Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
(This was already discussed on the debian-release list, I'm filling this bug for easier tracking) Please allow upgrading the s3ql package s3ql from 1.11.1-2 to 1.11.2-3 via testing-proposed-updates to fix the serious bug #701350. The bug has already been fixed in unstable via a new upstream release (1.13.1-1). The buggy code is still included in wheezy. Currently, the wheezy libc seems to incidentally work around the S3QL bug. However, this does not happen with newer libc versions, so it may well be a libc bug canceling out the S3QL bug. Therefore, with the current wheezy S3QL, any change to wheezy's libc puts S3QL users at the risk of data loss. I have uploaded a release for update via testing-proposed-updates to http://mentors.debian.net/debian/pool/main/s/s3ql/s3ql_1.11.1-3.dsc Debdiff is attached. Thanks! unblock s3ql/1.11.1-3 -- System Information: Debian Release: 7.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
diff -Nru s3ql-1.11.1/debian/changelog s3ql-1.11.1/debian/changelog --- s3ql-1.11.1/debian/changelog 2012-06-05 13:35:58.000000000 -0700 +++ s3ql-1.11.1/debian/changelog 2013-02-24 18:52:36.000000000 -0800 @@ -1,3 +1,10 @@ +s3ql (1.11.1-3) testing-proposed-updates; urgency=low + + * Call fflush() on FILE stream before repositioning underlying + file descriptor. Closes: 701350. + + -- Nikolaus Rath <nikol...@rath.org> Sun, 24 Feb 2013 18:51:42 -0800 + s3ql (1.11.1-2) unstable; urgency=low * Add dependency on python-pkg-resources. Closes: 672916. diff -Nru s3ql-1.11.1/debian/patches/deltadump_fflush.diff s3ql-1.11.1/debian/patches/deltadump_fflush.diff --- s3ql-1.11.1/debian/patches/deltadump_fflush.diff 1969-12-31 16:00:00.000000000 -0800 +++ s3ql-1.11.1/debian/patches/deltadump_fflush.diff 2013-02-24 18:55:19.000000000 -0800 @@ -0,0 +1,29 @@ +Description: call fflush() to avoid data corruption +Origin: upstream +Applied-Upstream: http://code.google.com/p/s3ql/source/detail?r=e20279364896cfaa5d3c8cda29cb64c3b432a0ec +Last-Update: 2013-02-24 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/src/s3ql/_deltadump.pyx ++++ b/src/s3ql/_deltadump.pyx +@@ -28,6 +28,7 @@ + + cdef extern from 'stdio.h' nogil: + FILE * fdopen(int fd, const_char * mode) ++ int fflush(FILE * stream) + int fileno(FILE * stream) + + cdef extern from 'endian.h' nogil: +@@ -123,6 +124,12 @@ + + cdef ssize_t off + ++ # Explicitly flush data that needs to be written. This is ++ # important, so that we can safely reposition the fd position ++ # below (which is necessary in case there is cached input data) ++ if fflush(fp) != 0: ++ raise OSError(errno, strerror(errno)) ++ + # Reposition FD to position of FILE*, otherwise next read from FD will miss + # data currently in stream buffer. It seems that call to fflush() achieves + # the same thing, but this does not seem to be documented so we don't rely diff -Nru s3ql-1.11.1/debian/patches/series s3ql-1.11.1/debian/patches/series --- s3ql-1.11.1/debian/patches/series 2012-01-23 17:39:07.000000000 -0800 +++ s3ql-1.11.1/debian/patches/series 2013-02-24 18:51:23.000000000 -0800 @@ -1 +1,2 @@ proc_mount.diff +deltadump_fflush.diff
