Bug#840127: jessie-pu: package libio-socket-ssl-perl/2.002-2+deb8u2

2016-10-12 Thread Adam D. Barratt 
Control: tags -1 + pending

On Sun, 2016-10-09 at 07:29 +0200, Salvatore Bonaccorso wrote:
> Hi Adam,
> 
> On Sat, Oct 08, 2016 at 09:10:33PM +0100, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On Sat, 2016-10-08 at 17:37 +0200, Salvatore Bonaccorso wrote:
> > > We were asked if #839576 can be fixed in stable as well, it is already
> > > addressed in unstable back with the 2.017-1 upload, which caused
> > > problems for the user with ACL's set on the SSL_key_file.
> > > 
> > > Attached is the proposed debdiff. Would it be acceptable for an
> > > upcoming jessie point release?
> > 
> > Please go ahead.
> 
> Thanks! Uploaded.

Flagged for acceptance; thanks.

Regards,

Adam

Bug#840127: jessie-pu: package libio-socket-ssl-perl/2.002-2+deb8u2

2016-10-08 Thread Salvatore Bonaccorso 
Hi Adam,

On Sat, Oct 08, 2016 at 09:10:33PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Sat, 2016-10-08 at 17:37 +0200, Salvatore Bonaccorso wrote:
> > We were asked if #839576 can be fixed in stable as well, it is already
> > addressed in unstable back with the 2.017-1 upload, which caused
> > problems for the user with ACL's set on the SSL_key_file.
> > 
> > Attached is the proposed debdiff. Would it be acceptable for an
> > upcoming jessie point release?
> 
> Please go ahead.

Thanks! Uploaded.

Regards,
Salvatore


signature.asc
Description: PGP signature

Bug#840127: jessie-pu: package libio-socket-ssl-perl/2.002-2+deb8u2

2016-10-08 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Sat, 2016-10-08 at 17:37 +0200, Salvatore Bonaccorso wrote:
> We were asked if #839576 can be fixed in stable as well, it is already
> addressed in unstable back with the 2.017-1 upload, which caused
> problems for the user with ACL's set on the SSL_key_file.
> 
> Attached is the proposed debdiff. Would it be acceptable for an
> upcoming jessie point release?

Please go ahead.

Regards,

Adam

Bug#840127: jessie-pu: package libio-socket-ssl-perl/2.002-2+deb8u2

2016-10-08 Thread Salvatore Bonaccorso 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu

Hi Stable Release Managers,

We were asked if #839576 can be fixed in stable as well, it is already
addressed in unstable back with the 2.017-1 upload, which caused
problems for the user with ACL's set on the SSL_key_file.

Attached is the proposed debdiff. Would it be acceptable for an
upcoming jessie point release?

Regards,
Salvatore
diff -Nru libio-socket-ssl-perl-2.002/debian/changelog libio-socket-ssl-perl-2.002/debian/changelog
--- libio-socket-ssl-perl-2.002/debian/changelog	2015-06-20 22:10:17.0 +0200
+++ libio-socket-ssl-perl-2.002/debian/changelog	2016-10-08 17:26:51.0 +0200
@@ -1,3 +1,13 @@
+libio-socket-ssl-perl (2.002-2+deb8u2) jessie; urgency=medium
+
+  * Add 0001-remove-r-for-checking-SSL_-cert-key-_file-since-this.patch.
+Removes the -r check for for checking SSL_{cert,key}_file since this
+will an usable error later anyway. Addresses "Cannot use SSL_key_file
+with ACL permissions".
+Thanks to Michael Braun and Steffen Ullrich. (Closes: #839576)
+
+ -- Salvatore Bonaccorso   Sat, 08 Oct 2016 17:26:51 +0200
+
 libio-socket-ssl-perl (2.002-2+deb8u1) jessie; urgency=medium
 
   * Add 0001-make-PublicSuffix-_default_data-thread-safe-by-stori.patch.
diff -Nru libio-socket-ssl-perl-2.002/debian/patches/0001-remove-r-for-checking-SSL_-cert-key-_file-since-this.patch libio-socket-ssl-perl-2.002/debian/patches/0001-remove-r-for-checking-SSL_-cert-key-_file-since-this.patch
--- libio-socket-ssl-perl-2.002/debian/patches/0001-remove-r-for-checking-SSL_-cert-key-_file-since-this.patch	1970-01-01 01:00:00.0 +0100
+++ libio-socket-ssl-perl-2.002/debian/patches/0001-remove-r-for-checking-SSL_-cert-key-_file-since-this.patch	2016-10-08 17:26:51.0 +0200
@@ -0,0 +1,26 @@
+From 7432b34d5bf6f63f4b422e2fc411ee3fc7750c9e Mon Sep 17 00:00:00 2001
+From: Steffen Ullrich 
+Date: Sun, 23 Aug 2015 21:17:06 +0200
+Subject: [PATCH] remove -r for checking SSL_{cert,key}_file since this will
+ cause a usable error later anywy if file does not exist. This fixes some part
+ of #106295
+
+---
+ lib/IO/Socket/SSL.pm | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/lib/IO/Socket/SSL.pm b/lib/IO/Socket/SSL.pm
+index b000a6b..4fea291 100644
+--- a/lib/IO/Socket/SSL.pm
 b/lib/IO/Socket/SSL.pm
+@@ -2082,7 +2082,6 @@ sub new {
+ 	 defined( my $file = $arg_hash->{$_} ) or next;
+ 	for my $f (ref($file) eq 'HASH' ? values(%$file):$file ) {
+ 	die "$_ $f does not exist" if ! -f $f;
+-	die "$_ $f is not accessible" if ! -r _;
+ 	}
+ }
+ 
+-- 
+2.9.3
+
diff -Nru libio-socket-ssl-perl-2.002/debian/patches/series libio-socket-ssl-perl-2.002/debian/patches/series
--- libio-socket-ssl-perl-2.002/debian/patches/series	2015-06-20 22:10:17.0 +0200
+++ libio-socket-ssl-perl-2.002/debian/patches/series	2016-10-08 17:26:51.0 +0200
@@ -1,2 +1,3 @@
 0001-use-only-ICANN-part-in-public-suffix-list.patch
 0001-make-PublicSuffix-_default_data-thread-safe-by-stori.patch
+0001-remove-r-for-checking-SSL_-cert-key-_file-since-this.patch