Debian Patches

Status for pesign/0.112-6

Patch Description Author Forwarded Bugs Origin Last update
fix_cmdline.patch commit 5be0515dee24308fd7e270bf2e0fb5e5a7a78f32

Fix command line parsing

The gettext translation domain should be passed as .arg, not .descrip,
otherwise popt won't process any of the command line options (it stops
looping over the struct poptOption array when an entry has unset
longName, shortName and arg).

Signed-off-by: Julien Cristau <>

diff --git a/src/client.c b/src/client.c
index 028419f..575c873 100644
Julien Cristau <> no 2016-06-09
tty-prompt-race.patch Fix race condition in SEC_GetPassword

A side effect of echoOff is to discard unread input, so if we print the
prompt before echoOff, the user (or process) at the other end might
react to it by writing the password in between those steps, which is
then discarded. This bit me when trying to drive pesign with an expect
efisiglist_header.patch commit 7c26eeff5eef526161de5365b14d323e20a4ec3f

efisiglist: Copy the header correctly

signature_list wasn't copied corretly to efi_signature_list because
SignatureType in signature_list is a pointer while that in
efi_signature_list is not.

Signed-off-by: Gary Lin <>

diff --git a/src/siglist.c b/src/siglist.c
index 6e59164..e74eb10 100644
Gary Lin <> no 2018-03-30
0001-fix-NSS-build-error.patch commit b535d1ac5cbcdf18a97d97a92581e38080d9e521

efikeygen: Fix the build with nss 3.44

NSS 3.44 adds some certificate types, which changes a type and makes
some encoding stuff weird. As a result, we get:

gcc8 -I/wrkdirs/usr/ports/sysutils/pesign/work/pesign-0.110/include -O2 -pipe -fstack-protector-strong -Wl,-rpath=/usr/local/lib/gcc8 -isystem /usr/local/include -fno-strict-aliasing -g -O0 -g -O0 -Wall -fshort-wchar -fno-strict-aliasing -fno-merge-constants --std=gnu99 -D_GNU_SOURCE -Wno-unused-result -Wno-unused-function -I../include/ -I/usr/local/include/nss -I/usr/local/include/nss/nss -I/usr/local/include/nspr -Werror -fPIC -isystem /usr/local/include -DCONFIG_amd64 -DCONFIG_amd64 -c efikeygen.c -o efikeygen.o
In file included from /usr/local/include/nss/nss/cert.h:22,
from efikeygen.c:39:
efikeygen.c: In function 'add_cert_type':
/usr/local/include/nss/nss/certt.h:445:5: error: unsigned conversion from 'int' to 'unsigned char' changes value from '496' to '240' [-Werror=overflow]
efikeygen.c:208:23: note: in expansion of macro 'NS_CERT_TYPE_APP'
unsigned char type = NS_CERT_TYPE_APP;
cc1: all warnings being treated as errors

This is fixed by just making it an int.

Fixes github issue #48.

Signed-off-by: Peter Jones <>

diff --git a/src/efikeygen.c b/src/efikeygen.c
index ede76ef..2cd953e 100644
Peter Jones <> no 2019-05-14

All known versions for source package 'pesign'