[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#693530: marked as done (unblock: gnutls26/2.12.20-2)

Your message dated Sat, 17 Nov 2012 16:48:56 +0000
with message-id <1353170936.22859.28.camel@jacala.jungle.funky-badger.org>
and subject line Re: Bug#693530: unblock: gnutls26/2.12.20-2
has caused the Debian Bug report #693530,
regarding unblock: gnutls26/2.12.20-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
693530: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693530
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package gnutls26.

* This fixes a network-manager segfault in vpn setup. (#647747) [FWIW
  I have doublechecked with upstream that this not some kind of
  vulnerability, but just a regular bug.]
  30_strlen_on_null.diff - Upstream has the same fix
  http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=fcc063e196a97acdbbc94c5fd2d9603d21fc9c1f with a little bit different formatting.

* Currently there are two source packages in squeeze which build a
  gnutls-doc package (gnutls26 and gnutls28). I was made aware of this
  bug when I tried to upload gnutls 2.12.21 to experimental and the
  package was rejected. Since later (security) uploads of gnutls might
  have same the problem I think this issue might be considered rc.
  
  We fix it by introducing gnutls26-doc, which is co-installable with
  gnutls-doc.

unblock gnutls26/2.12.20-2

thanks, cu andreas

diff -Nru gnutls26-2.12.20/debian/changelog gnutls26-2.12.20/debian/changelog
--- gnutls26-2.12.20/debian/changelog	2012-06-10 16:53:53.000000000 +0200
+++ gnutls26-2.12.20/debian/changelog	2012-11-13 19:21:44.000000000 +0100
@@ -1,3 +1,14 @@
+gnutls26 (2.12.20-2) unstable; urgency=low
+
+  * 30_strlen_on_null.diff: Fix segfault caused by running strlen() on NULL.
+    Closes: #647747
+  * Fix documentation packaging. gnutls-doc is built from the GnuTLS 3.x
+    packages. Add a new gnutls26-doc package which drops manpages and info
+    format documentation in favour of being co-installable with
+    gnutls-doc.
+
+ -- Andreas Metzler <ametzler@debian.org>  Tue, 13 Nov 2012 19:21:25 +0100
+
 gnutls26 (2.12.20-1) unstable; urgency=low
 
   * New upstream release.
diff -Nru gnutls26-2.12.20/debian/control gnutls26-2.12.20/debian/control
--- gnutls26-2.12.20/debian/control	2012-03-03 18:17:11.000000000 +0100
+++ gnutls26-2.12.20/debian/control	2012-11-13 19:03:33.000000000 +0100
@@ -24,7 +24,7 @@
  libgnutlsxx27 (= ${binary:Version}),libgnutls-openssl27 (= ${binary:Version}),
  libgcrypt11-dev (>= 1.4.0), libc6-dev | libc-dev, zlib1g-dev,
  libtasn1-3-dev (>= 0.3.4), libp11-kit-dev (>= 0.4), ${misc:Depends}
-Suggests: gnutls-doc
+Suggests: gnutls26-doc
 Conflicts: gnutls-dev
 Replaces: gnutls-dev
 Description: GNU TLS library - development files
@@ -93,12 +93,12 @@
  .
  This package contains the debugger symbols and commandline utilities.
 
-Package: gnutls-doc
+Package: gnutls26-doc
 Architecture: all
 Section: doc
 Depends: ${misc:Depends}
 Multi-Arch: foreign
-Description: GNU TLS library - documentation and examples
+Description: GNU TLS library 2.x - documentation and examples
  GnuTLS is a portable library which implements the Transport Layer
  Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 protocols.
  .
@@ -114,7 +114,7 @@
   - all the strong encryption algorithms (including SHA-256/384/512 and
     Camellia (RFC 4132)).
  .
- This package contains all the GnuTLS documentation.
+ This package contains the documentation for the GnuTLS 2.x legacy version.
 
 Package: libgnutlsxx27
 Priority: extra
diff -Nru gnutls26-2.12.20/debian/gnutls26-doc.doc-base gnutls26-2.12.20/debian/gnutls26-doc.doc-base
--- gnutls26-2.12.20/debian/gnutls26-doc.doc-base	1970-01-01 01:00:00.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls26-doc.doc-base	2012-11-13 19:02:55.000000000 +0100
@@ -0,0 +1,12 @@
+Document: gnutls26
+Title: GnuTLS 2.x Manual
+Author: Simon Josefsson
+Abstract: GnuTLS 2.x library manual
+Section: Programming/C
+
+Format: HTML
+Index: /usr/share/doc/gnutls26-doc/html/gnutls.html
+Files: /usr/share/doc/gnutls26-doc/html/*
+
+Format: PDF
+Files: /usr/share/doc/gnutls26-doc/gnutls.pdf
diff -Nru gnutls26-2.12.20/debian/gnutls26-doc.doc-base.apireference gnutls26-2.12.20/debian/gnutls26-doc.doc-base.apireference
--- gnutls26-2.12.20/debian/gnutls26-doc.doc-base.apireference	1970-01-01 01:00:00.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls26-doc.doc-base.apireference	2012-11-13 19:02:55.000000000 +0100
@@ -0,0 +1,9 @@
+Document: gnutls26-api
+Title: GnuTLS 2.x API Reference Manual
+Author: Simon Josefsson
+Abstract: GNU TLS API Reference Manual
+Section: Programming/C
+
+Format: HTML
+Index: /usr/share/doc/gnutls26-doc/api-reference/index.html
+Files: /usr/share/doc/gnutls26-doc/api-reference/*
diff -Nru gnutls26-2.12.20/debian/gnutls26-doc.docs gnutls26-2.12.20/debian/gnutls26-doc.docs
--- gnutls26-2.12.20/debian/gnutls26-doc.docs	1970-01-01 01:00:00.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls26-doc.docs	2012-11-13 19:02:55.000000000 +0100
@@ -0,0 +1 @@
+doc/gnutls.pdf
diff -Nru gnutls26-2.12.20/debian/gnutls26-doc.examples gnutls26-2.12.20/debian/gnutls26-doc.examples
--- gnutls26-2.12.20/debian/gnutls26-doc.examples	1970-01-01 01:00:00.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls26-doc.examples	2012-11-13 19:02:55.000000000 +0100
@@ -0,0 +1 @@
+doc/examples/*.c
diff -Nru gnutls26-2.12.20/debian/gnutls26-doc.install gnutls26-2.12.20/debian/gnutls26-doc.install
--- gnutls26-2.12.20/debian/gnutls26-doc.install	1970-01-01 01:00:00.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls26-doc.install	2012-11-13 19:02:55.000000000 +0100
@@ -0,0 +1,6 @@
+doc/reference/html/*html usr/share/doc/gnutls26-doc/api-reference
+doc/reference/html/*png usr/share/doc/gnutls26-doc/api-reference
+doc/reference/html/*.css usr/share/doc/gnutls26-doc/api-reference
+doc/reference/html/*.sgml usr/share/doc/gnutls26-doc/api-reference
+doc/*.html usr/share/doc/gnutls26-doc/html
+doc/*.png usr/share/doc/gnutls26-doc/html
diff -Nru gnutls26-2.12.20/debian/gnutls-doc.doc-base gnutls26-2.12.20/debian/gnutls-doc.doc-base
--- gnutls26-2.12.20/debian/gnutls-doc.doc-base	2008-05-01 13:30:56.000000000 +0200
+++ gnutls26-2.12.20/debian/gnutls-doc.doc-base	1970-01-01 01:00:00.000000000 +0100
@@ -1,16 +0,0 @@
-Document: gnutls
-Title: GnuTLS Manual
-Author: Simon Josefsson
-Abstract: GnuTLS library manual
-Section: Programming/C
-
-Format: HTML
-Index: /usr/share/doc/gnutls-doc/html/gnutls.html
-Files: /usr/share/doc/gnutls-doc/html/*
-
-Format: PDF
-Files: /usr/share/doc/gnutls-doc/gnutls.pdf
-
-Format: info
-Index: /usr/share/info/gnutls.info.gz
-Files: /usr/share/info/gnutls.info*
diff -Nru gnutls26-2.12.20/debian/gnutls-doc.doc-base.apireference gnutls26-2.12.20/debian/gnutls-doc.doc-base.apireference
--- gnutls26-2.12.20/debian/gnutls-doc.doc-base.apireference	2008-05-01 13:31:02.000000000 +0200
+++ gnutls26-2.12.20/debian/gnutls-doc.doc-base.apireference	1970-01-01 01:00:00.000000000 +0100
@@ -1,9 +0,0 @@
-Document: gnutls-api
-Title: GNU TLS API Reference Manual
-Author: Simon Josefsson
-Abstract: GNU TLS API Reference Manual
-Section: Programming/C
-
-Format: HTML
-Index: /usr/share/doc/gnutls-doc/api-reference/index.html
-Files: /usr/share/doc/gnutls-doc/api-reference/*
diff -Nru gnutls26-2.12.20/debian/gnutls-doc.docs gnutls26-2.12.20/debian/gnutls-doc.docs
--- gnutls26-2.12.20/debian/gnutls-doc.docs	2007-11-29 19:56:04.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls-doc.docs	1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-doc/gnutls.pdf
diff -Nru gnutls26-2.12.20/debian/gnutls-doc.examples gnutls26-2.12.20/debian/gnutls-doc.examples
--- gnutls26-2.12.20/debian/gnutls-doc.examples	2007-11-29 19:56:04.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls-doc.examples	1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-doc/examples/*.c
diff -Nru gnutls26-2.12.20/debian/gnutls-doc.info gnutls26-2.12.20/debian/gnutls-doc.info
--- gnutls26-2.12.20/debian/gnutls-doc.info	2007-11-29 19:56:04.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls-doc.info	1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-debian/tmp/usr/share/info/gnutls.info*
diff -Nru gnutls26-2.12.20/debian/gnutls-doc.install gnutls26-2.12.20/debian/gnutls-doc.install
--- gnutls26-2.12.20/debian/gnutls-doc.install	2007-11-29 19:56:04.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls-doc.install	1970-01-01 01:00:00.000000000 +0100
@@ -1,7 +0,0 @@
-doc/reference/html/*html usr/share/doc/gnutls-doc/api-reference
-doc/reference/html/*png usr/share/doc/gnutls-doc/api-reference
-doc/reference/html/*.css usr/share/doc/gnutls-doc/api-reference
-doc/reference/html/*.sgml usr/share/doc/gnutls-doc/api-reference
-doc/reference/html/*.devhelp* usr/share/doc/gnutls-doc/api-reference
-doc/*.html usr/share/doc/gnutls-doc/html
-doc/*.png usr/share/doc/gnutls-doc/html
diff -Nru gnutls26-2.12.20/debian/gnutls-doc.links gnutls26-2.12.20/debian/gnutls-doc.links
--- gnutls26-2.12.20/debian/gnutls-doc.links	2007-11-29 19:56:04.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls-doc.links	1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-/usr/share/doc/gnutls-doc/api-reference /usr/share/gtk-doc/html/gnutls
diff -Nru gnutls26-2.12.20/debian/gnutls-doc.manpages gnutls26-2.12.20/debian/gnutls-doc.manpages
--- gnutls26-2.12.20/debian/gnutls-doc.manpages	2007-11-29 19:56:04.000000000 +0100
+++ gnutls26-2.12.20/debian/gnutls-doc.manpages	1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-debian/tmp/usr/share/man/man3/*
diff -Nru gnutls26-2.12.20/debian/patches/30_strlen_on_null.diff gnutls26-2.12.20/debian/patches/30_strlen_on_null.diff
--- gnutls26-2.12.20/debian/patches/30_strlen_on_null.diff	1970-01-01 01:00:00.000000000 +0100
+++ gnutls26-2.12.20/debian/patches/30_strlen_on_null.diff	2012-11-12 19:28:36.000000000 +0100
@@ -0,0 +1,50 @@
+Description: Prevent segfault on strlen(NULL)
+ already fixed in GnuTLS 3 at 95a922c2a8b75e6eddbcc688c0d719d0b07ee395
+Bug-Debian: http://bugs.debian.org/647747
+Last-Update: 2012-11-12
+
+--- gnutls26-2.12.20.orig/lib/x509/privkey_pkcs8.c
++++ gnutls26-2.12.20/lib/x509/privkey_pkcs8.c
+@@ -1577,8 +1577,12 @@ decrypt_data (schema_id schema, ASN1_TYP
+   cipher_hd_st ch;
+   int ch_init = 0;
+   int key_size;
++  unsigned int password_lenght=0;
+ 
+   data_size = 0;
++  if (password) {
++	  password_lenght = strlen(password);
++  }
+   result = asn1_read_value (pkcs8_asn, root, NULL, &data_size);
+   if (result != ASN1_MEM_ERROR)
+     {
+@@ -1625,7 +1629,7 @@ decrypt_data (schema_id schema, ASN1_TYP
+     case PBES2_AES_192:
+     case PBES2_AES_256:
+ 
+-      result = _gnutls_pbkdf2_sha1 (password, strlen (password),
++      result = _gnutls_pbkdf2_sha1 (password, password_lenght,
+                                     kdf_params->salt, kdf_params->salt_size,
+                                     kdf_params->iter_count, key, key_size);
+ 
+@@ -1881,6 +1885,11 @@ generate_key (schema_id schema,
+ {
+   opaque rnd[2];
+   int ret;
++  unsigned int password_lenght=0;
++
++  if (password) {
++	  password_lenght = strlen(password);
++  }
+ 
+   ret = _gnutls_rnd (GNUTLS_RND_RANDOM, rnd, 2);
+   if (ret < 0)
+@@ -1955,7 +1964,7 @@ generate_key (schema_id schema,
+     case PBES2_AES_192:
+     case PBES2_AES_256:
+ 
+-      ret = _gnutls_pbkdf2_sha1 (password, strlen (password),
++      ret = _gnutls_pbkdf2_sha1 (password,  password_lenght,
+                                  kdf_params->salt, kdf_params->salt_size,
+                                  kdf_params->iter_count,
+                                  key->data, kdf_params->key_size);
diff -Nru gnutls26-2.12.20/debian/patches/series gnutls26-2.12.20/debian/patches/series
--- gnutls26-2.12.20/debian/patches/series	2012-06-10 16:28:05.000000000 +0200
+++ gnutls26-2.12.20/debian/patches/series	2012-11-12 19:28:53.000000000 +0100
@@ -3,3 +3,4 @@
 17_ignoretestsuitteerrors.diff
 18_gpgerrorinpkgconfig.diff
 20_tests-select.diff
+30_strlen_on_null.diff
diff -Nru gnutls26-2.12.20/debian/rules gnutls26-2.12.20/debian/rules
--- gnutls26-2.12.20/debian/rules	2012-03-03 18:25:25.000000000 +0100
+++ gnutls26-2.12.20/debian/rules	2012-11-13 19:02:55.000000000 +0100
@@ -18,7 +18,7 @@
 
 # pre-clean rule: save gnutls.pdf since it is expensive to regenerate.
 # See README.source
-cleanbuilddir/gnutls-doc::
+cleanbuilddir/gnutls26-doc::
 	if [ -e doc/gnutls.pdf ] ; then mv doc/gnutls.pdf doc/gnutls.pdf.debbackup ; fi
 
 
@@ -35,21 +35,9 @@
 	if [ -e doc/gnutls.pdf.debbackup ] && [ ! -e doc/gnutls.pdf ] ; then mv doc/gnutls.pdf.debbackup doc/gnutls.pdf ; fi
 
 # additional comands for build rule
-build/gnutls-doc::
+build/gnutls26-doc::
 	$(MAKE) html
 
-# add post deb preparation (including debhelper stuff) actions
-# generate symlinks manually and use dh_link to make them policy-conform.
-binary-install/gnutls-doc::
-	cd debian/gnutls-doc && \
-	for i in usr/share/doc/gnutls-doc/html/gnutls*.png ; do \
-		i=`basename "$$i"` ; \
-		ln -s "/usr/share/doc/gnutls-doc/html/$$i" \
-			usr/share/info/ ; \
-	done && \
-	cd ../.. && \
-	dh_link -pgnutls-doc
-
 common-install-arch::
 	find debian/tmp/usr/lib/* -name '*.so.*.*' -type f -exec \
 		chrpath -d {} +

--- End Message ---
--- Begin Message --- 
On Sat, 2012-11-17 at 16:27 +0100, Andreas Metzler wrote:
> Please unblock package gnutls26.
> 
> * This fixes a network-manager segfault in vpn setup. (#647747) [FWIW

++  unsigned int password_lenght=0;

s/lenght/length/g, fwiw.

[...]
> * Currently there are two source packages in squeeze which build a
>   gnutls-doc package (gnutls26 and gnutls28). I was made aware of this

In wheezy, too. :-)

>   bug when I tried to upload gnutls 2.12.21 to experimental and the
>   package was rejected. Since later (security) uploads of gnutls might
>   have same the problem I think this issue might be considered rc.
>   
>   We fix it by introducing gnutls26-doc, which is co-installable with
>   gnutls-doc.

Unblocked; thanks.

Regards,

Adam

--- End Message ---
Reply to: