Bug#1054237: marked as done (jdupes: data loss behaviour from fdupes)
Your message dated Sun, 03 Dec 2023 12:32:11 + with message-id and subject line Bug#1054237: fixed in jdupes 1.21.3-1+deb12u1 has caused the Debian Bug report #1054237, regarding jdupes: data loss behaviour from fdupes to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1054237: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054237 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: jdupes Version: 1.12-1 Severity: grave Tags: upstream patch Justification: causes non-serious data loss >From the upstream in a private message: jdupes inherited interactive deletion from fdupes and there were zero input safeguards. A user tried to use ranges "2-4" and files 3 and 4 were deleted, not preserved. This is a major data loss concern because the behavior is destructive and contrary to user expectations. In the latest commit I've placed heavy safeguards in the interactive deletion code that should prevent all of the invalid input scenarios I can conceive. The commit 4888e85[1] can and should be immediately applied to ALL versions of jdupes that are being distributed. It should cleanly apply and work without modification to every remotely recent version spanning several years back. [1] https://codeberg.org/jbruchon/jdupes/commit/4888e85 --- End Message --- --- Begin Message --- Source: jdupes Source-Version: 1.21.3-1+deb12u1 Done: Joao Eriberto Mota Filho We believe that the bug you reported is fixed in the latest version of jdupes, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1054...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Joao Eriberto Mota Filho (supplier of updated jdupes package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 08 Nov 2023 11:24:57 -0300 Source: jdupes Architecture: source Version: 1.21.3-1+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Joao Eriberto Mota Filho Changed-By: Joao Eriberto Mota Filho Closes: 1054237 Changes: jdupes (1.21.3-1+deb12u1) bookworm; urgency=medium . * debian/patches/010_fix-data-loss.patch: created to avoid a potential data loss caused by a wrong message that induces the users to use a range of values with -d option. Currently, the -d option doesn't understand ranges. (Closes: #1054237) Checksums-Sha1: 6c1d5ab686bd8705ac42ac734d76380d33eac4f2 1922 jdupes_1.21.3-1+deb12u1.dsc db5167b2e1b12204daa80f1f8eea95e286af055e 14972 jdupes_1.21.3-1+deb12u1.debian.tar.xz 6841da72fa6d7eeb880225788e086e608bfdb858 5616 jdupes_1.21.3-1+deb12u1_source.buildinfo Checksums-Sha256: bed436beb76a21baaec221afc663146d1eac8582cb8585827b420c1b8564816e 1922 jdupes_1.21.3-1+deb12u1.dsc a5ba96516fc50f9f365798537fe4ed8164f3c11e7e7425e19639db541a13191a 14972 jdupes_1.21.3-1+deb12u1.debian.tar.xz 3ce336dd4fda089b99aa92d46f45a2f3718fb99e1fdf43f8685e79f10928dac0 5616 jdupes_1.21.3-1+deb12u1_source.buildinfo Files: cf29821824bf823a227b9ae10e26230c 1922 utils optional jdupes_1.21.3-1+deb12u1.dsc 7633c6ddb26570f368e26b919c88a551 14972 utils optional jdupes_1.21.3-1+deb12u1.debian.tar.xz 1bb4c67c3a9b7cc263533fed5f22656f 5616 utils optional jdupes_1.21.3-1+deb12u1_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEENX3LDuyVoBrrofDS3mO5xwTr6e8FAmVLnOAACgkQ3mO5xwTr 6e8A6g//eaAfxO+2QkmldubSlw/8ibfmDKlORxhSSZ6+n+0t9TGF4SrOT+bySvc8 /lNYBfpdYrCc6kS+oP9HdwOlzhnkiCaDF1Q4bZN0dFUiX9fIz03MF1kbQWMVfEaD jXCP6+dhB9DC2Ku0OVhO5/ecRv27pSNFnBKuocT29TzuBbKK4zUpA8g/KLGiNH/I dFMo8MnbriZ+WokXBWPh1Q6g1ldkAifRMIONBp8D7u79GVk+cJ/Tje0GrRACkIwE GWCD2Ce60SMOljwfXShTMiF8GlxyavIMSpHuyyKPNIBrIlqT34xJlM1kCCPNMcnQ Mq5m2RShdeWiRvn4d/PbgpR211LG7n4RUJ3CdgSnz6kCGZjMFwO/Qz7prfdoXFtN dgEEAsVT5ZxoV/tWtFxZwXYb0WEFUjxkKABQDNbz7OAVMJo/wd6Fo11wOjsotiP3 34RGigSa6QQR9YIph5WKHyQ+xAX7badqDPHlfVW3bf85lKY5DYkfsZ7FtoEB96/D rtbxqSU+eLl+CLeCOZxSs1yu6mWhuB/9uyRutHvTedHOFoAoUjMuSlhjfqlvnrK1 QGrSK+fd2jIDfesRcZbcOMNxmYYGYbKLAOrFsJrRGQQUrshEgopHF+psL6z5oeit xlBUPjwB1WkPSu4N8pH4nG+4v44xa9Sp4dWbNdcfjP3OV1zw6PI= =Xy52 -END PGP SIGNATURE End Message ---
Bug#1054237: marked as done (jdupes: data loss behaviour from fdupes)
Your message dated Thu, 19 Oct 2023 20:49:31 + with message-id and subject line Bug#1054237: fixed in jdupes 1.27.3-4 has caused the Debian Bug report #1054237, regarding jdupes: data loss behaviour from fdupes to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1054237: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054237 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: jdupes Version: 1.12-1 Severity: grave Tags: upstream patch Justification: causes non-serious data loss >From the upstream in a private message: jdupes inherited interactive deletion from fdupes and there were zero input safeguards. A user tried to use ranges "2-4" and files 3 and 4 were deleted, not preserved. This is a major data loss concern because the behavior is destructive and contrary to user expectations. In the latest commit I've placed heavy safeguards in the interactive deletion code that should prevent all of the invalid input scenarios I can conceive. The commit 4888e85[1] can and should be immediately applied to ALL versions of jdupes that are being distributed. It should cleanly apply and work without modification to every remotely recent version spanning several years back. [1] https://codeberg.org/jbruchon/jdupes/commit/4888e85 --- End Message --- --- Begin Message --- Source: jdupes Source-Version: 1.27.3-4 Done: Joao Eriberto Mota Filho We believe that the bug you reported is fixed in the latest version of jdupes, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1054...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Joao Eriberto Mota Filho (supplier of updated jdupes package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 19 Oct 2023 13:40:10 -0300 Source: jdupes Architecture: source Version: 1.27.3-4 Distribution: unstable Urgency: medium Maintainer: Joao Eriberto Mota Filho Changed-By: Joao Eriberto Mota Filho Closes: 1054237 Changes: jdupes (1.27.3-4) unstable; urgency=medium . * debian/patches/020_fix-data-loss.patch: created to avoid a potential data loss caused by a wrong message that induces the users to use a range of values with -d option. Currently, the -d option doesn't understand ranges. (Closes: #1054237) Checksums-Sha1: 264740eaef8a988cb220f3ab26bb82f17bec0502 1907 jdupes_1.27.3-4.dsc 071ff93f81e63bd6e64681eff1a3e328113e7083 15312 jdupes_1.27.3-4.debian.tar.xz dd8d4ce6b3ada2f889888c40d94291893b624b3c 6090 jdupes_1.27.3-4_source.buildinfo Checksums-Sha256: a9baa90d82c10d37702bb2765c39f25c9283b5cc01c2152f811622ac71ce9cf2 1907 jdupes_1.27.3-4.dsc 97d1cdcde0c95d27a1bb9f121911e52c89ea6a9ac7743be2ef6fdc452fce1646 15312 jdupes_1.27.3-4.debian.tar.xz 60c71b2b3bf6d1d8036b759456f02204288c8caf4b61de5f28e27ae0c0a287e5 6090 jdupes_1.27.3-4_source.buildinfo Files: 40c0e90834276069b947a11b3d73471a 1907 utils optional jdupes_1.27.3-4.dsc 642c1273bdeed15c3eb33ec674ebd335 15312 utils optional jdupes_1.27.3-4.debian.tar.xz cd586755c3574a7c1ecc24887534785d 6090 utils optional jdupes_1.27.3-4_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEENX3LDuyVoBrrofDS3mO5xwTr6e8FAmUxj/MACgkQ3mO5xwTr 6e8t2w//XBTSrNLRwDcCZmeKj2Gjw5i10HqL/bzAkB9Nhw+HoazbTrvKCo+hL/Tv vuhtbmpcnHnHEXbmMZRKi87GlPvdsddmreyVJbGRiZrUJIBtTShdbtGokuphqMSU 49KhNATj0FLaBMzhAaRDYzjzCVoZbNoJEQMDdB/pTb2oenQoSlqkmpLhePBvUlBT RM+PAwjs1oyjj8Mjs5IKTtxLqid+bgL/eniFbZhSuVXCHWWT2p/mnh8ifA17gSwN lJFzAyTLpjsA9I097Dg5MC62KGichXCYbzdr4X1W9FVR+WkcWm2M2/zQeIh6sK1/ SqQ+0jGvSnpfek7tSAjIWpE1APzetUy81NnxlquxhvZXqUOCS1Q1XTMxB1XNl3YW p3Q4JYeW8iqKpuxb9n7AipSWE9VgyHuBRwKQKBlrwiuQCtNfvrSegtX4HY/cyqC5 yEHGcq6HnF/5liamMton/GtjBmzHqFa2Wy4JNgd8p4qadRZzrRoO2Byex/4BQx1+ LxB62eHCK7EwEKAOSYg28sowDEgo60Vo5N4u6ypYeDJnEnh6BH39UUxUDKqHoGdj lE1lPlLV4GOTLDbPx9F5SszqDYnju0JyX1ayvy8PNkxSZ2GBP++TmOfty84KpeAU qkWk+LSH5Zt8w3fZSn6JCPBldAmLhTvlP8GRg/1LkL0CeTkwdnE= =361m -END PGP SIGNATURE End Message ---
