Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock X-Debbugs-Cc: eribe...@debian.org
Dear Release Team, Please unblock package jailkit. [ Reason ] The upstream migrated the source code from Python2 to Python3 in a previous release (Debian revision 2.21-1). Recently, he released a new version to fix some issues (upstream/2.22). This new version fixes two bad lines, not compatibles with Python3 in file py/jk_update.in. In this week, the bug #991075 pointed a crash in the current revision in testing (2.21-3), caused by those two lines (without the fix), generating a crash in the jail environment when updating it. To fix, I made a patch over 2.21 version. [ Impact ] jailkit is a set of tools to generate chroot jails easily. If the unblock isn't granted, the final user will be able to create a chroot environment but it will not be updated. There is a security issue here, because the user will always work inside an outdated environment. [ Tests ] This fix was tested by the upstream, by the bug submitter (Jesse Norel) and by me. [ Risks ] This is a trivial fix and it has no risks. I made contact with the upstream to ask if this alone change could impact negatively in whole source code and the answer was "yes it is secure to change only those two lines"[1]. [1] https://lists.nongnu.org/archive/html/jailkit-dev/2021-07/msg00001.html [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] Debian bug: https://bugs.debian.org/991075 Upstream changes: https://cvs.savannah.nongnu.org/viewvc/jailkit/jailkit/py/jk_update.in?r1=1.16&r2=1.18&sortby=log Upstream contact: https://lists.nongnu.org/archive/html/jailkit-dev/2021-07/msg00000.html unblock jailkit/2.21-4
diff -Nru jailkit-2.21/debian/changelog jailkit-2.21/debian/changelog --- jailkit-2.21/debian/changelog 2020-08-24 10:23:23.000000000 -0300 +++ jailkit-2.21/debian/changelog 2021-07-16 11:31:18.000000000 -0300 @@ -1,3 +1,13 @@ +jailkit (2.21-4) unstable; urgency=medium + + * debian/control: bumped Standards-Version to 4.5.1. + * debian/copyright: updated upstream and packaging copyright years. + * debian/patches/040_fix-crash-jk_update.patch: created to migrate two lines + from Python2 to 3, fixing Python3 compatibility and avoiding a crash when + updating the jail. (Closes: #991075) + + -- Joao Eriberto Mota Filho <eribe...@debian.org> Fri, 16 Jul 2021 11:31:18 -0300 + jailkit (2.21-3) unstable; urgency=medium * debian/control: diff -Nru jailkit-2.21/debian/control jailkit-2.21/debian/control --- jailkit-2.21/debian/control 2020-08-24 10:23:23.000000000 -0300 +++ jailkit-2.21/debian/control 2021-07-16 11:31:18.000000000 -0300 @@ -3,7 +3,7 @@ Priority: optional Maintainer: Joao Eriberto Mota Filho <eribe...@debian.org> Build-Depends: debhelper-compat (= 13), dh-python, python3-all -Standards-Version: 4.5.0 +Standards-Version: 4.5.1 Rules-Requires-Root: no Homepage: https://olivier.sessink.nl/jailkit/ Vcs-Browser: https://salsa.debian.org/debian/jailkit diff -Nru jailkit-2.21/debian/copyright jailkit-2.21/debian/copyright --- jailkit-2.21/debian/copyright 2020-08-24 10:23:23.000000000 -0300 +++ jailkit-2.21/debian/copyright 2021-07-16 11:31:18.000000000 -0300 @@ -4,7 +4,7 @@ Source: https://olivier.sessink.nl/jailkit/ Files: * -Copyright: 2003-2019 Olivier Sessink <o...@users.sourceforge.net> +Copyright: 2003-2021 Olivier Sessink <o...@users.sourceforge.net> License: BSD-3-Clause Files: man/* @@ -23,7 +23,7 @@ License: LGPL-2+ Files: debian/* -Copyright: 2019-2020 Joao Eriberto Mota Filho <eribe...@debian.org> +Copyright: 2019-2021 Joao Eriberto Mota Filho <eribe...@debian.org> License: BSD-3-Clause License: BSD-3-Clause diff -Nru jailkit-2.21/debian/patches/040_fix-crash-jk_update.patch jailkit-2.21/debian/patches/040_fix-crash-jk_update.patch --- jailkit-2.21/debian/patches/040_fix-crash-jk_update.patch 1969-12-31 21:00:00.000000000 -0300 +++ jailkit-2.21/debian/patches/040_fix-crash-jk_update.patch 2021-07-16 11:31:18.000000000 -0300 @@ -0,0 +1,36 @@ +Description: Fix Python3 compatibility, avoiding a crash when updating jail +Author: Olivier Sessink <oliv...@bluefish.openoffice.nl> +Bug-Debian: https://bugs.debian.org/991075 +Origin: https://cvs.savannah.nongnu.org/viewvc/jailkit/jailkit/py/jk_update.in?r1=1.16&r2=1.18 +Forwarded: not-needed +Last-Update: 2021-07-16 +Index: jailkit/py/jk_update.in +=================================================================== +--- jailkit.orig/py/jk_update.in ++++ jailkit/py/jk_update.in +@@ -1,6 +1,6 @@ + #!/usr/bin/python + # +-#Copyright (c) 2006, 2007, Olivier Sessink ++#Copyright (c) 2006, 2007, 2020, 2021 Olivier Sessink + #All rights reserved. + # + #Redistribution and use in source and binary forms, with or without +@@ -260,7 +260,7 @@ def main(): + tmp = jk_lib.config_get_option_as_list(cfg,configsection,'skips') + for entry in tmp: + skips.append(entry) +- if (not config.has_key('hardlink') and cfg.has_option(configsection,'hardlink')): ++ if ('hardlink' not in config and cfg.has_option(configsection,'hardlink')): + try: + tmp = int(cfg.get(section,'hardlink')) + config['hardlink'] = tmp +@@ -269,7 +269,7 @@ def main(): + tmp = jk_lib.config_get_option_as_list(cfg,configsection,'directories') + for entry in tmp: + dirs.append(entry) +- if (not config.has_key('hardlink')): ++ if ('hardlink' not in config): + config['hardlink'] = 0 + if (jail[-1:]=='/'): + jail = jail[:-1] diff -Nru jailkit-2.21/debian/patches/series jailkit-2.21/debian/patches/series --- jailkit-2.21/debian/patches/series 2020-08-24 10:23:23.000000000 -0300 +++ jailkit-2.21/debian/patches/series 2021-07-16 11:31:18.000000000 -0300 @@ -1,3 +1,4 @@ 010_fix-spelling-manpages.patch 020_remove-duplicate-option.patch 030_fix-manpage-level.patch +040_fix-crash-jk_update.patch