[blog] 01/02: Touch-ups, clarifications, tidying, etc.
Chris Lamb
chris at chris-lamb.co.uk
Tue Dec 5 14:10:51 UTC 2017
This is an automated email from the git hooks/post-receive script.
lamby pushed a commit to branch master
in repository blog.
commit 06d9f1b07365cb8424d00f95f03494a73c573a95
Author: Chris Lamb <lamby at debian.org>
Date: Tue Dec 5 13:20:27 2017 +0000
Touch-ups, clarifications, tidying, etc.
---
drafts/136.mdwn | 53 +++++++++++++++++------------------------------------
drafts/137.mdwn | 3 +++
2 files changed, 20 insertions(+), 36 deletions(-)
diff --git a/drafts/136.mdwn b/drafts/136.mdwn
index 98d746f..98d8069 100644
--- a/drafts/136.mdwn
+++ b/drafts/136.mdwn
@@ -7,22 +7,18 @@ Media coverage
* Jelle van der Waa [wrote about Reproducible Arch Linux](http://vdwaa.nl/arch/linux/reproducible/builds/security/reproducible-builds-arch/). ([HN thread](https://news.ycombinator.com/item?id=15820356))
-* A while back, on October 31st 2017, Ludovic Courtès wrote a [summary about the status of Reproducible Guix](https://gnu.org/software/guix/news/reproducible-builds-a-status-update.html), which for them led to a nice and unexpected benefit: faster downloads!
+* On October 31st 2017, Ludovic Courtès wrote a [summary about the status of Reproducible Guix](https://gnu.org/software/guix/news/reproducible-builds-a-status-update.html), which even led to desirable side-effects such as faster downloads.
Arch Linux imap key leakage
---------------------------
-A [security issue](https://bugs.archlinux.org/task/56484) was found on the imap
-package for [Arch Linux thanks to the reproducible builds efforts](https://tests.reproducible-builds.org/archlinux/).
-Due to a
-hardcoded key-generation routine in the build() step of imap's PKGBUILD (the
-standard packaging file for Arch Linux packages), a default secret key was
-generated and leaked on all imap installations.
+A [security issue was found in the imap package](https://bugs.archlinux.org/task/56484) in Arch Linux [thanks to the reproducible builds effort](https://tests.reproducible-builds.org/archlinux/) in that distribution.
-This was prompty reviewed, confirmed and fixed by the Arch Linux package
-maintainers.
+Due to a hardcoded key-generation routine in the `build()` step of `imap`'s `PKGBUILD` (the standard packaging file for Arch Linux packages), a default secret key was generated and leaked on all `imap` installations. This was prompty reviewed, confirmed and fixed by the package maintainers.
-Debian Packages reviewed and fixed, and bugs filed
+This mirrors similar security issues found in Debian, such as [[!bug 833885]].
+
+Debian packages reviewed and fixed, and bugs filed
-------------------------------------------
* Adrian Bunk:
@@ -41,6 +37,7 @@ Debian Packages reviewed and fixed, and bugs filed
* [[!bug 883348]] filed against [[!pkg psychtoolbox-3]].
* [[!bug 883359]] filed against [[!pkg at-spi2-core]].
+In addition, 73 FTBFS bugs were detected and reported by Adrian Bunk.
Reviews of unreproducible Debian packages
----------------------------------
@@ -48,17 +45,9 @@ Reviews of unreproducible Debian packages
83 package reviews have been added, 41 have been updated and 33 have been removed in this week,
adding to our knowledge about [identified issues](https://tests.reproducible-builds.org/debian/index_issues.html).
-1 issue types have been updated:
-
-- [qt-rcc patch is merged](https://anonscm.debian.org/git/reproducible/notes.git/commit/?id=d86ea540)
-
-
-Weekly Debian QA work
---------------
+1 issue type was updated:
-During our reproducibility testing, FTBFS bugs have been detected and reported by:
-
- - Adrian Bunk (73)
+- [timestamps\_in\_source\_generated\_by_rcc](https://anonscm.debian.org/git/reproducible/notes.git/commit/?id=d86ea540)
LEDE / OpenWrt packages updates:
@@ -79,13 +68,13 @@ diffoscope development
- Chris Lamb:
- [Handle case where a file to be "fuzzy" matched does not contain enough entropy (#882981)](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=8599873)
- - [Make cleanup of placeholders idempotent.](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=893a1e7)
+ - [Make cleanup of placeholders idempotent](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=893a1e7)
- Mike Hommey:
- [Extract libarchive contents with a file extension](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=a7c1d23)
- Ximin Luo:
- Bug fixes:
- - [Run zipinfo on /dev/stdin instead of a variable path. (Closes: #879011)](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=25fee28)
- - [Looser matching for .deb archive members. (Closes: #881937)](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=e5dc438)
+ - [Run zipinfo on /dev/stdin instead of a variable path (Closes: #879011)](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=25fee28)
+ - [Looser matching for .deb archive members (Closes: #881937)](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=e5dc438)
- Features/cleanup:
- [Allow non-text formats to output an empty diff](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=0670bc0)
- [Add a Difference.from\_command\_exc to distinguish excluded commands from empty diff](https://anonscm.debian.org/git/reproducible/diffoscope.git/commit/?id=f148615)
@@ -137,7 +126,7 @@ tests.reproducible-builds.org
- [Check for new packages every day (instead of every 2)](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=368d055b)
- [Schedule newer versions automatically](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=e6346092)
- [Prefer manually triggered packages over new packages](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=5c2b989a)
- - [Detect versions of packages of 'any' arch](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=2809fdde)
+ - [Detect versions of packages of `any` arch](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=2809fdde)
- [Schedule 'old' packages which haven't been tested yet](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=735a2b36)
- Features:
- [Generate graphs](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=5fc61d7c)
@@ -168,27 +157,19 @@ tests.reproducible-builds.org
- Misc:
- [Be more verbose when deploying jobs](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=76b11fd8)
- [Ignore some warnings in commit messages](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=261a781d)
- - [IRC notifications to #lede-dev on Freenode](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=bbbb35ed)
+ - [Emit IRC notifications to `#lede-dev` on Freenode](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=bbbb35ed)
- Chris Lamb:
- - [Ignore "warning" etc. in commit messages.](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=70f4d6a9)
+ - [Ignore "warning" etc. in commit messages](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=70f4d6a9)
- Hans-Christoph Steiner continued his work on reproducible [F-Droid](https://f-droid.org/en/):
- [Always wait for successful `git fetch`](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=715102a8)
- [Include new Python dependencies](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=fb94269b)
- lynxis:
- - [Update references to sources.debian.org](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=abe238c3)
-
-
-bugs filed to upstream projects
--------------------------------
-
-* Santiago Torres-Arias:
- * [Make gnu-apl reproducible](https://savannah.gnu.org/bugs/index.php?52586)
- * fbnews: sorry, there is no public record of the bug. you can see the patch [here](https://ptpb.pw/CfGQ/diff) though
+ - [Update references to `sources.debian.org`](https://anonscm.debian.org/git/qa/jenkins.debian.net.git/commit/?id=abe238c3)
Misc.
-----
-This week's edition was written by Bernhard M. Wiedemann, Chris Lamb & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
+This week's edition was written by Alexander Couzens, Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Santiago Torres-Arias, Vagrant Cascadian & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
diff --git a/drafts/137.mdwn b/drafts/137.mdwn
index cf9a752..092df78 100644
--- a/drafts/137.mdwn
+++ b/drafts/137.mdwn
@@ -12,6 +12,9 @@ lede/openwrt package feeds
https://github.com/openwrt/packages/pull/5217
https://github.com/openwrt/packages/pull/5218
+* Santiago Torres-Arias:
+ * [Make gnu-apl reproducible](https://savannah.gnu.org/bugs/index.php?52586)
+ * fbnews: sorry, there is no public record of the bug. you can see the patch [here](https://ptpb.pw/CfGQ/diff) though
https://github.com/trendmicro/tlsh/pull/51#issuecomment-349206496 via diffoscope development
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/blog.git
More information about the Reproducible-commits
mailing list