Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 842013@bugs.debian.org
Subject: Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1
From: Andrew Shadura <andrew@shadura.me>
Date: Tue, 25 Oct 2016 18:49:53 +0200
Message-id: <[🔎] 2a38518a-3cad-ec99-037f-ac8e65b08a20@shadura.me>
Reply-to: Andrew Shadura <andrew@shadura.me>, 842013@bugs.debian.org
In-reply-to: <[🔎] 13135f2e387b0b2e66d63f7c1f1e0c13@mail.adam-barratt.org.uk>
References: <[🔎] 147738663103.24555.311188333335067304.reportbug@nuevo> <[🔎] 16d09c47d0d8a61312fa18bbf3b27dc3@mail.adam-barratt.org.uk> <[🔎] 02795c2b-649e-582b-3302-39053c9ebb80@shadura.me> <[🔎] 13135f2e387b0b2e66d63f7c1f1e0c13@mail.adam-barratt.org.uk>

On 25/10/16 18:26, Adam D. Barratt wrote:
> On 2016-10-25 14:32, Andrew Shadura wrote:
>> On 25/10/16 15:31, Adam D. Barratt wrote:
>>> Control: tags -1 + confirmed
>>>
>>> On 2016-10-25 10:10, Andrew Shadura wrote:
>>>> I have prepared an upload fixing CVE-2016-8694, CVE-2016-8695,
>>>> CVE-2016-8696, CVE-2016-8697, CVE-2016-8698, CVE-2016-8699,
>>>> CVE-2016-8700,
>>>> CVE-2016-8701, CVE-2016-8702, CVE-2016-8703.
>>>>
>>>> Please find the attached debdiff.
>>>
>>> I assume "CVE-2016-8694.patch" actually fixes all of the listed CVEs? If
>>> so, and assuming that the resulting package has been tested on stable,
>>> please go ahead.
>>
>> Yes, it does.
> 
> Unfortunately it appears that the uploaded package was not built in a
> (purely) jessie environment, so I'm afraid that I've had to mark it to
> be rejected.
> 
> Automated binary debdiffs show:
> 
> <quote>
> Warning: these package names were in the second list but not in the first:
> --------------------------------------------------------------------------
> libpotrace0-dbgsym
> potrace-dbgsym
> ...
> Files only in first set of .debs, found in package libpotrace0
> --------------------------------------------------------------
> -rwxr-xr-x  root/root   DEBIAN/postinst
> -rwxr-xr-x  root/root   DEBIAN/postrm
> 
> New files in second set of .debs, found in package libpotrace0
> --------------------------------------------------------------
> -rw-r--r--  root/root   DEBIAN/triggers
> </quote>
> 
> Those changes won't happen if jessie's debhelper was used for the build.
> (The fact that dak didn't reject the package itself is a known issue
> with the *-debug suite checks.)

Indeed, I uploaded a wrong .changes. Sorry for the noise, will re-upload
shortly.

-- 
Cheers,
  Andrew

Reply to:

Follow-Ups:
- Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1
  - From: Andrew Shadura <andrewsh@debian.org>
- Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1
  - From: Andrew Shadura <andrew@shadura.me>
- Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1
Next by Date: NEW changes in stable-new
Previous by thread: Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1
Next by thread: Bug#842013: jessie-pu: package potrace/1.12-1+deb8u1
Index(es):
- Date
- Thread