Bug#666838: Test rebuild of your package libapache2-mod-auth-plain
tags 666838 '+upstream' thanks Dear maintainer, this is a follow-up message to your Apache 2.4 transition bug for package libapache2-mod-auth-plain. We are approaching an upload of the web server to Debian's Unstable repository as soon as the release team acknowledges the upload. Along that upload we are planning to raise the importance of this bug to a release-critical severity. Please port your packages now to Apache 2.4. Below you can find a test-rebuild for your package for the 2.4 version of the Apache web server. Please note, even if the rebuild was successful, you still need to make changes in the Debian specific part of your package. The rebuild below was made by using a specially prepared build environment where these conditions where met: * We had apache2 and apache2-dev preinstalled * We provided a void apache2-threaded-dev and apache2-prefork-dev package to satisfy build-dependencies of your existing package (but this WILL NOT be the case in a real upload of the apache2 source package) * We prepared apxs to unconditionally inject -Werror=implicit-function-declaration to gcc to make sure we can spot the use of removed API calls (e.g. missing signatures for ap_* functions). Note, this might also cause false positives in some cases. These are the outcome criterias we defined: * VERIFIED-OK: The package rebuilt and linked successfully using the Apache 2.4 development headers. It still needs adapting to Debian package changes * VERIFIED-FAIL: The package does not rebuild successufully using the Apache 2.4 development headers. It may need some porting in the upstream code base * BYHAND: We may rebuild your package another time with manual interception. Not clear outcome could be determined out of the build log This is the outcome we determined: outcome: VERIFIED-FAIL comment: needs porting error: implicit declaration of function 'ap_requires' You will find a full build log attached below. Here are some hints about porting problems. See [1] for a comprehensive overview: error: 'conn_rec' has no member named 'remote_ip' These fields have been renamed in order to distinguish between the client IP address of the connection and the useragent IP address of the request. Porting is trivial, in most cases changing the pointer from conn_rec->remote_ip to request_rec->useragent_ip is enough error: implicit declaration of function 'ap_requires' error: implicit declaration of function 'ap_default_type' These functions were removed along the 2.2 authnz API. It needs a non-trivial API redesign. error: implicit declaration of function 'ap_get_server_version' Use ap_get_server_banner() error: format not a string literal and no format arguments [-Werror=format-security] Apache2 modules are being built with hardening build flags now in order to satisfy the "hardening release goal" [2]. A trivial fix comes over that problem. [1] http://httpd.apache.org/docs/2.4/developer/new_api_2_4.html [2] http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags libapache2-mod-auth-plain_2.0.51-amd64-20120504-0405.gz Description: Binary data
Bug#666809: Test rebuild of your package libapache2-mod-auth-pam
tags 666809 '+upstream' thanks Dear maintainer, this is a follow-up message to your Apache 2.4 transition bug for package libapache2-mod-auth-pam. We are approaching an upload of the web server to Debian's Unstable repository as soon as the release team acknowledges the upload. Along that upload we are planning to raise the importance of this bug to a release-critical severity. Please port your packages now to Apache 2.4. Below you can find a test-rebuild for your package for the 2.4 version of the Apache web server. Please note, even if the rebuild was successful, you still need to make changes in the Debian specific part of your package. The rebuild below was made by using a specially prepared build environment where these conditions where met: * We had apache2 and apache2-dev preinstalled * We provided a void apache2-threaded-dev and apache2-prefork-dev package to satisfy build-dependencies of your existing package (but this WILL NOT be the case in a real upload of the apache2 source package) * We prepared apxs to unconditionally inject -Werror=implicit-function-declaration to gcc to make sure we can spot the use of removed API calls (e.g. missing signatures for ap_* functions). Note, this might also cause false positives in some cases. These are the outcome criterias we defined: * VERIFIED-OK: The package rebuilt and linked successfully using the Apache 2.4 development headers. It still needs adapting to Debian package changes * VERIFIED-FAIL: The package does not rebuild successufully using the Apache 2.4 development headers. It may need some porting in the upstream code base * BYHAND: We may rebuild your package another time with manual interception. Not clear outcome could be determined out of the build log This is the outcome we determined: outcome: VERIFIED-FAIL comment: needs porting error: implicit declaration of function 'ap_requires' You will find a full build log attached below. Here are some hints about porting problems. See [1] for a comprehensive overview: error: 'conn_rec' has no member named 'remote_ip' These fields have been renamed in order to distinguish between the client IP address of the connection and the useragent IP address of the request. Porting is trivial, in most cases changing the pointer from conn_rec->remote_ip to request_rec->useragent_ip is enough error: implicit declaration of function 'ap_requires' error: implicit declaration of function 'ap_default_type' These functions were removed along the 2.2 authnz API. It needs a non-trivial API redesign. error: implicit declaration of function 'ap_get_server_version' Use ap_get_server_banner() error: format not a string literal and no format arguments [-Werror=format-security] Apache2 modules are being built with hardening build flags now in order to satisfy the "hardening release goal" [2]. A trivial fix comes over that problem. [1] http://httpd.apache.org/docs/2.4/developer/new_api_2_4.html [2] http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags libapache2-mod-auth-pam_1.1.1-9-amd64-20120504-0327.gz Description: Binary data
Processed: tagging 666799, block 666799 with 666822, tagging 666800, block 666799 with 666822, tagging 666801 ...
Processing commands for cont...@bugs.debian.org: > tags 666799 + confirmed Bug #666799 [libapache2-reload-perl] libapache2-reload-perl: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > block 666799 with 666822 Bug #666799 [libapache2-reload-perl] libapache2-reload-perl: sourceful transition towards Apache 2.4 666799 was not blocked by any bugs. 666799 was not blocking any bugs. Added blocking bug(s) of 666799: 666822 > tags 666800 + confirmed Bug #666800 [libapache-singleton-perl] libapache-singleton-perl: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > block 666799 with 666822 Bug #666799 [libapache2-reload-perl] libapache2-reload-perl: sourceful transition towards Apache 2.4 666799 was blocked by: 666822 666799 was not blocking any bugs. Ignoring request to alter blocking bugs of bug #666799 to the same blocks previously set > tags 666801 + confirmed Bug #666801 [libapache2-mod-xsendfile] libapache2-mod-xsendfile: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666802 + confirmed Bug #666802 [libapreq2] libapreq2: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666803 + confirmed Bug #666803 [libapache2-mod-ruid2] libapache2-mod-ruid2: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666807 + confirmed Bug #666807 [libapache-authenhook-perl] libapache-authenhook-perl: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666808 + confirmed Bug #666808 [apparmor] apparmor: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666817 + confirmed Bug #666817 [mod-mime-xattr] mod-mime-xattr: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666820 + confirmed Bug #666820 [php5] php5: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666830 + confirmed Bug #666830 [rampart] rampart: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666840 + confirmed Bug #666840 [libapache2-mod-authn-sasl] libapache2-mod-authn-sasl: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666842 + confirmed Bug #666842 [libapache2-mod-encoding] libapache2-mod-encoding: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666843 + confirmed Bug #666843 [libapache2-mod-ldap-userdir] libapache2-mod-ldap-userdir: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666845 + confirmed Bug #666845 [apache-mod-auth-ntlm-winbind] apache-mod-auth-ntlm-winbind: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666848 + confirmed Bug #666848 [modsecurity-apache] modsecurity-apache: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666853 + confirmed Bug #666853 [speedy-cgi-perl] speedy-cgi-perl: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666855 + confirmed Bug #666855 [mod-authn-webid] mod-authn-webid: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666856 + confirmed Bug #666856 [libapache2-mod-auth-cas] libapache2-mod-auth-cas: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666859 + confirmed Bug #666859 [mod-vhost-hash-alias] mod-vhost-hash-alias: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666860 + confirmed Bug #666860 [libapache2-mod-auth-openid] libapache2-mod-auth-openid: sourceful transition towards Apache 2.4 Added tag(s) confirmed. > tags 666795 + upstream Bug #666795 [libapache2-mod-geoip] libapache2-mod-geoip: sourceful transition towards Apache 2.4 Ignoring request to alter tags of bug #666795 to the same tags previously set > tags 666794 + upstream Bug #666794 [subversion] subversion: sourceful transition towards Apache 2.4 Added tag(s) upstream. > tags 666796 + upstream Bug #666796 [libapache2-mod-python] libapache2-mod-python: sourceful transition towards Apache 2.4 Added tag(s) upstream. > tags 666804 + upstream Bug #666804 [shibboleth-sp2] shibboleth-sp2: sourceful transition towards Apache 2.4 Added tag(s) upstream. > tags 666805 + upstream Bug #666805 [scgi] scgi: sourceful transition towards Apache 2.4 Added tag(s) upstream. > tags 666806 + upstream Bug #666806 [libapache2-mod-authn-yubikey] libapache2-mod-authn-yubikey: sourceful transition towards Apache 2.4 Added tag(s) upstream. > tags 666809 + upstream Bug #666809 [libapache2-mod-auth-pam] libapache2-mod-auth-pam: sourceful transition towards Apache 2.4 Added tag(s) upstream. > tags 666810 + upstream Bug #666810 [dacs] dacs: sourceful transition towards Apache 2.4 Added tag(s) upstream. > tags 666811 + upstream Bug #666811 [libapache-mod-auth-kerb] libapache-mod-auth-kerb: sourceful transition towards Apache 2.4 Added tag(s) upstream. > tags 666813 + upstream Bug #666813 [mod-vhost-ldap] mod-vhost-ldap: sourceful transition towards Apache 2.4 Added tag(s) upstream. > tags 666814 + upstream Bug #666814 [libapache2-mod-auth-pgsql] libapache2-mod-aut
