[00:26] -queuebot:#ubuntu-release- New binary: ubuntucinnamon-wallpapers [amd64] (mantic-proposed/universe) [23.10] (no packageset)
[05:45] -queuebot:#ubuntu-release- New: accepted ubuntucinnamon-wallpapers [amd64] (mantic-proposed) [23.10]
[08:05] <LocutusOfBorg> hello, can we please kick ulex0.8 out from mantic? Debian bug: #1051377
[08:05] -ubottu:#ubuntu-release- Debian bug 1051377 in ftp.debian.org "RM: ulex0.8 -- ROM; no more rdeps; FTBFS" [Normal, Open] https://bugs.debian.org/1051377
[11:00] -queuebot:#ubuntu-release- New sync: golang-1.15 (mantic-proposed/primary) [1.15.9-6]
[11:00] <LocutusOfBorg> please REJECT IT ^^
[11:00] <LocutusOfBorg> mistype 15 instead of 19
[11:00] <LocutusOfBorg> meh
[11:01] <LocutusOfBorg> (I'm syncing due to CVE-2023-29409 and CVE-2023-29406.
[11:01] -ubottu:#ubuntu-release- Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three a... <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29409>
[11:01] -ubottu:#ubuntu-release- The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29406>
[11:15] <LocutusOfBorg> (and other cves, such as CVE-2023-39320 CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322
[11:15] -ubottu:#ubuntu-release- ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39320>
[11:15] -ubottu:#ubuntu-release- ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39318>
[11:15] -ubottu:#ubuntu-release- ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39319>
[11:15] -ubottu:#ubuntu-release- ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39321>
[11:15] -ubottu:#ubuntu-release- ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39322>
[12:06] -queuebot:#ubuntu-release- Unapproved: accepted rsync [source] (focal-proposed) [3.1.3-8ubuntu0.7]
[13:36] <rbasak> doko: is your sync of valgrind-is-available into Jammy unapproved intentional?
[13:36] <rbasak> *if
[14:03] <doko> rbasak: I added it to the i386-whitelist, yes. but if we cannot add it, I think I can work around it as well, replacing b-d's with valgrind [!riscv64]
[14:14] <rbasak> doko: I don't understand it as it appears in the Unapproved queue. 3.18.1 is already in Jammy, no?
[14:20] -queuebot:#ubuntu-release- Unapproved: libreoffice (lunar-proposed/main) [4:7.5.5-0ubuntu0.23.04.1 => 4:7.5.6-0ubuntu0.23.04.1] (ubuntu-desktop)
[14:21] <ricotz> rbasak, hi :), in case you are still doing SRU reviews today, there is libreoffice for lunar ^
[14:25] -queuebot:#ubuntu-release- Unapproved: accepted edubuntu-menu [source] (lunar-proposed) [23.04.2.1]
[14:26] -queuebot:#ubuntu-release- Unapproved: rejected ubuntustudio-menu [source] (lunar-proposed) [0.72.1]
[14:27] -queuebot:#ubuntu-release- Unapproved: rejected ubuntustudio-menu [source] (jammy-proposed) [0.55.1]
[14:33] <Eickmeyer> rbasak: Reuploaded ubuntustudio-menu with changes to d/control reverted.
[14:33] -queuebot:#ubuntu-release- Unapproved: ubuntustudio-menu (lunar-proposed/universe) [0.72 => 0.72.1] (ubuntustudio)
[14:38] -queuebot:#ubuntu-release- Unapproved: rejected python-websockets [source] (jammy-proposed) [10.2-1ubuntu0.22.04.1]
[14:40] <rbasak> Eickmeyer: thanks. Did you see the Jammy issue too?
[14:40] <Eickmeyer> rbasak: That's about to be uploaded too. :)
[14:41] <Eickmeyer> There was a problem in the git history between jammy and kinetic, so that's why it wasn't caught.
[14:42] <Eickmeyer> rbasak: Uploaded.
[14:42] -queuebot:#ubuntu-release- Unapproved: ubuntustudio-menu (jammy-proposed/universe) [0.55 => 0.55.1] (ubuntustudio)
[14:43]  * Eickmeyer isn't messing around with this .desktop file update :)
[14:50] <rbasak> ack, looking
[14:52] -queuebot:#ubuntu-release- Unapproved: accepted netplan.io [source] (lunar-proposed) [0.106.1-7ubuntu0.23.04.2]
[14:53] <rbasak> Looks good now. Accepting - thanks!
[14:53] -queuebot:#ubuntu-release- Unapproved: accepted ubuntustudio-menu [source] (lunar-proposed) [0.72.1]
[14:53] -queuebot:#ubuntu-release- Unapproved: accepted ubuntustudio-menu [source] (jammy-proposed) [0.55.1]
[15:23] -queuebot:#ubuntu-release- Unapproved: libfprint (jammy-proposed/main) [1:1.94.3+tod1-0ubuntu2~22.04.04 => 1:1.94.3+tod1-0ubuntu2~22.04.06] (ubuntu-desktop)
[15:59] -queuebot:#ubuntu-release- New: rejected golang-1.15 [sync] (mantic-proposed) [1.15.9-6]
[16:42] -queuebot:#ubuntu-release- Unapproved: rejected netplan.io [source] (jammy-proposed) [0.106.1-7ubuntu0.22.04.1]
[16:47] -queuebot:#ubuntu-release- Unapproved: accepted netplan.io [source] (jammy-proposed) [0.106.1-7ubuntu0.22.04.2]
[17:18] -queuebot:#ubuntu-release- Unapproved: rejected ec2-hibinit-agent [source] (jammy-proposed) [1.0.0-0ubuntu11.22.04.4]
[17:18] -queuebot:#ubuntu-release- Unapproved: rejected ec2-hibinit-agent [source] (lunar-proposed) [1.0.0-0ubuntu13.3]
[17:19] -queuebot:#ubuntu-release- Unapproved: rejected ec2-hibinit-agent [source] (focal-proposed) [1.0.0-0ubuntu9.5]
[17:53] -queuebot:#ubuntu-release- Unapproved: mokutil (focal-security/main) [0.6.0-2~20.04.1 => 0.6.0-2~20.04.2] (core) (sync)
[17:53] -queuebot:#ubuntu-release- Unapproved: mokutil (jammy-security/main) [0.6.0-2~22.04.1 => 0.6.0-2~22.04.2] (core) (sync)
[18:08] <Eickmeyer> Is there something weird going on with lunar-proposed? Trying to test a package, enabled the repo, and all packages are up to date. Confirmed the box is looking and getting the lists,  and proposed wasn't enabled prior to 'apt update.'
[18:09] <Eickmeyer> In other words, everything is correct/as it should be.
[18:11] <RikMills> Eickmeyer: lunar was 1st release with not-automatic, so you need to actively ask apt to install the new version IIRC
[18:11] <Eickmeyer> RikMills: I did.
[18:12] <ricotz> see apt-cache policy PKG
[18:13] <RikMills> yes, apt upgrade won't be enough
[18:13] <Eickmeyer> I never use upgrade when proposed is enabled.
[18:14] <RikMills> what is the command you are using then?
[18:14] <RikMills> so we are very clear
[18:14] <Eickmeyer> sudo apt install ubuntustudio-menu. I guess I need to use --from
[18:15] <RikMills> what about sudo apt install ubuntustudio-menu/lunar-proposed
[18:15] <Eickmeyer> That works.
[18:16] <RikMills> kool :)
[18:16] <Eickmeyer> I guess I didn't get the memo that it wouldn't be not-automatic. Again, one of those communication failures I've been screaming about.
[18:16] <RikMills> it is documented 'somewhere'
[18:16] <Eickmeyer> Not good enough.
[18:17] <Eickmeyer> I mean, I'm not saying it's intentional or that it's in bad faith, but things like that need to be sent out in ML post.
[18:18] <RikMills> I don't recall where I learnt that from
[18:19] <ricotz> https://wiki.ubuntu.com/Testing/EnableProposed ;)
[18:20] <Eickmeyer> ricotz: Like I said, "documented somewhere" isn't good enough when it's a major change.
[18:21] <RikMills> has always been the case when you manually in proposed lower
[18:21] <ricotz> I guess this is outdated while "selective upgrading" would be the default now
[18:21] <RikMills> but I do think there was a mailing list notification when that became defult
[18:21] <Eickmeyer> I don't recall seeing a ML notification about this.
[18:21] <RikMills> but can't find it just this sec
[18:22] <Eickmeyer> And I'm not subscribed to every single discourse post.
[18:31] <RikMills> https://lists.ubuntu.com/archives/ubuntu-devel/2022-November/042338.html
[18:31] <RikMills> all I can find in a quick look
[18:33] -queuebot:#ubuntu-release- Unapproved: qemu (jammy-proposed/main) [1:6.2+dfsg-2ubuntu6.13 => 1:6.2+dfsg-2ubuntu6.14] (ubuntu-server, virt)
[18:45] <Eickmeyer> RikMills: That looks like it stalled-out with no clear notice that it was being done. Still a lack of communication and continuation of that thread.
[19:12] -queuebot:#ubuntu-release- Unapproved: accepted mokutil [sync] (focal-security) [0.6.0-2~20.04.2]
[19:12] -queuebot:#ubuntu-release- Unapproved: accepted mokutil [sync] (jammy-security) [0.6.0-2~22.04.2]
[19:16]  * RikMills shrugs
[19:25] <vorlon> "I have set this flag now" isn't clear?
[19:32] <Eickmeyer> vorlon: It's not a clear notice *to everyone* that this is a major change and not merely a discussion. I feel that, as such, it needs to be a separate thread and made a major announcement that the behavior is changing so people aren't off-guard.
[19:32] <Eickmeyer> It's not a clear announcement. It's merely discussion.
[20:05] -queuebot:#ubuntu-release- Unapproved: livecd-rootfs (jammy-proposed/main) [2.765.25 => 2.765.26] (desktop-core, i386-whitelist)
[20:16] <vorlon> did someone here retry the deal.ii/riscv64 build?
[21:10] -queuebot:#ubuntu-release- Unapproved: ubuntustudio-menu (lunar-proposed/universe) [0.72.1 => 0.72.2] (ubuntustudio)
[21:12] -queuebot:#ubuntu-release- Unapproved: edubuntu-menu (lunar-proposed/universe) [23.04.2.1 => 23.04.2.2] (no packageset)
[21:13] <Eickmeyer> rbasak: If you're still around, bug 2025196 is verification-failed, so ^ those two uploads fix the issue.
[21:13] -ubottu:#ubuntu-release- Bug 2025196 in ubuntustudio-menu (Ubuntu Lunar) "[SRU] Conflicts with edubuntu-menu and ubuntustudio-menu" [High, In Progress] https://launchpad.net/bugs/2025196
[22:16] -queuebot:#ubuntu-release- Builds: 46 entries have been added, updated or disabled
 hello, can we please kick ulex0.8 out from mantic? Debian bug: #1051377
[22:30] <LocutusOfBorg> -ubottu/#ubuntu-release- Debian bug 1051377 in ftp.debian.org "RM: ulex0.8 -- ROM; no more rdeps; FTBFS" [Normal, Open] https://bugs.debian.org/1051377
[22:30] -ubottu:#ubuntu-release- Debian bug 1051377 in ftp.debian.org "RM: ulex0.8 -- ROM; no more rdeps; FTBFS" [Normal, Open] https://bugs.debian.org/1051377
[22:33] <vorlon> LocutusOfBorg: doesn't show up as a build failure on https://people.canonical.com/~ginggs/ftbfs-report/test-rebuild-20230830-mantic-mantic.html ?
[22:34] <LocutusOfBorg> https://launchpad.net/ubuntu/+source/ulex0.8/1.2-2build4
[22:34] <LocutusOfBorg> proposed pocket shows the failure...
[22:34] <LocutusOfBorg> it's related to camlp5
[22:35] <vorlon> ah got it
[22:36] <vorlon> LocutusOfBorg: done
[22:37] <LocutusOfBorg> camlp5 got a minor update, for compatibility with newer ocaml and some pcre->pcre2 moving and fixes (will we ever remove pcre3 from the archive? )
[22:37] <LocutusOfBorg> I'm really working to port/fix pcre3 apps to move to pcre2
[22:53] -queuebot:#ubuntu-release- Builds: Ubuntu Kylin Desktop amd64 [Mantic Daily] has been updated (20230907)