Package: release.debian.org User: [email protected] Usertags: pu Tags: jessie Severity: normal
Dear Release Team, there's a bug affecting pdns in stable (jessie): #798773 Upgrading -to- the jessie version from wheezy works fine, but subsequent upgrades in jessie fail if users don't strip the config file of comments. This is quite bad for security updates, so please consider the attached debdiff. (Fixed in sid.) Many thanks, -- ,''`. Christian Hofstaedtler <[email protected]> : :' : Debian Developer `. `' 7D1A CFFA D9E0 806C 9C4C D392 5C13 D6DB 9305 2E03 `-
diff -Nru pdns-3.4.1/debian/changelog pdns-3.4.1/debian/changelog --- pdns-3.4.1/debian/changelog 2015-08-26 11:02:28.000000000 +0000 +++ pdns-3.4.1/debian/changelog 2015-10-30 14:35:13.000000000 +0000 @@ -1,3 +1,14 @@ +pdns (3.4.1-4+deb8u4) jessie; urgency=medium + + * Fix upgrades with default configuration. + The postinst script used to do a "grep include" on pdns.conf, which + in older versions would work (mostly), because the default config + only had a single "include=" entry. Now this is no longer true, + so remove that. Also, changing the include directory would have + never worked. (Closes: #798773) + + -- Christian Hofstaedtler <[email protected]> Fri, 30 Oct 2015 14:34:36 +0000 + pdns (3.4.1-4+deb8u3) jessie-security; urgency=high * Security update: apply patches for CVE-2015-5230 diff -Nru pdns-3.4.1/debian/pdns-server.postinst pdns-3.4.1/debian/pdns-server.postinst --- pdns-3.4.1/debian/pdns-server.postinst 2015-07-08 09:30:11.000000000 +0000 +++ pdns-3.4.1/debian/pdns-server.postinst 2015-10-30 14:35:13.000000000 +0000 @@ -16,12 +16,7 @@ PDNSCONF=/etc/powerdns/pdns.conf PDNSDEFAULT=/etc/default/pdns -if [ -e $PDNSCONF ]; then - PDNSDIR=`cat $PDNSCONF | grep include | awk -F '=' '{print $2}'` -fi -if [ -z "$PDNSDIR" ]; then - PDNSDIR=/etc/powerdns/pdns.d -fi +PDNSDIR=/etc/powerdns/pdns.d PDNSLOCAL=$PDNSDIR/pdns.local.conf # Temporary files @@ -121,7 +116,7 @@ [ -d $PDNSDIR ] && chmod 0755 $PDNSDIR [ -e $PDNSDEFAULT ] && chmod 0644 $PDNSDEFAULT fi - + # If we still have the default config, make sure bindbackend.conf exists PDNSBIND="/etc/powerdns/pdns.d/pdns.simplebind.conf" PDNSBINDBACKENDCONF="/etc/powerdns/bindbackend.conf"
