Your message dated Sat, 06 Feb 2021 10:39:26 +0000
with message-id
<6425525e38201ecf9a2d3e0f1e63c0d3b08e0fc0.ca...@adam-barratt.org.uk>
and subject line Closing p-u bugs for updates in 10.8
has caused the Debian Bug report #981047,
regarding buster-pu: package tang/7-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
981047: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981047
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: buster
User: [email protected]
Usertags: pu
Hello stable release team,
for the upcoming stable point release, I've just uploaded src:tang
("network-based cryptographic binding server") as version 7-1+deb10u1.
There is just one change:
* Avoid race condition between keygen and update, resulting in "Key
derivation key not available!".
Type: upstream bug
Debian bug: https://bugs.debian.org/975343
Upstream bug: https://github.com/latchset/tang/issues/52
Fixed in in stable and testing: 7-3 (Januar 2020)
Problem: There is a race condition between two processes in the tang
ecosystem that manifests on slower hardware, resulting in an unusable
tang server.
Remark: The solution provided here and initially proposed in the
upstream bug report differs from the solution upstream and
unstable/testing - since upstream's fix came together with a massive
change of the infrastructure, and cherry-picking all this would have
been huge and rather a backport.
The new version was successfully tested on both a fast system (no
regression) and on a slow one (problem no longer manifests, broken
condition is healed upon upgrade).
Regards,
Christoph
-- System Information:
Debian Release: 10.7
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.10 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru tang-7/debian/changelog tang-7/debian/changelog
--- tang-7/debian/changelog 2018-08-12 00:57:45.000000000 +0200
+++ tang-7/debian/changelog 2021-01-25 18:37:46.000000000 +0100
@@ -1,3 +1,10 @@
+tang (7-1+deb10u1) buster; urgency=medium
+
+ * Avoid race condition between keygen and update, resulting in "Key
+ derivation key not available!". Closees: #975343
+
+ -- Christoph Biedl <[email protected]> Mon, 25 Jan 2021
18:37:46 +0100
+
tang (7-1) unstable; urgency=medium
* New upstream version 7
diff -Nru tang-7/debian/patches/local.avoid-keygen-race.patch
tang-7/debian/patches/local.avoid-keygen-race.patch
--- tang-7/debian/patches/local.avoid-keygen-race.patch 1970-01-01
01:00:00.000000000 +0100
+++ tang-7/debian/patches/local.avoid-keygen-race.patch 2021-01-25
18:05:30.000000000 +0100
@@ -0,0 +1,28 @@
+Description: Avoid race condition between keygen and update, resulting in "Key
derivation key not available!"
+Author: Christoph Biedl <[email protected]>
+Bug: https://github.com/latchset/tang/issues/52
+Bug-Debian: https://bugs.debian.org/975343
+Last-Update: 2021-01-25
+
+--- a/units/tangd-update.service.in
++++ b/units/tangd-update.service.in
+@@ -1,5 +1,7 @@
+ [Unit]
+ Description=Tang Server key update script
++Requires=tangd-keygen.service
++After=tangd-keygen.service
+
+ [Service]
+ Type=oneshot
+--- a/units/tangd.socket.in
++++ b/units/tangd.socket.in
+@@ -1,9 +1,7 @@
+ [Unit]
+ Description=Tang Server socket
+-Requires=tangd-keygen.service
+ Requires=tangd-update.service
+ Requires=tangd-update.path
+-After=tangd-keygen.service
+ After=tangd-update.service
+
+ [Socket]
diff -Nru tang-7/debian/patches/series tang-7/debian/patches/series
--- tang-7/debian/patches/series 2018-08-12 00:57:45.000000000 +0200
+++ tang-7/debian/patches/series 2021-01-25 18:00:51.000000000 +0100
@@ -1,2 +1,3 @@
local.use-asciidoctor-to-build-manpages.patch
local.add-systemd-documentation-key.patch
+local.avoid-keygen-race.patch
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Package: release.debian.org
Version: 10.8
Hi,
Each of the updates referenced by these bugs was included in today's
10.8 point release.
Regards,
Adam
--- End Message ---
