Your message dated Sat, 22 Jul 2023 13:19:42 +0000
with message-id <e1qncwm-005rq6...@coccia.debian.org>
and subject line Released with 12.1
has caused the Debian Bug report #1039609,
regarding bookworm-pu: package sudo/1.9.13p3-1+deb12u1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1039609: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039609
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: s...@packages.debian.org
Control: affects -1 + src:sudo
Dear stable release team,
this pre-upload request for the sudo package is filed to ask for
guidance whether this package is suitable for bookworm-proposed-updates.
[ Reason ]
This upload fixes the broken log format of "ENV=..." event logging, Bug
#1039557. This is an upstream regression since bullseye. The patch
being applied is from Upstream, is already in unstable (since today),
and will also be part of the next upstream release.
[ Impact ]
This bug affects log parsing and filtering, for example using logcheck.
As sudo is a security relevant package, this is a rather bad bug.
[ Tests ]
Sadly, none.
[ Risks ]
This is a one-line change adding a semicolon to a log string.
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
[ Changes ]
The patch adds a verbatim, static semicolon to the logging buffer.
[ Other info ]
The change is rather fresh in unstable. I am filing this pre-upload
request to make it easier for the fixed package to find its way to
the first bookworm point release which is due soon. If the time frame
was not as tight, I'd have held back this bugreport for a week, but I
think that this fix should probably be in the first point
release already.
diff -Nru sudo-1.9.13p3/debian/changelog sudo-1.9.13p3/debian/changelog
--- sudo-1.9.13p3/debian/changelog 2023-03-08 21:17:05.000000000 +0100
+++ sudo-1.9.13p3/debian/changelog 2023-06-27 13:45:00.000000000 +0200
@@ -1,3 +1,10 @@
+sudo (1.9.13p3-1+deb12u1) bookworm; urgency=medium
+
+ * add upstream patch to fix event log format.
+ Thanks to Kimmo Suominen (Closes: #1039557)
+
+ -- Marc Haber <mh+debian-packa...@zugschlus.de> Tue, 27 Jun 2023 13:45:00
+0200
+
sudo (1.9.13p3-1) unstable; urgency=medium
* new upstream version:
diff -Nru sudo-1.9.13p3/debian/patches/debian-bug-1039557
sudo-1.9.13p3/debian/patches/debian-bug-1039557
--- sudo-1.9.13p3/debian/patches/debian-bug-1039557 1970-01-01
01:00:00.000000000 +0100
+++ sudo-1.9.13p3/debian/patches/debian-bug-1039557 2023-06-27
13:45:00.000000000 +0200
@@ -0,0 +1,14 @@
+Desciption: fix event log format with environment variables
+Origin:
https://github.com/sudo-project/sudo/commit/12648b4e0a8cf486480442efd52f0e0b6cab6e8b
+Bug: https://github.com/sudo-project/sudo/issues/254
+Forwarded: not-needed
+--- a/lib/eventlog/eventlog.c
++++ b/lib/eventlog/eventlog.c
+@@ -189,6 +189,7 @@ new_logline(int event_type, int flags, s
+ sudo_lbuf_append_esc(lbuf, LBUF_ESC_CNTRL, " %s",
+ evlog->env_add[i]);
+ }
++ sudo_lbuf_append(lbuf, " ; ");
+ }
+ if (evlog->command != NULL && evlog->argv != NULL) {
+ /* Command plus argv. */
diff -Nru sudo-1.9.13p3/debian/patches/series
sudo-1.9.13p3/debian/patches/series
--- sudo-1.9.13p3/debian/patches/series 2023-03-08 21:17:05.000000000 +0100
+++ sudo-1.9.13p3/debian/patches/series 2023-06-27 13:45:00.000000000 +0200
@@ -1,6 +1,7 @@
# 1004909-ftbfs-kfreebsd
# debian-bugs-1019428
# dont-create-ChangeLog
+debian-bug-1039557
paths-in-samples.diff
Whitelist-DPKG_COLORS-environment-variable.diff
sudo-ldap-docs
--- End Message ---
--- Begin Message ---
Version: 12.1
The upload requested in this bug has been released as part of 12.1.
--- End Message ---
