25.11.2016 в 02:07:11 +0100 Jan Niehusmann написал:
> On Fri, Nov 25, 2016 at 01:56:19AM +0400, Stepan Golosunov wrote:
> > qsslsocket_openssl_symbols.cpp also tries to load any libssl.* it can
> > find (in directories gathered from dl_iterate_phdr) when it cannot
> > find libssl.so.. This asks fo
Package: wnpp
Severity: wishlist
Owner: Pirate Praveen
X-Debbugs-CC: debian-devel@lists.debian.org
* Package name: node-execa
Version : 0.5.0
Upstream Author : Sindre Sorhus
(sindresorhus.com)
* URL : https://github.com/sindresorhus/execa#readme
* License : Ex
Package: wnpp
Severity: wishlist
Owner: Pirate Praveen
X-Debbugs-CC: debian-devel@lists.debian.org
* Package name: node-difflet
Version : 1.0.1
Upstream Author : James Halliday (http://substack.net)
* URL : https://github.com/substack/difflet#readme
* License
Package: wnpp
Severity: wishlist
Owner: Pirate Praveen
X-Debbugs-CC: debian-devel@lists.debian.org
* Package name: node-charm
Version : 1.0.1
Upstream Author : James Halliday (http://substack.net)
* URL : https://github.com/substack/node-charm#readme
* License
On Wed, Nov 23, 2016 at 5:24 PM, Simon McVittie wrote:
> (I'm not entirely sure why we consider hardening packaged code to be so
> much more important than hardening the locally-built code compiled by
> our users, which changed compiler defaults like those in Ubuntu
> would also give us.)
IIRC, t
On Fri, Nov 25, 2016 at 01:56:19AM +0400, Stepan Golosunov wrote:
> qsslsocket_openssl_symbols.cpp also tries to load any libssl.* it can
> find (in directories gathered from dl_iterate_phdr) when it cannot
> find libssl.so.. This asks for trouble when
> libssl1.0.2 is not installed and probably n
The following is a listing of packages for which help has been requested
through the WNPP (Work-Needing and Prospective Packages) system in the
last week.
Total number of orphaned packages: 1005 (new: 8)
Total number of packages offered up for adoption: 151 (new: 0)
Total number of packages reques
24.11.2016 в 00:37:01 +0100 Kurt Roeckx написал:
> I've always had the impression that there are or used to be
> probems using using dlopen()/dlsym(). Maybe related to some things
> like RTDL_GLOBAL that causes the symbol lookup to go to the wrong
> library. Do you know of any problems related to t
Package: wnpp
Severity: wishlist
Owner: Ralf Treinen
* Package name: ocplib-simplex
Version : 0.3
Upstream Author : Mohamed Iguernlala
* URL : https://github.com/OCamlPro-Iguernlala/ocplib-simplex
* License : LGPL 2.1
Programming Lang: OCaml
Description
Package: wnpp
Severity: wishlist
Owner: Tim Kuijsten
* Package name: mongovi
Version : 1.0.0
Upstream Author : Tim Kuijsten
* URL : https://github.com/timkuijsten/mongovi
* License : ISC
Programming Lang: C
Description : Command line interface for Mon
On November 24, 2016 11:59:46 AM EST, James Cloos wrote:
>The jessie and jessie-backports releases of certbot have not, in
>general, been usable. There have been usable windows, but it has not
>been continuous.
Certbot has never been in jessie, so I imagine it wouldn't have been usable.
I'm als
Simon McVittie writes:
> (I'm not entirely sure why we consider hardening packaged code to be so
> much more important than hardening the locally-built code compiled by
> our users, which changed compiler defaults like those in Ubuntu
> would also give us.)
I think you might have this in reverse.
On 24/11/16 17:39, Adrian Bunk wrote:
> On Thu, Nov 24, 2016 at 05:22:29PM +0100, Daniel Pocock wrote:
>> ...
>> For networked services, it is different.
>>
>> Debian has already been carrying updated versions of Firefox and
>> Chromium in stable including bundled dependencies too. Maybe we need
On Thu, Nov 24, 2016 at 07:23:22PM +0200, Adrian Bunk wrote:
> If both b-dev and c-dev would depend on the libssl*-dev they use,
Which is not always the case, now.
qtbase5-private-dev exposes lots of internal OpenSSL structures, but
doesn't depend on any OpenSSL package.
libcurl4-openssl-dev onl
On Thu, Nov 24, 2016 at 02:50:23PM -0200, Henrique de Moraes Holschuh wrote:
> On Thu, 24 Nov 2016, Adrian Bunk wrote:
> > On Wed, Nov 23, 2016 at 11:50:12PM -0200, Henrique de Moraes Holschuh wrote:
> > > On Thu, 24 Nov 2016, Kurt Roeckx wrote:
> > >...
> > > > > So, if Qt *ever* exposes its use o
> "PE" == Peter Eckersley writes:
PE> 1. Leave Certbot out of the Debian Stretch release, and rely on
PE> backports as the recommended way to run Certbot on Debian. That's what we
PE> currently do with Jessie:
PE> https://certbot.eff.org/#debianjessie-apache
The jessie and jessie-backports
On Thu, 24 Nov 2016, Adrian Bunk wrote:
> On Wed, Nov 23, 2016 at 11:50:12PM -0200, Henrique de Moraes Holschuh wrote:
> > On Thu, 24 Nov 2016, Kurt Roeckx wrote:
> >...
> > > > So, if Qt *ever* exposes its use of openssl anywere in its APIs, it
> > > > might not be safe. If it doesn't (i.e. at m
Package: wnpp
Severity: wishlist
Owner: Sascha Steinbiss
* Package name: pyaml
Version : 16.11.4
Upstream Author : Mike Kazantsev
* URL : https://github.com/mk-fg/pretty-yaml
* License : WTFPL-2
Programming Lang: Python
Description : module to produce p
On Thu, Nov 24, 2016 at 05:22:29PM +0100, Daniel Pocock wrote:
>...
> For networked services, it is different.
>
> Debian has already been carrying updated versions of Firefox and
> Chromium in stable including bundled dependencies too. Maybe we need to
> have an objective way of deciding which o
On 24/11/16 16:37, Adrian Bunk wrote:
> On Thu, Nov 24, 2016 at 02:45:26PM +0100, Ondřej Surý wrote:
>> On Thu, Nov 24, 2016, at 13:39, Philipp Kern wrote:
>>> So if you, as an upstream maintainer, have a change that is needed for
>>> compatibility with changes in network APIs and the change is r
On Thu, Nov 24, 2016 at 02:45:26PM +0100, Ondřej Surý wrote:
> On Thu, Nov 24, 2016, at 13:39, Philipp Kern wrote:
> > So if you, as an upstream maintainer, have a change that is needed for
> > compatibility with changes in network APIs and the change is reviewable
> > by humans, a stable update co
On Thu, Nov 24, 2016 at 12:20:35PM +0100, Jonas Smedegaard wrote:
> Interesting data points.
thanks.
> Can you get these related data points too?
I dont, sorry, etoobusy.
> - relevant for those with
> limited internet bandwidth (as is the case for some translators):
>
> * amount of data tra
On Thu, Nov 24, 2016 at 03:20:06PM +0100, Jan Niehusmann wrote:
> On Thu, Nov 24, 2016 at 03:59:10PM +0200, Adrian Bunk wrote:
> > If inspection is not easily possible, then adding a dependency on
> > libssl1.0-dev to qtbase5-private-dev should be sufficient to
> > ensure that this is not leaked t
On jueves, 24 de noviembre de 2016 15:20:06 ART Jan Niehusmann wrote:
> On Thu, Nov 24, 2016 at 03:59:10PM +0200, Adrian Bunk wrote:
> > If inspection is not easily possible, then adding a dependency on
> > libssl1.0-dev to qtbase5-private-dev should be sufficient to
> > ensure that this is not lea
On Thu, Nov 24, 2016 at 03:59:10PM +0200, Adrian Bunk wrote:
> If inspection is not easily possible, then adding a dependency on
> libssl1.0-dev to qtbase5-private-dev should be sufficient to
> ensure that this is not leaked to a different OpenSSL version.
I see two disadvantages:
1) doesn't cat
On Wed, Nov 23, 2016 at 11:50:12PM -0200, Henrique de Moraes Holschuh wrote:
> On Thu, 24 Nov 2016, Kurt Roeckx wrote:
>...
> > > So, if Qt *ever* exposes its use of openssl anywere in its APIs, it
> > > might not be safe. If it doesn't (i.e. at most you have a qt flag that
> > > says "use SSL",
On Thu, Nov 24, 2016, at 13:39, Philipp Kern wrote:
> So if you, as an upstream maintainer, have a change that is needed for
> compatibility with changes in network APIs and the change is reviewable
> by humans, a stable update could be possible. It's still on a
> case-by-case basis, so you would n
On 24.11.2016 09:27, Daniel Pocock wrote:
> Personally, I haven't seen a strong response to this challenge in any
> previous discussions like this. It has been raised before.
>
> The rational for the freeze is that we don't want things to break after
> a release is declared stable.
>
> For those
Quoting Holger Levsen (2016-11-24 10:43:40)
> As some people fear the size of the git repo, I've done a test:
>
> cloning took 5-6min (granted over a fast network connection) and requires
> 628mb of diskspace in the end.
>
> however, cloning using --depth 1 did not work :(
>
> $ git clone --dept
On Thursday 13 October 2016 12:13 AM, Jérémy Lal wrote:
> I suppose you have considered using browserify-lite when possible ?
> It is actually quite rare (and usually a bad sign of quality, imo) to
> see modules
> that do require the full-fledge browserify.
I did use browserify-lite for fuzzaldrin
Hi Laura,
thanks *a lot* for leading this migration! Much much appreciated!
On Wed, Nov 23, 2016 at 11:21:08PM +0100, Laura Arjona Reina wrote:
> I have setup this git repo:
> https://anonscm.debian.org/cgit/webwml/webwml2git.git
> for me and the people interested to work on the migration.
wow,
This could be the start of something magical
http://profitableaffiliate.co.uk/75012-54631-95837-4982.php?4u0nc&x=py4hmpjf&fto=n47pev&34tv&4==31hrccjm&fq1t4amn=
http://profitableaffiliate.co.uk/75012-54631-95837-4982.php?4u0nc&x=py4hmpjf&fto=n47pev&34tv&4==31hrccjm&fq1t4amn=
On 24/11/16 09:31, Pirate Praveen wrote:
> On Thursday 24 November 2016 01:31 PM, Daniel Pocock wrote:
>> If you can expand the scope of your crowdfunding effort to cover
>> those libraries needed for homer-ui, then I'm happy to promote
>> the crowdfunding in the HOMER and free RTC communities.
>
On Thursday 24 November 2016 01:31 PM, Daniel Pocock wrote:
> If you can expand the scope of your crowdfunding effort to cover those
> libraries needed for homer-ui, then I'm happy to promote the
> crowdfunding in the HOMER and free RTC communities.
Can you ask the upstream to create a list of dep
On 24/11/16 00:06, Peter Eckersley wrote:
> So Let's Encrypt definitely wants to get to a place where we have some very
> stable APIs for other people to code against. We're trying to do that with the
> Certbot command line itself, working hard to ensure that if people upgrade, it
> doesn't brea
On 24/11/16 06:26, Pirate Praveen wrote:
> On Thursday 24 November 2016 01:25 AM, Daniel Pocock wrote:
>> Would you be interested in helping package JS dependencies for
>> homer-ui[1] in Debian?
>
> Right now, my plates are full. I will have a look once I complete
> gulp and webpack.
>
>> We a
36 matches
Mail list logo
