--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package winetricks
[ Reason ]
One of the main purposes of Winetricks is to download Windows software
and install them in the users Wine prefix (basically a Windows
installation in the user's home directory). Downloaded files are
verified against a hardcoded sha256sum. Since some software still
receive frequent updates some of these hashsums get outdated quite fast.
#986376 is about updating the hashsum of vcrun2019, which is required by
quite many Windows applications to run.
I updated the hashsum to fix this for now.
I also followed upstream suggestion to cherrypick a change which extends
the existing option "--force" to ignore hashsums, in order to give an
easy general longterm workaround for this issue.
[ Impact if the unblock isn't granted ]
Adjusting only the hashsums via stable-updates is not an option due too
the number of changes and the delay until a user may use Winetricks as
expected again.
Without the "--force"-workaround the usability of our winetricks package
will degrade during Bullseye's lifetime. (Which will still happen to
some lesser degree with this fix because download URLs will change.)
[ Tests ]
Upstream runs an automatic test suite which downloads and installs each
known software.
I manually tested
- 0.0+20210206-1 does not install vcrun2019
- 0.0+20210206-2 installs vcrun2019
- 0.0+20210206-2 with force accepts invalid hashsums.
[ Risks ]
The hashsum update is trivial.
The extension of the "--force" option is
- quite simple (in posix shell)
- in a specific function (no unexpected things expected)
- authored by upstream
- trivially cherrypicked.
Winetricks is a leaf package in contrib.
The best alternative for users is to install Winetricks (one shell
script) from upstream and use their autoupdate instead.
For this they may opt-in directly from the debian package
(sudo winetricks --self-update).
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in testing
[ Other info ]
Thanks for your work!
Greets
jre
unblock winetricks/0.0+20210206-2
diff -Nru winetricks-0.0+20210206/debian/changelog winetricks-0.0+20210206/debian/changelog
--- winetricks-0.0+20210206/debian/changelog 2021-02-07 01:18:11.000000000 +0100
+++ winetricks-0.0+20210206/debian/changelog 2021-04-13 22:05:56.000000000 +0200
@@ -1,3 +1,10 @@
+winetricks (0.0+20210206-2) unstable; urgency=medium
+
+ * Add patch to update vcrun2019 hashes. (Closes: #986376)
+ * Add upstream patch allowing using --force to ignore the sha256sum check.
+
+ -- Jens Reyer <jre.winesim@gmail.com> Tue, 13 Apr 2021 22:05:56 +0200
+
winetricks (0.0+20210206-1) unstable; urgency=medium
* New upstream release 20210206. (Closes: #961205, #981660)
diff -Nru winetricks-0.0+20210206/debian/patches/allow-using-force-to-ignore-the-sha256sum-check.patch winetricks-0.0+20210206/debian/patches/allow-using-force-to-ignore-the-sha256sum-check.patch
--- winetricks-0.0+20210206/debian/patches/allow-using-force-to-ignore-the-sha256sum-check.patch 1970-01-01 01:00:00.000000000 +0100
+++ winetricks-0.0+20210206/debian/patches/allow-using-force-to-ignore-the-sha256sum-check.patch 2021-04-13 22:03:58.000000000 +0200
@@ -0,0 +1,27 @@
+From: Austin English <austinenglish@gmail.com>
+Subject: w_verify_sha256sum: allow using --force to ignore the check
+Origin: upstream, https://github.com/Winetricks/winetricks/commit/fb824722d731cd8dfad6610d6449746e763d81ad
+Bug-Debian: https://bugs.debian.org/986376
+
+
+--- a/src/winetricks
++++ b/src/winetricks
+@@ -1352,13 +1352,17 @@ w_download_to()
+ ;;
+ esac
+
+- if test ! "${WINETRICKS_CONTINUE_DOWNLOAD}" ; then
++ if test "${WINETRICKS_FORCE}" != 1; then
+ case ${LANG} in
+ pl*) w_warn "Niezgodność sum kontrolnych dla ${_W_cache}/${_W_file}, pobieram ponownie" ;;
+ ru*) w_warn "Контрольная сумма файла ${_W_cache}/${_W_file} не совпадает, попытка повторной загрузки" ;;
+ *) w_warn "Checksum for ${_W_cache}/${_W_file} did not match, retrying download" ;;
+ esac
+ mv -f "${_W_cache}/${_W_file}" "${_W_cache}/${_W_file}".bak
++ else
++ w_warn "Checksum for ${_W_cache}/${_W_file} did not match, but --force was used, so ignoring and trying anyway."
++ checksum_ok=1
++ break
+ fi
+ else
+ # file exists, no checksum known, declare success and exit loop
diff -Nru winetricks-0.0+20210206/debian/patches/series winetricks-0.0+20210206/debian/patches/series
--- winetricks-0.0+20210206/debian/patches/series 2021-02-07 00:33:32.000000000 +0100
+++ winetricks-0.0+20210206/debian/patches/series 2021-04-13 22:03:20.000000000 +0200
@@ -1 +1,3 @@
disable-automatic-selfupdate.patch
+vcrun2019-update-hashes.patch
+allow-using-force-to-ignore-the-sha256sum-check.patch
diff -Nru winetricks-0.0+20210206/debian/patches/vcrun2019-update-hashes.patch winetricks-0.0+20210206/debian/patches/vcrun2019-update-hashes.patch
--- winetricks-0.0+20210206/debian/patches/vcrun2019-update-hashes.patch 1970-01-01 01:00:00.000000000 +0100
+++ winetricks-0.0+20210206/debian/patches/vcrun2019-update-hashes.patch 2021-04-13 21:45:24.000000000 +0200
@@ -0,0 +1,33 @@
+From: Jens Reyer <jre.winesim@gmail.com>
+Subject: vcrun2019: update hashes
+Origin: https://github.com/Winetricks/winetricks/commit/c472c9a365b3da0a7cc3decd399060eab8f21f96
+Bug: https://github.com/Winetricks/winetricks/pull/1744
+Bug-Debian: https://bugs.debian.org/986376
+
+
+--- a/src/winetricks
++++ b/src/winetricks
+@@ -12870,7 +12870,8 @@ load_vcrun2019()
+ # 2020/08/05: b4d433e2f66b30b478c0d080ccd5217ca2a963c16e90caf10b1e0592b7d8d519
+ # 2020/10/03: caa38fd474164a38ab47ac1755c8ccca5ccfacfa9a874f62609e6439924e87ec
+ # 2020/11/13: 50a3e92ade4c2d8f310a2812d46322459104039b9deadbd7fdd483b5c697c0c8
+- w_download https://aka.ms/vs/16/release/vc_redist.x86.exe 50a3e92ade4c2d8f310a2812d46322459104039b9deadbd7fdd483b5c697c0c8
++ # 2021/04/13: 14563755ac24a874241935ef2c22c5fce973acb001f99e524145113b2dc638c1
++ w_download https://aka.ms/vs/16/release/vc_redist.x86.exe 14563755ac24a874241935ef2c22c5fce973acb001f99e524145113b2dc638c1
+
+ w_override_dlls native,builtin api-ms-win-crt-private-l1-1-0 api-ms-win-crt-conio-l1-1-0 api-ms-win-crt-heap-l1-1-0 api-ms-win-crt-locale-l1-1-0 api-ms-win-crt-math-l1-1-0 api-ms-win-crt-runtime-l1-1-0 api-ms-win-crt-stdio-l1-1-0 api-ms-win-crt-time-l1-1-0 atl140 concrt140 msvcp140 msvcp140_1 msvcp140_2 msvcr140 ucrtbase vcomp140 vcruntime140
+
+@@ -12893,11 +12894,12 @@ load_vcrun2019()
+ # 2020/08/05: 952a0c6cb4a3dd14c3666ef05bb1982c5ff7f87b7103c2ba896354f00651e358
+ # 2020/10/03: 4b5890eb1aefdf8dfa3234b5032147eb90f050c5758a80901b201ae969780107
+ # 2020/11/13: b1a32c71a6b7d5978904fb223763263ea5a7eb23b2c44a0d60e90d234ad99178
++ # 2021/04/13: 52b196bbe9016488c735e7b41805b651261ffa5d7aa86eb6a1d0095be83687b2
+
+ # vcruntime140_1 is only shipped on x64:
+ w_override_dlls native,builtin vcruntime140_1
+
+- w_download https://aka.ms/vs/16/release/vc_redist.x64.exe b1a32c71a6b7d5978904fb223763263ea5a7eb23b2c44a0d60e90d234ad99178
++ w_download https://aka.ms/vs/16/release/vc_redist.x64.exe 52b196bbe9016488c735e7b41805b651261ffa5d7aa86eb6a1d0095be83687b2
+ w_try "${WINE}" vc_redist.x64.exe ${W_OPT_UNATTENDED:+/q}
+ ;;
+ esac
--- End Message ---