Your message dated Wed, 17 May 2023 22:25:09 +0000
with message-id <[email protected]>
and subject line unblock krb5
has caused the Debian Bug report #1036234,
regarding unblock: krb5/1.20.1-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1036234: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036234
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:krb5
Please unblock package krb5
[ Reason ]
My fix for 1020424 was incomplete.
Even with that fix applied, you can end up installing the new crypto library
with the old libkrb5support.
Unfortunately because of some internal changes that can cause segfaults.
I've changed the .symbols file, and now libk5crypto depends on the new
libkrb5support.
As a consequence the entire krb5 library upgrade from bullseye to bookworm
needs to be done lockstep.
I try to avoid that, but apt appears to deal with it fine.
[ Impact ]
If the user mixes krb5 library versions from bullseye and bookworm they can get
segfaults until they upgrade fully.
[ Tests ]
I've confirmed that libk5crypto3 now has tight dependencies manually.
[ Risks ]
Very minimal diff.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
diff --git a/debian/changelog b/debian/changelog
index cc56e29b95..39cc059e25 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+krb5 (1.20.1-2) unstable; urgency=medium
+
+ * Tighten dependencies on libkrb5support0. This means that the entire
+ upgrade from bullseye to bookworm needs to be lockstep, but it appears
+ that's what is required, Closes: #1036055
+
+
+ -- Sam Hartman <[email protected]> Mon, 15 May 2023 17:44:41 -0600
+
krb5 (1.20.1-1) unstable; urgency=high
[ Bastian Germann ]
diff --git a/debian/libkrb5support0.symbols b/debian/libkrb5support0.symbols
index 827d80898a..5c3de884f5 100644
--- a/debian/libkrb5support0.symbols
+++ b/debian/libkrb5support0.symbols
@@ -65,8 +65,8 @@ libkrb5support.so.0 libkrb5support0 #MINVER#
k5_set_error_info_callout_fn@krb5support_0_MIT 1.12~alpha1+dfsg
k5_siphash24@krb5support_0_MIT 1.18.2
k5_strerror_r@krb5support_0_MIT 1.13~alpha1+dfsg
- k5_utf16le_to_utf8@krb5support_0_MIT 1.16
- k5_utf8_to_utf16le@krb5support_0_MIT 1.16
+ k5_utf16le_to_utf8@krb5support_0_MIT 1.20
+ k5_utf8_to_utf16le@krb5support_0_MIT 1.20
k5_vset_error@krb5support_0_MIT 1.12~alpha1+dfsg
krb5int_close_plugin@krb5support_0_MIT 1.7dfsg~beta2
krb5int_close_plugin_dirs@krb5support_0_MIT 1.7dfsg~beta2
unblock krb5/1.20.1-2
--- End Message ---
--- Begin Message ---
Unblocked.
--- End Message ---
