Comment 4 for bug 1987569

[This is a patch for the security team to sponsor, so the Ubuntu Sponsors subscription can be removed from this bug. I have subscribed the ubuntu-security-sponsors team to make sure it is on our radar.]

Hey Luis, thanks for caring about the security of Ubuntu and preparing these debdffs.

While reviewing, I have noticed a couple of issues:

- please when submitting debdiffs for sponsorship use version numbers that are appropriate for the ubuntu archive; while I appreciate that you (I presume) built these in a ppa, please remove the ~ppaN version for the debdiff submission. I have fixed those up here.

- the focal debdiff contained only the changelog entry and nothing else. I'm not sure where your package preparation went wrong, but it may have been because there wasn't an existing debian/patches directory. Please make sure to review your debdiffs when submitting them to ensure they are as you expect them (you should also check the build logs for your prep builds to ensure the patch is actually getting applied). I went ahead and cherry-picked the upstream fix locally, and am attaching the resulting debdiff here.

- I reflowed the changelog entries to ensure they fit the expected width.

Comparison locally of build logs shows no new build warnings, and comparison of the resulting binaries with current versions shows
no api or other serious changes.

I have gone ahead and uploaded these to the ubuntu-security-proposed ppa (https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages) for building and testing; autopkgtests will get kicked off as well, but I see from the history for openconnect that the adt tests always fail, so that's not so helpful (fixing the tests in kinetic and debian would be be a great thing to do!)

Once the packages have successfully built, please test and report results here.

Thanks again!