Package: wnpp
Severity: wishlist
Owner: NIIBE Yutaka
* Package name: libgit2
Version : 0.3.0
Upstream Author : Vicent Mart«¿
* URL : http://libgit2.github.com/
* License : GPL2 with linking exemption
Programming Lang: C
Description : Git core methods
On Mon, Feb 21, 2011 at 3:05 PM, Joerg Jaspert wrote:
> On 12398 March 1977, Joey Hess wrote:
>
>>> until today our Release files included 3 Hashes for all their entries:
>>> MD5SUM, SHA1, SHA256. I just modified the code to no longer include
>>> MD5SUM in *all* newly generated Release files.
>> Wh
Robert Edmonds wrote:
> i'd like to get some feedback on whether i should implement some changes
> in the unbound debian packaging:
i'm also looking into building the python bindings for libunbound.
unfortunately upstream uses autotools / libtool to build and link the
python module, which results
Thank you for the additional information you have supplied regarding
this Bug report.
This is an automatically generated reply to let you know your message
has been received.
Your message is being forwarded to the package maintainers and other
interested parties for their attention; they will rep
[explicit BCC to Roger]
Hi everyone, Roger,
Roger Leigh has filed a few bug reports related to how the buildd's resolver
(either internal or any of the new ones: apt{,itude}) and I'm not sure I quiet
agree.
Let's take for example the one filed against php5 [#614413]:
[...]
> Severity: importan
>> Also, it seems like the Releases file is already including sha1 and
>> sha256 for all the d-i files.
> Nope. Those Release files in debian-installer subdir are just stubs and
> don't contain checksum information. And there was nothing for
> installer-$ARCH subdirs and the image files therein. In
On 02/21/2011 09:05 PM, Joerg Jaspert wrote:
> On 12398 March 1977, Joey Hess wrote:
>
>>> until today our Release files included 3 Hashes for all their entries:
>>> MD5SUM, SHA1, SHA256. I just modified the code to no longer include
>>> MD5SUM in *all* newly generated Release files.
>> When will
Package: wnpp
Severity: wishlist
Owner: "Damien Raude-Morvan"
* Package name: landside
Version : 0.8.2
Upstream Author : Adam Zapletal
* URL : https://github.com/adamzap/landslide
* License : Apache-2.0
Programming Lang: Python
Description : tool to gen
#include
* Joey Hess [Mon, Feb 21 2011, 05:32:00PM]:
> Joerg Jaspert wrote:
> > Yep. debmirror, reprepro, debootstrap and cdebootstrap seem to be the
> > tools that can't deal with this. The latter two are serious enough to
> > keep the change away from oldstable forever, and stable at least until
On 2011-02-21, Joey Hess wrote:
>
> --qMm9M+Fa2AknHoGS
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> Joerg Jaspert wrote:
>> Yep. debmirror, reprepro, debootstrap and cdebootstrap seem to be the
>> tools that can't deal
Joerg Jaspert wrote:
> Yep. debmirror, reprepro, debootstrap and cdebootstrap seem to be the
> tools that can't deal with this. The latter two are serious enough to
> keep the change away from oldstable forever, and stable at least until
> after next point release, should they get updated there.
I
I additionally opened a bug with apt to add support for SHA512SUM, so
we can start using them. As soon as that is possible I intend to drop
SHA256 and end up with SHA1/SHA512 only.
>>> Please don't. I have more faith in SHA-256 than SHA-512.
>> Uhh, fine - why?
> I think this questi
>> >>> until today our Release files included 3 Hashes for all their entries:
>> >>> MD5SUM, SHA1, SHA256. I just modified the code to no longer include
>> >>> MD5SUM in *all* newly generated Release files.
>> >> When will that affect Release files for stable? Next point release?
>> >> Because that
Package: wnpp
Severity: wishlist
Owner: "Ernesto Hernández-Novich (USB)"
* Package name: libregexp-reggrp-perl
Version : 1.000
Upstream Author : Merten Falk
* URL : http://search.cpan.org/dist/Regexp-RegGrp/
* License : Artistic
Programming Lang: Perl
Des
On Mon, Feb 21, 2011 at 09:13:51PM +0100, Joerg Jaspert wrote:
> Care to make a point for the gpg stuff around it within bug
> #612657?
Gladly! Restating and Cc'ing...
While I agree that moving away from SHA-1 is necessary, SHA-512 is
not part of the compatibility set according to the gpg(1) manp
* Joerg Jaspert:
>>> I additionally opened a bug with apt to add support for SHA512SUM, so
>>> we can start using them. As soon as that is possible I intend to drop
>>> SHA256 and end up with SHA1/SHA512 only.
>> Please don't. I have more faith in SHA-256 than SHA-512.
>
> Uhh, fine - why?
I thi
On Mon, 2011-02-21 at 20:58 +0100, Joerg Jaspert wrote:
> >>> until today our Release files included 3 Hashes for all their entries:
> >>> MD5SUM, SHA1, SHA256. I just modified the code to no longer include
> >>> MD5SUM in *all* newly generated Release files.
> >> When will that affect Release file
On 2011-02-21, Joerg Jaspert wrote:
until today our Release files included 3 Hashes for all their entries:
MD5SUM, SHA1, SHA256. I just modified the code to no longer include
MD5SUM in *all* newly generated Release files.
>>> When will that affect Release files for stable? Next poin
> It might be worth approaching from a pragmatic perspective... why
> generate SHA-512 checksums when you're only going to be signing a
> SHA-256 digest of that list (that is unless you want to alienate
> users of OpenPGP-compliant tools which don't implement optional
> algorithms). Is it because
>> I additionally opened a bug with apt to add support for SHA512SUM, so
>> we can start using them. As soon as that is possible I intend to drop
>> SHA256 and end up with SHA1/SHA512 only.
> Please don't. I have more faith in SHA-256 than SHA-512.
Uhh, fine - why?
--
bye, Joerg
Well, it's 1 a
>> I additionally opened a bug with apt to add support for SHA512SUM, so
>> we can start using them. As soon as that is possible I intend to drop
>> SHA256 and end up with SHA1/SHA512 only.
> Unfortunately, the algorithm used for the GnuPG signatures (both in
> InRelease and Release.gpg) is SHA-1.
On 12398 March 1977, Joey Hess wrote:
>> until today our Release files included 3 Hashes for all their entries:
>> MD5SUM, SHA1, SHA256. I just modified the code to no longer include
>> MD5SUM in *all* newly generated Release files.
> When will that affect Release files for stable? Next point rele
>>> until today our Release files included 3 Hashes for all their entries:
>>> MD5SUM, SHA1, SHA256. I just modified the code to no longer include
>>> MD5SUM in *all* newly generated Release files.
>> When will that affect Release files for stable? Next point release?
>> Because that unfortunatly
On Mon, Feb 21, 2011 at 01:05:02PM -0500, Michael Gilbert wrote:
> What indications are there that SHA-512 is weak?
It might be worth approaching from a pragmatic perspective... why
generate SHA-512 checksums when you're only going to be signing a
SHA-256 digest of that list (that is unless you wa
On Mon, 21 Feb 2011 18:55:13 +0100, Florian Weimer wrote:
> * Joerg Jaspert:
>
> > I additionally opened a bug with apt to add support for SHA512SUM, so
> > we can start using them. As soon as that is possible I intend to drop
> > SHA256 and end up with SHA1/SHA512 only.
>
> Please don't. I have
* Joerg Jaspert:
> I additionally opened a bug with apt to add support for SHA512SUM, so
> we can start using them. As soon as that is possible I intend to drop
> SHA256 and end up with SHA1/SHA512 only.
Please don't. I have more faith in SHA-256 than SHA-512.
--
To UNSUBSCRIBE, email to debi
Package: wnpp
Owner: Jonathan Yu
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org,debian-p...@lists.debian.org
* Package name: libpoe-component-resolver-perl
Version : 0.910
Upstream Author : Rocco Caputo
* URL : http://search.cpan.org/dist/POE-Component
On 2011-02-21, Joey Hess wrote:
> Joerg Jaspert wrote:
>> until today our Release files included 3 Hashes for all their entries:
>> MD5SUM, SHA1, SHA256. I just modified the code to no longer include
>> MD5SUM in *all* newly generated Release files.
> When will that affect Release files for stable
Package: wnpp
Severity: wishlist
Owner: "Michal Čihař"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
* Package name: stardict-german-czech
Version : 20110201
Upstream Author : many contributors
* URL : http://cihar.com/software/slovnik
* License : GNU FDL
On Sun, Feb 20, 2011 at 07:03:11PM +0100, Joerg Jaspert wrote:
> I additionally opened a bug with apt to add support for SHA512SUM, so
> we can start using them. As soon as that is possible I intend to drop
> SHA256 and end up with SHA1/SHA512 only.
Unfortunately, the algorithm used for the GnuPG
Joerg Jaspert wrote:
> until today our Release files included 3 Hashes for all their entries:
> MD5SUM, SHA1, SHA256. I just modified the code to no longer include
> MD5SUM in *all* newly generated Release files.
When will that affect Release files for stable? Next point release?
Because that unfo
On Fr, 18 Feb 2011, Daniel Leidert wrote:
> > [Added Associations]
> > x-scheme-handler/http=iceweasel.desktop;
> > x-scheme-handler/https=iceweasel.desktop;
>
> into $HOME/.local/share/applications/mimeapps.list.
YEAHHH!!! Finally someone who stepped forward and *explained* what to
do instead o
David Bremner writes:
> On Fri, 18 Feb 2011 21:18:38 -0600, Jonathan Nieder
> wrote:
>
>> None of the current Debian git maintainers seem to use emacs. This
>> means git's emacs support[1] does not get as much care as it deserves:
>> see for example bugs #611936, #611931, #611932, #611933, #61
On Mon, Feb 14, 2011 at 11:36:55PM +, Roger Leigh wrote:
> sbuild, which does the job of building binary packages on our buildds,
> uses a built-in build-dependency resolver ("internal") to work out
> what packages need installing/removing in order to satisfy a package's
> Build-Depends and Bui
34 matches
Mail list logo
