Bug#1035748: unblock: modsecurity/3.0.9-1

To: Paul Gevers <elbrus@debian.org>
Cc: Alberto Gonzalez Iniesta <agi@inittab.org>, 1035748@bugs.debian.org, Salvatore Bonaccorso <carnil@debian.org>
Subject: Bug#1035748: unblock: modsecurity/3.0.9-1
From: Ervin Hegedüs <airween@gmail.com>
Date: Fri, 2 Jun 2023 22:50:39 +0200
Message-id: <[🔎] 20230602205039.oldloa2traobiqjl@arxnet.hu>
Reply-to: Ervin Hegedüs <airween@gmail.com>, 1035748@bugs.debian.org
In-reply-to: <[🔎] 31384db2-6f68-19b4-450e-517fa21d2f8e@debian.org>
References: <168356261184.101117.8241276422866397839.reportbug@var.inittab.org> <168356261184.101117.8241276422866397839.reportbug@var.inittab.org> <168356261184.101117.8241276422866397839.reportbug@var.inittab.org> <3faeb882-55b5-f5b0-4f36-6501eb68234a@debian.org> <ZHJpFwGfHEwsHKv8@eldamar.lan> <168356261184.101117.8241276422866397839.reportbug@var.inittab.org> <ZHOr75P4ENeOgO9P@var.inittab.org> <[🔎] d611f386-9c5a-2694-ae78-6404f501a16a@debian.org> <[🔎] 20230601203926.k7j2ag7odftddonv@arxnet.hu> <[🔎] 31384db2-6f68-19b4-450e-517fa21d2f8e@debian.org> <168356261184.101117.8241276422866397839.reportbug@var.inittab.org>

On Fri, Jun 02, 2023 at 09:46:19PM +0200, Paul Gevers wrote:
> Hi,
> 
> On 01-06-2023 22:39, Ervin Hegedüs wrote:
> 
> > On Thu, Jun 01, 2023 at 09:52:06PM +0200, Paul Gevers wrote:
> > I think there is absolutely no risk. Bot package (libmodsecurity3
> > and libnginx-mod-http-modsecurity) is totally new packages, we
> > won't introduce any "unknown" issues.
> 
> Huh? src:modsecurity as been part of stable for at least two times.

yes, but nothing uses it. There is not any package which depends
on it.
 
> > these files (which created the huge diff) are generated by Bison.
> 
> Now that is extremely relevant information. Why wasn't that shared before
> (and filtered from the debdiff for that reason)?

I don't know... :(

> Does the same hold for all
> that .m4 stuff? Are those files recreated during the build?

I don't think that .m4 files are re-generated during the build
process.

The vendor of ModSecurity provides the generated Bison related
files, but it does not matter, because the generated files are
also have a huge diff.
 
> > (A side note: not these files (above) have huge diff, but the
> > derived ones: seclang-parser.cc, seclang-parser.hh,
> > seclang-scanner.cc)
> 
> But I didn't know... So, please tell me. Which files are generated?

In the upstream directory, here is the line which generates these
lines:

https://github.com/SpiderLabs/ModSecurity/blob/v3/master/src/parser/Makefile.am#L33

And these are the generated lines:

https://github.com/SpiderLabs/ModSecurity/blob/v3/master/src/parser/Makefile.am#L36-L42



a.

Reply to:

References:
- Bug#1035748: unblock: modsecurity/3.0.9-1
  - From: Paul Gevers <elbrus@debian.org>
- Bug#1035748: unblock: modsecurity/3.0.9-1
  - From: Ervin Hegedüs <airween@gmail.com>
- Bug#1035748: unblock: modsecurity/3.0.9-1
  - From: Paul Gevers <elbrus@debian.org>

Prev by Date: Bug#1037024: nmu: modsecurity-apache_2.9.7-1
Next by Date: Bug#1037025: marked as done (unblock: opensc/0.23.0-0.3)
Previous by thread: Bug#1035748: unblock: modsecurity/3.0.9-1
Next by thread: Bug#1037024: nmu: modsecurity-apache_2.9.7-1
Index(es):
- Date
- Thread