Bug#990201: Update golang-github-appc-cni to 1.0 (was Re: singularity-container: CVE-2021-33622)
I can confirm I've got version 3.9.4 building thanks to all your
Am Fri, Feb 18, 2022 at 11:31:23PM +0530 schrieb Nilesh Patra:
> | dh_fixperms
> | chown -c root.root debian/singularity-container/usr/lib/*/singularity/bin/*
> | chown: changing ownership of 'debian/singularity-container/usr/lib/x86_64-linux-gnu/singularity/bin/starter': Operation not permitted
> | chown: changing ownership of 'debian/singularity-container/usr/lib/x86_64-linux-gnu/singularity/bin/starter-suid': Operation not permitted
> I am not really sure why this is done, but since this is more package related and has not got much to do with golang-land, I leave
> this onto you to carry fwd.
I disabled the attempt `chown -c root.root` which is not permitted on
one hand and not needed on the other hand since the resulting files
inside the Debian package are owned by root anyway.
> Hope that helped.
It helped a lot!
Seems I got cocky now and realised that there is a new version 3.9.5
out. I did not wanted to upload something that is outdated at the time
of uploading and trusted that it is a minor bugfix release. Unfortunately
the build has the following issue:
../vendor/google.golang.org/grpc/status/status.go:176:21: cannot use any (type *any.Any) as type *anypb.Any in append
../vendor/google.golang.org/grpc/status/status.go:190:32: cannot use any (type *anypb.Any) as type *any.Any in argument to ptypes.UnmarshalAny
Please note that I've started to review the vendored copies and replaced
two of these by the Debian packaged code. I'm not finished - just
wanted to see if I'm breaking something. IMHO the breakage ist not
caused by the removal of the vendored copies but I wanted to stress this