Please merge conntrack 1:0.9.7-1 (universe) from Debian unstable (main).

Bug #256380 reported by Bhavani Shankar on 2008-08-09
14
Affects Status Importance Assigned to Milestone
conntrack (Ubuntu)
Wishlist
Unassigned

Bug Description

Debian has a new version which has to be merged.

Related branches

We need a more rescent libnetfilter-conntrack to do that sync. Can you please make a sync request for that package too ?
Thanks!

Changed in conntrack:
status: New → Incomplete
Bhavani Shankar (bhavi) wrote :

yes sure....

Bhavani Shankar (bhavi) wrote :
Changed in conntrack:
status: Incomplete → New
Daniel Holbach (dholbach) wrote :

I ACKed bug 257880, but still there are some open questions:
 - This change was dropped, isn't it necessary any more? If so, why?
  * debian/rules: undef _FORTIFY_SOURCE so that it doesn't fail about ignored
    chdir() return value.
 - as far as I can tell this patch did not get upstream yet, why can it be dropped?
  * debian/patches: Add fix_includes_and_printf_usage.dpatch
    - #include <limits.h> in {main,ignore_pool}.c to get PATH_MAX and INT_MAX
    - local.c: Fix insecure printf usage

Changed in conntrack:
status: New → Incomplete
Bhavani Shankar (bhavi) wrote :

Okay daniel, converting to a merge

description: updated
Changed in conntrack:
status: Incomplete → Confirmed
Daniel Holbach (dholbach) wrote :

1) this should still be part of the merge:
+ * Added large-integer-gcc43.dpatch,unused-input-gcc43.dpatch,
+ printf-time-long.dpatch,fix_includes_and_printf_usage.dpatch
+ to patches/00.list.

2) It fails to build:
x86_64-linux-gnu-gcc -DPACKAGE_NAME=\"conntrack-tools\" -DPACKAGE_TARNAME=\"conntrack-tools\" -DPACKAGE_VERSION=\"0.9.7\"
-DPACKAGE_STRING=\"conntrack-tools\ 0.9.7\" -DPACKAGE_BUGREPORT=\"<email address hidden>\" -DPACKAGE=\"conntrack-tools\"
-DVERSION=\"0.9.7\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1
-DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1
-DHAVE_LINUX_CAPABILITY_H=1 -DHAVE_LIBNFNETLINK=1 -DHAVE_LIBNETFILTER_CONNTRACK=1 -DHAVE_ARPA_INET_H=1 -DHAVE_INET_PTON=1
-DHAVE_INET_PTON_IPV6=1 -I. -I../include -std=gnu99 -W -Wall -Werror -Wmissing-prototypes -Wwrite-strings -Wcast-qual
-Wfloat-equal -Wshadow -Wpointer-arith -Wbad-function-cast -Wsign-compare -Waggregate-return -Wmissing-declarations
-Wredundant-decls -Wnested-externs -Winline -Wstrict-prototypes -Wundef -Wno-unused-parameter -g -O2 -fno-strict-aliasing
-DYY_NO_INPUT -U_FORTIFY_SOURCE -c main.c
main.c: In function 'main':
main.c:81: error: 'PATH_MAX' undeclared (first use in this function)
main.c:81: error: (Each undeclared identifier is reported only once
main.c:81: error: for each function it appears in.)
main.c:81: error: empty scalar initializer
main.c:81: error: (near initialization for 'config_file')
cc1: warnings being treated as errors
main.c:81: error: unused variable 'config_file'
make[2]: *** [main.o] Error 1
make[2]: Leaving directory `/tmp/buildd/conntrack-0.9.7/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/tmp/buildd/conntrack-0.9.7'
make: *** [debian/stamp-build] Error 2
dpkg-buildpackage: failure: debian/rules build gave error exit status 2
pbuilder: Failed autobuilding of package
 -> Aborting with an error

3) You drop the dpatch bits in debian/control and debian/rules.

Daniel Holbach (dholbach) wrote :

Unsubscribing myself and ubuntu-universe-sponsors for now.

Changed in conntrack:
status: Confirmed → Incomplete
Manny Vindiola (serialorder) wrote :

I have merged this package and attached the debdiff for debian > ubuntu I alsu have ubuntu > ubuntu if desired. It is rather large.
pbuilder succesfully builds.

Changed in conntrack:
status: Incomplete → Confirmed
James Westby (james-w) wrote :

Hi,

I tweaked your patch a bit before uploading. Adding a patch system
to a package from Debian for a single patch is generally frowned upon,
so I backed that out and just applied the patch in-line.

Thanks,

James

Kees Cook (kees) wrote :

Please don't undefine FORTIFY_SOURCE. Instead, use this patch....

Manny Vindiola (serialorder) wrote :

Hi,

I only reintroduced the patch system that was being used in the previous version but in the future I should just apply directly?

Manny

James Westby (james-w) wrote :

Hi Manny,

If there is just a single patch against the Debian source then
adding a patch system that Debian doesn't have (even if it
was used in the previous Ubuntu version) is overkill.

If however you merge a package where a previous uploader added
a patch system then you may as well keep it.

Yours was a bit of a corner case, and some will disagree with me, but
I took the opportunity to remove the patch system while sponsoring.
You didn't do anything wrong, and the package would have worked
fine.

Thanks,

James

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package conntrack - 1:0.9.7-1.1ubuntu2

---------------
conntrack (1:0.9.7-1.1ubuntu2) jaunty; urgency=low

  * Patch from Kees Cook to not ignore return value of chdir call. Thanks
    Kees (LP: #256380)
  * Remove undef of _FORTIFY_SOURCE.
  * Error on fwrite failure in src/read_config_lex.c.

 -- James Westby <email address hidden> Mon, 24 Nov 2008 01:27:09 +0000

Changed in conntrack:
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers