Bug#607438: Bugs in stable c-ares package
On 11/22/11 10:24 PM, Adam D. Barratt wrote: On Sun, 2011-11-06 at 16:17 +, Adam D. Barratt wrote: On Sat, 2011-11-05 at 20:51 +0100, Gregor Jasny wrote: Uploaded to mentors for reviewing and testing: http://mentors.debian.net/debian/pool/main/c/c-ares/c-ares_1.7.3-1squeeze1.dsc Andreas, could you please upload to stable (if you have no objections) once the release team gives their OK? The debdiff as provided in your mail looks fine; thanks. For the record, the upload happened and was accepted a few days ago; I appear to have neglected to follow-up at the time. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#607438: Bugs in stable c-ares package
On Wed, 2011-11-23 at 13:25 +0100, Gregor Jasny wrote: On 11/22/11 10:24 PM, Adam D. Barratt wrote: On Sun, 2011-11-06 at 16:17 +, Adam D. Barratt wrote: On Sat, 2011-11-05 at 20:51 +0100, Gregor Jasny wrote: Uploaded to mentors for reviewing and testing: http://mentors.debian.net/debian/pool/main/c/c-ares/c-ares_1.7.3-1squeeze1.dsc Andreas, could you please upload to stable (if you have no objections) once the release team gives their OK? The debdiff as provided in your mail looks fine; thanks. Any news on the upload? [...] Maybe you could sponsor the upload? I don't generally do one-off sponsorship I'm afraid, particularly for packages I don't use. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#607438: Bugs in stable c-ares package
Hello Adam, On 11/22/11 10:24 PM, Adam D. Barratt wrote: On Sun, 2011-11-06 at 16:17 +, Adam D. Barratt wrote: On Sat, 2011-11-05 at 20:51 +0100, Gregor Jasny wrote: Uploaded to mentors for reviewing and testing: http://mentors.debian.net/debian/pool/main/c/c-ares/c-ares_1.7.3-1squeeze1.dsc Andreas, could you please upload to stable (if you have no objections) once the release team gives their OK? The debdiff as provided in your mail looks fine; thanks. Any news on the upload? I'd suggest to upload to DELAYED/7 to give Andreas a chance to intervene. I'm not sure if I as a DM am allowed to upload to stable. The dsc on mentors contains the original source. Otherwise mentors rejected the upload. Is this a problem? Maybe you could sponsor the upload? Thanks, Gregor -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#607438: Bugs in stable c-ares package
On Sun, 2011-11-06 at 16:17 +, Adam D. Barratt wrote: On Sat, 2011-11-05 at 20:51 +0100, Gregor Jasny wrote: On 11/5/11 3:26 PM, Adam D. Barratt wrote: On Sun, 2011-10-30 at 18:36 +0100, Gregor Jasny wrote: 1) Update stable version with the single patch from the bug report This would be the safest and generally preferred option. I took option 1 and prepared c-ares_1.7.3-1squeeze1: http://anonscm.debian.org/gitweb/?p=collab-maint/c-ares.git;a=shortlog;h=refs/heads/squeeze Uploaded to mentors for reviewing and testing: http://mentors.debian.net/debian/pool/main/c/c-ares/c-ares_1.7.3-1squeeze1.dsc Andreas, could you please upload to stable (if you have no objections) once the release team gives their OK? The debdiff as provided in your mail looks fine; thanks. Any news on the upload? Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#607438: Bugs in stable c-ares package
On Sat, 2011-11-05 at 20:51 +0100, Gregor Jasny wrote: On 11/5/11 3:26 PM, Adam D. Barratt wrote: On Sun, 2011-10-30 at 18:36 +0100, Gregor Jasny wrote: 1) Update stable version with the single patch from the bug report This would be the safest and generally preferred option. I took option 1 and prepared c-ares_1.7.3-1squeeze1: http://anonscm.debian.org/gitweb/?p=collab-maint/c-ares.git;a=shortlog;h=refs/heads/squeeze Uploaded to mentors for reviewing and testing: http://mentors.debian.net/debian/pool/main/c/c-ares/c-ares_1.7.3-1squeeze1.dsc Andreas, could you please upload to stable (if you have no objections) once the release team gives their OK? The debdiff as provided in your mail looks fine; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#607438: Bugs in stable c-ares package
On Sun, 2011-10-30 at 18:36 +0100, Gregor Jasny wrote: I have a question regarding the c-ares package (a library to query the DNS) bug #607438. The bug report has a patch attached. But browsing the upstream repository shows many fixes since v1.7.3. How should I go on here? I see three options: 1) Update stable version with the single patch from the bug report This would be the safest and generally preferred option. 2) Update the stable version to 1.7.5 (the library hides private symbols and should be easily replaceable) On the whole, this isn't appropriate for a stable release. 3) Cherry pick all the patches from below (and maybe ask upstream to verify the list) Selected patches of specific import, possibly; all (or even most) of them, probably not. The list you provided includes, for instance, at least one new feature, patches which only apply to non-Debian systems and fixes for issues which don't exist in 1.7.3. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#607438: Bugs in stable c-ares package
tags 607438 + pending stop Thanks for the reply Adam! On 11/5/11 3:26 PM, Adam D. Barratt wrote: On Sun, 2011-10-30 at 18:36 +0100, Gregor Jasny wrote: How should I go on here? I see three options: 1) Update stable version with the single patch from the bug report This would be the safest and generally preferred option. I took option 1 and prepared c-ares_1.7.3-1squeeze1: http://anonscm.debian.org/gitweb/?p=collab-maint/c-ares.git;a=shortlog;h=refs/heads/squeeze Uploaded to mentors for reviewing and testing: http://mentors.debian.net/debian/pool/main/c/c-ares/c-ares_1.7.3-1squeeze1.dsc Andreas, could you please upload to stable (if you have no objections) once the release team gives their OK? Thanks, Gregor Debdiff: $ debdiff --diffstat c-ares_1.7.3-1.dsc c-ares_1.7.3-1squeeze1.dsc diffstat for c-ares-1.7.3 c-ares-1.7.3 changelog |6 ++ gbp.conf |2 +- patches/fix_ares_expand_name.diff | 26 ++ patches/series|1 + 4 files changed, 34 insertions(+), 1 deletion(-) diff -Nru c-ares-1.7.3/debian/changelog c-ares-1.7.3/debian/changelog --- c-ares-1.7.3/debian/changelog 2010-06-13 22:01:50.0 +0200 +++ c-ares-1.7.3/debian/changelog 2011-11-04 15:45:58.0 +0100 @@ -1,3 +1,9 @@ +c-ares (1.7.3-1squeeze1) stable; urgency=low + + * Fix ares_expand_name bug (Closes: #607438) + + -- Gregor Jasny gja...@googlemail.com Fri, 04 Nov 2011 15:33:10 +0100 + c-ares (1.7.3-1) unstable; urgency=low [ Gregor Jasny ] diff -Nru c-ares-1.7.3/debian/gbp.conf c-ares-1.7.3/debian/gbp.conf --- c-ares-1.7.3/debian/gbp.conf2010-06-13 22:01:50.0 +0200 +++ c-ares-1.7.3/debian/gbp.conf2011-11-04 14:59:24.0 +0100 @@ -1,6 +1,6 @@ [DEFAULT] upstream-branch = upstream -debian-branch = master +debian-branch = squeeze upstream-tag = upstream/%(version)s debian-tag = debian/%(version)s pristine-tar = True diff -Nru c-ares-1.7.3/debian/patches/fix_ares_expand_name.diff c-ares-1.7.3/debian/patches/fix_ares_expand_name.diff --- c-ares-1.7.3/debian/patches/fix_ares_expand_name.diff 1970-01-01 01:00:00.0 +0100 +++ c-ares-1.7.3/debian/patches/fix_ares_expand_name.diff 2011-11-04 15:44:26.0 +0100 @@ -0,0 +1,26 @@ +Origin: upstream, 70b726c3343f83d7d3460dce0b24e8930c6f6195 +Author: Stefan Bühler stbueh...@web.de +Date: Sat Dec 18 14:17:09 2010 +0100 + +ares_expand_name: Fix encoded length for indirect root + +diff --git a/ares_expand_name.c b/ares_expand_name.c +index 2af6b2a..e3eccd2 100644 +--- a/ares_expand_name.c b/ares_expand_name.c +@@ -87,7 +87,14 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf, + * Since this function strips trailing dots though, it becomes + */ + q[0] = '\0'; +-*enclen = 1; /* the caller should move one byte to get past this */ ++ ++/* indirect root label (like 0xc0 0x0c) is 2 bytes long (stupid, but ++ valid) */ ++if ((*encoded INDIR_MASK) == INDIR_MASK) ++ *enclen = 2; ++else ++ *enclen = 1; /* the caller should move one byte to get past this */ ++ + return ARES_SUCCESS; + } + diff -Nru c-ares-1.7.3/debian/patches/series c-ares-1.7.3/debian/patches/series --- c-ares-1.7.3/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ c-ares-1.7.3/debian/patches/series 2011-11-04 15:44:26.0 +0100 @@ -0,0 +1 @@ +fix_ares_expand_name.diff -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#607438: Bugs in stable c-ares package
Hello, I have a question regarding the c-ares package (a library to query the DNS) bug #607438. The bug report has a patch attached. But browsing the upstream repository shows many fixes since v1.7.3. How should I go on here? I see three options: 1) Update stable version with the single patch from the bug report 2) Update the stable version to 1.7.5 (the library hides private symbols and should be easily replaceable) 3) Cherry pick all the patches from below (and maybe ask upstream to verify the list) Thanks, Gregor This is the CHANGES file annotated with the corresponding git commits: Version 1.7.6 (unreleased) ares_destroy.c: fix segfault in ares_destroy_options() https://github.com/bagder/c-ares/commit/b816675c0f1dddfbff5fb1edc99ee484ccf4c1b6 ares_getnameinfo: fix random results with c-ares 1.7.5 https://github.com/bagder/c-ares/commit/1f8f14d21ebfcddd18c6c7ba7c74a160b64575ac ares_init.c: fix segfault triggered in ares_init_options() https://github.com/bagder/c-ares/commit/3d84eb3bbca244da90e17750a31520a1b1b24e88 Version 1.7.5 (August 16, 2011) Fixed: o detection of semicolon comments in resolv.conf (?)https://github.com/bagder/c-ares/commit/b2dafb6974da4f3b80dda3bd343989157d8c36a0 o avoid using system's inet_net_pton affected by the WLB-2008080064 advisory o replacement ares_inet_net_pton affected by the WLB-2008080064 advisory o replacement ares_inet_ntop affected by potential out of bounds write o added install target to Makefile.msvc o only fall back to AF_INET searches when looking for AF_UNSPEC addresses (?)https://github.com/bagder/c-ares/commit/bb4096effef7f0001339669a4abf9448ec1f8743 o fixed ares_parse_*_reply memory leaks https://github.com/bagder/c-ares/commit/978a929b405421bf53f8daf56451b11e3ee4fc03 https://github.com/bagder/c-ares/commit/18b6d475dc160efba24861e584dd6de92a573862 https://github.com/bagder/c-ares/commit/a1116723d40b402d0690061c1b23858c33953d79 https://github.com/bagder/c-ares/commit/09f8a05573e3b94c50f0f8f72e39c48f24b7cf43 https://github.com/bagder/c-ares/commit/bffd67f16a8f42fe6dbf79ab2e39d92eea05c8a6 o Use correct sizeof in ares_getnameinfo() https://github.com/bagder/c-ares/commit/22c527cc87438d219fd3a7df73fa54bd6a78a787 o IPv6-on-windows: find DNS servers correctly o man pages: docs for the c-ares utility programs o getservbyport replacement for Win CE o config_sortlist: (win32) missing else o advance_tcp_send_queue: avoid NULL ptr dereference https://github.com/bagder/c-ares/commit/366cd6d54dfdf0d487f60333c45e9c7da9327050 o configure: fix a bashism o ares_expand_name: Fix encoded length for indirect root https://github.com/bagder/c-ares/commit/70b726c3343f83d7d3460dce0b24e8930c6f6195 Not mentioned in CHANGES: ares_free_hostent(NULL) should be a noop https://github.com/bagder/c-ares/commit/adf75c56c419e23be63de86913e587e502f74c5b Fix incorrect allocation in ares_parse_ptr_reply() https://github.com/bagder/c-ares/commit/654733a3998f0f72a67add9e386e550fe02da2b2 Fix incorrect sizeof() in ares_save_options https://github.com/bagder/c-ares/commit/8e457f2c41621a86f917a1acb98efb1196e7571c Version 1.7.4 (December 9, 2010) Changed: o local-bind: Support binding to local interface/IPs, see ares_set_local_ip4, ares_set_local_ip6, ares_set_local_dev Fixed: o memory leak in ares_getnameinfo https://github.com/bagder/c-ares/commit/d6b869894190e15960987786d337dc8d42f8285b o add missing break that caused get_ares_servers to fail https://github.com/bagder/c-ares/commit/293cd3170019015b6ce40f9fa5efc45bd89dad1a o ares_parse_a_reply: fix CNAME response parsing https://github.com/bagder/c-ares/commit/2c63440127feed70ccefb148b8f938a2df6c15f8 o init_by_options: don't copy an empty sortlist o Replaced uint32_t with unsigned int to fix broken builds on a couple of platforms o Fix lookup with HOSTALIASES set https://github.com/bagder/c-ares/commit/fa0dd472cd647f94d8d1937b44ec87f4964c0b08 o adig: fix NAPTR parsing https://github.com/bagder/c-ares/commit/e9386cfd9f5fab2cfd68053daf83bab3f2e4af82 o compiler warning cleanups -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org