Bug#463195: marked as done (Please update to viewvc 1.0.4)

[Debian Bug Tracking System]

Your message dated Thu, 24 Apr 2008 21:02:26 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#463195: fixed in viewvc 1.0.5-0.1
has caused the Debian Bug report #463195,
regarding Please update to viewvc 1.0.4
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
463195: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463195
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems

--- Begin Message ---

Package: viewvc
Version: 1.0.3-2.1
Severity: wishlist
Tags: patch

Dear David / any other maintainers of ViewVC,

Thank you for packaging ViewVC!  Could you possibly update this
package to the latest released version, 1.0.4?

The only things that really need to change (apart from what is
unpacked by the viewvc_1.0.4.orig.tar.gz file, of course) are in
the debian directory:

  changelog
  patches/101_viewvc-install_Debian_paths

I am including a patch that I used to create my own (temporary)
version of the viewvc package, which you can download from
ftp://ftp.zap.org.au/pub/debian/dists/zapgroup-XXXX (for various
XXXX's: etch, sid, gutsy).

This change should be almost trivial to do.  Thank you in advance!

Yours truly,

John Zaitseff

-- 
John Zaitseff                    ,--_|\    The ZAP Group
Phone:  +61 2 9643 7737         /      \   Sydney, Australia
E-mail: [EMAIL PROTECTED]   \_,--._*   http://www.zap.org.au/
                                      v

diff -ruN viewvc/upstream/1.0.3-2.1/debian/changelog viewvc/tags/1.0.4-0.1zg1/debian/changelog
--- viewvc/upstream/1.0.3-2.1/debian/changelog	2008-01-24 14:16:10.000000000 +1100
+++ viewvc/tags/1.0.4-0.1zg1/debian/changelog	2008-01-30 09:31:02.000000000 +1100
@@ -1,3 +1,16 @@
+viewvc (1.0.4-0.1zg1) unstable; urgency=low
+
+  * New upstream release, packaged for the ZAP Group package repository.
+  * Updated patches/101_viewvc-install_Debian_paths for this release.
+
+ -- John Zaitseff <[EMAIL PROTECTED]>  Wed, 30 Jan 2008 09:23:10 +1100
+
+viewvc (1.0.3-2.1zg1) unstable; urgency=low
+
+  * Imported the upstream package into the ZAP Group package repository.
+
+ -- John Zaitseff <[EMAIL PROTECTED]>  Thu, 24 Jan 2008 14:39:57 +1100
+
 viewvc (1.0.3-2.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -ruN viewvc/upstream/1.0.3-2.1/debian/patches/101_viewvc-install_Debian_paths viewvc/tags/1.0.4-0.1zg1/debian/patches/101_viewvc-install_Debian_paths
--- viewvc/upstream/1.0.3-2.1/debian/patches/101_viewvc-install_Debian_paths	2008-01-24 14:16:10.000000000 +1100
+++ viewvc/tags/1.0.4-0.1zg1/debian/patches/101_viewvc-install_Debian_paths	2008-01-30 09:31:02.000000000 +1100
@@ -1,24 +1,24 @@
 Index: viewvc-install
 ===================================================================
---- viewvc-install.orig	2006-03-22 01:42:02.038375982 +0100
-+++ viewvc-install	2006-03-22 01:42:11.060273474 +0100
-@@ -122,16 +122,15 @@
- 
- def SetOnePath(contents, var, value):
+--- viewvc-install.orig	2008-01-29 17:39:15.000000000 +1100
++++ viewvc-install	2008-01-29 17:46:51.000000000 +1100
+@@ -118,7 +118,7 @@
+     """Replace instances of the variable VAR as found in file CONTENTS
+     with VALUE."""
      pattern = re.compile('^' + var + r'\s*=\s*.*$', re.MULTILINE)
 -    repl = '%s = r"%s"' % (var, os.path.join(ROOT_DIR, value))
 +    repl = '%s = r"%s"' % (var, value)
-     return re.sub(pattern, ReEscape(repl), contents)
+     return re.sub(pattern, _escape(repl), contents)
+ 
  
--
- def SetPythonPaths(contents):
+@@ -127,8 +127,8 @@
      if contents[:2] == '#!':
          shbang = '#!' + sys.executable
-         contents = re.sub('^#![^\n]*', ReEscape(shbang), contents)
--    contents = SetOnePath(contents, 'LIBRARY_DIR', 'lib')
--    contents = SetOnePath(contents, 'CONF_PATHNAME', 'viewvc.conf')
-+    contents = SetOnePath(contents, 'LIBRARY_DIR', '/usr/lib/viewvc')
-+    contents = SetOnePath(contents, 'CONF_PATHNAME', '/etc/viewvc/viewvc.conf')
+         contents = re.sub('^#![^\n]*', _escape(shbang), contents)
+-    contents = replace_var(contents, 'LIBRARY_DIR', 'lib')
+-    contents = replace_var(contents, 'CONF_PATHNAME', 'viewvc.conf')
++    contents = replace_var(contents, 'LIBRARY_DIR', '/usr/lib/viewvc')
++    contents = replace_var(contents, 'CONF_PATHNAME', '/etc/viewvc/viewvc.conf')
      return contents
  
  

--- End Message ---

--- Begin Message ---

Source: viewvc
Source-Version: 1.0.5-0.1

We believe that the bug you reported is fixed in the latest version of
viewvc, which is due to be installed in the Debian FTP archive:

viewcvs_1.0.5-0.1_all.deb
  to pool/main/v/viewvc/viewcvs_1.0.5-0.1_all.deb
viewvc-query_1.0.5-0.1_all.deb
  to pool/main/v/viewvc/viewvc-query_1.0.5-0.1_all.deb
viewvc_1.0.5-0.1.diff.gz
  to pool/main/v/viewvc/viewvc_1.0.5-0.1.diff.gz
viewvc_1.0.5-0.1.dsc
  to pool/main/v/viewvc/viewvc_1.0.5-0.1.dsc
viewvc_1.0.5-0.1_all.deb
  to pool/main/v/viewvc/viewvc_1.0.5-0.1_all.deb
viewvc_1.0.5.orig.tar.gz
  to pool/main/v/viewvc/viewvc_1.0.5.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christian Perrier <[EMAIL PROTECTED]> (supplier of updated viewvc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 31 Mar 2008 08:42:29 +0200
Source: viewvc
Binary: viewvc viewcvs viewvc-query
Architecture: source all
Version: 1.0.5-0.1
Distribution: unstable
Urgency: medium
Maintainer: David Martínez Moreno <[EMAIL PROTECTED]>
Changed-By: Christian Perrier <[EMAIL PROTECTED]>
Description: 
 viewcvs    - dummy package to migrate to ViewVC
 viewvc     - view CVS/SVN repositories via HTTP
 viewvc-query - utility to query CVS commit database
Closes: 426876 463195 471380 473466 476172
Changes: 
 viewvc (1.0.5-0.1) unstable; urgency=medium
 .
   * Non-maintainer upload to fix security, and pending l10n, issues
 .
   [ John Zaitseff ]
   * New upstream release, originally packaged by the ZAP Group
     (Closes: #471380, #463195).  Thanks to John Zaitseff for the patch
     Fixed:
     - CVE-2008-1290 - list CVS or SVN commits on "all-forbidden"
       files
     - CVE-2008-1291 - directly access hidden CVSROOT folders
     - CVE-2008-1292 - expose restricted content via the revision
       view, the log history, or the diff view
   * Updated the following files in the debian/patches subdirectory:
       series
       02_py2html_activation
       101_viewvc-install_Debian_paths
       102_viewvc.conf_Debian_customization
   * Updated debian/rules to install documentation in the docs directory
     and example templates in templates-contrib.
 .
   [ Christian Perrier ]
   * Debconf translations:
     - Vietnamese. Closes: #426876
   * [Lintian] Fix syntax in NEWS.Debian
   * [Lintian] Replace obsolete ${Source-Version} variable by
     ${source:Version}
   * Finnish. Closes: #473466
   * Basque. Closes: #476172
Checksums-Sha1: 
 bbc5a5ada8538e5bd002c11d2469700052ddcb06 1122 viewvc_1.0.5-0.1.dsc
 dccda7e35881a90662f638694f37b0aa2ecb1998 522323 viewvc_1.0.5.orig.tar.gz
 150587def80a3121b8ea096cf9575944ed6cf006 38214 viewvc_1.0.5-0.1.diff.gz
 da42e485ea022e4bb739827daf12e2e540ed6fc7 517036 viewvc_1.0.5-0.1_all.deb
 6db16de50cf0329a0205a70ce0efa0fb39faf0c7 17064 viewcvs_1.0.5-0.1_all.deb
 688cb1c188616484815a5dbb5c8c8867ab6a0c1f 22740 viewvc-query_1.0.5-0.1_all.deb
Checksums-Sha256: 
 80020428f7522db36c15833c94fc6bea60e3df1d342f087812a8114fd7f3caa4 1122 
viewvc_1.0.5-0.1.dsc
 0caf17fa0137231c0a78a5c57e758da73475212516d4758fe521def007a8fddd 522323 
viewvc_1.0.5.orig.tar.gz
 c0dec5a9591a9cab938f35dbf935488217d4c96a5fa40088fba2d65219420bc9 38214 
viewvc_1.0.5-0.1.diff.gz
 533011d1c1aa260f9a4ef19165a1678b75f174f024d415394c49e37b903a8578 517036 
viewvc_1.0.5-0.1_all.deb
 61fa4ced5011198398236aad9f8ef739d384839618b9a081665ba0efa3ea0cc8 17064 
viewcvs_1.0.5-0.1_all.deb
 2ff8ff46069b58432b028574761d6711abf611c54b828068e38c15c122385ba9 22740 
viewvc-query_1.0.5-0.1_all.deb
Files: 
 75413d5c721493e86730596b62651898 1122 devel optional viewvc_1.0.5-0.1.dsc
 8fc8107f937b9da481b14333a7fdb29d 522323 devel optional viewvc_1.0.5.orig.tar.gz
 1822958436d46696f77f04171d58f6d1 38214 devel optional viewvc_1.0.5-0.1.diff.gz
 bb7a253d043f5c526192287c31ba9073 517036 devel optional viewvc_1.0.5-0.1_all.deb
 258aeef6bda4aaf0d906ac9cc6e5604a 17064 devel optional viewcvs_1.0.5-0.1_all.deb
 9aba62d06808513242449f55d984db22 22740 devel optional 
viewvc-query_1.0.5-0.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIDtar1OXtrMAUPS0RAi12AJ9/l7wemWyXcKsc+38OcKwGFPTAogCaA+uo
yPTMgpp6F3L8mR3cHdAIE5E=
=TN62
-----END PGP SIGNATURE-----

--- End Message ---