0
@@ -1,3 +1,11 @@
+jemalloc (5.2.1-3) unstable; urgency=medium
+
+ * Add docbook-xml to Build-Depends, to avoid xsltproc accessing the network
+to fetch docbookx.dtd. Thanks to Helmum Grohne for the report and fix.
+(Closes: #985971)
+
+ -- Faidon Liambotis Sat, 27 Mar 2021 10:33:42 +0
with non-empty default permissions.
+ * Sync Uploaders from unstable, to indicate that this a maintainer upload.
+
+ -- Faidon Liambotis Sat, 11 Feb 2023 23:44:44 +0200
+
crun (0.17+dfsg-1) unstable; urgency=medium
* New upstream release.
diff -Nru crun-0.17+dfsg/debian/control crun-0.17+dfs
On Sat, Apr 01, 2023 at 08:24:57PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> Please go ahead; sorry for the delay.
Thanks for the review! Tagged and uploaded last night, and it's
currently in proposed-updates.
Faidon
an
+output. This addresses a man warning ("macro 'PI' not defined") which in
+turn is a lintian warning for packages using lowdown to generate their
+manpage(s).
+ * Bump Standards-Version to 4.6.2, no changes needed.
+
+ -- Faidon Liambotis Sun, 09 Apr 2023 03:3
dium
+
+ * Backport upstream fix for CVE-2020-28241, heap-based buffer over-read in
+dump_entry_data_list in maxminddb.c. (Closes: #973878)
+
+ -- Faidon Liambotis Sun, 10 Jan 2021 21:10:00 +0200
+
libmaxminddb (1.3.2-1) unstable; urgency=medium
* New upstream release.
diff -Nru libma
On Sat, Jan 16, 2021 at 06:00:00PM +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sun, 2021-01-10 at 21:39 +0200, Faidon Liambotis wrote:
> > This is an buster proposed update to fix CVE-2020-28241:
> > > libmaxminddb before 1.4.3 has a heap-b
On Mon, Jan 25, 2021 at 06:47:25AM -0500, Reinhard Tartler wrote:
> On the tradeoff "podman 3.0 with docker-compose" support vs.
> a "nomad driver for podman", I see more value for (more of)
> our users for the newer podman. I base that on popcon numbers:
>
> - nomand: 35
> - nomad-driver-podman
urgency=medium
+
+ * Fix CVE-2019-13952: IPv6 addresses in local zone file data which are
+longer than the maximum legitimate IPv6 address cause a stack buffer
+overflow and crash. (Closes: #932407)
+
+ -- Faidon Liambotis Thu, 11 Feb 2021 23:58:20 +0200
+
gdnsd (2.4.2-1) unstable; urgency=me
On Sun, Feb 28, 2021 at 02:01:04PM -0800, Noah Meyerhans wrote:
> We should be publishing release images for OpenStack and at least two
> commercial cloud services approximately simultaneously with the bullseye
> release. I'd like to include a short notice about cloud image
> availability in the r
On Tue, Jan 10, 2017 at 01:38:58AM +0100, Moritz Muehlenhoff wrote:
> please remove hhvm from testing. HHVM is still undergoing rapid changes and
> the current 3.12.x series is already out of upstream support. We can
> reconsider for buster.
We've discussed this with Moritz already but for the rec
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Release Team,
This has been pending for a long time, and while the pieces have been
mostly there, I've dropped the ball and did not proceed with the
transition earlier. Apologies for thi
Hi,
On Mon, Jan 07, 2019 at 06:10:02PM +0100, Emilio Pozuelo Monfort wrote:
> > So, I'd like to ask for permission to upload jemalloc 5.1.0-2 to sid:
>
>
> Please go ahead.
Thank you Emilio & team, appreciate it! I've went ahead and uploaded
5.1.0-2, seems it was successfully built on most arch
inux-any] from liburcu-dev Build-Depends, as it's now available on
+kFreeBSD.
+ * Add 2019 to debian/copyright years.
+ * Misc source package changes:
+- Drop overlay/tarballs/build-area from gbp.conf.
+- Remove custom compression setting from source/options.
+- Sort Build-D
89736)
* Patch typos: fix a few typos in the source.
* Patch man_hyphen: fix hyphen/minus issues in man pages.
* Remove useless binaries aelparse, conf2ael and muted.
[ Faidon Liambotis ]
* Change the way that we read include files, to accommodate for changes
in GCC 4.4. Taken from upstream&
Adam D. Barratt wrote:
> On Sat, August 28, 2010 12:38, Stig Sandbeck Mathisen wrote:
>> Please make a freeze exception for varnish 2.1.3-6.
2.1.3-6 didn't migrate, however, because of #594777. I (hopefully) fixed
this with 2.1.3-6.1 (NMU). I uploaded it moments ago on DELAYED/2.
If the maintainer
Adeodato Simó wrote:
> So, as for what to do, please do stop for squeeze bumping the SONAME
> (and changing the package name) on every new upstream version, and only
> do it whenever the ABI changes. It would be realy nice if you could do
> this. (There is also no reason to rename the -dev package,
Hi,
I've prepared a fix for #507883, an RC bug for asterisk.
Unfortunately, one of its dependencies, libvpb0, had a new upload in
unstable (v4.2.38-1 vs. v4.2.36-1 in lenny) and uses "dh_makeshlibs -V"
with no symbol files, which resulted in new shlibs for asterisk.
Those libvpb0 changes are mi
Aurelien Jarno wrote:
> I am planning to do an upload of glibc/stable to switch Slovenia and
> Slovakia to Euro. Slovakia has joined the Eurozone a few days ago, and
> Slovenia one year ago, but we forget to do the change in stable. Please
> find the changes below. Can you pre-approve the upload pl
Petter Reinholdtsen wrote:
> I doubt these patches will be accepted upstream, as they change the
> behaviour of existing locales. I would recommend creating new locales
> with xx...@euro names like the other locales with euro, as this is
> most likely the way it will be implemented upstream.
>
>
lease unblock.
The full changelog is:
asterisk (1:1.4.21.2~dfsg-3) unstable; urgency=medium
[ Faidon Liambotis ]
* Fix a segfault that occured on AEL parsing on amd64 systems.
(Closes: #507883)
* Remove bristuff/app-meetme-avoid-overflows patch as it apparently
causes more problems
Ben Hutchings wrote:
> Removal of OpenVZ, Vserver and Xen packages
>
> These are large and intrusive patches which require significant upstream
> effort to adapt to each new kernel version. As a result, they generally
> lag availability of new kernel versions and may take much longer to
> stabili
Ben Hutchings wrote:
>> Also, I remember reading about an effort on merging dom0 to mailine.
>> From your experience, is there a chance of that happening for 2.6.32?
>
> I don't think so.
For the record, Xen upstream[1] mentions "dom0 support, currently
planned for Linux 2.6.32 or 2.6.33 (latest p
maximilian attems wrote:
Also, I remember reading about an effort on merging dom0 to mailine.
From your experience, is there a chance of that happening for 2.6.32?
>>> I don't think so.
>> For the record, Xen upstream[1] mentions "dom0 support, currently
>> planned for Linux 2.6.32 or 2.6
Hi,
Russ Allbery wrote:
> The Shibboleth suite of software and libraries, which includes xmltooling,
> opensmal2, and shibboleth-sp2, has had several vulnerabilities announced
> over the past month and a half. Most of those are in xmltooling and are
> being handled in conjunction with the Debian
Florian Weimer wrote:
> Right. Please upload opensaml2 first (after sending in a source
> debdiff for review), and then wait with uploading shibboleth-sp2 until
> we tell you it's okay to do so.
OK, will do. How should we handle the fact that the newer xmltooling is
breaking the "old" (as in, lenn
Please unblock ulogd 1.23-8 for etch. It containts 9 new translations, a
manpage update and more importantly, a fix for a regression introduced
in the recent security update (1.23-7).
Best regards,
Faidon
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Co
Please unblock ulogd 1.23-9 for etch, hopefully the last etch-targetted
release. It containts a new translation (Dutch) and a trivial
documentation fix.
Best regards,
Faidon
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hello,
Please schedule binNMUs for yate.
yate-openh323 depends on libopenh323 which until recently had too strict
dependencies.
This -along with a sourceful Asterisk upload- will hopefully allow yate
to enter testing while openh323 FTBFS on unstable because of a binutils
bug on mips/mipsel (##440
Kilian Krause wrote:
> as pwlib 1.10.10 got out of NEW today, we'll need a few binNMUs to catch
> the SONAME change for the following packs.
>
> with dep-wait 'libpt-dev (>= 1.10.10), libopenh323-dev (>= 1.18.0.dfsg-7+b1)'
> on alpha amd64 arm hppa i386 ia64 m68k mips mipsel powerpc s390 sparc
> -
Luk Claes wrote:
> Because asterisk maintainers apparantly aren't interesting in making
> sure stable and secure packages reach testing as this is already taking
> months and even before the release these packages were more than once in
> a very bad shape, I thought they wouldn't mind... I guess
Luk Claes wrote:
>> Unfortunately, asterisk in lenny was FTBFSing because of missing or
>> changed dependencies so I couldn't make an upload to testing-security,
>> even though the version is exactly the same as of etch.
>
> It was FTBFSing because of a removed build dependency which apparantly
>
Luk Claes wrote:
>> CVE-2007-5448[0]:
>> | Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial
>> | of service (panic) via a beacon frame with a large length value in the
>> | extended supported rates (xrates) element, which triggers an assertion
>> | error, related to net80211/ie
Hi,
asterisk 1:1.4.17~dfsg-2 has been built on sparc since Jan 4 but hasn't
been uploaded yet.
Normally, I wouldn't mind too much, but it's the only thing that is
holding asterisk from migrating to testing and the last migration was
over a year ago :-)
Could someone (a buildd maintainer, pr
Adeodato Simó wrote:
Asterisk is fixed already. I have filed bug#492285 and am now compiling
a fixed package that I will upload as an NMU (but with no delay).
Great, thank you.
If you could still file a bug against asterisk at important... (it now
build-depends on libc-client2007b-dev). But p
Jonas Smedegaard wrote:
Actually, I suspect you'd better keep it versioned for Asterisk:
Asterisk needs features not available in earlier libc-client.
We can't do versioned depends on virtual packages.
Hm, I just remembered that we've had this discussion with the release
team in the past and w
asterisk-oh323 (0.7.3+cvs20070811-4) unstable; urgency=medium
* Fix FTBFS that was caused by an API change of asterisk; also
build-depend on asterisk-dev >= 1.4.21 to account for this.
(Closes: #494217)
The patch is a simple s/CRASH/ast_assert(0)/, adapting to the new API.
Thanks,
Faido
rtpproxy (1.1-2) unstable; urgency=medium
* Run as user rtpproxy instead of root. (Closes: #489136)
* Do not return failure in stop command of init script if the daemon
is not running.
* Add README.source file explaining quilt usage.
* Set umask to make control socket group-writable.
severity 438815 important
thanks
[release team: the bug is about a segfault of users of libopenh323 that
happens when they dlclose() the library; see #48 for more.]
Since upstream is quite unresponsive generally and in this case they
haven't even looked at the bug, it has been workarounded by the
+
+ * Re-enable SRV support that was disabled due to an upstream bug.
+Thanks to MESZAROS Mihaly. (Closes: #501030)
+
+ -- Faidon Liambotis <[EMAIL PROTECTED]> Fri, 03 Oct 2008 12:40:54 +0300
+
gnugk (2:2.2.7-3-1) unstable; urgency=low
* New upstream release
--- 2.2.7-3-1/debian/rules
+++
/asterisk. Change suggested
CORE_PATTERN to more secure ones.
* /etc/init.d/asterisk: Use the value of AST_DUMPCORE_DIR if it is a
directory, not if the value if DUMPCORE_DIR is a directory.
[ Faidon Liambotis ]
* Backport a patch from Xorcom's tree fixing a deadlock situation
On Fri, Mar 01, 2013 at 12:13:06AM -0800, Christoph Egger wrote:
> Michael Fladischer writes:
> > On 2013-02-28 21:27, Adam D. Barratt wrote:
> >> Any news on an upload?
> >
> > 2.5.3-3 is prepared in SVN but paravoid (my sponsor on celery) seems
> > to be busy.
>
> Uploaded
JFYI,
r23622 | fladi
Package: release.debian.org
Severity: normal
Hi,
Please unblock radsecproxy 1.6.2-1. It's a security upload, complementing
1.4-1+squeeze1 and fixing two CVEs. Security team is aware and has reviewed the
upstream fixes for those -- in fact, the second vulnerability was found by
Raphael during the
nder Linux >= v6.6 and >= v6.1.55, i.e. bookworm's current stable
+kernel. (Closes: #1053821)
+ * Move myself to Maintainer, and Dmitry to Uploaders.
+
+ -- Faidon Liambotis Thu, 02 Nov 2023 18:52:46 +0200
+
crun (1.8.1-1) unstable; urgency=medium
* New bugfix upstream rel
.6, >= v6.1.55 and >= 5.10.197, i.e. bullseye's
+and bookworm's current stable kernels. (Closes: #1053821)
+
+ -- Faidon Liambotis Thu, 02 Nov 2023 18:52:46 +0200
+
crun (0.17+dfsg-1+deb11u1) bullseye; urgency=medium
* Backport upstream commits b847d14 ("spec: do not set inhe
On Sun, Nov 12, 2023 at 03:06:34PM +, Adam D. Barratt wrote:
> On Sun, 2023-11-12 at 09:56 +0200, Faidon Liambotis wrote:
> > A change merged into Linux v6.6 broke crun. The change was backported
> > in the stable branch with v6.1.55, the version in bookworm. We fixed
> >
branch (itself a backport from v4.3.0), to
+address an incorrect handling of supplementary groups. (Closes: #1019591)
+ * Add myself to Uploaders.
+
+ -- Faidon Liambotis Fri, 29 Dec 2023 17:26:49 +0200
+
libpod (3.0.1+dfsg1-3+deb11u4) bullseye; urgency=medium
* Recompile to fix parsi
retitle 363377 Inform users that HostAP is merged in recent kernels
thanks control
Hi,
Moritz Muehlenhoff wrote:
> Etch will only ship a 2.6.18 kernel, please update have it.
This bug isn't actually a FTBFS, since hostap-source isn't needed in
recent kernels. The driver was merged in mainline 2.6.
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Hi,
I'd like to upload new version of gdnsd to spu. This would be a new upstream
release, 2.1.2, but this is from the 2.1.x stable maintenance branch which
contains only critical fi
Control: tags -1 - moreinfo
On Mon, May 11, 2015 at 11:16:34AM +0100, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
>
> On 2015-05-11 10:29, Faidon Liambotis wrote:
> >I'd like to upload new version of gdnsd to spu. This would be a new
> >upstream release, 2.1.2
On Sat, May 23, 2015 at 10:16:01AM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> Thanks for the diff and information. Please go ahead.
Thanks Adam. This was uploaded yesterday to stable/proposed-updates.
Regards,
Faidon
--
To UNSUBSCRIBE, email to debian-release-requ...@lis
50 matches
Mail list logo
