Acknowledgement sent
to Vagrant Cascadian <vagrant@reproducible-builds.org>:
New Bug report received and forwarded. Copy sent to reproducible-bugs@lists.alioth.debian.org, Daniel Kahn Gillmor <dkg@fifthhorseman.net>.
(Sun, 25 Sep 2022 21:09:07 GMT) (full text, mbox, link).
Source: libreswan
Version: 4.6-1
Severity: normal
Tags: patch
User: reproducible-builds@lists.alioth.debian.org
Usertags: hostname
X-Debbugs-Cc: reproducible-bugs@lists.alioth.debian.org
Ever since version 4.6-1, libreswan has been embedding the hostname in
various binaries:
https://tests.reproducible-builds.org/debian/rb-pkg/bullseye/amd64/diffoscope-results/libreswan.html
/usr/libexec/ipsec/_import_crl
./lib/libipsecconf/../../OBJ.linux.amd64.ionos5-amd64/lib/libipsecconf/lex.yy.c.tmp:1806
vs.
./lib/libipsecconf/../../OBJ.linux.amd64.i-capture-the-hostname/lib/libipsecconf/lex.yy.c.tmp:1806
The attached patch fixes this by setting OBJDIR from debian/rules.
I am not positive there are not other outstanding issue, but this
*might* be enough to make libreswan build reproducibly again.
Thanks for maintaining libreswan!
live well,
vagrant
Information forwarded
to debian-bugs-dist@lists.debian.org, Daniel Kahn Gillmor <dkg@fifthhorseman.net>: Bug#1020736; Package src:libreswan.
(Sun, 25 Sep 2022 21:57:10 GMT) (full text, mbox, link).
Acknowledgement sent
to Vagrant Cascadian <vagrant@reproducible-builds.org>:
Extra info received and forwarded to list. Copy sent to Daniel Kahn Gillmor <dkg@fifthhorseman.net>.
(Sun, 25 Sep 2022 21:57:10 GMT) (full text, mbox, link).
Changed Bug title to 'libreswan: reproducible builds: Embeds build hostname in binaries' from 'libreswan: reproducible builds: Embeds build username and hostname in binaries'.
Request was from Vagrant Cascadian <vagrant@reproducible-builds.org>
to 1020736-submit@bugs.debian.org.
(Sun, 25 Sep 2022 21:57:11 GMT) (full text, mbox, link).
Reply sent
to Daniel Kahn Gillmor <dkg@fifthhorseman.net>:
You have taken responsibility.
(Thu, 19 Jan 2023 23:54:07 GMT) (full text, mbox, link).
Notification sent
to Vagrant Cascadian <vagrant@reproducible-builds.org>:
Bug acknowledged by developer.
(Thu, 19 Jan 2023 23:54:07 GMT) (full text, mbox, link).
Source: libreswan
Source-Version: 4.9-1
Done: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
We believe that the bug you reported is fixed in the latest version of
libreswan, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1020736@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Kahn Gillmor <dkg@fifthhorseman.net> (supplier of updated libreswan package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 19 Jan 2023 17:41:25 -0500
Source: libreswan
Architecture: source
Version: 4.9-1
Distribution: unstable
Urgency: medium
Maintainer: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Changed-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Closes: 10155171020736
Changes:
libreswan (4.9-1) unstable; urgency=medium
.
[ Daniel Kahn Gillmor ]
* New upstream release
- upstream fixed LTO (Closes: #1015517)
* d/upstream/signing-key.asc: update with better bindings
* Standards-Version: bump to 4.6.2 (no changes needed)
.
[ Vagrant Cascadian ]
* debian/rules: Pass OBJDIR to avoid embedding hostname. (Closes: #1020736)
.
[ Daniel Kahn Gillmor ]
* refresh patches
* d/copyright: remove reference to upstream-deleted BSDKAME code
* update lintian overrides
* d/copyright: update years to relevant years
Checksums-Sha1:
78cabebcb939c05c4b055868d5c184819d4021f3 2018 libreswan_4.9-1.dsc
12b7351ca7e6ba1ac787239e67027a4d82f02f10 3706966 libreswan_4.9.orig.tar.gz
c49020c0ad28bbc2566e79570054ebfd392b8044 862 libreswan_4.9.orig.tar.gz.asc
4bdc00eb659ca482ac1f1b8f7e99393fca7d58e9 14548 libreswan_4.9-1.debian.tar.xz
eaffad26007574ad03b7bd2f993dabc7497c666e 11218 libreswan_4.9-1_amd64.buildinfo
Checksums-Sha256:
5f19b596ae00aa89f3049836a5808c2fa30fe9e1f10a0485bbd929d8ec101da6 2018 libreswan_4.9-1.dsc
f642dcb635e909564ca8fd99ea44ab43f60723b4d76c158ed812978c45b398b9 3706966 libreswan_4.9.orig.tar.gz
db26966571a9cee1c978be016c5852f4455d414af6c9e56144724e4cc8bd8ba4 862 libreswan_4.9.orig.tar.gz.asc
878aafb095ae4caecd7b89ae7f6189f58214721744933f994edfbaf870ef1438 14548 libreswan_4.9-1.debian.tar.xz
60c3dc8b27fef3815422c1d083128babb8dc874044e0f19c4f2bda8745feaa06 11218 libreswan_4.9-1_amd64.buildinfo
Files:
416838e26557e1ffda9550e22713edfe 2018 net optional libreswan_4.9-1.dsc
584ee91ace5208db1a517b4c8e7a3971 3706966 net optional libreswan_4.9.orig.tar.gz
d9c2b9c85aa084b1789c1bfdb328ab21 862 net optional libreswan_4.9.orig.tar.gz.asc
51ba6383c1247a36242cf558fb618582 14548 net optional libreswan_4.9-1.debian.tar.xz
de103783bb87435d4c4e1a3a4d141aff 11218 net optional libreswan_4.9-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQQttUkcnfDcj0MoY88+nXFzcd5WXAUCY8nNuAAKCRA+nXFzcd5W
XM1nAQCO9HGkwqYk6y9vQ+ElPJH/ISa+XpqlEKz7uEdnSqZw5gD+JcPRCQqxjdLw
mFEisxNN91wajg7JJddMZ08b/0rUkAM=
=IpOR
-----END PGP SIGNATURE-----
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.