Bug#944294: buster-pu: package libvirt-daemon/5.0.0-4
Hi, On Wed, Nov 27, 2019 at 05:52:33PM +0100, Guido Günther wrote: > Hi, > On Wed, Nov 27, 2019 at 04:17:13PM +, Adam D. Barratt wrote: > > Control: tags -1 -confirmed +moreinfo > > > > Hi, > > > > On 2019-11-27 16:07, Guido Günther wrote: > > > Hi Adam, > > > On Wed, Nov 27, 2019 at 01:21:40PM +, Adam D. Barratt wrote: > > > > Control: tags -1 + confirmed > > > > > > > > On 2019-11-27 13:05, Michal Arbet wrote: > > > > > I've added a patch from upstream ( sid already included it in new > > > > > version ). > > > > > Check current debdiff in attachment. > > > > > > > > That looks OK, assuming it's been build- and runtime-tested on a > > > > buster > > > > system. > > > > > > It would be nice to coordinate such things with the package > > > maintainers. I've had question's regarding these patches which weren't > > > answered yet: > > > > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944248#26 > > > > Apologies for that, we tend to assume that people making such requests > > either work on the package or have had that co-ordination discussion > > already. > > > > In this case I'll put the request on hold until we hear back. > > Thanks.I intend to look at the particular issue and fold it into the > update with > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939036 > > which is still pending. Attached is the debdiff with #933036 included as well. O.k. to upload to stable-p-u? Cheers, -- Guido > -- Guido > > > > > Regards, > > > > Adam > >
Bug#946184: buster-pu: package fig2dev/1:3.2.7a-5+deb10u2
Hi Adam! On Mi, 04 Dez 2019, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Wed, 2019-12-04 at 22:50 +0100, Roland Rosenfeld wrote: > > This fixes CVE-2019-19555 in buster. Since this is tagged > > "unimportant" by the security team on > > https://security-tracker.debian.org/tracker/CVE-2019-19555 they won't > > publish a DSA, so I tend to send this into the next point release of > > buster. > The Security Tracker and BTS suggest this issue is not yet resolved in > unstable - is that correct? Seems, that the systems are slower than me today :-) According to https://tracker.debian.org/news/1084412/accepted-fig2dev-1327b-2-source-into-unstable/ the upload to unstable proceeded. But it seems that I have a typo (brace at wrong position) in the changelog, so the bug was not closed :-( I'll just send out a closing mail by hand and will fix the wrong brace in the patches against buster and stretch soon. Greetings Roland
Processed: Re: Bug#946184: buster-pu: package fig2dev/1:3.2.7a-5+deb10u2
Processing control commands: > tags -1 - moreinfo Bug #946184 [release.debian.org] buster-pu: package fig2dev/1:3.2.7a-5+deb10u2 Removed tag(s) moreinfo. -- 946184: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946184 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#946184: buster-pu: package fig2dev/1:3.2.7a-5+deb10u2
Control: tags -1 - moreinfo Hi Adam, On Wed, Dec 04, 2019 at 10:04:04PM +, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Wed, 2019-12-04 at 22:50 +0100, Roland Rosenfeld wrote: > > This fixes CVE-2019-19555 in buster. Since this is tagged > > "unimportant" by the security team on > > https://security-tracker.debian.org/tracker/CVE-2019-19555 they won't > > publish a DSA, so I tend to send this into the next point release of > > buster. > > The Security Tracker and BTS suggest this issue is not yet resolved in > unstable - is that correct? The package has been uploaded to unstable, but it's only just not yet installed and the tracker data thus knowing the version. Cf. https://tracker.debian.org/news/1084412/accepted-fig2dev-1327b-2-source-into-unstable/ and https://salsa.debian.org/security-tracker-team/security-tracker/commit/08d5562d87450a464efa5fbecaa792a38bee6123 Regards, Salvatore
Processed: Re: Bug#946184: buster-pu: package fig2dev/1:3.2.7a-5+deb10u2
Processing control commands: > tags -1 + moreinfo Bug #946184 [release.debian.org] buster-pu: package fig2dev/1:3.2.7a-5+deb10u2 Added tag(s) moreinfo. -- 946184: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946184 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#946185: stretch-pu: package fig2dev/1:3.2.6a-2+deb9u3
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu This fixes CVE-2019-19555 in stretch. Since this is tagged "unimportant" by the security team on https://security-tracker.debian.org/tracker/CVE-2019-19555 they won't publish a DSA, so I tend to send this into the next point release of buster. Attached you'll find the diff against 3.2.6a-2+deb9u2. Greetings Roland diff -Nru fig2dev-3.2.6a/debian/changelog fig2dev-3.2.6a/debian/changelog --- fig2dev-3.2.6a/debian/changelog 2019-07-27 10:22:45.0 +0200 +++ fig2dev-3.2.6a/debian/changelog 2019-12-04 22:22:00.0 +0100 @@ -1,3 +1,10 @@ +fig2dev (1:3.2.6a-2+deb9u3) stretch; urgency=medium + + * 41_CVE-2019-19555: Allow Fig v2 text strings ending with multiple ^A. +This fixes CVE-2019-19555. Closes (#946176). + + -- Roland Rosenfeld Wed, 04 Dec 2019 22:22:00 +0100 + fig2dev (1:3.2.6a-2+deb9u2) stretch; urgency=medium * 40_circle_arrowhead: Do not segfault on circle/half circle arrowheads diff -Nru fig2dev-3.2.6a/debian/patches/41_CVE-2019-19555.patch fig2dev-3.2.6a/debian/patches/41_CVE-2019-19555.patch --- fig2dev-3.2.6a/debian/patches/41_CVE-2019-19555.patch 1970-01-01 01:00:00.0 +0100 +++ fig2dev-3.2.6a/debian/patches/41_CVE-2019-19555.patch 2019-12-04 22:22:00.0 +0100 @@ -0,0 +1,27 @@ +From: Thomas Loimer +Date: Wed Dec 4 17:56:04 2019 +0100 +Bug: https://sourceforge.net/p/mcj/tickets/55 +Bug-Debian: https://bugs.debian.org/946176 +Origin: https://sourceforge.net/p/mcj/fig2dev/ci/19db5fe6f77ebad91af4b4ef0defd61bd0bb358f/ +Subject: Allow Fig v2 text strings ending with multiple ^A. + This fixes CVE-2019-19555 + +--- a/fig2dev/read.c b/fig2dev/read.c +@@ -3,6 +3,7 @@ + * Copyright (c) 1991 by Micah Beck + * Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul + * Parts Copyright (c) 1989-2002 by Brian V. Smith ++ * Parts Copyright (c) 2015-2019 by Thomas Loimer + * + * Any party obtaining a copy of these files is granted, free of charge, a + * full and unrestricted irrevocable, world-wide, paid up, royalty-free, +@@ -1223,7 +1224,7 @@ read_textobject(FILE *fp) + If we do not find the CONTROL-A on this line then this must + be a multi-line text object and we will have to read more. */ + +- n = sscanf(buf,"%*d%d%d%lf%d%d%d%lf%d%lf%lf%d%d%[^\1]%[\1]", ++ n = sscanf(buf,"%*d%d%d%lf%d%d%d%lf%d%lf%lf%d%d%[^\1]%1[\1]", + >type, >font, >size, >pen, + >color, >depth, >angle, + >flags, >height, >length, diff -Nru fig2dev-3.2.6a/debian/patches/series fig2dev-3.2.6a/debian/patches/series --- fig2dev-3.2.6a/debian/patches/series 2019-07-27 10:22:45.0 +0200 +++ fig2dev-3.2.6a/debian/patches/series 2019-12-04 22:22:00.0 +0100 @@ -5,3 +5,4 @@ 31_input_sanitizing.patch 32_fill-style-overflow.patch 40_circle_arrowhead.patch +41_CVE-2019-19555.patch
Bug#946184: buster-pu: package fig2dev/1:3.2.7a-5+deb10u2
Control: tags -1 + moreinfo On Wed, 2019-12-04 at 22:50 +0100, Roland Rosenfeld wrote: > This fixes CVE-2019-19555 in buster. Since this is tagged > "unimportant" by the security team on > https://security-tracker.debian.org/tracker/CVE-2019-19555 they won't > publish a DSA, so I tend to send this into the next point release of > buster. The Security Tracker and BTS suggest this issue is not yet resolved in unstable - is that correct? Regards, Adam
Bug#946184: buster-pu: package fig2dev/1:3.2.7a-5+deb10u2
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu This fixes CVE-2019-19555 in buster. Since this is tagged "unimportant" by the security team on https://security-tracker.debian.org/tracker/CVE-2019-19555 they won't publish a DSA, so I tend to send this into the next point release of buster. Attached you'll find the diff against 3.2.7a-5+deb10u1. Greetings Roland diff -Nru fig2dev-3.2.7a/debian/changelog fig2dev-3.2.7a/debian/changelog --- fig2dev-3.2.7a/debian/changelog 2019-07-27 09:51:53.0 +0200 +++ fig2dev-3.2.7a/debian/changelog 2019-12-04 22:12:49.0 +0100 @@ -1,3 +1,10 @@ +fig2dev (1:3.2.7a-5+deb10u2) buster; urgency=medium + + * 41_CVE-2019-19555: Allow Fig v2 text strings ending with multiple ^A. +This fixes CVE-2019-19555. Closes (#946176). + + -- Roland Rosenfeld Wed, 04 Dec 2019 22:12:49 +0100 + fig2dev (1:3.2.7a-5+deb10u1) buster; urgency=medium * 40_circle_arrowhead: Do not segfault on circle/half circle arrowheads diff -Nru fig2dev-3.2.7a/debian/patches/41_CVE-2019-19555.patch fig2dev-3.2.7a/debian/patches/41_CVE-2019-19555.patch --- fig2dev-3.2.7a/debian/patches/41_CVE-2019-19555.patch 1970-01-01 01:00:00.0 +0100 +++ fig2dev-3.2.7a/debian/patches/41_CVE-2019-19555.patch 2019-12-04 22:12:49.0 +0100 @@ -0,0 +1,28 @@ +From: Thomas Loimer +Date: Wed Dec 4 17:56:04 2019 +0100 +Bug: https://sourceforge.net/p/mcj/tickets/55 +Bug-Debian: https://bugs.debian.org/946176 +Origin: https://sourceforge.net/p/mcj/fig2dev/ci/19db5fe6f77ebad91af4b4ef0defd61bd0bb358f/ +Subject: Allow Fig v2 text strings ending with multiple ^A. + This fixes CVE-2019-19555 + +--- a/fig2dev/read.c b/fig2dev/read.c +@@ -3,7 +3,7 @@ + * Copyright (c) 1991 by Micah Beck + * Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul + * Parts Copyright (c) 1989-2015 by Brian V. Smith +- * Parts Copyright (c) 2015-2018 by Thomas Loimer ++ * Parts Copyright (c) 2015-2019 by Thomas Loimer + * + * Any party obtaining a copy of these files is granted, free of charge, a + * full and unrestricted irrevocable, world-wide, paid up, royalty-free, +@@ -1318,7 +1318,7 @@ read_textobject(FILE *fp) + If we do not find the CONTROL-A on this line then this must + be a multi-line text object and we will have to read more. */ + +- n = sscanf(buf,"%*d%d%d%lf%d%d%d%lf%d%lf%lf%d%d%[^\1]%[\1]", ++ n = sscanf(buf,"%*d%d%d%lf%d%d%d%lf%d%lf%lf%d%d%[^\1]%1[\1]", + >type, >font, >size, >pen, + >color, >depth, >angle, + >flags, >height, >length, diff -Nru fig2dev-3.2.7a/debian/patches/series fig2dev-3.2.7a/debian/patches/series --- fig2dev-3.2.7a/debian/patches/series 2019-07-27 09:51:53.0 +0200 +++ fig2dev-3.2.7a/debian/patches/series 2019-12-04 22:12:49.0 +0100 @@ -12,3 +12,4 @@ 37_pgf-etex.patch 38_omit_showpage.patch 40_circle_arrowhead.patch +41_CVE-2019-19555.patch signature.asc Description: PGP signature
Bug#946175: buster-pu: package uif/1.1.9-1+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi,
only after the buster release I became aware of the nftables shift. I
totally missed that.
+ * debian/patches:
++ Add 1001_use-iptables-legacy.patch. Work-around iptables->nftables switch
+ in Debian. Full nftables support is being worked on on the upstream side.
+ (Closes: #932265).
For Debian buster, I added a patch to uif so that it uses the
iptables-legacy commands directly.
For Debian bullseye, I (with upstream hat on) work on proper nftables
integration.
Please ACK the already uploaded uif 1.1.9-1+deb10u1, so that people can
still use uif in Debian buster.
Thanks,
Mike
-- System Information:
Debian Release: 10.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru uif-1.1.9/debian/changelog uif-1.1.9/debian/changelog
--- uif-1.1.9/debian/changelog 2018-08-19 02:15:35.0 +0200
+++ uif-1.1.9/debian/changelog 2019-12-04 21:06:28.0 +0100
@@ -1,3 +1,12 @@
+uif (1.1.9-1+deb10u1) buster; urgency=medium
+
+ * debian/patches:
++ Add 1001_use-iptables-legacy.patch. Work-around iptables->nftables switch
+ in Debian. Full nftables support is being worked on on the upstream side.
+ (Closes: #932265).
+
+ -- Mike Gabriel Wed, 04 Dec 2019 21:06:28 +0100
+
uif (1.1.9-1) unstable; urgency=medium
* New upstream release.
diff -Nru uif-1.1.9/debian/patches/1001_use-iptables-legacy.patch
uif-1.1.9/debian/patches/1001_use-iptables-legacy.patch
--- uif-1.1.9/debian/patches/1001_use-iptables-legacy.patch 1970-01-01
01:00:00.0 +0100
+++ uif-1.1.9/debian/patches/1001_use-iptables-legacy.patch 2019-12-04
21:06:13.0 +0100
@@ -0,0 +1,38 @@
+--- a/uif.pl
b/uif.pl
+@@ -1475,9 +1475,9 @@
+
+ @$Listing=map { $_."\n" } @$Listing;
+ if ($ipv6) {
+- open (IPT, '/sbin/ip6tables-save|');
++ open (IPT, '/usr/sbin/ip6tables-legacy-save|');
+ } else {
+- open (IPT, '/sbin/iptables-save|');
++ open (IPT, '/usr/sbin/iptables-legacy-save|');
+ }
+ @oldrules = ;
+ close (IPT);
+@@ -1488,9 +1488,9 @@
+ $SIG{'TERM'} = 'signalCatcher';
+
+ if ($ipv6) {
+- open (IPT, '|/sbin/ip6tables-restore');
++ open (IPT, '|/usr/sbin/ip6tables-legacy-restore');
+ } else {
+- open (IPT, '|/sbin/iptables-restore');
++ open (IPT, '|/usr/sbin/iptables-legacy-restore');
+ }
+ print IPT @$Listing;
+ close (IPT);
+@@ -1501,9 +1501,9 @@
+ }
+ if ($timeout || $SignalCatched || $error) {
+ if ($ipv6) {
+- open (IPT, '|/sbin/ip6tables-restore');
++ open (IPT, '|/usr/sbin/ip6tables-legacy-restore');
+ } else {
+- open (IPT, '|/sbin/iptables-restore');
++ open (IPT, '|/usr/sbin/iptables-legacy-restore');
+ }
+ print IPT @oldrules;
+ close (IPT);
diff -Nru uif-1.1.9/debian/patches/series uif-1.1.9/debian/patches/series
--- uif-1.1.9/debian/patches/series 1970-01-01 01:00:00.0 +0100
+++ uif-1.1.9/debian/patches/series 2019-12-04 21:06:13.0 +0100
@@ -0,0 +1 @@
+1001_use-iptables-legacy.patch
Bug#946165: marked as done (nmu: usb-modeswitch_2.5.2+repack0 | openocd_0.10.0-6)
Your message dated Wed, 4 Dec 2019 18:55:54 +0200 with message-id and subject line Re: Bug#946165: nmu: usb-modeswitch_2.5.2+repack0 | openocd_0.10.0-6 has caused the Debian Bug report #946165, regarding nmu: usb-modeswitch_2.5.2+repack0 | openocd_0.10.0-6 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 946165: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946165 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Hello, the micro-transition for jimtcl (SONAME bump from 0.77 to 0.79) is in progress; two packages need to be rebuilt: https://release.debian.org/transitions/html/auto-jimtcl.html nmu usb-modeswitch_2.5.2+repack0-2 . ANY . unstable . -m "Rebuild against libjim0.79" nmu openocd_0.10.0-6 . ANY . unstable . -m "Rebuild against libjim0.79" I have manually tested the two builds on amd64. Many thanks for your work; OdyX -- System Information: Debian Release: bullseye/sid APT prefers buildd-unstable APT policy: (990, 'buildd-unstable'), (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (100, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.3.0-2-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CH:fr (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled --- End Message --- --- Begin Message --- On Wed, 4 Dec 2019 at 18:39, Didier 'OdyX' Raboud wrote: > nmu usb-modeswitch_2.5.2+repack0-2 . ANY . unstable . -m "Rebuild against > libjim0.79" > nmu openocd_0.10.0-6 . ANY . unstable . -m "Rebuild against libjim0.79" Scheduled.--- End Message ---
Bug#946165: nmu: usb-modeswitch_2.5.2+repack0 | openocd_0.10.0-6
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu Hello, the micro-transition for jimtcl (SONAME bump from 0.77 to 0.79) is in progress; two packages need to be rebuilt: https://release.debian.org/transitions/html/auto-jimtcl.html nmu usb-modeswitch_2.5.2+repack0-2 . ANY . unstable . -m "Rebuild against libjim0.79" nmu openocd_0.10.0-6 . ANY . unstable . -m "Rebuild against libjim0.79" I have manually tested the two builds on amd64. Many thanks for your work; OdyX -- System Information: Debian Release: bullseye/sid APT prefers buildd-unstable APT policy: (990, 'buildd-unstable'), (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (100, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.3.0-2-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CH:fr (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#946159: stretch-pu: package libxslt/1.1.29-2.1+deb9u2
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu
Hi
This update adresses CVE-2019-18197 as well for stretch (was alredy
done for buster in the last point release). Attaching the resulting
debdiff.
Regards,
Salvatore
diff -Nru libxslt-1.1.29/debian/changelog libxslt-1.1.29/debian/changelog
--- libxslt-1.1.29/debian/changelog 2019-08-24 14:04:13.0 +0200
+++ libxslt-1.1.29/debian/changelog 2019-12-04 15:41:16.0 +0100
@@ -1,3 +1,10 @@
+libxslt (1.1.29-2.1+deb9u2) stretch; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix dangling pointer in xsltCopyText (CVE-2019-18197) (Closes: #942646)
+
+ -- Salvatore Bonaccorso Wed, 04 Dec 2019 15:41:16 +0100
+
libxslt (1.1.29-2.1+deb9u1) stretch; urgency=medium
* Non-maintainer upload.
diff -Nru
libxslt-1.1.29/debian/patches/0012-Fix-dangling-pointer-in-xsltCopyText.patch
libxslt-1.1.29/debian/patches/0012-Fix-dangling-pointer-in-xsltCopyText.patch
---
libxslt-1.1.29/debian/patches/0012-Fix-dangling-pointer-in-xsltCopyText.patch
1970-01-01 01:00:00.0 +0100
+++
libxslt-1.1.29/debian/patches/0012-Fix-dangling-pointer-in-xsltCopyText.patch
2019-12-04 15:41:16.0 +0100
@@ -0,0 +1,35 @@
+From: Nick Wellnhofer
+Date: Sat, 17 Aug 2019 16:51:53 +0200
+Subject: Fix dangling pointer in xsltCopyText
+Origin:
https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-18197
+Bug-Debian: https://bugs.debian.org/942646
+Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746
+Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768
+Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914
+
+xsltCopyText didn't reset ctxt->lasttext in some cases which could
+lead to various memory errors in relation with CDATA sections in input
+documents.
+
+Found by OSS-Fuzz.
+---
+ libxslt/transform.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libxslt/transform.c b/libxslt/transform.c
+index 95ebd0732f95..d7ab0b6677cc 100644
+--- a/libxslt/transform.c
b/libxslt/transform.c
+@@ -1094,6 +1094,8 @@ xsltCopyText(xsltTransformContextPtr ctxt, xmlNodePtr
target,
+ if ((copy->content = xmlStrdup(cur->content)) == NULL)
+ return NULL;
+ }
++
++ ctxt->lasttext = NULL;
+ } else {
+ /*
+* normal processing. keep counters to extend the text node
+--
+2.20.1
+
diff -Nru libxslt-1.1.29/debian/patches/series
libxslt-1.1.29/debian/patches/series
--- libxslt-1.1.29/debian/patches/series2019-08-24 14:04:13.0
+0200
+++ libxslt-1.1.29/debian/patches/series2019-12-04 15:41:16.0
+0100
@@ -9,3 +9,4 @@
0009-Fix-security-framework-bypass.patch
0010-Fix-uninitialized-read-of-xsl-number-token.patch
0011-Fix-uninitialized-read-with-UTF-8-grouping-chars.patch
+0012-Fix-dangling-pointer-in-xsltCopyText.patch
Bug#946157: marked as done (libisl transition)
Your message dated Wed, 4 Dec 2019 15:00:01 +0200 with message-id and subject line Re: Bug#946157: libisl transition has caused the Debian Bug report #946157, regarding libisl transition to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 946157: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946157 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Not really a transition, but a binNMU for one package should be done: gcc-mingw-w64 Not asking for any -mipsen package, because these are not in testing. --- End Message --- --- Begin Message --- On 2019/12/04 14:42, Matthias Klose wrote: Not really a transition, but a binNMU for one package should be done: gcc-mingw-w64 Not asking for any -mipsen package, because these are not in testing. Scheduled.--- End Message ---
Bug#946157: libisl transition
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition Not really a transition, but a binNMU for one package should be done: gcc-mingw-w64 Not asking for any -mipsen package, because these are not in testing.
Bug#945619: transition: kdepim 19.08
Hey Paul, from my point of view it seems that the transition is finished. every reveres dependency has been built for sid. Now we only need to wait till it migrates to bullseye. hefee -- On Samstag, 30. November 2019 21:34:52 CET Paul Gevers wrote: > Control: tags -1 confirmed > > Hi Sandro, > > On 30-11-2019 00:08, Sandro Knauß wrote: > > I prepared a patch for zanshin [!1]. That means I could now built every > > > > reverse dependency with KDEPIM 19.08 and nothing is stopping me to start > > with the transition (except the ACK from your side). > > Please, go ahead. > > Paul signature.asc Description: This is a digitally signed message part.
