← Back to team overview

touch-packages team mailing list archive

[Bug 1352438] [NEW] Sync krb5 1.12.1+dfsg-6 (main) from Debian unstable (main)

 

Public bug reported:

Please sync krb5 1.12.1+dfsg-6 (main) from Debian unstable (main)

Explanation of the Ubuntu delta and why it can be dropped:
  * Merge from Debian unstable.  Remaining changes:
    - debian/rules: force -O2 to work around build failure with -O3
      on ppc64el (see

The reason the package does not build with -O3 is that at -O3 gcc detects some potentially uninitialized variables.
Gcc seems to be incorrect about this, but I've included debian-local/0018-Quick-and-dirty-fix-to-building-O3.patch
to initialize these variables.
With this patch the package builds -O3 and so the delta can be dropped.

I'd like to get the changes into utopic to fix LP: 1347147 and to
include the CVE fixes.


Changelog entries since current utopic version 1.12.1+dfsg-3ubuntu1:

krb5 (1.12.1+dfsg-6) unstable; urgency=medium

  [ Benjamin Kaduk ]
  * Apply upstream's patch to switch to TAILQ macros instead of CIRCLEQ macros,
    to work around an issue with certain gcc versions.  This is expected to
    resolve Ubuntu bug (LP: #1347147).

  [ Sam Hartman ]
  * Include a quick and dirty patch so we build cleanly with -O3 fixing
    incorrect may be uninitialized warnings.

 -- Benjamin Kaduk <kaduk@xxxxxxx>  Tue, 29 Jul 2014 17:05:37 -0400

krb5 (1.12.1+dfsg-5) unstable; urgency=high

  * Apply upstream patches for CVE-2014-4343, CVE-2014-4344, Closes: #755520,
    Closes: #755521

 -- Benjamin Kaduk <kaduk@xxxxxxx>  Mon, 21 Jul 2014 17:27:10 -0400

krb5 (1.12.1+dfsg-4) unstable; urgency=high

  * Apply upstream patch for CVE-2014-4341, CVE-2014-4342, Closes: #753624,
    Closes: #753625

 -- Benjamin Kaduk <kaduk@xxxxxxx>  Fri, 11 Jul 2014 13:43:19 -0400

** Affects: krb5 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1352438

Title:
  Sync krb5 1.12.1+dfsg-6 (main) from Debian unstable (main)

Status in “krb5” package in Ubuntu:
  New

Bug description:
  Please sync krb5 1.12.1+dfsg-6 (main) from Debian unstable (main)

  Explanation of the Ubuntu delta and why it can be dropped:
    * Merge from Debian unstable.  Remaining changes:
      - debian/rules: force -O2 to work around build failure with -O3
        on ppc64el (see

  The reason the package does not build with -O3 is that at -O3 gcc detects some potentially uninitialized variables.
  Gcc seems to be incorrect about this, but I've included debian-local/0018-Quick-and-dirty-fix-to-building-O3.patch
  to initialize these variables.
  With this patch the package builds -O3 and so the delta can be dropped.

  I'd like to get the changes into utopic to fix LP: 1347147 and to
  include the CVE fixes.

  
  Changelog entries since current utopic version 1.12.1+dfsg-3ubuntu1:

  krb5 (1.12.1+dfsg-6) unstable; urgency=medium

    [ Benjamin Kaduk ]
    * Apply upstream's patch to switch to TAILQ macros instead of CIRCLEQ macros,
      to work around an issue with certain gcc versions.  This is expected to
      resolve Ubuntu bug (LP: #1347147).

    [ Sam Hartman ]
    * Include a quick and dirty patch so we build cleanly with -O3 fixing
      incorrect may be uninitialized warnings.

   -- Benjamin Kaduk <kaduk@xxxxxxx>  Tue, 29 Jul 2014 17:05:37 -0400

  krb5 (1.12.1+dfsg-5) unstable; urgency=high

    * Apply upstream patches for CVE-2014-4343, CVE-2014-4344, Closes: #755520,
      Closes: #755521

   -- Benjamin Kaduk <kaduk@xxxxxxx>  Mon, 21 Jul 2014 17:27:10 -0400

  krb5 (1.12.1+dfsg-4) unstable; urgency=high

    * Apply upstream patch for CVE-2014-4341, CVE-2014-4342, Closes: #753624,
      Closes: #753625

   -- Benjamin Kaduk <kaduk@xxxxxxx>  Fri, 11 Jul 2014 13:43:19 -0400

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1352438/+subscriptions


Follow ups

References