On 2021-09-06 11:59, Graham Inggs wrote: > Source: dazzdb > Version: 1.0+git20201103.8d98c37-1 > Severity: serious > Forwarded: https://github.com/thegenemyers/DAZZ_DB/issues/41 > X-Debbugs-CC: debian...@lists.debian.org > User: debian...@lists.debian.org > Usertags: needs-update > > Hi Maintainer > > Since the upload of glibc 2.32-1 to unstable, dazzdb's autopkgtests fail [1]. > > autopkgtest [05:31:22]: test run-unit-test: [----------------------- > /tmp/autopkgtest-lxc.mrzrjkw_/downtmp/build.u1T/src/debian/tests/run-unit-test: > line 53: 622 Segmentation fault DBstats -mdust G > result > autopkgtest [05:31:24]: test run-unit-test: -----------------------] > autopkgtest [05:31:24]: test run-unit-test: - - - - - - - - - - > results - - - - - - - - - - > run-unit-test FAIL non-zero exit status 139 > > The test log shows a segfault in DBstats. Further investigation in > the upstream bug report shows this is caused by an invalid read which > could already be detected with glibc 2.31, but did not crash.
As this is one of the blocker of the glibc 2.32 transition (the removal from testing is only planned on October 20th), I have done an NMU to fix the issue with the fix I suggested in the upstream BTS. Please find the debdiff attached. Regards, Aurelien -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net
diff -Nru dazzdb-1.0+git20201103.8d98c37/debian/changelog dazzdb-1.0+git20201103.8d98c37/debian/changelog --- dazzdb-1.0+git20201103.8d98c37/debian/changelog 2021-01-19 10:02:03.000000000 +0100 +++ dazzdb-1.0+git20201103.8d98c37/debian/changelog 2021-09-14 20:53:44.000000000 +0200 @@ -1,3 +1,10 @@ +dazzdb (1.0+git20201103.8d98c37-1.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix a use-after-free in DBstats (Closes: #993770) + + -- Aurelien Jarno <aure...@debian.org> Tue, 14 Sep 2021 20:53:44 +0200 + dazzdb (1.0+git20201103.8d98c37-1) unstable; urgency=medium * New upstream version diff -Nru dazzdb-1.0+git20201103.8d98c37/debian/patches/series dazzdb-1.0+git20201103.8d98c37/debian/patches/series --- dazzdb-1.0+git20201103.8d98c37/debian/patches/series 2021-01-19 10:02:03.000000000 +0100 +++ dazzdb-1.0+git20201103.8d98c37/debian/patches/series 2021-09-14 20:49:54.000000000 +0200 @@ -2,3 +2,4 @@ compiler-flags.patch destdir.patch cross.patch +use-after-free.patch diff -Nru dazzdb-1.0+git20201103.8d98c37/debian/patches/use-after-free.patch dazzdb-1.0+git20201103.8d98c37/debian/patches/use-after-free.patch --- dazzdb-1.0+git20201103.8d98c37/debian/patches/use-after-free.patch 1970-01-01 01:00:00.000000000 +0100 +++ dazzdb-1.0+git20201103.8d98c37/debian/patches/use-after-free.patch 2021-09-14 20:49:57.000000000 +0200 @@ -0,0 +1,16 @@ +Description: fix a use-after-free causing a segmentation fault with glibc 2.32 +Author: Aurelien Jarno <aure...@debian.org> +Forwarded: https://github.com/thegenemyers/DAZZ_DB/issues/41 +Last-Update: 2021-09-14 + +--- dazzdb-1.0+git20201103.8d98c37.orig/DBstats.c ++++ dazzdb-1.0+git20201103.8d98c37/DBstats.c +@@ -346,8 +346,6 @@ int main(int argc, char *argv[]) + } + } + printf("\n"); +- +- Close_Track(db,track); + } + } +
signature.asc
Description: PGP signature
