Please unblock some packages for xz compression

To: debian-release@lists.debian.org
Subject: Please unblock some packages for xz compression
From: Cyril Brulebois <kibi@debian.org>
Date: Mon, 24 Sep 2012 18:53:59 +0200
Message-id: <[🔎] 20120924165359.GB31974@mraw.org>

Heya,

please consider unblocking the following packages:

  unblock sane-backends/1.0.22-7.4
  unblock openssh-blacklist/0.4.1+nmu1
  unblock ghostscript/9.05~dfsg-6.1

The debdiffs are attached below. First two only change compression to
xz, the last one (ghostscript) also includes a security fix.

================================================================================
--- sane-backends-1.0.22/debian/changelog 2012-07-15 21:08:06.000000000 +0000
+++ sane-backends-1.0.22/debian/changelog 2012-09-17 14:44:10.000000000 +0000
@@ -1,3 +1,10 @@
+sane-backends (1.0.22-7.4) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Compress all binaries with xz to free up some space on CD#1.
+
+ -- Cyril Brulebois <kibi@debian.org>  Mon, 17 Sep 2012 16:44:07 +0200
+
 sane-backends (1.0.22-7.3) unstable; urgency=low
 
   * Non-maintainer upload.
--- sane-backends-1.0.22/debian/rules     2011-07-20 17:38:10.000000000 +0000
+++ sane-backends-1.0.22/debian/rules     2012-09-17 14:43:45.000000000 +0000
@@ -182,7 +182,7 @@
   dh_shlibdeps
   dh_gencontrol
   dh_md5sums
- dh_builddeb
+ dh_builddeb -- -Zxz
 
 binary: binary-indep binary-arch
 .PHONY: build clean binary-indep binary-arch binary install autotools
================================================================================
--- openssh-blacklist-0.4.1/debian/changelog      2008-05-29 16:56:47.000000000 +0000
+++ openssh-blacklist-0.4.1+nmu1/debian/changelog 2012-09-22 00:35:22.000000000 +0000
@@ -1,3 +1,10 @@
+openssh-blacklist (0.4.1+nmu1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Compress all binaries with xz (Closes: #687267).
+
+ -- Cyril Brulebois <kibi@debian.org>  Sat, 22 Sep 2012 02:35:19 +0200
+
 openssh-blacklist (0.4.1) unstable; urgency=low
 
   * debian/openssh-blacklist{,-extra}.preinst: Correctly clean up old
--- openssh-blacklist-0.4.1/debian/rules  2008-05-29 16:53:42.000000000 +0000
+++ openssh-blacklist-0.4.1+nmu1/debian/rules     2012-09-22 00:34:53.000000000 +0000
@@ -69,7 +69,7 @@
   dh_shlibdeps
   dh_gencontrol
   dh_md5sums
- dh_builddeb -- -Zbzip2
+ dh_builddeb -- -Zxz
 
 binary: binary-indep binary-arch
 .PHONY: build clean binary-indep binary-arch binary install configure
================================================================================
--- ghostscript-9.05~dfsg/debian/changelog        2012-05-24 18:02:46.000000000 +0000
+++ ghostscript-9.05~dfsg/debian/changelog        2012-09-21 23:22:02.000000000 +0000
@@ -1,3 +1,13 @@
+ghostscript (9.05~dfsg-6.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Apply security patch for CVE-2012-4405 (Closes: #687274): error out if
+    inputChan is strictly less than 1 in icmLut_read(), thanks to Nico
+    Golde for the pointers.
+  * Enable xz compression for all binaries (Closes: #687300).
+
+ -- Cyril Brulebois <kibi@debian.org>  Sat, 22 Sep 2012 01:18:12 +0200
+
 ghostscript (9.05~dfsg-6) unstable; urgency=low
 
   * Fix symlink to DroidSans.
--- ghostscript-9.05~dfsg/debian/patches/CVE-2012-4405.patch      1970-01-01 00:00:00.000000000 +0000
+++ ghostscript-9.05~dfsg/debian/patches/CVE-2012-4405.patch      2012-09-21 23:17:58.000000000 +0000
@@ -0,0 +1,14 @@
+--- a/icclib/icc.c
++++ b/icclib/icc.c
+@@ -4996,6 +4996,11 @@ static int icmLut_read(
+         p->clutPoints = read_UInt8Number(bp+10);
+ 
+         /* Sanity check */
++        if (p->inputChan < 1) {
++                sprintf(icp->err,"icmLut_read: No input channels!");
++                return icp->errc = 1;
++        }
++
+         if (p->inputChan > MAX_CHAN) {
+                 sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN);
+                 return icp->errc = 1;
--- ghostscript-9.05~dfsg/debian/patches/series   2012-05-24 16:57:49.000000000 +0000
+++ ghostscript-9.05~dfsg/debian/patches/series   2012-09-21 23:13:15.000000000 +0000
@@ -6,3 +6,4 @@
 2001_docdir_fix_for_debian.patch
 2002_gs_man_fix_debian.patch
 2003_support_multiarch.patch
+CVE-2012-4405.patch
--- ghostscript-9.05~dfsg/debian/rules    2012-05-24 18:02:46.000000000 +0000
+++ ghostscript-9.05~dfsg/debian/rules    2012-09-21 23:22:34.000000000 +0000
@@ -17,6 +17,9 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+# Use xz compression:
+DEB_DH_BUILDDEB_ARGS ?= -u-Zxz
+
 # This needs to run before cdbs auto-update
 debian/control:: debian/control.in
 DEB_PHONY_RULES += debian/control.in
================================================================================

Mraw,
KiBi.

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Please unblock some packages for xz compression
  - From: Moritz Mühlenhoff <jmm@inutil.org>
- Re: Please unblock some packages for xz compression
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#688670: RM: tendra/4.1.2-19
Next by Date: Bug#688672: RM: gassst/1.28-2
Previous by thread: Bug#688670: marked as done (RM: tendra/4.1.2-19)
Next by thread: Re: Please unblock some packages for xz compression
Index(es):
- Date
- Thread