Your message dated Mon, 03 Dec 2018 21:31:01 +0100
with message-id <2a0174b164b2f31129628b93a4cc5571fbd1e304.ca...@debian.org>
and subject line Re: herculesstudio: Broken patch disallows dpkg-source unpack
has caused the Debian Bug report #753922,
regarding herculesstudio: Broken patch disallows dpkg-source unpack
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
753922: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753922
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: herculesstudio
Source-Version: 1.3.0-2
Severity: serious
Tags: wheezy
Control: fixed -1 1.4.0-1
Hi!
This package contains a bogus patch, which makes latest dpkg-source in
stable to be unable to correctly unpack the source, due to more strict
parsing of patches required to disallow path traversal vulnerabilities.
The broken patch has a line-wrapped --- header line.
Here's a simple patch fixing this. It would be nice if this could be
fixed in stable, otherwise the source cannot be unpacked normally. I'm
ready to help with such release if needed, given that the “regression”
was caused by the dpkg update. (Unstable is unaffected.)
This was found by David Suárez in an archive-wide check:
<https://lists.debian.org/debian-dpkg/2014/07/msg00002.html>
Thanks,
Guillem
diff -Nru herculesstudio-1.3.0/debian/changelog herculesstudio-1.3.0/debian/changelog
--- herculesstudio-1.3.0/debian/changelog 2012-04-10 15:45:56.000000000 +0200
+++ herculesstudio-1.3.0/debian/changelog 2014-07-05 23:12:50.000000000 +0200
@@ -1,3 +1,10 @@
+herculesstudio (1.3.0-2.1) UNRELEASED; urgency=low
+
+ * Non-maintainer upload.
+ * Fix broken patch headers.
+
+ -- Guillem Jover <guil...@debian.org> Sat, 05 Jul 2014 23:12:50 +0200
+
herculesstudio (1.3.0-2) unstable; urgency=low
* debian/copyright:
diff -Nru herculesstudio-1.3.0/debian/patches/fix-ftbfs-g++-4.7.patch herculesstudio-1.3.0/debian/patches/fix-ftbfs-g++-4.7.patch
--- herculesstudio-1.3.0/debian/patches/fix-ftbfs-g++-4.7.patch 2012-04-10 14:36:53.000000000 +0200
+++ herculesstudio-1.3.0/debian/patches/fix-ftbfs-g++-4.7.patch 2014-07-05 23:09:36.000000000 +0200
@@ -1,5 +1,6 @@
Description: Fix FTBFS with g++ 4.7
-Origin: upstream, http://hercstudio.svn.sourceforge.net/viewvc/hercstudio?view=revision&revision=139--- a/HercStudio/HerculesExecutor.cpp
+Origin: upstream, http://hercstudio.svn.sourceforge.net/viewvc/hercstudio?view=revision&revision=139
+--- a/HercStudio/HerculesExecutor.cpp
+++ b/HercStudio/HerculesExecutor.cpp
@@ -33,6 +33,7 @@
#include <fcntl.h>
--- End Message ---
--- Begin Message ---
The current version in unstable works fine, so closing this bug.
--- End Message ---
