Bug#1033401: unblock: src:dino-im/0.4.2-1
Control: tags -1 - moreinfo Hi On Fri, Mar 24, 2023 at 06:57:55PM +0100, Sebastian Ramacher wrote: > Control: tags -1 moreinfo > > On 2023-03-24 12:45:41 +, Martin wrote: > > Package: release.debian.org > > Severity: normal > > User: release.debian@packages.debian.org > > Usertags: unblock > > > > Dear release team, > > > > I like to get clearance for uploading dino-im 0.4.2 to unstable, to get > > it into bookworm. > > Please go ahead and let us know once the package is available in > unstable. FWIW, this is now in unstable. https://tracker.debian.org/news/1427745/accepted-dino-im-042-1-source-into-unstable/ Regards, Salvatore
Bug#1033401: unblock: src:dino-im/0.4.2-1
Control: tags -1 moreinfo On 2023-03-24 12:45:41 +, Martin wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: unblock > > Dear release team, > > I like to get clearance for uploading dino-im 0.4.2 to unstable, to get > it into bookworm. Please go ahead and let us know once the package is available in unstable. Cheers > > Upstream release text: > > > Maintenance release with fix for CVE-2023-28686 and bug fixes. > > There are eight commits, from which five should definitively go into > bookworm (1, 2, 6, 7, 8). Two commits are not related to a bug report, > but solve relevant problems (3, 4). Only one is not relevant at all, but > it does not touch file we care about anyway (5). > > There are no new features nor unnecessary changes, so I would very much > prefer to get the new version in instead of adding five to seven > patches. > > Here is a description of the commits between 0.4.1 (now in testing) and > 0.4.2 (to be uploaded): > > 1. acf9c694 * Fix C binding for gst_video_frame_get_data > Fix for: GTK4 - crash when answering video call #1267 > > Fix C binding for gst_video_frame_get_data > https://github.com/dino/dino/issues/1267 > > 2. 89b9110f * Improve history sync > Fix for: MUC MAM (0313) doesn't work #1386 > > - Ensure we fully fetch desired history if possible (previously, duplicates > > from offline message queue could hinder MAM sync) > > - Early drop illegal MAM messages so they don't pile up in the pending queue > > waiting for their query to end (which it never will if they were not > > requested in first place). > https://github.com/dino/dino/issues/1386 > > 3. 481a68fd * Improve database performance while reconnecting and syncing > > Improve database performance while reconnecting and syncing > > Also move some tasks to low priority idle queue so they won't block UI > > updates > No bug report, but solves startup time issues some users reported. > > 4. 1738bf8d * data: Set StartupNotify to true in .desktop file > > data: Set StartupNotify to true in .desktop file > > GTK handles startup notifications, so advertise it in desktop > > file. This allows splash screens and other startup indications > > in DEs to work. > No bug report, but sounds like an issue worth solving. > > 5. b6f9b54d * Remove gspell > (not relevant to Debian: unused cmake/FindGspell.cmake removed, change > in github ci file) > > 6. 00482404 * Fix a crash if a message subnode is not found in a carbon > Fix for: A carbon crashes Dino #1392 > > Fix a crash if a message subnode is not found in a carbon > https://github.com/dino/dino/issues/1392 > > 7. 179c766d * Bind soup session lifetime to File provider/sender lifetime > Fix for: Dino crashes when sending or receiving files #1395 > > Bind soup session lifetime to File provider/sender lifetime > > Required since libsoup 3.4. Fixes #1395 > https://github.com/dino/dino/issues/1395 > > 8. baf96d9d * @ v0.4.2 origin/v0.4 Check sender of bookmark:1 updates > Fix for: dino-im: Insufficient message sender validation in Dino > CVE-2023-28686 > > Check sender of bookmark:1 updates > https://bugs.debian.org/1033370 > > Thanks in advance for your comments and decision! > > Cheers > > unblock src:dino-im/0.4.2-1 > > diff -Nru dino-im-0.4.1/.github/workflows/build.yml > dino-im-0.4.2/.github/workflows/build.yml > --- dino-im-0.4.1/.github/workflows/build.yml 2023-03-01 23:30:00.0 > + > +++ dino-im-0.4.2/.github/workflows/build.yml 2023-03-23 18:00:00.0 > + > @@ -7,7 +7,7 @@ >- uses: actions/checkout@v2 >- run: sudo apt-get update >- run: sudo apt-get remove libunwind-14-dev > - - run: sudo apt-get install -y build-essential gettext cmake valac > libgee-0.8-dev libsqlite3-dev libgtk-4-dev libnotify-dev libgpgme-dev > libsoup2.4-dev libgcrypt20-dev libqrencode-dev libgspell-1-dev libnice-dev > libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libsrtp2-dev > libwebrtc-audio-processing-dev libadwaita-1-dev > + - run: sudo apt-get install -y build-essential gettext cmake valac > libgee-0.8-dev libsqlite3-dev libgtk-4-dev libnotify-dev libgpgme-dev > libsoup2.4-dev libgcrypt20-dev libqrencode-dev libnice-dev > libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libsrtp2-dev > libwebrtc-audio-processing-dev libadwaita-1-dev >- run: ./configure --with-tests --with-libsignal-in-tree >- run: make >- run: build/xmpp-vala-test > diff -Nru dino-im-0.4.1/VERSION dino-im-0.4.2/VERSION > --- dino-im-0.4.1/VERSION 2023-03-01 23:30:00.0 + > +++ dino-im-0.4.2/VERSION 2023-03-23 18:00:00.0 + > @@ -1 +1 @@ > -RELEASE 0.4.1 > +RELEASE 0.4.2 > diff -Nru dino-im-0.4.1/cmake/FindGspell.cmake > dino-im-0.4.2/cmake/FindGspell.cmake > --- dino-im-0.4.1/cmake/FindGspell.cmake 2023-03-01 23:30:00.0 > + > +++ dino-im-0.4.2/cmake/FindGspell.cmake 1970-01-01 00:00:00.
Bug#1033401: unblock: src:dino-im/0.4.2-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Dear release team, I like to get clearance for uploading dino-im 0.4.2 to unstable, to get it into bookworm. Upstream release text: > Maintenance release with fix for CVE-2023-28686 and bug fixes. There are eight commits, from which five should definitively go into bookworm (1, 2, 6, 7, 8). Two commits are not related to a bug report, but solve relevant problems (3, 4). Only one is not relevant at all, but it does not touch file we care about anyway (5). There are no new features nor unnecessary changes, so I would very much prefer to get the new version in instead of adding five to seven patches. Here is a description of the commits between 0.4.1 (now in testing) and 0.4.2 (to be uploaded): 1. acf9c694 * Fix C binding for gst_video_frame_get_data Fix for: GTK4 - crash when answering video call #1267 > Fix C binding for gst_video_frame_get_data https://github.com/dino/dino/issues/1267 2. 89b9110f * Improve history sync Fix for: MUC MAM (0313) doesn't work #1386 > - Ensure we fully fetch desired history if possible (previously, duplicates > from offline message queue could hinder MAM sync) > - Early drop illegal MAM messages so they don't pile up in the pending queue > waiting for their query to end (which it never will if they were not > requested in first place). https://github.com/dino/dino/issues/1386 3. 481a68fd * Improve database performance while reconnecting and syncing > Improve database performance while reconnecting and syncing > Also move some tasks to low priority idle queue so they won't block UI updates No bug report, but solves startup time issues some users reported. 4. 1738bf8d * data: Set StartupNotify to true in .desktop file > data: Set StartupNotify to true in .desktop file > GTK handles startup notifications, so advertise it in desktop > file. This allows splash screens and other startup indications > in DEs to work. No bug report, but sounds like an issue worth solving. 5. b6f9b54d * Remove gspell (not relevant to Debian: unused cmake/FindGspell.cmake removed, change in github ci file) 6. 00482404 * Fix a crash if a message subnode is not found in a carbon Fix for: A carbon crashes Dino #1392 > Fix a crash if a message subnode is not found in a carbon https://github.com/dino/dino/issues/1392 7. 179c766d * Bind soup session lifetime to File provider/sender lifetime Fix for: Dino crashes when sending or receiving files #1395 > Bind soup session lifetime to File provider/sender lifetime > Required since libsoup 3.4. Fixes #1395 https://github.com/dino/dino/issues/1395 8. baf96d9d * @ v0.4.2 origin/v0.4 Check sender of bookmark:1 updates Fix for: dino-im: Insufficient message sender validation in Dino CVE-2023-28686 > Check sender of bookmark:1 updates https://bugs.debian.org/1033370 Thanks in advance for your comments and decision! Cheers unblock src:dino-im/0.4.2-1 diff -Nru dino-im-0.4.1/.github/workflows/build.yml dino-im-0.4.2/.github/workflows/build.yml --- dino-im-0.4.1/.github/workflows/build.yml 2023-03-01 23:30:00.0 + +++ dino-im-0.4.2/.github/workflows/build.yml 2023-03-23 18:00:00.0 + @@ -7,7 +7,7 @@ - uses: actions/checkout@v2 - run: sudo apt-get update - run: sudo apt-get remove libunwind-14-dev - - run: sudo apt-get install -y build-essential gettext cmake valac libgee-0.8-dev libsqlite3-dev libgtk-4-dev libnotify-dev libgpgme-dev libsoup2.4-dev libgcrypt20-dev libqrencode-dev libgspell-1-dev libnice-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libsrtp2-dev libwebrtc-audio-processing-dev libadwaita-1-dev + - run: sudo apt-get install -y build-essential gettext cmake valac libgee-0.8-dev libsqlite3-dev libgtk-4-dev libnotify-dev libgpgme-dev libsoup2.4-dev libgcrypt20-dev libqrencode-dev libnice-dev libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev libsrtp2-dev libwebrtc-audio-processing-dev libadwaita-1-dev - run: ./configure --with-tests --with-libsignal-in-tree - run: make - run: build/xmpp-vala-test diff -Nru dino-im-0.4.1/VERSION dino-im-0.4.2/VERSION --- dino-im-0.4.1/VERSION 2023-03-01 23:30:00.0 + +++ dino-im-0.4.2/VERSION 2023-03-23 18:00:00.0 + @@ -1 +1 @@ -RELEASE 0.4.1 +RELEASE 0.4.2 diff -Nru dino-im-0.4.1/cmake/FindGspell.cmake dino-im-0.4.2/cmake/FindGspell.cmake --- dino-im-0.4.1/cmake/FindGspell.cmake 2023-03-01 23:30:00.0 + +++ dino-im-0.4.2/cmake/FindGspell.cmake 1970-01-01 00:00:00.0 + @@ -1,14 +0,0 @@ -include(PkgConfigWithFallback) -find_pkg_config_with_fallback(Gspell -PKG_CONFIG_NAME gspell-1 -LIB_NAMES gspell-1 -INCLUDE_NAMES gspell.h -INCLUDE_DIR_SUFFIXES gspell-1 gspell-1/gspell -DEPENDS GTK3 -) - -include(FindPackageHandleStandardArgs) -find_package_handle_standard_args(Gspell -REQUIRED_VARS Gspell_LIBRARY -VERSION_VAR Gspell_VERSION) - diff -Nru dino