Delta generated at: 2022-05-24 11:37 UTC
* Last Uploader: Bryce Harrington
Sync or Merge bug: Bug #1971248 in apache2 (Ubuntu): "Merge apache2 from Debian unstable for kinetic" (In Progress)
Debian changes newer than ubuntu version:
Error creating changes log. Please look manually
* Last Uploader: Sergio Durigan Junior
Sync or Merge bug: Bug #1971250 in bind9 (Ubuntu): "Merge bind9 from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
bind9 (1:9.18.3-1) unstable; urgency=medium
* New upstream version 9.18.3
-- Ondřej Surý Wed, 18 May 2022 16:53:01 +0200
bind9 (1:9.18.2-1) unstable; urgency=medium
* Drop libldap2-dev from Build-Depends (Closes: #1008021)
* New upstream version 9.18.2
* Add runtime dependency on libuv1 >= 1.40.0 (Closes: #1009889)
-- Ondřej Surý Tue, 26 Apr 2022 11:03:35 +0200
* Last Uploader: Matthias Klose
Sync or Merge bug: Bug #1971268 in cluster-glue (Ubuntu): "Merge cluster-glue from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
cluster-glue (1.0.12-21) unstable; urgency=medium
[ Lucas Kanashiro ]
* d/t/logd: use journalctl to get logs if $LOG is not available
[ Valentin Vidic ]
* Update watch file url
* Update build dependency on libltdl-dev (Closes: #1008889)
* Add retries to logd autopkgtest
* Update Standards-Version to 4.6.0
* Update copyright file
-- Valentin Vidic Sun, 10 Apr 2022 16:17:14 +0200
* Last Uploader: Miriam España Acebal (sponsored by Lucas Kanashiro)
Sync or Merge bug: Bug #1971270 in corosync (Ubuntu): "Merge corosync from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
corosync (3.1.6-2) unstable; urgency=medium
[ Debian Janitor ]
* [290ca16] Remove 2 obsolete maintscript entries in 2 files.
Changes-By: lintian-brush
* [8d89318] Update renamed lintian tag names in lintian overrides.
Changes-By: lintian-brush
Fixes: lintian: renamed-tag
See-also: https://lintian.debian.org/tags/renamed-tag.html
[ Ferenc Wágner ]
* [f8c32e7] New patch: Remove bashism from configure script (Closes: #998785)
-- Ferenc Wágner Sun, 06 Mar 2022 20:07:05 +0100
* Last Uploader: Lucas Kanashiro
Sync or Merge bug: Bug #1971271 in crmsh (Ubuntu): "Merge crmsh from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
crmsh (4.3.1-3) unstable; urgency=medium
[ Athos Ribeiro ]
* d/p/0020-Use-crmsh-hb_report.patch: use the crmsh shipped hb_report script
when available
* d/p/0021-Support-python-310.patch: support Python 3.10
(Closes: #1009087, #1009092)
[ Valentin Vidic ]
* d/patches: cleanup duplicate patch
* d/rules: fix timestamps on patched files for reproducible build
-- Valentin Vidic Sun, 10 Apr 2022 09:48:28 +0200
crmsh (4.3.1-2) unstable; urgency=medium
* d/tests: fix cluster init test
* d/patches: add fix for python 3.10 (Closes: #1009087, #1009087)
-- Valentin Vidic Sun, 10 Apr 2022 07:11:23 +0200
* Last Uploader: Till Kamppeter
Debian changes newer than ubuntu version:
cups-filters (1.28.15-1) unstable; urgency=medium
* Update to new upstream version 1.28.15.
-- Thorsten Alteholz Tue, 12 Apr 2022 19:05:13 +0200
* Last Uploader: Steve Langasek
Sync or Merge bug: Bug #1971273 in dovecot (Ubuntu): "Merge dovecot from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
dovecot (1:2.3.18+dfsg1-1) unstable; urgency=medium
[ Noah Meyerhans ]
* [36966c8] New upstream version 2.3.18+dfsg1
* [042bda4] Refresh patches for 1:2.3.18+dfsg1-1
-- "Noah Meyerhans" Thu, 10 Feb 2022 20:05:50 +0000
dovecot (1:2.3.17.1+dfsg1-1) unstable; urgency=medium
[ Christian Göttsche ]
* [40b0010] New upstream version 2.3.17+dfsg1
* [3c377e0] New upstream version 2.3.17.1+dfsg1
* [e2f1ce2] d/patches: rebase and drop upstream applied ones
* [533b7ad] d/control: bump to standards version 4.6.0 (no further changes)
* [02ed6cf] debian: reduce Lintian issues
* [bb3ae48] d/salsa-ci.yml: skip cross build and do not fail on Lintian
warnings
* [bcda7e4] d/control: build against Lua 5.4
* [9eed0dd] d/control: enable libunwind support on available archs
* [1990699] d/patches: cherry-pick memory leak commit
* [426df46] d/patches: cherry-pick imapsieve fix
* [e3d0747] d/patches: add patch for LTO by avoiding unaligned access
(Closes: #997513)
-- Noah Meyerhans Tue, 14 Dec 2021 09:24:23 -0800
* Last Uploader: Sergio Durigan Junior
Sync or Merge bug: Bug #1971274 in exim4 (Ubuntu): "Merge exim4 from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
exim4 (4.95-6) unstable; urgency=high
* Drop code for upgrading from ancient (4.80-7 and earlier) versions in
maintainer-scripts. Closes: #1000962
* 75_68-GnuTLS-Do-not-free-the-cached-creds-on-transport-con.patch:
Fix segfault on deferred delivery on first MX. Closes: #1004740
-- Andreas Metzler Fri, 20 May 2022 19:37:43 +0200
exim4 (4.95-5) unstable; urgency=medium
* More upstream fixes:
+ 75_60-Utilities-fix-exiqgrep-perl-syntax-add-testcases.-Bu.patch
Closes: #1006661
+ 75_64-Logging-fix-crash-on-local_part-utf8-conversion-fail.patch
* Update exiqgrep manpage.
-- Andreas Metzler Sun, 10 Apr 2022 13:57:43 +0200
* Last Uploader: Lucas Kanashiro
Sync or Merge bug: Bug #1971275 in fence-agents (Ubuntu): "Merge fence-agents from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
fence-agents (4.11.0-1) unstable; urgency=medium
* New upstream version 4.11.0
* Refresh patches for new version
* Create packages for fence-virt and fence-virtd
* Update watch file url
* Update Debian copyright
* Update Standards-Version to 4.6.0
* Cleanup lintian-overrides
* Fix lintian warning for syslog.target
* Replace deprecated logging.warn calls
* Ignore warnings in metadata output
-- Valentin Vidic Sun, 01 May 2022 17:51:59 +0200
* Last Uploader: Till Kamppeter
Debian changes newer than ubuntu version:
foomatic-db (20220223-1) unstable; urgency=medium
* New upstream version 20220223
* debian/control: Add myself to Uploaders:
* debian/control: use dh13
* debian/coypright: fix BSD license name
* debian/copyright: lintian seems to have a problem with hyphens
-- Thorsten Alteholz Sun, 27 Mar 2022 11:03:02 +0200
* Last Uploader: Łukasz Zemczak
Debian changes newer than ubuntu version:
ghostscript (9.56.1~dfsg-1) unstable; urgency=medium
[ upstream ]
* new release
+ fix text rendering mode 3 and pdfwrite;
closes: bug#1009680, thanks to Paul Gevers and others
[ Jonas Smedegaard ]
* fix watch file
* update symbols: 1 private symbol added
-- Jonas Smedegaard Wed, 20 Apr 2022 22:47:35 +0200
ghostscript (9.56.0~dfsg-1) unstable; urgency=medium
[ upstream ]
* new release
[ Jonas Smedegaard ]
* drop superfluous lintian overrides
* New upstream version 9.56.0~dfsg
* update symbols:
+ 56 private symbols added
+ 23 private symbols dropped
* use semantic newlines in long descriptions
-- Jonas Smedegaard Wed, 30 Mar 2022 11:51:53 +0200
ghostscript (9.56.0~~rc2~dfsg-1) experimental; urgency=medium
[ upstream ]
* new pre-release
-- Jonas Smedegaard Mon, 21 Mar 2022 09:09:26 +0100
ghostscript (9.56.0~~rc1~dfsg-1) experimental; urgency=medium
[ upstream ]
* new pre-release
[ Jonas Smedegaard ]
* update copyright info:
+ add Reference and improve Comment
for files covered by project-wide terms
+ fix interpret unversioned GPL/LGPL to mean any version
+ use multiple separate License-Grant fields
(not multiple texts in one field, delimited by [...]
which is hard to distinguish when parsing by a machine)
+ sort License sections alphabetically
+ fix drop bogus Files section
(likely due to a false positive in older licensecheck
flagging the word Adobe as a license grant)
+ fix avoid complex shell globbing in file listings
(leftover from pre-1.0 file format)
+ update coverage
* update lintian overrides regarding license shortnames
* tighten lintian overrides
* drop patches cherry-picked upstream now applied
* drop patch 1003 adopted upstream
* drop patch 2009 obsoleted by upstream changes;
stop have ghostscript-doc depend on libjs-jquery
* update and unfuzz patches
* update Maintainer and Vcs-* fields, and drop Uploaders:
package now maintained in collaborative debian area of Salsa
-- Jonas Smedegaard Mon, 07 Mar 2022 21:47:41 +0100
* Last Uploader: Christian Ehrhardt
Sync or Merge bug: Bug #1971283 in ldns (Ubuntu): "Merge ldns from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
ldns (1.8.1-1) unstable; urgency=medium
* New upstream version 1.8.1
Closes: #1008638 (FTBFS with python 3.10 due to distutils check)
Closes: #1005646 (FTBFS with OpenSSL 3.0)
Closes: #1009385 (output of ldns-key2ds changes after compiler changes)
Closes: CVE-2020-19860 (heap buffer overflow in while verifying zone file)
Closes: CVE-2020-19861 (heap overflow/leakage when reading a zone file)
* rework the build system, fixing numerous issues:
- stop overwriting files at install time from different builds
and ending up using the build with wrong configure options
- stop running install twice
- stop removing system-installed files if any on clean
- stop doing (re)build of everything just for the python build
- build python bits in the main build and perform extra steps
only if there's more than one python version to build for
(this effectively eliminates miltiple builds completely)
- clarify build with multiple pyversions and why it still fails
- remove old, now irrelevant, stuff (like overriding options
which are being in effect anyway, or which has no effect)
- move variable-based custom install rule for libldns.pc
into .install file once dh now allows variables in there
- reduce startup time by eliminating dpkg's default.mk which is slow
- remove the wrongly-generated staic lib for the python bindings
(_ldns.{a,la}) in the install rules instead of ignoring them
in dh_install -X
- fix add --with-trust-anchor= so it actually works
- replace dh --with python with Build-Depend: dh-sequence-python3
- run dh only for supported targets/sequences
* update symbols file for 1.8 version, adding 6 new symbols
* remove Makefile-remove-install-libldns-pc.patch
* update short descriptions of all packages to mention what is
actually in there instead of being the same for all packages
* remove Build-Dependes: chrpath & pkg-config (not used)
* add fix-pyldns-include.patch to fix building pyldns outside source dir
* d/control: update Stdandards-Version to 4.6.0.1 (no changes)
* d/watch: rework, simplify, use https, enable pgp signature verification
* add upstream/signing-key.asc with the followig key:
E5F8F8212F77A498 "Willem Toorop "
* remove trailing whitespace from d/changelog
* add myself to uploaders
-- Michael Tokarev Tue, 26 Apr 2022 16:05:17 +0300
ldns (1.7.1-3) unstable; urgency=medium
* Acknowledge NMU (thanks, Michael Tokarev!)
[ Robert Edmonds ]
* debian/rules: Add "--with-trust-anchor=/usr/share/dns/root.key"
to configure parameters
* debian/control: Add "Recommends: dns-root-data" to ldnsutils
[ Daniel Kahn Gillmor ]
* added myself to uploaders
* Import upstream patch to fix SHA-256 on GCC 11 (Closes: #1009385)
* d/watch: update to version 4 (and use https)
* d/clean: clean up some generated files
-- Daniel Kahn Gillmor Wed, 13 Apr 2022 10:27:03 -0700
ldns (1.7.1-2.1) unstable; urgency=medium
* Non-maintainer upload.
* add fix-wrong-python-distutils-configure-check.diff to fix the
incorrect distutils package check (it should be checking the
return code not the emptiness of the output). This fixes FTBFS
with new python (3.10) and allows the python3.10 transition to
happen, but it is not fixing the actual issiue with ldns using
distutils which should be addressed later. Closes: #1008638
-- Michael Tokarev Thu, 07 Apr 2022 16:03:29 +0300
* Last Uploader: Jess Jang (sponsored by Utkarsh Gupta)
Sync or Merge bug: Bug #1971287 in librabbitmq (Ubuntu): "Merge librabbitmq from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
librabbitmq (0.11.0-1) unstable; urgency=low
* New upstream release (Closes: #1004590, #1006244).
* Add debian/gbp.conf.
* Update d/watch to work with github again.
* Bump debhelper version to 13.
* Bump Standards-Version to 4.6.0.1.
* Update year in d/copyright.
* Install cmake files in librabbitmq-dev.
* Update symbols for librabbitmq4.
* Refresh patches and re-export with gbp numbering.
* Add patch to fix typo in amqp-publish.1 manpage.
* Install examples in librabbitmq-dev.
* Add d/upstream/metadata.
* Use uscan version 4.
* Enable upstream testsuite for autopkgtests.
-- Michael Fladischer Mon, 21 Feb 2022 22:42:45 +0000
* Last Uploader: Christian Ehrhardt
Sync or Merge bug: Bug #1971289 in libvirt (Ubuntu): "Merge libvirt from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
libvirt (8.3.0-1) unstable; urgency=medium
* [f9dd871] New upstream version 8.3.0
-- Andrea Bolognani Sun, 15 May 2022 15:21:52 +0200
libvirt (8.2.0-1) unstable; urgency=medium
* [4d84203] New upstream version 8.2.0
- Fixes CVE-2022-0897 (Closes: #1009075)
* [d1baa54] patches: Drop backports
* [333c80a] control: Switch from fuse to fuse3
* [4793ac2] libvirt-dev: Drop dependency on libxen-dev
- Thanks to Pino Toscano
-- Andrea Bolognani Wed, 20 Apr 2022 22:51:26 +0200
libvirt (8.1.0-2) unstable; urgency=medium
* [ba504f6] systemd: Hardcode output of dh_installsystemd
- Stop using dh_installsystemd and hardcode slightly tweaked
versions of its output in maintainer scripts instead, as a
temporary workaround for #994204
* [4c89356] systemd: Only ever restart libvirtd on upgrade
- This avoids guests being stopped or crashing during upgrades
-- Andrea Bolognani Sat, 19 Mar 2022 19:06:47 +0100
libvirt (8.1.0-1) experimental; urgency=medium
[ Andrea Bolognani ]
* [224b64e] New upstream version 8.1.0
* [06dea7a] patches: Drop backports
* [9f3a2e6] patches: Add backport/qemu-segmentation-fault-[...].patch
- Fixes a regression introduced in 8.1.0
* [70e6209] control: Drop build dependency on dnsmasq-base
- Availability is only checked at runtime
[ Martin Pitt ]
* [171a675] apparmor: Fix QEMU access for UEFI variable files
- QEMU needs to read, write and lock the NVRAM *.fd files with
UEFI firmware
- Closes: #1006324
- LP: #1962035
[ Maximilian Engelhardt ]
* [a06d5e5] control: Drop i386 from Xen arches
- Starting with version 4.16, Xen is no longer built on the i386
architecture in Debian
- Thanks to Diederik de Haas for helping get this fix merged
- Closes: #1006300
-- Andrea Bolognani Tue, 15 Mar 2022 23:53:49 +0100
* Last Uploader: Stéphane Graber
Debian changes newer than ubuntu version:
lxcfs (5.0.0-1) unstable; urgency=medium
* New upstream release 5.0.0
- Drop d/p/0001
* d/copyright: Upstream shifted to LGPL-2.1+ I do so for debian/
* d/rules: update rules for init as the build system changed
(Closes: #1008667)
* d/control: Bump Standards-Version to 4.6.0
-- Pierre-Elliott Bécue Mon, 04 Apr 2022 23:15:49 +0200
Unknown (Probably auto sync.)
Debian changes newer than ubuntu version:
mailman (1:2.1.29-1) unstable; urgency=medium
* New upstream release.
- Fixes CVE-2018-13796
-- Thijs Kinkhorst Wed, 05 Sep 2018 05:03:24 +0000
mailman (1:2.1.27-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Arbitrary text injection vulnerability in Mailman CGIs (CVE-2018-13796)
(Closes: #903674)
-- Salvatore Bonaccorso Sun, 02 Sep 2018 22:23:45 +0200
mailman (1:2.1.27-1) unstable; urgency=medium
* New upstream release.
- Fixes CVE-2018-0618
* Run dh_autoreconf to make build reproducble (closes: 889637).
Thanks Chris Lamb for the patch.
* Drop Debian patches mangling translations, upstream is in
a much better shape nowadays (closes: 901810).
* Checked for policy 4.1.4, no changes.
* Set a SUBSCRIBE_FORM_SECRET in mm_cfg.py on new installs,
to add protection against subscription spam in the default
installation. Existing installs will not be changed because
it might break external subscribe forms (closes: 900648).
-- Thijs Kinkhorst Sat, 23 Jun 2018 13:23:17 +0000
mailman (1:2.1.26-1) unstable; urgency=medium
* New upstream release.
- Fixes XSS in user options CGI (CVE-2018-5950, closes: #888201)
* Document that this is the legacy branch of Mailman and that all
major development is focused on Mailman 3 (package mailman3).
-- Thijs Kinkhorst Sun, 04 Feb 2018 18:23:18 +0000
mailman (1:2.1.25-1) unstable; urgency=medium
* New upstream release.
* Checked for policy 4.1.3: removed init.d invocation from
prerm and also from user instructions.
* Upgraded to debhelper compat level 11.
* Replace init script with systemd service file.
Thanks a lot to Stefan Bühler for the helpful suggestion!
This also should improve robustness against log rotation.
(Closes: #881329, #733475, #505638)
* Packaging cleanups.
-- Thijs Kinkhorst Sun, 07 Jan 2018 18:22:51 +0000
mailman (1:2.1.24-1) unstable; urgency=medium
* New upstream release.
* Fixed broken dependencies in SpamAssassin.py (Closes: #838288).
Thanks Stephen Rothwell for the patch.
-- Thijs Kinkhorst Tue, 05 Sep 2017 14:31:54 +0000
mailman (1:2.1.23-1) unstable; urgency=medium
* New upstream release.
- Fixes CSRF in user options (CVE-2016-6893, closes: #835970).
-- Thijs Kinkhorst Tue, 13 Sep 2016 16:01:59 +0000
mailman (1:2.1.22-1) unstable; urgency=medium
* New upstream release. (Closes: #821367)
* Checked for policy 3.9.8, no changes.
-- Thijs Kinkhorst Mon, 25 Apr 2016 16:39:06 +0000
mailman (1:2.1.20-1) unstable; urgency=medium
* New upstream release. (Closes: #779911)
- Drop obsolete patches:
92_CVE-2015-2775.patch
* Checked for policy 3.9.6, no changes.
* Update to debhelper compat level 9.
* Make postfix-to-mailman.py work with the full recipient email
address, solving an issue when recipient_delimiter = "-".
To take advantage of this, change "${user}" to "${recipient}"
in Postfix' master.cf. Patch by Brian O'Connor. (Closes: #578986)
* Make package build reproducibly by using install instead of cp
for installing qmail-to-mailman.py. Patch by Jérémy Bobbio.
(Closes: #783151)
* Update example apache.conf for Apache 2.4.
* Add cron-daemon as dependency alternative to cron. (Closes: #785193)
-- Thijs Kinkhorst Thu, 14 May 2015 14:09:42 +0000
mailman (1:2.1.18-2) unstable; urgency=high
* Fix security issue: path traversal through local_part.
Affects installations which use an Exim or Postfix transport
instead of fixed aliases; attacker needs to be able to place
files on the local filesystem.
(CVE-2015-2775, Closes: 781626)
-- Thijs Kinkhorst Mon, 06 Apr 2015 15:36:15 +0000
mailman (1:2.1.18-1) unstable; urgency=medium
* New upstream release.
- Adds DMARC support. (Closes: #746592)
- Drop obsolete patches:
20_qmail_to_mailman.debian.patch
80_sync_members_unicode.patch
* Add lsb-release to debian/tests/control. (Closes: #734180)
* Fix ownership on /var/lib/mailman/archives/private as upstream
suggests, also reflecting group ownership for public archives.
Thanks Luca Capello! (closes: #603904)
* Checked for policy 3.6.5, no changes.
-- Thijs Kinkhorst Thu, 10 Jul 2014 19:27:46 +0200
mailman (1:2.1.16-2) unstable; urgency=medium
* Upload to unstable, as requested by Thijs; we did not encounter
any unexpected trouble with the version in experimental, and it
does fix an RC bug as well as a release goal.
-- Thorsten Glaser Mon, 03 Feb 2014 14:00:37 +0100
mailman (1:2.1.16-1exp2) experimental; urgency=low
* Try harder to use UTF-8
-- Thorsten Glaser Sun, 29 Dec 2013 14:40:17 +0000
mailman (1:2.1.16-1exp1) experimental; urgency=low
* Convert to UTF-8. (Closes: #398777, #535296, #732929)
* Apply upstream bugfix for sync_members. (Closes: #732741)
-- Thorsten Glaser Sun, 29 Dec 2013 02:08:38 +0000
mailman (1:2.1.16-1) unstable; urgency=low
* New upstream release.
-- Thijs Kinkhorst Wed, 06 Nov 2013 19:57:54 +0100
mailman (1:2.1.16~rc2-1) unstable; urgency=low
[ Thijs Kinkhorst ]
* New upstream release candidate.
- Exposes message-id to templates (closes: #614340).
* Remove obsolete patches, applied upstream:
21_newlist_help.patch
* Updates to Russian debconf templates, thanks Ivan Krylov!
(closes: #710268).
* Needs at least version 3.8.0 of logrotate (closes: #687215).
* Add autopkgtests, thanks Yolanda Robla! (closes: #710095)
* Packaging cleanup: checked for policy 3.9.4, update Vcs URL,
recommend default-mta instead of exim4.
[ Thorsten Glaser ]
* Prevent losing stderr in the init script when there are many lists.
(closes: #702002)
* debian/watch: mangle the epoch away so DDPO is green again.
-- Thijs Kinkhorst Sun, 04 Aug 2013 12:00:05 +0200
mailman (1:2.1.15-1) unstable; urgency=low
* New upstream release.
* Improve Exim4 instructions, thanks Andrew Hodgson.
* Remove obsolete PRIVATE_ARCHIVE_URL variable, thanks Matthew Hall
(closes: #676481).
* Correct mmarch man page, thanks Francesco Potortì (closes: #583369).
* Specify need for MTA=None in postfix-to-mailman.py (closes: #648976).
-- Thijs Kinkhorst Sat, 16 Jun 2012 12:04:40 +0200
mailman (1:2.1.15~rc1-1) unstable; urgency=low
[ Thijs Kinkhorst ]
* New upstream release candidate.
* Remove obsolete patches, applied upstream:
02_use_dpkg_buildflags.patch
07_snooze.patch
59_fix_missing_language_crash.patch
70_invalid_utf8_dos.patch
71_date_overflows.patch
74_admin_non-ascii_emails.patch
80_CVE-2011-0707_confirm_xss.patch
99_js_templates.patch
[ Thorsten Glaser ]
* Update the watch file for Launchpad
-- Thijs Kinkhorst Sun, 20 May 2012 14:01:42 +0200
mailman (1:2.1.14-4) unstable; urgency=low
* Ensure CPPFLAGS and LDFLAGS are actually used during build,
thanks Simon Ruderich for the patch! (closes: #663590)
Additionally, enable all available hardening features.
* Checked for policy 3.9.3, add DEP3 patch headers.
* Add Danish debconf translation, thanks Joe Dalton (closes: #659467).
* Add 'su root list' statements to logrotate config, to cope
with logrotate >= 3.8; thanks Joël Bertrand (closes: #653766).
* Avoid config file prompt for mailman crontab entry if this
file was unmodified (closes: #655837).
-- Thijs Kinkhorst Sun, 18 Mar 2012 14:12:49 +0100
mailman (1:2.1.14-3) unstable; urgency=low
* Make man page descruptions match more keywords (closes: #597112).
* Add cull_bad_shunt command to default cron job (closes: #615204)
and improve cron job handling in the package.
* Import dpkg buildflags, also enabling hardening features.
* Remove gate_news debconf question.
-- Thijs Kinkhorst Sat, 08 Oct 2011 17:27:51 +0200
mailman (1:2.1.14-2) unstable; urgency=low
[ Thijs Kinkhorst ]
* Move mail-transport-agent to Recommends, since Mailman can be
configured to run with a remote MTA (closes: #616292).
* Update to policy 3.9.2, add build-{arch,indep} targets.
[ Thorsten Glaser ]
* Add myself to Uploaders, as suggested by Thijs.
* Apply patch from Barry Warsaw to switch from python-support
to dh_python2. (LP: #788514) (Closes: #637398)
-- Thijs Kinkhorst Wed, 17 Aug 2011 12:00:50 +0000
mailman (1:2.1.14-1) unstable; urgency=medium
* New upstream release. Patches incorporated:
- 15_mailmanctl_daemonize.patch
- 83-CVE-2010-3089--bug599833.patch
* Add upstream patch for CVE-2011-0707: XSS in confirmations.
-- Thijs Kinkhorst Sat, 19 Feb 2011 08:26:43 +0100
mailman (1:2.1.13-4.1) unstable; urgency=high
* Non-maintainer upload.
* debian/patches
- (83): New. CVE-2010-3089 security fix from mailman 2.14. Patch
thanks to (grave, security; Closes: #599833).
-- Jari Aalto Sat, 16 Oct 2010 08:46:55 +0300
mailman (1:2.1.13-4) unstable; urgency=medium
* Fix permissions on /var/lib/mailman/archives/private, so
archiving works again. Problem introduced in 1:2.1.12-3.
* Fix invocation of update-rc.d which yields an error when
not using dependency-based boot (closes: #590249).
* Checked for policy 3.9.1, no changes needed.
-- Thijs Kinkhorst Tue, 27 Jul 2010 22:56:03 +0200
mailman (1:2.1.13-3) unstable; urgency=low
* Drop unneeded Indexes option from shipped apache.conf.
* Eliminate update_rc.d warning by not passing runlevel 1 at stop.
* Add 25_site_logo patch by Paul Wise (closes: #267243).
* Do not compress PDF's under /u/s/d/mailman (closes: #582259).
* Back up ./configure before running autoconf, so it can be restored
in clean as not to generate irrelevant diff.gz content.
* Switch to dpkg-source 3.0 (quilt) format.
* Checked for policy 3.9.0, no changes needed.
-- Thijs Kinkhorst Tue, 13 Jul 2010 21:35:40 +0200
mailman (1:2.1.13-2) unstable; urgency=low
* postfix-to-mailman.py: check for list existence before stripping off
administrative suffixes, making it also work for mailing list names
ending in e.g. -admin. Thanks Axel Beckert for the patch!
(Closes: #570548)
* Checked for policy 3.8.4, no changes.
* Minor fixes pointed out by Lintian.
-- Thijs Kinkhorst Sat, 20 Mar 2010 21:57:55 +0100
mailman (1:2.1.13-1) unstable; urgency=low
* New upstream release. Patches incorporated:
- 16_update_debian (partially)
- 30_pipermail_threads
- 65_handle_templates_directories
- 77_header_folding_in_attachments
* Remove msgfmt.py, only used at build-time (closes: #555416).
* Remove adduser calls for 'list' user. Base-passwd guarantees it
to be available, and trying to add it if it were not present may
lead to inconsistencies regarding expectations for that user.
* Document second parameter of postfix-to-mailman.py to be
${mailbox}, effectively reverting inappropriate fix for #305762
(closes: #549224).
-- Thijs Kinkhorst Thu, 31 Dec 2009 15:50:29 +0100
mailman (1:2.1.12-3) unstable; urgency=low
* Remove potentially long running 'find' command in postinst, as
permissions are already set correctly in the deb. Thanks Paul
Slootman (closes: #544046).
* Add Slovak debconf translation, thanks Ivan Masár (closes: #531576).
* Update 30_pipermail_threads patch to use sequence ID instead of
message ID, avoids thread breakage in archives. Thanks
Mark Sapiro.
* Checked for policy 3.8.3, no changes necessary.
-- Thijs Kinkhorst Sun, 27 Sep 2009 17:36:01 +0200
mailman (1:2.1.12-2) unstable; urgency=low
[ Lionel Elie Mamane ]
* README.Exim4.Debian: add debug_print statements
* apply fix from upstream to 77_header_folding_in_attachments
to fix bug it introduces: messages with lines starting with
"From" are split into several messages in the archive.
* Use autoconf >= 2.50, not 2.13
* Ensure Mailman locks directory exists before calling update
(Closes: #513988).
[ Thijs Kinkhorst ]
* Apply patch from Tanguy Ortolo updating postfix-to-mailman
instructions to avoid backscatter mail (Closes: #520040).
* Remove obsolete unicodify_archives for upgrading sarge->etch.
-- Lionel Elie Mamane Fri, 22 May 2009 11:09:49 +0200
mailman (1:2.1.12-1) unstable; urgency=low
* New upstream release.
+ Minimum Python version is now 2.4.
+ Patches obsoleted (incorporated or not useful anymore):
00_stolen_from_HEAD,
11_handle_propfind.patch,
32_MIME_fixup,
62_new_list_bad_pending_requests,
67_update_handle_old_versions,
68_update_catalan,
78_DeprecationWarning,
80_fix_string_search.
Refresh all others. Many thanks to Mark Sapiro and
Paul Wise for the help in cleaning this up.
+ Fixes bounce handling NotAMemberError (closes: #517997).
* Various packaging cleanups, upgrade debhelper to level 7.
* Removes embedded copy of pythonlib/email module.
* Checked for policy 3.8.1, remove shipped var/{run,lock}
dirs, they are already created correctly by the init script.
-- Thijs Kinkhorst Sat, 14 Mar 2009 14:18:16 +0100
mailman (1:2.1.11-11) unstable; urgency=high
[ Debconf Translations ]
* Updated Vietnamese, thanks Clytie Siddall (closes: #513097).
-- Thijs Kinkhorst Mon, 26 Jan 2009 13:42:33 +0100
mailman (1:2.1.11-10) unstable; urgency=low
[ Debconf Translations ]
* Updated Catalan, thanks David Planella.
-- Thijs Kinkhorst Wed, 07 Jan 2009 23:09:56 +0100
mailman (1:2.1.11-9) unstable; urgency=high
[ Debconf Translations ]
* Updated Spanish, thanks Javier Fernández-Sanguino (closes: #510023).
* Updated Japanese, thanks Kenshi Muto (closes: #509996).
* Updated Galician, thanks Marce Villarino (closes: #510002).
* Updated French, thanks Christian Perrier (closes: #510016).
* Updated Italian, thanks Luca Monducci (closes: #510107).
* Updated Swedish, thanks Martin Bagge and Daniel Nylander
(closes: #510206).
* Updated Czech, thanks Miroslav Kure (closes: #510230).
* Updated German, thanks Holger Wansing (closes: #510361).
* Updated Portuguese, thanks Miguel Figueiredo (closes: 510556).
* Updated Russian, thanks Sergey Alyoshin (closes: #510614).
-- Thijs Kinkhorst Sun, 04 Jan 2009 12:30:58 +0100
mailman (1:2.1.11-8) unstable; urgency=low
* Do not stop installation when queue files are present, and this is
an upgrade from the same version that was already installed. Based
on a patch by Marcin Owsiany (closes: #468569).
* When queue files present, offer the administrator the option to
continue regardless at their own risk. This unfortunately requires
some extra strings to be translated.
* Update Dutch translation.
* Remove mail-transport-agent from init script deps (closes: #508800).
-- Thijs Kinkhorst Sat, 27 Dec 2008 15:18:55 +0100
mailman (1:2.1.11-7) unstable; urgency=low
[ Thijs Kinkhorst ]
* Clarify POSTFIX_STYLE_VIRTUAL_DOMAINS syntax, thanks Tomas Pospisek
(closes: #507519).
[ Lionel Elie Mamane ]
* README.Exim4.Debian: Do lookup whole email (with domain, not only
localpart) in virtual_mailman data file
(bug introduced in 1:2.1.11-4)
* README.Exim4.Debian: explain how to regenerate the aliases list
manually (for people switching their existing configuration to the
recommended one, or switching MTAs, as opposed to setting up a fresh
system).
-- Thijs Kinkhorst Sat, 13 Dec 2008 18:40:34 +0100
mailman (1:2.1.11-6) unstable; urgency=high
* Further site list detection improvements, thanks Adeodato Simó
for his suggestions.
-- Thijs Kinkhorst Sun, 16 Nov 2008 13:17:10 +0100
mailman (1:2.1.11-5) unstable; urgency=high
* Make init script also cope with non-specified site list.
-- Thijs Kinkhorst Sun, 09 Nov 2008 11:26:46 +0100
mailman (1:2.1.11-4) unstable; urgency=medium
[ Lionel Elie Mamane ]
* Add -loop to list of accepted suffixes for routers in
README.Exim4.Debian
[ Thijs Kinkhorst ]
* Add mischief to logrotate configuration (closes: #504700).
* Update Mailman group and aliases path in README.Exim4.Debian,
thanks Kris Popendorf (closes: #504695).
* Detect a nonstandard site list name, thanks Moritz Naumann
(closes: #418062).
-- Thijs Kinkhorst Fri, 07 Nov 2008 09:48:10 +0100
mailman (1:2.1.11-3) unstable; urgency=low
* Updated Catalan debconf translation, thanks David Planella Molas
(Closes: #494110).
* Added patch 68_update_catalan to update Catalan program translation,
thanks Jordi Mallach (Closes: #492297).
* Add a README.source file referring to quilt.
-- Thijs Kinkhorst Mon, 11 Aug 2008 16:06:19 +0200
mailman (1:2.1.11-2) unstable; urgency=low
* Fix SpamAssassin handler to cope with changed behaviour
of matches_p() (Closes: #488584).
* Remove *.pyc from /usr/lb/mailman, and any stale locks on
package remove (Closes: #458414).
-- Thijs Kinkhorst Tue, 8 Jul 2008 09:43:15 +0200
mailman (1:2.1.11-1) unstable; urgency=low
* New upstream release.
Incorporates the following Debian patches:
- 81_fix_subscribe_2.1.10.patch
- 61_fix_ru_siteowner.patch
- 72_fblast_add_shebang.patch
- 58_fix_es_translation.patch
Fixes the following Debian bugs:
- Use html entities when needed in Danish (Closes: #487491).
* Update Galician debconf translation, thanks Jacobo Tarrio
(Closes: #482137).
* Some tweaks to newlist.8 (Closes: #485382).
* Make quilt usage more dpkg source format 3.0 compatible and
refresh all patches (Closes: #485253).
* Checked for policy 3.8.0, no changes necessary.
* Fix a number of buglets in 99_js_templates.patch.
* Don't install stop symlinks in runlevels 0 and 6; the default
sigterm functions very well to stop qrunner.
* Clarify that MTA="None" is right when using postfix-to-mailman.py
(Closes: #488644).
* Remove pidfile after successful qrunner shutdown (Closes: #482880).
-- Thijs Kinkhorst Mon, 07 Jul 2008 23:58:33 +0200
mailman (1:2.1.10-2) unstable; urgency=low
* Apply upstream patch to fix regression in cmd_subscribe
so that email subscribe to the -subscribe or -join address or the
-request address with a bare 'subscribe' command results in the message
being shunted.
-- Thijs Kinkhorst Thu, 24 Apr 2008 19:30:49 +0200
mailman (1:2.1.10-1) unstable; urgency=low
* New upstream release.
-- Thijs Kinkhorst Mon, 21 Apr 2008 22:43:08 +0200
mailman (1:2.1.10~b4-1) unstable; urgency=low
* New upstream beta release.
-- Thijs Kinkhorst Fri, 14 Mar 2008 17:54:52 +0100
mailman (1:2.1.10~b3-1) unstable; urgency=low
* New upstream beta release.
+ Restricts XSS by list admins, CVE-2008-0564.
+ Obsoletes 56_fix_de_broken_links.patch.
+ Obsoletes 81_backport_export.dpatch.
+ Makes list handling case sensitivity consistent (closes: #446257).
+ Archives do not drop headerless mime parts (Closes: #450399).
+ check_perms checks more perms (Closes: #260224).
-- Thijs Kinkhorst Fri, 22 Feb 2008 00:09:11 +0100
mailman (1:2.1.9-10) unstable; urgency=low
* Be quiet when logrotation succeeds, prevents Cron spam (closes: #456954).
* Fix typo in postinst message (closes: #458981).
* Switch to debhelper level 6.
-- Thijs Kinkhorst Mon, 14 Jan 2008 12:10:05 +0100
mailman (1:2.1.9-9) unstable; urgency=low
* Drop suggests for obsolete python-*-codecs and drop versioned
dependencies for pre-oldstable versions.
* Fix formatting of man pages (Closes: #432848).
* Fix some bashisms in Debian packaging scripts.
* Do not make /var/log/mailman world-readable, because it can contain
a bit of semi-private information. Thanks Alexander Gerasiov.
(Closes: #450927)
* After logrotate, call 'mailmanctl reopen' instead of sending SIGHUP
since that is the supported way of rotating logs (Closes: #424620).
* Fix pidfile location in mailman.init, thanks Peter Rabbitson
(Closes: #439325).
* Make symlinks to /var/lo{g,ck}/mailman absolute, because the relative
ones cause trouble on systems where people move these things around
(Closes: #408855, #413604). Override lintian since this is allowed by
policy.
* Checked for policy 3.7.3, no changes required. Additional packaging
cleanups.
-- Thijs Kinkhorst Tue, 04 Dec 2007 09:12:39 +0100
mailman (1:2.1.9-8) unstable; urgency=low
[ Thijs Kinkhorst ]
* Added Portuguese debconf translation by Miguel Figueiredo
(Closes: #414365).
* Make sure Mailman can be properly purged (Closes: #421676).
* Remove obsolete upgrading code.
* Do not break upgrades in case python is temporarily unavailable
(Closes: #419563).
[ Lionel Elie Mamane ]
* Avoid implicit-sort-on-load of indexes being converted to Unicode
(hopefully really closes: #412142 now)
-- Thijs Kinkhorst Mon, 11 Jun 2007 20:48:11 +0200
mailman (1:2.1.9-7) unstable; urgency=low
* Upgrade subject and author indexes of _all_ archiving volumes to
Unicode strings. (completely closes: #412142)
-- Lionel Elie Mamane Wed, 28 Feb 2007 21:59:36 +0100
mailman (1:2.1.9-6) unstable; urgency=medium
[ Lionel Elie Mamane ]
* Allow people that have list as a supplementary group to create new
mailing lists. (see bug#309339)
* Upgrade subject and author indexes of current archiving volume to
Unicode strings; possible slight data loss (non-ASCII characters
transcoded wrongly) (closes: #412142)
* Correct path to Mailman private modules dir in dh_pysupport invocation
(the absolute symlinks won't work in the building area), and add
private pythonlib dir.
[ Thijs Kinkhorst ]
* Fix path-typo in apache.conf dedicated virtual host example,
thanks Alberto Furia (Closes: #409180).
-- Lionel Elie Mamane Tue, 27 Feb 2007 22:38:07 +0100
mailman (1:2.1.9-5) unstable; urgency=medium
* Ship bin/export.py from upstream SVN to make automatic upgrades to
lenny possible. (closes: #407260)
-- Lionel Elie Mamane Sat, 20 Jan 2007 05:04:11 +0100
mailman (1:2.1.9-4) unstable; urgency=medium
[ Lionel Elie Mamane ]
* Manually replace empty /var/lib/mailman/pythonlib/ by symlink to
/usr/lib/mailman/pythonlib/ (closes: #403312)
-- Lionel Elie Mamane Sat, 16 Dec 2006 09:55:21 +0100
mailman (1:2.1.9-3) unstable; urgency=medium
[ Lionel Elie Mamane ]
* Follow requirements/requests of upgrade to new python policy more
narrowly: build-depend on newer version of python-support, add
XS-Python-Version/XB-Python-Version fields to control, give path to
private python modules to dh_pysupport (Closes: #394181).
* Move python-lib directory to /usr/lib/mailman/, like Mailman code;
/var/lib/mailman is grossly wrong (Closes: #400005).
[ Thijs Kinkhorst ]
* Add subscribe/unsubscribe aliases to second half of example, and a
note about chgrp when creating a new list through the web interface.
Both in README.Exim4.Debian, thanks Ian Wienand (Closes: 387457).
* Remove lintian overrides that are not needed with recent Lintians.
[ Translations ]
* Updated Vietnamese by Clytie Siddall (Closes: 395851).
* Updated German by Holger Wansing (Closes: 400963).
-- Thijs Kinkhorst Thu, 14 Dec 2006 15:18:12 +0100
mailman (1:2.1.9-2) unstable; urgency=medium
[ Thijs Kinkhorst ]
* Medium urgency upload for RC upgrading bug.
* Fix buggy sedding in postinst (Closes: #392995).
* Drop disabled 73_list-id_strict_rfc patch; integrated upstream.
* Clarify README.Debian about where to insert SpamAssassin integration
(Closes: #369171).
* Add 72_fblast_add_shebang patch; this script is set as executable
thus needs an interpreter on the first line.
[ Hector Garcia ]
* Removed 12_savannah_wrapper.patch. Doesn't work and is not supported
upstream any longer (Closes: #287554).
[ Translations ]
* Updated French by Florentin Duneau (Closes: #393096).
* Updated Brazilian Portuguese by Felipe Augusto van de Wiel.
-- Thijs Kinkhorst Tue, 17 Oct 2006 10:14:57 +0200
mailman (1:2.1.9-1) unstable; urgency=medium
[ Hector Garcia ]
* New upstream bugfix release
- Deleting included patches:
24_CVE-2006-2941, 23_CVE-2006-3636, 25_CVE-2006-4624
- Fixes German translation (Closes: #273469) and comment typo
(Closes: #378509).
* Updated patches.
* Deleting 03_documentation_source.patch. Integrated upstream.
* Deleting 68_translation_update_nl.patch. Too many upstream changes,
doesn't apply any longer. Wrote to patch author in case it wants to
update it.
* Renamed 58_fix_translations to 58_fix_es_translations
[ Thijs Kinkhorst ]
* Tweak debconf templates according to best practices.
* Update debconf templates, eliminates two, changes some, introduces
new line numbering from debconf-updatepo.
* Name languages together with their ISO code in the debconf question
(Closes: #276505).
* Add new languages Turkish, Interlingua, Arabic, Vietnamese
to debconf choice, change Chinese from big5 to zh_CN and zh_TW.
* Add subscribe/unsubscribe to example in README.Exim4.Debian,
thanks Brian Foley (Closes: #387457).
[ Riccardo Setti ]
* Switched to the new python policy (Closes: #380876).
[ Lionel Elie Mamane ]
* Don't ship C sources with documentation; there is no reason for it.
[ Translations ]
* Updated vi.po. Translated by Clytie Siddall. (Closes: #388202)
* Updated ja.po. Translated by Kenshi Muto. (Closes: #388206, #391532)
* Updated nl.po. Translated by Kurt De Bree. (Closes: #388100)
* Updated ru.po. Translated by Yuri Kozlov. (Closes: #388111, #391597)
* Updated sv.po. Translated by Daniel Nylander. (Closes: #388090)
* Updated hu.po. Translated by Laszlo Boszormenyi.
* Updated it.po: Translated by Luca Monducci. (Closes: #388657, #391568)
* Updated cs.po: Translated by Miroslav Kure. (Closes: #388663)
* Updated pt_BR.po: Translated by Andre Luis Lopes.
* Updated es.po: Translated by Javier Fernández-Sanguino Peña.
* Updated fr.po: Translated by Philippe Batailler. (Closes: #388651)
-- Thijs Kinkhorst Mon, 9 Oct 2006 16:59:10 +0200
mailman (1:2.1.8-4) unstable; urgency=high
* High-urgency upload to fix release-critical bug.
* Add versioned depends on lsb-base (>= 3.0-6) to make sure a system
has the lsb output functions (Closes: #390138).
* Remove python2.2-korean-codecs from Suggests, replace with
python-korean-codecs.
-- Thijs Kinkhorst Fri, 29 Sep 2006 17:33:09 +0200
mailman (1:2.1.8-3) unstable; urgency=medium
[ Paul Wise ]
* Switch from dpatch to quilt and regenerate all patches
[ Thijs Kinkhorst ]
* Use LSB output functions in init script.
* Use chown root:list instead of deprecated root.list.
* Remove pre-sarge upgrading code; this eliminates a lot of cruft,
non-debconf prompting and two debconf templates.
* Only use ucf on purge when it's available.
[ Matej Vela ]
* Rearrange find options in debian/postinst to prevent warnings.
[ Lionel Elie Mamane ]
* Use Mailman's fork of the Python email package instead of the one from
Python; Mailman is incompatible with the one in Python 2.4
(closes: #384016)
[ Hector Garcia ]
* Added 24_CVE-2006-2941 taken from Lionel's port to sarge
* Added 23_CVE-2006-3636 taken from Lionel's port to sarge
* Added 25_CVE-2006-4624 taken from Lionel's port to sarge
-- Hector Garcia Wed, 20 Sep 2006 20:22:17 +0200
mailman (1:2.1.8-2) unstable; urgency=low
[ Thijs Kinkhorst ]
* Add default apache.conf under /etc/mailman
(Closes: #282460, #135148, #178543, #179253).
* Update all man pages to be in line with current mailman functionality
(Closes: #286607, #276952).
* Add suggests on lynx (Closes: #296781).
* Checked for policy 3.7.2, no changes necessary.
* Add watch file.
* Add LSB dependency info to init script.
* Fix example in postfix-to-mailman.py to pass ${mailbox}, not ${user}
(Closes: #305762).
* Add Lintian overrides for those things that are legitimate.
* Drop recommends on essential base-passwd >= a version from 1997.
* Use apache2 instead of apache as the first alternative for httpd.
* Move options to `find` in debian/rules to start of commandline to
prevent warnings.
[ Hector Garcia ]
* Putting permision on archive/private to 770 www-data:list to prevent
regular users from reading private lists. (Closes: #356877)
* Changed '| xarg' for '-exec' on find to prevent problems when there are
too many files (Closes: #366102)
* Added a slash to the end of DEFAULT_URL_PATTERN on mm_cfg.py
(Closes: #365881)
* Documented on README.Debian the apache + suexec case. (Closes: #360905)
* Updated Uploaders
* Removed the find which deleted ../$(package)*dsc.asc. It is not needed.
[ Riccardo Setti ]
* epoch 1. Now people should upgrade mailman without problems. (closes: #366438)
* Applied patch which fixes string search in admin.py. (closes: #359721)
* Updated German debconf translation (closes: #353713)
* Updated French debconf translation (closes: #355674)
* Updated Italian debconf translation (closes: #352523)
* Updated Russian debconf translation (closes: #361656)
* Updated Dutch debconf translation (closes: #377254)
* Applied patch of Martin Pitt which will create /var/run and
/var/lock directory if missing. (closes: #376542)
* Bumped debhelper compatibily to 5.
- modified debian/control to reflect this change.
[ Paul Wise ]
* Add spamassassin example to the mm_cfg.py
-- Thijs Kinkhorst Mon, 14 Aug 2006 18:49:29 +0200
Unknown (Probably auto sync.)
Debian changes newer than ubuntu version:
mdevctl (1.1.0-1) unstable; urgency=medium
* New upstream version 1.1.0
- fixes FTBFS in regard to env_logger (Closes: #998600)
* d/control: bump Standards-Version to 4.6.0 (no changes needed)
* d/control: use substvars provided by dh-cargo
* d/p/lower-versions-for-unstable.patch: update for 1.1.0
* d/control: librust-env-logger+default-dev now is new enough
* d/p/tempfile-for-tempdir.patch: applied upstream
* d/install: install man page
-- Christian Ehrhardt Tue, 09 Nov 2021 14:42:49 +0100
mdevctl (1.0.0-1) unstable; urgency=medium
* New upstream version 1.0.0
* d/control, d/rules: switch to rust build as specified upstream
* d/control: lower versioned dependencies to what is available in
unstable
* d/control: with rust mdevctl is arch:any now
* d/cargo-checksum.json: stub for cargo-checksum
* d/p/lower-versions-for-unstable.patch: lower required dependency
versions to match unstable
* d/p/tempfile-for-tempdir.patch: tempfile replaced tempdir
* d/control: add tempfile as replacement for the unavailbale tempdir lib
* d/control: use librust-serde-json+indexmap-dev to resolve implicit
indexmap dependencies
* d/control: runtime dependencies not needed for non-libraries
* d/control: librust-tempfile-dev only needed for tests, add
-- Christian Ehrhardt Wed, 14 Jul 2021 12:55:04 +0200
* Last Uploader: Lena Voytek (sponsored by Robie Basak)
Debian changes newer than ubuntu version:
mysql-8.0 (8.0.29-1) unstable; urgency=medium
* New upstream version 8.0.29
* Add libexpect-perl module to fix mysqlpump_bugs test (LP: #1972737)
- d/control: Add libexpect-perl to dependency list
- d/t/control: Use libexpect-perl in upstream tests
* d/mysql-router.install, d/mysql-testsuite-8.0.install: Add new 8.0.29
shared object files to package
* Add support for openssl 3
-- Lena Voytek Tue, 17 May 2022 12:49:24 -0700
* Last Uploader: Christian Ehrhardt
Debian changes newer than ubuntu version:
needrestart (3.6-1) unstable; urgency=high
* New upstream release.
- Drop merged patch 02-ruby-relative-path.
- Drop merged patch 03-fix-wrong-default-comment.
- Drop merged patch 04-verbose-and-verbosity-confusion.
- Drop merged patch 05-ignore-nvidia-memfd.
- Drop merged patch 06-dont-restart-bluetooth.
- Drop merged patch 07-runit.
- Fixes CVE-2022-30688: Not anchored regular expressions.
- Replace strings(1) by GNU grep to drop binutils dependency.
Closes: #986507
- Fixes broken detection with cgroupv2.
Closes: #1005953
- Fixes microcode warnings without using systemd, also add systemd or
libimvirt-perl as recommends.
Closes: #984789
* Bump Standards-Version to 4.6.1.
* Merge 3.4-5+deb10u1 and 3.5-4+deb11u1 changelog.
* Adjust mismatched lintian override.
-- Patrick Matthäi Tue, 17 May 2022 17:38:05 +0200
Unknown (Probably auto sync.)
Debian changes newer than ubuntu version:
netcf (1:0.2.8-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Set package priority back to optional.
* debian/control: Use current homepage. (Closes: #859848)
* Multi-Archify packages. (Closes: #812920)
* debian/rules: Do not install .pc file into /usr/share/pkgconfig/ since
it violates multi-arch requirement. Using /usr/lib/*/pkgconfig/ is
already good enough.
* debian/watch: Monitor pagure.io upstream.
* debian/copyright: Fix lintian warnings.
-- Boyuan Yang Mon, 28 Dec 2020 14:11:10 -0500
netcf (1:0.2.8-1) unstable; urgency=medium
* Import new upstream 2.8.0
* Drop existing patches which are applied upstream
* debian/control: remove Vcs_Git and Vcs-Browser which were for upstream,
not packaging trees.
* Apply upstream patch fix-misplaced-tag
* debian/libnetcf1.install: remove obsolete iptables-forward-bridged file
-- Serge Hallyn Tue, 22 Sep 2015 16:04:04 -0500
netcf (1:0.2.3-5) unstable; urgency=medium
* cherrypick debian/patches/fix-if-h-problems-with-newer-libnl3 from
upstream (Closes: #795328)
* debian/patches/fix-uninitialized-variable: initialize 'r' for error
path in two fns
-- Serge Hallyn Wed, 16 Sep 2015 13:59:07 -0500
netcf (1:0.2.3-4.1) unstable; urgency=medium
* Non-maintainer upload.
* Use dh-autoreconf to fix FTBFS on ppc64el (Closes: #755777)
-- Hilko Bengen Thu, 28 Aug 2014 22:21:48 +0200
netcf (1:0.2.3-4) unstable; urgency=low
* netcf-debian-memleak.patch: prevent a memory leak when listing
interfaces
-- Serge Hallyn Tue, 13 Aug 2013 23:58:20 +0000
netcf (1:0.2.3-3) unstable; urgency=low
* Set architecture to linux-any to preclude build failures in
unsupported environments
-- Serge Hallyn Thu, 30 May 2013 11:45:47 -0400
netcf (1:0.2.3-2) unstable; urgency=low
* Promote to unstable
* Closes: #708563 -- promote to unstable from experimental
* Closes: #697609 -- adds a symbol file
* Closes: #697610 -- link with --as-needed flag
-- Al Stone Tue, 28 May 2013 14:21:39 -0600
netcf (1:0.2.3-1) experimental; urgency=low
* Merge upstream 0.2.3
- keep add-tests-debian patch, which is in upstream git tree but not
in the release tarball.
-- Serge Hallyn Thu, 24 Jan 2013 14:43:43 -0600
netcf (1:0.2.2-3) experimental; urgency=low
* Rebuild and upload to experimental, with consistent epoch numbers
due to reverting version for sid
-- Al Stone Tue, 18 Dec 2012 14:14:47 -0700
netcf (1:0.2.0-5) unstable; urgency=low
* Closes: #693744 -- revert to a version compatible with sid's
libvirt0 instead of breaking libvirt installation; this forces
the change to the epoch number
* Closes: #694362 -- same issue as above, but reported from the
standpoint of libvirt0 instead
-- Al Stone Tue, 18 Dec 2012 13:37:11 -0700
* Last Uploader: David Fernandez Gonzalez
Sync or Merge bug: Bug #1971297 in nginx (Ubuntu): "Merge nginx from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
nginx (1.20.2-2) unstable; urgency=medium
[ Thomas Ward ]
* d/patches/CVE-2021-3618.patch: Include upstream changeset from NGINX
that adds mitigations into the Mail module for CVE-2021-3618.patch.
(Closes: #991328)
[ Jan Mojžíš ]
* d/p/0003-define_gnu_source-on-other-glibc-based-platforms.patch update,
fixes build on hurd-i386 platform
-- Thomas Ward Wed, 04 May 2022 16:04:59 -0400
nginx (1.20.2-1) unstable; urgency=medium
[ Ondřej Nový ]
* d/control: Update Uploaders for new maintainers.
[ Thomas Ward ]
* Update to latest upstream Stable version (1.20.2) (Closes: #1008855)
* d/patches/Resolver-fixed-off-by-one-write-in-ngx_resolver
_copy.patch: Drop CVE-2021-23017 patch, as this is fixed in 1.20.1
and we are now using 1.20.2 which already contains the patch.
* Refreshed d/patches/0002-Make-sure-signature-stays-the-same-
in-all-nginx-buil.patch (fuzz thanks to 1.20.2)
* d/conf/mime.types: Update mime.types to more match upstream mime.types
and include upstream changes with mime.types from 1.21.x via nginx.org
mercurial repository versions.
* d/control: Remove self from Uploaders per other Debian devs, who want
that commit to be done by someone on the current uploaders/maintainers
group instead.
-- Thomas Ward Tue, 19 Apr 2022 09:50:42 -0400
nginx (1.18.0-9) unstable; urgency=medium
[ Jan Mojžíš ]
* http-lua: Downgrade to 0.10.13 (Closes: #1008787).
* http-lua: Backport upstream bugfix for segfault in nginx core >= 1.15.0
when libnginx-mod-http-lua is loaded and init_worker_by_lua* is used.
* d/control: Add mips64el,ppc64,kfreebsd-amd64 to list of luajit platforms.
* d/control: fix Homepage nginx.net -> nginx.org (Closes: #976158)
[ Thomas Ward ]
* d/watch: Update watch syntax to match all even versions of NGINX releases
rather than use a watch syntax that is static to one specific version.
This will fix the untracked "New upstream stable versions" problem.
* d/control: Update 'uploaders' as Thomas Ward is now a maintainer in
the Salsa repository.
-- Jan Mojžíš Tue, 05 Apr 2022 19:11:47 +0200
nginx (1.18.0-8) unstable; urgency=medium
* Restore patch:
d/p/Resolver-fixed-off-by-one-write-in-ngx_resolver_copy.patch
-- Ondřej Nový Tue, 15 Mar 2022 13:23:06 +0100
nginx (1.18.0-7) unstable; urgency=medium
[ Ondřej Nový ]
* d/p/CVE-2019-20372.patch: Drop, applied upstream.
* http-auth-pam: Upgrade to 1.5.3.
* http-echo: Upgrade to 0.62.
* nchan: Upgrade to 1.2.15.
* http-fancyindex: Upgrade to 0.5.2.
* rtmp: Upgrade to 1.2.2.
* http-lua: Upgrade to 0.10.15 (Closes: #994178).
* http-lua: Rebase patch.
* nchan: Drop GCC 10 patch, applied upstream.
* d/watch: Bump version to 4.
* Bump standards version to 4.6.1 (no changes).
* d/copyright: Bump my copyright year.
[ Ondřej Surý ]
* Add arm64 and ppc64el to list of luajit platforms.
[ Athos Ribeiro ]
* d/nginx-common.nginx.service: Fix service shutdown description to mention
SIGQUIT instead of SIGSTOP (LP: #1919965).
-- Ondřej Nový Tue, 15 Mar 2022 11:50:18 +0100
nginx (1.18.0-6.1) unstable; urgency=high
* Non-maintainer upload.
* Resolver: fixed off-by-one write in ngx_resolver_copy() (CVE-2021-23017)
(Closes: #989095)
-- Salvatore Bonaccorso Sat, 29 May 2021 16:21:37 +0200
* Last Uploader: Athos Ribeiro (sponsored by Lucas Kanashiro)
Sync or Merge bug: Bug #1971299 in nss (Ubuntu): "Merge nss from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
nss (2:3.77-1) unstable; urgency=medium
* New upstream release.
* debian/libnss3.symbols: Add NSS_3.77 symbol version.
-- Mike Hommey Wed, 06 Apr 2022 09:18:22 +0900
nss (2:3.75-1) unstable; urgency=medium
* New upstream release.
-- Mike Hommey Wed, 09 Feb 2022 08:46:51 +0900
nss (2:3.73.1-1) unstable; urgency=medium
* New upstream release.
-- Mike Hommey Fri, 17 Dec 2021 06:16:55 +0900
nss (2:3.73-1) unstable; urgency=medium
* New upstream release.
* Fixes MFSA-2021-51, aka CVE-2021-43527: Memory corruption via DER-encoded
DSA and RSA-PSS signatures.
-- Mike Hommey Thu, 02 Dec 2021 06:04:31 +0900
nss (2:3.72-2) unstable; urgency=medium
* debian/control: libnss3-dev breaks libxmlsec1-dev (<< 1.2.33-1).
Closes: #998733.
-- Mike Hommey Fri, 12 Nov 2021 06:21:05 +0900
nss (2:3.72-1) unstable; urgency=medium
* New upstream release.
* debian/libnss3.symbols, nss/lib/ssl/sslinfo.c, nss/lib/ssl/sslt.h,
nss/cmd/selfserv/selfserv.c, nss/cmd/strsclnt/strsclnt.c,
nss/cmd/tstclnt/tstclnt.c: Bump dependency version for SSL_GetChannelInfo
symbol and remove the previous workaround. Closes: #990058.
* debian/libnss3.lintian-overrides.in, debian/rules,
nss/cmd/shlibsign/shlibsign.c, nss/lib/pk11wrap/pk11load.c,
nss/lib/util/secload.c, nss/cmd/shlibsign/Makefile,
nss/cmd/shlibsign/manifest.mn: Stop putting freebl, softokn, etc. in a
subdirectory. It's a deviation from upstream that is causing more problems
than it's worth keeping. Closes: #737855, #846012, #979159.
* debian/libnss3-dev.links.in: Remove xulrunner-nss.pc.
* debian/rules: Stop forcing xz compression.
* debian/copyright: Add dot for continuation.
* debian/watch: Upgrade to version 4.
* debian/control: Upgrade Standard-Version to 4.6.0:
- debian/rules: Build with `make -s` when DEB_BUILD_OPTIONS contains
terse.
- debian/control: Add Rules-Requires-Root: no.
* debian/control: Remove conflict with libnss3-1d. The last Debian version
with libnss3-1d was jessie, and it had a newer version anyways.
* debian/rules: Enable all hardening options.
* debian/libnss3-symbols: Add Build-Depends-Package in symbols file.
* debian/*.lintian-overrides*: Remove
copyright-refers-to-versionless-license-file lintian overrides.
* debian/libnss3.lintian-overrides.in:
- s/shlib-without-versioned-soname/shared-library-lacks-version/.
- Add lacks-unversioned-link-to-shared-library overrides.
* debian/nss-config.in, debian/rules: Ship upstream nss-config instead of
ours. Closes: #737855, #963136.
* debian/rules, debian/control: Always set Multi-Arch: same.
* debian/copyright:
- Remove commas in `Files`.
- Add missing license name for ifparser.
- Add missing `Copyright`.
- Remove copyright for mkdepend, which is not in the source tree anymore.
* debian/upstream/metadata: Add upstream bug tracking metadata.
[ Daniel Kahn Gillmor ]
* debian/control: correct Homepage (old URL redirects to 404)
[ Janitor ]
* debian/changelog: Trim trailing whitespace.
* debian/copyright: Use secure copyright file specification URI.
* debian/compat, debian/control:
- Bump debhelper from deprecated 9 to 13.
- Set debhelper-compat version in Build-Depends.
* debian/upstream/metadata: Set upstream metadata fields: Repository.
* debian/rules: Drop transition for old debug package migration.
-- Mike Hommey Tue, 02 Nov 2021 06:57:06 +0900
nss (2:3.70-1) unstable; urgency=medium
* New upstream release.
-- Mike Hommey Wed, 08 Sep 2021 08:31:23 +0900
* Last Uploader: Dave Jones (sponsored by Graham Inggs)
Sync or Merge bug: Bug #1971253 in open-vm-tools (Ubuntu): "Merge open-vm-tools from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
open-vm-tools (2:12.0.0-2) unstable; urgency=medium
* [2eaee7c] Add dependencies for the containerinfo plugin.
* [c21ef1d] Fix building containerinfo on i386
%ld is not a 64bit integer on i386.
* [5b23cd3] Use G_GINT64_FORMAT instead of lld
-- Bernd Zeimetz Mon, 02 May 2022 19:06:08 +0200
open-vm-tools (2:12.0.0-1) unstable; urgency=medium
[ Debian Janitor Bot ]
* [b8a7e72] Bump debhelper from old 12 to 13. + Rename debian/open-vm-tools-desktop.tmpfile to debian/open-vm-tools-desktop.tmpfiles.
Changes-By: lintian-brush
Fixes: lintian: package-uses-old-debhelper-compat-version
See-also: https://lintian.debian.org/tags/package-uses-old-debhelper-compat-version.html
* [db353fc] Update renamed lintian tag names in lintian overrides.
Changes-By: lintian-brush
Fixes: lintian: renamed-tag
See-also: https://lintian.debian.org/tags/renamed-tag.html
* [e836429] Set upstream metadata fields: Archive.
Changes-By: lintian-brush
[ Bernd Zeimetz ]
* [c68b4a7] New upstream version 12.0.0 (Closes: #1006845)
* [5e498c2] Refresh patches
* [d1a0fb3] udevadm: trigger only for scsi devices on install.
Thanks to Benjamin Drung (Closes: #1009194)
-- Bernd Zeimetz Wed, 27 Apr 2022 11:54:11 +0200
* Last Uploader: Dave Jones (sponsored by Graham Inggs)
Sync or Merge bug: Bug #1971305 in openldap (Ubuntu): "Merge openldap from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
openldap (2.5.12+dfsg-2) unstable; urgency=medium
* Stop slapd explicitly in prerm as a workaround for #1006147, which caused
dpkg-reconfigure to not restart the service, so the new configuration was
not applied. See also #994204. (Closes: #1010971)
-- Ryan Tandy Mon, 23 May 2022 10:14:53 -0700
openldap (2.5.12+dfsg-1) unstable; urgency=medium
* New upstream release.
- Fixed SQL injection in back-sql (ITS#9815) (CVE-2022-29155)
* Update debconf translations:
- German, thanks to Helge Kreutzmann. (Closes: #1007728)
- Spanish, thanks to Camaleón. (Closes: #1008529)
- Dutch, thanks to Frans Spiesschaert. (Closes: #1010034)
-- Ryan Tandy Wed, 04 May 2022 18:00:16 -0700
openldap (2.5.11+dfsg-1) unstable; urgency=medium
* Upload to unstable.
-- Ryan Tandy Fri, 11 Mar 2022 19:38:02 -0800
* Last Uploader: Marc Deslauriers
Sync or Merge bug: Bug #1971306 in openvpn (Ubuntu): "Merge openvpn from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
openvpn (2.6.0~git20220518+dco-1) unstable; urgency=medium
* New upstream version 2.6.0~git20220518+dco
* Release to unstable
* Revert "Build against OpenSSL 3.0", OpenSSL 3.0 has landed in unstable
-- Bernhard Schmidt Fri, 20 May 2022 08:35:29 +0200
openvpn (2.6.0~git20220510+dco-1) experimental; urgency=medium
* New upstream version 2.6.0~git20220510+dco
* Suggest openvpn-dco-dkms
* Drop iproute2, linux builds use netlink
* Limit libnl-genl-3-dev build-dep (for dco) to linux-any
* Build against OpenSSL 3.0
-- Bernhard Schmidt Fri, 13 May 2022 00:01:35 +0200
openvpn (2.6.0~git20220317+dco-1) experimental; urgency=medium
* New upstream version 2.6.0~git20220317+dco
This is a snapshot of the upstream dco branch (data-channel offloading)
-- Bernhard Schmidt Mon, 21 Mar 2022 11:54:29 +0100
openvpn (2.5.6-1) unstable; urgency=high
* New upstream version 2.5.6
CVE-2022-0547 - Potential authentication by-pass with multiple deferred
authentication plug-ins plug-ins (Closes: #1008015)
-- Bernhard Schmidt Sun, 20 Mar 2022 21:42:05 +0100
* Last Uploader: Julian Andres Klode
Sync or Merge bug: Bug #1971309 in pep8 (Ubuntu): "Merge pep8 from Debian unstable for kinetic" (Incomplete)
Debian changes newer than ubuntu version:
pep8 (1.7.1-10) unstable; urgency=medium
[ Ondřej Nový ]
* d/control: Update Maintainer field with new Debian Python Team
contact address.
* d/control: Update Vcs-* fields with new Debian Python Team Salsa
layout.
-- Sandro Tosi Wed, 04 May 2022 17:44:53 -0400
* Last Uploader: Athos Ribeiro
Debian changes newer than ubuntu version:
php8.1 (8.1.5-1) unstable; urgency=medium
* New upstream version 8.1.5
-- Ondřej Surý Thu, 21 Apr 2022 11:51:30 +0200
php8.1 (8.1.4-1) unstable; urgency=medium
* New upstream version 8.1.4
-- Ondřej Surý Sun, 20 Mar 2022 17:43:51 +0100
php8.1 (8.1.3-1) unstable; urgency=medium
* New upstream version 8.1.3
+ CVE-2021-21708: Fix use-after-free due to php_filter_float() failing
for ints (Closes: #1006672)
-- Ondřej Surý Mon, 21 Feb 2022 15:47:42 +0100
* Last Uploader: Robie Basak
Debian changes newer than ubuntu version:
ppp (2.4.9-1+1.1) unstable; urgency=high
* Non-maintainer upload
[ Paul Wise ]
* Compile for host architecture (Closes: #990021)
[ Till Kamppeter ]
* Let 0000usepeerdns exit when NetworkManager is in use (LP: #1778946)
[ Eivind Næss ]
* d/p/eap-mschap-v2-namelen.patch: fix the length of the username when
responding to an EAP MSCHAPv2 challenge (LP: #1958196)
-- Bastian Germann Mon, 11 Apr 2022 11:11:33 +0200
* Last Uploader: Marc Deslauriers
Sync or Merge bug: Bug #1971314 in python-django (Ubuntu): "Merge python-django from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
python-django (2:3.2.13-1) unstable; urgency=high
* New upstream security release:
- CVE-2022-28346: Potential SQL injection in QuerySet.annotate(),
aggregate(), and extra().
QuerySet.annotate(), aggregate(), and extra() methods were subject to SQL
injection in column aliases, using a suitably crafted dictionary, with
dictionary expansion, as the **kwargs passed to these methods.
- CVE-2022-28347: Potential SQL injection via QuerySet.explain(**options)
on PostgreSQL.
QuerySet.explain() method was subject to SQL injection in option names,
using a suitably crafted dictionary, with dictionary expansion, as the
**options argument.
See
for more info.
-- Chris Lamb Tue, 12 Apr 2022 18:22:30 +0200
* Last Uploader: Christian Ehrhardt
Sync or Merge bug: Bug #1971315 in qemu (Ubuntu): "Merge qemu from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
qemu (1:7.0+dfsg-7) unstable; urgency=medium
* d/tests/test-qemu-user: rework ls/glob test a bit
* d/tests/test-qemu-user: fix ppc64le qemu architecture name
* d/binfmt-install: use proper name for binfmt.d (*.conf)
Hopefully closes: #1011003
* two virtio-scsi bugfixes from upstream:
virtio-scsi-fix-ctrl-and-event-handler-functions-in-dataplane.patch
virtio-scsi-don-t-waste-CPU-polling-the-event-virtqueue.patch
* 3 patches from upstream to fix possible coroutine crashes:
coroutine-use-QEMU_DEFINE_STATIC_CO_TLS.patch
coroutine-rename-qemu_coroutine_inc-dec_pool_size.patch
coroutine-revert-to-constant-batch-size.patch
* target-i386-do-not-consult-nonexistent-host-leaves.patch
* d/control: stop suggesting sudo for qemu-user-static
* Revert "d/rules: do not try to enable tcg-interpreter on unsupported
targets, it does not help anymore" - it does help but it needs a bit
more work
* disable xen support for qemu-system-x86 build and create a wrapper
for -i386 to redirect xen-related usage to xen-specific binary
with a warning (for bookworm only)
* common-user-no-user.patch: fix one of FTBFS on unsupported architectures
* d/rules: use regular variable assignment for BUILD_PACKAGES
* two trivial patches to fix spelling in roms:
openbios-spelling-endianess.patch
slof-spelling-seperator.patch
-- Michael Tokarev Sun, 15 May 2022 15:49:12 +0300
qemu (1:7.0+dfsg-6) unstable; urgency=medium
* d/rules: the forgotten --enable-xen-pci-passthrough for the xen build
* d/tests/test-qemu-user: rewrite to be more robust and complete and
include test for qemu-user-static too.
-- Michael Tokarev Mon, 09 May 2022 01:37:56 +0300
qemu (1:7.0+dfsg-5) unstable; urgency=medium
* d/tests/test-qemu-user.sh: more arch-specific debugging/updates
-- Michael Tokarev Sat, 07 May 2022 12:22:26 +0300
qemu (1:7.0+dfsg-4) unstable; urgency=medium
* d/tests/: fix failing tests.
- test-qemu-user: depend on gcc for dpkg-architecture to work,
and print debugging info for future switch to uname -m
- test-qemu-img: switch from using file to qemu-img info
-- Michael Tokarev Sat, 07 May 2022 11:33:23 +0300
qemu (1:7.0+dfsg-3) unstable; urgency=medium
[ Michael Tokarev ]
* d/binfmt-install: also generate binfmt.d/ entries for systemd
* d/control: use systemd as preferred alternative to binfmt-support
hopefully Closes: #789011 (Minimal dependencies to register binfmt)
Closes: #985889 (make binfmt setup configurable)
* d/control: remove Riku Voipio from Uploaders. Thank you Riku!
* d/rules: simplify DEB_BUILD_OPTIONS=parallel=N parsing
[ Guido Günther ]
* Add minimal autopkgtest (Closes: #832982)
-- Michael Tokarev Sat, 07 May 2022 00:03:24 +0300
qemu (1:7.0+dfsg-2) unstable; urgency=medium
* d/control: add Rules-Requires-Root: no
* d/control: switch to debhelper-compat=13
* d/control: drop "qemu" empty/dummy pseudopackage
* d/control: do not build linux-user* on ia64 and powerpc
(not supported by upstream anymore)
* d/control: add Breaks for qemu-system-data for other packages from which
it borrowed files in the past (Closes: #1008095)
* d/rules: switch to the dh sequence (but keep build-{arch,indep}),
rearrange some rules.
This brings us dh_dwz (very slow) and dh_strip_nondeterminism.
* d/rules: do not explicitly turn off slirp & capstone (now properly
controlled by --with[out]-default-features option)
* d/rules: do not try to enable tcg-interpreter on the unsupported
targets, it does not help to build tools anymore
* d/rules: do not chown -w d/control, it breaks dpkg-source
* d/rules: clean up the clean target
* d/not-installed: list many documentation files and qemu-plugin.h
* configure-make-fortify_source-yes-by-default.patch: enable
fortify-source for minimal builds too
* d/changelog: mention #990562 (CVE-2021-3611) closed by 7.0
-- Michael Tokarev Sat, 30 Apr 2022 13:38:12 +0300
qemu (1:7.0+dfsg-1) unstable; urgency=medium
* update to 7.0 release
-- Michael Tokarev Thu, 21 Apr 2022 14:19:51 +0300
qemu (1:7.0~rc4+dfsg-1) experimental; urgency=medium
* New upstream 7.0 (rc)
Closes: #990562, CVE-2021-3611
* remove patches applied upstream
* remove new binary file, pc-bios/edk2-x86_64-microvm.fd.bz2
* d/control: remove libxfs-dev build dependency,
the ioctl is implemented inline
* d/control: stop build-depend-indep on libc6.1-dev-alpha-cross,
not needed anymore
* d/rules: update skiboot version check (skiboot hasn't canged since 6.1)
* build & install vbootrom (npcm7xx_bootrom.bin), and
build-depend-indep on gcc-arm-none-eabi
* create a new binary package, qemu-system-xen, which provides
/usr/libexec/xen-qemu-system-i386 binary for use by xen only.
Once xen switches to use this binary instead of usual qemu-system-i386,
xen support will be removed from the regular qemu-system-x86 build
* use a fast inline version of /usr/share/dpkg/architecture.mk
-- Michael Tokarev Sun, 17 Apr 2022 15:08:40 +0300
qemu (1:6.2+dfsg-3) unstable; urgency=medium
[ Christian Ehrhardt ]
* d/rules: ensure xen is built on x86
* d/rules: xen libexec dir is no more versioned
* d/kvm-spice: fix when acceleration is already defined on the commandline
[ Michael Tokarev ]
* d/control, d/rules: do not compile xen support on i386,
since it is amd64-only now (since 4.16)
* d/control: add libbpf-dev & --enable-bpf for eBPF support
(Closes: #994573)
-- Michael Tokarev Fri, 25 Feb 2022 12:01:46 +0300
* Last Uploader: Lucas Kanashiro
Sync or Merge bug: Bug #1971317 in resource-agents (Ubuntu): "Merge resource-agents from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
resource-agents (1:4.11.0-1) unstable; urgency=medium
* New upstream version 4.11.0
* debian/patches: refresh for new version
* debian/copyright: update copyright for debian directory
-- Valentin Vidic Wed, 06 Apr 2022 22:08:42 +0200
resource-agents (1:4.10.0-1) unstable; urgency=medium
* New upstream version 4.10.0
* debian/watch: update github url
* debian/control: update Standards-Version to 4.6.0
* debian/control: update build dependencies
* debian/control: add bc to Depends (Closes: #1000644)
* debian/patches: refresh for new version
* debian/lintian-overrides: refresh for new version
* debian/patches: fix shellcheck errors
* debian/rules: fix version used for building
* debian/rules: fix manpage header
* debian/control: remove old Conflicts and Replaces
* debian/lintian-overrides: ignore capitalization in agent names
* debian/rules: move internal binaries to /usr/libexec/heartbeat
-- Valentin Vidic Sun, 03 Apr 2022 13:39:33 +0200
* Last Uploader: Matthias Klose
Sync or Merge bug: Bug #1971318 in rrdtool (Ubuntu): "Merge rrdtool from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
rrdtool (1.7.2-4) unstable; urgency=medium
[ Jean-Michel Vourgère ]
* Changed maintainer team address from alioth to tracker.d.o.
* d/copyright: Fixed tclrrd.c double entry.
* Bumped debhelper compat level to 13:
- librrds-perl.install and rrdtool-tcl.install use builtin variables
expansion.
- Dropped build-dependency on dh-exec.
- Removed --fail-missing in dh_missing, as it is now the default.
* Bumped d/watch to format 4.
* New patch python3_example.
* Drop package python3-rrdtool-dbg. (Closes: #994376)
[ Debian Janitor ]
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
Repository-Browse.
* Wrap long lines in changelog entries: 1.0.42-2.
-- Jean-Michel Vourgère Thu, 18 Nov 2021 17:35:17 +0100
* Last Uploader: Julian Andres Klode
Sync or Merge bug: Bug #1971319 in rsync (Ubuntu): "Merge rsync from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
rsync (3.2.4-1) unstable; urgency=medium
[ Samuel Henrique ]
* New upstream version 3.2.4
- Work around a glibc bug where lchmod() breaks in a chroot w/o /proc
mounted (closes: #995046).
- rsync.1: remove prepended backticks which broke --stop-after and
--stop-at formatting (closes: #1007990).
* Ship new python-based rrsync with --with-rrsync:
- rrsync was previouysly written in bash.
- A manpage is now shipped for rrsync.
- python3 and python3-cmarkgfm are new B-Ds since they're needed
to generate the manpage.
* d/control:
- Add version requirement for some libxxhash-dev and libzstd-dev as
per upstream docs.
- Add python3-braceexpand to Suggests as it can be used by rrsync.
* d/rsync.install: cull_options has been renamed to cull-options.
* d/patches:
- Refresh the following patches:
~ disable_reconfigure_req.diff;
~ perl_shebang.patch;
~ skip_devices_test.patch;
- Drop the following patches, applied upstream now:
~ CVE-2020-14387.patch;
~ copy-devices.diff;
~ fix_delay_updates.patch;
~ fix_ftcbfs_configure.patch;
~ fix_mkpath.patch;
~ fix_rsync-ssl_RSYNC_SSL_CERT_feature.patch;
~ fix_sparse_inplace.patch;
~ manpage_upstream_fixes.patch;
~ update_rrsync_options.patch;
~ workaround_glibc_lchmod_regression.patch;
[ Sergio Durigan Junior ]
* d/rules: Disable ASM optimizations when building.
This is not needed because the only ASM-optimized implementation
available is the MD5 hash, which is actually a no-op because we link
against OpenSSL and rsync ends up using that library's implementation
of the hash. Even then, the final binary ends up with the
ASM-optimized version included, which makes it become
CET-incompatible.
Thanks to Dimitri John Ledkov
-- Samuel Henrique Mon, 18 Apr 2022 14:44:44 +0100
Unknown (Probably auto sync.)
Debian changes newer than ubuntu version:
ruby-defaults (1:3.0+1) unstable; urgency=medium
* Remove ruby2.7 support.
-- Lucas Kanashiro Mon, 07 Mar 2022 17:37:10 -0300
ruby-defaults (1:3.0) unstable; urgency=medium
* Re-add ruby2.7 as an alternative interpreter.
ruby3.0 is still the default but to ease the transition (avoid any
entanglement with other transitions) we are re-adding ruby2.7 and it
will be removed as the next and final stage of the transition.
-- Lucas Kanashiro Thu, 17 Feb 2022 12:18:38 -0300
* Last Uploader: Leonidas S. Barbosa (sponsored by Marc Deslauriers)
Debian changes newer than ubuntu version:
ruby3.0 (3.0.4-7) unstable; urgency=medium
* Complete the patch to disable compaction on architectures where it can't work.
-- Antonio Terceiro Sun, 01 May 2022 09:56:20 -0300
ruby3.0 (3.0.4-6) unstable; urgency=medium
* Exclude TestGCCompact on s390x
-- Antonio Terceiro Thu, 28 Apr 2022 10:56:40 -0300
ruby3.0 (3.0.4-5) unstable; urgency=medium
* Fix disabling compaction on platforms that can't support it.
The initial patch was incomplete, and actually broke every other
architecture that was not ppc64el.
-- Antonio Terceiro Wed, 27 Apr 2022 15:15:03 -0300
ruby3.0 (3.0.4-4) unstable; urgency=medium
* Disable GC compaction on platforms that can't support it.
This should fix some crashes hapenning on ppc64el
-- Antonio Terceiro Wed, 27 Apr 2022 12:55:10 -0300
ruby3.0 (3.0.4-3) unstable; urgency=medium
* ppc64el: exclude TestGCCompact tests as they segfault
-- Antonio Terceiro Sat, 23 Apr 2022 08:31:14 -0300
ruby3.0 (3.0.4-2) unstable; urgency=medium
* Exclude test TestGemInstaller#test_ensure_no_race_conditions_between_installing_and_loading_gemspecs
-- Antonio Terceiro Fri, 22 Apr 2022 09:58:51 -0300
ruby3.0 (3.0.4-1) unstable; urgency=medium
[ John Paul Adrian Glaubitz ]
* Disable some tests on powerpc (Closes: #999349)
* Disable some tests on alpha (Closes: #999444)
* Fix filenames for glibc SO files on alpha and ia64
(Closes: #1007925)
[ Antonio Terceiro ]
* New upstream version 3.0.4
* Includes fixes for the following security issues:
- CVE-2022-28739: Buffer overrun in String-to-Float conversion
(Closes: #1009956)
- CVE-2022-28738: Double free in Regexp compilation
(Closes: #1009958)
* Refresh patches.
The fix in rand_init-fix-off-by-one-error.patch has been done upstream
differently; drop the patch.
* TestZlibGzipFile: skip test unsupported on overlay filesystems
-- Antonio Terceiro Thu, 21 Apr 2022 13:52:50 -0300
ruby3.0 (3.0.3-1) unstable; urgency=medium
* New upstream version 3.0.3. Includes fixes for the following security
issues (Closes: #1002995):
- CVE-2021-41816: Buffer Overrun in CGI.escape_html
- CVE-2021-41817: regular expression Denial of Service in Date.parse
- CVE-2021-41819: mishandling of security prefixes in CGI::Cookie.parse
* Refresh patches
* autopkgtest: builtin-extensions: check openssl version
* debian/libruby3.0.symbols: update
* Fix generation of Provides:
* Exclude some tests from TestGemServer
-- Antonio Terceiro Sun, 13 Mar 2022 21:02:08 -0300
* Last Uploader: Steve Langasek
Sync or Merge bug: Bug #1971256 in samba (Ubuntu): "Merge samba from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
samba (2:4.16.1+dfsg-4) unstable; urgency=medium
[ Michael Tokarev ]
* fix spelling in disable-setuid-confchecks.patch
* d/NEWS: split it into different $package.NEWS files
* d/upstream/metadata: add Bug-Database
* d/samba.postinst: create sambashare group and usershare directory
on new install only
* libldb2: provide compat symlinks for bullseye ldb modules dir
* d/rules: provide Build-Depends-Package: for python3-ldb
* samba-vfs-modules.lintian-overrides: add spare-manual-page vfs_*.8 override
* winbind.lintian-overrides: add spare-manual-page idmap_*.8 override
[ Arnaud Rebillout ]
* Fix patch testparm-do-not-fail-if-pid-dir-does-not-exist (Closes: #1010835)
-- Michael Tokarev Wed, 11 May 2022 09:50:03 +0300
samba (2:4.16.1+dfsg-3) unstable; urgency=medium
* fix ldb package version generation in d/make_shlibs
which was wrong in 2 previous uploads.
Will I *ever* make it actually work someday?
-- Michael Tokarev Mon, 02 May 2022 18:32:24 +0300
samba (2:4.16.1+dfsg-2) unstable; urgency=medium
* rethink ldb version *again*, to be 2.5.0+smb4.16.1-2
or else 2.5.0+smb-1 from samba-4.16.1-2 sorts before
2.5.0+smb-7 from samba-4.16.0-7.
-- Michael Tokarev Mon, 02 May 2022 17:02:16 +0300
samba (2:4.16.1+dfsg-1) unstable; urgency=medium
* new upstream minor release 4.16.1
* move-msg.sock-from-var-lib-samba-to-run-samba.patch:
move /var/lib/samba/private/msg.sock/ to /run/samba/msg.sock/.
This is a (private) socket directory for IPC, it should not be in /var.
* Remove /var/lib/samba/private/msg.sock/ in postinst
* testparm-do-not-fail-if-pid-dir-does-not-exist.patch:
testparm deliberately fails if /run/samba does not exist,
while testparam itself does not use it and daemons will
create it on demand. Just make it a warning instead of a
fatal error, and we'll not need to pre-create this dir
in a random place using hackish ways
* ctdb-create-piddir.patch: create /run/ctdb/ in ctdb.service
and ctdb.init before invoking ctdbd (as the latter does not
create its pid directory on demand).
* stop (ab)using tmpfiles.d to pre-create /run/samba/ and /run/ctdb/
and stop creating /run/samba/ in samba-common-bin.postinst just to
make testparam happy.
* d/rules: minor tweaks
-- Michael Tokarev Mon, 02 May 2022 13:16:12 +0300
samba (2:4.16.0+dfsg-7) unstable; urgency=medium
* another bunch of small tweaks to d/rules:
- set SHELL to /bin/sh -e
- rework the clean target
- provide fast replacement of architecture.mk
- better expression for DEB_REVISION
- rearrange configure options
* do not disable glusterfs on ubuntu-i386 (glusterfs is now in main)
* mention closing of #1001053 by the 4.16 upload
* change the ldb version string again, removing te "+samba*" suffix
to allow bin-NMUs +b1 (Closes: #1010100)
-- Michael Tokarev Sun, 24 Apr 2022 16:56:34 +0300
samba (2:4.16.0+dfsg-6) unstable; urgency=medium
* another attempt to fix/work around #221618. Re-enable
libsmbclient-ensure-lfs-221618.patch and change it to just define
an extra type array int[sizeof(off_t)-7]. If off_t is small it will
become a compile error. It is an ugly way to do it, but it should
actually work, unlike various static_assert/_Static_assert which are
language (C/C++) and standard-dependent. Closes: #221618.
-- Michael Tokarev Sat, 09 Apr 2022 17:27:09 +0300
samba (2:4.16.0+dfsg-5) unstable; urgency=medium
* disable libsmbclient-ensure-lfs-221618.patch for now.
It throws errors in one or another configuration no matter what.
Repoens: #221618
* d/salsa-ci.yml: re-allow blhc salsa-ci test to fail again
due to different bug in blhc
-- Michael Tokarev Sat, 09 Apr 2022 16:33:57 +0300
samba (2:4.16.0+dfsg-4) unstable; urgency=medium
* libsmbclient-ensure-lfs-221618.patch: replace _Static_assert with
static_assert (and include to make C++ happy too
(Closes: #1009211)
* disable-setuid-confchecks.patch: when running configure tests,
samba tries to verify setuid/setgid etc calls are actually
*working*, not just exists. This is only possible when the
configure is running as root. But it turns out in some salsa-ci
configuration (namely in the reprotest), the second build is
actually running as root, and in that environment, actual
setegid call is failing somehow. Just disable the config-time
check for correctly working setgid and assume it "just works"
if present, exactly like non-root build will do.
* d/salsa-ci.yml: do not expect failure in blhc test (the original
prob has been fixed long ago), and stop requiring experimental
* mention closing of #999876 by 4.16
-- Michael Tokarev Sat, 09 Apr 2022 00:42:38 +0300
samba (2:4.16.0+dfsg-3) unstable; urgency=medium
* d/control: comment out the selftest-mode build deps for now
* d/control: forgotten python3-samba:Replaces against samba package too,
not just samba-libs, when moving dckeytab python lib (Closes: #1009175)
-- Michael Tokarev Fri, 08 Apr 2022 10:18:23 +0300
samba (2:4.16.0+dfsg-2) unstable; urgency=medium
* use strict versioned dependency between samba-dsdb-modules and libldb2,
since they're tied to each other and are now built from the same source
* fix forgotten shlib symbols generation for python3-ldb
* change libldb versioning scheme
from ldb_2:2.5.0+samba4.16.0-1
to ldb_2:2.5.0-1+samba4.16.0
so that symbols versioning works correctly. Unfortunately the previous
upload to experimental used the first form which is greather than the
correct one, so temporarily (just for this 2.5.0 version of ldb) use
this: ldb_2:2.5.0+smb-1+samba4.16.0
(with "+smb" suffix to be removed for 2.5.1+)
* exclude samba-vfs-modules for i386 ubuntu build since this package
is useless without samba itself (which is not built on this environment)
* create selftest rules and add !nocheck build-dependencies
(but do not enable selftests for now as they're failing)
* split build system into -arch and -indep parts. We build only one arch-all
package (samba-common) which contains only static files from debian/,
there's no need to build whole samba to build this package.
Move almost all Build-Depends to Build-Depends-Arch (and reindent them).
* various updates to d/rules
-- Michael Tokarev Thu, 07 Apr 2022 09:56:56 +0300
samba (2:4.16.0+dfsg-1) experimental; urgency=medium
* New upstream major release.
Closes: #1004690, CVE-2021-20316: Fileserver symlink metadata share escape
Closes: #1004691, CVE-2021-43566: mkdir race condition allows share escape
Closes: #1004692, CVE-2021-44141: UNIX extensions in SMB1 disclose whether
the outside target of a symlink exists
Closes: #1005642 (windows client data corruption due to cache poisoning)
Closes: #1001053 (MIT-kerberos config broken after fix for CVE-2020-25717)
Closes: #988197 (legacy printing support, 47d79d7e7e406f7dd2)
Closes: #998423 (coredump connecting from macos to shares with var substs)
Closes: #999876 (winbind allow trusted domains = no regression)
* Notable changes in 4.16 series compared to 4.13:
- modular VFS (see The_New_VFS.txt)
- publishing printers in AD is more complete
- group policies for winbindd cilents (like linux systems)
- certificate auto enrollement in AD group policy
- large list of improvements in samba-tool
- SMB1 protocol has been deprecated, some subcommands has been removed
- more consistend options/subcommands in samba commands
* d/rules: export PYTHONHASHSEED=1. This makes lots of sporadic build-time
debian-specific failures to go away, by preserving order of waf hashes
* refresh patches, update build-depend versions (talloc, tdb, tevent)
* refresh lintian-overrides files, add many new overrides
* build-depend on python3-markdown
* build-depend on libjson-perl for new heimdal bits
* more consistent internal lib naming; refresh file lists everywhere
* samba: install new rpc_* services, install samba-dcerpc
* refresh symbols files
* build libldb from samba sources, not from separate source
(this moves ldb plugins from /usr/lib/$triple/ldb/plugin/ldb/ to
/usr/lib/$triple/samba/ldb/ - the same where dsdb modules are).
* optimizations for d/make_shlibs; also allow one to specify explicit
version for some packages
* as per clarifications for waf --{bundled,builtin}-libraries, remove
now-wrong usage there. This also fixes build failures with current
samba sources
* d/rules: various optimizations to reduce startup costs by eliminating
unnecessary external command calls during d/rules read by make.
Including caching of LDB version information in d/ldb-version.mk file.
This does not affect the buildd processing much (and does not affect
runtime at all), but helps with build procedure debugging.
* d/rules: numerous small fixes, cleanups and other changes, including:
- clean up the install target
- remove some now-irrelevant parts
- fix no-glusterfs-build on non-linux
* change build procedure: instead of `waf build', run `waf install'.
`waf build' builds samba to be run from the build dir, and `waf install'
rebuilds/relinks everything again for production. Build the production
variant only, no build-dir one.
* samba-common-bin.postinst: explicitly mkdir /run/samba before invoking
samba binaries (Closes: #953530)
* in the salsa git repository of samba, stop keeping debian patches in
applied form, keep them in d/patches/ only as most other packages do.
* move single python (helper) module, libsamba-policy, together with
2 internal libraries used by it, from samba-libs package to python3-samba.
This makes samba-libs to be free from python-related files, and makes
python3-samba to be the only python-providing package.
Closes: #1006875, #878612, #862338
* also move dckeytab python module from samba to python3-samba
(actually stop moving it from python3-samba to samba to incorrectly
avoid a circular dependency). Also verify that python3-samba does
not depend on samba package.
* weak-crypto-allowed-clarify.diff: clarify "weak crypto is allowed"
testparm message (Closes: #975882)
* spelling.patch: fix many common spelling mistakes in the source
* ctdb: simplify/cleanup instllation of READMEs/examples
* d/control: remove breaks/replaces/depends on ancient versions of some
packages (ancient dpkg version in Pre-Depends, ancient samba-libs)
* d/rules: rework wrong shlibdeps handling
* move helper programs from /usr/lib/$multiarch/ to /usr/libexec/
where they belongs. This should not affect users.
* smbclient: re-do the fix for an old bug, #221618. The original "fix"
did not fix anything (it is too late already to #define _FILE_OFFSET_BITS
when all types has already been defined). From now on, raise an error
if off_t is less than 64bits (it should >=64 when #include'ing
with proper LFS defines). In theory this can break
some sources which either included libsmbclient.h without a reason or
which didn't use any of the functions which deals with off_t (smbc_lseek
etc), - which did not explicitly enable LFS on a 32bit system.
Please email us if you faced such situation.
* drop 07_private_lib patch: we do not need to force rpath for
private libraries into every samba binary, upstream build system
does a good job here.
-- Michael Tokarev Tue, 05 Apr 2022 16:01:25 +0300
* Last Uploader: Robert Ancell
Debian changes newer than ubuntu version:
snapd-glib (1.60-1) unstable; urgency=medium
* New upstream release.
* debian/*.symbols:
+ Update .symbols files.
-- Mike Gabriel Sat, 23 Apr 2022 00:54:39 +0200
* Last Uploader: Christian Ehrhardt
Sync or Merge bug: Bug #1971324 in spice (Ubuntu): "Merge spice from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
spice (0.15.0-4) unstable; urgency=medium
* test-leaks-fix-the-test-with-OpenSSL3.patch:
patch from upstream to fix FTBFS with OpenSSL3
-- Michael Tokarev Sat, 14 May 2022 22:46:12 +0300
spice (0.15.0-3) unstable; urgency=medium
* patch from upstream to fix ftbfs (Closes: #1005451):
build-Correctly-check-for-Python-modules.patch
-- Michael Tokarev Mon, 14 Mar 2022 11:00:39 +0300
* Last Uploader: Athos Ribeiro
Sync or Merge bug: Bug #1971325 in squid (Ubuntu): "Merge squid from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
squid (5.5-1) unstable; urgency=medium
[ Amos Jeffries ]
* New Upstream Release
* debian/patches/
- remove upstreamed 0004-Change-default-Makefiles-for-debian.patch
-- Luigi Gangitano Fri, 15 Apr 2022 14:39:54 +0200
* Last Uploader: Andreas Hasenack
Sync or Merge bug: Bug #1971327 in sssd (Ubuntu): "Merge sssd from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
sssd (2.6.3-3) unstable; urgency=medium
* tests: Dump the daemon status after restart, hoping to see what the
error is if it fails to start.
* rules: Drop --with-ldb-dir, use the default value from the pkgconfig
file. (Closes: #1009223)
-- Timo Aaltonen Sun, 10 Apr 2022 10:57:30 +0300
sssd (2.6.3-2) unstable; urgency=medium
* rules: Disable lto.
* Rebuild against current python-defaults. (Closes: #1008583)
-- Timo Aaltonen Tue, 29 Mar 2022 10:04:50 +0300
* Last Uploader: Sergio Durigan Junior
Sync or Merge bug: Bug #1971328 in strongswan (Ubuntu): "Merge strongswan from Debian unstable for kinetic" (Incomplete)
Debian changes newer than ubuntu version:
strongswan (5.9.6-1) unstable; urgency=medium
* New upstream version 5.9.6
* d/p/0006-fix-format-string-issue-in-enum_flags_to_string added
* d/libstrongswan.install: install kdf plugin in libstrongswan
-- Yves-Alexis Perez Sat, 07 May 2022 20:19:18 +0200
* Last Uploader: Jeremy Bicha
Debian changes newer than ubuntu version:
taglib (1.12-1) unstable; urgency=medium
* Upload to unstable.
* debian/libtag1v5-vanilla.symbols: Refresh symbols using buildd logs.
* debian/patches/0003-Make-taglib-config-arch-independent.patch:
Correct implementation.
-- Boyuan Yang Sun, 03 Oct 2021 10:05:07 -0400
taglib (1.12-1~exp1) experimental; urgency=low
* New upstream release.
* debian/libtag1v5-vanilla.symbols: Refresh symbols.
* debian/patches: Refresh patches.
[ Helmut Grohne ]
* Drop unused gsfonts-x11 build dependency. (Closes: #981737)
[ Debian Janitor ]
* Trim trailing whitespace.
* Use secure URI in Homepage field.
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
Repository-Browse.
* Remove constraints unnecessary since buster:
+ Build-Depends: Drop versioned constraint on cmake.
-- Boyuan Yang Sun, 03 Oct 2021 02:33:34 -0400
taglib (1.12~beta~1-1~exp1) experimental; urgency=medium
* New upstream beta release.
+ Fix slow processing of Shoutcast data. (Closes: #854664)
* debian/symbols: Add new symbols.
* debian/control: Let libtag1-dev depends on dpkg-dev since the
old-style config script is calling dpkg-architecture tool.
-- Boyuan Yang Fri, 24 Jul 2020 13:41:08 -0400
* Last Uploader: Rico Tzschichholz (sponsored by Graham Inggs)
Sync or Merge bug: Bug #1971332 in unbound (Ubuntu): "Merge unbound from Debian unstable for kinetic" (New)
Debian changes newer than ubuntu version:
unbound (1.15.0-11) unstable; urgency=medium
[ Simon Deziel ]
* d/unbound.postinst: fix configure action to have unbound user/group created
* d/apparmor-profile: use profile name specifier
[ Michael Tokarev ]
* tests/runzones: add 1s delay after starting daemon:
apparently the pid file is created/written too late
-- Michael Tokarev Sun, 15 May 2022 22:22:19 +0300
unbound (1.15.0-10) unstable; urgency=medium
* d/tests/: fix the test to not rely on presence of unbound.pid after
daemon start. Apparently unbound creates the pid file at a wrong time
-- Michael Tokarev Sun, 08 May 2022 10:17:45 +0300
unbound (1.15.0-9) unstable; urgency=medium
* d/apparmor-profile: remove old /var/run/ alternatives for /run
* d/apparmor-profile: allow /etc/unbound/var/lib/unbound/ access too,
for chrooting to upstream-preferred /etc/unbound (Closes: #1010517)
* d/rules: stop explicitly exporting CFLAGS/LDFLAGS, dh_auto_* does this
automatically since dh-compat 9
* d/rules: do not enable --with-lto-server on kfreebsd (this fixes FTBFS)
It is a good candicate for an autoconf test.
* d/rules: add comments for --disable-lto, --with-libbsd
* d/tests/: add simple autopkgtest (verify www.debian.org record with DNSSEC)
-- Michael Tokarev Sat, 07 May 2022 10:34:09 +0300
unbound (1.15.0-8) unstable; urgency=medium
* fix the brown-paper bag bug in the previous upload. I did it again:
it is var += newvalue, not var := newvalue. This made the previous
upload to built without many build options
-- Michael Tokarev Fri, 29 Apr 2022 18:33:16 +0300
unbound (1.15.0-7) unstable; urgency=medium
* unbound-resolvconf.service:
- do not (re)start it explicitly from the postinst script, it should
only be started as a part of unbound.service. Closes: #1009928
- add comments to this service file to clarify its purpose
- add lintian overrides for this service file
* /etc/resolvconf/update.d/unbound resolvconf hook script:
- ship it enabled for new installs. Closes: #1003135
- but do not re-enable it for previous installs
- add more comments to this file clarifying its purpose and possible issues
- add comments about various ways to enable/disable this hook,
- implement ability to disable it by setting USE_RESOLVCONF_FORWARDS=false
in /etc/default/unbound
- multiple other small changes and cleanups
- rename it in debian packaging from d/resolvconf to d/resolvconf-forwards
to make it's purpose more explicit
* use dns root.key stored in /usr/share/dns/ (as provided by dns-root-data
package) instead of the unbound-owned /var/lib/unbound/root.key (which is
managed by an untrusted user). This changes defaults for unbound-host and
unbound-anchor. Add Recommends: dns-root-data for unbound-host so it can
find this root.key in the default install. Closes: #641704
-- Michael Tokarev Fri, 29 Apr 2022 16:53:50 +0300
unbound (1.15.0-6) unstable; urgency=medium
* actually install the forgotten remote-control.conf.
-- Michael Tokarev Thu, 28 Apr 2022 20:15:21 +0300
unbound (1.15.0-5) unstable; urgency=medium
* use unix-domain socket /run/unbound.ctl for the control interface
instead of tcp localhost socket. This makes the keys/certs files
for the remote contol to be unnecessary, so stop running
unbound-control-setup in postinst too.
(Closes: #1010271)
* move remote-control section out of main unbound.conf file into
unbound.conf.d/remote-control.conf. Main file now becomes the
same as before version 1.15. There was no need to mess with the
main config file since the NEWS file already gives the user
enough information.
* do-not-chown-control-socket.patch: stop chowning control socket
to the unprivileged user, only group ownership is needed.
* do-not-look-at-pidfile.patch: stop messing up with the pidfile.
Unbound does not need to look at its pid file for the previous
instance, since it will not be able to open listening sockets
if the daemon is already running. Remove whole reading of the
pid file, and especially remove setting ownership of the pid file
to the unprivileged user (done in order to be able to clean it up),
since this is a potential security issue.
* unbound.postrm: stop removing the unbound system user
* fix wording and reformat the previous unbound.NEWS entry, and merge
old NEWS file into unbound.NEWS, since all news in there are actually
about the unbound package, not about all other binary packages we build.
* a few more tweaks for d/unbound-helper, in do_resolvconf_{start|stop}.
Thank you Simon Deziel for the ideas.
-- Michael Tokarev Thu, 28 Apr 2022 19:15:23 +0300
unbound (1.15.0-4) unstable; urgency=medium
* d/unbound.conf: move and fix the remote-control section
Move the remote-control section above the include directive so it is
possible to override it there, and fix comment. Do this remote-control
section in unbound.conf directly (instead of in new unbound.conf.d/
fragment), so it is more obvious that the default were flipped and
the default value is changed.
-- Michael Tokarev Wed, 20 Apr 2022 10:52:26 +0300
unbound (1.15.0-3) unstable; urgency=medium
* modify the default unbound.conf to include control-enale: yes so
the remote control is enabled by default even if the default value
is not flipped by a patch (upstream sets it to "no")
* d/control: use the right spelling for Recommends:
-- Michael Tokarev Wed, 20 Apr 2022 00:37:17 +0300
unbound (1.15.0-2) experimental; urgency=medium
[ Michael Stella ]
* Add clarifying description to resolvconf hook
[ Simon Deziel ]
* debian/unbound.init: ask start-stop-daemon to remove the PID file
when stopping the daemon. Closes: #947771
[ Michael Tokarev ]
* d/changelog: mention #1000201 closed by 1.15.0-1
* d/changelog: mention install-pkgconfig-in-lib-not-all.patch in 1.15.0-1
* stop resetting permissions of unbound resovconf hook from ancient
pre-jessie (<<1.5.8-1) version
* stop removing ancient pre-jessie (<<1.5.7-2) /etc/default/unbound conffile
* add DEP12 d/upstream/metadata
* d/rules: stop adding --as-needed linker flag (it is the default now)
* stop flipping default value for remote-control: control-enable to "yes"
(see the NEWS file) (Closes: #991017)
* enable TCP Fast-Open (TFO) for both client and server (Closes: #903390)
This can be configured in /proc/sys/net/ipv4/tcp_fastopen (bitmask):
0x01 is client-side (enabled by default), 0x02 is server-side (disabled).
To enable tfo for both client and server, enable both bits.
* enable DNS over HTTP (DoH) for the server. This adds libnghttp2-dev
to Build-Depends (Closes: #973793)
* add source lintian-override to shut up a false positive (windows binary)
* d/unbound-helper: rename from package-helper and move it from subdir in
/usr/lib/unbound/ to /usr/libexec/unbound-helper.
* d/unbound-helper: rework updating of the unbound copy of the root.key file:
copy it to /var/lib/unbound/root.key.tmp first and rename to ..../root.key
only when done. Also do not do it as root in an untrusted directory.
(Closes: #989959)
* d/unbound-helper: do not perform chroot setup operations if chroot is
not configured in the config file
* d/unbound-helper: perform /run/systemd/notify bind-mount for any chroot
if configured, not only for non-standard chroot which needs a copy of
all config files. Closes: #931583, Actually closes: #828699.
* d/unbound-helper: other cleanups
* d/unbound.init: set PATH={,/usr}/{,s}bin. Closes: #900751
* d/unbound.init: stop hiding update_trust_anchor messages and use "unbound"
tag for logging them
* d/control: since unbound does not use unbound-anchor directly anymore,
drop the Depends
* d/control: move openssl from Depends to Recommends. It is used only to
generate remove-control keys for unbound-control, once, usually at the
install time (in postinst) and never used after install. Also check if
openssl is installed and print a friendly error message in
unbound-control-setup if it is not. This is done in a new patch,
unbound-control-setup-check-openssl.patch
* d/control: move dns-root-data from Depends to Recommends. It is only
used for root.key currently (in unbound-helper) and even there, once
it is initially copied to unbound library directory, this file will
be managed by unbound itself using RFC 5011 trust anchor tracking.
So this package can be removed if necessary, without harming unbound.
-- Michael Tokarev Tue, 19 Apr 2022 20:39:12 +0300
unbound (1.15.0-1) experimental; urgency=medium
* Acknowledge the NMU
* New upstream release (1.15.0)
Closes: #997694, #1001430, #1008918, #1000201
* remove python3.10-related patches (included upstream)
* add myself to Uploaders
* redo the whole packag build procedure
- switch to dh sequence
- switch to debhelper-compat=13
- switch to dh-sequence-python3
- move configure/build/install parts out of binary target
into the right places
- move different builds into subdirs of b/ to stop building
them one by one replacing results
- perform 2 builds, one main (daemon & tools) and one libunbound
--with-nettle (daemon can't be built with nettle);
when installing, install libunbound build on top of the main
install in d/tmp, replacing only the library
- use pkg.unbound.libonly build profile in d/rules
- use normal d/*.install way to install files instead of a lot
of custom renaming in d/rules (Closes: #632096)
- enable dh_missing (automatic with dh=13), with actual filelist
and two *.la files in d/not-installed
- include only required dpkg *.mk files (else it is slow)
* install all *.3 manpages (for individual functions too)
* install unbound-control-setup.8
* enable-python-build-in-subdir.patch: fix 2 probs with python
module building in a subdir (needs to go upstream)
* add install-pkgconfig-in-lib-not-all.patch to fix another small
install prob in Makefile.in (pkgconfig is installed in wrong place)
* d/onttrol: bump Standards-Version to 4.6.0 (no changes needed)
* d/control: add Pre-Depends: ${misc:Pre-Depends} to unbound package
to satisfy current dh_installsystemd & dh_installinit maintscript
fragments
* d/control: Rules-Requires-Root: no
* d/unbound.init: add short description to the init file
* added simple d/salsa-ci.yml file
-- Michael Tokarev Mon, 18 Apr 2022 00:56:10 +0300
unbound (1.13.1-1.1) unstable; urgency=medium
* Non-maintainer upload
[ Rico Tzschichholz ]
* Cherry-pick upstream commits for Python 3.10 compatibility (Closes:
#1008641)
-- Sebastian Ramacher Wed, 06 Apr 2022 21:37:02 +0200
* Last Uploader: Christian Ehrhardt
Debian changes newer than ubuntu version:
xen (4.16.1-1) unstable; urgency=medium
* Update to new upstream version 4.16.1, which also contains security fixes
for the following issues:
- Racy interactions between dirty vram tracking and paging log dirty
hypercalls
XSA-397 CVE-2022-26356
- Multiple speculative security issues
XSA-398 (no CVE yet)
- race in VT-d domain ID cleanup
XSA-399 CVE-2022-26357
- IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues
XSA-400 CVE-2022-26358 CVE-2022-26359 CVE-2022-26360 CVE-2022-26361
* Note that the following XSA are not listed, because...
- XSA-396 has patches for the Linux kernel.
* Don't ship NEWS in libxen* packages. Instead, only ship relevant NEWS
items for actual hypervisor and/or utils packages they belong to.
(Closes: #962267)
* d/control: make xen-hypervisor-common arch specific, just like
xen-utils-common.
* d/control: stop recommending qemu-system-x86 on arm, because qemu is not
being built with xen support on arm...
* Add a patch for tools/libs/light/Makefile which prevents build.o and
build.opic to be rebuilt unneededly during the package install phase,
causing a FTBFS because it triggers the use of ccache, which is not
allowed in the install phase of building the Debian packages.
Improvements related to Qemu integration: [Michael Tokarev]
* d/xen-utils-common.xen.init: properly disable qemu monitor/serial/parallel
devices for qemu started at boot.
* debian: switch from recommending qemu-system-x86 to qemu-system-xen and
mention this change in the NEWS file.
* Add patch "give meaningful error message if qemu device model is
unavailable" to give a useful error message only in case the domU needs
the qemu device model which is not installed, instead of giving a warning
about missing qemu even if it is not used by this domain.
Documentation, grammar and spelling fixes and improvements:
* d/control: drop obsolete paragraph about separate xen linux kernel package
* d/control: Harmonize the capitalization of the 'Xen' word [Diederik de Haas]
* d/control: Improve spelling and grammar [Diederik de Haas]`
-- Hans van Kranenburg Mon, 09 May 2022 22:29:23 +0200
xen (4.16.0+51-g0941d6cb-1) unstable; urgency=medium
* Update to new upstream version 4.16.0+51-g0941d6cb, which also contains
security fixes for the following issues:
- arm: guest_physmap_remove_page not removing the p2m mappings
XSA-393 CVE-2022-23033
- A PV guest could DoS Xen while unmapping a grant
XSA-394 CVE-2022-23034
- Insufficient cleanup of passed-through device IRQs
XSA-395 CVE-2022-23035
* Note that the following XSA are not listed, because...
- XSA-391 and XSA-392 have patches for the Linux kernel.
* Upload to unstable now, which obsoletes the Xen 4.14 FTBFS issue.
(Closes: #1002658)
-- Hans van Kranenburg Sat, 19 Feb 2022 20:29:32 +0100