Bug#960376: marked as done (buster-pu: package libyang/0.16.105-1)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#960376: marked as done (buster-pu: package libyang/0.16.105-1)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 01 Aug 2020 11:57:29 +0000
Message-id: <[🔎] handler.960376.D960376.159628273915567.ackdone@bugs.debian.org>
Reply-to: 960376@bugs.debian.org
References: <43535efb498a168cf81452ca0c326f004f46adc6.camel@adam-barratt.org.uk> <158926777944.24226.12815526213532213002.reportbug@calcifer.rfc1925.org>

Your message dated Sat, 01 Aug 2020 12:51:28 +0100
with message-id <43535efb498a168cf81452ca0c326f004f46adc6.camel@adam-barratt.org.uk>
and subject line Closing bugs for fixes included in 10.5 point release
has caused the Debian Bug report #960376,
regarding buster-pu: package libyang/0.16.105-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
960376: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960376
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: buster-pu: package libyang/0.16.105-1
From: Ondřej Surý <ondrej@sury.org>
Date: Tue, 12 May 2020 09:16:19 +0200
Message-id: <158926777944.24226.12815526213532213002.reportbug@calcifer.rfc1925.org>

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

there are two low-priority CVEs affecting libyang and the security team
suggested updating this via SRM, so I am doing that.

(I was asked by David Lamparter to help with libyang and frr packaging.)

The updated package basically pulls the three extra patches that have
been added to version in unstable.

Changes:
 libyang (0.16.105-1+deb10u1) buster; urgency=medium
 .
   * Fix CVE-2019-19333 & CVE-2019-19334 (Closes: #946217)
   * Fix cache corruption crash (upstream bug 752)

Thanks,
Ondrej

- -- System Information:
Debian Release: 10.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-8-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE=en_IE:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAl66TUNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcJgBA//UDW+bFmaPs1+i2C7IC/KpCNfxTduocVoXYyJaKzNVEvFANkTntBspuZ7
1h1qpYu1VxqF3K/9UaRAtZg4mqFy957a+537Z3ChlR61Z7NmzpjiSkWPuxM7XKJH
7+3C5T1PQPypVcBhXmQaGJRkO3/NJ+ZpGkxnIPEdcO4pxsfwuojOXvbJxRRX26Ho
yz9cu0r27hrF3RGRemqW3v4TCCmdCLnH5xm1LhI3px1+bt3qOAWHE/f07F8bfyGP
0Cv0UKY8kuimaQOGdNxCL/zJ1ijw1jFJld2TN3fm2DU37WRao0dnmirrjTRxRI+W
I1+FXBMpXLgFaye4zR6zgatRh4jEHRcCvLlI70P1gSeD5jY9VHMmSDvNo1lIBGlw
JTvO8hg/rSKkm8PKUQ3GJYc0qmbC88xTkP2AsS7QFIsXwelQzqaxodHA3ncIdmES
W82NRfycMyxnhp20JgerHsx0rxzpb/5ax7MYC6vmNHAE4Rc8OXx3qxrcC7ZI3Xxl
CM5XumQSJUt1NmnwXGgjJsm8dX+1eaZTmdYT8pU7Sz9wfsyesTPZvi5m2QSEguL0
Z33WFBHgrOqaA+jhr8PlhY4t/BARpe0TBWmuKRMA7nVxo3vbJVrddmuImOSpveWn
SNghIUeFTkCz05cqBVS1Urho1mTEGp7u+XSJcdoZlEr/QwxT1nQ=
=ivkD
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 3.0 (quilt)
Source: libyang
Binary: libyang0.16, libyang-dev, yang-tools, libyang-cpp0.16, libyang-cpp-dev, python3-yang, python3-yang-dbg
Architecture: any
Version: 0.16.105-1+deb10u1
Maintainer: David Lamparter <equinox-debian@diac24.net>
Uploaders: CESNET <rkrejci@cesnet.cz>
Homepage: https://netopeer.liberouter.org/
Standards-Version: 4.2.1
Vcs-Browser: https://github.com/CESNET/libyang/tree/debian
Vcs-Git: https://github.com/CESNET/libyang.git -b debian
Testsuite: autopkgtest
Testsuite-Triggers: gzip, python3-all
Build-Depends: bison, cmake, debhelper (>= 11~), libcmocka-dev <!nocheck>, libpcre3-dev, swig (>= 3.0.12), python3-all-dev, python3-all-dbg, pkg-config
Package-List:
 libyang-cpp-dev deb libdevel optional arch=any
 libyang-cpp0.16 deb libs optional arch=any
 libyang-dev deb libdevel optional arch=any
 libyang0.16 deb libs optional arch=any
 python3-yang deb python optional arch=any
 python3-yang-dbg deb debug optional arch=any
 yang-tools deb devel optional arch=any
Checksums-Sha1:
 68601741bf42c124a63ca0579ceea1d8e6faf4dd 2999818 libyang_0.16.105.orig.tar.gz
 e62f67aef08e6d134c931e8da7bb1ba960ea0a1e 19660 libyang_0.16.105-1+deb10u1.debian.tar.xz
Checksums-Sha256:
 4745460dedc4ba17d8bcfc39ad9ba0d1b91bbe82b55b9417a090390909ba8ca5 2999818 libyang_0.16.105.orig.tar.gz
 a79468c764550221244017ea6b81f4ab463b429c15c2daa9492c4e9aa6cf50de 19660 libyang_0.16.105-1+deb10u1.debian.tar.xz
Files:
 a7cc2cc10de2ec92a51eee69c98566fa 2999818 libyang_0.16.105.orig.tar.gz
 517b25fcb3aca7e8bd238f28ed634b60 19660 libyang_0.16.105-1+deb10u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAl66TPBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcJbeA//SWBLjEYqHNCMvONCYIrwflShNGYBT6FDdGeUkxuDlN5dsSfm0lG77W5h
MaVFQ8qtPVYtBt8m3ZGlqxuMtwlrmkuJIObAtxs0eiFeJ2U2Zec073iz2s5OYBwt
UrVpBCEcfAOf0zMXTDglSZTqLJQ3qAfCzjgAKKrC/4rvTYMQqZ2PdcrGovjOTqEJ
weNCABr0qI3lClHdIXsWYMejp0CZsOH3vaSfLSrwAnQHL1H+qxHpLjIAkcgWOiTz
B159wZ86xFiiipaTc1cba+4DESoBJyiSU7NdPa3Lxrta/EVAsozXK2F0gLGoTgeY
DdDVvRKItU6iDD4GEEx8s7xwG1lq6IWl23l8D3wBn4wDXvrjz4KcdjB9ujo99AxX
vc6F1PKz0C7B/NA7lT0e2d8EtSEp98Gy98059Z52k+2Krh3LV/qrbcS19v9Y+Gh6
tlK0w5mYlg8TiSOpEA8BecM9qq9iWO/AGzDm2qaJvih7A6NKqZrpBH9r4CvifNdd
d0WmSeGTxFX2ogBc1pu1li6bdTzLuxPNAfF7I+qBMLdzJAP7pIfzlqihJ/+rJSQJ
IT0CdRlyVzDxD9M13SBNAdWNeIGpKSJrau4L4B8L5/CcCNTa/lP+4vm3meLxiw4g
Con9zDiFZOnSd5T3hOv8hYsLtu1kIUv0P7EvWYhSRzxlKyKUjMg=
=97Ie
-----END PGP SIGNATURE-----

diff -Nru libyang-0.16.105/debian/changelog libyang-0.16.105/debian/changelog
--- libyang-0.16.105/debian/changelog	2019-01-23 01:32:43.000000000 +0100
+++ libyang-0.16.105/debian/changelog	2020-05-12 09:02:56.000000000 +0200
@@ -1,3 +1,10 @@
+libyang (0.16.105-1+deb10u1) buster; urgency=medium
+
+  * Fix CVE-2019-19333 & CVE-2019-19334 (Closes: #946217)
+  * Fix cache corruption crash (upstream bug 752)
+
+ -- Ondřej Surý <ondrej@debian.org>  Tue, 12 May 2020 09:02:56 +0200
+
 libyang (0.16.105-1) unstable; urgency=medium
 
   * upstream 0.16.105 (0.16-r3) release
diff -Nru libyang-0.16.105/debian/gbp.conf libyang-0.16.105/debian/gbp.conf
--- libyang-0.16.105/debian/gbp.conf	1970-01-01 01:00:00.000000000 +0100
+++ libyang-0.16.105/debian/gbp.conf	2020-05-12 09:02:56.000000000 +0200
@@ -0,0 +1,7 @@
+[DEFAULT]
+debian-branch = debian/buster
+upstream-branch = upstream/buster
+pristine-tar = True
+
+[dch]
+meta = 1
diff -Nru libyang-0.16.105/debian/patches/0001-parser-BUGFIX-long-identity-name-buffer-overflow.patch libyang-0.16.105/debian/patches/0001-parser-BUGFIX-long-identity-name-buffer-overflow.patch
--- libyang-0.16.105/debian/patches/0001-parser-BUGFIX-long-identity-name-buffer-overflow.patch	1970-01-01 01:00:00.000000000 +0100
+++ libyang-0.16.105/debian/patches/0001-parser-BUGFIX-long-identity-name-buffer-overflow.patch	2020-05-12 09:02:56.000000000 +0200
@@ -0,0 +1,253 @@
+Applied-Upstream: f6d684ade99dd37b21babaa8a856f64faa1e2e0d
+Author: Michal Vasko <mvasko@cesnet.cz>
+Last-Update: 2019-12-22
+Description: parser BUGFIX long identity name buffer overflow
+ STRING_OVERFLOW (CWE-120)
+
+diff --git a/src/parser.c b/src/parser.c
+index 3303041d15e7..281a97aac6d6 100644
+--- a/src/parser.c
++++ b/src/parser.c
+@@ -979,7 +979,7 @@ lyp_precompile_pattern(struct ly_ctx *ctx, const char *pattern, pcre** pcre_cmp,
+  * @param[in] data2 If \p type is #LY_TYPE_BITS: (int *) type bit field length,
+  *                                #LY_TYPE_DEC64: (uint8_t *) number of fraction digits (position of the floating point),
+  *                                otherwise ignored.
+- * @return 1 if a conversion took place, 0 if the value was kept the same.
++ * @return 1 if a conversion took place, 0 if the value was kept the same, -1 on error.
+  */
+ static int
+ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, void *data2)
+@@ -994,6 +994,8 @@ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, vo
+     uint64_t unum;
+     uint8_t c;
+ 
++#define LOGBUF(str) LOGERR(ctx, LY_EINVAL, "Value \"%s\" is too long.", str)
++
+     switch (type) {
+     case LY_TYPE_BITS:
+         bits = (struct lys_type_bit **)data1;
+@@ -1006,8 +1008,10 @@ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, vo
+                 continue;
+             }
+             if (buf[0]) {
++                LY_CHECK_ERR_RETURN(strlen(buf) + 1 + strlen(bits[i]->name) > buf_len, LOGBUF(bits[i]->name), -1);
+                 sprintf(buf + strlen(buf), " %s", bits[i]->name);
+             } else {
++                LY_CHECK_ERR_RETURN(strlen(bits[i]->name) > buf_len, LOGBUF(bits[i]->name), -1);
+                 strcpy(buf, bits[i]->name);
+             }
+         }
+@@ -1025,7 +1029,7 @@ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, vo
+ 
+     case LY_TYPE_INST:
+         exp = lyxp_parse_expr(ctx, *value);
+-        LY_CHECK_ERR_RETURN(!exp, LOGINT(ctx), 0);
++        LY_CHECK_ERR_RETURN(!exp, LOGINT(ctx), -1);
+ 
+         module_name = NULL;
+         count = 0;
+@@ -1035,9 +1039,9 @@ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, vo
+             /* copy WS */
+             if (i && ((end = exp->expr + exp->expr_pos[i - 1] + exp->tok_len[i - 1]) != cur_expr)) {
+                 if (count + (cur_expr - end) > buf_len) {
+-                    LOGINT(ctx);
+                     lyxp_expr_free(exp);
+-                    return 0;
++                    LOGBUF(end);
++                    return -1;
+                 }
+                 strncpy(&buf[count], end, cur_expr - end);
+                 count += cur_expr - end;
+@@ -1051,9 +1055,9 @@ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, vo
+                 if (!module_name || strncmp(cur_expr, module_name, j)) {
+                     /* print module name with colon, it does not equal to the parent one */
+                     if (count + j > buf_len) {
+-                        LOGINT(ctx);
+                         lyxp_expr_free(exp);
+-                        return 0;
++                        LOGBUF(cur_expr);
++                        return -1;
+                     }
+                     strncpy(&buf[count], cur_expr, j);
+                     count += j;
+@@ -1062,17 +1066,17 @@ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, vo
+ 
+                 /* copy the rest */
+                 if (count + (exp->tok_len[i] - j) > buf_len) {
+-                    LOGINT(ctx);
+                     lyxp_expr_free(exp);
+-                    return 0;
++                    LOGBUF(end);
++                    return -1;
+                 }
+                 strncpy(&buf[count], end, exp->tok_len[i] - j);
+                 count += exp->tok_len[i] - j;
+             } else {
+                 if (count + exp->tok_len[i] > buf_len) {
+-                    LOGINT(ctx);
+                     lyxp_expr_free(exp);
+-                    return 0;
++                    LOGBUF(&exp->expr[exp->expr_pos[i]]);
++                    return -1;
+                 }
+                 strncpy(&buf[count], &exp->expr[exp->expr_pos[i]], exp->tok_len[i]);
+                 count += exp->tok_len[i];
+@@ -1081,7 +1085,7 @@ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, vo
+         if (count > buf_len) {
+             LOGINT(ctx);
+             lyxp_expr_free(exp);
+-            return 0;
++            return -1;
+         }
+         buf[count] = '\0';
+ 
+@@ -1146,6 +1150,8 @@ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, vo
+     }
+ 
+     return 0;
++
++#undef LOGBUF
+ }
+ 
+ static const char *
+@@ -1411,7 +1417,10 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             c = c + len;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_BITS, value_, bits, &type->info.bits.count);
++        if (make_canonical(ctx, LY_TYPE_BITS, value_, bits, &type->info.bits.count) == -1) {
++            free(bits);
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+@@ -1469,7 +1478,9 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             goto error;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_DEC64, value_, &num, &type->info.dec64.dig);
++        if (make_canonical(ctx, LY_TYPE_DEC64, value_, &num, &type->info.dec64.dig) == -1) {
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+@@ -1597,7 +1608,10 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             type->parent->flags |= LYS_DFLTJSON;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_IDENT, &value, (void*)lys_main_module(local_mod)->name, NULL);
++        if (make_canonical(ctx, LY_TYPE_IDENT, &value, (void*)lys_main_module(local_mod)->name, NULL) == -1) {
++            lydict_remove(ctx, value);
++            goto error;
++        }
+ 
+         /* replace the old value with the new one (even if they may be the same) */
+         lydict_remove(ctx, *value_);
+@@ -1650,8 +1664,12 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             /* turn logging back on */
+             ly_ilo_restore(NULL, prev_ilo, NULL, 0);
+         } else {
+-            if (make_canonical(ctx, LY_TYPE_INST, &value, NULL, NULL)) {
+-                /* if a change occured, value was removed from the dicionary so fix the pointers */
++            if ((c = make_canonical(ctx, LY_TYPE_INST, &value, NULL, NULL))) {
++                if (c == -1) {
++                    goto error;
++                }
++
++                /* if a change occurred, value was removed from the dictionary so fix the pointers */
+                 *value_ = value;
+             }
+         }
+@@ -1752,7 +1770,9 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             goto error;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_INT8, value_, &num, NULL);
++        if (make_canonical(ctx, LY_TYPE_INT8, value_, &num, NULL) == -1) {
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+@@ -1767,7 +1787,9 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             goto error;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_INT16, value_, &num, NULL);
++        if (make_canonical(ctx, LY_TYPE_INT16, value_, &num, NULL) == -1) {
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+@@ -1782,7 +1804,9 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             goto error;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_INT32, value_, &num, NULL);
++        if (make_canonical(ctx, LY_TYPE_INT32, value_, &num, NULL) == -1) {
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+@@ -1798,7 +1822,9 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             goto error;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_INT64, value_, &num, NULL);
++        if (make_canonical(ctx, LY_TYPE_INT64, value_, &num, NULL) == -1) {
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+@@ -1813,7 +1839,9 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             goto error;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_UINT8, value_, &unum, NULL);
++        if (make_canonical(ctx, LY_TYPE_UINT8, value_, &unum, NULL) == -1) {
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+@@ -1828,7 +1856,9 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             goto error;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_UINT16, value_, &unum, NULL);
++        if (make_canonical(ctx, LY_TYPE_UINT16, value_, &unum, NULL) == -1) {
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+@@ -1843,7 +1873,9 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             goto error;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_UINT32, value_, &unum, NULL);
++        if (make_canonical(ctx, LY_TYPE_UINT32, value_, &unum, NULL) == -1) {
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+@@ -1858,7 +1890,9 @@ lyp_parse_value(struct lys_type *type, const char **value_, struct lyxml_elem *x
+             goto error;
+         }
+ 
+-        make_canonical(ctx, LY_TYPE_UINT64, value_, &unum, NULL);
++        if (make_canonical(ctx, LY_TYPE_UINT64, value_, &unum, NULL) == -1) {
++            goto error;
++        }
+ 
+         if (store) {
+             /* store the result */
+-- 
+2.24.1
+
diff -Nru libyang-0.16.105/debian/patches/0002-parser-BUGFIX-long-identityref-default-value-buffer-.patch libyang-0.16.105/debian/patches/0002-parser-BUGFIX-long-identityref-default-value-buffer-.patch
--- libyang-0.16.105/debian/patches/0002-parser-BUGFIX-long-identityref-default-value-buffer-.patch	1970-01-01 01:00:00.000000000 +0100
+++ libyang-0.16.105/debian/patches/0002-parser-BUGFIX-long-identityref-default-value-buffer-.patch	2020-05-12 09:02:56.000000000 +0200
@@ -0,0 +1,24 @@
+Applied-Upstream: 6980afae2ff9fcd6d67508b0a3f694d75fd059d6
+Author: Michal Vasko <mvasko@cesnet.cz>
+Last-Updated: 2019-12-22
+Description: parser BUGFIX long identityref default value buffer overflow
+ STRING_OVERFLOW (CWE-120)
+
+diff --git a/src/parser.c b/src/parser.c
+index 281a97aac6d6..6979b9c17df3 100644
+--- a/src/parser.c
++++ b/src/parser.c
+@@ -1021,8 +1021,10 @@ make_canonical(struct ly_ctx *ctx, int type, const char **value, void *data1, vo
+         module_name = (const char *)data1;
+         /* identity must always have a prefix */
+         if (!strchr(*value, ':')) {
++            LY_CHECK_ERR_RETURN(strlen(module_name) + 1 + strlen(*value) > buf_len, LOGBUF(*value), -1);
+             sprintf(buf, "%s:%s", module_name, *value);
+         } else {
++            LY_CHECK_ERR_RETURN(strlen(*value) > buf_len, LOGBUF(*value), -1);
+             strcpy(buf, *value);
+         }
+         break;
+-- 
+2.24.1
+
diff -Nru libyang-0.16.105/debian/patches/0003-data-tree-BUGFIX-handle-hashes-for-lyd_dup_withsibli.patch libyang-0.16.105/debian/patches/0003-data-tree-BUGFIX-handle-hashes-for-lyd_dup_withsibli.patch
--- libyang-0.16.105/debian/patches/0003-data-tree-BUGFIX-handle-hashes-for-lyd_dup_withsibli.patch	1970-01-01 01:00:00.000000000 +0100
+++ libyang-0.16.105/debian/patches/0003-data-tree-BUGFIX-handle-hashes-for-lyd_dup_withsibli.patch	2020-05-12 09:02:56.000000000 +0200
@@ -0,0 +1,55 @@
+Applied-Upstream: 4eae42b0d36f07ae91672d648ecd4ce37701b356
+Author: Michal Vasko <mvasko@cesnet.cz>
+Last-Updated: 2019-12-22
+Description: data tree BUGFIX handle hashes for lyd_dup_withsiblings
+
+diff --git a/src/tree_data.c b/src/tree_data.c
+index f0fb27b7d165..8bad9c9ea58b 100644
+--- a/src/tree_data.c
++++ b/src/tree_data.c
+@@ -5747,14 +5747,28 @@ lyd_dup_withsiblings_r(const struct lyd_node *first, struct lyd_node *parent_dup
+         last_dup->when_status = next->when_status;
+ 
+         last_dup->parent = parent_dup;
++        /* connect to the parent or the siblings */
+         if (!first_dup) {
+             first_dup = last_dup;
++            if (parent_dup) {
++                parent_dup->child = first_dup;
++            }
+         } else {
+             assert(prev_dup);
+             prev_dup->next = last_dup;
+             last_dup->prev = prev_dup;
+         }
+ 
++#ifdef LY_ENABLED_CACHE
++        /* copy hash */
++        if ((last_dup->schema->nodetype != LYS_LIST) || lyd_list_has_keys(last_dup)) {
++            last_dup->hash = next->hash;
++        }
++
++        /* insert into parent */
++        lyd_insert_hash(last_dup);
++#endif
++
+         if ((next->schema->nodetype & (LYS_LIST | LYS_CONTAINER | LYS_RPC | LYS_ACTION | LYS_NOTIF)) && next->child) {
+             /* recursively duplicate all children */
+             if (!lyd_dup_withsiblings_r(next->child, last_dup, options)) {
+@@ -5765,12 +5779,9 @@ lyd_dup_withsiblings_r(const struct lyd_node *first, struct lyd_node *parent_dup
+         prev_dup = last_dup;
+     }
+ 
+-    /* correctly set last sibling and parent child pointer */
++    /* correctly set last sibling */
+     assert(!prev_dup->next);
+     first_dup->prev = prev_dup;
+-    if (parent_dup) {
+-        parent_dup->child = first_dup;
+-    }
+ 
+     return first_dup;
+ 
+-- 
+2.24.1
+
diff -Nru libyang-0.16.105/debian/patches/pybuild libyang-0.16.105/debian/patches/pybuild
--- libyang-0.16.105/debian/patches/pybuild	2018-11-09 18:14:24.000000000 +0100
+++ libyang-0.16.105/debian/patches/pybuild	2020-05-12 09:02:56.000000000 +0200
@@ -3,7 +3,7 @@
  version, and on top of that there was no way to get things built for a debug
  version of python.
 Author: David Lamparter <equinox-debian@diac24.net>
-Last-Update: 2018-11-08
+Last-Update: 2019-12-22
 
 diff --git a/swig/CMakeLists.txt b/swig/CMakeLists.txt
 index a2b2616256da..d10b495f6297 100644
@@ -89,7 +89,7 @@
  
  set(CMAKE_SWIG_FLAGS "-c++")
 -set(CMAKE_SWIG_FLAGS "-I${PROJECT_SOURCE_DIR}")
-+set(CMAKE_SWIG_FLAGS "-I${PROJECT_SOURCE_DIR}" "-I${PROJECT_SOURCE_DIR}/cpp/src")
++set(CMAKE_SWIG_FLAGS "-I${PROJECT_SOURCE_DIR}" "-I${PROJECT_SOURCE_DIR}/cpp/src" "-interface" "_${PYTHON_SWIG_BINDING}")
  set(CMAKE_SWIG_OUTDIR ${CMAKE_CURRENT_BINARY_DIR})
  
 -set_source_files_properties(${PYTHON_SWIG_BINDING}.i PROPERTIES CPLUSPLUS ON PREFIX "")
diff -Nru libyang-0.16.105/debian/patches/series libyang-0.16.105/debian/patches/series
--- libyang-0.16.105/debian/patches/series	2019-01-23 01:14:14.000000000 +0100
+++ libyang-0.16.105/debian/patches/series	2020-05-12 09:02:56.000000000 +0200
@@ -1,2 +1,5 @@
 pybuild
 swigpy37
+0001-parser-BUGFIX-long-identity-name-buffer-overflow.patch
+0002-parser-BUGFIX-long-identityref-default-value-buffer-.patch
+0003-data-tree-BUGFIX-handle-hashes-for-lyd_dup_withsibli.patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 May 2020 09:02:56 +0200
Source: libyang
Architecture: source
Version: 0.16.105-1+deb10u1
Distribution: buster-updates
Urgency: medium
Maintainer: David Lamparter <equinox-debian@diac24.net>
Changed-By: Ondřej Surý <ondrej@debian.org>
Closes: 946217
Changes:
 libyang (0.16.105-1+deb10u1) buster; urgency=medium
 .
   * Fix CVE-2019-19333 & CVE-2019-19334 (Closes: #946217)
   * Fix cache corruption crash (upstream bug 752)
Checksums-Sha1:
 bf53eda0662705a33995d79082827488c8fd325a 2593 libyang_0.16.105-1+deb10u1.dsc
 e62f67aef08e6d134c931e8da7bb1ba960ea0a1e 19660 libyang_0.16.105-1+deb10u1.debian.tar.xz
 1d828cd2aa7bafd6818b92403144139b696aab7d 10658 libyang_0.16.105-1+deb10u1_amd64.buildinfo
Checksums-Sha256:
 a96584d1832a282119329180f647c0292811ab0fcc6d80ded26f9770f89a945d 2593 libyang_0.16.105-1+deb10u1.dsc
 a79468c764550221244017ea6b81f4ab463b429c15c2daa9492c4e9aa6cf50de 19660 libyang_0.16.105-1+deb10u1.debian.tar.xz
 7c3f5e7ec044632c2acb3b8873466bb5afa6124ccd46cc1e84121972a28d40e1 10658 libyang_0.16.105-1+deb10u1_amd64.buildinfo
Files:
 4a9d77f7214616b4daf0f24b993dc3a8 2593 libs optional libyang_0.16.105-1+deb10u1.dsc
 517b25fcb3aca7e8bd238f28ed634b60 19660 libs optional libyang_0.16.105-1+deb10u1.debian.tar.xz
 f223c36998b0bf297fdd88b7f078b5b8 10658 libs optional libyang_0.16.105-1+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAl66TPBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcIDPRAApUgCle6BaNeA5UI1WboZy8cEFeUhXOUkAG7iWa1rrSoFr0BGbCvHPY1L
C0WEkxJTL/xRxZOJUMhOvPgAzyNYET5Xyd4/dKqR++MA7qVmrm5+asi+jO/7I6E3
RWrN/fRokyomlY9fqxbgWMMzZumoNrqFpBPQngF3FLYoPMk/tjB4azL5wuIM5vVF
L6JC7CaVBEmgEhHo2wPVCloYyoXrnaKhy5JZlWWUz6zUD18+5jUA8ArDOE3VhNAh
HUkvLfrzoYPbR0Sk4YGQ8lrmdtsAgTgnyv9s3ops9nRKkWq6ZZrmNGAiPGDarqK4
J30DmQodTk6+If1Xm3AyQik7UFaXbT9mU889Wwf2e3EbElR/eX4vTjNf8Q3Y1gNy
V9kVYtLn3awA8mC8ObCEw+QkriiSui5KhheqnwQDdD28DrAEEX3G0rKGnBR03upU
YZG/7ych93xcfGsyqIXTUN5O2I3go155oNmcqmhWnv8MBhmdFgtn8wfNqSQ99fGo
Zv1q6VJwnt/af3FI3jZTPsiTbasbEzVX07rAL+N5p8auJBqttI4X9dncpNHR4ZdQ
Vm85Bn+7v2OWqh87+xj8xeIC8M5nxiNX0BANKRHz9iPcyBvsZUiBZnYk+7O/mHFe
g/UE8h7MOGIvsAktXZscfKSez9cD8Zk+tAhkkHgcN6CGYyNJSQY=
=q52B
-----END PGP SIGNATURE-----

Attachment: libyang_0.16.105-1+deb10u1.debian.tar.xz
Description: application/xz

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.0
Source: libyang
Binary: libyang0.16 libyang-dev yang-tools libyang-cpp0.16 libyang-cpp-dev python3-yang python3-yang-dbg
Architecture: amd64 source
Version: 0.16.105-1+deb10u1
Checksums-Md5:
 4a9d77f7214616b4daf0f24b993dc3a8 2593 libyang_0.16.105-1+deb10u1.dsc
 7aba4858ffaa5684e57af1974a703895 18944 libyang-cpp-dev_0.16.105-1+deb10u1_amd64.deb
 56b0d84cfbc8abcf56595a34a3f206ea 1419060 libyang-cpp0.16-dbgsym_0.16.105-1+deb10u1_amd64.deb
 3bc4f514726ccb4b8fc9427b484035ab 66220 libyang-cpp0.16_0.16.105-1+deb10u1_amd64.deb
 f9b2f0d612b1076a8a6a4f813f9dd115 86688 libyang-dev_0.16.105-1+deb10u1_amd64.deb
 429149109e3f782fc4062f26e42421c0 1166800 libyang0.16-dbgsym_0.16.105-1+deb10u1_amd64.deb
 d2731834327d15c9b11da12bd64c676c 393208 libyang0.16_0.16.105-1+deb10u1_amd64.deb
 2712d1b3841c1116519593f6b9e6485e 11964228 python3-yang-dbg_0.16.105-1+deb10u1_amd64.deb
 fdec25401f7717749e9fd193235e4ae4 424104 python3-yang_0.16.105-1+deb10u1_amd64.deb
 fefb0f30f97eb1d6c6bbefc8f535fbd3 96564 yang-tools-dbgsym_0.16.105-1+deb10u1_amd64.deb
 c0f51f33be0a7f50ced62b83651ea27c 79384 yang-tools_0.16.105-1+deb10u1_amd64.deb
Checksums-Sha1:
 bf53eda0662705a33995d79082827488c8fd325a 2593 libyang_0.16.105-1+deb10u1.dsc
 97a26692a6f4246f19a63c780808a6ec5479965f 18944 libyang-cpp-dev_0.16.105-1+deb10u1_amd64.deb
 03ba25a6f7762ec70db159c552aa8ee6391bf98c 1419060 libyang-cpp0.16-dbgsym_0.16.105-1+deb10u1_amd64.deb
 536cf89d943602ed2bf48afd1dede0d12fffc77c 66220 libyang-cpp0.16_0.16.105-1+deb10u1_amd64.deb
 0784bc2b3e646e5743389d90b5e3f4a4747ef574 86688 libyang-dev_0.16.105-1+deb10u1_amd64.deb
 5eff26190f73894a25566ec848af187beb198b80 1166800 libyang0.16-dbgsym_0.16.105-1+deb10u1_amd64.deb
 29cf60594b545c4d8aa574b6dd4341d6bf2d2056 393208 libyang0.16_0.16.105-1+deb10u1_amd64.deb
 16231b3f40f76be8255a65839f9644967f7e83f9 11964228 python3-yang-dbg_0.16.105-1+deb10u1_amd64.deb
 f3123f967cc1c8a1f47f6b8588641d3e73087946 424104 python3-yang_0.16.105-1+deb10u1_amd64.deb
 5288b55734632bd4b76b1b41226190b250b65ae8 96564 yang-tools-dbgsym_0.16.105-1+deb10u1_amd64.deb
 a8603ba98e3228ba1e7677d646a452c129c66ce5 79384 yang-tools_0.16.105-1+deb10u1_amd64.deb
Checksums-Sha256:
 a96584d1832a282119329180f647c0292811ab0fcc6d80ded26f9770f89a945d 2593 libyang_0.16.105-1+deb10u1.dsc
 8f59535fcaa8393bdcb1717271284020b90c78730bc3d8dc5c2bba980b613615 18944 libyang-cpp-dev_0.16.105-1+deb10u1_amd64.deb
 67de02e5d460a90a7aa2d01d14deeca5d2625dc324f2d8af9118c07a935ae130 1419060 libyang-cpp0.16-dbgsym_0.16.105-1+deb10u1_amd64.deb
 a2ed30c78de56eae48969fbef845c15a2e4d38eb9937791dd3c585d90e0b6fa7 66220 libyang-cpp0.16_0.16.105-1+deb10u1_amd64.deb
 9f441777f18117bedfac0d25d064025f044967cdccaf08ac4e4e1fc1d7d0dd60 86688 libyang-dev_0.16.105-1+deb10u1_amd64.deb
 4bc88de6772ccefde1915ed045c5b226f71670272b7d711c6a9f74255083a05b 1166800 libyang0.16-dbgsym_0.16.105-1+deb10u1_amd64.deb
 4c30ac06f0eb13e805b32962d090fa10d23aa80661038acfe2a8eabd1290d744 393208 libyang0.16_0.16.105-1+deb10u1_amd64.deb
 e8e2e57e1bd03240474587a261a7a8ce0eeed1d47e89916a35a837937161f8c3 11964228 python3-yang-dbg_0.16.105-1+deb10u1_amd64.deb
 5b833995bcd9b957041385402eb3a51cf55dddb68deec63e54aba28c47794aef 424104 python3-yang_0.16.105-1+deb10u1_amd64.deb
 29d7329112ba7379c60b1305494368cb2da1a9fd2f0ec65a3ad70235ad44c5ce 96564 yang-tools-dbgsym_0.16.105-1+deb10u1_amd64.deb
 4040309b292bace49b5f09ec0fdb1cc580b2b08fd9ce2204f0e7ebaef2c5dec4 79384 yang-tools_0.16.105-1+deb10u1_amd64.deb
Build-Origin: Debian
Build-Architecture: amd64
Build-Date: Tue, 12 May 2020 09:08:28 +0200
Build-Path: /build/libyang-umzENo/libyang-0.16.105
Installed-Build-Depends:
 autoconf (= 2.69-11),
 automake (= 1:1.16.1-4),
 autopoint (= 0.19.8.1-9),
 autotools-dev (= 20180224.1),
 base-files (= 10.3+deb10u4),
 base-passwd (= 3.5.46),
 bash (= 5.0-4),
 binutils (= 2.31.1-16),
 binutils-common (= 2.31.1-16),
 binutils-x86-64-linux-gnu (= 2.31.1-16),
 bison (= 2:3.3.2.dfsg-1),
 bsdmainutils (= 11.1.2+b1),
 bsdutils (= 1:2.33.1-0.1),
 build-essential (= 12.6),
 bzip2 (= 1.0.6-9.2~deb10u1),
 cmake (= 3.13.4-1),
 cmake-data (= 3.13.4-1),
 coreutils (= 8.30-3),
 cpp (= 4:8.3.0-1),
 cpp-8 (= 8.3.0-6),
 dash (= 0.5.10.2-5),
 debconf (= 1.5.71),
 debhelper (= 12.1.1),
 debianutils (= 4.8.6.1),
 dh-autoreconf (= 19),
 dh-python (= 3.20190308),
 dh-strip-nondeterminism (= 1.1.2-1),
 diffutils (= 1:3.7-3),
 dpkg (= 1.19.7),
 dpkg-dev (= 1.19.7),
 dwz (= 0.12-3),
 fdisk (= 2.33.1-0.1),
 file (= 1:5.35-4+deb10u1),
 findutils (= 4.6.0+git+20190209-2),
 g++ (= 4:8.3.0-1),
 g++-8 (= 8.3.0-6),
 gcc (= 4:8.3.0-1),
 gcc-8 (= 8.3.0-6),
 gcc-8-base (= 8.3.0-6),
 gettext (= 0.19.8.1-9),
 gettext-base (= 0.19.8.1-9),
 grep (= 3.3-1),
 groff-base (= 1.22.4-3),
 gzip (= 1.9-3),
 hostname (= 3.21),
 init-system-helpers (= 1.56+nmu1),
 install-info (= 6.5.0.dfsg.1-4+b1),
 intltool-debian (= 0.35.0+20060710.5),
 libacl1 (= 2.2.53-4),
 libarchive-zip-perl (= 1.64-1),
 libarchive13 (= 3.3.3-4+deb10u1),
 libasan5 (= 8.3.0-6),
 libatomic1 (= 8.3.0-6),
 libattr1 (= 1:2.4.48-4),
 libaudit-common (= 1:2.8.4-3),
 libaudit1 (= 1:2.8.4-3),
 libbinutils (= 2.31.1-16),
 libbison-dev (= 2:3.3.2.dfsg-1),
 libblkid1 (= 2.33.1-0.1),
 libbsd0 (= 0.9.1-2),
 libbz2-1.0 (= 1.0.6-9.2~deb10u1),
 libc-bin (= 2.28-10),
 libc-dev-bin (= 2.28-10),
 libc6 (= 2.28-10),
 libc6-dev (= 2.28-10),
 libcap-ng0 (= 0.7.9-2),
 libcc1-0 (= 8.3.0-6),
 libcmocka-dev (= 1.1.3-1),
 libcmocka0 (= 1.1.3-1),
 libcom-err2 (= 1.44.5-1+deb10u3),
 libcroco3 (= 0.6.12-3),
 libcurl4 (= 7.64.0-4+deb10u1),
 libdb5.3 (= 5.3.28+dfsg1-0.5),
 libdebconfclient0 (= 0.249),
 libdpkg-perl (= 1.19.7),
 libelf1 (= 0.176-1.1),
 libexpat1 (= 2.2.6-2+deb10u1),
 libexpat1-dev (= 2.2.6-2+deb10u1),
 libfdisk1 (= 2.33.1-0.1),
 libffi6 (= 3.2.1-9),
 libfile-stripnondeterminism-perl (= 1.1.2-1),
 libgcc-8-dev (= 8.3.0-6),
 libgcc1 (= 1:8.3.0-6),
 libgcrypt20 (= 1.8.4-5),
 libgdbm-compat4 (= 1.18.1-4),
 libgdbm6 (= 1.18.1-4),
 libglib2.0-0 (= 2.58.3-2+deb10u2),
 libgmp10 (= 2:6.1.2+dfsg-4),
 libgnutls30 (= 3.6.7-4+deb10u3),
 libgomp1 (= 8.3.0-6),
 libgpg-error0 (= 1.35-1),
 libgssapi-krb5-2 (= 1.17-3),
 libhogweed4 (= 3.4.1-1),
 libicu63 (= 63.1-6+deb10u1),
 libidn2-0 (= 2.0.5-1+deb10u1),
 libisl19 (= 0.20-2),
 libitm1 (= 8.3.0-6),
 libjsoncpp1 (= 1.7.4-3),
 libk5crypto3 (= 1.17-3),
 libkeyutils1 (= 1.6-6),
 libkrb5-3 (= 1.17-3),
 libkrb5support0 (= 1.17-3),
 libldap-2.4-2 (= 2.4.47+dfsg-3+deb10u2),
 libldap-common (= 2.4.47+dfsg-3+deb10u2),
 liblsan0 (= 8.3.0-6),
 liblz4-1 (= 1.8.3-1),
 liblzma5 (= 5.2.4-1),
 libmagic-mgc (= 1:5.35-4+deb10u1),
 libmagic1 (= 1:5.35-4+deb10u1),
 libmount1 (= 2.33.1-0.1),
 libmpc3 (= 1.1.0-1),
 libmpdec2 (= 2.4.2-2),
 libmpfr6 (= 4.0.2-1),
 libmpx2 (= 8.3.0-6),
 libncurses6 (= 6.1+20181013-2+deb10u2),
 libncursesw6 (= 6.1+20181013-2+deb10u2),
 libnettle6 (= 3.4.1-1),
 libnghttp2-14 (= 1.36.0-2+deb10u1),
 libp11-kit0 (= 0.23.15-2),
 libpam-modules (= 1.3.1-5),
 libpam-modules-bin (= 1.3.1-5),
 libpam-runtime (= 1.3.1-5),
 libpam0g (= 1.3.1-5),
 libpcre16-3 (= 2:8.39-12),
 libpcre3 (= 2:8.39-12),
 libpcre3-dev (= 2:8.39-12),
 libpcre32-3 (= 2:8.39-12),
 libpcrecpp0v5 (= 2:8.39-12),
 libperl5.28 (= 5.28.1-6),
 libpipeline1 (= 1.5.1-2),
 libprocps7 (= 2:3.3.15-2),
 libpsl5 (= 0.20.2-2),
 libpython3-all-dbg (= 3.7.3-1),
 libpython3-all-dev (= 3.7.3-1),
 libpython3-dbg (= 3.7.3-1),
 libpython3-dev (= 3.7.3-1),
 libpython3-stdlib (= 3.7.3-1),
 libpython3.7 (= 3.7.3-2+deb10u1),
 libpython3.7-dbg (= 3.7.3-2+deb10u1),
 libpython3.7-dev (= 3.7.3-2+deb10u1),
 libpython3.7-minimal (= 3.7.3-2+deb10u1),
 libpython3.7-stdlib (= 3.7.3-2+deb10u1),
 libquadmath0 (= 8.3.0-6),
 libreadline7 (= 7.0-5),
 librhash0 (= 1.3.8-1),
 librtmp1 (= 2.4+20151223.gitfa8646d.1-2),
 libsasl2-2 (= 2.1.27+dfsg-1+deb10u1),
 libsasl2-modules-db (= 2.1.27+dfsg-1+deb10u1),
 libseccomp2 (= 2.3.3-4),
 libselinux1 (= 2.8-1+b1),
 libsigsegv2 (= 2.12-2),
 libsmartcols1 (= 2.33.1-0.1),
 libsqlite3-0 (= 3.27.2-3),
 libssh2-1 (= 1.8.0-2.1),
 libssl1.1 (= 1.1.1d-0+deb10u3),
 libstdc++-8-dev (= 8.3.0-6),
 libstdc++6 (= 8.3.0-6),
 libsystemd0 (= 241-7~deb10u4),
 libtasn1-6 (= 4.13-3),
 libtinfo6 (= 6.1+20181013-2+deb10u2),
 libtool (= 2.4.6-9),
 libtsan0 (= 8.3.0-6),
 libubsan1 (= 8.3.0-6),
 libuchardet0 (= 0.0.6-3),
 libudev1 (= 241-7~deb10u4),
 libunistring2 (= 0.9.10-1),
 libuuid1 (= 2.33.1-0.1),
 libuv1 (= 1.24.1-1),
 libxml2 (= 2.9.4+dfsg1-7+b3),
 libzstd1 (= 1.3.8+dfsg-3),
 linux-libc-dev (= 4.19.118-2),
 login (= 1:4.5-1.1),
 lsb-base (= 10.2019051400),
 m4 (= 1.4.18-2),
 make (= 4.2.1-1.2),
 man-db (= 2.8.5-2),
 mawk (= 1.3.3-17+b3),
 mime-support (= 3.62),
 ncurses-base (= 6.1+20181013-2+deb10u2),
 ncurses-bin (= 6.1+20181013-2+deb10u2),
 patch (= 2.7.6-3+deb10u1),
 perl (= 5.28.1-6),
 perl-base (= 5.28.1-6),
 perl-modules-5.28 (= 5.28.1-6),
 pkg-config (= 0.29-6),
 po-debconf (= 1.0.21),
 procps (= 2:3.3.15-2),
 python3 (= 3.7.3-1),
 python3-all (= 3.7.3-1),
 python3-all-dbg (= 3.7.3-1),
 python3-all-dev (= 3.7.3-1),
 python3-dbg (= 3.7.3-1),
 python3-dev (= 3.7.3-1),
 python3-distutils (= 3.7.3-1),
 python3-lib2to3 (= 3.7.3-1),
 python3-minimal (= 3.7.3-1),
 python3.7 (= 3.7.3-2+deb10u1),
 python3.7-dbg (= 3.7.3-2+deb10u1),
 python3.7-dev (= 3.7.3-2+deb10u1),
 python3.7-minimal (= 3.7.3-2+deb10u1),
 readline-common (= 7.0-5),
 sed (= 4.7-1),
 sensible-utils (= 0.0.12),
 swig (= 3.0.12-2),
 swig3.0 (= 3.0.12-2),
 sysvinit-utils (= 2.93-8),
 tar (= 1.30+dfsg-6),
 util-linux (= 2.33.1-0.1),
 xz-utils (= 5.2.4-1),
 zlib1g (= 1:1.2.11.dfsg-1)
Environment:
 DEB_BUILD_OPTIONS="parallel=8"
 LANG="en_IE.UTF-8"
 LC_ALL="C.UTF-8"
 LD_LIBRARY_PATH="/usr/lib/libeatmydata"
 SOURCE_DATE_EPOCH="1589266976"

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAl66TPBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcKXxA//czNMWBqv18gMU8gtjA/d0dNq/0Ext6OSx3eEwdF8b41eZYdD77rE5C5+
zMM/gakwEKqW3Bo/x9lcnFM/r/WMLeUUxI9v8vZf3JygZO2bo5Q5il2AJeQ7ns7E
e2Mz5qI9GWO23R2uEm0eHa1EENYlzZzL9t6a6tfq9ThS9w804nXnW1Z1NpXRZEGl
Q5TXAX0e6MHkvZ1N38B78A80wyS79UrCnywDkHbsTAnEqP8KLmQqjG/UhhQ5o/2f
nW4rxLhQEHxYpOzU9KCXKDTYtzmapQ/lV1WbQC/UqT8LAgYVxa3dVqvz0pvlNPIK
uvrqvLdFYMQLP9DNdGGoztINURpI3Gq7zCjTlzMfxiQfJwvK5w3D/1L3m1jTNgbt
ACP773WRucxYfObsX7S9tUw9PWWQkKzFwh496s0VDevkZCqM+bxZBLTfzicTSPoP
VqBwn8mHw6bB0lmga/1TAOmomW3hQrm1ne8WjIcaRCwkrTPuZzL9krMvth+OLW2p
KwNtwxJXvL9U3xx7HX9ipiXsxo0/nUPQ515DAWw8t4uuJCdyI0ltJq40iSYUhWey
fSyalIiX7+8m/4XL+KLzeivnGXl/7sn1oPxsntDmmgD9IKacLpQaJxFw/BEIdLRM
pdMMJ5y/6vqmKT6+PykwplHqdeh46auCEuJbjG7cFpNyzLRAO5Q=
=Z5YE
-----END PGP SIGNATURE-----

--- End Message ---

--- Begin Message ---

To: 931678-done@bugs.debian.org, 947351-done@bugs.debian.org, 947758-done@bugs.debian.org, 948652-done@bugs.debian.org, 953763-done@bugs.debian.org, 954020-done@bugs.debian.org, 954716-done@bugs.debian.org, 959661-done@bugs.debian.org, 959890-done@bugs.debian.org, 960020-done@bugs.debian.org, 960376-done@bugs.debian.org, 960395-done@bugs.debian.org, 960575-done@bugs.debian.org, 960600-done@bugs.debian.org, 960804-done@bugs.debian.org, 960806-done@bugs.debian.org, 960836-done@bugs.debian.org, 960885-done@bugs.debian.org, 960974-done@bugs.debian.org, 961019-done@bugs.debian.org, 961212-done@bugs.debian.org, 961275-done@bugs.debian.org, 961379-done@bugs.debian.org, 961439-done@bugs.debian.org, 961441-done@bugs.debian.org, 961514-done@bugs.debian.org, 961803-done@bugs.debian.org, 961833-done@bugs.debian.org, 961921-done@bugs.debian.org, 961936-done@bugs.debian.org, 961944-done@bugs.debian.org, 961978-done@bugs.debian.org, 962059-done@bugs.debian.org, 962067-done@bugs.debian.org, 962160-done@bugs.debian.org, 962227-done@bugs.debian.org, 962237-done@bugs.debian.org, 962255-done@bugs.debian.org, 962306-done@bugs.debian.org, 962982-done@bugs.debian.org, 963024-done@bugs.debian.org, 963267-done@bugs.debian.org, 963591-done@bugs.debian.org, 963595-done@bugs.debian.org, 963694-done@bugs.debian.org, 963796-done@bugs.debian.org, 963940-done@bugs.debian.org, 963986-done@bugs.debian.org, 964146-done@bugs.debian.org, 964158-done@bugs.debian.org, 964228-done@bugs.debian.org, 964338-done@bugs.debian.org, 964346-done@bugs.debian.org, 964350-done@bugs.debian.org, 964397-done@bugs.debian.org, 964412-done@bugs.debian.org, 964417-done@bugs.debian.org, 964422-done@bugs.debian.org, 964435-done@bugs.debian.org, 964574-done@bugs.debian.org, 964589-done@bugs.debian.org, 964712-done@bugs.debian.org, 964714-done@bugs.debian.org, 964715-done@bugs.debian.org, 964726-done@bugs.debian.org, 964740-done@bugs.debian.org, 964792-done@bugs.debian.org, 964807-done@bugs.debian.org, 964808-done@bugs.debian.org, 964860-done@bugs.debian.org, 964868-done@bugs.debian.org, 964898-done@bugs.debian.org, 964986-done@bugs.debian.org, 965116-done@bugs.debian.org, 965117-done@bugs.debian.org, 965257-done@bugs.debian.org, 965377-done@bugs.debian.org, 966151-done@bugs.debian.org, 966213-done@bugs.debian.org, 966247-done@bugs.debian.org, 966272-done@bugs.debian.org, 966310-done@bugs.debian.org

Subject: Closing bugs for fixes included in 10.5 point release

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Sat, 01 Aug 2020 12:51:28 +0100

Message-id: <43535efb498a168cf81452ca0c326f004f46adc6.camel@adam-barratt.org.uk>
Package: release.debian.org
Version: 10.5

Hi,

Each of these bugs relates to an update that was included in today's
stable point release.

Regards,

Adam
--- End Message ---

Reply to:

Prev by Date: Bug#960020: marked as done (buster-pu: package bundler/1.17.3-3+deb10u1)
Next by Date: Bug#960575: marked as done (buster-pu: package node-dot-prop/4.1.1-1+deb10u2)
Previous by thread: Bug#960020: marked as done (buster-pu: package bundler/1.17.3-3+deb10u1)
Next by thread: Bug#960575: marked as done (buster-pu: package node-dot-prop/4.1.1-1+deb10u2)
Index(es):
- Date
- Thread