Bug#1062500: duo-unix: NMU diff for 64-bit time_t transition
Dear maintainer,
Please find attached a final version of this patch for the time_t
transition. This patch is being uploaded to unstable.
Note that this adds a versioned build-dependency on dpkg-dev, to guard
against accidental backports with a wrong ABI.
Thanks!
-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.5.0-21-generic (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru duo-unix-1.11.3/debian/changelog duo-unix-1.11.3/debian/changelog
--- duo-unix-1.11.3/debian/changelog2020-03-14 17:08:43.0 +
+++ duo-unix-1.11.3/debian/changelog2024-02-28 02:30:53.0 +
@@ -1,3 +1,10 @@
+duo-unix (1.11.3-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Rename libraries for 64-bit time_t transition. Closes: #1062500
+
+ -- Michael Hudson-Doyle Wed, 28 Feb 2024 02:30:53 +
+
duo-unix (1.11.3-1) unstable; urgency=medium
* New upstream release (Closes: 952392).
diff -Nru duo-unix-1.11.3/debian/control duo-unix-1.11.3/debian/control
--- duo-unix-1.11.3/debian/control 2020-03-14 17:08:43.0 +
+++ duo-unix-1.11.3/debian/control 2024-02-28 02:30:53.0 +
@@ -1,7 +1,7 @@
Source: duo-unix
Priority: optional
Maintainer: Kees Cook
-Build-Depends: debhelper-compat (= 12), libcurl4-openssl-dev,
+Build-Depends: dpkg-dev (>= 1.22.5), debhelper-compat (= 12),
libcurl4-openssl-dev,
libssl-dev, libpam-dev
Standards-Version: 4.5.0
Section: libs
@@ -11,7 +11,7 @@
Architecture: any
Multi-Arch: same
Pre-Depends: ${misc:Pre-Depends}
-Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3 (= ${binary:Version}),
+Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3t64 (= ${binary:Version}),
libpam-runtime (>= 1.1.1-3~)
Description: PAM module for Duo Security two-factor authentication
This provides the PAM module needed to interact with the Duo Security
@@ -21,7 +21,7 @@
Package: login-duo
Section: admin
Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3 (= ${binary:Version}),
+Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3t64 (= ${binary:Version}),
openssh-server
Description: login wrapper for Duo Security two-factor authentication
This provides the login wrapper needed to interact with the Duo Security
@@ -29,7 +29,10 @@
be used along with global OpenSSH server configurations. Also includes
manpage and configuration.
-Package: libduo3
+Package: libduo3t64
+Provides: ${t64:Provides}
+Replaces: libduo3
+Breaks: libduo3 (<< ${source:Version})
Architecture: any
Multi-Arch: same
Pre-Depends: ${misc:Pre-Depends}
@@ -42,7 +45,7 @@
Package: libduo-dev
Section: libdevel
Architecture: any
-Depends: libduo3 (= ${binary:Version}), ${misc:Depends}
+Depends: libduo3t64 (= ${binary:Version}), ${misc:Depends}
Description: Duo Security development libraries and header files
This package provides the development libraries and header files needed to
link against the Duo Security library functions. Also includes the manpages
diff -Nru duo-unix-1.11.3/debian/libduo3.install
duo-unix-1.11.3/debian/libduo3.install
--- duo-unix-1.11.3/debian/libduo3.install 2011-09-02 23:13:26.0
+
+++ duo-unix-1.11.3/debian/libduo3.install 1970-01-01 00:00:00.0
+
@@ -1 +0,0 @@
-usr/lib/*/libduo.so.3*
diff -Nru duo-unix-1.11.3/debian/libduo3.manpages
duo-unix-1.11.3/debian/libduo3.manpages
--- duo-unix-1.11.3/debian/libduo3.manpages 2011-04-12 18:52:07.0
+
+++ duo-unix-1.11.3/debian/libduo3.manpages 1970-01-01 00:00:00.0
+
@@ -1 +0,0 @@
-debian/tmp/usr/share/man/man3/duo.3
diff -Nru duo-unix-1.11.3/debian/libduo3.symbols
duo-unix-1.11.3/debian/libduo3.symbols
--- duo-unix-1.11.3/debian/libduo3.symbols 2020-03-14 17:08:43.0
+
+++ duo-unix-1.11.3/debian/libduo3.symbols 1970-01-01 00:00:00.0
+
@@ -1,21 +0,0 @@
-libduo.so.3 libduo3 #MINVER#
- duo_add_optional_param@Base 1.11.3
- duo_add_param@Base 1.11.3
- duo_check_groups@Base 1.9.6
- duo_close@Base 1.5
- duo_common_ini_handler@Base 1.9.6
- duo_config_close@Base 1.11.3
- duo_config_default@Base 1.9.6
- duo_debug@Base 1.9.6
- duo_geterr@Base 1.5
- duo_local_ip@Base 1.9.6
- duo_log@Base 1.9.6
- duo_login@Base 1.5
- duo_open@Base 1.5
- duo_parse_config@Base 1.5
- duo_reset_conv_funcs@Base 1.9.6
- duo_set_boolean_option@Base 1.9.6
- duo_set_conv_funcs@Base 1.5
- duo_split_at@Base 1.11.3
- duo_syslog@Base 1.9.6
- duo_zero_free@Base 1.11.3
diff -Nru duo-unix-1.11.3/debian/libduo3t64.install
duo-unix-1.11.3/debian/libduo3t64.install
--- duo-unix-1.11.3/debian/libduo3t64.install 1970-01-01 00:00:00.0
+
+++
Bug#1062500: duo-unix: NMU diff for 64-bit time_t transition
Source: duo-unix
Version: 1.11.3-1
Severity: serious
Tags: patch pending
Justification: library ABI skew on upgrade
User: debian-...@lists.debian.org
Usertags: time-t
Dear maintainer,
As part of the 64-bit time_t transition required to support 32-bit
architectures in 2038 and beyond
(https://wiki.debian.org/ReleaseGoals/64bit-time), we have identified
duo-unix as a source package shipping runtime libraries whose ABI
either is affected by the change in size of time_t, or could not be
analyzed via abi-compliance-checker (and therefore to be on the safe
side we assume is affected).
To ensure that inconsistent combinations of libraries with their
reverse-dependencies are never installed together, it is necessary to
have a library transition, which is most easily done by renaming the
runtime library package.
Since turning on 64-bit time_t is being handled centrally through a change
to the default dpkg-buildflags (https://bugs.debian.org/1037136), it is
important that libraries affected by this ABI change all be uploaded close
together in time. Therefore I have prepared a 0-day NMU for duo-unix
which will initially be uploaded to experimental if possible, then to
unstable after packages have cleared binary NEW.
Please find the patch for this NMU attached.
If you have any concerns about this patch, please reach out ASAP. Although
this package will be uploaded to experimental immediately, there will be a
period of several days before we begin uploads to unstable; so if information
becomes available that your package should not be included in the transition,
there is time for us to amend the planned uploads.
-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.5.0-15-generic (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru duo-unix-1.11.3/debian/changelog duo-unix-1.11.3/debian/changelog
--- duo-unix-1.11.3/debian/changelog2020-03-14 17:08:43.0 +
+++ duo-unix-1.11.3/debian/changelog2024-02-01 17:34:50.0 +
@@ -1,3 +1,10 @@
+duo-unix (1.11.3-1.1) experimental; urgency=medium
+
+ * Non-maintainer upload.
+ * Rename libraries for 64-bit time_t transition.
+
+ -- Michael Hudson-Doyle Thu, 01 Feb 2024 17:34:50 +
+
duo-unix (1.11.3-1) unstable; urgency=medium
* New upstream release (Closes: 952392).
diff -Nru duo-unix-1.11.3/debian/control duo-unix-1.11.3/debian/control
--- duo-unix-1.11.3/debian/control 2020-03-14 17:08:43.0 +
+++ duo-unix-1.11.3/debian/control 2024-02-01 17:34:50.0 +
@@ -11,7 +11,7 @@
Architecture: any
Multi-Arch: same
Pre-Depends: ${misc:Pre-Depends}
-Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3 (= ${binary:Version}),
+Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3t64 (= ${binary:Version}),
libpam-runtime (>= 1.1.1-3~)
Description: PAM module for Duo Security two-factor authentication
This provides the PAM module needed to interact with the Duo Security
@@ -21,7 +21,7 @@
Package: login-duo
Section: admin
Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3 (= ${binary:Version}),
+Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3t64 (= ${binary:Version}),
openssh-server
Description: login wrapper for Duo Security two-factor authentication
This provides the login wrapper needed to interact with the Duo Security
@@ -29,7 +29,10 @@
be used along with global OpenSSH server configurations. Also includes
manpage and configuration.
-Package: libduo3
+Package: libduo3t64
+Provides: ${t64:Provides}
+Replaces: libduo3
+Breaks: libduo3 (<< ${source:Version})
Architecture: any
Multi-Arch: same
Pre-Depends: ${misc:Pre-Depends}
@@ -42,7 +45,7 @@
Package: libduo-dev
Section: libdevel
Architecture: any
-Depends: libduo3 (= ${binary:Version}), ${misc:Depends}
+Depends: libduo3t64 (= ${binary:Version}), ${misc:Depends}
Description: Duo Security development libraries and header files
This package provides the development libraries and header files needed to
link against the Duo Security library functions. Also includes the manpages
diff -Nru duo-unix-1.11.3/debian/libduo3.install
duo-unix-1.11.3/debian/libduo3.install
--- duo-unix-1.11.3/debian/libduo3.install 2011-09-02 23:13:26.0
+
+++ duo-unix-1.11.3/debian/libduo3.install 1970-01-01 00:00:00.0
+
@@ -1 +0,0 @@
-usr/lib/*/libduo.so.3*
diff -Nru duo-unix-1.11.3/debian/libduo3.manpages
duo-unix-1.11.3/debian/libduo3.manpages
--- duo-unix-1.11.3/debian/libduo3.manpages 2011-04-12 18:52:07.0
+
+++ duo-unix-1.11.3/debian/libduo3.manpages 1970-01-01 00:00:00.0
+
@@ -1 +0,0 @@
-debian/tmp/usr/share/man/man3/duo.3
diff
