One finding so far Logical LGTM when reading and on comparison $ git diff sergiodj/logical/5.2-1ubuntu5..pkg/ubuntu/kinetic-devel | diffstat changelog | 689 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ control | 3 2 files changed, 691 insertions(+), 1 deletion(-) Comparing changelog to git range-diff sergiodj/old/debian..sergiodj/logical/5.2-1ubuntu5 sergiodj/new/debian..f5afde0918221ef801fed0e08b0731d4bb77a2c6 1: e8aa00ea58 = 1: b61bbdbef6 - d/usr.sbin.squid: Add sections for squid-deb-proxy and squidguard => equal and in changelog 2: 37cc10db0e ! 2: 5fcec25f2e - d/p/90-cf.data.ubuntu.patch: Add refresh patterns for deb packaging => just noise in d/p/series and in changelog 3: 7caf6552cf ! 3: 796331ccb0 - Use snakeoil certificates: + d/control: add ssl-cert to dependencies + d/p/99-ubuntu-ssl-cert-snakeoil.patch: add a note about ssl to => had noise anyway and needed to be refreshed, done so with better quilt config and in changelog 4: 3de0e9ea5f = 4: 9f67994339 - d/rules, d/NEWS: drop the NIS basic auth helper (LP: #1895694) => equal and in changelog 5: de801abcee ! 5: b5a471d3d0 - Fix FTBFS with GCC 11 (LP: #1939352) + d/p/expand-max-pkt-sz-accomodate-icmphdr.patch: Expand MAX_PKT{4,6}_SZ to accomodate for icmp{,6_}hd => partially dropped as it is upstream, correct to do so xxx => But I miss mentioning now dropping d/p/workaround-gcc11-wstringop-overread-bug.patch in changelog (easy to fix for you) xxx 6: 32bdc5f5d6 < -: ---------- * Fix FTBFS with OpenSSL 3.0 (LP: #1946205). The following new patches have been added: - d/p/openssl3-Declaration-of-CRYPTO_EX_dup-changed-again-in-3.0.patch. - d/p/openssl3-Detect-and-default-enable-OpenSSL-3.patch. - d/p/openssl3-Fix-EVP_PKEY_get0_RSA-is-deprecated.patch. - d/p/openssl3-Initial-DH-conversion-to-EVP_PKEY.patch. - d/p/openssl3-Refactor-Ssl-createSslPrivateKey.patch. - d/p/openssl3-Remove-stale-TODO-and-comment.patch. - d/p/openssl3-SSL_OP_-macro-definitions-changed-in-3.0.patch. - d/p/openssl3-Switch-to-BN_rand.patch. - d/p/openssl3-TODO-Upgrade-API-calls-verifying-loaded-DH-params-fi.patch. - d/p/openssl3-Tweak-RSA-key-generator.patch. - d/p/openssl3-Update-ECDH-key-settings.patch. - d/p/openssl3-Update-license-disclaimer.patch. 7: 1bbcea11c5 < -: ---------- * Do not enable openssl as a default. This hinders packaging since we ship squid in two different flavours (gnutls and openssl). Drop d/p/openssl3-Detect-and-default-enable-OpenSSL-3.patch. (LP: #1968200) 8: 8573392502 < -: ---------- * SECURITY UPDATE: Denial of Service in Gopher Processing - debian/patches/CVE-2021-46784.patch: improve handling of Gopher responses in src/gopher.cc. -: ---------- > 6: 91eb5d18f2 * Drop changes: - Fix FTBFS with OpenSSL 3.0 (LP: #1946205). The following new patches have been added: + d/p/openssl3-Declaration-of-CRYPTO_EX_dup-changed-again-in-3.0.patch. + d/p/openssl3-Detect-and-default-enable-OpenSSL-3.patch. + d/p/openssl3-Fix-EVP_PKEY_get0_RSA-is-deprecated.patch. + d/p/openssl3-Initial-DH-conversion-to-EVP_PKEY.patch. + d/p/openssl3-Refactor-Ssl-createSslPrivateKey.patch. + d/p/openssl3-Remove-stale-TODO-and-comment.patch. + d/p/openssl3-SSL_OP_-macro-definitions-changed-in-3.0.patch. + d/p/openssl3-Switch-to-BN_rand.patch. + d/p/openssl3-TODO-Upgrade-API-calls-verifying-loaded-DH-params-fi.patch. + d/p/openssl3-Tweak-RSA-key-generator.patch. + d/p/openssl3-Update-ECDH-key-settings.patch. + d/p/openssl3-Update-license-disclaimer.patch. [ Incorporated by Debian. ] -: ---------- > 7: 657653cd79 - SECURITY UPDATE: Denial of Service in Gopher Processing + debian/patches/CVE-2021-46784.patch: improve handling of Gopher responses in src/gopher.cc. [ Incorporated by upstream. ] -: ---------- > 8: f5afde0918 * Add changes: - d/p/0009-Fix-Werror-alloc-size-larger-than-on-GCC-12.patch: Fix FTBFS due to -Werror=alloc-size-larger-than on GCC 12. [ Forwarded upstream ] => all drops seem correct and are mentioned