Question about flashplugin-nonfree

2015-10-29 Thread Marcio Souza 
Dear Debian-devel,

Currently, Adobe has released security updates for Adobe Flash Player.

...These updates address critical
 vulnerabilities
that could potentially allow an attacker to take control of the affected
system. Adobe is aware of a report that an exploit for CVE-2015-7645 is
being used in limited, targeted attacks.
https://helpx.adobe.com/security/products/flash-player/apsb15-27.html

I suggest two ways to update flashplugin:

- Execute update-flashplugin-nonfree --install --verbose or apt-get
install --reinstall flashplugin-nonfree

Should not this happen automatically?

Regards,

-- 
Marcio de Souza Oliveira
(http://respirandoti.com.br)
 
---
Cansou de vírus, pragas virtuais, travamentos e falta de desempenho?
O melhor anti vírus é usar Linux :)
Conheça o Debian (http://www.debian.org/) 



signature.asc
Description: OpenPGP digital signature

Re: Question about flashplugin-nonfree

2015-10-29 Thread Albino B Neto 
2015-10-29 9:21 GMT-02:00 Marcio Souza :
> Dear Debian-devel,
>
> Currently, Adobe has released security updates for Adobe Flash Player.
>
> ...These updates address critical vulnerabilities that could potentially
> allow an attacker to take control of the affected system. Adobe is aware of
> a report that an exploit for CVE-2015-7645 is being used in limited,
> targeted attacks.
> https://helpx.adobe.com/security/products/flash-player/apsb15-27.html
>
> I suggest two ways to update flashplugin:
>
> - Execute update-flashplugin-nonfree --install --verbose or apt-get
> install --reinstall flashplugin-nonfree
>
> Should not this happen automatically?

to help: https://wiki.debian.org/FlashPlayer

Albino

Bug#803400: ITP: dgedit -- Drum kit editor for DrumGizmo

2015-10-29 Thread Víctor Cuadrado Juan 
Package: wnpp
Severity: wishlist
Owner: "Víctor Cuadrado Juan" 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: dgedit
  Version : 0.9.6
  Upstream Author : The DrumGizmo Team
* URL : http://www.drumgizmo.org/wiki/doku.php?id=getting_dgedit
* License : GPL-3
  Programming Lang: C++
  Description : Drum kit editor for DrumGizmo

This package allows drumgizmo package to be packaged in
main, as there'll a way to provide data to drumgizmo
without going outside of main.

I plan to maintain this under the umbrella of the Debian
Multimedia Team (which I am part of).




-BEGIN PGP SIGNATURE-

iQEcBAEBCgAGBQJWMkWJAAoJECI/Fcparw548dgIAI3u3r+xgo+1TYexo7ZTZkyF
bHNCXPC7HK0v5IlI9gCRV9a03QgtYdsm68g25gBDr7FJirQSP2QFU8ANpg87rYcI
HFlXJFcC0BPunBz5IRvSxuhUi7SDFzDg1yUZCEjGHU9aUdXo22N27OY8cdp+zqjk
2bMI+Ac1QIbcmRgnkiR452eUXU/T3eSO9YUHTZjNe98rc5Vx1QT7XbryrsZkGkFm
JXiFkJHYiQ50cdXMN/e0pZIyphvw9XImOfVfGZy4t4L8tdrx5VJzKhNm4NVXgLU3
I+/v+cvJsFr8NnjJbUrltZvu3+n9NG4Mduoc2V3p4AQQ+8Zj6X8xall6af3W3s4=
=y0/y
-END PGP SIGNATURE-

Re: Question about flashplugin-nonfree

2015-10-29 Thread Marcio Souza 
2015-10-29 12:42 GMT-02:00 Albino B Neto :

> 2015-10-29 9:21 GMT-02:00 Marcio Souza :
> > Dear Debian-devel,
> >
> > Currently, Adobe has released security updates for Adobe Flash Player.
> >
> > ...These updates address critical vulnerabilities that could potentially
> > allow an attacker to take control of the affected system. Adobe is aware
> of
> > a report that an exploit for CVE-2015-7645 is being used in limited,
> > targeted attacks.
> > https://helpx.adobe.com/security/products/flash-player/apsb15-27.html
> >
> > I suggest two ways to update flashplugin:
> >
> > - Execute update-flashplugin-nonfree --install --verbose or apt-get
> > install --reinstall flashplugin-nonfree
> >
> > Should not this happen automatically?
>
> to help: https://wiki.debian.org/FlashPlayer
>
> Albino
>
>
Hello Albino,

The problem is that most Debian users to update the system using apt-get
update && apt-get upgrade or the like.
Thus the flash plugin is not updated and the security problem will persist.

I believe that the flash update should be automatic because no update
is a security
problem.

Regards,

-- 
Marcio de Souza Oliveira
http://www.respirandoti.com.br
---
Cansou de vírus, pragas virtuais, travamentos e falta de desempenho?
O melhor anti vírus é usar Linux :)
Debian (http://www.debian.org/)

Re: Question about flashplugin-nonfree

2015-10-29 Thread Moritz Mühlenhoff 
Marcio Souza  wrote:
> The problem is that most Debian users to update the system using apt-get
> update && apt-get upgrade or the like.
> Thus the flash plugin is not updated and the security problem will persist.
>
> I believe that the flash update should be automatic because no update
> is a security problem.

Indeed, if someone uses that pile of junk, it should at least be
updated frequently and as automated as possible.

There's https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791761
which hasn't seen action in four months, so people using
flashplugin-nonfree could speed this up by proposing patches in
the BTS.

Cheers, 
Moritz

Work-needing packages report for Oct 30, 2015

2015-10-29 Thread wnpp 
The following is a listing of packages for which help has been requested
through the WNPP (Work-Needing and Prospective Packages) system in the
last week.

Total number of orphaned packages: 682 (new: 0)
Total number of packages offered up for adoption: 176 (new: 2)
Total number of packages requested help for: 50 (new: 0)

Please refer to http://www.debian.org/devel/wnpp/ for more information.



No new packages have been orphaned, but a total of 682 packages are
orphaned.  See http://www.debian.org/devel/wnpp/orphaned
for a complete list.



The following packages have been given up for adoption:

   spark (#803195), offered 2 days ago
 Description: SPARK programming language toolset
 Installations reported by Popcon: 52

   swi-prolog (#803196), offered 2 days ago
 Description: ISO/Edinburgh-style Prolog interpreter
 Reverse Depends: libppl-swi logol-bin spark swi-prolog
   swi-prolog-java swi-prolog-odbc swi-prolog-x
 Installations reported by Popcon: 1731

174 older packages have been omitted from this listing, see
http://www.debian.org/devel/wnpp/rfa_bypackage for a complete list.



For the following packages help is requested:

   apt-xapian-index (#567955), requested 2096 days ago
 Description: maintenance tools for a Xapian index of Debian packages
 Reverse Depends: goplay muon muon-discover packagesearch
 Installations reported by Popcon: 49801

   athcool (#278442), requested 4020 days ago
 Description: Enable powersaving mode for Athlon/Duron processors
 Installations reported by Popcon: 35

   awstats (#755797), requested 463 days ago
 Description: powerful and featureful web server log analyzer
 Installations reported by Popcon: 4225

   balsa (#642906), requested 1495 days ago
 Description: An e-mail client for GNOME
 Reverse Depends: balsa-dbg
 Installations reported by Popcon: 852

   cardstories (#624100), requested 1648 days ago
 Description: Find out a card using a sentence made up by another
   player
 Installations reported by Popcon: 8

   cups (#532097), requested 2336 days ago
 Description: Common UNIX Printing System
 Reverse Depends: bluez-cups boomaga chromium
   cinnamon-settings-daemon cloudprint cups cups-backend-bjnp
   cups-browsed cups-bsd cups-client (65 more omitted)
 Installations reported by Popcon: 161705

   cyrus-sasl2 (#799864), requested 36 days ago
 Description: authentication abstraction library
 Reverse Depends: 389-admin 389-ds-base 389-ds-base-libs 389-dsgw
   adcli autofs-ldap cairo-dock-mail-plug-in claws-mail
   claws-mail-acpi-notifier claws-mail-address-keeper (124 more
   omitted)
 Installations reported by Popcon: 186667

   debtags (#567954), requested 2096 days ago
 Description: Enables support for package tags
 Reverse Depends: goplay packagesearch
 Installations reported by Popcon: 2146

   developers-reference (#759995), requested 425 days ago
 Description: guidelines and information for Debian developers
 Installations reported by Popcon: 17926

   devscripts (#800413), requested 30 days ago
 Description: scripts to make the life of a Debian Package maintainer
   easier
 Reverse Depends: apt-build apt-listdifferences aptfs arriero
   bzr-builddeb customdeb debci debian-builder debmake debpear (26 more
   omitted)
 Installations reported by Popcon: 13033

   ejabberd (#767874), requested 360 days ago
 Description: distributed, fault-tolerant Jabber/XMPP server written
   in Erlang
 Reverse Depends: ejabberd-contrib ejabberd-mod-cron
   ejabberd-mod-http-upload ejabberd-mod-log-chat
   ejabberd-mod-logsession ejabberd-mod-logxml ejabberd-mod-mam-mnesia
   ejabberd-mod-message-log ejabberd-mod-muc-log-http
   ejabberd-mod-post-log (5 more omitted)
 Installations reported by Popcon: 796

   fbcat (#565156), requested 2115 days ago
 Description: framebuffer grabber
 Installations reported by Popcon: 171

   freeipmi (#628062), requested 1617 days ago
 Description: GNU implementation of the IPMI protocol
 Reverse Depends: freeipmi freeipmi-bmc-watchdog freeipmi-ipmidetect
   freeipmi-ipmiseld freeipmi-tools ipmitool libfreeipmi-dev
   libfreeipmi16 libipmiconsole-dev libipmiconsole2 (6 more omitted)
 Installations reported by Popcon: 6438

   freerdp (#799759), requested 37 days ago
 Description: RDP client for Windows Terminal Services (X11 client)
 Reverse Depends: freerdp-x11 freerdp-x11-dbg libfreerdp-cache1.1
   libfreerdp-client1.1 libfreerdp-codec1.1 libfreerdp-common1.1.0
   libfreerdp-core1.1 libfreerdp-crypto1.1 libfreerdp-dbg
   libfreerdp-dev (28 more omitted)
 Installations reported b

ITR: jade (source) sp, libsp1c2, libsp1-dev, jade (binary)

2015-10-29 Thread Neil Roeth 
I intend to remove the source package jade and the binary packages built
from it.  Jade is obsolete, the alternative is the openjade and opensp
packages which are already in Debian (with some slight changes to the
command names used). I will file bugs against packages that depend or
build depend on any of the binary packages built by the jade source package.

-- 
Neil Roeth

ITR: openjade1.3 (source and binary)

2015-10-29 Thread Neil Roeth 
I intend to remove the source package openjade1.3 which the binary
package of the same name built from it.  Openjade1.3 is obsolete, the
alternative is the openjade package in Debian. I will file bugs against
packages that depend on the binary package openjade1.3.  There are no
packages that build depend on it.

-- 
Neil Roeth

Bug#803426: ITP: clitest -- performs automatic testing in command lines

2015-10-29 Thread Giovani Augusto Ferreira 
Package: wnpp
Severity: wishlist
Owner: Giovani Augusto Ferreira 

* Package name: clitest
  Version : 0.0+git20150312.339b2d
  Upstream Author : Aurelio Jargas 
* URL : https://github.com/aureliojargas/clitest
* License : MIT
  Programming Lang: Shell Script
  Description : performs automatic testing in command lines

 Clitest is a portable POSIX shell script that performs automatic
 testing in Unix command lines. This script was carefully coded to
 be portable between POSIX shells
 .
 It's the same concept as in Python's doctest module: you document
 both the commands and their expected output, using the familiar
 interactive prompt format, and a specialized tool tests them.
 .
 The clitest command searches for pieces of text that look like
 interactive Unix command lines, and then executes those command
 lines to verify that they work exactly as shown.