[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#931282: marked as done (buster-pu: package s-nail/14.9.11-2+deb10u1)

Your message dated Sat, 10 Sep 2022 19:21:36 +0100
with message-id <efeb61e9cab769c38d00043d93049ba439ef54cb.camel@adam-barratt.org.uk>
and subject line Re: Bug#931282: unblock: s-nail/14.9.11-3
has caused the Debian Bug report #931282,
regarding buster-pu: package s-nail/14.9.11-2+deb10u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
931282: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931282
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package s-nail. Version 14.9.11-3 contains a targeted fix for
#930691 I've got from upstream. The debdiff between -2 and -3 is attached.

Thank you,

Paride Legovini

unblock s-nail/14.9.11-3

-- System Information:
Debian Release: 10.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

diff -Nru s-nail-14.9.11/debian/changelog s-nail-14.9.11/debian/changelog
--- s-nail-14.9.11/debian/changelog	2018-12-07 19:16:26.000000000 +0100
+++ s-nail-14.9.11/debian/changelog	2019-06-30 13:53:46.000000000 +0200
@@ -1,3 +1,10 @@
+s-nail (14.9.11-3) unstable; urgency=medium
+
+  * New patch: 0002-fix-gssapi-authentication-930691.patch.
+    Thanks to Ivan Vučica and Steffen Nurpmeso (Closes: #930691)
+
+ -- Paride Legovini <pl@ninthfloor.org>  Sun, 30 Jun 2019 11:53:46 +0000
+
 s-nail (14.9.11-2) unstable; urgency=medium
 
   * Bump Standards-Version to 4.2.1 (no changes needed)
diff -Nru s-nail-14.9.11/debian/gbp.conf s-nail-14.9.11/debian/gbp.conf
--- s-nail-14.9.11/debian/gbp.conf	2018-12-07 19:07:04.000000000 +0100
+++ s-nail-14.9.11/debian/gbp.conf	2019-06-30 12:40:18.000000000 +0200
@@ -1,3 +1,5 @@
-[buildpackage]
+[DEFAULT]
+debian-branch = debian/buster
+upstream-branch =
 pristine-tar = True
 pristine-tar-commit = True
diff -Nru s-nail-14.9.11/debian/patches/0002-fix-gssapi-authentication-930691.patch s-nail-14.9.11/debian/patches/0002-fix-gssapi-authentication-930691.patch
--- s-nail-14.9.11/debian/patches/0002-fix-gssapi-authentication-930691.patch	1970-01-01 01:00:00.000000000 +0100
+++ s-nail-14.9.11/debian/patches/0002-fix-gssapi-authentication-930691.patch	2019-06-30 12:25:29.000000000 +0200
@@ -0,0 +1,52 @@
+diff --git a/obs-imap-gssapi.h b/obs-imap-gssapi.h
+index 5d314917..70eeca7f 100644
+--- a/obs-imap-gssapi.h
++++ b/obs-imap-gssapi.h
+@@ -162,10 +162,7 @@ _imap_gssapi(struct mailbox *mp, struct ccred *ccred)
+    ok = STOP;
+    f = a_F_NONE;
+ 
+-   {  size_t i = strlen(mp->mb_imap_account) +1;
+-      server = n_autorec_alloc(i);
+-      memcpy(server, mp->mb_imap_account, i);
+-   }
++   server = savestr(mp->mb_imap_account);
+    if (!strncmp(server, "imap://", 7))
+       server += 7;
+    else if (!strncmp(server, "imaps://", 8))
+@@ -174,9 +171,11 @@ _imap_gssapi(struct mailbox *mp, struct ccred *ccred)
+       server = &cp[1];
+    for (cp = server; *cp; cp++)
+       *cp = lowerconv(*cp);
++
+    send_tok.value = n_autorec_alloc(
+-         (send_tok.length = strlen(server) -1 + 5) +1);
+-   snprintf(send_tok.value, send_tok.length, "imap@%s", server);
++         (send_tok.length = strlen(server) + 5) +1);
++   memcpy(send_tok.value, "imap@", 5);
++   memcpy(&((char*)send_tok.value)[5], server, send_tok.length - 4);
+    maj_stat = gss_import_name(&min_stat, &send_tok, GSS_C_NT_HOSTBASED_SERVICE,
+          &target_name);
+    f |= a_F_TARGET_NAME;
+@@ -300,14 +299,13 @@ jebase64:
+    /* First octet: bit-mask with protection mechanisms (1 = no protection
+     *    mechanism).
+     * Second to fourth octet: maximum message size in network byte order.
+-    * Fifth and following octets: user name string.
+-    */
+-   o[0] = 1;
+-   o[1] = 0;
+-   o[2] = o[3] = (char)0377;
+-   snprintf(&o[4], sizeof o - 4, "%s", ccred->cc_user.s);
+-   send_tok.value = o;
+-   send_tok.length = strlen(&o[4]) -1 + 4;
++    * Fifth and following octets: user name string */
++   in.s = n_autorec_alloc((send_tok.length = 4 + ccred->cc_user.l) +1);
++   memcpy(&in.s[4], ccred->cc_user.s, ccred->cc_user.l +1);
++   in.s[0] = 1;
++   in.s[1] = 0;
++   in.s[2] = in.s[3] = (char)0xFF;
++   send_tok.value = in.s;
+    maj_stat = gss_wrap(&min_stat, gss_context, 0, GSS_C_QOP_DEFAULT, &send_tok,
+          &conf_state, &recv_tok);
+    f |= a_F_RECV_TOK;
diff -Nru s-nail-14.9.11/debian/patches/series s-nail-14.9.11/debian/patches/series
--- s-nail-14.9.11/debian/patches/series	2018-09-09 16:43:16.000000000 +0200
+++ s-nail-14.9.11/debian/patches/series	2019-06-30 12:27:09.000000000 +0200
@@ -1 +1,2 @@
 0001-Fix-spelling-errors.patch
+0002-fix-gssapi-authentication-930691.patch

--- End Message ---
--- Begin Message --- 
On Tue, 2019-08-20 at 22:11 +0100, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
> 
> On Mon, 2019-07-01 at 10:49 +0200, Paride Legovini wrote:
> > Paul Gevers wrote on 30/06/2019:
> > 
> > > Hi Paride,
> > > 
> > > On 30-06-2019 14:55, Paride Legovini wrote:
> > > > Please unblock package s-nail. Version 14.9.11-3 contains a
> > > > targeted fix for
> > > > #930691 I've got from upstream. The debdiff between -2 and -3
> > > > is
> > > > attached.
> > > 
> > > The time for unblocks for buster has come and gone. The deadline
> > > was
> > > last Tuesday, we are now in deep freeze. If you consider the bug
> > > severe
> > > enough (please fix the bug metadata if you do) you can consider a
> > > stable
> > > release update targeting buster (I have updated this bugs
> > > metadata),
> > > such that this can be fixed in the first point release.
> > 
> > Thanks Paul,
> > 
> > I'll call this a off-by-one-week error. I am sorry. At least I know
> > that
> > when I've got the patch for #930691 it was already too late for an
> > unblock.
> > 
> > I reviewed the policy for stable release updates; while definitely
> > a
> > deal breaker for some users I'm not sure #930691 qualifies as "a
> > truly
> > critical functionality problem". Affected users are those using the
> > GSSAPI + Kerberos authentication.
> > 
> > What's the take of the stable release team here?
> 
> Sorry for the delay in getting back to you.
> 
> This looks like it would be OK for stable, but we would need a
> debdiff
> of a package built and tested on stable (and appropriately
> versioned),
> please.
> 

Apparently that never happened, and the final point release for buster
was earlier today, so I'm going to close this bug now.

Regards,

Adam

--- End Message ---
Reply to: