Ubuntu
spice package

Merge ~paelzer/ubuntu/+source/spice:merge-0.14.3-2-HIRSUTE into ubuntu/+source/spice:debian/sid

  1. Git
  2. lp:~paelzer/ubuntu/+source/spice
  3. merge-0.14.3-2-HIRSUTE
  4. Merge into debian/sid
Proposed by Christian Ehrhardt 
Status: Merged
Approved by: Christian Ehrhardt 
Approved revision: 801aab6ac7946f7c23199c538e80015d7cd37312
Merge reported by: Christian Ehrhardt 
Merged at revision: 801aab6ac7946f7c23199c538e80015d7cd37312
Proposed branch: ~paelzer/ubuntu/+source/spice:merge-0.14.3-2-HIRSUTE
Merge into: ubuntu/+source/spice:debian/sid
Diff against target: 230 lines (+171/-2)
2 files modified
debian/changelog (+168/-0)
debian/control (+3/-2)
Reviewer Review Type Date Requested Status
Sergio Durigan Junior (community) Approve
Canonical Server Pending
git-ubuntu developers Pending
Review via email: mp+393251@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Merge tags:
To ssh://git.launchpad.net/~paelzer/ubuntu/+source/spice
 * [new tag] lp9999999/logical/0.14.3-1ubuntu2 -> lp9999999/logical/0.14.3-1ubuntu2
 * [new tag] lp9999999/new/debian -> lp9999999/new/debian
 * [new tag] lp9999999/old/debian -> lp9999999/old/debian
 * [new tag] lp9999999/old/ubuntu -> lp9999999/old/ubuntu
 * [new tag] lp9999999/reconstruct/0.14.3-1ubuntu2 -> lp9999999/reconstruct/0.14.3-1ubuntu2
 * [new tag] lp9999999/split/0.14.3-1ubuntu2 -> lp9999999/split/0.14.3-1ubuntu2

This is mostly dropping changes (as Debian accepted them).
One remains (universe, no MIR wanted).
On that remaining delta I have improved the situation a bit by at least leaving a suggests to help users.

But overall this should be a trivial MP.

PPA: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4324/+packages

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

I'll take this one.

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

* Changelog:
  - [√] old content and logical tag match as expected
  - [√] changelog entry correct version and targeted codename
  - [√] changelog entries correct
  - [√] update-maintainer has been run

* Actual changes:
  - [√] no upstream changes to consider
  - [√] no further upstream version to consider
  - [√] debian changes look safe

* Old Delta:
  - [√] dropped changes are ok to be dropped
  - [√] nothing else to drop
  - [√] changes forwarded upstream/debian (if appropriate)

* New Delta:
  - [√] no new patches added
  - [-] patches match what was proposed upstream
  - [-] patches correctly included in debian/patches/series
  - [-] patches have correct DEP3 metadata

* Build/Test:
  - [√] build is ok
  - [√] verified PPA package installs/uninstalls
  - [√] autopkgtest against the PPA package passes
  - [√] sanity checks test fine

Thanks for the MP, Christian.

Everything looks good. I built a local version of the patch successfully, installed it and everything worked OK.

review: Approve
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanks also LGTM ... uploading

To ssh://git.launchpad.net/~usd-import-team/ubuntu/+source/spice
 * [new tag] upload/0.14.3-2ubuntu1 -> upload/0.14.3-2ubuntu1

Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading spice_0.14.3-2ubuntu1.dsc: done.
  Uploading spice_0.14.3-2ubuntu1.debian.tar.xz: done.
  Uploading spice_0.14.3-2ubuntu1_source.buildinfo: done.
  Uploading spice_0.14.3-2ubuntu1_source.changes: done.
Successfully uploaded packages.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

This is in hirsute

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 8a23c9b..cb0d5a6 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,12 @@
6+spice (0.14.3-2ubuntu1) hirsute; urgency=medium
7+
8+ * Merge with Debian unstable (LP: #9999999). Remaining changes:
9+ - d/control: Don't recommend -libav gstreamer plugins since it is in
10+ universe. This now downgrades it to a suggest instead of completely
11+ removing the dependency.
12+
13+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 03 Nov 2020 13:07:45 +0100
14+
15 spice (0.14.3-2) unstable; urgency=medium
16
17 [ Christian Ehrhardt ]
18@@ -22,6 +31,40 @@ spice (0.14.3-2) unstable; urgency=medium
19
20 -- Michael Tokarev <mjt@tls.msk.ru> Thu, 29 Oct 2020 10:57:02 +0300
21
22+spice (0.14.3-1ubuntu2) groovy; urgency=medium
23+
24+ * SECURITY UPDATE: multiple buffer overflows in QUIC image decoding
25+ - debian/patches/CVE-2020-14355-1.patch: check we have some data to
26+ start decoding quic image in subprojects/spice-common/common/quic.c.
27+ - debian/patches/CVE-2020-14355-2.patch: check image size in
28+ quic_decode_begin in subprojects/spice-common/common/quic.c.
29+ - debian/patches/CVE-2020-14355-3.patch: check RLE lengths in
30+ subprojects/spice-common/common/quic_tmpl.c.
31+ - debian/patches/CVE-2020-14355-4.patch: avoid possible buffer overflow
32+ in find_bucket in subprojects/spice-common/common/quic_family_tmpl.c.
33+ - CVE-2020-14355
34+
35+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 01 Oct 2020 07:00:18 -0400
36+
37+spice (0.14.3-1ubuntu1) groovy; urgency=medium
38+
39+ * Merge with Debian unstable (LP: #1881093). Remaining changes:
40+ - d/control: Don't recommend -libav gstreamer plugins since it is in
41+ universe
42+ - make autopkgtests work again
43+ - d/t/automated-tests: spice-common moved into dir subprojects
44+ - d/t/automated-tests: option --enable-automated-tests now is always on
45+ - d/t/control: make tests more debuggable by allowing stderr
46+ - d/t/control: install new test dependency python-pil
47+ - d/t/regression-test.py, d/t/base_test.ppm: add file dropped in release
48+ tarball but needed for autopkgtests
49+ - d/source/include-binaries: allow binary base_test.ppm in package
50+ * Dropped changes
51+ - d/p/lp-1874054-*: fix rescaling and some crashes (LP: 1874054)
52+ [Upstream in 0.14.3]
53+
54+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Thu, 28 May 2020 11:56:04 +0200
55+
56 spice (0.14.3-1) unstable; urgency=medium
57
58 * new upstream version (Closes: #940057, #954629)
59@@ -33,6 +76,49 @@ spice (0.14.3-1) unstable; urgency=medium
60
61 -- Michael Tokarev <mjt@tls.msk.ru> Tue, 14 Apr 2020 16:55:25 +0300
62
63+spice (0.14.2-4ubuntu3) focal; urgency=medium
64+
65+ * d/p/lp-1874054-*: fix rescaling and some crashes (LP: #1874054)
66+
67+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 21 Apr 2020 14:05:18 +0200
68+
69+spice (0.14.2-4ubuntu2) focal; urgency=medium
70+
71+ * No-change rebuild for libgcc-s1 package name change.
72+
73+ -- Matthias Klose <doko@ubuntu.com> Mon, 23 Mar 2020 07:26:08 +0100
74+
75+spice (0.14.2-4ubuntu1) focal; urgency=medium
76+
77+ * Merge with Debian unstable (LP: #1852439). Remaining changes:
78+ - d/control: Don't recommend -libav gstreamer plugins since it is in
79+ universe
80+ - make autopkgtests work again
81+ - d/t/automated-tests: spice-common moved into dir subprojects
82+ - d/t/automated-tests: option --enable-automated-tests now is always on
83+ - d/t/control: make tests more debuggable by allowing stderr
84+ - d/t/control: install new test dependency python-pil
85+ - d/t/regression-test.py, d/t/base_test.ppm: add file dropped in release
86+ tarball but needed for autopkgtests
87+ - d/source/include-binaries: allow binary base_test.ppm in package
88+ * Added changes:
89+ - d/t/automated-tests, d/t/control: make autopkgtests python3 compatible
90+ * Dropped Changes (in Debian):
91+ - d/control: Don't recommend -ugly gstreamer plugins since it is in universe
92+ - d/patches: drop patches being upstream in 0.14.2
93+ - new upstream 0.14.2
94+ - disable failing test-listen
95+ - d/libspice-server1.symbols: update for new symbols in 14.2
96+ - d/p/fix-test-qxl-parsing-on-ppc64el-and-armhf.patch: avoid FTBFS due to
97+ different handling of high words for constants
98+ - d/control: bump build dependency to libspice-protocol-dev >=0.14.0
99+ * Dropped Changes (Upstream)
100+ - SECURITY UPDATE: Integer overflow and buffer overflow CVE-2017-12194
101+ - SECURITY UPDATE: Denial of service CVE-2018-10873
102+ - SECURITY UPDATE: off-by-one error in memslot_get_virt CVE-2019-3813
103+
104+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Wed, 13 Nov 2019 15:54:00 +0100
105+
106 spice (0.14.2-4) unstable; urgency=medium
107
108 * disable failing test-listen (Closes: #941006)
109@@ -80,6 +166,42 @@ spice (0.14.2-1) unstable; urgency=medium
110
111 -- Michael Tokarev <mjt@tls.msk.ru> Fri, 30 Aug 2019 13:54:00 +0300
112
113+spice (0.14.2-0ubuntu2) eoan; urgency=medium
114+
115+ * Fixup autpkgtest (LP: #1834286)
116+ These changes will make the test able to run again, but not output mismatch
117+ errors (this matches the behavior before 0.14.2). Upstream discussion
118+ started on how to resolve that as a next step, more details at the LP bug.
119+ - d/t/automated-tests: spice-common moved into dir subprojects
120+ - d/t/automated-tests: option --enable-automated-tests now is always on"
121+ - d/t/automated-tests, d/t/control: make tests more debuggable by allowing
122+ stderr
123+ - d/t/control: install new test dependency python-pil
124+ - d/t/base_test.ppm, d/t/regression-test.py: provide test resources from
125+ upstream git not part of the released tarball anymore
126+ - d/source/include-binaries: allow binary base_test.ppm in package
127+
128+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Tue, 25 Jun 2019 12:59:01 +0200
129+
130+spice (0.14.2-0ubuntu1) eoan; urgency=medium
131+
132+ * New upstream release
133+ Among many other fixes this will resolve (LP: #1814146)
134+ - d/p/disable-failing-test-listen.patch: disable new test that is
135+ unreliable in the build environment
136+ - d/patches: drop patches being upstream in 0.14.2
137+ + debian/patches/CVE-2017-12194-1.patch
138+ + debian/patches/CVE-2017-12194-2.patch
139+ + debian/patches/CVE-2017-12194-3.patch
140+ + debian/patches/CVE-2018-10873.patch
141+ + debian/patches/CVE-2019-3813.patch
142+ - d/libspice-server1.symbols: update for new symbols in 14.2
143+ - d/p/fix-test-qxl-parsing-on-ppc64el-and-armhf.patch: avoid FTBFS due
144+ to different handling of high words for constants
145+ - d/control: bump build dependency to libspice-protocol-dev >=0.14.0
146+
147+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Fri, 24 May 2019 12:27:26 +0200
148+
149 spice (0.14.0-1.3) unstable; urgency=medium
150
151 * Non-maintainer upload.
152@@ -102,6 +224,52 @@ spice (0.14.0-1.1) unstable; urgency=medium
153
154 -- Salvatore Bonaccorso <carnil@debian.org> Sat, 15 Sep 2018 09:15:28 +0200
155
156+spice (0.14.0-1ubuntu5) disco; urgency=medium
157+
158+ * SECURITY UPDATE: off-by-one error in memslot_get_virt
159+ - debian/patches/CVE-2019-3813.patch: fix checks in server/memslot.c,
160+ add tests to server/tests/test-qxl-parsing.c.
161+ - CVE-2019-3813
162+ * debian/tests/automated-tests: fix incorrect test name, don't fail on
163+ build writing to stderr.
164+
165+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 24 Jan 2019 08:58:10 -0500
166+
167+spice (0.14.0-1ubuntu4) cosmic; urgency=medium
168+
169+ * SECURITY UPDATE: Denial of service
170+ - debian/patches/CVE-2018-10873.patch: fix in
171+ spice-common/python_modules/demarshal.py,
172+ - CVE-2018-10873
173+
174+ -- Leonidas S. Barbosa <leo.barbosa@canonical.com> Mon, 20 Aug 2018 13:26:02 -0300
175+
176+spice (0.14.0-1ubuntu3) cosmic; urgency=medium
177+
178+ * SECURITY UPDATE: Integer overflow and buffer overflow
179+ - debian/patches/CVE-2017-12194-1.patch: fix a integer overflow
180+ computing sizes in spice-common/python_modules/demarshal.py.
181+ - debian/patches/CVE-2017-12194-2.patch: avoid integer overflow
182+ in spice-common/python_modules/demarshal.py,
183+ spice-common/python_modules/marshal.py.
184+ - debian/patches/CVE-2017-12194-3.patch: add tests to verify fix.
185+ - CVE-2017-12194
186+
187+ -- Leonidas S. Barbosa <leo.barbosa@canonical.com> Tue, 22 May 2018 14:53:01 -0300
188+
189+spice (0.14.0-1ubuntu2) bionic; urgency=high
190+
191+ * No change rebuild against openssl1.1.
192+
193+ -- Dimitri John Ledkov <xnox@ubuntu.com> Tue, 06 Feb 2018 17:55:31 +0000
194+
195+spice (0.14.0-1ubuntu1) bionic; urgency=medium
196+
197+ * Don't recommend -ugly or -libav gstreamer plugins since they
198+ are in universe
199+
200+ -- Jeremy Bicha <jbicha@ubuntu.com> Wed, 01 Nov 2017 21:55:03 -0400
201+
202 spice (0.14.0-1) unstable; urgency=medium
203
204 * New upstream release
205diff --git a/debian/control b/debian/control
206index d31bb2c..9813c7d 100644
207--- a/debian/control
208+++ b/debian/control
209@@ -1,7 +1,8 @@
210 Source: spice
211 Section: misc
212 Priority: optional
213-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
214+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
215+XSBC-Original-Maintainer: Debian QEMU Team <pkg-qemu-devel@lists.alioth.debian.org>
216 Uploaders: Michael Tokarev <mjt@tls.msk.ru>
217 Build-Depends:
218 debhelper-compat (= 12),
219@@ -39,10 +40,10 @@ Multi-Arch: same
220 Pre-Depends: ${misc:Pre-Depends}
221 Depends: ${misc:Depends}, ${shlibs:Depends}
222 Recommends:
223- gstreamer1.0-libav,
224 gstreamer1.0-plugins-base,
225 gstreamer1.0-plugins-good,
226 Suggests:
227+ gstreamer1.0-libav,
228 gstreamer1.0-plugins-ugly,
229 Description: Implements the server side of the SPICE protocol
230 The Simple Protocol for Independent Computing Environments (SPICE) is

Subscribers

People subscribed via source and target branches