Package: prayer Version: 1.3.5-dfsg1-5 Severity: important Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu disco ubuntu-patch
Hi Magnus, In Ubuntu, we found that the prayer packages is failing to build from source with the following error: [...] gcc -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -I../lib -c -DACCOUNTD_PAM_ENABLE=1 authenticate.c authenticate.c:99:14: error: conflicting types for ‘crypt’ extern char *crypt(char *password, char *salt); ^~~~~ In file included from accountd.h:14, from authenticate.c:9: /usr/include/unistd.h:1124:14: note: previous declaration of ‘crypt’ was here extern char *crypt (const char *__key, const char *__salt) ^~~~~ [...] (https://launchpad.net/ubuntu/+source/prayer/1.3.5-dfsg1-5/+build/15633911) This is because glibc 2.28 provides a tightened prototype for crypt(), and the local prototype in authenticate.c is not compatible. The local prototype should just be dropped in favor of the system one, considering the comments in the code claim it was added in the first place for Linux, where we know it is not needed. I have uploaded the attached patch to Ubuntu to fix this build failure; please consider applying it in Debian as well. Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer https://www.debian.org/ slanga...@ubuntu.com vor...@debian.org
diff -Nru prayer-1.3.5-dfsg1/debian/patches/glibc-2.28.patch prayer-1.3.5-dfsg1/debian/patches/glibc-2.28.patch --- prayer-1.3.5-dfsg1/debian/patches/glibc-2.28.patch 1969-12-31 16:00:00.000000000 -0800 +++ prayer-1.3.5-dfsg1/debian/patches/glibc-2.28.patch 2018-11-15 14:34:02.000000000 -0800 @@ -0,0 +1,23 @@ +Description: drop wrong prototype for crypt() + The code provides its own protoype for crypt, claiming that Linux doesn't + have one in its system headers. Not only is that wrong, but the local + prototype is now incorrect, causing a build failure. +Author: Steve Langasek <steve.langa...@ubuntu.com> +Last-Modified: 2018-11-15 + +Index: prayer-1.3.5-dfsg1/accountd/authenticate.c +=================================================================== +--- prayer-1.3.5-dfsg1.orig/accountd/authenticate.c ++++ prayer-1.3.5-dfsg1/accountd/authenticate.c +@@ -94,11 +94,6 @@ + /* Definies a whole series of different authentication methods, including + * PAM if PAM support configured in ../Config */ + +-/* No prototype for crypt, at least on Linux */ +-#if HAVE_SHADOW +-extern char *crypt(char *password, char *salt); +-#endif +- + /* ====================================================================== */ + + #ifdef ACCOUNTD_PAM_ENABLE diff -Nru prayer-1.3.5-dfsg1/debian/patches/no-referrer.patch prayer-1.3.5-dfsg1/debian/patches/no-referrer.patch --- prayer-1.3.5-dfsg1/debian/patches/no-referrer.patch 2018-10-27 10:58:34.000000000 -0700 +++ prayer-1.3.5-dfsg1/debian/patches/no-referrer.patch 2018-11-15 14:32:53.000000000 -0800 @@ -2,8 +2,10 @@ Description: Add no-referrer meta header to templates. * CVE-2018-18655 ---- a/templates/cam/header.t -+++ b/templates/cam/header.t +Index: prayer-1.3.5-dfsg1/templates/cam/header.t +=================================================================== +--- prayer-1.3.5-dfsg1.orig/templates/cam/header.t ++++ prayer-1.3.5-dfsg1/templates/cam/header.t @@ -11,6 +11,7 @@ % ENDIF <meta name="robots" content="none" /> @@ -12,8 +14,10 @@ <link rel="stylesheet" href="/static/layout.css" type="text/css" media="all" /> <link rel="stylesheet" href="/static/print.css" ---- a/templates/old/header.t -+++ b/templates/old/header.t +Index: prayer-1.3.5-dfsg1/templates/old/header.t +=================================================================== +--- prayer-1.3.5-dfsg1.orig/templates/old/header.t ++++ prayer-1.3.5-dfsg1/templates/old/header.t @@ -11,6 +11,7 @@ % ENDIF <meta name="robots" content="none" /> diff -Nru prayer-1.3.5-dfsg1/debian/patches/series prayer-1.3.5-dfsg1/debian/patches/series --- prayer-1.3.5-dfsg1/debian/patches/series 2018-10-27 10:58:34.000000000 -0700 +++ prayer-1.3.5-dfsg1/debian/patches/series 2018-11-15 14:32:59.000000000 -0800 @@ -9,3 +9,4 @@ disable_ssl3.patch openssl1.1.patch no-referrer.patch +glibc-2.28.patch