Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock password-store 1.6.5-5. This is a small patch backported
from upstream to tighten up the parsing of gpg output and thereby avoid
misbehaviour in some situations. It's only a normal bug, but I think
it's worth fixing in stretch anyway.
diff -Nru password-store-1.6.5/debian/.git-dpm password-store-1.6.5/debian/.git-dpm
--- password-store-1.6.5/debian/.git-dpm 2015-01-29 13:30:00.000000000 +0000
+++ password-store-1.6.5/debian/.git-dpm 2017-04-20 00:49:09.000000000 +0100
@@ -1,6 +1,6 @@
# see git-dpm(1) from git-dpm package
-499e144d8889af81a1289900839b23e26bbc1730
-499e144d8889af81a1289900839b23e26bbc1730
+fdec5624f1a289331b29cc914dab167b2e68bc2a
+fdec5624f1a289331b29cc914dab167b2e68bc2a
544bf5ad85872798b13f80b6cfb007f24a4294c1
544bf5ad85872798b13f80b6cfb007f24a4294c1
password-store_1.6.5.orig.tar.xz
diff -Nru password-store-1.6.5/debian/changelog password-store-1.6.5/debian/changelog
--- password-store-1.6.5/debian/changelog 2017-01-20 13:07:10.000000000 +0000
+++ password-store-1.6.5/debian/changelog 2017-04-20 00:50:19.000000000 +0100
@@ -1,3 +1,10 @@
+password-store (1.6.5-5) unstable; urgency=medium
+
+ * Cherry-pick from upstream:
+ - init: match only the public key (closes: #860353).
+
+ -- Colin Watson <cjwatson@debian.org> Thu, 20 Apr 2017 00:50:19 +0100
+
password-store (1.6.5-4) unstable; urgency=medium
* Use HTTPS for Vcs-* URLs, and link to cgit rather than gitweb.
diff -Nru password-store-1.6.5/debian/patches/init-avoid-extraneous-reencryption.patch password-store-1.6.5/debian/patches/init-avoid-extraneous-reencryption.patch
--- password-store-1.6.5/debian/patches/init-avoid-extraneous-reencryption.patch 1970-01-01 01:00:00.000000000 +0100
+++ password-store-1.6.5/debian/patches/init-avoid-extraneous-reencryption.patch 2017-04-20 00:49:09.000000000 +0100
@@ -0,0 +1,27 @@
+From fdec5624f1a289331b29cc914dab167b2e68bc2a Mon Sep 17 00:00:00 2001
+From: "Jason A. Donenfeld" <Jason@zx2c4.com>
+Date: Thu, 13 Apr 2017 12:07:57 +0200
+Subject: init: match only the public key
+
+Bug-Debian: https://bugs.debian.org/860353
+Origin: backport, https://git.zx2c4.com/password-store/commit/?id=a09d6685e609f9a11fa2b9b5904d39ef8966b3b7
+Last-Update: 2017-04-20
+
+Patch-Name: init-avoid-extraneous-reencryption.patch
+---
+ src/password-store.sh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/password-store.sh b/src/password-store.sh
+index d661707..43a34ec 100755
+--- a/src/password-store.sh
++++ b/src/password-store.sh
+@@ -102,7 +102,7 @@ reencrypt_path() {
+ done
+ gpg_keys="$($GPG --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
+ fi
+- current_keys="$($GPG -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | LC_ALL=C sort -u)"
++ current_keys="$(LC_ALL=C $GPG -v --no-secmem-warning --no-permission-warning --list-only --keyid-format long "$passfile" 2>&1 | sed -n 's/^gpg: public key is \([A-F0-9]\+\)$/\1/p' | LC_ALL=C sort -u)"
+
+ if [[ $gpg_keys != "$current_keys" ]]; then
+ echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }"
diff -Nru password-store-1.6.5/debian/patches/series password-store-1.6.5/debian/patches/series
--- password-store-1.6.5/debian/patches/series 2015-01-29 13:29:59.000000000 +0000
+++ password-store-1.6.5/debian/patches/series 2017-04-20 00:49:09.000000000 +0100
@@ -1,2 +1,3 @@
editor.patch
gnupg1-support.patch
+init-avoid-extraneous-reencryption.patch
unblock password-store/1.6.5-5
Thanks,
--
Colin Watson [cjwatson@debian.org]
Attachment:
signature.asc
Description: Digital signature