Package: release.debian.org Severity: normal Tags: jessie User: release.debian....@packages.debian.org Usertags: pu
curlftpfs is misbuilt on 64-bit architectures due to a missing prototype for getpass() (the implicit prototype causes a pointer-to-integer truncation), see #795879 My proposed fix is just a rebuild of the sid package for jessie. Andreas
diff -Nru curlftpfs-0.9.2/debian/changelog curlftpfs-0.9.2/debian/changelog --- curlftpfs-0.9.2/debian/changelog 2014-05-15 10:23:06.000000000 +0200 +++ curlftpfs-0.9.2/debian/changelog 2016-01-09 19:39:13.000000000 +0100 @@ -1,3 +1,17 @@ +curlftpfs (0.9.2-9~deb8u1) jessie; urgency=medium + + * Non-maintainer upload with maintainer approval. + * Rebuild for jessie. + + -- Andreas Beckmann <a...@debian.org> Sat, 09 Jan 2016 19:38:52 +0100 + +curlftpfs (0.9.2-9) unstable; urgency=medium + + * Avoid unsafe cast for getpass() on 64-bit archs. Closes: #795879. + * Bump Standards-Version to 3.9.6. + + -- Vincent Bernat <ber...@debian.org> Mon, 17 Aug 2015 18:51:14 +0200 + curlftpfs (0.9.2-8) unstable; urgency=medium * Fix inconsistent use of _XOPEN_SOURCE flag. Closes: #748143. diff -Nru curlftpfs-0.9.2/debian/control curlftpfs-0.9.2/debian/control --- curlftpfs-0.9.2/debian/control 2014-05-10 09:47:33.000000000 +0200 +++ curlftpfs-0.9.2/debian/control 2015-08-17 18:53:36.000000000 +0200 @@ -6,7 +6,7 @@ libglib2.0-dev, libcurl4-gnutls-dev, libfuse-dev, dh-autoreconf Build-Conflicts: libcurl4-openssl-dev -Standards-Version: 3.9.5 +Standards-Version: 3.9.6 Homepage: http://curlftpfs.sourceforge.net Vcs-Svn: svn://anonscm.debian.org/collab-maint/deb-maint/curlftpfs/trunk/ Vcs-Browser: http://anonscm.debian.org/viewvc/collab-maint/deb-maint/curlftpfs/trunk/ diff -Nru curlftpfs-0.9.2/debian/patches/getpass-prototype.patch curlftpfs-0.9.2/debian/patches/getpass-prototype.patch --- curlftpfs-0.9.2/debian/patches/getpass-prototype.patch 1970-01-01 01:00:00.000000000 +0100 +++ curlftpfs-0.9.2/debian/patches/getpass-prototype.patch 2015-08-17 18:50:43.000000000 +0200 @@ -0,0 +1,20 @@ +Description: add getpass() prototype + This function has been deprecated and is not declared with + _XOPEN_SOURCE>=600. To avoid fiddling too much with feature flags, we + just add its prototype to ensure a correct declaration. +Forwarded: no (dead upstream) +Bug: #795879 + +Index: curlftpfs-0.9.2/ftpfs.c +=================================================================== +--- curlftpfs-0.9.2.orig/ftpfs.c ++++ curlftpfs-0.9.2/ftpfs.c +@@ -36,6 +36,8 @@ + + #define MAX_BUFFER_LEN (300*1024) + ++extern char *getpass(const char *prompt); ++ + struct ftpfs ftpfs; + static char error_buf[CURL_ERROR_SIZE]; + diff -Nru curlftpfs-0.9.2/debian/patches/series curlftpfs-0.9.2/debian/patches/series --- curlftpfs-0.9.2/debian/patches/series 2014-05-15 10:13:21.000000000 +0200 +++ curlftpfs-0.9.2/debian/patches/series 2015-08-17 18:47:12.000000000 +0200 @@ -3,3 +3,4 @@ nocache-memleak-fix.patch curlftpfs__no_verify_hostname.patch consistent-feature-flag.patch +getpass-prototype.patch