Univention Bugzilla – Full Text Bug Listing |
Summary: | libx11: Multiple issues (3.2) | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | Security updates | Assignee: | Arvid Requate <requate> |
Status: | CLOSED FIXED | QA Contact: | Janek Walkenhorst <walkenhorst> |
Severity: | normal | ||
Priority: | P3 | CC: | gohmann |
Version: | UCS 3.2 | ||
Target Milestone: | UCS 3.2-5-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Security | |
Max CVSS v3 score: |
Description
Arvid Requate
2015-04-13 15:48:15 CEST
The DSA version has been imported and built in errata3.2-5. Advisory: 2015-04-15-libx11.yaml All dependent packages have been cherrypicked and rebuilt in errata3.2-5: From UCS 3.2-0: libxfixes libxrandr libxext libxrender libxi libxv open-vm-tools From errata3.1-1: cairo From UCS 3.0-0: libsdl1.2 tightvnc xserver-xorg-video-vmware texlive-bin I also checked openoffice.org which is not affected. Corresponding advisories have been commited. * libx11 * Advisory: OK Tests: OK Changelog: OK * cairo * seems missing? (Or advisory version is wrong) * rest * Advisories: OK Tests: OK Good point, the build of cairo failed because "libpixman-1-dev" was missing. Why? It was imported and built in errata3.1-1, but never got released (actually it's just a build-dependency). Looking deeper, the cairo update built in errata3.1-1 also never got released. So this stuff is obsolete: =============================================================== pixman 0.24.0-1~bpo60+1 imported on 2013-08-15 09:25:04.499547 in scope errata3.1-1 cairo 1.10.2-7~bpo60+1 imported on 2013-08-15 10:42:12.377343 in scope errata3.1-1 =============================================================== Instead these versions are valid: =============================================================== pixman 0.16.4-1 imported on 2010-02-12 12:16:48.258771 in release tag 3.0-0-0 pixman 0.16.4-1+deb6u1 imported on 2014-04-09 13:21:50.735248 in scope ucs3.2-2 (via Bug 33776) cairo 1.8.10-6 imported on 2010-12-23 21:21:57.090469 in release tag 3.0-0-0 =============================================================== So I removed that bogous 1.10.2-7~bpo60+1 version from errata3.2-5 and cherrypicked the 1.8.10-6 version from release tag 3.0-0-0 instead. Package has been rebuilt and advisory is updated. (In reply to Janek Walkenhorst from comment #2) > * cairo * > Advisory: OK > Tests: OK <http://errata.univention.de/ucs/3.2/312.html> <http://errata.univention.de/ucs/3.2/313.html> <http://errata.univention.de/ucs/3.2/314.html> <http://errata.univention.de/ucs/3.2/315.html> <http://errata.univention.de/ucs/3.2/316.html> <http://errata.univention.de/ucs/3.2/317.html> <http://errata.univention.de/ucs/3.2/318.html> <http://errata.univention.de/ucs/3.2/319.html> <http://errata.univention.de/ucs/3.2/320.html> <http://errata.univention.de/ucs/3.2/321.html> <http://errata.univention.de/ucs/3.2/322.html> <http://errata.univention.de/ucs/3.2/323.html> <http://errata.univention.de/ucs/3.2/325.html> |