Bug#685936: marked as done (unblock: apr-util/1.4.1-3)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Sun, 26 Aug 2012 21:00:16 +0100
with message-id <b6b533bc1f076787f6f580376d4762a0@mail.adsl.funky-badger.org>
and subject line Re: Bug#685936: unblock: apr-util/1.4.1-3
has caused the Debian Bug report #685936,
regarding unblock: apr-util/1.4.1-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
685936: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685936
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: apr-util/1.4.1-3
• From: Stefan Fritsch <sf@sfritsch.de>
• Date: Sun, 26 Aug 2012 20:58:18 +0200
• Message-id: <[🔎] 20120826185818.25999.33394.reportbug@k.lan>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package apr-util

It fixes a bug with truncated sha512 password hashes that is annoying
to debug in some web server configurations, and the fix is trivial and
unlikely to break anything. Debdiff is attached.

unblock apr-util/1.4.1-3

diff -Nru apr-util-1.4.1/debian/changelog apr-util-1.4.1/debian/changelog
--- apr-util-1.4.1/debian/changelog	2012-05-20 22:14:38.000000000 +0200
+++ apr-util-1.4.1/debian/changelog	2012-08-15 20:10:55.000000000 +0200
@@ -1,3 +1,10 @@
+apr-util (1.4.1-3) unstable; urgency=low
+
+  * Fix apr_password_validate() to work with sha512-crypt hashes.
+    Closes: #684268
+
+ -- Stefan Fritsch <sf@debian.org>  Wed, 15 Aug 2012 20:10:55 +0200
+
 apr-util (1.4.1-2) unstable; urgency=low
 
   * Remove obsolete version on binutils dependency. Closes: #666260
diff -Nru apr-util-1.4.1/debian/patches/fix-sha512.patch apr-util-1.4.1/debian/patches/fix-sha512.patch
--- apr-util-1.4.1/debian/patches/fix-sha512.patch	1970-01-01 01:00:00.000000000 +0100
+++ apr-util-1.4.1/debian/patches/fix-sha512.patch	2012-08-15 20:07:46.000000000 +0200
@@ -0,0 +1,13 @@
+Index: apr-util/crypto/apr_md5.c
+===================================================================
+--- apr-util.orig/crypto/apr_md5.c
++++ apr-util/crypto/apr_md5.c
+@@ -698,7 +698,7 @@
+ APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd, 
+                                                 const char *hash)
+ {
+-    char sample[120];
++    char sample[200];
+ #if !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
+     char *crypt_pw;
+ #endif
diff -Nru apr-util-1.4.1/debian/patches/series apr-util-1.4.1/debian/patches/series
--- apr-util-1.4.1/debian/patches/series	2012-05-19 23:38:25.000000000 +0200
+++ apr-util-1.4.1/debian/patches/series	2012-08-15 20:08:22.000000000 +0200
@@ -8,3 +8,4 @@
 apu_config_dont_list_indep_libs.patch
 disable_expat_buildconf.patch
 avoid_db_by-default.patch
+fix-sha512.patch

--- End Message ---

--- Begin Message ---

• To: Stefan Fritsch <sf@sfritsch.de>, <685936-done@bugs.debian.org>
• Subject: Re: Bug#685936: unblock: apr-util/1.4.1-3
• From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
• Date: Sun, 26 Aug 2012 21:00:16 +0100
• Message-id: <b6b533bc1f076787f6f580376d4762a0@mail.adsl.funky-badger.org>
• In-reply-to: <[🔎] 20120826185818.25999.33394.reportbug@k.lan>
• References: <[🔎] 20120826185818.25999.33394.reportbug@k.lan>

On 26.08.2012 19:58, Stefan Fritsch wrote:

Please unblock package apr-util

It fixes a bug with truncated sha512 password hashes that is annoying

to debug in some web server configurations, and the fix is trivial and

unlikely to break anything. Debdiff is attached.

Unblocked; thanks.

Regards,

Adam

--- End Message ---