--- /dev/null
--- /dev/null
++dpkg-buildpackage: info: source package guestfs-tools
++dpkg-buildpackage: info: source version 1.46.1-1
++dpkg-buildpackage: info: source distribution unstable
++dpkg-buildpackage: info: source changed by Hilko Bengen <bengen@debian.org>
++ dpkg-source --before-build .
++dpkg-buildpackage: info: host architecture amd64
++dpkg-checkbuilddeps: error: Unmet build dependencies: libguestfs-dev (>> 1:1.46) libguestfs-ocaml-dev (>> 1:1.46) libguestfs-perl (>> 1:1.46) libgettext-ocaml-dev libounit-ocaml-dev libvirt-ocaml-dev xorriso guestfish (>> 1:1.46)
++dpkg-buildpackage: warning: build dependencies/conflicts unsatisfied; aborting
++dpkg-buildpackage: warning: (Use -d flag to override.)
--- /dev/null
--- /dev/null
++guestfs-tools (1.48.2-1+deb12u1) bookworm-security; urgency=high
++
++ * Non-maintainer upload by the Security Team.
++
++ [ Hilko Bengen ]
++ * Add libguestfs-common patch, fixing CVE-2022-2211 (Closes: #1014764)
++
++ -- Salvatore Bonaccorso <carnil@debian.org> Tue, 23 May 2023 22:19:49 +0200
++
++guestfs-tools (1.48.2-1) unstable; urgency=medium
++
++ * New upstream version 1.48.2
++
++ -- Hilko Bengen <bengen@debian.org> Fri, 27 May 2022 13:49:43 +0200
++
++guestfs-tools (1.48.1-1) unstable; urgency=medium
++
++ * New upstream version 1.48.1
++
++ -- Hilko Bengen <bengen@debian.org> Mon, 16 May 2022 16:23:12 +0200
++
++guestfs-tools (1.48.0-1) unstable; urgency=medium
++
++ * New upstream version 1.48.0
++ * Run tests on more architectures: ppc64el, s390x
++ * Fix watch file
++
++ -- Hilko Bengen <bengen@debian.org> Tue, 15 Mar 2022 11:10:37 +0100
++
++guestfs-tools (1.46.1-4) unstable; urgency=medium
++
++ * Add missing build-dependencies
++
++ -- Hilko Bengen <bengen@debian.org> Sat, 15 Jan 2022 17:37:11 +0100
++
++guestfs-tools (1.46.1-3) unstable; urgency=medium
++
++ * Attempt to fix FTBFS on non-x86 architectures
++
++ -- Hilko Bengen <bengen@debian.org> Fri, 14 Jan 2022 16:17:32 +0100
++
++guestfs-tools (1.46.1-2) unstable; urgency=medium
++
++ * Add gbp.conf file
++ * Fix debian/copyright file
++
++ -- Hilko Bengen <bengen@debian.org> Sat, 08 Jan 2022 14:34:10 +0100
++
++guestfs-tools (1.46.1-1) unstable; urgency=medium
++
++ * Initial release (Closes: #1002577)
++
++ -- Hilko Bengen <bengen@debian.org> Sat, 25 Dec 2021 12:37:58 +0100
--- /dev/null
--- /dev/null
++Source: guestfs-tools
++Section: utils
++Priority: optional
++Maintainer: Hilko Bengen <bengen@debian.org>
++Build-Depends: debhelper-compat (= 13),
++ pkg-config,
++ libguestfs-dev (>> 1:1.46),
++ libguestfs-ocaml-dev (>> 1:1.46),
++ libguestfs-perl (>> 1:1.46),
++ ocaml-nox, ocaml-findlib,
++ libgettext-ocaml-dev,
++ libounit-ocaml-dev <!nocheck>,
++ libvirt-ocaml-dev,
++ libjansson-dev,
++ liblzma-dev,
++ libpcre2-dev,
++ libtinfo-dev,
++ libvirt-dev,
++ libxml2-dev,
++ libmodule-build-perl,
++ libintl-perl,
++ gettext,
++ po4a,
++ bison,
++ flex,
++ sqlite3,
++ xorriso,
++ xz-utils,
++ bash-completion,
++ guestfish (>> 1:1.46) <!nocheck>,
++ ipxe-qemu <!nocheck>,
++ libxml2-utils <!nocheck>,
++ linux-image-alpha-generic [alpha] <!nocheck>,
++ linux-image-marvell [armel] <!nocheck> | linux-image-versatile [armel] <!nocheck>,
++ linux-image-armmp [armhf] <!nocheck>,
++ linux-image-arm64 [arm64] <!nocheck>,
++ linux-image-4kc-malta [mips mipsel] <!nocheck> | linux-image-5kc-malta [mips mipsel] <!nocheck>,
++ linux-image-5kc-malta [mips64 mips64el] <!nocheck>,
++ linux-image-s390x [s390x] <!nocheck>,
++ linux-image-parisc [hppa] <!nocheck>,
++ linux-image-powerpc [powerpc] <!nocheck>,
++ linux-image-powerpc64 [ppc64] <!nocheck>,
++ linux-image-powerpc64le [ppc64el] <!nocheck>,
++ linux-image-sparc64 [sparc sparc64] <!nocheck>,
++ linux-image-amd64 [amd64 x32] <!nocheck>,
++ linux-image-686-pae [i386] <!nocheck> | linux-image-586 [i386] <!nocheck> | linux-image-486 [i386] <!nocheck>,
++ linux-image-riscv64 [riscv64] <!nocheck>,
++ linux-image-itanium [ia64] <!nocheck> | linux-image-mckinley [ia64] <!nocheck>,
++Standards-Version: 4.6.0
++Homepage: https://libguestfs.org
++Vcs-Browser: https://salsa.debian.org/libvirt-team/guestfs-tools
++Vcs-Git: https://salsa.debian.org/libvirt-team/guestfs-tools.git
++Rules-Requires-Root: no
++
++Package: guestfs-tools
++Architecture: linux-any
++Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends},
++ libguestfs-perl,
++ libintl-perl,
++ libstring-shellquote-perl,
++ libsys-virt-perl,
++ libwin-hivex-perl,
++ curl,
++Recommends: virt-p2v, gnupg, libguestfs-tools (>= 1:1.46),
++Breaks: libguestfs-tools (<< 1:1.46)
++Replaces: libguestfs-tools (<< 1:1.46)
++Description: guest disk image management system - tools
++ The libguestfs library allows accessing and modifying guest disk
++ images.
++ .
++ This package contains the guestfish interactive shell and various
++ virtualization tools, including virt-cat, virt-df, virt-edit,
++ virt-filesystems, virt-inspector, virt-ls, virt-make-fs, virt-rescue,
++ virt-resize, virt-tar, and virt-win-reg.
--- /dev/null
--- /dev/null
++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
++Upstream-Name: guestfs-tools
++Source: <http://libguestfs.org/>
++
++Files: *
++Copyright: Red Hat Inc.
++License: GPL-2.0+
++
++Files: sysprep/virt-sysprep.pod
++Copyright: Red Hat Inc
++ Fujitsu Ltd.
++License: GPL-2.0+
++
++Files: sysprep/sysprep_operation_sssd_db_log.ml
++ sysprep/sysprep_operation_net_hostname.ml
++ sysprep/sysprep_operation_abrt_data.ml
++ sysprep/sysprep_operation_flag_reconfiguration.ml
++ sysprep/sysprep_operation_samba_db_log.ml
++ sysprep/sysprep_operation_pam_data.ml
++ sysprep/sysprep_operation_tmp_files.ml
++ sysprep/sysprep_operation_pacct_log.ml
++ sysprep/sysprep_operation_puppet_data_log.ml
++ sysprep/sysprep_operation_kerberos_data.ml
++ sysprep/sysprep_operation_dovecot_data.ml
++ sysprep/sysprep_operation_package_manager_cache.ml
++ sysprep/sysprep_operation_ca_certificates.ml
++ sysprep/sysprep_operation_ssh_userdir.ml
++ sysprep/sysprep_operation_crash_data.ml
++ sysprep/sysprep_operation_bash_history.ml
++ sysprep/sysprep_operation_blkid_tab.ml
++ sysprep/sysprep_operation_machine_id.ml
++ sysprep/sysprep_operation_firewall_rules.ml
++ sysprep/sysprep_operation_user_account.ml
++Copyright: Fujitsu Ltd.
++License: GPL-2.0+
++
++Files: common/mlxml/xml.ml common/mlxml/xml-c.c
++Copyright: Red Hat Inc.
++ SUSE Inc.
++License: GPL-2.0+
++
++Files: builder/virt-builder-repository.*
++ builder/repository_main.*
++Copyright: SUSE Inc.
++License: GPL-2.0+
++
++Files: gnulib/lib/human.h gnulib/lib/xstrtol.* gnulib/lib/human.c gnulib/lib/argmatch.c gnulib/lib/xstrtol.h gnulib/lib/argmatch.h
++Copyright: Free Software Foundation, Inc.
++License: GPL-2.0+
++
++Files: gnulib/lib/getprogname.h gnulib/lib/ignore-value.h gnulib/lib/bitrotate.h gnulib/lib/hash.c gnulib/lib/xalloc-oversized.h gnulib/lib/c-ctype.h gnulib/lib/hash.h
++Copyright: Free Software Foundation, Inc.
++License: LGPL-2.0+
++
++Files: debian/*
++Copyright: 2021 Hilko Bengen <bengen@debian.org>
++License: GPL-2.0+
++
++License: GPL-2.0+
++ This package is free software; you can redistribute it and/or modify
++ it under the terms of the GNU General Public License as published by
++ the Free Software Foundation; either version 2 of the License, or
++ (at your option) any later version.
++ .
++ This package is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ GNU General Public License for more details.
++ .
++ You should have received a copy of the GNU General Public License
++ along with this program. If not, see <https://www.gnu.org/licenses/>
++ .
++ On Debian systems, the complete text of the GNU General
++ Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
++
++License: LGPL-2.0+
++ This package is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2 of the License, or (at your option) any later version.
++ .
++ This package is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++ .
++ You should have received a copy of the GNU Lesser General Public License
++ along with this program. If not, see <https://www.gnu.org/licenses/>.
++ .
++ On Debian systems, the complete text of the GNU Lesser General
++ Public License can be found in "/usr/share/common-licenses/LGPL-2".
--- /dev/null
--- /dev/null
++[DEFAULT]
++upstream-branch = upstream
++debian-branch = debian/master
++[pq]
++patch-numbers = false
--- /dev/null
--- /dev/null
++From: Hilko Bengen <bengen@debian.org>
++Date: Mon, 10 Apr 2023 13:45:29 +0200
++Subject: Add libguestfs-common patch to fix CVE-2022-2211
++
++git shortlog 9e990f3e4530..35467027f657 from libguestfs-common
++
++Laszlo Ersek (1):
++ options: fix buffer overflow in get_keys() [CVE-2022-2211]
++---
++ common/options/keys.c | 16 +++++++++++-----
++ 1 file changed, 11 insertions(+), 5 deletions(-)
++
++diff --git a/common/options/keys.c b/common/options/keys.c
++index 798315c..d27a712 100644
++--- a/common/options/keys.c
+++++ b/common/options/keys.c
++@@ -128,17 +128,23 @@ read_first_line_from_file (const char *filename)
++ char **
++ get_keys (struct key_store *ks, const char *device, const char *uuid)
++ {
++- size_t i, j, len;
+++ size_t i, j, nmemb;
++ char **r;
++ char *s;
++
++ /* We know the returned list must have at least one element and not
++ * more than ks->nr_keys.
++ */
++- len = 1;
++- if (ks)
++- len = MIN (1, ks->nr_keys);
++- r = calloc (len+1, sizeof (char *));
+++ nmemb = 1;
+++ if (ks && ks->nr_keys > nmemb)
+++ nmemb = ks->nr_keys;
+++
+++ /* make room for the terminating NULL */
+++ if (nmemb == (size_t)-1)
+++ error (EXIT_FAILURE, 0, _("size_t overflow"));
+++ nmemb++;
+++
+++ r = calloc (nmemb, sizeof (char *));
++ if (r == NULL)
++ error (EXIT_FAILURE, errno, "calloc");
++
--- /dev/null
--- /dev/null
++Add-libguestfs-common-patch-to-fix-CVE-2022-2211.patch
--- /dev/null
--- /dev/null
++#!/usr/bin/make -f
++
++#export DH_VERBOSE = 1
++
++#export DEB_BUILD_MAINT_OPTIONS = hardening=+all
++
++#export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic
++#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
++
++include /usr/share/dpkg/architecture.mk
++
++# Disable because the test seems to hang.
++export SKIP_RHBZ1285847_SH=1
++export SKIP_TEST_VIRT_SYSPREP_SCRIPT_SH=1
++
++TEST_ARCHITECTURES := i386 amd64 arm64 riscv64 ppc64el s390x
++
++%:
++ dh $@
++
++override_dh_auto_test:
++ifneq "" "$(findstring $(DEB_HOST_ARCH),$(TEST_ARCHITECTURES))"
++ printenv
++ unset XDG_RUNTIME_DIR; \
++ if ! test -w /dev/kvm; then \
++ export LIBGUESTFS_BACKEND_SETTINGS=force_tcg; \
++ fi; \
++ export LIBGUESTFS_DEBUG=1 LIBGUESTFS_TRACE=1; \
++ $(MAKE) check
++endif
++
++override_dh_auto_install:
++ dh_auto_install
++ sed -i -e '1s,.*,#!/usr/bin/perl,' debian/guestfs-tools/usr/bin/virt-win-reg
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++# See test-data/binaries/README
++guestfs-tools source: source-is-missing test-data/binaries/bin-*-dynamic
++guestfs-tools source: source-is-missing test-data/binaries/lib-*.so
++guestfs-tools source: source-contains-prebuilt-windows-binary test-data/binaries/*.exe
++guestfs-tools source: source-contains-prebuilt-windows-binary test-data/binaries/*.dll
--- /dev/null
--- /dev/null
++version=4
++
++https://download.libguestfs.org/guestfs-tools/([\d\.]*)-stable/guestfs-tools-([\d\.]*)\.tar\.gz
projects / guestfs-tools.git / commitdiff