Bug#934537: buster-pu: package basez/1.6-3+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
Hi Stable Release Managers,
The basez version released in buster is affected by bug #931041 and is
consequently not properly decoding base64url stream. This bug has been
fixed in sid and testing. I've prepared fixed basez/1.6-3+deb10u1 package
for buster. See attached debdiff.
Milan
diff -Nru basez-1.6/debian/changelog basez-1.6/debian/changelog
--- basez-1.6/debian/changelog 2016-10-27 09:33:37.000000000 -0400
+++ basez-1.6/debian/changelog 2019-08-11 18:59:28.000000000 -0400
@@ -1,3 +1,9 @@
+basez (1.6-3+deb10u1) buster; urgency=medium
+
+ * Properly decode base64url encoded strings (closes: #931041)
+
+ -- Milan Kupcevic <milan@debian.org> Sun, 11 Aug 2019 18:59:28 -0400
+
basez (1.6-3) unstable; urgency=medium
* Remove configure getconf libs.
diff -Nru basez-1.6/debian/patches/base64url-decode-bug-931041 basez-1.6/debian/patches/base64url-decode-bug-931041
--- basez-1.6/debian/patches/base64url-decode-bug-931041 1969-12-31 19:00:00.000000000 -0500
+++ basez-1.6/debian/patches/base64url-decode-bug-931041 2019-08-03 23:29:13.000000000 -0400
@@ -0,0 +1,16 @@
+Description: properly decode base64url encoded strings
+Author: Milan Kupcevic <milan@debian.org>
+Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931041
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/base64.c
++++ b/base64.c
+@@ -188,7 +188,7 @@
+ bout[0] = bout[0] | c[bin[1]] >> 4;
+ }
+
+- switch(c64d[bin[2]])
++ switch(c[bin[2]])
+ {
+ case 0xfe:
+ if(bin[3] == '=')
diff -Nru basez-1.6/debian/patches/series basez-1.6/debian/patches/series
--- basez-1.6/debian/patches/series 1969-12-31 19:00:00.000000000 -0500
+++ basez-1.6/debian/patches/series 2019-08-03 22:15:31.000000000 -0400
@@ -0,0 +1 @@
+base64url-decode-bug-931041
Reply to: