[MIR] fonts-stix -- to replace xfonts-mathml

Bug #1487148 reported by Steve Langasek
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
fonts-stix (Ubuntu)
Fix Released
Undecided
Unassigned
Wily
Invalid
Undecided
Unassigned
libreoffice (Ubuntu)
Fix Released
High
Björn Michaelsen
Wily
Fix Released
Undecided
Unassigned

Bug Description

[Availability]
already in xenial

[Rationale]
The libreoffice-common package currently recommends xfonts-mathml, which was removed from Debian in 2014 with the rationale that it is superseded by fonts-stix (and that it has a license problem). Please replace it with fonts-stix.

[Security]
no executable code

[Quality assurance]
no executable code

[Dependencies]
no further deps needed: see http://people.canonical.com/~ubuntu-archive/component-mismatches.txt

[Standards compliance]
trivial package, maintained by Debian

[Maintenance]
no executable code, maintained by Debian, stable/low frequency updates

[Background information]
Since xfonts-mathml is only a Recommends: rather than Depends:, I'm going to go ahead and remove xfonts-mathml from wily. If for some reason fonts-stix is not a suitable replacement and xfonts-mathml is still needed, please feel free to reupload it to the archive and close this bug.

Tags: packaging

CVE References

Steve Langasek (vorlon)
Changed in libreoffice (Ubuntu):
importance: Undecided → High
status: New → Triaged
tags: added: packaging
Changed in libreoffice (Ubuntu):
assignee: nobody → Björn Michaelsen (bjoern-michaelsen)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libreoffice - 1:5.0.2-0ubuntu5

---------------
libreoffice (1:5.0.2-0ubuntu5) xenial; urgency=medium

  * No-change rebuild against libglew1.13.

 -- Steve Langasek <email address hidden> Thu, 12 Nov 2015 03:21:58 +0000

Changed in libreoffice (Ubuntu):
status: Triaged → Fix Released
summary: - Please replace xfonts-mathml with fonts-stix in recommends
+ [MIR] fonts-stix -- to replace xfonts-mathml
description: updated
Revision history for this message
Michael Terry (mterry) wrote :

Yeah, this is fine. Thanks for the cleanup!

Changed in fonts-stix (Ubuntu):
status: New → Fix Committed
Revision history for this message
Michael Terry (mterry) wrote :

I think the libreoffice task got closed accidentally?

Changed in libreoffice (Ubuntu):
status: Fix Released → Triaged
Michael Terry (mterry)
Changed in libreoffice (Ubuntu):
status: Triaged → Fix Released
Revision history for this message
Matthias Klose (doko) wrote :

missing subscriber

Changed in fonts-stix (Ubuntu):
status: Fix Committed → Incomplete
Revision history for this message
Björn Michaelsen (bjoern-michaelsen) wrote :

@doko: fixed, thanks.

Changed in fonts-stix (Ubuntu):
status: Incomplete → Fix Released
Michael Terry (mterry)
Changed in fonts-stix (Ubuntu):
status: Fix Released → Fix Committed
Revision history for this message
Steve Langasek (vorlon) wrote :

The bug subscriber is expected to be one of the teams listed on <http://reqorts.qa.ubuntu.com/reports/m-r-package-team-mapping.html>. So this is still incomplete.

Changed in fonts-stix (Ubuntu):
status: Fix Committed → Incomplete
Revision history for this message
Michael Terry (mterry) wrote :

Steve, since when? If we have teams that weren't on that list responsible for packaging, we just added them to that list. bdmurray maintains it I believe. So the fix should be to add the team to the list, eh?

Revision history for this message
Steve Langasek (vorlon) wrote :

> Steve, since when? If we have teams that weren't on that list
> responsible for packaging, we just added them to that list. bdmurray
> maintains it I believe. So the fix should be to add the team to the
> list, eh?

The purpose of requiring a team subscriber for MIRs is to make it clear who, as a team, to escalate problems with the package to. Having fine-grained subscriptions by teams with only three members (~libreoffice), only two of
which have upload rights (core-dev) and only one of those who actually works on the libreoffice package, does not serve this purpose. The answer to a team not being on the m-r report is not to arbitrarily add more teams, but to understand why there isn't an existing team that is agreeing to take ownership of this package.

It certainly doesn't make sense for ~desktop-packages to be the MIR team subscriber for libreoffice itself, but then bless ~libreoffice as the team subscriber for a random font dependency. Let's get desktop-packages subscribed to this package, please.

Revision history for this message
Michael Terry (mterry) wrote :

Sure, though the suitability of ~libreoffice is a separate question. I agree that some teams aren't suitable; I have definitely rejected some team bug subscribers because they weren't well "staffed".

And I agree that since ~desktop-packages is the point of contact for libreoffice, it should probably also be the point of contact for this package.

But I don't agree that the list of teams on the m-r report shouldn't grow as a matter of course.

Revision history for this message
Matthias Klose (doko) wrote :

Override component to main
fonts-stix 1.1.1-4 in xenial: universe/fonts -> main
fonts-stix 1.1.1-4 in xenial amd64: universe/fonts/extra/100% -> main
fonts-stix 1.1.1-4 in xenial arm64: universe/fonts/extra/100% -> main
fonts-stix 1.1.1-4 in xenial armhf: universe/fonts/extra/100% -> main
fonts-stix 1.1.1-4 in xenial i386: universe/fonts/extra/100% -> main
fonts-stix 1.1.1-4 in xenial powerpc: universe/fonts/extra/100% -> main
fonts-stix 1.1.1-4 in xenial ppc64el: universe/fonts/extra/100% -> main
fonts-stix 1.1.1-4 in xenial s390x: universe/fonts/extra/100% -> main
8 publications overridden.

Changed in fonts-stix (Ubuntu):
status: Incomplete → Fix Released
Revision history for this message
Chris J Arges (arges) wrote :

Hi, 'fonts-stix' is not in main for wily. Is there another way to fix this for wily without pulling in a universe package?

Revision history for this message
Michael Terry (mterry) wrote :

We can't promote a package from universe after release. So you need to either pull in a universe package or work around the fonts package another way.

Revision history for this message
Steve Langasek (vorlon) wrote : Re: [Bug 1487148] Re: [MIR] fonts-stix -- to replace xfonts-mathml

On Wed, May 18, 2016 at 05:34:26PM -0000, Michael Terry wrote:
> We can't promote a package from universe after release.

That's not entirely true. We can change the component of a package in the
-updates pocket; we cannot change the component in the release pocket. So
if there is a requirement to promote a package to main after release, we can
copy the package to the -updates pocket and promote it there.

In this particular case, it appears that recommending a package in universe
and having it installed for some people and not all, would be a better
experience than not recommending it. If this is the consensus, it's my
SRU/AA view that we should go the rest of the way and promote fonts-stix in
-updates.

Revision history for this message
Michael Terry (mterry) wrote :

Ah, very cool.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libreoffice - 1:5.0.6-0ubuntu1

---------------
libreoffice (1:5.0.6-0ubuntu1) wily-security; urgency=medium

  * SECURITY UPDATE: Denial of service and possible arbitrary code execution
    via a crafted RTF file
    - CVE-2016-4324
  * new upstream release
  * fall back to SYSTEM_GCC_VERSION, when SYSTEM_GCJ_VERSION is empty
  * substitute xfonts-mathml with fonts-stix (lp: #1487148)
  * cherry-pick from Debian:
    - readd conflicts against openoffice-unbundled to libreoffice-common.
      openoffice*-debian-menus contains /usr/bin/soffice
  * fix gug language description (thanks Rene)
  * add build version for "About LibreOffice"
  * create profile defaulting to human style on unity (lp: #1508177)
  * reenable Ubuntu palette
  * handle integral translations
  * adjust kde integration for upstream cb37698884c6f7af97c5fa9a0404a5893aa73c9d

 -- Bjoern Michaelsen <email address hidden> Fri, 24 Jun 2016 20:45:46 +0200

Changed in libreoffice (Ubuntu Wily):
status: New → Fix Released
dino99 (9d9)
Changed in fonts-stix (Ubuntu Wily):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers