Hi Steven, hi Arthur
On Thu, May 02, 2013 at 11:55:22PM +0200, Arthur de Jong wrote:
> On Wed, 2013-05-01 at 23:05 +0100, Steven Chamberlain wrote:
> > I noticed (by chance) there is a problem with the squeeze-security
> > patch for #690319; it introduces a regression on kfreebsd and has not
> > built. I'm not sure where to find build logs of this, or if they are
> > public, but I think it is due to using a non-standard EBADFD errno
> > ("file descriptor in bad state").
>
> I don't think the security build logs are public (even after the
> advisory is released) and I hadn't noticed the buil failure before.
>
> > Perhaps EBADF ("is not a valid file descriptor" / "bad file number")
> > would be suitable instead and is more portable; please consider
> > attached bug690319-amend-1.diff
>
> This looks like the right approach. The exact value of errno doesn't
> make that much of a difference in this case.
>
> I've applied this change upstream and am willing to prepare a
> 0.7.15+squeeze4 package. I think it's up to the security team to decide
> whether this should go to stable or stable-security.
>
> One thing to consider is that I'd also like to fix RC bug #700971 (the
> bug report contains the patch that would be applied). People run into
> this bug when installing a security update for nss-pam-ldapd.
Thanks for notifying. Yes, indeed nss-pam-ldapd did not build for
kfreebsd-amd64 and kfreebsd-i386. As the FTBFS is a regression for the
kfreebsd builds when appliying the initial fix for CVE-2013-0288 I
think we should release an updated version targetting squeeze-security
to include the fix for it and send an updated DSA.
But I'm cc'ing also Moritz explicitly, who released this DSA, to get
an opinion from him.
Regards,
Salvatore
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
