Your message dated Fri, 07 Nov 2014 14:07:54 +0000
with message-id <[email protected]>
and subject line Re: Bug#768451: unblock macchanger/1.7.0-3
has caused the Debian Bug report #768451,
regarding unblock macchanger/1.7.0-3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
768451: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768451
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
User: [email protected]
Usertags: unblock
Severity: important
unblock macchanger/1.7.0-3
All code in 1.7.0-3 was already included in Jessie in 1.7.0-1.1 and 1.7.0-2.
The NMU 1.7.0-1.1 fixed some crucial security/functionality issues (#738460
and #740947). Later, I made 1.7.0-2 directly from the package's git repo, but
the NMU changes were not committed to git, so it was not included. I then
included the 1.7.0-1.1 NMU code into the package's git, and made 1.7.0-3 and
uploaded it.
Here are the relevant changelog entries:
macchanger (1.7.0-3) unstable; urgency=low
* update debian/watch to point to new github repository
* include code from 1.7.0-1.1 NMU (Closes: #738460, #740947)
-- Hans-Christoph Steiner <[email protected]> Fri, 07 Nov 2014 12:56:56 +0100
macchanger (1.7.0-2) unstable; urgency=low
* automatically run macchanger, with option to disable
* automatically rotate the macchanger log
* add myself as Maintainer
* remove hard-coded LDFLAGS, let dh set them (Closes: #754391)
-- Hans-Christoph Steiner <[email protected]> Tue, 21 Oct 2014 16:01:55 -0400
macchanger (1.7.0-1.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix a grave security bug -- the macchanger program was fundamentally
not working correctly due to a bug in the debian local patch
08-fix_random_MAC_choice.patch. In fact, it was **breaking** the
random MAC choice!?! (Closes: #738460, #740947)
-- Theodore Y. Ts'o <[email protected]> Sun, 06 Jul 2014 20:32:38 -0400
$ debdiff macchanger_1.7.0-2.dsc macchanger_1.7.0-3.dsc
diff -Nru macchanger-1.7.0/debian/changelog macchanger-1.7.0/debian/changelog
--- macchanger-1.7.0/debian/changelog 2014-10-21 22:02:41.000000000 +0200
+++ macchanger-1.7.0/debian/changelog 2014-11-07 13:03:50.000000000 +0100
@@ -1,3 +1,10 @@
+macchanger (1.7.0-3) unstable; urgency=low
+
+ * update debian/watch to point to new github repository
+ * include code from 1.7.0-1.1 NMU (Closes: #738460, #740947)
+
+ -- Hans-Christoph Steiner <[email protected]> Fri, 07 Nov 2014 12:56:56 +0100
+
macchanger (1.7.0-2) unstable; urgency=low
* automatically run macchanger, with option to disable
@@ -7,6 +14,16 @@
-- Hans-Christoph Steiner <[email protected]> Tue, 21 Oct 2014 16:01:55 -0400
+macchanger (1.7.0-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix a grave security bug -- the macchanger program was fundamentally
+ not working correctly due to a bug in the debian local patch
+ 08-fix_random_MAC_choice.patch. In fact, it was **breaking** the
+ random MAC choice!?! (Closes: #738460, #740947)
+
+ -- Theodore Y. Ts'o <[email protected]> Sun, 06 Jul 2014 20:32:38 -0400
+
macchanger (1.7.0-1) unstable; urgency=medium
* New upstream release (Closes: #718849)
diff -Nru macchanger-1.7.0/debian/patches/08-fix_random_MAC_choice.patch
macchanger-1.7.0/debian/patches/08-fix_random_MAC_choice.patch
--- macchanger-1.7.0/debian/patches/08-fix_random_MAC_choice.patch
2014-03-18
15:59:20.000000000 +0100
+++ macchanger-1.7.0/debian/patches/08-fix_random_MAC_choice.patch
2014-10-22
18:23:41.000000000 +0200
@@ -12,6 +12,8 @@
src/main.c | 1 +
2 files changed, 34 insertions(+), 19 deletions(-)
+Index: macchanger/src/mac.c
+===================================================================
--- macchanger.orig/src/mac.c
+++ macchanger/src/mac.c
@@ -41,6 +41,13 @@ mc_mac_dup (const mac_t *mac)
@@ -28,7 +30,7 @@
void
mc_mac_free (mac_t *mac)
-@@ -68,27 +75,34 @@ mc_mac_random (mac_t *mac, unsigned char
+@@ -68,27 +75,32 @@ mc_mac_random (mac_t *mac, unsigned char
* x1:, x3:, x5:, x7:, x9:, xB:, xD: and xF:
*/
@@ -36,9 +38,25 @@
- case 6:
- /* 8th bit: Unicast / Multicast address
- * 7th bit: BIA (burned-in-address) / locally-administered
-+ mac_t newmac;
-+ mc_mac_copy(mac, &newmac);
-+
+- */
+- mac->byte[0] = (random()%255) & 0xFC;
+- mac->byte[1] = random()%255;
+- mac->byte[2] = random()%255;
+- case 3:
+- mac->byte[3] = random()%255;
+- mac->byte[4] = random()%255;
+- mac->byte[5] = random()%255;
+- }
++ mac_t origmac;
++ mc_mac_copy(mac, &origmac);
+
+- /* Handle the burned-in-address bit
+- */
+- if (set_bia) {
+- mac->byte[0] &= ~2;
+- } else {
+- mac->byte[0] |= 2;
+- }
+ do {
+ switch (last_n_bytes) {
+ case 6:
@@ -55,33 +73,18 @@
+ }
+
+ /* Handle the burned-in-address bit
- */
-- mac->byte[0] = (random()%255) & 0xFC;
-- mac->byte[1] = random()%255;
-- mac->byte[2] = random()%255;
-- case 3:
-- mac->byte[3] = random()%255;
-- mac->byte[4] = random()%255;
-- mac->byte[5] = random()%255;
-- }
++ */
+ if (set_bia) {
+ mac->byte[0] &= ~2;
+ } else {
+ mac->byte[0] |= 2;
+ }
-+ } while (mc_mac_equal (&newmac, mac));
-
-- /* Handle the burned-in-address bit
-- */
-- if (set_bia) {
-- mac->byte[0] &= ~2;
-- } else {
-- mac->byte[0] |= 2;
-- }
-+ mc_mac_copy(&newmac, mac);
++ } while (mc_mac_equal (&origmac, mac));
}
+Index: macchanger/src/main.c
+===================================================================
--- macchanger.orig/src/main.c
+++ macchanger/src/main.c
@@ -274,6 +274,7 @@ main (int argc, char *argv[])
diff -Nru macchanger-1.7.0/debian/watch macchanger-1.7.0/debian/watch
--- macchanger-1.7.0/debian/watch 2014-03-18 15:59:20.000000000 +0100
+++ macchanger-1.7.0/debian/watch 2014-10-22 18:31:38.000000000 +0200
@@ -1,2 +1,4 @@
+# Run the "uscan" command to check for upstream updates and more.
version=3
-ftp://ftp.gnu.org/gnu/macchanger/macchanger-(\d+.*)\.tar\.gz
+opts=uversionmangle=s/(\d)(alpha|beta|rc)/$1~$2/,dversionmangle=s/~dfsg\d*// \
+ https://github.com/alobbs/macchanger/tags .*/archive/v?(\d[\d\.]+).tar.gz
.hc
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
On 2014-11-07 14:03, Hans-Christoph Steiner wrote:
All code in 1.7.0-3 was already included in Jessie in 1.7.0-1.1 and
1.7.0-2.
The NMU 1.7.0-1.1 fixed some crucial security/functionality issues
(#738460
and #740947). Later, I made 1.7.0-2 directly from the package's git
repo, but
the NMU changes were not committed to git, so it was not included. I
then
included the 1.7.0-1.1 NMU code into the package's git, and made
1.7.0-3 and
uploaded it.
Unblocked.
--
Jonathan Wiltshire [email protected]
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
<directhex> i have six years of solaris sysadmin experience, from
8->10. i am well qualified to say it is made from bonghits
layered on top of bonghits
--- End Message ---
