Your message dated Wed, 15 Mar 2023 16:22:09 +0000
with message-id <[email protected]>
and subject line Re: Bug#1033004: unblock: libevent/2.1.12-stable-8
has caused the Debian Bug report #1033004,
regarding unblock: libevent/2.1.12-stable-8
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1033004: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033004
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package libevent
[ Reason ]
libevent in testing has a ftbfs bug with glibc 2.36: #1023284
[ Impact ]
The package libevent 2.1.12-stable-5 recompiled with glibc 2.36 breaks the ABI
by removing the symbol evutil_secure_rng_add_bytes.
[ Tests ]
Tests and autopkgtest passed
[ Risks ]
Low risks, the issue has been discussed upstream
(https://github.com/libevent/libevent/issues/1393) and the patrch, which is
already implemented in other distribs, has been accepted upstream
(https://github.com/libevent/libevent/pull/1427). The patch noops the function
evutil_secure_rng_add_bytes when arc4random is already provided by the system.
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
[ Other info ]
The package should have been update sooner (before freeze), the first attempt
was to change the package name to libevent-2.1-7a, as in Ubuntu, the new
package went in NEW queue and was rejected (2.1.12-stable-7), then then
question was asked upstream to find a better solution.
Thanks in advance!
/Nicolas
unblock libevent/2.1.12-stable-8
diff -Nru libevent-2.1.12-stable/debian/changelog
libevent-2.1.12-stable/debian/changelog
--- libevent-2.1.12-stable/debian/changelog 2022-04-15 11:26:52.000000000
-0400
+++ libevent-2.1.12-stable/debian/changelog 2023-01-04 15:28:26.000000000
-0500
@@ -1,3 +1,30 @@
+libevent (2.1.12-stable-8) unstable; urgency=medium
+
+ * Upload to unstable
+ * Restore last unstable version
+ * d/patches: Add patch evutil_secure_rng_add_bytes_noop.patch
+ to make evutil_secure_rng_add_bytes noop with glibc's
+ implemtation of arc4random, thanks [email protected]!
+ (Closes: #1023284)
+ * d/control: upgrade Standards-Version to 4.6.2
+ * d/copyright: update year to 2023
+
+ -- Nicolas Mora <[email protected]> Wed, 04 Jan 2023 15:28:26 -0500
+
+libevent (2.1.12-stable-7) experimental; urgency=medium
+
+ * d/control: change package name to libevent-2.1-7a to update rdeps
+ (Closes: #1023284)
+
+ -- Nicolas Mora <[email protected]> Mon, 07 Nov 2022 07:14:20 -0500
+
+libevent (2.1.12-stable-6) experimental; urgency=medium
+
+ * d/symbols: remove symbol evutil_secure_rng_add_bytes
+ * d/control: upgrade Standards-Version to 4.6.1
+
+ -- Nicolas Mora <[email protected]> Wed, 02 Nov 2022 13:07:03 -0400
+
libevent (2.1.12-stable-5) unstable; urgency=medium
* d/control: Update maintainer
diff -Nru libevent-2.1.12-stable/debian/control
libevent-2.1.12-stable/debian/control
--- libevent-2.1.12-stable/debian/control 2022-04-15 11:26:42.000000000
-0400
+++ libevent-2.1.12-stable/debian/control 2023-01-04 15:28:26.000000000
-0500
@@ -4,7 +4,7 @@
Priority: optional
Build-Depends: debhelper-compat (= 13),
libssl-dev
-Standards-Version: 4.6.0
+Standards-Version: 4.6.2
Vcs-Git: https://salsa.debian.org/debian/libevent.git -b master
Vcs-Browser: https://salsa.debian.org/debian/libevent
Homepage: https://libevent.org/
diff -Nru libevent-2.1.12-stable/debian/copyright
libevent-2.1.12-stable/debian/copyright
--- libevent-2.1.12-stable/debian/copyright 2022-04-15 09:45:11.000000000
-0400
+++ libevent-2.1.12-stable/debian/copyright 2023-01-04 15:28:26.000000000
-0500
@@ -13,7 +13,7 @@
2007-2015 Anibal Monsalve Salazar <[email protected]>
2017-2020 Balint Reczey <[email protected]>
2022 Balint Reczey <[email protected]>
- 2022 Nicolas Mora <[email protected]>
+ 2022-2023 Nicolas Mora <[email protected]>
License: BSD-3-clause
Files: WIN32-Code/getopt.c
diff -Nru
libevent-2.1.12-stable/debian/patches/evutil_secure_rng_add_bytes_noop.patch
libevent-2.1.12-stable/debian/patches/evutil_secure_rng_add_bytes_noop.patch
---
libevent-2.1.12-stable/debian/patches/evutil_secure_rng_add_bytes_noop.patch
1969-12-31 19:00:00.000000000 -0500
+++
libevent-2.1.12-stable/debian/patches/evutil_secure_rng_add_bytes_noop.patch
2023-01-04 15:28:26.000000000 -0500
@@ -0,0 +1,40 @@
+Description: Make evutil_secure_rng_add_bytes noop with glibc's implemtation
of arc4random
+Author: Shengjing Zhu <[email protected]>
+Forwarded: not-needed
+--- a/evutil_rand.c
++++ b/evutil_rand.c
+@@ -190,14 +190,14 @@
+ ev_arc4random_buf(buf, n);
+ }
+
+-#if !defined(EVENT__HAVE_ARC4RANDOM) ||
defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM)
+ void
+ evutil_secure_rng_add_bytes(const char *buf, size_t n)
+ {
++#if defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM)
+ arc4random_addrandom((unsigned char*)buf,
+ n>(size_t)INT_MAX ? INT_MAX : (int)n);
+-}
+ #endif
++}
+
+ void
+ evutil_free_secure_rng_globals_(void)
+--- a/include/event2/util.h
++++ b/include/event2/util.h
+@@ -862,7 +862,6 @@
+ EVENT2_EXPORT_SYMBOL
+ int evutil_secure_rng_set_urandom_device_file(char *fname);
+
+-#if !defined(EVENT__HAVE_ARC4RANDOM) ||
defined(EVENT__HAVE_ARC4RANDOM_ADDRANDOM)
+ /** Seed the random number generator with extra random bytes.
+
+ You should almost never need to call this function; it should be
+@@ -879,7 +878,6 @@
+ */
+ EVENT2_EXPORT_SYMBOL
+ void evutil_secure_rng_add_bytes(const char *dat, size_t datlen);
+-#endif
+
+ #ifdef __cplusplus
+ }
diff -Nru libevent-2.1.12-stable/debian/patches/series
libevent-2.1.12-stable/debian/patches/series
--- libevent-2.1.12-stable/debian/patches/series 2022-04-14
19:37:51.000000000 -0400
+++ libevent-2.1.12-stable/debian/patches/series 2023-01-04
15:28:26.000000000 -0500
@@ -1 +1,2 @@
0001-Always-build-with-no-undefined.patch
+evutil_secure_rng_add_bytes_noop.patch
--- End Message ---
--- Begin Message ---
On Wed, Mar 15, 2023 at 11:22:03AM -0400, Nicolas Mora wrote:
> Please unblock package libevent
>
> [ Reason ]
> libevent in testing has a ftbfs bug with glibc 2.36: #1023284
Unblocked, thanks.
--
Jonathan Wiltshire [email protected]
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
--- End Message ---
