[Bug 1576812] Re: [MIR] ipmitool

2022-05-18 Thread Christian Ehrhardt  
** Tags removed: server-todo

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cluster-glue/+bug/1576812/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2022-03-31 Thread Christian Ehrhardt  
With the ipmi* support in some of the HA components it might be time to
re-evaluate it.

** Tags added: server-todo

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cluster-glue/+bug/1576812/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2020-09-07 Thread Christian Ehrhardt  
Back to incomplete for a re-eval but only after known CVEs and
improvements (1.8.19) are released.

** Changed in: ipmitool (Ubuntu)
   Status: Won't Fix => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cluster-glue/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2020-08-18 Thread Christian Ehrhardt  
FYI - CVE open and not (yet) released 1.8.19
https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-5208.html

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-5208

** Tags removed: server-triage-discuss yakkety

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cluster-glue/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2020-08-17 Thread Christian Ehrhardt  
** Tags added: server-triage-discuss

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cluster-glue/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2020-08-06 Thread Seth Arnold 
It's a bit hard to follow the issue but I have the impression quite a
lot of work has been done on upstream ipmitool. It'd probably be worth
revisiting.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cluster-glue/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2020-08-05 Thread Christian Ehrhardt  
FYI - someone tried upstream, but it wasn't merged 
https://github.com/ipmitool/ipmitool/issues/13
This effort would need to be re-started and driven to completion.

** Bug watch added: github.com/ipmitool/ipmitool/issues #13
   https://github.com/ipmitool/ipmitool/issues/13

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cluster-glue/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2017-04-10 Thread Launchpad Bug Tracker 
This bug was fixed in the package cluster-glue - 1.0.12-5ubuntu2

---
cluster-glue (1.0.12-5ubuntu2) zesty; urgency=medium

  * Drop ipmitool to Suggests, as it's only referenced in one plugin where
the code already checks and warns if it's not installed (LP: #1576812)

 -- Adam Conrad   Mon, 10 Apr 2017 02:58:13 -0600

** Changed in: cluster-glue (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cluster-glue/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2017-04-10 Thread Adam Conrad 
** Also affects: cluster-glue (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cluster-glue/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2017-01-09 Thread Michael Terry 
** Changed in: ipmitool (Ubuntu)
   Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2017-01-09 Thread Seth Arnold 
After considering the long list of compiler warnings:

Security team NAK for promoting ipmitool to main. It's simply speaking
too risky for our team to take on in a formal capacity. Feel free to
consider re-opening if upstream drastically reduces the compiler
warnings.

Thanks

** Changed in: ipmitool (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2016-10-11 Thread Seth Arnold 
On the one hand, ipmi usually works on segregated networks because the
implementation of ipmi on baseband controllers and NICs are usually
pretty poor, so the risks may be limited. On the other hand, the
compilation warnings are telling a story of a project that might have
been Good Enough fifteen years ago, but looks unloved today.

Ideally we wouldn't promote this to main until someone cleans up the
warnings. The compiler is giving hundreds of concrete suggestions to
improve the code quality.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2016-10-11 Thread Seth Arnold 
The compilation logs are extremely messy. Of these warnings, 90% are
security-relevant. This is much worse than usual.

Thanks

** Attachment added: "log.txt"
   
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+attachment/4759689/+files/log.txt

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2016-10-11 Thread Seth Arnold 
Probably the md5.c results from cppcheck are false positives. I haven't
looked. Even with those discounted, it's noisier than usual.

** Attachment added: "cppcheck.txt"
   
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+attachment/4759688/+files/cppcheck.txt

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2016-08-30 Thread Tyler Hicks 
** Changed in: ipmitool (Ubuntu)
 Assignee: Jamie Strandboge (jdstrand) => Ubuntu Security Team 
(ubuntu-security)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2016-07-26 Thread Adam Conrad 
It's probably worth noting (on this oddly-stalled MIR...) that, despite
ipmitool being in universe, it would be a complete lie to claim that
Canonical doesn't already support it.  We've patched it quite heavily
here and there for both paying customer and community bugs, we use it
quite heavily internally, and recommend it often externally.  The part
where it's managed to continue living in universe is really just a side-
effect of none of its dependencies making it to main until now, not an
explicit statement of support.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2016-07-06 Thread Michael Terry 
** Changed in: ipmitool (Ubuntu)
 Assignee: Ubuntu Server Team (ubuntu-server) => Jamie Strandboge (jdstrand)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1576812] Re: [MIR] ipmitool

2016-07-06 Thread Nish Aravamudan 
** Description changed:

+ Availability: ipmitool is in universe in Precise, Trusty and Xenial.
+ 
+ Rationale: ipmitool is a new Recommends of cluster-glue, which is in
+ Main. Additionally, ipmitool is a reasonably common program for systems
+ management, and it makes some sense for it to be in Main.
+ 
+ Security: The security history for the ipmitool package is fairly quiet.
+ 
+ Reviewing CVEs for ipmitool, I found only one relevant one:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4339 which was
+ fixed in Debian.
+ 
+ ipmitool installs one binary to /usr/sbin:
+ 
+ /usr/sbin/ipmievd
+ 
+ and one corresponding service:
+ 
+ /etc/init.d/ipmievd
+ /lib/systemd/system/ipmievd.service
+ 
+ ipmievd itself is a logging daemon that transfer logs from a BMC to
+ syslog and seems like a low exposure (accounting for the afore-mentioned
+ CVE).
+ 
+ Quality assurance:
+ 
+ Installation of ipmitool results in an immediately working package.
+ Site-specific options for accessing a BMC may be necessary, but are
+ documented in the man-page.
+ 
+ No debconf questions are asked during installation.
+ 
+ https://bugs.launchpad.net/ubuntu/+source/ipmitool indicates no
+ outstanding long-term bugs exist for ipmitool.
+ 
+ Debian's bug tracker implies no significant bugs exist, excepting possibly 
related to whether ipmievd should start by default (due to dependencies on 
particular kernel modules).
+ https://bugs.debian.org/cgi-bin/pkgreport.cgi?pkg=ipmitool
+ 
+ The upstream bug tracker
+ https://sourceforge.net/p/ipmitool/bugs/?source=navbar mostly contains
+ feature requests.
+ 
+ ipmitool is well-maintained in Debian and Ubuntu.
+ 
+ ipmitool does not ship a test suite; any test suite it shipped would
+ also have strict hardware dependencies, I think.
+ 
+ ipmitool uses a debian/watch file and uscan/uupdate function currently.
+ 
+ I am not sure that the end-user application (ipmitool itself) has been
+ internationalized yet. Nor does there appear to be a desktop file, but
+ ipmitool would primarily be used on servers.
+ 
+ Dependencies:
+ 
+ All build and binary dependencies (including Recommends:) are
+ satisfyable in main.
+ 
+ Standards compliance: The package meets the FHS and Debian Policy
+ standards.
+ 
+ Maintenance: The Ubuntu Server team will maintain this package.
+ 
+ Background information:
+ 
+ The package descriptions correctly explain the general purpose and
+ context of the package.
+ 
+ == Original report ==
+ 
  cluster-glue has added a recommends: against ipmitool, currently in
  universe.  This looks to me like a reasonable thing to have in main, but
  needs to go through the MIR process.
  
  cluster-glue is owned by the server team.

** Changed in: ipmitool (Ubuntu)
   Status: Incomplete => New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1576812

Title:
  [MIR] ipmitool

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1576812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs