Your message dated Mon, 08 Mar 2021 23:09:13 +0000
with message-id <[email protected]>
and subject line Bug#983067: fixed in xz-utils 5.2.5-2
has caused the Debian Bug report #983067,
regarding xz-utils: diff for NMU version 5.2.5-1.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
983067: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983067
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: xz-utils
Version: 5.2.5-1.0
Severity: normal
Tags: patch pending
Dear maintainer,
I've prepared an NMU for xz-utils (versioned as 5.2.5-1.1) and
plan to upload it to DELAYED/5 after an ACK from the release team.
It contains a cherry-pick of the patches for #844770 and #975981 as
applied by upstream.
Please feel free to tell me if I should delay it longer.
Regards.
Sebastian
diff -Nru xz-utils-5.2.5/debian/changelog xz-utils-5.2.5/debian/changelog
--- xz-utils-5.2.5/debian/changelog 2020-12-28 11:25:06.000000000 +0100
+++ xz-utils-5.2.5/debian/changelog 2021-02-18 23:12:30.000000000 +0100
@@ -1,3 +1,10 @@
+xz-utils (5.2.5-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Update the patches for #844770 and #975981 to what upstream applied.
+
+ -- Sebastian Andrzej Siewior <[email protected]> Thu, 18 Feb 2021 23:12:30 +0100
+
xz-utils (5.2.5-1.0) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru xz-utils-5.2.5/debian/patches/0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch xz-utils-5.2.5/debian/patches/0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch
--- xz-utils-5.2.5/debian/patches/0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch 1970-01-01 01:00:00.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch 2021-02-17 23:52:05.000000000 +0100
@@ -0,0 +1,118 @@
+From: Lasse Collin <[email protected]>
+Date: Mon, 11 Jan 2021 22:01:51 +0200
+Subject: Scripts: Fix exit status of xzdiff/xzcmp.
+MIME-Version: 1.0
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
+
+This is a minor fix since this affects only the situation when
+the files differ and the exit status is something else than 0.
+In such case there could be SIGPIPE from a decompression tool
+and that would result in exit status of 2 from xzdiff/xzcmp
+while the correct behavior would be to return 1 or whatever
+else diff or cmp may have returned.
+
+This commit omits the -q option from xz/gzip/bzip2/lzop arguments.
+I'm not sure why the -q was used in the first place, perhaps it
+hides warnings in some situation that I cannot see at the moment.
+Hopefully the removal won't introduce a new bug.
+
+With gzip the -q option was harmful because it made gzip return 2
+instead of >= 128 with SIGPIPE. Ignoring exit status 2 (warning
+from gzip) isn't practical because bzip2 uses exit status 2 to
+indicate corrupt input file. It's better if SIGPIPE results in
+exit status >= 128.
+
+With bzip2 the removal of -q seems to be good because with -q
+it prints nothing if input is corrupt. The other tools aren't
+silent in this situation even with -q. On the other hand, if
+zstd support is added, it will need -q since otherwise it's
+noisy in normal situations.
+
+Thanks to Étienne Mollier and Sebastian Andrzej Siewior.
+---
+ src/scripts/xzdiff.in | 35 +++++++++++++++++++++--------------
+ 1 file changed, 21 insertions(+), 14 deletions(-)
+
+diff --git a/src/scripts/xzdiff.in b/src/scripts/xzdiff.in
+index eb7825c..98ac0e5 100644
+--- a/src/scripts/xzdiff.in
++++ b/src/scripts/xzdiff.in
+@@ -116,23 +116,18 @@ elif test $# -eq 2; then
+ if test "$1$2" = --; then
+ xz_status=$(
+ exec 4>&1
+- ($xz1 -cdfq - 4>&-; echo $? >&4) 3>&- |
++ ($xz1 -cdf - 4>&-; echo $? >&4) 3>&- |
+ eval "$cmp" - - >&3
+ )
+ elif # Reject Solaris 8's buggy /bin/bash 2.03.
+ echo X | (echo X | eval "$cmp" /dev/fd/5 - >/dev/null 2>&1) 5<&0; then
++ # NOTE: xz_status will contain two numbers.
+ xz_status=$(
+ exec 4>&1
+- ($xz1 -cdfq -- "$1" 4>&-; echo $? >&4) 3>&- |
+- ( ($xz2 -cdfq -- "$2" 4>&-; echo $? >&4) 3>&- 5<&- </dev/null |
++ ($xz1 -cdf -- "$1" 4>&-; echo $? >&4) 3>&- |
++ ( ($xz2 -cdf -- "$2" 4>&-; echo $? >&4) 3>&- 5<&- </dev/null |
+ eval "$cmp" /dev/fd/5 - >&3) 5<&0
+ )
+- cmp_status=$?
+- case $xz_status in
+- *[1-9]*) xz_status=1;;
+- *) xz_status=0;;
+- esac
+- (exit $cmp_status)
+ else
+ F=`expr "/$2" : '.*/\(.*\)[-.][ablmotxz2]*$'` || F=$prog
+ tmp=
+@@ -161,10 +156,10 @@ elif test $# -eq 2; then
+ mkdir -- "${TMPDIR-/tmp}/$prog.$$" || exit 2
+ tmp="${TMPDIR-/tmp}/$prog.$$"
+ fi
+- $xz2 -cdfq -- "$2" > "$tmp/$F" || exit 2
++ $xz2 -cdf -- "$2" > "$tmp/$F" || exit 2
+ xz_status=$(
+ exec 4>&1
+- ($xz1 -cdfq -- "$1" 4>&-; echo $? >&4) 3>&- |
++ ($xz1 -cdf -- "$1" 4>&-; echo $? >&4) 3>&- |
+ eval "$cmp" - '"$tmp/$F"' >&3
+ )
+ cmp_status=$?
+@@ -175,7 +170,7 @@ elif test $# -eq 2; then
+ *)
+ xz_status=$(
+ exec 4>&1
+- ($xz1 -cdfq -- "$1" 4>&-; echo $? >&4) 3>&- |
++ ($xz1 -cdf -- "$1" 4>&-; echo $? >&4) 3>&- |
+ eval "$cmp" - '"$2"' >&3
+ );;
+ esac;;
+@@ -184,7 +179,7 @@ elif test $# -eq 2; then
+ *[-.][zZ] | *_z | *[-.][gx]z | *[-.]bz2 | *[-.]lzma | *.t[abglx]z | *.tbz2 | *[-.]lzo | *.tzo | -)
+ xz_status=$(
+ exec 4>&1
+- ($xz2 -cdfq -- "$2" 4>&-; echo $? >&4) 3>&- |
++ ($xz2 -cdf -- "$2" 4>&-; echo $? >&4) 3>&- |
+ eval "$cmp" '"$1"' - >&3
+ );;
+ *)
+@@ -197,5 +192,17 @@ else
+ fi
+
+ cmp_status=$?
+-test "$xz_status" -eq 0 || exit 2
++for num in $xz_status ; do
++ # 0 from decompressor means successful decompression. SIGPIPE from
++ # decompressor is possible when diff or cmp exits before the whole file
++ # has been decompressed. In that case we want to retain the exit status
++ # from diff or cmp. Note that using "trap '' PIPE" is not possible
++ # because gzip changes its behavior (including exit status) if SIGPIPE
++ # is ignored.
++ test "$num" -eq 0 && continue
++ test "$num" -ge 128 \
++ && test "$(kill -l "$num" 2> /dev/null)" = "PIPE" \
++ && continue
++ exit 2
++done
+ exit $cmp_status
diff -Nru xz-utils-5.2.5/debian/patches/0001-xzdiff-Trap-SIGPIPE.patch xz-utils-5.2.5/debian/patches/0001-xzdiff-Trap-SIGPIPE.patch
--- xz-utils-5.2.5/debian/patches/0001-xzdiff-Trap-SIGPIPE.patch 2020-12-28 11:20:29.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/0001-xzdiff-Trap-SIGPIPE.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,33 +0,0 @@
-From: Sebastian Andrzej Siewior <[email protected]>
-Date: Thu, 24 Dec 2020 20:56:15 +0100
-Subject: xzdiff: Trap SIGPIPE
-MIME-Version: 1.0
-Content-Type: text/plain; charset="utf-8"
-Content-Transfer-Encoding: 8bit
-
-The `cmp' command will return early if a difference is found while the
-shell script is still invoking the decompressor which writes into the
-closed FD. This results in SIGPIPE / exit code 141.
-By ignoring SIGPIPE the real return code from `cmp' is observed which is
-`1' and xzdiff exits with `1'. Without ignoring SIGPIPE the exitcode 141
-is observed and xzdiff returns with `2'.
-
-Reported to Debian BTS as #844770. Change suggested by Étienne Mollierö.
-
-BTS: https://bugs.debian.org/844770
-
-Signed-off-by: Sebastian Andrzej Siewior <[email protected]>
----
- src/scripts/xzdiff.in | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/scripts/xzdiff.in b/src/scripts/xzdiff.in
-index eb7825c..d343a88 100644
---- a/src/scripts/xzdiff.in
-+++ b/src/scripts/xzdiff.in
-@@ -1,4 +1,5 @@
- #!@POSIX_SHELL@
-+trap '' PIPE
-
- # Copyright (C) 1998, 2002, 2006, 2007 Free Software Foundation
- # Copyright (C) 1993 Jean-loup Gailly
diff -Nru xz-utils-5.2.5/debian/patches/0008-xz-Ignore-hard-link-count-if-not-deleting.patch xz-utils-5.2.5/debian/patches/0008-xz-Ignore-hard-link-count-if-not-deleting.patch
--- xz-utils-5.2.5/debian/patches/0008-xz-Ignore-hard-link-count-if-not-deleting.patch 2020-12-28 11:20:29.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/0008-xz-Ignore-hard-link-count-if-not-deleting.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,42 +0,0 @@
-From: Sebastian Andrzej Siewior <[email protected]>
-Date: Sun, 27 Dec 2020 15:27:31 +0100
-Subject: xz: Ignore hard link count if not deleting.
-
-xz refuses to decompress a file which has more than one hard link. It
-can be reproduced by (as per Vincent):
-|$ echo foo > file1
-|$ xz file1
-|$ ln file1.xz file2.xz
-|$ xz -dk file1.xz
-|xz: file1.xz: Input file has more than one hard link, skipping
-
-This behaviour is consistent with `gzip' and `bzip2' but it is not
-documented. The `--force' option would ignore this restriction.
-
-I traced it back in `gzip' to the 90s but the change was not documented
-as why it was needed. It was moved, altered but not documented. At some
-point the error was restricted to <= 2 which might be related to disk
-quota.
-
-Ignore hard link count on input.
-
-Debian BTS: https://bugs.debian.org/975981
-Reported-by: Vincent Lefevre <[email protected]>
-Signed-off-by: Sebastian Andrzej Siewior <[email protected]>
----
- src/xz/file_io.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/xz/file_io.c b/src/xz/file_io.c
-index 0ba8db8..7703e08 100644
---- a/src/xz/file_io.c
-+++ b/src/xz/file_io.c
-@@ -698,7 +698,7 @@ io_open_src_real(file_pair *pair)
- goto error;
- }
-
-- if (pair->src_st.st_nlink > 1) {
-+ if (pair->src_st.st_nlink > 1 && !opt_keep_original) {
- message_warning(_("%s: Input file has more "
- "than one hard link, "
- "skipping"), pair->src_name);
diff -Nru xz-utils-5.2.5/debian/patches/0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch xz-utils-5.2.5/debian/patches/0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch
--- xz-utils-5.2.5/debian/patches/0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch 1970-01-01 01:00:00.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch 2021-02-17 23:52:05.000000000 +0100
@@ -0,0 +1,79 @@
+From: Lasse Collin <[email protected]>
+Date: Mon, 11 Jan 2021 23:41:16 +0200
+Subject: xz: Make --keep accept symlinks, hardlinks,
+ and setuid/setgid/sticky.
+
+Previously this required using --force but that has other
+effects too which might be undesirable. Changing the behavior
+of --keep has a small risk of breaking existing scripts but
+since this is a fairly special corner case I expect the
+likehood of breakage to be low enough.
+
+I think the new behavior is more logical. The only reason for
+the old behavior was to be consistent with gzip and bzip2.
+
+Thanks to Vincent Lefevre and Sebastian Andrzej Siewior.
+---
+ src/xz/file_io.c | 9 +++++----
+ src/xz/xz.1 | 14 ++++++++++++++
+ 2 files changed, 19 insertions(+), 4 deletions(-)
+
+diff --git a/src/xz/file_io.c b/src/xz/file_io.c
+index 0ba8db8..51554f4 100644
+--- a/src/xz/file_io.c
++++ b/src/xz/file_io.c
+@@ -536,8 +536,9 @@ io_open_src_real(file_pair *pair)
+ }
+
+ // Symlinks are not followed unless writing to stdout or --force
+- // was used.
+- const bool follow_symlinks = opt_stdout || opt_force;
++ // or --keep was used.
++ const bool follow_symlinks
++ = opt_stdout || opt_force || opt_keep_original;
+
+ // We accept only regular files if we are writing the output
+ // to disk too. bzip2 allows overriding this with --force but
+@@ -674,7 +675,7 @@ io_open_src_real(file_pair *pair)
+ }
+
+ #ifndef TUKLIB_DOSLIKE
+- if (reg_files_only && !opt_force) {
++ if (reg_files_only && !opt_force && !opt_keep_original) {
+ if (pair->src_st.st_mode & (S_ISUID | S_ISGID)) {
+ // gzip rejects setuid and setgid files even
+ // when --force was used. bzip2 doesn't check
+@@ -683,7 +684,7 @@ io_open_src_real(file_pair *pair)
+ // and setgid bits there.
+ //
+ // We accept setuid and setgid files if
+- // --force was used. We drop these bits
++ // --force or --keep was used. We drop these bits
+ // explicitly in io_copy_attr().
+ message_warning(_("%s: File has setuid or "
+ "setgid bit set, skipping"),
+diff --git a/src/xz/xz.1 b/src/xz/xz.1
+index 4c14425..497940a 100644
+--- a/src/xz/xz.1
++++ b/src/xz/xz.1
+@@ -392,6 +392,20 @@ should be used.
+ .TP
+ .BR \-k ", " \-\-keep
+ Don't delete the input files.
++.IP ""
++Since
++.B xz
++5.4.0,
++this option also makes
++.B xz
++compress or decompress even if the input is
++a symbolic link to a regular file,
++has more than one hard link,
++or has the setuid, setgid, or sticky bit set.
++The setuid, setgid, and sticky bits are not copied
++to the target file.
++In earlier versions this was only done with
++.BR \-\-force .
+ .TP
+ .BR \-f ", " \-\-force
+ This option has several effects:
diff -Nru xz-utils-5.2.5/debian/patches/series xz-utils-5.2.5/debian/patches/series
--- xz-utils-5.2.5/debian/patches/series 2020-12-28 11:20:29.000000000 +0100
+++ xz-utils-5.2.5/debian/patches/series 2021-02-17 23:52:05.000000000 +0100
@@ -1,8 +1,8 @@
-0001-xzdiff-Trap-SIGPIPE.patch
+0001-Scripts-Fix-exit-status-of-xzdiff-xzcmp.patch
0002-Scripts-Add-zstd-support-to-xzgrep.patch
0003-src-xz-xz.1-Correct-misused-two-fonts-macros.patch
0004-xz-Avoid-the-abbreviation-e.g.-on-the-man-page.patch
0005-xz-Protect-the-ellipsis-.-on-the-man-page-with.patch
0006-xz-Use-non-breaking-spaces-when-intentionally-using-.patch
0007-xz-Avoid-unneeded-f-escapes-on-the-man-page.patch
-0008-xz-Ignore-hard-link-count-if-not-deleting.patch
+0008-xz-Make-keep-accept-symlinks-hardlinks-and-setuid-se.patch
--- End Message ---
--- Begin Message ---
Source: xz-utils
Source-Version: 5.2.5-2
Done: Sebastian Andrzej Siewior <[email protected]>
We believe that the bug you reported is fixed in the latest version of
xz-utils, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sebastian Andrzej Siewior <[email protected]> (supplier of updated
xz-utils package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 08 Mar 2021 23:01:54 +0100
Source: xz-utils
Architecture: source
Version: 5.2.5-2
Distribution: unstable
Urgency: medium
Maintainer: Jonathan Nieder <[email protected]>
Changed-By: Sebastian Andrzej Siewior <[email protected]>
Closes: 983067
Changes:
xz-utils (5.2.5-2) unstable; urgency=medium
.
* Non-maintainer upload (Closes: #983067).
* Upload to unstable.
Checksums-Sha1:
af2c5ee6ad05fb89f66ad8d2556458ed7de97bf3 2312 xz-utils_5.2.5-2.dsc
d466bb78c932da276543783ca772f8cfa25416d6 33532 xz-utils_5.2.5-2.debian.tar.xz
Checksums-Sha256:
fa2706f0c863bee4715460bc9103c6fb73ad2cbc12d8d6d7d5dced81ab349949 2312
xz-utils_5.2.5-2.dsc
7bf06a86c35cc6b21a7731df9e11d241f8d3c16b0fe6ed78d64506d1bc29b06e 33532
xz-utils_5.2.5-2.debian.tar.xz
Files:
6e18d3da8fa2aac34cbce1f097fdeada 2312 utils optional xz-utils_5.2.5-2.dsc
c06349e4be54e6f0858200996360400b 33532 utils optional
xz-utils_5.2.5-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEV4kucFIzBRM39v3RBWQfF1cS+lsFAmBGoAUACgkQBWQfF1cS
+lsR2wv8CMf+O+3hHW6rGfrmQuDs1+wfPSaManDwDe5v1Npj99yas0s3GY7y7Z35
VE52kiof1gpV8dRpWDiTPYmtmf4K672lNjTMHQnkm0wQtrucxepUV2uxvkFwzbxX
pUYF5mIOENkVGmN3hksSVt1wA6TWBbBIqf1rkmkRb9HcvuFb1lPcrJWXjn2OdwP6
8702oBTtbtdvEulCFoeDkv55MHO6eavmAlvkJ/kNLCOurcDkIMYUzMuJDWDroD1M
at25z7w+lstwKoQV1nDTLAtZrwg2Jt9eKmIwqLcMIJcghUZT/n/Rs+RIYtGnPl6T
LngWHYVh1MJTptDEW+DeQJKkTgmFy9XApWH8wdUY3TJiRbyjdYJmVRreeekssZxj
cMwWh7wgU++Gn3TRik+u1NpV6sXaR+kTsn5MQeMZDkptDyN6IhgEJMk1kpg6AkgD
PgFqhankfF7yr4kVo9zQMSjqxbTZ9W8Rb5k4gz8+sUdo5EmDyhz3dOe/BZC2S1sF
OR3IsRPM
=Com7
-----END PGP SIGNATURE-----
--- End Message ---