Package: sponsorship-requests Severity: important Control: block 851066 by -1 Control: block 889804 by -1
Dear mentors, I'm looking for a sponsor for an NMU of flashplugin-nonfree, which fixes some old bugs making the downloader unusable since at least January 2017[1]. The maintainer (Bart Martens) has not responded to that bug at all, nor has anyone replied to the intent to NMU that I posted last week[2]. This upload includes a patch from Gianluigi Tiesi which removes all references to Bart's people.debian.org page, which has not seen any updates during his apparent absence. These include tarball checksum and GPG verification checks via his site that are *removed* since Adobe doesn't seem to provide them (instead, they rely on HTTPS). [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851066 [2]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851066;msg=127 At the same time, I've also included changes to fix some trivial but non-RC bugs[3][4]. [3]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862144 [4]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885119 The source of the package is available at mentors[5] as well as Salsa[6] - note that the current package in unstable never defined a Vcs, so I'm only using the latter so far as tracking for these fixes. [5]: https://mentors.debian.net/package/flashplugin-nonfree [6]: https://salsa.debian.org/jlu-guest/flashplugin-nonfree/ A debdiff (as of writing) is attached, which should be equivalent to the Salsa diff https://salsa.debian.org/jlu-guest/flashplugin-nonfree/compare/f9cdfd78a...master The RFS info: * Package name : flashplugin-nonfree Version : 1:3.7+nmu1 Upstream Author : Bart Martens <ba...@debian.org> * URL : http://wiki.debian.org/FlashPlayer * License : GPL-2 Section : web Full changelog: flashplugin-nonfree (1:3.7+nmu1) unstable; urgency=medium * Non-maintainer upload. * Remove broken references to https://people.debian.org/~bartm/; patch from Gianluigi Tiesi (Closes: #851066, #889804, #884262) - This removes checksum verification of the Flash tarballs and PGP validation of get-upstream-version.pl, which were previously provided by that site. - It also rewrites the upstream version parsing to fetch from Adobe directly. - Remaining changes to this patch: don't use --no-check-certificate with wget * Add Recommends: libwebkit2gtk-4.0-37-gtk2. (Closes: #862144) * Remove remaining calls to gpg and the dependency on gnupg. (Closes: #885119) -- James Lu <ja...@overdrivenetworks.com> Fri, 22 Jun 2018 16:27:56 -0700 Best, James
diff -Nru flashplugin-nonfree-3.7/debian/changelog flashplugin-nonfree-3.7+nmu1/debian/changelog --- flashplugin-nonfree-3.7/debian/changelog 2016-08-03 22:49:06.000000000 -0700 +++ flashplugin-nonfree-3.7+nmu1/debian/changelog 2018-06-22 16:27:56.000000000 -0700 @@ -1,3 +1,21 @@ +flashplugin-nonfree (1:3.7+nmu1) unstable; urgency=medium + + * Non-maintainer upload. + * Remove broken references to https://people.debian.org/~bartm/; patch from + Gianluigi Tiesi (Closes: #851066, #889804, #884262) + - This removes checksum verification of the Flash tarballs and PGP + validation of get-upstream-version.pl, which were previously provided by + that site. + - It also rewrites the upstream version parsing to fetch from Adobe + directly. + - Remaining changes to this patch: don't use --no-check-certificate + with wget + * Add Recommends: libwebkit2gtk-4.0-37-gtk2. (Closes: #862144) + * Remove remaining calls to gpg and the dependency on gnupg. + (Closes: #885119) + + -- James Lu <ja...@overdrivenetworks.com> Fri, 22 Jun 2018 16:27:56 -0700 + flashplugin-nonfree (1:3.7) unstable; urgency=medium * update-flashplugin-nonfree: Delete old cached get-upstream-version.pl. diff -Nru flashplugin-nonfree-3.7/debian/control flashplugin-nonfree-3.7+nmu1/debian/control --- flashplugin-nonfree-3.7/debian/control 2016-08-03 22:49:06.000000000 -0700 +++ flashplugin-nonfree-3.7+nmu1/debian/control 2018-06-22 15:45:59.000000000 -0700 @@ -8,7 +8,8 @@ Package: flashplugin-nonfree Architecture: i386 amd64 -Depends: debconf | debconf-2.0, wget, gnupg | gnupg2, libatk1.0-0, libcairo2, libfontconfig1, libfreetype6, libgcc1, libglib2.0-0, libgtk2.0-0 (>= 2.14), libnspr4, libnss3, libpango1.0-0, libstdc++6, libx11-6, libxext6, libxt6, libcurl3-gnutls, binutils, ${misc:Depends}, ${shlibs:Depends} +Depends: debconf | debconf-2.0, wget, libatk1.0-0, libcairo2, libfontconfig1, libfreetype6, libgcc1, libglib2.0-0, libgtk2.0-0 (>= 2.14), libnspr4, libnss3, libpango1.0-0, libstdc++6, libx11-6, libxext6, libxt6, libcurl3-gnutls, binutils, ${misc:Depends}, ${shlibs:Depends} +Recommends: libwebkit2gtk-4.0-37-gtk2 Pre-Depends: ca-certificates Suggests: iceweasel, firefox-esr, konqueror-nsplugins, ttf-mscorefonts-installer, fonts-dejavu, ttf-xfree86-nonfree, flashplugin-nonfree-extrasound [i386], hal-flash Conflicts: flashplugin (<< 6), xfs (<< 1:1.0.1-5), flashplayer-mozilla, libflash-mozplugin diff -Nru flashplugin-nonfree-3.7/update-flashplugin-nonfree flashplugin-nonfree-3.7+nmu1/update-flashplugin-nonfree --- flashplugin-nonfree-3.7/update-flashplugin-nonfree 2016-08-03 22:49:06.000000000 -0700 +++ flashplugin-nonfree-3.7+nmu1/update-flashplugin-nonfree 2018-06-22 16:27:56.000000000 -0700 @@ -167,10 +167,6 @@ wgetalways=' -nd -P . ' wgetprogress=' -v --progress=dot:default ' -[ "$verbose" != "yes" ] || echo "importing public key ..." -gpg -q --homedir "." --import /usr/lib/flashplugin-nonfree/pubkey.asc > /dev/null 2>&1 \ - || die_hard_with_a_cleanup "gpg failed to import /usr/lib/flashplugin-nonfree/pubkey.asc" - get_installed_version() { installed=`strings /usr/lib/flashplugin-nonfree/libflashplayer.so 2> /dev/null | grep LNX | cut -d ' ' -f 2 | sed -e "s/,/./g"` @@ -181,51 +177,10 @@ arch_wget=i686 [ `dpkg --print-architecture` != "amd64" ] || arch_wget=x86_64 - upstream="" - - if [ -f $cachedir/get-upstream-version.pl ] - then - if [ "`stat --format=%y $cachedir/get-upstream-version.pl`" \< "2016-08-04 09:35" ] - then - [ "$verbose" != "yes" ] || echo "deleting old $cachedir/get-upstream-version.pl" - rm $cachedir/get-upstream-version.pl - fi - fi - - if [ -f $cachedir/get-upstream-version.pl ] - then - cp $cachedir/get-upstream-version.pl . - upstream=`perl get-upstream-version.pl $arch_wget 2> /dev/null` || true - - if [ "$upstream" = "" ] - then - rm -f get-upstream-version.pl - rm -f $cachedir/get-upstream-version.pl - fi - fi - - if [ "$upstream" = "" ] - then - wgetoptions="$wgetquiet $wgetalways" - downloadurl=http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/get-upstream-version.pl.gz.pgp - - HOME=/root \ - wget $wgetoptions $downloadurl \ - || die_hard_with_a_cleanup "wget failed to download $downloadurl" - - gpg -q --homedir "." --verify get-upstream-version.pl.gz.pgp 2> /dev/null \ - || die_hard_with_a_cleanup "gpg rejected signature of get-upstream-version.pl.gz.pgp" - gpg -q --homedir "." < get-upstream-version.pl.gz.pgp > get-upstream-version.pl.gz 2> /dev/null \ - || die_hard_with_a_cleanup "gpg rejected signature of get-upstream-version.pl.gz.pgp" - - gunzip get-upstream-version.pl.gz \ - || die_hard_with_a_cleanup "failed to gunzip get-upstream-version.pl.gz" - - upstream=`perl get-upstream-version.pl $arch_wget` \ - || die_hard_with_a_cleanup "failed to get upstream version" - - cp get-upstream-version.pl $cachedir - fi + url="https://get.adobe.com/flashplayer/"; + upstream=`wget --tries=1 --timeout=15 \ + --user-agent="Mozilla/5.0 (X11; U; Linux $arch_wget; en-us)" \ + -nv -qO - $url | perl -n -e'/<strong>Version\s+(\d+\.\d+\.\d+\.\d+)<\/strong>/ && print $1'` } remove_extrafiles() { @@ -287,30 +242,11 @@ [ "$fast" != "yes" ] || wgetoptions="$wgetoptions $wgetfast" [ "$verbose" != "yes" ] || echo "wgetoptions=$wgetoptions" - downloadfile=fp.$upstream.sha512.i386.pgp.asc - [ `dpkg --print-architecture` != "amd64" ] || downloadfile=fp.$upstream.sha512.amd64.pgp.asc - downloadurl=http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/$downloadfile - - [ "$verbose" != "yes" ] || echo "downloading $downloadurl ..." - HOME=/root \ - wget $wgetoptions $downloadurl \ - || die_hard_with_a_cleanup "wget failed to download $downloadurl" - - [ "$verbose" != "yes" ] || echo "verifying PGP $downloadfile ..." - gpg -q --homedir "." --verify $downloadfile 2> /dev/null \ - || die_hard_with_a_cleanup "gpg rejected signature of $downloadurl" - gpg -q --homedir "." < $downloadfile > checksums.txt 2> /dev/null \ - || die_hard_with_a_cleanup "gpg rejected signature of $downloadurl" - - downloadfile=`head -n 1 < checksums.txt | cut -c 131-` - - [ "$verbose" != "yes" ] || [ ! -f $cachedir/$downloadfile ] || echo "copying $cachedir/$downloadfile ..." - [ ! -f $cachedir/$downloadfile ] || cp -p $cachedir/$downloadfile . - [ "$verbose" != "yes" ] || [ ! -f $downloadfile ] || echo "verifying checksum $downloadfile ..." - [ ! -f $downloadfile ] || grep $downloadfile checksums.txt | sha512sum -c - > /dev/null 2>&1 || rm -f $downloadfile - - downloaddir=`tail -n 1 < checksums.txt` - downloadurl=$downloaddir/$downloadfile + # original script use i686 for arch != amd64 adobe use i386 + [ "$arch_wget" != "i686" ] || arch_wget=i386 + downloaddir=$upstream + downloadfile=flash_player_npapi_linux.$arch_wget.tar.gz + downloadurl=https://fpdownload.adobe.com/get/flashplayer/pdc/$downloaddir/$downloadfile wgetoptions="$wgetalways $wgetprogress" [ "$quiet" != "yes" ] || wgetoptions="$wgetquiet $wgetalways" @@ -323,21 +259,14 @@ HOME=/root \ wget $wgetoptions $downloadurl \ || die_hard_with_a_cleanup "wget failed to download $downloadurl" - [ "$verbose" != "yes" ] || echo "verifying checksum $downloadfile ..." - grep tar.gz checksums.txt | sha512sum -c - > /dev/null 2>&1 \ - || die_hard_with_a_cleanup "sha512sum rejected $downloadfile" [ "$verbose" != "yes" ] || echo "unpacking $downloadfile ..." tar xozf $downloadfile - [ "$verbose" != "yes" ] || echo "verifying checksum contents of $downloadfile ..." - head -n 2 < checksums.txt | sha512sum -c - > /dev/null 2>&1 \ - || die_hard_with_a_cleanup "sha512sum rejected a part of $downloadfile" targetdir=/usr/lib/flashplugin-nonfree - libflashplayerdotso=`grep " .*libflashplayer\.so$" checksums.txt | cut -c 131-` - [ "$verbose" != "yes" ] || echo "moving $libflashplayerdotso to $targetdir ..." + [ "$verbose" != "yes" ] || echo "moving $UNPACKDIR/libflashplayer.so to $targetdir ..." rm -f $targetdir/flashplayer.xpt - mv -f $libflashplayerdotso $targetdir + mv -f $UNPACKDIR/libflashplayer.so $targetdir [ "$verbose" != "yes" ] || echo "setting permissions and ownership of $targetdir/libflashplayer.so ..." chown root:root $targetdir/libflashplayer.so @@ -449,4 +378,3 @@ do_cleanup [ "$verbose" != "yes" ] || echo "end of update-flashplugin-nonfree" -
signature.asc
Description: OpenPGP digital signature
