Bug#666807: Test rebuild of your package libapache-authenhook-perl
arno at debian.org
arno at debian.org
Sat May 5 11:48:55 UTC 2012
tags 666807 '+confirmed'
thanks
Dear maintainer,
this is a follow-up message to your Apache 2.4 transition bug for
package libapache-authenhook-perl. We are approaching an upload of the web server to
Debian's Unstable repository as soon as the release team acknowledges
the upload. Along that upload we are planning to raise the importance of
this bug to a release-critical severity.
Please port your packages now to Apache 2.4. Below you can find a
test-rebuild for your package for the 2.4 version of the Apache web
server. Please note, even if the rebuild was successful, you still need
to make changes in the Debian specific part of your package.
The rebuild below was made by using a specially prepared build
environment where these conditions where met:
* We had apache2 and apache2-dev preinstalled
* We provided a void apache2-threaded-dev and apache2-prefork-dev
package to satisfy build-dependencies of your existing package (but
this WILL NOT be the case in a real upload of the apache2 source
package)
* We prepared apxs to unconditionally inject
-Werror=implicit-function-declaration to gcc to make sure we can spot
the use of removed API calls (e.g. missing signatures for ap_*
functions). Note, this might also cause false positives in some cases.
These are the outcome criterias we defined:
* VERIFIED-OK: The package rebuilt and linked successfully using the
Apache 2.4 development headers. It still needs adapting to Debian
package changes
* VERIFIED-FAIL: The package does not rebuild successufully using the
Apache 2.4 development headers. It may need some porting in the
upstream code base
* BYHAND: We may rebuild your package another time with manual
interception. Not clear outcome could be determined out of the build
log
This is the outcome we determined:
outcome: VERIFIED-OK
comment:
You will find a full build log attached below.
Here are some hints about porting problems. See [1] for a comprehensive
overview:
error: 'conn_rec' has no member named 'remote_ip'
These fields have been renamed in order to distinguish between
the client IP address of the connection and the useragent IP
address of the request. Porting is trivial, in most cases
changing the pointer from conn_rec->remote_ip to
request_rec->useragent_ip is enough
error: implicit declaration of function 'ap_requires'
error: implicit declaration of function 'ap_default_type'
These functions were removed along the 2.2 authnz API. It needs
a non-trivial API redesign.
error: implicit declaration of function 'ap_get_server_version'
Use ap_get_server_banner()
error: format not a string literal and no format arguments [-Werror=format-security]
Apache2 modules are being built with hardening build flags now
in order to satisfy the "hardening release goal" [2]. A trivial
fix comes over that problem.
[1] http://httpd.apache.org/docs/2.4/developer/new_api_2_4.html
[2] http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
-------------- next part --------------
A non-text attachment was scrubbed...
Name: libapache-authenhook-perl_2.00-04+pristine-2-amd64-20120504-0322.gz
Type: application/octet-stream
Size: 7363 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-perl-maintainers/attachments/20120505/576022e2/attachment.obj>
More information about the pkg-perl-maintainers
mailing list