following
> bugs:
>
> #911702 — okular does not print to network printer
> #911844 — okular prints to the wrong printer
> #935909 — segfa
On Mon, Nov 11, 2019 at 10:40:58AM -0500, Antoine Beaupre wrote:
> diff -Nru ganeti-instance-debootstrap-0.16/debian/changelog
> ganeti-instance-debootstrap-0.16/debian/changelog
> --- ganeti-instance-debootstrap-0.16/debian/changelog 2018-06-20
> 06:57:18.0 -0400
> +++ ganeti-instance-de
Control: tag -1 moreinfo
On Tue, Nov 12, 2019 at 11:12:17AM +0100, Thomas Goirand wrote:
> I'd like to update heat in Buster to permit safe upgrades, as the current
> version may remove the heat domain password. Attached is the proposed
> debdiff for this fix.
>
I don't understand why this requir
Control: tag -1 confirmed
On Fri, Nov 08, 2019 at 10:57:51AM +, Georg Faerber wrote:
> Schleuder in buster is affected by various problems, which I would like to fix
> with this proposed update:
>
> - Schleuder fails to recognize keywords in mails with "protected headers"
> and
> empty
Control: tag -1 moreinfo
On Mon, Nov 04, 2019 at 11:53:52AM +0100, Thomas Goirand wrote:
> We would like to update Nova in Buster for 2 reasons. First, there's
> OSSA-2019-003 / CVE-2019-14433 which we would like to fix. Second,
> in non-interactive mode, upgrading Nova can lead to some configurat
Control: tag -1 moreinfo
On Mon, Jul 08, 2019 at 10:23:49AM +0200, Mathieu Parent wrote:
> samba (2:4.9.11+dfsg-1~deb10u1) unstable; urgency=medium
"unstable" seems like the wrong target.
>
> [ Mathieu Parent ]
> * New upstream release
> - Bump ldb Build-Depends to 2:1.5.1+really1.4.7
>
Control: tag -1 moreinfo
On Mon, Jul 08, 2019 at 10:23:49AM +0200, Mathieu Parent wrote:
> ldb (2:1.5.1+really1.4.7-1~deb10u1) unstable; urgency=medium
>
> [ Salsa Pipeline ]
> * Update salsa CI pipeline
>
> [ Mathieu Parent ]
> * New upstream version 1.4.7
> - Update symbols (no cha
On Thu, Nov 14, 2019 at 08:15:36PM +0100, Santiago Vila wrote:
> On Thu, Nov 14, 2019 at 07:10:08PM +0100, Julien Cristau wrote:
> > On Fri, Nov 08, 2019 at 01:17:20PM +0100, Santiago Vila wrote:
> > > I received this bug from one of the ansible upstream authors:
On Fri, Nov 08, 2019 at 01:17:20PM +0100, Santiago Vila wrote:
> I received this bug from one of the ansible upstream authors:
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931197
>
> asking to include information about minor version somewhere in
> /etc/os-release.
>
What I'm missing fr
package release.debian.org
tags 944186 = stretch pending
thanks
Hi,
The upload referenced by this bug report has been flagged for acceptance into
the proposed-updates queue for Debian stretch.
Thanks for your contribution!
Upload details
==
Package: dehydrated
Version: 0.3.1-3+deb
Control: tag -1 moreinfo
On Wed, Sep 25, 2019 at 10:59:58AM +0200, Mattia Rizzolo wrote:
> Package: release.debian.org
> User: release.debian@packages.debian.org
> Usertags: pu
> Tags: stretch
>
> Hi SRM,
>
> It was brought to my attention that stretch's version of dehydrated has
> a few iss
On Tue, Oct 15, 2019 at 13:15:22 +0200, Alberto Gonzalez Iniesta wrote:
> On Sat, Oct 12, 2019 at 05:01:38PM +0200, Alberto Gonzalez Iniesta wrote:
> > On Sat, Oct 12, 2019 at 03:57:14PM +0100, Adam D. Barratt wrote:
> > > Control: tags -1 + moreinfo
> > >
> > > On Sat, 2019-10-12 at 15:16 +0200,
On Thu, Jun 13, 2019 at 07:57:58PM +0200, Bastian Blank wrote:
> Hi
>
> On Wed, Jun 12, 2019 at 08:01:08PM +0200, Bastian Blank wrote:
> > On Wed, Jun 12, 2019 at 05:57:00PM +0200, Ivo De Decker wrote:
> > > If you create such a package, having a binary per architecture as you
> > > describe, shou
Control: tag -1 - moreinfo
Control: tag -1 + confirmed
On Thu, Oct 03, 2019 at 04:58:23PM -0700, Josue Ortega wrote:
> Hi,
>
> I've included the recommended changes for the fix:
>
> rpcbind (1.2.5-0.3+deb10u1) buster; urgency=medium
>
> * Add 00-rmt-calls.patch (Closes: #939877):
> + Add
Control: tag -1 - moreinfo
Control: tag -1 + confirmed
On Sun, Oct 06, 2019 at 01:34:19AM +0200, Marco d'Itri wrote:
> Control: retitle -1 buster-pu: package inn2/2.6.3-1+deb10u2
>
> Bug #931256 explains in detail why TLS is broken in inn2 in buster, due
> to the policies of newer openssl versio
Control: tag -1 - moreinfo
Control: tag -1 + confirmed
On Thu, Aug 08, 2019 at 02:47:55PM +0700, Arnaud Rebillout wrote:
> The debdiff attached brings in an upstream patch to fix
> CVE-2019-1020014, hence closes #933801.
>
> This is my first contribution to Debian Stable, please check for
> begin
Control: tag -1 confirmed
On Mon, Sep 16, 2019 at 11:28:11AM +0200, Thijs Kinkhorst wrote:
> diff -Nru tmpreaper-1.6.14/debian/changelog
> tmpreaper-1.6.14+deb10u1/debian/changelog
> --- tmpreaper-1.6.14/debian/changelog 2019-01-11 13:27:15.0 +0100
> +++ tmpreaper-1.6.14+deb10u1/debian/ch
Control: retitle -1 buster-pu: package publicsuffix/20190925.1705-0+deb10u1
Control: tag -1 confirmed
On Wed, Sep 11, 2019 at 04:16:47PM -0400, Daniel Kahn Gillmor wrote:
> Please consider an update to publicsuffix in debian buster.
>
Go ahead.
Cheers,
Julien
Control: tag -1 confirmed
On Tue, Sep 03, 2019 at 09:49:51PM +0100, Samuel Henrique wrote:
> Capistrano is a widely used tool for deployments, one of the steps
> of a deployment is to remove the old releases, this consists in removing
> the last Nth releases' folders.
>
> Recently a bug has been
Control: tag -1 confirmed
On Tue, Sep 03, 2019 at 01:51:42PM +0500, Lev Lamberov wrote:
> SWI-Prolog upsteam migrated to HTTPS (from HTTP). Unfortunately,
> because of that package installation of SWI-Prolog packages doesn't
> work now (please, see #939257). I've prepared a backport of an
> upstre
Control: tag -1 confirmed
On Sun, Sep 01, 2019 at 12:40:52PM +0100, Dominic Hargreaves wrote:
> Package: release.debian.org
> Severity: normal
> Tags: buster
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Per #932774, in its default configuration, ircd-hybrid does not start
> u
Control: clone -1 -2
Control: retitle -1 buster-pu: package ldb/2:1.5.1+really1.4.7-1~deb10u1
Control: block -2 with -1
On Mon, Jul 08, 2019 at 10:23:49AM +0200, Mathieu Parent wrote:
> Package: release.debian.org
> Severity: normal
> Tags: buster
> User: release.debian@packages.debian.org
> U
: #930562).
+
+ -- Julien Cristau Fri, 13 Sep 2019 11:00:50 +0200
+
trapperkeeper-webserver-jetty9-clojure (1.7.0-2) unstable; urgency=medium
* Fix compatibility with Jetty 9.4
diff --git a/debian/patches/0005-maint-Disable-EndpointIdentification.patch
b/debian/patches/0005-maint-Disable
On Tue, Sep 3, 2019 at 15:29:49 +0100, Mark Hindley wrote:
> On Wed, Aug 14, 2019 at 07:22:47PM +0100, Jonathan Wiltshire wrote:
> > I think your summary is fine. However, this is not my area of expertise and
> > I'm rather hoping Julien or Ansgar will chime in with an update.
> >
> > It certain
On Mon, Jul 8, 2019 at 11:54:18 +0200, Mattias Ellert wrote:
> > Sorry for not getting back to you again sooner.
> >
> > The bug fix sounds OK. What's the d/rules change about? It's not
> > mentioned in the changelog.
> >
> > + rm -rf debian/tmp/usr/share/doc/davix/html/.doctrees
> >
> > Reg
On Sun, May 26, 2019 at 09:07:11PM +0200, Moritz Mühlenhoff wrote:
> On Sun, Apr 21, 2019 at 12:32:13AM +0200, Moritz Muehlenhoff wrote:
> > Source: mercurial
> > Version: 4.8.2-1
> > Severity: grave
> > Tags: security
> >
> > See https://www.mercurial-scm.org/wiki/WhatsNew from 4.9:
> >
> > This
Control: tag -1 moreinfo
Hi Matthias,
On Mon, Apr 29, 2019 at 06:12:36PM +0200, Matthias Klose wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
>
> Please unblock openjdk-11/11.0.3+7-4. That's the quarterly security update
On Sun, Mar 3, 2019 at 23:35:45 +, Steve McIntyre wrote:
> So, we're looking at three hacky options options here to work our way
> out of this hole. In (probably?) descending order of hackitude:
>
> 1. Ask the nice ftpmaster people to bodge the archive by hand:
[...]
>
> OR
1 - 100 of 3566 matches
Mail list logo
