Your message dated Tue, 11 Jul 2023 18:26:26 +0100
with message-id
<03717766f02a89cd395cb1b5f767df3d40e46557.ca...@adam-barratt.org.uk>
and subject line Re: Bug#1040858: nmu: libnginx-mod-http-modsecurity_1.0.3-1+b1
has caused the Debian Bug report #1040858,
regarding nmu: libnginx-mod-http-modsecurity_1.0.3-1+b3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1040858: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040858
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: libnginx-mod-http-modsecur...@packages.debian.org, Ervin Hegedüs
<airw...@gmail.com>
Control: affects -1 + src:libnginx-mod-http-modsecurity
Control: block 1040799 by -1
nmu libnginx-mod-http-modsecurity_1.0.3-1+b3 . ANY . unstable . -m "rebuild
against pcre2 (Closes: #1037226)"
The situation is explained in more details in #1040799, but the gist
is that src:libnginx-mod-http-modsecurity is currently compiled against "old"
PCRE3 instead
of "new" PCRE2, and thus is broken in unstable, testing and stable..
This were the events that lead to the issue:
- nginx uploaded with OLD PCRE
- libnginx-mod-http-modsecurity entered NEW and had been accepted
- it uses the OLD PCRE, as it is compiled against libmodsecurity3, which uses
PCRE at that time
- nginx uploaded with NEW PCRE2
- modsecurity uploaded with PCRE2
Situation:
nginx -> PCRE2
modsecurity -> PCRE2
libnginx-mod-http-modsecurity -> OLD PCRE
--> a binnmu will rectify that.
As Adam said in #1040799, this needs to be fixed first in unstable, this is
why I'm filing this bug. ("b3" is required to ensure that unstable is newr than
stable)
--
tobi
--- End Message ---
--- Begin Message ---
On Tue, 2023-07-11 at 17:14 +0100, Adam D. Barratt wrote:
> On Tue, 2023-07-11 at 17:01 +0200, Tobias Frost wrote:
> > nmu libnginx-mod-http-modsecurity_1.0.3-1+b3 . ANY . unstable . -m
> > "rebuild against pcre2 (Closes: #1037226)"
> >
> [...]
> > As Adam said in #1040799, this needs to be fixed first in unstable,
> > this is
> > why I'm filing this bug. ("b3" is required to ensure that unstable
> > is
> > newr than stable)
> >
>
> FTR, the syntax for that is:
>
> nmu 3 libnginx-mod-http-modsecurity . ANY . unstable . -m "rebuild
> against pcre2 (Closes: #1037226)"
>
Scheduled.
For clarity, I agree with Paul that this is likely to be papering over
a real bug in one or more of the packages involved, which should be
resolved. Unfortunately, it's also the best solution I can think of
that doesn't leave the package broken in stable for at least another
two months. :-(
Regards,
Adam
--- End Message ---
