Bug#1064000: unzip: Unzip fails on Microsoft ZIP64 files

2024-02-15 Thread Marc Deslauriers 
Package: unzip
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu noble ubuntu-patch




*** /tmp/tmp5xum1hdh/bug_body

unzip rejects Microsoft OneDrive zip files. See the detailed explanation here:

https://www.bitsgalore.org/2020/03/11/does-microsoft-onedrive-export-large-ZIP-files-that-are-corrupt

tl;dr;
Microsoft mishandles the "Total number of disks" field when using the ZIP64 
extension. It should start at 1, they use 0, which isn't a valid value. Unzip 
doesn't properly handle the invalid value.


In Ubuntu, the attached patch was applied to achieve the following:


  * Properly handle Microsoft ZIP64 file (LP: #2051952)
- debian/patches/handle_windows_zip64.patch: ignore invalid "Total
  number of disks" field in process.c.


Thanks for considering the patch.


-- System Information:
Debian Release: bookworm/sid
  APT prefers jammy-updates
  APT policy: (500, 'jammy-updates'), (500, 'jammy-security'), (500, 'jammy'), 
(100, 'jammy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-1029-oem (SMP w/20 CPU threads; PREEMPT)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru unzip-6.0/debian/patches/handle_windows_zip64.patch 
unzip-6.0/debian/patches/handle_windows_zip64.patch
--- unzip-6.0/debian/patches/handle_windows_zip64.patch 1969-12-31 
19:00:00.0 -0500
+++ unzip-6.0/debian/patches/handle_windows_zip64.patch 2024-02-01 
10:48:08.0 -0500
@@ -0,0 +1,18 @@
+Description: Properly handle Microsoft ZIP64 file by ignoring invalid
+ "Total number of disks" field
+Origin: https://sourceforge.net/p/infozip/bugs/42/
+Bug: https://sourceforge.net/p/infozip/bugs/42/
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/2051952
+Author: Roy Tam
+
+--- a/process.c
 b/process.c
+@@ -1281,7 +1281,7 @@ static int find_ecrec64(__G__ searchlen)
+ fprintf(stdout,"\nnumber of disks (ECR) %u, (ECLOC64) %lu\n",
+ G.ecrec.number_this_disk, ecloc64_total_disks); fflush(stdout);
+ #endif
+-if ((G.ecrec.number_this_disk != 0x) &&
++if ((G.ecrec.number_this_disk != 0x) && ecloc64_total_disks &&
+ (G.ecrec.number_this_disk != ecloc64_total_disks - 1)) {
+   /* Note: For some unknown reason, the developers at PKWARE decided to
+  store the "zip64 total disks" value as a counter starting from 1,
diff -Nru unzip-6.0/debian/patches/series unzip-6.0/debian/patches/series
--- unzip-6.0/debian/patches/series 2023-05-30 06:34:18.0 -0400
+++ unzip-6.0/debian/patches/series 2024-02-01 10:46:59.0 -0500
@@ -27,3 +27,4 @@
 26-cve-2019-13232-fix-bug-in-uzinflate.patch
 27-zipgrep-avoid-test-errors.patch
 28-cve-2022-0529-and-cve-2022-0530.patch
+handle_windows_zip64.patch

Bug#1011771: logrotate: On Ubuntu, an extra conf file is created

2022-05-26 Thread Marc Deslauriers 
Package: logrotate
Version: 3.20.1-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu kinetic ubuntu-patch



-- Package-specific info:
Contents of /etc/logrotate.d
total 84
-rw-r--r-- 1 root root  120 Sep  5  2019 alternatives
-rw-r--r-- 1 root root  442 Apr 13  2020 apache2
-rw-r--r-- 1 root root  126 Dec  4  2019 apport
-rw-r--r-- 1 root root  173 Apr  9  2020 apt
-rw-r--r-- 1 root root 1170 Jan 19  2020 apt-cacher-ng
-rw-r--r-- 1 root root   91 Apr  1  2020 bootlog
-rw-r--r-- 1 root root  130 Jan 21  2019 btmp
-rw-r--r-- 1 root root  181 Feb 17  2020 cups-daemon
-rw-r--r-- 1 root root  112 Sep  5  2019 dpkg
-rw-r--r-- 1 root root  165 Oct  8  2020 libvirtd
-rw-r--r-- 1 root root  149 Oct  8  2020 libvirtd.libxl
-rw-r--r-- 1 root root  147 Oct  8  2020 libvirtd.lxc
-rw-r--r-- 1 root root  540 Oct  8  2020 libvirtd.qemu
-rw-r--r-- 1 root root   94 Feb  8  2019 ppp
-rw-r--r-- 1 root root  501 Mar  7  2019 rsyslog
-rw-r--r-- 1 root root  677 Nov 28  2019 speech-dispatcher
-rw-r--r-- 1 root root  244 Oct  6  2021 ubuntu-advantage-tools
-rw-r--r-- 1 root root  178 Jan 21  2020 ufw
-rw-r--r-- 1 root root  235 Apr 13  2020 unattended-upgrades
-rw-r--r-- 1 root root  297 Jan  5  2020 winbind
-rw-r--r-- 1 root root  145 Feb 19  2018 wtmp



*** /tmp/tmpmw3qw25y/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

The sed command in debian/rules was creating an extra "logrotate.confe"
backup file by mistake.

  * debian/rules: fix sed syntax to not end up with a backup file.


Thanks for considering the patch.


-- System Information:
Debian Release: bullseye/sid
  APT prefers focal-updates
  APT policy: (500, 'focal-updates'), (500, 'focal-security'), (500, 'focal'), 
(100, 'focal-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.13.0-39-generic (SMP w/8 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru logrotate-3.20.1/debian/rules logrotate-3.20.1/debian/rules
--- logrotate-3.20.1/debian/rules   2022-05-25 18:15:57.0 -0400
+++ logrotate-3.20.1/debian/rules   2022-05-26 10:33:29.0 -0400
@@ -15,6 +15,6 @@
 # because that's where Ubuntu had been adding these lines
 execute_after_dh_install:
 ifeq ($(shell dpkg-vendor --query vendor),Ubuntu)
-   sed -ie "6r debian/ubuntu-logrotate.conf" \
+   sed -i -e "6r debian/ubuntu-logrotate.conf" \
debian/logrotate/etc/logrotate.conf
 endif

Bug#956399: pam-ssh-agent-auth: Segfault when using ECDSA keys

2020-04-10 Thread Marc Deslauriers 
Package: pam-ssh-agent-auth
Version: 0.10.3-3
Severity: important
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu focal ubuntu-patch



*** /tmp/tmpUqD4LH/bug_body

The pam module segfaults when being used with ECDSA keys.
Please see the following downstream bug for a detailed reproducer:

https://bugs.launchpad.net/bugs/1869512

In Ubuntu, the attached patch was applied to achieve the following:

  * Fix segfault when using ECDSA keys (LP: #1869512)
- debian/patches/lp1869512.patch: properly initialize memory in
  ssh-ecdsa.c.


Thanks for considering the patch.


-- System Information:
Debian Release: buster/sid
  APT prefers bionic-updates
  APT policy: (500, 'bionic-updates'), (500, 'bionic-security'), (500, 
'bionic'), (100, 'bionic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-91-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru pam-ssh-agent-auth-0.10.3/debian/patches/lp1869512.patch 
pam-ssh-agent-auth-0.10.3/debian/patches/lp1869512.patch
--- pam-ssh-agent-auth-0.10.3/debian/patches/lp1869512.patch1969-12-31 
19:00:00.0 -0500
+++ pam-ssh-agent-auth-0.10.3/debian/patches/lp1869512.patch2020-04-10 
12:48:24.0 -0400
@@ -0,0 +1,46 @@
+Description: fix segfault when using ECDSA keys.
+Author: Marc Deslauriers 
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1869512
+
+--- a/ssh-ecdsa.c
 b/ssh-ecdsa.c
+@@ -111,7 +111,7 @@ ssh_ecdsa_verify(const Key *key, const u
+ int rlen, ret;
+ Buffer b;
+ #if OPENSSL_VERSION_NUMBER >= 0x1015L
+-  BIGNUM *r, *s;
++  BIGNUM *r = NULL, *s = NULL;
+ #endif
+ 
+ if (key == NULL || key->type != KEY_ECDSA || key->ecdsa == NULL) {
+@@ -137,20 +137,27 @@ ssh_ecdsa_verify(const Key *key, const u
+ 
+ /* parse signature */
+ if ((sig = ECDSA_SIG_new()) == NULL)
+-pamsshagentauth_fatal("ssh_ecdsa_verify: DSA_SIG_new failed");
++pamsshagentauth_fatal("ssh_ecdsa_verify: ECDSA_SIG_new failed");
+ 
+ pamsshagentauth_buffer_init();
+ pamsshagentauth_buffer_append(, sigblob, len);
+ #if OPENSSL_VERSION_NUMBER < 0x1015L
+ if ((pamsshagentauth_buffer_get_bignum2_ret(, sig->r) == -1) ||
+ (pamsshagentauth_buffer_get_bignum2_ret(, sig->s) == -1))
++pamsshagentauth_fatal("ssh_ecdsa_verify:"
++"pamsshagentauth_buffer_get_bignum2_ret failed");
+ #else
+-DSA_SIG_get0(sig, , );
++if ((r = BN_new()) == NULL)
++pamsshagentauth_fatal("ssh_ecdsa_verify: BN_new failed");
++if ((s = BN_new()) == NULL)
++pamsshagentauth_fatal("ssh_ecdsa_verify: BN_new failed");
+ if ((pamsshagentauth_buffer_get_bignum2_ret(, r) == -1) ||
+ (pamsshagentauth_buffer_get_bignum2_ret(, s) == -1))
+-#endif
+ pamsshagentauth_fatal("ssh_ecdsa_verify:"
+ "pamsshagentauth_buffer_get_bignum2_ret failed");
++if (ECDSA_SIG_set0(sig, r, s) != 1)
++pamsshagentauth_fatal("ssh_ecdsa_verify: ECDSA_SIG_set0 failed");
++#endif
+ 
+ /* clean up */
+ memset(sigblob, 0, len);
diff -Nru pam-ssh-agent-auth-0.10.3/debian/patches/series 
pam-ssh-agent-auth-0.10.3/debian/patches/series
--- pam-ssh-agent-auth-0.10.3/debian/patches/series 2019-01-26 
10:40:32.0 -0500
+++ pam-ssh-agent-auth-0.10.3/debian/patches/series 2020-04-10 
12:48:24.0 -0400
@@ -1,3 +1,4 @@
 0001-authfd.c-check-return-value-of-seteuid-2.patch
 openssl-1.1.1-1.patch
 openssl-1.1.1-2.patch
+lp1869512.patch

Bug#920442: (no subject)

2019-01-25 Thread Marc Deslauriers 
Looks like this is caused by texlive-base (2018.20190122-1), reverting to
texlive-base (2018.20181214-1) fixes the FTBFS.

Bug#920442: libcaca FTBFS in unstable

2019-01-25 Thread Marc Deslauriers 
Package: libcaca
Version: 0.99.beta19-2
Severity: serious
Justification: fails to build from source (but built successfully in the past)

See:

http://debomatic-amd64.debian.net/distribution#unstable/libcaca/0.99.beta19-2/buildlog

Bug#870273: imagemagick: regression in 8:6.8.9.9-5+deb8u10

2017-07-31 Thread Marc Deslauriers 
Package: imagemagick
Version: 8:6.8.9.9-5+deb8u10
Severity: normal

Ubuntu imagemagick security updates are based on Debian security updates.
The latest round of jessie updates introduced a regression.

Please see the downstream bug report for a reproducer script:

https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1707015

I've tracked this down to the 0224-Ensure-token-does-not-overflow.patch
patch, but I haven't come up with a fix yet.

Bug#858564: (no subject)

2017-03-24 Thread Marc Deslauriers 
We're hitting the same issue in Ubuntu:

https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1675698

"follow symlinks = no" is required to reproduce it.

Bug#803012: tar ftbfs everywhere (test suite errors)

2015-11-03 Thread Marc Deslauriers 
Package: tar
Version: 1.28-2
Followup-For: Bug #803012
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu xenial ubuntu-patch



*** /tmp/tmp70_1Po/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/use-sort-in-t-dir-tests.diff: upstream patch to fix
test sort order.


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers vivid-updates
  APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 
'vivid-proposed'), (500, 'vivid'), (100, 'vivid-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-32-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru tar-1.28/debian/changelog tar-1.28/debian/changelog
diff -Nru tar-1.28/debian/patches/series tar-1.28/debian/patches/series
--- tar-1.28/debian/patches/series	2015-09-28 17:26:37.0 -0500
+++ tar-1.28/debian/patches/series	2015-11-03 21:57:30.0 -0600
@@ -2,3 +2,4 @@
 listed03-linux-only
 add-clamp-mtime.diff
 files-from-and-recursive-extract.diff
+use-sort-in-t-dir-tests.diff
diff -Nru tar-1.28/debian/patches/use-sort-in-t-dir-tests.diff tar-1.28/debian/patches/use-sort-in-t-dir-tests.diff
--- tar-1.28/debian/patches/use-sort-in-t-dir-tests.diff	1969-12-31 18:00:00.0 -0600
+++ tar-1.28/debian/patches/use-sort-in-t-dir-tests.diff	2015-11-03 21:57:30.0 -0600
@@ -0,0 +1,48 @@
+From 5e2a1d5b3801d016f51b3f4c476d275a6adff5d7 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff 
+Date: Mon, 02 Nov 2015 11:54:26 +
+Subject: Use sort in T-dir tests.
+
+---
+diff --git a/tests/T-dir00.at b/tests/T-dir00.at
+index 7f89fcf..8ff6ba8 100644
+--- a/tests/T-dir00.at
 b/tests/T-dir00.at
+@@ -28,13 +28,14 @@
+ AT_SETUP([recursive extraction from --files-from])
+ AT_KEYWORDS([files-from extract T-dir T-dir00])
+ AT_TAR_CHECK([
++AT_SORT_PREREQ
+ mkdir dir
+ genfile -f dir/file1
+ genfile -f dir/file2
+ tar cf archive dir
+ rm -rf dir
+ echo dir > list
+-tar xfTv archive list
++tar xfTv archive list | sort
+ ],
+ [0],
+ [dir/
+diff --git a/tests/T-dir01.at b/tests/T-dir01.at
+index 155a373..db92292 100644
+--- a/tests/T-dir01.at
 b/tests/T-dir01.at
+@@ -28,13 +28,14 @@
+ AT_SETUP([trailing slash in --files-from])
+ AT_KEYWORDS([files-from extract T-dir T-dir01])
+ AT_TAR_CHECK([
++AT_SORT_PREREQ
+ mkdir dir
+ genfile -f dir/file1
+ genfile -f dir/file2
+ tar cf archive dir
+ rm -rf dir
+ echo dir/ > list
+-tar xfTv archive list
++tar xfTv archive list | sort
+ ],
+ [0],
+ [dir/
+--
+cgit v0.9.0.2

Bug#775421: logrotate: manpage refers to /var/lib/logrotate.status

2015-09-15 Thread Marc Deslauriers 
Package: logrotate
Version: 3.8.7-2
Followup-For: Bug #775421
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu wily ubuntu-patch



*** /tmp/tmpaYlMlo/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/manpage.patch: fix state file path in FILES section
(LP: #772214)


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers vivid-updates
  APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 
'vivid-proposed'), (500, 'vivid'), (100, 'vivid-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-29-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru logrotate-3.8.7/debian/changelog logrotate-3.8.7/debian/changelog
diff -Nru logrotate-3.8.7/debian/patches/manpage.patch logrotate-3.8.7/debian/patches/manpage.patch
--- logrotate-3.8.7/debian/patches/manpage.patch	2015-05-06 00:41:10.0 -0400
+++ logrotate-3.8.7/debian/patches/manpage.patch	2015-09-15 09:06:00.0 -0400
@@ -1,8 +1,10 @@
-Closes: #101272, #335060
-Patches from: J S Bygott 
-
-General fixes to manpages.
-
+Description: General fixes to manpages.
+Author: J S Bygott 
+Author: Andrey Bondarenko 
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=101272
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335060
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775421
+Last-Update: 2015-09-15 
 
 Index: logrotate-3.8.5/logrotate.8
 ===
@@ -150,6 +152,15 @@
  overrides the \fBolddir\fR option).
  
  .TP
+@@ -523,7 +528,7 @@
+ .SH FILES
+ .PD 0
+ .TP 27
+-\fI/var/lib/logrotate.status\fR
++\fI/var/lib/logrotate/status\fR
+ Default state file.
+ .TP 27
+ \fI/etc/logrotate.conf\fR
 @@ -532,12 +537,15 @@
  .SH SEE ALSO
  .BR gzip (1)

Bug#795429: CVE-2015-5177

2015-08-28 Thread Marc Deslauriers 
Package: openslp-dfsg
Version: 1.2.1-10
Followup-For: Bug #795429
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu wily ubuntu-patch



*** /tmp/tmpHzlE84/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: denial of service via double free flaw
- debian/patches/CVE-2015-5177.patch: fix double free if
  SLPDKnownDAAdd() fails in slpd/slpd_knownda.c.
- CVE-2015-5177


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers vivid-updates
  APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 
'vivid-proposed'), (500, 'vivid'), (100, 'vivid-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-27-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru openslp-dfsg-1.2.1/debian/changelog openslp-dfsg-1.2.1/debian/changelog
diff -Nru openslp-dfsg-1.2.1/debian/patches/CVE-2015-5177.patch openslp-dfsg-1.2.1/debian/patches/CVE-2015-5177.patch
--- openslp-dfsg-1.2.1/debian/patches/CVE-2015-5177.patch	1969-12-31 19:00:00.0 -0500
+++ openslp-dfsg-1.2.1/debian/patches/CVE-2015-5177.patch	2015-08-28 15:29:54.0 -0400
@@ -0,0 +1,30 @@
+Description: fix denial of service via double free flaw
+Origin: backport, http://sourceforge.net/p/openslp/mercurial/ci/2bc15d0494f886d9c4fe342d23bc160605aea51d/
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795429
+
+Index: openslp-dfsg-1.2.1/slpd/slpd_knownda.c
+===
+--- openslp-dfsg-1.2.1.orig/slpd/slpd_knownda.c	2005-02-08 00:34:31.0 -0500
 openslp-dfsg-1.2.1/slpd/slpd_knownda.c	2015-08-28 15:27:26.098428039 -0400
+@@ -823,15 +823,15 @@
+  */
+ SLPDLogDAAdvertisement(Removed,entry);
+ }
++/* If we are here, we need to cleanup the message descriptor and the  */
++/* message buffer because they were not added to the database and not */
++/* cleaning them up would result in a memory leak. This is because we */
++/* return zero, so the caller thinks it must not do the cleanup.  */
++SLPMessageFree(msg);
++SLPBufferFree(buf);
+ }
+ 
+ CLEANUP:
+-/* If we are here, we need to cleanup the message descriptor and the  */
+-/* message buffer because they were not added to the database and not */
+-/* cleaning them up would result in a memory leak */
+-/* We also need to make sure the Database handle is closed.   */
+-SLPMessageFree(msg);
+-SLPBufferFree(buf);
+ if (dh) SLPDatabaseClose(dh);
+ 
+ return result;
diff -Nru openslp-dfsg-1.2.1/debian/patches/series openslp-dfsg-1.2.1/debian/patches/series
--- openslp-dfsg-1.2.1/debian/patches/series	2014-07-25 10:14:50.0 -0400
+++ openslp-dfsg-1.2.1/debian/patches/series	2015-08-28 15:23:23.0 -0400
@@ -4,3 +4,4 @@
 fix-typo.patch
 fix-automake-cond-spelling.patch
 CVE-2012-4428.patch
+CVE-2015-5177.patch

Bug#789686: putty: Security fix may get optimized away by compiler

2015-06-23 Thread Marc Deslauriers 
Package: putty
Version: 0.62-9+deb7u2
Severity: normal
Tags: security



-- System Information:
Debian Release: jessie/sid
  APT prefers vivid-updates
  APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 
'vivid-proposed'), (500, 'vivid'), (100, 'vivid-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-22-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)


The wheezy security update backport for CVE-2015-2157 replaced calls to
smemclr() with memset() in private-key-not-wiped-2.patch. This may result
in the security fix being optimized away by the compiler.

In addition, it appears there are other cases in the codebase where a memset
is being used to clear out sensitive information. The following commit
should probably be backported:

https://github.com/Yasushi/putty/commit/aa5bae89


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#789686: (no subject)

2015-06-23 Thread Marc Deslauriers 
Whoops, that's not the official repo, this is the right URL:

http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commit;h=aa5bae89


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#786555: sudo: time stamp files no longer invalidated at boot

2015-06-05 Thread Marc Deslauriers 
Package: sudo
Version: 1.8.12-1
Followup-For: Bug #786555
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu wily ubuntu-patch



*** /tmp/tmp8y8IwQ/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * Use tmpfs location to store timestamp files (LP: #1458031)
- debian/rules: change --with-rundir to /var/run/sudo
- debian/rules, debian/sudo.service, debian/sudo.sudo.init: stop
  shipping init script and service file, as they are no longer
  necessary.
- debian/*.preinst, debian/*.postinst, debian/*.postrm: remove old init
  script with dpkg-maintscript-helper.
- debian/*.postinst: remove old /var/run/sudo to /var/lib/sudo
  transition code, remove old /var/lib/sudo/ts timestamp directory.


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers vivid-updates
  APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 
'vivid-proposed'), (500, 'vivid'), (100, 'vivid-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-20-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru sudo-1.8.12/debian/changelog sudo-1.8.12/debian/changelog
diff -Nru sudo-1.8.12/debian/control sudo-1.8.12/debian/control
--- sudo-1.8.12/debian/control	2015-05-13 16:01:18.0 -0400
+++ sudo-1.8.12/debian/control	2015-06-05 11:34:40.0 -0400
@@ -1,8 +1,7 @@
 Source: sudo
 Section: admin
 Priority: optional
-Maintainer: Ubuntu Developers ubuntu-devel-disc...@lists.ubuntu.com
-XSBC-Original-Maintainer: Bdale Garbee bd...@gag.com
+Maintainer: Bdale Garbee bd...@gag.com
 Build-Depends: debhelper (= 7), libpam0g-dev, libldap2-dev, libsasl2-dev, libselinux1-dev [linux-any], autoconf, autotools-dev, bison, flex, libaudit-dev [linux-any], dh-autoreconf
 Standards-Version: 3.9.6
 Vcs-Git: git://anonscm.debian.org/collab-maint/sudo.git
diff -Nru sudo-1.8.12/debian/rules sudo-1.8.12/debian/rules
--- sudo-1.8.12/debian/rules	2015-05-13 15:44:04.0 -0400
+++ sudo-1.8.12/debian/rules	2015-06-05 09:45:22.0 -0400
@@ -44,7 +44,7 @@
 		--disable-root-mailer \
 		--enable-admin-flag \
 		--with-sendmail=/usr/sbin/sendmail \
-		--with-rundir=/var/lib/sudo \
+		--with-rundir=/var/run/sudo \
 		--mandir=/usr/share/man \
 		--libexecdir=/usr/lib/sudo \
 		--with-sssd --with-sssd-lib=/usr/lib/$(DEB_HOST_MULTIARCH) \
@@ -71,7 +71,7 @@
 		--enable-admin-flag \
 		--disable-setresuid \
 		--with-sendmail=/usr/sbin/sendmail \
-		--with-rundir=/var/lib/sudo \
+		--with-rundir=/var/run/sudo \
 		--with-ldap-conf-file=/etc/sudo-ldap.conf \
 		--mandir=/usr/share/man \
 		--libexecdir=/usr/lib/sudo \
@@ -117,6 +117,7 @@
 	rm -f	debian/sudo*/etc/sudoers \
 		debian/sudo*/usr/share/doc/sudo/LICENSE* \
 		debian/sudo*/usr/share/doc/sudo/ChangeLog
+	rmdir	debian/sudo*/var/run/sudo
 
 	# move upstream-installed docs to the right place for ldap package
 	mv	debian/sudo-ldap/usr/share/doc/sudo/* \
@@ -160,10 +161,6 @@
 	install -o root -g root -m 0440 debian/README \
 		debian/sudo-ldap/etc/sudoers.d/README
 
-	install -o root -g root -m 0644 debian/sudo.service \
-		debian/sudo/lib/systemd/system/sudo.service
-	install -o root -g root -m 0644 debian/sudo.service \
-		debian/sudo-ldap/lib/systemd/system/sudo.service
 
 binary-indep: build install
 
@@ -171,8 +168,6 @@
 	dh_testdir
 	dh_testroot
 	dh_installdocs -A
-	dh_installinit -psudo --name=sudo
-	dh_installinit -psudo-ldap --name=sudo-ldap
 	dh_installman -A
 	dh_installinfo -A
 	dh_installchangelogs ChangeLog 
diff -Nru sudo-1.8.12/debian/sudo-ldap.postinst sudo-1.8.12/debian/sudo-ldap.postinst
--- sudo-1.8.12/debian/sudo-ldap.postinst	2015-02-23 11:03:03.0 -0500
+++ sudo-1.8.12/debian/sudo-ldap.postinst	2015-06-05 11:10:58.0 -0400
@@ -19,14 +19,6 @@
 	echo sudoers:	files ldap  /etc/nsswitch.conf
 fi
 
-# handle state directory transition from /var/run/sudo to /var/lib/sudo,
-# moving any existing content over to avoid re-lecturing existing users
-if [ -d /var/run/sudo ];then
-mkdir -p /var/lib/sudo
-(cd /var/run/sudo ; tar cf - .) | (cd /var/lib/sudo ; tar xf -)
-rm -rf /var/run/sudo
-fi
-
 # make sure sudoers has the correct permissions and owner/group
 if [ -f /etc/sudoers ];then
 chown root:root /etc/sudoers
@@ -42,6 +34,12 @@
 # if we've gotten this far .. remove the saved, unchanged old sudoers file
 rm -f /etc/sudoers.pre-conffile
 
+# remove the old init script
+dpkg-maintscript-helper rm_conffile /etc/init.d/sudo 1.8.12-1ubuntu2~ sudo-ldap -- $@
+
+# remove the old timestamp directory
+rm -rf /var/lib/sudo/ts
+
 # make sure we have a sudo group
 
 [ -n `getent group sudo` ]  exit 0   # we're finished if there is a group sudo:
diff -Nru sudo-1.8.12/debian/sudo-ldap.postrm sudo-1.8.12/debian/sudo-ldap.postrm
--- sudo-1.8.12/debian/sudo-ldap.postrm	2015-02-23

Bug#786555: sudo: time stamp files no longer invalidated at boot

2015-05-22 Thread Marc Deslauriers 
Package: sudo
Version: 
Severity: normal
Tags: security

Sudo 1.8.10 switched to a new time stamp file format that uses the monotonic
clock. Timestamp files moved from /var/lib/sudo to /var/lib/sudo/ts.

At boot, the contents of the /var/lib/sudo/ts directory needs to be deleted,
as per the warning in the build log:

configure: Warning: the /var/lib/sudo/ts directory must be cleared at boot time.
configure: You may need to create a startup item to do this.

The sudo package ships with both an init script and a systemd unit file.
Unfortunately, the init script sets the date on the timestamp files to epoch,
which is no longer the proper way to invalidate them. The systemd unit file
doesn't seem to work at all.

Downstream bug report:

https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1458031


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#784773: icu: CVE-2015-8146 and CVE-2015-8147

2015-05-08 Thread Marc Deslauriers 
Package: icu
Version: 52.1-8
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu wily ubuntu-patch



*** /tmp/tmp8_oq5o/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: heap overflow via incorrect isolateCount
- debian/patches/CVE-2015-8146.patch: check for valid isolateCount in
  source/common/ubidi.c.
- CVE-2015-8146
  * SECURITY UPDATE: integer overflow via incorrect state size
- debian/patches/CVE-2015-8147.patch: change state to int32_t in
  source/common/ubidiimp.h.
- CVE-2015-8147


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers vivid-updates
  APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 
'vivid-proposed'), (500, 'vivid'), (100, 'vivid-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-15-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru icu-52.1/debian/changelog icu-52.1/debian/changelog
diff -Nru icu-52.1/debian/patches/CVE-2015-8146.patch icu-52.1/debian/patches/CVE-2015-8146.patch
--- icu-52.1/debian/patches/CVE-2015-8146.patch	1969-12-31 19:00:00.0 -0500
+++ icu-52.1/debian/patches/CVE-2015-8146.patch	2015-05-08 08:27:11.0 -0400
@@ -0,0 +1,16 @@
+Description: fix heap overflow via incorrect isolateCount
+Origin: backport, http://bugs.icu-project.org/trac/changeset/37162
+
+Index: icu-52.1/source/common/ubidi.c
+===
+--- icu-52.1.orig/source/common/ubidi.c	2013-10-04 16:49:28.0 -0400
 icu-52.1/source/common/ubidi.c	2015-05-08 08:19:47.924746439 -0400
+@@ -2049,7 +2049,7 @@
+ /* The isolates[] entries contain enough information to
+resume the bidi algorithm in the same state as it was
+when it was interrupted by an isolate sequence. */
+-if(dirProps[start]==PDI) {
++if(dirProps[start]==PDI   pBiDi-isolateCount = 0) {
+ start1=pBiDi-isolates[pBiDi-isolateCount].start1;
+ stateImp=pBiDi-isolates[pBiDi-isolateCount].stateImp;
+ levState.state=pBiDi-isolates[pBiDi-isolateCount].state;
diff -Nru icu-52.1/debian/patches/CVE-2015-8147.patch icu-52.1/debian/patches/CVE-2015-8147.patch
--- icu-52.1/debian/patches/CVE-2015-8147.patch	1969-12-31 19:00:00.0 -0500
+++ icu-52.1/debian/patches/CVE-2015-8147.patch	2015-05-08 08:27:31.0 -0400
@@ -0,0 +1,17 @@
+Description: fix integer overflow via incorrect state size
+Origin: backport, http://bugs.icu-project.org/trac/changeset/37080
+
+Index: icu-52.1/source/common/ubidiimp.h
+===
+--- icu-52.1.orig/source/common/ubidiimp.h	2013-10-04 16:49:24.0 -0400
 icu-52.1/source/common/ubidiimp.h	2015-05-08 08:20:48.901252416 -0400
+@@ -193,8 +193,8 @@
+ 
+ typedef struct Isolate {
+ int32_t start1;
++int32_t state;
+ int16_t stateImp;
+-int16_t state;
+ } Isolate;
+ 
+ typedef struct Run {
diff -Nru icu-52.1/debian/patches/series icu-52.1/debian/patches/series
--- icu-52.1/debian/patches/series	2015-02-15 21:35:11.0 -0500
+++ icu-52.1/debian/patches/series	2015-05-08 08:20:42.0 -0400
@@ -12,3 +12,5 @@
 CVE-2014-7923+7926.patch
 CVE-2014-7940.patch
 CVE-2014-9654.patch
+CVE-2015-8146.patch
+CVE-2015-8147.patch

Bug#781526: tiff: More security-relevant commits

2015-03-30 Thread Marc Deslauriers 
Package: tiff
Version: 4.0.3-12.3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu vivid ubuntu-patch



*** /tmp/tmpy2ySAQ/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: Backport more security-relevant commits
- debian/patches/CVE-2014-81xx-9.patch
- debian/patches/CVE-2014-9655-1.patch
- debian/patches/CVE-2014-9655-3.patch
- debian/patches/read_overrun.patch
- debian/patches/estimatestripbytecounts_return_code.patch
- debian/patches/CVE-2014-8130.patch


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers vivid-updates
  APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 'vivid'), 
(100, 'vivid-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.19.0-10-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru tiff-4.0.3/debian/changelog tiff-4.0.3/debian/changelog
diff -Nru tiff-4.0.3/debian/patches/CVE-2014-8130.patch tiff-4.0.3/debian/patches/CVE-2014-8130.patch
--- tiff-4.0.3/debian/patches/CVE-2014-8130.patch	1969-12-31 19:00:00.0 -0500
+++ tiff-4.0.3/debian/patches/CVE-2014-8130.patch	2015-03-30 10:19:40.0 -0400
@@ -0,0 +1,42 @@
+From 3c5eb8b1be544e41d2c336191bc4936300ad7543 Mon Sep 17 00:00:00 2001
+From: bfriesen bfriesen
+Date: Sun, 18 Nov 2012 17:51:52 +
+Subject: [PATCH] * libtiff/tif_{unix,vms,win32}.c (_TIFFmalloc): ANSI C does
+ not require malloc() to return NULL pointer if requested allocation size is
+ zero.  Assure that _TIFFmalloc does.
+
+---
+ ChangeLog   | 6 ++
+ libtiff/tif_unix.c  | 3 +++
+ libtiff/tif_vms.c   | 3 +++
+ libtiff/tif_win32.c | 3 +++
+ 4 files changed, 15 insertions(+)
+
+Index: tiff-4.0.3/libtiff/tif_unix.c
+===
+--- tiff-4.0.3.orig/libtiff/tif_unix.c	2015-03-27 14:47:11.002353413 -0400
 tiff-4.0.3/libtiff/tif_unix.c	2015-03-27 14:47:10.998353377 -0400
+@@ -257,6 +257,9 @@
+ void*
+ _TIFFmalloc(tmsize_t s)
+ {
++if (s == 0)
++return ((void *) NULL);
++
+ 	return (malloc((size_t) s));
+ }
+ 
+Index: tiff-4.0.3/libtiff/tif_win32.c
+===
+--- tiff-4.0.3.orig/libtiff/tif_win32.c	2015-03-27 14:47:11.002353413 -0400
 tiff-4.0.3/libtiff/tif_win32.c	2015-03-27 14:47:10.998353377 -0400
+@@ -329,6 +329,9 @@
+ void*
+ _TIFFmalloc(tmsize_t s)
+ {
++if (s == 0)
++return ((void *) NULL);
++
+ 	return (malloc((size_t) s));
+ }
+ 
diff -Nru tiff-4.0.3/debian/patches/CVE-2014-81xx-9.patch tiff-4.0.3/debian/patches/CVE-2014-81xx-9.patch
--- tiff-4.0.3/debian/patches/CVE-2014-81xx-9.patch	1969-12-31 19:00:00.0 -0500
+++ tiff-4.0.3/debian/patches/CVE-2014-81xx-9.patch	2015-03-30 10:18:36.0 -0400
@@ -0,0 +1,35 @@
+Backport of:
+
+From 77837423c3a125a3b39ddae246ff904f437cf845 Mon Sep 17 00:00:00 2001
+From: bfriesen bfriesen
+Date: Mon, 22 Dec 2014 02:52:38 +
+Subject: [PATCH] * tools/tiffdump.c: Guard against arithmetic overflow when
+ calculating allocation buffer sizes.
+
+---
+ ChangeLog|  5 +
+ tools/tiffdump.c | 21 ++---
+ 2 files changed, 23 insertions(+), 3 deletions(-)
+
+Index: tiff-4.0.3/tools/tiffdump.c
+===
+--- tiff-4.0.3.orig/tools/tiffdump.c	2015-01-29 09:36:19.521556646 -0500
 tiff-4.0.3/tools/tiffdump.c	2015-01-29 09:36:19.521556646 -0500
+@@ -34,6 +34,8 @@
+ # include unistd.h
+ #endif
+ 
++#include tiffiop.h
++
+ #ifdef HAVE_FCNTL_H
+ # include fcntl.h
+ #endif
+@@ -303,7 +305,7 @@
+ 		dircount = (uint16)dircount64;
+ 		direntrysize = 20;
+ 	}
+-	dirmem = _TIFFmalloc(dircount * direntrysize);
++	dirmem = _TIFFmalloc(TIFFSafeMultiply(tmsize_t,dircount,direntrysize));
+ 	if (dirmem == NULL) {
+ 		Fatal(No space for TIFF directory);
+ 		goto done;
diff -Nru tiff-4.0.3/debian/patches/CVE-2014-9655-1.patch tiff-4.0.3/debian/patches/CVE-2014-9655-1.patch
--- tiff-4.0.3/debian/patches/CVE-2014-9655-1.patch	1969-12-31 19:00:00.0 -0500
+++ tiff-4.0.3/debian/patches/CVE-2014-9655-1.patch	2015-03-30 10:18:59.0 -0400
@@ -0,0 +1,26 @@
+From 24a2eee78bb057acb2c3992acd002654c1747718 Mon Sep 17 00:00:00 2001
+From: erouault erouault
+Date: Wed, 24 Dec 2014 16:57:18 +
+Subject: [PATCH] * libtiff/tif_getimage.c: avoid divide by zero on invalid
+ YCbCr subsampling. http://bugzilla.maptools.org/show_bug.cgi?id=2235
+
+---
+ ChangeLog  | 5 +
+ libtiff/tif_getimage.c | 4 
+ 2 files changed, 9 insertions(+)
+
+diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
+index 396ad08..417ac7b 100644
+--- a/libtiff/tif_getimage.c
 b/libtiff/tif_getimage.c
+@@ -875,6 +875,10 @@

Bug#776947: nut: Default ups.conf should have maxretry setting above examples section

2015-02-03 Thread Marc Deslauriers 
Package: nut
Version: 2.7.1-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu vivid ubuntu-patch



*** /tmp/tmpvfdwEw/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

Default/sample ups.conf has maxretry setting at end. Above that are examples 
and an empty line.

Uncommenting any of the examples or merging with older configs are likely to 
end up with a broken
config file, since the parser will interpret existing maxretries to be inside 
driver definition.
Included patch follows conventions used in other nut config files.

  * debian/patches/0006-ups-conf-reorder.patch: Move maxretry setting
above Examples section, closer to the outside of a driver definition
comment. (LP: #1405822)


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers utopic-updates
  APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 
'utopic-proposed'), (500, 'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-30-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru nut-2.7.1/debian/changelog nut-2.7.1/debian/changelog
diff -Nru nut-2.7.1/debian/patches/0006-ups-conf-maxretry.patch nut-2.7.1/debian/patches/0006-ups-conf-maxretry.patch
--- nut-2.7.1/debian/patches/0006-ups-conf-maxretry.patch	2013-11-24 14:58:03.0 -0500
+++ nut-2.7.1/debian/patches/0006-ups-conf-maxretry.patch	2015-02-03 08:23:00.0 -0500
@@ -25,10 +25,15 @@
  # 
  # These directives are common to all drivers that support ups.conf:
  #
-@@ -102,3 +120,6 @@
+@@ -78,7 +96,10 @@
  #
- # To find out if your driver supports any extra settings, start it with
- # the -h option and/or read the driver's documentation.
+ # Anything else is passed through to the hardware-specific part of
+ # the driver.
+-# 
 +
 +# Set maxretry to 3 by default, this should mitigate race with slow devices:
 +maxretry = 3
++
+ # Examples
+ # 
+ #

Bug#776589: unzip: CVE-2014-9636 heap overflow via mismatched block sizes

2015-01-29 Thread Marc Deslauriers 
Package: unzip
Version: 6.0-13
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu vivid ubuntu-patch



*** /tmp/tmp7DfOwv/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: heap overflow via mismatched block sizes
- debian/patches/12-cve-2014-9636-test-compr-eb: ensure compressed and
  uncompressed block sizes match when using STORED method in extract.c.
- CVE-2014-9636


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers utopic-updates
  APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 
'utopic-proposed'), (500, 'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-30-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru unzip-6.0/debian/changelog unzip-6.0/debian/changelog
diff -Nru unzip-6.0/debian/patches/12-cve-2014-9636-test-compr-eb unzip-6.0/debian/patches/12-cve-2014-9636-test-compr-eb
--- unzip-6.0/debian/patches/12-cve-2014-9636-test-compr-eb	1969-12-31 19:00:00.0 -0500
+++ unzip-6.0/debian/patches/12-cve-2014-9636-test-compr-eb	2015-01-29 11:15:34.0 -0500
@@ -0,0 +1,43 @@
+From a9bfab5b52d08879bbc5e0991684b700127ddcff Mon Sep 17 00:00:00 2001
+From: mancha mancha1 AT zoho DOT com
+Date: Mon, 3 Nov 2014
+Subject: Info-ZIP UnZip buffer overflow
+
+By carefully crafting a corrupt ZIP archive with extra fields that
+purport to have compressed blocks larger than the corresponding
+uncompressed blocks in STORED no-compression mode, an attacker can
+trigger a heap overflow that can result in application crash or
+possibly have other unspecified impact.
+
+This patch ensures that when extra fields use STORED mode, the
+compressed and uncompressed block sizes match.
+
+---
+ extract.c |8 
+ 1 file changed, 8 insertions(+)
+
+Index: unzip-6.0/extract.c
+===
+--- unzip-6.0.orig/extract.c	2015-01-29 11:15:31.118569464 -0500
 unzip-6.0/extract.c	2015-01-29 11:15:31.114569431 -0500
+@@ -2230,6 +2230,7 @@
+ ulg eb_ucsize;
+ uch *eb_ucptr;
+ int r;
++ush method;
+ 
+ if (compr_offset  4)/* field is not compressed: */
+ return PK_OK;/* do nothing and signal OK */
+@@ -2246,6 +2247,12 @@
+  ((eb_ucsize  0L)  (eb_size = (compr_offset + EB_CMPRHEADLEN
+ return IZ_EF_TRUNC; /* no/bad compressed data! */
+ 
++method = makeword(eb + (EB_HEADSIZE + compr_offset));
++if ((method == STORED)  (eb_size - compr_offset != eb_ucsize))
++	return PK_ERR;			  /* compressed  uncompressed
++	   * should match in STORED
++	   * method */
++
+ if (
+ #ifdef INT_16BIT
+ (((ulg)(extent)eb_ucsize) != eb_ucsize) ||
diff -Nru unzip-6.0/debian/patches/series unzip-6.0/debian/patches/series
--- unzip-6.0/debian/patches/series	2014-12-25 07:37:44.0 -0500
+++ unzip-6.0/debian/patches/series	2015-01-29 11:25:49.0 -0500
@@ -9,4 +9,5 @@
 09-cve-2014-8139-crc-overflow
 10-cve-2014-8140-test-compr-eb
 11-cve-2014-8141-getzip64data
+12-cve-2014-9636-test-compr-eb
 20-unzip60-alt-iconv-utf8

Bug#772648: graphviz: format string vulnerability (CVE-2014-9157)

2014-12-09 Thread Marc Deslauriers 
Package: graphviz
Version: 2.38.0-6
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu vivid ubuntu-patch



*** /tmp/tmp5q_TKj/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: Format string vulnerability may allow attackers to
cause a denial of service or possibly execute code.
- debian/patches/CVE-2014-9157.patch: Fix format string vulnerability in
  lib/cgraph/scan.l yyerror() routine.
- CVE-2014-9157


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers utopic-updates
  APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 
'utopic-proposed'), (500, 'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-26-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru graphviz-2.38.0/debian/changelog graphviz-2.38.0/debian/changelog
diff -Nru graphviz-2.38.0/debian/patches/CVE-2014-9157.patch graphviz-2.38.0/debian/patches/CVE-2014-9157.patch
--- graphviz-2.38.0/debian/patches/CVE-2014-9157.patch	1969-12-31 19:00:00.0 -0500
+++ graphviz-2.38.0/debian/patches/CVE-2014-9157.patch	2014-12-09 09:09:43.0 -0500
@@ -0,0 +1,21 @@
+Subject: Fix format string vulnerability (CVE-2014-9157) in yyerror() routine
+Origin: https://github.com/ellson/graphviz/commit/99eda421f7ddc27b14e4ac1d2126e5fe41719081
+Author: Emden R. Gansner
+
+---
+ lib/cgraph/scan.l |2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: b/lib/cgraph/scan.l
+===
+--- a/lib/cgraph/scan.l
 b/lib/cgraph/scan.l
+@@ -225,7 +225,7 @@
+ 	agxbput (xb, buf);
+ 	agxbput (xb, yytext);
+ 	agxbput (xb,'\n);
+-	agerr(AGERR,agxbuse(xb));
++	agerr(AGERR, %s, agxbuse(xb));
+ 	agxbfree(xb);
+ }
+ /* must be here to see flex's macro defns */
diff -Nru graphviz-2.38.0/debian/patches/series graphviz-2.38.0/debian/patches/series
--- graphviz-2.38.0/debian/patches/series	2014-09-01 17:13:51.0 -0400
+++ graphviz-2.38.0/debian/patches/series	2014-12-09 09:09:43.0 -0500
@@ -11,3 +11,4 @@
 reduce-lab-color.patch
 add-libm-to-dot-link.patch
 versioned-plugin-config-file.diff
+CVE-2014-9157.patch

Bug#770033: partman-efi: Should force umask in mount options

2014-11-18 Thread Marc Deslauriers 
Package: partman-efi
Version: 25
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu vivid ubuntu-patch



*** /tmp/tmpryAK4b/bug_body

In Ubuntu, the attached patch was applied to achieve the following:


  * fstab.d/efi: force umask in mount options to ensure directory never
ends up with incorrect permissions. (LP: #1390183)


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers utopic-updates
  APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 
'utopic-proposed'), (500, 'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-25-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru partman-efi-25ubuntu6/debian/changelog partman-efi-25ubuntu7/debian/changelog
diff -Nru partman-efi-25ubuntu6/fstab.d/efi partman-efi-25ubuntu7/fstab.d/efi
--- partman-efi-25ubuntu6/fstab.d/efi	2010-09-03 08:40:28.0 -0400
+++ partman-efi-25ubuntu7/fstab.d/efi	2014-11-18 08:38:31.0 -0500
@@ -23,7 +23,7 @@
 		[ -f $id/method ] || continue
 		method=$(cat $id/method)
 		[ $method = efi ] || continue
-		echo $path /boot/efi vfat defaults 0 1
+		echo $path /boot/efi vfat umask=0077 0 1
 		seen_efi=1
 	done
 	close_dialog

Bug#751860: (no subject)

2014-11-10 Thread Marc Deslauriers 
I've attached a patch to the upstream bug I've filed about this issue:

https://bugzilla.gnome.org/show_bug.cgi?id=739895


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#767403: chkrootkit: incorrect PID length smashes stack

2014-10-30 Thread Marc Deslauriers 
Package: chkrootkit
Version: 0.50-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu vivid ubuntu-patch



*** /tmp/tmptrJm3i/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/fix-stack-smash.patch: Fix segfault when running
chkrootkit.

We've been carrying this patch for a long time.

Original bug report:
https://bugs.launchpad.net/ubuntu/+source/chkrootkit/+bug/623144


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers utopic-updates
  APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 
'utopic-proposed'), (500, 'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru chkrootkit-0.50/debian/changelog chkrootkit-0.50/debian/changelog
diff -Nru chkrootkit-0.50/debian/patches/fix-stack-smash.patch chkrootkit-0.50/debian/patches/fix-stack-smash.patch
--- chkrootkit-0.50/debian/patches/fix-stack-smash.patch	1969-12-31 19:00:00.0 -0500
+++ chkrootkit-0.50/debian/patches/fix-stack-smash.patch	2014-10-30 16:26:29.0 -0400
@@ -0,0 +1,12 @@
+diff -Naurp chkrootkit-0.49.orig//chkutmp.c chkrootkit-0.49//chkutmp.c
+--- chkrootkit-0.49.orig//chkutmp.c	2009-07-30 09:43:17.0 -0400
 chkrootkit-0.49//chkutmp.c	2011-03-14 09:31:05.394307962 -0400
+@@ -98,7 +98,7 @@ int fetchps(struct ps_line *psl_p)
+ 		while (isspace(*s))	/* skip spaces */
+ 		s++;
+ 		d = pid;
+-		for (x = 0; (!isspace(*s))  (*d++ = *s++)  x = UT_LINESIZE; x++)	/* grab pid */
++		for (x = 0; (!isspace(*s))  (*d++ = *s++)  x = UT_PIDSIZE; x++)	/* grab pid */
+ 		;
+ 		*d = '\0';
+ 		curp-ps_pid = atoi(pid);
diff -Nru chkrootkit-0.50/debian/patches/series chkrootkit-0.50/debian/patches/series
--- chkrootkit-0.50/debian/patches/series	2014-10-19 06:55:34.0 -0400
+++ chkrootkit-0.50/debian/patches/series	2014-10-30 16:26:29.0 -0400
@@ -15,3 +15,4 @@
 chkutmp.diff
 kfreebsd.patch
 php.patch
+fix-stack-smash.patch

Bug#717058: Cannot set nonstandard baudrates on /dev/ttyACMn devices

2014-10-29 Thread Marc Deslauriers 
Package: pyserial
Version: 2.6-1.1
Followup-For: Bug #717058
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu vivid ubuntu-patch



*** /tmp/tmpYJUV0X/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * Adding patch for accepting any speed (Debian #717058)
- http://sourceforge.net/p/pyserial/patches/28/


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers utopic-updates
  APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 
'utopic-proposed'), (500, 'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-23-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u pyserial-2.6/debian/changelog pyserial-2.6/debian/changelog
diff -u pyserial-2.6/serial/serialposix.py pyserial-2.6/serial/serialposix.py
--- pyserial-2.6/serial/serialposix.py
+++ pyserial-2.6/serial/serialposix.py
@@ -36,26 +36,25 @@
 def device(port):
 return '/dev/ttyS%d' % port
 
-ASYNC_SPD_MASK = 0x1030
-ASYNC_SPD_CUST = 0x0030
+TCGETS2 = 0x802C542A
+TCSETS2 = 0x402C542B
+BOTHER = 0o01
 
 def set_special_baudrate(port, baudrate):
+# right size is 44 on x86_64, allow for some growth
 import array
-buf = array.array('i', [0] * 32)
+buf = array.array('i', [0] * 64)
 
 # get serial_struct
-FCNTL.ioctl(port.fd, TERMIOS.TIOCGSERIAL, buf)
-
-# set custom divisor
-buf[6] = buf[7] / baudrate
-
-# update flags
-buf[4] = ~ASYNC_SPD_MASK
-buf[4] |= ASYNC_SPD_CUST
+FCNTL.ioctl(port.fd, TCGETS2, buf)
+# set custom speed
+buf[2] = ~TERMIOS.CBAUD
+buf[2] |= BOTHER
+buf[9] = buf[10] = baudrate
 
 # set serial_struct
 try:
-res = FCNTL.ioctl(port.fd, TERMIOS.TIOCSSERIAL, buf)
+res = FCNTL.ioctl(port.fd, TCSETS2, buf)
 except IOError:
 raise ValueError('Failed to set custom baud rate: %r' % baudrate)

Bug#766005: xchat only supports SSLv3

2014-10-20 Thread Marc Deslauriers 
Package: xchat
Version: 2.8.8-7.1
Followup-For: Bug #766005
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu utopic ubuntu-patch



*** /tmp/tmphZ68P2/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * Don't force the use of SSLv3 (LP: #1381484)
- debian/patches/dont_force_sslv3.patch: use SSLv23_client_method()
  so the best method gets automatically negotiated in
  src/common/ssl.c.


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers utopic-updates
  APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 
'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-23-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru xchat-2.8.8/debian/changelog xchat-2.8.8/debian/changelog
diff -Nru xchat-2.8.8/debian/patches/dont_force_sslv3.patch xchat-2.8.8/debian/patches/dont_force_sslv3.patch
--- xchat-2.8.8/debian/patches/dont_force_sslv3.patch	1969-12-31 19:00:00.0 -0500
+++ xchat-2.8.8/debian/patches/dont_force_sslv3.patch	2014-10-20 11:39:17.0 -0400
@@ -0,0 +1,32 @@
+Description: Don't force the use of SSLv3
+Author: Marc Deslauriers marc.deslauri...@canonical.com
+Bug: http://sourceforge.net/p/xchat/bugs/1598/
+Bug-Ubuntu: https://bugs.launchpad.net/xchat-gnome/+bug/1381484
+Forwarded: yes
+
+---
+ src/common/ssl.c |4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+Index: b/src/common/ssl.c
+===
+--- a/src/common/ssl.c
 b/src/common/ssl.c
+@@ -70,7 +70,7 @@ _SSL_context_init (void (*info_cb_func),
+ 
+ 	SSLeay_add_ssl_algorithms ();
+ 	SSL_load_error_strings ();
+-	ctx = SSL_CTX_new (server ? SSLv3_server_method() : SSLv3_client_method ());
++	ctx = SSL_CTX_new (server ? SSLv23_server_method() : SSLv23_client_method ());
+ 
+ 	SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
+ 	SSL_CTX_set_timeout (ctx, 300);
+@@ -281,7 +281,7 @@ _SSL_socket (SSL_CTX *ctx, int sd)
+ 		__SSL_critical_error (SSL_new);
+ 
+ 	SSL_set_fd (ssl, sd);
+-	if (ctx-method == SSLv3_client_method())
++	if (ctx-method == SSLv23_client_method())
+ 		SSL_set_connect_state (ssl);
+ 	else
+ 	SSL_set_accept_state(ssl);
diff -Nru xchat-2.8.8/debian/patches/series xchat-2.8.8/debian/patches/series
--- xchat-2.8.8/debian/patches/series	2013-12-26 16:53:42.0 -0500
+++ xchat-2.8.8/debian/patches/series	2014-10-20 10:54:19.0 -0400
@@ -34,3 +34,4 @@
 power-user-settings.patch
 fix-ftbfs-missing-gmodule.patch
 automake-foreign.patch
+dont_force_sslv3.patch

Bug#766065: xchat-gnome: Should not force the use of SSLv3

2014-10-20 Thread Marc Deslauriers 
Package: xchat-gnome
Version: 1:0.30.0~git20110821.e2a400-0.2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu utopic ubuntu-patch



*** /tmp/tmpwg2gkZ/bug_body

XChat-Gnome forces the use of SSLv3, breaking connections to sites that
have started disabling SSLv3.

In Ubuntu, the attached patch was applied to achieve the following:

  * Don't force the use of SSLv3 (LP: #1381484)
- debian/patches/dont_force_sslv3.patch: use SSLv23_client_method() so
  the best method gets automatically negotiated in src/common/ssl.c.


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers utopic-updates
  APT policy: (500, 'utopic-updates'), (500, 'utopic-security'), (500, 
'utopic'), (100, 'utopic-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-23-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/changelog xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/changelog
diff -Nru xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/dont_force_sslv3.patch xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/dont_force_sslv3.patch
--- xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/dont_force_sslv3.patch	1969-12-31 19:00:00.0 -0500
+++ xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/dont_force_sslv3.patch	2014-10-20 10:14:37.0 -0400
@@ -0,0 +1,28 @@
+Description: Don't force the use of SSLv3
+Author: Marc Deslauriers marc.deslauri...@canonical.com
+Bug: https://bugzilla.gnome.org/show_bug.cgi?id=738870
+Bug-Ubuntu: https://bugs.launchpad.net/xchat-gnome/+bug/1381484
+Forwarded: yes
+
+Index: xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/src/common/ssl.c
+===
+--- xchat-gnome-0.30.0~git20131003.d20b8d+really20110821.orig/src/common/ssl.c	2014-10-17 14:34:35.094385583 -0400
 xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/src/common/ssl.c	2014-10-17 14:34:56.390560285 -0400
+@@ -70,7 +70,7 @@
+ 
+ 	SSLeay_add_ssl_algorithms ();
+ 	SSL_load_error_strings ();
+-	ctx = SSL_CTX_new (server ? SSLv3_server_method() : SSLv3_client_method ());
++	ctx = SSL_CTX_new (server ? SSLv23_server_method() : SSLv23_client_method ());
+ 
+ 	SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
+ 	SSL_CTX_set_timeout (ctx, 300);
+@@ -281,7 +281,7 @@
+ 		__SSL_critical_error (SSL_new);
+ 
+ 	SSL_set_fd (ssl, sd);
+-	if (ctx-method == SSLv3_client_method())
++	if (ctx-method == SSLv23_client_method())
+ 		SSL_set_connect_state (ssl);
+ 	else
+ 	SSL_set_accept_state(ssl);
diff -Nru xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/series xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/series
--- xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/series	2014-08-21 10:55:22.0 -0400
+++ xchat-gnome-0.30.0~git20131003.d20b8d+really20110821/debian/patches/series	2014-10-17 14:25:16.0 -0400
@@ -25,3 +25,4 @@
 link.diff
 define_functions_fix_build.patch
 perl5.20.patch
+dont_force_sslv3.patch

Bug#746663: opensc: SmartCard-HSM card does not list RSA 2048 public keys

2014-05-02 Thread Marc Deslauriers 
Package: opensc
Version: 0.13.0-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu utopic ubuntu-patch



*** /tmp/tmpsB0qMw/bug_body

OpenSC 0.13.0 does not list RSA public keys which are of 2048 bits in size on
a SmartCard-HSM smart card.

Although the keys are listed after on-card key generation, only the private
key is listed later. This issue does not appear for keys of 1024 bits in size
on the same card.

See Ubuntu bug for steps to reproduce.

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/0003-fix-sc-hsm-rsa2048.patch:
Add upstream fix to show generated RSA public keys of 2048 bits.
Cherry-picking commit:
- 99af6cd sc-hsm: Fixed a bug that prevents a newly generated 2048 [...]
(LP: #1311921)


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers trusty-updates
  APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 
'trusty-proposed'), (500, 'trusty'), (100, 'trusty-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru opensc-0.13.0/debian/changelog opensc-0.13.0/debian/changelog
diff -Nru opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch
--- opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch	1969-12-31 19:00:00.0 -0500
+++ opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch	2014-05-02 08:37:41.0 -0400
@@ -0,0 +1,17 @@
+Description: Fix to show generated RSA2048 pubkeys in PKCS#11 interface.
+ Fixed a bug that prevents a newly generated 2048 key to show up at the
+ PKCS#11 interface
+Author: Andreas Schwier andreas.schw...@cardcontact.de
+Origin: upstream https://github.com/OpenSC/OpenSC/commit/99af6cd8ee78776f50bc016fc230541072c60afb
+
+--- opensc-0.13.0.orig/src/libopensc/pkcs15-sc-hsm.c
 opensc-0.13.0/src/libopensc/pkcs15-sc-hsm.c
+@@ -268,7 +268,7 @@ static int sc_pkcs15emu_sc_hsm_add_pubke
+ 	sc_pkcs15_pubkey_info_t pubkey_info;
+ 	sc_pkcs15_object_t pubkey_obj;
+ 	struct sc_pkcs15_pubkey pubkey;
+-	u8 efbin[512];
++	u8 efbin[1024];
+ 	sc_cvc_t cvc;
+ 	u8 *cvcpo;
+ 	size_t cvclen;
diff -Nru opensc-0.13.0/debian/patches/series opensc-0.13.0/debian/patches/series
--- opensc-0.13.0/debian/patches/series	2014-03-12 10:51:09.0 -0400
+++ opensc-0.13.0/debian/patches/series	2014-05-02 08:37:41.0 -0400
@@ -1,2 +1,3 @@
 0001-pkcs15-regression-in-e35febe-compute-cert-length.patch
 0002-fix-epass2003-support-from-upstream.patch
+0003-fix-sc-hsm-rsa2048.patch

Bug#746694: opensc: Support for Feitian ePass2003

2014-05-02 Thread Marc Deslauriers 
Package: opensc
Version: 0.13.0-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu utopic ubuntu-patch



*** /tmp/tmprA8Vep/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/0002-fix-epass2003-support-from-upstream.patch:
Add upstream fixes for ePass2003 token. Cherry-picking commits
- 4c1cafe epass2003: key generation allows stricter privkey/pubkey ACLs
- b1a4775 epass2003: properly disable padding
- 83dc469 epass2003: list_files implemented
- ee48ea1 Fix to allow exponents other than 65537 for Feitian ePass 2003
(LP: #1176305)


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers trusty-updates
  APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 
'trusty-proposed'), (500, 'trusty'), (100, 'trusty-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru opensc-0.13.0/debian/changelog opensc-0.13.0/debian/changelog
diff -Nru opensc-0.13.0/debian/patches/0002-fix-epass2003-support-from-upstream.patch opensc-0.13.0/debian/patches/0002-fix-epass2003-support-from-upstream.patch
--- opensc-0.13.0/debian/patches/0002-fix-epass2003-support-from-upstream.patch	1969-12-31 19:00:00.0 -0500
+++ opensc-0.13.0/debian/patches/0002-fix-epass2003-support-from-upstream.patch	2014-05-02 11:45:54.0 -0400
@@ -0,0 +1,120 @@
+## Description: add some description
+## Origin/Author: add some origin or author
+## Bug: bug URL
+Index: opensc-0.13.0/src/libopensc/card-epass2003.c
+===
+--- opensc-0.13.0.orig/src/libopensc/card-epass2003.c	2012-12-04 15:43:40.0 +0100
 opensc-0.13.0/src/libopensc/card-epass2003.c	2014-03-03 21:38:17.620039138 +0100
+@@ -117,8 +117,8 @@
+ 
+ 	memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH);
+ 	EVP_CIPHER_CTX_init(ctx);
+-	EVP_CIPHER_CTX_set_padding(ctx, 0);
+ 	EVP_EncryptInit_ex(ctx, cipher, NULL, key, iv_tmp);
++	EVP_CIPHER_CTX_set_padding(ctx, 0);
+ 
+ 	if (!EVP_EncryptUpdate(ctx, output, outl, input, length))
+ 		goto out;
+@@ -146,8 +146,8 @@
+ 
+ 	memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH);
+ 	EVP_CIPHER_CTX_init(ctx);
+-	EVP_CIPHER_CTX_set_padding(ctx, 0);
+ 	EVP_DecryptInit_ex(ctx, cipher, NULL, key, iv_tmp);
++	EVP_CIPHER_CTX_set_padding(ctx, 0);
+ 
+ 	if (!EVP_DecryptUpdate(ctx, output, outl, input, length))
+ 		goto out;
+@@ -1003,10 +1003,10 @@
+ 
+ 	flags = SC_ALGORITHM_ONBOARD_KEY_GEN | SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_RSA_HASH_NONE;
+ 
+-	_sc_card_add_rsa_alg(card, 512, flags, 0x10001);
+-	_sc_card_add_rsa_alg(card, 768, flags, 0x10001);
+-	_sc_card_add_rsa_alg(card, 1024, flags, 0x10001);
+-	_sc_card_add_rsa_alg(card, 2048, flags, 0x10001);
++	_sc_card_add_rsa_alg(card, 512, flags, 0);
++	_sc_card_add_rsa_alg(card, 768, flags, 0);
++	_sc_card_add_rsa_alg(card, 1024, flags, 0);
++	_sc_card_add_rsa_alg(card, 2048, flags, 0);
+ 
+ 	card-caps = SC_CARD_CAP_RNG | SC_CARD_CAP_APDU_EXT;
+ 
+@@ -1858,7 +1858,6 @@
+ 	LOG_FUNC_RETURN(card-ctx, r);
+ }
+ 
+-#if 0
+ static int
+ epass2003_list_files(struct sc_card *card, unsigned char *buf, size_t buflen)
+ {
+@@ -1867,9 +1866,9 @@
+ 	int r;
+ 
+ 	SC_FUNC_CALLED(card-ctx, SC_LOG_DEBUG_VERBOSE);
+-	sc_format_apdu(card, apdu, SC_APDU_CASE_2_SHORT, 0x34, 0x00, 0x00);
++	sc_format_apdu(card, apdu, SC_APDU_CASE_1, 0x34, 0x00, 0x00);
+ 	apdu.cla = 0x80;
+-	apdu.le = 0x40;
++	apdu.le = 0;
+ 	apdu.resplen = sizeof(rbuf);
+ 	apdu.resp = rbuf;
+ 
+@@ -1887,7 +1886,6 @@
+ 
+ 	LOG_FUNC_RETURN(card-ctx, buflen);
+ }
+-#endif
+ 
+ 
+ static int
+@@ -2376,7 +2374,7 @@
+ 	epass2003_ops.compute_signature = epass2003_decipher;
+ 	epass2003_ops.create_file = epass2003_create_file;
+ 	epass2003_ops.delete_file = epass2003_delete_file;
+-	/* epass2003_ops.list_files = epass2003_list_files; */
++	epass2003_ops.list_files = epass2003_list_files;
+ 	epass2003_ops.card_ctl = epass2003_card_ctl;
+ 	epass2003_ops.process_fci = epass2003_process_fci;
+ 	epass2003_ops.construct_fci = epass2003_construct_fci;
+Index: opensc-0.13.0/src/pkcs15init/pkcs15-epass2003.c
+===
+--- opensc-0.13.0.orig/src/pkcs15init/pkcs15-epass2003.c	2012-12-04 15:43:40.0 +0100
 opensc-0.13.0/src/pkcs15init/pkcs15-epass2003.c	2014-03-03 21:38:19.084039076 +0100
+@@ -507,6 +507,12 @@
+ 		 sc_print_path(file-path));
+ 	sc_debug(card-ctx, SC_LOG_DEBUG_NORMAL, private key_info path: %s,
+ 		 sc_print_path((key_info-path)));
++
++	r = sc_pkcs15init_authenticate(profile, p15card, file,
++   SC_AC_OP_DELETE);
++	SC_TEST_RET(card-ctx, SC_LOG_DEBUG_NORMAL, r,
++		generate key: pkcs15init_authenticate(SC_AC_OP_DELETE) failed);
++
+ 	r = sc_delete_file(p15card-card, file-path);
+ 	/* create */
+ 	r =

Bug#738024: scid: please provide a desktop file and icons

2014-04-04 Thread Marc Deslauriers 
Package: scid
Version: 1:4.3.0.cvs20120311-1
Followup-For: Bug #738024
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch



*** /tmp/tmpzrF_88/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * Added .desktop file (LP: #1277520)


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers trusty-updates
  APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 
'trusty'), (100, 'trusty-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13.0-22-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru scid-4.3.0.cvs20120311/debian/changelog scid-4.3.0.cvs20120311/debian/changelog
diff -Nru scid-4.3.0.cvs20120311/debian/scid.desktop scid-4.3.0.cvs20120311/debian/scid.desktop
--- scid-4.3.0.cvs20120311/debian/scid.desktop	1969-12-31 19:00:00.0 -0500
+++ scid-4.3.0.cvs20120311/debian/scid.desktop	2014-04-04 08:15:59.0 -0400
@@ -0,0 +1,12 @@
+[Desktop Entry]
+Version=1.0
+Type=Application
+Hidden=false
+Terminal=false
+Icon=/usr/share/pixmaps/scid.xpm
+Name=Scid
+Exec=scid %f
+Keywords=Chess;PGN;convert
+Categories=Game;BoardGame;
+MimeType=application/pgn;application/x-chess-pgn;application/x-pgn
+Comment=Free chess database application
diff -Nru scid-4.3.0.cvs20120311/debian/scid.install scid-4.3.0.cvs20120311/debian/scid.install
--- scid-4.3.0.cvs20120311/debian/scid.install	2012-03-11 19:03:27.0 -0400
+++ scid-4.3.0.cvs20120311/debian/scid.install	2014-04-04 08:04:38.0 -0400
@@ -5,3 +5,4 @@
 scid/usr/share/scid/html/* usr/share/scid/html
 debian/PLACEHOLDER  usr/share/scid/books
 debian/PLACEHOLDER  usr/share/scid/bases
+debian/scid.desktop usr/share/applications

Bug#740255: python2.7: backported ssl.match_hostname() should support RFC 6125

2014-02-27 Thread Marc Deslauriers 
Package: python2.7
Version: 2.7.6-5
Severity: normal

Python 2.7 in Debian/Ubuntu has a patch that backports ssl.match_hostname().

Upstream has modified that function in recent python versions to match
RFC 6125 as a security improvement.

This should be added to the patch in the python2.7 package.

References:
http://hg.python.org/cpython/rev/10d0edadbcdd
http://bugs.python.org/issue17997


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#732705: gnupg: Patch for CVE-2013-4576 not being applied in 1.4.15-2

2013-12-20 Thread Marc Deslauriers 
Package: gnupg
Severity: normal
Tags: security

gnupg 1.4.15-2 claims to fix CVE-2013-4576, but the patch isn't actually
being applied during build. It is in the wrong directory, and isn't
listed in the series file.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#732710: openssl: rdrand should be disabled by default

2013-12-20 Thread Marc Deslauriers 
Package: openssl
Version: 1.0.1e-4
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch



*** /tmp/tmpVmJEAg/bug_body

OpenSSL uses rdrand exclusively if it is available.

http://seclists.org/fulldisclosure/2013/Dec/99
http://wiki.openssl.org/index.php/Library_Initialization#ENGINEs_and_RDRAND

Upstream has changed this behaviour.


In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
default unless explicitly requested.


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers saucy-updates
  APT policy: (500, 'saucy-updates'), (500, 'saucy-security'), (500, 
'saucy-proposed'), (500, 'saucy'), (100, 'saucy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11.0-15-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru openssl-1.0.1e/debian/changelog openssl-1.0.1e/debian/changelog
diff -Nru openssl-1.0.1e/debian/patches/no_default_rdrand.patch openssl-1.0.1e/debian/patches/no_default_rdrand.patch
--- openssl-1.0.1e/debian/patches/no_default_rdrand.patch	1969-12-31 19:00:00.0 -0500
+++ openssl-1.0.1e/debian/patches/no_default_rdrand.patch	2013-12-19 15:39:17.0 -0500
@@ -0,0 +1,25 @@
+From 8f68678989a198ead3ab59a698302ecb0f1c8fb1 Mon Sep 17 00:00:00 2001
+From: Dr. Stephen Henson st...@openssl.org
+Date: Wed, 11 Dec 2013 14:45:12 +
+Subject: [PATCH] Don't use rdrand engine as default unless explicitly
+ requested.
+
+---
+ crypto/engine/eng_rdrand.c |1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/crypto/engine/eng_rdrand.c b/crypto/engine/eng_rdrand.c
+index a9ba5ae..4e9e91d 100644
+--- a/crypto/engine/eng_rdrand.c
 b/crypto/engine/eng_rdrand.c
+@@ -104,6 +104,7 @@ static int bind_helper(ENGINE *e)
+ 	{
+ 	if (!ENGINE_set_id(e, engine_e_rdrand_id) ||
+ 	!ENGINE_set_name(e, engine_e_rdrand_name) ||
++!ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) ||
+ 	!ENGINE_set_init_function(e, rdrand_init) ||
+ 	!ENGINE_set_RAND(e, rdrand_meth) )
+ 		return 0;
+-- 
+1.7.9.5
+
diff -Nru openssl-1.0.1e/debian/patches/series openssl-1.0.1e/debian/patches/series
--- openssl-1.0.1e/debian/patches/series	2013-12-04 12:34:19.0 -0500
+++ openssl-1.0.1e/debian/patches/series	2013-12-19 15:39:17.0 -0500
@@ -43,3 +43,4 @@
 arm64-support
 openssl-1.0.1e-env-zlib.patch -p1
 ppc64-support
+no_default_rdrand.patch

Bug#732714: ca-certificates: New version of certdata.txt distrusts AC DG Tresor SSL CA

2013-12-20 Thread Marc Deslauriers 
Package: ca-certificates
Severity: normal
Tags: security


Mozilla has released nss 3.15.3.1 that specifically distrusts
the AC DG Tresor SSL CA.

ca-certificates needs to be updated to the new certdata.txt.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#731480: hplip: CVE-2013-6427: insecure (undocumented) auto update feature

2013-12-12 Thread Marc Deslauriers 
Package: hplip
Version: 3.13.11-1
Followup-For: Bug #731480
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch



-- Package-specific info:


*** /tmp/tmp2P2w3P/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/non-shipped-files.txt, debian/hplip.install: don't ship
hp-upgrade and upgrade.py, as we want to use proper packaging, and want
to prevent security issues.
- CVE-2013-6427

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers saucy-updates
  APT policy: (500, 'saucy-updates'), (500, 'saucy-security'), (500, 
'saucy-proposed'), (500, 'saucy'), (100, 'saucy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11.0-15-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru hplip-3.13.11/debian/changelog hplip-3.13.11/debian/changelog
diff -Nru hplip-3.13.11/debian/hplip.install hplip-3.13.11/debian/hplip.install
--- hplip-3.13.11/debian/hplip.install	2013-12-09 13:56:43.0 -0500
+++ hplip-3.13.11/debian/hplip.install	2013-12-12 14:52:12.0 -0500
@@ -22,7 +22,6 @@
 usr/bin/hp-testpage
 usr/bin/hp-timedate
 usr/bin/hp-unload
-usr/bin/hp-upgrade
 usr/sbin/hpssd
 usr/lib/cups/backend
 usr/lib/cups/filter/pstotiff
diff -Nru hplip-3.13.11/debian/non-shipped-files.txt hplip-3.13.11/debian/non-shipped-files.txt
--- hplip-3.13.11/debian/non-shipped-files.txt	2013-09-12 07:03:24.0 -0400
+++ hplip-3.13.11/debian/non-shipped-files.txt	2013-12-12 14:42:27.0 -0500
@@ -1,6 +1,7 @@
 etc/sane.d/dll.conf
 usr/share/hplip/check
 usr/share/hplip/install.py
+usr/share/hplip/upgrade.py
 usr/share/doc/hplip/README_LIBJPG
 usr/share/doc/hplip/hpijs_readme.html
 usr/share/doc/hplip/gs_hpijs.png
@@ -16,4 +17,5 @@
 usr/lib/libhpip.la
 usr/lib/systemd/system/hplip-printer@.service
 usr/bin/hp-uninstall
+usr/bin/hp-upgrade
 usr/share/ppd/hplip/HP/hp-color_inkjet_cp1700-hpijs.ppd.gz

Bug#683403: ca-certificates: Missing Verisign md2 certs due to broken extract script

2013-12-05 Thread Marc Deslauriers 
Package: ca-certificates
Version: 20130906
Followup-For: Bug #683403
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch



*** /tmp/tmpG_KsCC/bug_body

Openssl doesn't appear to correctly handle not having both versions
of the same signed roots. I have decided that we need to ship both
versions to fix a long standing bug where some websites simply weren't
accessible.

In Ubuntu, the attached patch was applied to achieve the following:

  * mozilla/certdata2pem.py: Work around openssl issue by shipping both
versions of the same signed roots. Previously, the script would simply
overwrite the first one found in the certdata.txt with the later one
since they both have the same CKA_LABEL, resulting in identical
filenames. (LP: #1014640)


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers saucy-updates
  APT policy: (500, 'saucy-updates'), (500, 'saucy-security'), (500, 
'saucy-proposed'), (500, 'saucy'), (100, 'saucy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11.0-15-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru ca-certificates-20130906/debian/changelog ca-certificates-20130906ubuntu1/debian/changelog
diff -Nru ca-certificates-20130906/mozilla/certdata2pem.py ca-certificates-20130906ubuntu1/mozilla/certdata2pem.py
--- ca-certificates-20130906/mozilla/certdata2pem.py	2013-09-07 03:40:28.0 -0400
+++ ca-certificates-20130906ubuntu1/mozilla/certdata2pem.py	2013-12-05 07:38:27.0 -0500
@@ -116,12 +116,16 @@
 if obj['CKA_CLASS'] == 'CKO_CERTIFICATE':
 if not obj['CKA_LABEL'] in trust or not trust[obj['CKA_LABEL']]:
 continue
-fname = obj['CKA_LABEL'][1:-1].replace('/', '_')\
+bname = obj['CKA_LABEL'][1:-1].replace('/', '_')\
   .replace(' ', '_')\
   .replace('(', '=')\
   .replace(')', '=')\
-  .replace(',', '_') + '.crt'
-fname = fname.decode('string_escape')
+  .replace(',', '_')
+bname = bname.decode('string_escape')
+fname = bname + '.crt'
+if os.path.exists(fname):
+print Found duplicate certificate name %s, renaming. % bname
+fname = bname + '_2.crt'
 f = open(fname, 'w')
 f.write(-BEGIN CERTIFICATE-\n)
 f.write(\n.join(textwrap.wrap(base64.b64encode(obj['CKA_VALUE']), 64)))

Bug#731262: gem2deb: DH_RUBY_IGNORE_TESTS no longer handled correctly

2013-12-03 Thread Marc Deslauriers 
Package: gem2deb
Version: 0.6.0
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch



*** /tmp/tmpeovyma/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * lib/gem2deb/dh_ruby.rb: properly handle test failures so they can be
skipped with DH_RUBY_IGNORE_TESTS.


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers saucy-updates
  APT policy: (500, 'saucy-updates'), (500, 'saucy-security'), (500, 
'saucy-proposed'), (500, 'saucy'), (100, 'saucy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11.0-15-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru gem2deb-0.6.0/debian/changelog gem2deb-0.6.0ubuntu1/debian/changelog
diff -Nru gem2deb-0.6.0/lib/gem2deb/dh_ruby.rb gem2deb-0.6.0ubuntu1/lib/gem2deb/dh_ruby.rb
--- gem2deb-0.6.0/lib/gem2deb/dh_ruby.rb	2013-11-20 13:54:33.0 -0500
+++ gem2deb-0.6.0ubuntu1/lib/gem2deb/dh_ruby.rb	2013-12-03 13:07:57.0 -0500
@@ -135,9 +135,9 @@
 return
   end
 
-  run(SUPPORTED_RUBY_VERSIONS[rubyver], '-I' + LIBDIR, TEST_RUNNER)
-
-  if $?.exitstatus != 0
+  begin
+run(SUPPORTED_RUBY_VERSIONS[rubyver], '-I' + LIBDIR, TEST_RUNNER)
+  rescue Gem2Deb::CommandFailed
 handle_test_failure(rubyver)
   end
 end

Bug#726601: libcommons-fileupload-java: CVE-2013-218

2013-11-13 Thread Marc Deslauriers 
Package: libcommons-fileupload-java
Version: 1.3-2
Followup-For: Bug #726601
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch



*** /tmp/tmpA8shKI/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: arbitrary file overwrite via poison null byte
- debian/patches/CVE-2013-2186.patch: properly validate repository in
  src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java.
- CVE-2013-2186


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers saucy-updates
  APT policy: (500, 'saucy-updates'), (500, 'saucy-security'), (500, 
'saucy-proposed'), (500, 'saucy'), (100, 'saucy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11.0-13-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru libcommons-fileupload-java-1.3/debian/changelog libcommons-fileupload-java-1.3/debian/changelog
diff -Nru libcommons-fileupload-java-1.3/debian/patches/CVE-2013-2186.patch libcommons-fileupload-java-1.3/debian/patches/CVE-2013-2186.patch
--- libcommons-fileupload-java-1.3/debian/patches/CVE-2013-2186.patch	1969-12-31 19:00:00.0 -0500
+++ libcommons-fileupload-java-1.3/debian/patches/CVE-2013-2186.patch	2013-11-07 09:35:41.0 -0500
@@ -0,0 +1,37 @@
+Description: fix arbitrary file overwrite via poison null byte
+Origin: upstream, http://svn.apache.org/viewvc/commons/proper/fileupload/trunk/src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java?r1=1460343r2=1507048
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726601
+Bug-Novell: https://bugzilla.novell.com/show_bug.cgi?id=846174
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=974814
+
+Index: libcommons-fileupload-java-1.3/src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java
+===
+--- libcommons-fileupload-java-1.3.orig/src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java	2013-03-24 08:36:44.0 -0400
 libcommons-fileupload-java-1.3/src/main/java/org/apache/commons/fileupload/disk/DiskFileItem.java	2013-11-07 09:32:20.042865874 -0500
+@@ -656,6 +656,26 @@
+ // read values
+ in.defaultReadObject();
+ 
++/* One expected use of serialization is to migrate HTTP sessions
++ * containing a DiskFileItem between JVMs. Particularly if the JVMs are
++ * on different machines It is possible that the repository location is
++ * not valid so validate it.
++ */
++if (repository != null) {
++if (repository.isDirectory()) {
++// Check path for nulls
++if (repository.getPath().contains(\0)) {
++throw new IOException(format(
++The repository [%s] contains a null character,
++repository.getPath()));
++}
++} else {
++throw new IOException(format(
++The repository [%s] is not a directory,
++repository.getAbsolutePath()));
++}
++}
++
+ OutputStream output = getOutputStream();
+ if (cachedContent != null) {
+ output.write(cachedContent);
diff -Nru libcommons-fileupload-java-1.3/debian/patches/series libcommons-fileupload-java-1.3/debian/patches/series
--- libcommons-fileupload-java-1.3/debian/patches/series	2013-04-27 23:28:22.0 -0400
+++ libcommons-fileupload-java-1.3/debian/patches/series	2013-11-07 09:32:01.0 -0500
@@ -1 +1,2 @@
 001_update-tests-for-servlet3-api.patch
+CVE-2013-2186.patch

Bug#729006: closed by Emmanuel Bourg ebo...@apache.org (Bug#729006: fixed in maven-javadoc-plugin 2.9.1-2)

2013-11-08 Thread Marc Deslauriers 
Thank you Emmanuel!


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#729006: FTBFS: missing libmockito-java dependency

2013-11-07 Thread Marc Deslauriers 
Package: maven-javadoc-plugin
Version: 2.9.1-1
Severity: serious
Tags: patch
Justification: fails to build from source (but built successfully in the past)
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch



*** /tmp/tmpvJaNhd/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/control: added libmockito-java to Build-Depends-Indep to fix
FTBFS.


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers saucy-updates
  APT policy: (500, 'saucy-updates'), (500, 'saucy-security'), (500, 
'saucy-proposed'), (500, 'saucy'), (100, 'saucy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11.0-13-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru maven-javadoc-plugin-2.9.1/debian/changelog maven-javadoc-plugin-2.9.1/debian/changelog
diff -Nru maven-javadoc-plugin-2.9.1/debian/control maven-javadoc-plugin-2.9.1/debian/control
--- maven-javadoc-plugin-2.9.1/debian/control	2013-11-05 11:18:41.0 -0500
+++ maven-javadoc-plugin-2.9.1/debian/control	2013-11-07 15:27:20.0 -0500
@@ -19,7 +19,8 @@
  libmaven2-core-java,
  libmodello-maven-plugin-java (= 1.1),
  libqdox-java,
- libwagon-java
+ libwagon-java,
+ libmockito-java
 Standards-Version: 3.9.5
 Vcs-Svn: svn://anonscm.debian.org/pkg-java/trunk/maven-javadoc-plugin
 Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-java/trunk/maven-javadoc-plugin/

Bug#729006: FTBFS: missing libmockito-java dependency

2013-11-07 Thread Marc Deslauriers 
On 13-11-07 04:05 PM, Emmanuel Bourg wrote:
 The tests are ignored in maven-javadoc-plugin (maven.test.skip is set to
 true in debian/maven.properties), so adding this dependency will make no
 difference. Do you have a log of the build failure?
 

Here is the build log we were getting:

https://launchpadlibrarian.net/155916090/buildlog_ubuntu-trusty-i386.maven-javadoc-plugin_2.9.1-1_FAILEDTOBUILD.txt.gz

Missing:
--
1) org.mockito:mockito-core:jar:debian


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#722335: sudo init script should set date to epoch, not 1985-01-01

2013-09-10 Thread Marc Deslauriers 
Package: sudo
Version: 1.8.6p3-0ubuntu3
Severity: normal
Tags: security

Sudo treats filestamps set to epoch as invalid, so the init script should set 
the contents of /var/lib/sudo to epoch, and not 19850101.

ie:
find /var/lib/sudo -exec touch -d @0 '{}' \;

instead of:
find /var/lib/sudo -exec touch -t 19850101 '{}' \;

See downstream bug report:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1223297


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#721976: ca-certificates contains both server and email certificates

2013-09-06 Thread Marc Deslauriers 
Package: ca-certificates
Version: 20130610
Severity: normal

The ca-certificates package ships certificates which are trusted
for either CKA_TRUST_SERVER_AUTH or CKA_TRUST_EMAIL_PROTECTION.

Some of those CA certs are only valid for one or the other, and
bundling them together is problematic.

For example, the Verisign_Class_1_Public_Primary_Certification_Authority.pem
cert is only valid for email, but can be currently used to validate
web server certs.

I'm not quite sure how we can resolve this, besides separating
certs to be used for server validation from the certs to be used for
email validation.

See downstream bug report for more information:

https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1207004


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#721772: puppet: autopkgtest runs tests in wrong order

2013-09-03 Thread Marc Deslauriers 
Package: puppet
Version: 3.2.4-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu saucy ubuntu-patch



*** /tmp/tmpDyephT/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/tests/control: invert order of tests, or else puppet-agent runs
after puppetmaster-passenger has already enabled the service.

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers saucy-updates
  APT policy: (500, 'saucy-updates'), (500, 'saucy-security'), (500, 'saucy'), 
(100, 'saucy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.11.0-4-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru puppet-3.2.4/debian/changelog puppet-3.2.4/debian/changelog
diff -Nru puppet-3.2.4/debian/tests/control puppet-3.2.4/debian/tests/control
--- puppet-3.2.4/debian/tests/control	2013-09-01 07:42:15.0 -0400
+++ puppet-3.2.4/debian/tests/control	2013-09-03 18:51:11.0 -0400
@@ -1,7 +1,7 @@
-Tests: puppetmaster-passenger
-Depends: puppetmaster-passenger
-Restrictions: needs-root
-
 Tests: puppet-agent
 Depends: puppet
 Restrictions: needs-root
+
+Tests: puppetmaster-passenger
+Depends: puppetmaster-passenger
+Restrictions: needs-root

Bug#703251: gcstar 1.7.0

2013-08-07 Thread Marc Deslauriers 
FYI, I've just uploaded a gcstar 1.7.0 package to Ubuntu. It contains 1.7.0,
plus a couple of plugin fixes for the sites I use.

Perhaps you could base your Debian package on it.

Thanks,

Marc.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#717910: apache2: incorrect lbmethod_* module dependency

2013-07-26 Thread Marc Deslauriers 
Package: apache2
Version: 2.4.6-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu saucy ubuntu-patch



*** /tmp/tmpJJNbzc/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * Fixed module dependencies (LP: #1205314)
- debian/config-dir/mods-available/lbmethod_*: properly specify
  proxy_balancer, not mod_proxy_balancer.


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers raring-updates
  APT policy: (500, 'raring-updates'), (500, 'raring-security'), (500, 
'raring'), (100, 'raring-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8.0-26-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru apache2-2.4.6/debian/changelog apache2-2.4.6/debian/changelog
diff -Nru apache2-2.4.6/debian/config-dir/mods-available/lbmethod_bybusyness.load apache2-2.4.6/debian/config-dir/mods-available/lbmethod_bybusyness.load
--- apache2-2.4.6/debian/config-dir/mods-available/lbmethod_bybusyness.load	2013-07-21 12:47:15.0 -0400
+++ apache2-2.4.6/debian/config-dir/mods-available/lbmethod_bybusyness.load	2013-07-26 08:34:50.0 -0400
@@ -1,2 +1,2 @@
-# Depends: mod_proxy_balancer
+# Depends: proxy_balancer
 LoadModule lbmethod_bybusyness_module /usr/lib/apache2/modules/mod_lbmethod_bybusyness.so
diff -Nru apache2-2.4.6/debian/config-dir/mods-available/lbmethod_byrequests.load apache2-2.4.6/debian/config-dir/mods-available/lbmethod_byrequests.load
--- apache2-2.4.6/debian/config-dir/mods-available/lbmethod_byrequests.load	2013-07-21 12:47:15.0 -0400
+++ apache2-2.4.6/debian/config-dir/mods-available/lbmethod_byrequests.load	2013-07-26 08:34:50.0 -0400
@@ -1,2 +1,2 @@
-# Depends: mod_proxy_balancer
+# Depends: proxy_balancer
 LoadModule lbmethod_byrequests_module /usr/lib/apache2/modules/mod_lbmethod_byrequests.so
diff -Nru apache2-2.4.6/debian/config-dir/mods-available/lbmethod_bytraffic.load apache2-2.4.6/debian/config-dir/mods-available/lbmethod_bytraffic.load
--- apache2-2.4.6/debian/config-dir/mods-available/lbmethod_bytraffic.load	2013-07-21 12:47:15.0 -0400
+++ apache2-2.4.6/debian/config-dir/mods-available/lbmethod_bytraffic.load	2013-07-26 08:34:50.0 -0400
@@ -1,2 +1,2 @@
-# Depends: mod_proxy_balancer
+# Depends: proxy_balancer
 LoadModule lbmethod_bytraffic_module /usr/lib/apache2/modules/mod_lbmethod_bytraffic.so
diff -Nru apache2-2.4.6/debian/config-dir/mods-available/lbmethod_heartbeat.load apache2-2.4.6/debian/config-dir/mods-available/lbmethod_heartbeat.load
--- apache2-2.4.6/debian/config-dir/mods-available/lbmethod_heartbeat.load	2013-07-21 12:47:15.0 -0400
+++ apache2-2.4.6/debian/config-dir/mods-available/lbmethod_heartbeat.load	2013-07-26 08:34:50.0 -0400
@@ -1,2 +1,2 @@
-# Depends: mod_proxy_balancer
+# Depends: proxy_balancer
 LoadModule lbmethod_heartbeat_module /usr/lib/apache2/modules/mod_lbmethod_heartbeat.so

Bug#717272: apache2: Fix for CVE-2013-1896

2013-07-18 Thread Marc Deslauriers 
Package: apache2
Version: 2.4.4-6
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu saucy ubuntu-patch



*** /tmp/tmp5THIhe/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: denial of service via MERGE request
- debian/patches/CVE-2013-1896.patch: make sure DAV is enabled for URI
  in modules/dav/main/mod_dav.c.
- CVE-2013-1896


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers raring-updates
  APT policy: (500, 'raring-updates'), (500, 'raring-security'), (500, 
'raring'), (100, 'raring-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8.0-26-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru apache2-2.4.4/debian/patches/CVE-2013-1896.patch apache2-2.4.4/debian/patches/CVE-2013-1896.patch
--- apache2-2.4.4/debian/patches/CVE-2013-1896.patch	1969-12-31 19:00:00.0 -0500
+++ apache2-2.4.4/debian/patches/CVE-2013-1896.patch	2013-07-18 11:21:47.0 -0400
@@ -0,0 +1,32 @@
+Description: fix denial of service via MERGE request
+Origin: upstream, http://svn.apache.org/viewvc?view=revisionrevision=1486461
+
+Index: apache2-2.4.4/modules/dav/main/mod_dav.c
+===
+--- apache2-2.4.4.orig/modules/dav/main/mod_dav.c	2011-12-04 19:08:01.0 -0500
 apache2-2.4.4/modules/dav/main/mod_dav.c	2013-07-18 11:20:33.353180556 -0400
+@@ -707,6 +707,12 @@
+ 
+ conf = ap_get_module_config(r-per_dir_config, dav_module);
+ /* assert: conf-provider != NULL */
++if (conf-provider == NULL) {
++return dav_new_error(r-pool, HTTP_METHOD_NOT_ALLOWED, 0, 0,
++ apr_psprintf(r-pool,
++  DAV not enabled for %s,
++	  ap_escape_html(r-pool, r-uri)));
++}
+ 
+ /* resolve the resource */
+ err = (*conf-provider-repos-get_resource)(r, conf-dir,
+@@ -2683,11 +2689,6 @@
+   Destination URI had an error.);
+ }
+ 
+-if (dav_get_provider(lookup.rnew) == NULL) {
+-return dav_error_response(r, HTTP_METHOD_NOT_ALLOWED,
+-  DAV not enabled for Destination URI.);
+-}
+-
+ /* Resolve destination resource */
+ err = dav_get_resource(lookup.rnew, 0 /* label_allowed */,
+0 /* use_checked_in */, resnew);
diff -Nru apache2-2.4.4/debian/patches/series apache2-2.4.4/debian/patches/series
--- apache2-2.4.4/debian/patches/series	2013-07-02 09:33:25.0 -0400
+++ apache2-2.4.4/debian/patches/series	2013-07-18 11:20:09.0 -0400
@@ -20,3 +20,4 @@
 itk-rerun-configure.patch
 upstream-fixes
 allow-strtoul.patch
+CVE-2013-1896.patch

Bug#714363: libgd2: Wrong quoting in version strings

2013-06-28 Thread Marc Deslauriers 
Package: libgd2
Version: 2.1.0-1
Severity: important
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu saucy ubuntu-patch



*** /tmp/tmp_IJ9Y5/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/fix-compiled-in-version.patch: updated to properly quote
GD_EXTRA_VERSION and GD_VERSION_STRING.

Lack of quoting there is causing other packages, such as php5, to fail to
compile.

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers raring-updates
  APT policy: (500, 'raring-updates'), (500, 'raring-security'), (500, 
'raring'), (100, 'raring-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8.0-25-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru libgd2-2.1.0/debian/changelog libgd2-2.1.0/debian/changelog
diff -Nru libgd2-2.1.0/debian/patches/fix-compiled-in-version.patch libgd2-2.1.0/debian/patches/fix-compiled-in-version.patch
--- libgd2-2.1.0/debian/patches/fix-compiled-in-version.patch	2013-06-27 04:02:13.0 -0400
+++ libgd2-2.1.0/debian/patches/fix-compiled-in-version.patch	2013-06-28 08:54:20.0 -0400
@@ -1176,8 +1176,8 @@
 +#define GD_MAJOR_VERSION @GDLIB_MAJOR@
 +#define GD_MINOR_VERSION @GDLIB_MINOR@
 +#define GD_RELEASE_VERSION @GDLIB_REVISION@
-+#define GD_EXTRA_VERSION @GDLIB_EXTRA@
-+#define GD_VERSION_STRING @GDLIB_VERSION@
++#define GD_EXTRA_VERSION @GDLIB_EXTRA@
++#define GD_VERSION_STRING @GDLIB_VERSION@
 +
 +/* Do the DLL dance: dllexport when building the DLL,
 +   dllimport when importing from it, nothing when

Bug#710344: (no subject)

2013-06-05 Thread Marc Deslauriers 
Here's what I did...not sure if it's the best way to fix it though:

--- libxcb-1.8.1.orig/tests/Makefile.am
+++ libxcb-1.8.1/tests/Makefile.am
@@ -12,9 +12,6 @@
 check_PROGRAMS = check_all
 check_all_SOURCES =  check_all.c check_suites.h check_public.c

-all-local::
-   $(RM) CheckLog*.xml
-
 check-local: check-TESTS
$(RM) CheckLog.html
if test x$(HTML_CHECK_RESULT) = xtrue; then \


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#701929: quilt push leaves behind files in /tmp

2013-02-28 Thread Marc Deslauriers 
Package: quilt
Version: 0.60-7
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu raring ubuntu-patch



*** /tmp/tmprMnRKR/bug_body

The push_timeskew patch leaves behind temp files in /tmp when
quilt push is used.

In Ubuntu, the attached patch was applied to achieve the following:

  * d/p/push_timeskew: updated to properly remove temp files.


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers raring-updates
  APT policy: (500, 'raring-updates'), (500, 'raring-security'), (500, 
'raring'), (100, 'raring-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8.0-8-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru quilt-0.60/debian/changelog quilt-0.60/debian/changelog
diff -Nru quilt-0.60/debian/patches/push_timeskew quilt-0.60/debian/patches/push_timeskew
--- quilt-0.60/debian/patches/push_timeskew	2013-01-05 06:34:43.0 -0500
+++ quilt-0.60/debian/patches/push_timeskew	2013-02-28 15:22:44.0 -0500
@@ -6,11 +6,12 @@
  context information.
 Bug-Debian: http://bugs.debian.org/466360
 Upstream-status: to be submitted 
+Last-Update: 2013-02-28
 
-Index: quilt.git/quilt/push.in
+Index: quilt-0.60/quilt/push.in
 ===
 quilt.git.orig/quilt/push.in	2012-12-31 10:09:56.144582064 +0100
-+++ quilt.git/quilt/push.in	2012-12-31 11:25:52.967442800 +0100
+--- quilt-0.60.orig/quilt/push.in	2013-02-28 15:19:19.583338843 -0500
 quilt-0.60/quilt/push.in	2013-02-28 15:20:14.587340251 -0500
 @@ -30,7 +30,8 @@
  specified number of patches.  When a patch name is specified, apply
  all patches up to and including the specified patch.  Patch names may
@@ -21,7 +22,7 @@
  
  -a	Apply all patches in the series file.
  
-@@ -208,18 +209,27 @@
+@@ -208,18 +209,29 @@
  			touch $QUILT_PC/$patch~refresh
  		fi
  
@@ -43,6 +44,8 @@
 +		if [ -s $NONEMPTY_FILES ]; then
 +			xargs -0 touch -c -r $QUILT_PC/$patch/.timestamp  $NONEMPTY_FILES
 +		fi
++
++		rm -f $NONEMPTY_FILES
  
  		if ! [ -e $patch_file ]
  		then
@@ -53,10 +56,10 @@
  		then
  			printf $Patch %s appears to be empty; applied\n \
  			   $(print_patch $patch)
-Index: quilt.git/quilt/scripts/backup-files.in
+Index: quilt-0.60/quilt/scripts/backup-files.in
 ===
 quilt.git.orig/quilt/scripts/backup-files.in	2012-12-25 14:18:07.45425 +0100
-+++ quilt.git/quilt/scripts/backup-files.in	2012-12-31 11:12:25.158163110 +0100
+--- quilt-0.60.orig/quilt/scripts/backup-files.in	2013-02-28 15:19:19.583338843 -0500
 quilt-0.60/quilt/scripts/backup-files.in	2013-02-28 15:19:19.575338842 -0500
 @@ -181,8 +181,9 @@
  			done  $NONEMPTY_FILES
  		fi
@@ -68,10 +71,10 @@
  		fi
  	fi
  
-Index: quilt.git/test/push_timeskew.test
+Index: quilt-0.60/test/push_timeskew.test
 ===
 --- /dev/null	1970-01-01 00:00:00.0 +
-+++ quilt.git/test/push_timeskew.test	2012-12-31 12:01:47.978999172 +0100
 quilt-0.60/test/push_timeskew.test	2013-02-28 15:19:19.575338842 -0500
 @@ -0,0 +1,86 @@
 +This test enforces that files touched by a patch have the exact same
 +mtime when pushing and poping the patch.

Bug#700098: cfingerd: CVE-2013-1049 remote buffer overflow

2013-02-08 Thread Marc Deslauriers 
Package: cfingerd
Version: 1.4.3-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu raring ubuntu-patch



*** /tmp/tmpntc4Ea/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: fix buffer overflow in rfc1413 (ident) client
(LP: #1104425).
- CVE-2013-1049

This vulnerability to have been introduced by the following:
 * Applied IPv6 patch from Mats Erik Andersson
 mats.anders...@gisladisker.se (closes: Bug#570024)

See dowstream bug report for more information:
https://bugs.launchpad.net/ubuntu/+source/cfingerd/+bug/1104425

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers quantal-updates
  APT policy: (500, 'quantal-updates'), (500, 'quantal-security'), (500, 
'quantal-proposed'), (500, 'quantal'), (100, 'quantal-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5.0-23-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u cfingerd-1.4.3/debian/changelog cfingerd-1.4.3/debian/changelog
diff -u cfingerd-1.4.3/src/rfc1413.c cfingerd-1.4.3/src/rfc1413.c
--- cfingerd-1.4.3/src/rfc1413.c
+++ cfingerd-1.4.3/src/rfc1413.c
@@ -25,7 +25,9 @@
  * the implementation.  Completely rewritten by yours truly to be self-
  * contained in a single program.  Simple, easy to use.
  */
-#define BUFLEN	(2 * INET6_ADDRSTRLEN)
+#define UNAMELEN   64
+#define BUFLEN UNAMELEN + INET6_ADDRSTRLEN + 2
+#define INPUTLEN   256
 char *get_rfc1413_data(struct sockaddr_storage * local_addr,
 			struct sockaddr_storage * peer_addr )
 {
@@ -34,7 +36,7 @@
 struct sockaddr_storage sin;
 struct sockaddr_in *sa4 = (struct sockaddr_in *) sin;
 struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) sin;
-char buffer[1024], buf[BUFLEN], uname[64], *bleah;
+char buffer[1024], buf[INPUTLEN], uname[UNAMELEN], *bleah;
 char *cp, *xp;
 struct servent *serv;

Bug#700098: (no subject)

2013-02-08 Thread Marc Deslauriers 
severity 700098 grave


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698963: libssh: CVE-2013-0176 NULL dereference denial of service

2013-01-25 Thread Marc Deslauriers 
Package: libssh
Version: 0.5.3-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu raring ubuntu-patch



*** /tmp/tmpWGDf6_/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: denial of service via NULL dereference
- debian/patches/CVE-2013-0176.patch: properly handle client that
  doesn't send a matching key in src/server.c.
- CVE-2013-0176


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers quantal-updates
  APT policy: (500, 'quantal-updates'), (500, 'quantal-security'), (500, 
'quantal'), (100, 'quantal-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5.0-22-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru libssh-0.5.3/debian/changelog libssh-0.5.3/debian/changelog
diff -Nru libssh-0.5.3/debian/patches/CVE-2013-0176.patch libssh-0.5.3/debian/patches/CVE-2013-0176.patch
--- libssh-0.5.3/debian/patches/CVE-2013-0176.patch	1969-12-31 19:00:00.0 -0500
+++ libssh-0.5.3/debian/patches/CVE-2013-0176.patch	2013-01-25 13:37:30.0 -0500
@@ -0,0 +1,47 @@
+From 55b09f426417406bb25c0b9c474fbab1398b0dc8 Mon Sep 17 00:00:00 2001
+From: Andreas Schneider a...@cryptomilk.org
+Date: Wed, 09 Jan 2013 12:20:02 +
+Subject: CVE-2013-0176: Fix a remote DoS if the client doesn't send a matching kex.
+
+Thanks to Yong Chuan Koh, X-Force Research ko...@sg.ibm.com
+---
+diff --git a/src/server.c b/src/server.c
+index 131a2bc..b4fb189 100644
+--- a/src/server.c
 b/src/server.c
+@@ -184,7 +184,11 @@ static int dh_handshake_server(ssh_session session) {
+   prv = session-rsa_key;
+   break;
+ default:
+-  prv = NULL;
++  ssh_set_error(session,
++SSH_FATAL,
++Could determine the specified hostkey);
++  ssh_string_free(f);
++  return -1;
+   }
+ 
+   pub = publickey_from_privatekey(prv);
+@@ -270,6 +274,8 @@ static int dh_handshake_server(ssh_session session) {
+  */
+ static void ssh_server_connection_callback(ssh_session session){
+ 	int ssh1,ssh2;
++int rc;
++
+ 	enter_function();
+ 	switch(session-session_state){
+ 		case SSH_SESSION_STATE_NONE:
+@@ -338,7 +344,10 @@ static void ssh_server_connection_callback(ssh_session session){
+ 		case SSH_SESSION_STATE_KEXINIT_RECEIVED:
+ 			set_status(session,0.6f);
+ 			ssh_list_kex(session, session-client_kex); // log client kex
+-crypt_set_algorithms_server(session);
++rc = crypt_set_algorithms_server(session);
++if (rc == SSH_ERROR) {
++goto error;
++}
+ 			if (set_kex(session)  0) {
+ goto error;
+ 			}
+--
+cgit v0.9.0.2
diff -Nru libssh-0.5.3/debian/patches/series libssh-0.5.3/debian/patches/series
--- libssh-0.5.3/debian/patches/series	2012-11-21 07:53:20.0 -0500
+++ libssh-0.5.3/debian/patches/series	2013-01-25 13:37:30.0 -0500
@@ -1,2 +1,3 @@
 0001-disable-latex-documentation.patch
 0002-fix-html-doc-generation.patch
+CVE-2013-0176.patch

Bug#692791: #692791 - CVE-2012-5519 - cups lpadmin-to-root privilege escalation - Proposed solutions

2012-11-29 Thread Marc Deslauriers 
On 12-11-29 05:30 AM, Didier 'OdyX' Raboud wrote:
snip
 B) Disable any remote configuration by lpadmin users
 
 This has been attempted by Marc on [1]. For now, it is incomplete as it still
 allows lpadmin users to HTTP PUT updates to the configuration files.
 
 Pros: + Addresses the problem in a way less intrusive way (smaller patch)
 Cons: - Big loss of functionality through forbidding any lpadmin cups server
 configuration
snip
 
 So, for squeeze/stable and wheezy/next-stable, I'd be tempted to go the B)
 (to be fixed) way. Granted, we'll loose functionality, but it will put us on
 the safe-side, with updates that drop functionality without needing a painful
 configuration-files-edit upgrading path.
 

I don't believe B is a viable approach. The HTTP PUT interface is used
by cupsctl and possibly other local tools, and there's no easy way of
filtering what gets uploaded in the cupsd.conf file.

FYI, in Ubuntu, I plan on doing a less-elegant version of A, which would
be to get the new config file, but without automatically migrating any
settings, and without changing the original config file so the user
doesn't get any debconf prompts. Options that got moved to the new file
would print warnings in the logs for the admin to see. The only thing is
that the SystemGroup line will still be in the original config file
after the upgrade, but with the log file warning disabled for it.

Marc.





signature.asc
Description: OpenPGP digital signature

Bug#692791: members of lpadmin can read every file on server via cups

2012-11-29 Thread Marc Deslauriers 
Michael,

On 12-11-29 10:12 AM, Michael Sweet wrote:
 So, your alternate fix doesn't actually solve the problem as I can still
 do something like:

 PageLog /var/log/cups/../../../etc/shadow
 
 Adding a check for ../ in the path will catch that, easy fix...
 
 Also, there are a lot of other directives that can pretty trivially
 escalate to root...for example, setting ConfigFilePerm to 04777...
 
 Well, that would yield a world-writable cupsd.conf; I'll update things to 
 mask out everything but read/write bits for both ConfigFilePerm and 
 LogFilePerm.

We'll most likely be using your approach of splitting the config files
out in our stable releases, so I don't think it's worth investing time
in trying to find an alternative fix.

Thanks!

Marc.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#692791: members of lpadmin can read every file on server via cups

2012-11-28 Thread Marc Deslauriers 
On 12-11-27 11:38 PM, Michael Sweet wrote:
 After looking at this patch in detail, it doesn't actually prevent users in 
 the lpadmin group from modifying cupsd.conf and performing the specified 
 privilege escalation.
 
 An alternate fix for cups-1.5 and earlier that specifically addresses the 
 reported problem by requiring the log files to reside in CUPS_LOGDIR:
 

Thanks for taking a look at it Michael. I now see what you meant by
needing to disable HTTP PUT in cupsd.

So, your alternate fix doesn't actually solve the problem as I can still
do something like:

PageLog /var/log/cups/../../../etc/shadow

Also, there are a lot of other directives that can pretty trivially
escalate to root...for example, setting ConfigFilePerm to 04777...

I'm starting to think that migrating stable releases to the dual config
files, while pretty intrusive, is something we need to consider...

Marc.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#692791: members of lpadmin can read every file on server via cups

2012-11-27 Thread Marc Deslauriers 
FYI, as a security fix for our stable releases in Ubuntu, we plan on
disabling cupsd.conf modification in the web interface entirely.
Attached is the patch we plan on using.

Marc.
Description: fix privilege escalation by disabling config file editing via
 the web interface
Author: Marc Deslauriers marc.deslauri...@canonical.com
Forwarded: No
Bug: https://www.cups.org/str.php?L4223
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692791

Index: cups-1.6.1/doc/help/policies.html
===
--- cups-1.6.1.orig/doc/help/policies.html	2012-11-27 09:16:17.608346696 -0500
+++ cups-1.6.1/doc/help/policies.html	2012-11-27 09:16:19.768346750 -0500
@@ -19,7 +19,7 @@
 PPolicies are stored in the VARcupsd.conf/VAR file in A HREF=ref-cupsd-conf.html#PolicyTTPolicy/TT/A sections. Each policy has an alphanumeric name that is used to select it. Inside the policy section are one or more A
 HREF=ref-cupsd-conf.html#LimitIPPTTLimit/TT/A subsections which list the operations that are affected by the rules inside it. A HREF=#LISTING01Listing 1/A shows the default operation policy, appropriately called default, that is shipped with CUPS./P
 
-PThe easiest way to add a policy to the VARcupsd.conf/VAR file is to use the web interface. Click on the VARAdministration/VAR tab and then the VAREdit Configuration File/VAR button to edit the current VARcupsd.conf/VAR file. Click on the VARSave Changes/VAR button to save the changes and restart the scheduler. If you edit the VARcupsd.conf/VAR file from the console, make sure to A HREF=ref-cupsd-conf.htmlrestart the cupsd process/A before trying to use the new policy./P
+PIf you edit the VARcupsd.conf/VAR file from the console, make sure to A HREF=ref-cupsd-conf.htmlrestart the cupsd process/A before trying to use the new policy./P
 
 PRE CLASS=example
 EMListing 1: A NAME=LISTING01Default Operation Policy/A/EM
Index: cups-1.6.1/templates/admin.tmpl
===
--- cups-1.6.1.orig/templates/admin.tmpl	2012-11-27 09:16:19.740346750 -0500
+++ cups-1.6.1/templates/admin.tmpl	2012-11-27 09:16:19.772346751 -0500
@@ -28,7 +28,6 @@
 H2 CLASS=titleServer/H2
 
 P
-FORM ACTION=/admin/ METHOD=POSTINPUT TYPE=HIDDEN NAME=org.cups.sid VALUE={$org.cups.sid}INPUT TYPE=HIDDEN NAME=OP VALUE=config-serverINPUT TYPE=SUBMIT VALUE=Edit Configuration File/FORM
 FORM ACTION=/admin/log/access_log METHOD=GETINPUT TYPE=SUBMIT VALUE=View Access Log/FORM
 FORM ACTION=/admin/log/error_log METHOD=GETINPUT TYPE=SUBMIT VALUE=View Error Log/FORM
 FORM ACTION=/admin/log/page_log METHOD=GETINPUT TYPE=SUBMIT VALUE=View Page Log/FORM
Index: cups-1.6.1/cgi-bin/admin.c
===
--- cups-1.6.1.orig/cgi-bin/admin.c	2012-11-27 09:16:19.744346750 -0500
+++ cups-1.6.1/cgi-bin/admin.c	2012-11-27 09:16:34.236347121 -0500
@@ -1880,6 +1880,7 @@
 
 cgiEndHTML();
   }
+#if 0 /* Disabled to fix CVE-2012-5519 security issue */
   else if (cgiGetVariable(SAVECHANGES)  cgiGetVariable(CUPSDCONF))
   {
/*
@@ -2124,6 +2125,7 @@
 
 cgiEndHTML();
   }
+#endif
 }

Bug#692791: members of lpadmin can read every file on server via cups

2012-11-27 Thread Marc Deslauriers 
On 12-11-27 03:51 PM, Didier 'OdyX' Raboud wrote:
 Le mardi, 27 novembre 2012 15.30:46, Marc Deslauriers a écrit :
 FYI, as a security fix for our stable releases in Ubuntu, we plan on
 disabling cupsd.conf modification in the web interface entirely.
 Attached is the patch we plan on using.
 
 Hi Marc,
 
 while testing your patch I noticed it was not masking the Edit Configuration 
 File input button in all locales (found in templates/*/admin.tmpl in 1.5.3).
 
 Updated patch is attached.
 

Ah! thanks for that, I completely overlooked the localized template files.

Marc.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#692345: tiff: CVE-2012-4564

2012-11-15 Thread Marc Deslauriers 
Package: tiff
Version: 4.0.2-4
Followup-For: Bug #692345
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu raring ubuntu-patch



*** /tmp/tmpm0_BMg/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: denial of service and possible code execution via
crafted PPM image
- debian/patches/CVE-2012-4564.patch: check scanline_size in
  tools/ppm2tiff.c.
- CVE-2012-4564


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers quantal-updates
  APT policy: (500, 'quantal-updates'), (500, 'quantal-security'), (500, 
'quantal'), (100, 'quantal-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5.0-18-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru tiff-4.0.2/debian/changelog tiff-4.0.2/debian/changelog
diff -Nru tiff-4.0.2/debian/patches/CVE-2012-4564.patch tiff-4.0.2/debian/patches/CVE-2012-4564.patch
--- tiff-4.0.2/debian/patches/CVE-2012-4564.patch	1969-12-31 19:00:00.0 -0500
+++ tiff-4.0.2/debian/patches/CVE-2012-4564.patch	2012-11-15 08:56:13.0 -0500
@@ -0,0 +1,34 @@
+Description: fix denial of service and possible code execution via crafted PPM image
+Origin: upstream, ppm2tiff.c,v 1.17
+
+Index: tiff-4.0.2/tools/ppm2tiff.c
+===
+--- tiff-4.0.2.orig/tools/ppm2tiff.c	2010-04-10 15:22:34.0 -0400
 tiff-4.0.2/tools/ppm2tiff.c	2012-11-14 09:50:52.283703218 -0500
+@@ -89,6 +89,7 @@
+ 	int c;
+ 	extern int optind;
+ 	extern char* optarg;
++	tmsize_t scanline_size;
+ 
+ 	if (argc  2) {
+ 	fprintf(stderr, %s: Too few arguments\n, argv[0]);
+@@ -237,8 +238,16 @@
+ 	}
+ 	if (TIFFScanlineSize(out)  linebytes)
+ 		buf = (unsigned char *)_TIFFmalloc(linebytes);
+-	else
+-		buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
++	else {
++		scanline_size = TIFFScanlineSize(out);
++		if (scanline_size != 0)
++			buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out));
++		else {
++			fprintf(stderr, %s: scanline size overflow\n,infile);
++			(void) TIFFClose(out);
++			exit(-2);
++			}
++		}
+ 	if (resolution  0) {
+ 		TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution);
+ 		TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution);
diff -Nru tiff-4.0.2/debian/patches/series tiff-4.0.2/debian/patches/series
--- tiff-4.0.2/debian/patches/series	2012-10-05 17:07:54.0 -0400
+++ tiff-4.0.2/debian/patches/series	2012-11-15 08:56:13.0 -0500
@@ -1,3 +1,4 @@
 opengl.patch
 CVE-2012-3401.patch
 CVE-2012-4447.patch
+CVE-2012-4564.patch

Bug#684300: policykit-1-gnome: Authentication dialog window loses focus easily

2012-08-08 Thread Marc Deslauriers 
Package: policykit-1-gnome
Version: 0.105-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch



*** /tmp/tmpxkPNXr/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/08-fresh-x11-timestamps.patch: use fresh X11 timestamps
when displaying authentication dialog to circumvent focus-stealing
prevention. (LP: #946171)

This happens frequently when using metacity. See the following downstream
bug:

https://bugs.launchpad.net/ubuntu/+source/policykit-gnome/+bug/946171

and the Gnome bug:

https://bugzilla.gnome.org/show_bug.cgi?id=676076

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-29-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru policykit-1-gnome-0.105/debian/changelog policykit-1-gnome-0.105/debian/changelog
diff -Nru policykit-1-gnome-0.105/debian/patches/08-fresh-x11-timestamps.patch policykit-1-gnome-0.105/debian/patches/08-fresh-x11-timestamps.patch
--- policykit-1-gnome-0.105/debian/patches/08-fresh-x11-timestamps.patch	1969-12-31 19:00:00.0 -0500
+++ policykit-1-gnome-0.105/debian/patches/08-fresh-x11-timestamps.patch	2012-08-08 09:56:17.0 -0400
@@ -0,0 +1,28 @@
+Description: use fresh X11 timestamps when displaying authentication dialog
+ to circumvent focus-stealing prevention.
+Author: Jeffrey Knockel jeff...@gmail.com
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/policykit-gnome/+bug/946171
+Bug: https://bugzilla.gnome.org/show_bug.cgi?id=676076
+
+Index: policykit-1-gnome-0.105/src/polkitgnomeauthenticator.c
+===
+--- policykit-1-gnome-0.105.orig/src/polkitgnomeauthenticator.c	2012-07-27 00:39:09.0 -0600
 policykit-1-gnome-0.105/src/polkitgnomeauthenticator.c	2012-07-27 00:40:27.185547436 -0600
+@@ -26,6 +26,7 @@
+ #include sys/types.h
+ #include pwd.h
+ #include glib/gi18n.h
++#include gdk/gdkx.h
+ 
+ #include polkit/polkit.h
+ #include polkitagent/polkitagent.h
+@@ -307,7 +308,8 @@
+ }
+ 
+   gtk_widget_show_all (GTK_WIDGET (authenticator-dialog));
+-  gtk_window_present (GTK_WINDOW (authenticator-dialog));
++  gtk_window_present_with_time (GTK_WINDOW (authenticator-dialog),
++gdk_x11_get_server_time (gtk_widget_get_window (GTK_WIDGET (authenticator-dialog;
+   password = polkit_gnome_authentication_dialog_run_until_response_for_prompt (POLKIT_GNOME_AUTHENTICATION_DIALOG (authenticator-dialog),
+modified_request,
+echo_on,
diff -Nru policykit-1-gnome-0.105/debian/patches/series policykit-1-gnome-0.105/debian/patches/series
--- policykit-1-gnome-0.105/debian/patches/series	2012-02-10 23:21:49.0 -0500
+++ policykit-1-gnome-0.105/debian/patches/series	2012-08-08 09:18:28.0 -0400
@@ -4,3 +4,4 @@
 04-autorestart.patch
 06-authentication-failure-string.patch
 07-use-accountsservice.patch
+08-fresh-x11-timestamps.patch

Bug#683403:

2012-08-01 Thread Marc Deslauriers 
OK, I am now convinced that we don't need the md2 certs, applications
should be able to validate using the sha1 certs. I believe a bug in
libsoup/glib-networking is causing the sha1 certs to not be used.

We still should improve ca-certificates to make _sure_ that we're
shipping the sha1 certs instead of the md2 certs, as it currently ships
the sha1 certs by coincidence as they are listed later in Mozilla's
file. If they ever change the order of their file, we'll be shipping the
md2 ones by mistake.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#683403: ca-certificates: Missing Verisign md2 certs due to broken extract script

2012-07-31 Thread Marc Deslauriers 
Package: ca-certificates
Version: 20111211
Severity: normal

Verisign shipped G1 PCA Roots with md2 signatures on them. At some point,
they resigned those roots using SHA1, but requested that the original certs
keep shipping in Mozilla's cert list as they had issued intermediates with
AKIs that point to the MD2 versions.

See discussion here:
https://groups.google.com/forum/?fromgroups#!msg/mozilla.dev.security.policy/I6bUbW3WkBU/lRxqGv6vYHYJ

Now, ca-certificates uses a script called certdata2pem.py to extract the
certificates from the certdata.txt file provided by Mozilla into individual
files. Unfortunately, the script names the certificate file using the
CKA_LABEL. In two instances, the verisign md2 and sha1 certs have the same
CKA_LABEL, so the script is overwriting the first one (md2) with the second
one (sha1).

This results in the Verisign md2 certs being missing from the system ca certs.
This usually isn't a problem except in the case where a website is handing
out a complete cert chain, including the md2 root cert. When that happens,
webkit is unable to verify the md2 root cert, and the connection fails.

See reproducer in downstream bug report here:
https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1031333


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#682115: tiff: CVE-2012-3401 heap overflow in tiff2pdf

2012-07-21 Thread Marc Deslauriers 
On Sat, 2012-07-21 at 20:57 -0400, Jay Berkenbilt wrote:
 Marc Deslauriers marc.deslauri...@ubuntu.com wrote:
 
  *** /tmp/tmpgGHwFf/bug_body
  In Ubuntu, the attached patch was applied to achieve the following:
 
* SECURITY UPDATE: possible arbitrary code execution via heap overflow
  in tiff2pdf.
  - debian/patches/CVE-2012-3401.patch: properly set t2p-t2p_error in
tools/tiff2pdf.c.
  - CVE-2012-3401
 
 
  Thanks for considering the patch.
 
 I will try to get this patch in this weekend.  Thanks.  Note that
 tiff2pdf from the tiff3 package is not actually installed (it comes from
 the tiff package, which is 4.x), but I'll still apply the patch to avoid
 confusion.  I'll certainly apply the patch to the tiff package.
 

Yeah, I skipped the tiff3 package in Quantal too for the same reason.

Marc.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#682115: tiff: CVE-2012-3401 heap overflow in tiff2pdf

2012-07-19 Thread Marc Deslauriers 
Package: tiff
Version: 4.0.2-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch



*** /tmp/tmpgGHwFf/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: possible arbitrary code execution via heap overflow
in tiff2pdf.
- debian/patches/CVE-2012-3401.patch: properly set t2p-t2p_error in
  tools/tiff2pdf.c.
- CVE-2012-3401


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-27-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru tiff-4.0.2/debian/changelog tiff-4.0.2/debian/changelog
diff -Nru tiff-4.0.2/debian/patches/CVE-2012-3401.patch tiff-4.0.2/debian/patches/CVE-2012-3401.patch
--- tiff-4.0.2/debian/patches/CVE-2012-3401.patch	1969-12-31 19:00:00.0 -0500
+++ tiff-4.0.2/debian/patches/CVE-2012-3401.patch	2012-07-19 10:04:30.0 -0400
@@ -0,0 +1,16 @@
+Description: fix possible arbitrary code execution via heap overflow
+ in tiff2pdf.
+Origin: Patch thanks to Huzaifa Sidhpurwala huzai...@redhat.com
+
+Index: tiff-4.0.2/tools/tiff2pdf.c
+===
+--- tiff-4.0.2.orig/tools/tiff2pdf.c	2012-06-15 17:51:54.0 -0400
 tiff-4.0.2/tools/tiff2pdf.c	2012-07-19 10:04:27.937219982 -0400
+@@ -1066,6 +1066,7 @@
+ Can't set directory %u of input file %s, 
+ i,
+ TIFFFileName(input));
++			t2p-t2p_error = T2P_ERR_ERROR;
+ 			return;
+ 		}
+ 		if(TIFFGetField(input, TIFFTAG_PAGENUMBER, pagen, paged)){
diff -Nru tiff-4.0.2/debian/patches/series tiff-4.0.2/debian/patches/series
--- tiff-4.0.2/debian/patches/series	2012-06-24 13:45:53.0 -0400
+++ tiff-4.0.2/debian/patches/series	2012-07-19 10:04:25.0 -0400
@@ -1 +1,2 @@
 opengl.patch
+CVE-2012-3401.patch

Bug#681219: freemind: Patch to make data files open properly

2012-07-11 Thread Marc Deslauriers 
Package: freemind
Version: 0.9.0+dfsg-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch



*** /tmp/tmpVn1uqL/bug_body
In Ubuntu, the attached patch was applied so users can double click
on data files and get the application to open them properly:


  * Add file URL list parameter (%U) to .desktop file (LP: #883008)


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-27-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru freemind-0.9.0+dfsg/debian/changelog freemind-0.9.0+dfsg/debian/changelog
diff -Nru freemind-0.9.0+dfsg/debian/freemind.desktop freemind-0.9.0+dfsg/debian/freemind.desktop
--- freemind-0.9.0+dfsg/debian/freemind.desktop	2009-12-05 08:31:09.0 -0500
+++ freemind-0.9.0+dfsg/debian/freemind.desktop	2012-07-11 09:08:17.0 -0400
@@ -1,7 +1,7 @@
 [Desktop Entry]
 Version=1.0
 Name=FreeMind
-Exec=/usr/bin/freemind
+Exec=/usr/bin/freemind %U
 Terminal=false
 Icon=FreeMindWindowIcon
 Type=Application

Bug#673451: lintian: improve use of readelf

2012-05-28 Thread Marc Deslauriers 
On Sun, 2012-05-27 at 09:21 +0200, Niels Thykier wrote:
 tags 673451 + moreinfo
 thanks
 
 
 On 2012-05-18 20:50, Marc Deslauriers wrote:
  [...] 
  
  *** /tmp/tmpiekV9j/bug_body
  In Ubuntu, the attached patch was applied to achieve the following:
  
* collection/objdump-info: objdump-info switched from objdump to readelf,
  but readelf in Ubuntu doesn't seem to work properly when used with the
  -D option, possibly due to differences in default hardening. Work
  around issue by using different flags and adjusting parsing. This also
  restores version parsing.
  
  Thanks for considering the patch.
  
  [...]
 
 Hi,
 
 Thanks for the patch, unfortunately it is causing uninitialized value
 warnings in the legacy test suite[1]:

Ah! yes, sorry about that. Here's an updated patch.

Thanks,

Marc.


diff -Naur lintian-2.5.7.old/collection/objdump-info lintian-2.5.7/collection/objdump-info
--- lintian-2.5.7.old/collection/objdump-info	2012-05-13 15:20:39.0 -0400
+++ lintian-2.5.7/collection/objdump-info	2012-05-28 13:49:23.549405127 -0400
@@ -142,16 +142,20 @@
 close PIPE;
 }
 
-if (open(PIPE, '-|', readelf -W -s -D \Q$bin\E 21)) {
+if (open(PIPE, '-|', readelf -W -s \Q$bin\E 21)) {
+my $section = '';
 print {$opts{pipe_in}} DYNAMIC SYMBOL TABLE:\n;
 
 while(PIPE) {
-last if m/^Symbol table of/;
-
-if (m/^\s*(\d+)\s+\d+:\s*[0-9a-f]+\s+\d+\s+(?:(?:\S+\s+){3})(\S+)\s+(.*)\Z/) {
+if (m/^Symbol table '.dynsym'/) {
+$section = 'DS';
+} elsif (m/^Symbol table/) {
+$section = '';
+} elsif (m/^\s*(\d+):\s*[0-9a-f]+\s+\d+\s+(?:(?:\S+\s+){3})(\S+)\s+(.*)\Z/
+ and $section eq 'DS') {
 my ($symnum, $seg, $sym, $ver) = ($1, $2, $3, '');
 
-if ($sym =~ m/^(.*)@(.*)$/) {
+if ($sym =~ m/^(.*)@(.*) \(.*\)$/) {
 $sym = $1;
 $ver = $2;
 } elsif (@symbol_versions == 0) {

Bug#672492: CVE-2012-2141

2012-05-23 Thread Marc Deslauriers 
Package: net-snmp
Version: 5.4.3~dfsg-2.4
Followup-For: Bug #672492
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch



*** /tmp/tmp7KXNLG/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: denial of service via SNMP GET with non-existent
extension table entry
- debian/patches/CVE-2012-2141.patch: validate line_idx in
  agent/mibgroup/agent/extend.c.
- CVE-2012-2141


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru net-snmp-5.4.3~dfsg/debian/patches/CVE-2012-2141.patch net-snmp-5.4.3~dfsg/debian/patches/CVE-2012-2141.patch
--- net-snmp-5.4.3~dfsg/debian/patches/CVE-2012-2141.patch	1969-12-31 19:00:00.0 -0500
+++ net-snmp-5.4.3~dfsg/debian/patches/CVE-2012-2141.patch	2012-05-22 16:33:46.0 -0400
@@ -0,0 +1,31 @@
+Description: fix denial of service via SNMP GET with non-existent
+ extension table entry
+Bug: http://sourceforge.net/tracker/index.php?func=detailaid=3526549group_id=12694atid=112694
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672492
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=815813
+Origin: upstream, http://net-snmp.git.sourceforge.net/git/gitweb.cgi?p=net-snmp/net-snmp;a=commit;h=4c5633f1603e4bd03ed05c37d782ec8911759c47
+
+Index: net-snmp-5.4.3~dfsg/agent/mibgroup/agent/extend.c
+===
+--- net-snmp-5.4.3~dfsg.orig/agent/mibgroup/agent/extend.c	2009-04-22 19:49:21.0 -0400
 net-snmp-5.4.3~dfsg/agent/mibgroup/agent/extend.c	2012-05-22 16:30:35.596256644 -0400
+@@ -1124,7 +1124,7 @@
+  * ...and check the line requested is valid
+  */
+ line_idx = *table_info-indexes-next_variable-val.integer;
+-if (eptr-numlines  line_idx)
++if (line_idx  1 || line_idx  eptr-numlines)
+ return NULL;
+ }
+ return eptr;
+@@ -1297,6 +1297,10 @@
+  * Determine which line we've been asked for
+  */
+ line_idx = *table_info-indexes-next_variable-val.integer;
++if (line_idx  1 || line_idx  extension-numlines) {
++netsnmp_set_request_error(reqinfo, request, SNMP_NOSUCHINSTANCE);
++continue;
++}
+ cp  = extension-lines[line_idx-1];
+ 
+ /* 
diff -Nru net-snmp-5.4.3~dfsg/debian/patches/series net-snmp-5.4.3~dfsg/debian/patches/series
--- net-snmp-5.4.3~dfsg/debian/patches/series	2012-01-05 02:29:32.0 -0500
+++ net-snmp-5.4.3~dfsg/debian/patches/series	2012-05-22 16:30:12.0 -0400
@@ -15,3 +15,4 @@
 63_fix_shell.patch
 64_missing_lib.patch
 ubuntu-fix-lp-587828.patch
+CVE-2012-2141.patch

Bug#673449: lintian: fix Ubuntu compatibility in binaries-hardening test

2012-05-18 Thread Marc Deslauriers 
Package: lintian
Version: 2.5.7
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch



*** /tmp/tmphAWAWQ/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * t/tests/binaries-hardening/debian/Makefile: stack protector and relro
are enabled by default in Ubuntu. Make sure we specifically disable
them to properly test lintian.

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru lintian-2.5.7/t/tests/binaries-hardening/debian/Makefile lintian-2.5.7ubuntu1/t/tests/binaries-hardening/debian/Makefile
--- lintian-2.5.7/t/tests/binaries-hardening/debian/Makefile	2012-05-12 17:04:48.0 -0400
+++ lintian-2.5.7ubuntu1/t/tests/binaries-hardening/debian/Makefile	2012-05-18 14:01:58.0 -0400
@@ -1,6 +1,10 @@
 all: weak.1 strong.1
 	# Build without dpkg-buildflags.
-	gcc -o weak hello.c
+	gcc -o weak \
+		-fno-stack-protector \
+		-Wl,-z,norelro \
+		-U_FORTIFY_SOURCE \
+		hello.c
 	gcc -o strong \
 		$(shell dpkg-buildflags --get CPPFLAGS) \
 		$(shell dpkg-buildflags --get CFLAGS) \

Bug#673451: lintian: improve use of readelf

2012-05-18 Thread Marc Deslauriers 
Package: lintian
Version: 2.5.7
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu quantal ubuntu-patch



*** /tmp/tmpiekV9j/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * collection/objdump-info: objdump-info switched from objdump to readelf,
but readelf in Ubuntu doesn't seem to work properly when used with the
-D option, possibly due to differences in default hardening. Work
around issue by using different flags and adjusting parsing. This also
restores version parsing.

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru lintian-2.5.7/collection/objdump-info lintian-2.5.7ubuntu1/collection/objdump-info
--- lintian-2.5.7/collection/objdump-info	2012-05-13 15:20:39.0 -0400
+++ lintian-2.5.7ubuntu1/collection/objdump-info	2012-05-18 11:32:30.0 -0400
@@ -142,16 +142,16 @@
 close PIPE;
 }
 
-if (open(PIPE, '-|', readelf -W -s -D \Q$bin\E 21)) {
+if (open(PIPE, '-|', readelf -W -s \Q$bin\E 21)) {
 print {$opts{pipe_in}} DYNAMIC SYMBOL TABLE:\n;
 
 while(PIPE) {
 last if m/^Symbol table of/;
 
-if (m/^\s*(\d+)\s+\d+:\s*[0-9a-f]+\s+\d+\s+(?:(?:\S+\s+){3})(\S+)\s+(.*)\Z/) {
+if (m/^\s*(\d+):\s*[0-9a-f]+\s+\d+\s+(?:(?:\S+\s+){3})(\S+)\s+(.*)\Z/) {
 my ($symnum, $seg, $sym, $ver) = ($1, $2, $3, '');
 
-if ($sym =~ m/^(.*)@(.*)$/) {
+if ($sym =~ m/^(.*)@(.*) \(.*\)$/) {
 $sym = $1;
 $ver = $2;
 } elsif (@symbol_versions == 0) {

Bug#664990: libzip1: CVE-2012-1162 CVE-2012-1163 Incorrect loop construct and numeric overflow

2012-03-28 Thread Marc Deslauriers 
Package: libzip
Version: 0.10-1
Followup-For: Bug #664990
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpvDE7OS/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: arbitrary code execution or information leak via
heap overflow and numeric overflow.
- debian/patches/CVE-2012-116x.patch: fix overflow and loop in
  lib/zip_open.c.
- CVE-2012-1162
- CVE-2012-1163


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-20-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru libzip-0.10/debian/changelog libzip-0.10/debian/changelog
diff -Nru libzip-0.10/debian/patches/CVE-2012-116x.patch libzip-0.10/debian/patches/CVE-2012-116x.patch
--- libzip-0.10/debian/patches/CVE-2012-116x.patch	1969-12-31 19:00:00.0 -0500
+++ libzip-0.10/debian/patches/CVE-2012-116x.patch	2012-03-28 15:09:02.0 -0400
@@ -0,0 +1,35 @@
+Description: fix arbitrary code execution or information leak via
+ heap overflow and numeric overflow
+Origin: upstream, http://hg.nih.at/libzip?cs=cb69d6146a09
+
+Index: libzip-0.10/lib/zip_open.c
+===
+--- libzip-0.10.orig/lib/zip_open.c	2011-03-16 07:18:44.0 -0400
 libzip-0.10/lib/zip_open.c	2012-03-28 15:04:52.785990360 -0400
+@@ -200,7 +200,7 @@
+ cd-comment = NULL;
+ cd-comment_len = _zip_read2(cdp);
+ 
+-if (cd-offset+cd-size  buf_offset + (eocd-buf)) {
++if (((zip_uint64_t)cd-offset)+cd-size  buf_offset + (eocd-buf)) {
+ 	/* cdir spans past EOCD record */
+ 	_zip_error_set(error, ZIP_ER_INCONS, 0);
+ 	cd-nentry = 0;
+@@ -257,7 +257,7 @@
+ 
+ left = cd-size;
+ i=0;
+-do {
++while (icd-nentry  left  0) {
+ 	if ((_zip_dirent_read(cd-entry+i, fp, bufp, left, 0, error))  0) {
+ 	cd-nentry = i;
+ 	_zip_cdir_free(cd);
+@@ -274,7 +274,7 @@
+ 		return NULL;
+ 	}
+ 	}
+-} while (icd-nentry  left  0);
++}
+ 
+ cd-nentry = i;
+ 
diff -Nru libzip-0.10/debian/patches/series libzip-0.10/debian/patches/series
--- libzip-0.10/debian/patches/series	2011-05-01 10:50:49.0 -0400
+++ libzip-0.10/debian/patches/series	2012-03-28 15:03:20.0 -0400
@@ -1,2 +1,3 @@
 fix_open_nonarchive_test.patch
 fix_zipconf_path.patch
+CVE-2012-116x.patch

Bug#661849: virtinst: Fix path to qemu-dm

2012-03-01 Thread Marc Deslauriers 
Package: virtinst
Version: 0.600.1-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpzeykEL/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/0004-Fix-path-to-qemu-dm.patch: fix the path to the
qemu-dm binary. (LP: #936048)


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-17-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru virtinst-0.600.1/debian/changelog virtinst-0.600.1/debian/changelog
diff -Nru virtinst-0.600.1/debian/patches/0004-Fix-path-to-qemu-dm.patch virtinst-0.600.1/debian/patches/0004-Fix-path-to-qemu-dm.patch
--- virtinst-0.600.1/debian/patches/0004-Fix-path-to-qemu-dm.patch	1969-12-31 19:00:00.0 -0500
+++ virtinst-0.600.1/debian/patches/0004-Fix-path-to-qemu-dm.patch	2012-02-24 15:52:46.0 -0500
@@ -0,0 +1,20 @@
+Description: fix path to the qemu-dm binary
+Author: Marc Deslauriers marc.deslauri...@canonical.com
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/virtinst/+bug/936048
+
+Index: virtinst-0.600.1/virtinst/Guest.py
+===
+--- virtinst-0.600.1.orig/virtinst/Guest.py	2012-01-24 19:00:05.0 -0500
 virtinst-0.600.1/virtinst/Guest.py	2012-02-24 15:50:59.958518345 -0500
+@@ -886,10 +886,7 @@
+ if (not self.emulator and
+ self.installer.is_hvm() and
+ self.type == xen):
+-if self._get_caps().host.arch in (x86_64):
+-emulator = /usr/lib64/xen/bin/qemu-dm
+-else:
+-emulator = /usr/lib/xen/bin/qemu-dm
++emulator = /usr/lib/xen-default/bin/qemu-dm
+ 
+ emu_xml = 
+ if emulator is not None:
diff -Nru virtinst-0.600.1/debian/patches/series virtinst-0.600.1/debian/patches/series
--- virtinst-0.600.1/debian/patches/series	2012-02-11 11:42:58.0 -0500
+++ virtinst-0.600.1/debian/patches/series	2012-02-24 15:49:15.0 -0500
@@ -4,3 +4,4 @@
 9003-fix-path-to-hvmloader-in-testsuite.patch
 9004_ubuntu_fix_tree_support.patch
 9005_ubuntu_precise.patch
+0004-Fix-path-to-qemu-dm.patch

Bug#659983: dhcpcd: Fix for CVE-2011-0996

2012-02-15 Thread Marc Deslauriers 
Package: dhcpcd
Version: 1:3.2.3-9
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpYPCJL7/bug_body
In Ubuntu, the attached patch was applied to achieve the following:


* SECURITY UPDATE: dhcpcd before 5.2.12 allows remote attackers to
  execute arbitrary commands via shell metacharacters in a hostname
  obtained from a DHCP message. (LP: #931036)
  - 
https://build.opensuse.org/package/view_file?file=dhcpcd-3.2.3-option-checks.diffpackage=dhcpcdproject=network%3Adhcprev=52442e5c1d803d7c1818a920a0bae7f1
  - above linked patch(without the additional support for NETBIOS type
messages) has been added.
  - CVE-2011-0996


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-15-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u dhcpcd-3.2.3/dhcpcd.c dhcpcd-3.2.3/dhcpcd.c
--- dhcpcd-3.2.3/dhcpcd.c
+++ dhcpcd-3.2.3/dhcpcd.c
@@ -180,8 +180,10 @@
 	options-timeout = DEFAULT_TIMEOUT;
 	snprintf(options-pidfile, sizeof (options-pidfile), none);
 
-	gethostname (options-hostname, sizeof (options-hostname));
-	if (strcmp (options-hostname, (none)) == 0 ||
+	memset (options-hostname, 0, sizeof (options-hostname));
+	gethostname (options-hostname, sizeof (options-hostname) - 1);
+	options-hostname[sizeof (options-hostname) - 1] = '\0';
+	if (check_domain_name(options-hostname, strlen(options-hostname), 0) != 0 ||
 	strcmp (options-hostname, localhost) == 0)
 		memset (options-hostname, 0, sizeof (options-hostname));
 
@@ -230,6 +232,9 @@
 		`%s' too long for HostName string, max is %d,
 		optarg, MAXHOSTNAMELEN);
 	goto abort;
+} else if(check_domain_name(optarg, strlen(optarg), 0) != 0) {
+	logger (LOG_ERR, suspect string in hostname argument);
+	goto abort;
 } else
 	strlcpy (options-hostname, optarg,
 		 sizeof (options-hostname));
diff -u dhcpcd-3.2.3/dhcp.c dhcpcd-3.2.3/dhcp.c
--- dhcpcd-3.2.3/dhcp.c
+++ dhcpcd-3.2.3/dhcp.c
@@ -41,6 +41,8 @@
 #include stdint.h
 #include stdlib.h
 #include string.h
+#include stddef.h
+#include ctype.h
 
 #include config.h
 
@@ -627,6 +629,98 @@
 	return (head);
 }
 
+int check_domain_name(const char *ptr, size_t len, int dots)
+{
+	const char *p;
+
+	/* not empty or complete length not over 255 characters   */
+	if (len == 0 || len = 256)
+		return -1;
+	
+	/* consists of [[:alnum:]-]+ labels separated by [.]  */
+	/* a [_] is against RFC but seems to be widely used...  */
+	for (p=ptr; *p  len--  0; p++) {
+		if ( *p == '-' || *p == '_') {
+			/* not allowed at begin or end of a label */
+			if ((p - ptr) == 0 || len == 0 || p[1] == '.')
+return -1;
+		} else
+		if ( *p == '.') {
+			/* each label has to be 1-63 characters;
+			   we allow [.] at the end ('foo.bar.')   */
+			ptrdiff_t d = p - ptr;
+			if( d = 0 || d = 64)
+return -1;
+			ptr = p + 1; /* jump to the next label*/
+			if(dots  0  len  0)
+dots--;
+			} else
+			if ( !isalnum((unsigned char)*p)) {
+/* also numbers at the begin are fine */
+return -1;
+			}
+	}
+	return dots ? -1 : 0;
+}
+
+int check_domain_name_list(const char *ptr, size_t len, int dots)
+{
+	const char *p;
+	int ret = -1; /* at least one needed */
+
+	if (!ptr || !len)
+		return -1;
+	
+	for (p=ptr; *p  len  0; p++, len--) {
+		if (*p != ' ')
+			continue;
+		if (p  ptr) {
+			if (check_domain_name(ptr, p - ptr, dots) != 0)
+return -1;
+			ret = 0;
+		}
+		ptr = p + 1;
+	}
+	if (p  ptr)
+		return check_domain_name(ptr, p - ptr, dots);
+	else
+		return ret;
+}
+
+int check_dhcp_option(unsigned char option, const char *ptr, size_t len)
+{
+	if( !ptr)
+		return -1;
+	
+	switch (option) {
+		case DHCP_HOSTNAME:
+		case DHCP_NISDOMAIN:
+		case DHCP_SIPSERVER:
+		case DHCP_DNSDOMAIN: /* accept a list for compatibiliy */
+		case DHCP_DNSSEARCH:
+			return check_domain_name_list(ptr, len, 0);
+		break;
+		case DHCP_ROOTPATH:
+			if( len == 0)
+return -1;
+			for (; *ptr  len--  0; ptr++) {
+if( !(isalnum((unsigned char)*ptr) ||
+	*ptr == '#'  || *ptr == '%' ||
+	*ptr == '+'  || *ptr == '-' ||
+	*ptr == '_'  || *ptr == ':' ||
+	*ptr == '.'  || *ptr == ',' ||
+	*ptr == '@'  || *ptr == '~' ||
+	*ptr == '\\' || *ptr == '/' ||
+	*ptr == '['  || *ptr == ']' ||
+	*ptr == '='  || *ptr == ' '))
+	return -1;
+			}
+			return 0;
+		break;
+		}
+		return 0;
+}
+
 static struct route_head *decode_routers (const unsigned char *data, int length)
 {
 	int i;
@@ -674,8 +768,16 @@
 	dhcp-leasedfrom = tv.tv_sec;
 	dhcp-frominfo = false;
 	dhcp-address.s_addr = message-yiaddr;
-	strlcpy (dhcp-servername, (char *) message-servername,
-		 sizeof

Bug#659748: tomcat6: regression fix for CVE-2012-0022

2012-02-13 Thread Marc Deslauriers 
Package: tomcat6
Version: 6.0.35-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpQZSwrL/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/0011-CVE-2012-0022-regression-fix.patch: fix regression
from the CVE-2012-0022 security fix that went into 6.0.35.


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-15-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru tomcat6-6.0.35/debian/changelog tomcat6-6.0.35/debian/changelog
diff -Nru tomcat6-6.0.35/debian/patches/0011-CVE-2012-0022-regression-fix.patch tomcat6-6.0.35/debian/patches/0011-CVE-2012-0022-regression-fix.patch
--- tomcat6-6.0.35/debian/patches/0011-CVE-2012-0022-regression-fix.patch	1969-12-31 19:00:00.0 -0500
+++ tomcat6-6.0.35/debian/patches/0011-CVE-2012-0022-regression-fix.patch	2012-02-13 09:04:42.0 -0500
@@ -0,0 +1,83 @@
+Description: fix regression from the CVE-2012-0022 security fix that
+ went into 6.0.35.
+Origin: upstream, http://svn.apache.org/viewvc?view=revisionrevision=1229027
+Bug: https://issues.apache.org/bugzilla/show_bug.cgi?id=52384
+
+Index: tomcat6-6.0.35/java/org/apache/tomcat/util/http/LocalStrings.properties
+===
+--- tomcat6-6.0.35.orig/java/org/apache/tomcat/util/http/LocalStrings.properties	2011-11-12 03:36:55.0 -0500
 tomcat6-6.0.35/java/org/apache/tomcat/util/http/LocalStrings.properties	2012-02-13 09:03:10.865891860 -0500
+@@ -17,6 +17,7 @@
+ parameters.copyFail=Failed to create copy of original parameter values for debug logging purposes
+ parameters.decodeFail.debug=Character decoding failed. Parameter [{0}] with value [{1}] has been ignored.
+ parameters.decodeFail.info=Character decoding failed. Parameter [{0}] with value [{1}] has been ignored. Note that the name and value quoted here may be corrupted due to the failed decoding. Use debug level logging to see the original, non-corrupted values.
++parameters.emptyChunk=Empty parameter chunk ignored
+ parameters.invalidChunk=Invalid chunk starting at byte [{0}] and ending at byte [{1}] with a value of [{2}] ignored
+ parameters.maxCountFail=More than the maximum number of request parameters (GET plus POST) for a single request ([{0}]) were detected. Any parameters beyond this limit have been ignored. To change this limit, set the maxParameterCount attribute on the Connector.
+ parameters.multipleDecodingFail=Character decoding failed. A total of [{0}] failures were detected but only the first was logged. Enable debug level logging for this logger to log all failures.
+Index: tomcat6-6.0.35/java/org/apache/tomcat/util/http/Parameters.java
+===
+--- tomcat6-6.0.35.orig/java/org/apache/tomcat/util/http/Parameters.java	2011-11-25 16:11:35.0 -0500
 tomcat6-6.0.35/java/org/apache/tomcat/util/http/Parameters.java	2012-02-13 09:03:10.889891861 -0500
+@@ -314,6 +314,15 @@
+ }
+ 
+ if (nameEnd = nameStart ) {
++if (valueStart == -1) {
++// 
++if (log.isDebugEnabled()) {
++log.debug(sm.getString(parameters.emptyChunk));
++}
++// Do not flag as error
++continue;
++}
++// =foo
+ if (log.isInfoEnabled()) {
+ if (valueEnd = nameStart  log.isDebugEnabled()) {
+ String extract = null;
+@@ -341,7 +350,11 @@
+ }
+ 
+ tmpName.setBytes(bytes, nameStart, nameEnd - nameStart);
+-tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
++if (valueStart = 0) {
++tmpValue.setBytes(bytes, valueStart, valueEnd - valueStart);
++} else {
++tmpValue.setBytes(bytes, 0, 0);
++}
+ 
+ // Take copies as if anything goes wrong originals will be
+ // corrupted. This means original values can be logged.
+@@ -349,7 +362,11 @@
+ if (log.isDebugEnabled()) {
+ try {
+ origName.append(bytes, nameStart, nameEnd - nameStart);
+-origValue.append(bytes, valueStart, valueEnd - valueStart);
++if (valueStart = 0) {
++origValue.append(bytes, valueStart, valueEnd - valueStart);
++} else {
++origValue.append(bytes, 0, 0);
++}
+

Bug#659035: mumble: Fix certificate validation with QT 4.8.0

2012-02-07 Thread Marc Deslauriers 
Package: mumble
Version: 1.2.3-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmp4vG35i/bug_body
In Ubuntu, the attached patch was applied to achieve the following:

When compiling with QT 4.8, mumble can no longer validate server
certificates. This patch works around the issue.

  * debian/patches/0003-fix-cert-validation.patch: Fix certificate
validation with QT 4.8. For some reason, the new on-demand root cert
loading is not working with mumble. (LP: #928296)

Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-12-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru mumble-1.2.3/debian/changelog mumble-1.2.3/debian/changelog
diff -Nru mumble-1.2.3/debian/patches/0003-fix-cert-validation.patch mumble-1.2.3/debian/patches/0003-fix-cert-validation.patch
--- mumble-1.2.3/debian/patches/0003-fix-cert-validation.patch	1969-12-31 19:00:00.0 -0500
+++ mumble-1.2.3/debian/patches/0003-fix-cert-validation.patch	2012-02-07 10:24:56.0 -0500
@@ -0,0 +1,21 @@
+Description: Fix certificate validation with QT 4.8. For some reason, the
+ new on-demand root cert loading is not working with mumble.
+Author: Marc Deslauriers marc.deslauri...@canonical.com
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/mumble/+bug/928296
+
+Index: mumble-1.2.3/src/SSL.cpp
+===
+--- mumble-1.2.3.orig/src/SSL.cpp	2012-02-07 09:53:41.766241152 -0500
 mumble-1.2.3/src/SSL.cpp	2012-02-07 10:18:37.902226883 -0500
+@@ -252,6 +252,11 @@
+ 	QSslSocket::setDefaultCaCertificates(ql);
+ #endif // NO_SYSTEM_CA_OVERRIDE
+ 
++#if QT_VERSION = 0x040800
++// Don't perform on-demand loading of root certificates
++QSslSocket::setDefaultCaCertificates(QSslSocket::systemCaCertificates());
++#endif
++
+ 	for (unsigned int i=0;isizeof(recommended_cas)/sizeof(recommended_cas[0]);++i) {
+ 		QSslCertificate cert(recommended_cas[i]);
+ 		if (! QSslSocket::defaultCaCertificates().contains(cert)) {

Bug#659039: mumble: Mumble database is world-readable

2012-02-07 Thread Marc Deslauriers 
Package: mumble
Version: 1.2.3-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpbbtG6M/bug_body
By default, Mumble creates it's config file and database with
world-readable permissions. The database may contain passwords.

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/0004-set-file-permissions.patch: Set restrictive
permissions on data files. (LP: #783405)


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers precise-updates
  APT policy: (500, 'precise-updates'), (500, 'precise-security'), (500, 
'precise-proposed'), (500, 'precise')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-12-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru mumble-1.2.3/debian/changelog mumble-1.2.3/debian/changelog
diff -Nru mumble-1.2.3/debian/patches/0004-set-file-permissions.patch mumble-1.2.3/debian/patches/0004-set-file-permissions.patch
--- mumble-1.2.3/debian/patches/0004-set-file-permissions.patch	1969-12-31 19:00:00.0 -0500
+++ mumble-1.2.3/debian/patches/0004-set-file-permissions.patch	2012-02-07 10:24:47.0 -0500
@@ -0,0 +1,42 @@
+Description: Set restrictive permissions on data files.
+Origin: upstream, https://github.com/mumble-voip/mumble/commit/5632c35d6759f5e13a7dfe78e4ee6403ff6a8e3e
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/mumble/+bug/783405
+
+Index: mumble-1.2.3/src/mumble/Database.cpp
+===
+--- mumble-1.2.3.orig/src/mumble/Database.cpp	2011-02-19 16:35:16.0 -0500
 mumble-1.2.3/src/mumble/Database.cpp	2012-02-07 10:21:02.398225505 -0500
+@@ -92,6 +92,11 @@
+ 		qWarning(Database: Database is read-only);
+ 	}
+ 
++	{
++		QFile f(db.databaseName());
++		f.setPermissions(f.permissions()  ~(QFile::ReadGroup | QFile::WriteGroup | QFile::ExeGroup | QFile::ReadOther | QFile::WriteOther | QFile::ExeOther));
++	}
++
+ 	QSqlQuery query;
+ 
+ 	query.exec(QLatin1String(CREATE TABLE IF NOT EXISTS `servers` (`id` INTEGER PRIMARY KEY AUTOINCREMENT, `name` TEXT, `hostname` TEXT, `port` INTEGER DEFAULT 64738, `username` TEXT, `password` TEXT)));
+Index: mumble-1.2.3/src/mumble/Settings.cpp
+===
+--- mumble-1.2.3.orig/src/mumble/Settings.cpp	2011-02-19 16:35:17.0 -0500
 mumble-1.2.3/src/mumble/Settings.cpp	2012-02-07 10:21:02.398225505 -0500
+@@ -698,6 +698,17 @@
+ void OverlaySettings::save(QSettings* settings_ptr) {
+ 	OverlaySettings def;
+ 
++	settings_ptr-setValue(QLatin1String(version), QLatin1String(MUMTEXT(MUMBLE_VERSION_STRING)));
++	settings_ptr-sync();
++
++#if defined(Q_OS_WIN) || defined(Q_OS_MAC)
++	if (settings_ptr-format() == QSettings::IniFormat)
++#endif
++{
++   QFile f(settings_ptr-fileName());
++   f.setPermissions(f.permissions()  ~(QFile::ReadGroup | QFile::WriteGroup | QFile::ExeGroup | QFile::ReadOther | QFile::WriteOther | QFile::ExeOther));
++}
++
+ 	SAVELOAD(bEnable, enable);
+ 
+ 	SAVELOAD(osShow, show);

Bug#657445:

2012-01-26 Thread Marc Deslauriers 
Looks like this:

http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth-options.c.diff?r1=1.53;r2=1.54




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#652649: jasper: Fix for CVE-2011-4516 and CVE-2011-4517

2011-12-19 Thread Marc Deslauriers 
Package: jasper
Version: 1.900.1-12
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpCx1dv3
In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: denial of service and possible code execution via
heap-based buffer overflows.
- debian/patches/03-CVE-2011-451x.patch: validate compparms-numrlvls
  and allocate proper size in src/libjasper/jpc/jpc_cs.c.
- CVE-2011-4516
- CVE-2011-4517


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-15-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru jasper-1.900.1/debian/changelog jasper-1.900.1/debian/changelog
diff -Nru jasper-1.900.1/debian/patches/03-CVE-2011-451x.patch jasper-1.900.1/debian/patches/03-CVE-2011-451x.patch
--- jasper-1.900.1/debian/patches/03-CVE-2011-451x.patch	1969-12-31 19:00:00.0 -0500
+++ jasper-1.900.1/debian/patches/03-CVE-2011-451x.patch	2011-12-19 09:39:44.0 -0500
@@ -0,0 +1,28 @@
+Description: fix denial of service and possible code execution via
+ heap-based buffer overflows.
+Origin: Patch thanks to Red Hat
+
+Index: jasper-1.900.1/src/libjasper/jpc/jpc_cs.c
+===
+--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c	2011-12-19 09:35:34.186909298 -0500
 jasper-1.900.1/src/libjasper/jpc/jpc_cs.c	2011-12-19 09:35:51.198909832 -0500
+@@ -744,6 +744,10 @@
+ 		return -1;
+ 	}
+ 	compparms-numrlvls = compparms-numdlvls + 1;
++	if (compparms-numrlvls  JPC_MAXRLVLS) {
++		jpc_cox_destroycompparms(compparms);
++		return -1;
++	}
+ 	if (prtflag) {
+ 		for (i = 0; i  compparms-numrlvls; ++i) {
+ 			if (jpc_getuint8(in, tmp)) {
+@@ -1331,7 +1335,7 @@
+ 	jpc_crgcomp_t *comp;
+ 	uint_fast16_t compno;
+ 	crg-numcomps = cstate-numcomps;
+-	if (!(crg-comps = jas_alloc2(cstate-numcomps, sizeof(uint_fast16_t {
++	if (!(crg-comps = jas_alloc2(cstate-numcomps, sizeof(jpc_crgcomp_t {
+ 		return -1;
+ 	}
+ 	for (compno = 0, comp = crg-comps; compno  cstate-numcomps;
diff -Nru jasper-1.900.1/debian/patches/series jasper-1.900.1/debian/patches/series
--- jasper-1.900.1/debian/patches/series	2011-11-27 13:55:33.0 -0500
+++ jasper-1.900.1/debian/patches/series	2011-12-19 09:35:07.0 -0500
@@ -1,2 +1,3 @@
 01-misc-fixes.patch
 02-fix-filename-buffer-overflow.patch
+03-CVE-2011-451x.patch

Bug#652105: Better patch

2011-12-15 Thread Marc Deslauriers 
Here's a better patch for the issue. Thanks.

Description: Use system ca certificates, not the bundled ones
Author: Marc Deslauriers marc.deslauri...@canonical.com
Forwarded: No, distro-specific
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/python-httplib2/+bug/882027

Index: python-httplib2-0.7.2/python2/httplib2/__init__.py
===
--- python-httplib2-0.7.2.orig/python2/httplib2/__init__.py	2011-11-14 12:37:38.0 -0500
+++ python-httplib2-0.7.2/python2/httplib2/__init__.py	2011-12-15 14:21:42.061709438 -0500
@@ -176,9 +176,8 @@
 # requesting that URI again.
 DEFAULT_MAX_REDIRECTS = 5
 
-# Default CA certificates file bundled with httplib2.
-CA_CERTS = os.path.join(
-os.path.dirname(os.path.abspath(__file__ )), cacerts.txt)
+# Use system CA certificates
+CA_CERTS = /etc/ssl/certs/ca-certificates.crt
 
 # Which headers are hop-by-hop headers by default
 HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade']
Index: python-httplib2-0.7.2/python3/httplib2/__init__.py
===
--- python-httplib2-0.7.2.orig/python3/httplib2/__init__.py	2011-11-14 12:37:38.0 -0500
+++ python-httplib2-0.7.2/python3/httplib2/__init__.py	2011-12-15 14:22:02.937709977 -0500
@@ -119,9 +119,8 @@
 # Which headers are hop-by-hop headers by default
 HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade']
 
-# Default CA certificates file bundled with httplib2.
-CA_CERTS = os.path.join(
-os.path.dirname(os.path.abspath(__file__ )), cacerts.txt)
+# Use system CA certificates
+CA_CERTS = /etc/ssl/certs/ca-certificates.crt
 
 def _get_end2end_headers(response):
 hopbyhop = list(HOP_BY_HOP)

Bug#648311: use of pkexec

2011-12-14 Thread Marc Deslauriers 
I didn't submit the Ubuntu patch as the Debian synaptic package uses
su-to-root, and not gksu as Ubuntu does.

Would it be ok to unconditionally use pkexec as the wrapper instead of
su-to-root in Debian?





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#652105: python-httplib2: Patch to use system ca certs instead of bundled ones

2011-12-14 Thread Marc Deslauriers 
Package: python-httplib2
Version: 0.7.2-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpb2NdsU
In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/use_system_cacerts.patch: Use system ca certificates,
not the bundled ones (LP: #882027)


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-14-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru python-httplib2-0.7.2/debian/changelog python-httplib2-0.7.2/debian/changelog
diff -Nru python-httplib2-0.7.2/debian/control python-httplib2-0.7.2/debian/control
--- python-httplib2-0.7.2/debian/control	2011-06-13 17:22:39.0 -0400
+++ python-httplib2-0.7.2/debian/control	2011-12-14 14:30:46.0 -0500
@@ -12,7 +13,7 @@
 
 Package: python-httplib2
 Architecture: all
-Depends: ${misc:Depends}, ${python:Depends}
+Depends: ${misc:Depends}, ${python:Depends}, ca-certificates
 Description: comprehensive HTTP client library written for Python
  httplib2.py supports many features left out of other HTTP libraries.
   * HTTP and HTTPS
@@ -29,7 +30,7 @@
 
 Package: python3-httplib2
 Architecture: all
-Depends: ${misc:Depends}, ${python3:Depends}
+Depends: ${misc:Depends}, ${python3:Depends}, ca-certificates
 Description: comprehensive HTTP client library written for Python3
  httplib2.py supports many features left out of other HTTP libraries.
   * HTTP and HTTPS
diff -Nru python-httplib2-0.7.2/debian/patches/series python-httplib2-0.7.2/debian/patches/series
--- python-httplib2-0.7.2/debian/patches/series	1969-12-31 19:00:00.0 -0500
+++ python-httplib2-0.7.2/debian/patches/series	2011-12-14 14:23:08.0 -0500
@@ -0,0 +1 @@
+use_system_cacerts.patch
diff -Nru python-httplib2-0.7.2/debian/patches/use_system_cacerts.patch python-httplib2-0.7.2/debian/patches/use_system_cacerts.patch
--- python-httplib2-0.7.2/debian/patches/use_system_cacerts.patch	1969-12-31 19:00:00.0 -0500
+++ python-httplib2-0.7.2/debian/patches/use_system_cacerts.patch	2011-12-14 15:21:35.0 -0500
@@ -0,0 +1,31 @@
+Description: Use system ca certificates, not the bundled ones
+Author: Marc Deslauriers marc.deslauri...@canonical.com
+Forwarded: No, distro-specific
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/python-httplib2/+bug/882027
+
+Index: python-httplib2-0.7.2/python2/httplib2/__init__.py
+===
+--- python-httplib2-0.7.2.orig/python2/httplib2/__init__.py	2011-12-14 14:23:20.490875998 -0500
 python-httplib2-0.7.2/python2/httplib2/__init__.py	2011-12-14 14:24:22.114877577 -0500
+@@ -178,7 +178,7 @@
+ 
+ # Default CA certificates file bundled with httplib2.
+ CA_CERTS = os.path.join(
+-os.path.dirname(os.path.abspath(__file__ )), cacerts.txt)
++os.path.dirname(os.path.abspath(__file__ )), /etc/ssl/certs/ca-certificates.crt)
+ 
+ # Which headers are hop-by-hop headers by default
+ HOP_BY_HOP = ['connection', 'keep-alive', 'proxy-authenticate', 'proxy-authorization', 'te', 'trailers', 'transfer-encoding', 'upgrade']
+Index: python-httplib2-0.7.2/python3/httplib2/__init__.py
+===
+--- python-httplib2-0.7.2.orig/python3/httplib2/__init__.py	2011-12-14 14:23:23.698876078 -0500
 python-httplib2-0.7.2/python3/httplib2/__init__.py	2011-12-14 14:24:29.578877767 -0500
+@@ -121,7 +121,7 @@
+ 
+ # Default CA certificates file bundled with httplib2.
+ CA_CERTS = os.path.join(
+-os.path.dirname(os.path.abspath(__file__ )), cacerts.txt)
++os.path.dirname(os.path.abspath(__file__ )), /etc/ssl/certs/ca-certificates.crt)
+ 
+ def _get_end2end_headers(response):
+ hopbyhop = list(HOP_BY_HOP)

Bug#651844: libarchive: fix for CVE-2011-1777 and CVE-2011-1778

2011-12-12 Thread Marc Deslauriers 
Package: libarchive
Version: 2.8.5-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmp_Ru6Y6
In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: arbitrary code execution via iso9660 overflows
- debian/patches/CVE-2011-1777.patch: correctly fail on out of memory
  conditions in libarchive/archive_read_support_format_iso9660.c.
- CVE-2011-1777
  * SECURITY UPDATE: arbitrary code execution via tar overflows
- debian/patches/CVE-2011-1778.patch: correctly fail on out of memory
  conditions in libarchive/archive_read_support_format_tar.c
- CVE-2011-1778


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-14-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru libarchive-2.8.5/debian/changelog libarchive-2.8.5/debian/changelog
diff -Nru libarchive-2.8.5/debian/patches/CVE-2011-1777.patch libarchive-2.8.5/debian/patches/CVE-2011-1777.patch
--- libarchive-2.8.5/debian/patches/CVE-2011-1777.patch	1969-12-31 19:00:00.0 -0500
+++ libarchive-2.8.5/debian/patches/CVE-2011-1777.patch	2011-12-09 10:37:29.0 -0500
@@ -0,0 +1,108 @@
+Description: fix arbitrary code execution via iso9660 overflows
+Origin: backport, http://code.google.com/p/libarchive/source/detail?r=3158
+
+Index: libarchive-2.8.5/libarchive/archive_read_support_format_iso9660.c
+===
+--- libarchive-2.8.5.orig/libarchive/archive_read_support_format_iso9660.c	2011-12-09 10:36:34.547552016 -0500
 libarchive-2.8.5/libarchive/archive_read_support_format_iso9660.c	2011-12-09 10:37:08.643552304 -0500
+@@ -417,12 +417,12 @@
+ static inline void cache_add_entry(struct iso9660 *iso9660,
+ 		struct file_info *file);
+ static inline struct file_info *cache_get_entry(struct iso9660 *iso9660);
+-static void	heap_add_entry(struct heap_queue *heap,
++static int	heap_add_entry(struct archive_read *a, struct heap_queue *heap,
+ 		struct file_info *file, uint64_t key);
+ static struct file_info *heap_get_entry(struct heap_queue *heap);
+ 
+-#define add_entry(iso9660, file)	\
+-	heap_add_entry(((iso9660)-pending_files), file, file-offset)
++#define add_entry(arch, iso9660, file)	\
++	heap_add_entry(arch, ((iso9660)-pending_files), file, file-offset)
+ #define next_entry(iso9660)		\
+ 	heap_get_entry(((iso9660)-pending_files))
+ 
+@@ -1010,15 +1010,19 @@
+ con-next = NULL;
+ *multi-contents.last = con;
+ multi-contents.last = (con-next);
+-if (multi == child)
+-	add_entry(iso9660, child);
+-else {
++	if (multi == child) {
++		if (add_entry(a, iso9660, child)
++		!= ARCHIVE_OK)
++			return (ARCHIVE_FATAL);
++	} else {
+ 	multi-size += child-size;
+ 	if (!child-multi_extent)
+ 		multi = NULL;
+ }
+ 			} else
+-add_entry(iso9660, child);
++	if (add_entry(a, iso9660, child)
++	!= ARCHIVE_OK)
++		return (ARCHIVE_FATAL);
+ 		}
+ 	}
+ 
+@@ -1118,7 +1122,8 @@
+ 			iso9660-seenJoliet = seenJoliet;
+ 		}
+ 		/* Store the root directory in the pending list. */
+-		add_entry(iso9660, file);
++		if (add_entry(a, iso9660, file) != ARCHIVE_OK)
++			return (ARCHIVE_FATAL);
+ 		if (iso9660-seenRockridge) {
+ 			a-archive.archive_format =
+ 			ARCHIVE_FORMAT_ISO9660_ROCKRIDGE;
+@@ -2745,8 +2750,8 @@
+ 	return (file);
+ }
+ 
+-static void
+-heap_add_entry(struct heap_queue *heap, struct file_info *file, uint64_t key)
++static int
++heap_add_entry(struct archive_read *a, struct heap_queue *heap, struct file_info *file, uint64_t key)
+ {
+ 	uint64_t file_key, parent_key;
+ 	int hole, parent;
+@@ -2759,12 +2764,18 @@
+ 		if (heap-allocated  1024)
+ 			new_size = 1024;
+ 		/* Overflow might keep us from growing the list. */
+-		if (new_size = heap-allocated)
+-			__archive_errx(1, Out of memory);
++		if (new_size = heap-allocated) {
++			archive_set_error(a-archive,
++			ENOMEM, Out of memory);
++			return (ARCHIVE_FATAL);
++		}
+ 		new_pending_files = (struct file_info **)
+ 		malloc(new_size * sizeof(new_pending_files[0]));
+-		if (new_pending_files == NULL)
+-			__archive_errx(1, Out of memory);
++		if (new_pending_files == NULL) {
++			archive_set_error(a-archive,
++			ENOMEM, Out of memory);
++			return (ARCHIVE_FATAL);
++		}
+ 		memcpy(new_pending_files, heap-files,
+ 		heap-allocated * sizeof(new_pending_files[0]));
+ 		if (heap-files != NULL)
+@@ -2784,13 +2795,15 @@
+ 		parent_key = heap-files[parent]-key;
+ 		if (file_key = parent_key) {
+ 			heap-files[hole] = file;
+-			return;
++			return (ARCHIVE_OK);
+ 		}
+ 		// Move parent into hole == move hole up

Bug#648038: tomcat6: CVE-2011-1184 and CVE-2011-2526 fixes

2011-11-08 Thread Marc Deslauriers 
Package: tomcat6
Version: 6.0.32-6
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch



*** /tmp/tmpibvEX2
In Ubuntu, the attached patch was applied to achieve the following:

Fixes two security issues (CVE-2011-1184 and CVE-2011-2526)

  * SECURITY UPDATE: HTTP DIGEST authentication weaknesses
- debian/patches/0014-CVE-2011-1184.patch: add new nonce options in
  java/org/apache/catalina/authenticator/DigestAuthenticator.java,
  java/org/apache/catalina/authenticator/LocalStrings.properties,
  java/org/apache/catalina/authenticator/mbeans-descriptors.xml,
  java/org/apache/catalina/realm/RealmBase.java,
  webapps/docs/config/valve.xml.
- CVE-2011-1184
  * SECURITY UPDATE: file restriction bypass or denial of service via
untrusted web application.
- debian/patches/0015-CVE-2011-2526.patch: check canonical name in
  java/org/apache/catalina/connector/LocalStrings.properties,
  java/org/apache/catalina/connector/Request.java,
  java/org/apache/catalina/servlets/DefaultServlet.java,
  java/org/apache/coyote/http11/Http11AprProcessor.java,
  java/org/apache/coyote/http11/LocalStrings.properties,
  java/org/apache/tomcat/util/net/AprEndpoint.java,
  java/org/apache/tomcat/util/net/NioEndpoint.java.
- CVE-2011-2526


Thanks for considering the patch.


-- System Information:
Debian Release: wheezy/sid
  APT prefers oneiric-updates
  APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 
'oneiric-proposed'), (500, 'oneiric')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-13-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru tomcat6-6.0.32/debian/changelog tomcat6-6.0.32/debian/changelog
diff -Nru tomcat6-6.0.32/debian/patches/0014-CVE-2011-1184.patch tomcat6-6.0.32/debian/patches/0014-CVE-2011-1184.patch
--- tomcat6-6.0.32/debian/patches/0014-CVE-2011-1184.patch	1969-12-31 19:00:00.0 -0500
+++ tomcat6-6.0.32/debian/patches/0014-CVE-2011-1184.patch	2011-11-08 07:55:11.0 -0500
@@ -0,0 +1,798 @@
+Description: fix HTTP DIGEST authentication weaknesses
+Origin: upstream, http://svn.apache.org/viewvc?view=revisionrevision=1158180
+
+Index: tomcat6-6.0.32/java/org/apache/catalina/authenticator/DigestAuthenticator.java
+===
+--- tomcat6-6.0.32.orig/java/org/apache/catalina/authenticator/DigestAuthenticator.java	2010-04-29 11:00:41.0 -0400
 tomcat6-6.0.32/java/org/apache/catalina/authenticator/DigestAuthenticator.java	2011-10-13 16:38:43.989355250 -0400
+@@ -23,11 +23,14 @@
+ import java.security.MessageDigest;
+ import java.security.NoSuchAlgorithmException;
+ import java.security.Principal;
++import java.util.LinkedHashMap;
++import java.util.Map;
+ import java.util.StringTokenizer;
+ 
+ import javax.servlet.http.HttpServletResponse;
+ 
+ 
++import org.apache.catalina.LifecycleException;
+ import org.apache.catalina.Realm;
+ import org.apache.catalina.connector.Request;
+ import org.apache.catalina.connector.Response;
+@@ -47,8 +50,8 @@
+  * @version $Id: DigestAuthenticator.java 939336 2010-04-29 15:00:41Z kkolinko $
+  */
+ 
+-public class DigestAuthenticator
+-extends AuthenticatorBase {
++public class DigestAuthenticator extends AuthenticatorBase {
++
+ private static Log log = LogFactory.getLog(DigestAuthenticator.class);
+ 
+ 
+@@ -67,6 +70,11 @@
+ org.apache.catalina.authenticator.DigestAuthenticator/1.0;
+ 
+ 
++/**
++ * Tomcat's DIGEST implementation only supports auth quality of protection.
++ */
++protected static final String QOP = auth;
++
+ // --- Constructors
+ 
+ 
+@@ -92,17 +100,49 @@
+ 
+ 
+ /**
++ * List of client nonce values currently being tracked
++ */
++protected MapString,NonceInfo cnonces;
++
++
++/**
++ * Maximum number of client nonces to keep in the cache. If not specified,
++ * the default value of 1000 is used.
++ */
++protected int cnonceCacheSize = 1000;
++
++
++/**
+  * Private key.
+  */
+-protected String key = Catalina;
++protected String key = null;
+ 
+ 
+-// - Properties
++/**
++ * How long server nonces are valid for in milliseconds. Defaults to 5
++ * minutes.
++ */
++protected long nonceValidity = 5 * 60 * 1000;
++
++
++/**
++ * Opaque string.
++ */
++protected String opaque;
+ 
+ 
+ /**
++ * Should the URI be validated as required by RFC2617? Can be disabled in
++ * reverse proxies where the proxy has modified the URI.
++ */
++protected boolean validateUri = true;
++
++// - Properties
++
++/**
+  * Return descriptive

Bug#625966: libmodplug = 0.8.8.2 .abc Stack-Based Buffer Overflow

2011-08-05 Thread Marc Deslauriers 
Package: libmodplug
Version: 1:0.8.8.2-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch



*** /tmp/tmpNcrGvL
In Ubuntu, the attached patch was applied to fix the security issue:

  * SECURITY UPDATE: multiple security issues in ABC loader
- src/load_abc.cpp: fix various issues.
- 
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=d7c36959757fc6c8e4d487be8a72383093d9d26f
- 
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=5d437ad2f741c08fc3862cd4d5157492ead0fe84
- 
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=a13e067a82fa195b1732ad9fb8341c1b0f141bf5
- 
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=22aa681cd12f8547a8866112c7e443166115b701
- 
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=bd5363f31274d6e79b8ace5a94686c9ac6ef415b
- 
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=51f4b152060be23a4514da2a65c83e205bfb21ba
- 
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=56436fac0a37b1746dab594e4aefba9d2bb92e09
- 
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=ad305187322171eab3a66f4b5ce2a067b1580b3e
- 
http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=497a27ba2555399d7aa243dbb51ca81e4e7a32cf
- CVE-2011-1761


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 
'natty-proposed'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-11-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u libmodplug-0.8.8.2/debian/changelog libmodplug-0.8.8.2/debian/changelog
only in patch2:
unchanged:
--- libmodplug-0.8.8.2.orig/src/load_abc.cpp
+++ libmodplug-0.8.8.2/src/load_abc.cpp
@@ -277,11 +277,45 @@
 }
 #endif
 
-
 static int abc_isvalidchar(char c) {
 	return(isalpha(c) || isdigit(c) || isspace(c) || c == '%' || c == ':');
 }
 
+static const char *abc_skipspace(const char *p)
+{
+	while (*p  isspace(*p))
+		p++;
+	return p;
+}
+
+static void abc_extractkeyvalue(char *key, size_t key_max,
+char *value, size_t value_max, const char *src)
+{
+	while (*src  isspace(*src))
+		src++;
+
+	size_t key_size;
+	for (key_size = 0; key_size  key_max - 1  *src;) {
+		if (*src == '=') {
+			src++;
+			break;
+		}
+		key[key_size++] = *src++;
+	}
+	while (key_size  0  isspace(key[key_size - 1]))
+		key_size--;
+	key[key_size] = '\0';
+
+	while (*src  isspace(*src))
+		src++;
+
+	size_t value_size;
+	for (value_size = 0; value_size  value_max - 1  *src;)
+		value[value_size++] = *src++;
+	while (value_size  0  isspace(value[value_size - 1]))
+		value_size--;
+	value[value_size] = '\0';
+}
 
 static void abc_message(const char *s1, const char *s2)
 {
@@ -308,6 +342,7 @@
 static uint32_t notelen_notediv_to_ticks(int speed, int len, int div)
 {
 	uint32_t u;
+	if (div == 0) return 0;
 	u = (ROWSPERNOTE * RESOLUTION * speed * len * global_tempo_factor) / (div * global_tempo_divider);
 	return u;
 }
@@ -454,7 +489,7 @@
 	if( mmfeof(mmfile) ) return EOF;
 	b = mmfile-mm[mmfile-pos];
 	mmfile-pos++;
-	if( b=='\r'  mmfile-mm[mmfile-pos] == '\n' ) {
+	if( b=='\r'  !mmfeof(mmfile)  mmfile-mm[mmfile-pos] == '\n' ) {
 		b = '\n';
 		mmfile-pos++;
 	}
@@ -531,21 +566,13 @@
 // =
 {
 ABCMACRO *retval;
-		const char *p;
-		char buf[256],*q;
-		for( p=m; *p  isspace(*p); p++ ) ;
-		for( q=buf; *p  *p != '='; p++ )
-			*q++ = *p;
-		if( q != buf )
-			while( isspace(q[-1]) ) q--;
-		*q = '\0';
+	char key[256], value[256];
+	abc_extractkeyvalue(key, sizeof(key), value, sizeof(value), m);
+
 retval = (ABCMACRO *)_mm_calloc(h-macrohandle, 1,sizeof(ABCTRACK));
-retval-name  = DupStr(h-macrohandle, buf,strlen(buf));
+retval-name  = DupStr(h-macrohandle, key, strlen(key));
 		retval-n = strrchr(retval-name, 'n'); // for transposing macro's
-		for( p++; *p  isspace(*p); p++ ) ;
-		strncpy(buf,p,200);
-		for( q=buf[strlen(buf)-1]; q!=buf  isspace(*q); q-- ) *q = '\0';
-retval-subst = DupStr(h-macrohandle, buf, strlen(buf));
+retval-subst = DupStr(h-macrohandle, value, strlen(value));
 		retval-next  = h-macro;
 		h-macro  = retval;
 }
@@ -555,24 +582,15 @@
 // =
 {
 ABCMACRO *retval, *mp;
-		const char *p;
-		char buf[256], let[2], *q;
-		for( p=m; *p  isspace(*p); p++ ) ;
-		for( q=buf; *p  *p != '='; p++ )
-			*q++ = *p;
-		if( q

Bug#636168: gcstar: Version 1.6.2 is now available

2011-07-31 Thread Marc Deslauriers 
Package: gcstar
Severity: normal
Tags: sid

Upstream has released version 1.6.2 on july 10th. Please update
the version in unstable.

Thanks!



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#635901: stereograph: fix for FTBFS

2011-07-29 Thread Marc Deslauriers 
Package: stereograph
Version: 0.30a-6
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch



*** /tmp/tmpbOzU85
In Ubuntu, the attached patch was applied to fix a FTBFS:

  * Changed library references, changed and updated parameters
to linker to solve FTBFS (LP: #755934):
- Makefile: replaced hardcoded libraries with library 
  parameters for libpng and libz.
- Makefile.in: added target to build stereograph executable
  putting the library references after the objects that
  needs them, to build with ld --no-as-needed.
- debian/control: updated build depends for libpng.


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 
'natty-proposed'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-10-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u stereograph-0.30a/debian/control stereograph-0.30a/debian/control
--- stereograph-0.30a/debian/control
+++ stereograph-0.30a/debian/control
@@ -1,9 +1,10 @@
 Source: stereograph
 Section: graphics
 Priority: optional
-Maintainer: Peter Palfrader wea...@debian.org
+Maintainer: Ubuntu Developers ubuntu-devel-disc...@lists.ubuntu.com
+XSBC-Original-Maintainer: Peter Palfrader wea...@debian.org
 Standards-Version: 3.6.2
-Build-Depends: libpng-dev, debhelper, zlib1g-dev
+Build-Depends: libpng12-dev, debhelper, zlib1g-dev
 
 Package: stereograph
 Architecture: any
diff -u stereograph-0.30a/debian/changelog stereograph-0.30a/debian/changelog
diff -u stereograph-0.30a/Makefile.in stereograph-0.30a/Makefile.in
--- stereograph-0.30a/Makefile.in
+++ stereograph-0.30a/Makefile.in
@@ -8,6 +8,8 @@
 make: all
 
 stereograph: $(OBJ0)
+	gcc -g -o $@ $(OBJ0) $(LDFLAGS)
+
 stereograph.o: stereograph.c stereograph.h renderer.h gfxio.h globals.h
 renderer.o: renderer.c renderer.h globals.h
 gfxio.o: gfxio.c gfxio.h renderer.h globals.h
diff -u stereograph-0.30a/Makefile stereograph-0.30a/Makefile
--- stereograph-0.30a/Makefile
+++ stereograph-0.30a/Makefile
@@ -17,7 +17,7 @@
 else
 CFLAGS += -O2
 endif
-LDFLAGS = -lm /usr/lib/libpng.so /usr/lib/libz.so
+LDFLAGS = -lm -lpng -lz
 
 # HPUX
 #CC = cc

Bug#554759: gupnp-ui: Fix for FTBFS

2011-07-29 Thread Marc Deslauriers 
Package: gupnp-ui
Version: 0.1.1-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch



*** /tmp/tmp8b36Ny
In Ubuntu, the attached patch was applied to fix the FTBFS:

  * configure, configure.ac: add libgupnp libraries to LIBS in 
order to solve FTBFS with ld --no-add-needed (LP: #749152)


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 
'natty-proposed'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-10-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u gupnp-ui-0.1.1/debian/changelog gupnp-ui-0.1.1/debian/changelog
only in patch2:
unchanged:
--- gupnp-ui-0.1.1.orig/configure.ac
+++ gupnp-ui-0.1.1/configure.ac
@@ -10,7 +10,7 @@
 AC_STDC_HEADERS
 AC_PROG_LIBTOOL
 
-PKG_CHECK_MODULES(LIBGUPNP_UI, gupnp-1.0 = 0.3 gtk+-2.0)
+PKG_CHECK_MODULES(LIBGUPNP_UI, gupnp-1.0 = 0.3 gtk+-2.0, LIBS=$LIBS $LIBGUPNP_UI_LIBS)
 
 PKG_CHECK_MODULES(GTHREAD, gthread-2.0)
 
only in patch2:
unchanged:
--- gupnp-ui-0.1.1.orig/configure
+++ gupnp-ui-0.1.1/configure
@@ -20909,6 +20909,7 @@
 else
 	LIBGUPNP_UI_CFLAGS=$pkg_cv_LIBGUPNP_UI_CFLAGS
 	LIBGUPNP_UI_LIBS=$pkg_cv_LIBGUPNP_UI_LIBS
+	LIBS=$LIBS $LIBGUPNP_UI_LIBS
 { echo $as_me:$LINENO: result: yes 5
 echo ${ECHO_T}yes 6; }
 	:

Bug#629830: gimp vulnerable to CVE-2011-1782

2011-06-08 Thread Marc Deslauriers 
Package: gimp
Version: 2.6.11-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch



*** /tmp/tmphuxFni
In Ubuntu, the attached patch was applied to achieve the following security
fix:

  * SECURITY UPDATE: denial of service and possible code execution via
malformed PSP image file
- debian/patches/08_CVE-2011-1782.patch: further fix buffer overflow in
  plug-ins/common/file-psp.c.
- CVE-2011-1782

Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 
'natty-proposed'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-10-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru gimp-2.6.11/debian/changelog gimp-2.6.11/debian/changelog
diff -Nru gimp-2.6.11/debian/patches/08_CVE-2011-1782.patch gimp-2.6.11/debian/patches/08_CVE-2011-1782.patch
--- gimp-2.6.11/debian/patches/08_CVE-2011-1782.patch	1969-12-31 19:00:00.0 -0500
+++ gimp-2.6.11/debian/patches/08_CVE-2011-1782.patch	2011-06-08 10:34:23.0 -0400
@@ -0,0 +1,17 @@
+Description: fix denial of service and possible code execution via
+ malformed PSP image file
+Origin: upstream, http://git.gnome.org/browse/gimp/commit?id=f657361db04de69ce003328724c59e3f942d7d15
+
+Index: gimp-2.6.11/plug-ins/common/file-psp.c
+===
+--- gimp-2.6.11.orig/plug-ins/common/file-psp.c	2011-06-08 10:31:55.406816426 -0400
 gimp-2.6.11/plug-ins/common/file-psp.c	2011-06-08 10:32:06.516816421 -0400
+@@ -1246,7 +1246,7 @@
+ fread (buf, runcount, 1, f);
+ 
+   /* prevent buffer overflow for bogus data */
+-  runcount = MIN (runcount, endq - q);
++  runcount = MIN (runcount, (endq - q) / bytespp);
+ 
+   if (bytespp == 1)
+ {
diff -Nru gimp-2.6.11/debian/patches/series gimp-2.6.11/debian/patches/series
--- gimp-2.6.11/debian/patches/series	2011-05-17 12:27:03.0 -0400
+++ gimp-2.6.11/debian/patches/series	2011-06-08 10:31:46.0 -0400
@@ -4,3 +4,4 @@
 06_CVE-2010-4543.patch
 05_CVE-2010-454x.patch
 07_binutils-gold.patch
+08_CVE-2011-1782.patch

Bug#628126: b43-fwcutter: Add proxy support for downloading

2011-05-31 Thread Marc Deslauriers 
Hi,

Unfortunately, I don't have a proxy environment either.

Is anyone else able to test it?

Marc.


On Tue, 2011-05-31 at 11:56 +0200, Fabrizio Regalli wrote:
 Hi Marc,
 
 I've added proxy support to the package but unfortunately I can't test
 it because I haven't a proxy environment usable.
 The new package are available here: 
 
 http://packages.fabreg.it/incoming/
 
 Could you please get it and test it?
 Let me know: if everything works fine I'll ask to upload to the official
 repository.
 
 Thanks.
 
 Cheers,
 Fabrizio.





-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#628126: b43-fwcutter: Add proxy support for downloading

2011-05-27 Thread Marc Deslauriers 
Package: b43-fwcutter
Version: 1:014-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch



*** /tmp/tmp20pUTi
In Ubuntu, the attached patch was applied to achieve the following:

  * Fix downloading from behind a proxy (LP: #769442)


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 
'natty-proposed'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-9-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru b43-fwcutter-014/debian/changelog b43-fwcutter-014/debian/changelog
diff -Nru b43-fwcutter-014/debian/firmware-b43-installer.postinst b43-fwcutter-014/debian/firmware-b43-installer.postinst
--- b43-fwcutter-014/debian/firmware-b43-installer.postinst	2011-05-06 10:35:02.0 -0400
+++ b43-fwcutter-014/debian/firmware-b43-installer.postinst	2011-05-27 08:23:56.0 -0400
@@ -18,6 +18,17 @@
 mkdir -p $FIRMWARE_INSTALL_DIR
 fi
 
+# use apt proxy
+APT_PROXIES=$(apt-config shell \
+http_proxy Acquire::http::Proxy \
+https_proxy Acquire::https::Proxy \
+ftp_proxy Acquire::ftp::Proxy \
+)
+
+if [ -n $APT_PROXIES ]; then
+	eval export $APT_PROXIES
+fi
+
 wget http://downloads.openwrt.org/sources/broadcom-wl-4.178.10.4.tar.bz2
 tar xvjf broadcom-wl-4.178.10.4.tar.bz2
 cd broadcom-wl-4.178.10.4/linux
diff -Nru b43-fwcutter-014/debian/firmware-b43legacy-installer.postinst b43-fwcutter-014/debian/firmware-b43legacy-installer.postinst
--- b43-fwcutter-014/debian/firmware-b43legacy-installer.postinst	2011-05-06 10:10:26.0 -0400
+++ b43-fwcutter-014/debian/firmware-b43legacy-installer.postinst	2011-05-27 08:20:36.0 -0400
@@ -32,6 +32,17 @@
 mkdir -p $FIRMWARE_INSTALL_DIR
 fi
 
+# use apt proxy
+APT_PROXIES=$(apt-config shell \
+http_proxy Acquire::http::Proxy \
+https_proxy Acquire::https::Proxy \
+ftp_proxy Acquire::ftp::Proxy \
+)
+
+if [ -n $APT_PROXIES ]; then
+	eval export $APT_PROXIES
+fi
+
 wget http://downloads.openwrt.org/sources/wl_apsta-3.130.20.0.o
 b43-fwcutter -w $FIRMWARE_INSTALL_DIR wl_apsta-3.130.20.0.o
 rm wl_apsta-3.130.20.0.o
diff -Nru b43-fwcutter-014/debian/firmware-b43-lpphy-installer.postinst b43-fwcutter-014/debian/firmware-b43-lpphy-installer.postinst
--- b43-fwcutter-014/debian/firmware-b43-lpphy-installer.postinst	2011-05-06 10:36:07.0 -0400
+++ b43-fwcutter-014/debian/firmware-b43-lpphy-installer.postinst	2011-05-27 08:20:36.0 -0400
@@ -39,6 +39,17 @@
 mkdir -p $FIRMWARE_INSTALL_DIR
 fi
 
+# use apt proxy
+APT_PROXIES=$(apt-config shell \
+http_proxy Acquire::http::Proxy \
+https_proxy Acquire::https::Proxy \
+ftp_proxy Acquire::ftp::Proxy \
+)
+
+if [ -n $APT_PROXIES ]; then
+	eval export $APT_PROXIES
+fi
+
 wget http://downloads.openwrt.org/sources/broadcom-wl-4.178.10.4.tar.bz2
 tar xvjf broadcom-wl-4.178.10.4.tar.bz2
 cd broadcom-wl-4.178.10.4/linux

Bug#623747: svgalib: FTBS on armel

2011-04-22 Thread Marc Deslauriers 
Package: svgalib
Version: 1:1.4.3-30
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch



*** /tmp/tmphVBpfQ
In Ubuntu, the attached patch was applied to fix a FTBFS on armel:

  * debian/rules: Changed chmod usage as not every architecture has dumpreg
and restore* binaries (LP: #745870)


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-8-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru svgalib-1.4.3/debian/changelog svgalib-1.4.3/debian/changelog
diff -Nru svgalib-1.4.3/debian/rules svgalib-1.4.3/debian/rules
--- svgalib-1.4.3/debian/rules	2009-11-14 00:54:26.0 -0500
+++ svgalib-1.4.3/debian/rules	2011-04-22 08:33:04.0 -0400
@@ -90,9 +90,7 @@
 	dh_strip -a
 	dh_compress -a
 	dh_fixperms -a
-	for f in debian/$(bin)/usr/bin/{dumpreg,restore*}; do \
-	  [ -f $$f ]  chmod 4755 $$f; \
-	done
+	chmod 4755 debian/$(bin)/usr/bin/{dumpreg,restore*} || true
 	dh_makeshlibs -a
 	dh_installdeb -a
 	dh_shlibdeps -a -ldebian/$(lib)/usr/lib -L$(lib)

Bug#608497: gimp: Fix from Ubuntu

2011-04-08 Thread Marc Deslauriers 
Package: gimp
Version: 2.6.11-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch



*** /tmp/tmpJCXJq8
In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: denial of service and possible code execution via
malformed plugin configuration files
- debian/patches/05_CVE-2010-454x.patch: fix format strings in
  plug-ins/{common/sphere-designer,gfig/gfig-style,
  lighting/lighting-ui}.c.
- CVE-2010-4540
- CVE-2010-4541
- CVE-2010-4542
  * SECURITY UPDATE: denial of service and possible code execution via
malformed PSP image file
- debian/patches/06_CVE-2010-4543.patch: fix buffer overflow in
  plug-ins/common/file-psp.c.
- CVE-2010-4543


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-8-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru gimp-2.6.11/debian/changelog gimp-2.6.11/debian/changelog
diff -Nru gimp-2.6.11/debian/patches/05_CVE-2010-454x.patch gimp-2.6.11/debian/patches/05_CVE-2010-454x.patch
--- gimp-2.6.11/debian/patches/05_CVE-2010-454x.patch	1969-12-31 19:00:00.0 -0500
+++ gimp-2.6.11/debian/patches/05_CVE-2010-454x.patch	2011-04-07 10:59:56.0 -0400
@@ -0,0 +1,127 @@
+Description: fix denial of service and possible code execution via
+ malformed plugin configuration files
+Origin: upstream, http://git.gnome.org/browse/gimp/commit/?id=7fb0300e1cfdb98a3bde54dbc73a0f3eda375162
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497
+Bug: https://bugzilla.gnome.org/show_bug.cgi?id=639203
+
+Index: gimp-2.6.11/plug-ins/common/sphere-designer.c
+===
+--- gimp-2.6.11.orig/plug-ins/common/sphere-designer.c	2011-04-07 10:39:20.396192480 -0400
 gimp-2.6.11/plug-ins/common/sphere-designer.c	2011-04-07 10:40:07.156192468 -0400
+@@ -1992,6 +1992,7 @@
+   gcharendbuf[21 * (G_ASCII_DTOSTR_BUF_SIZE + 1)];
+   gchar   *end = endbuf;
+   gcharline[1024];
++  gcharfmt_str[16];
+   gint i;
+   texture *t;
+   gint majtype, type;
+@@ -2016,6 +2017,8 @@
+ 
+   s.com.numtexture = 0;
+ 
++  snprintf (fmt_str, sizeof (fmt_str), %%d %%d %%%lds, sizeof (endbuf) - 1);
++
+   while (!feof (f))
+ {
+ 
+@@ -2026,7 +2029,7 @@
+   t = s.com.texture[i];
+   setdefaults (t);
+ 
+-  if (sscanf (line, %d %d %s, t-majtype, t-type, end) != 3)
++  if (sscanf (line, fmt_str, t-majtype, t-type, end) != 3)
+ t-color1.x = g_ascii_strtod (end, end);
+   if (end  errno != ERANGE)
+ t-color1.y = g_ascii_strtod (end, end);
+Index: gimp-2.6.11/plug-ins/gfig/gfig-style.c
+===
+--- gimp-2.6.11.orig/plug-ins/gfig/gfig-style.c	2011-04-07 10:39:35.966192476 -0400
 gimp-2.6.11/plug-ins/gfig/gfig-style.c	2011-04-07 10:40:07.156192468 -0400
+@@ -165,6 +165,7 @@
+   gchar *ptr;
+   gchar *tmpstr;
+   gchar *endptr;
++  gchar  fmt_str[32];
+   gchar  colorstr_r[G_ASCII_DTOSTR_BUF_SIZE];
+   gchar  colorstr_g[G_ASCII_DTOSTR_BUF_SIZE];
+   gchar  colorstr_b[G_ASCII_DTOSTR_BUF_SIZE];
+@@ -172,6 +173,10 @@
+ 
+   style_entry-r = style_entry-g = style_entry-b = style_entry-a = 0.;
+ 
++  snprintf (fmt_str, sizeof (fmt_str), %%%lds %%%lds %%%lds %%%lds,
++sizeof (colorstr_r) - 1, sizeof (colorstr_g) - 1,
++sizeof (colorstr_b) - 1, sizeof (colorstr_a) - 1);
++
+   while (n  nitems)
+ {
+   ptr = strchr (text[n], ':');
+@@ -181,7 +186,8 @@
+   ptr++;
+   if (!strcmp (tmpstr, name))
+ {
+-  sscanf (ptr, %s %s %s %s, colorstr_r, colorstr_g, colorstr_b, colorstr_a);
++  sscanf (ptr, fmt_str,
++  colorstr_r, colorstr_g, colorstr_b, colorstr_a);
+   style_entry-r = g_ascii_strtod (colorstr_r, endptr);
+   style_entry-g = g_ascii_strtod (colorstr_g, endptr);
+   style_entry-b = g_ascii_strtod (colorstr_b, endptr);
+Index: gimp-2.6.11/plug-ins/lighting/lighting-ui.c
+===
+--- gimp-2.6.11.orig/plug-ins/lighting/lighting-ui.c	2011-04-07 10:39:44.816192474 -0400
 gimp-2.6.11/plug-ins/lighting/lighting-ui.c	2011-04-07 10:40:07.156192468 -0400
+@@ -1342,6 +1342,7 @@
+   gchar  buffer3[G_ASCII_DTOSTR_BUF_SIZE];
+   gchar  type_label[21];
+   gchar *endptr;
++  gchar  fmt_str[32];
+ 
+   if (response_id == GTK_RESPONSE_OK)
+ {
+@@ -1381,23 +1382,41 @@
+   return;
+ }
+ 
+-  fscanf (fp,  Position: %s %s %s, buffer1, buffer2, buffer3);
++  snprintf

Bug#621030: openslp-dfsg: fix for CVE-2010-3609

2011-04-05 Thread Marc Deslauriers 
Package: openslp-dfsg
Version: 1.2.1-7.8
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch



*** /tmp/tmpokF8Uc
In Ubuntu, the attached patch was applied to achieve the following:

  * SECURITY UPDATE: denial of service via circular reference
- debian/patches/CVE-2010-3609.patch: detect circular reference in
  common/slp_message.c. Patch thanks to SUSE.
- CVE-2010-3609
  * debian/rules: add dh_quilt_patch and dh_quilt_unpatch so patches in
debian/patches actually get applied.
  * debian/patches/series: disable 01_have_net_if_arp.diff and
99_autoreconf.diff since they had never been applied.


Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-7-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u openslp-dfsg-1.2.1/debian/changelog openslp-dfsg-1.2.1/debian/changelog
diff -u openslp-dfsg-1.2.1/debian/rules openslp-dfsg-1.2.1/debian/rules
--- openslp-dfsg-1.2.1/debian/rules
+++ openslp-dfsg-1.2.1/debian/rules
@@ -26,6 +26,7 @@
 	dh_testdir
 
 	cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub .
+	dh_quilt_patch
 	touch Makefile.in # work around patch timestamp problems
 	./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \
 		--prefix=/usr --mandir=\$${prefix}/share/man\
@@ -42,6 +43,7 @@
 
 	# Clean up after the build process.
 	[ ! -f Makefile ] || $(MAKE) clean
+	dh_quilt_unpatch
 	rm -f build-stamp config.status debian/substvars debian/conffiles
 	rm -f config.guess config.sub
 
diff -u openslp-dfsg-1.2.1/debian/patches/series openslp-dfsg-1.2.1/debian/patches/series
--- openslp-dfsg-1.2.1/debian/patches/series
+++ openslp-dfsg-1.2.1/debian/patches/series
@@ -1,2 +1,3 @@
-01_have_net_if_arp.diff
-99_autoreconf.diff
+#01_have_net_if_arp.diff
+#99_autoreconf.diff
+CVE-2010-3609.patch
only in patch2:
unchanged:
--- openslp-dfsg-1.2.1.orig/debian/patches/CVE-2010-3609.patch
+++ openslp-dfsg-1.2.1/debian/patches/CVE-2010-3609.patch
@@ -0,0 +1,27 @@
+Description: fix denial of service via circular reference
+Origin: vendor, https://build.opensuse.org/package/view_file?file=openslp.parseext.diffpackage=openslpproject=openSUSE%3A11.4srcmd5=38039c725b8a6c1e0cdd4efdffa8bcc8
+
+Index: openslp-dfsg-1.2.1/common/slp_message.c
+===
+--- openslp-dfsg-1.2.1.orig/common/slp_message.c	2011-04-05 14:29:12.063825536 -0400
 openslp-dfsg-1.2.1/common/slp_message.c	2011-04-05 14:29:25.203825532 -0400
+@@ -872,10 +872,19 @@
+ int extid;
+ int nextoffset;
+ int result  = SLP_ERROR_OK;
++int bufsz = (int)(buffer-end - buffer-start);
+ 
+ nextoffset = message-header.extoffset;
+ while(nextoffset)
+ {
++/* check for circular reference in list
++ * if the size gets below zero, we know we're
++ * reprocessing extensions in a loop.
++ */
++bufsz -= 5;
++if (bufsz = 0) 
++return SLP_ERROR_PARSE_ERROR;
++
+ buffer-curpos = buffer-start + nextoffset;
+ if(buffer-curpos + 5 = buffer-end)
+ {

Bug#619526: sbuild: Quirk to work around wrong build-essential entry on Ubuntu Lucid

2011-03-24 Thread Marc Deslauriers 
Package: sbuild
Version: 0.60.9-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch



*** /tmp/tmpVBaqZt
In Ubuntu, the attached patch was applied to achieve the following:
  * lib/Sbuild/Build.pm: work around Lucid issue that has diff listed in
build-essential instead of diffutils. This causes schroots that don't
have universe enabled to fail to install dependencies. (LP: #741897)

This may be worthwhile for Debian users who want to build packages for
Ubuntu. Thanks.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-7-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u sbuild-0.60.9/lib/Sbuild/Build.pm sbuild-0.60.9/lib/Sbuild/Build.pm
--- sbuild-0.60.9/lib/Sbuild/Build.pm
+++ sbuild-0.60.9/lib/Sbuild/Build.pm
@@ -1464,11 +1464,15 @@
 }
 
 # Workaround http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602571
+# Also works around Ubuntu Lucid shipping with diff instead of
+# diffutils: https://bugs.launchpad.net/ubuntu/+source/sbuild/+bug/741897
 if (open( F, $self-{'Chroot Dir'}/etc/lsb-release )) {
 while( F ) {
 if ($_ eq DISTRIB_ID=Ubuntu\n) {
 @essential = grep(!/^sysvinit$/, @essential);
-last;
+}
+if ($_ eq DISTRIB_CODENAME=lucid\n) {
+s/^diff$/diffutils/ for (@essential);
 }
 }
 close( F );
diff -u sbuild-0.60.9/debian/changelog sbuild-0.60.9/debian/changelog

Bug#609811: sbuild: --no-install-recommends not available in older apt-get

2011-01-12 Thread Marc Deslauriers 
Package: sbuild
Version: 0.60.8-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch



*** /tmp/tmpmadAAN
In Ubuntu, the attached patch was applied to achieve the following:

  * lib/Sbuild/ResolverBase.pm: use -o APT::Install-Recommends=false
instead of --no-install-recommends as it is not a valid option in
Dapper schroots. This is Ubuntu-specific and can be removed once Dapper
goes EoL.


Although I mentioned it being Ubuntu-specific in the changelog, it may be 
useful to build for older Debian releases also.
Thanks for considering the patch.


-- System Information:
Debian Release: squeeze/sid
  APT prefers natty-updates
  APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 
'natty-proposed'), (500, 'natty')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.37-12-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u sbuild-0.60.8/debian/changelog sbuild-0.60.8/debian/changelog
only in patch2:
unchanged:
--- sbuild-0.60.8.orig/lib/Sbuild/ResolverBase.pm
+++ sbuild-0.60.8/lib/Sbuild/ResolverBase.pm
@@ -393,7 +393,8 @@
 my @apt_command = ($self-get_conf('APT_GET'), '--purge',
 	'-o', 'DPkg::Options::=--force-confold',
 	'-o', 'DPkg::Options::=--refuse-remove-essential',
-	'-q', '--no-install-recommends');
+	'-o', 'APT::Install-Recommends=false',
+	'-q');
 push @apt_command, '--allow-unauthenticated' if
 	($self-get_conf('APT_ALLOW_UNAUTHENTICATED'));
 push @apt_command, $mode, $action, @packages;

Bug#604706: pbuilder: manpage tests fail if locale isn't setup

2010-11-23 Thread Marc Deslauriers 
Package: pbuilder
Version: 0.199
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch



*** /tmp/tmppAGg53
In Ubuntu, we've applied the attached patch to achieve the following:

  * debian/rules: install temporary locale so man page tests don't cause
FTBFS.

We thought you might be interested in doing the same. 


-- System Information:
Debian Release: squeeze/sid
  APT prefers maverick-updates
  APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 
'maverick-proposed'), (500, 'maverick')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.35-23-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru pbuilder-0.199ubuntu2/debian/changelog pbuilder-0.199ubuntu3/debian/changelog
diff -Nru pbuilder-0.199ubuntu2/debian/rules pbuilder-0.199ubuntu3/debian/rules
--- pbuilder-0.199ubuntu2/debian/rules	2010-10-13 13:13:54.0 -0400
+++ pbuilder-0.199ubuntu3/debian/rules	2010-11-23 11:36:33.0 -0500
@@ -1,5 +1,9 @@
 #!/usr/bin/make -f
 
+LOCALE_PATH	:= debian/tmpdir/usr/lib/locale
+LOCALE_NAME	:= en_US
+LOCALE_CHARSET	:= UTF-8
+
 build: build-stamp
 build-stamp:
 	dh_testdir
@@ -18,7 +22,11 @@
 	dh_prep
 	dh_installdirs
 ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
-	$(MAKE) check
+	mkdir -p $(LOCALE_PATH)
+	localedef -i $(LOCALE_NAME) -c -f $(LOCALE_CHARSET) \
+  -A /usr/share/locale/locale.alias --quiet \
+  $(LOCALE_PATH)/$(LOCALE_NAME).$(LOCALE_CHARSET)
+	LOCPATH=$(LOCALE_PATH) LC_ALL=$(LOCALE_NAME).$(LOCALE_CHARSET) $(MAKE) check
 endif
 	$(MAKE) install DESTDIR=$(CURDIR)/debian/pbuilder
 	dh_movefiles -ppbuilder-uml --sourcedir=debian/pbuilder

Bug#604706: Acknowledgement (pbuilder: manpage tests fail if locale isn't setup)

2010-11-23 Thread Marc Deslauriers 
Whoops, I forgot to clean up the temporary directory. Here's a second
patch that does that.

Marc.


diff -Nru pbuilder-0.199ubuntu3/debian/rules pbuilder-0.199ubuntu4/debian/rules
--- pbuilder-0.199ubuntu3/debian/rules	2010-11-23 11:36:33.0 -0500
+++ pbuilder-0.199ubuntu4/debian/rules	2010-11-23 13:02:20.0 -0500
@@ -1,6 +1,6 @@
 #!/usr/bin/make -f
 
-LOCALE_PATH	:= debian/tmpdir/usr/lib/locale
+LOCALE_PATH	:= debian/tmplocale
 LOCALE_NAME	:= en_US
 LOCALE_CHARSET	:= UTF-8
 
@@ -13,6 +13,7 @@
 	dh_testdir
 	dh_testroot
 	rm -f build-stamp
+	rm -rf $(LOCALE_PATH)
 	$(MAKE) clean
 	dh_clean

Bug#599930: aide: escape another special character in pathnames

2010-10-12 Thread Marc Deslauriers 
Package: aide
Version: 0.13.1-11
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch



*** /tmp/tmplkThkF

Aide chokes on the special character in the following pathname:

/dev/input/by-id/usb-Microsoft_Microsoft_IntelliMouse®_Optical-mouse

In Ubuntu, we've applied the attached patch to achieve the following:

  * debian/aide.conf.d/70_aide_dev: escape another special character in
filenames. (LP: #456710)

We thought you might be interested in doing the same. 


-- System Information:
Debian Release: squeeze/sid
  APT prefers maverick-updates
  APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 
'maverick-proposed'), (500, 'maverick')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.35-22-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u aide-0.13.1/debian/changelog aide-0.13.1/debian/changelog
diff -u aide-0.13.1/debian/aide.conf.d/70_aide_dev aide-0.13.1/debian/aide.conf.d/70_aide_dev
--- aide-0.13.1/debian/aide.conf.d/70_aide_dev
+++ aide-0.13.1/debian/aide.conf.d/70_aide_dev
@@ -18,7 +18,7 @@
   find /dev -path /dev/.static -prune -o -print | \
  sed -e 's/^\(.*\)/\1$ RamdiskData/'   \
  -e 's,\\,,g' -e 's,\.,\\\.,g' \
- -e 's,#,\\#,g'
+ -e 's,#,\\#,g' -e 's,®,\.,g'
   echo /dev/\.static$ RamdiskData
 else
   # we have static /dev

Bug#590296: wget: Fix for CVE-2010-2252

2010-09-03 Thread Marc Deslauriers 
Package: wget
Version: 1.12-1.1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu maverick ubuntu-patch

In Ubuntu, we've applied the attached patch to achieve the following:

  * SECURITY UPDATE: arbitrary file overwrite via 3xx redirect
- debian/patches/CVE-2010-2252.dpatch: don't use server names in
  doc/wget.texi, src/{http.*,init.c,main.c,options.h,retr.c}.
- This update changes previous behaviour by ignoring the filename
  supplied by the server during redirects. To re-enable previous
  behaviour, see the new --trust-server-names option.
- CVE-2010-2252

We thought you might be interested in doing the same. 


-- System Information:
Debian Release: squeeze/sid
  APT prefers maverick-updates
  APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 
'maverick-proposed'), (500, 'maverick')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.35-19-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u wget-1.12/debian/changelog wget-1.12/debian/changelog
diff -u wget-1.12/debian/patches/00list wget-1.12/debian/patches/00list
--- wget-1.12/debian/patches/00list
+++ wget-1.12/debian/patches/00list
@@ -5,0 +6 @@
+CVE-2010-2252
only in patch2:
unchanged:
--- wget-1.12.orig/debian/patches/CVE-2010-2252.dpatch
+++ wget-1.12/debian/patches/CVE-2010-2252.dpatch
@@ -0,0 +1,162 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+# Description: fix arbitrary file overwrite via 3xx redirect
+# Origin: upstream, http://lists.gnu.org/archive/html/bug-wget/2010-07/msg00076.html
+# Bug: https://savannah.gnu.org/bugs/?29958
+# Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590296
+
+...@dpatch@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' wget-1.12~/doc/wget.texi wget-1.12/doc/wget.texi
+--- wget-1.12~/doc/wget.texi	2010-09-03 09:18:48.0 -0400
 wget-1.12/doc/wget.texi	2010-09-03 09:19:04.0 -0400
+@@ -1487,6 +1487,13 @@
+ @code{Content-Disposition} headers to describe what the name of a
+ downloaded file should be.
+ 
+...@cindex Trust server names
+...@item --trust-server-names
++
++If this is set to on, on a redirect the last component of the
++redirection URL will be used as the local file name.  By default it is
++used the last component in the original URL.
++
+ @cindex authentication
+ @item --auth-no-challenge
+ 
+@@ -2797,6 +2804,10 @@
+ Turn on recognition of the (non-standard) @samp{Content-Disposition}
+ HTTP header---if set to @samp{on}, the same as @samp{--content-disposition}.
+ 
+...@item trust_server_names = on/off
++If set to on, use the last component of a redirection URL for the local
++file name.
++
+ @item continue = on/off
+ If set to on, force continuation of preexistent partially retrieved
+ files.  See @samp{-c} before setting it.
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' wget-1.12~/src/http.c wget-1.12/src/http.c
+--- wget-1.12~/src/http.c	2009-09-21 23:02:18.0 -0400
 wget-1.12/src/http.c	2010-09-03 09:19:04.0 -0400
+@@ -2410,8 +2410,9 @@
+ /* The genuine HTTP loop!  This is the part where the retrieval is
+retried, and retried, and retried, and...  */
+ uerr_t
+-http_loop (struct url *u, char **newloc, char **local_file, const char *referer,
+-   int *dt, struct url *proxy, struct iri *iri)
++http_loop (struct url *u, struct url *original_url, char **newloc,
++   char **local_file, const char *referer, int *dt, struct url *proxy,
++   struct iri *iri)
+ {
+   int count;
+   bool got_head = false; /* used for time-stamping and filename detection */
+@@ -2457,7 +2458,8 @@
+ }
+   else if (!opt.content_disposition)
+ {
+-  hstat.local_file = url_file_name (u);
++  hstat.local_file =
++url_file_name (opt.trustservernames ? u : original_url);
+   got_name = true;
+ }
+ 
+@@ -2497,7 +2499,7 @@
+ 
+   /* Send preliminary HEAD request if -N is given and we have an existing
+* destination file. */
+-  file_name = url_file_name (u);
++  file_name = url_file_name (opt.trustservernames ? u : original_url);
+   if (opt.timestamping
+!opt.content_disposition
+file_exists_p (file_name))
+@@ -2852,9 +2854,9 @@
+ 
+   /* Remember that we downloaded the file for later .orig code. */
+   if (*dt  ADDED_HTML_EXTENSION)
+-downloaded_file(FILE_DOWNLOADED_AND_HTML_EXTENSION_ADDED, hstat.local_file);
++downloaded_file (FILE_DOWNLOADED_AND_HTML_EXTENSION_ADDED, hstat.local_file);
+   else
+-downloaded_file(FILE_DOWNLOADED_NORMALLY, hstat.local_file);
++downloaded_file (FILE_DOWNLOADED_NORMALLY, hstat.local_file);
+ 
+   ret = RETROK;
+   goto exit;
+@@ -2885,9 +2887,9 @@
+

Bug#584516: [Re: CVE-2010-1628: allows context-dependent attackers to execute arbitrary code

2010-07-22 Thread Marc Deslauriers 
Package: ghostscript
Version: 8.63.dfsg.1-2
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu maverick ubuntu-patch



*** /tmp/tmpQ4x52y
In Ubuntu, we've applied the attached patch to achieve the following:

  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
procedure invocations (LP: #546009)
- debian/patches/CVE-2010-1628.dpatch: only initialize structures if
  all allocations were successful in psi/ialloc.c, psi/idosave.h,
  psi/isave.c.
- CVE-2010-1628

We thought you might be interested in doing the same. 


-- System Information:
Debian Release: squeeze/sid
  APT prefers maverick-updates
  APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 
'maverick-proposed'), (500, 'maverick')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.35-9-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u ghostscript-8.71.dfsg.1/debian/changelog ghostscript-8.71.dfsg.1/debian/changelog
diff -u ghostscript-8.71.dfsg.1/debian/patches/00list ghostscript-8.71.dfsg.1/debian/patches/00list
--- ghostscript-8.71.dfsg.1/debian/patches/00list
+++ ghostscript-8.71.dfsg.1/debian/patches/00list
@@ -10,0 +11 @@
+CVE-2010-1628
only in patch2:
unchanged:
--- ghostscript-8.71.dfsg.1.orig/debian/patches/CVE-2010-1628.dpatch
+++ ghostscript-8.71.dfsg.1/debian/patches/CVE-2010-1628.dpatch
@@ -0,0 +1,133 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+# Description: fix arbitrary code execution via unlimited recursive
+#  procedure invocations
+# Origin: upstream, http://svn.ghostscript.com/viewvc?view=revrevision=11414
+# Bug: http://bugs.ghostscript.com/show_bug.cgi?id=691295
+# Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ghostscript/+bug/546009
+# Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584516
+
+...@dpatch@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' ghostscript-8.71.dfsg.1~/psi/ialloc.c ghostscript-8.71.dfsg.1/psi/ialloc.c
+--- ghostscript-8.71.dfsg.1~/psi/ialloc.c	2008-08-28 18:48:19.0 -0400
 ghostscript-8.71.dfsg.1/psi/ialloc.c	2010-07-09 08:05:28.0 -0400
+@@ -185,7 +185,14 @@
+ 	 */
+ 	chunk_t *pcc = mem-pcc;
+ 	ref *end;
++	alloc_change_t *cp = 0;
++int code = 0;
+ 
++	if ((gs_memory_t *)mem != mem-stable_memory) {
++	code = alloc_save_change_alloc(mem, gs_alloc_ref_array, cp);
++	if (code  0)
++		return code;
++	}
+ 	obj = gs_alloc_struct_array((gs_memory_t *) mem, num_refs + 1,
+ ref, st_refs, cname);
+ 	if (obj == 0)
+@@ -210,14 +217,10 @@
+ 	chunk_locate_ptr(obj, cl);
+ 	cl.cp-has_refs = true;
+ 	}
+-	if ((gs_memory_t *)mem != mem-stable_memory) {
+-	ref_packed **ppr = 0;
+-	int code = alloc_save_change_alloc(mem, gs_alloc_ref_array, ppr);
+-	if (code  0)
+-		return code;
+-if (ppr)
+-	*ppr = (ref_packed *)obj;
+-	}
++	if (cp) {
++mem-changes = cp;
++cp-where = (ref_packed *)obj;
++}
+ }
+ make_array(parr, attrs | mem-space, num_refs, obj);
+ return 0;
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' ghostscript-8.71.dfsg.1~/psi/idosave.h ghostscript-8.71.dfsg.1/psi/idosave.h
+--- ghostscript-8.71.dfsg.1~/psi/idosave.h	2008-08-28 18:48:19.0 -0400
 ghostscript-8.71.dfsg.1/psi/idosave.h	2010-07-09 08:05:31.0 -0400
+@@ -18,6 +18,22 @@
+ #  define idosave_INCLUDED
+ 
+ /*
++ * Structure for saved change chain for save/restore.  Because of the
++ * garbage collector, we need to distinguish the cases where the change
++ * is in a static object, a dynamic ref, or a dynamic struct.
++ */
++typedef struct alloc_change_s alloc_change_t;
++struct alloc_change_s {
++alloc_change_t *next;
++ref_packed *where;
++ref contents;
++#define AC_OFFSET_STATIC (-2)	/* static object */
++#define AC_OFFSET_REF (-1)	/* dynamic ref */
++#define AC_OFFSET_ALLOCATED (-3) /* a newly allocated ref array */
++short offset;		/* if = 0, offset within struct */
++};
++
++/*
+  * Save a change that must be undone by restore.  We have to pass the
+  * pointer to the containing object to alloc_save_change for two reasons:
+  *
+@@ -29,6 +45,7 @@
+  * relocate the pointer to it from the change record during garbage
+  * collection.
+  */
++
+ int alloc_save_change(gs_dual_memory_t *dmem, const ref *pcont,
+ 		  ref_packed *ptr, client_name_t cname);
+ int alloc_save_change_in(gs_ref_memory_t *mem, const ref *pcont,
+@@ -36,6 +53,6 @@
+ /* Remove an AC_OFFSET_ALLOCATED element. */
+ void alloc_save_remove(gs_ref_memory_t *mem, ref_packed *obj, client_name_t cname);
+ /* Allocate a structure for recording an allocation event. */
+-int alloc_save_change_alloc(gs_ref_memory_t *mem, client_name_t cname, ref_packed ***ppr);
++int

Bug#586926: Can't authenticate with Google reader

2010-06-25 Thread Marc Deslauriers 
Package: liferea
Version: 1.6.3-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu maverick ubuntu-patch



*** /tmp/tmpHXo8qP
In Ubuntu, we've applied the attached patch to achieve the following:

  * debian/patches/google-reader-auth.patch: fix Google reader
authentication (LP: #597532)

We thought you might be interested in doing the same. 


-- System Information:
Debian Release: squeeze/sid
  APT prefers maverick-updates
  APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 
'maverick-proposed'), (500, 'maverick')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.35-5-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u liferea-1.6.3/debian/changelog liferea-1.6.3/debian/changelog
diff -u liferea-1.6.3/debian/patches/series liferea-1.6.3/debian/patches/series
--- liferea-1.6.3/debian/patches/series
+++ liferea-1.6.3/debian/patches/series
@@ -10,0 +11 @@
+google-reader-auth.patch
only in patch2:
unchanged:
--- liferea-1.6.3.orig/debian/patches/google-reader-auth.patch
+++ liferea-1.6.3/debian/patches/google-reader-auth.patch
@@ -0,0 +1,251 @@
+Description: fix Google reader authentication
+Bug: http://sourceforge.net/tracker/?func=detailaid=3019939group_id=87005atid=581684
+Origin: upstream, http://liferea.svn.sourceforge.net/viewvc/liferea?view=revisionrevision=5403
+Origin: upstream, http://liferea.svn.sourceforge.net/viewvc/liferea?view=revisionrevision=5404
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/liferea/+bug/597532
+
+diff -Nur liferea-1.6.3/src/fl_sources/google_source.c liferea-1.6.3.new/src/fl_sources/google_source.c
+--- liferea-1.6.3/src/fl_sources/google_source.c	2009-07-17 16:59:01.0 -0400
 liferea-1.6.3.new/src/fl_sources/google_source.c	2010-06-25 14:46:03.0 -0400
+@@ -66,7 +66,7 @@
+ 
+ 	update_job_cancel_by_owner (gsource);
+ 	
+-	g_free (gsource-sid);
++	g_free (gsource-authHeaderValue);
+ 	g_queue_free (gsource-actionQueue) ;
+ 	g_hash_table_unref (gsource-lastTimestampMap);
+ 	g_free (gsource);
+@@ -88,21 +88,21 @@
+ 	gchar		*tmp = NULL;
+ 	subscriptionPtr subscription = gsource-root-subscription;
+ 		
+-	debug0 (DEBUG_UPDATE, google login processing...);
++	debug1 (DEBUG_UPDATE, google login processing... %s, result-data);
+ 	
+-	g_assert (!gsource-sid);
++	g_assert (!gsource-authHeaderValue);
+ 	
+ 	if (result-data  result-httpstatus == 200)
+-		tmp = strstr (result-data, SID=);
++		tmp = strstr (result-data, Auth=);
+ 		
+ 	if (tmp) {
+ 		gchar *ttmp = tmp; 
+ 		tmp = strchr (tmp, '\n');
+ 		if (tmp)
+ 			*tmp = '\0';
+-		gsource-sid = g_strdup (ttmp);
++		gsource-authHeaderValue = g_strdup_printf (GoogleLogin auth=%s, ttmp + 5);
+ 
+-		debug1 (DEBUG_UPDATE, google reader SID found: %s, gsource-sid);
++		debug1 (DEBUG_UPDATE, google reader Auth token found: %s, gsource-authHeaderValue);
+ 		/* now that we are authenticated trigger updating to start data retrieval */
+ 		gsource-loginState = GOOGLE_SOURCE_STATE_ACTIVE;
+ 		if (!(flags  GOOGLE_SOURCE_UPDATE_ONLY_LOGIN))
+@@ -112,7 +112,7 @@
+ 		google_source_edit_process (gsource);
+ 
+ 	} else {
+-		debug0 (DEBUG_UPDATE, google reader login failed! no SID found in result!);
++		debug0 (DEBUG_UPDATE, google reader login failed! no Auth token found in result!);
+ 		subscription-node-available = FALSE;
+ 
+ 		g_free (subscription-updateError);
+@@ -125,7 +125,7 @@
+ 
+ /**
+  * Perform a login to Google Reader, if the login completes the 
+- * GoogleSource will have a valid sid and will have loginStatus to 
++ * GoogleSource will have a valid Auth token and will have loginStatus to 
+  * GOOGLE_SOURCE_LOGIN_ACTIVE.
+  */
+ void
+diff -Nur liferea-1.6.3/src/fl_sources/google_source_edit.c liferea-1.6.3.new/src/fl_sources/google_source_edit.c
+--- liferea-1.6.3/src/fl_sources/google_source_edit.c	2009-05-01 14:53:16.0 -0400
 liferea-1.6.3.new/src/fl_sources/google_source_edit.c	2010-06-25 14:45:55.0 -0400
+@@ -384,7 +384,7 @@
+ 	request = update_request_new ();
+ 	request-updateState = update_state_copy (gsource-root-subscription-updateState);
+ 	request-options = update_options_copy (gsource-root-subscription-updateOptions) ;
+-	update_state_set_cookies (request-updateState, gsource-sid);
++	update_request_set_auth_value (request, gsource-authHeaderValue);
+ 
+ 	if (action-actionType == EDIT_ACTION_MARK_READ || 
+ 	action-actionType == EDIT_ACTION_MARK_UNREAD || 
+@@ -421,7 +421,7 @@
+ 	request-updateState = update_state_copy (gsource-root-subscription-updateState);
+ 	request-options = update_options_copy (gsource-root-subscription-updateOptions);
+ 	request-source = g_strdup (GOOGLE_READER_TOKEN_URL);
+-	update_state_set_cookies (request-updateState, gsource-sid);
++	update_request_set_auth_value(request, gsource-authHeaderValue);
+ 
+ 	update_execute_request (gsource, request, google_source_edit_token_cb, 
+

Bug#577570: acidbase: fix undefined method errors with php 5.3

2010-04-12 Thread Marc Deslauriers 
Package: acidbase
Version: 1.4.4-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu lucid ubuntu-patch



*** /tmp/tmpb4SIDV
In Ubuntu, we've applied the attached patch to achieve the following:

  * debian/patches/13_add_missing_function.dpatch: Add missing
ProtocolFieldCriteria::ProtocolFieldCriteria() function to work
properly with php 5.3. (LP: #561556)

We thought you might be interested in doing the same. 


-- System Information:
Debian Release: squeeze/sid
  APT prefers lucid-updates
  APT policy: (500, 'lucid-updates'), (500, 'lucid-security'), (500, 'lucid')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-19-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u acidbase-1.4.4/debian/changelog acidbase-1.4.4/debian/changelog
diff -u acidbase-1.4.4/debian/patches/00list acidbase-1.4.4/debian/patches/00list
--- acidbase-1.4.4/debian/patches/00list
+++ acidbase-1.4.4/debian/patches/00list
@@ -5,0 +6 @@
+13_add_missing_function
only in patch2:
unchanged:
--- acidbase-1.4.4.orig/debian/patches/13_add_missing_function.dpatch
+++ acidbase-1.4.4/debian/patches/13_add_missing_function.dpatch
@@ -0,0 +1,28 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+# Description: Add missing ProtocolFieldCriteria::ProtocolFieldCriteria()
+#  function to work properly with php 5.3
+# Origin: upstream, http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/includes/base_state_citems.inc.php?r1=1.36r2=1.37
+# Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/acidbase/+bug/561556
+
+...@dpatch@
+diff -urNad acidbase-1.4.4~/includes/base_state_citems.inc.php acidbase-1.4.4/includes/base_state_citems.inc.php
+--- acidbase-1.4.4~/includes/base_state_citems.inc.php	2009-09-05 11:58:07.0 -0400
 acidbase-1.4.4/includes/base_state_citems.inc.php	2010-04-12 10:59:14.0 -0400
+@@ -293,6 +293,17 @@
+ 
+ class ProtocolFieldCriteria extends MultipleElementCriteria
+ {
++	function ProtocolFieldCriteria($db, $cs, $export_name, $element_cnt, $field_list = Array() )
++	{
++		$tdb = $db;
++		$cs = $cs;
++
++		$this-MultipleElementCriteria($tdb, $cs, $export_name, $element_cnt, $field_list);
++
++	}
++
++
++
+function SanitizeElement($i)
+{ 
+   // Make a copy of the element array

Bug#577570: acidbase: fix undefined method errors with php 5.3

2010-04-12 Thread Marc Deslauriers 
Yes, it's already in 1.4.5.

Marc.


On Mon, 2010-04-12 at 15:37 -0400, Jeremy T. Bouse wrote:
   Is this already part of the 1.4.5 acidbase upstream code? I'm already
 planning to work on getting it packaged this weekend and if it's already
 included I'll wait and just upgrade the package than apply a patch.
 
 Marc Deslauriers wrote:
  Package: acidbase
  Version: 1.4.4-3
  Severity: normal
  Tags: patch
  User: ubuntu-de...@lists.ubuntu.com
  Usertags: origin-ubuntu lucid ubuntu-patch
  
  
  
  *** /tmp/tmpb4SIDV
  In Ubuntu, we've applied the attached patch to achieve the following:
  
* debian/patches/13_add_missing_function.dpatch: Add missing
  ProtocolFieldCriteria::ProtocolFieldCriteria() function to work
  properly with php 5.3. (LP: #561556)
  
  We thought you might be interested in doing the same. 
  
  
  -- System Information:
  Debian Release: squeeze/sid
APT prefers lucid-updates
APT policy: (500, 'lucid-updates'), (500, 'lucid-security'), (500, 
  'lucid')
  Architecture: amd64 (x86_64)
  
  Kernel: Linux 2.6.32-19-generic (SMP w/2 CPU cores)
  Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8)
  Shell: /bin/sh linked to /bin/dash
  
 






-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

  1   2   >