Bug#952958: rrdtool crashes after the DLA-2131-1 security update
Hi all, Thank you for reporting this. This, indeed, was a regression and has been fixed in +deb8u2 now. The announcement for the same could be found here[1]. Best, Utkarsh --- [1]: https://lists.debian.org/debian-lts-announce/2020/03/msg3.html
Bug#952958: rrdtool crashes after the DLA-2131-1 security update
Hi, I filed 952964 because I failed to find this one first, apparently. I merged it now, please ignore 952964. The problem is that upstream commits around this issue are quite a bit of a mess, with a number of trial and error fixup commits. So, a half broken version of the fix was now included in the Jessie security update. See... https://github.com/oetiker/rrdtool-1.x/commits/master?after=caf8f7e4a06cd36a69142a46326e58296850781d+69&path%5B%5D=src&path%5B%5D=rrd_graph.c ...and then the 'a proper fix to...' and a bunch of newer commits, like 'fix character class definition' and more. So, a bit more inspection of the history of that file is necessary to collect the pieces for a proper fix together. I can help testing a new package if you want. Thanks, Hans van Kranenburg
Bug#952958: rrdtool crashes after the DLA-2131-1 security update
Got the same error in cacti (latest version included in jessie) when displaying graphs containing Legend Reverting to previous version also solves the issue
Bug#952958: rrdtool crashes after the DLA-2131-1 security update
Package: librrd4 Version: 1.4.8-1.2+deb8u1 Last night’s security update seems to be breaking the rrdtool command we are using: $ rrdtool graph /dev/null --start -1h --step=300 --end now DEF:in=totalall.rrd:ds0:AVERAGE 'CDEF:avg_in=in,8,*' VDEF:avg_int=avg_in,AVERAGE PRINT:avg_int:%.lf ERROR: cannot compile regular expression: Error while compiling regular expression ^(?:[^%]+|%%)*%[+- 0#]?[0-9]*([.][0-9]+)?l[eEfF](?:[^%]+|%%)*%s(?:[^%]+|%%)*$ at char 18: ran ge out of order in character class (^(?:[^%]+|%%)*%[+- 0#]?[0-9]*([.][0-9]+)?l[eEfF](?:[^%]+|%%)*%s(?:[^%]+|%%)*$) Reverting to the previous version 1.4.8-1.2 makes the command working as expected. I am using Debian jessie 8.11 with 3.16.0-8-amd64 kernel. Regards, Lukasz
