[security and bugfix release] amule 2.2.6

Note that the security fix was backported and should be already included in 2.2.5-1.1ubuntu1:
http://changelogs.ubuntu.com/changelogs/pool/universe/a/amule/amule_2.2.5-1.1ubuntu1/changelog

However it would be nice to add a FFe ( https://wiki.ubuntu.com/FreezeExceptionProcess ) to make 2.2.6 available in karmic, since it only includes some important fixes.

I don't know if that security fix was backported or not, but I think that is more safe a fix in upstream that use patches...

Hi,

At the moment, there is no debdiff nor sync/merge to sponsor, so I'll unsubscribe u-u-s.
Please subscribe again Ubuntu Sponsors for Universe when you will have something to sponsor.

Thanks,
Fabrice

an FFe is not required if there are no new features and as far as I can see this is a bug fix + security release, so we can start working on having it packaged asap. If for you guys is ok, I gonna take care of packaging / uploading this latest release.

Scott approved the task so I can start working on it. Assigning the bug to me while I work on it.

The package is ready, gonna test it a bit again tomorrow and then it should be ready for the upload.

2009/10/9 Andrea Veri <email address hidden>

> The package is ready, gonna test it a bit again tomorrow and then it
> should be ready for the upload.
>
>
I mantain a repository of unofficial aMule release which contains some
improvements in the package such as a package with all the debug data and
integration with emulecollection files.

This is my PPA:

https://launchpad.net/~amule-releases/+archive/ppa/+packages<https://launchpad.net/%7Eamule-releases/+archive/ppa/+packages>

I can't grab data for untrusted repositories plus I think the current package has everything needed already.

Uploaded.

This bug was fixed in the package amule - 2.2.6-0ubuntu1

---------------
amule (2.2.6-0ubuntu1) karmic; urgency=low

  * New Security / Bug fix release. (LP: #431979)
  * upstream's debian dir moved to debian.upstream, source
    repacked and moved to a tar.gz extension.
  * debian/patches/CVE-2009-1440.patch:
    - removed, applied upstream.
  * debian/patches/series:
    - refreshed
  * debian/rules:
    - dh_desktop call removed, it's deprecated now.

 -- Andrea Veri <email address hidden> Thu, 08 Oct 2009 22:45:42 +0200

2009/10/9 Andrea Veri <email address hidden>

> I can't grab data for untrusted repositories plus I think the current
> package has everything needed already.
>

And you can't see the changes in debian folder? (diff.gz file).... O_o

I never said that you use these packages. I said you could use improvements
in those packages.

And, if I don't worth, improves were often test in those "untrusted
repositories"...

And "configure_ignore_gdlib-config_garbage.diff" isnt updated.

This text should be updated or removed because there is no longer these
lines:

+++ amule-2.2.6/debian/patches/configure_ignore_gdlib-config_garbage.diff
+--- a/configure
++++ b/configure
+@@ -6311,7 +6311,7 @@
+ if test -n "$GDLIB_VERSION"; then
+
+ CAS_DEFS="-D__GD__"
+- GDLIB_LIBS="-lgd $GDLIB_LIBS"
++ GDLIB_LIBS="-lgd"
+
+ else
+ CAS_DEFS=

The patch "configure_ignore_gdlib-config_garbage.diff" isnt updated.

This text should be updated or removed because there is no longer these lines:

+++ amule-2.2.6/debian/patches/configure_ignore_gdlib-config_garbage.diff
+--- a/configure
++++ b/configure
+@@ -6311,7 +6311,7 @@
+ if test -n "$GDLIB_VERSION"; then
+
+ CAS_DEFS="-D__GD__"
+- GDLIB_LIBS="-lgd $GDLIB_LIBS"
++ GDLIB_LIBS="-lgd"
+
+ else
+ CAS_DEFS=

the patch is from debian and the code it's still there:

 if test -n "$GDLIB_VERSION"; then

  CAS_DEFS="-D__GD__"
  GDLIB_LIBS="-lgd $GDLIB_LIBS"

if not the patch would have failed to apply. Closing the bug report as far as there is nothing to do.

and anyway I don't need to look at any diff.gz file, I won't diverge the package from debian introducing new stuff when it's not required to. Thanks.