Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: python-django-image...@packages.debian.org, sanv...@debian.org
Control: affects -1 + src:python-django-imagekit

[ Reason ]
This release fixes Bug #991650 FTBFS because of failing tests.

[ Impact ]
Anybody trying to build the package from source will get a build error.

[ Tests ]
I've checked that the package builds again after the fix.

[ Risks ]
Low risk. The patch was already tested in the unstable of the time.
There are no real code changes in the program itself, only
in one of the tests.

[ Checklist ]
  [X] *all* changes are documented in the d/changelog
  [X] I reviewed all changes and I approve them
  [X] attach debdiff against the package in (old)stable
  [X] the issue is verified as fixed in unstable

[ Changes ]
Minor change to tests/test_sourcegroups.py so that it works again.

[ Other info ]
I've already made the upload.
diff -Nru python-django-imagekit-4.0.2/debian/changelog 
python-django-imagekit-4.0.2/debian/changelog
--- python-django-imagekit-4.0.2/debian/changelog       2020-02-23 
16:33:44.000000000 +0100
+++ python-django-imagekit-4.0.2/debian/changelog       2023-12-12 
23:00:00.000000000 +0100
@@ -1,3 +1,12 @@
+python-django-imagekit (4.0.2-3+deb11u1) bullseye; urgency=medium
+
+  * Team upload.
+  [ Michael Fladischer ]
+  * Add patch to avoid triggering path traversal detection in tests.
+    Closes: #991650.
+
+ -- Santiago Vila <sanv...@debian.org>  Tue, 12 Dec 2023 23:00:00 +0100
+
 python-django-imagekit (4.0.2-3) unstable; urgency=medium
 
   [ Ondřej Nový ]
diff -Nru python-django-imagekit-4.0.2/debian/gbp.conf 
python-django-imagekit-4.0.2/debian/gbp.conf
--- python-django-imagekit-4.0.2/debian/gbp.conf        2020-02-23 
16:33:44.000000000 +0100
+++ python-django-imagekit-4.0.2/debian/gbp.conf        2023-12-12 
22:53:34.000000000 +0100
@@ -1,2 +1,2 @@
 [DEFAULT]
-debian-branch=debian/master
+debian-branch=debian/bullseye
diff -Nru 
python-django-imagekit-4.0.2/debian/patches/0005-Set-filename-in-tests-to-avoid-path-traversal-detect.patch
 
python-django-imagekit-4.0.2/debian/patches/0005-Set-filename-in-tests-to-avoid-path-traversal-detect.patch
--- 
python-django-imagekit-4.0.2/debian/patches/0005-Set-filename-in-tests-to-avoid-path-traversal-detect.patch
 1970-01-01 01:00:00.000000000 +0100
+++ 
python-django-imagekit-4.0.2/debian/patches/0005-Set-filename-in-tests-to-avoid-path-traversal-detect.patch
 2023-12-12 22:55:32.000000000 +0100
@@ -0,0 +1,29 @@
+From: Michael Fladischer <fladischermich...@fladi.at>
+Date: Sun, 31 Oct 2021 20:48:19 +0000
+Subject: Set filename in tests to avoid path traversal detection (Closes:
+ #991650).
+
+---
+ tests/test_sourcegroups.py | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/tests/test_sourcegroups.py b/tests/test_sourcegroups.py
+index c69b11f..416b964 100644
+--- a/tests/test_sourcegroups.py
++++ b/tests/test_sourcegroups.py
+@@ -23,7 +23,7 @@ def test_source_saved_signal():
+     source_group = ImageFieldSourceGroup(ImageModel, 'image')
+     receiver = make_counting_receiver(source_group)
+     source_saved.connect(receiver)
+-    ImageModel.objects.create(image=File(get_image_file()))
++    ImageModel.objects.create(image=File(get_image_file(), 
name='reference.png'))
+     eq_(receiver.count, 1)
+ 
+ 
+@@ -51,5 +51,5 @@ def test_abstract_model_signals():
+     source_group = ImageFieldSourceGroup(AbstractImageModel, 'original_image')
+     receiver = make_counting_receiver(source_group)
+     source_saved.connect(receiver)
+-    ConcreteImageModel.objects.create(original_image=File(get_image_file()))
++    ConcreteImageModel.objects.create(original_image=File(get_image_file(), 
name='reference.png'))
+     eq_(receiver.count, 1)
diff -Nru python-django-imagekit-4.0.2/debian/patches/series 
python-django-imagekit-4.0.2/debian/patches/series
--- python-django-imagekit-4.0.2/debian/patches/series  2020-02-23 
16:33:44.000000000 +0100
+++ python-django-imagekit-4.0.2/debian/patches/series  2023-12-12 
22:55:32.000000000 +0100
@@ -2,3 +2,4 @@
 0002-Disable-usage-of-nose-progressive-as-it-has-not-been.patch
 0003-Disable-build-status-image-to-prevent-privacy-breach.patch
 0004-Do-not-check-for-existence-if-name-is-None-Closes-95.patch
+0005-Set-filename-in-tests-to-avoid-path-traversal-detect.patch

Reply via email to