On Sat, 05 Nov 2016, Ian Jackson wrote:
> Looking at the code, I think that gs in jessie is plainly violating
> the rules about the use of pthread locks. On my partner's machine,
Per logs from message #15 on bug #842796:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842796#15
SIGSEGV on __ll
On 2016-11-05 19:13, Ian Jackson wrote:
> I have just been debugging a ghostscript segfault on jessie amd64.
>
> Looking at the code, I think that gs in jessie is plainly violating
> the rules about the use of pthread locks. On my partner's machine,
> this makes it segfault on termination (with s
On 2016-11-05 22:23, Adrian Bunk wrote:
The solution you are trying to sell is apt-transport-https as default.
[...]
Your solution would be a lot of work with relatively little
improvement.
Well, the client-side exists and works. Then it boils down if the mirror
sponsors would be willing to
On Tue, Oct 25, 2016 at 11:06:23AM -0700, Russ Allbery wrote:
> Adrian Bunk writes:
>...
> So, I'm not quite sure how to put this, since I don't know how much work
> you've done professionally in computer security, and I don't want to
> belittle that. It's entirely possible that we have equivalen
On Sat, 05 Nov 2016, Santiago Vila wrote:
> On Sat, Nov 05, 2016 at 04:35:16PM -0200, Henrique de Moraes Holschuh wrote:
> > On Fri, 04 Nov 2016, Adrian Bunk wrote:
> > > If I would report hundreds of "dpkg-buildpackage -A" FTBFS bugs against
> > > stable, would you consider that a valuable contri
Ian Jackson writes ("libc recently more aggressive about pthread locks in
stable ?"):
> I have just been debugging a ghostscript segfault on jessie amd64.
...
> I recently encountered what seems to be a similar bug in ogg123 in
> stable. #842796.
>
> Has something changed in jessie's libc recent
You could enforce that no Qt-using package uses the wrong OpenSSL by
> adding libssl1.0-dev dependencies to libqt4-dev and qtbase5-dev.
>
> After that, trying to compile any Qt-using package with the wrong
> OpenSSL should fail due to unsatisfiable build dependencies.
>
>
Well, if a library A uses
On 11/05/2016 08:13 PM, Ian Jackson wrote:
> I have just been debugging a ghostscript segfault on jessie amd64.
>
> Looking at the code, I think that gs in jessie is plainly violating
> the rules about the use of pthread locks. On my partner's machine,
> this makes it segfault on termination (wit
On Sat, Nov 05, 2016 at 04:35:16PM -0200, Henrique de Moraes Holschuh wrote:
> On Fri, 04 Nov 2016, Adrian Bunk wrote:
> > If I would report hundreds of "dpkg-buildpackage -A" FTBFS bugs against
> > stable, would you consider that a valuable contribution to unhide problems?
>
> Packages in stable
I have just been debugging a ghostscript segfault on jessie amd64.
Looking at the code, I think that gs in jessie is plainly violating
the rules about the use of pthread locks. On my partner's machine,
this makes it segfault on termination (with some input files, at
least). On my machine it work
On Fri, 04 Nov 2016, Adrian Bunk wrote:
> If I would report hundreds of "dpkg-buildpackage -A" FTBFS bugs against
> stable, would you consider that a valuable contribution to unhide problems?
Packages in stable must build in stable. If a package from stable FTBFS
in stable, then yes, you should
On Thu, Oct 27, 2016 at 11:58:35PM +0100, Ian Jackson wrote:
> (IME one gets the first matching entry found in /etc/passwd).
Yes, if you use libnss_compat.so. There are, however, a number of caching NSS
modules (e.g., libnss-db, libnss-cache, ...) that do not guarantee the same
ordering of entries
Hi all,
thanks to everybody for your advise.
On Sat, Nov 05, 2016 at 01:02:27AM +, Holger Levsen wrote:
> Hi Ralf,
>
> On Fri, Nov 04, 2016 at 09:22:02PM +0100, Ralf Treinen wrote:
> > in the Colis project (which aims at analyzing maintainer scripts) we
> > found 39 maintainer scripts in sta
Package: wnpp
Severity: wishlist
Owner: Pirate Praveen
X-Debbugs-CC: debian-devel@lists.debian.org
* Package name: node-chai
Version : 3.5.0
Upstream Author : Jake Luer
* URL : http://chaijs.com
* License : Expat
Programming Lang: JavaScript
Description
Sebastiaan Couwenberg writes:
> If only all maintainers would coordinate their transitions, too many
> unfortunately don't. And those are unlikely read Thomas' plea either, so
> disruptive library changes caused by uncoordinated transitions are
> unfortunately still likely to happen.
The point o
Sean Whitton writes:
> There is a huge backlog of bugs to update policy, most of which are for
> entirely uncontroversial changes.
> If people wanted to do the restructuring work first, all the patches on
> all those bugs would have to be rewritten. Further, it is a waste of
> time restructurin
On 11/05/2016 04:07 PM, Adrian Bunk wrote:
> On Sat, Nov 05, 2016 at 11:14:02AM +0100, Thomas Goirand wrote:
>> ...
>> Finally, with the above examples as illustration (and please, these
>> aren't attacks in any way...), I guess what I'm trying to say here is:
>>
>> While disruptive changes are nec
On Sat, Nov 05, 2016 at 11:14:02AM +0100, Thomas Goirand wrote:
> Hi,
Hi Thomas,
>...
> Finally, with the above examples as illustration (and please, these
> aren't attacks in any way...), I guess what I'm trying to say here is:
>
> While disruptive changes are necessary evils so we upgrade ever
> debian-reference-common_2.58_all/postinst
> debian-reference-de_2.58_all/postinst
> debian-reference-en_2.58_all/postinst
> debian-reference-fr_2.58_all/postinst
> debian-reference-it_2.58_all/postinst
> debian-reference-ja_2.58_all/postinst
> debian-reference-pt_2.58_all/postinst
Hmmm... it's a
On Fri, Nov 04, 2016 at 02:56:59PM +0100, Jonas Smedegaard wrote:
> Quoting Guido Günther (2016-11-04 12:26:51)
> > We should also enable needsrestart, whatmaps, checkrestart or similar
> > to restart affected services after these upgrades otherwise the e.g.
> > openssl update might go without ef
Hello,
On Sat, Nov 05, 2016 at 10:29:26AM +, Holger Levsen wrote:
> do you think this is something which could be re-started at say DebConf
> (or probably better, DebCamp), or a dedicated debian-policy sprint?
>
> would anybody else be interested to spend time+work on this?
There is a huge b
Is anyone keeping track of when the various packages which depend on
openssl expect to upload versions compiled against 1.1?
I'd like to take advantage of x25519 and chacha20-poly1305 for various
tls-using servers...
-JimC
--
James Cloos OpenPGP: 0x997A9F17ED7DAEA6
On Sat, Nov 5, 2016 at 1:25 PM, Michael Vogt wrote:
> Thanks for this reminder Paul! #828215 is fixed in git and will be
> part of the next upload (which should happy early next week).
Thanks! If you have time, a fix for jessie/wheezy would be appreciated too.
--
bye,
pabs
https://wiki.debian.
On 11/05/2016 01:39 PM, Geert Stappers wrote:
> Today is november fifth, day of the soft freeze in the Debian release
> schedule.
The soft freeze was moved to January 5th, today is the day of the
transition freeze:
"
Key release dates
[2016-Nov-05] Transition freeze
[2016-Dec-05] Mandatory 1
Hi,
(At the time of writing, it was 5 november in all timezones)
Today is november fifth, day of the soft freeze in the Debian release schedule.
I real like this fixed date. Having a clear goal is good!
Riding with "Remember, remember, the fifth of november" is cool.
Will Debian release cycl
Package: wnpp
Severity: wishlist
Owner: Jonathan Carter
* Package name: zfs-auto-snapshot
Version : 1.2.1-1
Upstream Author : Darik Horn
* URL : https://github.com/zfsonlinux/zfs-auto-snapshot
* License : GPL-2
Programming Lang: Shell (dash)
Description
On Thu, Nov 03, 2016 at 06:47:28PM +, Steve McIntyre wrote:
> Hey folks,
>
> I'm in Seattle for the Debian Cloud sprint and it's going really
> well. I'll post a report in a few days summarising what we've
> done. But, in the meantime, there's something that has come up which I
> think merits
On Fri, Nov 04, 2016 at 06:15:43PM -0700, Russ Allbery wrote:
> Policy is currently written like a normal instruction manual. This has a
> lot of real merit, but for quite some time I've thought that it may be
> worth the effort to figure out how to structure it in a somewhat more
> formal way, so
Hi,
I've seen a number of package maintainer willing to upgrade to major
version of packages at this point in time. Among the disruptive changes
that have been done (or are planned to do):
- Django 1.10: uploaded last august, after I wrote more than 30 patches,
there's still issues, it seems. See
On Fri, Nov 04, 2016 at 02:36:27PM +0100, Alexandre Detiste wrote:
> 2016-11-04 13:29 GMT+01:00 Roland Mas :
> > Tangentially related: is there something similar for kernels? My
> > monitoring setup currently compares the age of the most recent file in
> > /boot with the uptime, but I feel there m
On Fri, Nov 04, 2016 at 03:38:38PM +0800, Paul Wise wrote:
> On Fri, Nov 4, 2016 at 2:47 AM, Steve McIntyre wrote:
[..]
> > To solve the issue and provide security updates by default, I'm
> > proposing that we should switch to installing unattended-upgrades by
> > default (and enabling it too) *unl
31 matches
Mail list logo
