On Thu, Feb 01, 2024 at 05:41:19PM +0530, Utkarsh Gupta wrote: > On Thu, Feb 1, 2024 at 1:44 AM Colin Watson <cjwat...@debian.org> wrote: > > I'm both the Debian and upstream maintainer of man-db. I'm considering > > uploading some variation of the attached diff to buster-security LTS. > > They're adjustments to hardening arrangements, so they do have some > > security relevance, although I'm aware they aren't really security fixes > > as such; nevertheless, I'd like to make these changes since it's better > > than having people get into the habit of disabling hardening measures > > that get in their way. > > > > Would anyone like to review this? FWIW, my assessment is that these > > changes are low-risk in terms of regression potential, since they just > > add a couple of extra entries to existing rulesets and so shouldn't > > disallow anything that's currently allowed. > > Whilst the debdiff looks good, I see that you haven't unaplied the > patch as I can still see changes in lib/sandbox.c in the diff. I am > hoping that's what has happened.
That's just the effect of me using "git diff" to simulate debdiff when also using git-dpm, which maintains the git working tree in a patches-applied state. Sorry for the confusion. > The changelog entry timestamp also might need a refresh. It says - > Sat, 31 Aug 2019. :) Oh yeah, I queued up the first of those two patches a long time ago and then never got round to organizing an actual stable update for it. :-) I'll run "dch -r" before uploading, of course. > Other than the above two points, it looks good, please go ahead. Thanks, will do. -- Colin Watson (he/him) [cjwat...@debian.org]
