From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 23 May 2023 20:19:49 +0000 (+0100)
Subject: Import guestfs-tools_1.48.2-1+deb12u1.debian.tar.xz
X-Git-Tag: archive/raspbian/1.48.2-1+rpi1+deb12u1^2~2^2
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=c01cac3b924061a861b59155ea09e1fccb76872b;p=guestfs-tools.git

Import guestfs-tools_1.48.2-1+deb12u1.debian.tar.xz

[dgit import tarball guestfs-tools 1.48.2-1+deb12u1 guestfs-tools_1.48.2-1+deb12u1.debian.tar.xz]
---

c01cac3b924061a861b59155ea09e1fccb76872b
diff --git a/build.log b/build.log
new file mode 100644
index 0000000..fd8aef3
--- /dev/null
+++ b/build.log
@@ -0,0 +1,9 @@
+dpkg-buildpackage: info: source package guestfs-tools
+dpkg-buildpackage: info: source version 1.46.1-1
+dpkg-buildpackage: info: source distribution unstable
+dpkg-buildpackage: info: source changed by Hilko Bengen <bengen@debian.org>
+ dpkg-source --before-build .
+dpkg-buildpackage: info: host architecture amd64
+dpkg-checkbuilddeps: error: Unmet build dependencies: libguestfs-dev (>> 1:1.46) libguestfs-ocaml-dev (>> 1:1.46) libguestfs-perl (>> 1:1.46) libgettext-ocaml-dev libounit-ocaml-dev libvirt-ocaml-dev xorriso guestfish (>> 1:1.46)
+dpkg-buildpackage: warning: build dependencies/conflicts unsatisfied; aborting
+dpkg-buildpackage: warning: (Use -d flag to override.)
diff --git a/changelog b/changelog
new file mode 100644
index 0000000..9dde9ed
--- /dev/null
+++ b/changelog
@@ -0,0 +1,53 @@
+guestfs-tools (1.48.2-1+deb12u1) bookworm-security; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+
+  [ Hilko Bengen ]
+  * Add libguestfs-common patch, fixing CVE-2022-2211 (Closes: #1014764)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Tue, 23 May 2023 22:19:49 +0200
+
+guestfs-tools (1.48.2-1) unstable; urgency=medium
+
+  * New upstream version 1.48.2
+
+ -- Hilko Bengen <bengen@debian.org>  Fri, 27 May 2022 13:49:43 +0200
+
+guestfs-tools (1.48.1-1) unstable; urgency=medium
+
+  * New upstream version 1.48.1
+
+ -- Hilko Bengen <bengen@debian.org>  Mon, 16 May 2022 16:23:12 +0200
+
+guestfs-tools (1.48.0-1) unstable; urgency=medium
+
+  * New upstream version 1.48.0
+  * Run tests on more architectures: ppc64el, s390x
+  * Fix watch file
+
+ -- Hilko Bengen <bengen@debian.org>  Tue, 15 Mar 2022 11:10:37 +0100
+
+guestfs-tools (1.46.1-4) unstable; urgency=medium
+
+  * Add missing build-dependencies
+
+ -- Hilko Bengen <bengen@debian.org>  Sat, 15 Jan 2022 17:37:11 +0100
+
+guestfs-tools (1.46.1-3) unstable; urgency=medium
+
+  * Attempt to fix FTBFS on non-x86 architectures
+
+ -- Hilko Bengen <bengen@debian.org>  Fri, 14 Jan 2022 16:17:32 +0100
+
+guestfs-tools (1.46.1-2) unstable; urgency=medium
+
+  * Add gbp.conf file
+  * Fix debian/copyright file
+
+ -- Hilko Bengen <bengen@debian.org>  Sat, 08 Jan 2022 14:34:10 +0100
+
+guestfs-tools (1.46.1-1) unstable; urgency=medium
+
+  * Initial release (Closes: #1002577)
+
+ -- Hilko Bengen <bengen@debian.org>  Sat, 25 Dec 2021 12:37:58 +0100
diff --git a/control b/control
new file mode 100644
index 0000000..13c01e5
--- /dev/null
+++ b/control
@@ -0,0 +1,74 @@
+Source: guestfs-tools
+Section: utils
+Priority: optional
+Maintainer: Hilko Bengen <bengen@debian.org>
+Build-Depends: debhelper-compat (= 13),
+ pkg-config,
+ libguestfs-dev (>> 1:1.46),
+ libguestfs-ocaml-dev (>> 1:1.46),
+ libguestfs-perl (>> 1:1.46),
+ ocaml-nox, ocaml-findlib,
+ libgettext-ocaml-dev,
+ libounit-ocaml-dev <!nocheck>,
+ libvirt-ocaml-dev,
+ libjansson-dev,
+ liblzma-dev,
+ libpcre2-dev,
+ libtinfo-dev,
+ libvirt-dev,
+ libxml2-dev,
+ libmodule-build-perl,
+ libintl-perl,
+ gettext,
+ po4a,
+ bison,
+ flex,
+ sqlite3,
+ xorriso,
+ xz-utils,
+ bash-completion,
+ guestfish (>> 1:1.46) <!nocheck>,
+ ipxe-qemu <!nocheck>,
+ libxml2-utils <!nocheck>,
+ linux-image-alpha-generic [alpha] <!nocheck>,
+ linux-image-marvell [armel] <!nocheck> | linux-image-versatile [armel] <!nocheck>,
+ linux-image-armmp [armhf] <!nocheck>,
+ linux-image-arm64 [arm64] <!nocheck>,
+ linux-image-4kc-malta [mips mipsel] <!nocheck> | linux-image-5kc-malta [mips mipsel] <!nocheck>,
+ linux-image-5kc-malta [mips64 mips64el] <!nocheck>,
+ linux-image-s390x [s390x] <!nocheck>,
+ linux-image-parisc [hppa] <!nocheck>,
+ linux-image-powerpc [powerpc] <!nocheck>,
+ linux-image-powerpc64 [ppc64] <!nocheck>,
+ linux-image-powerpc64le [ppc64el] <!nocheck>,
+ linux-image-sparc64 [sparc sparc64] <!nocheck>,
+ linux-image-amd64 [amd64 x32] <!nocheck>,
+ linux-image-686-pae [i386] <!nocheck> | linux-image-586 [i386] <!nocheck> | linux-image-486 [i386] <!nocheck>,
+ linux-image-riscv64 [riscv64] <!nocheck>,
+ linux-image-itanium [ia64] <!nocheck> | linux-image-mckinley [ia64] <!nocheck>,
+Standards-Version: 4.6.0
+Homepage: https://libguestfs.org
+Vcs-Browser: https://salsa.debian.org/libvirt-team/guestfs-tools
+Vcs-Git: https://salsa.debian.org/libvirt-team/guestfs-tools.git
+Rules-Requires-Root: no
+
+Package: guestfs-tools
+Architecture: linux-any
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${perl:Depends},
+ libguestfs-perl,
+ libintl-perl,
+ libstring-shellquote-perl,
+ libsys-virt-perl,
+ libwin-hivex-perl,
+ curl,
+Recommends: virt-p2v, gnupg, libguestfs-tools (>= 1:1.46),
+Breaks: libguestfs-tools (<< 1:1.46)
+Replaces: libguestfs-tools (<< 1:1.46)
+Description: guest disk image management system - tools
+ The libguestfs library allows accessing and modifying guest disk
+ images.
+ .
+ This package contains the guestfish interactive shell and various
+ virtualization tools, including virt-cat, virt-df, virt-edit,
+ virt-filesystems, virt-inspector, virt-ls, virt-make-fs, virt-rescue,
+ virt-resize, virt-tar, and virt-win-reg.
diff --git a/copyright b/copyright
new file mode 100644
index 0000000..8fea43d
--- /dev/null
+++ b/copyright
@@ -0,0 +1,91 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: guestfs-tools
+Source: <http://libguestfs.org/>
+
+Files: *
+Copyright: Red Hat Inc.
+License: GPL-2.0+
+
+Files: sysprep/virt-sysprep.pod
+Copyright: Red Hat Inc
+           Fujitsu Ltd.
+License: GPL-2.0+
+
+Files: sysprep/sysprep_operation_sssd_db_log.ml
+       sysprep/sysprep_operation_net_hostname.ml
+       sysprep/sysprep_operation_abrt_data.ml
+       sysprep/sysprep_operation_flag_reconfiguration.ml
+       sysprep/sysprep_operation_samba_db_log.ml
+       sysprep/sysprep_operation_pam_data.ml
+       sysprep/sysprep_operation_tmp_files.ml
+       sysprep/sysprep_operation_pacct_log.ml
+       sysprep/sysprep_operation_puppet_data_log.ml
+       sysprep/sysprep_operation_kerberos_data.ml
+       sysprep/sysprep_operation_dovecot_data.ml
+       sysprep/sysprep_operation_package_manager_cache.ml
+       sysprep/sysprep_operation_ca_certificates.ml
+       sysprep/sysprep_operation_ssh_userdir.ml
+       sysprep/sysprep_operation_crash_data.ml
+       sysprep/sysprep_operation_bash_history.ml
+       sysprep/sysprep_operation_blkid_tab.ml
+       sysprep/sysprep_operation_machine_id.ml
+       sysprep/sysprep_operation_firewall_rules.ml
+       sysprep/sysprep_operation_user_account.ml
+Copyright: Fujitsu Ltd.
+License: GPL-2.0+
+
+Files: common/mlxml/xml.ml common/mlxml/xml-c.c
+Copyright: Red Hat Inc.
+           SUSE Inc.
+License: GPL-2.0+
+
+Files: builder/virt-builder-repository.*
+       builder/repository_main.*
+Copyright: SUSE Inc.
+License: GPL-2.0+
+
+Files: gnulib/lib/human.h gnulib/lib/xstrtol.* gnulib/lib/human.c gnulib/lib/argmatch.c gnulib/lib/xstrtol.h gnulib/lib/argmatch.h
+Copyright: Free Software Foundation, Inc.
+License: GPL-2.0+
+
+Files: gnulib/lib/getprogname.h gnulib/lib/ignore-value.h gnulib/lib/bitrotate.h gnulib/lib/hash.c gnulib/lib/xalloc-oversized.h gnulib/lib/c-ctype.h gnulib/lib/hash.h
+Copyright: Free Software Foundation, Inc.
+License: LGPL-2.0+
+
+Files: debian/*
+Copyright: 2021 Hilko Bengen <bengen@debian.org>
+License: GPL-2.0+
+
+License: GPL-2.0+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
+
+License: LGPL-2.0+
+ This package is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2 of the License, or (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ Lesser General Public License for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public License
+ along with this program. If not, see <https://www.gnu.org/licenses/>.
+ .
+ On Debian systems, the complete text of the GNU Lesser General
+ Public License can be found in "/usr/share/common-licenses/LGPL-2".
diff --git a/gbp.conf b/gbp.conf
new file mode 100644
index 0000000..90eb8d6
--- /dev/null
+++ b/gbp.conf
@@ -0,0 +1,5 @@
+[DEFAULT]
+upstream-branch = upstream
+debian-branch = debian/master
+[pq]
+patch-numbers = false
diff --git a/patches/Add-libguestfs-common-patch-to-fix-CVE-2022-2211.patch b/patches/Add-libguestfs-common-patch-to-fix-CVE-2022-2211.patch
new file mode 100644
index 0000000..6c73b6f
--- /dev/null
+++ b/patches/Add-libguestfs-common-patch-to-fix-CVE-2022-2211.patch
@@ -0,0 +1,45 @@
+From: Hilko Bengen <bengen@debian.org>
+Date: Mon, 10 Apr 2023 13:45:29 +0200
+Subject: Add libguestfs-common patch to fix CVE-2022-2211
+
+git shortlog 9e990f3e4530..35467027f657 from libguestfs-common
+
+Laszlo Ersek (1):
+      options: fix buffer overflow in get_keys() [CVE-2022-2211]
+---
+ common/options/keys.c | 16 +++++++++++-----
+ 1 file changed, 11 insertions(+), 5 deletions(-)
+
+diff --git a/common/options/keys.c b/common/options/keys.c
+index 798315c..d27a712 100644
+--- a/common/options/keys.c
++++ b/common/options/keys.c
+@@ -128,17 +128,23 @@ read_first_line_from_file (const char *filename)
+ char **
+ get_keys (struct key_store *ks, const char *device, const char *uuid)
+ {
+-  size_t i, j, len;
++  size_t i, j, nmemb;
+   char **r;
+   char *s;
+ 
+   /* We know the returned list must have at least one element and not
+    * more than ks->nr_keys.
+    */
+-  len = 1;
+-  if (ks)
+-    len = MIN (1, ks->nr_keys);
+-  r = calloc (len+1, sizeof (char *));
++  nmemb = 1;
++  if (ks && ks->nr_keys > nmemb)
++    nmemb = ks->nr_keys;
++
++  /* make room for the terminating NULL */
++  if (nmemb == (size_t)-1)
++    error (EXIT_FAILURE, 0, _("size_t overflow"));
++  nmemb++;
++
++  r = calloc (nmemb, sizeof (char *));
+   if (r == NULL)
+     error (EXIT_FAILURE, errno, "calloc");
+ 
diff --git a/patches/series b/patches/series
new file mode 100644
index 0000000..32cb31a
--- /dev/null
+++ b/patches/series
@@ -0,0 +1 @@
+Add-libguestfs-common-patch-to-fix-CVE-2022-2211.patch
diff --git a/rules b/rules
new file mode 100755
index 0000000..d91f9c8
--- /dev/null
+++ b/rules
@@ -0,0 +1,34 @@
+#!/usr/bin/make -f
+
+#export DH_VERBOSE = 1
+
+#export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+
+#export DEB_CFLAGS_MAINT_APPEND  = -Wall -pedantic
+#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
+
+include /usr/share/dpkg/architecture.mk
+
+# Disable because the test seems to hang.
+export SKIP_RHBZ1285847_SH=1
+export SKIP_TEST_VIRT_SYSPREP_SCRIPT_SH=1
+
+TEST_ARCHITECTURES := i386 amd64 arm64 riscv64 ppc64el s390x
+
+%:
+	dh $@
+
+override_dh_auto_test:
+ifneq "" "$(findstring $(DEB_HOST_ARCH),$(TEST_ARCHITECTURES))"
+	printenv
+	unset XDG_RUNTIME_DIR; \
+		if ! test -w /dev/kvm; then \
+			export LIBGUESTFS_BACKEND_SETTINGS=force_tcg; \
+		fi; \
+		export LIBGUESTFS_DEBUG=1 LIBGUESTFS_TRACE=1; \
+		$(MAKE) check
+endif
+
+override_dh_auto_install:
+	dh_auto_install
+	sed -i -e '1s,.*,#!/usr/bin/perl,' debian/guestfs-tools/usr/bin/virt-win-reg
diff --git a/source/format b/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/source/lintian-overrides b/source/lintian-overrides
new file mode 100644
index 0000000..55ab182
--- /dev/null
+++ b/source/lintian-overrides
@@ -0,0 +1,5 @@
+# See test-data/binaries/README
+guestfs-tools source: source-is-missing test-data/binaries/bin-*-dynamic
+guestfs-tools source: source-is-missing test-data/binaries/lib-*.so
+guestfs-tools source: source-contains-prebuilt-windows-binary test-data/binaries/*.exe
+guestfs-tools source: source-contains-prebuilt-windows-binary test-data/binaries/*.dll
diff --git a/watch b/watch
new file mode 100644
index 0000000..e9d1716
--- /dev/null
+++ b/watch
@@ -0,0 +1,3 @@
+version=4
+
+https://download.libguestfs.org/guestfs-tools/([\d\.]*)-stable/guestfs-tools-([\d\.]*)\.tar\.gz