From: Felix Geyer Date: Thu, 20 Mar 2025 21:12:14 +0000 (+0100) Subject: libseccomp (2.6.0-2) unstable; urgency=medium X-Git-Tag: archive/raspbian/2.6.0-2+rpi1^2~5 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=f9c9e81d0a2b6264595a4fc42db251aa09d1a01b;p=libseccomp.git libseccomp (2.6.0-2) unstable; urgency=medium * Upload to unstable. * Disable valgrind unit tests, it's not stable enough. * Cherry-pick upstream fixes: - tests_remove_the_fuzzer_from_test_62-sim-arch_transactions.patch - hash_fix_strict_aliasing_UB_in_MurMur_hash_implementation.patch - api_fix_seccomp_export_bpf_mem_out-of-bounds_read.patch [dgit import unpatched libseccomp 2.6.0-2] --- f9c9e81d0a2b6264595a4fc42db251aa09d1a01b diff --cc debian/changelog index 0000000,0000000..c8aa23f new file mode 100644 --- /dev/null +++ b/debian/changelog @@@ -1,0 -1,0 +1,419 @@@ ++libseccomp (2.6.0-2) unstable; urgency=medium ++ ++ * Upload to unstable. ++ * Disable valgrind unit tests, it's not stable enough. ++ * Cherry-pick upstream fixes: ++ - tests_remove_the_fuzzer_from_test_62-sim-arch_transactions.patch ++ - hash_fix_strict_aliasing_UB_in_MurMur_hash_implementation.patch ++ - api_fix_seccomp_export_bpf_mem_out-of-bounds_read.patch ++ ++ -- Felix Geyer Thu, 20 Mar 2025 22:12:14 +0100 ++ ++libseccomp (2.6.0-1) experimental; urgency=medium ++ ++ * New upstream release. (Closes: #1088935) ++ * Drop backported loongarch64 patches, applied upstream. ++ * Drop python_Fix_distutils_DeprecationWarning.patch, applied upstream. ++ * Update symbols file. ++ * Fix watch file. ++ * Refresh upstream signing keys. ++ * Run unit tests in parallel. ++ ++ -- Felix Geyer Fri, 24 Jan 2025 22:10:51 +0100 ++ ++libseccomp (2.5.5-2) unstable; urgency=medium ++ ++ * Revert: Dynamically skip autopkgtests when the test runner already applies ++ seccomp restrictions. ++ - Container based backends usually apply a seccomp filter so it's better ++ to declare the isolation-machine restriction. ++ * Backport support for syscalls up to kernel v6.12-rc5 and loongarch64. ++ (Closes: #1051323) ++ - syscalls_update_to_Linux_v6.0.patch ++ - tests_add_fstatfs_syscall_in_the_06-sim-actions.patch ++ - arch_Add_64-bit_LoongArch_support.patch ++ - tests_Add_64-bit_LoongArch_support.patch ++ - doc_update_README_and_manpage_for_64-bit_LoongArch.patch ++ - tests_Fix_wrong_syscall-error_in_test_29.patch ++ - tests_only_use_bogus_syscall_numbers_in_test_29.patch ++ - arch_unify_handling_of_syscall.tbl_in_arch-syscall-validate.patch ++ - arch_adapt_arch-syscall-validate_to_Linux_6.11.patch ++ - syscalls_Update_the_syscall_table_for_Linux_v6.12-rc5.patch ++ ++ -- Felix Geyer Sun, 24 Nov 2024 21:54:16 +0100 ++ ++libseccomp (2.5.5-1) unstable; urgency=medium ++ ++ * New upstream release. ++ ++ -- Felix Geyer Thu, 04 Jan 2024 18:29:54 +0100 ++ ++libseccomp (2.5.4-2) unstable; urgency=medium ++ ++ * Fix watch file. (Closes: #1050659) ++ * Dynamically skip autopkgtests when the test runner already applies seccomp ++ restrictions. ++ - Drop isolation-machine restriction. ++ * Fix FTBFS with setuptools. (Closes: #1054788, #1033641) ++ - Add python_Fix_distutils_DeprecationWarning.patch ++ - Add python_single_version_externally_managed.patch ++ - Explicitly build-depend on python3-setuptools ++ ++ -- Felix Geyer Sun, 29 Oct 2023 15:13:08 +0100 ++ ++libseccomp (2.5.4-1) unstable; urgency=medium ++ ++ * New upstream release. ++ ++ -- Felix Geyer Thu, 21 Apr 2022 22:23:12 +0200 ++ ++libseccomp (2.5.3-2) unstable; urgency=medium ++ ++ [ Alex Murray ] ++ * Fix python version check in debian/rules to properly handle python3.10 ++ to resolve FTBFS (Closes: #999364) ++ ++ -- Felix Geyer Thu, 18 Nov 2021 17:52:23 +0100 ++ ++libseccomp (2.5.3-1) experimental; urgency=medium ++ ++ * New upstream release. ++ * Drop patches from 2.5.2-2, fixed upstream. ++ ++ -- Felix Geyer Sat, 06 Nov 2021 16:46:51 +0100 ++ ++libseccomp (2.5.2-2) unstable; urgency=medium ++ ++ * Revert mips and powerpc multiplexed syscall handling. ++ - Fixes test suite failures. (Closes: #994285) ++ ++ -- Felix Geyer Sun, 03 Oct 2021 23:26:59 +0200 ++ ++libseccomp (2.5.2-1) unstable; urgency=medium ++ ++ * New upstream release. ++ * Update watch file. ++ ++ -- Felix Geyer Tue, 07 Sep 2021 11:14:34 +0200 ++ ++libseccomp (2.5.1-1) unstable; urgency=medium ++ ++ * New upstream release. ++ * Drop all patches as they have been applied upstream. ++ ++ -- Felix Geyer Mon, 21 Dec 2020 10:50:30 +0100 ++ ++libseccomp (2.5.0-3) unstable; urgency=medium ++ ++ * Cherry-pick patch from the 2.5 branch to fix test error on mips: ++ - arch_ensure_we_dont_munge_pseudo_syscall_numbers.patch ++ ++ -- Felix Geyer Sun, 08 Nov 2020 19:59:21 +0100 ++ ++libseccomp (2.5.0-2) unstable; urgency=medium ++ ++ * Upload to unstable. ++ * Cherry-pick patches from the 2.5 branch to fix build and test errors: ++ - build_undefine_mips_to_prevent_build_problems.patch ++ - tests_use_openat_and_fstat_instead_of_open_and_stat_syscalls.patch ++ ++ -- Felix Geyer Sun, 08 Nov 2020 15:49:41 +0100 ++ ++libseccomp (2.5.0-1) experimental; urgency=medium ++ ++ * New upstream release. ++ - Build-depend on gperf. ++ - Update symbols file. ++ * Remove patches that have been applied upstream: ++ - cython3.patch ++ - riscv64_support.patch ++ * Cherry-pick patches from the 2.5 branch: ++ - all_only_request_the_userspace_notification_fd_once.patch ++ - system_change_our_notification_fd_handling.patch ++ ++ -- Felix Geyer Sat, 24 Oct 2020 13:58:28 +0200 ++ ++libseccomp (2.4.4-1) unstable; urgency=medium ++ ++ * Team upload. ++ ++ [ Debian Janitor ] ++ * Set upstream metadata fields: Repository, Repository-Browse. ++ * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository. ++ ++ [ Felix Geyer ] ++ * New upstream release. ++ * Download and verify orig gpg signature. ++ ++ -- Felix Geyer Sun, 20 Sep 2020 19:03:41 +0200 ++ ++libseccomp (2.4.3-1) unstable; urgency=medium ++ ++ * New upstream release. ++ * Drop patches that have been applied upstream: ++ - tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch ++ - api_define__SNR_ppoll_again.patch ++ * Cherry-pick support for the riscv64 architecture. (Closes: #952386) ++ - Add riscv64_support.patch ++ ++ -- Felix Geyer Thu, 12 Mar 2020 23:35:13 +0100 ++ ++libseccomp (2.4.2-2) unstable; urgency=medium ++ ++ [ Christian Ehrhardt ] ++ * d/rules: fix potential FTFBS after full python3 switch ++ * d/t/control: drop python2 test following the removal of the package ++ ++ [ Felix Geyer ] ++ * Remove build-dependency on valgrind for mips64el as it's broken there. ++ * Backport patch to define __SNR_ppoll again. ++ - Add api_define__SNR_ppoll_again.patch ++ * Replace custom patch for cython3 with the upstream fix. ++ ++ -- Felix Geyer Fri, 15 Nov 2019 18:12:53 +0100 ++ ++libseccomp (2.4.2-1) unstable; urgency=medium ++ ++ [ Christian Ehrhardt ] ++ * New upstream release 2.4.2 for compatibility with newer kernels and ++ fixing FTBFS (LP: #1849785). ++ - drop d/p/python_install_dir.patch (now upstream) ++ - d/rules: adapt to python 3.8 lacking the m modifier on includes ++ see https://wiki.debian.org/Python/Python3.8 ++ - d/p/tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch: fix ++ build time test on arm64 ++ ++ [ Felix Geyer ] ++ * Drop Python 2 bindings. (Closes: #936917) ++ - Add cython3.patch to use the Python 3 cython variant. ++ ++ -- Felix Geyer Wed, 13 Nov 2019 00:00:49 +0100 ++ ++libseccomp (2.4.1-2) unstable; urgency=medium ++ ++ * Remove build-dependency on valgrind for mipsel and x32 as it's broken ++ on those archs. ++ * Set Rules-Requires-Root: no. ++ ++ -- Felix Geyer Fri, 19 Jul 2019 00:03:34 +0200 ++ ++libseccomp (2.4.1-1) unstable; urgency=medium ++ ++ * New upstream release. ++ - Addresses CVE-2019-9893 (Closes: #924646) ++ * Drop all patches for parisc arch support, merged upstream. ++ * Build-depend on valgrind to run more unit tests. ++ * Run dh_auto_configure for every python 3 version to install the extension ++ in the correct path. ++ * Update the symbols file. ++ * Adapt autopkgtest to new upstream version: ++ - Build against pthread ++ - Build scmp_api_level tool ++ * Upgrade to debhelper compat level 12. ++ - Add d/not-installed file ++ * Fix install path of the python module. ++ - Add python_install_dir.patch ++ * Add autopkgtest for python packages. ++ ++ -- Felix Geyer Wed, 17 Jul 2019 23:23:28 +0200 ++ ++libseccomp (2.3.3-4) unstable; urgency=medium ++ ++ [ Ondřej Nový ] ++ * d/copyright: Change Format URL to correct one ++ ++ [ Helmut Grohne ] ++ * Fix FTCBFS: (Closes: #903556) ++ + Multiarchify python Build-Depends. ++ + Annotate cython dependencies with :native for now. ++ + Drop noop dh_auto_build invocations. ++ + Pass a suitable PYTHONPATH for python2. ++ + Pass _PYTHON_SYSCONFIGDATA_NAME for python3. ++ ++ -- Felix Geyer Sun, 10 Feb 2019 12:25:44 +0100 ++ ++libseccomp (2.3.3-3) unstable; urgency=medium ++ ++ * Fix FTBFS: Adapt to renamed README file. (Closes: #902767) ++ ++ -- Felix Geyer Sun, 01 Jul 2018 20:32:03 +0200 ++ ++libseccomp (2.3.3-2) unstable; urgency=medium ++ ++ [ Helmut Grohne ] ++ * Support the nopython build profile. (Closes: #897057) ++ ++ [ Felix Geyer ] ++ * Run upstream "live" tests in an autopkgtest. ++ ++ -- Felix Geyer Sun, 13 May 2018 09:53:08 +0200 ++ ++libseccomp (2.3.3-1) unstable; urgency=medium ++ ++ * New upstream release. (Closes: #895417) ++ - Adds pkey_mprotect syscall. (Closes: #893722) ++ * Refresh parisc patch. ++ * Move libseccomp2 back to /usr/lib. (Closes: #894988) ++ * Make test failures cause the build to fail. (Closes: 877901) ++ * Build python bindings. (Closes: #810712) ++ * Switch to debhelper compat level 10. ++ * Move git repo to salsa.debian.org ++ * Add myself to Uploaders. ++ ++ -- Felix Geyer Sun, 22 Apr 2018 23:55:03 +0200 ++ ++libseccomp (2.3.1-2.1) unstable; urgency=medium ++ ++ [ Martin Pitt ] ++ * Non-maintainer upload with Kees' consent. ++ ++ [ Laurent Bigonville ] ++ * Ensure strict enough generated dependencies (Closes: #844496) ++ ++ -- Martin Pitt Thu, 17 Nov 2016 10:16:44 +0100 ++ ++libseccomp (2.3.1-2) unstable; urgency=medium ++ ++ * Add hppa (parisc) support (Closes: #820501) ++ ++ -- Luca Bruno Sat, 28 May 2016 20:05:01 +0200 ++ ++libseccomp (2.3.1-1) unstable; urgency=medium ++ ++ * New upstream release ++ * control: add Vcs-* fields ++ ++ -- Luca Bruno Tue, 05 Apr 2016 22:16:55 +0200 ++ ++libseccomp (2.3.0-1) unstable; urgency=medium ++ ++ * New upstream release ++ + drop all patches, applied upstream ++ * libseccomp2: update symbols file ++ * control: add myself to uploaders ++ * control: bump policy version ++ ++ -- Luca Bruno Sun, 03 Apr 2016 00:31:09 +0200 ++ ++libseccomp (2.2.3-3) unstable; urgency=medium ++ ++ [ Martin Pitt ] ++ * debian/patches/add-x86-32bit-socket-calls.patch: add the newly ++ connected direct socket calls. (Closes: #809556) ++ * debian/add-membarrier.patch: add membarrier syscall. ++ * Backport patches for ppc/ppc64 and s390x. (Closes: #800818) ++ ++ -- Kees Cook Tue, 01 Sep 2015 15:37:31 -0700 ++ ++libseccomp (2.2.3-2) unstable; urgency=medium ++ ++ * debian/control: enable mips64, mips64el, and x32 architectures, ++ thanks to Helmut Grohne (Closes: 797383). ++ ++ -- Kees Cook Tue, 01 Sep 2015 15:37:31 -0700 ++ ++libseccomp (2.2.3-1) unstable; urgency=medium ++ ++ * New upstream release (Closes: 793032). ++ * debian/control: update Homepage (Closes: 793033). ++ ++ -- Kees Cook Mon, 03 Aug 2015 15:06:08 -0700 ++ ++libseccomp (2.2.1-2) unstable; urgency=medium ++ ++ * debian/{rules,*.install}: move to /lib, thanks to Michael Biebl ++ (Closes: 788923). ++ ++ -- Kees Cook Tue, 16 Jun 2015 12:45:08 -0700 ++ ++libseccomp (2.2.1-1) unstable; urgency=medium ++ ++ * New upstream release (Closes: 785428). ++ - debian/patches dropped: incorporated upstream. ++ * debian/libseccomp2.symbols: include only documented symbols. ++ * debian/libseccomp-dev.install: include static library (Closes: 698508). ++ * debian/control: ++ - add newly supported arm64, mips, and mipsel. ++ - bump standards version, no changes needed. ++ ++ -- Kees Cook Sat, 16 May 2015 08:15:26 -0700 ++ ++libseccomp (2.1.1-1) unstable; urgency=low ++ ++ * New upstream release (Closes: 733293). ++ * copyright: add a few missed people. ++ * rules: adjusted for new test target. ++ * libseccomp2.symbols: drop accidentally exported functions. ++ * control: ++ - bump standards, no changes needed. ++ - add armel target ++ ++ -- Kees Cook Sat, 12 Apr 2014 10:44:22 -0700 ++ ++libseccomp (2.1.0+dfsg-1) unstable; urgency=low ++ ++ * Rebuild source package without accidental binaries (Closes: 725617). ++ - debian/watch: mangle upstream version check. ++ * debian/rules: make tests non-fatal while upstream fixes them ++ (Closes: 721292). ++ ++ -- Kees Cook Sun, 06 Oct 2013 15:05:51 -0700 ++ ++libseccomp (2.1.0-1) unstable; urgency=low ++ ++ * New upstream release (Closes: 718398): ++ - dropped debian/patches/manpage-dashes.patch: taken upstream. ++ - dropped debian/patches/include-unistd.patch: not needed. ++ - debian/patches/testsuite-x86-write.patch: taken upstream. ++ - ABI bump: moved from libseccomp1 to libseccomp2. ++ * debian/control: ++ - added Arch: armhf, now supported upstream. ++ - added seccomp binary package for helper tools. ++ * Added debian/patches/manpage-typo.patch: spelling fix. ++ * Added debian/patches/build-ldflags.patch: fix LDFLAGS handling. ++ ++ -- Kees Cook Tue, 13 Aug 2013 00:02:01 -0700 ++ ++libseccomp (1.0.1-2) unstable; urgency=low ++ ++ * debian/rules: enable testsuite at build time, thanks to ++ Stéphane Graber (Closes: 698803). ++ * Added debian/patches/include-unistd.patch: detect location of ++ asm/unistd.h correctly. ++ * Added debian/patches/testsuite-x86-write.patch: skip the "write" ++ syscall correctly on x86. ++ * debian/control: bump standards to 3.9.4, no changes needed. ++ ++ -- Kees Cook Wed, 23 Jan 2013 13:11:53 -0800 ++ ++libseccomp (1.0.1-1) unstable; urgency=low ++ ++ * New upstream release. ++ * debian/control: only build on amd64 and i386 (Closes: 687368). ++ ++ -- Kees Cook Fri, 07 Dec 2012 11:38:03 -0800 ++ ++libseccomp (1.0.0-1) unstable; urgency=low ++ ++ * New upstream release. ++ - bump ABI. ++ - drop build verbosity patch, use upstream V=1 instead. ++ * libseccomp-dev.manpages: fix build location (Closes: 682152, 682471). ++ * debian/patches/pkgconfig-macro.patch: use literals for macro. ++ ++ -- Kees Cook Fri, 03 Aug 2012 16:59:41 -0700 ++ ++libseccomp (0.1.0-1) unstable; urgency=low ++ ++ * New upstream release. ++ - drop patches taken upstream: ++ - libexecdir.patch ++ - pass-flags.patch ++ ++ -- Kees Cook Fri, 08 Jun 2012 12:32:22 -0700 ++ ++libseccomp (0.0.0~20120605-1) unstable; urgency=low ++ ++ * Initial release (Closes: #676257). ++ ++ -- Kees Cook Tue, 05 Jun 2012 11:28:07 -0700 diff --cc debian/control index 0000000,0000000..e3b7365 new file mode 100644 --- /dev/null +++ b/debian/control @@@ -1,0 -1,0 +1,63 @@@ ++Source: libseccomp ++Section: libs ++Priority: optional ++Maintainer: Kees Cook ++Uploaders: Luca Bruno , Felix Geyer ++Build-Depends: debhelper-compat (= 12), ++ linux-libc-dev, ++ dh-python , ++ python3-all-dev:any , ++ libpython3-all-dev , ++ cython3:native , ++ python3-setuptools , ++ gperf ++Rules-Requires-Root: no ++Standards-Version: 3.9.7 ++Homepage: https://github.com/seccomp/libseccomp ++Vcs-Git: https://salsa.debian.org/debian/libseccomp.git ++Vcs-Browser: https://salsa.debian.org/debian/libseccomp ++ ++Package: libseccomp-dev ++Section: libdevel ++Architecture: linux-any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Depends: libseccomp2 (= ${binary:Version}), ${misc:Depends} ++Suggests: seccomp ++Description: high level interface to Linux seccomp filter (development files) ++ This library provides a high level interface to constructing, analyzing ++ and installing seccomp filters via a BPF passed to the Linux Kernel's ++ prctl() syscall. ++ . ++ This package contains the development files. ++ ++Package: libseccomp2 ++Architecture: linux-any ++Multi-Arch: same ++Pre-Depends: ${misc:Pre-Depends} ++Depends: ${shlibs:Depends}, ${misc:Depends} ++Description: high level interface to Linux seccomp filter ++ This library provides a high level interface to constructing, analyzing ++ and installing seccomp filters via a BPF passed to the Linux Kernel's ++ prctl() syscall. ++ ++Package: seccomp ++Section: utils ++Architecture: linux-any ++Depends: ${shlibs:Depends}, ${misc:Depends} ++Suggests: libseccomp-dev ++Description: helper tools for high level interface to Linux seccomp filter ++ Provides helper tools for interacting with libseccomp. Currently, only ++ a single tool exists, providing a way to easily enumerate syscalls across ++ the supported architectures. ++ ++Package: python3-seccomp ++Build-Profiles: ++Architecture: linux-any ++Multi-Arch: same ++Section: python ++Depends: ${shlibs:Depends}, ${misc:Depends}, ${python3:Depends} ++Description: high level interface to Linux seccomp filter (Python 3 bindings) ++ This library provides a high level interface to constructing, analyzing ++ and installing seccomp filters via a BPF passed to the Linux Kernel's ++ prctl() syscall. diff --cc debian/copyright index 0000000,0000000..307817f new file mode 100644 --- /dev/null +++ b/debian/copyright @@@ -1,0 -1,0 +1,39 @@@ ++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ ++Upstream-Name: libseccomp ++Source: https://sourceforge.net/projects/libseccomp/ ++ ++Files: * ++Copyright: 2012 Paul Moore ++ 2012 Ashley Lai ++ 2012 Corey Bryant ++ 2012 Eduardo Otubo ++ 2012 Eric Paris ++License: LGPL-2.1 ++ ++Files: tests/22-sim-basic_chains_array.tests ++Copyright: 2013 Vitaly Shukela ++License: LGPL-2.1 ++ ++Files: src/hash.* ++Copyright: 2006 Bob Jenkins ++License: LGPL-2.1 ++ ++Files: debian/* ++Copyright: 2012 Kees Cook ++License: LGPL-2.1 ++ ++License: LGPL-2.1 ++ This library is free software; you can redistribute it and/or modify it ++ under the terms of version 2.1 of the GNU Lesser General Public License as ++ published by the Free Software Foundation. ++ . ++ This library is distributed in the hope that it will be useful, but WITHOUT ++ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ++ FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License ++ for more details. ++ . ++ You should have received a copy of the GNU Lesser General Public License ++ along with this library; if not, see . ++ . ++ On Debian systems, the complete text of the GNU Lesser General ++ Public License can be found in "/usr/share/common-licenses/LGPL-2.1". diff --cc debian/docs index 0000000,0000000..b43bf86 new file mode 100644 --- /dev/null +++ b/debian/docs @@@ -1,0 -1,0 +1,1 @@@ ++README.md diff --cc debian/gbp.conf index 0000000,0000000..c16083c new file mode 100644 --- /dev/null +++ b/debian/gbp.conf @@@ -1,0 -1,0 +1,9 @@@ ++[DEFAULT] ++upstream-tag = upstream/%(version)s ++debian-tag = debian/%(version)s ++pristine-tar = True ++upstream-branch = upstream ++debian-branch = debian/sid ++ ++[buildpackage] ++submodules = True diff --cc debian/libseccomp-dev.install index 0000000,0000000..b973af4 new file mode 100644 --- /dev/null +++ b/debian/libseccomp-dev.install @@@ -1,0 -1,0 +1,4 @@@ ++usr/include/* ++usr/lib/*/lib*.so ++usr/lib/*/lib*.a ++usr/lib/*/pkgconfig/* diff --cc debian/libseccomp-dev.manpages index 0000000,0000000..7c72677 new file mode 100644 --- /dev/null +++ b/debian/libseccomp-dev.manpages @@@ -1,0 -1,0 +1,1 @@@ ++debian/tmp/usr/share/man/man3/* diff --cc debian/libseccomp2.install index 0000000,0000000..3ddde58 new file mode 100644 --- /dev/null +++ b/debian/libseccomp2.install @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/*/lib*.so.* diff --cc debian/libseccomp2.symbols index 0000000,0000000..0513198 new file mode 100644 --- /dev/null +++ b/debian/libseccomp2.symbols @@@ -1,0 -1,0 +1,39 @@@ ++libseccomp.so.2 libseccomp2 #MINVER# ++* Build-Depends-Package: libseccomp-dev ++ seccomp_api_get@Base 2.4.1 ++ seccomp_api_set@Base 2.4.1 ++ seccomp_attr_get@Base 0.0.0~20120605 ++ seccomp_attr_set@Base 0.0.0~20120605 ++ seccomp_export_bpf@Base 0.0.0~20120605 ++ seccomp_export_bpf_mem@Base 2.6.0 ++ seccomp_export_pfc@Base 0.0.0~20120605 ++ seccomp_init@Base 0.0.0~20120605 ++ seccomp_load@Base 0.0.0~20120605 ++ seccomp_release@Base 0.0.0~20120605 ++ seccomp_reset@Base 0.0.0~20120605 ++ seccomp_rule_add@Base 0.0.0~20120605 ++ seccomp_rule_add_exact@Base 0.0.0~20120605 ++ seccomp_syscall_priority@Base 0.0.0~20120605 ++ seccomp_syscall_resolve_name@Base 1.0.1 ++ seccomp_merge@Base 1.0.1 ++ seccomp_notify_alloc@Base 2.5.0 ++ seccomp_notify_fd@Base 2.5.0 ++ seccomp_notify_free@Base 2.5.0 ++ seccomp_notify_id_valid@Base 2.5.0 ++ seccomp_notify_receive@Base 2.5.0 ++ seccomp_notify_respond@Base 2.5.0 ++ seccomp_precompute@Base 2.6.0 ++ seccomp_arch_add@Base 1.0.1 ++ seccomp_arch_exist@Base 1.0.1 ++ seccomp_arch_remove@Base 1.0.1 ++ seccomp_arch_native@Base 2.1.0 ++ seccomp_rule_add_array@Base 2.1.0 ++ seccomp_rule_add_exact_array@Base 2.1.0 ++ seccomp_syscall_resolve_name_arch@Base 2.1.0 ++ seccomp_syscall_resolve_num_arch@Base 2.1.0 ++ seccomp_transaction_commit@Base 2.6.0 ++ seccomp_transaction_reject@Base 2.6.0 ++ seccomp_transaction_start@Base 2.6.0 ++ seccomp_arch_resolve_name@Base 2.2.1 ++ seccomp_syscall_resolve_name_rewrite@Base 2.2.1 ++ seccomp_version@Base 2.3.0 diff --cc debian/not-installed index 0000000,0000000..4f60595 new file mode 100644 --- /dev/null +++ b/debian/not-installed @@@ -1,0 -1,0 +1,3 @@@ ++usr/lib/python*/*-packages/install_files.txt ++usr/lib/python*/*-packages/seccomp-*.egg-info ++usr/lib/*/libseccomp.la diff --cc debian/patches/api_fix_seccomp_export_bpf_mem_out-of-bounds_read.patch index 0000000,0000000..cfdd691 new file mode 100644 --- /dev/null +++ b/debian/patches/api_fix_seccomp_export_bpf_mem_out-of-bounds_read.patch @@@ -1,0 -1,0 +1,34 @@@ ++From e8dbc6b555fb936bdfb8ab86f9a45fda96a8b7a2 Mon Sep 17 00:00:00 2001 ++From: Alyssa Ross ++Date: Thu, 13 Feb 2025 12:05:17 +0100 ++Subject: [PATCH] api: fix seccomp_export_bpf_mem out-of-bounds read ++ ++*len is the length of the destination buffer, but program->blks is ++probably not anywhere near that long. It's already been checked above ++that BPF_PGM_SIZE(program) is less than or equal to *len, so that's ++the correct value to use here to avoid either reading or writing too ++much. ++ ++I noticed this because tests/11-basic-basic_errors started failing on ++musl after e797591 ("all: add seccomp_precompute() functionality"). ++ ++Signed-off-by: Alyssa Ross ++Acked-by: Tom Hromatka ++Signed-off-by: Paul Moore ++--- ++ src/api.c | 2 +- ++ 1 file changed, 1 insertion(+), 1 deletion(-) ++ ++diff --git a/src/api.c b/src/api.c ++index adccef32..65a277a4 100644 ++--- a/src/api.c +++++ b/src/api.c ++@@ -786,7 +786,7 @@ API int seccomp_export_bpf_mem(const scmp_filter_ctx ctx, void *buf, ++ if (BPF_PGM_SIZE(program) > *len) ++ rc = _rc_filter(-ERANGE); ++ else ++- memcpy(buf, program->blks, *len); +++ memcpy(buf, program->blks, BPF_PGM_SIZE(program)); ++ } ++ *len = BPF_PGM_SIZE(program); ++ diff --cc debian/patches/hash_fix_strict_aliasing_UB_in_MurMur_hash_implementation.patch index 0000000,0000000..2286009 new file mode 100644 --- /dev/null +++ b/debian/patches/hash_fix_strict_aliasing_UB_in_MurMur_hash_implementation.patch @@@ -1,0 -1,0 +1,90 @@@ ++From 614530bc8b3c9f49aa59d7eaef4863b746504c23 Mon Sep 17 00:00:00 2001 ++From: Romain Geissler ++Date: Tue, 18 Feb 2025 22:29:05 +0000 ++Subject: [PATCH] hash: fix strict aliasing UB in MurMur hash implementation ++ ++This was spotted when trying to upgrade the libseccomp fedora package to ++version 2.6.0 in fedora rawhide. It comes with gcc 15 and LTO enabled by ++default. When running the test 61-sim-transactions we get plenty of such ++errors in valgrind: ++ ++==265507== Use of uninitialised value of size 8 ++==265507== at 0x4096AD: _hsh_add (gen_bpf.c:599) ++==265507== by 0x40A557: UnknownInlinedFun (gen_bpf.c:2016) ++==265507== by 0x40A557: gen_bpf_generate (gen_bpf.c:2341) ++==265507== by 0x400CDE: UnknownInlinedFun (db.c:2685) ++==265507== by 0x400CDE: UnknownInlinedFun (db.c:2682) ++==265507== by 0x400CDE: UnknownInlinedFun (api.c:756) ++==265507== by 0x400CDE: UnknownInlinedFun (util.c:162) ++==265507== by 0x400CDE: UnknownInlinedFun (util.c:153) ++==265507== by 0x400CDE: main (61-sim-transactions.c:128) ++==265507== Uninitialised value was created by a stack allocation ++==265507== at 0x409590: _hsh_add (gen_bpf.c:573) ++ ++Investigating this a bit, it seems that because of LTO the MurMur hash ++implementation is being inlined in _hsh_add. The two buffers data and ++blocks to point at the same underlying data, but via incompatible type, ++which is a strict aliasing violation. Instead, remove the getblock32 ++function and inline the copy with memcpy. ++ ++This is reproducible on a "fedora:rawhide" container (gcc 15) and using: ++export CFLAGS='-O2 -flto=auto -ffat-lto-objects -g' ++ ++Signed-off-by: Romain Geissler ++Reviewed-by: Sam James ++Acked-by: Tom Hromatka ++[PM: subject line tweak] ++Signed-off-by: Paul Moore ++--- ++ src/hash.c | 12 +++--------- ++ 1 file changed, 3 insertions(+), 9 deletions(-) ++ ++diff --git a/src/hash.c b/src/hash.c ++index 4435900f..01ff9399 100644 ++--- a/src/hash.c +++++ b/src/hash.c ++@@ -12,15 +12,11 @@ ++ */ ++ ++ #include +++#include ++ #include ++ ++ #include "hash.h" ++ ++-static inline uint32_t getblock32(const uint32_t *p, int i) ++-{ ++- return p[i]; ++-} ++- ++ static inline uint32_t rotl32(uint32_t x, int8_t r) ++ { ++ return (x << r) | (x >> (32 - r)); ++@@ -41,7 +37,6 @@ static inline uint32_t fmix32(uint32_t h) ++ uint32_t hash(const void *key, size_t length) ++ { ++ const uint8_t *data = (const uint8_t *)key; ++- const uint32_t *blocks; ++ const uint8_t *tail; ++ const int nblocks = length / 4; ++ const uint32_t c1 = 0xcc9e2d51; ++@@ -54,9 +49,8 @@ uint32_t hash(const void *key, size_t length) ++ uint32_t h1 = 0; ++ ++ /* body */ ++- blocks = (const uint32_t *)(data + nblocks * 4); ++ for(i = -nblocks; i; i++) { ++- k1 = getblock32(blocks, i); +++ memcpy(&k1, data + (nblocks + i) * sizeof(uint32_t), sizeof(uint32_t)); ++ ++ k1 *= c1; ++ k1 = rotl32(k1, 15); ++@@ -68,7 +62,7 @@ uint32_t hash(const void *key, size_t length) ++ } ++ ++ /* tail */ ++- tail = (const uint8_t *)(data + nblocks * 4); +++ tail = data + nblocks * sizeof(uint32_t); ++ switch(length & 3) { ++ case 3: ++ k2 ^= tail[2] << 16; diff --cc debian/patches/python_single_version_externally_managed.patch index 0000000,0000000..5e8be5b new file mode 100644 --- /dev/null +++ b/debian/patches/python_single_version_externally_managed.patch @@@ -1,0 -1,0 +1,14 @@@ ++Fix building with setuptools instead of distutils. ++ ++--- libseccomp-2.5.4.orig/src/python/Makefile.am +++++ libseccomp-2.5.4/src/python/Makefile.am ++@@ -40,7 +40,8 @@ build: ../libseccomp.la libseccomp.pxd s ++ ++ install-exec-local: build ++ ${PY_INSTALL} --install-lib=${DESTDIR}/${pyexecdir} \ ++- --record=${DESTDIR}/${pyexecdir}/install_files.txt +++ --record=${DESTDIR}/${pyexecdir}/install_files.txt \ +++ --single-version-externally-managed ++ ++ uninstall-local: ++ cat ${DESTDIR}/${pyexecdir}/install_files.txt | xargs ${RM} -f diff --cc debian/patches/series index 0000000,0000000..47c6a6b new file mode 100644 --- /dev/null +++ b/debian/patches/series @@@ -1,0 -1,0 +1,4 @@@ ++python_single_version_externally_managed.patch ++tests_remove_the_fuzzer_from_test_62-sim-arch_transactions.patch ++api_fix_seccomp_export_bpf_mem_out-of-bounds_read.patch ++hash_fix_strict_aliasing_UB_in_MurMur_hash_implementation.patch diff --cc debian/patches/tests_remove_the_fuzzer_from_test_62-sim-arch_transactions.patch index 0000000,0000000..1d7c8be new file mode 100644 --- /dev/null +++ b/debian/patches/tests_remove_the_fuzzer_from_test_62-sim-arch_transactions.patch @@@ -1,0 -1,0 +1,34 @@@ ++From 2f0f3b0e9121720108431c5d054164016f476230 Mon Sep 17 00:00:00 2001 ++From: Paul Moore ++Date: Sat, 25 Jan 2025 11:12:55 -0500 ++Subject: [PATCH] tests: remove the fuzzer from test 62-sim-arch_transactions ++ ++We can't reliably run the bpf-sim-fuzz tests on tests which manipulate ++the filters arch/ABIs unless the filter is safe to run on all arch/ABIs, ++which is more or less impossible. Remove the bpf-sim-fuzz test section ++in test #62 to work around this, just as we do with the other similar ++tests. ++ ++Signed-off-by: Paul Moore ++Signed-off-by: Tom Hromatka ++(cherry picked from commit 7db46d72f13c172b290818f624c2966bd0db5677) ++--- ++ tests/62-sim-arch_transactions.tests | 5 ----- ++ 1 file changed, 5 deletions(-) ++ ++diff --git a/tests/62-sim-arch_transactions.tests b/tests/62-sim-arch_transactions.tests ++index 4b23213e..aac6db24 100644 ++--- a/tests/62-sim-arch_transactions.tests +++++ b/tests/62-sim-arch_transactions.tests ++@@ -14,11 +14,6 @@ test type: bpf-sim ++ 62-sim-arch_transactions +x86_64 open N N N N N N KILL ++ 62-sim-arch_transactions +x86_64 close N N N N N N ALLOW ++ ++-test type: bpf-sim-fuzz ++- ++-# Testname StressCount ++-62-sim-arch_transactions 5 ++- ++ test type: bpf-valgrind ++ ++ # Testname diff --cc debian/python-seccomp.install index 0000000,0000000..a71458d new file mode 100644 --- /dev/null +++ b/debian/python-seccomp.install @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/python2.*/dist-packages/seccomp.so diff --cc debian/python3-seccomp.install index 0000000,0000000..97a45dc new file mode 100644 --- /dev/null +++ b/debian/python3-seccomp.install @@@ -1,0 -1,0 +1,1 @@@ ++usr/lib/python3.*/site-packages/seccomp.cpython-*.so diff --cc debian/rules index 0000000,0000000..5a3a332 new file mode 100755 --- /dev/null +++ b/debian/rules @@@ -1,0 -1,0 +1,40 @@@ ++#!/usr/bin/make -f ++# -*- makefile -*- ++ ++# Uncomment this to turn on verbose mode. ++#export DH_VERBOSE=1 ++ ++# Enable verbose build details. ++export V=1 ++ ++include /usr/share/dpkg/architecture.mk ++include /usr/share/dpkg/buildopts.mk ++ ++export LIBSECCOMP_TSTCFG_JOBS=$(DEB_BUILD_OPTION_PARALLEL) ++ ++%: ++ifeq ($(filter nopython,$(DEB_BUILD_PROFILES)),) ++ dh $@ --with python3 ++else ++ dh $@ ++endif ++ ++ifeq ($(filter nopython,$(DEB_BUILD_PROFILES)),) ++ ++override_dh_auto_install: ++ dh_auto_install ++ for pyver in `py3versions -s`; do \ ++ set -e; \ ++ if python3 -c "pyver=tuple(map(int, '$$pyver'[6:].split('.'))); exit(0 if pyver >= (3,8) else 1)"; then \ ++ export _PYTHON_SYSCONFIGDATA_NAME='_sysconfigdata__${DEB_HOST_ARCH_OS}_${DEB_HOST_MULTIARCH}'; \ ++ else \ ++ export _PYTHON_SYSCONFIGDATA_NAME='_sysconfigdata_m_${DEB_HOST_ARCH_OS}_${DEB_HOST_MULTIARCH}'; \ ++ fi; \ ++ dh_auto_configure -- --enable-python PYTHON=$$pyver; \ ++ dh_auto_install --sourcedirectory=src/python -- PYTHON=$$pyver; \ ++ done ++endif ++ ++override_dh_auto_clean: ++ dh_auto_clean ++ rm -f regression.out diff --cc debian/salsa-ci.yml index 0000000,0000000..3fa15ad new file mode 100644 --- /dev/null +++ b/debian/salsa-ci.yml @@@ -1,0 -1,0 +1,14 @@@ ++include: ++ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml ++ ++variables: ++ SALSA_CI_ENABLE_BUILD_PACKAGE_PROFILES: 1 ++ # job doesn't seem to be stable ++ SALSA_CI_DISABLE_CROSSBUILD_ARM64: 1 ++ ++test-build-profiles: ++ extends: .test-build-package-profiles ++ parallel: ++ matrix: ++ - BUILD_PROFILES: nocheck ++ - BUILD_PROFILES: nopython diff --cc debian/seccomp.install index 0000000,0000000..1df36c6 new file mode 100644 --- /dev/null +++ b/debian/seccomp.install @@@ -1,0 -1,0 +1,1 @@@ ++usr/bin/* diff --cc debian/seccomp.manpages index 0000000,0000000..5ea05fe new file mode 100644 --- /dev/null +++ b/debian/seccomp.manpages @@@ -1,0 -1,0 +1,1 @@@ ++debian/tmp/usr/share/man/man1/* diff --cc debian/source/format index 0000000,0000000..163aaf8 new file mode 100644 --- /dev/null +++ b/debian/source/format @@@ -1,0 -1,0 +1,1 @@@ ++3.0 (quilt) diff --cc debian/tests/common index 0000000,0000000..f9aa3c2 new file mode 100644 --- /dev/null +++ b/debian/tests/common @@@ -1,0 -1,0 +1,15 @@@ ++SRCDIR="$(pwd)" ++ ++mkdir "$AUTOPKGTEST_TMP/tests" "$AUTOPKGTEST_TMP/tools" ++cp -a tests/. "$AUTOPKGTEST_TMP/tests/" ++ ++cd "$AUTOPKGTEST_TMP/tests" ++ ++# build tools needed for tests ++for tool in scmp_api_level scmp_arch_detect scmp_sys_resolver; do ++ echo "Building $tool ..." ++ gcc -O2 -g "$SRCDIR/tools/$tool.c" "$SRCDIR/tools/util.c" -lseccomp -o ../tools/$tool ++done ++ ++LIBSECCOMP_TSTCFG_JOBS="$(echo "$DEB_BUILD_OPTIONS" | sed -n -e "s/^.*parallel=\([0-9]\+\).*$/\1/p")" ++export LIBSECCOMP_TSTCFG_JOBS diff --cc debian/tests/control index 0000000,0000000..3d2c4ba new file mode 100644 --- /dev/null +++ b/debian/tests/control @@@ -1,0 -1,0 +1,7 @@@ ++Tests: testsuite-live ++Depends: libseccomp-dev, build-essential ++Restrictions: isolation-machine ++ ++Tests: testsuite-live-python3 ++Depends: libseccomp-dev, build-essential, python3-seccomp ++Restrictions: isolation-machine, allow-stderr diff --cc debian/tests/testsuite-live index 0000000,0000000..bbf20d0 new file mode 100644 --- /dev/null +++ b/debian/tests/testsuite-live @@@ -1,0 -1,0 +1,17 @@@ ++#!/bin/sh ++ ++set -eu ++ ++. debian/tests/common ++ ++# manually build necessary files against the installed libseccomp ++ ++# build live tests ++for filename in *-live-*.tests; do ++ testname=$(echo "$filename" | cut -f 1 -d '.') ++ echo "Building $testname ..." ++ gcc -O2 -g "${testname}.c" util.c -pthread -lseccomp -o "$testname" ++done ++ ++echo "Running test suite ..." ++./regression -T live diff --cc debian/tests/testsuite-live-python3 index 0000000,0000000..f4fb094 new file mode 100644 --- /dev/null +++ b/debian/tests/testsuite-live-python3 @@@ -1,0 -1,0 +1,13 @@@ ++#!/bin/sh ++ ++set -eu ++ ++. debian/tests/common ++ ++# make sure "python" points to python3 as this is not configurable ++# in the regression script ++mkdir python3env ++ln -s /usr/bin/python3 python3env/python ++ ++echo "Running test suite ..." ++PATH="$(pwd)/python3env:$PATH" ./regression -T live -m python diff --cc debian/upstream/metadata index 0000000,0000000..0fef70b new file mode 100644 --- /dev/null +++ b/debian/upstream/metadata @@@ -1,0 -1,0 +1,4 @@@ ++Bug-Database: https://github.com/seccomp/libseccomp/issues ++Bug-Submit: https://github.com/seccomp/libseccomp/issues/new ++Repository: https://github.com/seccomp/libseccomp.git ++Repository-Browse: https://github.com/seccomp/libseccomp diff --cc debian/upstream/signing-key.asc index 0000000,0000000..6d34c5a new file mode 100644 --- /dev/null +++ b/debian/upstream/signing-key.asc @@@ -1,0 -1,0 +1,215 @@@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++ ++mQINBE6TSxkBEACy+4BPGoI7vphGh/q5WET0lmU7LcDwuNs/satPRH/vPoSYLxYU ++FmZ64A2zA4/imlohR+9VMfEVgOX6f23vZWheC2Z12bCtK0/cGLfoGMddFi7mg6aV ++hJeAegYkC6hDAYI+Mc/mt0fYvDB+bSPUCUdnB/NegbWegJMJur2pc0/nQqeeoRdp ++sazOyBEs4ipP1p05DZA/MifGNRASMHJg2bYG2FyC48Vx/xl0B+oactTwPODJlkQS ++n6+yYTcvYh7wIbbainEi0jBnyRj6bi6jODPTjArW2YRzEmPEkqbBsfA/HYEpH4DR ++IyZIJzqkP/+P+F+BVBjPVz4r6CWvCjnTMTlROfaUqIvfmpdKKtBDVN0Cjn6GVYae ++t9yoJM5bcJK+KEp5aNmW3U7vDMG2XEttw4vdfIFc9ZEWnu2kyiltQw9cUk3ucsIH ++79M4o24oVu2+J/z4QNGbRHdbxbO6c9R+IxAfiF/FAz5OhQfRHrDayfQV457cE/Ga ++ZhE1AeT7EdnXFF3G1RhTTE2lomQ1TfBSK6CyIyabU7I0R2Gh0aITpAE0fP4heZNZ ++zA8vPggdtRzgKgu4tC2is2Dg3NQnPc+k4mnU07LwmJuxCluN7pNhhlhtJkNWnA+a ++C2sV8zIicH7SAwmGoeMkp1kluxcdp/jGKsdRIfIDnVax4/t6VPL2+lKQzwARAQAB ++tCBQYXVsIE1vb3JlIDxwYXVsQHBhdWwtbW9vcmUuY29tPokCOgQTAQIAJQIbAwYL ++CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk6TS8ACGQEACgkQVeRaWujKfIrtrg/2 ++Kr2XYWu6jYDX2PSWeLQ/5P/VgGzjZI+AKaj5JyEID/5J31yvSKICjK3FWl+lHRo/ ++LQzQx8f6gQ9FEBeDTndpa1t23XQGmBgEDAev6FHX3jmheFTkJJ+dEYpcgX7R+jTj ++mrRYjAFu1Jo2fIblBTvECwlKLxDvSzAvp5giHYj8TDWcYPlZcDqfq9Aq5p7UjkRY ++vAAUlkwSxPE28zcWPwgQuikcyVw/ObPpNWon+0TfruzindsyKnMss7mEpxUMhRHA ++WM8KACBUmScP2TC95xKzm+KtlT6E/pdPXItPXiFg5sg8Vf5Rco8j16+bDzviiAC2 ++1Mp69wtnV8Mdsl1jiL65wotclG+SMcgUmyqD3rgBW3jSedDFFu6CHQyGFuthVj25 ++eNUSXjhVOMCWQSxOgv4uN1jgk89paHJuBqHwKfk55ezQJFB1UlkJqH7LNJ2uVd0G ++o5PTE2mBbkBQ4bvSyfhlOUYbcjNUlZOZSHsaQPVXDUXCW90LjH4azg8jek7Yinyg ++vZBpxQurRj7honmoqqyBfvOweA8wDdjIYURFrA4kwYwN8d+xdIDv5Pu58U/ruus+ ++y59MebQDhMr1BaM26QhgPZ6Ur/vHvTkW6bFo+Q0Rg9/abO67O00OZX/+oakt1BZ3 ++Tb30L6nGu7ZosTXos+s9Leter/wcOk49JNd5q4WnZbQeUGF1bCBNb29yZSA8cG1v ++b3JlQHJlZGhhdC5jb20+iQI2BDABCAAgFiEEcQCq365ubpQNLgrWVeRaWujKfIoF ++AmGcAXsCHSAACgkQVeRaWujKfIrrkQ/+KJC70BuhVTvKsbgpvKm97ANaySDzYaSZ ++vWxY+Wq7nf2CxV3Ru+/33bgnR5jzfO6Dao8RYuvE9bEZrnvb7Pjh+/9WkM+4jItQ ++0mbRfc/ol3VKTtHE5CcCemH7IoA4BErvkaKtePFUzCCeIufrbJlxjdBirN8ck3qh +++cq5LZJNXRYthh6UsEOYiR0S0Hb5CYrGCKAKngZrsjmoQr1m1pPEM5ZdoLHn5vD9 ++1gKVPcqVEsJsL09Pmc7q+3zYuGA5kD89b3rHJS5iamr7m14fXbsVJb0e5F3ybBb1 ++eSIr+CMG4HByruajAxPFLokA0Gpz5UcttqjLd2VOz07mMq3HJ3qS+Gm5LbXkBOy6 ++myMqa5YQ6WWbDlV8Yikr5Jzyod9lsELp4s4ury3h3X5bsBp2F87ew9ptVIcygm+I ++BNoD3SGKePmxAOvB5YPRfIgkpyqLWNU/rMYNlDK+V0Pf9wNE9uss3zeG6EHnBshT ++LIJwuwhVIFaVg+GuBxpxV5UbgXPl2XEQ12tasp3ye+Ifa5EHLNRmYK4kw/8ZuEoX ++Eawf+IbL5lLaJaKHofVTwzbx8CVU3SHCy1eFBxzBmFwB0YEnWflWZB1ys4Ss6g3m ++fUa8VnPhZDQ+G1j4o68YJzuXVjl+LYQ4dBYtxZGIwBBrVfMgvna3U55Zi25kMoQW ++L0qsI7Zl8wy0HlBhdWwgTW9vcmUgPHBjbW9vcmVAdW1pY2guZWR1PokCOAQTAQIA ++IgUCTpNLgwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQVeRaWujKfIqz ++kw/+K3xOpXohVdmH1fqKgltyE1yh9P4vvj4GMdenOZ2V/RrC60Ksp1lNbPnMLgDt ++eudqbks2D2NpmvjihQ6GfAgrCbXHGbYoEgaTLucoyKdR+xKViV8nJtImNYDeG/d0 ++ojgWl3vGzLXkINyZ8APk19B5bsoPkjRTz3Mqx0XIYJlXTfFZuu8Y+K2dw8H5KJ+O ++nb2VaYbA7Bjm01yDsy9vLm+LpmK3rzpDjCNjOaCgIMoqCTpBKj9UCpcmfw9G225k ++CsN9yStov6EtezHHVbTNopWL2p7JHef/758PE9xzmtAix31NmPueiOP/moaOgsI/ ++AUNlpH3u7wy/v3n4hOswItE9gB3wMT3h7eyNkrxH6EK0PRen0qBo1ah+cDhwgdDJ ++ZoojmKzg1pP1jrfxZ7lGRNpisULR3FKCJ6SacHSmiANTr2yYU1rbqvQJfzlxB/hg ++phRFzXGduZILKH6C8gddVIaCWYZeAonjfqpQEUKrb8GV5wtmb8uTS9DI90KvTxnM ++9zsBR9zWEB74+JntEOSEnNBpQ3e5+O9zJ4wYehR6No7cb04MT/JVnpiLwdA83sga ++bJ6HvfFqpy/k+lKt+kr7KNHXdYZ2Lo9EvUgF+96tzV9e3FcHLAWFXij8lq2PpetL ++uGxTkQnjcCcj0Kpr7wUGMsiurN8AoeeDepgoDdHfjr4vSk+5Ag0ETpNLGQEQAO5S ++BPx8kOaU0mmx9DiSmu/JjSXJEPtjbBMFKRI+OfQmubNw7yQk+2QTlEGi+XLZJSoI ++wciPtwUiE/dLMIpur3TGMUq0uyKUNe8296XVeR+SxUEgr0tQ3eOumplhVgsm+mVp ++d4O5Jn+cRBCKG/TyzJQnt+4LCF6fTNIW0SDlSEnqgolqeR5HDF8DBHeVx8Rjeggo ++BvOr88RDpyyqDHV0CMZHpwOIIJOXAgaGHdBTFER+dxM54bnHkt3rjUs7u9fh90iY ++yHYyI2EA4aRxeoF6CPrvDUlrGfXRJ/7PvXv7j9nGLwD5kdNWu90MlSGUtt3qPa5j ++KpTyTYyW8m0PNbmh8UKgOZYwu1lqmJe7YmvkEimDBMjJB706pzz4Sb4IbEKCTmnj ++eo/6iEFiJeX0BBDS0c5HBjukixAzisxIAAWUsD/Vn3+O48sw+CVW+9agKSOtJt0x ++gfNvbwWrxSJBzc4b6/dZvugH3lL2ZVpRZgt7+AbKh/90s8MEFNvHMcud2vxAzsJt ++jAyS+MJFSztmIdgmf+MdO1WbY5hphusMlTqvvRkN3J0zxIMp32WLHT2ppf0SZpGw ++gJg2x28leDYU9UQoPNN7YWWV/B8yXDNp8sLrRpc4tMcb+t7T+PLX0wFemo6skOY3 ++kRigqv86TBPRoa/6B+NeDZRnKJmFNFEORY6XZPHjABEBAAGJAjYEKAEIACAWIQRx ++AKrfrm5ulA0uCtZV5Fpa6Mp8igUCW8Sp1gIdAQAKCRBV5Fpa6Mp8ihk+D/41514Q ++flRJK/jS/OjLLA1PkvRs/pAmBDksRTxb4caZpMfkPWNkl7oGk4afYfSCFB+pYbQG ++XmIpsxguuzm2YfhL9EiHzduMb2dpz8yy49aWsv9n/zkNIOy2pQu0qWhf+5yK8a2E ++j9y8r90AMP2Qnj/PlNAgldDcNia8XJOtcklzkVvXYshik7MzcM1kDj1ATi5TMNgc ++Y7nUFtA48vJmKKsgclGBFrW3BoCdzEj8xNEYFjy4Fbo3cw7pxg3iXfUgXiNttCC8 ++QB4gfeiWWMZpFaM+Lawez8MgN6ZYNfQl48GeSXnYimaL9NiRtGhjaS9uu/GMCQBg ++wizDYQYvYA6sd13+q786ivwr0d8ULOv2wI4gAhR0lI79aEPqe+csrdHJVayTmgd5 ++IegyAq/nWWLgbzxm5bNMjE7xLwkca49K5qXfcLSNmU7zempPfuXPWSOzfrUCmET6 ++J361YoFUflYKFktFDIeSEHnZHHzDtb19kuYv5pprQz0/Gk8nmqy/2aUaG2vFL7k4 ++v45LBk5EfUMCsQUHgViMuMaSrXXbadvUSRQBZpt7r7B0xn0SJtKABp20oAKKEEqm ++Yr/W0L48z9JmlnOwPbjSLKSo+AmhIw7bajMzxruRsqZTAxp5hLpXV21Icgi5UV81 ++apsbhOOqtBtr5fqsIsMKGA2rjaMry7xytADmW4kCHwQYAQIACQUCTpNLGQIbDAAK ++CRBV5Fpa6Mp8iqQaD/9L2zMdzYznSOnApTz1SHhpgbi8RKaKy88jWTz0AxZGrYF6 ++cKv8BH2fFgA7phlONcWhUvWpEEpP208EY52c811lohRocNhSlXgWXHYCiG2vydsQ ++e9HEdBB6bUOO0z8g2DPcoBtUGWe1gDZddRW2VbqN2ts8Wxebog2YY3tvJ0ocMo15 ++0t5c0koldlStav/zM2eipz+zTjfsN4Xy04q/WQ63FIbub5o5jcUJj1o177I1VtA8 ++eEumsfnMMRgQBfz0t2bEIc/ZmrsuR+j/H4WlBAuIarNjWtIylH/eVJhxFtXGnCI5 ++mO1gN90QG6IpwszcwEPJf3gU7dO8r+HXeTBifLYB/JnzGWixPaekDgCrNOZXz+48 ++KEJEoVXUxsnqa8PRIUO5OtVRq3mk2uwcIHqPEBLb0yB6GRQjb9jQqBdRPun2Favj ++xWRuTZBGS1RItLW8bmAJz1d/ySWizRqnoz8U0s9SyGGHx5OsyJJuFO6FFr31m7WZ ++G5LPfQJUNiyR2y9ZrjdPbwXmchywhTLqyTb5N6j5RfAdn74H379tilUhH5c7ieVL ++t/RLTtWXEnkZzsO7LvP/3X0jHt3eZD2WzvVg4llZFvnuie8C0/yCTwhc2xMJOLd2 ++WpH6ZKHNbRqv1a2xg8K2KGdhlZrRo/AYbX/FjZ/k9klZwEjFsefd0Ff4mojoNrkC ++DQRbxKZ9ARAAqZyNg+6knihhIoR7SL22QITesd85JBC2iwdvjJoVmQHU5s3xZiVN ++vA1zS7gqscsuxsQE2gXT0eYD8quC5AP8ak6guZyvc02asbasIfcUxQnIVIZnQr6E ++pBct0dXGZYny1Wq7biAR0F3fV32JCTKKeMIbGz3G8wyfSWFKh6bqsrDQAIR4Hryi ++M2fdwe51uSSAR39f4lTEpwu/pd4EizINJ/tFGpRokEqYM1Ep8n4J6CYwW28kEyTK ++zoRkiR74ns3Ak9zjnLZ59I+SNA7lNSESeYfjGeDaYFdmMhwk13RxPcdQxhPVrhMb ++mxY4gLybYHGJMHH6sqqW3CtiCAljlL/lyW6wKZtD3WnJcl26yWUWdPEATlvXGfLZ ++65L2+D7ZLYoIh808vS3p6Fj+5Ul1Xq6I7t/oPooJGmvWW4FZBzpA0a647SYTZd8j ++xGitEaZS6Seif8rBr47hvW/6VgLF6bbH0jeEwgiiAKjoOP0SDYsjOWM8yCKi3L8A ++c5vGsBaaDLHsYQQVCS3QQtxdrOdwGSVJB/jWCf5WYJwwPfxFWDwDhgl7ebvzrWcg ++sic8mA+n2bS7IUIkUXQzJHgmflvPPh5oMQNwpOr30jyD8lVBmEGKkRM2anwVVRbg ++Dbn66/nQWGMRNEetc2DCXVy/H7DbIR0eZpXB4OBDg3Z4TnkUniLkvrkAEQEAAYkC ++NgQYAQgAIBYhBHEAqt+ubm6UDS4K1lXkWlroynyKBQJbxKZ9AhsMAAoJEFXkWlro ++ynyKriEQAK00HLBi/+U8Pi+INDsVHh9fxO00OeFK6U/X+D4z49Ej2Xr6s7Ff27kX ++pq+m6qTceWjLy4aHqAKHauGtBpgvgV/bnHxihC2r4EXkFqcgJRRaKfPzAm6J6qvt ++Oz3TvumSYn39FSDBhQHVjmm80PVTJGEOImxfnrU44FjaSdFIhYVDa4nPnk9NLRzM ++xKtlnYG50v28ADbBBe5CAN5JRe5ZGBuTBTeYE21rLB3mr31J93KEfQCVapsfpmyX ++VIjMYjK80TkXqVDtc7PFycyzJDm+YdghJZNbptC3xiPU/0Wd58j+br98VOWhv0ad ++qML+BLL44aQE7fr6Lat4mZNoZMMpmJjGyqWevdLDU+7U2EuROnV9POTUZhEKcv1P ++oF/1ea7FlCz5kNlCRKCIs8ka4cavzu92Yp2qZA2VTvg3njwa3Vw8AzipYQ0NlXTK ++f7i2zoPB8bNjfga55+U7OhQA3j/edRfVcU2kVq6aTrfXkUIMWrGBPYRMxUutXlmN ++6h31k+fT58fij5rkevUqGwaxuWO6mL5UMR0FLIlYUZTww5TrmZNJ2yu0EeP2l+wM ++Dcadm8qO3HbgjnnLPrkrAHFoAPijIn/Mhsx8csB5t+HU5+yWNDKKndN59PVGONyy ++EjQtWrXf6tAU4ozKc66FPuIt6Jni90khyUQSSUjMUsVOUl1fwwTGuQINBFvEprEB ++EADkKGgC+C0itckM2yCYOIaI4ifojiDIc9gRvc1TadgieL3sn44B9HlG0q/JFw9T ++gZHcPYSbskFyLuIQEb5IeNR9TfQUw0TF7eVc3omVEAUtJiZU0OhCa1+s/mOPe9Ds ++D1x2E2RuxHAbU662PbPgZtCZwUK+ZWeE3aBloPLEMRmSGO/c1GGI5Xup2gWUNEBV ++E4H8im8eJ/IM16iGW6Y/0q2xnLRb3t+hw/mFcJpHIyCbsSgSjHFX00UNQBtT1aqC ++Mlf4E3Jj21TCnAvC/UtIsZFq6plYZDSRG5c5ExITdFheV482rG8QpFBnCduAnaDO ++edeS6Qimqjk0srqL9mgyXxqzaF4tC06PdzPsWgaui4v5FVG/UuymNQkg+27rsPQg ++K4gFSWQWArrwcqePbQcGFklYZ9hlEYe5nsfdTbCdh+zr3i8oGBB0r0/ktgEQNZb6 ++SwxBvC7yLiqPEK8JgpBOQDuFlOnOtoJ62o1sEw1NEd/L1zmw9HaroLob1ci1ojhF ++VmnFFF30zeoQi6KlJTgIoyoEph1YYyLNp54CnUfzyzkIlYyqTMcQ6MkrTCZH4JIS ++/L/Q/1QVN/fEMATgR1xQ6LymS4Tc99ilNzGtqRPkRmWAREHggFgSudTDXXKbHUNK ++dujt9x+jafhlkR0sK7bztNBytFneHjpjuS2NgIklHStDVwARAQABiQRsBBgBCAAg ++FiEEcQCq365ubpQNLgrWVeRaWujKfIoFAlvEprECGwICQAkQVeRaWujKfIrBdCAE ++GQEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCW8SmsQAKCRDqIPLalzeJc9H5 ++EACCxvzjdeuxKiatlTTAg/3uEruTOf0c3KLBJPtMcZh8ozk5/9+kxvbp3jUq/iGj ++XUnh/dui2laXGrkhXQim3oCo851E7ZjH3SUF/ok3XzuyU0nWQAhR0FEr2uEbOt91 ++TE58oSXUXq8axrzQC9GgMg3Uxua3PwkkI4+vNwCRivU+4mbm4JASlqGGPI7SYp7E ++rnj6foBXrSIQkMhtp0quMqyIF23epf5CXbKqusRM+NpmxiX9rj0PwRGw/4M1o5vL ++EVACfdbtJR6s9yo0ODM3bFPjJv54GXcl1s8JXwtuEGxwK/XJ1sGb7S3b6Nhu84oD ++F+z8jMHxKuZe4t4BUtDJ8ty7bxqh9QEv2CXMw3sqJw7UdoAKbWJcgRzgX7XY+4Va ++GUtEDTbLNgdJMB6klji7X4DB1ogVxavG7p7cFhltq1F7O+4LymBvUwdWtDWKdR79 ++hTjlAlmPac7P1gTpFtLORDomrcaA3wBSKCh+xZag3+wp69yKWikurVwx/uwd+UAa ++bWIDCGON7/hoaiBBC5GmKMN1Z503G0BYtFXwcYfxoMocnYRcmlLOXY5JQmdPdZ0U ++WHg0slIQdZ5a+xZ7iyvdf65umCPiFpsNo92erq5Zw+kzWDxX3mc1w6CYLZUbHBxU ++C9vxwiIgnDm1RXfB2wrx5jaTHUcSHfKqIDq/8uS7thWL80cxD/wPDTasKo+811pO ++cOpY+LVZO/egeIDzWdDVCF2HlKGxLbrj464eEkElTpbrwAwlef/Krj+H3cP4jbZm ++qE6mKpoaRwKxYD/YIx0O7y9/nhwkCKldIXYbC5tLfKJeQKz9wYDbX0t0XEH95EPW ++kHSGLHM+Yk7wqXJ3FazFw8c98Du2CspczRw1Be26NRTHPRz3nXCm8xvwURZ6cGDZ ++/MNuMZa/fqNWBM8IHOPDe3Y3ALGJeygiCqvNr1q23njzRywOMqNK3aktUT+4yJTp ++TFn8RfiBjg5MAn4rjFlaN+YebjD7ngNMchHxqG19TrSuqZHhatW9ZjWAla/vuHlm ++iY+uHL94o8f7APjYudaQ9XR68FEbl+RSIsUSZtGsMKCYMW7Fy8ueDxlYGrTaGtVs ++eJZ7f+hwN9jLTOyJtDTCxgLdvfBg/wCK92wJ26L3rzU42scKTvCpTDS4QDamLRox ++ZYbnBn0I1TsTlNHN0C9cASebNGzZbc+QvC6gkaaoyXON79wn0PyGc6mfoOdcCVlo ++DfcAI+tnaA+MeiZVYNewGZulkaBkI7Jcg1LgRN2bWXdl16XOz/625n2UAnK9VtYf ++JqAZJ21Nnjo4v3FC4BjN2PFuVd0cDYA+yBRwyq9SNfT8gRDK/kJPilR6bMNPUsTr ++aiR3Y7Ssczq4C9Kxvp9FWMenZdi7eLkCDQRe7MkJARAAu1wXmuFM4hRX3Wuj7qDA ++cqX/z0WFZ6j17LsnoX6ZC4qE88QUYuUwNfuSbXjzB/EqCeBcvnF9hbU9wjmJUFzx ++6DBalGWoZus27FdLE491l7S9nFWfQzqGs6wAIac+UkHTEeMwVhFMREMfHyakUWAG ++TRLyKMeLtj2I/7Uemm3yzWa0nYP0YpH9CVS+hCmL7FOlUI+OYTzSjMl5khlXPoGe ++eno2XUmxCFTAtpWI/Bsh1Mjeu7ArFY8194X/NtCK7mAlxc2Wd4L57yDKaaAdvyVJ ++T2E3feQoi00rRskV2Vh1g0ss3fRdlpsJzLFnyGwdoGiFqQvby96l+7vC8hwu7jZc ++q/5B1PWqohKqKy85/3oCGSO7SFRJiZsmTjitT3N8hcDLEF7f5gaJdNoTTJ29g4mh ++tn/v4oVPiXn2hon3GkbEt6OdEDmsGiaOYzKYhlR8eQk22e4CzoaRwHVgUmTxtgcp ++QJX8hOhag+Ty6kFfZz6lE7xhCHdbNdsbv9bRCsFNwm5Sqf0F/Ud6/G/bXGi/tT03 ++RukzL6mJCFygkjWmrz7rvq0pxNl8LlA2Yf9CBQWPzGeaz9qX3eAEBldBrYBwE7hk ++6kHWAsxDikbTa5oEI94YPldXLsEW2uaQm4T9JrTz7Qz98kW203JUnVeExDXFrZKk ++n+49N5Roc+AMj4c0Md3ZgyMAEQEAAYkCNgQYAQgAIBYhBHEAqt+ubm6UDS4K1lXk ++WlroynyKBQJe7MkJAhsgAAoJEFXkWlroynyKqDsQAKwK1wxNbxb1ge3aFqU01NuI ++/p9xjj1ui9UPggMSiL+3FedYfoet2Z1vLChVG6iXltgvZ/wghUDyElZJz27fpKmV ++m+dzXAINlzfQlj83hR1h8dF21HjVRGZgRaADMSwfqGc8i/DnlcAo7epYgfyPXLTz ++IxBY+Xa0iSqFkV2oeRQBQ/sCs98A5UWSifxXfDEwuCi+Va9WyoZjByctChvgRR50 ++RoFDtOOGXNYNQ/nLU2wdRbVrKAWBqXpaEMYulsRB37NsRAmSkSRTe7gFyethfZA/ ++Lsac3L4j3+oIp5KVFPxe9vXUlx+6lH/Woj4TpR94nDY2YErT6RLjaHpGG5zfvaAd ++/VeX43XmjPymy17bj5ulH5/iL2XIHb06x91uTFagzHSTuWlElVUBpwUKnkU1bBdW ++PUQGCsOf8XNpLKOJCkHseAoHqW96rfPoFDx94aIpuxT7MfD7FmldEQHgdKxyAk7w ++0y0ef9nfC+FWGVzCmkoDIvHaZdRAjxiLNfjlBux0bLCPmvzlSMsiDKSzvWkHgCjb ++YrT0RSXIF2ms+55f7RncHbhOPemwGv6VoMpyk7Uj9pqmCyeIDuidAUF7bjMvVqsJ ++qhlLDKXXX26hyimY1orGzJvu/y3LideO2az9mV6dBQCJy+gTvFFZBmDBJJZAD0r2 ++SLnfENA1O0cRq5UbtxNOmQINBF3C4AkBEADQxp4jfxmbJ3t/ZuKcsV4JxG8mhuGX ++BkzMB0k2uGULCpY4yh7dsN4PBU7PuHgUMkxJnJlbg0xVR2nux20INzroYn8xzRe+ ++jSmKTW0fTvNH+Nxyr4k+KgqmVZCcfyvwXuL7IOfG5luc/oSXJV62u+LHP891dVcJ ++lVN0Ef9i5Sz9iRkkMUknwoTrOK9q1nZNOA+XoLMhCIdyWIPx6jFmPxfZpgEJw6YI ++eyOSRIPYtH4twuDj50bzQuTTfQ3ph9FdcXVLYwP3BayvfFasGhyJ6caqVW9GpMDa ++/OPvteNmt2WbqaRgcX9CWWOKonhFqkaWAXj0lYFkM65DTzSUKpNtoh2MRVA7qyGZ ++2zlHocNWSplQ8VJlly6ch9O95UEXlSIJFxAi/7NBNuG/CekHQxxQZhdslUe7LIsu ++jlKS8Fy0bpYsTDPb/g+rUuIHWCOhEC+B0qOYVEf+wcc9jTQjZf6NP3zIV4dO+Mc9 ++GVT+d3Kz0y11g1ON0b82qy2ONvRys1NmqXC2vCnXzKCQ6UTHRYt+EdV0nlo59G+l ++olCnT8t1sW7ezuByA4zWMI6hLyk0NLb8xwPK9BT732RGhzba7a7EaArTBsPA3rWv ++ObC1kQWSaw+ule5rmnTL5Q4Jw3qDhgM9b2Bg3hLYP5/UU0INq7krH413Kin0C29T ++1aNmLfMTfmS5EwARAQABtCZUb20gSHJvbWF0a2EgPHRvbS5ocm9tYXRrYUBvcmFj ++bGUuY29tPokCTgQTAQgAOBYhBEemj843x9cCT9ZeETVs5iwrUkCZBQJdwuAJAhsD ++BQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEDVs5iwrUkCZNL0P/3KFyrWXW5ou ++PuAzWeMMUZrQmyz31T70iVSS8PtPWb8S2QxQdzgpdVPrvxT+wfq5zJbdz3X5uPvd ++OXUeyv0bAQRqYQVX/tkz10zu6+m+Bgx0H6I5Xk9F7EDvag1EDDs/BDSLh9VbsTll ++SaNpLhFjSRj0dVmE1DgaUDX5F66npYMgSIspsAjEI1MZ1PDYQfhoyxEMiz0ld14y ++v6HE7hBPekcQW2mAWzlpZmgw9NVIcqShy3znJNGGpQUbLEtGbrv/wRMNWjGWPJyf ++E5dLDvkfQjrdsTRWv5+Sd5/z3fwp0G8dUq1iWeegu6mFe0KRLB5z3lcc+QJSlWet ++yyoYWOhq1Jzn0QHjakZp2Nb4rtp9/b9TdhvD5cOjpsECmL5qMri1mn/j4F63AG4y ++LQaYrwwjWzDcz+jQ8wNuyl7cXQFD6UYbywC1tC9DE0VppV2nOirtTOPz8+etXMx6 ++sg40STJ4dbYn/gJLhiycSaUAqGkSHpC24FbcvkVwKz5MBUYuLEgNH3RyNKVgnb5J ++WZofE7ehOVCc+VAmzMyobjE+71FRXlPdmqD/im4vYDsqzb15wX79VsXqI0bij+xV ++YaR7GoQbTfVQ0a6f6slWex6PmKOnZTjfLL7sEu1JhAteqlI9I0NlNJBF/y32T6lQ ++pO+3CJGhY+2rSiCpnI31NMusAkcufnxquQINBF3C4AkBEAC9ReOzYf6nryTLn8lG ++g6M0kpMX3P7v8GlOV1hZ8hTDlUETpo+xxR3FvNjWEDNyuawCpvNz8Pu3OKqxKDIi ++vyVdJNEc335glsMY7BmAevLvAtyfjb0rOzOXqLfhdsn108Nr6Ai+lkMs8xlK2hxG ++I3qpDHzImOYmhWD4J181gxlj5Gaj8fOyV8JZvfY6AZcei2tzlmHpj9SSh7K59trU ++ZtaUDljUeVAEP4KfU1sLEYy3BUzS+eb4Qw1tleui+89E/J4zPrgwwuLg5OU+ScTi ++gfbEF/05MMUAySiKieKhp8IFsT41+FXOlotBl0wz6Jbo4HxNtY5Ptrpv6BOrBlYf ++hfhZeANk4+y5OnLqRjjgTvf1p9CHmsgs6sx/lkNyXpzoxKR89RzxHxnrgUATSa80 ++JK9o/0tPZkN33HKJlkSndPQEM4uLrTsIxvNsBSOPIKC09siMbbBeI0t811P1pMh8 ++zvTnRl2FSQjiumLoVhr+xxZ2wWiPxztVQkMLuuWXkzcxQUfuw5nEQCH+WdqYKNmV ++6rw2kU6j10q0kvvspWPMTbsI/vBY3KyiP1F8dToXiwulNT1U05NGJ20YbzEHnYEK ++atBq9ZILLx63c8eLZ6VppkAE0ZlmgsOvn+zIcv81P4x9mDLvuqTOzRj/RuDAY6qJ ++HuICpsV3F5A03z9ne/Z9u0mwSwARAQABiQI2BBgBCAAgFiEER6aPzjfH1wJP1l4R ++NWzmLCtSQJkFAl3C4AkCGwwACgkQNWzmLCtSQJkiQA/8Cm07bQf2FIKTdwRECJO7 ++pvpuc3zE1XsSuLyu40qpsWX24Ll97S7cpOK7rN2jSZ6UDoXpNgXViOzma5yiC+GO ++6UUWxr8xE/CDXeuawxHUt0Xrn+UQnWsirsrZifjVPkXou71QM+kaQ9qXy4liOpRa ++Jjf8B7iz3ilgMUACnMcwOVn+jbswLQpNetsKk+vrLwQlILPkWcKGxIu1Iro3E7Wo ++IPojHHtT7Co7mSRzaNI00VU7jMwZwXFQL/IbeGsKlaAyxh1BzRLnLdPN8hxiYtEq ++2IG66Uq3EmigtwOvh06d/Qi/gBH6CWxdahRk7HwATyrNvbjfduzNnhF+lPA39iKr ++I5+IGasK6Lp9HklUJD0Q9JK7yac/cUj5LptY/PBFC7eJKHJLyohmvlXYgRSeAXEm ++7uGpU5k/jUZDM4Z1o5JboiNVQoqDWs6iDYJb82cRjKKlvC2d2lFKxtBOR3xJZUUs ++IpoQrstxn1LA5DcBosPvd9ISyIZs38UyJNTz07GUedEpeE3YhLkesc6n2iL9D2Yj ++z/S4ANukxl9YZDW+EFS8LtTchvK11OHWubvWxWFV7txLFmkBYQwk2krCi2MVguRZ ++Gj8bodqjty1H8ZMfA5NYwAKeyQmsmTHqNmR1Ws/cdQCV7+3q9RurlUtY1AVxx4Lt ++nS16GX+OVCybWzbK1uqLrfo= ++=RyUi ++-----END PGP PUBLIC KEY BLOCK----- diff --cc debian/watch index 0000000,0000000..45d9a80 new file mode 100644 --- /dev/null +++ b/debian/watch @@@ -1,0 -1,0 +1,5 @@@ ++version=4 ++opts="searchmode=plain,\ ++pgpsigurlmangle=s/$/.asc/" \ ++https://api.github.com/repos/seccomp/libseccomp/releases?per_page=50 \ ++https://github.com/seccomp/libseccomp/releases/download/[^/]+/libseccomp-@ANY_VERSION@@ARCHIVE_EXT@