Ubuntu
spice package

Merge ~mirespace/ubuntu/+source/spice:merge-spice-0.14.3-2.1-impish into ubuntu/+source/spice:debian/sid

  1. Git
  2. lp:~mirespace/ubuntu/+source/spice
  3. merge-spice-0.14.3-2.1-impish
  4. Merge into debian/sid
Proposed by Miriam España Acebal
Status: Merged
Approved by: Christian Ehrhardt 
Approved revision: 1160eb2700acfe6cadb74a1b025f8fdb12411b59
Merge reported by: Bryce Harrington
Merged at revision: 1160eb2700acfe6cadb74a1b025f8fdb12411b59
Proposed branch: ~mirespace/ubuntu/+source/spice:merge-spice-0.14.3-2.1-impish
Merge into: ubuntu/+source/spice:debian/sid
Diff against target: 267 lines (+189/-3)
3 files modified
debian/changelog (+185/-0)
debian/control (+3/-2)
debian/tests/automated-tests (+1/-1)
Reviewer Review Type Date Requested Status
Christian Ehrhardt  (community) Approve
Canonical Server Pending
Miriam España Acebal Pending
Canonical Server packageset reviewers Pending
Review via email: mp+407075@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Miriam España Acebal (mirespace) wrote :

Hello team,

PPA for this merge: https://launchpad.net/~mirespace/+archive/ubuntu/merge-spice-0.14.3-2.1-impish.

The delta has 2 changes.

Usual tags are there: reconstruct/0.14.3-2ubuntu3 split/0.14.3-2ubuntu3 logical/0.14.3-2ubuntu3 new/debian old/debian old/ubuntu

Test passed:
autopkgtest [14:35:26]: test automated-tests: -----------------------]
autopkgtest [14:35:27]: test automated-tests: - - - - - - - - - - results - - - - - - - - - -
automated-tests PASS
autopkgtest [14:35:27]: @@@@@@@@@@@@@@@@@@@@ summary
automated-tests PASS

Thanks in advance!

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

* Changelog:
  - [+] old content and logical tag match as expected
  - [+] changelog entry correct version and targeted codename
  - [-] changelog entries correct

Due to the new indent level the line referring to 973803 is too long now (81 chars)

  - [+] bug references correct (none)
  - [+] update-maintainer has been run

* Merge - Indirect Changes:
  - [+] no upstream changes to consider
  - [-] no further upstream version to consider

There is 0.14.91 but I agree that we will not merge this one now.
It is more a prep to 0.15 than something we'd want so late this cycle

  - [+] debian changes look safe

* Merge - Old Delta:
  - [n/a] dropped changes are ok to be dropped
  - [+] nothing else to drop
  - [n/a] changes forwarded upstream/debian (if appropriate)

* New Delta:
  - [+] no new patches added

* Git/Maintenance
  - [+] testcases added or not needed for this
  - [+] commits are properly split (more important on -dev than on SRUs)

* Build/Test:
  - [+] build is ok
  - [+] verified PPA package installs/uninstalls
  - [+] autopkgtest against the PPA package passes (by your tests)

So overall - yeah this LGTM except the little line length issue.
But that should be a quick change and then we can sponsor it.

review: Needs Fixing
Revision history for this message
Miriam España Acebal (mirespace) wrote :

Thanks, Christian!

I made that line smaller (and the above point also to make them look alike).

Here we go again...

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Length ok now, but in return we now got trailing whitespace in lin 4,5 and 7 :-/
Should I fix it on upload or do you want to modify it again?

Revision history for this message
Miriam España Acebal (mirespace) wrote :

Hoping this time is OK (installed an extension to VSCode to see the blanks)... Sorry!

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

LGTM now, thanks
+1

review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

To ssh://git.launchpad.net/~usd-import-team/ubuntu/+source/spice
 * [new tag] upload/0.14.3-2.1ubuntu1 -> upload/0.14.3-2.1ubuntu1

Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading spice_0.14.3-2.1ubuntu1.dsc: done.
  Uploading spice_0.14.3-2.1ubuntu1.debian.tar.xz: done.
  Uploading spice_0.14.3-2.1ubuntu1_source.buildinfo: done.
  Uploading spice_0.14.3-2.1ubuntu1_source.changes: done.
Successfully uploaded packages.

Sponsored, please track tests and migration.

Revision history for this message
Bryce Harrington (bryce) wrote :

This has successfully migrated.

  - Source Package: spice
  - Current Version: 0.14.3-2.1ubuntu1
  - Proposed Version: None
  - Old Version: tbd
  - New Version: 0.14.3-2.1ubuntu1
  - Migrated: True
  - Requester: Miriam España Acebal

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index d92d3c2..1fcd39a 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,14 @@
6+spice (0.14.3-2.1ubuntu1) impish; urgency=medium
7+
8+ * Merge with Debian unstable. Remaining changes:
9+ - d/control: Don't recommend -libav gstreamer plugins since it
10+ is in universe. This now downgrades it to a suggest instead
11+ of completely removing the dependency.
12+ - d/t/automated-tests: avoid test fail due to build
13+ errors (Closes: #973803).
14+
15+ -- Miriam España Acebal <miriam.espana@canonical.com> Fri, 13 Aug 2021 14:12:44 +0200
16+
17 spice (0.14.3-2.1) unstable; urgency=medium
18
19 * Non-maintainer upload.
20@@ -8,6 +19,21 @@ spice (0.14.3-2.1) unstable; urgency=medium
21
22 -- Salvatore Bonaccorso <carnil@debian.org> Sun, 28 Feb 2021 16:29:54 +0100
23
24+spice (0.14.3-2ubuntu3) hirsute; urgency=medium
25+
26+ * d/t/automated-tests: avoid test fail due to build errors (Closes: #973803)
27+
28+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 05 Nov 2020 11:23:42 +0100
29+
30+spice (0.14.3-2ubuntu2) hirsute; urgency=medium
31+
32+ * Merge with Debian unstable. Remaining changes:
33+ - d/control: Don't recommend -libav gstreamer plugins since it is in
34+ universe. This now downgrades it to a suggest instead of completely
35+ removing the dependency.
36+
37+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 03 Nov 2020 13:07:45 +0100
38+
39 spice (0.14.3-2) unstable; urgency=medium
40
41 [ Christian Ehrhardt ]
42@@ -32,6 +58,40 @@ spice (0.14.3-2) unstable; urgency=medium
43
44 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 29 Oct 2020 10:57:02 +0300
45
46+spice (0.14.3-1ubuntu2) groovy; urgency=medium
47+
48+ * SECURITY UPDATE: multiple buffer overflows in QUIC image decoding
49+ - debian/patches/CVE-2020-14355-1.patch: check we have some data to
50+ start decoding quic image in subprojects/spice-common/common/quic.c.
51+ - debian/patches/CVE-2020-14355-2.patch: check image size in
52+ quic_decode_begin in subprojects/spice-common/common/quic.c.
53+ - debian/patches/CVE-2020-14355-3.patch: check RLE lengths in
54+ subprojects/spice-common/common/quic_tmpl.c.
55+ - debian/patches/CVE-2020-14355-4.patch: avoid possible buffer overflow
56+ in find_bucket in subprojects/spice-common/common/quic_family_tmpl.c.
57+ - CVE-2020-14355
58+
59+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 01 Oct 2020 07:00:18 -0400
60+
61+spice (0.14.3-1ubuntu1) groovy; urgency=medium
62+
63+ * Merge with Debian unstable (LP: #1881093). Remaining changes:
64+ - d/control: Don't recommend -libav gstreamer plugins since it is in
65+ universe
66+ - make autopkgtests work again
67+ - d/t/automated-tests: spice-common moved into dir subprojects
68+ - d/t/automated-tests: option --enable-automated-tests now is always on
69+ - d/t/control: make tests more debuggable by allowing stderr
70+ - d/t/control: install new test dependency python-pil
71+ - d/t/regression-test.py, d/t/base_test.ppm: add file dropped in release
72+ tarball but needed for autopkgtests
73+ - d/source/include-binaries: allow binary base_test.ppm in package
74+ * Dropped changes
75+ - d/p/lp-1874054-*: fix rescaling and some crashes (LP: 1874054)
76+ [Upstream in 0.14.3]
77+
78+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 28 May 2020 11:56:04 +0200
79+
80 spice (0.14.3-1) unstable; urgency=medium
81
82 * new upstream version (Closes: #940057, #954629)
83@@ -43,6 +103,49 @@ spice (0.14.3-1) unstable; urgency=medium
84
85 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 16:55:25 +0300
86
87+spice (0.14.2-4ubuntu3) focal; urgency=medium
88+
89+ * d/p/lp-1874054-*: fix rescaling and some crashes (LP: #1874054)
90+
91+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 21 Apr 2020 14:05:18 +0200
92+
93+spice (0.14.2-4ubuntu2) focal; urgency=medium
94+
95+ * No-change rebuild for libgcc-s1 package name change.
96+
97+ -- Matthias Klose <doko@ubuntu.com> Mon, 23 Mar 2020 07:26:08 +0100
98+
99+spice (0.14.2-4ubuntu1) focal; urgency=medium
100+
101+ * Merge with Debian unstable (LP: #1852439). Remaining changes:
102+ - d/control: Don't recommend -libav gstreamer plugins since it is in
103+ universe
104+ - make autopkgtests work again
105+ - d/t/automated-tests: spice-common moved into dir subprojects
106+ - d/t/automated-tests: option --enable-automated-tests now is always on
107+ - d/t/control: make tests more debuggable by allowing stderr
108+ - d/t/control: install new test dependency python-pil
109+ - d/t/regression-test.py, d/t/base_test.ppm: add file dropped in release
110+ tarball but needed for autopkgtests
111+ - d/source/include-binaries: allow binary base_test.ppm in package
112+ * Added changes:
113+ - d/t/automated-tests, d/t/control: make autopkgtests python3 compatible
114+ * Dropped Changes (in Debian):
115+ - d/control: Don't recommend -ugly gstreamer plugins since it is in universe
116+ - d/patches: drop patches being upstream in 0.14.2
117+ - new upstream 0.14.2
118+ - disable failing test-listen
119+ - d/libspice-server1.symbols: update for new symbols in 14.2
120+ - d/p/fix-test-qxl-parsing-on-ppc64el-and-armhf.patch: avoid FTBFS due to
121+ different handling of high words for constants
122+ - d/control: bump build dependency to libspice-protocol-dev >=0.14.0
123+ * Dropped Changes (Upstream)
124+ - SECURITY UPDATE: Integer overflow and buffer overflow CVE-2017-12194
125+ - SECURITY UPDATE: Denial of service CVE-2018-10873
126+ - SECURITY UPDATE: off-by-one error in memslot_get_virt CVE-2019-3813
127+
128+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 13 Nov 2019 15:54:00 +0100
129+
130 spice (0.14.2-4) unstable; urgency=medium
131
132 * disable failing test-listen (Closes: #941006)
133@@ -90,6 +193,42 @@ spice (0.14.2-1) unstable; urgency=medium
134
135 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 30 Aug 2019 13:54:00 +0300
136
137+spice (0.14.2-0ubuntu2) eoan; urgency=medium
138+
139+ * Fixup autpkgtest (LP: #1834286)
140+ These changes will make the test able to run again, but not output mismatch
141+ errors (this matches the behavior before 0.14.2). Upstream discussion
142+ started on how to resolve that as a next step, more details at the LP bug.
143+ - d/t/automated-tests: spice-common moved into dir subprojects
144+ - d/t/automated-tests: option --enable-automated-tests now is always on"
145+ - d/t/automated-tests, d/t/control: make tests more debuggable by allowing
146+ stderr
147+ - d/t/control: install new test dependency python-pil
148+ - d/t/base_test.ppm, d/t/regression-test.py: provide test resources from
149+ upstream git not part of the released tarball anymore
150+ - d/source/include-binaries: allow binary base_test.ppm in package
151+
152+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Jun 2019 12:59:01 +0200
153+
154+spice (0.14.2-0ubuntu1) eoan; urgency=medium
155+
156+ * New upstream release
157+ Among many other fixes this will resolve (LP: #1814146)
158+ - d/p/disable-failing-test-listen.patch: disable new test that is
159+ unreliable in the build environment
160+ - d/patches: drop patches being upstream in 0.14.2
161+ + debian/patches/CVE-2017-12194-1.patch
162+ + debian/patches/CVE-2017-12194-2.patch
163+ + debian/patches/CVE-2017-12194-3.patch
164+ + debian/patches/CVE-2018-10873.patch
165+ + debian/patches/CVE-2019-3813.patch
166+ - d/libspice-server1.symbols: update for new symbols in 14.2
167+ - d/p/fix-test-qxl-parsing-on-ppc64el-and-armhf.patch: avoid FTBFS due
168+ to different handling of high words for constants
169+ - d/control: bump build dependency to libspice-protocol-dev >=0.14.0
170+
171+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 24 May 2019 12:27:26 +0200
172+
173 spice (0.14.0-1.3) unstable; urgency=medium
174
175 * Non-maintainer upload.
176@@ -112,6 +251,52 @@ spice (0.14.0-1.1) unstable; urgency=medium
177
178 -- Salvatore Bonaccorso <carnil@debian.org> Sat, 15 Sep 2018 09:15:28 +0200
179
180+spice (0.14.0-1ubuntu5) disco; urgency=medium
181+
182+ * SECURITY UPDATE: off-by-one error in memslot_get_virt
183+ - debian/patches/CVE-2019-3813.patch: fix checks in server/memslot.c,
184+ add tests to server/tests/test-qxl-parsing.c.
185+ - CVE-2019-3813
186+ * debian/tests/automated-tests: fix incorrect test name, don't fail on
187+ build writing to stderr.
188+
189+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 24 Jan 2019 08:58:10 -0500
190+
191+spice (0.14.0-1ubuntu4) cosmic; urgency=medium
192+
193+ * SECURITY UPDATE: Denial of service
194+ - debian/patches/CVE-2018-10873.patch: fix in
195+ spice-common/python_modules/demarshal.py,
196+ - CVE-2018-10873
197+
198+ -- Leonidas S. Barbosa <leo.barbosa@canonical.com> Mon, 20 Aug 2018 13:26:02 -0300
199+
200+spice (0.14.0-1ubuntu3) cosmic; urgency=medium
201+
202+ * SECURITY UPDATE: Integer overflow and buffer overflow
203+ - debian/patches/CVE-2017-12194-1.patch: fix a integer overflow
204+ computing sizes in spice-common/python_modules/demarshal.py.
205+ - debian/patches/CVE-2017-12194-2.patch: avoid integer overflow
206+ in spice-common/python_modules/demarshal.py,
207+ spice-common/python_modules/marshal.py.
208+ - debian/patches/CVE-2017-12194-3.patch: add tests to verify fix.
209+ - CVE-2017-12194
210+
211+ -- Leonidas S. Barbosa <leo.barbosa@canonical.com> Tue, 22 May 2018 14:53:01 -0300
212+
213+spice (0.14.0-1ubuntu2) bionic; urgency=high
214+
215+ * No change rebuild against openssl1.1.
216+
217+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 06 Feb 2018 17:55:31 +0000
218+
219+spice (0.14.0-1ubuntu1) bionic; urgency=medium
220+
221+ * Don't recommend -ugly or -libav gstreamer plugins since they
222+ are in universe
223+
224+ -- Jeremy Bicha <jbicha@ubuntu.com> Wed, 01 Nov 2017 21:55:03 -0400
225+
226 spice (0.14.0-1) unstable; urgency=medium
227
228 * New upstream release
229diff --git a/debian/control b/debian/control
230index d31bb2c..9813c7d 100644
231--- a/debian/control
232+++ b/debian/control
233@@ -1,7 +1,8 @@
234 Source: spice
235 Section: misc
236 Priority: optional
237-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
238+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
239+XSBC-Original-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
240 Uploaders: Michael Tokarev <mjt@tls.msk.ru>
241 Build-Depends:
242 debhelper-compat (= 12),
243@@ -39,10 +40,10 @@ Multi-Arch: same
244 Pre-Depends: ${misc:Pre-Depends}
245 Depends: ${misc:Depends}, ${shlibs:Depends}
246 Recommends:
247- gstreamer1.0-libav,
248 gstreamer1.0-plugins-base,
249 gstreamer1.0-plugins-good,
250 Suggests:
251+ gstreamer1.0-libav,
252 gstreamer1.0-plugins-ugly,
253 Description: Implements the server side of the SPICE protocol
254 The Simple Protocol for Independent Computing Environments (SPICE) is
255diff --git a/debian/tests/automated-tests b/debian/tests/automated-tests
256index 8664d7a..c2df273 100644
257--- a/debian/tests/automated-tests
258+++ b/debian/tests/automated-tests
259@@ -2,7 +2,7 @@
260
261 set -ex
262
263-dh_auto_configure -- \
264+DH_COMPAT=10 dh_auto_configure -- \
265 --disable-silent-rules \
266 --enable-smartcard
267 make -C subprojects/spice-common/common libspice-common.la libspice-common-server.la

Subscribers

People subscribed via source and target branches