[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#782520: unblock: rinse/3.0.9

rinse 3.0.9 now adds the cpio dependency and fixes the wrong date in
the changelog of 3.0.7. Here's the debdiff
between the testing and unstable version.

diff -Nru rinse-3.0.7/bin/rinse rinse-3.0.9/bin/rinse

--- rinse-3.0.7/bin/rinse	2014-07-25 13:22:30.000000000 +0200
+++ rinse-3.0.9/bin/rinse	2015-04-13 14:46:04.000000000 +0200
@@ -1147,13 +1147,13 @@
       #  Run the unpacking command.
       #
       my $cmd =
-        "rpm2cpio $file | (cd $CONFIG{'directory'} ; cpio --extract --make-directories --no-absolute-filenames --preserve-modification-time) 2>/dev/null >/dev/null";
+        "rpm2cpio $file | (cd $CONFIG{'directory'} ; cpio --extract --extract-over-symlinks --make-directories --no-absolute-filenames --preserve-modification-time) 2>/dev/null >/dev/null";
       if ( $file =~ /(fedora|centos|redhat|mandriva)-release-/ ) {
         my $rpmname = basename($file);
         $postcmd =
           "cp $file $CONFIG{'directory'}/tmp ; chroot $CONFIG{'directory'} rpm -ivh --force --nodeps /tmp/$rpmname ; rm $CONFIG{'directory'}/tmp/$rpmname";
       }
-      system($cmd );
+      system($cmd) == 0 or die "failed to extract $name: $?";
 
     }
     print "\r";
diff -Nru rinse-3.0.7/debian/changelog rinse-3.0.9/debian/changelog
--- rinse-3.0.7/debian/changelog	2015-02-25 12:02:18.000000000 +0100
+++ rinse-3.0.9/debian/changelog	2015-04-14 09:05:18.000000000 +0200
@@ -1,3 +1,19 @@
+rinse (3.0.9) unstable; urgency=high
+
+  * add dependency on new cpio version
+  * fix date of 3.0.7 entry, Closes: #782518
+
+ -- Thomas Lange <lange@debian.org>  Tue, 14 Apr 2015 09:03:48 +0200
+
+rinse (3.0.8) unstable; urgency=high
+
+  * add --extract-over-symlinks to cpio call, Closes: #768501
+    this restores the old behaviour of cpio, which changed because of 
+    CVE-2015-1197 (see #774669)
+  * add check if cpio call failed
+
+ -- Thomas Lange <lange@debian.org>  Mon, 13 Apr 2015 14:51:41 +0200
+
 rinse (3.0.7) unstable; urgency=high
 
   * control: change depends on perl-modules to perl, Closes: #779118,
diff -Nru rinse-3.0.7/debian/control rinse-3.0.9/debian/control
--- rinse-3.0.7/debian/control	2015-02-25 12:04:03.000000000 +0100
+++ rinse-3.0.9/debian/control	2015-04-14 08:55:37.000000000 +0200
@@ -10,7 +10,7 @@
 
 Package: rinse
 Architecture: all
-Depends: wget, libterm-size-perl, libwww-perl, perl, rpm
+Depends: wget, libterm-size-perl, libwww-perl, perl, rpm, cpio (>= 2.11+dfsg-4.1)
 Description: RPM installation environment
  This is a tool for bootstrapping a basic RPM-based distribution of
  GNU/Linux.

-- 
regards Thomas
Reply to: