netcat-openbsd (1.218-5) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/debian/netcat-openbsd.git -b debian/latest
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: debian/latest
Path: debian/changelog
Browser: https://salsa.debian.org/debian/netcat-openbsd
Last scan: 2022-05-21 15:50:33+00
Next scan: 2022-05-29 15:03:00+00
CI pipeline status: success

Debian changelog in Git:

netcat-openbsd (1.218-5) unstable; urgency=low

  [ Dirk Jagdmann ]
  * Add support for abstract namespace sockets in the AF_UNIX family.

  [ Guilhem Moulin ]
  * d/t/client-server: Add a simple test for sockets in the AF_UNIX family,
    including those in the abstract namespace on Linux.  We were only checking
    sockets in the AF_INET family before.
  * d/p/abstract-unix-domain-socket.patch: Some fixes and improvements upon
    Dirk's patch.
  * d/checks: Ensure sockets in the AF_UNIX family are usable up to the
    sizeof(sun_path) limit, and rejected with ENAMETOOLONG when they exceed it.
  * d/checks: Add tests for abstract namespace sockets in the AF_UNIX family,
    incl. for source datagram UNIX domain sockets.
  * d/p/abstract-unix-domain-socket.patch: Always reject the empty pathname
    sockets, which on Linux was read as the NUL abstract socket before.  The
    empty abstract socket is still allowed however, and is specified as "@".
  * d/p/misc-failures-and-features.patch: Remove double warning in
    unix_connect().
  * d/p/misc-failures-and-features.patch: Remove leftover union{}, obsolete
    since 1.190-1.
  * d/p/misc-failures-and-features.patch: Factor out Makefile changes to
    d/p/port-to-linux-with-libbsd.patch.
  * d/p/misc-failures-and-features.patch: Remove redundant errx() call in
    unix_connect().
  * d/p/misc-failures-and-features.patch: Improve error message for UNIX-domain
    datagram sockets.
  * d/checks: Use '--' marker to avoid breakage on socket pathnames starting
    with '-'.
  * d/checks/netcat: Set LC_ALL=C.
  * Add d/NEWS entry mentioning abstract sockets support and its implications.
  * d/p/*: Consolidate usage of '#if defined(FOO)' vs. '#ifdef FOO'.
  * d/p/build-without-TLS-support.patch: Rename '-DTLS' to the less generic
    '-DHAVE_TLS'.
  * d/p/port-to-linux-with-libbsd.patch: Use automatic Makefile variables.
  * d/checks/02-connect: Check default temporary socket name for datagram
    sockets.
  * d/tests/client-server: Check that the socket path is left behind.
  * Rather than using mkstemp(3) to create unique names for default source
    datagram UNIX domain sockets, use mkdtemp(3) to create a new empty
    directory (with mode 0700) and use it to store a fixed socket name.  This
    fixes a file descriptor leak and a race condition where a new file would be
    created by an attacker between the unlink(2) and bind(2) calls.  We don't
    use an abstract socket here since it would open a race condition with the
    possibility for a local attacker to inject fake server responses.
  * d/p/*: Minor formatting fixes.
  * d/p/*: Improve Subject: lines.
  * d/copyright: Update copyright years.

 -- Guilhem Moulin <guilhem@debian.org>  Fri, 11 Mar 2022 21:54:15 +0100

This branch is even with tag debian/1.218-5