Sync hesiod 3.2.1-2 (main) from Debian unstable (main)

Bug #1164044 reported by Luke Faraone
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
hesiod (Ubuntu)
Fix Released
Wishlist
Adam Conrad

Bug Description

Please sync hesiod 3.2.1-1 (main) from Debian unstable (main)

Explanation of the Ubuntu delta and why it can be dropped:
  * Merge from Debian Unstable (LP: #1015869). Remaining Changes:
    - Fix FTBFS with ld --as-needed, resolve unresolved symbols in
    shared library.
The package no longer FTBFS.

Explanation of FeatureFreeze exception:
These changes have been tested by upstream, are desirable for our users. The IDN changes are built, but not enabled unless in a UTF-8 CHARSET.

Changelog entries since current raring version 3.0.2-21ubuntu1:

hesiod (3.2.1-1) unstable; urgency=low

  * New upstream release.

 -- Alexander Chernyakhovsky <email address hidden> Tue, 02 Apr 2013 17:21:02 -0400

hesiod (3.2.0-1) unstable; urgency=low

  * New upstream release.

 -- Alexander Chernyakhovsky <email address hidden> Sun, 24 Mar 2013 23:44:40 -0400

hesiod (3.1.1-1) unstable; urgency=low

  [ Evan Broder ]
  * Use libidn to internationalize a domain name.

 -- Alexander Chernyakhovsky <email address hidden> Sun, 24 Mar 2013 04:18:06 -0400

Revision history for this message
Luke Faraone (lfaraone) wrote :
Changed in hesiod (Ubuntu):
importance: Undecided → Wishlist
Luke Faraone (lfaraone)
description: updated
Revision history for this message
Alexander Chernyakhovsky (achernya) wrote :

The changes regarding libidn are as follows:
 * libidn is now a build dependency
 * libidn will be used to translate all names if available
 * libidn defaults to the ASCII charset unless the environment variable CHARSET is set, meaning there are no changes in behavior: unicode names will continue to fail to resolve, but rather than failing due to the name not existing in DNS (which was invalid previously), it will now fail with EINVAL in libidn.
 * If CHARSET=UTF-8 (or similar) is set, then libidn will do the translation to punycode, resulting in a valid DNS name for the unicode character.

Revision history for this message
Alexander Chernyakhovsky (achernya) wrote :

I've pushed 3.2.1-2 into Debian, which fixes the FTBFS on buildds that do not have networking. I believe the package is ready for syncing, and should not an exception, as we're fairly far from the next release.

Luke Faraone (lfaraone)
summary: - FFe: Sync hesiod 3.2.1-1 (main) from Debian unstable (main)
+ Sync hesiod 3.2.1-2 (main) from Debian unstable (main)
Changed in hesiod (Ubuntu):
status: New → Triaged
assignee: nobody → Luke Faraone (lfaraone)
Luke Faraone (lfaraone)
information type: Public → Public Security
Revision history for this message
Alexander Chernyakhovsky (achernya) wrote :

Version 3.2.1 includes a minor security fix that affects setuid binaries that use hesiod, in which they could be subverted as confused deputies (https://github.com/achernya/hesiod/commit/fb5778afcc17671282eab183b766c61ccdf41a34). This patch was present in Fedora for a long time, prior to the 3.2.1 release.

Adam Conrad (adconrad)
Changed in hesiod (Ubuntu):
assignee: Luke Faraone (lfaraone) → Adam Conrad (adconrad)
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers