Re: Bug 1035537 - split -n k/N gives incorrect data on blocks after the first

To: Chris Frey <cdfrey@foursquare.net>
Cc: debian-lts@lists.debian.org
Subject: Re: Bug 1035537 - split -n k/N gives incorrect data on blocks after the first
From: Sylvain Beucler <beuc@beuc.net>
Date: Fri, 19 May 2023 21:54:16 +0200
Message-id: <[🔎] 679412d8-1543-111a-cc31-6186513aaf29@beuc.net>
In-reply-to: <[🔎] 20230519191419.GA26346@foursquare.net>
References: <[🔎] 20230505031403.GA20568@foursquare.net> <[🔎] ff800d10-0941-cc11-c1f2-4f7f37b8a778@beuc.net> <[🔎] 20230519191419.GA26346@foursquare.net>

Hi,

On 19/05/2023 21:14, Chris Frey wrote:

On Fri, May 19, 2023 at 08:45:23PM +0200, Sylvain Beucler wrote:

On 05/05/2023 05:14, Chris Frey wrote:

	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035537


At first glance, it looks like this could lead to data corruption, and hence
warrant a 'grave' severity in the BTS.


Thanks for the response!  Yes indeed, the split file results will be
corrupt without the fix.

Is the severity level something I control, or the maintainer?


Everybody can alter the severity in the BTS, check:
https://www.debian.org/Bugs/server-control#severity
https://www.debian.org/Bugs/Developer#severities
(of course the maintainer may set it to another level if he sees fit.)

However I believe both the Security Team (for a bullseye DSA or
point-update, probably initiated by the maintainer) and the LTS Team (for a
buster DLA, probably based on bullseye's) would rather get the coreutil's
package maintainers input on the subject first (right now the BTS entry has
no replies) :)


I'm assuming the package maintainers have a closer relationship to the
upstream maintainers than I do, but I can help if needed.

As you mentioned, upstream already fixed this issue, I would suggestlinking the upstream commit (which comes with documentation and updatedtests) for clarity:

https://git.savannah.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=bb21daa125aeb4e32546309d370918ca47e612db

AFAICS the bug is here since stretch, what I'd recommend is to getMichael Stone's (package maintainer) opinion on the matter (does hethinks this warrants a fix in stable or not) :)


Cheers!
Sylvain Beucler
Debian LTS Team

Reply to:

References:
- Bug 1035537 - split -n k/N gives incorrect data on blocks after the first
  - From: Chris Frey <cdfrey@foursquare.net>
- Re: Bug 1035537 - split -n k/N gives incorrect data on blocks after the first
  - From: Sylvain Beucler <beuc@beuc.net>
- Re: Bug 1035537 - split -n k/N gives incorrect data on blocks after the first
  - From: Chris Frey <cdfrey@foursquare.net>

Prev by Date: Re: Bug 1035537 - split -n k/N gives incorrect data on blocks after the first
Next by Date: Re: Bug#1036265: Wifi deauthentications and complete connection loss with new packages: firmware-iwlwifi, firmware-realtek, firmware-misc-nonfree in version 20190114+really20220913-0+deb10u1
Previous by thread: Re: Bug 1035537 - split -n k/N gives incorrect data on blocks after the first
Next by thread: Re: nvidia-graphics-drivers in DLA needed?
Index(es):
- Date
- Thread