[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1038813: bullseye-pu: package aide/0.17.3-4+deb11u2

On Sat, Jun 24, 2023 at 10:13:58AM +0100, Adam D. Barratt wrote:
> I was about to say "nothing other than a little more patience", given
> the request is only a few days old at this point. Looking back,
> however, it appears that there isn't actually a debdiff attached, as
> was claimed in the original mail.

I apologize. Here we go.

Greetings
Marc


-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421

diff -Nru aide-0.17.3/debian/changelog aide-0.17.3/debian/changelog
--- aide-0.17.3/debian/changelog	2022-01-16 13:36:56.000000000 +0100
+++ aide-0.17.3/debian/changelog	2023-06-21 18:28:37.000000000 +0200
@@ -1,3 +1,9 @@
+aide (0.17.3-4+deb11u2) bullseye; urgency=medium
+
+  * Fix handling of extended attributes on symlinks. (Closes: #1037436)
+
+ -- Marc Haber <mh+debian-packages@zugschlus.de>  Wed, 21 Jun 2023 18:28:37 +0200
+
 aide (0.17.3-4+deb11u1) bullseye-security; urgency=high
 
   * Apply upstream patch to fix heap-based buffer overflow in base64 functions
diff -Nru aide-0.17.3/debian/patches/debian-bug-1037436 aide-0.17.3/debian/patches/debian-bug-1037436
--- aide-0.17.3/debian/patches/debian-bug-1037436	1970-01-01 01:00:00.000000000 +0100
+++ aide-0.17.3/debian/patches/debian-bug-1037436	2023-06-21 18:28:37.000000000 +0200
@@ -0,0 +1,25 @@
+Description: Fix handling of extended attributes on symlinks
+Author: Hannes von Haugwitz <hannes@vonhaugwitz.com>
+Origin: 04b34dd46292dedf830ef2366a86666869a31488
+Date: Mon Jun 12 22:20:50 2023 +0200
+Forwarded: not-needed
+--- a/src/do_md.c
++++ b/src/do_md.c
+@@ -565,7 +565,7 @@ void xattrs2line(db_line *line) {
+                     strncmp(attr, "trusted.", strlen("trusted.")))
+                 goto next_attr; /* only store normal xattrs, and SELinux */
+ 
+-            while (((aret = getxattr(line->fullpath, attr, val, asz)) ==
++            while (((aret = lgetxattr(line->fullpath, attr, val, asz)) ==
+                         -1) && (errno == ERANGE)) {
+                 asz <<= 1;
+                 val = realloc (val, asz);
+@@ -574,7 +574,7 @@ void xattrs2line(db_line *line) {
+             if (aret != -1)
+                 xattr_add(xattrs, attr, val, aret);
+             else if (errno != ENOATTR)
+-                log_msg(LOG_LEVEL_WARNING, "getxattr failed for %s:%s", line->fullpath, strerror(errno));
++                log_msg(LOG_LEVEL_WARNING, "lgetxattr failed for %s:%s", line->fullpath, strerror(errno));
+ 
+ next_attr:
+             attr += len + 1;
diff -Nru aide-0.17.3/debian/patches/series aide-0.17.3/debian/patches/series
--- aide-0.17.3/debian/patches/series	2022-01-16 13:09:51.000000000 +0100
+++ aide-0.17.3/debian/patches/series	2023-06-21 18:28:37.000000000 +0200
@@ -1 +1,2 @@
 20-aide-0.17-cve-2021-45417.patch
+debian-bug-1037436
Reply to: