Bug#725370: pu: package xinetd/1:2.3.14-7.1
On Sat, 2013-10-05 at 18:09 +0200, Salvo Tomaselli wrote:
> > > -static psi_h iter ;
> > > -
> > > -extern int inetd_ipv6;
> > >
> > > That doesn't appear to be part of the CVE fix as far as I can tell?
> >
> > It was pointed out on IRC that the above change (and the config.*
> > changes) was part of the 7.1 upload; why is it being reverted in the new
> > upload?
>
> To me, those bits are in patches:
> 0006-Disable-services-from-inetd.conf-if-a-service-with-t.patch
> 0007-xinetd-should-be-able-to-listen-on-IPv6-even-in-ine.patch
>
> so they are applied before building.
>
> Please check with
> make -f debian/rules patch-stamp
> to apply the patches.
I'd rather not have to test build every package proposed for p-u in
order to generate my own debdiff to check things; particularly as that's
not the build that will be uploaded. As you haven't changed the way the
patches are applied, I'd have expected them to either be applied or not
in both packages when the .dsc was built, hence the difference being
worthy of comment.
Anyway, it looks like this is actually a problem with the packaging from
7.1. Unpacking the source package gives:
dpkg-source: info: upstream files that have been modified:
xinetd-1:2.3.14-7.1/config.guess
xinetd-1:2.3.14-7.1/config.sub
xinetd-1:2.3.14-7.1/xinetd/inet.c
and manually applying the patches results in xinetd/inet.c containing
<quote>
static psi_h iter ;
extern int inetd_ipv6;
static psi_h iter ;
extern int inetd_ipv6;
</quote>
Regards,
Adam
Reply to: