Bug#684397: unblock: bzip2/1.0.6-4

To: Debian Bug Tracking System <submit@bugs.debian.org>
Cc: anibal@debian.org
Subject: Bug#684397: unblock: bzip2/1.0.6-4
From: Santiago <santiago@debian.org>
Date: Thu, 9 Aug 2012 15:32:58 +0200
Message-id: <[🔎] 20120809133258.GA2280@nomada>
Reply-to: Santiago <santiago@debian.org>, 684397@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Dear Release Team,

Please, unblock bzip2/1.0.6-4

bzip2 1.0.6-4 includes hardening buildflags (one of the release goals)
for libbz2.so that were missing in 1.0.6-3. It was a small change and
the package has been for 10 days in unstable without problems. So,
please let this new revision move into testing.

Attached is a diff between both versions. 

unblock bzip2/1.0.6-4

Thanks for your work!

Santiago

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-3-686-pae (SMP w/2 CPU cores)
Locale: LANG=es_CO.utf8, LC_CTYPE=es_CO.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru bzip2-1.0.6/debian/changelog bzip2-1.0.6/debian/changelog
--- bzip2-1.0.6/debian/changelog	2012-06-08 01:50:12.000000000 +0200
+++ bzip2-1.0.6/debian/changelog	2012-07-27 16:16:03.000000000 +0200
@@ -1,3 +1,10 @@
+bzip2 (1.0.6-4) unstable; urgency=low
+
+  * Updating 30-bzip2-harden.patch, hardening LDFLAGS was missing for
+    libbz2.so. Thanks to Simon Ruderich. Closes: #655164
+
+ -- Santiago Ruano Rincón <santiago@debian.org>  Fri, 27 Jul 2012 16:14:34 +0200
+
 bzip2 (1.0.6-3) unstable; urgency=low
 
   * Bumped bzip2 priority from optional to standard. Closes: #642657
diff -Nru bzip2-1.0.6/debian/patches/30-bzip2-harden.patch bzip2-1.0.6/debian/patches/30-bzip2-harden.patch
--- bzip2-1.0.6/debian/patches/30-bzip2-harden.patch	2012-06-04 13:31:16.000000000 +0200
+++ bzip2-1.0.6/debian/patches/30-bzip2-harden.patch	2012-07-27 10:51:16.000000000 +0200
@@ -1,8 +1,8 @@
-diff --git a/Makefile b/Makefile
-index 9754ddf..3169741 100644
---- a/Makefile
-+++ b/Makefile
-@@ -18,10 +18,10 @@ SHELL=/bin/sh
+Index: bzip2-1.0.6/Makefile
+===================================================================
+--- bzip2-1.0.6.orig/Makefile	2012-07-01 15:05:07.000000000 +0200
++++ bzip2-1.0.6/Makefile	2012-07-01 15:08:45.586377822 +0200
+@@ -20,10 +20,10 @@
  CC=gcc
  AR=ar
  RANLIB=ranlib
@@ -15,3 +15,12 @@
  
  # Where you want it installed when you do 'make install'
  PREFIX=/usr/local
+@@ -61,7 +61,7 @@
+ 	ln -sf $^ $@
+ 
+ libbz2.so.$(sominor): $(OBJS:%.o=%.sho)
+-	$(CC) -o libbz2.so.$(sominor) -shared \
++	$(CC) $(LDFLAGS) -o libbz2.so.$(sominor) -shared \
+ 	  -Wl,-soname,libbz2.so.$(somajor) $^ -lc
+ 
+ %.sho: %.c

Reply to:

Follow-Ups:
- Bug#684397: marked as done (unblock: bzip2/1.0.6-4)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#683739: unblock: kfreebsd-9/9.0-5
Next by Date: Bug#684414: unblock (pre-approval): libspectre/0.2.7-1
Previous by thread: Processed: retitle 684371 to unblock pulseaudio/2.0-5
Next by thread: Bug#684397: marked as done (unblock: bzip2/1.0.6-4)
Index(es):
- Date
- Thread