Bug#1036234: marked as done (unblock: krb5/1.20.1-2)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Wed, 17 May 2023 22:25:09 +0000
with message-id <E1pzPa1-005G1h-AD@respighi.debian.org>
and subject line unblock krb5
has caused the Debian Bug report #1036234,
regarding unblock: krb5/1.20.1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1036234: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036234
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: krb5/1.20.1-2
• From: Sam Hartman <hartmans@debian.org>
• Date: Wed, 17 May 2023 12:56:03 -0600
• Message-id: <[🔎] 168434976373.425824.1294813613398692147.reportbug@industrial-algebra.suchdamage.org>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: krb5@packages.debian.org
Control: affects -1 + src:krb5

Please unblock package krb5


[ Reason ]

My fix for 1020424 was incomplete.
Even with that fix applied, you can end up installing the new crypto library with the old libkrb5support.
Unfortunately because of some internal changes  that can cause segfaults.
I've changed the .symbols file, and now libk5crypto depends on the new libkrb5support.
As a consequence the entire krb5 library upgrade from bullseye to bookworm needs to be done lockstep.
I try to avoid that, but apt appears to deal with it fine.


[ Impact ]
If the user mixes krb5 library versions from bullseye and bookworm they can get segfaults until they upgrade fully.



[ Tests ]
I've confirmed that libk5crypto3 now has tight dependencies manually.


[ Risks ]

Very minimal diff.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
diff --git a/debian/changelog b/debian/changelog
index cc56e29b95..39cc059e25 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+krb5 (1.20.1-2) unstable; urgency=medium
+
+  * Tighten dependencies on libkrb5support0.  This means that the entire
+    upgrade from bullseye to bookworm needs to be lockstep, but it appears
+    that's what is required, Closes: #1036055
+  
+
+ -- Sam Hartman <hartmans@debian.org>  Mon, 15 May 2023 17:44:41 -0600
+
 krb5 (1.20.1-1) unstable; urgency=high
 
   [ Bastian Germann ]
diff --git a/debian/libkrb5support0.symbols b/debian/libkrb5support0.symbols
index 827d80898a..5c3de884f5 100644
--- a/debian/libkrb5support0.symbols
+++ b/debian/libkrb5support0.symbols
@@ -65,8 +65,8 @@ libkrb5support.so.0 libkrb5support0 #MINVER#
  k5_set_error_info_callout_fn@krb5support_0_MIT 1.12~alpha1+dfsg
  k5_siphash24@krb5support_0_MIT 1.18.2
  k5_strerror_r@krb5support_0_MIT 1.13~alpha1+dfsg
- k5_utf16le_to_utf8@krb5support_0_MIT 1.16
- k5_utf8_to_utf16le@krb5support_0_MIT 1.16
+ k5_utf16le_to_utf8@krb5support_0_MIT 1.20
+ k5_utf8_to_utf16le@krb5support_0_MIT 1.20
  k5_vset_error@krb5support_0_MIT 1.12~alpha1+dfsg
  krb5int_close_plugin@krb5support_0_MIT 1.7dfsg~beta2
  krb5int_close_plugin_dirs@krb5support_0_MIT 1.7dfsg~beta2


unblock krb5/1.20.1-2

--- End Message ---

--- Begin Message ---

• To: 1036234-done@bugs.debian.org
• Subject: unblock krb5
• From: Sebastian Ramacher <sramacher@respighi.debian.org>
• Date: Wed, 17 May 2023 22:25:09 +0000
• Message-id: <E1pzPa1-005G1h-AD@respighi.debian.org>

Unblocked.

--- End Message ---