[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#926132: marked as done (unblock: curl/7.64.0-2)

Your message dated Sun, 31 Mar 2019 21:34:04 +0100
with message-id <20190331203404.GA12262@powdarrmonkey.net>
and subject line Re: Bug#926132: unblock: curl/7.64.0-2
has caused the Debian Bug report #926132,
regarding unblock: curl/7.64.0-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
926132: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926132
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package curl

The version in sid fixes #922554, which affects several users of NetworkManager.
and is marked as important (the patch is backported from upstream).

Debdiff is attached.

At the time I uploaded it I expected it to migrate to testing before the freeze,
but apparently I did the math wrong. Anyway an unrelated change adding a couple
of entries to the previous upload'ss changelog was also included (as you can see
from the debdiff), hope that's not too much of a problem.

unblock curl/7.64.0-2

-- System Information:
Debian Release: buster/sid
  APT prefers buildd-unstable
  APT policy: (500, 'buildd-unstable'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

diff -Nru curl-7.64.0/debian/changelog curl-7.64.0/debian/changelog
--- curl-7.64.0/debian/changelog	2019-02-06 22:33:05.000000000 +0000
+++ curl-7.64.0/debian/changelog	2019-03-07 20:02:35.000000000 +0000
@@ -1,3 +1,9 @@
+curl (7.64.0-2) unstable; urgency=medium
+
+  * Fix infinite loop when fetching URLs with unreachable IPv6 (Closes: #922554)
+
+ -- Alessandro Ghedini <ghedo@debian.org>  Thu, 07 Mar 2019 20:02:35 +0000
+
 curl (7.64.0-1) unstable; urgency=medium
 
   * New upstream release
@@ -8,6 +14,8 @@
     + Fix SMTP end-of-response out-of-bounds read as per CVE-2019-3823
       https://curl.haxx.se/docs/CVE-2019-3823.html
     + Fix HTTP negotiation with POST requests (Closes: #920267)
+  * Refresh patches
+  * Import fixes for zsh completion script generator (Closes: #92145)
 
  -- Alessandro Ghedini <ghedo@debian.org>  Wed, 06 Feb 2019 22:33:05 +0000
 
diff -Nru curl-7.64.0/debian/patches/13_singlesocket-fix-the-sincebefore-placement.patch curl-7.64.0/debian/patches/13_singlesocket-fix-the-sincebefore-placement.patch
--- curl-7.64.0/debian/patches/13_singlesocket-fix-the-sincebefore-placement.patch	1970-01-01 01:00:00.000000000 +0100
+++ curl-7.64.0/debian/patches/13_singlesocket-fix-the-sincebefore-placement.patch	2019-03-07 20:02:35.000000000 +0000
@@ -0,0 +1,38 @@
+From afc00e047c773faeaa60a5f86a246cbbeeba5819 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 19 Feb 2019 15:56:54 +0100
+Subject: [PATCH] singlesocket: fix the 'sincebefore' placement
+
+The variable wasn't properly reset within the loop and thus could remain
+set for sockets that hadn't been set before and miss notifying the app.
+
+This is a follow-up to 4c35574 (shipped in curl 7.64.0)
+
+Reported-by: buzo-ffm on github
+Detected-by: Jan Alexander Steffens
+Fixes #3585
+Closes #3589
+---
+ lib/multi.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/lib/multi.c
++++ b/lib/multi.c
+@@ -2360,8 +2360,6 @@
+   int num;
+   unsigned int curraction;
+   int actions[MAX_SOCKSPEREASYHANDLE];
+-  unsigned int comboaction;
+-  bool sincebefore = FALSE;
+ 
+   for(i = 0; i< MAX_SOCKSPEREASYHANDLE; i++)
+     socks[i] = CURL_SOCKET_BAD;
+@@ -2380,6 +2378,8 @@
+       i++) {
+     unsigned int action = CURL_POLL_NONE;
+     unsigned int prevaction = 0;
++    unsigned int comboaction;
++    bool sincebefore = FALSE;
+ 
+     s = socks[i];
+ 
diff -Nru curl-7.64.0/debian/patches/series curl-7.64.0/debian/patches/series
--- curl-7.64.0/debian/patches/series	2019-02-06 22:33:05.000000000 +0000
+++ curl-7.64.0/debian/patches/series	2019-03-07 20:02:35.000000000 +0000
@@ -4,6 +4,7 @@
 08_enable-zsh.patch
 11_omit-directories-from-config.patch
 12_zsh.patch
+13_singlesocket-fix-the-sincebefore-placement.patch
 
 # do not add patches below
 90_gnutls.patch

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message --- 
On Sun, Mar 31, 2019 at 08:43:31PM +0100, Alessandro Ghedini wrote:
> Please unblock package curl
> 
> The version in sid fixes #922554, which affects several users of NetworkManager.
> and is marked as important (the patch is backported from upstream).

Unblocked; thanks.


-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

--- End Message ---
Reply to: