Re: possible bug in auto-removals.
Hi Peter, On 16-12-2019 01:21, peter green wrote: > I have been observing a number of python cruft packages that are still > in testing recently, and I noticed that there seems to be an issue with > an auto-removal. cruft has never been supposed to be in testing. There was a bug in britney that we believe is fixed. The end of the output.txt has the packages which shouldn't have been left in testing: List of old libraries in the target suite (96): [...] (libraries in smooth update transitions) python-colorama: amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x python-colorlog: amd64 arm64 i386 mips64el ppc64el python-fonttools: amd64 i386 python-fs: amd64 i386 python-terminado: amd64 i386 python-waitress: amd64 arm64 armel armhf i386 mips64el mipsel ppc64el s390x > My understanding is that auto-removals is supposed to keep track of > reverse dependencies and initially delay auto-removal, then later, if > the package remains rc buggy for long enough, remove the > reverse-dependencies as well. Correct, if you mean with "remove the reverse-dependencies as well" that these reverse-dependencies are removed together when the "main" package. > However in the case of python-easydev auto-removals seems to be trying > to remove python-easydev without also removing it's reverse dependency > hinge. Any idea why? I see, probably a bug somewhere. I think the code that generates the list for autoremoval is this one: https://salsa.debian.org/qa/udd/blob/master/udd/testing_autoremovals_gatherer.pl Paul signature.asc Description: OpenPGP digital signature
Bug#946864: buster-pu: package libmatroska/1.4.9-1+deb10u1
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu libmatroska in stable has an incorrect version in its shlibs file. So the generated depenendencies of reverse depenendencies are not tight enough (see #946669 for details). I have uploaded a targeted fixed to buster-pu. The next time we have a vlc DSA it will pick up tight enough depenendencies. The full debdiff is attached. Cheers -- Sebastian Ramacher diff --git a/debian/changelog b/debian/changelog index 2458132..9df392a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +libmatroska (1.4.9-1+deb10u1) buster; urgency=medium + + * debian/shlibs: Bump version to 1.4.7 since that version introduced new +symbols (Closes: #946669) + + -- Sebastian Ramacher Mon, 16 Dec 2019 20:25:14 +0100 + libmatroska (1.4.9-1) unstable; urgency=medium * Team upload. diff --git a/debian/gbp.conf b/debian/gbp.conf index 682c4cf..5dfa190 100644 --- a/debian/gbp.conf +++ b/debian/gbp.conf @@ -1,6 +1,6 @@ [DEFAULT] upstream-branch = upstream -debian-branch = master +debian-branch = buster upstream-tag = upstream/%(version)s debian-tag = debian/%(version)s pristine-tar = True diff --git a/debian/shlibs b/debian/shlibs index fead0d7..aa7c745 100644 --- a/debian/shlibs +++ b/debian/shlibs @@ -1 +1 @@ -libmatroska 6 libmatroska6v5 (>= 1.4.5) +libmatroska 6 libmatroska6v5 (>= 1.4.7) signature.asc Description: PGP signature
Bug#946841: buster-pu: package simplesamlphp/1.16.3-1+deb10u2
Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Hi, The simpleSAMLphp package in buster suffers from an incompatibility with PHP 7.3 (also shipped in buster) that can be fixed with a one character change. The bug report is at https://bugs.debian.org/944820 This was missed during the release cycle because the already existing and working simplesamlphp package was not fully re-tested when PHP 7.3 was introduced into buster. Please see attached debdiff for a proposed fix for buster. Thanks, Thijs diff -Nru simplesamlphp-1.16.3/debian/changelog simplesamlphp-1.16.3/debian/changelog --- simplesamlphp-1.16.3/debian/changelog 2019-11-03 06:46:13.0 +0100 +++ simplesamlphp-1.16.3/debian/changelog 2019-12-16 14:15:00.0 +0100 @@ -1,3 +1,9 @@ +simplesamlphp (1.16.3-1+deb10u2) buster; urgency=medium + + * Fix incompatibility with PHP 7.3 (closes: #944820). + + -- Thijs Kinkhorst Mon, 16 Dec 2019 14:15:00 +0100 + simplesamlphp (1.16.3-1+deb10u1) buster-security; urgency=high * Fix security issue CVE-2019-3465. diff -Nru simplesamlphp-1.16.3/debian/patches/fix-xmlseclibs-php73.patch simplesamlphp-1.16.3/debian/patches/fix-xmlseclibs-php73.patch --- simplesamlphp-1.16.3/debian/patches/fix-xmlseclibs-php73.patch 1970-01-01 01:00:00.0 +0100 +++ simplesamlphp-1.16.3/debian/patches/fix-xmlseclibs-php73.patch 2019-12-16 14:15:00.0 +0100 @@ -0,0 +1,24 @@ +From: Stefan Winter +Date: Thu, 18 Oct 2018 07:24:07 +0200 +Subject: [PATCH] make regex PCRE2 compliant + +PHP7.3 makes a hard switch from PCRE to PCRE2, where the hyphen needs to be escaped. I've tested and confirmed that with PHP 7.3rc3 +- the code as was before this PR breaks with a PHP error about unable to compile the regex +- the code with this one-character PR applied works just fine +--- + src/Utils/XPath.php | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/Utils/XPath.php b/src/Utils/XPath.php +index 11e51fb..8cdc48e 100644 +--- a/vendor/robrichards/xmlseclibs/src/Utils/XPath.php b/vendor/robrichards/xmlseclibs/src/Utils/XPath.php +@@ -7,7 +7,7 @@ class XPath + const ALPHANUMERIC = '\w\d'; + const NUMERIC = '\d'; + const LETTERS = '\w'; +-const EXTENDED_ALPHANUMERIC = '\w\d\s-_:\.'; ++const EXTENDED_ALPHANUMERIC = '\w\d\s\-_:\.'; + + const SINGLE_QUOTE = '\''; + const DOUBLE_QUOTE = '"'; diff -Nru simplesamlphp-1.16.3/debian/patches/series simplesamlphp-1.16.3/debian/patches/series --- simplesamlphp-1.16.3/debian/patches/series 2019-11-03 06:44:18.0 +0100 +++ simplesamlphp-1.16.3/debian/patches/series 2019-12-16 14:15:00.0 +0100 @@ -1,2 +1,3 @@ debian_config.patch CVE-2019-3465.patch +fix-xmlseclibs-php73.patch
Bug#946831: buster-pu: package freerdp2/2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear Release Team,
I have just uploaded freerdp2
2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u1 to buster with the following
change:
+ * debian/patches:
++ Add 0001_CVE-2019-17177.patch. Fix realloc return handling.
+ (CVE-2019-17177).
+
-> Fixes a security issue.
Greets,
Mike
-- System Information:
Debian Release: 10.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/changelog
freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/changelog
--- freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/changelog
2019-02-04 10:04:45.0 +0100
+++ freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/changelog
2019-12-16 11:36:02.0 +0100
@@ -1,3 +1,11 @@
+freerdp2 (2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u1) buster; urgency=medium
+
+ * debian/patches:
++ Add 0001_CVE-2019-17177.patch. Fix realloc return handling.
+ (CVE-2019-17177).
+
+ -- Mike Gabriel Mon, 16 Dec 2019 11:36:02 +0100
+
freerdp2 (2.0.0~git20190204.1.2693389a+dfsg1-1) unstable; urgency=medium
* Import Git snapshot for 2.0.0-2693389a (post ~rc4) from upstream:
diff -Nru
freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/patches/0001_CVE-2019-17177.patch
freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/patches/0001_CVE-2019-17177.patch
---
freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/patches/0001_CVE-2019-17177.patch
1970-01-01 01:00:00.0 +0100
+++
freerdp2-2.0.0~git20190204.1.2693389a+dfsg1/debian/patches/0001_CVE-2019-17177.patch
2019-12-16 11:35:50.0 +0100
@@ -0,0 +1,171 @@
+From fc80ab45621bd966f70594c0b7393ec005a94007 Mon Sep 17 00:00:00 2001
+From: Armin Novak
+Date: Fri, 4 Oct 2019 14:49:30 +0200
+Subject: [PATCH] Fixed #5645: realloc return handling
+
+---
+ client/X11/generate_argument_docbook.c | 33 +-
+ libfreerdp/codec/region.c | 20
+ winpr/libwinpr/utils/lodepng/lodepng.c | 6 -
+ 3 files changed, 48 insertions(+), 11 deletions(-)
+
+--- a/client/X11/generate_argument_docbook.c
b/client/X11/generate_argument_docbook.c
+@@ -9,6 +9,7 @@
+ LPSTR tr_esc_str(LPCSTR arg, bool format)
+ {
+ LPSTR tmp = NULL;
++ LPSTR tmp2 = NULL;
+ size_t cs = 0, x, ds, len;
+ size_t s;
+
+@@ -25,7 +26,12 @@
+ ds = s + 1;
+
+ if (s)
+- tmp = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++ {
++ tmp2 = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++ if (!tmp2)
++ free(tmp);
++ tmp = tmp2;
++ }
+
+ if (NULL == tmp)
+ {
+@@ -43,7 +49,10 @@
+ case '<':
+ len = format ? 13 : 4;
+ ds += len - 1;
+- tmp = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++ tmp2 = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++ if (!tmp2)
++ free(tmp);
++ tmp = tmp2;
+
+ if (NULL == tmp)
+ {
+@@ -64,7 +73,10 @@
+ case '>':
+ len = format ? 14 : 4;
+ ds += len - 1;
+- tmp = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++ tmp2 = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++ if (!tmp2)
++ free(tmp);
++ tmp = tmp2;
+
+ if (NULL == tmp)
+ {
+@@ -84,7 +96,10 @@
+
+ case '\'':
+ ds += 5;
+- tmp = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++ tmp2 = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++ if (!tmp2)
++ free(tmp);
++ tmp = tmp2;
+
+ if (NULL == tmp)
+ {
+@@ -102,7 +117,10 @@
+
+ case '"':
+ ds += 5;
+- tmp = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++ tmp2 = (LPSTR)realloc(tmp, ds * sizeof(CHAR));
++
Bug#946824: buster-pu: package libvncserver/0.9.11+dfsg-1.3~deb9u2
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear Release Team,
I have just uploaded 0.99.11+dfsg-1.3~deb9u2 of src:libvncserver, bringing the
following changes to stretch:
+ * CVE-2019-15681: rfbserver: don't leak stack memory to the remote. (Closes:
+#943793).
Declared a issue by the secteam.
+ * debian/patches:
++ Trivial patch rebasing.
++ Add 3 use-after-free patches. Resolve a freeze during connection closure
and a
+ segmentation fault on multi-threaded VNC servers. (Closes: #905786).
Resolves freezes during connection closure. Cherry-picked from upstream.
++ Add 0002-set-true-color-flag-to-1.patch. Fix connecting to VMware
servers.
+ (Closes: #880531).
Resolves connecting to VMware servers.
Unfortunately, the two bug submitters of #880531 and #905786 were
unavailable for confirming their issues being fixed with the new version
of libvncserver. Neither was I presented with a test recipe for verifying
the bugs being fixed for buster myself.
Please note that this version for stretch is nearly identical with a just
uploaded similar update version for buster. (See: #946822).
Greets,
Mike
-- System Information:
Debian Release: 10.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru libvncserver-0.9.11+dfsg/debian/changelog
libvncserver-0.9.11+dfsg/debian/changelog
--- libvncserver-0.9.11+dfsg/debian/changelog 2019-02-02 22:41:23.0
+0100
+++ libvncserver-0.9.11+dfsg/debian/changelog 2019-12-16 11:08:42.0
+0100
@@ -1,3 +1,17 @@
+libvncserver (0.9.11+dfsg-1.3~deb9u2) stretch; urgency=medium
+
+ * CVE-2019-15681:
++ rfbserver: don't leak stack memory to the remote. (Closes: #943793).
+ * debian/patches:
++ Trivial patch rebasing.
++ Add 3 use-after-free patches. Resolve a freeze during connection
+ closure and a segmentation fault on multi-threaded VNC servers. (Closes:
+ #905786).
++ Add 0002-set-true-color-flag-to-1.patch. Fix connecting to VMware
servers.
+ (Closes: #880531).
+
+ -- Mike Gabriel Mon, 16 Dec 2019 11:08:42 +0100
+
libvncserver (0.9.11+dfsg-1.3~deb9u1) stretch-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru libvncserver-0.9.11+dfsg/debian/patches/0001-ignore_webclients.patch
libvncserver-0.9.11+dfsg/debian/patches/0001-ignore_webclients.patch
--- libvncserver-0.9.11+dfsg/debian/patches/0001-ignore_webclients.patch
2019-02-02 22:41:23.0 +0100
+++ libvncserver-0.9.11+dfsg/debian/patches/0001-ignore_webclients.patch
2019-12-16 10:57:16.0 +0100
@@ -21,7 +21,7 @@
bin_SCRIPTS = libvncserver-config
--- a/configure.ac
+++ b/configure.ac
-@@ -594,9 +594,6 @@
+@@ -583,9 +583,6 @@
libvncserver/Makefile
examples/Makefile
examples/android/Makefile
diff -Nru
libvncserver-0.9.11+dfsg/debian/patches/0002-set-true-color-flag-to-1.patch
libvncserver-0.9.11+dfsg/debian/patches/0002-set-true-color-flag-to-1.patch
--- libvncserver-0.9.11+dfsg/debian/patches/0002-set-true-color-flag-to-1.patch
1970-01-01 01:00:00.0 +0100
+++ libvncserver-0.9.11+dfsg/debian/patches/0002-set-true-color-flag-to-1.patch
2019-12-16 11:08:18.0 +0100
@@ -0,0 +1,20 @@
+From 7c54f07ca55046c6f9b5859c44781a1f22002982 Mon Sep 17 00:00:00 2001
+From: dborth
+Date: Mon, 3 Apr 2017 09:43:44 -0600
+Subject: [PATCH] Issue #141: Set trueColour flag to 1 instead of 255
+
+---
+ libvncclient/vncviewer.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libvncclient/vncviewer.c
b/libvncclient/vncviewer.c
+@@ -161,7 +161,7 @@
+ client->format.depth = bitsPerSample*samplesPerPixel;
+ client->appData.requestedDepth=client->format.depth;
+ client->format.bigEndian = *(char *)&client->endianTest?FALSE:TRUE;
+- client->format.trueColour = TRUE;
++ client->format.trueColour = 1;
+
+ if (client->format.bitsPerPixel == 8) {
+ client->format.redMax = 7;
diff -Nru
libvncserver-0.9.11+dfsg/debian/patches/CVE-2018-15126/0001-tightvnc-filetransfer-tie-the-download-thread-to-the.patch
libvncserver-0.9.11+dfsg/debian/patches/CVE-2018-15126/0001-tightvnc-filetransfer-tie-the-download-thread-to-the.patch
---
libvncserver-0.9.11+dfsg/debian/patches/CVE-2018-15126/0001-tightvnc-filetransfer-tie-the-download-thread-to-the.patch
2019-02-02 22:41:23.0 +0100
+++
libvncserver-0.9.11+dfsg/debian/patches/CVE-2018-15126/0001-tightvnc-filetransfer-tie-the-download-thread-to-the.patch
2019-12-16 10:57:16.0 +0100
@@ -13,11 +13
Bug#946822: buster-pu: package libvncserver/0.9.11+dfsg-1.3+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear Release Team,
I have just uploaded 0.99.11+dfsg-1.3+deb10u1 of src:libvncserver, bringing the
following changes to buster:
+ * CVE-2019-15681: rfbserver: don't leak stack memory to the remote. (Closes:
+#943793).
Declared a issue by the secteam.
+ * debian/patches:
++ Trivial patch rebasing.
++ Add 3 use-after-free patches. Resolve a freeze during connection closure
and a
+ segmentation fault on multi-threaded VNC servers. (Closes: #905786).
Resolves freezes during connection closure. Cherry-picked from upstream.
++ Add 0002-set-true-color-flag-to-1.patch. Fix connecting to VMware
servers.
+ (Closes: #880531).
Resolves connecting to VMware servers.
Unfortunately, the two bug submitters of #880531 and #905786 were
unavailable for confirming their issues being fixed with the new version
of libvncserver. Neither was I presented with a test recipe for verifying
the bugs being fixed for buster myself.
Greets,
Mike
-- System Information:
Debian Release: 10.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru libvncserver-0.9.11+dfsg/debian/changelog
libvncserver-0.9.11+dfsg/debian/changelog
--- libvncserver-0.9.11+dfsg/debian/changelog 2019-01-30 22:39:15.0
+0100
+++ libvncserver-0.9.11+dfsg/debian/changelog 2019-12-03 09:18:57.0
+0100
@@ -1,3 +1,16 @@
+libvncserver (0.9.11+dfsg-1.3+deb10u1) buster; urgency=medium
+
+ * CVE-2019-15681: rfbserver: don't leak stack memory to the remote. (Closes:
+#943793).
+ * debian/patches:
++ Trivial patch rebasing.
++ Add 3 use-after-free patches. Resolve a freeze during connection closure
and a
+ segmentation fault on multi-threaded VNC servers. (Closes: #905786).
++ Add 0002-set-true-color-flag-to-1.patch. Fix connecting to VMware
servers.
+ (Closes: #880531).
+
+ -- Mike Gabriel Tue, 03 Dec 2019 09:18:57 +0100
+
libvncserver (0.9.11+dfsg-1.3) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru libvncserver-0.9.11+dfsg/debian/patches/0001-ignore_webclients.patch
libvncserver-0.9.11+dfsg/debian/patches/0001-ignore_webclients.patch
--- libvncserver-0.9.11+dfsg/debian/patches/0001-ignore_webclients.patch
2019-01-30 22:39:15.0 +0100
+++ libvncserver-0.9.11+dfsg/debian/patches/0001-ignore_webclients.patch
2019-12-03 09:18:57.0 +0100
@@ -21,7 +21,7 @@
bin_SCRIPTS = libvncserver-config
--- a/configure.ac
+++ b/configure.ac
-@@ -594,9 +594,6 @@
+@@ -583,9 +583,6 @@
libvncserver/Makefile
examples/Makefile
examples/android/Makefile
diff -Nru
libvncserver-0.9.11+dfsg/debian/patches/0002-set-true-color-flag-to-1.patch
libvncserver-0.9.11+dfsg/debian/patches/0002-set-true-color-flag-to-1.patch
--- libvncserver-0.9.11+dfsg/debian/patches/0002-set-true-color-flag-to-1.patch
1970-01-01 01:00:00.0 +0100
+++ libvncserver-0.9.11+dfsg/debian/patches/0002-set-true-color-flag-to-1.patch
2019-12-03 09:18:57.0 +0100
@@ -0,0 +1,20 @@
+From 7c54f07ca55046c6f9b5859c44781a1f22002982 Mon Sep 17 00:00:00 2001
+From: dborth
+Date: Mon, 3 Apr 2017 09:43:44 -0600
+Subject: [PATCH] Issue #141: Set trueColour flag to 1 instead of 255
+
+---
+ libvncclient/vncviewer.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/libvncclient/vncviewer.c
b/libvncclient/vncviewer.c
+@@ -161,7 +161,7 @@
+ client->format.depth = bitsPerSample*samplesPerPixel;
+ client->appData.requestedDepth=client->format.depth;
+ client->format.bigEndian = *(char *)&client->endianTest?FALSE:TRUE;
+- client->format.trueColour = TRUE;
++ client->format.trueColour = 1;
+
+ if (client->format.bitsPerPixel == 8) {
+ client->format.redMax = 7;
diff -Nru
libvncserver-0.9.11+dfsg/debian/patches/CVE-2018-15126/0001-tightvnc-filetransfer-tie-the-download-thread-to-the.patch
libvncserver-0.9.11+dfsg/debian/patches/CVE-2018-15126/0001-tightvnc-filetransfer-tie-the-download-thread-to-the.patch
---
libvncserver-0.9.11+dfsg/debian/patches/CVE-2018-15126/0001-tightvnc-filetransfer-tie-the-download-thread-to-the.patch
2019-01-30 22:39:15.0 +0100
+++
libvncserver-0.9.11+dfsg/debian/patches/CVE-2018-15126/0001-tightvnc-filetransfer-tie-the-download-thread-to-the.patch
2019-12-03 09:18:57.0 +0100
@@ -13,11 +13,9 @@
libvncserver/tightvnc-filetransfer/rfbtightproto.h | 1 +
2 files changed, 2 insertions(+), 2 deletions(-)
-diff --git a/libvncserver/tightvnc-filetransfer
Bug#946819: buster-pu: package atril/1.20.3-1+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear Release Team,
I have just uploaded atril 1.20.3-1+deb10u1 to Debian buster with the
following changes:
+ [ Martin Wimpress ]
+ * debian/patches:
++ Add 0001_prevent_no_doc_segfault.patch. Prevent segfaults when no
document
+ is loaded.
See upstream issue: https://github.com/mate-desktop/atril/issues/357
When one loaded atril with no document and started playing with the
application settings, atril would segfault.
++ Add 0002_CVE-2019-1010006.patch. Fix buffer overflow. (CVE-2019-1010006)
This is a low security issue, but not tagged as no-dsa on the security
tracker. However, getting the other two patches into buster had prio and
thus I took the buster-pu upload path for this.
+ [ Mike Gabriel ]
+ * debian/patches:
++ Add CVE-2019-11459.patch. tiff: Handle failure from
+ TIFFReadRGBAImageOriented. (Closes: #927821).
++ Rebase 0001_prevent_no_doc_segfault.patch.
Security issue marked as unimportant, still something that deserves a fix via
buster-pu.
light+love,
Mike
-- System Information:
Debian Release: 10.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru atril-1.20.3/debian/changelog atril-1.20.3/debian/changelog
--- atril-1.20.3/debian/changelog 2018-12-22 22:24:46.0 +0100
+++ atril-1.20.3/debian/changelog 2019-12-16 10:33:35.0 +0100
@@ -1,3 +1,19 @@
+atril (1.20.3-1+deb10u1) buster; urgency=medium
+
+ [ Martin Wimpress ]
+ * debian/patches:
++ Add 0001_prevent_no_doc_segfault.patch. Prevent segfaults when no
document
+ is loaded.
++ Add 0002_CVE-2019-1010006.patch. Fix buffer overflow. (CVE-2019-1010006)
+
+ [ Mike Gabriel ]
+ * debian/patches:
++ Add CVE-2019-11459.patch. tiff: Handle failure from
+ TIFFReadRGBAImageOriented. (Closes: #927821).
++ Rebase 0001_prevent_no_doc_segfault.patch.
+
+ -- Mike Gabriel Mon, 16 Dec 2019 10:33:35 +0100
+
atril (1.20.3-1) unstable; urgency=medium
* New upstream release.
diff -Nru atril-1.20.3/debian/patches/0001_prevent_no_doc_segfault.patch
atril-1.20.3/debian/patches/0001_prevent_no_doc_segfault.patch
--- atril-1.20.3/debian/patches/0001_prevent_no_doc_segfault.patch
1970-01-01 01:00:00.0 +0100
+++ atril-1.20.3/debian/patches/0001_prevent_no_doc_segfault.patch
2019-12-16 10:31:57.0 +0100
@@ -0,0 +1,286 @@
+From 807e54f51919de389c2824df6ccef41947c57911 Mon Sep 17 00:00:00 2001
+From: Reuben Green
+Date: Sat, 3 Aug 2019 22:54:44 +0100
+Subject: [PATCH] prevent segfaults when no document loaded
+
+See the issue report for a description of the bug. The root cause is
+dereferencing of NULL pointers, specifically the priv->document member of
+EvWindow structures when no document is loaded. This commit adds checks
+for a NULL value of priv->document at all the points in the file
+shell/ev-window.c where this pointer was previously dereferenced without
+being checked.
+
+Fixes 357 (https://github.com/mate-desktop/atril/issues/357)
+---
+ shell/ev-window.c | 63 ---
+ 1 file changed, 32 insertions(+), 31 deletions(-)
+
+--- a/shell/ev-window.c
b/shell/ev-window.c
+@@ -1448,7 +1448,7 @@
+ /* Presentation */
+ if (ev_metadata_get_boolean (window->priv->metadata, "presentation",
&presentation)) {
+ if (presentation) {
+- if (window->priv->document->iswebdocument == TRUE ) {
++ if (window->priv->document &&
window->priv->document->iswebdocument == TRUE ) {
+ return;
+ }
+ else {
+@@ -1850,7 +1850,7 @@
+ ev_window_handle_link (EvWindow *ev_window,
+ EvLinkDest *dest)
+ {
+- if (ev_window->priv->document->iswebdocument == TRUE ) {
++ if (ev_window->priv->document &&
ev_window->priv->document->iswebdocument == TRUE ) {
+ return;
+ }
+ if (dest) {
+@@ -4117,7 +4117,7 @@
+*/
+ if (ev_window->priv->chrome & EV_CHROME_FINDBAR) {
+ egg_find_bar_grab_focus(ev_window->priv->find_bar);
+- } else if (ev_window->priv->document->iswebdocument == FALSE ) {
++ } else if (ev_window->priv->document &&
ev_window->priv->document->iswebdocument == FALSE ) {
+ ev_view_select_all (EV_VIEW (ev_window->priv->view));
+ }
+ #if ENABLE_EPUB
+@@ -4152,7 +4152,7 @@
+ update_chrome_flag (ev_window, EV_CHROME_FINDBAR, TRUE);
+ upda
