[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#989773: marked as done (unblock: xscreensaver/5.45+dfsg1-2)

Your message dated Mon, 14 Jun 2021 09:45:27 +0200
with message-id <YMcJF8NUCTlC3CGo@ramacher.at>
and subject line Re: Bug#989773: unblock: xscreensaver/5.45+dfsg1-2
has caused the Debian Bug report #989773,
regarding unblock: xscreensaver/5.45+dfsg1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
989773: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989773
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package xscreensaver

xscreensaver (5.45+dfsg1-2) unstable; urgency=medium

  * Do not assign raw net capability to "sonar" hack due to a security
    vulnerability in mesa (Closes: #987149)
  * Make sure is systemd unit is disabled if upgrading from previous
    two releases (Closes: #978589)
  * Do not enable screensaver on login screen (Closes: #979562, #988158)
  * Recommend needed font for unlock dialog (Closes: #978086)
  * Apply fix for crash on video output disconnection (Closes: #989508)

 -- Tormod Volden <debian.tormod@gmail.com>  Sun, 06 Jun 2021 12:25:19 +0200

Justification of the changes:

The fix for 987149 has been discussed with the security team. The change
is small, just disabling an extra feature of the "sonar" screensaver
hack/mode, and the code deals gracefully with lack of setuid or
capabilities.

The fix for 989508 was taken from QubesOS and I have also tested the
patched code.

The systemd unit was by mistake, and unnoticed, enabled by default in
a recent upload, and causes various issues, some of which are important
since they prevent screen locking. The change restores to the old
proven behaviour, we ship a systemd unit in the package but it is up
the user to enable it. In any case, it should not be run by the login
window system user.

The addition of the gsfonts-x11 package as an alternative Recommends is
important for being able to read the unlock dialog on all systems. The
potential harm of installing this package is very small. Extensively
investigated and tested by bug reporter and upstream.

Question:
The trivial addition of a missing " || true" in debian/rules* would fix
building on kfreebsd/hurd. Could that be considered?

Best regards,
Tormod

*) https://salsa.debian.org/debian/xscreensaver/-/commit/15d80e7ffe52375485a7d8df1d57a331da172ba4

unblock xscreensaver/5.45+dfsg1-2

Attachment: xscreensaver_5.45+dfsg1-2.debdiff
Description: Binary data


--- End Message ---
--- Begin Message --- 
On 2021-06-12 15:50:41 +0200, Tormod Volden wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Please unblock package xscreensaver

xscreensaver already migrated.

> 
> xscreensaver (5.45+dfsg1-2) unstable; urgency=medium
> 
>   * Do not assign raw net capability to "sonar" hack due to a security
>     vulnerability in mesa (Closes: #987149)
>   * Make sure is systemd unit is disabled if upgrading from previous
>     two releases (Closes: #978589)
>   * Do not enable screensaver on login screen (Closes: #979562, #988158)
>   * Recommend needed font for unlock dialog (Closes: #978086)
>   * Apply fix for crash on video output disconnection (Closes: #989508)
> 
>  -- Tormod Volden <debian.tormod@gmail.com>  Sun, 06 Jun 2021 12:25:19 +0200
> 
> Justification of the changes:
> 
> The fix for 987149 has been discussed with the security team. The change
> is small, just disabling an extra feature of the "sonar" screensaver
> hack/mode, and the code deals gracefully with lack of setuid or
> capabilities.
> 
> The fix for 989508 was taken from QubesOS and I have also tested the
> patched code.
> 
> The systemd unit was by mistake, and unnoticed, enabled by default in
> a recent upload, and causes various issues, some of which are important
> since they prevent screen locking. The change restores to the old
> proven behaviour, we ship a systemd unit in the package but it is up
> the user to enable it. In any case, it should not be run by the login
> window system user.
> 
> The addition of the gsfonts-x11 package as an alternative Recommends is
> important for being able to read the unlock dialog on all systems. The
> potential harm of installing this package is very small. Extensively
> investigated and tested by bug reporter and upstream.
> 
> Question:
> The trivial addition of a missing " || true" in debian/rules* would fix
> building on kfreebsd/hurd. Could that be considered?

I would prefer changes not relevant for bullseye to be deferred for
bookworm. This makes it easier to review unblock requests.

In any case, the change would be wrong. It would hide legitimate build
failures on other architectures. If this part of the build is not
supposed to run on kfreebsd-*, do not run it on kfreebsd.

Cheers

> 
> Best regards,
> Tormod
> 
> *) https://salsa.debian.org/debian/xscreensaver/-/commit/15d80e7ffe52375485a7d8df1d57a331da172ba4
> 
> unblock xscreensaver/5.45+dfsg1-2



-- 
Sebastian Ramacher

Attachment: signature.asc
Description: PGP signature


--- End Message ---
Reply to: