Your message dated Sat, 22 Sep 2012 18:03:17 +0100
with message-id <1348333397.7146.22.ca...@jacala.jungle.funky-badger.org>
and subject line Re: Bug#688402: unblock : keepass2 2.19+dfsg-2
has caused the Debian Bug report #688402,
regarding unblock : keepass2 2.19+dfsg-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
688402: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688402
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Hi,
please unblock keepass2 2.19+dfsg-2 it fixes an insecure tempfile
creation issue and an works around an important issue in mono winforms
which can prevent the program from starting (#686017).
thanks
Julian Taylor
diff -Nru keepass2-2.19+dfsg/debian/changelog
keepass2-2.19+dfsg/debian/changelog
--- keepass2-2.19+dfsg/debian/changelog 2012-05-02 19:21:30.000000000 +0200
+++ keepass2-2.19+dfsg/debian/changelog 2012-09-17 21:32:24.000000000 +0200
@@ -1,4 +1,14 @@
-keepass2 (2.19+dfsg-1) UNRELEASED; urgency=low
+keepass2 (2.19+dfsg-2) unstable; urgency=medium
+
+ * fix-insecure-tempfile-use.patch:
+ - create small tempfiles in user owned directory instead of /tmp
+ * enforce-minimum-window-and-slider-size.patch:
+ - Closes: #686017
+ * suggest mono-dmcs needed to compile plugins
+
+ -- Julian Taylor <jtaylor.deb...@googlemail.com> Mon, 17 Sep 2012 19:31:53
+0000
+
+keepass2 (2.19+dfsg-1) unstable; urgency=low
* New upstream release (LP: #990557)
- drop upstream applied fix-winforms-eventordering.patch
diff -Nru keepass2-2.19+dfsg/debian/control keepass2-2.19+dfsg/debian/control
--- keepass2-2.19+dfsg/debian/control 2012-05-02 19:21:30.000000000 +0200
+++ keepass2-2.19+dfsg/debian/control 2012-09-17 21:32:24.000000000 +0200
@@ -19,7 +19,7 @@
Package: keepass2
Architecture: all
Depends: ${cli:Depends}, ${misc:Depends}
-Suggests: keepass2-doc, xdotool
+Suggests: keepass2-doc, mono-dmcs, xdotool
Description: Password manager
KeePass is a easy-to-use password manager for Windows, Linux, Mac OS X and
mobile devices. You can store your passwords in highly-encrypted databases,
diff -Nru
keepass2-2.19+dfsg/debian/patches/enforce-minimum-window-and-slider-size.patch
keepass2-2.19+dfsg/debian/patches/enforce-minimum-window-and-slider-size.patch
---
keepass2-2.19+dfsg/debian/patches/enforce-minimum-window-and-slider-size.patch
1970-01-01 01:00:00.000000000 +0100
+++
keepass2-2.19+dfsg/debian/patches/enforce-minimum-window-and-slider-size.patch
2012-09-17 21:32:24.000000000 +0200
@@ -0,0 +1,52 @@
+From: Julian Taylor <jtaylor.deb...@googlemail.com>
+Date: Mon, 17 Sep 2012 21:15:05 +0200
+Subject: enforce minimum window and slider size
+
+Winforms crashes when the listview elements are not visible on loading.
+As the windows sizes are recalled on each start this can prevent keepass
+from opening.
+To avoid this set a minimum window and slider size so the elements are
+always visible.
+
+Applied-Upstream: 2.20
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686017
+---
+ KeePass/Forms/MainForm.cs | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+--- a/KeePass/Forms/MainForm.cs
++++ b/KeePass/Forms/MainForm.cs
+@@ -239,7 +239,17 @@
+
+ if((sizeX != AppDefs.InvalidWindowValue) &&
+ (sizeY != AppDefs.InvalidWindowValue) &&
bWndValid)
++ {
++ if(MonoWorkarounds.IsRequired) // Debian 686017
++ {
++ sizeX = Math.Max(250, sizeX);
++ sizeY = Math.Max(250, sizeY);
++ }
++
+ this.Size = new Size(sizeX, sizeY);
++ }
++ if(MonoWorkarounds.IsRequired) // Debian 686017
++ this.MinimumSize = new Size(250, 250);
+
+ Rectangle rectRestWindow = new Rectangle(wndX, wndY,
+ this.Size.Width, this.Size.Height);
+@@ -323,8 +333,14 @@
+ {
+ float fSplitPos = mw.SplitterHorizontalFrac;
+ if(fSplitPos == float.Epsilon) fSplitPos =
0.8333f;
+- m_splitHorizontal.SplitterDistance =
(int)Math.Round(fSplitPos *
++ // m_splitHorizontal.SplitterDistance =
(int)Math.Round(fSplitPos *
++ // (double)m_splitHorizontal.Height);
++ int iSplitDist = (int)Math.Round(fSplitPos *
+ (double)m_splitHorizontal.Height);
++ if(MonoWorkarounds.IsRequired) // Debian 686017
++ m_splitHorizontal.SplitterDistance =
Math.Max(35, iSplitDist);
++ else
++ m_splitHorizontal.SplitterDistance =
iSplitDist;
+
+ fSplitPos = mw.SplitterVerticalFrac;
+ if(fSplitPos == float.Epsilon) fSplitPos =
0.25f;
diff -Nru keepass2-2.19+dfsg/debian/patches/fix-insecure-tempfile-use.patch
keepass2-2.19+dfsg/debian/patches/fix-insecure-tempfile-use.patch
--- keepass2-2.19+dfsg/debian/patches/fix-insecure-tempfile-use.patch
1970-01-01 01:00:00.000000000 +0100
+++ keepass2-2.19+dfsg/debian/patches/fix-insecure-tempfile-use.patch
2012-09-17 21:32:24.000000000 +0200
@@ -0,0 +1,156 @@
+From: Julian Taylor <jtaylor.deb...@googlemail.com>
+Date: Sun, 16 Sep 2012 17:03:31 +0200
+Subject: fix insecure tempfile use
+
+create messaging and mutex files in XDG_{RUNTIME,DATA}_DIR instead of
+/tmp
+Applied-Upstream: 2.21
+---
+ KeePass/Plugins/PlgxPlugin.cs | 2 +-
+ KeePass/Program.cs | 2 +-
+ KeePass/Util/GlobalMutexPool.cs | 3 ++-
+ KeePass/Util/IpcBroadcast.Fsw.cs | 5 +++--
+ KeePass/Util/IpcUtilEx.cs | 2 +-
+ KeePass/Util/WinUtil.cs | 2 +-
+ KeePassLib/Native/NativeMethods.cs | 21 +++++++++++++++++++++
+ KeePassLib/Utility/UrlUtil.cs | 17 +++++++++++++++++
+ 8 files changed, 47 insertions(+), 7 deletions(-)
+
+--- a/KeePass/Plugins/PlgxPlugin.cs
++++ b/KeePass/Plugins/PlgxPlugin.cs
+@@ -270,7 +270,7 @@
+
+ private static string CreateTempDirectory()
+ {
+- string strTmpRoot = Path.GetTempPath();
++ string strTmpRoot = UrlUtil.GetTempPath();
+ strTmpRoot =
UrlUtil.EnsureTerminatingSeparator(strTmpRoot, false);
+ strTmpRoot += (new PwUuid(true)).ToHexString();
+
+--- a/KeePass/Program.cs
++++ b/KeePass/Program.cs
+@@ -279,7 +279,7 @@
+ try
+ {
+ string strFileOut =
UrlUtil.EnsureTerminatingSeparator(
+- Path.GetTempPath(), false) +
"KeePass_UrlOverride.tmp";
++ UrlUtil.GetTempPath(), false) +
"KeePass_UrlOverride.tmp";
+ string strContent =
("[KeePass]\r\nKeeURLOverride=" +
+
Program.Config.Integration.UrlOverride + "\r\n");
+ File.WriteAllText(strFileOut,
strContent);
+--- a/KeePass/Util/GlobalMutexPool.cs
++++ b/KeePass/Util/GlobalMutexPool.cs
+@@ -201,7 +201,8 @@
+
+ private static string GetMutexPath(string strName)
+ {
+- string strDir =
UrlUtil.EnsureTerminatingSeparator(Path.GetTempPath(), false);
++ string strDir = UrlUtil.EnsureTerminatingSeparator(
++ UrlUtil.GetTempPath(), false);
+ return (strDir + IpcUtilEx.IpcMsgFilePreID +
IpcBroadcast.GetUserID() +
+ "-Mutex-" + strName + ".tmp");
+ }
+--- a/KeePass/Util/IpcBroadcast.Fsw.cs
++++ b/KeePass/Util/IpcBroadcast.Fsw.cs
+@@ -49,7 +49,8 @@
+ {
+ if(m_strMsgFilePath != null) return;
+
+- string strDir =
UrlUtil.EnsureTerminatingSeparator(Path.GetTempPath(), false);
++ string strDir = UrlUtil.EnsureTerminatingSeparator(
++ UrlUtil.GetTempPath(), false);
+ m_strMsgFileName = IpcUtilEx.IpcMsgFilePreID +
GetUserID() +
+ IpcUtilEx.IpcMsgFilePostID;
+ m_strMsgFilePath = strDir + m_strMsgFileName;
+@@ -109,7 +110,7 @@
+ {
+ FswEnsurePaths();
+
+- m_fsw = new FileSystemWatcher(Path.GetTempPath(),
m_strMsgFileName);
++ m_fsw = new FileSystemWatcher(UrlUtil.GetTempPath(),
m_strMsgFileName);
+ m_fsw.IncludeSubdirectories = false;
+ m_fsw.NotifyFilter = (NotifyFilters.CreationTime |
NotifyFilters.LastWrite);
+
+--- a/KeePass/Util/IpcUtilEx.cs
++++ b/KeePass/Util/IpcUtilEx.cs
+@@ -115,7 +115,7 @@
+ {
+ try
+ {
+- string str = Path.GetTempPath();
++ string str = UrlUtil.GetTempPath();
+ str = UrlUtil.EnsureTerminatingSeparator(str,
false);
+
+ return (str + IpcMsgFilePreID + nId.ToString()
+ ".tmp");
+--- a/KeePass/Util/WinUtil.cs
++++ b/KeePass/Util/WinUtil.cs
+@@ -381,7 +381,7 @@
+ char chCur = char.ToUpper(strCur[0]);
+ if(chPar != chCur) return string.Empty;
+
+- string strTemp = Path.GetTempPath();
++ string strTemp = UrlUtil.GetTempPath();
+ Directory.SetCurrentDirectory(strTemp);
+
+ return strCur;
+--- a/KeePassLib/Native/NativeMethods.cs
++++ b/KeePassLib/Native/NativeMethods.cs
+@@ -21,6 +21,10 @@
+ using System.Text;
+ using System.Security;
+ using System.Runtime.InteropServices;
++using System.IO;
++using System.Diagnostics;
++
++using KeePassLib.Utility;
+
+ namespace KeePassLib.Native
+ {
+@@ -150,5 +154,22 @@
+ return StrCmpLogicalW(x, y);
+ #endif
+ }
++
++ internal static string GetUserRuntimeDir()
++ {
++ string strRtDir =
Environment.GetEnvironmentVariable("XDG_RUNTIME_DIR");
++ if(string.IsNullOrEmpty(strRtDir))
++ strRtDir =
Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData);
++ if(string.IsNullOrEmpty(strRtDir))
++ {
++ Debug.Assert(false);
++ return Path.GetTempPath(); // Not UrlUtil
(otherwise cyclic)
++ }
++
++ strRtDir = UrlUtil.EnsureTerminatingSeparator(strRtDir,
false);
++ strRtDir += PwDefs.ShortProductName;
++
++ return strRtDir;
++ }
+ }
+ }
+--- a/KeePassLib/Utility/UrlUtil.cs
++++ b/KeePassLib/Utility/UrlUtil.cs
+@@ -588,5 +588,22 @@
+
+ return false;
+ }
++
++ public static string GetTempPath()
++ {
++ string strDir;
++ if(NativeLib.IsUnix())
++ strDir = NativeMethods.GetUserRuntimeDir();
++ else strDir = Path.GetTempPath();
++
++ try
++ {
++ if(Directory.Exists(strDir) == false)
++ Directory.CreateDirectory(strDir);
++ }
++ catch(Exception) { Debug.Assert(false); }
++
++ return strDir;
++ }
+ }
+ }
diff -Nru keepass2-2.19+dfsg/debian/patches/series
keepass2-2.19+dfsg/debian/patches/series
--- keepass2-2.19+dfsg/debian/patches/series 2012-05-02 19:21:30.000000000
+0200
+++ keepass2-2.19+dfsg/debian/patches/series 2012-09-17 21:32:24.000000000
+0200
@@ -7,3 +7,5 @@
enable-local-help.patch
work-around-issues-with-autotype-and-keyboard-layout.patch
disable-autoupdate-dialog.patch
+fix-insecure-tempfile-use.patch
+enforce-minimum-window-and-slider-size.patch
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
On Sat, 2012-09-22 at 14:55 +0200, Julian Taylor wrote:
> please unblock keepass2 2.19+dfsg-2 it fixes an insecure tempfile
> creation issue and an works around an important issue in mono winforms
> which can prevent the program from starting (#686017).
Unblocked; thanks.
Regards,
Adam
--- End Message ---
