Bug#686319: unblock: iceweasel/10.0.7esr-1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#686319: unblock: iceweasel/10.0.7esr-1
From: Mike Hommey <mh+reportbug@glandium.org>
Date: Fri, 31 Aug 2012 07:28:24 +0200
Message-id: <[🔎] 20120831052824.9216.68947.reportbug@jigen.glandium.org>
Reply-to: Mike Hommey <mh+reportbug@glandium.org>, 686319@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package iceweasel

10.0.7esr-1 is a security/stability upstream update.
It also fixes iceweasel-l10n-all version to have an epoch so that it has
a greater version number than the package in current stable.

I won't attach the 150KB of debdiff.

The changelog reads:
  * New upstream release.
  * Fixes for mfsa2012-{57-58,60-63,65,69-70,72}, also known as
    CVE-2012-1970, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974,
    CVE-2012-1975, CVE-2012-1976, CVE-2012-3957, CVE-2012-3959,
    CVE-2012-3960, CVE-2012-3962, CVE-2012-3966, CVE-2012-3967,
    CVE-2012-3969, CVE-2012-3972, CVE-2012-3976, CVE-2012-3978,
    CVE-2012-3980.
  * debian/rules: Also use an epoch for iceweasel-l10n-all.

The debian/rules change is the following:

diff -Nru iceweasel-10.0.6esr/debian/rules iceweasel-10.0.7esr/debian/rules
--- iceweasel-10.0.6esr/debian/rules    2012-08-03 07:34:31.000000000 +0000
+++ iceweasel-10.0.7esr/debian/rules    2012-08-29 06:16:51.000000000 +0000
@@ -333,8 +333,8 @@
        LD_LIBRARY_PATH=$(CURDIR)/debian/tmp/usr/lib/xulrunner-$(GRE_VERSION) dpkg-shlibdeps -Tdebian/xulrunner-$(GRE_VERSION).substvars -dDepends -pgnome $(foreach lib,dbusservice,debian/xulrunner-$(GRE_VERSION)/usr/lib/xulrunner-$(GRE_VERSION)/components/lib$(lib).so)

 override_dh_gencontrol:
-       dh_gencontrol$(foreach pkg,$(L10N_PACKAGES), -p$(pkg)) -- -v1:$(DEBIAN_VERSION)
-       dh_gencontrol$(foreach pkg,$(L10N_PACKAGES), -N$(pkg))
+       dh_gencontrol$(foreach pkg,$(L10N_PACKAGES) iceweasel-l10n-all, -p$(pkg)) -- -v1:$(DEBIAN_VERSION)
+       dh_gencontrol$(foreach pkg,$(L10N_PACKAGES) iceweasel-l10n-all, -N$(pkg))

 install binary binary-arch binary-indep: $(GENERATED_FILES)

Note one of the CVEs essentially disables webGL with mesa because of a
mesa bug that leads to security problems.

unblock iceweasel/10.0.7esr-1

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.5-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Reply to:

Follow-Ups:
- Bug#686319: unblock: iceweasel/10.0.7esr-1
  - From: Mike Hommey <mh@glandium.org>
- Bug#686319: marked as done (unblock: iceweasel/10.0.7esr-1)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#686310: marked as done (unblock: nap/1.5.4-7.1)
Next by Date: Bug#686307: unblock: ocl-icd/1.3-3
Previous by thread: Bug#686310: marked as done (unblock: nap/1.5.4-7.1)
Next by thread: Bug#686319: unblock: iceweasel/10.0.7esr-1
Index(es):
- Date
- Thread