Bug#670367: pu: package coolkey/1.1.0-6 debdiff attached
>>>>> "Adam" == Adam D Barratt <adam@adam-barratt.org.uk> writes:
Adam> Please don't close release.debian.org bugs in your changelog;
OK. I uploaded a revision to the debdiff coolkeyspu2.debdiff
which also includes upstream patch descriptions in debian/changelog.
Adam> are all of the above patches strictly required in order to
Adam> support the new format?
Well, not only to support the new format, but there were also cases
that resulted in the coolkey plugin crashing the user's browser that
seem equally worthy of inclusion of patches fixing those known issues.
The coolkey-latest patch set in Debian packages is adopted from the
Fedora coolkey srpm patch set. In RHEL this patch is composed of three
patches: coolkey-cac.fix, coolkey-safenet and coolkey-1.1.0-gemalto.64k.
I'm pretty sure the threading fix is most important when used with
Java applications in the browser. There is an important and widely-used
web application enabled by this capability.
The coolkey_cac_rhl5 is the new card format that motivates this update,
and is an improvement over the Fedora coolkey-cac-1 patch.
This capability was added to RHEL:
http://rhn.redhat.com/errata/RHEA-2011-0111.html
and this likely will fix the Ubuntu bug:
https://bugs.launchpad.net/ubuntu/+source/coolkey/+bug/654400
The empty_certificates and pcscd_restarting avoid crashing the
browser that uses the coolkey plugin.
Adam> Actually, that description might be handy in any case - for instance one
Adam> of the patch names references CVE-2007-4129, but
Adam> http://security-tracker.debian.org/tracker/CVE-2007-4129 indicates that
Adam> the package in stable isn't affected.
Listing that in the current changelog stanze was my mistake - I included that
patch back in coolkey 1.1.0-3 uploaded in 2007, and that patch is already in
Debian's stable release.
-Maitland
Reply to: