Bug#990695: unblock: uif/1.1.9-5
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package uif
[ Reason ]
I recently discovered that uif stopped setting up the kernel firewall
(via iptables-legacy still) on a Debian bullseye systems.
I only got around to investigating this today, so I came up with a patch
that replaces single quotes by double quotes when opening pipes.
[ Impact ]
People using uif will have a dysfunctional firewall.
[ Tests ]
Manual tests and debugging to come up with a patch.
[ Risks ]
None, uif is a leaf package.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
None.
unblock uif/1.1.9-5
diff -Nru uif-1.1.9/debian/changelog uif-1.1.9/debian/changelog
--- uif-1.1.9/debian/changelog 2021-03-26 21:09:26.000000000 +0100
+++ uif-1.1.9/debian/changelog 2021-07-04 22:59:36.000000000 +0200
@@ -1,3 +1,17 @@
+uif (1.1.9-5) unstable; urgency=medium
+
+ * debian/patches:
+ + Add 1003_correctly-quote-when-opening-pipe.patch. Use double quotes in
+ open statement to properly evaluate variables. (Closes: #990692).
+
+ -- Mike Gabriel <sunweaver@debian.org> Sun, 04 Jul 2021 22:59:36 +0200
+
+uif (1.1.9-4) unstable; urgency=medium
+
+ * debian/watch: Fix Github watch URL.
+
+ -- Mike Gabriel <sunweaver@debian.org> Wed, 28 Apr 2021 22:27:57 +0200
+
uif (1.1.9-3) unstable; urgency=medium
* debian/control:
diff -Nru uif-1.1.9/debian/patches/1003_correctly-quote-when-opening-pipe.patch uif-1.1.9/debian/patches/1003_correctly-quote-when-opening-pipe.patch
--- uif-1.1.9/debian/patches/1003_correctly-quote-when-opening-pipe.patch 1970-01-01 01:00:00.000000000 +0100
+++ uif-1.1.9/debian/patches/1003_correctly-quote-when-opening-pipe.patch 2021-07-04 22:54:57.000000000 +0200
@@ -0,0 +1,32 @@
+Description: Use double quotes in open statement to properly evaluate variables.
+Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
+
+--- a/uif.pl
++++ b/uif.pl
+@@ -1490,7 +1490,7 @@
+
+ @$Listing=map { $_."\n" } @$Listing;
+
+- open (IPT, '$iptables_save|');
++ open (IPT, "$iptables_save|");
+
+ @oldrules = <IPT>;
+ close (IPT);
+@@ -1500,7 +1500,7 @@
+ $SIG{'QUIT'} = 'signalCatcher';
+ $SIG{'TERM'} = 'signalCatcher';
+
+- open (IPT, '|$iptables_restore');
++ open (IPT, "|$iptables_restore");
+
+ print IPT @$Listing;
+ close (IPT);
+@@ -1510,7 +1510,7 @@
+ sleep $timeout;
+ }
+ if ($timeout || $SignalCatched || $error) {
+- open (IPT, '|$iptables_restore');
++ open (IPT, "|$iptables_restore");
+
+ print IPT @oldrules;
+ close (IPT);
diff -Nru uif-1.1.9/debian/patches/series uif-1.1.9/debian/patches/series
--- uif-1.1.9/debian/patches/series 2021-03-26 09:01:55.000000000 +0100
+++ uif-1.1.9/debian/patches/series 2021-07-04 22:50:02.000000000 +0200
@@ -1,2 +1,3 @@
1001_use-iptables-legacy.patch
1002_use-iptables-from-usr-sbin.patch
+1003_correctly-quote-when-opening-pipe.patch
diff -Nru uif-1.1.9/debian/watch uif-1.1.9/debian/watch
--- uif-1.1.9/debian/watch 2018-08-20 12:19:45.000000000 +0200
+++ uif-1.1.9/debian/watch 2021-04-28 22:27:41.000000000 +0200
@@ -1,4 +1,4 @@
version=3
opts=filenamemangle=s/.*\/v?([\d\.-]+)\.tar\.gz/uif-$1.tar.gz/ \
-https://github.com/cajus/uif/tags .*/archive/v?([\d\.]+).tar.gz
+https://github.com/cajus/uif/tags .*/archive/refs/tags/v?([\d\.]+).tar.gz
Reply to: