Bug#1040142: bookworm-pu: package aide/0.18.3-1+deb12u2

[Marc Haber]

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: a...@packages.debian.org
Control: affects -1 + src:aide

Dear stable release team,

this pre-upload request for the aide package is filed to ask for
guidance whether this package is suitable for bookworm-proposed-updates

[ Reason ]
This update augments 0.18.3-1+deb12u1 which has already been accepted
for bookworm-pu last week. It fixes #1039936, an important bug that is a
regression from bullseye and affects directory processing when using
equals rules.

[ Impact ]
Without this bug fixes, equals rules concerning directories are
incorrectly processed, which differs from the way that bullseye's aide
handled this case and also differs from the way operation is documented.
Debian's default configuration doesn't use equals rules and is therefore
not affected, but local configurations might be.

[ Tests ]
Sadly, none.

[ Risks ]
The fix is reasonably simple, and we have done manual tests.

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
In aide-0.18.3/debian/aide-common.postinst a typo in a version number in
a comment is fixed, which reduces ambiguity and will reduce the size of
future diffs.
aide-0.18.3/debian/patches/debian-bug-1039936 adds the actual patch. It
has been cherry-picked from upstream's 0.18.5 release.

[ Other info ]
The attached debdiff is the debdiff between 0.18.3-1+deb12u1, which is
already in bookworm-proposed-updates and the newly suggested
0.18.3-1+deb12u2 which we are discussing right now. I hope this is the
right thing to do to save you from reviewing the 0.18.3-1+deb12u1
changes a second time.

Should you agree and tell me to go ahead with this upload, I'm planning
to do the upload after 0.18.5-1 has migrated to testing to make sure
that the version in testing and bookworm-pu have the issue both fixed.

Greetings
Marc

diff -Nru aide-0.18.3/debian/aide-common.postinst 
aide-0.18.3/debian/aide-common.postinst
--- aide-0.18.3/debian/aide-common.postinst     2023-06-14 17:04:20.000000000 
+0200
+++ aide-0.18.3/debian/aide-common.postinst     2023-07-01 14:37:51.000000000 
+0200
@@ -94,7 +94,7 @@
     chown --quiet _aide:root /var/lib/aide/aide.db /var/lib/aide/aide.db.new 
|| true
 fi
 if dpkg --compare-versions "$2" le 0.18.3-1; then
-    # we're updating from 0.18-3 or earlier, chown aideinit logs
+    # we're updating from 0.18.3-1 or earlier, chown aideinit logs
     chown --quiet _aide:adm /var/log/aide/aideinit.log 
/var/log/aide/aideinit.errors|| true
 fi
 
diff -Nru aide-0.18.3/debian/changelog aide-0.18.3/debian/changelog
--- aide-0.18.3/debian/changelog        2023-06-14 17:04:20.000000000 +0200
+++ aide-0.18.3/debian/changelog        2023-07-01 14:37:51.000000000 +0200
@@ -1,3 +1,10 @@
+aide (0.18.3-1+deb12u2) bookworm; urgency=medium
+
+  * Upstream patch to fix child directory processing on equal match
+    (Closes: #1039936)
+
+ -- Marc Haber <mh+debian-packa...@zugschlus.de>  Sat, 01 Jul 2023 14:37:51 
+0200
+
 aide (0.18.3-1+deb12u1) bookworm; urgency=medium
 
   * call dh_installsysusers manually in debian/rules
diff -Nru aide-0.18.3/debian/patches/debian-bug-1039936 
aide-0.18.3/debian/patches/debian-bug-1039936
--- aide-0.18.3/debian/patches/debian-bug-1039936       1970-01-01 
01:00:00.000000000 +0100
+++ aide-0.18.3/debian/patches/debian-bug-1039936       2023-07-01 
14:37:51.000000000 +0200
@@ -0,0 +1,21 @@
+Subject: Fix child directory proccessing on equal match
+Forwarded: not-needed
+Source: 
https://github.com/aide/aide/commit/cf5026bf0852d350030d6d1a7a0351573c9512e6
+--- a/src/db_disk.c
++++ b/src/db_disk.c
+@@ -171,13 +171,12 @@ void scan_dir(char *root_path, bool dry_
+ #endif
+                         switch (match) {
+                             case RESULT_SELECTIVE_MATCH:
++                            case RESULT_EQUAL_MATCH:
+                                 if (S_ISDIR(fs.st_mode)) {
+-                                    log_msg(log_level, "scan_dir: add child 
directory '%s' to scan stack (reason: selective match)", 
&entry_full_path[conf->root_prefix_length]);
++                                    log_msg(log_level, "scan_dir: add child 
directory '%s' to scan stack (reason: selective/equal match)", 
&entry_full_path[conf->root_prefix_length]);
+                                     queue_enqueue(stack, entry_full_path);
+                                     free_entry_full_path = false;
+                                 }
+-                            // fall through
+-                            case RESULT_EQUAL_MATCH:
+                                 if (!dry_run) {
+                                     handle_matched_file(entry_full_path, 
rule->attr, fs);
+                                 }
diff -Nru aide-0.18.3/debian/patches/series aide-0.18.3/debian/patches/series
--- aide-0.18.3/debian/patches/series   2023-06-14 17:04:20.000000000 +0200
+++ aide-0.18.3/debian/patches/series   2023-07-01 14:37:51.000000000 +0200
@@ -1,2 +1,3 @@
+debian-bug-1039936
 debian-bug-1037436
 compare-logs