Hi,
On Dienstag, 16. Oktober 2012, martin f krafft wrote:
> We have not cared enough for almost 20 years that 9 out of 10 binary
> packages in use (i386 until 2005, amd64 since then) are built on
> machines that are individually maintained according to widely
> varying security standards to do any
On Mon, Oct 15, 2012 at 10:59:27PM -0400, Michael Gilbert wrote:
> I know this subject has been discussed on and off in the past, but
> there's new evidence that it's simply the right thing to do.
Nice, although it's not new evidence we need :). The state of last
discussion on the matter is that t
also sprach Holger Levsen [2012.10.16.0945 +0200]:
> > We have not cared enough for almost 20 years that 9 out of 10 binary
> > packages in use (i386 until 2005, amd64 since then) are built on
> > machines that are individually maintained according to widely
> > varying security standards to do an
Package: wnpp
Severity: wishlist
Owner: "Cédric Boutillier"
* Package name: ruby-integration
Version : 0.1.0
Upstream Author : Ben Gimpert, Claudio Bustos
* URL : https://github.com/clbustos/integration
* License : MIT/X
Programming Lang: Ruby
Description
* martin f krafft , 2012-10-16, 08:21:
This is my opinion but I admit I have not followed previous
discussions on the subject
http://lists.debian.org/debian-security/2004/09/msg00014.html
We have not cared enough for almost 20 years that 9 out of 10 binary
packages in use (i386 until 2005
On Tue, 16 Oct 2012, Jakub Wilk wrote:
> * martin f krafft , 2012-10-16, 08:21:
> >>This is my opinion but I admit I have not followed previous
> >>discussions on the subject
> >
> >http://lists.debian.org/debian-security/2004/09/msg00014.html
> >
> >We have not cared enough for almost 20 year
Hi,
On 16.10.2012 14:00, Russell Coker wrote:
> There are a fairly small number of Debian servers. So even if the
> probability
> of system compromise for a Debian server was the same as for a laptop owned
> by
> a random DD the fact that DD workstations outnumber Debian servers by at
> leas
On Tue, 16 Oct 2012, Arno Töll wrote:
> On 16.10.2012 14:00, Russell Coker wrote:
> > There are a fairly small number of Debian servers. So even if the
> > probability of system compromise for a Debian server was the same as for
> > a laptop owned by a random DD the fact that DD workstations outn
]] Jakub Wilk
> What makes a buildd more secure than a machine of J. Random Developer?
It has a smaller attack surface due to few users, firewalls, few
packages installed, nobody using it for browsing the web, etc.
--
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends
Tollef Fog Heen writes:
> ]] Jakub Wilk
>
>> What makes a buildd more secure than a machine of J. Random Developer?
>
> It has a smaller attack surface due to few users, firewalls, few
> packages installed, nobody using it for browsing the web, etc.
We seem to be forgetting, that the real advan
Package: wnpp
Severity: wishlist
Owner: Neil Wilson
* Package name: thin-provisioning-tools
Version : 0.1.5
Upstream Author : Red Hat, Inc.
* URL : https://github.com/jthornber/thin-provisioning-tools
* License : GPL v3
Programming Lang: C++
Description
Great work, thanks all!
Did you usertag any of the bugs you closed in that party? It would be kind-of
interesting to see them. Does anyone else think that might be useful (either
now or in future?) I suppose I could just scan debian-bugs-dist for the time
period.
--
To UNSUBSCRIBE, email to deb
Next to Alcester, also a BSP was held in Utrecht, the Netherlands [1].
In total, over two days, we worked with 17 people on a number of bugs:
* 15 RC bugs were fixed or otherwise dramatically improved
* 7 RC bugs were marked notfound in stable and already fixed in wheezy
* 18 release-notes bugs w
On Oct 12, 2012, at 09:13 PM, Hideki Yamane wrote:
> bzr-builddeb is, well, it seems that is useful in UDD (Ubuntu Distributed
> Development, as Ubuntu packaging guide says) way, but now it heavily relies
> on Launchpad in my point of view. And, packaging-dev can specify
> vendor-specific Recommen
On Oct 12, 2012, at 02:22 PM, Benjamin Drung wrote:
>How does bzr-builddeb depend on Launchpad? bzr is integrated into
>Launchpad, but you can use bzr without Launchpad as every other DVCS.
$ bzr branch debianlp:mypackage
is one way to use Launchpad with bzr for Debian effectively. It's certain
On Oct 16, 2012, at 03:54 PM, Tollef Fog Heen wrote:
>]] Jakub Wilk
>
>> What makes a buildd more secure than a machine of J. Random Developer?
>
>It has a smaller attack surface due to few users, firewalls, few
>packages installed, nobody using it for browsing the web, etc.
I also think allowin
Package: wnpp
Severity: wishlist
Owner: Rodrigo Silva
* Package name: wavegain
Version : 1.3.1
Upstream Author : John Edwards
* URL : http://www.rarewares.org/others.php
* License : LGP-2.1+
Programming Lang: C
Description : replaygain for WAV files
W
On Wed, 17 Oct 2012, Barry Warsaw wrote:
> I also think allowing source-only uploads makes for easier contributions,
> and thus hopefully more contributions.
Why would it be easier? Surely we still want people to build packages first to
ensure that we don't needlessly get FTBFS bugs.
--
My Ma
On 17/10/2012 08:36, Russell Coker wrote:
> On Wed, 17 Oct 2012, Barry Warsaw wrote:
>> I also think allowing source-only uploads makes for easier contributions,
>> and thus hopefully more contributions.
>
> Why would it be easier? Surely we still want people to build packages first
> to
> ens
On Oct 17, 2012, at 1:03 AM, Barry Warsaw wrote:
> On Oct 12, 2012, at 02:22 PM, Benjamin Drung wrote:
>
>> How does bzr-builddeb depend on Launchpad? bzr is integrated into
>> Launchpad, but you can use bzr without Launchpad as every other DVCS.
>
> $ bzr branch debianlp:mypackage
>
> is one
On Wed, Oct 17, 2012 at 04:05:10AM +0200, John Paul Adrian Glaubitz wrote:
> On Oct 17, 2012, at 1:03 AM, Barry Warsaw wrote:
>
> > On Oct 12, 2012, at 02:22 PM, Benjamin Drung wrote:
> >
> >> How does bzr-builddeb depend on Launchpad? bzr is integrated into
> >> Launchpad, but you can use bzr w
Package: wnpp
Owner: Martin Atkins
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org,
debian-p...@lists.debian.org
* Package name: djabberd
Version : 0.85-2
Upstream Author : Debian Perl Group
* URL : http://danga.com/djabberd
* License : Artistic
On 17 October 2012 03:05, John Paul Adrian Glaubitz
wrote:
> On Oct 17, 2012, at 1:03 AM, Barry Warsaw wrote:
>
>> On Oct 12, 2012, at 02:22 PM, Benjamin Drung wrote:
>>
>>> How does bzr-builddeb depend on Launchpad? bzr is integrated into
>>> Launchpad, but you can use bzr without Launchpad as e
On 13001 March 1977, Michael Gilbert wrote:
> So, are we ready to do this?
No.
Its for after wheezy, definitely.
Also, there are some open issues to be solved for this to happen.
The most important is being able to deal with arch all packages. And
worse - arch all packages able to build only on c
24 matches
Mail list logo
