[dgit import tarball libseccomp 2.4.1-2+rpi1 libseccomp_2.4.1-2+rpi1.debian.tar.xz]
--- /dev/null
+libseccomp (2.4.1-2+rpi1) bullseye-staging; urgency=medium
+
+ * Move valigrind from build-depends to build-conflicts, raspbians valgrind
+ is somewhat broken and causes testsuite failures.
+
+ -- Peter Michael Green <plugwash@raspbian.org> Wed, 24 Jul 2019 22:12:36 +0000
+
+libseccomp (2.4.1-2) unstable; urgency=medium
+
+ * Remove build-dependency on valgrind for mipsel and x32 as it's broken
+ on those archs.
+ * Set Rules-Requires-Root: no.
+
+ -- Felix Geyer <fgeyer@debian.org> Fri, 19 Jul 2019 00:03:34 +0200
+
+libseccomp (2.4.1-1) unstable; urgency=medium
+
+ * New upstream release.
+ - Addresses CVE-2019-9893 (Closes: #924646)
+ * Drop all patches for parisc arch support, merged upstream.
+ * Build-depend on valgrind to run more unit tests.
+ * Run dh_auto_configure for every python 3 version to install the extension
+ in the correct path.
+ * Update the symbols file.
+ * Adapt autopkgtest to new upstream version:
+ - Build against pthread
+ - Build scmp_api_level tool
+ * Upgrade to debhelper compat level 12.
+ - Add d/not-installed file
+ * Fix install path of the python module.
+ - Add python_install_dir.patch
+ * Add autopkgtest for python packages.
+
+ -- Felix Geyer <fgeyer@debian.org> Wed, 17 Jul 2019 23:23:28 +0200
+
+libseccomp (2.3.3-4) unstable; urgency=medium
+
+ [ Ondřej Nový ]
+ * d/copyright: Change Format URL to correct one
+
+ [ Helmut Grohne ]
+ * Fix FTCBFS: (Closes: #903556)
+ + Multiarchify python Build-Depends.
+ + Annotate cython dependencies with :native for now.
+ + Drop noop dh_auto_build invocations.
+ + Pass a suitable PYTHONPATH for python2.
+ + Pass _PYTHON_SYSCONFIGDATA_NAME for python3.
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 10 Feb 2019 12:25:44 +0100
+
+libseccomp (2.3.3-3) unstable; urgency=medium
+
+ * Fix FTBFS: Adapt to renamed README file. (Closes: #902767)
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 01 Jul 2018 20:32:03 +0200
+
+libseccomp (2.3.3-2) unstable; urgency=medium
+
+ [ Helmut Grohne ]
+ * Support the nopython build profile. (Closes: #897057)
+
+ [ Felix Geyer ]
+ * Run upstream "live" tests in an autopkgtest.
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 13 May 2018 09:53:08 +0200
+
+libseccomp (2.3.3-1) unstable; urgency=medium
+
+ * New upstream release. (Closes: #895417)
+ - Adds pkey_mprotect syscall. (Closes: #893722)
+ * Refresh parisc patch.
+ * Move libseccomp2 back to /usr/lib. (Closes: #894988)
+ * Make test failures cause the build to fail. (Closes: 877901)
+ * Build python bindings. (Closes: #810712)
+ * Switch to debhelper compat level 10.
+ * Move git repo to salsa.debian.org
+ * Add myself to Uploaders.
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 22 Apr 2018 23:55:03 +0200
+
+libseccomp (2.3.1-2.1) unstable; urgency=medium
+
+ [ Martin Pitt ]
+ * Non-maintainer upload with Kees' consent.
+
+ [ Laurent Bigonville ]
+ * Ensure strict enough generated dependencies (Closes: #844496)
+
+ -- Martin Pitt <mpitt@debian.org> Thu, 17 Nov 2016 10:16:44 +0100
+
+libseccomp (2.3.1-2) unstable; urgency=medium
+
+ * Add hppa (parisc) support (Closes: #820501)
+
+ -- Luca Bruno <lucab@debian.org> Sat, 28 May 2016 20:05:01 +0200
+
+libseccomp (2.3.1-1) unstable; urgency=medium
+
+ * New upstream release
+ * control: add Vcs-* fields
+
+ -- Luca Bruno <lucab@debian.org> Tue, 05 Apr 2016 22:16:55 +0200
+
+libseccomp (2.3.0-1) unstable; urgency=medium
+
+ * New upstream release
+ + drop all patches, applied upstream
+ * libseccomp2: update symbols file
+ * control: add myself to uploaders
+ * control: bump policy version
+
+ -- Luca Bruno <lucab@debian.org> Sun, 03 Apr 2016 00:31:09 +0200
+
+libseccomp (2.2.3-3) unstable; urgency=medium
+
+ [ Martin Pitt ]
+ * debian/patches/add-x86-32bit-socket-calls.patch: add the newly
+ connected direct socket calls. (Closes: #809556)
+ * debian/add-membarrier.patch: add membarrier syscall.
+ * Backport patches for ppc/ppc64 and s390x. (Closes: #800818)
+
+ -- Kees Cook <kees@debian.org> Tue, 01 Sep 2015 15:37:31 -0700
+
+libseccomp (2.2.3-2) unstable; urgency=medium
+
+ * debian/control: enable mips64, mips64el, and x32 architectures,
+ thanks to Helmut Grohne (Closes: 797383).
+
+ -- Kees Cook <kees@debian.org> Tue, 01 Sep 2015 15:37:31 -0700
+
+libseccomp (2.2.3-1) unstable; urgency=medium
+
+ * New upstream release (Closes: 793032).
+ * debian/control: update Homepage (Closes: 793033).
+
+ -- Kees Cook <kees@debian.org> Mon, 03 Aug 2015 15:06:08 -0700
+
+libseccomp (2.2.1-2) unstable; urgency=medium
+
+ * debian/{rules,*.install}: move to /lib, thanks to Michael Biebl
+ (Closes: 788923).
+
+ -- Kees Cook <kees@debian.org> Tue, 16 Jun 2015 12:45:08 -0700
+
+libseccomp (2.2.1-1) unstable; urgency=medium
+
+ * New upstream release (Closes: 785428).
+ - debian/patches dropped: incorporated upstream.
+ * debian/libseccomp2.symbols: include only documented symbols.
+ * debian/libseccomp-dev.install: include static library (Closes: 698508).
+ * debian/control:
+ - add newly supported arm64, mips, and mipsel.
+ - bump standards version, no changes needed.
+
+ -- Kees Cook <kees@debian.org> Sat, 16 May 2015 08:15:26 -0700
+
+libseccomp (2.1.1-1) unstable; urgency=low
+
+ * New upstream release (Closes: 733293).
+ * copyright: add a few missed people.
+ * rules: adjusted for new test target.
+ * libseccomp2.symbols: drop accidentally exported functions.
+ * control:
+ - bump standards, no changes needed.
+ - add armel target
+
+ -- Kees Cook <kees@debian.org> Sat, 12 Apr 2014 10:44:22 -0700
+
+libseccomp (2.1.0+dfsg-1) unstable; urgency=low
+
+ * Rebuild source package without accidental binaries (Closes: 725617).
+ - debian/watch: mangle upstream version check.
+ * debian/rules: make tests non-fatal while upstream fixes them
+ (Closes: 721292).
+
+ -- Kees Cook <kees@debian.org> Sun, 06 Oct 2013 15:05:51 -0700
+
+libseccomp (2.1.0-1) unstable; urgency=low
+
+ * New upstream release (Closes: 718398):
+ - dropped debian/patches/manpage-dashes.patch: taken upstream.
+ - dropped debian/patches/include-unistd.patch: not needed.
+ - debian/patches/testsuite-x86-write.patch: taken upstream.
+ - ABI bump: moved from libseccomp1 to libseccomp2.
+ * debian/control:
+ - added Arch: armhf, now supported upstream.
+ - added seccomp binary package for helper tools.
+ * Added debian/patches/manpage-typo.patch: spelling fix.
+ * Added debian/patches/build-ldflags.patch: fix LDFLAGS handling.
+
+ -- Kees Cook <kees@debian.org> Tue, 13 Aug 2013 00:02:01 -0700
+
+libseccomp (1.0.1-2) unstable; urgency=low
+
+ * debian/rules: enable testsuite at build time, thanks to
+ Stéphane Graber (Closes: 698803).
+ * Added debian/patches/include-unistd.patch: detect location of
+ asm/unistd.h correctly.
+ * Added debian/patches/testsuite-x86-write.patch: skip the "write"
+ syscall correctly on x86.
+ * debian/control: bump standards to 3.9.4, no changes needed.
+
+ -- Kees Cook <kees@debian.org> Wed, 23 Jan 2013 13:11:53 -0800
+
+libseccomp (1.0.1-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/control: only build on amd64 and i386 (Closes: 687368).
+
+ -- Kees Cook <kees@debian.org> Fri, 07 Dec 2012 11:38:03 -0800
+
+libseccomp (1.0.0-1) unstable; urgency=low
+
+ * New upstream release.
+ - bump ABI.
+ - drop build verbosity patch, use upstream V=1 instead.
+ * libseccomp-dev.manpages: fix build location (Closes: 682152, 682471).
+ * debian/patches/pkgconfig-macro.patch: use literals for macro.
+
+ -- Kees Cook <kees@debian.org> Fri, 03 Aug 2012 16:59:41 -0700
+
+libseccomp (0.1.0-1) unstable; urgency=low
+
+ * New upstream release.
+ - drop patches taken upstream:
+ - libexecdir.patch
+ - pass-flags.patch
+
+ -- Kees Cook <kees@debian.org> Fri, 08 Jun 2012 12:32:22 -0700
+
+libseccomp (0.0.0~20120605-1) unstable; urgency=low
+
+ * Initial release (Closes: #676257).
+
+ -- Kees Cook <kees@debian.org> Tue, 05 Jun 2012 11:28:07 -0700
--- /dev/null
+Source: libseccomp
+Section: libs
+Priority: optional
+Maintainer: Kees Cook <kees@debian.org>
+Uploaders: Luca Bruno <lucab@debian.org>, Felix Geyer <fgeyer@debian.org>
+Build-Depends: debhelper-compat (= 12),
+ linux-libc-dev,
+ dh-python <!nopython>,
+ python-all-dev:any <!nopython>,
+ libpython-all-dev <!nopython>,
+ python3-all-dev:any <!nopython>,
+ libpython3-all-dev <!nopython>,
+ cython:native <!nopython>,
+ cython3:native <!nopython>
+Build-Conflicts:
+ valgrind
+Rules-Requires-Root: no
+Standards-Version: 3.9.7
+Homepage: https://github.com/seccomp/libseccomp
+Vcs-Git: https://salsa.debian.org/debian/libseccomp.git
+Vcs-Browser: https://salsa.debian.org/debian/libseccomp
+
+Package: libseccomp-dev
+Section: libdevel
+Architecture: linux-any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends: libseccomp2 (= ${binary:Version}), ${misc:Depends}
+Suggests: seccomp
+Description: high level interface to Linux seccomp filter (development files)
+ This library provides a high level interface to constructing, analyzing
+ and installing seccomp filters via a BPF passed to the Linux Kernel's
+ prctl() syscall.
+ .
+ This package contains the development files.
+
+Package: libseccomp2
+Architecture: linux-any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: high level interface to Linux seccomp filter
+ This library provides a high level interface to constructing, analyzing
+ and installing seccomp filters via a BPF passed to the Linux Kernel's
+ prctl() syscall.
+
+Package: seccomp
+Section: utils
+Architecture: linux-any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Suggests: libseccomp-dev
+Description: helper tools for high level interface to Linux seccomp filter
+ Provides helper tools for interacting with libseccomp. Currently, only
+ a single tool exists, providing a way to easily enumerate syscalls across
+ the supported architectures.
+
+Package: python-seccomp
+Build-Profiles: <!nopython>
+Architecture: linux-any
+Multi-Arch: same
+Section: python
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}
+Description: high level interface to Linux seccomp filter (Python 2 bindings)
+ This library provides a high level interface to constructing, analyzing
+ and installing seccomp filters via a BPF passed to the Linux Kernel's
+ prctl() syscall.
+
+Package: python3-seccomp
+Build-Profiles: <!nopython>
+Architecture: linux-any
+Multi-Arch: same
+Section: python
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${python3:Depends}
+Description: high level interface to Linux seccomp filter (Python 3 bindings)
+ This library provides a high level interface to constructing, analyzing
+ and installing seccomp filters via a BPF passed to the Linux Kernel's
+ prctl() syscall.
--- /dev/null
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: libseccomp
+Source: https://sourceforge.net/projects/libseccomp/
+
+Files: *
+Copyright: 2012 Paul Moore <pmoore@redhat.com>
+ 2012 Ashley Lai <adlai@us.ibm.com>
+ 2012 Corey Bryant <coreyb@linux.vnet.ibm.com>
+ 2012 Eduardo Otubo <otubo@linux.vnet.ibm.com>
+ 2012 Eric Paris <eparis@redhat.com>
+License: LGPL-2.1
+
+Files: tests/22-sim-basic_chains_array.tests
+Copyright: 2013 Vitaly Shukela <vi0oss@gmail.com>
+License: LGPL-2.1
+
+Files: src/hash.*
+Copyright: 2006 Bob Jenkins <bob_jenkins@burtleburtle.net>
+License: LGPL-2.1
+
+Files: debian/*
+Copyright: 2012 Kees Cook <kees@debian.org>
+License: LGPL-2.1
+
+License: LGPL-2.1
+ This library is free software; you can redistribute it and/or modify it
+ under the terms of version 2.1 of the GNU Lesser General Public License as
+ published by the Free Software Foundation.
+ .
+ This library is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
+ for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public License
+ along with this library; if not, see <http://www.gnu.org/licenses>.
+ .
+ On Debian systems, the complete text of the GNU Lesser General
+ Public License can be found in "/usr/share/common-licenses/LGPL-2.1".
--- /dev/null
+[DEFAULT]
+upstream-tag = upstream/%(version)s
+debian-tag = debian/%(version)s
+pristine-tar = True
+upstream-branch = upstream
+debian-branch = debian/sid
+
+[buildpackage]
+submodules = True
--- /dev/null
+usr/include/*
+usr/lib/*/lib*.so
+usr/lib/*/lib*.a
+usr/lib/*/pkgconfig/*
--- /dev/null
+debian/tmp/usr/share/man/man3/*
--- /dev/null
+usr/lib/*/lib*.so.*
--- /dev/null
+libseccomp.so.2 libseccomp2 #MINVER#
+* Build-Depends-Package: libseccomp-dev
+ seccomp_api_get@Base 2.4.1
+ seccomp_api_set@Base 2.4.1
+ seccomp_attr_get@Base 0.0.0~20120605
+ seccomp_attr_set@Base 0.0.0~20120605
+ seccomp_export_bpf@Base 0.0.0~20120605
+ seccomp_export_pfc@Base 0.0.0~20120605
+ seccomp_init@Base 0.0.0~20120605
+ seccomp_load@Base 0.0.0~20120605
+ seccomp_release@Base 0.0.0~20120605
+ seccomp_reset@Base 0.0.0~20120605
+ seccomp_rule_add@Base 0.0.0~20120605
+ seccomp_rule_add_exact@Base 0.0.0~20120605
+ seccomp_syscall_priority@Base 0.0.0~20120605
+ seccomp_syscall_resolve_name@Base 1.0.1
+ seccomp_merge@Base 1.0.1
+ seccomp_arch_add@Base 1.0.1
+ seccomp_arch_exist@Base 1.0.1
+ seccomp_arch_remove@Base 1.0.1
+ seccomp_arch_native@Base 2.1.0
+ seccomp_rule_add_array@Base 2.1.0
+ seccomp_rule_add_exact_array@Base 2.1.0
+ seccomp_syscall_resolve_name_arch@Base 2.1.0
+ seccomp_syscall_resolve_num_arch@Base 2.1.0
+ seccomp_arch_resolve_name@Base 2.2.1
+ seccomp_syscall_resolve_name_rewrite@Base 2.2.1
+ seccomp_version@Base 2.3.0
--- /dev/null
+usr/lib/python*/*-packages/install_files.txt
+usr/lib/python*/*-packages/seccomp-*.egg-info
+usr/lib/*/libseccomp.la
--- /dev/null
+https://github.com/seccomp/libseccomp/pull/159
+
+From 830929096665eab2b910d676ccab1df90908cb02 Mon Sep 17 00:00:00 2001
+From: Felix Geyer <debfx@fobos.de>
+Date: Mon, 15 Jul 2019 21:12:05 +0200
+Subject: [PATCH] Install the python extension to the root package dir
+
+Commit 8ad3638ea9023c3948976dfadebd1554380a31c9 effectively added libseccomp/
+to the install path of the python extension.
+This changed the import module name from "seccomp" to "libseccomp.seccomp",
+breaking existing users.
+
+Revert the install path like it was before 2.4.0
+
+Signed-off-by: Felix Geyer <debfx@fobos.de>
+---
+ src/python/Makefile.am | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/python/Makefile.am b/src/python/Makefile.am
+index 3a34b0a..f71ec24 100644
+--- a/src/python/Makefile.am
++++ b/src/python/Makefile.am
+@@ -40,12 +40,12 @@ build: ../libseccomp.la libseccomp.pxd seccomp.pyx setup.py
+ ${PY_BUILD} && touch build
+
+ install-exec-local: build
+- ${PY_INSTALL} --install-lib=${DESTDIR}/${pkgpythondir} \
+- --record=${DESTDIR}/${pkgpythondir}/install_files.txt
++ ${PY_INSTALL} --install-lib=${DESTDIR}/${pyexecdir} \
++ --record=${DESTDIR}/${pyexecdir}/install_files.txt
+
+ uninstall-local:
+- cat ${DESTDIR}/${pkgpythondir}/install_files.txt | xargs ${RM} -f
+- ${RM} -f ${DESTDIR}/${pkgpythondir}/install_files.txt
++ cat ${DESTDIR}/${pyexecdir}/install_files.txt | xargs ${RM} -f
++ ${RM} -f ${DESTDIR}/${pyexecdir}/install_files.txt
+
+ clean-local:
+ [ ${srcdir} == ${builddir} ] || ${RM} -f ${builddir}/seccomp.pyx
--- /dev/null
+python_install_dir.patch
--- /dev/null
+usr/lib/python2.*/dist-packages/seccomp.so
--- /dev/null
+usr/lib/python3.*/site-packages/seccomp.cpython-*.so
--- /dev/null
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+# Enable verbose build details.
+export V=1
+
+include /usr/share/dpkg/architecture.mk
+
+%:
+ifeq ($(filter nopython,$(DEB_BUILD_PROFILES)),)
+ dh $@ --with python2,python3
+else
+ dh $@
+endif
+
+ifeq ($(filter nopython,$(DEB_BUILD_PROFILES)),)
+override_dh_auto_configure:
+ dh_auto_configure -- --enable-python
+
+override_dh_auto_build:
+ PYTHONPATH="/usr/lib/python2.7/plat-${DEB_HOST_GNU_TYPE}$${PYTHONPATH:+:$$PYTHONPATH}" dh_auto_build
+
+override_dh_auto_install:
+ dh_auto_install
+ set -e; export _PYTHON_SYSCONFIGDATA_NAME='_sysconfigdata_m_${DEB_HOST_ARCH_OS}_${DEB_HOST_MULTIARCH}'; \
+ for pyver in `py3versions -s`; do \
+ dh_auto_configure -- --enable-python PYTHON=$$pyver; \
+ dh_auto_install --sourcedirectory=src/python -- PYTHON=$$pyver; \
+ done
+endif
+
+override_dh_auto_clean:
+ dh_auto_clean
+ rm -f regression.out
--- /dev/null
+debian/tmp/usr/share/man/man1/*
--- /dev/null
+3.0 (quilt)
--- /dev/null
+SRCDIR="$(pwd)"
+
+mkdir "$AUTOPKGTEST_TMP/tests" "$AUTOPKGTEST_TMP/tools"
+cp -a tests/. "$AUTOPKGTEST_TMP/tests/"
+
+cd "$AUTOPKGTEST_TMP/tests"
+
+# build tools needed for tests
+for tool in scmp_api_level scmp_arch_detect scmp_sys_resolver; do
+ echo "Building $tool ..."
+ gcc -O2 -g "$SRCDIR/tools/$tool.c" "$SRCDIR/tools/util.c" -lseccomp -o ../tools/$tool
+done
--- /dev/null
+Tests: testsuite-live
+Depends: libseccomp-dev, build-essential
+Restrictions: isolation-machine
+
+Tests: testsuite-live-python2
+Depends: libseccomp-dev, build-essential, python-seccomp
+Restrictions: isolation-machine, allow-stderr
+
+Tests: testsuite-live-python3
+Depends: libseccomp-dev, build-essential, python3-seccomp
+Restrictions: isolation-machine, allow-stderr
--- /dev/null
+#!/bin/sh
+
+set -eu
+
+. debian/tests/common
+
+# manually build necessary files against the installed libseccomp
+
+# build live tests
+for filename in *-live-*.tests; do
+ testname=$(echo "$filename" | cut -f 1 -d '.')
+ echo "Building $testname ..."
+ gcc -O2 -g "${testname}.c" util.c -pthread -lseccomp -o "$testname"
+done
+
+echo "Running test suite ..."
+./regression -T live
--- /dev/null
+#!/bin/sh
+
+set -eu
+
+. debian/tests/common
+
+echo "Running test suite ..."
+./regression -T live -m python
--- /dev/null
+#!/bin/sh
+
+set -eu
+
+. debian/tests/common
+
+# make sure "python" points to python3 as this is not configurable
+# in the regression script
+mkdir python3env
+ln -s /usr/bin/python3 python3env/python
+
+echo "Running test suite ..."
+PATH="$(pwd)/python3env:$PATH" ./regression -T live -m python
--- /dev/null
+# See uscan(1) for format
+version=3
+opts=dversionmangle=s/\+dfsg// \
+https://github.com/seccomp/libseccomp/releases \
+ /download/v.*/libseccomp-(.*)\.tar\.gz \
+ debian uupdate
projects / libseccomp.git / commitdiff