Eligibility for arno-iptables-firewall_1.9.2.k-4squeeze1 upload to stable?

To: Debian Release Team <debian-release@lists.debian.org>
Subject: Eligibility for arno-iptables-firewall_1.9.2.k-4squeeze1 upload to stable?
From: Michael Hanke <mih@debian.org>
Date: Thu, 10 Mar 2011 09:03:41 -0500
Message-id: <[🔎] 20110310140341.GA9716@meiner>
Mail-followup-to: Debian Release Team <debian-release@lists.debian.org>

Dear release team,

I have prepared an update of arno-iptables-firewall to fix #617510 in
squeeze. This bug causes the firewall startup to fail when bash is not
the default shell and the plugin is enabled (which it is not by
default).  The full source package diff is below.  Would you accept this
into stable?

Thanks in advance,

Michael

PS: An upload that fixes this problem in the version in unstable will
    happen shortly.

diff -Nru arno-iptables-firewall-1.9.2.k/debian/changelog arno-iptables-firewall-1.9.2.k/debian/changelog
--- arno-iptables-firewall-1.9.2.k/debian/changelog	2011-03-10 08:32:34.000000000 -0500
+++ arno-iptables-firewall-1.9.2.k/debian/changelog	2011-03-10 08:51:29.000000000 -0500
@@ -1,3 +1,11 @@
+arno-iptables-firewall (1.9.2.k-4squeeze1) stable; urgency=low
+
+  * Add upstream patch to fix bashisms in the ipsec plugin that will cause the
+    firewall startup to fail on systems where this plugin is enabled and bash
+    is not the default shell. Closes: #617510
+
+ -- Michael Hanke <michael.hanke@gmail.com>  Thu, 10 Mar 2011 08:27:24 -0500
+
 arno-iptables-firewall (1.9.2.k-4) unstable; urgency=low
 
   * Add patch to unify the IPv4 and IPv6 default setup to allow outgoing
diff -Nru arno-iptables-firewall-1.9.2.k/debian/patches/fix_bashisms arno-iptables-firewall-1.9.2.k/debian/patches/fix_bashisms
--- arno-iptables-firewall-1.9.2.k/debian/patches/fix_bashisms	1969-12-31 19:00:00.000000000 -0500
+++ arno-iptables-firewall-1.9.2.k/debian/patches/fix_bashisms	2011-03-10 08:49:59.000000000 -0500
@@ -0,0 +1,21 @@
+From: Lonnie Abelbeck <lists@lonnie.abelbeck.com>
+Subject: Fix bashisms in plugin
+Origin: upstream, https://rocky.eld.leidenuniv.nl/trac/aif/changeset?old_path=%2Ftrunk&old=529&new_path=%2Ftrunk&new=530
+Bug-Debian: http://bugs.debian.org/617510
+
+--- a/share/arno-iptables-firewall/plugins/50ipsec-vpn.plugin
++++ b/share/arno-iptables-firewall/plugins/50ipsec-vpn.plugin
+@@ -77,11 +77,11 @@
+     fi
+   done
+ 
+-  local -i cnt=0
++  local cnt=0
+   IFS=' ,'
+   for eif in $EXT_IF; do
+     for net in $INTERNAL_NET; do
+-      let cnt++
++      cnt=$((cnt + 1))
+       iptables -I SPOOF_CHK $cnt -i $eif -s $net -m policy --pol ipsec --dir in -j RETURN
+     done
+   done
diff -Nru arno-iptables-firewall-1.9.2.k/debian/patches/series arno-iptables-firewall-1.9.2.k/debian/patches/series
--- arno-iptables-firewall-1.9.2.k/debian/patches/series	2011-03-10 08:33:17.000000000 -0500
+++ arno-iptables-firewall-1.9.2.k/debian/patches/series	2011-03-10 08:49:59.000000000 -0500
@@ -1,4 +1,5 @@
 ipv6_block
+fix_bashisms
 debconf_layer
 init.d_depfix
 default_ipv4v6_config

-- 
Michael Hanke
http://mih.voxindeserto.de

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Eligibility for arno-iptables-firewall_1.9.2.k-4squeeze1 upload to stable?
  - From: Julien Cristau <jcristau@debian.org>

Prev by Date: Re: [SRM] update for ia32-libs in upcoming point release
Next by Date: Re: please consider cryptsetup 2:1.1.3-4squeeze1 for stable-proposed-updates and point release
Previous by thread: Re: [SRM] update for ia32-libs in upcoming point release
Next by thread: Re: Eligibility for arno-iptables-firewall_1.9.2.k-4squeeze1 upload to stable?
Index(es):
- Date
- Thread