--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: buster-pu: package dwarf-fortress/0.44.12+dfsg1-0+deb10u1
- From: Sven Bartscher <kritzefitz@debian.org>
- Date: Wed, 31 Mar 2021 20:59:45 +0200
- Message-id: <161721718511.45881.17101207013040001740.reportbug@sven.bartscher>
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
[ Reason ]
It has been noted in #986119 that the upstream release tarballs for
dwarf-fortress include shared libraries but no corresponding source
code is available. The shared libraries in question are licensed under
GPL and thus not distributable without source code.
The affected files are not shipped in any binary packages. This
update fixes the issue by repacking the source tarballs to exclude
those files.
[ Impact ]
The package currently in buster is not distributable in its
current form, so it has to be either updated or entirely removed from
buster to cease violating the licenses of the affected files.
[ Tests ]
The now excluded files were not shipped in any binary package or used
in the build process. Their removal should not have any affect on the
binary packages. I confirmed (using diffoscope) that the built debian
packages do not differ in content except in expected ways due to
changed package metadata.
I also manually confirmed that the game can be successfully started
and basic interactions inside the game still work.
[ Risks ]
Since the removed files are not part of any binary packages, it can be
easily confirmed that their removal has no negative effect. I see
virtually no risk introduced by this update.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
The source tarball has been repacked to exclude these files:
* libs/libgcc_s.so.1
* libs/libstdc++.so.6
* libs/libgcc_s.so.1
* libs/libstdc++.so.6
Additionally a note about the repacked tarball has been added to
debian/copyright and the version mangling in debian/watch has been
updated to deal with the new +dsfg1 version suffix.
Binärdateien /tmp/OJJcX56xZH/dwarf-fortress-0.44.12/amd64/libs/libgcc_s.so.1 und /tmp/JM3ObfSHmq/dwarf-fortress-0.44.12+dfsg1/amd64/libs/libgcc_s.so.1 sind verschieden.
Binärdateien /tmp/OJJcX56xZH/dwarf-fortress-0.44.12/amd64/libs/libstdc++.so.6 und /tmp/JM3ObfSHmq/dwarf-fortress-0.44.12+dfsg1/amd64/libs/libstdc++.so.6 sind verschieden.
diff -Nru dwarf-fortress-0.44.12/debian/changelog dwarf-fortress-0.44.12+dfsg1/debian/changelog
--- dwarf-fortress-0.44.12/debian/changelog 2018-07-08 15:03:52.000000000 +0200
+++ dwarf-fortress-0.44.12+dfsg1/debian/changelog 2021-03-31 19:01:19.000000000 +0200
@@ -1,3 +1,10 @@
+dwarf-fortress (0.44.12+dfsg1-0+deb10u1) buster; urgency=high
+
+ * Remove unnecessary code copies with license violations from source
+ tarball. (Closes: #986119)
+
+ -- Sven Bartscher <kritzefitz@debian.org> Wed, 31 Mar 2021 19:01:19 +0200
+
dwarf-fortress (0.44.12-1) unstable; urgency=medium
* New upstream version
diff -Nru dwarf-fortress-0.44.12/debian/copyright dwarf-fortress-0.44.12+dfsg1/debian/copyright
--- dwarf-fortress-0.44.12/debian/copyright 2018-07-08 14:13:41.000000000 +0200
+++ dwarf-fortress-0.44.12+dfsg1/debian/copyright 2021-03-31 19:01:19.000000000 +0200
@@ -11,6 +11,15 @@
do not grant all freedoms required by the DFSG. No modifications of
the included binaries are permitted, and the binaries are not
distributed with source code.
+Comment:
+ Some files have been removed from the original source tarballs, because
+ they are licensed under the GPL, but no source is available for them.
+Files-Excluded-amd64:
+ libs/libgcc_s.so.1
+ libs/libstdc++.so.6
+Files-Excluded-i386:
+ libs/libgcc_s.so.1
+ libs/libstdc++.so.6
Files: *
Copyright: 2002-2018 Tarn Adams. All rights reserved.
diff -Nru dwarf-fortress-0.44.12/debian/watch dwarf-fortress-0.44.12+dfsg1/debian/watch
--- dwarf-fortress-0.44.12/debian/watch 2018-06-24 13:22:23.000000000 +0200
+++ dwarf-fortress-0.44.12+dfsg1/debian/watch 2021-03-31 19:01:19.000000000 +0200
@@ -1,7 +1,7 @@
version=4
-opts="uversionmangle=s/^/0./,component=amd64" \
+opts="uversionmangle=s/^/0./,dversionmangle=s/\+dfsg\d+//,component=amd64" \
http://bay12games.com/dwarves/older_versions.html \
df_(\d+)_(\d+)_linux@ARCHIVE_EXT@ debian
-opts="uversionmangle=s/^/0./,component=i386" \
+opts="uversionmangle=s/^/0./,dversionmangle=s/\+dfsg\d+//,component=i386" \
http://bay12games.com/dwarves/older_versions.html \
df_(\d+)_(\d+)_linux32@ARCHIVE_EXT@ same
Binärdateien /tmp/OJJcX56xZH/dwarf-fortress-0.44.12/i386/libs/libgcc_s.so.1 und /tmp/JM3ObfSHmq/dwarf-fortress-0.44.12+dfsg1/i386/libs/libgcc_s.so.1 sind verschieden.
Binärdateien /tmp/OJJcX56xZH/dwarf-fortress-0.44.12/i386/libs/libstdc++.so.6 und /tmp/JM3ObfSHmq/dwarf-fortress-0.44.12+dfsg1/i386/libs/libstdc++.so.6 sind verschieden.
--- End Message ---