This bug was fixed in the package openssl - 1.1.1f-1ubuntu4.4
---------------
openssl (1.1.1f-1ubuntu4.4) groovy; urgency=medium
* Allow x509 certificates which set basicConstraints=CA:FALSE,pathlen:0
to validate, as it is common on self-signed leaf certificates.
(LP: #1926254)
- d/p/lp-1926254-1-Allow-certificates-with-Basic-Constraints-CA-fa.patch
- d/p/lp-1926254-2-Set-X509_V_ERR_INVALID_EXTENSION-error-for-inva.patch
- d/p/lp-1926254-3-Add-test-cases-for-the-non-CA-certificate-with-.patch
* Split d/p/pr12272.patch into multiple patchfiles to fix dpkg-source
error when attempting to build a source package, due to pr12272.patch
patching files multiple times within the same patch. (LP: #1927161)
- d/p/lp-1927161-1-x86-Add-endbranch-to-indirect-branch-targets-fo.patch
- d/p/lp-1927161-2-Use-swapcontext-for-Intel-CET.patch
- d/p/lp-1927161-3-x86-Always-generate-note-gnu-property-section-f.patch
- d/p/lp-1927161-4-x86_64-Always-generate-note-gnu-property-sectio.patch
- d/p/lp-1927161-5-x86_64-Add-endbranch-at-function-entries-for-In.patch
-- Matthew Ruffell <matthew.ruff...@canonical.com> Wed, 05 May 2021
12:13:30 +1200
** Changed in: openssl (Ubuntu Groovy)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1927161
Title:
dpkg-source: error: diff 'openssl/debian/patches/pr12272.patch'
patches files multiple times; split the diff in multiple files or
merge the hunks into a single one
Status in openssl package in Ubuntu:
Fix Released
Status in openssl source package in Groovy:
Fix Released
Status in openssl source package in Hirsute:
Fix Committed
Status in openssl source package in Impish:
Fix Released
Bug description:
[impact]
openssl doesn't build source properly because of a badly-constructed
patch
[test case]
$ pull-lp-source openssl groovy
...
$ cd openssl-1.1.1f/
$ quilt pop -a
...
$ dpkg-buildpackage -d -S
dpkg-buildpackage: info: source package openssl
dpkg-buildpackage: info: source version 1.1.1f-1ubuntu4.3
dpkg-buildpackage: info: source distribution groovy-security
dpkg-buildpackage: info: source changed by Marc Deslauriers
<marc.deslauri...@ubuntu.com>
dpkg-source --before-build .
dpkg-source: warning: can't parse dependency perl:native
dpkg-source: error: diff 'openssl-1.1.1f/debian/patches/pr12272.patch'
patches files multiple times; split the diff in multiple files or merge the
hunks into a single one
dpkg-buildpackage: error: dpkg-source --before-build . subprocess returned
exit status 25
Test builds are available in the following ppa:
https://launchpad.net/~mruffell/+archive/ubuntu/lp1927161-test
[regression potential]
any regression would likely cause a failed build or would affect the
functionality that patch pr12272 was added for, which is adding
support for Intel CET
[scope]
this is needed only for g and later
this is caused by the bad patch 'pr12272.patch' which is only included
in g/h/i, so this does not apply to f or earlier
[other info]
note that if the patches are applied, this bug is bypassed; i.e. if
'quilt pop -a' is removed from the test case above, the bug doesn't
reproduce. this is only a problem when the patches aren't already
applied and dpkg-buildpackage needs to call dpkg-source to apply the
patches.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1927161/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
