date:20230512

Setuptools is not in bionic.  So you're using a local version and the
previous comment about configuring the environment to not use system
modules applies.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gpgme1.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1991606

Title:
  Invalid PEP440 package version breaking setuptools >= 66

Status in devscripts package in Ubuntu:
  Fix Released
Status in distro-info package in Ubuntu:
  Fix Released
Status in drslib package in Ubuntu:
  New
Status in duecredit package in Ubuntu:
  Fix Released
Status in gpgme1.0 package in Ubuntu:
  New
Status in python-debian package in Ubuntu:
  Fix Released
Status in reportbug package in Ubuntu:
  Fix Released
Status in ubuntu-dev-tools package in Ubuntu:
  Fix Released
Status in update-manager package in Ubuntu:
  Fix Released
Status in devscripts source package in Bionic:
  New
Status in distro-info source package in Bionic:
  New
Status in drslib source package in Bionic:
  Invalid
Status in duecredit source package in Bionic:
  New
Status in gpgme1.0 source package in Bionic:
  New
Status in python-debian source package in Bionic:
  Invalid
Status in reportbug source package in Bionic:
  New
Status in ubuntu-dev-tools source package in Bionic:
  New
Status in update-manager source package in Bionic:
  New
Status in devscripts source package in Focal:
  New
Status in distro-info source package in Focal:
  New
Status in drslib source package in Focal:
  New
Status in duecredit source package in Focal:
  New
Status in gpgme1.0 source package in Focal:
  New
Status in python-debian source package in Focal:
  New
Status in reportbug source package in Focal:
  New
Status in ubuntu-dev-tools source package in Focal:
  New
Status in update-manager source package in Focal:
  New
Status in devscripts source package in Jammy:
  New
Status in distro-info source package in Jammy:
  New
Status in drslib source package in Jammy:
  New
Status in duecredit source package in Jammy:
  New
Status in gpgme1.0 source package in Jammy:
  New
Status in python-debian source package in Jammy:
  New
Status in reportbug source package in Jammy:
  New
Status in ubuntu-dev-tools source package in Jammy:
  Invalid
Status in update-manager source package in Jammy:
  New
Status in devscripts source package in Kinetic:
  New
Status in distro-info source package in Kinetic:
  Fix Released
Status in drslib source package in Kinetic:
  New
Status in duecredit source package in Kinetic:
  New
Status in gpgme1.0 source package in Kinetic:
  New
Status in python-debian source package in Kinetic:
  Invalid
Status in reportbug source package in Kinetic:
  New
Status in ubuntu-dev-tools source package in Kinetic:
  Invalid
Status in update-manager source package in Kinetic:
  New

Bug description:
  [ Impact ]

  With setuptools 66, the versions of all packages visible in the Python
  environment *must* obey PEP440 .
  Otherwise, attempts to use pip to install a package with a setup.py-
  based build system, or other attempts to use the `pkg-resources`
  module, can produce errors like this:

    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 844, in _resolve_dist
  env = Environment(self.entries)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 1044, in __init__
  self.scan(search_path)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 1077, in scan
  self.add(dist)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 1096, in add
  dists.sort(key=operator.attrgetter('hashcmp'), reverse=True)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 2631, in hashcmp
  self.parsed_version,
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 2678, in parsed_version
  self._parsed_version = parse_version(self.version)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/version.py",
 line 266, in __init__
  raise InvalidVersion(f"Invalid version: '{version}'")
  pkg_resources.extern.packaging.version.InvalidVersion: Invalid version: 
'0.23ubuntu1'

  The official opinion of the setuptools maintainers seems to be that
  version strings of this form haven't *really* been allowed since about
  2014, and distributions need to change their package version naming
  scheme for Python packages they install, so that the resulting version
  strings obey PEP440. See for example
  .

  suffix 1build1 is invalid.

  Some python building tools, that verifies if version strings are
  compatible with PEP440, are failing.

[Touch-packages] [Bug 1991606] Re: Invalid PEP440 package version breaking setuptools >= 66

2023-05-12 Thread Martin Pecka

>  We ship setuptools in Ubuntu, and the version of setuptools shipped
in these releases does not trigger the issue.

It does for me (on Bionic).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gpgme1.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1991606

Title:
  Invalid PEP440 package version breaking setuptools >= 66

Status in devscripts package in Ubuntu:
  Fix Released
Status in distro-info package in Ubuntu:
  Fix Released
Status in drslib package in Ubuntu:
  New
Status in duecredit package in Ubuntu:
  Fix Released
Status in gpgme1.0 package in Ubuntu:
  New
Status in python-debian package in Ubuntu:
  Fix Released
Status in reportbug package in Ubuntu:
  Fix Released
Status in ubuntu-dev-tools package in Ubuntu:
  Fix Released
Status in update-manager package in Ubuntu:
  Fix Released
Status in devscripts source package in Bionic:
  New
Status in distro-info source package in Bionic:
  New
Status in drslib source package in Bionic:
  Invalid
Status in duecredit source package in Bionic:
  New
Status in gpgme1.0 source package in Bionic:
  New
Status in python-debian source package in Bionic:
  Invalid
Status in reportbug source package in Bionic:
  New
Status in ubuntu-dev-tools source package in Bionic:
  New
Status in update-manager source package in Bionic:
  New
Status in devscripts source package in Focal:
  New
Status in distro-info source package in Focal:
  New
Status in drslib source package in Focal:
  New
Status in duecredit source package in Focal:
  New
Status in gpgme1.0 source package in Focal:
  New
Status in python-debian source package in Focal:
  New
Status in reportbug source package in Focal:
  New
Status in ubuntu-dev-tools source package in Focal:
  New
Status in update-manager source package in Focal:
  New
Status in devscripts source package in Jammy:
  New
Status in distro-info source package in Jammy:
  New
Status in drslib source package in Jammy:
  New
Status in duecredit source package in Jammy:
  New
Status in gpgme1.0 source package in Jammy:
  New
Status in python-debian source package in Jammy:
  New
Status in reportbug source package in Jammy:
  New
Status in ubuntu-dev-tools source package in Jammy:
  Invalid
Status in update-manager source package in Jammy:
  New
Status in devscripts source package in Kinetic:
  New
Status in distro-info source package in Kinetic:
  Fix Released
Status in drslib source package in Kinetic:
  New
Status in duecredit source package in Kinetic:
  New
Status in gpgme1.0 source package in Kinetic:
  New
Status in python-debian source package in Kinetic:
  Invalid
Status in reportbug source package in Kinetic:
  New
Status in ubuntu-dev-tools source package in Kinetic:
  Invalid
Status in update-manager source package in Kinetic:
  New

Bug description:
  [ Impact ]

  With setuptools 66, the versions of all packages visible in the Python
  environment *must* obey PEP440 .
  Otherwise, attempts to use pip to install a package with a setup.py-
  based build system, or other attempts to use the `pkg-resources`
  module, can produce errors like this:

    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 844, in _resolve_dist
  env = Environment(self.entries)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 1044, in __init__
  self.scan(search_path)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 1077, in scan
  self.add(dist)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 1096, in add
  dists.sort(key=operator.attrgetter('hashcmp'), reverse=True)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 2631, in hashcmp
  self.parsed_version,
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 2678, in parsed_version
  self._parsed_version = parse_version(self.version)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/version.py",
 line 266, in __init__
  raise InvalidVersion(f"Invalid version: '{version}'")
  pkg_resources.extern.packaging.version.InvalidVersion: Invalid version: 
'0.23ubuntu1'

  The official opinion of the setuptools maintainers seems to be that
  version strings of this form haven't *really* been allowed since about
  2014, and distributions need to change their package version naming
  scheme for Python packages they install, so that the resulting version
  strings obey PEP440. See for example
  .

  suffix 1build1 is invalid.

  Some python building tools, that verifies if version strings are
  compatible with PEP440, are failing.

[Touch-packages] [Bug 2018457] Re: [SRU] Enable support for Bobcat Cloud Archive

Hello Corey, or anyone else affected,

Accepted software-properties into jammy-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/software-
properties/0.99.22.7 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: software-properties (Ubuntu Jammy)
   Status: Triaged => Fix Committed

** Tags added: verification-needed verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to software-properties in
Ubuntu.
https://bugs.launchpad.net/bugs/2018457

Title:
   [SRU] Enable support for Bobcat Cloud Archive

Status in software-properties package in Ubuntu:
  Fix Released
Status in software-properties source package in Jammy:
  Fix Committed
Status in software-properties source package in Mantic:
  Fix Released

Bug description:
  Please add support for:

 cloud-archive:bobcat
 cloud-archive:bobcat-proposed

  This will also need to be SRU'd back to jammy.

  [Impact]
  End users have to manually enable the antelope cloud archive pockets.

  [Test case]
  sudo add-apt-repository cloud-archive:bobcat
  sudo add-apt-repository cloud-archive:bobcat-proposed

  [Regression potential]
  Limited - just a data item addition

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/2018457/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2011628] Re: Apparmor Disallows Disabling Dhclient Scripts

2023-05-12 Thread Launchpad Bug Tracker

This bug was fixed in the package isc-dhcp - 4.4.3-P1-1ubuntu2

---
isc-dhcp (4.4.3-P1-1ubuntu2) mantic; urgency=medium

  * debian/apparmor/sbin.dhclient: Allow disabling dhclient hooks. LP:
#2011628

 -- Brett Holman   Fri, 17 Mar 2023 15:38:35
-0600

** Changed in: isc-dhcp (Ubuntu)
   Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/2011628

Title:
  Apparmor Disallows Disabling Dhclient Scripts

Status in isc-dhcp package in Ubuntu:
  Fix Released
Status in isc-dhcp package in Debian:
  New

Bug description:
  In some cases, it may be desirable to disable dhclient scripts. By
  default /sbin/dhclient-script is used, and some others are allowed by
  the apparmor profile.

  Without Apparmor, disabling hook scripts can be accomplished with
  flags -sf /bin/true, but with apparmor enabled this gets blocked:

  execve (/bin/true, ...): Permission denied

  Unfortunately dhclient doesn't appear to provide any other mechanism
  for disabling hook scripts.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/2011628/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1991606] Re: Invalid PEP440 package version breaking setuptools >= 66

I do not think this is justified as an SRU.  We ship setuptools in
Ubuntu, and the version of setuptools shipped in these releases does not
trigger the issue.  If someone is installing a different local version
of setuptools with pip, then they can just as well set up their
environment to mask the dist-packages too.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gpgme1.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1991606

Title:
  Invalid PEP440 package version breaking setuptools >= 66

Status in devscripts package in Ubuntu:
  Fix Released
Status in distro-info package in Ubuntu:
  Fix Released
Status in drslib package in Ubuntu:
  New
Status in duecredit package in Ubuntu:
  Fix Released
Status in gpgme1.0 package in Ubuntu:
  New
Status in python-debian package in Ubuntu:
  Fix Released
Status in reportbug package in Ubuntu:
  Fix Released
Status in ubuntu-dev-tools package in Ubuntu:
  Fix Released
Status in update-manager package in Ubuntu:
  Fix Released
Status in devscripts source package in Bionic:
  New
Status in distro-info source package in Bionic:
  New
Status in drslib source package in Bionic:
  Invalid
Status in duecredit source package in Bionic:
  New
Status in gpgme1.0 source package in Bionic:
  New
Status in python-debian source package in Bionic:
  Invalid
Status in reportbug source package in Bionic:
  New
Status in ubuntu-dev-tools source package in Bionic:
  New
Status in update-manager source package in Bionic:
  New
Status in devscripts source package in Focal:
  New
Status in distro-info source package in Focal:
  New
Status in drslib source package in Focal:
  New
Status in duecredit source package in Focal:
  New
Status in gpgme1.0 source package in Focal:
  New
Status in python-debian source package in Focal:
  New
Status in reportbug source package in Focal:
  New
Status in ubuntu-dev-tools source package in Focal:
  New
Status in update-manager source package in Focal:
  New
Status in devscripts source package in Jammy:
  New
Status in distro-info source package in Jammy:
  New
Status in drslib source package in Jammy:
  New
Status in duecredit source package in Jammy:
  New
Status in gpgme1.0 source package in Jammy:
  New
Status in python-debian source package in Jammy:
  New
Status in reportbug source package in Jammy:
  New
Status in ubuntu-dev-tools source package in Jammy:
  Invalid
Status in update-manager source package in Jammy:
  New
Status in devscripts source package in Kinetic:
  New
Status in distro-info source package in Kinetic:
  Fix Released
Status in drslib source package in Kinetic:
  New
Status in duecredit source package in Kinetic:
  New
Status in gpgme1.0 source package in Kinetic:
  New
Status in python-debian source package in Kinetic:
  Invalid
Status in reportbug source package in Kinetic:
  New
Status in ubuntu-dev-tools source package in Kinetic:
  Invalid
Status in update-manager source package in Kinetic:
  New

Bug description:
  [ Impact ]

  With setuptools 66, the versions of all packages visible in the Python
  environment *must* obey PEP440 .
  Otherwise, attempts to use pip to install a package with a setup.py-
  based build system, or other attempts to use the `pkg-resources`
  module, can produce errors like this:

    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 844, in _resolve_dist
  env = Environment(self.entries)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 1044, in __init__
  self.scan(search_path)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 1077, in scan
  self.add(dist)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 1096, in add
  dists.sort(key=operator.attrgetter('hashcmp'), reverse=True)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 2631, in hashcmp
  self.parsed_version,
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/__init__.py",
 line 2678, in parsed_version
  self._parsed_version = parse_version(self.version)
    File 
"/builds/databiosphere/toil/venv/lib/python3.9/site-packages/pkg_resources/_vendor/packaging/version.py",
 line 266, in __init__
  raise InvalidVersion(f"Invalid version: '{version}'")
  pkg_resources.extern.packaging.version.InvalidVersion: Invalid version: 
'0.23ubuntu1'

  The official opinion of the setuptools maintainers seems to be that
  version strings of this form haven't *really* been allowed since about
  2014, and distributions need to change their package version naming
  scheme for Python packages they install, so that the resulting version
  strings obey PEP440. See for example

[Touch-packages] [Bug 1982487] Re: apport fails with PermissionError for dump mode 2 in containers

I have reviewed and approved SRUs for the corresponding upload to focal
and jammy.  However, the bionic upload includes a lot more changes from
previous SRUs, making this more difficult and time-consuming to review
appropriately.  Given that bionic will reach the end of standard support
in 2 weeks and some of these bugs have evidently been present for 5
years, I am not sure it is worth pushing this through as an SRU.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1982487

Title:
  apport fails with PermissionError for dump mode 2 in containers

Status in Apport:
  Fix Released
Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Bionic:
  New
Status in apport source package in Focal:
  Fix Released
Status in apport source package in Jammy:
  Fix Released

Bug description:
  [Impact]

  Apport will fail for processes with dump mode 2 inside of containers.

  [Test plan]

  Run following testcase script inside a LXC container:

  ```
  #!/bin/sh
  sudo rm -rf /var/crash/* /var/log/apport.log

  sudo -u mail sh -c "ping 127.0.0.1 > /dev/null" &
  sleep 0.3
  killall -11 ping

  sleep 0.3
  cat /var/log/apport.log
  ```

  apport.log for the affected version:

  ```
  ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: called for pid 6449, 
signal 11, core limit 0, dump mode 2
  ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: not creating core for pid 
with dump mode of 2
  ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: Unhandled exception:
  Traceback (most recent call last):
    File "/usr/lib/python3/dist-packages/apport/report.py", line 681, in 
add_proc_info
  self["ExecutablePath"] = _read_proc_link(
    File "/usr/lib/python3/dist-packages/apport/report.py", line 92, in 
_read_proc_link
  return os.readlink(path, dir_fd=dir_fd)
  PermissionError: [Errno 13] Permission denied: 'exe'

  During handling of the above exception, another exception occurred:

  Traceback (most recent call last):
    File "/usr/share/apport/apport", line 862, in 
  info.add_proc_info(proc_pid_fd=proc_pid_fd)
    File "/usr/lib/python3/dist-packages/apport/report.py", line 686, in 
add_proc_info
  raise ValueError("not accessible")
  ValueError: not accessible
  ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: pid: 6452, uid: 0, gid: 0, 
euid: 8, egid: 8
  ERROR: apport (pid 6452) Thu Jul 21 12:59:45 2022: environment: 
environ({'LANG': 'C.UTF-8', 'PATH': 
'/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin', 
'LISTEN_PID': '6452', 'LISTEN_FDS': '1', 'LISTEN_FDNAMES': 'connection', 
'INVOCATION_ID': '1352c67b4a21480a9b35db8012dafb42', 'JOURNAL_STREAM': 
'8:29587491', 'SYSTEMD_EXEC_PID': '6452'})
  ```

  The apport log should not show a Traceback.

  [Where problems could occur]

  The apport binary is called by the kernel when a process crashes.
  Worst case scenarios include breaking the apport binary and no problem
  report is generated any more (or apport uses too much resources).
  Users will see problems reports inside the container which cause
  additional load or disk usage. The fix is accompanied by a test case
  (run in autopkgtest).

  [Other Info]

  The autopkgtest for armhf are run inside a LXC container and some test
  cases like test_crash_setuid_drop trigger this bug.

  Due to the huge amount of broken autopkgtest tests, the diff for the
  SRUs are bigger than desired. The individual commits in
  https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/apport/ are
  probably easier to review.

  * jammy SRU: 
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/apport/log/?h=1fa042cc27714c407494b3d6dfd0730bb984f3eb
  * focal SRU: 
https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/apport/log/?h=eaa92037c7dfba621719c6f81fd75f6a09e90881

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1982487/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1889443] Re: "ValueError: ['separator'] has no binary content" when running `apport-unpack /var/crash/...`

Hello Dan, or anyone else affected,

Accepted apport into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.27 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Focal)
   Status: Incomplete => Fix Committed

** Tags removed: verification-done
** Tags added: verification-needed verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1889443

Title:
  "ValueError: ['separator'] has no binary content" when running
  `apport-unpack /var/crash/...`

Status in Apport:
  Fix Released
Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Bionic:
  Triaged
Status in apport source package in Focal:
  Fix Committed
Status in apport source package in Jammy:
  Fix Released

Bug description:
  [ Impact ]

  Extracting a crash file will always fail in case the crash report was
  processed.

  [ Test plan ]

  1. Create crash (e.g. with divide-by-zero):
  ```
  sudo apt install chaos-marmosets
  divide-by-zero
  ```
  2. Click on "show details" in Apport crash UI, then close it
  3. exract crash report:
  ```
  tmpdir=$(mktemp -d)
  apport-unpack /var/crash/_usr_bin_divide-by-zero.1000.crash "$tmpdir"
  rm -rf "$tmpdir"
  ```

  The extraction should work and not print a stack trace.

  [ Where problems could occur ]

  The change touches the problem report reading code which is used in
  several places. This could cause regressions in reading the problem
  report.

  [ Original report ]

  The crash file I'm using is as-produced by the system (on groovy), and
  appears to have an empty value for separator:

  $ grep separator /var/crash/_usr_bin_neomutt.1000.crash
  separator:

  Traceback (most recent call last):
    File "/usr/bin/apport-unpack", line 77, in 
  pr.extract_keys(f, bin_keys, dir)
    File "/usr/lib/python3/dist-packages/problem_report.py", line 269, in 
extract_keys
  raise ValueError('%s has no binary content' %
  ValueError: ['separator'] has no binary content

  ProblemType: Bug
  DistroRelease: Ubuntu 20.10
  Package: apport 2.20.11-0ubuntu42
  ProcVersionSignature: Ubuntu 5.4.0-37.41-generic 5.4.41
  Uname: Linux 5.4.0-37-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset 
nvidia
  ApportVersion: 2.20.11-0ubuntu42
  Architecture: amd64
  CasperMD5CheckResult: skip
  CrashReports:
   640:1000:117:1620030:2020-07-29 12:16:57.045274496 -0400:2020-07-29 
12:19:15.559243636 -0400:/var/crash/_usr_bin_neomutt.1000.crash
   640:1000:117:4399480:2020-07-23 10:30:21.433552906 -0400:2020-07-23 
10:30:18.921508067 -0400:/var/crash/_usr_bin_pavucontrol.1000.crash
   640:1000:117:29909:2020-07-29 12:19:15.603244279 -0400:2020-07-29 
12:19:15.603244279 -0400:/var/crash/_usr_bin_apport-unpack.1000.crash
  CurrentDesktop: i3
  Date: Wed Jul 29 12:22:54 2020
  InstallationDate: Installed on 2019-05-07 (448 days ago)
  InstallationMedia: Ubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 
(20190210)
  PackageArchitecture: all
  SourcePackage: apport
  UpgradeStatus: Upgraded to groovy on 2020-06-22 (37 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1889443/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1947800] Re: /usr/share/apport/whoopsie-upload-all:zlib.error:/usr/share/apport/whoopsie-upload-all@196:collect_info:process_report:add_gdb_info:gdb_command:write:read:readinto:r

Hello errors.ubuntu.com, or anyone else affected,

Accepted apport into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.27 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Focal)
   Status: Confirmed => Fix Committed

** Tags added: verification-needed verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1947800

Title:
  /usr/share/apport/whoopsie-upload-
  all:zlib.error:/usr/share/apport/whoopsie-upload-
  
all@196:collect_info:process_report:add_gdb_info:gdb_command:write:read:readinto:read

Status in Apport:
  Fix Released
Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  Fix Committed
Status in apport source package in Impish:
  Won't Fix
Status in apport source package in Jammy:
  Fix Released

Bug description:
  [ Impact ]

  The Ubuntu Error Tracker has been receiving reports about a problem regarding 
apport.  This problem was most recently seen with package version 
2.20.11-0ubuntu70, the problem page at 
https://errors.ubuntu.com/problem/7120f8aebdf09e9dca39196d035eec234071e800 
contains more details, including versions of packages affected, stacktrace or 
traceback, and individual crash reports.
  If you do not have access to the Ubuntu Error Tracker and are a software 
developer, you can request it at http://forms.canonical.com/reports/.

  Traceback (most recent call last):
    File "/usr/share/apport/whoopsie-upload-all", line 196, in 
  stamps = collect_info()
    File "/usr/share/apport/whoopsie-upload-all", line 146, in collect_info
  res = process_report(r)
    File "/usr/share/apport/whoopsie-upload-all", line 103, in process_report
  r.add_gdb_info()
    File "/usr/lib/python3/dist-packages/apport/report.py", line 786, in 
add_gdb_info
  gdb_cmd, environ = self.gdb_command(rootdir, gdb_sandbox)
    File "/usr/lib/python3/dist-packages/apport/report.py", line 1706, in 
gdb_command
  self['CoreDump'].write(f)
    File "/usr/lib/python3/dist-packages/problem_report.py", line 75, in write
  block = gz.read(1048576)
    File "/usr/lib/python3.9/gzip.py", line 300, in read
  return self._buffer.read(size)
    File "/usr/lib/python3.9/_compression.py", line 68, in readinto
  data = self.read(len(byte_view))
    File "/usr/lib/python3.9/gzip.py", line 495, in read
  uncompress = self._decompressor.decompress(buf, size)
  zlib.error: Error -3 while decompressing data: invalid code lengths set

  Report for 20.04 (focal):
  https://errors.ubuntu.com/problem/fff3109d511a7db05ec5526679b8d8608a143932

  [ Test plan ]

  Check that the fixed version does not appear on
  https://errors.ubuntu.com/problem/fff3109d511a7db05ec5526679b8d8608a143932

  [Where problems could occur]

  Worst case - in any part of the bug reporting/collection procedure,
  since that is what's changing.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1947800/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1967965] Re: apport-kde: "Other problem" and "Display" options are swapped

Hello Leonora, or anyone else affected,

Accepted apport into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.27 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Focal)
   Status: Confirmed => Fix Committed

** Tags removed: verification-done
** Tags added: verification-needed verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1967965

Title:
  apport-kde: "Other problem" and "Display" options are swapped

Status in Apport:
  Fix Released
Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  Fix Committed
Status in apport source package in Jammy:
  Fix Released

Bug description:
  [ Impact ]

  Due to this bug, users on KDE have hard times to report generic
  problems against Ubuntu.

  [ Testcase ]

  1. Run: /usr/share/apport/apport-kde -f
  2. Select "Display (X.org)" and click OK
  3. Then a window asking "What display problem do you observe?" should be 
presented.

  [ Where problems could occur ]

  Since this fix enables users to properly report generic problems, it
  can reveal bugs in the later stage.

  [ Other Info ]

  Since this fix touched the KDE part, the SRU will also enable the KDE
  UI tests again and repair them to make them run.

  [ Original report ]

  When attempting to report
  https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1967963 I was
  unable to use `ubuntu-bug firefox`, so I just ran `ubuntu-bug`.
  However doing so gave me a menu with unrelated option (as expected)
  and an "Other problem..." option. I assumed this was for generic other
  bugs, as I think is reasonable; however, it brings me to a menu that
  only makes sense for display-related bugs. I think this text should be
  changed to note that; perhaps "Other display problem...".

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: apport 2.20.11-0ubuntu80
  ProcVersionSignature: Ubuntu 5.15.0-23.23-generic 5.15.27
  Uname: Linux 5.15.0-23-generic x86_64
  ApportVersion: 2.20.11-0ubuntu80
  Architecture: amd64
  CasperMD5CheckResult: pass
  CrashReports:
   640:1000:124:13488049:2022-03-30 13:20:08.905176436 -0500:2022-03-30 
13:20:07.977480154 -0500:/var/crash/_usr_bin_telegram-desktop.1000.crash
   640:0:124:755694:2022-03-30 13:17:26.598466630 -0500:2022-03-30 
13:17:26.258453989 -0500:/var/crash/_usr_libexec_udisks2_udisksd.0.crash
  CurrentDesktop: KDE
  Date: Tue Apr  5 19:58:56 2022
  InstallationDate: Installed on 2022-03-30 (6 days ago)
  InstallationMedia: Kubuntu 22.04 LTS "Jammy Jellyfish" - Beta amd64 
(20220329.1)
  PackageArchitecture: all
  ProcEnviron:
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/usr/bin/zsh
  SourcePackage: apport
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1967965/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992172] Re: test_run_crash_kernel fails on ppc64el

Hello Benjamin, or anyone else affected,

Accepted apport into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.27 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Focal)
   Status: New => Fix Committed

** Tags removed: verification-done
** Tags added: verification-needed verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1992172

Title:
  test_run_crash_kernel fails on ppc64el

Status in Apport:
  Fix Released
Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Bionic:
  New
Status in apport source package in Focal:
  Fix Committed
Status in apport source package in Jammy:
  Fix Released

Bug description:
  [Impact]

  The autopkgtest for apport 2.23.1-0ubuntu1 fails on ppc64el:

  ```
  ==
  FAIL: test_run_crash_kernel (tests.integration.test_ui.T)
  run_crash() for a kernel error
  --
  Traceback (most recent call last):
    File "/usr/lib/python3.10/unittest/mock.py", line 1369, in patched
  return func(*newargs, **newkeywargs)
    File 
"/tmp/autopkgtest.W5WLIN/autopkgtest_tmp/tests/integration/test_ui.py", line 
1617, in test_run_crash_kernel
  self.assertEqual(
  AssertionError: 'http://linux.bugs.example.com/5' != 
'http://linux-signed.bugs.example.com/5'
  - http://linux.bugs.example.com/5
  + http://linux-signed.bugs.example.com/5
  ? +++

  --
  ```

  Full log: https://autopkgtest.ubuntu.com/results/autopkgtest-
  kinetic/kinetic/ppc64el/a/apport/20221007_113450_023d9@/log.gz

  [Test Plan]

  Check that the autopkgtest succeed all architectures (except for
  i386).

  [Where problems could occur]

  The test cases are only part of the apport source package and are not
  copied in any binary packages. Changes to the test will only affect
  the package build and test execution.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1992172/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1964828] Re: /usr/share/apport/general-hooks/ubuntu.py crashed: KeyError: 'CasperMD5json'

Hello Bruce, or anyone else affected,

Accepted apport into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.27 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Focal)
   Status: New => Fix Committed

** Tags removed: verification-done
** Tags added: verification-needed verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1964828

Title:
  /usr/share/apport/general-hooks/ubuntu.py crashed: KeyError:
  'CasperMD5json'

Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  Fix Committed
Status in apport source package in Jammy:
  Fix Released

Bug description:
  [Impact]

  If the user reports a bug and rejects to enter the root password for
  collecting information (like the CasperMD5json), the Ubuntu add_info
  hook will fail with a stack trace. The remaining code for collecting
  more information is not executed. So the resulting bug reports will be
  less helpful. The check_for_disk_error call is not reached and
  therefore skipped.

  [Test Plan]

  1. Install Ubuntu (e.g. from ubuntu-22.04-desktop-amd64.iso)
  2. Open a terminal
  3. Run: ubuntu-bug -f
  4. Select "installer" and click on OK
  5. Click on "abort" when ask for the password
  6. The terminal should not show a stacktrace

  [Where problems could occur]

  The changed code is the Ubuntu add_info hook. So this hook could fail
  due to a regression or reveal bugs in the later code path. The later
  code path could cause more more load on the users machine (but only
  when the user wants to report the issue). Apport will catch failing
  add_info hooks and store the failure in the report.

  [Orinial report]

  ERROR: hook /usr/share/apport/general-hooks/ubuntu.py crashed:
  Traceback (most recent call last):
    File "/usr/lib/python3/dist-packages/apport/report.py", line 228, in 
_run_hook
  symb['add_info'](report, ui)
    File "/usr/share/apport/general-hooks/ubuntu.py", line 81, in add_info
  apport.hookutils.attach_casper_md5check(report,
    File "/usr/lib/python3/dist-packages/apport/hookutils.py", line 1016, in 
attach_casper_md5check
  check = json.loads(report['CasperMD5json'])
    File "/usr/lib/python3.10/collections/__init__.py", line 1102, in 
__getitem__
  raise KeyError(key)
  KeyError: 'CasperMD5json'
  kubuntu@kubuntu:~$ Gtk-Message: 21:22:43.923: Failed to load module 
"colorreload-gtk-module"
  ATTENTION: default value of option mesa_glthread overridden by environment.
  ATTENTION: default value of option mesa_glthread overridden by environment.
  ATTENTION: default value of option mesa_glthread overridden by environment.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: ubiquity 22.04.7
  ProcVersionSignature: Ubuntu 5.15.0-22.22-generic 5.15.19
  Uname: Linux 5.15.0-22-generic x86_64
  ApportVersion: 2.20.11-0ubuntu79
  Architecture: amd64
  CasperVersion: 1.467
  CurrentDesktop: KDE
  Date: Mon Mar 14 21:22:23 2022
  InstallCmdLine: BOOT_IMAGE=/casper/vmlinuz file=/cdrom/preseed/kubuntu.seed 
maybe-ubiquity quiet splash ---
  LiveMediaBuild: Kubuntu 22.04 LTS "Jammy Jellyfish" - Alpha amd64 (20220314)
  SourcePackage: ubiquity
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1964828/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1780767] Re: Some GTK UI tests are flaky due to timeout

Hello Didier, or anyone else affected,

Accepted apport into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.5 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Jammy)
   Status: New => Fix Committed

** Tags removed: verification-done
** Tags added: verification-needed verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1780767

Title:
  Some GTK UI tests are flaky due to timeout

Status in Apport:
  Fix Released
Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Bionic:
  Fix Released
Status in apport source package in Focal:
  New
Status in apport source package in Jammy:
  Fix Committed

Bug description:
  [Impact]

  The autopkgtests are sometimes passing, sometimes stuck for more than 2h:
  http://autopkgtest.ubuntu.com/packages/apport/cosmic/amd64.
  It's blocking randomly on different tests.

  All tests that are stucked, implements closing a request via a timeout
  (and then, executing "run"). The bet is that the timeout is short
  enough (1s) so that, when autopkgtests infra is busy, time to execute
  the bash subcommand is taking more than a second, and so "dismissing"
  is ran before execution happens and the whole testsuite hangs.

  There are few instances of setting this timeout function:
  $ grep eout_add_sec test/*
  test/test_ui_gtk.py:GLib.timeout_add_seconds(1, cont)
  test/test_ui_gtk.py:GLib.timeout_add_seconds(1, cont)
  test/test_ui_gtk.py:GLib.timeout_add_seconds(1, cont)
  test/test_ui_gtk.py:GLib.timeout_add_seconds(1, c)
  test/test_ui_gtk.py:GLib.timeout_add_seconds(1, c)

  Short term solution could be to increase the timeout. Long term would
  be to eliminate this potential race implementing cancelling
  differently. The short term workaround to increase the timeout
  increases the test execution time by five minutes.

  [Test Plan]

  Check that the autopkgtest succeed on all architectures (except for
  i386).

  [Where problems could occur]

  The test cases are only part of the apport source package and are not
  copied in any binary packages. Changes to the test will only affect
  the package build and test execution.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1780767/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1973470] Re: Ubuntu-bug command can't find Firefox on Lubuntu Kinetic

Hello Aaron, or anyone else affected,

Accepted apport into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.5 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Jammy)
   Status: New => Fix Committed

** Tags added: verification-needed verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1973470

Title:
  Ubuntu-bug command can't find Firefox on Lubuntu Kinetic

Status in Apport:
  Fix Released
Status in apport package in Ubuntu:
  Fix Released
Status in xdg-utils package in Ubuntu:
  Invalid
Status in apport source package in Jammy:
  Fix Committed
Status in xdg-utils source package in Jammy:
  New

Bug description:
  Test hardware is an Elitebook 8570p, 16 GB RAM, 120 GB SSD.

  While reporting Bug #1973469, I discovered that ubuntu-bug was unable
  to open Firefox at the very end of the process. Sadly, I closed the
  terminal window that contained the initial error, but I was able to
  easily reproduce it reporting this bug. The full console output of
  "ubuntu-bug apport" on Lubuntu Kinetic is:

  
  *** Collecting problem information

  The collected information can be sent to the developers to improve the
  application. This might take a few minutes.
  ..

  *** Send problem report to the developers?

  After the problem report has been sent, please fill out the form in the
  automatically opened web browser.

  What would you like to do? Your options are:
S: Send report (5.1 KB)
V: View report
K: Keep report file for sending later or copying to somewhere else
I: Cancel and ignore future crashes of this program version
C: Cancel
  Please choose (S/V/K/I/C): s

  *** Uploading problem information

  The collected information is being sent to the bug tracking system.
  This might take a few minutes.
  94%

  *** To continue, you must visit the following URL:

  
https://bugs.launchpad.net/ubuntu/+source/apport/+filebug/d7ffa3e0-d46d-11ec-a167-40a8f03099c8?

  You can launch a browser now, or copy this URL into a browser on
  another computer.

  
  Choices:
1: Launch a browser now
C: Cancel
  Please choose (1/C): 1
  /usr/bin/xdg-open: 882: firefox: not found
  /usr/bin/xdg-open: 882: firefox: not found
  xdg-open: no method available for opening 
'https://bugs.launchpad.net/ubuntu/+source/apport/+filebug/d7ffa3e0-d46d-11ec-a167-40a8f03099c8?'

  I am unsure if this problem is in Apport or Lubuntu. ubuntu-bug works
  just fine for me on Ubuntu Kinetic, but not on Lubuntu. I suspect this
  is due to the Snap version of Firefox, but I don't know for sure.
  Since ubuntu-bug is what gave me the error, I'm filing this against
  Apport.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.10
  Package: apport 2.20.11-0ubuntu82
  ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30
  Uname: Linux 5.15.0-27-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.20.11-0ubuntu82
  Architecture: amd64
  CasperMD5CheckResult: pass
  CasperVersion: 1.470
  CurrentDesktop: LXQt
  Date: Sun May 15 11:41:07 2022
  LiveMediaBuild: Lubuntu 22.10 "Kinetic Kudu" - Alpha amd64 (20220514)
  PackageArchitecture: all
  SourcePackage: apport
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1973470/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1978301] Re: Broken contact URL in German translation

Hello Benjamin, or anyone else affected,

Accepted apport into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.5 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Jammy)
   Status: Incomplete => In Progress

** Changed in: apport (Ubuntu Jammy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1978301

Title:
  Broken contact URL in German translation

Status in Apport:
  Fix Released
Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Jammy:
  Fix Committed

Bug description:
  Impact
  --

  All German users (and all translations that use "%s." in their
  translation template) will get a broken URL link for bug reports
  against snaps (e.g. Firefox).

  Test Case
  -

  1. Execute following command: LANGUAGE=de ubuntu-bug firefox
  2. Click on the URL
  3. A browser window should open and not display a 404 page

  Regression Potential
  

  Since there was no test case for converting text to HTML before this
  fix, there might be some URLs that will become broken by this fix.

  Original Description
  

  "LANGUAGE=de ubuntu-bug firefox" end up in a dialog saying:

  firefox wird durch einen von mozilla veröffentlichten Snap
  bereitgestellt. Für Hilfe gehen Sie über
  https://support.mozilla.org/kb/file-bug-report-or-feature-request-
  mozilla.

  The dot at the end is included in the URL link. The dot makes the URL
  link broken. The regular expression in gtk/apport-gtk for http URLs
  should become smarter.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1978301/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2008952] Re: DNS failure while trying to fetch user-data

Tracked in Github Issues as https://github.com/canonical/cloud-
init/issues/4085

** Bug watch added: github.com/canonical/cloud-init/issues #4085
   https://github.com/canonical/cloud-init/issues/4085

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2008952

Title:
  DNS failure while trying to fetch user-data

Status in cloud-init:
  Fix Released
Status in netplan:
  Invalid
Status in subiquity:
  New
Status in livecd-rootfs package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  New

Bug description:
  In testing netboot + autoinstall of the new ubuntu desktop subiquity
  based installer for 23.04 I found cloud-init is failing to retrieve
  user-data because it can't resolved the hostname in the URL.  This
  same configuration does work for 22.04 based subiquity, so seems a
  regression.

  From the ipxe config:

  imgargs vmlinuz initrd=initrd \
   ip=dhcp \
   iso-url=http://cdimage.ubuntu.com/daily-live/pending/lunar-desktop-amd64.iso 
\
   fsck.mode=skip \
   layerfs-path=minimal.standard.live.squashfs \
   autoinstall \
   'ds=nocloud-net;s=http://boot.linuxgroove.com/ubuntu/23.04/' \

  That fails, but if we replace boot.linuxgroove.com with the IP it
  works.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/2008952/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2016439] Re: Regression finding system certificates

2023-05-12 Thread Sergio Durigan Junior

Verifying the bug for Lunar.

First, make sure we can reproduce the problem.  After following the
steps outlined in the Test Plan, we see:

# ./curl-test
curl_easy_perform() failed: SSL peer certificate or SSH remote key was not OK
# apt policy libcurl4-nss-dev
libcurl4-nss-dev:
  Installed: 7.88.1-8ubuntu1
  Candidate: 7.88.1-8ubuntu1
  Version table:
 *** 7.88.1-8ubuntu1 500
500 http://archive.ubuntu.com/ubuntu lunar/universe amd64 Packages
100 /var/lib/dpkg/status

Now, install libcurl4-nss-dev from -proposed and verify that the new
package fixes the issue:

# apt policy libcurl4-nss-dev
libcurl4-nss-dev:
  Installed: 7.88.1-8ubuntu2
  Candidate: 7.88.1-8ubuntu2
  Version table:
 *** 7.88.1-8ubuntu2 400
400 http://archive.ubuntu.com/ubuntu lunar-proposed/universe amd64 
Packages
100 /var/lib/dpkg/status
 7.88.1-8ubuntu1 500
500 http://archive.ubuntu.com/ubuntu lunar/universe amd64 Packages
# gcc curl-test.c -o curl-test -lcurl
# ./curl-test   
 
  
   
  
  
Example Domain

[Touch-packages] [Bug 2016439] Re: Regression finding system certificates

2023-05-12 Thread Sergio Durigan Junior

Thanks for the review and for accepting the SRU, Andreas.

The bug can be considered fixed in Mantic, although the change present
there is not exactly the same as the one I uploaded to Lunar (it still
uses $(DEB_HOST_ARCH) instead of $(DEB_TARGET_ARCH), and it
unnecessarily patches the load path for libnssckbi.so).

I'm a bit weary of introducing another delta to the package only to
address these minor details, so I will instead upload a small change to
the patch in Debian and later merge it into Mantic.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2016439

Title:
  Regression finding system certificates

Status in curl package in Ubuntu:
  Fix Released
Status in curl source package in Lunar:
  Fix Committed
Status in curl source package in Mantic:
  Fix Released
Status in curl package in Debian:
  Fix Released

Bug description:
  [ Impact ]

  Users of applications that link against libcurl's NSS flavour might
  experience issues when trying to contact HTTPS servers.  This can lead
  to scenarios where the application is unable to connect.

  [ Test Plan ]

  First, let's verify that the GNUTLS flavour of libcurl does the right
  thing:

  $ lxc launch ubuntu-daily:lunar curl-bug2016439
  $ lxc shell curl-bug2016439
  # apt update && apt install -y libcurl4-gnutls-dev gcc
  # cat > curl-test.c << __EOF__
  #include 
  #include 
   
  int main(void)
  {
CURL *curl;
CURLcode res;
   
curl = curl_easy_init();
if(curl) {
  curl_easy_setopt(curl, CURLOPT_URL, "https://example.com;);
  /* example.com is redirected, so we tell libcurl to follow redirection */
  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
   
  /* Perform the request, res will get the return code */
  res = curl_easy_perform(curl);
  /* Check for errors */
  if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
   
  /* always cleanup */
  curl_easy_cleanup(curl);
}
return 0;
  }
  __EOF__
  # gcc curl-test.c -o curl-test -lcurl
  # ./curl-test
 
 
  
   
  Example Domain
  ...
  #

  You should see the HTML dump of example.com.  Now, let's install the
  NSS flavour of libcurl and recompile the test program against it:

  # apt install -y libcurl4-nss-dev
  # gcc curl-test.c -o curl-test -lcurl
  # ./curl-test
  curl_easy_perform() failed: SSL peer certificate or SSH remote key was not OK

  As we can see, there was an error when validating the TLS certificate.

  [ Where problems could occur ]

  The adjustment needed to the downstream patch is pretty simple and has
  been tested extensively.  The original reporter mentioned that the
  issue did not happen before this patch was applied, so in the unlikely
  event of a regression the best route would be to revert the patch
  entirely.

  [ More Info ]

  This happens because of an error in one of our patches (authored by
  me) to teach libcurl where to properly find libnsspem.so and
  libnssckbi.so.  The problem is that libnsspem.so is installed under
  /usr/lib/$(DEB_HOST_ARCH)/nss/, while libnssckbi.so is installed under
  /usr/lib/$(DEB_HOST_ARCH)/, but I mistakenly pointed libcurl to look
  under the "/nss/" directory for both libraries.  As it turns out,
  libnssckbi.so is necessary in order to use the Mozilla's root
  certificate.

  [ Original Description ]

  [ Clone of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034359 ]

  Between 7.88.1-2 and 7.88.1-5, there was a change to where curl with
  nss looks for loadable libraries:

  curl (7.88.1-4) unstable; urgency=medium

    * d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch:
  Prepend "/nss/" before the library name.

  Before the change to the load path, curl could find
  /lib/x86_64-linux-gnu/libnssckbi.so but not
  /lib/x86_64-linux-gnu/nss/libnsspem.so, after the change it's the
  reverse.

  libnssckbi.so is enough to get a trust root (the mozilla certificate
  store is compiled inside that library), whereas libnsspem.so
  (1.0.8+1-1) isn't.
  This makes it impossible to connect to https servers by default for
  programs that use curl with NSS.

  Here is a way to test the regression:
  debbisect -v --cache=./cache \
     
--depends=libcurl4-nss-dev,git,pkg-config,libssl-dev,ca-certificates,cargo,nss-plugin-pem,p11-kit-modules,strace
  \
    20230306T145638Z 20230306T203828Z \
  'chroot "$1" bash -exuc "
  git clone --depth 1 https://github.com/alexcrichton/curl-rust.git
  cd curl-rust
  time cargo fetch
  time cargo build --offline --example https
  strace -efile target/debug/examples/https >/dev/null
  "'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/curl/+bug/2016439/+subscriptions


-- 
Mailing list:

[Touch-packages] [Bug 2011458] Re: ssh fails to rebind when it is killed with -HUP

** Changed in: openssh (Ubuntu)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2011458

Title:
  ssh fails to rebind when it is killed with -HUP

Status in openssh package in Ubuntu:
  Fix Committed
Status in openssh source package in Kinetic:
  Fix Committed
Status in openssh source package in Lunar:
  Fix Committed

Bug description:
  [Impact]

  The sshd re-execution logic is generally broken with systemd socket 
activation, which means that (1) sshd fails when it is told to re-exec
  via SIGHUP (e.g. systemctl reload ssh), and (2) sshd fails when started in 
debug mode.

  [Test Case]

  (1) Test systemctl reload ssh:

  * On a machine with openssh-server installed, make a connection to
  localhost to activate ssh.service (the connection does not need to be
  complete, so you can just say "no" at the host key verification
  stage):

  $ ssh localhost
  [...]

  * Send SIGHUP to sshd by calling systemctl reload ssh:

  $ systemctl reload ssh

  * Check the service state:

  $ systemctl status ssh
  × ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; disabled; preset: 
enabled)
  Drop-In: /etc/systemd/system/ssh.service.d
   └─00-socket.conf
   Active: failed (Result: exit-code) since Mon 2023-04-17 20:43:27 UTC; 4s 
ago
 Duration: 2min 44.132s
  TriggeredBy: ● ssh.socket
 Docs: man:sshd(8)
   man:sshd_config(5)
  Process: 1112 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, 
status=255/EXCEPTION)
  Process: 1152 ExecReload=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
  Process: 1153 ExecReload=/bin/kill -HUP $MAINPID (code=exited, 
status=0/SUCCESS)
 Main PID: 1112 (code=exited, status=255/EXCEPTION)
  CPU: 79ms

  Apr 17 20:40:43 lunar systemd[1]: Started ssh.service - OpenBSD Secure Shell 
server.
  Apr 17 20:41:06 lunar sshd[1113]: Connection closed by 127.0.0.1 port 54666 
[preauth]
  Apr 17 20:43:27 lunar systemd[1]: Reloading ssh.service - OpenBSD Secure 
Shell server...
  Apr 17 20:43:27 lunar sshd[1112]: Received SIGHUP; restarting.
  Apr 17 20:43:27 lunar systemd[1]: Reloaded ssh.service - OpenBSD Secure Shell 
server.
  Apr 17 20:43:27 lunar sshd[1112]: error: Bind to port 22 on 0.0.0.0 failed: 
Address already in use.
  Apr 17 20:43:27 lunar sshd[1112]: error: Bind to port 22 on :: failed: 
Address already in use.
  Apr 17 20:43:27 lunar sshd[1112]: fatal: Cannot bind any address.
  Apr 17 20:43:27 lunar systemd[1]: ssh.service: Main process exited, 
code=exited, status=255/EXCEPTION
  Apr 17 20:43:27 lunar systemd[1]: ssh.service: Failed with result 'exit-code'.

  * On an affected machine, the service will fail as shown above.

  (2) Test debug mode:

  * On a machine with openssh-server installed, edit /etc/default/ssh to
  configure debug mode for sshd:

  $ cat /etc/default/ssh 
  # Default settings for openssh-server. This file is sourced by /bin/sh from
  # /etc/init.d/ssh.

  # Options to pass to sshd
  SSHD_OPTS=-ddd

  * Attempt to make a connection to localhost:

  $ ssh localhost
  kex_exchange_identification: read: Connection reset by peer
  Connection reset by 127.0.0.1 port 22

  * On an affected machine, the attempt will fail as shown above, and
  the service will be in a failed state:

  $ systemctl status ssh
  × ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; disabled; preset: 
enabled)
  Drop-In: /etc/systemd/system/ssh.service.d
   └─00-socket.conf
   Active: failed (Result: exit-code) since Mon 2023-04-17 20:46:34 UTC; 
2min 27s ago
 Duration: 5ms
  TriggeredBy: ● ssh.socket
 Docs: man:sshd(8)
   man:sshd_config(5)
  Process: 1166 ExecStartPre=/usr/sbin/sshd -t (code=exited, 
status=0/SUCCESS)
  Process: 1167 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, 
status=255/EXCEPTION)
 Main PID: 1167 (code=exited, status=255/EXCEPTION)
  CPU: 40ms

  Apr 17 20:46:34 lunar sshd[1167]: Server listening on :: port 22.
  Apr 17 20:46:34 lunar sshd[1167]: debug3: fd 4 is not O_NONBLOCK
  Apr 17 20:46:34 lunar sshd[1167]: debug1: Server will not fork when running 
in debugging mode.
  Apr 17 20:46:34 lunar sshd[1167]: debug3: send_rexec_state: entering fd = 7 
config len 3456
  Apr 17 20:46:34 lunar sshd[1167]: debug3: ssh_msg_send: type 0
  Apr 17 20:46:34 lunar sshd[1167]: debug3: send_rexec_state: done
  Apr 17 20:46:34 lunar sshd[1167]: debug1: rexec start in 4 out 4 newsock 4 
pipe -1 sock 7
  Apr 17 20:46:34 lunar systemd[1]: Started ssh.service - OpenBSD Secure Shell 
server.
  Apr 17 20:46:34 lunar systemd[1]: ssh.service: Main process exited, 
code=exited, status=255/EXCEPTION
  Apr 17 20:46:34 lunar systemd[1]: ssh.service: Failed with result 'exit-code'.

  [Where

[Touch-packages] [Bug 1718227] Re: replacement of ifupdown with netplan needs integration for /etc/network/if{up, down}.d scripts

2023-05-12 Thread Launchpad Bug Tracker

** Merge proposal linked:
   
https://code.launchpad.net/~sergiodj/ubuntu/+source/clamav/+git/clamav/+merge/442791

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to resolvconf in Ubuntu.
https://bugs.launchpad.net/bugs/1718227

Title:
  replacement of ifupdown with netplan needs integration for
  /etc/network/if{up,down}.d scripts

Status in aiccu package in Ubuntu:
  Invalid
Status in aoetools package in Ubuntu:
  New
Status in avahi package in Ubuntu:
  New
Status in bind9 package in Ubuntu:
  Invalid
Status in chrony package in Ubuntu:
  Fix Released
Status in clamav package in Ubuntu:
  Triaged
Status in controlaula package in Ubuntu:
  Invalid
Status in ethtool package in Ubuntu:
  Triaged
Status in guidedog package in Ubuntu:
  New
Status in htpdate package in Ubuntu:
  New
Status in ifenslave package in Ubuntu:
  Won't Fix
Status in ifmetric package in Ubuntu:
  Won't Fix
Status in ifupdown-multi package in Ubuntu:
  New
Status in ifupdown-scripts-zg2 package in Ubuntu:
  Invalid
Status in isatapd package in Ubuntu:
  New
Status in lprng package in Ubuntu:
  New
Status in miredo package in Ubuntu:
  New
Status in mythtv package in Ubuntu:
  New
Status in netplan.io package in Ubuntu:
  New
Status in nplan package in Ubuntu:
  Invalid
Status in nss-pam-ldapd package in Ubuntu:
  Fix Released
Status in ntp package in Ubuntu:
  Won't Fix
Status in openntpd package in Ubuntu:
  New
Status in openresolv package in Ubuntu:
  Won't Fix
Status in openssh package in Ubuntu:
  Fix Released
Status in openvpn package in Ubuntu:
  Confirmed
Status in openvswitch package in Ubuntu:
  Triaged
Status in postfix package in Ubuntu:
  Fix Released
Status in quicktun package in Ubuntu:
  New
Status in resolvconf package in Ubuntu:
  New
Status in sendmail package in Ubuntu:
  New
Status in shorewall-init package in Ubuntu:
  New
Status in sidedoor package in Ubuntu:
  New
Status in slrn package in Ubuntu:
  New
Status in tinc package in Ubuntu:
  New
Status in ubuntu-fan package in Ubuntu:
  Fix Released
Status in ucarp package in Ubuntu:
  New
Status in uml-utilities package in Ubuntu:
  New
Status in uruk package in Ubuntu:
  New
Status in vlan package in Ubuntu:
  Won't Fix
Status in vzctl package in Ubuntu:
  Triaged
Status in wide-dhcpv6 package in Ubuntu:
  New
Status in wpa package in Ubuntu:
  New

Bug description:
  when network is configured with ifupdown, scripts in
  /etc/network/ifup.d/ were called on network being brought up and
  /etc/network/ifdown.d were called on network being brought down.

  Any packages that shipped these hooks need to be verified to have the
  same functionality under a netplan configured system.

  # binpkgs=$(apt-file search /etc/network/if-up | sed 's,: .*,,' | sort -u)
  # for i in $binpkgs; do
src=$(apt-cache show $i | awk '$1 == "Source:" { print $2; exit(0); }');
[ -z "$src" ] && src="$i"; echo $src; done | sort -u

  aiccu
  aoetools
  avahi
  bind9
  chrony
  clamav
  controlaula
  epoptes
  ethtool
  guidedog
  htpdate
  ifenslave
  ifmetric
  ifupdown-extra
  ifupdown-multi
  ifupdown-scripts-zg2
  isatapd
  lprng
  miredo
  mythtv-backend
  nss-pam-ldapd
  ntp
  openntpd
  openresolv
  openssh
  openvpn
  postfix
  quicktun
  resolvconf
  sendmail
  shorewall-init
  sidedoor
  slrn
  tinc
  ubuntu-fan
  ucarp
  uml-utilities
  uruk
  vlan
  vzctl
  wide-dhcpv6
  wpa

  
  Related bugs:
   * bug 1718227: replacement of ifupdown with netplan needs integration for 
/etc/network/if{up,down}.d scripts 
   * bug 1713803: replacement of resolvconf with systemd needs integration 
   * bug 1717983: replacement of isc-dhcp-client with with systemd-networkd for 
dhclient needs integration

  
  ProblemType: Bug
  DistroRelease: Ubuntu 17.10
  Package: netplan (not installed)
  ProcVersionSignature: Ubuntu 4.12.0-11.12-generic 4.12.5
  Uname: Linux 4.12.0-11-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl zcommon znvpair
  ApportVersion: 2.20.7-0ubuntu1
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Tue Sep 19 10:53:08 2017
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2015-07-23 (789 days ago)
  InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20150722.1)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: plan
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/aiccu/+bug/1718227/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 618838] Re: Apple Magic Trackpad requires PIN to pair, fails manual pairing

2023-05-12 Thread ALEKSEY SCHERBAKOV

My Apple Magic Trackpad keeps losing connection. I use: Ubuntu 23.04, blueman,
usb-dongl Bluetooth v5, Apple Magic Trackpad. I entered the pairing code
"". The trackpad goes off very often. It periodically disconnects, freezes
for ten seconds, and then reconnects. Also, if you change the pointer
acceleration settings for the trackpad using the "dconf editor" program, then
these settings are reset and you have to re-enable them. This is suffering(
It's not at all clear how to fix this. Internet advice doesn't help at all.

--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bluez in Ubuntu.
https://bugs.launchpad.net/bugs/618838

Title:
Apple Magic Trackpad requires PIN to pair, fails manual pairing

Status in bluez package in Ubuntu:
Invalid

Bug description:
Binary package hint: bluez

The Apple Magic Trackpad requires a PIN to pair upon first activation.
Such PIN is '' which can be entered on a regular keyboard. Once
connected, it also requires granting authorization to connect again.
See the two attachments for such dialogs.

When trying to setup this device manually (after moving it from
another system, for example), by default Ubuntu will propose a random
6-number PIN, which can't be entered on the trackpad, which then means
pairing fails.

This trackpad should connect automatically, although I don't
personally know enough about bluetooth to suggest how this should
happen.

I have documented a workaround to pair this device here:
https://wiki.ubuntu.com/Multitouch/AppleMagicTrackpad

Once paired the device does not need pairing each time the system is
used / restarted, it will remember it.

ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: bluetooth (not installed)
ProcVersionSignature: Ubuntu 2.6.35-15.21-generic 2.6.35.1
Uname: Linux 2.6.35-15-generic i686
Architecture: i386
Date: Mon Aug 16 15:24:53 2010
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Alpha i386 (20100812)
InterestingModules: rfcomm sco bnep l2cap btusb bluetooth
MachineType: Acer Aspire R1600
ProcCmdLine: BOOT_IMAGE=/boot/vmlinuz-2.6.35-15-generic
root=UUID=30841bc6-7bfc-4ffb-8b7c-60772f799265 ro nosplash
ProcEnviron:
LANG=en_US.utf8
SHELL=/bin/bash
SourcePackage: bluez
dmi.bios.date: 06/17/2009
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: P01-A1
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: FMCP7A-ION
dmi.board.vendor: Acer
dmi.chassis.type: 3
dmi.chassis.vendor: Acer
dmi.modalias:
dmi:bvnAmericanMegatrendsInc.:bvrP01-A1:bd06/17/2009:svnAcer:pnAspireR1600:pvr:rvnAcer:rnFMCP7A-ION:rvr:cvnAcer:ct3:cvr:
dmi.product.name: Aspire R1600
dmi.sys.vendor: Acer
hciconfig:
hci0:Type: BR/EDR Bus: USB
BD Address: 00:0F:3D:3D:7C:5C ACL MTU: 192:8 SCO MTU: 64:8
UP RUNNING PSCAN
RX bytes:7619 acl:369 sco:0 events:124 errors:0
TX bytes:551 acl:12 sco:0 commands:50 errors:0
rfkill:
0: hci0: Bluetooth
Soft blocked: no
Hard blocked: no

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/618838/+subscriptions

--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1489207] Re: /usr/share/doc/openssl/changelog.gz is a broken symlink

*** This bug is a duplicate of bug 1297025 ***
https://bugs.launchpad.net/bugs/1297025

** This bug has been marked a duplicate of bug 1297025
   Either the changelog.gz is missing or there is an erroneous link in the 
libssl1.0.0 package

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1489207

Title:
  /usr/share/doc/openssl/changelog.gz is a broken symlink

Status in openssl package in Ubuntu:
  Confirmed

Bug description:
  $ zcat /usr/share/doc/openssl/changelog.gz
  gzip: /usr/share/doc/openssl/changelog.gz: No such file or directory
  $ ls -l /usr/share/doc/openssl/changelog.gz
  lrwxrwxrwx 1 root root 27 Jul  9 10:06 /usr/share/doc/openssl/changelog.gz -> 
../libssl1.0.0/changelog.gz
  $ ls -l /usr/share/doc/libssl1.0.0/changelog.gz
  ls: cannot access /usr/share/doc/libssl1.0.0/changelog.gz: No such file or 
directory
  $ dpkg -l openssl libssl1.0.0
  Desired=Unknown/Install/Remove/Purge/Hold
  | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
  |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
  ||/ Name Version ArchitectureDescription
  
+++--===-===-=
  ii  libssl1.0.0:amd641.0.2d-0ubuntu1 amd64   Secure Sockets Layer 
toolkit - shared librari
  ii  openssl  1.0.2d-0ubuntu1 amd64   Secure Sockets Layer 
toolkit - cryptographic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1489207/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1297025] Re: Either the changelog.gz is missing or there is an erroneous link in the libssl1.0.0 package

I'm going to mark #1489207 as a duplicate of this bug because they're
very close to each other and possibly actually completely related. I'm
copying below the details from that bug:


$ zcat /usr/share/doc/openssl/changelog.gz
gzip: /usr/share/doc/openssl/changelog.gz: No such file or directory
$ ls -l /usr/share/doc/openssl/changelog.gz
lrwxrwxrwx 1 root root 27 Jul 9 10:06 /usr/share/doc/openssl/changelog.gz -> 
../libssl1.0.0/changelog.gz
$ ls -l /usr/share/doc/libssl1.0.0/changelog.gz
ls: cannot access /usr/share/doc/libssl1.0.0/changelog.gz: No such file or 
directory

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1297025

Title:
  Either the changelog.gz is missing or there is an erroneous link in
  the libssl1.0.0 package

Status in openssl package in Ubuntu:
  Confirmed

Bug description:
  In libssl-dev for both Precise and Saucy packages for libssl-dev, there is a 
broken link:
  # ls -l /usr/share/doc/libssl-dev/changelog.gz 
  lrwxrwxrwx 1 root root 27 Jan  8 12:48 /usr/share/doc/libssl-dev/changelog.gz 
-> ../libssl1.0.0/changelog.gz
  # ls -l /usr/share/doc/libssl1.0.0/changelog.gz 
  ls: cannot access /usr/share/doc/libssl1.0.0/changelog.gz: No such file or 
directory

  I have verified this in both releases while trying to debug a failing
  build of a 3rd party library that links against these.  Build works in
  Precise, fails in Saucy.  Was looking to see what changed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1297025/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1145305] Re: SSL_CTX_set_session_cache_mode man page gives incorrect signature

*** This bug is a duplicate of bug 1147526 ***
https://bugs.launchpad.net/bugs/1147526

I've copied this to #1147526 and I'm going to mark this one as duplicate
of it.

** This bug has been marked a duplicate of bug 1147526
   man page for SSL_CTX_set_info_callback gives incorrect signature

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1145305

Title:
  SSL_CTX_set_session_cache_mode man page gives incorrect signature

Status in openssl package in Ubuntu:
  New

Bug description:
  The man page for SSL_CTX_set_session_cache_mode gives its signature
  as:

  long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode);

  The correct signature is:

  long SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, long mode);

  The same goes for SSL_CTX_get_session_cache_mode, documented in the
  same manual page.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1145305/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1147526] Re: man page for SSL_CTX_set_info_callback gives incorrect signature

Copying this from 1297025 (from the same reporter):


The man page for SSL_CTX_set_session_cache_mode gives its signature as:

long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode);

The correct signature is:

long SSL_CTX_set_session_cache_mode(SSL_CTX *ctx, long mode);

The same goes for SSL_CTX_get_session_cache_mode, documented in the same
manual page.



Same bug in the SSL_CTX_add_extra_chain_cert manual page.


** Changed in: openssl (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1147526

Title:
  man page for SSL_CTX_set_info_callback gives incorrect signature

Status in openssl package in Ubuntu:
  Confirmed

Bug description:
  The man page give these signatures:

  void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
  void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();

  void SSL_set_info_callback(SSL *ssl, void (*callback)());
  void (*SSL_get_info_callback(const SSL *ssl))();

  but the correct signatures are actually:

  void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL 
*ssl,int type,int val));
  void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl,int 
type,int val);

  void SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl,int 
type,int val));
  void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl,int type,int 
val);

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1147526/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1551274] Re: creating SRP file crashes openssl

I've tried to reproduce the issue but it doesn't fail for me. I"ve also
looked at the code and it seems to now call OPENSSL_clear_free() which
is actually CRYPTO_clear_free() and the first thing this function does
is to check its first parameter is not NULL.

Considering all of the above, I'm going to mark this bug as Fix
Released.

** Changed in: openssl (Ubuntu)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1551274

Title:
  creating SRP file crashes openssl

Status in openssl package in Ubuntu:
  Fix Released

Bug description:
  the following, with "test", "test" as passwords, make openssl crash:

  touch passwd.srpv ;  openssl srp -srpvfile passwd.srpv -add user

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: openssl 1.0.2f-2ubuntu1
  ProcVersionSignature: Ubuntu 4.4.0-4.19-generic 4.4.1
  Uname: Linux 4.4.0-4-generic x86_64
  ApportVersion: 2.20-0ubuntu3
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Mon Feb 29 16:15:20 2016
  InstallationDate: Installed on 2015-12-02 (89 days ago)
  InstallationMedia: Ubuntu-GNOME 16.04 LTS "Xenial Xerus" - Alpha amd64 
(20151027)
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1551274/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1612711] Re: TLS negotiation fails

Going through this bug, I haven't noticed a full reproducer or even a
domain that is supposed to trigger the issue. I'll mark this bug as
Incomplete to reflect that.

** Changed in: openssl (Ubuntu)
   Status: Confirmed => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1612711

Title:
  TLS negotiation fails

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  This seems like a duplicate of #965371, however that is marked fixed,
  so I don't know.

  I'm running 16.04.1.  I'm setting up OpenLDAP with TLS.  I've followed
  the instructions at https://help.ubuntu.com/lts/serverguide/openldap-
  server.html#openldap-tls, and test with the command openssl s_client
  -connect my.server.com:389 -showcerts and I get the error:

  140668035487384:error:140790E5:SSL routines:ssl23_write:ssl handshake
  failure:s23_lib.c:177

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1612711/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1864689] Re: openssl in 20.04 can't connect to site that was fine in 19.10 and is fine in Chrome and Firefox

2023-05-12 Thread Jonathan Kamens

I mean, the bug is three years old and presumably by now the vast
majority of web sites have renewed their certificates and the new ones
are compatible with SECLEVEL=2 since all of the signing authorities
stopped issuing incompatible ones years ago, so it's kind of moot at
this point.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1864689

Title:
  openssl in 20.04 can't connect to site that was fine in 19.10 and is
  fine in Chrome and Firefox

Status in OpenSSL:
  Unknown
Status in openssl package in Ubuntu:
  Invalid

Bug description:
  openssl in Ubuntu 20.04 (focal) refuses to connect to a web site that
  openssl in Ubuntu 19.10 (eoan), Chrome, and Firefox are all happy to
  connect to.

  Reproduce with: `curl -v https://www.toodledo.com/'

  or: `openssl s_client -connect www.toodledo.com:443`

  or: `python3 -c 'import requests;
  requests.get("https://www.toodledo.com/;)'`

  or: `wget https://www.toodledo.com/`

  These worked in Ubuntu 19.10 and don't work in 20.04.

  I've tried all sorts of things to debug this further and I've just run
  into walls. I hope someone who understands more about this stuff will
  be able to figure it out.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: openssl 1.1.1d-2ubuntu3
  ProcVersionSignature: Ubuntu 5.4.0-14.17-generic 5.4.18
  Uname: Linux 5.4.0-14-generic x86_64
  ApportVersion: 2.20.11-0ubuntu18
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Feb 25 13:01:22 2020
  InstallationDate: Installed on 2019-08-16 (192 days ago)
  InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
  SourcePackage: openssl
  UpgradeStatus: Upgraded to focal on 2020-01-31 (25 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1864689/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1591833] Re: [Featue] Upgrade Openssl for Intel QAT (quickassist-technology)

1.1.0 has long been released so I'll mark the whole bug as Fix Released
too.

** Changed in: openssl (Ubuntu)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1591833

Title:
  [Featue] Upgrade Openssl for Intel QAT (quickassist-technology)

Status in intel:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Released
Status in openssl package in Debian:
  Fix Released

Bug description:
  In order to support Intel QAT, please upgrade Openssl package from
  1.0.2 to 1.1.0

  HW: Purley-4s

  Upstream schedule:
     Openssl: 1.1.0

  Target release: 18.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/intel/+bug/1591833/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1997124] Re: Netplan/Systemd/Cloud-init/Dbus Race

Tracked in Github Issues as https://github.com/canonical/cloud-
init/issues/4044

** Bug watch added: github.com/canonical/cloud-init/issues #4044
   https://github.com/canonical/cloud-init/issues/4044

** Changed in: cloud-init
   Status: In Progress => Expired

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1997124

Title:
  Netplan/Systemd/Cloud-init/Dbus Race

Status in cloud-init:
  Expired
Status in netplan:
  Triaged
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  Cloud-init is seeing intermittent failures while running `netplan
  apply`, which appears to be caused by a missing resource at the time
  of call.

  The symptom in cloud-init logs looks like:

  Running ['netplan', 'apply'] resulted in stderr output: Failed to
  connect system bus: No such file or directory

  I think that this error[1] is likely caused by cloud-init running
  netplan apply too early in boot process (before dbus is active).

  Today I stumbled upon this error which was hit in MAAS[2]. We have
  also hit it intermittently during tests (we didn't have a reproducer).

  Realizing that this may not be a cloud-init error, but possibly a
  dependency bug between dbus/systemd we decided to file this bug for
  broader visibility to other projects.

  I will follow up this initial report with some comments from our
  discussion earlier.

  [1] https://github.com/canonical/netplan/blob/main/src/dbus.c#L801
  [2] 
https://discourse.maas.io/t/latest-ubuntu-20-04-image-causing-netplan-error/5970

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1997124/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2011458] Please test proposed package

Hello Sergio, or anyone else affected,

Accepted openssh into kinetic-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/openssh/1:9.0p1-1ubuntu7.2 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
kinetic to verification-done-kinetic. If it does not fix the bug for
you, please add a comment stating that, and change the tag to
verification-failed-kinetic. In either case, without details of your
testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2011458

Title:
  ssh fails to rebind when it is killed with -HUP

Status in openssh package in Ubuntu:
  In Progress
Status in openssh source package in Kinetic:
  Fix Committed
Status in openssh source package in Lunar:
  Fix Committed

Bug description:
  [Impact]

  The sshd re-execution logic is generally broken with systemd socket 
activation, which means that (1) sshd fails when it is told to re-exec
  via SIGHUP (e.g. systemctl reload ssh), and (2) sshd fails when started in 
debug mode.

  [Test Case]

  (1) Test systemctl reload ssh:

  * On a machine with openssh-server installed, make a connection to
  localhost to activate ssh.service (the connection does not need to be
  complete, so you can just say "no" at the host key verification
  stage):

  $ ssh localhost
  [...]

  * Send SIGHUP to sshd by calling systemctl reload ssh:

  $ systemctl reload ssh

  * Check the service state:

  $ systemctl status ssh
  × ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; disabled; preset: 
enabled)
  Drop-In: /etc/systemd/system/ssh.service.d
   └─00-socket.conf
   Active: failed (Result: exit-code) since Mon 2023-04-17 20:43:27 UTC; 4s 
ago
 Duration: 2min 44.132s
  TriggeredBy: ● ssh.socket
 Docs: man:sshd(8)
   man:sshd_config(5)
  Process: 1112 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, 
status=255/EXCEPTION)
  Process: 1152 ExecReload=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
  Process: 1153 ExecReload=/bin/kill -HUP $MAINPID (code=exited, 
status=0/SUCCESS)
 Main PID: 1112 (code=exited, status=255/EXCEPTION)
  CPU: 79ms

  Apr 17 20:40:43 lunar systemd[1]: Started ssh.service - OpenBSD Secure Shell 
server.
  Apr 17 20:41:06 lunar sshd[1113]: Connection closed by 127.0.0.1 port 54666 
[preauth]
  Apr 17 20:43:27 lunar systemd[1]: Reloading ssh.service - OpenBSD Secure 
Shell server...
  Apr 17 20:43:27 lunar sshd[1112]: Received SIGHUP; restarting.
  Apr 17 20:43:27 lunar systemd[1]: Reloaded ssh.service - OpenBSD Secure Shell 
server.
  Apr 17 20:43:27 lunar sshd[1112]: error: Bind to port 22 on 0.0.0.0 failed: 
Address already in use.
  Apr 17 20:43:27 lunar sshd[1112]: error: Bind to port 22 on :: failed: 
Address already in use.
  Apr 17 20:43:27 lunar sshd[1112]: fatal: Cannot bind any address.
  Apr 17 20:43:27 lunar systemd[1]: ssh.service: Main process exited, 
code=exited, status=255/EXCEPTION
  Apr 17 20:43:27 lunar systemd[1]: ssh.service: Failed with result 'exit-code'.

  * On an affected machine, the service will fail as shown above.

  (2) Test debug mode:

  * On a machine with openssh-server installed, edit /etc/default/ssh to
  configure debug mode for sshd:

  $ cat /etc/default/ssh 
  # Default settings for openssh-server. This file is sourced by /bin/sh from
  # /etc/init.d/ssh.

  # Options to pass to sshd
  SSHD_OPTS=-ddd

  * Attempt to make a connection to localhost:

  $ ssh localhost
  kex_exchange_identification: read: Connection reset by peer
  Connection reset by 127.0.0.1 port 22

  * On an affected machine, the attempt will fail as shown above, and
  the service will be in a failed state:

  $ systemctl status ssh
  × ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; disabled; preset: 
enabled)
  Drop-In: /etc/systemd/system/ssh.service.d
   └─00-socket.conf
   Active: failed (Result: exit-code) since Mon 2023-04-17 20:46:34 UTC; 
2min 27s ago

[Touch-packages] [Bug 2011458] Re: ssh fails to rebind when it is killed with -HUP

Hello Sergio, or anyone else affected,

Accepted openssh into lunar-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/openssh/1:9.0p1-1ubuntu8.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
lunar to verification-done-lunar. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-lunar. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: openssh (Ubuntu Lunar)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-lunar

** Changed in: openssh (Ubuntu Kinetic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-kinetic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2011458

Title:
  ssh fails to rebind when it is killed with -HUP

Status in openssh package in Ubuntu:
  In Progress
Status in openssh source package in Kinetic:
  Fix Committed
Status in openssh source package in Lunar:
  Fix Committed

Bug description:
  [Impact]

  The sshd re-execution logic is generally broken with systemd socket 
activation, which means that (1) sshd fails when it is told to re-exec
  via SIGHUP (e.g. systemctl reload ssh), and (2) sshd fails when started in 
debug mode.

  [Test Case]

  (1) Test systemctl reload ssh:

  * On a machine with openssh-server installed, make a connection to
  localhost to activate ssh.service (the connection does not need to be
  complete, so you can just say "no" at the host key verification
  stage):

  $ ssh localhost
  [...]

  * Send SIGHUP to sshd by calling systemctl reload ssh:

  $ systemctl reload ssh

  * Check the service state:

  $ systemctl status ssh
  × ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; disabled; preset: 
enabled)
  Drop-In: /etc/systemd/system/ssh.service.d
   └─00-socket.conf
   Active: failed (Result: exit-code) since Mon 2023-04-17 20:43:27 UTC; 4s 
ago
 Duration: 2min 44.132s
  TriggeredBy: ● ssh.socket
 Docs: man:sshd(8)
   man:sshd_config(5)
  Process: 1112 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, 
status=255/EXCEPTION)
  Process: 1152 ExecReload=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
  Process: 1153 ExecReload=/bin/kill -HUP $MAINPID (code=exited, 
status=0/SUCCESS)
 Main PID: 1112 (code=exited, status=255/EXCEPTION)
  CPU: 79ms

  Apr 17 20:40:43 lunar systemd[1]: Started ssh.service - OpenBSD Secure Shell 
server.
  Apr 17 20:41:06 lunar sshd[1113]: Connection closed by 127.0.0.1 port 54666 
[preauth]
  Apr 17 20:43:27 lunar systemd[1]: Reloading ssh.service - OpenBSD Secure 
Shell server...
  Apr 17 20:43:27 lunar sshd[1112]: Received SIGHUP; restarting.
  Apr 17 20:43:27 lunar systemd[1]: Reloaded ssh.service - OpenBSD Secure Shell 
server.
  Apr 17 20:43:27 lunar sshd[1112]: error: Bind to port 22 on 0.0.0.0 failed: 
Address already in use.
  Apr 17 20:43:27 lunar sshd[1112]: error: Bind to port 22 on :: failed: 
Address already in use.
  Apr 17 20:43:27 lunar sshd[1112]: fatal: Cannot bind any address.
  Apr 17 20:43:27 lunar systemd[1]: ssh.service: Main process exited, 
code=exited, status=255/EXCEPTION
  Apr 17 20:43:27 lunar systemd[1]: ssh.service: Failed with result 'exit-code'.

  * On an affected machine, the service will fail as shown above.

  (2) Test debug mode:

  * On a machine with openssh-server installed, edit /etc/default/ssh to
  configure debug mode for sshd:

  $ cat /etc/default/ssh 
  # Default settings for openssh-server. This file is sourced by /bin/sh from
  # /etc/init.d/ssh.

  # Options to pass to sshd
  SSHD_OPTS=-ddd

  * Attempt to make a connection to localhost:

  $ ssh localhost
  kex_exchange_identification: read: Connection reset by peer
  Connection reset by 127.0.0.1 port 22

  * On an affected machine, the attempt will fail as shown above, and
  the service will be in a failed state:

  $ systemctl status ssh
  × ssh.service - OpenBSD Secure Shell server

[Touch-packages] [Bug 1837526] Re: Restarting services puts puppet into restart-loop

*** This bug is a duplicate of bug 1971650 ***
https://bugs.launchpad.net/bugs/1971650

I'm marking this bug as a duplicate of #1971650 . The general goal is to
move to needrestart rather than continue using the current postinst
script.

** This bug has been marked a duplicate of bug 1971650
   wrong check for "server" in libssl3.postinst

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1837526

Title:
  Restarting services puts puppet into restart-loop

Status in openssl package in Ubuntu:
  New

Bug description:
  Puppet is a configuration and software management system that can be
  used e.g. for installing and upgrading debian packages, modifying
  configuration files, etc. Puppet will call apt-get/dpkg when needed to
  handle packages.

  When libssl1.1 is installed/upgraded and the installation process is
  controlled by Puppet, the automatic re-start of ssl-dependant services
  Puts puppet into a re-start loop:

 1. libssl1.1 's postinstall script re-starts puppet via systemd (systemctl 
restart puppet.service)
 2. systemd will terminate all processes associated with the Puppet service
 3. dpkg is among these processes since it's called by Puppet and inherits 
its cgroup-memberships.
 4. libssl1.1 's postinstall script will never succeed since it's killed by 
systemd
 5. puppet re-starts
 6. puppet runs "dpkg --configura -a" 
 7. libssl1.1 is unconfigured, the postinst script is run
 8. goto 1.

  Puppet should be removed from hardcoded list of services to be re-
  started in libssl1.1's postinst script. A patch to do so is attached.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1837526/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1864689] Re: openssl in 20.04 can't connect to site that was fine in 19.10 and is fine in Chrome and Firefox

Looking at the bug report opened upstream (
https://github.com/openssl/openssl/issues/11236 ), this is considered a
bug on the server side and I'm inclined to follow openssl upstream on
this.

Moreover, I've tried all the tests provided in this bug and all have
succeeded.

I'll mark the bug as Invalid.

** Changed in: openssl (Ubuntu)
   Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1864689

Title:
  openssl in 20.04 can't connect to site that was fine in 19.10 and is
  fine in Chrome and Firefox

Status in OpenSSL:
  Unknown
Status in openssl package in Ubuntu:
  Invalid

Bug description:
  openssl in Ubuntu 20.04 (focal) refuses to connect to a web site that
  openssl in Ubuntu 19.10 (eoan), Chrome, and Firefox are all happy to
  connect to.

  Reproduce with: `curl -v https://www.toodledo.com/'

  or: `openssl s_client -connect www.toodledo.com:443`

  or: `python3 -c 'import requests;
  requests.get("https://www.toodledo.com/;)'`

  or: `wget https://www.toodledo.com/`

  These worked in Ubuntu 19.10 and don't work in 20.04.

  I've tried all sorts of things to debug this further and I've just run
  into walls. I hope someone who understands more about this stuff will
  be able to figure it out.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: openssl 1.1.1d-2ubuntu3
  ProcVersionSignature: Ubuntu 5.4.0-14.17-generic 5.4.18
  Uname: Linux 5.4.0-14-generic x86_64
  ApportVersion: 2.20.11-0ubuntu18
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Feb 25 13:01:22 2020
  InstallationDate: Installed on 2019-08-16 (192 days ago)
  InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
  SourcePackage: openssl
  UpgradeStatus: Upgraded to focal on 2020-01-31 (25 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1864689/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1320094] Re: segfault from aes ccm encryption after RSA key generation and EVP_PKEY_assign_RSA()

Thanks for the report and for the reproducer. I haven't been able to
trigger a segfault despite numerous attempts. I'll therefore mark this
bug as Incomplete for now.

** Changed in: openssl (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1320094

Title:
  segfault from aes ccm encryption after RSA key generation and
  EVP_PKEY_assign_RSA()

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  1) lsb_release -rd
  Description:  Ubuntu 12.04.4 LTS
  Release:  12.04

  2) apt-cache policy libssl1.0.0
  libssl1.0.0:
Installed: 1.0.1-4ubuntu5.13
Candidate: 1.0.1-4ubuntu5.13
Version table:
   *** 1.0.1-4ubuntu5.13 0
  500 http://be.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 
Packages
  500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 
Packages
  100 /var/lib/dpkg/status
   1.0.1-4ubuntu3 0
  500 http://be.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages

  For the sourcecode that triggers the segfault see the attachement.

  3/4)

  I was testing aes ccm encryption when I stumbled over a segmentation fault.
  I was able to reproduce this error using code from the openssl demos  at 
openssl.org.

  I started with demos/evp/aesccm.c and added rsa key generation as used in 
'demos/tunala/cb.c' and convert this rsa key into an EVP_PKEY key as done in 
'demos/selfsign.c'. Then I added this rsa key generation function in front of 
the aes ccm encryption and decryption.
  Finally, a for loop repeatedly performs the keygeneration, aes ccm encryption 
and aes ccm decryption. This eventually results in a segmentation fault during 
aes ccm encryption (see gdb output below) on a x64 Ubuntu 12.04 with latest 
openssl version as provided by ubuntu package system (1.0.1-4ubuntu5.13).

  Note that the segfault only occurs if the rsa key is assigned to an EVP_PKEY. 
Otherwise, if only the RSA key is generated, the segfault does not occur.
  Furthermore, the segfault does not occur if I use the standard openssl 
libraries from openssl.org.

  When encountering this error in my own code I could observe that the error 
occurred more often on a machine that only runs the standard processes and is 
accessed remotely by ssh, compared to a local workstation with running 
webbrowser, development IDE, etc., where the error occurred rather seldom. 
Hence, I have the feeling that this could be related to too little
  randomness for the RNG, but I do not have any idea how to debug this.

  
  === gdb backtrace ===

  (gdb) run
  Starting program: /home/hiller/openssl_bug/aesccm
  AES CCM Encrypt:
  Plaintext:
   - c8 d2 75 f9 19 e1 7d 7f-e6 9c 2a 1f 58 93 9d fe   ..u...}...*.X...
  0010 - 4d 40 37 91 b5 df 13 10-  M@7.
  Ciphertext:
   - 8a 0f 3d 82 29 e4 8e 74-87 fd 95 a2 8a d3 92 c8   ..=.)..t
  0010 - 0b 36 81 d4 fb c7 bb fd-  .6..
  Tag:
   - 2d d6 ef 1c 45 d4 cc b7-23 dc 07 44 14 db 50 6d   -...E...#..D..Pm
  AES CCM Derypt:
  Ciphertext:
   - 8a 0f 3d 82 29 e4 8e 74-87 fd 95 a2 8a d3 92 c8   ..=.)..t
  0010 - 0b 36 81 d4 fb c7 bb fd-  .6..
  Plaintext:
   - c8 d2 75 f9 19 e1 7d 7f-e6 9c 2a 1f 58 93 9d fe   ..u...}...*.X...
  0010 - 4d 40 37 91 b5 df 13 10-  M@7.
  AES CCM Encrypt:
  [ the output above is repeated several times ]

  Program received signal SIGSEGV, Segmentation fault.
  0x0090 in ?? ()
  (gdb) backtrace
  #0  0x0090 in ?? ()
  #1  0x77a948d4 in CRYPTO_ccm128_encrypt_ccm64 (ctx=0x604fd0,
  inp=0x401240
  "\310\322u\371\031\341}\177\346\234*\037X\223\235\376M@7\221\265\337\023\020",

  out=0x7fffe0c0
  "\310\322u\371\031\341}\177\346\234*\037X\223\235\376M@7\221\265\337\023\020",
  len=24, stream=) at ccm128.c:354
  #2  0x77af1688 in aes_ccm_cipher (ctx=0x604e10,
  out=0x7fffe0c0
  "\310\322u\371\031\341}\177\346\234*\037X\223\235\376M@7\221\265\337\023\020",

  in=0x401240
  "\310\322u\371\031\341}\177\346\234*\037X\223\235\376M@7\221\265\337\023\020",
  len=24) at e_aes.c:1275
  #3  0x77aedaa2 in EVP_EncryptUpdate (ctx=0x604e10,
  out=0x7fffe0c0
  "\310\322u\371\031\341}\177\346\234*\037X\223\235\376M@7\221\265\337\023\020",
  outl=0x7fffe0bc,
  in=0x401240
  "\310\322u\371\031\341}\177\346\234*\037X\223\235\376M@7\221\265\337\023\020",
  inl=) at evp_enc.c:314
  #4  0x00400e37 in aes_ccm_encrypt () at aesccm.c:106
  #5  0x004010ce in main (argc=1, argv=0x7fffe5e8) at aesccm.c:161

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1320094/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net

[Touch-packages] [Bug 1915906] Re: Ensure SRP BN_mod_exp follows the constant time path

Hi. Openssl is a delicate component, used by many other packages. As a
consequence, it is only patched if there is a strong need. Looking at
the pull request you've linked to, this falls outside of the openssl
threat model since it is local only. I'm not sure Ubuntu has a stricter
threat model for openssl. I'm going to ask around but even if Ubuntu
does, it is probably an exploit that is difficult to pull off on a
component that is risky to touch. Overall I don't think it is likely
that focal receives a corresponding update.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1915906

Title:
  Ensure SRP BN_mod_exp follows the constant time path

Status in openssl package in Ubuntu:
  Confirmed

Bug description:
  Hello,

  I'd like to point out that there are two fixes missing from the
  upstream, is there any chance to get them incorporated?

  https://github.com/openssl/openssl/pull/13888
  https://github.com/openssl/openssl/pull/13889

  There was no CVE assigned, it was fixed between 1.1.1i and 1.1.1j.

  Best regards

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1915906/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1865558] Re: gdm-session-worker segmentation fault when checking online crl from smartcard authentication

AFAIU this issue requires a specific hardware, possibly with specific
configuration. Do you have a reproducer that others could use for this
issue?

** Changed in: openssl (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1865558

Title:
  gdm-session-worker segmentation fault when checking online crl from
  smartcard authentication

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  Error occurs after pin for the PIV card is entered into the GNOME login GUI.
  Error in /var/log/messages:
  gdm-session-wor[23783]: segfault at 0 ip 7f3e851589ab sp 7ffd2e747300 
error 6 in libcrypto.so.1.1[7f3e84f6a000+29b000]

  Remove "crl_online" from cert_policy in
  /etc/pam_pkcs11/pam_pkcs11.conf and there is no segmentation fault.

  openssl 1.1.1-1ubuntu2.1~18.04.5
  opensc 0.17.0-3
  libpam-pkcs11 0.6.9-2build2

  Using opensc pkcs11_module.
  Smartcard has a CRL URL set with FQDN and the prefix of the URL is http://.
  This did not exist in Ubuntu 16. This started in 18.04 (first release) and 
has existed in all minor versions of 18.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1865558/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1314215] Re: openssl not use via-padlock

In debian/changelog for openssl, there is the following entry:

openssl (1.0.1c-3) unstable; urgency=low

  * Disable padlock engine again, causes problems for hosts not supporting 
it.

 -- Kurt Roeckx   Wed, 06 Jun 2012 18:29:37 +0200

As such, I believe this bug can be made WONTFIX unless someone steps up
and shows good compatibility can be achieved.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1314215

Title:
  openssl not use via-padlock

Status in openssl package in Ubuntu:
  New

Bug description:
  uname -a
  Linux lubuntu 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 
x86_64 x86_64 x86_64 GNU/Linux

  apt-cache policy openssl
  openssl:
    Installé : 1.0.1f-1ubuntu2
    Candidat : 1.0.1f-1ubuntu2
   Table de version :
   *** 1.0.1f-1ubuntu2 0
  500 http://fr.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
  100 /var/lib/dpkg/status

  lsmod | grep padlock
  padlock_sha13557  0
  padlock_aes13052  0

  openssl engine padlock
  140420536166048:error:260B606D:engine routines:DYNAMIC_LOAD:init 
failed:eng_dyn.c:521:
  140420536166048:error:2606A074:engine routines:ENGINE_by_id:no such 
engine:eng_list.c:417:id=padlock

  openssl not use module via-padlock from my via nano x2

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: openssl 1.0.1f-1ubuntu2
  ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9
  Uname: Linux 3.13.0-24-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3
  Architecture: amd64
  CurrentDesktop: LXDE
  Date: Tue Apr 29 16:01:28 2014
  InstallationDate: Installed on 2014-04-27 (1 days ago)
  InstallationMedia: Lubuntu 14.04 LTS "Trusty Tahr" - Release amd64 
(20140416.2)
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)
  mtime.conffile..etc.ssl.openssl.cnf: 2014-04-29T16:01:17.149066

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1314215/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1152405] Re: The BIO_should_retry manual page misdocuments the behavior of the BIO_should_read

Looking at the current documentation, these functions are described the
following way:

BIO_should_read() is true if the cause of the condition is that the BIO
has insufficient data to return. Check for readability and/or retry the
last operation.

BIO_should_write() is true if the cause of the condition is that the BIO
has pending data to write. Check for writability and/or retry the
last operation.

As far as I can tell, the documentation has been fixed (and improved) so
I'll mark this bug as Fix Released.


** Changed in: openssl (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1152405

Title:
  The BIO_should_retry manual page misdocuments the behavior of the
  BIO_should_read

Status in openssl package in Ubuntu:
  Fix Released

Bug description:
  The BIO_should_retry manual page contains this text:

  BIO_should_write() is true if the cause of the condition is that a
  BIO needs to read data.

  Many of the OpenSSL APIs are confusing enough that I could believe
  this is really true, but the manual page also says:

  BIO_should_read() is true if the cause of the condition is that a
  BIO needs to read data.

  I doubt that both BIO_should_read and BIO_should_write mean the BIO
  needs to read data.  Probably BIO_should_write means the BIO needs to
  write data.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1152405/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2019435] Re: Default initramfs is missing qcom_geni_serial module

2023-05-12 Thread Dimitri John Ledkov

it does feel too many that it should be included by default, not sure
why the rest of the tty/serial drivers are not included, or how come
this one is not scoped under usb/hid, it is fairly small, and built on
arm64 only i think, thus it is useful to include by default - as at best
it is unlikely to impact initrd sizes much, and expanding support of
generic kernels on arm64 is very much in scope for Ubuntu.

** Project changed: initramfs-tools => initramfs-tools (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/2019435

Title:
  Default initramfs is missing qcom_geni_serial module

Status in initramfs-tools package in Ubuntu:
  New

Bug description:
  Running Ubuntu 22.04 with the HWE kernel (5.19.0-38-generic
  #39~22.04.1-Ubuntu) on a Qualcomm RB5 derived product -
  https://developer.qualcomm.com/qualcomm-robotics-rb5-kit

  The platform has a USB to serial port that can be used as the Linux
  console.  However, this requires the qcom_geni_serial driver to
  operate.  That driver is available as a built module already, but only
  on the rootfs.  It is not included in the initramfs by default.

  The problem with this is that the console is activated quite late in
  boot, which reduces it's usefulness in debugging kernel/boot issues.
  Also, when it finally does come up, the console cannot operate as a
  login interface (no login prompt is provided) because the interface is
  initialized after systemd is operational.

  I can manually add the module to the initramfs by adding
  "qcom_geni_serial" to /etc/initramfs-tools/modules and running update-
  initramfs, however this is quite inconvenient.  It requires me to
  remove the storage from the platform, and modify it on another system.

  Given that the default initramfs already contains a large number of
  serial drivers, it feels like qcom_geni_serial should be included by
  default which would give an optimal "out of the box" experience on a
  number of Qualcomm based platforms.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/2019435/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 972783] Re: Crashes with segmentation fault operating asn1_meth_table

I've tried to reproduce this crash but I'm not sure how to do it. The
various traces attached are informative but without a way to test and
experiment, it's difficult to tell the consequences apart from their
causes since there seems to be some memory corruption going on. I'm
going to mark this as Incomplete to reflect the need for a reproducer.

** Changed in: openssl (Ubuntu)
   Status: Confirmed => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/972783

Title:
  Crashes with segmentation fault operating asn1_meth_table

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  Trying to update Server Access Certificate with DigiDoc client for
  Estonian ID cards crashes implicating an OpenSSL problem.

  The problem has been there from OpenSSL 1.0.0, but does not happen
  using OpenSSL 0.9.8.

  Debugging with Valgrind gives variety of:

  Invalid free() / delete / delete[] / realloc()
  Invalid write of size n
  Invalid read of size n

  The context is:

  ==5779==at 0x402B06C: free (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
  ==5779==by 0x6A818C9: CRYPTO_free (mem.c:393)
  ==5779==by 0x6AEB82A: engine_free_util (eng_lib.c:136)
  ==5779==by 0x6AEC798: engine_unlocked_finish (eng_init.c:112)
  ==5779==by 0x6AED607: engine_table_register (eng_table.c:178)
  ==5779==by 0x6AEFC7A: ENGINE_set_default_pkey_asn1_meths (tb_asnmth.c:106)
  ==5779==by 0x6AEE3B7: ENGINE_set_default (eng_fat.c:96)

  I'm currently testing it on Ubuntu 12.04 beta 2 with

  * opensc 0.12.1-1ubuntu4
  * libssl1.0.0 1.0.1-2ubuntu4
  * qdigidoc 0.4.0-0ubuntu4

  The problem has been also tested on Oneiric and discussed in some
  length at: http://code.google.com/p/esteid/issues/detail?id=168

  I attach also some debug logs.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/972783/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1160435] Re: Unreadable or symlinked openssl.cnf breaks bind9

Marking as Fix Released since we've imported the fixed version from
Debian.

** Changed in: openssl (Ubuntu)
   Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1160435

Title:
  Unreadable or symlinked openssl.cnf breaks bind9

Status in openssl package in Ubuntu:
  Fix Released
Status in openssl package in Debian:
  Fix Released

Bug description:
  If /etc/ssl/openssl.cnf is unreadable by bind9 process, or is
  symlinked from another file (regardless of whether the target is
  readable by bind9 or not), bind9 will not start.

  This is apparently the same issue as what was discussed on the Debian side in 
2010:
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584911

  I have several custom openssl.cnf files, and recently decided to
  symlink the 'default' openssl.cnf to one of  them (the target is world
  readable).  On the next reboot bind would not start.  With a lot of
  digging, much like in the debian ticket I referred to above, I
  eventually clued in on the fact that somehow OpenSSL is involved even
  though it's not an advertised dependency.

  If this can't be corrected (i.e. so that bind would start regardless
  of whether openssl.cnf can be accessed), perhaps a more informative
  error message could be added.  A simple "cannot read openssl.cnf"
  would have saved me an hour of debug time.

  --

  Description:Ubuntu 12.04.2 LTS
  Release:12.04

  bind9:
Installed: 1:9.8.1.dfsg.P1-4ubuntu0.5
Candidate: 1:9.8.1.dfsg.P1-4ubuntu0.5
Version table:
   *** 1:9.8.1.dfsg.P1-4ubuntu0.5 0
  500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 
Packages
  500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 
Packages
  100 /var/lib/dpkg/status
   1:9.8.1.dfsg.P1-4 0
  500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1160435/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1441461] Re: openssl verify fails with "certificate signature failure"

I was able to reproduce your results but there aren't that many patches
being applied at the moment and that makes the failure surprising. I
didn't spot anything obvious in the certificates either but overall I
think this bug needs a reproducer which covers the generation of the
certificates because this is a very common worfklow and I'd be surprised
it was completely broken without many people noticing.

** Changed in: openssl (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1441461

Title:
  openssl verify fails with "certificate signature failure"

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  I have a intermediate certificate signed by my own CA, which works fine on 
other systems.
  but openssl (1.0.1f-1ubuntu2.11) installed with apt-get will always fails 
with "certificate signature failure"

  but openssl binary compiled myself with the same version of code
  (1.0.1f), works.

  so i wonder if this is a bug of openssl?

  certificate details and version info is at
  https://gist.github.com/bearice/e2dd5d4245472e1b3992

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1441461/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1420608] Re: s_client doesn't recognise XMPP STARTTLS messages with double quotes

I'm marking this bug as Fix Released for the openssl package too because
we've incorporated this already and I can't reproduce the issue (I used
conference.igniterealtime.org:5222 since the original testcase doesn't
resolve anymore).

** Changed in: openssl (Ubuntu)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1420608

Title:
  s_client doesn't recognise XMPP STARTTLS messages with double quotes

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Released

Bug description:
  OpenSSL s_client does not recognise the XML produced by some Jabber
  servers (eg. OpenFire). The parameter values use double (") instead of
  single quotes (') and s_client is too conservative in its string-
  parsing routine.

  To demonstrate the problem I used one of the public XMPP servers
  running OpenFire 3.9.3:

  openssl s_client -connect jabber.rootbash.com:5222 -starttls xmpp -debug
  CONNECTED(0003)
  write to 0x1124c10 [0x7fffdf2d49c0] (124 bytes => 124 (0x7C))
   - 3c 73 74 72 65 61 6d 3a-73 74 72 65 61 6d 20 78   
  read from 0x1124c10 [0x1118800] (8192 bytes => 192 (0xC0))
   - 3c 3f 78 6d 6c 20 76 65-72 73 69 6f 6e 3d 27 31   http://etherx
  0050 - 2e 6a 61 62 62 65 72 2e-6f 72 67 2f 73 74 72 65   .jabber.org/stre
  0060 - 61 6d 73 22 20 78 6d 6c-6e 73 3d 22 6a 61 62 62   ams" xmlns="jabb
  0070 - 65 72 3a 63 6c 69 65 6e-74 22 20 66 72 6f 6d 3d   er:client" from=
  0080 - 22 6a 61 62 62 65 72 2e-72 6f 6f 74 62 61 73 68   "jabber.rootbash
  0090 - 2e 63 6f 6d 22 20 69 64-3d 22 61 39 64 33 30 61   .com" id="a9d30a
  00a0 - 34 32 22 20 78 6d 6c 3a-6c 61 6e 67 3d 22 65 6e   42" xml:lang="en
  00b0 - 22 20 76 65 72 73 69 6f-6e 3d 22 31 2e 30 22 3e   " version="1.0">
  read from 0x1124c10 [0x1118800] (8192 bytes => 428 (0x1AC))
   - 3c 73 74 72 65 61 6d 3a-66 65 61 74 75 72 65 73   DI
  0090 - 47 45 53 54 2d 4d 44 35-3c 2f 6d 65 63 68 61 6e   GEST-MD5P
  00b0 - 4c 41 49 4e 3c 2f 6d 65-63 68 61 6e 69 73 6d 3e   LAIN
  00c0 - 3c 6d 65 63 68 61 6e 69-73 6d 3e 41 4e 4f 4e 59   ANONY
  00d0 - 4d 4f 55 53 3c 2f 6d 65-63 68 61 6e 69 73 6d 3e   MOUS
  00e0 - 3c 6d 65 63 68 61 6e 69-73 6d 3e 43 52 41 4d 2d   CRAM-
  00f0 - 4d 44 35 3c 2f 6d 65 63-68 61 6e 69 73 6d 3e 3c   MD5<
  0100 - 2f 6d 65 63 68 61 6e 69-73 6d 73 3e 3c 63 6f 6d   /mechanisms>http://jabber.or
  0130 - 67 2f 66 65 61 74 75 72-65 73 2f 63 6f 6d 70 72   g/features/compr
  0140 - 65 73 73 22 3e 3c 6d 65-74 68 6f 64 3e 7a 6c 69   ess">zli
  0150 - 62 3c 2f 6d 65 74 68 6f-64 3e 3c 2f 63 6f 6d 70   bhttp://jabb
  0180 - 65 72 2e 6f 72 67 2f 66-65 61 74 75 72 65 73 2f   er.org/features/
  0190 - 69 71 2d 61 75 74 68 22-2f 3e 3c 2f 73 74 72 65   iq-auth"/>
  ---
  no peer certificate available
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 620 bytes and written 124 bytes
  ---
  New, (NONE), Cipher is (NONE)
  Secure Renegotiation IS NOT supported
  Compression: NONE
  Expansion: NONE
  ---

  The "no peer certificate available" is incorrect, it appears because
  s_client doesn't correctly recognise the response from the remote
  server.

  The problem comes from the hard-coded string that s_client is looking for 
during communication with the remote server here:
  
https://github.com/openssl/openssl/blob/OpenSSL_1_0_1-stable/apps/s_client.c#L1461
 - the utility expects only a single-quoted string, while the standard also 
allows the use of double quotes.

  There is a bug report and a series of patches for various XMPP-related
  bugs submitted in OpenSSL RT bugtracker
  https://rt.openssl.org/Ticket/Display.html?id=2860=guest=guest
  (and more specifically for this problem -
  https://rt.openssl.org/Ticket/Display.html?id=2860#txn-34620). This
  issue has been fixed  in the upstream Git repository in the master
  branch
  
(https://github.com/openssl/openssl/blob/fbf08b79ff33110c242849e836aeb494bc03a132/apps/s_client.c#L1620).

  Please consider including these patches.

  Also please update the man page for s_client, it is for a previous
  version of the utility and doesn't mention STARTTLS XMPP support at
  all.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: openssl 1.0.1f-1ubuntu2.8
  ProcVersionSignature: Ubuntu 3.13.0-45.74-generic 3.13.11-ckt13
  Uname: Linux 3.13.0-45-generic x86_64
  NonfreeKernelModules: wl
  ApportVersion: 2.14.1-0ubuntu3.6
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Tue Feb 10 21:59:30 2015
  InstallationDate: Installed on 2014-07-07 (218 days ago)
  InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417)
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1420608/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post

[Touch-packages] [Bug 1990089] Re: Screen freeze when performing memory stress in Wayland mode

Hello jeremyszu, or anyone else affected,

Accepted mesa into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/mesa/22.2.5-0ubuntu0.1~22.04.2 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: mesa (Ubuntu Jammy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1990089

Title:
  Screen freeze when performing memory stress in Wayland mode

Status in Linux:
  New
Status in Mutter:
  Fix Released
Status in OEM Priority Project:
  Incomplete
Status in mesa package in Ubuntu:
  Fix Released
Status in mesa source package in Jammy:
  Fix Committed
Status in mesa source package in Kinetic:
  Won't Fix
Status in mesa source package in Lunar:
  Fix Released

Bug description:
  [Impact]

  Running stress-ng freezes the screen under wayland on intel iris.
  Upstream has fixed it in

  5aae8a05264c354aa93017d323ce238858f68227 iris: Retry 
DRM_IOCTL_I915_GEM_EXECBUFFER2 on ENOMEM
  646cff13bca8a92b846984d782ef00e57d34d7a1 Revert "iris: Avoid abort() if 
kernel can't allocate memory"

  which need to be backported for 22.2.5

  [Test case]

  Install the update, then

  1. stress-ng --stack 0 --timeout 300
  2. check the screen

  and note that it shouldn't freeze anymore.

  [Where things could go wrong]

  This moves checking ENOMEM to the right place, so it's hard to see how
  it might cause issues.

  --

  [Steps to reproduce]
  (disable systemd-oomd or executing over ssh)
  (below command allocates a lot of memory to stress kernel page fault)

  1. stress-ng --stack 0 --timeout 300
  2. check the screen

  [Expected result]
  Screen will update slowly when performing the stress-test.
  but screen needs back to work after stress.

  [Actual result]
  Screen freeze after stress test.

  [Additional information]
  kernel version: vmlinuz-5.17.0-1017-oem
  kernel version: vmlinuz-6.0.0-06rc4drmtip20220910-generic
  Mesa version: 22.0.5-0ubuntu0.1
  Mutter version: 42.2-0ubuntu1
  Gnome-shell version: 42.2-0ubuntu0.2

  * Issue happens in Wayland only

  * gnome-shell keeps issuing ioctl()
  ```
  (gdb) bt
  #0  __GI___ioctl (fd=fd@entry=14, request=request@entry=3223348419) at 
../sysdeps/unix/sysv/linux/ioctl.c:36
  #1  0x7fcacab0eb4f in intel_ioctl (arg=0x7fffc5404d80, 
request=3223348419, fd=14) at ../src/intel/common/intel_gem.h:75
  #2  iris_wait_syncobj (timeout_nsec=140736502713808, syncobj=, 
bufmgr=) at ../src/gallium/drivers/iris/iris_fence.c:229
  #3  iris_wait_syncobj (bufmgr=, syncobj=, 
timeout_nsec=timeout_nsec@entry=9223372036854775807) at 
../src/gallium/drivers/iris/iris_fence.c:215
  #4  0x7fcacab8beab in iris_get_query_result (result=0x7fffc5404e50, 
wait=, query=0x55774159b800, ctx=) at 
../src/gallium/drivers/iris/iris_query.c:635
  #5  iris_get_query_result (ctx=, query=0x55774159b800, 
wait=, result=0x7fffc5404e50) at 
../src/gallium/drivers/iris/iris_query.c:601
  #6  0x7fcaca405e89 in tc_get_query_result (_pipe=, 
query=0x55774159b800, wait=, result=0x7fffc5404e50) at 
../src/gallium/auxiliary/util/u_threaded_context.c:881
  #7  0x7fcaca0f0e64 in get_query_result (pipe=pipe@entry=0x55773f87bad0, 
q=q@entry=0x557741a0c790, wait=wait@entry=1 '\001') at 
../src/mesa/main/queryobj.c:266
  #8  0x7fcaca0f1b12 in _mesa_wait_query (q=0x557741a0c790, 
ctx=0x55773f8af980) at ../src/mesa/main/queryobj.c:344
  #9  get_query_object (ctx=0x55773f8af980, func=func@entry=0x7fcacaf28283 
"glGetQueryObjecti64v", id=, pname=34918, 
ptype=ptype@entry=5134, buf=0x0, offset=140736502714192)
  at ../src/mesa/main/queryobj.c:1174
  #10 0x7fcaca0f2d65 in _mesa_GetQueryObjecti64v (id=, 
pname=, params=) at 
../src/mesa/main/queryobj.c:1257
  #11 0x7fcadfa39b90 in ?? () from

[Touch-packages] [Bug 2003339] Please test proposed package

Hello Kai, or anyone else affected,

Accepted mesa into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/mesa/22.2.5-0ubuntu0.1~22.04.2 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/2003339

Title:
  kwin_x11: The X11 connection broke: I/O error (code 1)

Status in KDE Base Workspace:
  Fix Released
Status in Mesa:
  Fix Released
Status in kwin package in Ubuntu:
  Invalid
Status in mesa package in Ubuntu:
  Fix Released
Status in kwin source package in Jammy:
  Invalid
Status in mesa source package in Jammy:
  Fix Committed
Status in kwin package in Debian:
  New

Bug description:
  [Impact]

  kwin might crash after running some time

  Two commits have been reverted upstream since 22.2.x branch was
  closed, needs those backported to fix this.

  [Test case]

  Run kwin for a day or so, which is usually enough time to hit this.

  Crash happens mostly on a notification popups, so system must be
  actively receiving notifications to test the crash. Without that crash
  may not happen even in a week of runtime.

  [Where things could go wrong]

  This just reverts two commits, and they have been upstream for a few
  months now, so these causing a regression is unlikely.

To manage notifications about this bug go to:
https://bugs.launchpad.net/kdebase-workspace/+bug/2003339/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2003339] Re: kwin_x11: The X11 connection broke: I/O error (code 1)

The revert is not in Kinetic, implying it could be affected by this bug
too. Do you intend to skip kinetic, or is it not affected?

** Changed in: mesa (Ubuntu Jammy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/2003339

Title:
  kwin_x11: The X11 connection broke: I/O error (code 1)

Status in KDE Base Workspace:
  Fix Released
Status in Mesa:
  Fix Released
Status in kwin package in Ubuntu:
  Invalid
Status in mesa package in Ubuntu:
  Fix Released
Status in kwin source package in Jammy:
  Invalid
Status in mesa source package in Jammy:
  Fix Committed
Status in kwin package in Debian:
  New

Bug description:
  [Impact]

  kwin might crash after running some time

  Two commits have been reverted upstream since 22.2.x branch was
  closed, needs those backported to fix this.

  [Test case]

  Run kwin for a day or so, which is usually enough time to hit this.

  Crash happens mostly on a notification popups, so system must be
  actively receiving notifications to test the crash. Without that crash
  may not happen even in a week of runtime.

  [Where things could go wrong]

  This just reverts two commits, and they have been upstream for a few
  months now, so these causing a regression is unlikely.

To manage notifications about this bug go to:
https://bugs.launchpad.net/kdebase-workspace/+bug/2003339/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2017142] Re: [jammy] VA-API doesn't work on DCN 3.1.4

Hello Mario, or anyone else affected,

Accepted mesa into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/mesa/22.2.5-0ubuntu0.1~22.04.2 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: mesa (Ubuntu Jammy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/2017142

Title:
  [jammy] VA-API doesn't work on DCN 3.1.4

Status in mesa package in Ubuntu:
  Fix Released
Status in mesa source package in Jammy:
  Fix Committed

Bug description:
  [ Impact ]
  VA-API decoding doesn't work on DCN 3.1.4.
  Mesa 22.2.5 includes all the code to support it but is missing the chip ID.

  The device ID was included in upstream mesa 22.3.1.

  [ Test Plan ]

   * Verify that VA-API works using "mpv" or a similar tool that uses VA-API
   * Verify that '# vainfo' shows the correct information.

  [ Where problems could occur ]

   * If just the new ID is backported then they would be unique to DCN 3.1.4 as 
it's now running VA-API codepaths.
   * If newer mesa point release is adopted, then it could be a regression that 
happened in changes on common code in mesa between those two point releases.

  [ Other Info ]
  * It can be cherry picked with this single commit:
  
https://gitlab.freedesktop.org/mesa/mesa/-/commit/4291e545d5a0f18c652f0ea57907f445392e8858

  * AMD has already tested cherry-picked commit on top of the Ubuntu
  mesa 22.2.5 package and verified it works.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mesa/+bug/2017142/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1968360] Re: jammy daily won't accept EC2 publickey (suspect cloud-init failure)

Tracked in Github Issues as https://github.com/canonical/cloud-
init/issues/3967

** Bug watch added: github.com/canonical/cloud-init/issues #3967
   https://github.com/canonical/cloud-init/issues/3967

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1968360

Title:
  jammy daily won't accept EC2 publickey (suspect cloud-init failure)

Status in cloud-init:
  Invalid
Status in openssh package in Ubuntu:
  Invalid

Bug description:
  amazon-ebs: output will be in this color.

  ==> amazon-ebs: Prevalidating any provided VPC information
  ==> amazon-ebs: Prevalidating AMI Name: packer-honeycomb-arm-1649438444
  amazon-ebs: Found Image ID: ami-03c980393156217bb
  ==> amazon-ebs: Creating temporary keypair: 
packer_62506eec-8c01-8c21-b199-32a96021bd7a
  ==> amazon-ebs: Creating temporary security group for this instance: 
packer_62506eee-c3da-1eb2-6e81-baa0c5ccfdfc
  ==> amazon-ebs: Authorizing access to port 22 from [0.0.0.0/0] in the 
temporary security groups...
  ==> amazon-ebs: Launching a source AWS instance...
  ==> amazon-ebs: Adding tags to source instance
  amazon-ebs: Adding tag: "Name": "Packer Builder"
  amazon-ebs: Instance ID: i-01158f222c8664f0c
  ==> amazon-ebs: Waiting for instance (i-01158f222c8664f0c) to become ready...
  ==> amazon-ebs: Using SSH communicator to connect: 54.173.181.221
  ==> amazon-ebs: Waiting for SSH to become available...
  ==> amazon-ebs: Error waiting for SSH: Packer experienced an authentication 
error when trying to connect via SSH. This can happen if your username/password 
are wrong. You may want to double-check your credentials as part of your 
debugging process. original error: ssh: handshake failed: ssh: unable to 
authenticate, attempted methods [none publickey], no supported methods remain
  ==> amazon-ebs: Terminating the source AWS instance...
  ==> amazon-ebs: Cleaning up any extra volumes...
  ==> amazon-ebs: No volumes to clean up, skipping
  ==> amazon-ebs: Deleting temporary security group...
  ==> amazon-ebs: Deleting temporary keypair...
  Build 'amazon-ebs' errored after 2 minutes 42 seconds: Packer experienced an 
authentication error when trying to connect via SSH. This can happen if your 
username/password are wrong. You may want to double-check your credentials as 
part of your debugging process. original error: ssh: handshake failed: ssh: 
unable to authenticate, attempted methods [none publickey], no supported 
methods remain

  ==> Wait completed after 2 minutes 42 seconds

  ==> Some builds didn't complete successfully and had errors:
  --> amazon-ebs: Packer experienced an authentication error when trying to 
connect via SSH. This can happen if your username/password are wrong. You may 
want to double-check your credentials as part of your debugging process. 
original error: ssh: handshake failed: ssh: unable to authenticate, attempted 
methods [none publickey], no supported methods remain

  ==> Builds finished but no artifacts were created.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1968360/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2019424] Re: Heimdal can be synced

2023-05-12 Thread Michał Małoszewski

Moreover here are my 2 PPAs that has been compared:

https://launchpad.net/~michal-maloszewski99/+archive/ubuntu/heimdal-test-ppa2-michal
https://launchpad.net/~michal-maloszewski99/+archive/ubuntu/test-heimdal-lto-michal-ppa1

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to heimdal in Ubuntu.
https://bugs.launchpad.net/bugs/2019424

Title:
  Heimdal can be synced

Status in heimdal package in Ubuntu:
  Confirmed

Bug description:
  After heimdal merge process, I was trying to figure out if the delta that is 
still not dropped is required or not.
  So, to test it, I have created 2 PPAs, one in which lto is disabled, and the 
second one, where the lto is enabled. I have built them and downloaded the debs 
for i386 and amd64.
  Then I have compared amd64 deb from PPA1 with amd64 deb from PPA2. The same 
story with i386. The binary dependencies were identical. There is no difference 
between the files. So in that case, the delta can possibly be dropped.

  The package has already been merged again, with the change:

  heimdal (7.8.git20221117.28daf24+dfsg-2ubuntu1) mantic; urgency=low

    * Merge from Debian unstable. Remaining changes:
  - d/rules: Disable lto, to regain dep on roken, otherwise
    dependencies on amd64 are different than i386 resulting in
    different files on amd64 and i386.

   -- Steve Langasek  Tue, 02 May 2023
  09:56:10 +0200

  heimdal (7.8.git20221117.28daf24+dfsg-1ubuntu1) lunar; urgency=low

    * Merge from Debian unstable. Remaining changes:
  - d/rules: Disable lto, to regain dep on roken, otherwise
    dependencies on amd64 are different than i386 resulting in
    different files on amd64 and i386.
    (LP #1934936)

   -- Steve Langasek  Tue, 24 Jan 2023
  19:14:54 -0800

  Due to this, syncpackage doesn't run.
  The package can be sync'd next time it comes up.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/2019424/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2019424] Re: Heimdal can be synced

2023-05-12 Thread Michał Małoszewski

Checked the builds that seem to show they are good without delta vs the
originally reported bug
https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/1934936

Checking the non-lto PPA the two changelogs are now matching:

$ dpkg -x libwind0-heimdal_7.8.git20221117.28daf24+dfsg-1ubuntu1~ppa2_amd64.deb
hd-amd64
$ dpkg -x libwind0-heimdal_7.8.git20221117.28daf24+dfsg-1ubuntu1~ppa2_i386.deb
hd-i386
$ md5sum hd-amd64/usr/share/doc/libwind0-heimdal/changelog.Debian.gz
hd-i386/usr/share/doc/libwind0-heimdal/changelog.Debian.gz
5dd57970afedcb4a75ece78e94109d17
hd-amd64/usr/share/doc/libwind0-heimdal/changelog.Debian.gz
5dd57970afedcb4a75ece78e94109d17
hd-i386/usr/share/doc/libwind0-heimdal/changelog.Debian.gz

Build logs:
https://launchpadlibrarian.net/646899573/buildlog_ubuntu-lunar-amd64.heimdal_7.8.git20221117.28daf24+dfsg-1ubuntu1~ppa2_BUILDING.txt.gz
https://launchpadlibrarian.net/646899827/buildlog_ubuntu-lunar-i386.heimdal_7.8.git20221117.28daf24+dfsg-1ubuntu1~ppa2_BUILDING.txt.gz

no more show "Searching for duplicated docs in dependency
libroken18-heimdal... symlinking changelog.Debian.gz in" despite being
built without LTO.

--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to heimdal in Ubuntu.
https://bugs.launchpad.net/bugs/2019424

Title:
Heimdal can be synced

Status in heimdal package in Ubuntu:
Confirmed

Bug description:
After heimdal merge process, I was trying to figure out if the delta that is
still not dropped is required or not.
So, to test it, I have created 2 PPAs, one in which lto is disabled, and the
second one, where the lto is enabled. I have built them and downloaded the debs
for i386 and amd64.
Then I have compared amd64 deb from PPA1 with amd64 deb from PPA2. The same
story with i386. The binary dependencies were identical. There is no difference
between the files. So in that case, the delta can possibly be dropped.

The package has already been merged again, with the change:

heimdal (7.8.git20221117.28daf24+dfsg-2ubuntu1) mantic; urgency=low

* Merge from Debian unstable. Remaining changes:
- d/rules: Disable lto, to regain dep on roken, otherwise
dependencies on amd64 are different than i386 resulting in
different files on amd64 and i386.

-- Steve Langasek Tue, 02 May 2023
09:56:10 +0200

heimdal (7.8.git20221117.28daf24+dfsg-1ubuntu1) lunar; urgency=low

-- Steve Langasek Tue, 24 Jan 2023
19:14:54 -0800

Due to this, syncpackage doesn't run.
The package can be sync'd next time it comes up.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/2019424/+subscriptions

--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp

Re: [Touch-packages] [Bug 1971984] Re: pcscd 1.9.5-3 do not start automatically, only manual

2023-05-12 Thread Ubucolors

Good news Tony, almost 1 year after the release of Ubuntu 22.04 finally a
solution that works.

Op vr 12 mei 2023 om 17:31 schreef Tony Espy
<1971...@bugs.launchpad.net>:

> I ran into this bug earlier this week while trying to setup my new
> Nitrokey HSM2 (https://docs.nitrokey.com/hsm/linux/) on a Thinkpad
> running 22.04 LTS.
>
> I've confirmed that the upstream commit from 1.9.9-2 fixes the problem,
> and am uploading this as a patch.
>
> ** Patch added: "Backported packaging fix from upstream 1.9.9-2"
>
> https://bugs.launchpad.net/ubuntu/+source/pcsc-lite/+bug/1971984/+attachment/5672739/+files/0001-Fix-dh_installsystemd-doesn-t-handle-files-in-usr-li.patch
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1971984
>
> Title:
>   pcscd 1.9.5-3 do not start automatically, only manual
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/pcsc-lite/+bug/1971984/+subscriptions
>
>

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcsc-lite in Ubuntu.
https://bugs.launchpad.net/bugs/1971984

Title:
  pcscd 1.9.5-3 do not start automatically, only manual

Status in pcsc-lite package in Ubuntu:
  Confirmed

Bug description:
  Ubuntu Mate 22.04 with the latest updates.
  Problem is present with internal smart-card reader and also external usb 
smart-card reader.

  eid-viewer sees no card reader,but When i do:

  sudo pcscd -f

  it is working, also following the tips of Ludovic:
  
https://ludovicrousseau.blogspot.com/2011/11/pcscd-auto-start-using-systemd.html

  sudo systemctl stop pcscd.socket
  sudo systemctl start pcscd.socket

  It is working until next restart.

  libacsccid1  version: 1.1.8-1
  libccid version: 1.5.0-2
  pcscd version: 1.9.5-3
  eid-archive version: 2022.3
  eid-mw version: 5.0.28v5.0.28-0u2204-1
  eid-viewer version: 5.0.28v5.0.28-0u2204-1

  In Firefox, my eid card is then also recognized, but only in the ESR
  version, but this is a know Mozilla bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcsc-lite/+bug/1971984/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1971242] Re: printing PDF appears always grey, no color

2023-05-12 Thread Ian Gordon

I suspect this problem is caused by this issue
(https://github.com/OpenPrinting/cups/pull/500) that is fixed in cups
where the option print-color-mode is set to monochrome when the printer
PPD file has ColorModel: CMYK and not ColorModel: RGB (Our Ricoh C4500
uses CMYK as its ColorModel: CMYK)

We were trying to use

lpadmin -p  -o print-color-mode-default=colour
lpadmin -p  -o print-color-mode=colour

and this worked the first time we printed to the printer and then it
would reset to "monochrome" which I suspect is caused by this reported
typo: https://github.com/OpenPrinting/cups/pull/687

Cheers,

Ian.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/1971242

Title:
  printing PDF appears always grey, no color

Status in CUPS:
  New
Status in atril package in Ubuntu:
  Confirmed
Status in cups package in Ubuntu:
  Confirmed
Status in okular package in Ubuntu:
  Confirmed

Bug description:
  After upgrading from 20.04 LTS to 22.04 LTS I can't print colored PDF
  document. The print appears always b/w regardless color printing was
  enabled or not. Printing from LibreOffice produces a color print. This
  behavior (bug) is reproducible on three upgraded machines. It would be
  nice to have color print back again.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cups/+bug/1971242/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1969901] Re: network-manager fails to renew ipv6 address

2023-05-12 Thread Mathew Hodson

** Tags added: patch

** Changed in: network-manager (Ubuntu Bionic)
   Status: Incomplete => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1969901

Title:
  network-manager fails to renew ipv6 address

Status in network-manager package in Ubuntu:
  Fix Released
Status in network-manager source package in Bionic:
  Triaged

Bug description:
  [Impact]

   * This affects Ubuntu 18.04 where Network Manager version 1.10.6 is
  used.

   * Network manager might kill dhclient(6) and fail to start it again
     causing the IPv6 address to be lost on a network that uses mixed
     IPv4/IPV6.
     The network status will still be seen as online in gnome since ipv4
     is still active.
     The user then have to manually remove the dhcpv6 lease files and
     restart ipv6 connection/restart network manager to regain IPv6
     connectivity.

   * This is a cherry-pick from Network manager 1.10.8 (Ubuntu's version
     is based on 1.10.6):
     
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/7fbbe7ebee99785e38d39c37e515a64a28edef0f

   * Upstream bug:
     https://bugzilla.gnome.org/show_bug.cgi?id=783391

  [Test Plan]

  The test requires three computers
  * one computer runing isc dhcpd server (with network configured static)
  * one computer running patched network manager
  * one computer running vanilla ubuntu

  The idea is to execute on an isolated network and trigger the error by 
changing
  ip range handed out by the dhcp-server to force a nack response back to the
  clients.

  Expected result
  * patched network keeps dhclient6 alive
  * vanilla network manager will fail to keep dhclient6 alive
in network manager logs dhcp6 will expire and not be restarted

  ON THE SERVER
  # Disable app-armor, as it has rules restricting dhcpd
  aa-teardown

  # install isc dhcpserver
  isc-dhcp-server

  # configure network static
  sudo nmcli connection modify "${CONNECTION_NAME}" \
   ipv4.method "manual" \
   ipv4.addresses "192.168.1.1/24" \
   ipv4.gateway "192.168.1.254" \
   ipv4.dns "192.168.1.1" \
   ipv6.method "manual" \
   ipv6.addresses "2001:db8:0:1::1/64" \
   ipv6.gateway "2001:db8:0:1::ffbb" \
   ipv6.dns "2001:db8:0:1::1/64"

  mkdir -p tmp
  touch tmp/dhcpd4_a.leases
  touch tmp/dhcpd4_b.leases
  touch tmp/dhcpd6_a.leases
  touch tmp/dhcpd6_b.leases

  Then it is time to execute dhcpd
  -f - run in foreground
  -d - print errors to stderr instead of syslog

  # Start in separate terminals
  dhcpd -f -d -4 -cf dhcp_v4_a.conf -lf tmp/dhcpd4_a.leases enp0s31f6
  dhcpd -f -d -6 -cf dhcp_v6_a.conf -lf tmp/dhcpd6_a.leases enp0s31f6

  Press ctrl-C to kill servers, then restart with the b configurations

  dhcpd -f -d -4 -cf dhcp_v4_b.conf -lf tmp/dhcpd4_b.leases enp0s31f6
  dhcpd -f -d -6 -cf dhcp_v6_b.conf -lf tmp/dhcpd6_b.leases enp0s31f6

  Then leases to expire (check for clients that kills dhclient)
  Press ctrl-C to kill servers, then restart with the a configurations

  ON THE CLIENTS
  Setup:
  Configure ipv6 network in settings to use dhcp (using the gui)

  Test:
  check that dhcp clients are still running:
  ps aux|grep dhclient

  Expected in output
  one client for dhcpv4
  one client for dhcpv6

  Also check network manager status :
  journalctl -u NetworkManager.service
  journalctl -u NetworkManager.service|grep dhcp6 # to only view dhclient6
  journalctl -u NetworkManager.service|grep dhcp4 # to only view dhclient4

  if dhclient is not running:
  stop network in gui
  remove lease files (/var/lib/NetworkManager/dhclient*.lease). Only remove the 
lease for the client not running.
  start network in gui

  if dhclients are running:
  wait additional ten minutes, repeat from beginning of test

  [Where problems could occur]

   * The change is in the dchp lease expiration handling so verify that
  there is no regression in dhcp renewals on different type of
  configuration include IPv6

  [Other Info]
   * We have tested this patch on a couple of clients where we have seen this
     this problem. If this patch is feasible to include in Ubuntu 18.04 we
     could request more users to test.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1969901/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1926165] Re: Bass speakers not enabled on Lenovo Yoga 9i

2023-05-12 Thread Tim Woelfle

I'm now on Ubuntu 23.04 (incl. new kernel) and managed to make the bass
work on my Lenovo Yoga 9 14IAP7 through this trick:
https://wiki.archlinux.org/title/Lenovo_Yoga_9i_2022_(14AiPI7)#Audio

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/1926165

Title:
  Bass speakers not enabled on Lenovo Yoga 9i

Status in alsa-driver package in Ubuntu:
  Confirmed

Bug description:
  The Lenovo Yoga 9i has two sets of speakers: regular ones and bass
  speakers. The former work but while latter are detected and show up in
  alsamixer, they play no sound. Plugging headphones in and out or
  toggling any of the volume options does not fix the issue.

  A possibly related issue for a different Yoga version:
  https://bugzilla.kernel.org/show_bug.cgi?id=205755

  ProblemType: Bug
  DistroRelease: Ubuntu 21.04
  Package: alsa-base 1.0.25+dfsg-0ubuntu7
  ProcVersionSignature: Ubuntu 5.11.0-16.17-generic 5.11.12
  Uname: Linux 5.11.0-16-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.11-0ubuntu65
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  ubuntu 4466 F pulseaudio
ubuntu 6219 F alsamixer
   /dev/snd/pcmC0D0p:   ubuntu 4466 F...m pulseaudio
  CasperMD5CheckResult: pass
  CasperVersion: 1.461
  CurrentDesktop: ubuntu:GNOME
  Date: Mon Apr 26 15:10:05 2021
  LiveMediaBuild: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420)
  PackageArchitecture: all
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: alsa-driver
  Symptom: audio
  Symptom_AlsaPlaybackTest: ALSA playback test through plughw:sofhdadsp 
successful
  Symptom_Card: Tiger Lake-LP Smart Sound Technology Audio Controller - 
sof-hda-dsp
  Symptom_Jack: Speaker, Internal
  Symptom_PulsePlaybackTest: PulseAudio playback test successful
  Symptom_Type: None of the above
  Title: [82BG, Realtek ALC287, Speaker, Internal] Playback problem
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 01/28/2021
  dmi.bios.release: 1.40
  dmi.bios.vendor: LENOVO
  dmi.bios.version: EHCN40WW
  dmi.board.asset.tag: No Asset Tag
  dmi.board.name: LNVNB161216
  dmi.board.vendor: LENOVO
  dmi.board.version: SDK0J40697WIN
  dmi.chassis.asset.tag: No Asset Tag
  dmi.chassis.type: 31
  dmi.chassis.vendor: LENOVO
  dmi.chassis.version: Yoga 9 14ITL5
  dmi.ec.firmware.release: 1.40
  dmi.modalias: 
dmi:bvnLENOVO:bvrEHCN40WW:bd01/28/2021:br1.40:efr1.40:svnLENOVO:pn82BG:pvrYoga914ITL5:rvnLENOVO:rnLNVNB161216:rvrSDK0J40697WIN:cvnLENOVO:ct31:cvrYoga914ITL5:
  dmi.product.family: Yoga 9 14ITL5
  dmi.product.name: 82BG
  dmi.product.sku: LENOVO_MT_82BG_BU_idea_FM_Yoga 9 14ITL5
  dmi.product.version: Yoga 9 14ITL5
  dmi.sys.vendor: LENOVO

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1926165/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1921939] Re: Create Upstream Repo

2023-05-12 Thread Bryan Quigley

** Changed in: software-properties (Ubuntu)
   Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to software-properties in
Ubuntu.
https://bugs.launchpad.net/bugs/1921939

Title:
  Create Upstream Repo

Status in software-properties package in Ubuntu:
  Invalid

Bug description:
  I started investigating this due to software-properties in Debian
  being listed as under-maintained per
  https://mako.cc/copyrighteous/identifying-underproduced-software

  AFAICT the source of truth for this package is in the current Ubuntu
  packages.  Would it be possible to make a real upstream repo that both
  Debian and Ubuntu can eventually pull from?

  Today, the Debian package has no updates for a while and I get that
  many of the additions are for Livepatch/other ubuntu specific things.
  If it's better for software-properties in Debian to just become it's
  own thing, that's a path too.

  Related debian bug:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661908

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1921939/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1971984] Re: pcscd 1.9.5-3 do not start automatically, only manual

2023-05-12 Thread Tony Espy

I ran into this bug earlier this week while trying to setup my new
Nitrokey HSM2 (https://docs.nitrokey.com/hsm/linux/) on a Thinkpad
running 22.04 LTS.

I've confirmed that the upstream commit from 1.9.9-2 fixes the problem,
and am uploading this as a patch.

** Patch added: "Backported packaging fix from upstream 1.9.9-2"
   
https://bugs.launchpad.net/ubuntu/+source/pcsc-lite/+bug/1971984/+attachment/5672739/+files/0001-Fix-dh_installsystemd-doesn-t-handle-files-in-usr-li.patch

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcsc-lite in Ubuntu.
https://bugs.launchpad.net/bugs/1971984

Title:
  pcscd 1.9.5-3 do not start automatically, only manual

Status in pcsc-lite package in Ubuntu:
  Confirmed

Bug description:
  Ubuntu Mate 22.04 with the latest updates.
  Problem is present with internal smart-card reader and also external usb 
smart-card reader.

  eid-viewer sees no card reader,but When i do:

  sudo pcscd -f

  it is working, also following the tips of Ludovic:
  
https://ludovicrousseau.blogspot.com/2011/11/pcscd-auto-start-using-systemd.html

  sudo systemctl stop pcscd.socket
  sudo systemctl start pcscd.socket

  It is working until next restart.

  libacsccid1  version: 1.1.8-1
  libccid version: 1.5.0-2
  pcscd version: 1.9.5-3
  eid-archive version: 2022.3
  eid-mw version: 5.0.28v5.0.28-0u2204-1
  eid-viewer version: 5.0.28v5.0.28-0u2204-1

  In Firefox, my eid card is then also recognized, but only in the ESR
  version, but this is a know Mozilla bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcsc-lite/+bug/1971984/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2019424] Re: Heimdal can be synced

My own testing prior to upload showed that there were differences in the
dependencies, so I'm not sure why you got a different result.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to heimdal in Ubuntu.
https://bugs.launchpad.net/bugs/2019424

Title:
  Heimdal can be synced

Status in heimdal package in Ubuntu:
  Confirmed

Bug description:
  After heimdal merge process, I was trying to figure out if the delta that is 
still not dropped is required or not.
  So, to test it, I have created 2 PPAs, one in which lto is disabled, and the 
second one, where the lto is enabled. I have built them and downloaded the debs 
for i386 and amd64.
  Then I have compared amd64 deb from PPA1 with amd64 deb from PPA2. The same 
story with i386. The binary dependencies were identical. There is no difference 
between the files. So in that case, the delta can possibly be dropped.

  The package has already been merged again, with the change:

  heimdal (7.8.git20221117.28daf24+dfsg-2ubuntu1) mantic; urgency=low

    * Merge from Debian unstable. Remaining changes:
  - d/rules: Disable lto, to regain dep on roken, otherwise
    dependencies on amd64 are different than i386 resulting in
    different files on amd64 and i386.

   -- Steve Langasek  Tue, 02 May 2023
  09:56:10 +0200

  heimdal (7.8.git20221117.28daf24+dfsg-1ubuntu1) lunar; urgency=low

    * Merge from Debian unstable. Remaining changes:
  - d/rules: Disable lto, to regain dep on roken, otherwise
    dependencies on amd64 are different than i386 resulting in
    different files on amd64 and i386.
    (LP #1934936)

   -- Steve Langasek  Tue, 24 Jan 2023
  19:14:54 -0800

  Due to this, syncpackage doesn't run.
  The package can be sync'd next time it comes up.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/2019424/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1951586] Re: Need option to specify wifi regulatory domain

Tracked in Github Issues as https://github.com/canonical/cloud-
init/issues/3926

** Bug watch added: github.com/canonical/cloud-init/issues #3926
   https://github.com/canonical/cloud-init/issues/3926

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1951586

Title:
  Need option to specify wifi regulatory domain

Status in cloud-init:
  Invalid
Status in netplan:
  Fix Released
Status in NetworkManager:
  New
Status in netplan.io package in Ubuntu:
  Fix Released
Status in network-manager package in Ubuntu:
  Incomplete
Status in netplan.io source package in Jammy:
  Triaged
Status in network-manager source package in Jammy:
  Incomplete
Status in netplan.io source package in Kinetic:
  Fix Released
Status in network-manager source package in Kinetic:
  Incomplete

Bug description:
  It would be nice if netplan offered an option to specify the wifi
  regulatory domain (country code).

  
  For devices such as the Raspberry Pi you are currently advertising that users 
can simply setup Ubuntu Server headless by putting the wifi configuration 
details in cloudinit/netplan's "network-config" on the FAT partition of the SD 
card: 
https://ubuntu.com/tutorials/how-to-install-ubuntu-on-your-raspberry-pi#3-wifi-or-ethernet
  But an option to set the wifi country code there does not seem to exist, so 
may not work.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1951586/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2019424] [NEW] Heimdal can be synced

2023-05-12 Thread Michał Małoszewski

Public bug reported:

After heimdal merge process, I was trying to figure out if the delta that is 
still not dropped is required or not.
So, to test it, I have created 2 PPAs, one in which lto is disabled, and the 
second one, where the lto is enabled. I have built them and downloaded the debs 
for i386 and amd64.
Then I have compared amd64 deb from PPA1 with amd64 deb from PPA2. The same 
story with i386. The binary dependencies were identical. There is no difference 
between the files. So in that case, the delta can possibly be dropped.

The package has already been merged again, with the change:

heimdal (7.8.git20221117.28daf24+dfsg-2ubuntu1) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
- d/rules: Disable lto, to regain dep on roken, otherwise
  dependencies on amd64 are different than i386 resulting in
  different files on amd64 and i386.

 -- Steve Langasek  Tue, 02 May 2023 09:56:10
+0200

heimdal (7.8.git20221117.28daf24+dfsg-1ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
- d/rules: Disable lto, to regain dep on roken, otherwise
  dependencies on amd64 are different than i386 resulting in
  different files on amd64 and i386.
  (LP #1934936)

 -- Steve Langasek  Tue, 24 Jan 2023 19:14:54
-0800

Due to this, syncpackage doesn't run.
The package can be sync'd next time it comes up.

** Affects: heimdal (Ubuntu)
 Importance: Low
 Status: Confirmed

** Package changed: libvirt (Ubuntu) => heimdal (Ubuntu)

** Description changed:

  After heimdal merge process, I was trying to figure out if the delta that is 
still not dropped is required or not.
  So, to test it, I have created 2 PPAs, one in which lto is disabled, and the 
second one, where the lto is enabled. I have built them and downloaded the debs 
for i386 and amd64.
  Then I have compared amd64 deb from PPA1 with amd64 deb from PPA2. The same 
story with i386. The binary dependencies were identical. There is no difference 
between the files. So in that case, the delta can possibly be dropped.
  
  The package has already been merged again, with the change:
  
  heimdal (7.8.git20221117.28daf24+dfsg-2ubuntu1) mantic; urgency=low
  
-   * Merge from Debian unstable. Remaining changes:
- - d/rules: Disable lto, to regain dep on roken, otherwise
-   dependencies on amd64 are different than i386 resulting in
-   different files on amd64 and i386.
+   * Merge from Debian unstable. Remaining changes:
+ - d/rules: Disable lto, to regain dep on roken, otherwise
+   dependencies on amd64 are different than i386 resulting in
+   different files on amd64 and i386.
  
-  -- Steve Langasek  Tue, 02 May 2023 09:56:10
+  -- Steve Langasek  Tue, 02 May 2023 09:56:10
  +0200
  
  heimdal (7.8.git20221117.28daf24+dfsg-1ubuntu1) lunar; urgency=low
  
-   * Merge from Debian unstable. Remaining changes:
- - d/rules: Disable lto, to regain dep on roken, otherwise
-   dependencies on amd64 are different than i386 resulting in
-   different files on amd64 and i386.
-   (LP #1934936)
+   * Merge from Debian unstable. Remaining changes:
+ - d/rules: Disable lto, to regain dep on roken, otherwise
+   dependencies on amd64 are different than i386 resulting in
+   different files on amd64 and i386.
+   (LP #1934936)
  
-  -- Steve Langasek  Tue, 24 Jan 2023 19:14:54
+  -- Steve Langasek  Tue, 24 Jan 2023 19:14:54
  -0800
  
  Due to this, syncpackage doesn't run.
+ The package can be sync'd next time it comes up.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to heimdal in Ubuntu.
https://bugs.launchpad.net/bugs/2019424

Title:
  Heimdal can be synced

Status in heimdal package in Ubuntu:
  Confirmed

Bug description:
  After heimdal merge process, I was trying to figure out if the delta that is 
still not dropped is required or not.
  So, to test it, I have created 2 PPAs, one in which lto is disabled, and the 
second one, where the lto is enabled. I have built them and downloaded the debs 
for i386 and amd64.
  Then I have compared amd64 deb from PPA1 with amd64 deb from PPA2. The same 
story with i386. The binary dependencies were identical. There is no difference 
between the files. So in that case, the delta can possibly be dropped.

  The package has already been merged again, with the change:

  heimdal (7.8.git20221117.28daf24+dfsg-2ubuntu1) mantic; urgency=low

    * Merge from Debian unstable. Remaining changes:
  - d/rules: Disable lto, to regain dep on roken, otherwise
    dependencies on amd64 are different than i386 resulting in
    different files on amd64 and i386.

   -- Steve Langasek  Tue, 02 May 2023
  09:56:10 +0200

  heimdal (7.8.git20221117.28daf24+dfsg-1ubuntu1) lunar; urgency=low

    * Merge from Debian unstable. Remaining changes:
  - d/rules: Disable lto, to regain dep on roken, otherwise

[Touch-packages] [Bug 2019379] [NEW] HDMI sound not working

2023-05-12 Thread Ton Hofhuis

Public bug reported:

Running Ubuntu 23.04 with all the latest patches on Dell XPS 15 9510/Nvidia 
3050Ti via Thunderbolt 4 cable attached to a DELL WB22TB4 dockingstation via 
Displayport 2.0 cable to an Asus 4K monitor with an audio out to a surround 
set. 
The sound via HDMI was working great when running 22.10, but works rarely on 
23.04 (I haven't figured out which set-up it always does work). nVidia driver = 
525.105.17

More questions on ton.hofh...@canonical.com or via MM @ton211

ProblemType: Bug
DistroRelease: Ubuntu 23.04
Package: alsa-base 1.0.25+dfsg-0ubuntu7
ProcVersionSignature: Ubuntu 6.2.0-20.20-generic 6.2.6
Uname: Linux 6.2.0-20-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset 
nvidia
ApportVersion: 2.26.1-0ubuntu2
Architecture: amd64
AudioDevicesInUse:
 USERPID ACCESS COMMAND
 /dev/snd/controlC0:  ton5180 F wireplumber
 /dev/snd/controlC1:  ton5180 F wireplumber
 /dev/snd/pcmC1D0c:   ton5176 F...m pipewire
 /dev/snd/seq:ton5176 F pipewire
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Fri May 12 16:06:40 2023
InstallationDate: Installed on 2023-02-02 (98 days ago)
InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Release amd64 (20221020)
PackageArchitecture: all
SourcePackage: alsa-driver
Symptom: audio
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 03/10/2023
dmi.bios.release: 1.19
dmi.bios.vendor: Dell Inc.
dmi.bios.version: 1.19.0
dmi.board.name: 01V4T3
dmi.board.vendor: Dell Inc.
dmi.board.version: A00
dmi.chassis.type: 10
dmi.chassis.vendor: Dell Inc.
dmi.modalias: 
dmi:bvnDellInc.:bvr1.19.0:bd03/10/2023:br1.19:svnDellInc.:pnXPS159510:pvr:rvnDellInc.:rn01V4T3:rvrA00:cvnDellInc.:ct10:cvr:sku0A61:
dmi.product.family: XPS
dmi.product.name: XPS 15 9510
dmi.product.sku: 0A61
dmi.sys.vendor: Dell Inc.

** Affects: alsa-driver (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug lunar

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/2019379

Title:
  HDMI sound not working

Status in alsa-driver package in Ubuntu:
  New

Bug description:
  Running Ubuntu 23.04 with all the latest patches on Dell XPS 15 9510/Nvidia 
3050Ti via Thunderbolt 4 cable attached to a DELL WB22TB4 dockingstation via 
Displayport 2.0 cable to an Asus 4K monitor with an audio out to a surround 
set. 
  The sound via HDMI was working great when running 22.10, but works rarely on 
23.04 (I haven't figured out which set-up it always does work). nVidia driver = 
525.105.17

  More questions on ton.hofh...@canonical.com or via MM @ton211

  ProblemType: Bug
  DistroRelease: Ubuntu 23.04
  Package: alsa-base 1.0.25+dfsg-0ubuntu7
  ProcVersionSignature: Ubuntu 6.2.0-20.20-generic 6.2.6
  Uname: Linux 6.2.0-20-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset 
nvidia
  ApportVersion: 2.26.1-0ubuntu2
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  ton5180 F wireplumber
   /dev/snd/controlC1:  ton5180 F wireplumber
   /dev/snd/pcmC1D0c:   ton5176 F...m pipewire
   /dev/snd/seq:ton5176 F pipewire
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Fri May 12 16:06:40 2023
  InstallationDate: Installed on 2023-02-02 (98 days ago)
  InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Release amd64 (20221020)
  PackageArchitecture: all
  SourcePackage: alsa-driver
  Symptom: audio
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 03/10/2023
  dmi.bios.release: 1.19
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: 1.19.0
  dmi.board.name: 01V4T3
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A00
  dmi.chassis.type: 10
  dmi.chassis.vendor: Dell Inc.
  dmi.modalias: 
dmi:bvnDellInc.:bvr1.19.0:bd03/10/2023:br1.19:svnDellInc.:pnXPS159510:pvr:rvnDellInc.:rn01V4T3:rvrA00:cvnDellInc.:ct10:cvr:sku0A61:
  dmi.product.family: XPS
  dmi.product.name: XPS 15 9510
  dmi.product.sku: 0A61
  dmi.sys.vendor: Dell Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/2019379/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2019378] [NEW] HDMI sound not working

2023-05-12 Thread Ton Hofhuis

Public bug reported:

Running Ubuntu 23.04 with all the latest patches on Dell XPS 15 9510/Nvidia 
3050Ti via Thunderbolt 4 cable attached to a DELL WB22TB4 dockingstation via 
Displayport 2.0 cable to an Asus 4K monitor with an audio out to a surround 
set. 
The sound via HDMI was working great when running 22.10, but works rarely on 
23.04 (I haven't figured out which set-up it always does work). nVidia driver = 
525.105.17

More questions on ton.hofh...@canonical.com or via MM @ton211

ProblemType: Bug
DistroRelease: Ubuntu 23.04
Package: alsa-base 1.0.25+dfsg-0ubuntu7
ProcVersionSignature: Ubuntu 6.2.0-20.20-generic 6.2.6
Uname: Linux 6.2.0-20-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset 
nvidia
ApportVersion: 2.26.1-0ubuntu2
Architecture: amd64
AudioDevicesInUse:
 USERPID ACCESS COMMAND
 /dev/snd/controlC0:  ton5180 F wireplumber
 /dev/snd/controlC1:  ton5180 F wireplumber
 /dev/snd/pcmC1D0c:   ton5176 F...m pipewire
 /dev/snd/seq:ton5176 F pipewire
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Fri May 12 16:06:40 2023
InstallationDate: Installed on 2023-02-02 (98 days ago)
InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Release amd64 (20221020)
PackageArchitecture: all
SourcePackage: alsa-driver
Symptom: audio
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 03/10/2023
dmi.bios.release: 1.19
dmi.bios.vendor: Dell Inc.
dmi.bios.version: 1.19.0
dmi.board.name: 01V4T3
dmi.board.vendor: Dell Inc.
dmi.board.version: A00
dmi.chassis.type: 10
dmi.chassis.vendor: Dell Inc.
dmi.modalias: 
dmi:bvnDellInc.:bvr1.19.0:bd03/10/2023:br1.19:svnDellInc.:pnXPS159510:pvr:rvnDellInc.:rn01V4T3:rvrA00:cvnDellInc.:ct10:cvr:sku0A61:
dmi.product.family: XPS
dmi.product.name: XPS 15 9510
dmi.product.sku: 0A61
dmi.sys.vendor: Dell Inc.

** Affects: alsa-driver (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug lunar

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/2019378

Title:
  HDMI sound not working

Status in alsa-driver package in Ubuntu:
  New

Bug description:
  Running Ubuntu 23.04 with all the latest patches on Dell XPS 15 9510/Nvidia 
3050Ti via Thunderbolt 4 cable attached to a DELL WB22TB4 dockingstation via 
Displayport 2.0 cable to an Asus 4K monitor with an audio out to a surround 
set. 
  The sound via HDMI was working great when running 22.10, but works rarely on 
23.04 (I haven't figured out which set-up it always does work). nVidia driver = 
525.105.17

  More questions on ton.hofh...@canonical.com or via MM @ton211

  ProblemType: Bug
  DistroRelease: Ubuntu 23.04
  Package: alsa-base 1.0.25+dfsg-0ubuntu7
  ProcVersionSignature: Ubuntu 6.2.0-20.20-generic 6.2.6
  Uname: Linux 6.2.0-20-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset 
nvidia
  ApportVersion: 2.26.1-0ubuntu2
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  ton5180 F wireplumber
   /dev/snd/controlC1:  ton5180 F wireplumber
   /dev/snd/pcmC1D0c:   ton5176 F...m pipewire
   /dev/snd/seq:ton5176 F pipewire
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Fri May 12 16:06:40 2023
  InstallationDate: Installed on 2023-02-02 (98 days ago)
  InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Release amd64 (20221020)
  PackageArchitecture: all
  SourcePackage: alsa-driver
  Symptom: audio
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 03/10/2023
  dmi.bios.release: 1.19
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: 1.19.0
  dmi.board.name: 01V4T3
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A00
  dmi.chassis.type: 10
  dmi.chassis.vendor: Dell Inc.
  dmi.modalias: 
dmi:bvnDellInc.:bvr1.19.0:bd03/10/2023:br1.19:svnDellInc.:pnXPS159510:pvr:rvnDellInc.:rn01V4T3:rvrA00:cvnDellInc.:ct10:cvr:sku0A61:
  dmi.product.family: XPS
  dmi.product.name: XPS 15 9510
  dmi.product.sku: 0A61
  dmi.sys.vendor: Dell Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/2019378/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992454] Please test proposed package

Hello Louis, or anyone else affected,

Accepted iptables into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/iptables/1.8.4-3ubuntu2.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: iptables (Ubuntu Bionic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/1992454

Title:
  iptables: segfault when renaming a chain

Status in iptables package in Ubuntu:
  Fix Released
Status in iptables source package in Bionic:
  Fix Committed
Status in iptables source package in Focal:
  Fix Committed
Status in iptables source package in Jammy:
  Fix Committed
Status in iptables source package in Kinetic:
  Fix Committed

Bug description:
  [ Impact ]
   * An explanation of the effects of the bug on users

  This is the description for the upstream fix of this bug[1] :

  This is an odd bug: If the number of chains is right and one renames the
  last one in the list, libiptc dereferences a NULL pointer.

   * justification for backporting the fix to the stable release.
  Without this patch, users may experience segmentation fault when using
  the following versions of iptables :

    - Bionic : iptables
    - Focal  : iptables
    - Jammy  : iptables-legacy
    - Kinetic: iptables-legacy

   * In addition, it is helpful, but not required, to include an
     explanation of how the upload fixes this bug.

  The upstream fix adjust the size of the chain_index if the element is the
  last chain in the list.

  [1]
  
http://git.netfilter.org/iptables/commit/?id=97bf4e68fc0794adba3243fd96f40f4568e7216f

  [ Test Plan ]

   * detailed instructions how to reproduce the bug

   The following code (adapted from the upstream commit to work on Kinetic) may 
be used to reproduce the issue :
  8<
  #!/bin/bash
  #
  # Cover for a bug in libiptc:
  # - the chain 'node-98-tmp' is the last in the list sorted by name
  # - there are 81 chains in total, so three chain index buckets
  # - the last index bucket contains only the 'node-98-tmp' chain
  # => rename temporarily removes it from the bucket, leaving a NULL bucket
  # behind which is dereferenced later when inserting the chain again with new
  # name again

  (
   echo "*filter"
   for chain in node-1 node-10 node-101 node-102 node-104 node-107 node-11 
node-12 node-13 node-14 node-15 node-16 node-17 node-18 node-19 node-2 node-20 
node-21 node-22 node-23 node-25 node-26 node-27 node-28 node-29 node-3 node-30 
node-31 node-32 node-33 node-34 node-36 node-37 node-39 node-4 node-40 node-41 
node-42 node-43 node-44 node-45 node-46 node-47 node-48 node-49 node-5 node-50 
node-51 node-53 node-54 node-55 node-56 node-57 node-58 node-59 node-6 node-60 
node-61 node-62 node-63 node-64 node-65 node-66 node-68 node-69 node-7 node-70 
node-71 node-74 node-75 node-76 node-8 node-80 node-81 node-86 node-89 node-9 
node-92 node-93 node-95 node-98-tmp; do
    echo ":$chain - [0:0]"
   done
   echo "COMMIT"
  ) | $XT_MULTI iptables-legacy-restore
  $XT_MULTI iptables-legacy -E node-98-tmp node-98
  exit $?
  >8

  Alternatively, this test has been added to the DEP8 list of tests, and
  will be executed automatically once the package is accepted into
  proposed. The DEP8 logs can be inspected for its run. Look for a test
  named "0006rename-segfault".

  [ Where problems could occur ]

  For Jammy and onward, only users of the -legacy commands may be affected.
  Since Jammy, iptables uses the new nft libraries which are not affected
  by the bug.

  For Bionic and Focal users, the regular iptables command is affected by
  the change.

  As stated in the manpage :
  E,

[Touch-packages] [Bug 1992454] Please test proposed package

Hello Louis, or anyone else affected,

Accepted iptables into bionic-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/iptables/1.6.1-2ubuntu2.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/1992454

Title:
  iptables: segfault when renaming a chain

Status in iptables package in Ubuntu:
  Fix Released
Status in iptables source package in Bionic:
  Fix Committed
Status in iptables source package in Focal:
  Fix Committed
Status in iptables source package in Jammy:
  Fix Committed
Status in iptables source package in Kinetic:
  Fix Committed

Bug description:
  [ Impact ]
   * An explanation of the effects of the bug on users

  This is the description for the upstream fix of this bug[1] :

  This is an odd bug: If the number of chains is right and one renames the
  last one in the list, libiptc dereferences a NULL pointer.

   * justification for backporting the fix to the stable release.
  Without this patch, users may experience segmentation fault when using
  the following versions of iptables :

    - Bionic : iptables
    - Focal  : iptables
    - Jammy  : iptables-legacy
    - Kinetic: iptables-legacy

   * In addition, it is helpful, but not required, to include an
     explanation of how the upload fixes this bug.

  The upstream fix adjust the size of the chain_index if the element is the
  last chain in the list.

  [1]
  
http://git.netfilter.org/iptables/commit/?id=97bf4e68fc0794adba3243fd96f40f4568e7216f

  [ Test Plan ]

   * detailed instructions how to reproduce the bug

   The following code (adapted from the upstream commit to work on Kinetic) may 
be used to reproduce the issue :
  8<
  #!/bin/bash
  #
  # Cover for a bug in libiptc:
  # - the chain 'node-98-tmp' is the last in the list sorted by name
  # - there are 81 chains in total, so three chain index buckets
  # - the last index bucket contains only the 'node-98-tmp' chain
  # => rename temporarily removes it from the bucket, leaving a NULL bucket
  # behind which is dereferenced later when inserting the chain again with new
  # name again

  (
   echo "*filter"
   for chain in node-1 node-10 node-101 node-102 node-104 node-107 node-11 
node-12 node-13 node-14 node-15 node-16 node-17 node-18 node-19 node-2 node-20 
node-21 node-22 node-23 node-25 node-26 node-27 node-28 node-29 node-3 node-30 
node-31 node-32 node-33 node-34 node-36 node-37 node-39 node-4 node-40 node-41 
node-42 node-43 node-44 node-45 node-46 node-47 node-48 node-49 node-5 node-50 
node-51 node-53 node-54 node-55 node-56 node-57 node-58 node-59 node-6 node-60 
node-61 node-62 node-63 node-64 node-65 node-66 node-68 node-69 node-7 node-70 
node-71 node-74 node-75 node-76 node-8 node-80 node-81 node-86 node-89 node-9 
node-92 node-93 node-95 node-98-tmp; do
    echo ":$chain - [0:0]"
   done
   echo "COMMIT"
  ) | $XT_MULTI iptables-legacy-restore
  $XT_MULTI iptables-legacy -E node-98-tmp node-98
  exit $?
  >8

  Alternatively, this test has been added to the DEP8 list of tests, and
  will be executed automatically once the package is accepted into
  proposed. The DEP8 logs can be inspected for its run. Look for a test
  named "0006rename-segfault".

  [ Where problems could occur ]

  For Jammy and onward, only users of the -legacy commands may be affected.
  Since Jammy, iptables uses the new nft libraries which are not affected
  by the bug.

  For Bionic and Focal users, the regular iptables command is affected by
  the change.

  As stated in the manpage :
  E, --rename-chain old-chain new-chain
    Rename the user specified chain to the user supplied name.  
This is cosmetic, and

[Touch-packages] [Bug 1992454] Re: iptables: segfault when renaming a chain

Hello Louis, or anyone else affected,

Accepted iptables into kinetic-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/iptables/1.8.7-1ubuntu6.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
kinetic to verification-done-kinetic. If it does not fix the bug for
you, please add a comment stating that, and change the tag to
verification-failed-kinetic. In either case, without details of your
testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: iptables (Ubuntu Kinetic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-kinetic

** Changed in: iptables (Ubuntu Focal)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/1992454

Title:
  iptables: segfault when renaming a chain

Status in iptables package in Ubuntu:
  Fix Released
Status in iptables source package in Bionic:
  Fix Committed
Status in iptables source package in Focal:
  Fix Committed
Status in iptables source package in Jammy:
  Fix Committed
Status in iptables source package in Kinetic:
  Fix Committed

Bug description:
  [ Impact ]
   * An explanation of the effects of the bug on users

  This is the description for the upstream fix of this bug[1] :

  This is an odd bug: If the number of chains is right and one renames the
  last one in the list, libiptc dereferences a NULL pointer.

   * justification for backporting the fix to the stable release.
  Without this patch, users may experience segmentation fault when using
  the following versions of iptables :

    - Bionic : iptables
    - Focal  : iptables
    - Jammy  : iptables-legacy
    - Kinetic: iptables-legacy

   * In addition, it is helpful, but not required, to include an
     explanation of how the upload fixes this bug.

  The upstream fix adjust the size of the chain_index if the element is the
  last chain in the list.

  [1]
  
http://git.netfilter.org/iptables/commit/?id=97bf4e68fc0794adba3243fd96f40f4568e7216f

  [ Test Plan ]

   * detailed instructions how to reproduce the bug

   The following code (adapted from the upstream commit to work on Kinetic) may 
be used to reproduce the issue :
  8<
  #!/bin/bash
  #
  # Cover for a bug in libiptc:
  # - the chain 'node-98-tmp' is the last in the list sorted by name
  # - there are 81 chains in total, so three chain index buckets
  # - the last index bucket contains only the 'node-98-tmp' chain
  # => rename temporarily removes it from the bucket, leaving a NULL bucket
  # behind which is dereferenced later when inserting the chain again with new
  # name again

  (
   echo "*filter"
   for chain in node-1 node-10 node-101 node-102 node-104 node-107 node-11 
node-12 node-13 node-14 node-15 node-16 node-17 node-18 node-19 node-2 node-20 
node-21 node-22 node-23 node-25 node-26 node-27 node-28 node-29 node-3 node-30 
node-31 node-32 node-33 node-34 node-36 node-37 node-39 node-4 node-40 node-41 
node-42 node-43 node-44 node-45 node-46 node-47 node-48 node-49 node-5 node-50 
node-51 node-53 node-54 node-55 node-56 node-57 node-58 node-59 node-6 node-60 
node-61 node-62 node-63 node-64 node-65 node-66 node-68 node-69 node-7 node-70 
node-71 node-74 node-75 node-76 node-8 node-80 node-81 node-86 node-89 node-9 
node-92 node-93 node-95 node-98-tmp; do
    echo ":$chain - [0:0]"
   done
   echo "COMMIT"
  ) | $XT_MULTI iptables-legacy-restore
  $XT_MULTI iptables-legacy -E node-98-tmp node-98
  exit $?
  >8

  Alternatively, this test has been added to the DEP8 list of tests, and
  will be executed automatically once the package is accepted into
  proposed. The DEP8 logs can be inspected for its run. Look for a test
  named "0006rename-segfault".

  [ Where problems could occur ]

  For Jammy and onward, only users of the -legacy commands may be affected.
  Since Jammy, iptables uses the new nft libraries which are not affected
  by the bug.

[Touch-packages] [Bug 2019023] Re: Fix shell test suite

Hello Andreas, or anyone else affected,

Accepted iptables into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/iptables/1.8.4-3ubuntu2.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: iptables (Ubuntu Focal)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/2019023

Title:
  Fix shell test suite

Status in iptables package in Ubuntu:
  Fix Released
Status in iptables source package in Focal:
  Fix Committed

Bug description:
  [ Impact ]

  The shell test suite (iptables/tests/shell/run-tests.sh) is currently
  failing on the firewalld tests in focal only:

  W: [FAILED] ././testcases/firewalld-restore/0001-firewalld_0: expected 0 but 
got 1
  W: [FAILED] ././testcases/firewalld-restore/0002-firewalld-restart_0: 
expected 0 but got 1

  After some troubleshooting, it turns out this is happening because of
  an unsorted order in the output of iptables-save, which was fixed[1]
  in later releases of iptables. The code was trying to compensate for
  that, but there was a small mistake[2] in a case/esac globbing:

  case "$XT_MULTI" in
  -*/xtables-nft-multi)
  +*xtables-nft-multi)

  The upstream fix includes other similar changes in other tests, but in
  the case of focal, the above is the minimal fix needed.

  Note that this shell test suite is not being run in focal, just in
  later ubuntu releases. But since the fix for #1992454 is adding such a
  test, I decided to fix the shell test run and add it to the existing
  DEP8 tests for focal via this bug, so we have test parity between
  focal and later ubuntu releases.

  1. 
https://git.netfilter.org/iptables/commit/?id=e28cf12cf50b9e2e0114f04331635fc122cb8aef
  2. 
https://git.netfilter.org/iptables/commit/?id=2b2b7948c1960ba4680677664ff58477be869de6

  [ Test Plan ]
  Verify that the DEP8 tests now include a run-tests.sh test suite, and that it 
passes.

  [ Where problems could occur ]
  If the fix is incorrect, it would affect only the already-failing firewalld 
test. But in addition to fixing that test, we are now also including a full 
test run of all shell tests, something which wasn't being done for focal until 
now. While these tests are passing now, they could fail in a future iptables 
SRU, or turn out to be flaky. They are being run in ubuntu releases after 
focal, though, so that is a good sign.

  [ Other Info ]
  This fix is being included in the same upload as bug #1992454.

  [ Original Description ]

  The shell test suite (iptables/tests/shell/run-tests.sh) is currently
  failing on the firewalld tests:

  W: [FAILED]  ././testcases/firewalld-restore/0001-firewalld_0: expected 0 
but got 1
  W: [FAILED]  ././testcases/firewalld-restore/0002-firewalld-restart_0: 
expected 0 but got 1

  After some troubleshooting, it turns out this is happening because of
  an unsorted order in the output of iptables-save, which was fixed[1]
  in later releases of iptables. The code was trying to compensate for
  that, but there was a small mistake[2] in a case/esac globbing:

  case "$XT_MULTI" in
  -*/xtables-nft-multi)
  +*xtables-nft-multi)

  1. 
https://git.netfilter.org/iptables/commit/?id=e28cf12cf50b9e2e0114f04331635fc122cb8aef
  2. 
https://git.netfilter.org/iptables/commit/?id=2b2b7948c1960ba4680677664ff58477be869de6

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/2019023/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2019022] Re: Bionic dep8 tests are failing

Hello Andreas, or anyone else affected,

Accepted iptables into bionic-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/iptables/1.6.1-2ubuntu2.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: iptables (Ubuntu Bionic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/2019022

Title:
  Bionic dep8 tests are failing

Status in iptables package in Ubuntu:
  Fix Released
Status in iptables source package in Bionic:
  Fix Committed

Bug description:
  [ Impact ]

  This bug does not affect users directly, but it's a problem everytime
  iptables is SRUed to Bionic. We could hint the DEP8 tests, in which
  case they would all be ignored (uncluding the ones that actually
  work), or fix it. By itself, fixing DEP8 is not worth an SRU, but
  since we are fixing a segfault (in #1992454), we can ship the DEP8
  fixes with it and make future SRUs easier and of better quality (since
  the tests now run correctly).

  The actual fixes are two:
  - since many iptables commands exit non-zero when the help parameter is given 
(-h/--help), instead of relying on that, we grep the output. Since bash's 
pipefail option is not set, it's the grep exit status that will be checked.
  - the iptables-compat-save is now being called with the -d (dump) option, 
which works for what the test wants, and doesn't exit 1 for no reason.

  Later versions of iptables have either flipped the exit status of the
  -h option (but not for all commands, annoyingly), so this fix is not
  needed after bionic. In other cases, the problematic test was just
  removed from d/t/control.

  [ Test Plan ]
  Verify in the autopkgtest report that the DEP8 tests ran and are all green.

  [ Where problems could occur ]
  This is fixing the existing DEP8 tests, which have been red for bionic since 
ever. If the fix fails, the tests will remain red, so no change.

  I'm assuming that the test goal of the multiple calls to iptables
  binaries with just the "-h/--help" option is to see if they run and
  don't crash. This is now being wrapped by a grep filter. If the
  iptables binary crashes, but still produces the expected help output,
  then it will be considered a green run, even though there was a
  problem.

  [ Other Info ]
  This fix is being included in the same upload as bug #1992454.

  [ Original Description]

  The Bionic DEP8 tests for iptables are in bad shape[1], even in the
  migration-reference/0 run.

  There are two types of failures:
  a) some commands have an exit status of 1 when called with the -h (for help) 
option, which is what some tests do
  b) iptables-compat-save (and its IPv6 counterpart) also exit with status 1, 
even when there are chains/tables to save

  I'll propose:
  a) grep the help output instead of relying on the exit status
  b) call the command with the -d (dump) option. That doesn't exit 0 in the 
success case, and actually dumps data when there are tables to do so

  1. https://autopkgtest.ubuntu.com/packages/i/iptables/bionic/amd64

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/2019022/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2013128] Re: mesa: set info.separate_shader for ARB programs

it got dropped from 23.0 because:

"Causes virgl regressions, probably needs a groundwork patch in virgl"

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/2013128

Title:
  mesa: set info.separate_shader for ARB programs

Status in mesa package in Ubuntu:
  In Progress
Status in mesa source package in Jammy:
  In Progress
Status in mesa source package in Kinetic:
  Won't Fix
Status in mesa source package in Lunar:
  Triaged
Status in mesa source package in Mantic:
  In Progress

Bug description:
  [Impact]
  There's a shader bug in 22.2.x, fixed upstream in commit

  
https://gitlab.freedesktop.org/mesa/mesa/-/commit/7e68cf91d74e6bd9a88c2b52417451d9afec4782

  but since 22.2.x is already EOL, we need to backport it.

  [Test case]

  Install update, check that the application from the submitter works.

  
  [Where things could go wrong]
  This is a oneliner that flips a bool, but it's hard to imagine use-cases 
which would expect the old value.

  
  --

  
  I have a bug that occurs in Ubuntu 22.04's most up to date libmesa related 
packages (=22.2.5-0ubuntu0.1~22.04.1) that was not there in =22.0.1-1ubuntu2. 
It has since been solved in mesa's repo and pulled into debian's repo. I do not 
know the proper way to request an updated version be made for Ubuntu. I've 
manually installed many different versions of libmesa to test on my own that it 
was working in an older version, is broken in this update, and was fixed again 
in 22.3.4 and 22.3.5.

  The one-line fix is implemented here in libmesa's repo:
  
https://gitlab.freedesktop.org/mesa/mesa/-/commit/7e68cf91d74e6bd9a88c2b52417451d9afec4782

  Unfortunately I'm not using libmesa directly. I'm programming an
  application using fox-toolkit which interfaces with libmesa behind the
  scenes for me. I reported my issue to them first, and they stated it
  appears to be in the mesa library, which is what ultimately led me
  down the path to their repo, debian's repo, and here. Please let me
  know if I'm in the right spot, and, if so, what my next step is to
  properly report this.

  --

  Feature Request: Upgrade mesa libraries to apply upstream bugfix to a
  bug introduced in 22.2.5-0ubuntu0.1~22.04.1.

  I was directed to report this bug via my question at
  answers.launchpad.net/ubuntu:
  https://answers.launchpad.net/ubuntu/+question/705988

  Please let me know if you need further information.  Thanks!

   > lsb_release -rd
  Description: Ubuntu 22.04.2 LTS
  Release: 22.04

   > apt-cache policy libglx-mesa0
  libglx-mesa0:
    Installed: 22.2.5-0ubuntu0.1~22.04.1
    Candidate: 22.2.5-0ubuntu0.1~22.04.1
    Version table:
   *** 22.2.5-0ubuntu0.1~22.04.1 500
  500 http://us.archive.ubuntu.com/ubuntu jammy-updates/main amd64 
Packages
  100 /var/lib/dpkg/status
   22.0.1-1ubuntu2 500
  500 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 Packages

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: libglx-mesa0 22.2.5-0ubuntu0.1~22.04.1
  ProcVersionSignature: Ubuntu 5.19.0-35.36~22.04.1-generic 5.19.17
  Uname: Linux 5.19.0-35-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.11-0ubuntu82.3
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: i3
  Date: Tue Mar 28 15:30:59 2023
  InstallationDate: Installed on 2022-04-28 (334 days ago)
  InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 
(20220419)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: mesa
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.default.apport: [modified]
  mtime.conffile..etc.default.apport: 2022-04-29T14:47:14.568862

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mesa/+bug/2013128/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2013543] Re: systemctl daemon-reexec forgets running services and starts everything new

2023-05-12 Thread Nick Rosbrook

Simon - are you also running in OpenVZ or is this a different
virtualization environment?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2013543

Title:
  systemctl daemon-reexec forgets running services and starts everything
  new

Status in systemd package in Ubuntu:
  Incomplete
Status in systemd source package in Jammy:
  Incomplete

Bug description:
  # Our problem #

  During a regular update of our container environment, `systemd` (and
  the related packages libpam-systemd, libsystemd0, libudev1, systemd-
  sysv and udev) were updated from `249.11-0ubuntu3.6` to
  `249.11-0ubuntu3.7`. We're talking only about Ubuntu 22.04. Our Ubuntu
  20.04 is working fine with `systemctl daemon-reexec`.

  In my opinion, the update was not the problem because we've tried
  downgrading and tried these versions: (current) `249.11-0ubuntu3.7`,
  `249.11-0ubuntu3.6`, `249.11-0ubuntu3.4` and `249.11-0ubuntu3.3`. The
  symptoms were the same.

  # Symptoms #

  The `/var/lib/dpkg/info/systemd.postinst` executes a `systemctl
  daemon-reexec` and that ended in a disaster. It seems that `systemd`
  is forgetting all it started children and tries to start nearly every
  configured service again. Naturally, the old services are still
  running, and the ports can't be opened twice and `systemd` won't give
  up. Here are some(!) of the logfiles:

  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Starting Create Volatile Files and 
Directories...
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: systemd-udevd.service: Found 
left-over process 130 (systemd-udevd) in control group while starting unit. 
Ignoring.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: This usually indicates unclean 
termination of a previous run, or service implementation deficiencies.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: systemd-udevd.service: Found 
left-over process 31475 (systemd-udevd) in control group while starting unit. 
Ignoring.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: This usually indicates unclean 
termination of a previous run, or service implementation deficiencies.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: systemd-udevd.service: Found 
left-over process 31476 (systemd-udevd) in control group while starting unit. 
Ignoring.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: This usually indicates unclean 
termination of a previous run, or service implementation deficiencies.

  And...

  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Reached target System 
Initialization.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Daily apt download 
activities.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Daily apt upgrade and clean 
activities.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Daily dpkg database backup 
timer.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Periodic ext4 Online 
Metadata Check for All Filesystems.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Condition check resulted in Discard 
unused blocks once a week being skipped.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Daily rotation of log files.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Daily man-db regeneration.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Message of the Day.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Clean PHP session files 
every 30 mins.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Update the plocate database 
daily.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Daily Cleanup of Temporary 
Directories.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Reached target Basic System.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: System is tainted: cgroupsv1
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Reached target Timer Units.

  And...

  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: atd.service: Found left-over 
process 206 (atd) in control group while starting unit. Ignoring.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: This usually indicates unclean 
termination of a previous run, or service implementation deficiencies.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Starting Deferred execution 
scheduler...
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: cron.service: Found left-over 
process 164 (cron) in control group while starting unit. Ignoring.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: This usually indicates unclean 
termination of a previous run, or service implementation deficiencies.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started Regular background program 
processing daemon.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: dbus.service: Found left-over 
process 177 (dbus-daemon) in control group while starting unit. Ignoring.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: This usually indicates unclean 
termination of a previous run, or service implementation deficiencies.
  Mar 31 12:51:39 FQDN_REDACTED systemd[1]: Started D-Bus System Message Bus.

  And...

  Mar 31 12:51:39 FQDN_REDACTED

[Touch-packages] [Bug 2013128] Re: mesa: set info.separate_shader for ARB programs

seems that this commit never got applied to 23.0.x while it did get in
22.3.x...

** Also affects: mesa (Ubuntu Mantic)
   Importance: Undecided
   Status: Fix Released

** Also affects: mesa (Ubuntu Lunar)
   Importance: Undecided
   Status: New

** Changed in: mesa (Ubuntu Mantic)
   Status: Fix Released => In Progress

** Changed in: mesa (Ubuntu Lunar)
   Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/2013128

Title:
  mesa: set info.separate_shader for ARB programs

Status in mesa package in Ubuntu:
  In Progress
Status in mesa source package in Jammy:
  In Progress
Status in mesa source package in Kinetic:
  Won't Fix
Status in mesa source package in Lunar:
  Triaged
Status in mesa source package in Mantic:
  In Progress

Bug description:
  [Impact]
  There's a shader bug in 22.2.x, fixed upstream in commit

  
https://gitlab.freedesktop.org/mesa/mesa/-/commit/7e68cf91d74e6bd9a88c2b52417451d9afec4782

  but since 22.2.x is already EOL, we need to backport it.

  [Test case]

  Install update, check that the application from the submitter works.

  
  [Where things could go wrong]
  This is a oneliner that flips a bool, but it's hard to imagine use-cases 
which would expect the old value.

  
  --

  
  I have a bug that occurs in Ubuntu 22.04's most up to date libmesa related 
packages (=22.2.5-0ubuntu0.1~22.04.1) that was not there in =22.0.1-1ubuntu2. 
It has since been solved in mesa's repo and pulled into debian's repo. I do not 
know the proper way to request an updated version be made for Ubuntu. I've 
manually installed many different versions of libmesa to test on my own that it 
was working in an older version, is broken in this update, and was fixed again 
in 22.3.4 and 22.3.5.

  The one-line fix is implemented here in libmesa's repo:
  
https://gitlab.freedesktop.org/mesa/mesa/-/commit/7e68cf91d74e6bd9a88c2b52417451d9afec4782

  Unfortunately I'm not using libmesa directly. I'm programming an
  application using fox-toolkit which interfaces with libmesa behind the
  scenes for me. I reported my issue to them first, and they stated it
  appears to be in the mesa library, which is what ultimately led me
  down the path to their repo, debian's repo, and here. Please let me
  know if I'm in the right spot, and, if so, what my next step is to
  properly report this.

  --

  Feature Request: Upgrade mesa libraries to apply upstream bugfix to a
  bug introduced in 22.2.5-0ubuntu0.1~22.04.1.

  I was directed to report this bug via my question at
  answers.launchpad.net/ubuntu:
  https://answers.launchpad.net/ubuntu/+question/705988

  Please let me know if you need further information.  Thanks!

   > lsb_release -rd
  Description: Ubuntu 22.04.2 LTS
  Release: 22.04

   > apt-cache policy libglx-mesa0
  libglx-mesa0:
    Installed: 22.2.5-0ubuntu0.1~22.04.1
    Candidate: 22.2.5-0ubuntu0.1~22.04.1
    Version table:
   *** 22.2.5-0ubuntu0.1~22.04.1 500
  500 http://us.archive.ubuntu.com/ubuntu jammy-updates/main amd64 
Packages
  100 /var/lib/dpkg/status
   22.0.1-1ubuntu2 500
  500 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 Packages

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: libglx-mesa0 22.2.5-0ubuntu0.1~22.04.1
  ProcVersionSignature: Ubuntu 5.19.0-35.36~22.04.1-generic 5.19.17
  Uname: Linux 5.19.0-35-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.11-0ubuntu82.3
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: i3
  Date: Tue Mar 28 15:30:59 2023
  InstallationDate: Installed on 2022-04-28 (334 days ago)
  InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 
(20220419)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: mesa
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.default.apport: [modified]
  mtime.conffile..etc.default.apport: 2022-04-29T14:47:14.568862

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mesa/+bug/2013128/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1995320] Re: [amdgpu] intermittent green static

2023-05-12 Thread Kai Groner

** Tags removed: kinetic
** Tags added: lunar

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1995320

Title:
  [amdgpu] intermittent green static

Status in linux package in Ubuntu:
  Confirmed
Status in mesa package in Ubuntu:
  New

Bug description:
  After upgrading from 22.04 to 22.10 I've been seeing some display
  glitches.

  - green static appears, usually when scrolling, regular sized green blocks, 
like giant pixels
  - firefox not refreshing when full screen video plays (separate windows, 
separate screens)

  I would guess I probably have the wrong package here, but there's no
  way for me to tell if it's mesa, the kernel, gnome-shell, or something
  else.

  Radeon 6700XT
  Dual displays
  Wayland

  ProblemType: Bug
  DistroRelease: Ubuntu 22.10
  Package: gnome-shell 43.0-1ubuntu2
  ProcVersionSignature: Ubuntu 5.19.0-23.24-generic 5.19.7
  Uname: Linux 5.19.0-23-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.23.1-0ubuntu3
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Mon Oct 31 21:46:03 2022
  DisplayManager: gdm3
  InstallationDate: Installed on 2019-06-18 (1231 days ago)
  InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
  ProcEnviron:
   TERM=tmux-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  RelatedPackageVersions: mutter-common 43.0-1ubuntu4
  SourcePackage: gnome-shell
  UpgradeStatus: Upgraded to kinetic on 2022-10-30 (1 days ago)
  --- 
  ProblemType: Bug
  ApportVersion: 2.23.1-0ubuntu3
  Architecture: amd64
  CRDA: N/A
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  DistroRelease: Ubuntu 22.10
  InstallationDate: Installed on 2019-06-18 (1232 days ago)
  InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
  MachineType: To Be Filled By O.E.M. To Be Filled By O.E.M.
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  Package: linux (not installed)
  ProcEnviron:
   TERM=tmux-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcFB: 0 amdgpudrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-5.19.0-23-generic 
root=/dev/mapper/infodata-root ro quiet splash vt.handoff=7
  ProcVersionSignature: Ubuntu 5.19.0-23.24-generic 5.19.7
  RelatedPackageVersions:
   linux-restricted-modules-5.19.0-23-generic N/A
   linux-backports-modules-5.19.0-23-generic  N/A
   linux-firmware 20220923.gitf09bebf3-0ubuntu1
  RfKill:
   
  Tags:  kinetic wayland-session
  Uname: Linux 5.19.0-23-generic x86_64
  UpgradeStatus: Upgraded to kinetic on 2022-10-30 (1 days ago)
  UserGroups: adm cdrom dip lpadmin lxd plugdev sambashare sudo wireshark
  _MarkForUpload: True
  dmi.bios.date: 11/27/2019
  dmi.bios.release: 5.14
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: P2.90
  dmi.board.name: B450M Steel Legend
  dmi.board.vendor: ASRock
  dmi.chassis.asset.tag: To Be Filled By O.E.M.
  dmi.chassis.type: 3
  dmi.chassis.vendor: To Be Filled By O.E.M.
  dmi.chassis.version: To Be Filled By O.E.M.
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvrP2.90:bd11/27/2019:br5.14:svnToBeFilledByO.E.M.:pnToBeFilledByO.E.M.:pvrToBeFilledByO.E.M.:rvnASRock:rnB450MSteelLegend:rvr:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.:skuToBeFilledByO.E.M.:
  dmi.product.family: To Be Filled By O.E.M.
  dmi.product.name: To Be Filled By O.E.M.
  dmi.product.sku: To Be Filled By O.E.M.
  dmi.product.version: To Be Filled By O.E.M.
  dmi.sys.vendor: To Be Filled By O.E.M.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1995320/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992454] Re: iptables: segfault when renaming a chain

Hello Louis, or anyone else affected,

Accepted iptables into jammy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/iptables/1.8.7-1ubuntu5.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
jammy to verification-done-jammy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-jammy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: iptables (Ubuntu Jammy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/1992454

Title:
  iptables: segfault when renaming a chain

Status in iptables package in Ubuntu:
  Fix Released
Status in iptables source package in Bionic:
  In Progress
Status in iptables source package in Focal:
  In Progress
Status in iptables source package in Jammy:
  Fix Committed
Status in iptables source package in Kinetic:
  In Progress

Bug description:
  [ Impact ]
   * An explanation of the effects of the bug on users

  This is the description for the upstream fix of this bug[1] :

  This is an odd bug: If the number of chains is right and one renames the
  last one in the list, libiptc dereferences a NULL pointer.

   * justification for backporting the fix to the stable release.
  Without this patch, users may experience segmentation fault when using
  the following versions of iptables :

    - Bionic : iptables
    - Focal  : iptables
    - Jammy  : iptables-legacy
    - Kinetic: iptables-legacy

   * In addition, it is helpful, but not required, to include an
     explanation of how the upload fixes this bug.

  The upstream fix adjust the size of the chain_index if the element is the
  last chain in the list.

  [1]
  
http://git.netfilter.org/iptables/commit/?id=97bf4e68fc0794adba3243fd96f40f4568e7216f

  [ Test Plan ]

   * detailed instructions how to reproduce the bug

   The following code (adapted from the upstream commit to work on Kinetic) may 
be used to reproduce the issue :
  8<
  #!/bin/bash
  #
  # Cover for a bug in libiptc:
  # - the chain 'node-98-tmp' is the last in the list sorted by name
  # - there are 81 chains in total, so three chain index buckets
  # - the last index bucket contains only the 'node-98-tmp' chain
  # => rename temporarily removes it from the bucket, leaving a NULL bucket
  # behind which is dereferenced later when inserting the chain again with new
  # name again

  (
   echo "*filter"
   for chain in node-1 node-10 node-101 node-102 node-104 node-107 node-11 
node-12 node-13 node-14 node-15 node-16 node-17 node-18 node-19 node-2 node-20 
node-21 node-22 node-23 node-25 node-26 node-27 node-28 node-29 node-3 node-30 
node-31 node-32 node-33 node-34 node-36 node-37 node-39 node-4 node-40 node-41 
node-42 node-43 node-44 node-45 node-46 node-47 node-48 node-49 node-5 node-50 
node-51 node-53 node-54 node-55 node-56 node-57 node-58 node-59 node-6 node-60 
node-61 node-62 node-63 node-64 node-65 node-66 node-68 node-69 node-7 node-70 
node-71 node-74 node-75 node-76 node-8 node-80 node-81 node-86 node-89 node-9 
node-92 node-93 node-95 node-98-tmp; do
    echo ":$chain - [0:0]"
   done
   echo "COMMIT"
  ) | $XT_MULTI iptables-legacy-restore
  $XT_MULTI iptables-legacy -E node-98-tmp node-98
  exit $?
  >8

  Alternatively, this test has been added to the DEP8 list of tests, and
  will be executed automatically once the package is accepted into
  proposed. The DEP8 logs can be inspected for its run. Look for a test
  named "0006rename-segfault".

  [ Where problems could occur ]

  For Jammy and onward, only users of the -legacy commands may be affected.
  Since Jammy, iptables uses the new nft libraries which are not affected
  by the bug.

  For Bionic and Focal users, the regular iptables command is affected by
  the change.

  As stated in the manpage :

[Touch-packages] [Bug 2016439] Please test proposed package

Hello Sergio, or anyone else affected,

Accepted curl into lunar-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/curl/7.88.1-8ubuntu2
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
lunar to verification-done-lunar. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-lunar. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2016439

Title:
  Regression finding system certificates

Status in curl package in Ubuntu:
  In Progress
Status in curl source package in Lunar:
  Fix Committed
Status in curl source package in Mantic:
  In Progress
Status in curl package in Debian:
  Fix Released

Bug description:
  [ Impact ]

  Users of applications that link against libcurl's NSS flavour might
  experience issues when trying to contact HTTPS servers.  This can lead
  to scenarios where the application is unable to connect.

  [ Test Plan ]

  First, let's verify that the GNUTLS flavour of libcurl does the right
  thing:

  $ lxc launch ubuntu-daily:lunar curl-bug2016439
  $ lxc shell curl-bug2016439
  # apt update && apt install -y libcurl4-gnutls-dev gcc
  # cat > curl-test.c << __EOF__
  #include 
  #include 
   
  int main(void)
  {
CURL *curl;
CURLcode res;
   
curl = curl_easy_init();
if(curl) {
  curl_easy_setopt(curl, CURLOPT_URL, "https://example.com;);
  /* example.com is redirected, so we tell libcurl to follow redirection */
  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
   
  /* Perform the request, res will get the return code */
  res = curl_easy_perform(curl);
  /* Check for errors */
  if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
   
  /* always cleanup */
  curl_easy_cleanup(curl);
}
return 0;
  }
  __EOF__
  # gcc curl-test.c -o curl-test -lcurl
  # ./curl-test
 
 
  
   
  Example Domain
  ...
  #

  You should see the HTML dump of example.com.  Now, let's install the
  NSS flavour of libcurl and recompile the test program against it:

  # apt install -y libcurl4-nss-dev
  # gcc curl-test.c -o curl-test -lcurl
  # ./curl-test
  curl_easy_perform() failed: SSL peer certificate or SSH remote key was not OK

  As we can see, there was an error when validating the TLS certificate.

  [ Where problems could occur ]

  The adjustment needed to the downstream patch is pretty simple and has
  been tested extensively.  The original reporter mentioned that the
  issue did not happen before this patch was applied, so in the unlikely
  event of a regression the best route would be to revert the patch
  entirely.

  [ More Info ]

  This happens because of an error in one of our patches (authored by
  me) to teach libcurl where to properly find libnsspem.so and
  libnssckbi.so.  The problem is that libnsspem.so is installed under
  /usr/lib/$(DEB_HOST_ARCH)/nss/, while libnssckbi.so is installed under
  /usr/lib/$(DEB_HOST_ARCH)/, but I mistakenly pointed libcurl to look
  under the "/nss/" directory for both libraries.  As it turns out,
  libnssckbi.so is necessary in order to use the Mozilla's root
  certificate.

  [ Original Description ]

  [ Clone of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034359 ]

  Between 7.88.1-2 and 7.88.1-5, there was a change to where curl with
  nss looks for loadable libraries:

  curl (7.88.1-4) unstable; urgency=medium

    * d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch:
  Prepend "/nss/" before the library name.

  Before the change to the load path, curl could find
  /lib/x86_64-linux-gnu/libnssckbi.so but not
  /lib/x86_64-linux-gnu/nss/libnsspem.so, after the change it's the
  reverse.

  libnssckbi.so is enough to get a trust root (the mozilla certificate
  store is compiled inside that library), whereas libnsspem.so
  (1.0.8+1-1) isn't.

[Touch-packages] [Bug 2016439] Re: Regression finding system certificates

Thanks for the new upload. Please also fix this in mantic, either via a
mantic upload with the same change, or a debian change/upload and later
re-merge in mantic.

** Changed in: curl (Ubuntu Lunar)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-lunar

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2016439

Title:
  Regression finding system certificates

Status in curl package in Ubuntu:
  In Progress
Status in curl source package in Lunar:
  Fix Committed
Status in curl source package in Mantic:
  In Progress
Status in curl package in Debian:
  Fix Released

Bug description:
  [ Impact ]

  Users of applications that link against libcurl's NSS flavour might
  experience issues when trying to contact HTTPS servers.  This can lead
  to scenarios where the application is unable to connect.

  [ Test Plan ]

  First, let's verify that the GNUTLS flavour of libcurl does the right
  thing:

  $ lxc launch ubuntu-daily:lunar curl-bug2016439
  $ lxc shell curl-bug2016439
  # apt update && apt install -y libcurl4-gnutls-dev gcc
  # cat > curl-test.c << __EOF__
  #include 
  #include 
   
  int main(void)
  {
CURL *curl;
CURLcode res;
   
curl = curl_easy_init();
if(curl) {
  curl_easy_setopt(curl, CURLOPT_URL, "https://example.com;);
  /* example.com is redirected, so we tell libcurl to follow redirection */
  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
   
  /* Perform the request, res will get the return code */
  res = curl_easy_perform(curl);
  /* Check for errors */
  if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
   
  /* always cleanup */
  curl_easy_cleanup(curl);
}
return 0;
  }
  __EOF__
  # gcc curl-test.c -o curl-test -lcurl
  # ./curl-test
 
 
  
   
  Example Domain
  ...
  #

  You should see the HTML dump of example.com.  Now, let's install the
  NSS flavour of libcurl and recompile the test program against it:

  # apt install -y libcurl4-nss-dev
  # gcc curl-test.c -o curl-test -lcurl
  # ./curl-test
  curl_easy_perform() failed: SSL peer certificate or SSH remote key was not OK

  As we can see, there was an error when validating the TLS certificate.

  [ Where problems could occur ]

  The adjustment needed to the downstream patch is pretty simple and has
  been tested extensively.  The original reporter mentioned that the
  issue did not happen before this patch was applied, so in the unlikely
  event of a regression the best route would be to revert the patch
  entirely.

  [ More Info ]

  This happens because of an error in one of our patches (authored by
  me) to teach libcurl where to properly find libnsspem.so and
  libnssckbi.so.  The problem is that libnsspem.so is installed under
  /usr/lib/$(DEB_HOST_ARCH)/nss/, while libnssckbi.so is installed under
  /usr/lib/$(DEB_HOST_ARCH)/, but I mistakenly pointed libcurl to look
  under the "/nss/" directory for both libraries.  As it turns out,
  libnssckbi.so is necessary in order to use the Mozilla's root
  certificate.

  [ Original Description ]

  [ Clone of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034359 ]

  Between 7.88.1-2 and 7.88.1-5, there was a change to where curl with
  nss looks for loadable libraries:

  curl (7.88.1-4) unstable; urgency=medium

    * d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch:
  Prepend "/nss/" before the library name.

  Before the change to the load path, curl could find
  /lib/x86_64-linux-gnu/libnssckbi.so but not
  /lib/x86_64-linux-gnu/nss/libnsspem.so, after the change it's the
  reverse.

  libnssckbi.so is enough to get a trust root (the mozilla certificate
  store is compiled inside that library), whereas libnsspem.so
  (1.0.8+1-1) isn't.
  This makes it impossible to connect to https servers by default for
  programs that use curl with NSS.

  Here is a way to test the regression:
  debbisect -v --cache=./cache \
     
--depends=libcurl4-nss-dev,git,pkg-config,libssl-dev,ca-certificates,cargo,nss-plugin-pem,p11-kit-modules,strace
  \
    20230306T145638Z 20230306T203828Z \
  'chroot "$1" bash -exuc "
  git clone --depth 1 https://github.com/alexcrichton/curl-rust.git
  cd curl-rust
  time cargo fetch
  time cargo build --offline --example https
  strace -efile target/debug/examples/https >/dev/null
  "'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/curl/+bug/2016439/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992454] Re: iptables: segfault when renaming a chain

2023-05-12 Thread Louis Bouchard

Hello, thanks for the update. Will test when they show up in proposed.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/1992454

Title:
  iptables: segfault when renaming a chain

Status in iptables package in Ubuntu:
  Fix Released
Status in iptables source package in Bionic:
  In Progress
Status in iptables source package in Focal:
  In Progress
Status in iptables source package in Jammy:
  In Progress
Status in iptables source package in Kinetic:
  In Progress

Bug description:
  [ Impact ]
   * An explanation of the effects of the bug on users

  This is the description for the upstream fix of this bug[1] :

  This is an odd bug: If the number of chains is right and one renames the
  last one in the list, libiptc dereferences a NULL pointer.

   * justification for backporting the fix to the stable release.
  Without this patch, users may experience segmentation fault when using
  the following versions of iptables :

    - Bionic : iptables
    - Focal  : iptables
    - Jammy  : iptables-legacy
    - Kinetic: iptables-legacy

   * In addition, it is helpful, but not required, to include an
     explanation of how the upload fixes this bug.

  The upstream fix adjust the size of the chain_index if the element is the
  last chain in the list.

  [1]
  
http://git.netfilter.org/iptables/commit/?id=97bf4e68fc0794adba3243fd96f40f4568e7216f

  [ Test Plan ]

   * detailed instructions how to reproduce the bug

   The following code (adapted from the upstream commit to work on Kinetic) may 
be used to reproduce the issue :
  8<
  #!/bin/bash
  #
  # Cover for a bug in libiptc:
  # - the chain 'node-98-tmp' is the last in the list sorted by name
  # - there are 81 chains in total, so three chain index buckets
  # - the last index bucket contains only the 'node-98-tmp' chain
  # => rename temporarily removes it from the bucket, leaving a NULL bucket
  # behind which is dereferenced later when inserting the chain again with new
  # name again

  (
   echo "*filter"
   for chain in node-1 node-10 node-101 node-102 node-104 node-107 node-11 
node-12 node-13 node-14 node-15 node-16 node-17 node-18 node-19 node-2 node-20 
node-21 node-22 node-23 node-25 node-26 node-27 node-28 node-29 node-3 node-30 
node-31 node-32 node-33 node-34 node-36 node-37 node-39 node-4 node-40 node-41 
node-42 node-43 node-44 node-45 node-46 node-47 node-48 node-49 node-5 node-50 
node-51 node-53 node-54 node-55 node-56 node-57 node-58 node-59 node-6 node-60 
node-61 node-62 node-63 node-64 node-65 node-66 node-68 node-69 node-7 node-70 
node-71 node-74 node-75 node-76 node-8 node-80 node-81 node-86 node-89 node-9 
node-92 node-93 node-95 node-98-tmp; do
    echo ":$chain - [0:0]"
   done
   echo "COMMIT"
  ) | $XT_MULTI iptables-legacy-restore
  $XT_MULTI iptables-legacy -E node-98-tmp node-98
  exit $?
  >8

  Alternatively, this test has been added to the DEP8 list of tests, and
  will be executed automatically once the package is accepted into
  proposed. The DEP8 logs can be inspected for its run. Look for a test
  named "0006rename-segfault".

  [ Where problems could occur ]

  For Jammy and onward, only users of the -legacy commands may be affected.
  Since Jammy, iptables uses the new nft libraries which are not affected
  by the bug.

  For Bionic and Focal users, the regular iptables command is affected by
  the change.

  As stated in the manpage :
  E, --rename-chain old-chain new-chain
    Rename the user specified chain to the user supplied name.  
This is cosmetic, and has no effect on the structure of the table.

  In case of a problem, only the modification of the name would be affected
  as this is clearly outlined as a cosmetic only change.

  [ Other Info ]
  The patch is also applied to lunar and mantic, but is fixed in upstream's 
1.8.9 release which so far is only in debian testing/unstable.

  This is being uploaded together with test fixes from bug #1992454
  (bionic-specific) and bug #2019023 (focal-specific), which were found
  and fixed while trying out the DEP8 runs for this package.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1992454/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2016439] Re: Regression finding system certificates

** Also affects: curl (Ubuntu Mantic)
   Importance: High
 Assignee: Sergio Durigan Junior (sergiodj)
   Status: In Progress

** Also affects: curl (Ubuntu Lunar)
   Importance: Undecided
   Status: New

** Changed in: curl (Ubuntu Lunar)
 Assignee: (unassigned) => Sergio Durigan Junior (sergiodj)

** Changed in: curl (Ubuntu Lunar)
   Importance: Undecided => High

** Changed in: curl (Ubuntu Lunar)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in Ubuntu.
https://bugs.launchpad.net/bugs/2016439

Title:
  Regression finding system certificates

Status in curl package in Ubuntu:
  In Progress
Status in curl source package in Lunar:
  In Progress
Status in curl source package in Mantic:
  In Progress
Status in curl package in Debian:
  Fix Released

Bug description:
  [ Impact ]

  Users of applications that link against libcurl's NSS flavour might
  experience issues when trying to contact HTTPS servers.  This can lead
  to scenarios where the application is unable to connect.

  [ Test Plan ]

  First, let's verify that the GNUTLS flavour of libcurl does the right
  thing:

  $ lxc launch ubuntu-daily:lunar curl-bug2016439
  $ lxc shell curl-bug2016439
  # apt update && apt install -y libcurl4-gnutls-dev gcc
  # cat > curl-test.c << __EOF__
  #include 
  #include 
   
  int main(void)
  {
CURL *curl;
CURLcode res;
   
curl = curl_easy_init();
if(curl) {
  curl_easy_setopt(curl, CURLOPT_URL, "https://example.com;);
  /* example.com is redirected, so we tell libcurl to follow redirection */
  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
   
  /* Perform the request, res will get the return code */
  res = curl_easy_perform(curl);
  /* Check for errors */
  if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
   
  /* always cleanup */
  curl_easy_cleanup(curl);
}
return 0;
  }
  __EOF__
  # gcc curl-test.c -o curl-test -lcurl
  # ./curl-test
 
 
  
   
  Example Domain
  ...
  #

  You should see the HTML dump of example.com.  Now, let's install the
  NSS flavour of libcurl and recompile the test program against it:

  # apt install -y libcurl4-nss-dev
  # gcc curl-test.c -o curl-test -lcurl
  # ./curl-test
  curl_easy_perform() failed: SSL peer certificate or SSH remote key was not OK

  As we can see, there was an error when validating the TLS certificate.

  [ Where problems could occur ]

  The adjustment needed to the downstream patch is pretty simple and has
  been tested extensively.  The original reporter mentioned that the
  issue did not happen before this patch was applied, so in the unlikely
  event of a regression the best route would be to revert the patch
  entirely.

  [ More Info ]

  This happens because of an error in one of our patches (authored by
  me) to teach libcurl where to properly find libnsspem.so and
  libnssckbi.so.  The problem is that libnsspem.so is installed under
  /usr/lib/$(DEB_HOST_ARCH)/nss/, while libnssckbi.so is installed under
  /usr/lib/$(DEB_HOST_ARCH)/, but I mistakenly pointed libcurl to look
  under the "/nss/" directory for both libraries.  As it turns out,
  libnssckbi.so is necessary in order to use the Mozilla's root
  certificate.

  [ Original Description ]

  [ Clone of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034359 ]

  Between 7.88.1-2 and 7.88.1-5, there was a change to where curl with
  nss looks for loadable libraries:

  curl (7.88.1-4) unstable; urgency=medium

    * d/p/Use-correct-path-when-loading-libnss-pem-ckbi-.so.patch:
  Prepend "/nss/" before the library name.

  Before the change to the load path, curl could find
  /lib/x86_64-linux-gnu/libnssckbi.so but not
  /lib/x86_64-linux-gnu/nss/libnsspem.so, after the change it's the
  reverse.

  libnssckbi.so is enough to get a trust root (the mozilla certificate
  store is compiled inside that library), whereas libnsspem.so
  (1.0.8+1-1) isn't.
  This makes it impossible to connect to https servers by default for
  programs that use curl with NSS.

  Here is a way to test the regression:
  debbisect -v --cache=./cache \
     
--depends=libcurl4-nss-dev,git,pkg-config,libssl-dev,ca-certificates,cargo,nss-plugin-pem,p11-kit-modules,strace
  \
    20230306T145638Z 20230306T203828Z \
  'chroot "$1" bash -exuc "
  git clone --depth 1 https://github.com/alexcrichton/curl-rust.git
  cd curl-rust
  time cargo fetch
  time cargo build --offline --example https
  strace -efile target/debug/examples/https >/dev/null
  "'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/curl/+bug/2016439/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to :

[Touch-packages] [Bug 2017999] Re: tzdata 2023c-0ubuntu0.22.04.1 might have some inconsistency

Hello Daniel, or anyone else affected,

Accepted python-tz into lunar-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/python-
tz/2022.7.1-3ubuntu0.1 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
lunar to verification-done-lunar. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-lunar. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Tags added: verification-needed verification-needed-lunar

** Also affects: python-tz (Ubuntu)
   Importance: Undecided
   Status: New

** Changed in: python-tz (Ubuntu)
   Status: New => Fix Released

** Changed in: python-tz (Ubuntu Lunar)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
https://bugs.launchpad.net/bugs/2017999

Title:
  tzdata 2023c-0ubuntu0.22.04.1 might have some inconsistency

Status in python-tz package in Ubuntu:
  Fix Released
Status in tzdata package in Ubuntu:
  Fix Released
Status in python-tz source package in Focal:
  New
Status in tzdata source package in Focal:
  New
Status in python-tz source package in Jammy:
  New
Status in tzdata source package in Jammy:
  New
Status in python-tz source package in Kinetic:
  New
Status in tzdata source package in Kinetic:
  New
Status in python-tz source package in Lunar:
  Fix Committed
Status in tzdata source package in Lunar:
  New

Bug description:
  [ Impact ]

  Recent updates have been using `PACKRATDATA=backzone` in order to add
  all out-of-scope lower-quality pre-1970 data back that existed in
  earlier tzadata releases (see bug #2003797). However it also leads to
  time zones like America/Ensenada, Atlantic/Jan_Mayen, Europe/Tiraspol,
  and Pacific/Enderbury to change:

  compared to 2023c-0ubuntu0.22.04.0
  - America/Ensenada->only dst changes until 2022 are shown
  - Atlantic/Jan_Mayen->now valid data is shown
  - Europe/Tiraspol->only dst changes until 2010 are shown

  [ Test Plan ]

  Add an autopkgtest test case for post-1970 symlink consistency: Check
  that the timezones for today and in half a year (= to cover DST
  changes) do not change compared to building them without
  `PACKRATDATA=backzone`.

  The mentioned timezones that differed can also be tested manually.
  Running following commands should have the same output (the output
  mentioned here is from tzdata 2023c-0ubuntu0.22.04.1):

  ```
  $ TZ=America/Ensenada date -d "2023-04-28 13:49 Z"
  Fri Apr 28 05:49:00 PST 2023
  $ TZ=Atlantic/Jan_Mayen date -d "2023-04-28 13:49 Z"
  Fri Apr 28 12:49:00 -01 2023
  $ TZ=Europe/Tiraspol date -d "2023-04-28 13:49 Z"
  Fri Apr 28 16:49:00 MSK 2023
  ```

  [ Where problems could occur ]

  Timezone data could be wrong. Systems with incorrect timezone set may
  observe unexpected time shift when updating the package.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-tz/+bug/2017999/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1905493] Re: Services (apparmor, snapd.seeded, ...?) fail to start in nested lxd container

Tracked in Github Issues as https://github.com/canonical/cloud-
init/issues/3813

** Bug watch added: github.com/canonical/cloud-init/issues #3813
   https://github.com/canonical/cloud-init/issues/3813

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1905493

Title:
  Services (apparmor, snapd.seeded, ...?) fail to start in nested lxd
  container

Status in AppArmor:
  New
Status in autopkgtest:
  New
Status in cloud-init:
  Invalid
Status in snapd:
  Confirmed
Status in dbus package in Ubuntu:
  Confirmed
Status in lxd package in Ubuntu:
  New
Status in systemd package in Ubuntu:
  Invalid

Bug description:
  When booting a nested lxd container inside another lxd container (just
  a normal container, not a VM) (i.e. just L2), using cloud-init -status
  --wait, the "." is just printed off infinitely and never returns.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1905493/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2017209] Re: [Raspberry Pi/lunar] systemd-oomd fails with "ConditionControlGroupController=memory was not met"

2023-05-12 Thread fprietog

The file /etc/apt/preferences.d/proposed-updates didn't exists in my
system. I've created it with your content and proposed updates now are
working.

But, AFAIK, I've never needed to pin proposed updates repo to make it
work until now (?)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2017209

Title:
  [Raspberry Pi/lunar] systemd-oomd fails with
  "ConditionControlGroupController=memory was not met"

Status in linux-raspi package in Ubuntu:
  Fix Committed
Status in systemd package in Ubuntu:
  Invalid
Status in linux-raspi source package in Lunar:
  Fix Committed
Status in systemd source package in Lunar:
  Invalid

Bug description:
  PROBLEM SUMMARY:
  
  Just upgraded to Ubuntu 23.04 (lunar) from Ubuntu 22.10 (kinetic). 
systemd-oomd fails with "ConditionControlGroupController=memory was not met" 
during boot. 
  If you manually started it after boot it starts but after a few minutes it 
fails with the same error.

  These are the journalctl entries regarding this problem:

  abr 20 23:12:48 fpgrpi systemd[1]: Listening on systemd-oomd.socket - 
Userspace Out-Of-Memory (OOM) Killer Socket.
  abr 20 23:12:48 fpgrpi systemd[1]: systemd-oomd.service - Userspace 
Out-Of-Memory (OOM) Killer was skipped because of an unmet condition check 
(ConditionControlGroupController=memory).
  --- Line repeat 20 times ---
  abr 20 23:12:49 fpgrpi systemd[1]: systemd-oomd.service - Userspace 
Out-Of-Memory (OOM) Killer was skipped because of an unmet condition check 
(ConditionControlGroupController=memory).
  abr 20 23:12:49 fpgrpi systemd[1]: systemd-oomd.socket: Trigger limit hit, 
refusing further activation.
  abr 20 23:12:49 fpgrpi systemd[1]: systemd-oomd.socket: Failed with result 
'trigger-limit-hit'.

  
  This is the systemctl status for systemd-oomd.service and systemd-oomd.socket:

  # systemctl status systemd-oomd.service
  ○ systemd-oomd.service - Userspace Out-Of-Memory (OOM) Killer
   Loaded: loaded (/lib/systemd/system/systemd-oomd.service; enabled; 
preset: enabled)
   Active: inactive (dead)
  TriggeredBy: × systemd-oomd.socket
Condition: start condition failed at Thu 2023-04-20 23:21:07 CEST; 9h ago
   └─ ConditionControlGroupController=memory was not met
 Docs: man:systemd-oomd.service(8)

  # systemctl status systemd-oomd.socket
  × systemd-oomd.socket - Userspace Out-Of-Memory (OOM) Killer Socket
   Loaded: loaded (/lib/systemd/system/systemd-oomd.socket; enabled; 
preset: enabled)
   Active: failed (Result: trigger-limit-hit) since Thu 2023-04-20 23:21:07 
CEST; 9h ago
 Duration: 2min 2.252s
 Triggers: ● systemd-oomd.service
 Docs: man:systemd-oomd.service(8)
   Listen: /run/systemd/oom/io.system.ManagedOOM (Stream)

  
  ADITIONAL INFO:
  ---
  Machine is an arm64 "Raspberry Pi 4 Model B Rev 1.4 8GB"

  # uname -a
  Linux fpgrpi 6.2.0-1004-raspi #5-Ubuntu SMP PREEMPT Mon Apr  3 11:15:14 UTC 
2023 aarch64 aarch64 aarch64 GNU/Linux

  # lsb_release -rd
  No LSB modules are available.
  Description:  Ubuntu 23.04
  Release:  23.04

  # apt-cache policy systemd-oomd
  systemd-oomd:
Instalados: 252.5-2ubuntu3
Candidato:  252.5-2ubuntu3
Tabla de versión:
   *** 252.5-2ubuntu3 500
  500 http://ports.ubuntu.com/ubuntu-ports lunar/main arm64 Packages
  100 /var/lib/dpkg/status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-raspi/+bug/2017209/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1908892] Re: grep -L exit status reverted

2023-05-12 Thread Geert Uytterhoeven

This was fixed by the upgrade to 22.04LTS (grep 3.7-1build1).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to grep in Ubuntu.
https://bugs.launchpad.net/bugs/1908892

Title:
  grep -L exit status reverted

Status in grep package in Ubuntu:
  New

Bug description:
  After upgrading to Ubuntu 20.04LTS (grep 3.1-2build1 => 3.4-1), the
  following code snippet stopped working:

  # All patches must have "From:", "Date:", and "Subject:" lines
  for hdr in From Date Subject; do
  grep -L ^$hdr: $dir/* || ( echo Missing \"$hdr:\" line; exit -1 )
  done

  It looks like this was fixed upstream, cfr. "Revert -L exit status change 
introduced in grep 3.2"
  
(https://git.savannah.gnu.org/cgit/grep.git/commit/?id=0435ebca64fbafcd62008c991dd9377d8a792dfc)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1908892/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2016908] Re: udev fails to make prctl() syscall with apparmor=0 (as used by maas by default)

2023-05-12 Thread Stefan Bader

** Changed in: linux (Ubuntu Lunar)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2016908

Title:
  udev fails to make prctl() syscall with apparmor=0 (as used by maas by
  default)

Status in AppArmor:
  New
Status in MAAS:
  Triaged
Status in maas-images:
  Invalid
Status in apparmor package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Fix Committed
Status in systemd package in Ubuntu:
  Invalid
Status in apparmor source package in Lunar:
  New
Status in linux source package in Lunar:
  Fix Committed
Status in systemd source package in Lunar:
  New

Bug description:
  I'm assuming the image being used for these deploys is 20230417 or
  20230417.1 based on the fact that I saw a 6.2 kernel being used which
  I don't believe was part of the 20230319 serial. I don't have access
  to the maas server, so I can't directly check any log files.

  MAAS Version: 3.3.2

  Here's where the serial log indicates it can't download the squashfs. The 
full log is attached as scobee-lunar-no-squashfs.log (there are some other 
console message intermixed):
  no search or nameservers found in /run/net-BOOTIF.conf /run/net-*.conf 
/run/net6
  -*.conf
  :: 
root=squash:http://10.229.32.21:5248/images/ubuntu/arm64/ga-23.04/lunar/candi
  date/squa[  206.804704] Btrfs loaded, crc32c=crc32c-generic, zoned=yes, 
fsverity
  =yes
  shfs
  :: mount_squash downloading 
http://10.229.32.21:5248/images/ubuntu/arm64/ga-23.0
  4/lunar/candidate/squashfs to /root.tmp.img
  Connecting to 10.229.32.21:5248 (10.229.32.21:5248)
  wget: can't connect to remote host (10.229.32.21): Network is unreachable
  :: mount -t squashfs -o loop  '/root.tmp.img' '/root.tmp'
  mount: mounting /root.tmp.img on /root.tmp failed: No such file or directory
  done.

  Still gathering logs and info and will update as I go.

  
  Kernel Bug / Apparmor
  reproducer

  $ wget 
https://images.maas.io/ephemeral-v3/candidate/lunar/amd64/20230419/ga-23.04/generic/boot-kernel
  $ wget 
https://images.maas.io/ephemeral-v3/candidate/lunar/amd64/20230419/ga-23.04/generic/boot-initrd
  $ qemu-system-x86_64 -nographic -m 2G -kernel ./boot-kernel -initrd 
./boot-initrd -append 'console=ttyS0 break=modules apparmor=0'

  #start the VM
  
  Starting systemd-udevd version 252.5-2ubuntu3
  Spawning shell within the initramfs

  BusyBox v1.35.0 (Ubuntu 1:1.35.0-4ubuntu1) built-in shell (ash)
  Enter 'help' for a list of built-in commands.

  (initramfs) udevadm info --export-db
  Failed to set death signal: Invalid argument

  Observe that udevadm fails to setup death signal, with in systemd code
  is this

  
https://github.com/systemd/systemd/blob/08c2f9c626e0f0052d505b1b7e52f335c0fbfa1d/src/basic/process-
  util.c#L1252

  if (flags & (FORK_DEATHSIG|FORK_DEATHSIG_SIGINT))
  if (prctl(PR_SET_PDEATHSIG, (flags & FORK_DEATHSIG_SIGINT) ? 
SIGINT : SIGTERM) < 0) {
  log_full_errno(prio, errno, "Failed to set death 
signal: %m");
  _exit(EXIT_FAILURE);
  }

  
  workaround set kernel commandline to `apparmor=1`
  

  MAAS bug
  Why is maas setting `apparmor=0` ? Ubuntu shouldn't be used without apparmor. 
Even for deployment and commisioning.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/2016908/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2017209] Re: [Raspberry Pi/lunar] systemd-oomd fails with "ConditionControlGroupController=memory was not met"

2023-05-12 Thread Juerg Haefliger

ubuntu@rpi-4b-rev1d2-164b:~$ cat /etc/apt/preferences.d/proposed-updates 
Package: *
Pin: release a=lunar-proposed
Pin-Priority: 500

ubuntu@rpi-4b-rev1d2-164b:~$ apt-cache policy linux-raspi
linux-raspi:
  Installed: 6.2.0.1004.6
  Candidate: 6.2.0.1005.8
  Version table:
 6.2.0.1005.8 500
500 http://ports.ubuntu.com/ubuntu-ports lunar-proposed/main arm64 
Packages
 *** 6.2.0.1004.6 500
500 http://ports.ubuntu.com/ubuntu-ports lunar/main arm64 Packages
100 /var/lib/dpkg/status

ubuntu@rpi-4b-rev1d2-164b:~$ apt list --upgradable 
Listing... Done
linux-firmware/lunar-proposed 20230323.gitbcdcfbcf-0ubuntu1.1 all [upgradable 
from: 20230323.gitbcdcfbcf-0ubuntu1]
linux-headers-raspi/lunar-proposed 6.2.0.1005.8 arm64 [upgradable from: 
6.2.0.1004.6]
linux-image-raspi/lunar-proposed 6.2.0.1005.8 arm64 [upgradable from: 
6.2.0.1004.6]
linux-raspi/lunar-proposed 6.2.0.1005.8 arm64 [upgradable from: 6.2.0.1004.6]
mdadm/lunar-proposed 4.2-5ubuntu2 arm64 [upgradable from: 4.2-5ubuntu1]

ubuntu@rpi-4b-rev1d2-164b:~$ sudo apt upgrade
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
The following NEW packages will be installed:
  linux-headers-6.2.0-1005-raspi linux-image-6.2.0-1005-raspi 
linux-modules-6.2.0-1005-raspi linux-raspi-headers-6.2.0-1005
The following packages will be upgraded:
  linux-firmware linux-headers-raspi linux-image-raspi linux-raspi mdadm
5 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 338 MB of archives.
After this operation, 287 MB of additional disk space will be used.
Do you want to continue? [Y/n]

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2017209

Title:
  [Raspberry Pi/lunar] systemd-oomd fails with
  "ConditionControlGroupController=memory was not met"

Status in linux-raspi package in Ubuntu:
  Fix Committed
Status in systemd package in Ubuntu:
  Invalid
Status in linux-raspi source package in Lunar:
  Fix Committed
Status in systemd source package in Lunar:
  Invalid

Bug description:
  PROBLEM SUMMARY:
  
  Just upgraded to Ubuntu 23.04 (lunar) from Ubuntu 22.10 (kinetic). 
systemd-oomd fails with "ConditionControlGroupController=memory was not met" 
during boot. 
  If you manually started it after boot it starts but after a few minutes it 
fails with the same error.

  These are the journalctl entries regarding this problem:

  abr 20 23:12:48 fpgrpi systemd[1]: Listening on systemd-oomd.socket - 
Userspace Out-Of-Memory (OOM) Killer Socket.
  abr 20 23:12:48 fpgrpi systemd[1]: systemd-oomd.service - Userspace 
Out-Of-Memory (OOM) Killer was skipped because of an unmet condition check 
(ConditionControlGroupController=memory).
  --- Line repeat 20 times ---
  abr 20 23:12:49 fpgrpi systemd[1]: systemd-oomd.service - Userspace 
Out-Of-Memory (OOM) Killer was skipped because of an unmet condition check 
(ConditionControlGroupController=memory).
  abr 20 23:12:49 fpgrpi systemd[1]: systemd-oomd.socket: Trigger limit hit, 
refusing further activation.
  abr 20 23:12:49 fpgrpi systemd[1]: systemd-oomd.socket: Failed with result 
'trigger-limit-hit'.

  
  This is the systemctl status for systemd-oomd.service and systemd-oomd.socket:

  # systemctl status systemd-oomd.service
  ○ systemd-oomd.service - Userspace Out-Of-Memory (OOM) Killer
   Loaded: loaded (/lib/systemd/system/systemd-oomd.service; enabled; 
preset: enabled)
   Active: inactive (dead)
  TriggeredBy: × systemd-oomd.socket
Condition: start condition failed at Thu 2023-04-20 23:21:07 CEST; 9h ago
   └─ ConditionControlGroupController=memory was not met
 Docs: man:systemd-oomd.service(8)

  # systemctl status systemd-oomd.socket
  × systemd-oomd.socket - Userspace Out-Of-Memory (OOM) Killer Socket
   Loaded: loaded (/lib/systemd/system/systemd-oomd.socket; enabled; 
preset: enabled)
   Active: failed (Result: trigger-limit-hit) since Thu 2023-04-20 23:21:07 
CEST; 9h ago
 Duration: 2min 2.252s
 Triggers: ● systemd-oomd.service
 Docs: man:systemd-oomd.service(8)
   Listen: /run/systemd/oom/io.system.ManagedOOM (Stream)

  
  ADITIONAL INFO:
  ---
  Machine is an arm64 "Raspberry Pi 4 Model B Rev 1.4 8GB"

  # uname -a
  Linux fpgrpi 6.2.0-1004-raspi #5-Ubuntu SMP PREEMPT Mon Apr  3 11:15:14 UTC 
2023 aarch64 aarch64 aarch64 GNU/Linux

  # lsb_release -rd
  No LSB modules are available.
  Description:  Ubuntu 23.04
  Release:  23.04

  # apt-cache policy systemd-oomd
  systemd-oomd:
Instalados: 252.5-2ubuntu3
Candidato:  252.5-2ubuntu3
Tabla de versión:
   *** 252.5-2ubuntu3 500
  500 http://ports.ubuntu.com/ubuntu-ports lunar/main arm64 Packages
  100 /var/lib/dpkg/status

To manage notifications about this bug go to:

[Touch-packages] [Bug 2017209] Re: [Raspberry Pi/lunar] systemd-oomd fails with "ConditionControlGroupController=memory was not met"

2023-05-12 Thread Juerg Haefliger

Thanks for the verification.

> there is also a non-existent version 6.2.0.1005.8 that causes
conflict.

That's a valid meta package version and the meta packages should be
available from lunar-proposed.

http://ports.ubuntu.com/ubuntu-ports/pool/main/l/linux-meta-raspi/

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2017209

Title:
  [Raspberry Pi/lunar] systemd-oomd fails with
  "ConditionControlGroupController=memory was not met"

Status in linux-raspi package in Ubuntu:
  Fix Committed
Status in systemd package in Ubuntu:
  Invalid
Status in linux-raspi source package in Lunar:
  Fix Committed
Status in systemd source package in Lunar:
  Invalid

Bug description:
  PROBLEM SUMMARY:
  
  Just upgraded to Ubuntu 23.04 (lunar) from Ubuntu 22.10 (kinetic). 
systemd-oomd fails with "ConditionControlGroupController=memory was not met" 
during boot. 
  If you manually started it after boot it starts but after a few minutes it 
fails with the same error.

  These are the journalctl entries regarding this problem:

  abr 20 23:12:48 fpgrpi systemd[1]: Listening on systemd-oomd.socket - 
Userspace Out-Of-Memory (OOM) Killer Socket.
  abr 20 23:12:48 fpgrpi systemd[1]: systemd-oomd.service - Userspace 
Out-Of-Memory (OOM) Killer was skipped because of an unmet condition check 
(ConditionControlGroupController=memory).
  --- Line repeat 20 times ---
  abr 20 23:12:49 fpgrpi systemd[1]: systemd-oomd.service - Userspace 
Out-Of-Memory (OOM) Killer was skipped because of an unmet condition check 
(ConditionControlGroupController=memory).
  abr 20 23:12:49 fpgrpi systemd[1]: systemd-oomd.socket: Trigger limit hit, 
refusing further activation.
  abr 20 23:12:49 fpgrpi systemd[1]: systemd-oomd.socket: Failed with result 
'trigger-limit-hit'.

  
  This is the systemctl status for systemd-oomd.service and systemd-oomd.socket:

  # systemctl status systemd-oomd.service
  ○ systemd-oomd.service - Userspace Out-Of-Memory (OOM) Killer
   Loaded: loaded (/lib/systemd/system/systemd-oomd.service; enabled; 
preset: enabled)
   Active: inactive (dead)
  TriggeredBy: × systemd-oomd.socket
Condition: start condition failed at Thu 2023-04-20 23:21:07 CEST; 9h ago
   └─ ConditionControlGroupController=memory was not met
 Docs: man:systemd-oomd.service(8)

  # systemctl status systemd-oomd.socket
  × systemd-oomd.socket - Userspace Out-Of-Memory (OOM) Killer Socket
   Loaded: loaded (/lib/systemd/system/systemd-oomd.socket; enabled; 
preset: enabled)
   Active: failed (Result: trigger-limit-hit) since Thu 2023-04-20 23:21:07 
CEST; 9h ago
 Duration: 2min 2.252s
 Triggers: ● systemd-oomd.service
 Docs: man:systemd-oomd.service(8)
   Listen: /run/systemd/oom/io.system.ManagedOOM (Stream)

  
  ADITIONAL INFO:
  ---
  Machine is an arm64 "Raspberry Pi 4 Model B Rev 1.4 8GB"

  # uname -a
  Linux fpgrpi 6.2.0-1004-raspi #5-Ubuntu SMP PREEMPT Mon Apr  3 11:15:14 UTC 
2023 aarch64 aarch64 aarch64 GNU/Linux

  # lsb_release -rd
  No LSB modules are available.
  Description:  Ubuntu 23.04
  Release:  23.04

  # apt-cache policy systemd-oomd
  systemd-oomd:
Instalados: 252.5-2ubuntu3
Candidato:  252.5-2ubuntu3
Tabla de versión:
   *** 252.5-2ubuntu3 500
  500 http://ports.ubuntu.com/ubuntu-ports lunar/main arm64 Packages
  100 /var/lib/dpkg/status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-raspi/+bug/2017209/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1791559] Re: Spurious reboot notifications caused by libssl upgrades.

*** This bug is a duplicate of bug 1971650 ***
https://bugs.launchpad.net/bugs/1971650

I'm going to mark this as duplicate of 1971650 which is about updating
the logic for libssl upgrades since it will cover this issue too (and
we'd like to address it in the not-so-distant future).

** This bug has been marked a duplicate of bug 1971650
   wrong check for "server" in libssl3.postinst

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1791559

Title:
  Spurious reboot notifications caused by libssl upgrades.

Status in openssl package in Ubuntu:
  New

Bug description:
  Upon installing libssl:i386 on Ubuntu LTS 18.04.1 Desktop, I am
  advised that I need to perform a reboot.

  I see a single process in my system using a no-longer-existing copy of
  libssl.so.1.0.0, but I can easily restart that process.

  Even if this were Server, I could easily just restart the sshd
  process, from its console if necessary.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1791559/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1260230] Re: Memory leak in libcrypto.so\libssl.so

I wasn't able to reproduce the issue. I've tried the attached reproducer but:
- I don't have a file "TrustStore.pem",
- if I comment out the block of code that tries to load this file, I get 
"Certificate verification error: 20",
- in both cases, valgrind reports no memory lost or still reachable.

I'll mark this bug as Incomplete.

** Changed in: openssl (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1260230

Title:
  Memory leak in libcrypto.so\libssl.so

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  I've found a bug in openssl 1.0.1-4ubuntu5.10. Was trying to use
  libpq\libmysql.so to connect to database and did not specify sslmode
  so it used ssl to connect to database, when i've checked with valgrind
  i've detected some memory leak:

  ==25346== Memcheck, a memory error detector
  ==25346== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
  ==25346== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
  ==25346== Command: ./test
  ==25346==
  ==25346==
  ==25346== HEAP SUMMARY:
  ==25346== in use at exit: 81,152 bytes in 2,769 blocks
  ==25346==   total heap usage: 4,388 allocs, 1,619 frees, 281,833 bytes 
allocated
  ==25346==
  ==25346== 160 (40 direct, 120 indirect) bytes in 1 blocks are definitely lost 
in loss record 229 of 279
  ==25346==at 0x402BE68: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
  ==25346==by 0x416E84E: nss_parse_service_list (nsswitch.c:678)
  ==25346==by 0x416EFC9: __nss_database_lookup (nsswitch.c:175)
  ==25346==by 0x4EB6168: ???
  ==25346==by 0x4EB7B5C: ???
  ==25346==by 0x4125FA6: getpwuid_r@@GLIBC_2.1.2 (getXXbyYY_r.c:256)
  ==25346==by 0x405F691: ??? (in /usr/lib/libpq.so.5.4)
  ==25346==by 0x404C6BD: ??? (in /usr/lib/libpq.so.5.4)
  ==25346==by 0x404D06A: ??? (in /usr/lib/libpq.so.5.4)
  ==25346==by 0x404EC4A: ??? (in /usr/lib/libpq.so.5.4)
  ==25346==by 0x404EF2F: ??? (in /usr/lib/libpq.so.5.4)
  ==25346==by 0x404F31E: PQconnectStart (in /usr/lib/libpq.so.5.4)
  ==25346==
  ==25346== LEAK SUMMARY:
  ==25346==definitely lost: 40 bytes in 1 blocks
  ==25346==indirectly lost: 120 bytes in 10 blocks
  ==25346==  possibly lost: 0 bytes in 0 blocks
  ==25346==still reachable: 80,992 bytes in 2,758 blocks
  ==25346== suppressed: 0 bytes in 0 blocks
  ==25346== Reachable blocks (those to which a pointer was found) are not shown.
  ==25346== To see them, rerun with: --leak-check=full --show-reachable=yes
  ==25346==
  ==25346== For counts of detected and suppressed errors, rerun with: -v
  ==25346== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)


  with sslmode=disable i see this:
  ==28708== Memcheck, a memory error detector
  ==28708== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
  ==28708== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
  ==28708== Command: ./test
  ==28708==
  ==28708==
  ==28708== HEAP SUMMARY:
  ==28708== in use at exit: 160 bytes in 11 blocks
  ==28708==   total heap usage: 138 allocs, 127 frees, 46,314 bytes allocated
  ==28708==
  ==28708== 160 (40 direct, 120 indirect) bytes in 1 blocks are definitely lost 
in loss record 11 of 11
  ==28708==at 0x402BE68: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
  ==28708==by 0x416E84E: nss_parse_service_list (nsswitch.c:678)
  ==28708==by 0x416EFC9: __nss_database_lookup (nsswitch.c:175)
  ==28708==by 0x4EB6168: ???
  ==28708==by 0x4EB7B5C: ???
  ==28708==by 0x4125FA6: getpwuid_r@@GLIBC_2.1.2 (getXXbyYY_r.c:256)
  ==28708==by 0x405F691: ??? (in /usr/lib/libpq.so.5.4)
  ==28708==by 0x404C6BD: ??? (in /usr/lib/libpq.so.5.4)
  ==28708==by 0x404D06A: ??? (in /usr/lib/libpq.so.5.4)
  ==28708==by 0x404EC4A: ??? (in /usr/lib/libpq.so.5.4)
  ==28708==by 0x404EF2F: ??? (in /usr/lib/libpq.so.5.4)
  ==28708==by 0x404F31E: PQconnectStart (in /usr/lib/libpq.so.5.4)
  ==28708==
  ==28708== LEAK SUMMARY:
  ==28708==definitely lost: 40 bytes in 1 blocks
  ==28708==indirectly lost: 120 bytes in 10 blocks
  ==28708==  possibly lost: 0 bytes in 0 blocks
  ==28708==still reachable: 0 bytes in 0 blocks
  ==28708== suppressed: 0 bytes in 0 blocks
  ==28708==
  ==28708== For counts of detected and suppressed errors, rerun with: -v
  ==28708== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

  also test openssl program(attached) have a leak 47700 bytes

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1260230/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   :

[Touch-packages] [Bug 1334300] Re: after installing updates for OpenSSL there is no advice to reboot the PC

*** This bug is a duplicate of bug 1971650 ***
https://bugs.launchpad.net/bugs/1971650

I think this is pretty much a duplicate of 1971650 which is about
migrating to needrestart from the current postinst. Like with another
bug I recently marked as duplicate, I don't think it is exactly the same
bug but they way the fix will cover both.

** This bug has been marked a duplicate of bug 1971650
   wrong check for "server" in libssl3.postinst

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1334300

Title:
  after installing updates for OpenSSL there is no advice to reboot the
  PC

Status in openssl package in Ubuntu:
  New

Bug description:
  There where a lot of updates for OpenSSL in the last weeks and every time 
there is a instruction in the USN to reboot the PC - like here:
  http://www.ubuntu.com/usn/usn-2232-3/

  "To update your system, please follow these instructions:
  https://wiki.ubuntu.com/Security/Upgrades.

  After a standard system update you need to reboot your computer to make all
  the necessary changes."

  But in the indicator on the panel is no advice to reboot the PC for safety 
reasons.
  I'm not shure if this is a problem of OpenSSL or the indicator plugin from 
XFCE4 itself - but the reboot advice should be pop up in every desktop 
installation to sensibilize the user about the security risk.

  ProblemType: Bug
  DistroRelease: Ubuntu 12.04
  Package: openssl 1.0.1-4ubuntu5.16
  ProcVersionSignature: Ubuntu 3.2.0-64.97-generic 3.2.59
  Uname: Linux 3.2.0-64-generic i686
  ApportVersion: 2.0.1-0ubuntu17.6
  Architecture: i386
  Date: Wed Jun 25 16:14:59 2014
  InstallationMedia: Xubuntu 12.04.1 LTS "Precise Pangolin" - Release i386 
(20120817.3)
  MarkForUpload: True
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1334300/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2019295] [NEW] ubuntu 20.04 can not collect app dump

2023-05-12 Thread jiangminghui

Public bug reported:

ubuntu 20.04 can not collect app dump

ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: apport 2.20.11-0ubuntu27.25
ProcVersionSignature: Ubuntu 5.13.0-30.33~20.04.1-generic 5.13.19
Uname: Linux 5.13.0-30-generic x86_64
ApportVersion: 2.20.11-0ubuntu27.25
Architecture: amd64
CasperMD5CheckResult: skip
Date: Fri May 12 15:37:13 2023
InstallationDate: Installed on 2022-08-17 (268 days ago)
InstallationMedia: Ubuntu 20.04.4 LTS "Focal Fossa" - Release amd64 (20220223)
PackageArchitecture: all
SourcePackage: apport
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: apport (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/2019295

Title:
  ubuntu 20.04 can not collect app dump

Status in apport package in Ubuntu:
  New

Bug description:
  ubuntu 20.04 can not collect app dump

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: apport 2.20.11-0ubuntu27.25
  ProcVersionSignature: Ubuntu 5.13.0-30.33~20.04.1-generic 5.13.19
  Uname: Linux 5.13.0-30-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.25
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Fri May 12 15:37:13 2023
  InstallationDate: Installed on 2022-08-17 (268 days ago)
  InstallationMedia: Ubuntu 20.04.4 LTS "Focal Fossa" - Release amd64 (20220223)
  PackageArchitecture: all
  SourcePackage: apport
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/2019295/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1305175] Re: openssl 1.0.1f 'ssl handshake failure' connection failure

RC4-MD5 was already considered pretty bad when this bug was filled; now
they're clearly deprecated and Ubuntu's openssl is actively pushing for
higher security standards. As such I think this bug should be WONTFIX.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1305175

Title:
  openssl 1.0.1f 'ssl handshake failure' connection failure

Status in openssl package in Ubuntu:
  Confirmed

Bug description:
  When attempting 'curl' or 'openssl s_client' I have been getting
  "error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake
  failure"

  openssl version
  OpenSSL 1.0.1f 6 Jan 2014

  examples:

  ```Normal connect
  # openssl s_client -connect centinel1000.cardinalcommerce.com:443 -showcerts
  CONNECTED(0003)
  140148901013152:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake 
failure:s23_lib.c:177:
  ---
  no peer certificate available
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 0 bytes and written 317 bytes
  ---
  New, (NONE), Cipher is (NONE)
  Secure Renegotiation IS NOT supported
  Compression: NONE
  Expansion: NONE
  ---

  
  ```Explicit SSLv3
  # openssl s_client -connect centinel1000.cardinalcommerce.com:443 -showcerts 
-ssl3
  CONNECTED(0003)
  depth=2 C = US, O = "thawte, Inc.", OU = Certification Services Division, OU 
= "(c) 2006 thawte, Inc. - For authorized use only", CN = thawte Primary Root CA
  verify error:num=20:unable to get local issuer certificate
  verify return:0
  ---
  Certificate chain
   0 s:/C=US/ST=Ohio/L=Mentor/O=CardinalCommerce 
Corporation/CN=*.cardinalcommerce.com
 i:/C=US/O=Thawte, Inc./CN=Thawte SSL CA
  -BEGIN CERTIFICATE-
  MIIEqjCCA5KgAwIBAgIQfI2U+db8heb8kd3m/BmmITANBgkqhkiG9w0BAQUFADA8
  MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMRYwFAYDVQQDEw1U
  aGF3dGUgU1NMIENBMB4XDTEzMDMxOTAwMDAwMFoXDTE1MDQxODIzNTk1OVowdTEL
  MAkGA1UEBhMCVVMxDTALBgNVBAgTBE9oaW8xDzANBgNVBAcUBk1lbnRvcjElMCMG
  A1UEChQcQ2FyZGluYWxDb21tZXJjZSBDb3Jwb3JhdGlvbjEfMB0GA1UEAxQWKi5j
  YXJkaW5hbGNvbW1lcmNlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
  ggEBAMUnIwZ0yEJa80hN4sta/wbr04ogq9XwlY7V7iWiLlfoP/wfpccPt/282+AN
  oySwuxMWE5EPHC54WXjCowoj3Kdq7fuH11R6DBoXGfuhIJ9l9L187hEPPk6bLq3H
  F1diHFxGYT0zCNshm7w7Qe/LmQ8N0WSUs21KuB/WZxEts7sIYi4xY/Ig1Mbt6dVV
  z3w3mfSqpXmdZa5ht7/QUEy3/04uGlSXAN01BVmxHbZeM5epocUCt/TwhtUzRb+N
  9S4VEe3kzP8Oz8Wphg1CueP5yH9nRQTzLct5wCBC5+N+RjdadhuRm4FPgbsO+sX4
  LHQ1jgE6CTqYquyYAeXuvdOqz6kCAwEAAaOCAW0wggFpMCEGA1UdEQQaMBiCFiou
  Y2FyZGluYWxjb21tZXJjZS5jb20wCQYDVR0TBAIwADBCBgNVHSAEOzA5MDcGCmCG
  SAGG+EUBBzYwKTAnBggrBgEFBQcCARYbaHR0cHM6Ly93d3cudGhhd3RlLmNvbS9j
  cHMvMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBSnooO7NEVAPfzVME8SuT6h
  AZ/22zA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vc3ZyLW92LWNybC50aGF3dGUu
  Y29tL1RoYXd0ZU9WLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
  aQYIKwYBBQUHAQEEXTBbMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC50aGF3dGUu
  Y29tMDUGCCsGAQUFBzAChilodHRwOi8vc3ZyLW92LWFpYS50aGF3dGUuY29tL1Ro
  YXd0ZU9WLmNlcjANBgkqhkiG9w0BAQUFAAOCAQEAQKaqABf0+hz+MkHwn6HhnZ6T
  3D7u3a3ePrQQgtZWFo+7A5s0C+UA6SBRcvEZDRP7TMZaU+Ft+stglyby33b3koTQ
  2X1F484ncBJGyiOBk0M/KQHIsQGUmeXKNLfZlqXhicbT2nq7SktybPR0rsPJoiqN
  gR8pNlHseb1aHM79NcV9IbpW8B71fEMFQRd7sUvmxGizqOneG4nGXCk04CRRy5H3
  raU6Xb2CRi5UdjsJPWjLjLDQZBF5aA0IgOZDi7BghU9cy+P4t2PdBBvPP0ctWI3O
  LYMF6figGyaw3kCLi4epJ0ZA4ayg8R7KrDNGA7oWI2roknlJd0YEDE3z0Fg2JA==
  -END CERTIFICATE-
   1 s:/C=US/O=Thawte, Inc./CN=Thawte SSL CA
 i:/C=US/O=thawte, Inc./OU=Certification Services Division/OU=(c) 2006 
thawte, Inc. - For authorized use only/CN=thawte Primary Root CA
  -BEGIN CERTIFICATE-
  MIIEbDCCA1SgAwIBAgIQTV8sNAiyTCDNbVB+JE3J7DANBgkqhkiG9w0BAQUFADCB
  qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
  Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
  MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
  BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTAwMjA4MDAwMDAwWhcNMjAw
  MjA3MjM1OTU5WjA8MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMu
  MRYwFAYDVQQDEw1UaGF3dGUgU1NMIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
  MIIBCgKCAQEAmeSFW3ZJfS8F2MWsyMip09yY5tc0pi8M8iIm2KPJFEyPBaRF6BQM
  WJAFGrfFwQalgK+7HUlrUjSIw1nn72vEJ0GMK2Yd0OCjl5gZNEtB1ZjVxwWtouTX
  7QytT8G1sCH9PlBTssSQ0NQwZ2ya8Q50xMLciuiX/8mSrgGKVgqYMrAAI+yQGmDD
  7bs6yw9jnw1EyVLhJZa/7VCViX9WFLG3YR0cB4w6LPf/gN45RdWvGtF42MdxaqMZ
  pzJQIenyDqHGEwNESNFmqFJX1xG0k4vlmZ9d53hR5U32t1m0drUJN00GOBN6HAiY
  XMRISstSoKn4sZ2Oe3mwIC88lqgRYke7EQIDAQABo4H7MIH4MDIGCCsGAQUFBwEB
  BCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AudGhhd3RlLmNvbTASBgNVHRMB
  Af8ECDAGAQH/AgEAMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwudGhhd3Rl
  LmNvbS9UaGF3dGVQQ0EuY3JsMA4GA1UdDwEB/wQEAwIBBjAoBgNVHREEITAfpB0w
  GzEZMBcGA1UEAxMQVmVyaVNpZ25NUEtJLTItOTAdBgNVHQ4EFgQUp6KDuzRFQD38
  1TBPErk+oQGf9tswHwYDVR0jBBgwFoAUe1tFz6/Oy3r9MZIaarbzRutXSFAwDQYJ
  KoZIhvcNAQEFBQADggEBAIAigOBsyJUW11cmh/NyNNvGclYnPtOW9i4lkaU+M5en

[Touch-packages] [Bug 1075916] Re: 'openssl ca' segfaults on second run