[Git][debian-gis-team/gdal][master] 9 commits: Bump Standards-Version to 4.4.0, no changes.

Tue Oct 15 10:48:41 BST 2019


Bas Couwenberg pushed to branch master at Debian GIS Project / gdal


Commits:
452f5ef9 by Bas Couwenberg at 2019-10-15T07:34:01Z
Bump Standards-Version to 4.4.0, no changes.

- - - - -
a19b0793 by Bas Couwenberg at 2019-10-15T07:34:14Z
Update PIE hardening conditional, trusty is EOL.

- - - - -
17041276 by Bas Couwenberg at 2019-10-15T08:24:55Z
Re-enable CFITSIO support, license issues are resolved. (closes: #932464)

- - - - -
23aa1475 by Bas Couwenberg at 2019-10-15T08:24:55Z
Bump Standards-Version to 4.4.1, no changes.

- - - - -
67cb9c00 by Bas Couwenberg at 2019-10-15T08:24:55Z
Add upstream patch to fix CVE-2019-17545.

- - - - -
b4e43b3c by Bas Couwenberg at 2019-10-15T08:32:39Z
Add lintian override for spelling-error-in-binary.

- - - - -
10e2da70 by Bas Couwenberg at 2019-10-15T08:32:39Z
Add lintian override for spelling-error-in-binary false positive.

- - - - -
7b384b8e by Bas Couwenberg at 2019-10-15T08:32:39Z
Update lintian overrides for file-references-package-build-path.

- - - - -
f5c56b67 by Bas Couwenberg at 2019-10-15T08:32:39Z
Set distribution to unstable.

- - - - -


10 changed files:

- debian/changelog
- debian/control
- debian/libgdal-dev.lintian-overrides
- debian/libgdal-java.lintian-overrides
- debian/libgdal-perl.lintian-overrides
- debian/libgdal20.lintian-overrides
- debian/libgdal20.symbols.common
- + debian/patches/CVE-2019-17545.patch
- debian/patches/series
- debian/rules


Changes:

=====================================
debian/changelog
=====================================
@@ -1,3 +1,16 @@
+gdal (2.4.2+dfsg-2) unstable; urgency=medium
+
+  * Bump Standards-Version to 4.4.1, no changes.
+  * Update PIE hardening conditional, trusty is EOL.
+  * Re-enable CFITSIO support, license issues are resolved.
+    (closes: #932464)
+  * Add upstream patch to fix CVE-2019-17545.
+  * Add lintian override for spelling-error-in-binary.
+  * Add lintian override for spelling-error-in-binary false positive.
+  * Update lintian overrides for file-references-package-build-path.
+
+ -- Bas Couwenberg <sebastic at debian.org>  Tue, 15 Oct 2019 09:42:55 +0200
+
 gdal (2.4.2+dfsg-1) unstable; urgency=medium
 
   * New upstream release.


=====================================
debian/control
=====================================
@@ -14,6 +14,7 @@ Build-Depends: debhelper (>= 9.20160114),
                ant,
                chrpath,
                libarmadillo-dev,
+               libcfitsio-dev,
                libcharls-dev,
                libcurl4-gnutls-dev | libcurl-ssl-dev,
                libdap-dev,
@@ -63,7 +64,7 @@ Build-Depends: debhelper (>= 9.20160114),
                zlib1g-dev
 Build-Conflicts: automake1.11,
                  python-setuptools
-Standards-Version: 4.3.0
+Standards-Version: 4.4.1
 Vcs-Browser: https://salsa.debian.org/debian-gis-team/gdal
 Vcs-Git: https://salsa.debian.org/debian-gis-team/gdal.git
 Homepage: http://www.gdal.org/
@@ -102,6 +103,7 @@ Section: libdevel
 Depends: libgdal20 (= ${binary:Version}),
          libc6-dev,
          libarmadillo-dev,
+         libcfitsio-dev,
          libcharls-dev,
          libcurl4-gnutls-dev | libcurl-ssl-dev,
          libdap-dev,


=====================================
debian/libgdal-dev.lintian-overrides
=====================================
@@ -7,3 +7,6 @@ copyright-year-in-future 3131 *
 # GDAL doesn't use Multi-Arch, it breaks too many rdeps
 pkg-config-unavailable-for-cross-compilation usr/lib/pkgconfig/gdal.pc
 
+# Cannot easily be fixed
+file-references-package-build-path *
+


=====================================
debian/libgdal-java.lintian-overrides
=====================================
@@ -1,6 +1,3 @@
 # False positive on: "(319) 369-3131"
 copyright-year-in-future 3131 *
 
-# Cannot easily be fixed
-file-references-package-build-path *
-


=====================================
debian/libgdal-perl.lintian-overrides
=====================================
@@ -1,6 +1,3 @@
 # False positive on: "(319) 369-3131"
 copyright-year-in-future 3131 *
 
-# Cannot easily be fixed
-file-references-package-build-path *
-


=====================================
debian/libgdal20.lintian-overrides
=====================================
@@ -1,9 +1,12 @@
 # False positive on: {136, "Socialist Republic of Viet Nam"},
 spelling-error-in-binary * Nam Name
 
+# Part of GRIB abbreviation
+spelling-error-in-binary * Instnt Instant
+
+# False positive, string not included in source
+spelling-error-in-binary * increaS increase
+
 # False positive on: "(319) 369-3131"
 copyright-year-in-future 3131 *
 
-# Cannot easily be fixed
-file-references-package-build-path *
-


=====================================
debian/libgdal20.symbols.common
=====================================
@@ -734,6 +734,7 @@
  GDALRegister_Envisat at Base 1.8.0
  GDALRegister_FAST at Base 1.8.0
  GDALRegister_FIT at Base 1.8.0
+ GDALRegister_FITS at Base 2.4.2
  GDALRegister_FujiBAS at Base 1.8.0
  GDALRegister_GFF at Base 1.8.0
  GDALRegister_GIF at Base 1.8.0


=====================================
debian/patches/CVE-2019-17545.patch
=====================================
@@ -0,0 +1,17 @@
+Description: OGRExpatRealloc(): fix double-free when size to allocate is above
+ the default 10MB threshold.
+ Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16178.
+ Credit to OSS Fuzz
+Author: Even Rouault <even.rouault at spatialys.com>
+Origin: https://github.com/OSGeo/gdal/commit/8cd2d2eb6327cf782a74dae263ffa6f89f46c93d
+
+--- a/ogr/ogr_expat.cpp
++++ b/ogr/ogr_expat.cpp
+@@ -73,7 +73,6 @@ static void* OGRExpatRealloc( void *ptr,
+     CPLError(CE_Failure, CPLE_OutOfMemory,
+              "Expat tried to realloc %d bytes. File probably corrupted",
+              static_cast<int>(size));
+-    free(ptr);
+     return nullptr;
+ }
+ 


=====================================
debian/patches/series
=====================================
@@ -9,3 +9,4 @@ perl-vendor
 privacy-breach-logo.patch
 privacy-breach-generic.patch
 perl-doxyfile
+CVE-2019-17545.patch


=====================================
debian/rules
=====================================
@@ -19,7 +19,7 @@ VENDOR_DERIVES_FROM_UBUNTU ?= $(shell dpkg-vendor --derives-from Ubuntu && echo
 DISTRIBUTION_RELEASE       := $(shell lsb_release -cs)
 
 ifeq ($(VENDOR_DERIVES_FROM_UBUNTU),yes)
-  ifneq (,$(filter $(DISTRIBUTION_RELEASE),trusty xenial bionic))
+  ifneq (,$(filter $(DISTRIBUTION_RELEASE),xenial bionic))
     export DEB_BUILD_MAINT_OPTIONS=hardening=+all,-pie
   endif
 endif
@@ -113,7 +113,7 @@ override_dh_auto_configure:
 			--with-rename-internal-libgeotiff-symbols=yes \
 			--with-threads \
 			--with-armadillo=yes \
-			--with-cfitsio=no \
+			--with-cfitsio=yes \
 			--with-charls \
 			--with-curl \
 			--with-ecw=no \



View it on GitLab: https://salsa.debian.org/debian-gis-team/gdal/compare/c07e3a00da37abe45878adaf59df5b26c5bea972...f5c56b67ee5a2a4192fae01e15e8dc7eb9e004a2

-- 
View it on GitLab: https://salsa.debian.org/debian-gis-team/gdal/compare/c07e3a00da37abe45878adaf59df5b26c5bea972...f5c56b67ee5a2a4192fae01e15e8dc7eb9e004a2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-grass-devel/attachments/20191015/693588cd/attachment-0001.html>
