Bug#1023419: transition: freeglut
Hi Sebastian, rename was done to match the real shared object name to the package name: /usr/lib/x86_64-linux-gnu/libglut.so.3.11.0 will go to libglut3.11. At the moment source uploads are not necessary as libglut-dev provides freeglut3-dev. But after the transition yes, the batch of NMUs is planned. > why is there no transitional freeglut3-dev I thought it was enough that libglut-dev "provides" the freeglu3-dev. If not - I will add it. Thanks Regards Anton Am Do., 3. Nov. 2022 um 22:51 Uhr schrieb Sebastian Ramacher : > > Control: tags -1 moreinfo > Control: forwarded -1 > https://release.debian.org/transitions/html/auto-freeglut.html > > On 2022-11-03 20:12:03 +0100, Anton Gladky wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: transition > > > > > > New version of freeglut library and binary renaming. > > Reverse depends were rebuilt against new lib. > > > > > > Ben file: > > > > title = "freeglut"; > > is_affected = .depends ~ "freeglut3|freeglut3-dev" | .depends ~ > > "libglut-dev|libglut3.12"; > > is_good = .depends ~ "libglut-dev|libglut3.12"; > > is_bad = .depends ~ "freeglut3|freeglut3-dev"; > > What's the deal with the renamed -dev package? Do we need sourceful > uploads for all the reverse dependencies? What's the upgrade path for > users? Or in other words: why is there no transitional freeglut3-dev > package? > > Cheers > -- > Sebastian Ramacher
Bug#1021851: marked as done (bullseye-pu: package python-dnslib/0.9.14-1)
Your message dated Thu, 03 Nov 2022 22:28:04 -0400
with message-id <1901132.JPdjjM1xm6@zini-1880>
and subject line Re: Bug#1021851: Acknowledgement (bullseye-pu: package
python-dnslib/0.9.14-1)
has caused the Debian Bug report #1021851,
regarding bullseye-pu: package python-dnslib/0.9.14-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1021851: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021851
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: python-modules-t...@lists.alioth.debian.org
(Please provide enough information to help the release team
to judge the request efficiently. E.g. by filling in the
sections below.)
[ Reason ]
Backport of upstream fix for CVE-2022-22846 (no changes needed).
[ Impact ]
User impact is potential vulnerability to DNS cache poisoning.
[ Tests ]
Package runs the upstream test suite both during build and in an
autopkgtest.
[ Risks ]
Code change is trivial and pretty obviously correct. There were no
other changes between 0.9.14 (in Bullseye) and 0.9.17 where this fix is
backported from in the file in question.
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
Adds a check that the ID value in a DNS reply matches an ID value in a
query.
[ Other info ]
Security team rated this a minor issue, so addressing fix to stable
update.
diff -Nru python-dnslib-0.9.14/debian/changelog
python-dnslib-0.9.14/debian/changelog
--- python-dnslib-0.9.14/debian/changelog 2020-06-10 00:51:44.0
-0400
+++ python-dnslib-0.9.14/debian/changelog 2022-10-15 20:23:24.0
-0400
@@ -1,3 +1,10 @@
+python-dnslib (0.9.14-1+deb11u1) bullseye; urgency=medium
+
+ * Add debian/patches/0002-Validate-TXID-in-client.py.patch from upstream to
+address CVE-2022-22846
+
+ -- Scott Kitterman Sat, 15 Oct 2022 20:23:24 -0400
+
python-dnslib (0.9.14-1) unstable; urgency=medium
* New upstream release
diff -Nru
python-dnslib-0.9.14/debian/patches/0002-Validate-TXID-in-client.py.patch
python-dnslib-0.9.14/debian/patches/0002-Validate-TXID-in-client.py.patch
--- python-dnslib-0.9.14/debian/patches/0002-Validate-TXID-in-client.py.patch
1969-12-31 19:00:00.0 -0500
+++ python-dnslib-0.9.14/debian/patches/0002-Validate-TXID-in-client.py.patch
2022-10-15 20:21:51.0 -0400
@@ -0,0 +1,24 @@
+From: Scott Kitterman
+Date: Sat, 15 Oct 2022 20:17:26 -0400
+Subject: Validate TXID in client.py
+Fixes CVE-2022-22846
+Origin: backport,
https://github.com/paulc/dnslib/commit/76e8677699ed098387d502c57980f58da642aeba
+
+---
+ dnslib/client.py | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/dnslib/client.py b/dnslib/client.py
+index 628ea81..09572b6 100644
+--- a/dnslib/client.py
b/dnslib/client.py
+@@ -76,6 +76,9 @@ if __name__ == '__main__':
+ a_pkt = q.send(address,port,tcp=args.tcp)
+ a = DNSRecord.parse(a_pkt)
+
++if q.header.id != a.header.id:
++raise DNSError('Response transaction id does not match query
transaction id')
++
+ if a.header.tc and args.noretry == False:
+ # Truncated - retry in TCP mode
+ a_pkt = q.send(address,port,tcp=True)
diff -Nru python-dnslib-0.9.14/debian/patches/series
python-dnslib-0.9.14/debian/patches/series
--- python-dnslib-0.9.14/debian/patches/series 2020-06-10 00:50:31.0
-0400
+++ python-dnslib-0.9.14/debian/patches/series 2022-10-15 20:17:32.0
-0400
@@ -1 +1,2 @@
0001-Only-run-tests-for-python3.patch
+0002-Validate-TXID-in-client.py.patch
--- End Message ---
--- Begin Message ---
It turns out there's another issue that also should be addressed, so I'm
closing this PU request and will open a new one once I have the rest figured
out.
Scott K
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
Bug#1021205: marked as done (transition: simdjson)
Your message dated Thu, 3 Nov 2022 22:52:29 +0100 with message-id and subject line Re: Bug#1021205: transition: simdjson has caused the Debian Bug report #1021205, regarding transition: simdjson to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1021205: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021205 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Hi release team, I'd like to start the transition of simdjson. It has only two reverse dependencies in testing: cloudflare-ddns pcm Both of them passed my local test with amd64 host. Ben file: title = "simdjson"; is_affected = .depends ~ "libsimdjson9" | .depends ~ "libsimdjson13"; is_good = .depends ~ "libsimdjson13"; is_bad = .depends ~ "libsimdjson9"; Thank you for using reportbug --- End Message --- --- Begin Message --- On 2022-10-09 12:55:41 +0200, Emilio Pozuelo Monfort wrote: > On 07/10/2022 16:43, M. Zhou wrote: > > Thanks. It has been uploaded to unstable. > > binNMUs scheduled. … and all the old binaries got removed from testing. Closing. Cheers -- Sebastian Ramacher--- End Message ---
Bug#1023419: transition: freeglut
Control: tags -1 moreinfo Control: forwarded -1 https://release.debian.org/transitions/html/auto-freeglut.html On 2022-11-03 20:12:03 +0100, Anton Gladky wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > > > New version of freeglut library and binary renaming. > Reverse depends were rebuilt against new lib. > > > Ben file: > > title = "freeglut"; > is_affected = .depends ~ "freeglut3|freeglut3-dev" | .depends ~ > "libglut-dev|libglut3.12"; > is_good = .depends ~ "libglut-dev|libglut3.12"; > is_bad = .depends ~ "freeglut3|freeglut3-dev"; What's the deal with the renamed -dev package? Do we need sourceful uploads for all the reverse dependencies? What's the upgrade path for users? Or in other words: why is there no transitional freeglut3-dev package? Cheers -- Sebastian Ramacher
Processed: Re: Bug#1023419: transition: freeglut
Processing control commands: > tags -1 moreinfo Bug #1023419 [release.debian.org] transition: freeglut Added tag(s) moreinfo. > forwarded -1 https://release.debian.org/transitions/html/auto-freeglut.html Bug #1023419 [release.debian.org] transition: freeglut Set Bug forwarded-to-address to 'https://release.debian.org/transitions/html/auto-freeglut.html'. -- 1023419: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023419 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#1023352: transition: draco
Processing control commands: > tags -1 confirmed Bug #1023352 [release.debian.org] transition: draco Added tag(s) confirmed. -- 1023352: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023352 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1023352: transition: draco
Control: tags -1 confirmed On 2022-11-02 19:49:09 +0100, Timo Röhling wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > > Dear Release Team, > > I'd like to transition draco after the new release had a SONAME bump. > All reverse-dependencies build successfully on amd64. > > The auto-generated Ben tracker is good: > https://release.debian.org/transitions/html/auto-draco.html Please go ahead Cheers -- Sebastian Ramacher
Bug#1023423: bullseye-pu: package pysubnettree/0.33-1
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: 1005...@bugs.debian.org [ Reason ] Package is totally broken in Bullseye (see #1005044) and this fixes it. [ Impact ] Package remains unusable [ Tests ] None in this version. For unstable, I wrote an autopkgtest to detect if this issue happens again, but did not include it here to keep thing compact. I did manually replicate the problem on the current bullseye version of the package and then repeat the process with the update to verify the problem is corrected. [ Risks ] None. Package can't get more useless than it is currently. Fix is pretty trivial anyway. The problem was that (me being an idiot) managed to get one file used in the build process from upstream (swig 3) and one from the Debian build (swig 4) and that did not go well. [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable [*] the issue is verified as fixed in unstable [ Changes ] This is a swig package. To make sure that the package can be built from source, it has long moved SubnetTree_wrap.cc aside to force a rebuild. Unfortunately, I then put it back meanging that the pacakge got built with the upstream SubnetTree_wrap.cc and the SubnetTree.py from the rebuild. This was all fine until we switched to Swig 4 and they were no longer compatible. The update moves them both aside (and puts them back in clean so we leave the package like we found it) and doesn't put SubnetTree_wrap.cc back during the build so that both rebuilt files are used in the build. Also, fixed a minor error in clean, for completeness. [ Other info ] The identical fix is in Unstable in 0.36.1. diff -Nru pysubnettree-0.33/debian/changelog pysubnettree-0.33/debian/changelog --- pysubnettree-0.33/debian/changelog 2020-02-15 15:59:24.0 -0500 +++ pysubnettree-0.33/debian/changelog 2022-11-03 16:09:00.0 -0400 @@ -1,3 +1,11 @@ +pysubnettree (0.33-1+deb11u1) bullseye; urgency=medium + + * Fix moving/copying files in debian/rules so as not to leave a mix of +rebuilt and non-rebuilt files in the binary and update clean rule +(Closes: #1005044) + + -- Scott Kitterman Thu, 03 Nov 2022 16:09:00 -0400 + pysubnettree (0.33-1) unstable; urgency=medium * New upstream release diff -Nru pysubnettree-0.33/debian/rules pysubnettree-0.33/debian/rules --- pysubnettree-0.33/debian/rules 2020-02-15 12:28:51.0 -0500 +++ pysubnettree-0.33/debian/rules 2022-11-03 16:07:10.0 -0400 @@ -7,9 +7,9 @@ dh $@ --with python3 override_dh_auto_build: - mv $(CURDIR)/SubnetTree_wrap.cc $(CURDIR)/not.SubnetTree_wrap.cc + mv -n $(CURDIR)/SubnetTree_wrap.cc $(CURDIR)/not.SubnetTree_wrap.cc + mv -n $(CURDIR)/SubnetTree.py $(CURDIR)/not.SubnetTree.py dh_auto_build - mv $(CURDIR)/not.SubnetTree_wrap.cc $(CURDIR)/SubnetTree_wrap.cc override_dh_auto_install: dh_install -ppython3-subnettree @@ -20,8 +20,9 @@ override_dh_clean: dh_clean -cp -f $(CURDIR)/not.SubnetTree_wrap.cc $(CURDIR)/SubnetTree_wrap.cc - rm -f $(CURDIR)/not.SubnetTree_wrap.cc - rm -rf $(CURDIR)/build + -cp -f $(CURDIR)/not.SubnetTree.py $(CURDIR)/SubnetTree.py + rm -f $(CURDIR)/not.SubnetTree* + rm -rf $(CURDIR)/__pycache__ override_dh_auto_test: :
Bug#1023419: transition: freeglut
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition New version of freeglut library and binary renaming. Reverse depends were rebuilt against new lib. Ben file: title = "freeglut"; is_affected = .depends ~ "freeglut3|freeglut3-dev" | .depends ~ "libglut-dev|libglut3.12"; is_good = .depends ~ "libglut-dev|libglut3.12"; is_bad = .depends ~ "freeglut3|freeglut3-dev"; Thanks Anton
Bug#1023411: nmu: 2.4.3.7-4+b3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu nmu tripwire_2.4.3.7-4+b3 . ANY . unstable . -m "Rebuild with new libc (Closes #1022791)" Tripwire is statically build and libc updates break it. Thanks. -- Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico mailto/sip: a...@inittab.org | en GNU/Linux y software libre Encrypted mail preferred| http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
Processed: [php-codesniffer] Failing tests with PHP 8.2
Processing control commands: > block 1014460 by -1 Bug #1014460 [release.debian.org] transition: php8.2 1014460 was blocked by: 107 1023353 1023354 1023370 109 108 1014460 was not blocking any bugs. Added blocking bug(s) of 1014460: 1023381 -- 1014460: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014460 1023381: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023381 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
