Bug#987941: buster-pu: package pacemaker/2.0.1-5+deb10u2
"Adam D. Barratt" writes: > I'm not hugely happy that this has ended up not being in stretch, to > be quite honest. Agreed. I was pushing for it in vain, unfortunately. > We're in the process of organising the final point release for buster, > as support for it moves over to the LTS team, so please go ahead. Uploaded. > +A new upstream release instroduced as security update 1.1.24- > 0+deb9u1 in > > s/instroduced/introduced/ With this fix included. -- Thanks, Feri
Bug#987941: buster-pu: package pacemaker/2.0.1-5+deb10u2
Control: tags -1 + confirmed On Thu, 2021-06-10 at 22:09 +0200, wf...@niif.hu wrote: > On Wed, 09 Jun 2021 09:17:26 +0200 wf...@niif.hu wrote: > > > Andreas kindly provided further refinements for his patch in > > #985173. > > I'll update this stable update request with the new debdiff > > shortly. > I'm not hugely happy that this has ended up not being in stretch, to be quite honest. We're in the process of organising the final point release for buster, as support for it moves over to the LTS team, so please go ahead. +A new upstream release instroduced as security update 1.1.24- 0+deb9u1 in s/instroduced/introduced/ Regards, Adam
Bug#987941: buster-pu: package pacemaker/2.0.1-5+deb10u2
On Wed, 09 Jun 2021 09:17:26 +0200 wf...@niif.hu wrote:
> Andreas kindly provided further refinements for his patch in #985173.
> I'll update this stable update request with the new debdiff shortly.
Here it is:
$ debdiff pacemaker_2.0.1-5+deb10u1.dsc pacemaker_2.0.1-5+deb10u2.dsc
diff -Nru pacemaker-2.0.1/debian/changelog pacemaker-2.0.1/debian/changelog
--- pacemaker-2.0.1/debian/changelog2020-11-07 20:21:48.0 +0100
+++ pacemaker-2.0.1/debian/changelog2021-06-10 21:45:34.0 +0200
@@ -1,3 +1,19 @@
+pacemaker (2.0.1-5+deb10u2) buster; urgency=medium
+
+ [ Andreas Beckmann ]
+ * [1088b23] pacemaker-resource-agents: Bump Breaks+Replaces: pacemaker
+to (<< 2)
+A new upstream release instroduced as security update 1.1.24-0+deb9u1 in
+stretch added the new file /usr/lib/ocf/resource.d/pacemaker/ifspeed to
+pacemaker, while it resides in pacemaker-resource-agents in buster.
+(Closes: #985173)
+ * [4f1844b] libpe-status28/libpengine27: Add Breaks against libpe-
+status10/libpengine10 (>= 1.1.24)
+The version in stretch-security shipped libraries with SOVERSION 16
+instead of 10. (See: #981088)
+
+ -- Ferenc Wágner Thu, 10 Jun 2021 21:45:34 +0200
+
pacemaker (2.0.1-5+deb10u1) buster-security; urgency=high
* [bf23450] Apply patch series fixing CVE-2020-25654: ACL bypass.
diff -Nru pacemaker-2.0.1/debian/control pacemaker-2.0.1/debian/control
--- pacemaker-2.0.1/debian/control 2020-11-07 20:21:48.0 +0100
+++ pacemaker-2.0.1/debian/control 2021-06-10 21:44:36.0 +0200
@@ -84,9 +84,9 @@
${misc:Depends},
# split out of pacemaker so that pacemaker-remote can also use them:
Breaks:
- pacemaker (<< 1.1.14-2~),
+ pacemaker (<< 2),
Replaces:
- pacemaker (<< 1.1.14-2~),
+ pacemaker (<< 2),
Description: cluster resource manager general resource agents
${S:X-Common-Description}
.
@@ -270,6 +270,10 @@
Depends:
${misc:Depends},
${shlibs:Depends},
+Breaks:
+# The new upstream version in stretch-security shipped
+# SOVERSION 16 instead of 10 (see #981088), get it removed:
+ libpe-status10 (>= 1.1.24),
Description: cluster resource manager Policy Engine status library
${S:X-Common-Description}
.
@@ -282,6 +286,10 @@
Depends:
${misc:Depends},
${shlibs:Depends},
+Breaks:
+# The new upstream version in stretch-security shipped
+# SOVERSION 16 instead of 10 (see #981088), get it removed:
+ libpengine10 (>= 1.1.24),
Description: cluster resource manager Policy Engine library
${S:X-Common-Description}
.
I'm ready to upload if you agree.
--
Thanks,
Feri
Bug#987941: buster-pu: package pacemaker/2.0.1-5+deb10u2
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Dear Stable Release Team,
The latest stretch security upgrade broke the upgrade path to buster.
Since fixing that in stretch didn't get any traction (#981088), we have
to fix this in buster, as put forward by Andreas Beckmann:
$ debdiff pacemaker_2.0.1-5+deb10u1.dsc pacemaker_2.0.1-5+deb10u2.dsc
diff -Nru pacemaker-2.0.1/debian/changelog pacemaker-2.0.1/debian/changelog
--- pacemaker-2.0.1/debian/changelog2020-11-07 20:21:48.0 +0100
+++ pacemaker-2.0.1/debian/changelog2021-03-28 03:21:46.0 +0200
@@ -1,3 +1,14 @@
+pacemaker (2.0.1-5+deb10u2) buster; urgency=medium
+
+ [ Andreas Beckmann ]
+ * [1088b23] pacemaker-resource-agents: Bump Breaks+Replaces: pacemaker to
(<< 2)
+A new upstream release instroduced as security update 1.1.24-0+deb9u1 in
+stretch added the new file /usr/lib/ocf/resource.d/pacemaker/ifspeed to
+pacemaker, while it resides in pacemaker-resource-agents in buster.
+(Closes: #985173)
+
+ -- Ferenc Wágner Sun, 28 Mar 2021 03:21:46 +0200
+
pacemaker (2.0.1-5+deb10u1) buster-security; urgency=high
* [bf23450] Apply patch series fixing CVE-2020-25654: ACL bypass.
diff -Nru pacemaker-2.0.1/debian/control pacemaker-2.0.1/debian/control
--- pacemaker-2.0.1/debian/control 2020-11-07 20:21:48.0 +0100
+++ pacemaker-2.0.1/debian/control 2021-03-28 03:19:48.0 +0200
@@ -84,9 +84,9 @@
${misc:Depends},
# split out of pacemaker so that pacemaker-remote can also use them:
Breaks:
- pacemaker (<< 1.1.14-2~),
+ pacemaker (<< 2),
Replaces:
- pacemaker (<< 1.1.14-2~),
+ pacemaker (<< 2),
Description: cluster resource manager general resource agents
${S:X-Common-Description}
.
I'm ready to upload if you agree.
--
Thanks,
Feri.
