Your message dated Tue, 17 Jun 2025 14:37:19 +0000 with message-id <e1urxr9-00czyr...@fasolo.debian.org> and subject line Bug#1106203: fixed in debian-security-support 1:13+2025.06.17 has caused the Debian Bug report #1106203, regarding debian-security-support: check-security-support doesn't detect packages whose binary and source version differ to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1106203: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106203 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: debian-security-support Version: 1:12+2025.05.10 Severity: important Hello there, check-security-support doesn't identify binary packages whose version is different than the source package. A particular case is binNMU'ed packages. For example, buildah is currently installed in my bookworm machine. The dpkg-query used by check-security-support returns this: install ok installed buildah 1.28.2+ds1-3+deb12u1+b1 golang-github-containers-buildah (1.28.2+ds1-3+deb12u1) And the grep call [1] used to compare the list of installed packages against those listed in one of the files expects to match the whole line (-x), being line the third element of "binary version source". Being source "golang-github-containers-buildah (1.28.2+ds1-3+deb12u1)" in the buildah case. [1] https://salsa.debian.org/debian/debian-security-support/-/blob/2c7aecdb3a19751f578269256491c86e0dd4dbf0/check-support-status.in#L182 I wonder if the following change would be enough and safe: diff --git a/check-support-status.in b/check-support-status.in index 26660c8..f65bed7 100755 --- a/check-support-status.in +++ b/check-support-status.in @@ -160,7 +160,7 @@ trap "rm -rf '$TEMPDIR'" 0 # Get list of installed packages INSTALLED_LIST="$TEMPDIR/installed" -LC_ALL=C [% DPKG_QUERY %] --show --showformat '${Status}\t${binary:Package}\t${Version}\t${Source}\n' | +LC_ALL=C [% DPKG_QUERY %] --show --showformat '${Status}\t${binary:Package}\t${Version}\t${source:Package}\n' | [% AWK %] '($1=="install"){print}' | [% AWK %] -F'\t' '{if($4==""){print $2"\t"$3"\t"$2}else{print $2"\t"$3"\t"$4}}' >"$INSTALLED_LIST" And will continue to handle this tomorrow. Cheers, -- Santiago
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---Source: debian-security-support Source-Version: 1:13+2025.06.17 Done: Holger Levsen <hol...@debian.org> We believe that the bug you reported is fixed in the latest version of debian-security-support, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1106...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Holger Levsen <hol...@debian.org> (supplier of updated debian-security-support package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 17 Jun 2025 15:56:37 +0200 Source: debian-security-support Architecture: source Version: 1:13+2025.06.17 Distribution: unstable Urgency: medium Maintainer: Debian Security Team <t...@security.debian.org> Changed-By: Holger Levsen <hol...@debian.org> Closes: 1105199 1106203 Changes: debian-security-support (1:13+2025.06.17) unstable; urgency=medium . [ Santiago Ruano Rincón ] * check-support-status: query source:Package instead of Source to get the list of packages. Closes: #1106203. * security-support.deb13 and .deb12: fix typo related to gobgp. * security-support.deb11: - update release notes links from bullseye as the HTML version of the release notes is no longer available. - mark gobgp with limited support. . [ Holger Levsen ] * security-support.deb13: mark mozjs128 as limited support (and drop mozjs78 and mozjs102 from there as they are not part of trixie). Closes: #1105199. Thanks to Simon McVittie. . [ Jochen Sprickerhof ] * security-support.deb11: fix package names. Thanks to Roberto C. Sánchez. Checksums-Sha1: 9d2d68460ad16a3df7e0565f014cd515d45f32fe 1908 debian-security-support_13+2025.06.17.dsc b98138c3dca64ba7e120d9c46948f17af11c6f6d 36944 debian-security-support_13+2025.06.17.tar.xz 023ce087adde988d4282262bc35ef6b2d363c71d 8026 debian-security-support_13+2025.06.17_source.buildinfo Checksums-Sha256: 5d78af1fb546923a77bf91ff2c748bd5a6abf28d391ca8d73733ecba149d64d1 1908 debian-security-support_13+2025.06.17.dsc a97aa2dbe59e9c822208b9ba5a84940c19f09f113a9d927f560044f58ddd8fbc 36944 debian-security-support_13+2025.06.17.tar.xz e734d6e99f3edc122b135e41bd13458a16944405252c118519e155af9cd25888 8026 debian-security-support_13+2025.06.17_source.buildinfo Files: 866529890a6cf02bfd42fe4e4c526494 1908 admin optional debian-security-support_13+2025.06.17.dsc 0ac65dfef1ed53fa768edf796deee029 36944 admin optional debian-security-support_13+2025.06.17.tar.xz 9c71dc417af8cf6399ec19149db27bf0 8026 admin optional debian-security-support_13+2025.06.17_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEuL9UE3sJ01zwJv6dCRq4VgaaqhwFAmhRdJ8ACgkQCRq4Vgaa qhw03A/+JhGdRwitGwigckiLbsnQAyMMD9qEZjH2YAHaMviBgwMs8WqmKvjEjhDr JKBPxPFZggv3Iord/nktLY7RJSPoL6m+lPkFExtPhS6EpoCB68zlgbSqmE6hASsE 6/5otomUX5sLbocacpCKk1zapY5dFKmMT4gmiJjb4SYYcirpZ2YSkqaGmjmcn/VT y3p3zghDdLv7lMoZmZqf6i67UVWkDuPAgIfORDUHJwjYMVWNyNJHKzcnV5/6BcgS ka6X3lgCopU79gSiZ76ejbKrgHSCCR6kVLWZc3wnEe3Aycqe9uqjBLKUG9ATnxH3 qRqIwP6C9z/651ep/eCEoX8qEBHfux/6LLIGp1FJ1WUDIlKYmhermc+BJaa25PCg 1eEamvdBOpzB8496mMufkcTQk0prGt76ypi+TMJD7bNsKMjQdnXQr9yujHxIAWMG vrYV1i3G4Bj9m7TTE/Yj9blYai3XNYwYDXvsuujy7dUbZn9Fuv1h5G4Ph1gRJtF8 HgLUT1uPimlkyhs1SFgx3asQeI1LamNofdFMm98dPjQjIxTGnCOCvSCbsTkkwOWI IquRyAwJJvQ8H6+NXfTmNIzuyYjvfXoL6A6pVN1gnuwzDkr42hdy9NFvM+mtc2Rh iP5A0qT4DRDudbkBAFrGVgEQJVdFTlc1OlCZ8O4o0nCfq1cxMok= =A7QM -----END PGP SIGNATURE-----
Description: PGP signature
--- End Message ---
