Bug#927189: unblock: docker.io/18.09.1+dfsg1-5+b10

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#927189: unblock: docker.io/18.09.1+dfsg1-5+b10
From: Arnaud Rebillout <arnaud.rebillout@collabora.com>
Date: Tue, 16 Apr 2019 10:21:53 +0700
Message-id: <[🔎] 155538491381.32194.9390495195301516414.reportbug@xps>
Reply-to: Arnaud Rebillout <arnaud.rebillout@collabora.com>, 927189@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Please unblock package docker.io.

unblock docker.io/18.09.1+dfsg1-5+b10

I'd like to fix #925224 [1] for buster. The fix is trivial, and allows
the docker's debootstrap script to work again when it queries
security.debian.org, by following redirections. Please see bug for
more details.

I attached a source debdiff as mentioned in buster freeze policy [2].

Sorry for the inconvenience,

Thanks!

  Arnaud

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925224
[2] https://release.debian.org/buster/freeze_policy.html.

- -- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-----BEGIN PGP SIGNATURE-----

iQJTBAEBCgA9FiEE0Kl7ndbut+9n4bYs5yXoeRRgAhYFAly1Sk0fHGFybmF1ZC5y
ZWJpbGxvdXRAY29sbGFib3JhLmNvbQAKCRDnJeh5FGACFgnpD/4yuJiQwCsyo/RD
MgK3YGW6cr2wGd3VcrRuoIp7B1sVGO+fJej/dqAZWI2/prRqQaLc878bjF4ipR88
54k4CuCucdvvEcfz+lwaTuecQwzMzWNAQDwq1qUq1ImvusC9Od2Z276BF3+rMy2Y
8KyeJ3w+gCH/tAHAhqfWMFmkFUHujdoBMkXBgqZEUF1IjjYhW8Qg2bGyOysdt1vJ
MCTaIWg/R5ZJWFG8Ef/jbOkCwXJxEBugaAk72lIG5K0ShoYyfuL94l3CPnklwecP
t+6rmaEkHo9g1/y8OWIfr6c2I0znPannNGpMgOVSgTW5ABJDVnWyyR9n9veUnhw6
mAdbivorf6/ZopH7zEYYWAG5q5/5c1L/UWr+buJgPwFgpH+OMN1/BF4IB8PzryA1
QJ7SVXxxon7Hw+YosPXisuY3Riw6uFe9dhT0du1nqC0celOPFaxsd6SRBhlv3G6I
ldwLTV41jGC71YHR7Dhqg14Nq5aSSCpR8CsF5YpvQIfgxH1XNEvMDrdHoueQlh6A
dU0h3sBQJJz/BuOD2BVoYt+cMaU5qtnq49ZIK9T0XQGWrsytm3/UEM5gHHehDnVL
c60Ah23D9EnFuQji5RfAHSLFn4ZHO2aGhBe5xJH4T461My3r5uMZmROeANbTZIK8
rq2IJ7ujE6NAVnDAaTYzANYytcbGZg==
=4P6K
-----END PGP SIGNATURE-----

diff -Nru docker.io-18.09.1+dfsg1/debian/changelog docker.io-18.09.1+dfsg1/debian/changelog
--- docker.io-18.09.1+dfsg1/debian/changelog	2019-02-02 06:00:35.000000000 +0700
+++ docker.io-18.09.1+dfsg1/debian/changelog	2019-04-16 09:56:17.000000000 +0700
@@ -1,3 +1,9 @@
+docker.io (18.09.1+dfsg1-6) unstable; urgency=medium
+
+  * Add patch to fix Debian security presence check (Closes: #925224).
+
+ -- Arnaud Rebillout <arnaud.rebillout@collabora.com>  Tue, 16 Apr 2019 09:56:17 +0700
+
 docker.io (18.09.1+dfsg1-5) unstable; urgency=medium
 
   * Install "containerd-shim" as "docker-containerd-shim" (Closes: #920935).
diff -Nru docker.io-18.09.1+dfsg1/debian/patches/engine-contrib-debootstrap-curl-follow-location.patch docker.io-18.09.1+dfsg1/debian/patches/engine-contrib-debootstrap-curl-follow-location.patch
--- docker.io-18.09.1+dfsg1/debian/patches/engine-contrib-debootstrap-curl-follow-location.patch	1970-01-01 08:00:00.000000000 +0800
+++ docker.io-18.09.1+dfsg1/debian/patches/engine-contrib-debootstrap-curl-follow-location.patch	2019-04-16 09:56:17.000000000 +0700
@@ -0,0 +1,25 @@
+From: Mattias Jernberg <nostrad@gmail.com>
+Date: Wed, 5 Dec 2018 19:35:17 +0100
+Subject: mkimage: Fix Debian security presence check
+
+Add Location following since security redirects to security-cdn and caused the repository to be added on Debian unstable.
+
+Signed-off-by: Mattias Jernberg <nostrad@gmail.com>
+Origin: upstream, https://github.com/docker/engine/commit/8db5403
+---
+ contrib/mkimage/debootstrap | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/engine/contrib/mkimage/debootstrap b/engine/contrib/mkimage/debootstrap
+index 9f7d8987ad2a..a919429b0bde 100755
+--- a/engine/contrib/mkimage/debootstrap
++++ b/engine/contrib/mkimage/debootstrap
+@@ -193,7 +193,7 @@ if [ -z "$DONT_TOUCH_SOURCES_LIST" ]; then
+ 	case "$lsbDist" in
+ 		debian)
+ 			# updates and security!
+-			if curl -o /dev/null -s --head --fail "http://security.debian.org/dists/$suite/updates/main/binary-$(rootfs_chroot dpkg --print-architecture)/Packages.gz"; then
++			if curl -o /dev/null -s --head --location --fail "http://security.debian.org/dists/$suite/updates/main/binary-$(rootfs_chroot dpkg --print-architecture)/Packages.gz"; then
+ 				(
+ 					set -x
+ 					sed -i "
diff -Nru docker.io-18.09.1+dfsg1/debian/patches/series docker.io-18.09.1+dfsg1/debian/patches/series
--- docker.io-18.09.1+dfsg1/debian/patches/series	2019-01-27 17:02:58.000000000 +0700
+++ docker.io-18.09.1+dfsg1/debian/patches/series	2019-04-16 09:56:17.000000000 +0700
@@ -12,6 +12,7 @@
 cli-fix-manpages-build-script.patch
 cli-fix-registry-debug-message-go-1.11.patch
 
+engine-contrib-debootstrap-curl-follow-location.patch
 engine-test-noinstall.patch
 
 go-metrics_prometheus-fix_Observer.patch

Reply to:

Follow-Ups:
- Bug#927189: unblock: docker.io/18.09.1+dfsg1-5+b10
  - From: Niels Thykier <niels@thykier.net>
- Processed: Re: Bug#927189: unblock: docker.io/18.09.1+dfsg1-5+b10
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Processed: Re: Bug#927189: unblock: docker.io/18.09.1+dfsg1-5+b10
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#927183: [pre-approval] unblock: debiancontributors/0.7.8-1
Next by Date: Bug#927191: stretch-pu: package python-django-casclient/1.2.0-2
Previous by thread: Bug#927183: marked as done ([pre-approval] unblock: debiancontributors/0.7.8-1)
Next by thread: Bug#927189: unblock: docker.io/18.09.1+dfsg1-5+b10
Index(es):
- Date
- Thread