Package: release.debian.org Severity: normal Tags: buster User: release.debian....@packages.debian.org Usertags: pu
[ Reason ] It has been noted in #986119 that the upstream release tarballs for dwarf-fortress include shared libraries but no corresponding source code is available. The shared libraries in question are licensed under GPL and thus not distributable without source code. The affected files are not shipped in any binary packages. This update fixes the issue by repacking the source tarballs to exclude those files. [ Impact ] The package currently in buster is not distributable in its current form, so it has to be either updated or entirely removed from buster to cease violating the licenses of the affected files. [ Tests ] The now excluded files were not shipped in any binary package or used in the build process. Their removal should not have any affect on the binary packages. I confirmed (using diffoscope) that the built debian packages do not differ in content except in expected ways due to changed package metadata. I also manually confirmed that the game can be successfully started and basic interactions inside the game still work. [ Risks ] Since the removed files are not part of any binary packages, it can be easily confirmed that their removal has no negative effect. I see virtually no risk introduced by this update. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] The source tarball has been repacked to exclude these files: * libs/libgcc_s.so.1 * libs/libstdc++.so.6 * libs/libgcc_s.so.1 * libs/libstdc++.so.6 Additionally a note about the repacked tarball has been added to debian/copyright and the version mangling in debian/watch has been updated to deal with the new +dsfg1 version suffix.
Binärdateien /tmp/OJJcX56xZH/dwarf-fortress-0.44.12/amd64/libs/libgcc_s.so.1 und /tmp/JM3ObfSHmq/dwarf-fortress-0.44.12+dfsg1/amd64/libs/libgcc_s.so.1 sind verschieden. Binärdateien /tmp/OJJcX56xZH/dwarf-fortress-0.44.12/amd64/libs/libstdc++.so.6 und /tmp/JM3ObfSHmq/dwarf-fortress-0.44.12+dfsg1/amd64/libs/libstdc++.so.6 sind verschieden. diff -Nru dwarf-fortress-0.44.12/debian/changelog dwarf-fortress-0.44.12+dfsg1/debian/changelog --- dwarf-fortress-0.44.12/debian/changelog 2018-07-08 15:03:52.000000000 +0200 +++ dwarf-fortress-0.44.12+dfsg1/debian/changelog 2021-03-31 19:01:19.000000000 +0200 @@ -1,3 +1,10 @@ +dwarf-fortress (0.44.12+dfsg1-0+deb10u1) buster; urgency=high + + * Remove unnecessary code copies with license violations from source + tarball. (Closes: #986119) + + -- Sven Bartscher <kritzef...@debian.org> Wed, 31 Mar 2021 19:01:19 +0200 + dwarf-fortress (0.44.12-1) unstable; urgency=medium * New upstream version diff -Nru dwarf-fortress-0.44.12/debian/copyright dwarf-fortress-0.44.12+dfsg1/debian/copyright --- dwarf-fortress-0.44.12/debian/copyright 2018-07-08 14:13:41.000000000 +0200 +++ dwarf-fortress-0.44.12+dfsg1/debian/copyright 2021-03-31 19:01:19.000000000 +0200 @@ -11,6 +11,15 @@ do not grant all freedoms required by the DFSG. No modifications of the included binaries are permitted, and the binaries are not distributed with source code. +Comment: + Some files have been removed from the original source tarballs, because + they are licensed under the GPL, but no source is available for them. +Files-Excluded-amd64: + libs/libgcc_s.so.1 + libs/libstdc++.so.6 +Files-Excluded-i386: + libs/libgcc_s.so.1 + libs/libstdc++.so.6 Files: * Copyright: 2002-2018 Tarn Adams. All rights reserved. diff -Nru dwarf-fortress-0.44.12/debian/watch dwarf-fortress-0.44.12+dfsg1/debian/watch --- dwarf-fortress-0.44.12/debian/watch 2018-06-24 13:22:23.000000000 +0200 +++ dwarf-fortress-0.44.12+dfsg1/debian/watch 2021-03-31 19:01:19.000000000 +0200 @@ -1,7 +1,7 @@ version=4 -opts="uversionmangle=s/^/0./,component=amd64" \ +opts="uversionmangle=s/^/0./,dversionmangle=s/\+dfsg\d+//,component=amd64" \ http://bay12games.com/dwarves/older_versions.html \ df_(\d+)_(\d+)_linux@ARCHIVE_EXT@ debian -opts="uversionmangle=s/^/0./,component=i386" \ +opts="uversionmangle=s/^/0./,dversionmangle=s/\+dfsg\d+//,component=i386" \ http://bay12games.com/dwarves/older_versions.html \ df_(\d+)_(\d+)_linux32@ARCHIVE_EXT@ same Binärdateien /tmp/OJJcX56xZH/dwarf-fortress-0.44.12/i386/libs/libgcc_s.so.1 und /tmp/JM3ObfSHmq/dwarf-fortress-0.44.12+dfsg1/i386/libs/libgcc_s.so.1 sind verschieden. Binärdateien /tmp/OJJcX56xZH/dwarf-fortress-0.44.12/i386/libs/libstdc++.so.6 und /tmp/JM3ObfSHmq/dwarf-fortress-0.44.12+dfsg1/i386/libs/libstdc++.so.6 sind verschieden.
