Your message dated Sat, 21 Jun 2025 16:17:09 +0000 with message-id <e1ut0tx-00dyfo...@fasolo.debian.org> and subject line Bug#1106203: fixed in debian-security-support 1:12+2025.06.20 has caused the Debian Bug report #1106203, regarding debian-security-support: check-security-support doesn't detect packages whose binary and source version differ to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1106203: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106203 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: debian-security-support Version: 1:12+2025.05.10 Severity: important Hello there, check-security-support doesn't identify binary packages whose version is different than the source package. A particular case is binNMU'ed packages. For example, buildah is currently installed in my bookworm machine. The dpkg-query used by check-security-support returns this: install ok installed buildah 1.28.2+ds1-3+deb12u1+b1 golang-github-containers-buildah (1.28.2+ds1-3+deb12u1) And the grep call [1] used to compare the list of installed packages against those listed in one of the files expects to match the whole line (-x), being line the third element of "binary version source". Being source "golang-github-containers-buildah (1.28.2+ds1-3+deb12u1)" in the buildah case. [1] https://salsa.debian.org/debian/debian-security-support/-/blob/2c7aecdb3a19751f578269256491c86e0dd4dbf0/check-support-status.in#L182 I wonder if the following change would be enough and safe: diff --git a/check-support-status.in b/check-support-status.in index 26660c8..f65bed7 100755 --- a/check-support-status.in +++ b/check-support-status.in @@ -160,7 +160,7 @@ trap "rm -rf '$TEMPDIR'" 0 # Get list of installed packages INSTALLED_LIST="$TEMPDIR/installed" -LC_ALL=C [% DPKG_QUERY %] --show --showformat '${Status}\t${binary:Package}\t${Version}\t${Source}\n' | +LC_ALL=C [% DPKG_QUERY %] --show --showformat '${Status}\t${binary:Package}\t${Version}\t${source:Package}\n' | [% AWK %] '($1=="install"){print}' | [% AWK %] -F'\t' '{if($4==""){print $2"\t"$3"\t"$2}else{print $2"\t"$3"\t"$4}}' >"$INSTALLED_LIST" And will continue to handle this tomorrow. Cheers, -- Santiago
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---Source: debian-security-support Source-Version: 1:12+2025.06.20 Done: Santiago Ruano Rincón <santiag...@riseup.net> We believe that the bug you reported is fixed in the latest version of debian-security-support, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1106...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Santiago Ruano Rincón <santiag...@riseup.net> (supplier of updated debian-security-support package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 20 Jun 2025 17:58:38 -0300 Source: debian-security-support Architecture: source Version: 1:12+2025.06.20 Distribution: bookworm Urgency: medium Maintainer: Debian Security Team <t...@security.debian.org> Changed-By: Santiago Ruano Rincón <santiag...@riseup.net> Closes: 1106203 Changes: debian-security-support (1:12+2025.06.20) bookworm; urgency=medium . * Query source:Package instead of Source to get the list of packages (Closes: #1106203) * Fix typo related to gobgp Checksums-Sha1: 1d8aa1e4ffe8c16c8be6b28f7beb9864fc2f8040 1335 debian-security-support_12+2025.06.20.dsc 70a8d416a843aac8b22496fa13cb101471185020 34720 debian-security-support_12+2025.06.20.tar.xz 470b30947cd3bac65d2f2a0461d831aca0b204b6 7015 debian-security-support_12+2025.06.20_amd64.buildinfo Checksums-Sha256: 6f5b60c4191d868fc74b7e8164246eb20dd8644e58dfecdaaefea8af5d5f7df6 1335 debian-security-support_12+2025.06.20.dsc 393f688c4492b43d7fca46715118482ab06d4e4e285ecbd3d9c113cdcdeb8903 34720 debian-security-support_12+2025.06.20.tar.xz 7ab40e1022fdfbfcbc287ba57e01cebe69eb45682a668a0284af7b9149ff5f74 7015 debian-security-support_12+2025.06.20_amd64.buildinfo Files: 8aec968115cf9a9e36f6a57aff9453d4 1335 admin optional debian-security-support_12+2025.06.20.dsc 73622facee11184c20a0c136988fe7fd 34720 admin optional debian-security-support_12+2025.06.20.tar.xz 70b839e5bc555906cae725016fd7afa7 7015 admin optional debian-security-support_12+2025.06.20_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iIwEARYKADQWIQR+lHTq7mkJOyB6t2Un3j1FEEiG7wUCaFaqBxYcc2FudGlhZ29y ckByaXNldXAubmV0AAoJECfePUUQSIbv3BgBAPLR/bF3gib4xE1sGynGAQjQW8YA Yr93WkW5OkR2suCgAQDIBMYCQ4PtRH+oubzoXG95uoYc5i7AXs1DVj8H2ah1Bw== =y8aq -----END PGP SIGNATURE-----
Description: PGP signature
--- End Message ---
