Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please unblock package libetpan The upload just adds an upstream patch to fix serious bug #927709. Full debdiff attached, thanks in advance! unblock libetpan/1.9.3-2 -- System Information: Debian Release: 9.8 APT prefers stable-debug APT policy: (500, 'stable-debug'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-8-amd64 (SMP w/4 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
diff -Nru libetpan-1.9.3/debian/changelog libetpan-1.9.3/debian/changelog --- libetpan-1.9.3/debian/changelog 2019-01-26 20:49:11.000000000 +0100 +++ libetpan-1.9.3/debian/changelog 2019-05-06 23:27:54.000000000 +0200 @@ -1,3 +1,11 @@ +libetpan (1.9.3-2) unstable; urgency=high + + * debian/patches/90_fix_tls_timeout.diff + - Add upstream patch to fix TLS timeout (Closes: #927709) + * Raised changelog urgency because of serious bug + + -- Ricardo Mones <mo...@debian.org> Mon, 06 May 2019 23:27:54 +0200 + libetpan (1.9.3-1) unstable; urgency=medium * New upstream version 1.9.3 diff -Nru libetpan-1.9.3/debian/patches/90_fix_tls_timeout.diff libetpan-1.9.3/debian/patches/90_fix_tls_timeout.diff --- libetpan-1.9.3/debian/patches/90_fix_tls_timeout.diff 1970-01-01 01:00:00.000000000 +0100 +++ libetpan-1.9.3/debian/patches/90_fix_tls_timeout.diff 2019-05-06 23:27:54.000000000 +0200 @@ -0,0 +1,19 @@ +Origin: https://github.com/dinhviethoa/libetpan/commit/4aee22436809af67f23170fe15106b91ff2971e6 +Subject: Fix TLS timeouts with recent versions of GnuTLS + gnutls_handshake_set_timeout takes a timeout value in ms, but we were + providing a value in seconds. This means that on new-enough platforms + that use GnuTLS (e.g., Debian Buster), we would accidentally configure + a timeout 1,000 times shorter than requested. +Bug-Debian: https://bugs.debian.org/927709 + +--- a/src/data-types/mailstream_ssl.c ++++ b/src/data-types/mailstream_ssl.c +@@ -636,7 +636,7 @@ static struct mailstream_ssl_data * ssl_data_new(int fd, time_t timeout, + timeout_value = mailstream_network_delay.tv_sec * 1000 + mailstream_network_delay.tv_usec / 1000; + } + else { +- timeout_value = timeout; ++ timeout_value = timeout * 1000; + } + #if GNUTLS_VERSION_NUMBER >= 0x030100 + gnutls_handshake_set_timeout(session, timeout_value); diff -Nru libetpan-1.9.3/debian/patches/series libetpan-1.9.3/debian/patches/series --- libetpan-1.9.3/debian/patches/series 2019-01-26 20:49:11.000000000 +0100 +++ libetpan-1.9.3/debian/patches/series 2019-05-06 23:27:54.000000000 +0200 @@ -1,3 +1,4 @@ # 10_unnecessary_linkage.diff 11_use_openjade.diff 12_add_dummy_readme.diff +90_fix_tls_timeout.diff