[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#768451: marked as done (unblock macchanger/1.7.0-3)

Your message dated Fri, 07 Nov 2014 14:07:54 +0000
with message-id <4d08d72bd225d372f173821e5cb39d4a@hogwarts.powdarrmonkey.net>
and subject line Re: Bug#768451: unblock macchanger/1.7.0-3
has caused the Debian Bug report #768451,
regarding unblock macchanger/1.7.0-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
768451: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768451
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: unblock
Severity: important

unblock macchanger/1.7.0-3

All code in 1.7.0-3 was already included in Jessie in 1.7.0-1.1 and 1.7.0-2.
The NMU 1.7.0-1.1 fixed some crucial security/functionality issues (#738460
and #740947).  Later, I made 1.7.0-2 directly from the package's git repo, but
the NMU changes were not committed to git, so it was not included.  I then
included the 1.7.0-1.1 NMU code into the package's git, and made 1.7.0-3 and
uploaded it.



Here are the relevant changelog entries:

macchanger (1.7.0-3) unstable; urgency=low

  * update debian/watch to point to new github repository
  * include code from 1.7.0-1.1 NMU (Closes: #738460, #740947)

 -- Hans-Christoph Steiner <hans@eds.org>  Fri, 07 Nov 2014 12:56:56 +0100

macchanger (1.7.0-2) unstable; urgency=low

  * automatically run macchanger, with option to disable
  * automatically rotate the macchanger log
  * add myself as Maintainer
  * remove hard-coded LDFLAGS, let dh set them (Closes: #754391)

 -- Hans-Christoph Steiner <hans@eds.org>  Tue, 21 Oct 2014 16:01:55 -0400

macchanger (1.7.0-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix a grave security bug -- the macchanger program was fundamentally
    not working correctly due to a bug in the debian local patch
    08-fix_random_MAC_choice.patch.   In fact, it was **breaking** the
    random MAC choice!?! (Closes: #738460, #740947)

 -- Theodore Y. Ts'o <tytso@mit.edu>  Sun, 06 Jul 2014 20:32:38 -0400






$ debdiff macchanger_1.7.0-2.dsc macchanger_1.7.0-3.dsc
diff -Nru macchanger-1.7.0/debian/changelog macchanger-1.7.0/debian/changelog
--- macchanger-1.7.0/debian/changelog	2014-10-21 22:02:41.000000000 +0200
+++ macchanger-1.7.0/debian/changelog	2014-11-07 13:03:50.000000000 +0100
@@ -1,3 +1,10 @@
+macchanger (1.7.0-3) unstable; urgency=low
+
+  * update debian/watch to point to new github repository
+  * include code from 1.7.0-1.1 NMU (Closes: #738460, #740947)
+
+ -- Hans-Christoph Steiner <hans@eds.org>  Fri, 07 Nov 2014 12:56:56 +0100
+
 macchanger (1.7.0-2) unstable; urgency=low

   * automatically run macchanger, with option to disable
@@ -7,6 +14,16 @@

  -- Hans-Christoph Steiner <hans@eds.org>  Tue, 21 Oct 2014 16:01:55 -0400

+macchanger (1.7.0-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix a grave security bug -- the macchanger program was fundamentally
+    not working correctly due to a bug in the debian local patch
+    08-fix_random_MAC_choice.patch.   In fact, it was **breaking** the
+    random MAC choice!?! (Closes: #738460, #740947)
+
+ -- Theodore Y. Ts'o <tytso@mit.edu>  Sun, 06 Jul 2014 20:32:38 -0400
+
 macchanger (1.7.0-1) unstable; urgency=medium

   * New upstream release (Closes: #718849)
diff -Nru macchanger-1.7.0/debian/patches/08-fix_random_MAC_choice.patch
macchanger-1.7.0/debian/patches/08-fix_random_MAC_choice.patch
--- macchanger-1.7.0/debian/patches/08-fix_random_MAC_choice.patch	2014-03-18
15:59:20.000000000 +0100
+++ macchanger-1.7.0/debian/patches/08-fix_random_MAC_choice.patch	2014-10-22
18:23:41.000000000 +0200
@@ -12,6 +12,8 @@
  src/main.c |    1 +
  2 files changed, 34 insertions(+), 19 deletions(-)

+Index: macchanger/src/mac.c
+===================================================================
 --- macchanger.orig/src/mac.c
 +++ macchanger/src/mac.c
 @@ -41,6 +41,13 @@ mc_mac_dup (const mac_t *mac)
@@ -28,7 +30,7 @@

  void
  mc_mac_free (mac_t *mac)
-@@ -68,27 +75,34 @@ mc_mac_random (mac_t *mac, unsigned char
+@@ -68,27 +75,32 @@ mc_mac_random (mac_t *mac, unsigned char
  	 * x1:, x3:, x5:, x7:, x9:, xB:, xD: and xF:
  	 */

@@ -36,9 +38,25 @@
 -	case 6:
 -		/* 8th bit: Unicast / Multicast address
 -		 * 7th bit: BIA (burned-in-address) / locally-administered
-+	mac_t newmac;
-+	mc_mac_copy(mac, &newmac);
-+
+-		 */
+-		mac->byte[0] = (random()%255) & 0xFC;
+-		mac->byte[1] = random()%255;
+-		mac->byte[2] = random()%255;
+-	case 3:
+-		mac->byte[3] = random()%255;
+-		mac->byte[4] = random()%255;
+-		mac->byte[5] = random()%255;
+-	}
++	mac_t origmac;
++	mc_mac_copy(mac, &origmac);
+
+-	/* Handle the burned-in-address bit
+-	 */
+-	if (set_bia) {
+-		mac->byte[0] &= ~2;
+-	} else {
+-		mac->byte[0] |= 2;
+-	}
 +	do {
 +		switch (last_n_bytes) {
 +		case 6:
@@ -55,33 +73,18 @@
 +		}
 +
 +		/* Handle the burned-in-address bit
- 		 */
--		mac->byte[0] = (random()%255) & 0xFC;
--		mac->byte[1] = random()%255;
--		mac->byte[2] = random()%255;
--	case 3:
--		mac->byte[3] = random()%255;
--		mac->byte[4] = random()%255;
--		mac->byte[5] = random()%255;
--	}
++		 */
 +		if (set_bia) {
 +			mac->byte[0] &= ~2;
 +		} else {
 +			mac->byte[0] |= 2;
 +		}
-+	} while (mc_mac_equal (&newmac, mac));
-
--	/* Handle the burned-in-address bit
--	 */
--	if (set_bia) {
--		mac->byte[0] &= ~2;
--	} else {
--		mac->byte[0] |= 2;
--	}
-+	mc_mac_copy(&newmac, mac);
++	} while (mc_mac_equal (&origmac, mac));
  }


+Index: macchanger/src/main.c
+===================================================================
 --- macchanger.orig/src/main.c
 +++ macchanger/src/main.c
 @@ -274,6 +274,7 @@ main (int argc, char *argv[])
diff -Nru macchanger-1.7.0/debian/watch macchanger-1.7.0/debian/watch
--- macchanger-1.7.0/debian/watch	2014-03-18 15:59:20.000000000 +0100
+++ macchanger-1.7.0/debian/watch	2014-10-22 18:31:38.000000000 +0200
@@ -1,2 +1,4 @@
+# Run the "uscan" command to check for upstream updates and more.
 version=3
-ftp://ftp.gnu.org/gnu/macchanger/macchanger-(\d+.*)\.tar\.gz
+opts=uversionmangle=s/(\d)(alpha|beta|rc)/$1~$2/,dversionmangle=s/~dfsg\d*// \
+ https://github.com/alobbs/macchanger/tags .*/archive/v?(\d[\d\.]+).tar.gz





.hc

Attachment: signature.asc
Description: OpenPGP digital signature


--- End Message ---
--- Begin Message --- 
On 2014-11-07 14:03, Hans-Christoph Steiner wrote:
All code in 1.7.0-3 was already included in Jessie in 1.7.0-1.1 and 1.7.0-2. The NMU 1.7.0-1.1 fixed some crucial security/functionality issues (#738460 and #740947). Later, I made 1.7.0-2 directly from the package's git repo, but the NMU changes were not committed to git, so it was not included. I then included the 1.7.0-1.1 NMU code into the package's git, and made 1.7.0-3 and 
uploaded it.


Unblocked.

--
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

<directhex> i have six years of solaris sysadmin experience, from
            8->10. i am well qualified to say it is made from bonghits
			layered on top of bonghits

--- End Message ---
Reply to: