diff -pruN 1.2.17-0.1/debian/changelog 1.2.17-0.1ubuntu7/debian/changelog --- 1.2.17-0.1/debian/changelog 2020-04-10 15:42:40.000000000 +0000 +++ 1.2.17-0.1ubuntu7/debian/changelog 2022-02-07 08:49:33.000000000 +0000 @@ -1,3 +1,54 @@ +openscap (1.2.17-0.1ubuntu7) jammy; urgency=medium + + * No-change rebuild for the perl update. + + -- Matthias Klose Mon, 07 Feb 2022 09:49:33 +0100 + +openscap (1.2.17-0.1ubuntu6) jammy; urgency=medium + + * No-change rebuild with Python 3.10 as default version + + -- Graham Inggs Thu, 13 Jan 2022 20:13:39 +0000 + +openscap (1.2.17-0.1ubuntu5) impish; urgency=medium + + * No-change rebuild due to OpenLDAP soname bump. + + -- Sergio Durigan Junior Mon, 21 Jun 2021 17:54:36 -0400 + +openscap (1.2.17-0.1ubuntu4) hirsute; urgency=medium + + * Add dpkg version comparison algorithm to avoid false positives. + (LP: #1911791) + - debian/patches/dpkg-version-comparison-1.patch: Add dpkg version + comparison algorithm. + - debian/patches/dpkg-version-comparison-2.patch: Free a_copy and b_copy + in case of failure and code format. + - debian/patches/dpkg-version-comparison-3.patch: Fix + oval_debian_evr_string_cmp. + + -- Eduardo Barretto Tue, 05 Jan 2021 17:19:13 -0300 + +openscap (1.2.17-0.1ubuntu3) hirsute; urgency=medium + + * No-change rebuild to build with python3.9 as default. + + -- Matthias Klose Thu, 19 Nov 2020 18:37:30 +0100 + +openscap (1.2.17-0.1ubuntu2) hirsute; urgency=medium + + * No-change rebuild for the perl update. + + -- Matthias Klose Tue, 10 Nov 2020 17:03:44 +0100 + +openscap (1.2.17-0.1ubuntu1) groovy; urgency=low + + * Merge from Debian unstable. Remaining changes: + - debian/patches/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74.patch + (Closes: #963484) + + -- Gianfranco Costamagna Mon, 22 Jun 2020 11:15:48 +0200 + openscap (1.2.17-0.1) unstable; urgency=medium * Non-maintainer upload @@ -24,6 +75,44 @@ openscap (1.2.17-0.1) unstable; urgency= -- HÃ¥vard Flaget Aasen Fri, 10 Apr 2020 17:42:40 +0200 +openscap (1.2.16-2ubuntu5) groovy; urgency=medium + + [ Mark Morlino ] + * debian/patches/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74.patch: Fix + dangling '*' in dpkginfo_free_reply declaration. + + -- Balint Reczey Thu, 21 May 2020 13:35:13 +0200 + +openscap (1.2.16-2ubuntu3) focal; urgency=high + + * Fix for apt 1.9.11. + + -- Julian Andres Klode Thu, 27 Feb 2020 14:16:39 +0100 + +openscap (1.2.16-2ubuntu2) focal; urgency=medium + + * No-change rebuild for the perl update. + + -- Matthias Klose Fri, 18 Oct 2019 19:37:27 +0000 + +openscap (1.2.16-2ubuntu1) eoan; urgency=medium + + * Port to apt 1.9.0 (include more headers) + + -- Julian Andres Klode Tue, 18 Jun 2019 11:52:00 +0200 + +openscap (1.2.16-2build2) eoan; urgency=high + + * No change rebuild against apt 1.9.0. + + -- Julian Andres Klode Mon, 17 Jun 2019 13:09:59 +0200 + +openscap (1.2.16-2build1) disco; urgency=medium + + * No-change rebuild for the perl 5.28 transition. + + -- Adam Conrad Fri, 02 Nov 2018 18:14:38 -0600 + openscap (1.2.16-2) unstable; urgency=medium * Add patch to install CPE OVAL files diff -pruN 1.2.17-0.1/debian/control 1.2.17-0.1ubuntu7/debian/control --- 1.2.17-0.1/debian/control 2020-04-10 05:57:13.000000000 +0000 +++ 1.2.17-0.1ubuntu7/debian/control 2021-01-05 20:19:13.000000000 +0000 @@ -1,6 +1,7 @@ Source: openscap Priority: optional -Maintainer: Pierre Chifflier +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Pierre Chifflier Build-Depends: debhelper-compat (= 10), libpcre3-dev, libxml2-dev, diff -pruN 1.2.17-0.1/debian/patches/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74.patch 1.2.17-0.1ubuntu7/debian/patches/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74.patch --- 1.2.17-0.1/debian/patches/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.2.17-0.1ubuntu7/debian/patches/5e5bc61c1fc6a6556665aa5689a62d6bc6487c74.patch 2020-05-21 11:34:54.000000000 +0000 @@ -0,0 +1,38 @@ +From 5e5bc61c1fc6a6556665aa5689a62d6bc6487c74 Mon Sep 17 00:00:00 2001 +From: Evgeny Kolesnikov +Date: Thu, 25 Jul 2019 20:57:38 +0200 +Subject: [PATCH] OVAL/dpkginfo: Fix dangling '*' in dpkginfo_free_reply + declaration. + +This function is not supposed to return anything. +--- + src/OVAL/probes/unix/linux/dpkginfo-helper.cxx | 2 +- + src/OVAL/probes/unix/linux/dpkginfo-helper.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/OVAL/probes/unix/linux/dpkginfo-helper.cxx b/src/OVAL/probes/unix/linux/dpkginfo-helper.cxx +index 18acc5637..48b75d02e 100644 +--- a/src/OVAL/probes/unix/linux/dpkginfo-helper.cxx ++++ b/src/OVAL/probes/unix/linux/dpkginfo-helper.cxx +@@ -112,7 +112,7 @@ struct dpkginfo_reply_t * dpkginfo_get_by_name(const char *name, int *err) + return reply; + } + +-void * dpkginfo_free_reply(struct dpkginfo_reply_t *reply) ++void dpkginfo_free_reply(struct dpkginfo_reply_t *reply) + { + if (reply) { + free(reply->name); +diff --git a/src/OVAL/probes/unix/linux/dpkginfo-helper.h b/src/OVAL/probes/unix/linux/dpkginfo-helper.h +index b2f0db3de..fe2f68a23 100644 +--- a/src/OVAL/probes/unix/linux/dpkginfo-helper.h ++++ b/src/OVAL/probes/unix/linux/dpkginfo-helper.h +@@ -40,7 +40,7 @@ int dpkginfo_fini(); + + struct dpkginfo_reply_t * dpkginfo_get_by_name(const char *name, int *err); + +-void * dpkginfo_free_reply(struct dpkginfo_reply_t *reply); ++void dpkginfo_free_reply(struct dpkginfo_reply_t *reply); + + #ifdef __cplusplus + } diff -pruN 1.2.17-0.1/debian/patches/dpkg-version-comparison-1.patch 1.2.17-0.1ubuntu7/debian/patches/dpkg-version-comparison-1.patch --- 1.2.17-0.1/debian/patches/dpkg-version-comparison-1.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.2.17-0.1ubuntu7/debian/patches/dpkg-version-comparison-1.patch 2021-01-05 20:19:13.000000000 +0000 @@ -0,0 +1,247 @@ +From 1a9c6876139871ccc55f4d5896ccf34ec06c358a Mon Sep 17 00:00:00 2001 +From: Eduardo Barretto +Date: Mon, 7 Dec 2020 11:05:44 -0300 +Subject: [PATCH] Add dpkg version comparison algorithm + +This commit move away from using rpm version comparison algorithm for +debian based distros and at the same time fixes false positives that +happen when the revision of a package contains a '~'. +--- + src/OVAL/probes/probe/entcmp.c | 13 +- + src/OVAL/results/oval_cmp.c | 2 +- + src/OVAL/results/oval_cmp_evr_string.c | 159 ++++++++++++++++++++ + src/OVAL/results/oval_cmp_evr_string_impl.h | 13 ++ + 4 files changed, 182 insertions(+), 5 deletions(-) + +diff --git a/src/OVAL/probes/probe/entcmp.c b/src/OVAL/probes/probe/entcmp.c +index 6b50add27..3cd0888da 100644 +--- a/src/OVAL/probes/probe/entcmp.c ++++ b/src/OVAL/probes/probe/entcmp.c +@@ -91,10 +91,15 @@ oval_result_t probe_ent_cmp_evr(SEXP_t * val1, SEXP_t * val2, oval_operation_t o + + oval_result_t probe_ent_cmp_debian_evr(SEXP_t * val1, SEXP_t * val2, oval_operation_t op) + { +- //TODO: implement Debian's epoch-version-release comparing algorithm +- // it is different algorithm than RPM algorithm +- dW("Using RPM algorithm to compare epoch, version and release."); +- return probe_ent_cmp_evr(val1, val2, op); ++ oval_result_t result = OVAL_RESULT_ERROR; ++ char *s1 = SEXP_string_cstr(val1); ++ char *s2 = SEXP_string_cstr(val2); ++ ++ result = oval_debian_evr_string_cmp(s1, s2, op); ++ ++ free(s1); ++ free(s2); ++ return result; + } + + oval_result_t probe_ent_cmp_filesetrev(SEXP_t * val1, SEXP_t * val2, oval_operation_t op) +diff --git a/src/OVAL/results/oval_cmp.c b/src/OVAL/results/oval_cmp.c +index 585332223..8a7ba9d8f 100644 +--- a/src/OVAL/results/oval_cmp.c ++++ b/src/OVAL/results/oval_cmp.c +@@ -145,7 +145,7 @@ oval_result_t oval_str_cmp_str(char *state_data, oval_datatype_t state_data_type + } else if (state_data_type == OVAL_DATATYPE_EVR_STRING) { + return oval_evr_string_cmp(state_data, sys_data, operation); + } else if (state_data_type == OVAL_DATATYPE_DEBIAN_EVR_STRING) { +- return oval_evr_string_cmp(state_data, sys_data, operation); ++ return oval_debian_evr_string_cmp(state_data, sys_data, operation); + } else if (state_data_type == OVAL_DATATYPE_VERSION) { + return oval_versiontype_cmp(state_data, sys_data, operation); + } else if (state_data_type == OVAL_DATATYPE_IPV4ADDR) { +diff --git a/src/OVAL/results/oval_cmp_evr_string.c b/src/OVAL/results/oval_cmp_evr_string.c +index 3f6ed3c85..1ddfb2846 100644 +--- a/src/OVAL/results/oval_cmp_evr_string.c ++++ b/src/OVAL/results/oval_cmp_evr_string.c +@@ -281,6 +281,165 @@ static int rpmvercmp(const char *a, const char *b) + } + #endif + ++/* ++ * based on code from dpkg: lib/dpkg/version.c ++ * Mino changes to use isdigit() and isalpha() ++ */ ++/** ++ * Give a weight to the character to order in the version comparison. ++ * ++ * @param c An ASCII character. ++ */ ++static int order(int c) ++{ ++ if (isdigit(c)) ++ return 0; ++ else if (isalpha(c)) ++ return c; ++ else if (c == '~') ++ return -1; ++ else if (c) ++ return c + 256; ++ else ++ return 0; ++} ++ ++/* ++ * based on code from dpkg: lib/dpkg/version.c ++ * Minor changes to use isdigit() ++ */ ++static int verrevcmp(const char *a, const char *b) ++{ ++ if (a == NULL) ++ a = ""; ++ if (b == NULL) ++ b = ""; ++ ++ while (*a || *b) { ++ int first_diff = 0; ++ ++ while ((*a && !isdigit(*a)) || (*b && !isdigit(*b))) { ++ int ac = order(*a); ++ int bc = order(*b); ++ ++ if (ac != bc) ++ return ac - bc; ++ ++ a++; ++ b++; ++ } ++ while (*a == '0') ++ a++; ++ while (*b == '0') ++ b++; ++ while (isdigit(*a) && isdigit(*b)) { ++ if (!first_diff) ++ first_diff = *a - *b; ++ a++; ++ b++; ++ } ++ ++ if (isdigit(*a)) ++ return 1; ++ if (isdigit(*b)) ++ return -1; ++ if (first_diff) ++ return first_diff; ++ } ++ ++ return 0; ++} ++ ++/* ++ * Code copied from lib/dpkg/version.c ++ */ ++/** ++ * Compares two Debian versions. ++ * ++ * This function follows the convention of the comparator functions used by ++ * qsort(). ++ * ++ * @see deb-version(5) ++ * ++ * @param a The first version. ++ * @param b The second version. ++ * ++ * @retval 0 If a and b are equal. ++ * @retval <0 If a is smaller than b. ++ * @retval >0 If a is greater than b. ++ */ ++int dpkg_version_compare(struct dpkg_version *a, ++ struct dpkg_version *b) ++{ ++ int rc; ++ ++ if (a->epoch > b->epoch) ++ return 1; ++ if (a->epoch < b->epoch) ++ return -1; ++ ++ rc = verrevcmp(a->version, b->version); ++ if (rc) ++ return rc; ++ ++ return verrevcmp(a->revision, b->revision); ++} ++ ++oval_result_t oval_debian_evr_string_cmp(const char *state, const char *sys, oval_operation_t operation) ++{ ++ struct dpkg_version a, b; ++ const char *a_epoch, *a_version, *a_release; ++ const char *b_epoch, *b_version, *b_release; ++ char *a_copy, *b_copy; ++ long aux; ++ ++ a_copy = oscap_strdup(sys); ++ b_copy = oscap_strdup(state); ++ parseEVR(a_copy, &a_epoch, &a_version, &a_release); ++ parseEVR(b_copy, &b_epoch, &b_version, &b_release); ++ ++ if (!a_epoch || !b_epoch) { ++ oscap_seterr(OSCAP_EFAMILY_OVAL, "Invalid epoch: %d.", operation); ++ return OVAL_RESULT_ERROR; ++ } ++ ++ aux = strtol(a_epoch, NULL, 10); ++ if (aux < INT_MIN || aux > INT_MAX) { ++ return OVAL_RESULT_ERROR; // Outside int range ++ } ++ a.epoch = (int) aux; ++ ++ aux = strtol(b_epoch, NULL, 10); ++ if (aux < INT_MIN || aux > INT_MAX) { ++ return OVAL_RESULT_ERROR; // Outside int range ++ } ++ b.epoch = (int) aux; ++ ++ a.version = a_version; ++ a.revision = a_release; ++ b.version = b_version; ++ b.revision = b_release; ++ int result = dpkg_version_compare(&a, &b); ++ ++ free(a_copy); ++ free(b_copy); ++ if (operation == OVAL_OPERATION_EQUALS) { ++ return ((result == 0) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ } else if (operation == OVAL_OPERATION_NOT_EQUAL) { ++ return ((result != 0) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ } else if (operation == OVAL_OPERATION_GREATER_THAN) { ++ return ((result == 1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ } else if (operation == OVAL_OPERATION_GREATER_THAN_OR_EQUAL) { ++ return ((result != -1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ } else if (operation == OVAL_OPERATION_LESS_THAN) { ++ return ((result == -1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ } else if (operation == OVAL_OPERATION_LESS_THAN_OR_EQUAL) { ++ return ((result != 1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ } ++ ++ oscap_seterr(OSCAP_EFAMILY_OVAL, "Invalid type of operation in rpm version comparison: %d.", operation); ++ return OVAL_RESULT_ERROR; ++} + + oval_result_t oval_versiontype_cmp(const char *state, const char *syschar, oval_operation_t operation) + { +diff --git a/src/OVAL/results/oval_cmp_evr_string_impl.h b/src/OVAL/results/oval_cmp_evr_string_impl.h +index 7b1cc5f02..b0f77835e 100644 +--- a/src/OVAL/results/oval_cmp_evr_string_impl.h ++++ b/src/OVAL/results/oval_cmp_evr_string_impl.h +@@ -49,6 +49,20 @@ oval_result_t oval_evr_string_cmp(const char *state, const char *sys, oval_opera + + oval_result_t oval_versiontype_cmp(const char *state, const char *syschar, oval_operation_t operation); + ++oval_result_t oval_debian_evr_string_cmp(const char *state, const char *sys, oval_operation_t operation); ++ ++/* ++ * Code copied from lib/dpkg/version.h ++ */ ++struct dpkg_version { ++ /** The epoch. It will be zero if no epoch is present. */ ++ unsigned int epoch; ++ /** The upstream part of the version. */ ++ const char *version; ++ /** The Debian revision part of the version. */ ++ const char *revision; ++}; ++ + OSCAP_HIDDEN_END; + + #endif diff -pruN 1.2.17-0.1/debian/patches/dpkg-version-comparison-2.patch 1.2.17-0.1ubuntu7/debian/patches/dpkg-version-comparison-2.patch --- 1.2.17-0.1/debian/patches/dpkg-version-comparison-2.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.2.17-0.1ubuntu7/debian/patches/dpkg-version-comparison-2.patch 2021-01-05 20:19:13.000000000 +0000 @@ -0,0 +1,75 @@ +From 7a8c2a2cae5aed67753bf4d4e50356f14c21ae9e Mon Sep 17 00:00:00 2001 +From: Eduardo Barretto +Date: Thu, 10 Dec 2020 10:47:27 -0300 +Subject: [PATCH] Free a_copy and b_copy in case of failure and code format + +Move from if to switch case. +--- + src/OVAL/results/oval_cmp_evr_string.c | 24 +++++++++++++++--------- + 1 file changed, 15 insertions(+), 9 deletions(-) + +diff --git a/src/OVAL/results/oval_cmp_evr_string.c b/src/OVAL/results/oval_cmp_evr_string.c +index 1ddfb2846..ea8e40c2f 100644 +--- a/src/OVAL/results/oval_cmp_evr_string.c ++++ b/src/OVAL/results/oval_cmp_evr_string.c +@@ -368,8 +368,7 @@ static int verrevcmp(const char *a, const char *b) + * @retval <0 If a is smaller than b. + * @retval >0 If a is greater than b. + */ +-int dpkg_version_compare(struct dpkg_version *a, +- struct dpkg_version *b) ++int dpkg_version_compare(struct dpkg_version *a, struct dpkg_version *b) + { + int rc; + +@@ -399,18 +398,24 @@ oval_result_t oval_debian_evr_string_cmp(const char *state, const char *sys, ova + parseEVR(b_copy, &b_epoch, &b_version, &b_release); + + if (!a_epoch || !b_epoch) { +- oscap_seterr(OSCAP_EFAMILY_OVAL, "Invalid epoch: %d.", operation); ++ oscap_seterr(OSCAP_EFAMILY_OVAL, "Invalid epoch."); ++ free(a_copy); ++ free(b_copy); + return OVAL_RESULT_ERROR; + } + + aux = strtol(a_epoch, NULL, 10); + if (aux < INT_MIN || aux > INT_MAX) { ++ free(a_copy); ++ free(b_copy); + return OVAL_RESULT_ERROR; // Outside int range + } + a.epoch = (int) aux; + + aux = strtol(b_epoch, NULL, 10); + if (aux < INT_MIN || aux > INT_MAX) { ++ free(a_copy); ++ free(b_copy); + return OVAL_RESULT_ERROR; // Outside int range + } + b.epoch = (int) aux; +@@ -423,17 +428,18 @@ oval_result_t oval_debian_evr_string_cmp(const char *state, const char *sys, ova + + free(a_copy); + free(b_copy); +- if (operation == OVAL_OPERATION_EQUALS) { ++ switch (operation) { ++ case OVAL_OPERATION_EQUALS: + return ((result == 0) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); +- } else if (operation == OVAL_OPERATION_NOT_EQUAL) { ++ case OVAL_OPERATION_NOT_EQUAL: + return ((result != 0) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); +- } else if (operation == OVAL_OPERATION_GREATER_THAN) { ++ case OVAL_OPERATION_GREATER_THAN: + return ((result == 1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); +- } else if (operation == OVAL_OPERATION_GREATER_THAN_OR_EQUAL) { ++ case OVAL_OPERATION_GREATER_THAN_OR_EQUAL: + return ((result != -1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); +- } else if (operation == OVAL_OPERATION_LESS_THAN) { ++ case OVAL_OPERATION_LESS_THAN: + return ((result == -1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); +- } else if (operation == OVAL_OPERATION_LESS_THAN_OR_EQUAL) { ++ case OVAL_OPERATION_LESS_THAN_OR_EQUAL: + return ((result != 1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); + } + diff -pruN 1.2.17-0.1/debian/patches/dpkg-version-comparison-3.patch 1.2.17-0.1ubuntu7/debian/patches/dpkg-version-comparison-3.patch --- 1.2.17-0.1/debian/patches/dpkg-version-comparison-3.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.2.17-0.1ubuntu7/debian/patches/dpkg-version-comparison-3.patch 2021-01-05 20:19:13.000000000 +0000 @@ -0,0 +1,32 @@ +From 0c16bce515a85524d6aa084af0a0e50283929523 Mon Sep 17 00:00:00 2001 +From: omer672 +Date: Tue, 15 Dec 2020 15:30:53 +0200 +Subject: [PATCH] Fix oval_debian_evr_string_cmp + +The function verrevcmp can return any positive or negative number as a comparison result, not just 1 or -1. +--- + src/OVAL/results/oval_cmp_evr_string.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/OVAL/results/oval_cmp_evr_string.c b/src/OVAL/results/oval_cmp_evr_string.c +index ea8e40c2f..5c182ea6a 100644 +--- a/src/OVAL/results/oval_cmp_evr_string.c ++++ b/src/OVAL/results/oval_cmp_evr_string.c +@@ -434,13 +434,13 @@ oval_result_t oval_debian_evr_string_cmp(const char *state, const char *sys, ova + case OVAL_OPERATION_NOT_EQUAL: + return ((result != 0) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); + case OVAL_OPERATION_GREATER_THAN: +- return ((result == 1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ return ((result > 0) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); + case OVAL_OPERATION_GREATER_THAN_OR_EQUAL: +- return ((result != -1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ return ((result >= 0) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); + case OVAL_OPERATION_LESS_THAN: +- return ((result == -1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ return ((result < 0) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); + case OVAL_OPERATION_LESS_THAN_OR_EQUAL: +- return ((result != 1) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); ++ return ((result <= 0) ? OVAL_RESULT_TRUE : OVAL_RESULT_FALSE); + } + + oscap_seterr(OSCAP_EFAMILY_OVAL, "Invalid type of operation in rpm version comparison: %d.", operation); diff -pruN 1.2.17-0.1/debian/patches/series 1.2.17-0.1ubuntu7/debian/patches/series --- 1.2.17-0.1/debian/patches/series 2020-04-10 14:40:43.000000000 +0000 +++ 1.2.17-0.1ubuntu7/debian/patches/series 2021-01-05 20:19:13.000000000 +0000 @@ -8,3 +8,7 @@ apt-1.9.0.patch apt-1.9.11.patch use_sys-xattr.patch +5e5bc61c1fc6a6556665aa5689a62d6bc6487c74.patch +dpkg-version-comparison-1.patch +dpkg-version-comparison-2.patch +dpkg-version-comparison-3.patch