Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Please unblock package docker.io. unblock docker.io/18.09.1+dfsg1-5+b10 I'd like to fix #925224 [1] for buster. The fix is trivial, and allows the docker's debootstrap script to work again when it queries security.debian.org, by following redirections. Please see bug for more details. I attached a source debdiff as mentioned in buster freeze policy [2]. Sorry for the inconvenience, Thanks! Arnaud [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925224 [2] https://release.debian.org/buster/freeze_policy.html. - -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -----BEGIN PGP SIGNATURE----- iQJTBAEBCgA9FiEE0Kl7ndbut+9n4bYs5yXoeRRgAhYFAly1Sk0fHGFybmF1ZC5y ZWJpbGxvdXRAY29sbGFib3JhLmNvbQAKCRDnJeh5FGACFgnpD/4yuJiQwCsyo/RD MgK3YGW6cr2wGd3VcrRuoIp7B1sVGO+fJej/dqAZWI2/prRqQaLc878bjF4ipR88 54k4CuCucdvvEcfz+lwaTuecQwzMzWNAQDwq1qUq1ImvusC9Od2Z276BF3+rMy2Y 8KyeJ3w+gCH/tAHAhqfWMFmkFUHujdoBMkXBgqZEUF1IjjYhW8Qg2bGyOysdt1vJ MCTaIWg/R5ZJWFG8Ef/jbOkCwXJxEBugaAk72lIG5K0ShoYyfuL94l3CPnklwecP t+6rmaEkHo9g1/y8OWIfr6c2I0znPannNGpMgOVSgTW5ABJDVnWyyR9n9veUnhw6 mAdbivorf6/ZopH7zEYYWAG5q5/5c1L/UWr+buJgPwFgpH+OMN1/BF4IB8PzryA1 QJ7SVXxxon7Hw+YosPXisuY3Riw6uFe9dhT0du1nqC0celOPFaxsd6SRBhlv3G6I ldwLTV41jGC71YHR7Dhqg14Nq5aSSCpR8CsF5YpvQIfgxH1XNEvMDrdHoueQlh6A dU0h3sBQJJz/BuOD2BVoYt+cMaU5qtnq49ZIK9T0XQGWrsytm3/UEM5gHHehDnVL c60Ah23D9EnFuQji5RfAHSLFn4ZHO2aGhBe5xJH4T461My3r5uMZmROeANbTZIK8 rq2IJ7ujE6NAVnDAaTYzANYytcbGZg== =4P6K -----END PGP SIGNATURE-----
diff -Nru docker.io-18.09.1+dfsg1/debian/changelog docker.io-18.09.1+dfsg1/debian/changelog --- docker.io-18.09.1+dfsg1/debian/changelog 2019-02-02 06:00:35.000000000 +0700 +++ docker.io-18.09.1+dfsg1/debian/changelog 2019-04-16 09:56:17.000000000 +0700 @@ -1,3 +1,9 @@ +docker.io (18.09.1+dfsg1-6) unstable; urgency=medium + + * Add patch to fix Debian security presence check (Closes: #925224). + + -- Arnaud Rebillout <arnaud.rebill...@collabora.com> Tue, 16 Apr 2019 09:56:17 +0700 + docker.io (18.09.1+dfsg1-5) unstable; urgency=medium * Install "containerd-shim" as "docker-containerd-shim" (Closes: #920935). diff -Nru docker.io-18.09.1+dfsg1/debian/patches/engine-contrib-debootstrap-curl-follow-location.patch docker.io-18.09.1+dfsg1/debian/patches/engine-contrib-debootstrap-curl-follow-location.patch --- docker.io-18.09.1+dfsg1/debian/patches/engine-contrib-debootstrap-curl-follow-location.patch 1970-01-01 08:00:00.000000000 +0800 +++ docker.io-18.09.1+dfsg1/debian/patches/engine-contrib-debootstrap-curl-follow-location.patch 2019-04-16 09:56:17.000000000 +0700 @@ -0,0 +1,25 @@ +From: Mattias Jernberg <nost...@gmail.com> +Date: Wed, 5 Dec 2018 19:35:17 +0100 +Subject: mkimage: Fix Debian security presence check + +Add Location following since security redirects to security-cdn and caused the repository to be added on Debian unstable. + +Signed-off-by: Mattias Jernberg <nost...@gmail.com> +Origin: upstream, https://github.com/docker/engine/commit/8db5403 +--- + contrib/mkimage/debootstrap | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/engine/contrib/mkimage/debootstrap b/engine/contrib/mkimage/debootstrap +index 9f7d8987ad2a..a919429b0bde 100755 +--- a/engine/contrib/mkimage/debootstrap ++++ b/engine/contrib/mkimage/debootstrap +@@ -193,7 +193,7 @@ if [ -z "$DONT_TOUCH_SOURCES_LIST" ]; then + case "$lsbDist" in + debian) + # updates and security! +- if curl -o /dev/null -s --head --fail "http://security.debian.org/dists/$suite/updates/main/binary-$(rootfs_chroot dpkg --print-architecture)/Packages.gz"; then ++ if curl -o /dev/null -s --head --location --fail "http://security.debian.org/dists/$suite/updates/main/binary-$(rootfs_chroot dpkg --print-architecture)/Packages.gz"; then + ( + set -x + sed -i " diff -Nru docker.io-18.09.1+dfsg1/debian/patches/series docker.io-18.09.1+dfsg1/debian/patches/series --- docker.io-18.09.1+dfsg1/debian/patches/series 2019-01-27 17:02:58.000000000 +0700 +++ docker.io-18.09.1+dfsg1/debian/patches/series 2019-04-16 09:56:17.000000000 +0700 @@ -12,6 +12,7 @@ cli-fix-manpages-build-script.patch cli-fix-registry-debug-message-go-1.11.patch +engine-contrib-debootstrap-curl-follow-location.patch engine-test-noinstall.patch go-metrics_prometheus-fix_Observer.patch