Your message dated Thu, 3 Feb 2011 14:35:46 +0100 with message-id <20110203133546.GJ10244@radis.liafa.jussieu.fr> and subject line Re: Bug#611851: unblock: ia32-libs-core/20110202 has caused the Debian Bug report #611851, regarding unblock: ia32-libs-core/20110202 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 611851: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611851 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: ia32-libs-core/20110202
- From: Goswin von Brederlow <goswin-v-b@web.de>
- Date: Wed, 02 Feb 2011 22:14:09 +0100
- Message-id: <[🔎] 20110202211409.25833.57544.reportbug@frosties.localnet>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Please unblock packages ia32-libs-core, ia32-libs and ia32-libs-gtk. The last upload made by Thijs Kinkhorst to fix security concerns and to add the security repository to the sources ia32-libs updates from introduced a small probelm in the fetch-and-build script. The problem appears when more than one version of a source is known, i.e. when squeeze and security have different versions. This has 4 effects: 1) both versions are downloaded and included in the source. 2) duplicate entries in copyright 3) duplicate entries in changelog 4) the next fetch-and-build run fails I could live with the first 3 but the last would make security support much more difficult. I included a quick fix for this in fetch-and-build so only the newest version is included: ====================================================================== diff --git a/fetch-and-build b/fetch-and-build index 5c986bc..a1c642f 100755 --- a/fetch-and-build +++ b/fetch-and-build @@ -105,10 +105,24 @@ done \ *) SRC="$VAL";; esac;; "") echo >&2 "Fetching source $SRC $VER for $PKG" - echo "$SRC=$VER";; + echo "$SRC $VER";; esac done \ -| sort -u | (cd srcs; xargs $APT_GET -d source) || exit 1 # Fetch source +| { sort -u; echo; } \ +| while read SRC VER; do # Filter out old version of duplicate sources + if [ "$SRC" = "$LAST_SRC" ]; then + if dpkg --compare-versions "$LAST_VER" "<<" "$VER"; then + echo >&2 "Skipping $SRC $LAST_VER for $VER" + LAST_VER="$VER" + else + echo >&2 "Keeping $SRC $LAST_VER for $VER" + fi + else + echo "$LAST_SRC=$LAST_VER" + LAST_SRC="$SRC" + LAST_VER="$VER" + fi + done | tail --lines +2 | (cd srcs; xargs $APT_GET -d source) || exit 1 # Fetch source ###################################################################### # fetch prebuild debs ====================================================================== I also added Thijs Kinkhorst to debian/control since he asked to be added to the team and offered to keep an eye on security uploads of the ia32-libs packages for the next stable cycle. I hope that is ok even this late in the game. Other than that there are a number of new sources included: util-linux (2.17.2-9) eglibc (2.11.2-10) * Revert incorrect upstream patch for CVE-2010-3847 and use the correct set of patches: ncurses (5.7+20100313-5) pango1.0 (1.28.3-1+squeeze1) * 01_CVE-2011-0020.patch: patch from Behdad Esfahbod to fix heap corruption. #610792, CVE-2011-0020. LP: #696616. I hope this can still be included in squeeze. MfG Goswin PS: The sources are on mentors and need a sponsor for the upload. Thijs? unblock ia32-libs-core/20110202 unblock ia32-libs/20110202 unblock ia32-libs-gtk/20110202 -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (666, 'unstable'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-debian-xen-1 (SMP w/4 CPU cores) Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
- To: Philipp Kern <pkern@debian.org>, 611851-done@bugs.debian.org
- Cc: thijs@debian.org
- Subject: Re: Bug#611851: unblock: ia32-libs-core/20110202
- From: Julien Cristau <jcristau@debian.org>
- Date: Thu, 3 Feb 2011 14:35:46 +0100
- Message-id: <20110203133546.GJ10244@radis.liafa.jussieu.fr>
- In-reply-to: <[🔎] 20110203122357.GA4521@thrall.0x539.de>
- References: <[🔎] 20110202211409.25833.57544.reportbug@frosties.localnet> <[🔎] f3ad8d91be0feb914bcc0387f1f86d34.squirrel@wm.kinkhorst.nl> <[🔎] 20110203122357.GA4521@thrall.0x539.de>
On Thu, Feb 3, 2011 at 13:23:57 +0100, Philipp Kern wrote: > On Thu, Feb 03, 2011 at 09:57:12AM +0100, Thijs Kinkhorst wrote: > > On Wed, February 2, 2011 22:14, Goswin von Brederlow wrote: > > > PS: The sources are on mentors and need a sponsor for the upload. Thijs? > > > unblock ia32-libs-core/20110202 > > > unblock ia32-libs/20110202 > > > unblock ia32-libs-gtk/20110202 > > I would sponsor this if the release team acks that it is still possible. > > Let's do that for 6.0.1. You can upload it, but it won't hit squeeze > at this point. > Closing then. Cheers, JulienAttachment: signature.asc
Description: Digital signature
--- End Message ---