Bug#596364: unblock: cracklib2/2.8.16-3

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#596364: unblock: cracklib2/2.8.16-3
From: Jan Dittberner <jandd@debian.org>
Date: Fri, 10 Sep 2010 20:21:08 +0200
Message-id: <[🔎] 20100910182108.GA3519@denkpolster.dittberner.home>
Reply-to: Jan Dittberner <jandd@debian.org>, 596364@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package cracklib2

it includes a bugfix for RC bug #596281. A diff to the previous
version is attached.

unblock cracklib2/2.8.16-3


Regards
Jan Dittberner

-- 
Jan Dittberner - Debian Developer
GPG-key: 4096R/558FB8DD 2009-05-10
         B2FF 1D95 CE8F 7A22 DF4C  F09B A73E 0055 558F B8DD
http://ddportfolio.debian.net/ - http://people.debian.org/~jandd/

diff -Nru cracklib2-2.8.16/debian/changelog cracklib2-2.8.16/debian/changelog
--- cracklib2-2.8.16/debian/changelog	2010-05-13 11:59:02.000000000 +0200
+++ cracklib2-2.8.16/debian/changelog	2010-09-10 18:44:28.000000000 +0200
@@ -1,3 +1,19 @@
+cracklib2 (2.8.16-3) unstable; urgency=low
+
+  * debian/control: update to Standards-Version to 3.9.1
+    - use Breaks instead of Conflicts for libcrack2's incompatibility with
+      cracklib2 (<< 2.8.12-1) and libcrack2-dev's incompatibility with
+      cracklib2-dev (<< 2.8.12-1)
+  * add debian/patches/596281-fix-python-extension-segfault.patch: in
+    cracklib-python's C module, make sure we initialize defaultdict to
+    NULL at the start of _cracklib_FascistCheck. This fixes a bug where
+    that variable was freed when not NULL without ever having been
+    assigned any value to.  This happened when we called FascistCheck()
+    with a dictionary path of our own. Thanks to Peter Palfrader for the
+    patch (Closes: #596281).
+
+ -- Jan Dittberner <jandd@debian.org>  Fri, 10 Sep 2010 18:44:23 +0200
+
 cracklib2 (2.8.16-2) unstable; urgency=low
 
   * fix bashism in debian/rules (Closes: #581479)
diff -Nru cracklib2-2.8.16/debian/control cracklib2-2.8.16/debian/control
--- cracklib2-2.8.16/debian/control	2010-05-13 11:59:02.000000000 +0200
+++ cracklib2-2.8.16/debian/control	2010-09-10 18:44:28.000000000 +0200
@@ -3,7 +3,7 @@
 Priority: optional
 Maintainer: Jan Dittberner <jandd@debian.org>
 Uploaders: Martin Pitt <mpitt@debian.org>
-Standards-Version: 3.8.4
+Standards-Version: 3.9.1
 Build-Depends: debhelper (>= 7.0.50), python-support (>= 1.0.2),
  python-all-dev, python-all, chrpath, xmlto, automake (>= 1.10),
  autoconf (>=2.61), libtool, python-setuptools
@@ -16,7 +16,8 @@
 Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends}
 Recommends: cracklib-runtime
-Conflicts: cracklib2.6, cracklib2 (<< 2.8.12-1)
+Conflicts: cracklib2.6
+Breaks: cracklib2 (<< 2.8.12-1)
 Provides: cracklib2
 Replaces: cracklib2.6, cracklib2 (<< 2.8.12-1)
 Description: pro-active password checker library
@@ -33,7 +34,8 @@
 Depends: libcrack2 (=${binary:Version}), ${misc:Depends}
 Recommends: cracklib-runtime
 Provides: cracklib-dev, cracklib2-dev
-Conflicts: cracklib-dev, cracklib2-dev (<< 2.8.12-1)
+Conflicts: cracklib-dev
+Breaks: cracklib2-dev (<< 2.8.12-1)
 Replaces: cracklib-dev, cracklib2-dev (<< 2.8.12-1)
 Description: pro-active password checker library - development files
  Header files, static libraries, documentation, and symbolic links
diff -Nru cracklib2-2.8.16/debian/patches/596281-fix-python-extension-segfault.patch cracklib2-2.8.16/debian/patches/596281-fix-python-extension-segfault.patch
--- cracklib2-2.8.16/debian/patches/596281-fix-python-extension-segfault.patch	1970-01-01 01:00:00.000000000 +0100
+++ cracklib2-2.8.16/debian/patches/596281-fix-python-extension-segfault.patch	2010-09-10 18:44:28.000000000 +0200
@@ -0,0 +1,26 @@
+Subject: Fix for segmentation fault in the Python extension
+Author: Peter Palfrader <weasel@debian.org>
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596281
+--- a/python/_cracklibmodule.c
++++ b/python/_cracklibmodule.c
+@@ -64,7 +64,8 @@
+ static PyObject *
+ _cracklib_FascistCheck(PyObject *self, PyObject *args, PyObject *kwargs)
+ {
+-    char *candidate, *dict, *defaultdict;
++    char *candidate, *dict;
++    char *defaultdict = NULL;
+     const char *result;
+     struct stat st;
+     char *keywords[] = {"pw", "dictpath", NULL};
+--- a/python/Makefile.am
++++ b/python/Makefile.am
+@@ -1,7 +1,7 @@
+ if BUILD_PYTHON
+ python_PYTHON = cracklib.py
+ pyexec_LTLIBRARIES = _cracklibmodule.la
+-AM_CFLAGS = -I$(top_srcdir)/lib
++AM_CFLAGS = -I$(top_srcdir)/lib -Wall
+ _cracklibmodule_la_LDFLAGS = -module -avoid-version $(top_builddir)/lib/libcrack.la
+ DEFS += '-DDEFAULT_CRACKLIB_DICT="$(DEFAULT_CRACKLIB_DICT)"'
+ DEFS += '-DPYTHON_H="python@PYTHON_VERSION@/Python.h"'
diff -Nru cracklib2-2.8.16/debian/patches/series cracklib2-2.8.16/debian/patches/series
--- cracklib2-2.8.16/debian/patches/series	1970-01-01 01:00:00.000000000 +0100
+++ cracklib2-2.8.16/debian/patches/series	2010-09-10 18:44:28.000000000 +0200
@@ -0,0 +1 @@
+596281-fix-python-extension-segfault.patch

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Bug#596364: unblock: cracklib2/2.8.16-3
  - From: Philipp Kern <pkern@debian.org>
- Bug#596364: marked as done (unblock: cracklib2/2.8.16-4)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#596344: marked as done (unblock: bgoffice/3.0-12)
Next by Date: Re: Bug#594704: Freeze exception for roxterm 1.18.5-2
Previous by thread: Re: libesmtp6 in unstable
Next by thread: Bug#596364: unblock: cracklib2/2.8.16-3
Index(es):
- Date
- Thread