Bug#942075: buster-pu: package cyrus-imapd/3.0.8-6+deb10u1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#942075: buster-pu: package cyrus-imapd/3.0.8-6+deb10u1
From: Xavier Guimard <yadd@debian.org>
Date: Wed, 09 Oct 2019 22:41:57 +0200
Message-id: <[🔎] 157065371702.30417.12871151059949611393.reportbug@deb007.xnr.fr>
Reply-to: Xavier Guimard <yadd@debian.org>, 942075@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu

Hi all,

cyrus-imapd ≤ 3.0.8 has a RC bug: it may loss data during upgrade from
stretch to buster. The fix is very simple, then I think it is low risky
to upgrade it in next Buster point release.

Cheers,
Xavier

diff --git a/debian/changelog b/debian/changelog
index 8e0033c..ecc4273 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+cyrus-imapd (3.0.8-6+deb10u1) buster; urgency=medium
+
+  * Fix data loss (Closes: #933163)
+
+ -- Xavier Guimard <yadd@debian.org>  Wed, 09 Oct 2019 22:38:07 +0200
+
 cyrus-imapd (3.0.8-6) unstable; urgency=medium
 
   [ Anthony Prades ]
diff --git a/debian/patches/0024-dont-skip-records-with-modseq-0.patch b/debian/patches/0024-dont-skip-records-with-modseq-0.patch
new file mode 100644
index 0000000..d284089
--- /dev/null
+++ b/debian/patches/0024-dont-skip-records-with-modseq-0.patch
@@ -0,0 +1,20 @@
+Description: mailbox: don't skip records with modseq == 0
+Author: Bron Gondwana <brong@fastmailteam.com>
+Origin: upstream, https://github.com/cyrusimap/cyrus-imapd/commit/02840505
+Bug: https://github.com/cyrusimap/cyrus-imapd/issues/2839
+Bug-Debian: https://bugs.debian.org/933163
+Forwarded: not-needed
+Reviewed-By: Xavier Guimard <yadd@debian.org>
+Last-Update: 2019-10-09
+
+--- a/imap/mailbox.c
++++ b/imap/mailbox.c
+@@ -6513,7 +6513,7 @@
+         const struct index_record *record = msg_record(iter->msg);
+         if (!record->uid) continue; /* can happen on damaged mailboxes */
+         if ((record->system_flags & iter->skipflags)) continue;
+-        if (record->modseq <= iter->changedsince) continue;
++        if (iter->changedsince && record->modseq <= iter->changedsince) continue;
+         return iter->msg;
+     }
+ 
diff --git a/debian/patches/series b/debian/patches/series
index c5d71b5..e9631e4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -22,3 +22,4 @@
 0022-close-backups-on-failure.patch
 0023-fix-memory-leak-on-ldap-failure.patch
 CVE-2019-11356.patch
+0024-dont-skip-records-with-modseq-0.patch

Reply to:

Follow-Ups:
- Bug#942075: buster-pu: package cyrus-imapd/3.0.8-6+deb10u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Processed: Re: Bug#942075: buster-pu: package cyrus-imapd/3.0.8-6+deb10u1
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#942075: cyrus-imapd 3.0.8-6+deb10u1 flagged for acceptance
  - From: Adam D Barratt <adam@adam-barratt.org.uk>

Prev by Date: Processed: marisa: perl bindings are broken when linked with gcc-9
Next by Date: Bug#942095: nmu: rebuild packages for binutils 2.33
Previous by thread: Processed: marisa: perl bindings are broken when linked with gcc-9
Next by thread: Bug#942075: buster-pu: package cyrus-imapd/3.0.8-6+deb10u1
Index(es):
- Date
- Thread