Please merge netatalk_2.0.4~beta2-4.1(universe) from debian unstable
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
netatalk (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: netatalk
Debian has a new version to be merged.
netatalk (2.0.4~beta2-4.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix incomplete upstream patch for CVE-2008-5718 by
escaping every problematic character and not only those which
enables an attacker to execute arbitrary code
(213_
-- Nico Golde <email address hidden> Thu, 29 Jan 2009 11:32:54 +0100
netatalk (2.0.4~beta2-4) unstable; urgency=high
* Rebuild for unstable branch.
-- Jonas Smedegaard <email address hidden> Wed, 21 Jan 2009 18:20:47 +0100
netatalk (2.0.4~beta2-3) UNRELEASED; urgency=high
* Update debian/copyrights:
+ Merge entries with same owners and license (only differing years)
+ Consistently list years before owner
+ Sort owners
+ Explicitly include GAP licenses (wording vary slightly)
+ Fix GPL-2+ licensed files wrongly registered as GAP
* Keep urgency=high as 2.0.4~beta2-2 changes are still pending.
-- Jonas Smedegaard <email address hidden> Wed, 21 Jan 2009 18:08:44 +0100
netatalk (2.0.4~beta2-2) unstable; urgency=high
* Always use gcrypt. Simplify optional openssl support.
* Readd and update OpenSSL section to README.Debian, and improve NEWS
entry to clarify that Randnum UAM is no longer provided by default.
* Add patches 001-005 (but avoid applying some of them) to sync with
upstream development, fixing the following issues:
+ remove bogus default ppd _PATH_PAPDPPDFILE
+ remove signed/unsigned gcc warning
+ better handling of bogus ppd files
+ Remove ucb includes from Netatalk (i.e. drop SunOS 4.x support)
+ Fix off-by-one error in PPD file processing
+ Fix dhx2 logincont packet size
* Update copyright hints (no new owners or licenses).
* Explicitly build-depend on libdb4.2-dev (not libdb-dev).
* Mention MacOS X 10.5.x group ACL workaround in README.Debian.
Closes: bug#458174, thanks to Tim Miller Dyck.
* Set urgency=high due to possible security implications in above, and
due to accidentally linking against BerkeleyDB 4.6 in prior release.
-- Jonas Smedegaard <email address hidden> Wed, 21 Jan 2009 11:50:30 +0100
netatalk (2.0.4~beta2-1) unstable; urgency=high
* New upstream prerelease:
+ Quote chars in papd popen variables expansion (and other fixes to
papd). Fixes remote execution security hole CVE-2008-5718. Closes:
bug#510585.
* Mangle upstream tarball beta version.
* Drop patches 000 and 001 contained upstream now.
* Unfuzz patches 107, 109, 205 and 212.
* Unfuzz and enable patches 204a, 207a, 208, 209 and 211.
* Build new DHX2 UAM:
+ Build-depend on libgcrypt11-dev
+ Configure with --with-libgcrypt
+ Drop SSL note from README.Debian
+ Add NEWS entry regarding new and recommended DHX2 UAM
* Disable CDBS autotools reconfiguration.
* Update cdbs snippets:
+ Move dependency cleanup to new local snippet package-
+ Update copyright-check output to more closely match proposed new
copyright file format.
+ Several minor improvements to upstream-
+ Compact simple licenses (those without ' or later') in
copyright
+ Fix use underscore (not dash) in internal variable
+ Ignore only debian changelog and copyright-related files by
default in copyright-check.mk
+ Correct and update copyright hints of the snippets themselves
+ Update README.cdbs-tweaks.
* Add DEB_MAINTAINER_MODE in debian/rules (thanks to Romain Beauxis).
* Stop installing README.ids no longer provided upstream.
* Rewrite debian/copyright using new new format specification, and
update copyright hints.
* Semi-auto-update debian/control to update dependencies:
DEB_
* Set urgency=high due to security fix.
-- Jonas Smedegaard <email address hidden> Fri, 09 Jan 2009 05:52:18 +0100
Patch does not apply here:
daniel@ bert:~/ netatalk- 2.0.4~beta2$ patch -p1 < ../debian.debdiff changelog. rej bert:~/ netatalk- 2.0.4~beta2$
patching file debian/control.in
patching file debian/control
Hunk #1 FAILED at 1.
Hunk #2 FAILED at 15.
2 out of 2 hunks FAILED -- saving rejects to file debian/control.rej
patching file debian/changelog
Hunk #1 FAILED at 1.
Hunk #2 succeeded at 100 (offset 50 lines).
1 out of 2 hunks FAILED -- saving rejects to file debian/
daniel@