Your message dated Sat, 29 Jun 2024 10:46:20 +0000
with message-id <e1snvb2-002biu...@coccia.debian.org>
and subject line Released with 12.6
has caused the Debian Bug report #1072984,
regarding bookworm-pu: package crowdsec-firewall-bouncer/0.0.25-4~deb12u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1072984: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072984
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: crowdsec-firewall-boun...@packages.debian.org
Control: affects -1 + src:crowdsec-firewall-bouncer
Hi,
[ Reason ]
I'd like to fix the #1071247/#1071248 pair in bookworm, which results in
crowdsec-firewall-bouncer's being broken on little-endian architectures
(addresses are getting logged just fine, but they're not passed over
correctly to the firewall layer).
I've checked with the security team, this doesn't warrant a DSA.
This is the daemon part (crowdsec-firewall-bouncer).
[ Impact ]
If the fix doesn't make it into stable, crowdsec-firewall-bouncer
remains broken on little-endian architectures.
[ Tests ]
Same checks as for unstable when I uploaded the fixes there:
- amd64 (LE, baremetal) before: KO
- amd64 (LE, baremetal) after: OK
- s390x (BE, debvm) before: OK
- s390x (BE, debvm) after: OK
[ Risks ]
Except for a possible regression on s390x (which isn't the case, see
previous section), it cannot be worse than it currently is.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in stable
[x] the issue is verified as fixed in unstable
Additionally, that reached testing.
[ Changes ]
Since there were already binNMUs for this package in p-u, with different
versions, I decided to err on the side of caution, and to propose a new
revision with a versioned build-dep on golang-github-google-nftables's
binary package; alternatively this package could be binNMU'd within p-u
once golang-github-google-nftables is available in p-u.
[ Other info ]
Previous bug report is the golang-github-google-nftables part.
Cheers,
--
Cyril Brulebois -- Debian Consultant @ DEBAMAX -- https://debamax.com/
diff -Nru crowdsec-firewall-bouncer-0.0.25/debian/changelog
crowdsec-firewall-bouncer-0.0.25/debian/changelog
--- crowdsec-firewall-bouncer-0.0.25/debian/changelog 2023-05-31
18:57:41.000000000 +0200
+++ crowdsec-firewall-bouncer-0.0.25/debian/changelog 2024-06-11
10:20:58.000000000 +0200
@@ -1,3 +1,18 @@
+crowdsec-firewall-bouncer (0.0.25-4~deb12u1) bookworm; urgency=medium
+
+ * Rebuild for bookworm.
+
+ -- Cyril Brulebois <cy...@debamax.com> Tue, 11 Jun 2024 10:20:58 +0200
+
+crowdsec-firewall-bouncer (0.0.25-4) unstable; urgency=high
+
+ * Set minimal version for the golang-github-google-nftables-dev build
+ dependency to ensure a working AddSet() function, i.e. no longer
+ reversing byte order for IPv4 and IPv6 addresses at the nftables level
+ on little-endian architectures (Closes: #1071248, See: #1071247).
+
+ -- Cyril Brulebois <cy...@debamax.com> Tue, 21 May 2024 10:15:36 +0200
+
crowdsec-firewall-bouncer (0.0.25-3) unstable; urgency=medium
* Fix failure to install if crowdsec is unpacked but not configured
diff -Nru crowdsec-firewall-bouncer-0.0.25/debian/control
crowdsec-firewall-bouncer-0.0.25/debian/control
--- crowdsec-firewall-bouncer-0.0.25/debian/control 2023-03-21
01:03:29.000000000 +0100
+++ crowdsec-firewall-bouncer-0.0.25/debian/control 2024-05-21
09:53:53.000000000 +0200
@@ -10,7 +10,7 @@
golang-github-coreos-go-systemd-dev,
golang-github-crowdsecurity-crowdsec-dev,
golang-github-crowdsecurity-go-cs-bouncer-dev,
- golang-github-google-nftables-dev,
+ golang-github-google-nftables-dev (>= 0.1.0-4~),
golang-golang-x-sys-dev,
golang-gopkg-natefinch-lumberjack.v2-dev,
golang-gopkg-tomb.v2-dev,
--- End Message ---
--- Begin Message ---
Version: 12.6
The upload requested in this bug has been released as part of 12.6.
--- End Message ---
