Merge ~pushkarnk/ubuntu/+source/cura-engine:merge-2089724-cura-engine into ubuntu/+source/cura-engine:debian/sid

Proposed by Pushkar Kulkarni
Status: Needs review
Proposed branch: ~pushkarnk/ubuntu/+source/cura-engine:merge-2089724-cura-engine
Merge into: ubuntu/+source/cura-engine:debian/sid
Diff against target: 93 lines (+52/-1)
4 files modified
debian/changelog (+26/-0)
debian/control (+2/-1)
debian/patches/0018-fix-buffer-overflow.patch (+23/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
Simon Quigley (community) Needs Information
git-ubuntu import Pending
Review via email: mp+477304@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Pushkar Kulkarni (pushkarnk) wrote :

I did a test build in ppa:pushkarnk/plusone and here are the autopkgtest results

* Results:
  - cura-engine: plucky/cura-engine/1:5.0.0-5ubuntu1 [amd64]
    + ✅ cura-engine on plucky for amd64 @ 28.11.24 04:57:13
      • Log: https://autopkgtest.ubuntu.com/results/autopkgtest-plucky-pushkarnk-plusone/plucky/amd64/c/cura-engine/20241128_045713_3c135@/log.gz
  - cura-engine: plucky/cura-engine/1:5.0.0-5ubuntu1 [arm64]
    + ✅ cura-engine on plucky for arm64 @ 28.11.24 04:57:15
      • Log: https://autopkgtest.ubuntu.com/results/autopkgtest-plucky-pushkarnk-plusone/plucky/arm64/c/cura-engine/20241128_045715_e3178@/log.gz
  - cura-engine: plucky/cura-engine/1:5.0.0-5ubuntu1 [armhf]
    + ✅ cura-engine on plucky for armhf @ 28.11.24 04:44:03
      • Log: https://autopkgtest.ubuntu.com/results/autopkgtest-plucky-pushkarnk-plusone/plucky/armhf/c/cura-engine/20241128_044403_16df9@/log.gz
  - cura-engine: plucky/cura-engine/1:5.0.0-5ubuntu1 [ppc64el]
    + ✅ cura-engine on plucky for ppc64el @ 28.11.24 05:12:37
      • Log: https://autopkgtest.ubuntu.com/results/autopkgtest-plucky-pushkarnk-plusone/plucky/ppc64el/c/cura-engine/20241128_051237_283c3@/log.gz
  - cura-engine: plucky/cura-engine/1:5.0.0-5ubuntu1 [s390x]
    + ✅ cura-engine on plucky for s390x @ 28.11.24 04:41:41
      • Log: https://autopkgtest.ubuntu.com/results/autopkgtest-plucky-pushkarnk-plusone/plucky/s390x/c/cura-engine/20241128_044141_17148@/log.gz

Revision history for this message
Simon Quigley (tsimonq2) :
review: Needs Information

Unmerged commits

1feeae4... by Pushkar Kulkarni

update changelog

44aa08b... by Pushkar Kulkarni

update-maintainer

f618ab7... by Pushkar Kulkarni

reconstruct-changelog

0d94427... by Pushkar Kulkarni

merge-changelogs

d5f64b8... by Pushkar Kulkarni

Add a patch to fix a buffer overflow

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index 6c39554..25287bb 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,10 @@
6+cura-engine (1:5.0.0-5ubuntu1) plucky; urgency=medium
7+
8+ * Merge with Debian unstable (LP: #2089724). Remaining changes:
9+ - Add a patch to fix a buffer overflow
10+
11+ -- Pushkar Kulkarni <pushkar.kulkarni@canonical.com> Wed, 27 Nov 2024 11:08:00 +0530
12+
13 cura-engine (1:5.0.0-5) unstable; urgency=medium
14
15 * Replace deprecated pkg-config dependency.
16@@ -6,6 +13,25 @@ cura-engine (1:5.0.0-5) unstable; urgency=medium
17
18 -- Gregor Riepl <onitake@gmail.com> Tue, 30 Jul 2024 20:25:00 +0300
19
20+cura-engine (1:5.0.0-4ubuntu1) oracular; urgency=medium
21+
22+ * d/patches: Add patch to fix a buffer overflow
23+ (LP: #2059171)
24+
25+ -- Pushkar Kulkarni <pushkar.kulkarni@canonical.com> Thu, 27 Jun 2024 14:24:41 +0530
26+
27+cura-engine (1:5.0.0-4build2) noble; urgency=medium
28+
29+ * No-change rebuild for CVE-2024-3094
30+
31+ -- William Grant <wgrant@ubuntu.com> Mon, 01 Apr 2024 16:44:34 +1100
32+
33+cura-engine (1:5.0.0-4build1) noble; urgency=high
34+
35+ * No change rebuild against libprotobuf32t64.
36+
37+ -- Julian Andres Klode <juliank@ubuntu.com> Fri, 22 Mar 2024 16:38:23 +0100
38+
39 cura-engine (1:5.0.0-4) unstable; urgency=medium
40
41 * Fix failing unit test. Closes: #1040252
42diff --git a/debian/control b/debian/control
43index 98c84e6..eab2c10 100644
44--- a/debian/control
45+++ b/debian/control
46@@ -1,6 +1,7 @@
47 Source: cura-engine
48 Priority: optional
49-Maintainer: Debian 3-D Printing Packages <3dprinter-general@lists.alioth.debian.org>
50+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
51+XSBC-Original-Maintainer: Debian 3-D Printing Packages <3dprinter-general@lists.alioth.debian.org>
52 Uploaders: Gregor Riepl <onitake@gmail.com>,
53 Christoph Berg <myon@debian.org>,
54 Build-Depends: debhelper-compat (= 12), cmake,
55diff --git a/debian/patches/0018-fix-buffer-overflow.patch b/debian/patches/0018-fix-buffer-overflow.patch
56new file mode 100644
57index 0000000..57eef7a
58--- /dev/null
59+++ b/debian/patches/0018-fix-buffer-overflow.patch
60@@ -0,0 +1,23 @@
61+Description: Fixes a buffer-overflow in strcpy() because the
62+ destination buffer does not have space to accommodate
63+ the null character. This patch is irrelevant to the latest
64+ upstream.
65+Forwarded: not-needed
66+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/cura-engine/+bug/2059171
67+Author: Pushkar Kulkarni <pushkar.kulkarni@canonical.com>
68+--- a/src/utils/getpath.cpp
69++++ b/src/utils/getpath.cpp
70+@@ -28,10 +28,10 @@
71+ DWORD dir_path_size = path_size - (path_size - (file_name_start - buffer));
72+ std::string folder_name{buffer, dir_path_size};
73+ #else
74+- char buffer[filePath.size()];
75++ char buffer[filePath.size()+1];
76+ std::strcpy(buffer, filePath.c_str()); // copy the string because dirname(.) changes the input string!!!
77+ std::string folder_name{dirname(buffer)};
78+ #endif
79+ return folder_name;
80+ }
81+-}
82+\ No newline at end of file
83++}
84diff --git a/debian/patches/series b/debian/patches/series
85index e1f132a..e910154 100644
86--- a/debian/patches/series
87+++ b/debian/patches/series
88@@ -14,4 +14,5 @@
89 0015-Add-missing-cstdint.patch
90 0016-Use-leaf-settings-in-favor-of-adhesion_extruder_nr.patch
91 0017-Round-from-double-to-cInt-explicitly-when-applying-m.patch
92+0018-fix-buffer-overflow.patch
93 1001-fix-setprecision-header.patch

Subscribers

People subscribed via source and target branches