Hi,
Many of packages include bundled Aladdin Enterprises independent
implementation of md5. Full list can be seen at
https://codesearch.debian.net/search?q=typedef+unsigned+char+md5_byte_t&perpkg=1
(100 packages)
As discussed in #909116, libmd-dev now provides a compatible interface
for that, so
On 2018-10-25 08:56, Yangfl wrote:
A potential fix for that might be replace the md5.h header with
#define LIBMD_MD5_ALADDIN
#include
remove building for md5.c, and add
Build-Depends: libmd-dev (>= 1.0.1)
That is not a solution for packages that are backported, as libmd-dev
(>= 1.0.1) is o
On 2018-10-24 10:33:30 +0100, Jonathan Dowland wrote:
> That is sort-of what is happening for neomutt (20171215+dfsg.1-1)
> at least, it reports
>
>sh: 1: gpg: not found
>
> There's room for improvement there. mutt (1.9.2-1) is worse
>
>Error: verification failed: Unsupported protocol
>
Am 25.10.18 um 09:44 schrieb Bas Couwenberg:
> On 2018-10-25 08:56, Yangfl wrote:
>> A potential fix for that might be replace the md5.h header with
>>
>> #define LIBMD_MD5_ALADDIN
>> #include
>>
>> remove building for md5.c, and add
>>
>> Build-Depends: libmd-dev (>= 1.0.1)
>
> That is not a sol
On 2018-10-25 10:41, Michael Biebl wrote:
Am 25.10.18 um 09:44 schrieb Bas Couwenberg:
On 2018-10-25 08:56, Yangfl wrote:
A potential fix for that might be replace the md5.h header with
#define LIBMD_MD5_ALADDIN
#include
remove building for md5.c, and add
Build-Depends: libmd-dev (>= 1.0.1)
Michael Biebl writes:
> You have two solutions here:
> - backport libmd-dev (>= 1.0.1)
> - revert this particular change in your package if you do a backport
Reasonable.
On Thu, Oct 25, 2018 at 10:45:46AM +0200, Bas Couwenberg wrote:
> Or:
>
> - Leave the bugreport unresolved until libmd-dev (>= 1.0.1) is available in
> stable
>
> My initial suggestion to wait with the MBF until libmd-dev (>= 1.0.1) is
> available in stable is still the best solution in my opinio
Quoting Bas Couwenberg (2018-10-25 09:44:20)
> On 2018-10-25 08:56, Yangfl wrote:
> > A potential fix for that might be replace the md5.h header with
> >
> > #define LIBMD_MD5_ALADDIN
> > #include
> >
> > remove building for md5.c, and add
> >
> > Build-Depends: libmd-dev (>= 1.0.1)
>
> That i
Jonas Smedegaard writes ("Re: Mass bugfiling potential: bundled implementation
of md5"):
> Quoting Bas Couwenberg (2018-10-25 09:44:20)
> > I suggest to postpone the MBF until libmd-dev (>= 1.0.1) is available in
> > stable (i.e. after the buster release).
>
> How is this any different from any
Ian Jackson writes ("Re: julia_1.0.0-1_amd64.changes REJECTED"):
> Lumin writes ("Re: julia_1.0.0-1_amd64.changes REJECTED"):
> > 1. Isn't "incomplete backtrace" a sensible reason to keep debug symbols?
> >Policy said "should" but not "must". Please tell me what I can do in
> >order to help
Package: wnpp
Severity: wishlist
Owner: Andreas Tille
* Package name: r-cran-lwgeom
Version : 0.1
Upstream Author : Edzer Pebesma,
* URL : https://cran.r-project.org/package=lwgeom
* License : GPL-2
Programming Lang: GNU R
Description : GNU R bindings t
Package: wnpp
Severity: wishlist
Owner: Andreas Tille
* Package name: r-cran-geosphere
Version : 1.5
Upstream Author : Robert J. Hijmans,
* URL : https://cran.r-project.org/package=geosphere
* License : GPL-3+
Programming Lang: GNU R
Description : GNU R
On Tue, Oct 23, 2018 at 05:04:11PM +0200, Vincent Lefevre wrote:
> On 2018-10-22 10:47:05 +0100, Jonathan Dowland wrote:
> > On Sun, Oct 21, 2018 at 10:00:43PM +, Ivan Shmakov wrote:
> > > It can be argued that libgpgme11 does not “provide a significant
> > > amount of functionality” (7.2) with
Package: wnpp
Severity: wishlist
Owner: Steffen Moeller
* Package name: tracetuner
Version : 3.0.6 beta
* URL : https://sourceforge.net/projects/tracetuner/
* License : GPL
Programming Lang: C, Java
Description : Interpretation of raw data from DNA sequen
* Wouter Verhelst [181025 08:26]:
> On Tue, Oct 23, 2018 at 05:04:11PM +0200, Vincent Lefevre wrote:
> > But a Depends or Recommends on gnupg
> > will annoy 99.9% of the users;
>
> Err, no.
>
> That number makes the assumption that all users who have something
> installed that they don't end up
Package: wnpp
Severity: wishlist
Owner: Daniel Glassey
* Package name: ibus-kmfl
Version : 10.99.33
Upstream Author : SIL International
* URL : http://www.keyman.com
* License : GPL
Programming Lang: C
Description : IBus-kmfl is an IM engine for multipl
]] Michael Stone
> On Tue, Oct 23, 2018 at 10:05:35PM +0200, Tollef Fog Heen wrote:
> >We should not be in the business of distributing known-vulnerable
> >software. There are practical considerations around point releases and
> >such which makes this not-really-true for a period of time after t
On Thu, Oct 25, 2018 at 09:32:57AM +, Holger Levsen wrote:
I dont think delaying fixes is a the best solution.
Especially since that's prioritising backports (support:
maintainer best-effort, as-is basis, use with care) over our main
release (full support)
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Jonathan Dow
On Thu, Oct 25, 2018 at 09:15:31PM +0200, Tollef Fog Heen wrote:
Noah writes that the latest image is 8.7. The latest jessie version is
8.11 according to https://wiki.debian.org/DebianJessie.
Ok, then obviously nobody cares. :) Either way, the important thing is
that security updates are enab
Marvin Renich writes:
> I certainly agree with you that 99.9% is clearly a wrong number for
> this. However I disagree that even 0.1% justifies using a different
> definition for Recommends than policy gives.
libgpgme11 is not doing that. The library is literally unusable for its
actual techni
The following is a listing of packages for which help has been requested
through the WNPP (Work-Needing and Prospective Packages) system in the
last week.
Total number of orphaned packages: 1322 (new: 1)
Total number of packages offered up for adoption: 170 (new: 5)
Total number of packages reques
On 2018-10-25 at 20:00, Russ Allbery wrote:
> Marvin Renich writes:
>
>> I certainly agree with you that 99.9% is clearly a wrong number for
>> this. However I disagree that even 0.1% justifies using a different
>> definition for Recommends than policy gives.
>
> libgpgme11 is not doing that.
The Wanderer writes:
> On 2018-10-25 at 20:00, Russ Allbery wrote:
>> The Depends field should be used if the depended-on package is
>> required for the depending package to provide a significant amount of
>> functionality.
> This does not actually seem to conflict with the "would be
Package: wnpp
Severity: wishlist
Owner: "W. Martin Borgert"
* Package name: pyserial-asyncio
Version : 0.4
Upstream Author : Chris Liechti (zsquareplusc), Robert Smallshire
(rob-smallshire)
* URL : https://github.com/pyserial/pyserial-asyncio/
* License : BSD-
24 matches
Mail list logo
