Bug#1038824: bookworm-pu: package openvpn/2.6.3-1+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: open...@packages.debian.org Control: affects -1 + src:openvpn This -pu cherry-picks two fixes from upstream. One fixing a memory leak that is noticable on long running servers, and one dangling pointer that might lead to crashes. Both have been in 2.6.3-2 for about a month now, migrated to testing flawlessly and are part of the recent upstream stable release. There is nothing else in 2.6.3-2 that is not suitable for bookworm, I have just changed the version and set the correct branch in gbp.conf [ Reason ] Bugfix [ Impact ] Memory leak [ Tests ] Upstream has an extensive testsuite/CI coverage. Part of it is ran during build. [ Risks ] Isolated fixes that have been vetted upstream and have been part of an upstream release [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable Bernhard diff -Nru openvpn-2.6.3/debian/changelog openvpn-2.6.3/debian/changelog --- openvpn-2.6.3/debian/changelog 2023-04-13 09:19:40.0 +0200 +++ openvpn-2.6.3/debian/changelog 2023-06-21 21:41:33.0 +0200 @@ -1,3 +1,12 @@ +openvpn (2.6.3-1+deb12u1) bookworm; urgency=medium + + * Cherry-pick two bugfix commits from upstream +- Memory leak in dco_get_peer_stats_multi for Linux +- dangling pointer passed to pkcs11-helper + * d/gbp.conf: set branch to bookworm + + -- Bernhard Schmidt Wed, 21 Jun 2023 21:41:33 +0200 + openvpn (2.6.3-1) unstable; urgency=medium * New upstream version 2.6.2 diff -Nru openvpn-2.6.3/debian/gbp.conf openvpn-2.6.3/debian/gbp.conf --- openvpn-2.6.3/debian/gbp.conf 2023-04-13 09:19:40.0 +0200 +++ openvpn-2.6.3/debian/gbp.conf 2023-06-21 21:41:33.0 +0200 @@ -1,2 +1,3 @@ [DEFAULT] pristine-tar = True +debian-branch = debian/bookworm diff -Nru openvpn-2.6.3/debian/patches/fix-dangling-pointer-in-pkcs11.patch openvpn-2.6.3/debian/patches/fix-dangling-pointer-in-pkcs11.patch --- openvpn-2.6.3/debian/patches/fix-dangling-pointer-in-pkcs11.patch 1970-01-01 01:00:00.0 +0100 +++ openvpn-2.6.3/debian/patches/fix-dangling-pointer-in-pkcs11.patch 2023-06-21 21:41:33.0 +0200 @@ -0,0 +1,37 @@ +From 7e4becb4cd8be7f0d5ff80cf80877ea152f99830 Mon Sep 17 00:00:00 2001 +From: Selva Nair +Date: Tue, 9 May 2023 13:05:17 -0400 +Subject: [PATCH] Bugfix: dangling pointer passed to pkcs11-helper + +Github: Fixes OpenVPN/openvpn#323 + +Signed-off-by: Selva Nair +Acked-by: Gert Doering +Message-Id: <20230509170517.2637245-1-selva.n...@gmail.com> +URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26640.html +Signed-off-by: Gert Doering +(cherry picked from commit f4850745709c5b80ab7d09c03a86c5ceea6d10a2) +--- + src/openvpn/pkcs11_openssl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/openvpn/pkcs11_openssl.c b/src/openvpn/pkcs11_openssl.c +index eee86e17b6f..9b0ab39f9cf 100644 +--- a/src/openvpn/pkcs11_openssl.c b/src/openvpn/pkcs11_openssl.c +@@ -165,6 +165,7 @@ xkey_pkcs11h_sign(void *handle, unsigned char *sig, + { + pkcs11h_certificate_t cert = handle; + CK_MECHANISM mech = {CKM_RSA_PKCS, NULL, 0}; /* default value */ ++CK_RSA_PKCS_PSS_PARAMS pss_params = {0}; + + unsigned char buf[EVP_MAX_MD_SIZE]; + size_t buflen; +@@ -203,7 +204,6 @@ xkey_pkcs11h_sign(void *handle, unsigned char *sig, + } + else if (!strcmp(sigalg.padmode, "pss")) + { +-CK_RSA_PKCS_PSS_PARAMS pss_params = {0}; + mech.mechanism = CKM_RSA_PKCS_PSS; + + if (!set_pss_params(&pss_params, sigalg, cert)) diff -Nru openvpn-2.6.3/debian/patches/fix-memleak-in-dco_get_peer_stats_multi.patch openvpn-2.6.3/debian/patches/fix-memleak-in-dco_get_peer_stats_multi.patch --- openvpn-2.6.3/debian/patches/fix-memleak-in-dco_get_peer_stats_multi.patch 1970-01-01 01:00:00.0 +0100 +++ openvpn-2.6.3/debian/patches/fix-memleak-in-dco_get_peer_stats_multi.patch 2023-06-21 21:41:33.0 +0200 @@ -0,0 +1,33 @@ +From 5e8a571af165c867ccb9c4c9e6334620f42013ac Mon Sep 17 00:00:00 2001 +From: Frank Lichtenheld +Date: Mon, 15 May 2023 16:21:16 +0200 +Subject: [PATCH] DCO: fix memory leak in dco_get_peer_stats_multi for Linux + +Leaks a small amount of memory every 15s. + +Signed-off-by: Frank Lichtenheld +Acked-by: Antonio Quartulli +Message-Id: <20230515142116.33135-1-fr...@lichtenheld.com> +URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg26659.html +Signed-off-by: Gert Doering +(cherry picked from commit 276f7c86d70666bc2ab4e6192ef5f1dcbd6a230f) +--- + src/openvpn/dco_linux.c | 5 - + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c +index 796e6f
Processed: bookworm-pu: package openvpn/2.6.3-1+deb12u1
Processing control commands: > affects -1 + src:openvpn Bug #1038824 [release.debian.org] bookworm-pu: package openvpn/2.6.3-1+deb12u1 Added indication that 1038824 affects src:openvpn -- 1038824: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038824 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: transition: glibc 2.37
Processing control commands: > affects -1 + src:glibc Bug #1038820 [release.debian.org] transition: glibc 2.37 Added indication that 1038820 affects src:glibc -- 1038820: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038820 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1038820: transition: glibc 2.37
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition X-Debbugs-Cc: debian-gl...@lists.debian.org Control: affects -1 + src:glibc Dear release team, I would like to get a transition slot for glibc 2.37. It has been available in experimental for a bit more than a month and does not have any known issue. It has been built successfully on all release architectures and many ports architectures (technically 2.37-2 hasn't been built yet on mipsel and mips64el due to the buildds lagging, but 2.37-1 has been built successfully). As glibc is using symbol versioning, there is no soname change. That said a few packages are using libc internal symbols and have to be rebuilt for this transition. Here is the corresponding ben file: title = "glibc"; is_affected = .depends ~ /libc[0-9.]* \(<
Bug#1038813: bullseye-pu: package aide/0.17.3-4+deb11u2
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: a...@packages.debian.org Control: affects -1 + src:aide Dear stable releas team, this pre-upload request for the aide package is filed to ask for guidance whether this package is suitable for bullseye-proposed-updates. I have never done this before and am open for suggestions to improve and for documentation pointers. A fixed package has recently migrated to testing, the corresponding bookworm request is #1037945. [ Reason ] This update fixes #1037436, a "just" important bug that causes incorrect processing of extended attributes on symlinks that are monitored by aide. This is a fix suggested by upstream (who is also a DD). [ Impact ] Without this fix, Aide will wrongly process extended attributes for the file a symlink points to, which is not the intended behavior. The fixed aide will process the extended attributes of a symlink. [ Tests ] This bug is sadly not covered by automated tests. I created a symlink with extended attributes pointing to a file with different extended attributes and verified that actually the extended attributes of the symlink show up in the database. [ Risks ] Risks are that I goofed up in the fixes. [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Changes ] commit b1d036a82a336836f05ed0d6dcb0b4bab6c7501f (HEAD -> bullseye) Author: Marc Haber Date: Wed Jun 21 18:29:23 2023 +0200 prepare upload to bullseye Git-Dch: ignore commit 60e63ac4052724be4a2b078940e266e835e89bf7 Author: Marc Haber Date: Wed Jun 21 18:27:56 2023 +0200 refresh patch for bullseye Git-Dch: ignore commit f2912c100a5d3d9b37d4ab9318d5b8b9bf45025c Author: Marc Haber Date: Wed Jun 14 04:15:51 2023 +0200 Fix handling of extended attributes on symlinks Closes: #1037436 This fixes wrong behavior regarding extended attributes on symlinks. Prior versions of aide would wrongly process the extended attributes of the file a symlink points to. This fix makes aide correctly process the extended attributes of the link itself, which is the intended behavior. The fix for extended attributes on symlinks might lead to reported changed entries during the next AIDE run. You can use the `report_ignore_changed_attrs` option (see aide.conf(5)) to ignore changes of the xattrs attribute; but be aware that this will not only exclude the expected changes (of the symlink files) but also the unexpected changes (of other files). [ Other info ] source debdiff attached. A binary debdiff will be delivered on request. Please indicate whether this package might be a valid candidate to be in the next bullseye point release. Greetings Marc
Processed: bullseye-pu: package aide/0.17.3-4+deb11u2
Processing control commands: > affects -1 + src:aide Bug #1038813 [release.debian.org] bullseye-pu: package aide/0.17.3-4+deb11u2 Added indication that 1038813 affects src:aide -- 1038813: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038813 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Re: 11.8 planning
Hi, On 6/20/23 13:15, Adam D. Barratt wrote: The traditional cadence for oldstable point releases is four months, rather than two. That technically means that 11.8 would be due somewhere in late August to mid-September. So we could either punt 11.8 so it aligns with 12.2 rather than 12.1, or do 11.8 together with 12.1 and then align 11.9 with 12.3. ... The 1st would mean freezing this coming weekend, which is very tight. As per the 12.1 mail, either the 8th or 15th would work for me, with a preference for the latter. Given the explanation above though, I think the 22nd would be fine for 11.8 as well. I think pushing everything forward at this time would be advisable as several people have indicated that they need a breather. A slight delay may be ideal. -- Be well, -Donald -- - ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Donald Norwood ⢿⡄⠘⠷⠚⠋⠀ B7A1 5F45 5B28 7F38 4174 ⠈⠳⣄ D5E9 E5EC 4AC9 BD62 7B05 OpenPGP_signature Description: OpenPGP digital signature
Bug#1038115: transition: gdal
On 6/20/23 23:49, Sebastian Ramacher wrote: On 2023-06-15 17:15:27 +0200, Bas Couwenberg wrote: Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition X-Debbugs-Cc: g...@packages.debian.org Control: affects -1 + src:gdal Control: forwarded -1 https://release.debian.org/transitions/html/auto-gdal.html Control: block -1 by 1030129 998833 1037920 984398 1037976 For the Debian GIS team I'd like to transition to GDAL 3.7.0. Please go ahead. gdal (3.7.0+dfsg-1) has been uploaded to unstable and is now built & installed on all release architectures. Kind Regards, Bas -- GPG Key ID: 4096R/6750F10AE88D4AF1 Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
Processed: bookworm-pu: package gnome-maps/43.5-2~deb12u1
Processing control commands: > affects -1 + src:gnome-maps Bug #1038780 [release.debian.org] bookworm-pu: package gnome-maps/43.5-2~deb12u1 Added indication that 1038780 affects src:gnome-maps -- 1038780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038780 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036849: bookworm-pu: package gnome-software/43.5-1~deb12u1
Control: retitle -1 bookworm-pu: package gnome-software/43.5-1~deb12u1 On Sat, 27 May 2023 at 21:53:35 +0100, Simon McVittie wrote: > GNOME upstream has done a stable point release of gnome-software. This > doesn't seem urgent enough to want to break the freeze for, but it would > be good to get it in 12.1. ... > I have not uploaded to unstable due to the full freeze, and I can't > upload to experimental because GNOME 44 is already there. I uploaded to unstable after Debian 12 was released, and that version migrated to testing with no apparent regressions. The version I'm now proposing is a simple rebuild of what's in testing. Tested on a bookworm system (browse available packages, upgrade Flatpak apps, install a Flatpak app, install a .deb) and seems fine, and the upstream changes are really minimal, so I uploaded the proposed package. smcv diffstat for gnome-software-43.4 gnome-software-43.5 NEWS|7 data/metainfo/org.gnome.Software.metainfo.xml.in|8 debian/changelog| 17 ++ debian/gbp.conf |2 - debian/patches/01_details-Use-custom-icon-for-verified-developers.patch |4 +- debian/watch|2 - lib/gs-plugin-job-list-apps.c |1 lib/gs-plugin-job-manage-repository.c |2 + meson.build |2 - 9 files changed, 40 insertions(+), 5 deletions(-) diff -Nru gnome-software-43.4/data/metainfo/org.gnome.Software.metainfo.xml.in gnome-software-43.5/data/metainfo/org.gnome.Software.metainfo.xml.in --- gnome-software-43.4/data/metainfo/org.gnome.Software.metainfo.xml.in 2023-02-10 07:57:26.0 + +++ gnome-software-43.5/data/metainfo/org.gnome.Software.metainfo.xml.in 2023-03-03 11:34:54.0 + @@ -66,6 +66,14 @@ Validate with `appstreamcli validate *.metainfo.xml` --> + + +This is a stable release with the following change: + + Fix few memory leaks + + + This is a stable release with the following changes: diff -Nru gnome-software-43.4/debian/changelog gnome-software-43.5/debian/changelog --- gnome-software-43.4/debian/changelog 2023-02-10 18:27:14.0 + +++ gnome-software-43.5/debian/changelog 2023-06-16 11:33:47.0 +0100 @@ -1,3 +1,20 @@ +gnome-software (43.5-1~deb12u1) bookworm; urgency=medium + + * Team upload + * Rebuild for Debian 12 + + -- Simon McVittie Fri, 16 Jun 2023 11:33:47 +0100 + +gnome-software (43.5-1) unstable; urgency=medium + + * d/gbp.conf: Use upstream/43.x branch to import new upstream versions + * d/watch: Only watch for versions 43.x + * New upstream release 43.5 +- Fix some memory leaks (Closes: #1036312) + * Refresh patch series (no functional changes) + + -- Simon McVittie Tue, 13 Jun 2023 10:25:39 +0100 + gnome-software (43.4-1) unstable; urgency=medium * New upstream release diff -Nru gnome-software-43.4/debian/gbp.conf gnome-software-43.5/debian/gbp.conf --- gnome-software-43.4/debian/gbp.conf 2023-02-10 18:27:14.0 + +++ gnome-software-43.5/debian/gbp.conf 2023-06-16 11:33:47.0 +0100 @@ -1,7 +1,7 @@ [DEFAULT] pristine-tar = True debian-branch = debian/bookworm -upstream-branch = upstream/latest +upstream-branch = upstream/43.x [buildpackage] sign-tags = True diff -Nru gnome-software-43.4/debian/patches/01_details-Use-custom-icon-for-verified-developers.patch gnome-software-43.5/debian/patches/01_details-Use-custom-icon-for-verified-developers.patch --- gnome-software-43.4/debian/patches/01_details-Use-custom-icon-for-verified-developers.patch 2023-02-10 18:27:14.0 + +++ gnome-software-43.5/debian/patches/01_details-Use-custom-icon-for-verified-developers.patch 2023-06-16 11:33:47.0 +0100 @@ -29,7 +29,7 @@ + \ No newline at end of file diff --git a/src/gnome-software.gresource.xml b/src/gnome-software.gresource.xml -index 941dd40..2d1f2ff 100644 +index 4efe369..9f897a5 100644 --- a/src/gnome-software.gresource.xml +++ b/src/gnome-software.gresource.xml @@ -54,6 +54,7 @@ @@ -41,7 +41,7 @@ ../data/icons/system-component-addon.svg ../data/icons/system-component-application.svg diff --git a/src/gs-details-page.ui b/src/gs-details-page.ui -index 8b0e88b..4c120ef 100644 +index d3fad10..37c657b 100644 --- a/src/gs-details-page.ui +++ b/src/gs-details-page.ui @@ -173,7 +173,7 @@ diff -Nru gnome-software-43.4/debian/watch gnome-software-43.5/debian/watch --- gnome-software-43.4/debian/watch 2023-02-10 18:27:14.0 + +++ gnome-software-43.5/debian/watch 2023-06-16 11:33:47.0 +0100 @@ -1,4 +1,4 @@ version=4 opts="searchmode=p
Processed: Re: Bug#1036849: bookworm-pu: package gnome-software/43.5-1~deb12u1
Processing control commands: > retitle -1 bookworm-pu: package gnome-software/43.5-1~deb12u1 Bug #1036849 [release.debian.org] bookworm-pu: package gnome-software/43.5-0+deb12u1 Changed Bug title to 'bookworm-pu: package gnome-software/43.5-1~deb12u1' from 'bookworm-pu: package gnome-software/43.5-0+deb12u1'. -- 1036849: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036849 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1038777: bookworm-pu: package gnome-control-center/1:43.6-2~deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: gnome-control-cen...@packages.debian.org Control: affects -1 + src:gnome-control-center [ Reason ] New upstream stable release [ Impact ] Fixes several upstream bugs, which I would classify as severity normal to important in Debian terms. [ Tests ] A package functionally equivalent to the proposed version is in unstable and testing, without apparent regressions. Manual test: I upgraded a desktop system to the proposed version and navigated through various preferences panels, with no apparent issues. I haven't attempted to reproduce any specific bugs. [ Risks ] This is a key package, part of our default desktop environment. If there are regressions, then I would expect them to be of a magnitude similar to the issues fixed in this version. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] panels/display/cc-display-config-dbus.c: - Stop listing displays in the reverse of the intended order (gnome-control-center#2334 upstream) panels/display/cc-display-settings.c: - Add 32:9 as a well-known aspect ratio panels/network/connection-editor/net-connection-editor.c: - Fix a use-after-free crash when editing network connections panels/thunderbolt/cc-bolt-panel.c: - Fix a crash when cancelling authentication for Thunderbolt panels/user-accounts/cc-add-user-dialog.ui: - Remove a duplicate property from the "add user" UI panels/user-accounts/cc-avatar-chooser.c: - Automatically close user avatar chooser before showing file chooser (gnome-control-center#2315 upstream) - Fix an assertion failure when cropping an avatar panels/user-accounts/cc-crop-area.c: - Restore the default cursor when leaving the dialog to crop an avatar (gnome-control-center#2359 upstream) panels/user-accounts/cc-user-panel.c: - Fix an assertion failure when activating the Users panel (gnome-control-center#2219 upstream) - Don't access User objects before they are fully loaded (gnome-control-center#2348, #2349 upstream) panels/user-accounts/user-utils.c: - Don't allow commas in users' "real name" field, because the GECOS encoding in /etc/passwd cannot represent those (gnome-control-center#888 upstream) panels/wwan/cc-wwan-data.c: - Populate list of previous WWAN (Mobile Network) connections more reliably, avoiding creation of duplicate connections in NetworkManager (gnome-control-center#1468 upstream) ... and there are also translation updates, which I've filtered out of the diff because they're rather large. debdiff *.dsc | filterdiff -p1 -x'debian/patches/*.patch' -x'po/*.po' diffstat for gnome-control-center-43.4.1 gnome-control-center-43.6 NEWS | 20 debian/changelog | 45 debian/patches/build-Look-for-snapd-glib-2.patch |2 debian/patches/keyboard-Allow-disabling-alternate-characters-key.patch |2 debian/watch |2 meson.build|2 panels/display/cc-display-config-dbus.c|2 panels/display/cc-display-settings.c |3 panels/network/connection-editor/net-connection-editor.c |2 panels/thunderbolt/cc-bolt-panel.c |7 panels/user-accounts/cc-add-user-dialog.ui |1 panels/user-accounts/cc-avatar-chooser.c |3 panels/user-accounts/cc-crop-area.c| 14 panels/user-accounts/cc-user-panel.c | 39 panels/user-accounts/user-utils.c | 10 panels/wwan/cc-wwan-data.c | 35 po/LINGUAS |1 po/ab.po | 4401 po/ca.po | 4858 ++--- po/fo.po | 9310 ++ po/fr.po | 6692 --- po/hu.po | 633 22 files changed, 20390 insertions(+), 5694 deletions(-) diff -Nru gnome-control-center-43.4.1/debian/changelog gnome-control-center-43.6/debian/changelog --- gnome-control-center-43.4.1/debian/changelog 2023-02-14 16:08:53.0
Processed: bookworm-pu: package gnome-control-center/1:43.6-2~deb12u1
Processing control commands: > affects -1 + src:gnome-control-center Bug #1038777 [release.debian.org] bookworm-pu: package gnome-control-center/1:43.6-2~deb12u1 Added indication that 1038777 affects src:gnome-control-center -- 1038777: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038777 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems