Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: php-proxy-mana...@packages.debian.org, t...@security.debian.org Control: affects -1 + src:php-proxy-manager User: release.debian....@packages.debian.org Usertags: pu
[5/9 for bookworm] This is a follow up from composer/DSA-5632-1. In order to fix a Debian-specific issue related to CVE-2024-24821, we agreed with the security team to push related dependencies via the next point release. The only change (besides changelog entry) in the binary package is the following (thanks to diffoscope). │ │ ├── ./usr/share/php/ProxyManager/autoload.php │ │ │ @@ -1,12 +1,12 @@ │ │ │ <?php │ │ │ │ │ │ // Require │ │ │ -require_once 'Laminas/Code/autoload.php'; │ │ │ -require_once 'Symfony/Component/Filesystem/autoload.php'; │ │ │ +require_once __DIR__ . '/../Laminas/Code/autoload.php'; │ │ │ +require_once __DIR__ . '/../Symfony/Component/Filesystem/autoload.php'; │ │ │ │ │ │ // Suggest The goal is to ensure related dependencies are loaded from the system path. The attached debdiff is a bit bigger, since it aims at keeping the testsuite at buildtime effective. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable TIA for considering. Cheers, taffit
diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl
php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl
--- php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl 1970-01-01
01:00:00.000000000 +0100
+++ php-proxy-manager-2.11.1+1.0.14/debian/autoload.php.tpl 2024-02-15
22:58:41.000000000 +0100
@@ -0,0 +1,30 @@
+<?php
+
+// Require
+require_once __DIR__ . '/../Laminas/Code/autoload.php';
+require_once __DIR__ . '/../Symfony/Component/Filesystem/autoload.php';
+
+// Suggest
+
+// @codingStandardsIgnoreFile
+// @codeCoverageIgnoreStart
+// this is an autogenerated file - do not edit
+spl_autoload_register(
+ function($class) {
+ static $classes = null;
+ if ($classes === null) {
+ $classes = array(
+ ___CLASSLIST___
+ );
+ }
+ $cn = strtolower($class);
+ if (isset($classes[$cn])) {
+ require ___BASEDIR___$classes[$cn];
+ }
+ },
+ ___EXCEPTION___,
+ ___PREPEND___
+);
+// @codeCoverageIgnoreEnd
+
+// Files
diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/changelog
php-proxy-manager-2.11.1+1.0.14/debian/changelog
--- php-proxy-manager-2.11.1+1.0.14/debian/changelog 2023-01-30
13:43:49.000000000 +0100
+++ php-proxy-manager-2.11.1+1.0.14/debian/changelog 2024-02-15
22:58:41.000000000 +0100
@@ -1,3 +1,10 @@
+php-proxy-manager (2.11.1+1.0.14-1+deb12u1) bookworm; urgency=medium
+
+ * Track debian/bookworm
+ * Force system dependencies loading
+
+ -- David Prévot <taf...@debian.org> Thu, 15 Feb 2024 22:58:41 +0100
+
php-proxy-manager (2.11.1+1.0.14-1) unstable; urgency=medium
[ Nicolas Grekas ]
diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/clean
php-proxy-manager-2.11.1+1.0.14/debian/clean
--- php-proxy-manager-2.11.1+1.0.14/debian/clean 2022-10-22
12:12:26.000000000 +0200
+++ php-proxy-manager-2.11.1+1.0.14/debian/clean 2024-02-15
22:58:41.000000000 +0100
@@ -1,6 +1,7 @@
.phpunit.result.cache
-ProxyManager
-debian/autoload.php.tpl
debian/autoload.tests.php.tpl
+Laminas
+ProxyManager/
src/ProxyManager/autoload.php
+Symfony
vendor/
diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/control
php-proxy-manager-2.11.1+1.0.14/debian/control
--- php-proxy-manager-2.11.1+1.0.14/debian/control 2023-01-30
13:41:38.000000000 +0100
+++ php-proxy-manager-2.11.1+1.0.14/debian/control 2024-02-15
22:58:41.000000000 +0100
@@ -13,7 +13,7 @@
pkg-php-tools (>= 1.41~)
Standards-Version: 4.6.2
Homepage: https://github.com/FriendsOfPHP/proxy-manager-lts
-Vcs-Git: https://salsa.debian.org/php-team/pear/php-proxy-manager.git
+Vcs-Git: https://salsa.debian.org/php-team/pear/php-proxy-manager.git -b
debian/bookworm
Vcs-Browser: https://salsa.debian.org/php-team/pear/php-proxy-manager
Rules-Requires-Root: no
diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf
php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf
--- php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf 2022-10-22
12:12:26.000000000 +0200
+++ php-proxy-manager-2.11.1+1.0.14/debian/gbp.conf 2024-02-15
22:58:41.000000000 +0100
@@ -1,5 +1,5 @@
[DEFAULT]
-debian-branch = debian/lts
+debian-branch = debian/bookworm
filter = [ '.gitattributes' ]
pristine-tar = True
upstream-branch = upstream-lts
diff -Nru
php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch
php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch
---
php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch
2023-01-30 13:40:33.000000000 +0100
+++
php-proxy-manager-2.11.1+1.0.14/debian/patches/0001-Also-skip-system-classes-during-tests.patch
2024-02-15 22:58:41.000000000 +0100
@@ -3,22 +3,23 @@
Subject: Also skip system classes during tests
---
- tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php | 2 ++
- 1 file changed, 2 insertions(+)
+ tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php | 3 +++
+ 1 file changed, 3 insertions(+)
diff --git
a/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php
b/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php
-index 8e4f48d..9d65c6f 100644
+index 8e4f48d..eebd45a 100644
--- a/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php
+++ b/tests/ProxyManagerTest/Functional/FatalPreventionFunctionalTest.php
-@@ -109,6 +109,7 @@ final class FatalPreventionFunctionalTest extends TestCase
+@@ -109,6 +109,8 @@ final class FatalPreventionFunctionalTest extends TestCase
realpath(__DIR__ . '/../../../src'),
realpath(__DIR__ . '/../../../vendor'),
realpath(__DIR__ . '/../../ProxyManagerTest'),
++ realpath(__DIR__ . '/../../../ProxyManager'),
+ realpath('/usr/share/php'),
];
return array_filter(
-@@ -135,6 +136,7 @@ final class FatalPreventionFunctionalTest extends TestCase
+@@ -135,6 +137,7 @@ final class FatalPreventionFunctionalTest extends TestCase
if (strpos($realPath, $skippedPath) === 0) {
// skip classes defined within ProxyManager, vendor
or the test suite
diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/rules
php-proxy-manager-2.11.1+1.0.14/debian/rules
--- php-proxy-manager-2.11.1+1.0.14/debian/rules 2022-10-22
12:12:26.000000000 +0200
+++ php-proxy-manager-2.11.1+1.0.14/debian/rules 2024-02-15
22:58:41.000000000 +0100
@@ -3,7 +3,6 @@
dh $@
override_dh_auto_build:
- phpabtpl composer.json > debian/autoload.php.tpl
phpab \
--output src/ProxyManager/autoload.php \
--template debian/autoload.php.tpl \
@@ -21,7 +20,9 @@
tests/ProxyManagerTest \
tests/ProxyManagerTestAsset \
tests/Stubbed/Laminas/Server
- ln -s src/ProxyManager .
+ cp -r src/ProxyManager .
+ ln -s /usr/share/php/Laminas .
+ ln -s /usr/share/php/Symfony .
override_dh_auto_test:
phpunit
diff -Nru php-proxy-manager-2.11.1+1.0.14/debian/tests/control
php-proxy-manager-2.11.1+1.0.14/debian/tests/control
--- php-proxy-manager-2.11.1+1.0.14/debian/tests/control 2022-10-22
12:12:26.000000000 +0200
+++ php-proxy-manager-2.11.1+1.0.14/debian/tests/control 2024-02-15
22:58:41.000000000 +0100
@@ -1,4 +1,4 @@
-Test-Command: mkdir --parents vendor && phpabtpl --require composer/composer
--require symfony/filesystem --require friendsofphp/proxy-manager-lts >
debian/autoload.tests.php.tpl && phpab --output vendor/autoload.php --template
debian/autoload.tests.php.tpl tests/ProxyManagerTest
tests/ProxyManagerTestAsset tests/Stubbed/Laminas/Server && phpunit
+Test-Command: mkdir --parents vendor ProxyManager && phpabtpl --require
composer/composer --require symfony/filesystem --require
friendsofphp/proxy-manager-lts > debian/autoload.tests.php.tpl && phpab
--output vendor/autoload.php --template debian/autoload.tests.php.tpl
tests/ProxyManagerTest tests/ProxyManagerTestAsset tests/Stubbed/Laminas/Server
&& phpunit
Restrictions: rw-build-tree, allow-stderr
Depends: composer,
php-symfony-filesystem,
signature.asc
Description: PGP signature
