[Bug 2056578] Re: [SRU - Noble] Tor Browser - keyboard not functioning

[Thomas Ward]

** Description changed:

  [Impact]
  Due to various changes in AppArmor, and the AppArmor policy for Tor Browser 
installed by the launcher, the default ibus/dbus abstractions don't include 
user-space access to DBUS/IBUS.
  
  This results in Tor Browser being unable to read keyboard input in
  userspace, resulting in a Non-Functional application.  While Tor Browser
  *launcher* still works, the underlying Tor Browser inherits the AppArmor
  profile from torbrowser-launcher, hence this needs updated here.
  
  [Test Plan]
  This fix has already been tested and implemented in Debian upstream.  
However, it was not available before FeatureFreeze, and was not available in 
Debian until post-Noble release.
  
  This has already been tested manually by others, but as soon as a
  version with the patch present is available, a user should install the
  updated torbrowser-launcher package and the updated AppArmor profile
  should apply, and the program should work as usual.
  
  [Regression Potential]
  Extremely limited.  This simply allows access to userspace dbus/ibus access 
for Keyboard input.
  
  Note that this exact same line being added to the AppArmor profile here
  exists in the Firefox AppArmor ruleset as well, and since Tor Browser
  and Firefox share much of the same code, this should have limited to no
  impact as this has existed in Firefox for a long time.
  
+ [Where problems could occur]
+ 
+ The only thing that might happen is extra access to dbus/ibus interfaces
+ for input handling.  However, as this change being added by SRU is
+ already in the Firefox apparmor profile, this shouldn't cause any
+ issues.
+ 
+ 
  [Other Info]
  This is already available in Debian Unstable, and also in Oracular due to the 
sync.
  
  Simon Quigley is handling the upload and prep of the SRU debdiff to
  noble-updates as a favor to Thomas Ward who is having computer scuff at
  the time of the uploading.
- 
  
  [Original Description]
  
  I have installed tor browser v13.0.11 on 24.04 (noble). The keyboard
  does not operate, when typing no characters are appearing.
  
  I have tried to enter a search and also type in a URL but this is not
  working.
  
  I am using default Ubuntu desktop with wayland.
  
  ProblemType: Bug
  DistroRelease: Ubuntu 24.04
  Package: torbrowser-launcher 0.3.7-1
  ProcVersionSignature: Ubuntu 6.8.0-11.11-generic 6.8.0-rc4
  Uname: Linux 6.8.0-11-generic x86_64
  ApportVersion: 2.28.0-0ubuntu1
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Fri Mar  8 16:01:36 2024
  InstallationDate: Installed on 2024-03-08 (0 days ago)
  InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Daily amd64 (20240306)
  ProcEnviron:
   LANG=en_US.UTF-8
   PATH=(custom, no user)
   SHELL=/bin/bash
   TERM=xterm-256color
   XDG_RUNTIME_DIR=
  SourcePackage: torbrowser-launcher
  UpgradeStatus: No upgrade log present (probably fresh install)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056578

Title:
  [SRU - Noble] Tor Browser - keyboard not functioning

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/2056578/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2056578] Re: Tor Browser - keyboard not functioning

[Thomas Ward]

** Description changed:

+ [Impact]
+ Due to various changes in AppArmor, and the AppArmor policy for Tor Browser 
installed by the launcher, the default ibus/dbus abstractions don't include 
user-space access to DBUS/IBUS.
+ 
+ This results in Tor Browser being unable to read keyboard input in
+ userspace, resulting in a Non-Functional application.  While Tor Browser
+ *launcher* still works, the underlying Tor Browser inherits the AppArmor
+ profile from torbrowser-launcher, hence this needs updated here.
+ 
+ [Test Plan]
+ This fix has already been tested and implemented in Debian upstream.  
However, it was not available before FeatureFreeze, and was not available in 
Debian until post-Noble release.
+ 
+ This has already been tested manually by others, but as soon as a
+ version with the patch present is available, a user should install the
+ updated torbrowser-launcher package and the updated AppArmor profile
+ should apply, and the program should work as usual.
+ 
+ [Regression Potential]
+ Extremely limited.  This simply allows access to userspace dbus/ibus access 
for Keyboard input.
+ 
+ Note that this exact same line being added to the AppArmor profile here
+ exists in the Firefox AppArmor ruleset as well, and since Tor Browser
+ and Firefox share much of the same code, this should have limited to no
+ impact as this has existed in Firefox for a long time.
+ 
+ [Other Info]
+ This is already available in Debian Unstable, and also in Oracular due to the 
sync.
+ 
+ Simon Quigley is handling the upload and prep of the SRU debdiff to
+ noble-updates as a favor to Thomas Ward who is having computer scuff at
+ the time of the uploading.
+ 
+ 
+ [Original Description]
+ 
  I have installed tor browser v13.0.11 on 24.04 (noble). The keyboard
  does not operate, when typing no characters are appearing.
  
  I have tried to enter a search and also type in a URL but this is not
  working.
  
  I am using default Ubuntu desktop with wayland.
  
  ProblemType: Bug
  DistroRelease: Ubuntu 24.04
  Package: torbrowser-launcher 0.3.7-1
  ProcVersionSignature: Ubuntu 6.8.0-11.11-generic 6.8.0-rc4
  Uname: Linux 6.8.0-11-generic x86_64
  ApportVersion: 2.28.0-0ubuntu1
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Fri Mar  8 16:01:36 2024
  InstallationDate: Installed on 2024-03-08 (0 days ago)
  InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Daily amd64 (20240306)
  ProcEnviron:
   LANG=en_US.UTF-8
   PATH=(custom, no user)
   SHELL=/bin/bash
   TERM=xterm-256color
   XDG_RUNTIME_DIR=
  SourcePackage: torbrowser-launcher
  UpgradeStatus: No upgrade log present (probably fresh install)

** Changed in: torbrowser-launcher (Ubuntu Noble)
   Importance: Undecided => High

** Summary changed:

- Tor Browser - keyboard not functioning
+ [SRU - Noble] Tor Browser - keyboard not functioning

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056578

Title:
  [SRU - Noble] Tor Browser - keyboard not functioning

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/2056578/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2056578] Re: Tor Browser - keyboard not functioning

[Thomas Ward]

Fixed in Oracular by a sync from Debian.

Because my system is being derp with signing keys and uploads, I've
enlisted another Ubuntu Developer to handle the SRU debdiff.

** Also affects: torbrowser-launcher (Ubuntu Oracular)
   Importance: Undecided
   Status: Confirmed

** Also affects: torbrowser-launcher (Ubuntu Noble)
   Importance: Undecided
   Status: New

** Changed in: torbrowser-launcher (Ubuntu Noble)
   Status: New => Confirmed

** Changed in: torbrowser-launcher (Ubuntu Oracular)
   Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056578

Title:
  Tor Browser - keyboard not functioning

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/2056578/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2067523] [NEW] `mk-sbuild` on older Ubuntu versions like 22.04 are unable to build new Debian chroots

[Thomas Ward]

Public bug reported:

Sometimes, when we are working with both Ubuntu and Debian, we need to
create a Debian chroot for build testing.

Unfortunately, mk-sbuild is UNABLE to create Debian chroots.  Currently,
the first error is that "/bin/true" is nonexistent (it's in
`/usr/bin/true` now).  Then, it fails trying to execute ldconfig, and a
continual chain of issues.

It's possible this is a debootstrap problem, but one that probably needs
rectified.

ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: ubuntu-dev-tools 0.193ubuntu4~22.04.2
ProcVersionSignature: Ubuntu 6.5.0-35.35~22.04.1-generic 6.5.13
Uname: Linux 6.5.0-35-generic x86_64
NonfreeKernelModules: zfs
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Wed May 29 16:55:39 2024
InstallationDate: Installed on 2022-08-25 (643 days ago)
InstallationMedia: Ubuntu 22.04.1 LTS "Jammy Jellyfish" - Release amd64 
(20220809.1)
PackageArchitecture: all
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: ubuntu-dev-tools
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: debootstrap (Ubuntu)
 Importance: Undecided
 Status: New

** Affects: ubuntu-dev-tools (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug jammy

** Also affects: debootstrap (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2067523

Title:
  `mk-sbuild` on older Ubuntu versions like 22.04 are unable to build
  new Debian chroots

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/debootstrap/+bug/2067523/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2061637] Re: [SRU] xx-svn-review crashed with ModuleNotFoundError

[Thomas Ward]

waveform: In order to be valid each release needs to have a higher
version. Especially if its the same version then it has to have
0.ubuntuXX.YY.Z if 0 is the base.  Otherwise it affects upgrading if we
have the same version in multiple releases.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2061637

Title:
  [SRU] xx-svn-review crashed with ModuleNotFoundError

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xxdiff/+bug/2061637/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2056578] Re: Tor Browser - keyboard not functioning

[Thomas Ward]

Note that this is not yet released in Debian.  I have a bunch of things
to fix in the packaging first such as lintian issues and copyright
files.

I can debdiff this into Ubuntu as an SRU after the Debian package is
fully functional and compliant with policy.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056578

Title:
  Tor Browser - keyboard not functioning

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/2056578/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

RE: pastebinit default target on Ubuntu

[Thomas Ward]

For awareness, with my Debian Maintainer hat on and also my upstream pastebinit 
contributor hat on:

Today version 1.7.0 of pastebinit was tagged in GitHub.  It includes many 
improvements since 1.6.2 and includes the dpaste.org addition.

Note that while I think there's specific overrides for Ubuntu and Debian, the 
'default' of pastebinit upstream is now bpa.st.

We can relatively quickly add code logic *in* pastebinit that changes the 
default for Ubuntu to bpaste.org or such.

1.7.0-1 was uploaded to Debian today but can be rapidly updated if needed to 
add Ubuntu logic.  Or we can distropatch that in with a merge or such.



Thomas



-Original Message-
From: ubuntu-devel  On Behalf Of Marco 
Trevisan
Sent: Thursday, April 25, 2024 07:28
To: Timo Aaltonen 
Cc: Sergio Durigan Junior ; Robie Basak 
; ubuntu-devel@lists.ubuntu.com
Subject: Re: pastebinit default target on Ubuntu

Hey,

On apr 16 2024, at 8:23 am, Timo Aaltonen  wrote:
> Sergio Durigan Junior kirjoitti 15.4.2024 klo 20.51:
>> dpaste.com also runs a proprietary backend, so I'm -1 on using it.
>> There's dpaste.org, which is FLOSS and doesn't seem to load any ads.
> 
> dpaste.org seems like a fine alternative, so +1 here too

Oh, I totally agree with this, and supporting dpaste.org was easy enough:
 - https://github.com/pastebinit/pastebinit/pull/5

(for those who wants to use it already, just add that config to ~/.pastebin.d 
and adjust ~/.pastebinit.xml accordingly).

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

-- 
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

RE: Support Integration of Salsa-CI with Ubuntu: Your +1 Needed!

[Thomas Ward]

Otto,

Correct me if I'm wrong, but wouldn't this be a Salsa-CI team decision wholly, 
and not an Ubuntu one, despite any support downstream?

(My reply to the Salsa issue quotes my opinion on this, but my general opinion, 
not one that directly comes with an Ubuntu hat on.)


Thomas


-Original Message-
From: Ubuntu-devel-discuss  On 
Behalf Of Otto Kekäläinen
Sent: Sunday, May 12, 2024 17:07
To: ubuntu-devel-discuss@lists.ubuntu.com
Subject: Support Integration of Salsa-CI with Ubuntu: Your +1 Needed!

Hi fellow Ubuntu Developers,

I'm reaching out to ask for your support on an important initiative:
integrating Salsa-CI with Ubuntu.

Salsa-CI, a CI platform by Debian, plays a crucial role in ensuring package 
quality. Enabling it to support Ubuntu would streamline testing for packages 
intended for both Debian and Ubuntu, benefiting both communities.

Your +1 on https://salsa.debian.org/salsa-ci-team/pipeline/-/issues/327
would greatly help push this initiative forward. Please take a moment to show 
your support.

Thank you for your time and support.

- Otto

--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

[Bug 2065491] Re: [BPO] far2l/2.6.0~beta+ds-1ubuntu0.1 from noble-updates

[Thomas Ward]

"Convenient applicatiom used by server admins" - a little info here on
what it does and WHY it would be useful in older LTSes is important.  As
well as why "other functionality" isn't sufficient, in order to justify
the backport.

We also need confirmation that the package works as is when backported,
and you need to either be willing to update/maintain the backport or
upload with or without a sponsor the package.  The Backports team does
not take those responsibilities on itself.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2065491

Title:
  [BPO] far2l/2.6.0~beta+ds-1ubuntu0.1 from noble-updates

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/far2l/+bug/2065491/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 2065491] Re: [BPO] far2l/2.6.0~beta+ds-1ubuntu0.1 from noble-updates

[Thomas Ward]

"Convenient applicatiom used by server admins" - a little info here on
what it does and WHY it would be useful in older LTSes is important.  As
well as why "other functionality" isn't sufficient, in order to justify
the backport.

We also need confirmation that the package works as is when backported,
and you need to either be willing to update/maintain the backport or
upload with or without a sponsor the package.  The Backports team does
not take those responsibilities on itself.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2065491

Title:
  [BPO] far2l/2.6.0~beta+ds-1ubuntu0.1 from noble-updates

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/far2l/+bug/2065491/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2065436] Re: package nginx 1.24.0-1ubuntu1 failed to install/upgrade: installed nginx package post-installation script subprocess returned error exit status 1

[Thomas Ward]

You have a broken configuration file.

May 11 00:15:19 HP-Pavilion-Notebook nginx[1389]: 2024/05/11 00:15:19
[emerg] 1389#1389: unknown directive "listen" in
/etc/nginx/sites-enabled/flask_app:2

You need to refer to your configurations and make sure they're actually
valid.  You are probably missing things like a server block/stanza, etc.

This however is NOT a package bug.  (Please do not use bugs for support
requests)

** Changed in: nginx (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2065436

Title:
  package nginx 1.24.0-1ubuntu1 failed to install/upgrade: installed
  nginx package post-installation script subprocess returned error exit
  status 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2065436/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2064432] Re: Merge nginx 1.26.0 from Debian unstable for oracular

[Thomas Ward]

bryce:

We will need to coordinate because an ABI change means we need a
transition of all the extra nginx source packages to have a rebuild.
Because we have ABI compliance now.

We're testing and debugging these in Experimental / Unstable now, as
part of Debian nginx policies to start in experimental and fix things
before putting in Unstable/Testing. Once we figure out some of the weird
nuances we're seeing we should be able to move forward.  It will be a
full merge and I'm happy to let you and the Server team handle it.  (I'm
currently busy with my packages in Debian and my DD application)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064432

Title:
  Merge nginx 1.26.0 from Debian unstable for oracular

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2064432/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2064432] Re: Merge nginx from Debian unstable for oracular

[Thomas Ward]

1.26.0 is slated to land in Debian with ABI changes and rebuilds of all
third party modules, just an FYI.  This will impact this merge
notice/request

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064432

Title:
  Merge nginx from Debian unstable for oracular

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2064432/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2062058] Re: Add a UFW firewall config to support QUIC

[Thomas Ward]

Note any Debian changes will appear in 24.10 release when merged in from 
Debian. Existing releases will k
not get this unless we decide to SRU it and this doesnt generally qualify for 
SRU inclusion.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2062058

Title:
  Add a UFW firewall config to support QUIC

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2062058/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2063830] Re: package nginx-core (not installed) failed to install/upgrade: installed nginx-core package post-installation script subprocess returned error exit status 1

[Thomas Ward]

You have another service listening on port 80.  Figure out what it is
and either stop it or uninstall it and then attempt to run/install
nginx.

** Changed in: nginx (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2063830

Title:
  package nginx-core (not installed) failed to install/upgrade:
  installed nginx-core package post-installation script subprocess
  returned error exit status 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2063830/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2062058] Re: Add a UFW firewall config to support QUIC

[Thomas Ward]

** Changed in: nginx (Ubuntu)
   Importance: Undecided => Wishlist

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2062058

Title:
  Add a UFW firewall config to support QUIC

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2062058/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2058927] Re: torbrowser-launcher gives 404 and does not install browser

[Thomas Ward]

*** This bug is a duplicate of bug 277 ***
https://bugs.launchpad.net/bugs/277

The 404 issues are tracked in 277.

GPG keys updates were already uploaded, however they may be stuck in
Proposed still pending a fix for the 404 issues.

Due to how versions of software are updated in Ubuntu, this is not able
to be directly-updated to 0.3.6 or later in Ubuntu 22.04 (you may want
to familiarize yourself with the SRU process as to understanding why)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2058927

Title:
  torbrowser-launcher gives 404 and does not install browser

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/2058927/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2058927] Re: torbrowser-launcher gives 404 and does not install browser

[Thomas Ward]

*** This bug is a duplicate of bug 277 ***
https://bugs.launchpad.net/bugs/277

** This bug has been marked a duplicate of bug 277
   Download URLs are broken

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2058927

Title:
  torbrowser-launcher gives 404 and does not install browser

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/2058927/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2056693] Re: package nginx 1.18.0-0ubuntu1.4 failed to install/upgrade: problemy z zależnościami - pozostawianie nieskonfigurowanego

[Thomas Ward]

Your configuration is bad.  Refer to the error log output in journalctl:

mar 10 19:00:41 wojciech-To-be-filled-by-O-E-M nginx[1323]: nginx:
[emerg] cannot load certificate "/etc/diaspora/ssl/localhost-
bundle.pem": BIO_new_file() failed (SSL: error:02001002:system
library:fopen:No such file or
directory:fopen('/etc/diaspora/ssl/localhost-bundle.pem','r')
error:2006D080:BIO routines:BIO_new_file:no such file)

You need to solve the problem of the missing SSL cert bundle.

Not an NGINX problem but specific to your configs and system.

** Changed in: nginx (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056693

Title:
  package nginx 1.18.0-0ubuntu1.4 failed to install/upgrade: problemy z
  zależnościami - pozostawianie nieskonfigurowanego

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2056693/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2056578] Re: Tor Browser - keyboard not functioning

[Thomas Ward]

torbrowser-launcher is only a tool to help download and update (and run)
Tor Browser.  It is not actually Tor Browser.

If you are having issues with Tor Browser, I suggest you enlist the help
of the Tor community as issues with Tor Browser itself are not related
to the Launcher tool.

** Changed in: torbrowser-launcher (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056578

Title:
  Tor Browser - keyboard not functioning

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/2056578/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2055346] Re: Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

[Thomas Ward]

Something with the debdiff broke the translations components, so the
debdiff is rejected.

However, the components provided here work, so uploaded.  Both are in
building/pending state.

** Changed in: golang-github-openprinting-goipp (Ubuntu)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2055346

Title:
  Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/golang-github-openprinting-goipp/+bug/2055346/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2055346] Re: Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

[Thomas Ward]

Note ipp-usb applies cleanly, so that's "in progress", while goipp is
"Incomplete"

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2055346

Title:
  Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/golang-github-openprinting-goipp/+bug/2055346/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2055346] Re: Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

[Thomas Ward]

Rejection on goipp 1.1.0.

Fails to apply cleanly.  Please address the differences from upstream
that are returned by dpkg-buildpackage.

---

$ debuild -S -sa -d
 dpkg-buildpackage -us -uc -ui -S -sa -d
dpkg-buildpackage: info: source package golang-github-openprinting-goipp
dpkg-buildpackage: info: source version 1.1.0-0ubuntu1
dpkg-buildpackage: info: source distribution noble
dpkg-buildpackage: info: source changed by Till Kamppeter 

 dpkg-source --before-build .
 debian/rules clean
dh clean --buildsystem=golang --with=golang
   dh_auto_clean -O--buildsystem=golang
   dh_autoreconf_clean -O--buildsystem=golang
   dh_clean -O--buildsystem=golang
 dpkg-source -b .
dpkg-source: info: using source format '3.0 (quilt)'
dpkg-source: info: building golang-github-openprinting-goipp using existing 
./golang-github-openprinting-goipp_1.1.0.orig.tar.gz
dpkg-source: info: local changes detected, the modified files are:
 golang-github-openprinting-goipp-1.1.0/goipp_test.go
dpkg-source: error: aborting due to unexpected upstream changes, see 
/tmp/golang-github-openprinting-goipp_1.1.0-0ubuntu1.diff.FRzENy
dpkg-source: info: Hint: make sure the version in debian/changelog matches the 
unpacked source tree
dpkg-source: info: you can integrate the local changes with dpkg-source --commit
dpkg-buildpackage: error: dpkg-source -b . subprocess returned exit status 2
debuild: fatal error at line 1182:
dpkg-buildpackage -us -uc -ui -S -sa -d failed

** Changed in: golang-github-openprinting-goipp (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2055346

Title:
  Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/golang-github-openprinting-goipp/+bug/2055346/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2055346] Re: Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

[Thomas Ward]

** Changed in: ipp-usb (Ubuntu)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2055346

Title:
  Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/golang-github-openprinting-goipp/+bug/2055346/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2055346] Re: Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

[Thomas Ward]

** Changed in: golang-github-openprinting-goipp (Ubuntu)
 Assignee: (unassigned) => Thomas Ward (teward)

** Changed in: ipp-usb (Ubuntu)
 Assignee: (unassigned) => Thomas Ward (teward)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2055346

Title:
  Need sponsoring: goipp 1.1.0 and ipp-usb 0.9.24 for noble

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/golang-github-openprinting-goipp/+bug/2055346/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

RE: Further reducing my involvement with Ubuntu

[Thomas Ward]

I have a feeling that'll happen, but I'll leave that to the Release team.  
Eithier way, I have a code clone so I can start examining the code (and 
potentially improving it for my own needs or using it as a base for stuff).

Yay for open source software, am I right?  


Thomas


-Original Message-
From: Stéphane Graber  
Sent: Friday, February 16, 2024 18:25
To: Thomas Ward 
Cc: Steve Langasek ; ubuntu-release@lists.ubuntu.com
Subject: Re: Further reducing my involvement with Ubuntu

Yep,

My original e-mail included a link to the bzr repo for the code.

I suspect that part of moving it to a new home will include converting that to 
git and writing down more up to date instructions on how to install and run it.

Stéphane

On Fri, Feb 16, 2024 at 6:16 PM Thomas Ward  wrote:
>
> The code exists somewhere right?  I may want to adapt a version of 
> this for Lubuntu on our Matrix channels at some point independent of 
> the AA/Release Team at some point (or for a private equivalent bot to 
> send me notices on specific packages).  Asking because I'd like to do 
> some extra coding work myself and help maybe improve the bot's code 
> long term if theres no objection to coding suggestions :)
>
>
>
> Sent from my Galaxy
>
>
>
>  Original message 
> From: Stéphane Graber 
> Date: 2/16/24 17:55 (GMT-05:00)
> To: Steve Langasek , Stéphane Graber 
> , ubuntu-release@lists.ubuntu.com
> Subject: Re: Further reducing my involvement with Ubuntu
>
> Current config minus bot password (reach out on IRC for that):
>
> ```
> [general]
> verbose = false
>
> [server]
> host = irc.libera.chat
> port = 6697
> nick = queuebot
> local_address = 2602:fc62:a:1::1
> password = PASSWORD
> ipv6 = true
> ssl = true
>
> [#ubuntu-release]
> queue = New, Unapproved
> tracker = Builds
> packageset = Packageset
>
> [#ubuntu-quality]
> tracker = Builds
>
> [#edubuntu]
> queue = New, Unapproved
> queue_filter = edubuntu
>
> tracker = Builds
> tracker_filter = edubuntu
>
> packageset = Packageset
> packageset_filter = edubuntu
>
> [#kubuntu-devel]
> tracker = Builds
> tracker_filter = kubuntu
>
> packageset = Packageset
> packageset_filter = kubuntu
>
> [#ubuntu-dmb]
> packageset = Packageset
>
> [#ubuntu-ci-eng]
> landing = Landings
>
> [#lubuntu-devel]
> tracker = Builds
> tracker_filter = lubuntu
>
> queue = New, Unapproved
> queue_filter = lubuntu
>
> packageset = Packageset
> packageset_filter = lubuntu
>
> [#ubuntu-qt]
> queue = New, Unapproved
> queue_filter = qt5
>
> packageset = Packageset
> packageset_filter = qt5
> ```
>
> On Fri, Feb 16, 2024 at 3:58 PM Steve Langasek 
>  wrote:
> >
> > On Thu, Feb 15, 2024 at 06:59:00PM -0500, Stéphane Graber wrote:
> > > Following some recent interactions[1] which have made me question 
> > > my trust in the Ubuntu Community, I have made the decision to 
> > > further cut back my involvement with the Ubuntu project.
> >
> > > In the case of the Ubuntu Release team, this specifically relates 
> > > to the operation of the IRC bot "queuebot".
> > > I've been operating and occasionally tweaking and fixing that IRC 
> > > bot for over a decade (since 2012) and it's been running on my own 
> > > infrastructure ever since.
> >
> > > You'll find the current (rather ugly python) code here:
> > > https://code.launchpad.net/~ubuntu-archive/queuebot/queuebot
> >
> > > I'd like to turn the lights off on my side by the end of March. 
> > > Should someone want to take over hosting and operating it, please 
> > > let me know and we'll organize the transfer of the production 
> > > configuration to minimize the downtime for its users. It's 
> > > currently running in an Ubuntu 20.04 container and needs around 
> > > 500MB of RAM to keep track of all the various packages.
> >
> > Thanks for reaching out, Stéphane.  I've thought for a while that it 
> > would be a good idea for us to move hosting of this somewhere at 
> > Canonical that multiple active members of the Release Team might have 
> > access to.
> >
> > I've identified a place we can quickly spin this up that both Brian 
> > and I (as well as some non Release Team folks) will have admin 
> > access on.  Feel free to dump the production config info.
> >
> > (If other members of the Release Team care about having access, we 
> > can also make that happen; I'm just arranging for now to move it 
> > somewhere expedient / low-overhead.)
> >
> > --
> > Steve Langasek   Give me a l

RE: Further reducing my involvement with Ubuntu

[Thomas Ward]

The code exists somewhere right?  I may want to adapt a version of this for 
Lubuntu on our Matrix channels at some point independent of the AA/Release Team 
at some point (or for a private equivalent bot to send me notices on specific 
packages).  Asking because I'd like to do some extra coding work myself and 
help maybe improve the bot's code long term if theres no objection to coding 
suggestions :)



Sent from my Galaxy



 Original message 
From: Stéphane Graber 
Date: 2/16/24 17:55 (GMT-05:00)
To: Steve Langasek , Stéphane Graber 
, ubuntu-release@lists.ubuntu.com
Subject: Re: Further reducing my involvement with Ubuntu

Current config minus bot password (reach out on IRC for that):

```
[general]
verbose = false

[server]
host = irc.libera.chat
port = 6697
nick = queuebot
local_address = 2602:fc62:a:1::1
password = PASSWORD
ipv6 = true
ssl = true

[#ubuntu-release]
queue = New, Unapproved
tracker = Builds
packageset = Packageset

[#ubuntu-quality]
tracker = Builds

[#edubuntu]
queue = New, Unapproved
queue_filter = edubuntu

tracker = Builds
tracker_filter = edubuntu

packageset = Packageset
packageset_filter = edubuntu

[#kubuntu-devel]
tracker = Builds
tracker_filter = kubuntu

packageset = Packageset
packageset_filter = kubuntu

[#ubuntu-dmb]
packageset = Packageset

[#ubuntu-ci-eng]
landing = Landings

[#lubuntu-devel]
tracker = Builds
tracker_filter = lubuntu

queue = New, Unapproved
queue_filter = lubuntu

packageset = Packageset
packageset_filter = lubuntu

[#ubuntu-qt]
queue = New, Unapproved
queue_filter = qt5

packageset = Packageset
packageset_filter = qt5
```

On Fri, Feb 16, 2024 at 3:58 PM Steve Langasek
 wrote:
>
> On Thu, Feb 15, 2024 at 06:59:00PM -0500, Stéphane Graber wrote:
> > Following some recent interactions[1] which have made me question my
> > trust in the Ubuntu Community, I have made the decision to further cut
> > back my involvement with the Ubuntu project.
>
> > In the case of the Ubuntu Release team, this specifically relates to
> > the operation of the IRC bot "queuebot".
> > I've been operating and occasionally tweaking and fixing that IRC bot
> > for over a decade (since 2012) and it's been running on my own
> > infrastructure ever since.
>
> > You'll find the current (rather ugly python) code here:
> > https://code.launchpad.net/~ubuntu-archive/queuebot/queuebot
>
> > I'd like to turn the lights off on my side by the end of March. Should
> > someone want to take over hosting and operating it, please let me know
> > and we'll organize the transfer of the production configuration to
> > minimize the downtime for its users. It's currently running in an
> > Ubuntu 20.04 container and needs around 500MB of RAM to keep track of
> > all the various packages.
>
> Thanks for reaching out, Stéphane.  I've thought for a while that it would
> be a good idea for us to move hosting of this somewhere at Canonical that
> multiple active members of the Release Team might have access to.
>
> I've identified a place we can quickly spin this up that both Brian and I
> (as well as some non Release Team folks) will have admin access on.  Feel
> free to dump the production config info.
>
> (If other members of the Release Team care about having access, we can also
> make that happen; I'm just arranging for now to move it somewhere expedient
> / low-overhead.)
>
> --
> Steve Langasek   Give me a lever long enough and a Free OS
> Debian Developer   to set it on, and I can move the world.
> Ubuntu Developer   https://www.debian.org/
> slanga...@ubuntu.com vor...@debian.org

--
Ubuntu-release mailing list
Ubuntu-release@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-release
-- 
Ubuntu-release mailing list
Ubuntu-release@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-release

RE: Further reducing my involvement with Ubuntu

[Thomas Ward]

Stephane,

I can handle operation of the bot if its just in an LXD container then 
migrating it over should be simple if the Release team does not mind me 
assisting with running components.


Thomas



Sent from my Galaxy



 Original message 
From: Stéphane Graber 
Date: 2/15/24 18:59 (GMT-05:00)
To: ubuntu-release@lists.ubuntu.com
Subject: Further reducing my involvement with Ubuntu

Hello,

Following some recent interactions[1] which have made me question my
trust in the Ubuntu Community, I have made the decision to further cut
back my involvement with the Ubuntu project.

In the case of the Ubuntu Release team, this specifically relates to
the operation of the IRC bot "queuebot".
I've been operating and occasionally tweaking and fixing that IRC bot
for over a decade (since 2012) and it's been running on my own
infrastructure ever since.

You'll find the current (rather ugly python) code here:
https://code.launchpad.net/~ubuntu-archive/queuebot/queuebot

I'd like to turn the lights off on my side by the end of March. Should
someone want to take over hosting and operating it, please let me know
and we'll organize the transfer of the production configuration to
minimize the downtime for its users. It's currently running in an
Ubuntu 20.04 container and needs around 500MB of RAM to keep track of
all the various packages.

If nobody steps in, then I'll just turn it off at the end of March
assuming that it's no longer a useful service to the Ubuntu community.

Thanks!

Stéphane

[1] https://hachyderm.io/@stgraber/111936620602456692

--
Ubuntu-release mailing list
Ubuntu-release@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-release
-- 
Ubuntu-release mailing list
Ubuntu-release@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-release

[Bug 2049779] Re: [BPO] carla/2.5.8-0ubuntu1 from noble

[Thomas Ward]

** Changed in: carla (Ubuntu Jammy)
   Status: In Progress => New

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2049779

Title:
  [BPO] carla/2.5.8-0ubuntu1 from noble

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/carla/+bug/2049779/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

RE: Lubuntu LTS Requalification: 24.04 Noble Numbat

[Thomas Ward]

I was just about to reply with a decision from Team Lead and Council as 
follows, which sort of affirms what Aaron said (though this DID need to come 
from leadership, not Aaron):

Primary contact: Simon (tsimonq2)
Secondary Contact: Dan (kc2bez)
Third-tier contact (if Simon and Dan don't reply): Aaron (arraybolt3)

For an all else fails contact, you can contact me - Thomas (teward) - as 
Lubuntu Team Lead, I have executive authority to act if others are unreachable 
or in cases where it requires executive overrule (see Simon's reference to me 
dictating the "rest period" for Lubuntu started on Dec 20 instead of Simon's 
suggestion of Dec 25th through New Year).

I'm also always open to pass on escalations if the others are unreachable, 
Simon and Aaron both know I'm no stranger to dropping bags of work on them when 
it's necessary.

(Note that my Lubuntu duties are independent of my other roles and hats)


Thomas

(Sorry for not replying in line, Outlook is the only mail client I have right 
now and it's a pain for replying because it does top-replies).

-Original Message-
From: Ubuntu-release  On Behalf Of 
Steve Langasek
Sent: Thursday, January 18, 2024 12:14 AM
To: Aaron Rainbolt 
Cc: Simon Quigley ; ubuntu-release@lists.ubuntu.com
Subject: Re: Lubuntu LTS Requalification: 24.04 Noble Numbat

On Wed, Jan 17, 2024 at 10:34:04PM -0600, Aaron Rainbolt wrote:
> > One of the points on https://wiki.ubuntu.com/RecognizedFlavors for 
> > LTS approval is

> >Flavor's support plan presented to Tech Board and approved; support plan
> >should indicate period of time if beyond 9 months (3 yrs or 5 yr), key
> >contacts, and setting expectations as to level of support.

> > Who are you identifying as the "contacts" for escalation of any 
> > issues regarding Lubuntu 24.04 LTS, from the technical board or the release 
> > team?

> Perhaps this got missed, but in the Lubuntu Constitution (our personal 
> "how things work in our project" policy), this is very well-defined.

Well yes, that was not part of the information submitted to the Technical Board 
as part of the qualification request.  It's healthy for a flavor to have such 
structures in place and also speaks well of the maturity and health of the 
Lubuntu flavor community; but please don't assume that members of the broader 
Ubuntu community are conversant with such flavor-specific governance details.

> The contacts are Simon, Dan and myself (Aaron), and Thomas, in that order. 

> Simon therefore is the primary contact as he is the Lubuntu Release 
> Manager, me and Dan are secondary contacts, and Thomas is the "if all else 
> fails"
> fallback by virtue of him being Team Lead.

Thanks.  With that clarification, I am +1 for the 3-year Lubuntu 24.04 LTS.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org

-- 
Ubuntu-release mailing list
Ubuntu-release@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-release

RE: Bug triage report for 2024-01-08 (Monday triage)

[Thomas Ward]

Robie,

Regarding that discourse nginx post I'll give it a thorough overview.  First 
glance is the raised question is legitimate that theres an issue in the 
documentation written by Bryce, but I'll go over it today and make comments (or 
edits) accordingly.

Thomas



Sent from my Galaxy



 Original message 
From: Robie Basak 
Date: 1/8/24 09:34 (GMT-05:00)
To: ubuntu-server@lists.ubuntu.com
Subject: Bug triage report for 2024-01-08 (Monday triage)

> LP: #2020260 || D   | Expired   | samba   | Samba 
> seems to panic after enabling and connecting to ZFS b… |

This is an additional report from someone using samba in Debian. I
commented to try and set the expectation that we probably won't make any
progress without a reproducer or a deeper technical analysis. I also
added this to our long term backlog since a crash is generally a valid
bug that we would work on if we had infinite time (but the severity
related to a rare crash doesn't warrant prioritising it).

> LP: #2041751 || D   | Fix Released  | pptpd   |   
>  RM: Remove dangerously insecure MPPE PPTP from Ubuntu |

I add a ubuntu-release-notes task as I think this should be release
noted. No other action was needed.

> LP: #2048068 || D   | New   | exim4   | 
> exim4-daemon-heavy: investigate enabling experimental ARC s… |

Mitchell had added this for discussion. I also added it to our long term
backlog since I think that we would investigate this in principle if we
had infinite time regardless of its priority.

> LP: #2048419 || D   | New   | apache2 |   
> ubuntu-logo.png missing in icons directory |

Marked for immediate attention. I haven't verified this but it seems
clear enough.

> LP: #2048436 || D   | New   | sssd|   
>four Dependency failed for SSSD |

It isn't clear that this is a bug at all. Commented and marked
Incomplete.

Reviewing older bugs:

> LP: #2042824 |  + | DJ  | Triaged   | freeradius  |   
>   smbencrypt segfaults when run with any parameter |

This seems like a legitimate if low priority issue, so I added it to the
backlog (it wasn't previously).

> LP: #1852994 || DFI | New   | samba   | samba 
> creates temporary files in /tmp, but never deletes th… |

This is already in the backlog and fixed in Jammy onwards, so only an
SRU remains for Focal. I don't think prioritisation is appropriate, so I
left it as-is.

For Discourse triage,
https://discourse.ubuntu.com/t/how-to-configure-nginx/39680/2 seems
legit and needs further investigation, but I'm not sure how to add it to
a backlog somewhere. Advice appreciated!

Robie
-- 
ubuntu-server mailing list
ubuntu-server@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
More info: https://wiki.ubuntu.com/ServerTeam

Lubuntu 24.04 LTS Participation/Recertification

[Thomas Ward]

All:

I wish to apologize for the tardiness of this note, but on behalf of the 
Lubuntu Council and the Lubuntu Team, I would like to reassert that Lubuntu 
will be participating in 24.04 LTS with a 3 year support period on our part.

Simon Quigley was present at today's TB meeting and made a note that he has a 
draft written up for the recertification paperwork and messages going to the 
TB, but I wanted to reassert that we're working on getting it fully filed, but 
I wanted to affirm we are still participating despite the delay in getting 
information to the TB and Release teams.

I wish to apologize on our slowness, lots of things happened towards EOY 2023 
and everyone got very busy, and this was delayed and overlooked, so my 
apologies to the Release Team and the Technical Board.



Thomas Ward
LP: ~teward
Lubuntu Team Lead
Secondary Lubuntu Release Manager
Lubuntu Council Member
-- 
Ubuntu-release mailing list
Ubuntu-release@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-release

Re: Responses Needed: Flavor Participation for 24.04 LTS

[Thomas Ward]

I can affirm with regards to Lubuntu that we are participating in 24.04 LTS, 
with a support period of 3 years as typical for Lubuntu.

We are working on getting everything necessary for the Technical Board 
recertification and will send that soon as well.


Thomas Ward
Lubuntu Team Lead
Lubuntu Council Member
LP: ~teward


From: ubuntu-flavors  on behalf of 
Simon Quigley 
Sent: Wednesday, November 8, 2023 2:04 PM
To: ubuntu-devel@lists.ubuntu.com ; 
ubuntu-flav...@lists.ubuntu.com 
Subject: Responses Needed: Flavor Participation for 24.04 LTS

Hello flavors!

As we do around the start of every new cycle, I am reaching out to all
the current official Ubuntu flavors to confirm active participation in
the upcoming Ubuntu release - 24.04 LTS, codenamed Noble.

Working towards a release requires a lot of effort, so we'd like to make sure
all the flavors are ready, properly staffed, and have enough time allocated to
make 24.04 LTS happen for their users. This is why, similarly to last time, I
will need a confirmation follow-up message about Noble participation and your
planned efforts this cycle from every flavor, that is:

  * Edubuntu
  * Kubuntu
  * Lubuntu
  * Ubuntu Budgie
  * Ubuntu Cinnamon
  * Ubuntu Kylin
  * Ubuntu MATE
  * Ubuntu Studio
  * Ubuntu Unity
  * Xubuntu

Diversity of opinion within the Ubuntu ecosystem makes us stronger. Flavors play
an important role in making a resilient, inclusive, and technically-sound
Ubuntu, for all of us, inspiring us to do better, and be better. As important
players within the project, we especially value your opinions, and are happy to
address concerns if you run into trouble.

This release, we are making a concerted effort to move off of Ubiquity entirely
and across the board, in time for the LTS. Ubuntu Budgie has paved the way for
flavor participation with the new Ubuntu Desktop Installer, while Lubuntu
continues to innovate and push the limits of what is possible with Calamares.
Whatever route your flavor chooses, it would be an incredibly wise decision to
move off of Ubiquity.

If you have any concerns regarding your participation, or a switch in
installers, please feel free to reach out to me, or anyone from the
~ubuntu-release team.

Thank you!

--
Simon Quigley
si...@tsimonq2.net
tsimonq2 on LiberaChat and OFTC
@tsimonq2:linuxdelta.com on Matrix
5C7A BEA2 0F86 3045 9CC8
C8B5 E27F 2CF8 458C 2FA4

-- 
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

RE: Updates to cacti for CVE-2023-39361 (CVSS 9.8)?

[Thomas Ward]

Nor is it likely a community member would be able to solve this.

I just went digging in Cacti, and even Debian was unable to get information 
about a pinpoint fix and patchset.

From https://github.com/Cacti/cacti/issues/5523 I am quoting their security / 
developers directly:

> Hi Paul,
> 
> The issue raised was listed as fixed in Cacti < 1.2.6. We did ask the 
> researcher for more information as we couldn't reproduce this under recent 
> Cacti versions, but we were only told that it was definitely resolved in the 
> latest code. I don't believe there is much on that issue that isn't already 
> released by him on his public posts about it.
> 
> We didn't do much with it, since it has already been fixed, and it seems to 
> only affect versions outside of what we currently support. If you need more 
> information on where to find his posts, I can send you them directly. Feel 
> free to reach out to me on the other channels.

Debian has updated their security vulnerability data as well on this CVE 
(https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3288ad78351071f170dd4da4d70a8a95065cb1ce):

> It is a very unfortunate situation that the fix is not pinpointed.
> Upstream believes 1.2.6 fixes the issue. Exceptionally update the status
> according to the current discussion.

There is no fix documented on the CVE or the GHSA documentation, nor any linked 
data available from that other than "This was fixed in 1.2.6 after discussion 
between Upstream and reporting researcher."

The Ubuntu Security Team may wish to reflect this information in the CVE entry. 
 Per Upstream, the reporter's blog post is referring to an at the time 
nonexistent 1.2.25 release.  It was indicated by TheWitness 
(https://github.com/Cacti/cacti/issues/5523#issuecomment-1768240843) on the 
Cacti GitHub repository that they meant this was fixed in 1.2.6 but not present 
in 1.2.25 which was released since then.


Thomas


-Original Message-
From: Ubuntu-devel-discuss  On 
Behalf Of Alex Murray
Sent: Monday, November 13, 2023 9:16 PM
To: chue...@pentics.com; ubuntu-devel-discuss@lists.ubuntu.com
Subject: Re: Updates to cacti for CVE-2023-39361 (CVSS 9.8)?

Hi chuegen,

As cacti is in the universe component of the repository, it is community 
maintained and therefore there is no timeframe as to when such a package will 
be patched in Ubuntu nor any clear indication if a community member is working 
on this at this time.

You can see the status of this CVE in the Ubuntu CVE Tracker at
https://ubuntu.com/security/CVE-2023-39361

Thanks,
Alex

On Tue, 2023-09-12 at 11:36:47 -0500, chue...@pentics.com wrote:

> Hi there,
>
> The Cacti project provided an announcement of a CVSS 9.8 SQL injection 
> bug against Cacti (fixed in 1.2.25).  Is this being worked, and how 
> long should I expect before a package becomes available in the Ubuntu 
> 22.04 security stream?  For now, I have disabled the functionality in 
> question while I await a package update (and I'd like to avoid having 
> to go with a local version of the updated package if it will be relatively 
> soon).
>
> -c
> --
> Ubuntu-devel-discuss mailing list
> Ubuntu-devel-discuss@lists.ubuntu.com
> Modify settings or unsubscribe at: 
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: allowing backports into non-LTS releases

[Thomas Ward]

Same with Mantic.

On 10/30/23 15:09, Thomas Ward wrote:
The only thing in Lunar's backports are the `cockpit` package, I 
forget did we give that an exception?



Thomas


On 10/30/23 10:58, Thomas Ward wrote:
I'll take a look at Lunar (didn't that just release though...?) as I 
have a server related task for that to work on.



Thomas


-Original Message-
From: ubuntu-backports  On 
Behalf Of Dan Streetman

Sent: Monday, October 30, 2023 10:55 AM
To: Backports Discussion 
Subject: allowing backports into non-LTS releases

I'd like to propose changing our rules to allow - but not require - 
backports into non-LTS releases. I think it makes sense to allow 
this, so the benefit of backports can be provided in non-LTS releases 
as well.


As we currently do have backports in the non-LTS lunar and mantic 
queues, and we've rescheduled our next meeting until the end of next 
month, if you have time @teward and @mapreri I'd like to discuss over 
the ML, so we can accept (or reject) the non-LTS uploads.


Thanks!

--
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports


--
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

Re: allowing backports into non-LTS releases

[Thomas Ward]

The only thing in Lunar's backports are the `cockpit` package, I forget 
did we give that an exception?



Thomas


On 10/30/23 10:58, Thomas Ward wrote:

I'll take a look at Lunar (didn't that just release though...?) as I have a 
server related task for that to work on.


Thomas


-Original Message-
From: ubuntu-backports  On Behalf Of 
Dan Streetman
Sent: Monday, October 30, 2023 10:55 AM
To: Backports Discussion 
Subject: allowing backports into non-LTS releases

I'd like to propose changing our rules to allow - but not require - backports 
into non-LTS releases. I think it makes sense to allow this, so the benefit of 
backports can be provided in non-LTS releases as well.

As we currently do have backports in the non-LTS lunar and mantic queues, and 
we've rescheduled our next meeting until the end of next month, if you have 
time @teward and @mapreri I'd like to discuss over the ML, so we can accept (or 
reject) the non-LTS uploads.

Thanks!

--
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports


--
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

RE: allowing backports into non-LTS releases

[Thomas Ward]

I'll take a look at Lunar (didn't that just release though...?) as I have a 
server related task for that to work on.


Thomas


-Original Message-
From: ubuntu-backports  On Behalf Of 
Dan Streetman
Sent: Monday, October 30, 2023 10:55 AM
To: Backports Discussion 
Subject: allowing backports into non-LTS releases

I'd like to propose changing our rules to allow - but not require - backports 
into non-LTS releases. I think it makes sense to allow this, so the benefit of 
backports can be provided in non-LTS releases as well.

As we currently do have backports in the non-LTS lunar and mantic queues, and 
we've rescheduled our next meeting until the end of next month, if you have 
time @teward and @mapreri I'd like to discuss over the ML, so we can accept (or 
reject) the non-LTS uploads.

Thanks!

--
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

RE: today's meeting

[Thomas Ward]

Sounds good, I'll be there!

-Original Message-
From: ubuntu-backports  On Behalf Of 
Dan Streetman
Sent: Monday, October 30, 2023 10:41 AM
To: Backports Discussion 
Subject: Re: today's meeting

I scheduled the next meeting for Nov 29, at the same (DST-aware) time, which 
results in 16:00 UTC (due to the DST change).

On Wed, Oct 25, 2023 at 9:35 AM Thomas Ward  wrote:
>
> agreee +1 on skipping
>
>
>
> Sent from my Galaxy
>
>
>
>  Original message 
> From: Mattia Rizzolo 
> Date: 10/25/23 09:15 (GMT-05:00)
> To: ubuntu-backports@lists.ubuntu.com
> Subject: today's meeting
>
> Today we are scheduled to have a meeting in less than 2 hours from now.
>
> I don't have any update concerning the current items nor my own TODOs 
> (sorry about this!), and I don't think we have any pressing issue/case 
> we need to discuss.
> I think it would be fine to just skip this meeting and jump on the 
> next one.
>
> --
> regards,
> Mattia Rizzolo
>
> GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
> More about me:  https://mapreri.org : :'  :
> Launchpad user: https://launchpad.net/~mapreri  `. `'`
> Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-
> --
> ubuntu-backports mailing list
> ubuntu-backports@lists.ubuntu.com
> Modify settings or unsubscribe at: 
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

--
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

RE: today's meeting

[Thomas Ward]

agreee +1 on skipping



Sent from my Galaxy



 Original message 
From: Mattia Rizzolo 
Date: 10/25/23 09:15 (GMT-05:00)
To: ubuntu-backports@lists.ubuntu.com
Subject: today's meeting

Today we are scheduled to have a meeting in less than 2 hours from now.

I don't have any update concerning the current items nor my own TODOs
(sorry about this!), and I don't think we have any pressing issue/case
we need to discuss.
I think it would be fine to just skip this meeting and jump on the next
one.

--
regards,
Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540  .''`.
More about me:  https://mapreri.org : :'  :
Launchpad user: https://launchpad.net/~mapreri  `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia  `-
-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

Re: Merge ubuntu-motu@lists into ubuntu-devel-discuss@lists?

[Thomas Ward]

If the lists merge, I'm sure Canonical / Ubuntu IS can set up a redirect 
so that ubuntu-motu@lists.u.c redirects to 
ubuntu-devel-discuss@lists.u.c.  Email redirection is fairly trivial 
when you have access to control mail flow.  So I would not be as 
concerned about there being a "lost contact field" in that case.



Thomas


On 10/18/23 15:57, Laurent Lyaudet wrote:

Hello :),

I found this list while searching contact information for this package:
https://packages.ubuntu.com/lunar/python3-uinput
Search Ubuntu MOTU Developers on the web page.
I think there must be a good number of packages where this list is
given as contact.

Best regards,
 Laurent Lyaudet

Le mer. 18 oct. 2023 à 02:45, Steve Langasek
 a écrit :

Hi folks,

There is a mailing list, ubuntu-motu@lists.ubuntu.com, that sees very little
activity.  While MOTU as a concept still exists for those who are approved
uploaders to universe but not main (https://launchpad.net/~motu), it's been
quite some time that this list is not being used for discussions within that
subcommunity of developers.

Indeed, I think most MOTU are probably not tracking the list at all, and a
look at the message history over the past 6 months shows the only threads
started on there are from users asking for help with one universe package or
another.  It's not clear to me how users are finding this as a contact
address, but it's not a good experience for them; the list is infrequently
moderated (I have the impression that it's less frequently than
ubuntu-devel*), and there are only a handful of developers who answer on the
list (myself, Robie, maybe a few others?).

I'd therefore like to propose we close this mailing list and forward the
address on to ubuntu-devel-disc...@lists.ubuntu.com, which at least has a
larger subscriber base and is more likely to result in users getting help
with their questions.

Opinions?

--
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
--
Ubuntu-motu mailing list
Ubuntu-motu@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu


--
Ubuntu-motu mailing list
Ubuntu-motu@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu

Re: Merge ubuntu-motu@lists into ubuntu-devel-discuss@lists?

[Thomas Ward]

If the lists merge, I'm sure Canonical / Ubuntu IS can set up a redirect 
so that ubuntu-motu@lists.u.c redirects to 
ubuntu-devel-discuss@lists.u.c.  Email redirection is fairly trivial 
when you have access to control mail flow.  So I would not be as 
concerned about there being a "lost contact field" in that case.



Thomas


On 10/18/23 15:57, Laurent Lyaudet wrote:

Hello :),

I found this list while searching contact information for this package:
https://packages.ubuntu.com/lunar/python3-uinput
Search Ubuntu MOTU Developers on the web page.
I think there must be a good number of packages where this list is
given as contact.

Best regards,
 Laurent Lyaudet

Le mer. 18 oct. 2023 à 02:45, Steve Langasek
 a écrit :

Hi folks,

There is a mailing list, ubuntu-m...@lists.ubuntu.com, that sees very little
activity.  While MOTU as a concept still exists for those who are approved
uploaders to universe but not main (https://launchpad.net/~motu), it's been
quite some time that this list is not being used for discussions within that
subcommunity of developers.

Indeed, I think most MOTU are probably not tracking the list at all, and a
look at the message history over the past 6 months shows the only threads
started on there are from users asking for help with one universe package or
another.  It's not clear to me how users are finding this as a contact
address, but it's not a good experience for them; the list is infrequently
moderated (I have the impression that it's less frequently than
ubuntu-devel*), and there are only a handful of developers who answer on the
list (myself, Robie, maybe a few others?).

I'd therefore like to propose we close this mailing list and forward the
address on to ubuntu-devel-disc...@lists.ubuntu.com, which at least has a
larger subscriber base and is more likely to result in users getting help
with their questions.

Opinions?

--
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developer   https://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
--
Ubuntu-motu mailing list
ubuntu-m...@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu


--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

[Bug 2033645] Re: [BPO] libreoffice 7.5.6 for jammy

[Thomas Ward]

This has been accepted and is now in the queue pending publication.

** Changed in: libreoffice (Ubuntu Jammy)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2033645

Title:
  [BPO] libreoffice 7.5.6 for jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2033645/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 2030259] Re: [BPO] Backport mozc from lunar to jammy

[Thomas Ward]

I give this a provisional ACK but want to check with mapreri or ddstreet
first for a second ack before handling.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2030259

Title:
  [BPO] Backport mozc from lunar to jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mozc/+bug/2030259/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 2030675] Re: [BPO] plastimatch/1.9.4+dfsg.1-2 for jammy (22.04LTS)

[Thomas Ward]

Changing the package to include two *external* sources is not proper,
because you will have packaging conflicts.

If this bug is relevant to other packages, then cherrypicking the patch
from upstream and following the Stable Release Updates process for
fixing/updating libinsighttoolkit5 is where you're going to need to
follow.  https://wiki.ubuntu.com/StableReleaseUpdates

However, that's independent from the Backports process and needs to be
handled that way.

It is not proper to 'bug fix' by doing Backports, that's what the SRU
process is for.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2030675

Title:
  [BPO] plastimatch/1.9.4+dfsg.1-2 for jammy (22.04LTS)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/plastimatch/+bug/2030675/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 2030675] Re: [BPO] plastimatch/1.9.4+dfsg.1-2 for jammy (22.04LTS)

[Thomas Ward]

As a backporter *and* a Developer, I have some major concerns about this
request.

(1) This has no developer backing.  One of the major things about a
Backport is it needs a developer or sponsor willing to push this
through.  I don't see any tied to this request.

(2) This request does **not** have any prepared packaging.  Part of the
requirements for backports is that packaging is prepared that *functions
as expected* for upload to the target release.  There isn't, which
should imply that the package works as is, however,

(3) The package requested fails to build from source and is NOT able to
be built on requested target OS.  There is no 'fixed' packaging or
debdiff available to 'fix' this problem here.

The Backports team is **NOT** responsible for making sure the packages
requested build properly on the target OS.  It is up to the requestor
and the developer/sponsor who is helping with this process to handle.

You note in your request that the package "would need modification".
Until a functional package diff is provided by either you or a
developer, this backport request does NOT meet the requirements for
backports.  The Backports team is not responsible for modifying the
package to function, that's a requirement for the requestor - refer to
https://wiki.ubuntu.com/UbuntuBackports#Responsibilities_of_the_Backporter
for what responsibilities you have as the requestor of a backport.

I am marking this as "Incomplete" against Jammy until the requirements
are met so the request is suitable for the Backporters team to review.

** Changed in: plastimatch (Ubuntu Jammy)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2030675

Title:
  [BPO] plastimatch/1.9.4+dfsg.1-2 for jammy (22.04LTS)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/plastimatch/+bug/2030675/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 2030675] Re: [BPO] plastimatch/1.9.4+dfsg.1-2 for jammy (22.04LTS)

[Thomas Ward]

@GregSharp

It's invalid against the Development release, Mantic.  We added the
series target for Jammy which is what you requested the target OS to be.
"Invalid" for a bare package bug is against the devel release, not for
the entire request, because we track that by series tasks/targets.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2030675

Title:
  [BPO] plastimatch/1.9.4+dfsg.1-2 for jammy (22.04LTS)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/plastimatch/+bug/2030675/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 2030675] Re: [BPO] plastimatch/1.9.4+dfsg.1-2 for jammy (22.04LTS)

[Thomas Ward]

** Also affects: plastimatch (Ubuntu Jammy)
   Importance: Undecided
   Status: New

** Changed in: plastimatch (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2030675

Title:
  [BPO] plastimatch/1.9.4+dfsg.1-2 for jammy (22.04LTS)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/plastimatch/+bug/2030675/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

RE: self-approval of uploads to -backports pocket

[Thomas Ward]

I'll make some inquiries on my end, I already hinted to ogra that if we can't 
reach Martin then we are going to have to escalate this - maybe to the TB for 
"abuse of technical privileges", maybe higher (Mark?).



Sent from my Galaxy



 Original message 
From: Dan Streetman 
Date: 5/23/23 09:14 (GMT-05:00)
To: martin.p...@ubuntu.com
Cc: Backports Discussion 
Subject: Re: self-approval of uploads to -backports pocket

Unfortunately it seems this message didn't get to Martin, as today
there was another self-approved upload for cockpit.

I'm not sure what to do about this? Does anyone know of a
better/different email to reach Martin at? Should we reach out to
archive admins to ask what to do? Should we just ignore it and let him
continue to self-approve his backport uploads?

On Sun, Mar 26, 2023 at 1:53 PM Dan Streetman  wrote:
>
> Hi Martin,
>
> It seems you have been uploading the cockpit package to the backports
> pocket for some releases, and then approving the upload yourself.
>
> While you (clearly) still have technical access to approve uploads to
> the backports pockets, the process has changed and you are no longer
> on the backports team, and thus you should not be approving any
> uploads to the backports pocket.
>
> While we're happy to review any uploads you make to the backports
> pocket, please don't approve any more uploads to backports; let your
> uploads proceed through the normal process.
>
> Thanks.

--
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

Re: Special One-Time SRU Handling request for torbrowser-launcher

[Thomas Ward]

Robie,

To cherry pick this would require extensive reverse engineering of the 
code to figure out which pieces apply to the *older* versions of 
torbrowser-launcher.  Unfortunately, since there are no *bugfix* 
releases of torbrowser-launcher upstream and everything is interspersed 
among larger-scale feature changes, this prevents us from easily 
cherrypicking the code.  Essentially, to reverse engineer this patch 
would take much MUCH more time and effort to make functional.


However, we have a second consideration point.  With torbrowser-launcher 
0.3.6, we have a major *upstream* change from Tor Browser itself (which 
is downloaded by torbrowser-launcher and installs it in userspace as Tor 
Browser prefers to live in) which involves the loss of all localization 
packages and one unified package for Tor Browser.  To nitpick *those* 
fixes is equivalent to a large feature change that is well-ingrained in 
the 0.3.5 -> 0.3.6 codebase change, and reverse engineering that from 
what I've attempted to do initially for Tor Browser is a nightmare.


Which leaves us with, really, two choices:

 1. Backport 0.3.6-2 in -updates to the older releases

 2. Won't Fix 277 and other bugs which will make the package 
unusuable (effectively: Critical bugging the older version which a lot 
of people use, because it's "no longer supported").


This is tantamount to Bitcoin from the history where Bitcoin would make 
hard forks or major non-reverse-compatible changes that can't be 
backported and in turn would require the newer version to be backported 
in order for `bitcoin` to even function.  The only difference between 
Bitcoin and torbrowser-launcher (and Tor Browser) is that this is the 
first major *historically breaking* change in upstream Tor Browser that 
prohibits simply 'backporting' these changes.


The two-line fix for launch window is minor, and we could theoretically 
survive that.  However, the URL fix is nontrivial to backport within the 
code, hence the request for a one-time special SRU to backport 0.3.6 to 
all current releases (except 18.04 because that's approaching it's EoSS 
date) in order to make everything function in the currently supported 
releases.



Thomas


On 4/6/23 15:55, Robie Basak wrote:

Hi Thomas,

Thank you for caring for this package in Ubuntu!

I'm not sure I follow why this is difficult to fix by cherry-picking
fixes. It seems to me that there are two bugs mentioned - one which is a
two line fix, and one which refers to upstream URLs changing, which
presumably is a change in a constant somewhere or similar.

Will cherry-picking or rewriting these trivial fixes not be enough to
fix the reported bugs? If not, why not?

Robie

On Sun, Mar 19, 2023 at 07:55:48PM -0400, Thomas Ward wrote:

I'm following up on this today, because Debian finally got off their lazy
butt and uploaded 0.3.6-2 to Debian that addresses the core problems in
Debian.

However, that does not solve the problems for everything in Ubuntu.  With
the blessing of the Release team, I did a sync last night (forced) of
0.3.6-2 from Debian Unstable to Ubuntu Lunar, which addresses
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/277
in Lunar.

Unfortunately the fix that is applied for this in 0.3.6-2 is interwoven with
all the changes from 0.3.3 to 0.3.6 upstream which includes new features.

I have not heard back from the Release team on this, or the SRU team, so I'm
re-asking this.  Is the SRU / Release team willing to let us do a one-time
backport from Lunar of 0.3.6-2 to the older releases currently supported (to
Bionic but no further backwards)?


Thomas


On 2/1/23 14:26, Thomas Ward wrote:

Hello, release team.


Pursuant to a recent change for torbrowser-launcher and Tor Browser, we
have a little bit of a conundrum that is leading to a one time request for
SRUing the latest `torbrowser-launcher` to all currently supported
releases.

With Tor Browser 12 (TB12 for short here), upstream tor browser no longer
uses locales, requiring folder cleanup from TB12 and download URL changes
in order for things to properly function.  Unfortunately, the code changes
necessary to implement the changes to torbrowser-launcher are not easily
nitpicked and include more than just these fixes, as it has new changes
and such to make it work properly. Refer to
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/277
as the current bug on this.

Debian is behind on updating upstream, so later today I will be preparing
a package for Lunar that will have a -0ubuntu1 prefix for the latest
upstream version.  That works fine in Lunar.  It also works fine in
Kinetic and in initial tests in Jammy.  I’m installing test environments
for Focal and Bionic.

The problem here is, though, we have a mix of “new features” and “bug
fixes” together – there is no ‘major version bump’ for feature branches
vs. ‘bugfix’ branches, making it a comingled problem of “new features” and
“bug fixes”.  Theref

Re: Special One-Time SRU Handling request for torbrowser-launcher

[Thomas Ward]

Robie,

To cherry pick this would require extensive reverse engineering of the 
code to figure out which pieces apply to the *older* versions of 
torbrowser-launcher.  Unfortunately, since there are no *bugfix* 
releases of torbrowser-launcher upstream and everything is interspersed 
among larger-scale feature changes, this prevents us from easily 
cherrypicking the code.  Essentially, to reverse engineer this patch 
would take much MUCH more time and effort to make functional.


However, we have a second consideration point.  With torbrowser-launcher 
0.3.6, we have a major *upstream* change from Tor Browser itself (which 
is downloaded by torbrowser-launcher and installs it in userspace as Tor 
Browser prefers to live in) which involves the loss of all localization 
packages and one unified package for Tor Browser.  To nitpick *those* 
fixes is equivalent to a large feature change that is well-ingrained in 
the 0.3.5 -> 0.3.6 codebase change, and reverse engineering that from 
what I've attempted to do initially for Tor Browser is a nightmare.


Which leaves us with, really, two choices:

 1. Backport 0.3.6-2 in -updates to the older releases

 2. Won't Fix 277 and other bugs which will make the package 
unusuable (effectively: Critical bugging the older version which a lot 
of people use, because it's "no longer supported").


This is tantamount to Bitcoin from the history where Bitcoin would make 
hard forks or major non-reverse-compatible changes that can't be 
backported and in turn would require the newer version to be backported 
in order for `bitcoin` to even function.  The only difference between 
Bitcoin and torbrowser-launcher (and Tor Browser) is that this is the 
first major *historically breaking* change in upstream Tor Browser that 
prohibits simply 'backporting' these changes.


The two-line fix for launch window is minor, and we could theoretically 
survive that.  However, the URL fix is nontrivial to backport within the 
code, hence the request for a one-time special SRU to backport 0.3.6 to 
all current releases (except 18.04 because that's approaching it's EoSS 
date) in order to make everything function in the currently supported 
releases.



Thomas


On 4/6/23 15:55, Robie Basak wrote:

Hi Thomas,

Thank you for caring for this package in Ubuntu!

I'm not sure I follow why this is difficult to fix by cherry-picking
fixes. It seems to me that there are two bugs mentioned - one which is a
two line fix, and one which refers to upstream URLs changing, which
presumably is a change in a constant somewhere or similar.

Will cherry-picking or rewriting these trivial fixes not be enough to
fix the reported bugs? If not, why not?

Robie

On Sun, Mar 19, 2023 at 07:55:48PM -0400, Thomas Ward wrote:

I'm following up on this today, because Debian finally got off their lazy
butt and uploaded 0.3.6-2 to Debian that addresses the core problems in
Debian.

However, that does not solve the problems for everything in Ubuntu.  With
the blessing of the Release team, I did a sync last night (forced) of
0.3.6-2 from Debian Unstable to Ubuntu Lunar, which addresses
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/277
in Lunar.

Unfortunately the fix that is applied for this in 0.3.6-2 is interwoven with
all the changes from 0.3.3 to 0.3.6 upstream which includes new features.

I have not heard back from the Release team on this, or the SRU team, so I'm
re-asking this.  Is the SRU / Release team willing to let us do a one-time
backport from Lunar of 0.3.6-2 to the older releases currently supported (to
Bionic but no further backwards)?


Thomas


On 2/1/23 14:26, Thomas Ward wrote:

Hello, release team.


Pursuant to a recent change for torbrowser-launcher and Tor Browser, we
have a little bit of a conundrum that is leading to a one time request for
SRUing the latest `torbrowser-launcher` to all currently supported
releases.

With Tor Browser 12 (TB12 for short here), upstream tor browser no longer
uses locales, requiring folder cleanup from TB12 and download URL changes
in order for things to properly function.  Unfortunately, the code changes
necessary to implement the changes to torbrowser-launcher are not easily
nitpicked and include more than just these fixes, as it has new changes
and such to make it work properly. Refer to
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/277
as the current bug on this.

Debian is behind on updating upstream, so later today I will be preparing
a package for Lunar that will have a -0ubuntu1 prefix for the latest
upstream version.  That works fine in Lunar.  It also works fine in
Kinetic and in initial tests in Jammy.  I’m installing test environments
for Focal and Bionic.

The problem here is, though, we have a mix of “new features” and “bug
fixes” together – there is no ‘major version bump’ for feature branches
vs. ‘bugfix’ branches, making it a comingled problem of “new features” and
“bug fixes”.  Theref

Re: torbrowser-launcher must be at least version="0.3.6" in repository

[Thomas Ward]

Jorgen,

I'm already working on trying to get this approved for SRU.  The problem 
is it has to go through an MRE and the release and SRU teams have to 
approve it, and I have not yet gotten any response or acceptance from 
the Release Team or the SRU team and my multiple inquiries, if I don't 
hear by end of the week I will be going higher up the tech tree to get 
things acted on.



Thomas


On 3/28/23 09:40, "Jørgen Thomsen" wrote:

The tor browser cannot be installed using the torbrowser-launcher
0.3.3 currently in the ubuntu repo.

1) A number of problems arising from the change of language (e.g.
en-US) to ALL in various file and directory names.

2) A problem with broken signature verification is also present from
gpgv requiring the trusted developer key in a trustedkeys.kbx file,
which is non-existant and not created.
trustdb.gpg is the normal file for gpg and the developer key should be
entered into this.


Venlig hilsen
Jørgen Thomsen




--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

[Bug 1998834] Re: [BPO] memtest86+/6.10-2 to Jammy

[Thomas Ward]

@ddstreet While I agree in principle, when something changes to adhere
to EFI spec, that's a pretty significant change.  And saves us having to
do the approval *twice*.  I don't disagree this isn't Fantu's fault, but
it shouldn't be much more difficult for them to get -4 into their PPA
and then us sponsor it up to -backports here (with our blessing and no
additional review needed).

That is, if Fantu can put a backported 6.10-4 into the PPA and then you
sponsor it to -backports ddstreet you can Just Do It with the approval.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1998834

Title:
  [BPO] memtest86+/6.10-2 to Jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/memtest86+/+bug/1998834/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1998834] Re: [BPO] memtest86+/6.10-2 to Jammy

[Thomas Ward]

The only reason I'm going to reject this is that there's changes in -3
and -4 in Lunar now which update to match EFI spec.

Can you do a reupload / sponsor of -4 from Lunar to backports here for
Jammy?

Attached are the -3 and -4 changelog from Lunar / Debian (because it was
synced)


emtest86+ (6.10-4) unstable; urgency=medium

  * Update README.Debian with renamed 32bit files.

 -- Felix Zielcke   Sat, 11 Feb 2023 11:16:22 +0100

memtest86+ (6.10-3) unstable; urgency=medium

  * Rename 32bit files (x32 -> ia32) to match EFI Specification. Thanks
to Jonas Stalder for the hint.

 -- Felix Zielcke   Sat, 11 Feb 2023 10:43:09 +0100

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1998834

Title:
  [BPO] memtest86+/6.10-2 to Jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/memtest86+/+bug/1998834/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

RE: dxf2gcode package is looking a bit dusty

[Thomas Ward]

In actuality, the current version is 20191025-2 from Debian synced into Lunar 
during a time period of which between 2018-04-24 the package was last updated 
and now a newer update made in November of 2022.

"dusty" only applies to where the version is the older 20190925-4 version from 
2018, and during the time between 2018 and 2022 the package remained in ubuntu 
because it was synced from Unstable and did not get updated then.

There remains cases that this package is not maintained consistently in Debian 
namely due to the fact that upstream doesn't seem to regularly produce code 
versions for updating.  If you need the newer version you might want to 
consider updating to the 23.04 release when it's out.  Otherwise you'll have to 
stick with the 2017 package version that is available in the version of Ubuntu 
you are using.


Thomas


-Original Message-
From: Ubuntu-devel-discuss  On 
Behalf Of ubun...@skewray.com
Sent: Monday, March 13, 2023 8:20 PM
To: ubuntu-devel-discuss@lists.ubuntu.com
Subject: dxf2gcode package is looking a bit dusty

The dxf2gcode was last built in 2017.  Maybe time for a refresh?


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: Special One-Time SRU Handling request for torbrowser-launcher

[Thomas Ward]

I'm following up on this today, because Debian finally got off their 
lazy butt and uploaded 0.3.6-2 to Debian that addresses the core 
problems in Debian.


However, that does not solve the problems for everything in Ubuntu.  
With the blessing of the Release team, I did a sync last night (forced) 
of 0.3.6-2 from Debian Unstable to Ubuntu Lunar, which addresses 
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/277 
in Lunar.


Unfortunately the fix that is applied for this in 0.3.6-2 is interwoven 
with all the changes from 0.3.3 to 0.3.6 upstream which includes new 
features.


I have not heard back from the Release team on this, or the SRU team, so 
I'm re-asking this.  Is the SRU / Release team willing to let us do a 
one-time backport from Lunar of 0.3.6-2 to the older releases currently 
supported (to Bionic but no further backwards)?



Thomas


On 2/1/23 14:26, Thomas Ward wrote:


Hello, release team.


Pursuant to a recent change for torbrowser-launcher and Tor Browser, 
we have a little bit of a conundrum that is leading to a one time 
request for SRUing the latest `torbrowser-launcher` to all currently 
supported releases.


With Tor Browser 12 (TB12 for short here), upstream tor browser no 
longer uses locales, requiring folder cleanup from TB12 and download 
URL changes in order for things to properly function.  Unfortunately, 
the code changes necessary to implement the changes to 
torbrowser-launcher are not easily nitpicked and include more than 
just these fixes, as it has new changes and such to make it work 
properly. Refer to 
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/277 
as the current bug on this.


Debian is behind on updating upstream, so later today I will be 
preparing a package for Lunar that will have a -0ubuntu1 prefix for 
the latest upstream version.  That works fine in Lunar.  It also works 
fine in Kinetic and in initial tests in Jammy.  I’m installing test 
environments for Focal and Bionic.


The problem here is, though, we have a mix of “new features” and “bug 
fixes” together – there is no ‘major version bump’ for feature 
branches vs. ‘bugfix’ branches, making it a comingled problem of “new 
features” and “bug fixes”.  Therefore, I’d like to request a one-time 
exception for SRU processes to accept the same version packaged for 
each release using Lunar as a base, and adjusting the packaging as 
needed accordingly for older releases.  That is, this will be an SRU, 
but it will accept the ‘new features’ that’re part of 
torbrowser-launcher that were not present in Bionic or Focal but are 
present in later releases.


Most of the ‘feature’ changes allow choosing additional options, etc. 
but nothing that as far as I can tell changes the core functionality 
of the package.


I’m happy to discuss this further with the SRU and Release teams (IRC 
is always a way to reach me heh), but given the complexities of 
including the fixes and changes just to make tor browser 12 work with 
the older launchers, it’d make more sense and ease of fixing this 
“breaks the launcher tool entirely” issue by simply taking the current 
version and making it match in the entire packaging structure.


I’m happy to spearhead this, but I wanted to put this to the Release 
Team and the SRU team for consideration before I go through the 
process of building all this for the SRU/MRE/Version Bump processes as 
well.


A full changelog upstream is available on their GitHub - 
https://github.com/micahflee/torbrowser-launcher


Thomas

LP: https://launchpad.net/~teward

Ubuntu Core Developer

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: Special One-Time SRU Handling request for torbrowser-launcher

[Thomas Ward]

I'm following up on this today, because Debian finally got off their 
lazy butt and uploaded 0.3.6-2 to Debian that addresses the core 
problems in Debian.


However, that does not solve the problems for everything in Ubuntu.  
With the blessing of the Release team, I did a sync last night (forced) 
of 0.3.6-2 from Debian Unstable to Ubuntu Lunar, which addresses 
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/277 
in Lunar.


Unfortunately the fix that is applied for this in 0.3.6-2 is interwoven 
with all the changes from 0.3.3 to 0.3.6 upstream which includes new 
features.


I have not heard back from the Release team on this, or the SRU team, so 
I'm re-asking this.  Is the SRU / Release team willing to let us do a 
one-time backport from Lunar of 0.3.6-2 to the older releases currently 
supported (to Bionic but no further backwards)?



Thomas


On 2/1/23 14:26, Thomas Ward wrote:


Hello, release team.


Pursuant to a recent change for torbrowser-launcher and Tor Browser, 
we have a little bit of a conundrum that is leading to a one time 
request for SRUing the latest `torbrowser-launcher` to all currently 
supported releases.


With Tor Browser 12 (TB12 for short here), upstream tor browser no 
longer uses locales, requiring folder cleanup from TB12 and download 
URL changes in order for things to properly function.  Unfortunately, 
the code changes necessary to implement the changes to 
torbrowser-launcher are not easily nitpicked and include more than 
just these fixes, as it has new changes and such to make it work 
properly. Refer to 
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/277 
as the current bug on this.


Debian is behind on updating upstream, so later today I will be 
preparing a package for Lunar that will have a -0ubuntu1 prefix for 
the latest upstream version.  That works fine in Lunar.  It also works 
fine in Kinetic and in initial tests in Jammy.  I’m installing test 
environments for Focal and Bionic.


The problem here is, though, we have a mix of “new features” and “bug 
fixes” together – there is no ‘major version bump’ for feature 
branches vs. ‘bugfix’ branches, making it a comingled problem of “new 
features” and “bug fixes”.  Therefore, I’d like to request a one-time 
exception for SRU processes to accept the same version packaged for 
each release using Lunar as a base, and adjusting the packaging as 
needed accordingly for older releases.  That is, this will be an SRU, 
but it will accept the ‘new features’ that’re part of 
torbrowser-launcher that were not present in Bionic or Focal but are 
present in later releases.


Most of the ‘feature’ changes allow choosing additional options, etc. 
but nothing that as far as I can tell changes the core functionality 
of the package.


I’m happy to discuss this further with the SRU and Release teams (IRC 
is always a way to reach me heh), but given the complexities of 
including the fixes and changes just to make tor browser 12 work with 
the older launchers, it’d make more sense and ease of fixing this 
“breaks the launcher tool entirely” issue by simply taking the current 
version and making it match in the entire packaging structure.


I’m happy to spearhead this, but I wanted to put this to the Release 
Team and the SRU team for consideration before I go through the 
process of building all this for the SRU/MRE/Version Bump processes as 
well.


A full changelog upstream is available on their GitHub - 
https://github.com/micahflee/torbrowser-launcher


Thomas

LP: https://launchpad.net/~teward

Ubuntu Core Developer

-- 
Ubuntu-release mailing list
Ubuntu-release@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-release

Re: [ubuntu-studio-devel] Lowlatency Kernel is behind in Ubuntu Studio

[Thomas Ward]

A general reminder to *everyone* with my Community Council hat on:

Whether you are Canonical, an Ubuntu Flavor team member, or just a 
general community member, if you feel yourself starting to get hostile / 
aggressive in tone, step back and take a breather.


There are an increasing number of times I myself see conflict between 
people - whether it involves Canonical employees, Ubuntu Flavor teams, 
or otherwise - spilling into the lists, and it seems people are starting 
to skirt against CoC with those cases.


My advice is, on this case, Dimitri and Erich, both of you can go take a 
breather for a bit, and calm a little before returning to this.


(I'm not a fan of seeing this level of dissent / aggressiveness between 
people on the public lists, and as Philipp and Mauro at the Canonical 
Community Team know, this is an issue that seems to be becoming systemic 
and we have to remind people about the CoC and how to be nice towards 
others, or at least be constructive without coming off as hostile).



Thomas Ward
Ubuntu Community Council Member

On 3/13/23 14:48, Steve Langasek wrote:

On Mon, Mar 13, 2023 at 06:03:00PM +, Dimitri John Ledkov wrote:

We pushed 6.1 out, and migrated, on generic only, to migrate lots of
packages in proposed, specifically nvidia & everything entangled with
it, and thus unblock autopkgtesting of all the userspace packages
which were otherwise failing on v5.19. There is no intention to port
all flavours to 6.1.

Again, this is one of the reasons we had do miss testing week among another

it was a mistake to skip testing week. you should have tested ubuntu
studio during the testing week like all the other flavours did. As
there are a lot of changes in lunar, that landed and affect ubuntu
studio. For example, all cloud images which use various cloud kernel
flavours, based on v5.19 did participate.
Can you explain who made the call to skip testing week? as to me, it
seemed, it's a requirement to release a flavour. Is studio going to
skip Lunar release?

Testing week is not a release-team-driven activity and flavor engagement in
it has no bearing on a flavor's eligibility for inclusion in a stable
release.

Flavors are required to hit a beta milestone and a release milestone.  How
they conduct their activities to ensure that these milestones are releasable
is for them to decide.




--
ubuntu-studio-devel mailing list
ubuntu-studio-devel@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-studio-devel

Re: Lowlatency Kernel is behind in Ubuntu Studio

[Thomas Ward]

A general reminder to *everyone* with my Community Council hat on:

Whether you are Canonical, an Ubuntu Flavor team member, or just a 
general community member, if you feel yourself starting to get hostile / 
aggressive in tone, step back and take a breather.


There are an increasing number of times I myself see conflict between 
people - whether it involves Canonical employees, Ubuntu Flavor teams, 
or otherwise - spilling into the lists, and it seems people are starting 
to skirt against CoC with those cases.


My advice is, on this case, Dimitri and Erich, both of you can go take a 
breather for a bit, and calm a little before returning to this.


(I'm not a fan of seeing this level of dissent / aggressiveness between 
people on the public lists, and as Philipp and Mauro at the Canonical 
Community Team know, this is an issue that seems to be becoming systemic 
and we have to remind people about the CoC and how to be nice towards 
others, or at least be constructive without coming off as hostile).



Thomas Ward
Ubuntu Community Council Member

On 3/13/23 14:48, Steve Langasek wrote:

On Mon, Mar 13, 2023 at 06:03:00PM +, Dimitri John Ledkov wrote:

We pushed 6.1 out, and migrated, on generic only, to migrate lots of
packages in proposed, specifically nvidia & everything entangled with
it, and thus unblock autopkgtesting of all the userspace packages
which were otherwise failing on v5.19. There is no intention to port
all flavours to 6.1.

Again, this is one of the reasons we had do miss testing week among another

it was a mistake to skip testing week. you should have tested ubuntu
studio during the testing week like all the other flavours did. As
there are a lot of changes in lunar, that landed and affect ubuntu
studio. For example, all cloud images which use various cloud kernel
flavours, based on v5.19 did participate.
Can you explain who made the call to skip testing week? as to me, it
seemed, it's a requirement to release a flavour. Is studio going to
skip Lunar release?

Testing week is not a release-team-driven activity and flavor engagement in
it has no bearing on a flavor's eligibility for inclusion in a stable
release.

Flavors are required to hit a beta milestone and a release milestone.  How
they conduct their activities to ensure that these milestones are releasable
is for them to decide.




--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

RE: unixodbc-dev 2.3.11 seems broken

[Thomas Ward]

Unfortunately here your choices are limited.  The ODBC from Microsoft is 
different than the one in the repos and the two packages conflict.

>From my experience you will have to pick one or the other - use Microsoft's 
>packaged ODBC and no headers, or use the one in the repos with the headers and 
>not use Microsoft.



Sent from my Galaxy



 Original message 
From: Robert Ayrapetyan 
Date: 2/11/23 18:56 (GMT-05:00)
To: ubuntu-devel-discuss@lists.ubuntu.com
Subject: Re: unixodbc-dev 2.3.11 seems broken

Seems it comes as part of msodbcsql18 from official MS repository...

On Sat, Feb 11, 2023 at 3:46 PM Robert Ayrapetyan 
mailto:robert.ayrapet...@gmail.com>> wrote:
You're right, it came from:

https://packages.microsoft.com/ubuntu/20.04/prod focal/main amd64 unixodbc-dev 
amd64 2.3.11 [42.1 kB]

What's the best way to install the right package (2.3.11-2) without removing MS 
repo?

On Sat, Feb 11, 2023 at 3:09 PM Colin Watson 
mailto:cjwat...@ubuntu.com>> wrote:
On Sat, Feb 11, 2023 at 10:13:13AM -0800, Robert Ayrapetyan wrote:
> # lsb_release -a
> No LSB modules are available.
> Distributor ID: Ubuntu
> Description:Ubuntu 20.04.5 LTS
> Release:20.04
> Codename:   focal
>
>
> # apt show unixodbc-dev
> Package: unixodbc-dev
> Version: 2.3.11

This is not a package that comes from Ubuntu 20.04, and in fact it
doesn't appear to have come from any version of Ubuntu at all (versions
of unixodbc-dev provided by Ubuntu have some kind of suffix after the
upstream version number - for example, the version in Ubuntu 22.10 is
2.3.11-2).  Where did you get it from?  The package is clearly broken,
but that isn't an Ubuntu problem - perhaps you should reinstall the
working version from Ubuntu.

--
Colin Watson (he/him)  
[cjwat...@ubuntu.com]

--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Special One-Time SRU Handling request for torbrowser-launcher

[Thomas Ward]

Hello, release team.

Pursuant to a recent change for torbrowser-launcher and Tor Browser, we have a 
little bit of a conundrum that is leading to a one time request for SRUing the 
latest `torbrowser-launcher` to all currently supported releases.

With Tor Browser 12 (TB12 for short here), upstream tor browser no longer uses 
locales, requiring folder cleanup from TB12 and download URL changes in order 
for things to properly function.  Unfortunately, the code changes necessary to 
implement the changes to torbrowser-launcher are not easily nitpicked and 
include more than just these fixes, as it has new changes and such to make it 
work properly.  Refer to 
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/277 as 
the current bug on this.

Debian is behind on updating upstream, so later today I will be preparing a 
package for Lunar that will have a -0ubuntu1 prefix for the latest upstream 
version.  That works fine in Lunar.  It also works fine in Kinetic and in 
initial tests in Jammy.  I'm installing test environments for Focal and Bionic.

The problem here is, though, we have a mix of "new features" and "bug fixes" 
together - there is no  'major version bump' for feature branches vs. 'bugfix' 
branches, making it a comingled problem of "new features" and "bug fixes".  
Therefore, I'd like to request a one-time exception for SRU processes to accept 
the same version packaged for each release using Lunar as a base, and adjusting 
the packaging as needed accordingly for older releases.  That is, this will be 
an SRU, but it will accept the 'new features' that're part of 
torbrowser-launcher that were not present in Bionic or Focal but are present in 
later releases.

Most of the 'feature' changes allow choosing additional options, etc. but 
nothing that as far as I can tell changes the core functionality of the package.

I'm happy to discuss this further with the SRU and Release teams (IRC is always 
a way to reach me heh), but given the complexities of including the fixes and 
changes just to make tor browser 12 work with the older launchers, it'd make 
more sense and ease of fixing this "breaks the launcher tool entirely" issue by 
simply taking the current version and making it match in the entire packaging 
structure.

I'm happy to spearhead this, but I wanted to put this to the Release Team and 
the SRU team for consideration before I go through the process of building all 
this for the SRU/MRE/Version Bump processes as well.

A full changelog upstream is available on their GitHub - 
https://github.com/micahflee/torbrowser-launcher



Thomas
LP: https://launchpad.net/~teward
Ubuntu Core Developer
-- 
Ubuntu-release mailing list
Ubuntu-release@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-release

Forbidden Packages: Add "core SSL libraries" to Forbidden list

[Thomas Ward]

Today, this backport request came in for OpenSSL:

https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2003903

This request was made so that allowing SSL_OP_LEGACY_SERVER_CONNECT to 
actually work would be available in -backports.


Any time that OpenSSL comes up in my radar for sponsors or backporting 
it ends up making me ask the Security team on their opinion because any 
patches to OpenSSL from Security won't make it to -backports and because 
of ABI/API changes that sneak in with microreleases to core SSL 
libraries (openssl, nss, gnutls, ...).


With this discussion brought up, it was discussed in #ubuntu-devel with 
me pinging both Dan Streetman and Mattia Rizzolo in IRC, Mattia chimed 
in on the discussion and with our discussion there, myself and Mattia 
agreed that, due to security reasons and concerns of ABI breakage in 
packages across the board, as well as the fact -backports doesn't get 
Security Team coverage there, we were going to add a category of "core 
SSL libraries" (with examples) to the Forbidden Packages section in 
backport policies.


Right now this has a +2 on this - myself and Mattia in support of this, 
and with this we made the change as that gives a majority decision 
currently among the Backporters team.  Additionally, Security wanted to 
make aware that they wouldn't want to see OpenSSL land in -backports 
because of the huge integration that OpenSSL has which could introduce 
many breakages in non-backports when a backported OPenSSL or such is 
used for libraries.


I've made this revision in the backports policies because myself and 
Mattia had an agreement in IRC on this, we can revert this in a future 
discussion if necessary.  Per policy, this is the note for the 
discussion here on the ML.



Thomas Ward

Backporters Member


--
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 2003903] Re: [BPO] openssl/3.0.5-2ubuntu2 from kinetic

[Thomas Ward]

I've discussed this with mapreri who is another person on the
backporters team.

Given the API/ABI changes that happen during OpenSSL microreleases that
break packages integrations AND that this will add a security delta
(-backports doesn't receive Security Team support so if they change and
patch a CVE in -security or -updates it remains unpatched in -backports
which introduces a significant Security risk.

Additionally, if it's only 3 or 4 commits to fix
SSL_OP_LEGACY_SERVER_CONNECT then you need to follow the SRU process,
not the Backports process.

Rejecting this backport as "Won't Fix" due to the aforementioned
reasons.  Additionally, the Backporters Team are going to blacklist
`openssl` for backport requests unless it comes from Security at this
time.

** Changed in: openssl (Ubuntu)
   Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2003903

Title:
  [BPO] openssl/3.0.5-2ubuntu2 from kinetic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2003903/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 2003903] Re: [BPO] openssl/3.0.5-2ubuntu2 from kinetic

[Thomas Ward]

Mark, are you asking this to be backported in -backports or in -updates
and -security?  This is one of the packages that if we do this in
-backports any security patches applied by the Security team for OpenSSL
in -security and -updates would be ignored with the higher version of
this in -backports.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2003903

Title:
  [BPO] openssl/3.0.5-2ubuntu2 from kinetic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2003903/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 2003903] Re: [BPO] openssl/3.0.5-2ubuntu2 from kinetic

[Thomas Ward]

OpenSSL is one of those tricky things out there I would like to get a
Security insight for before we do any kind of backporting of it.
There's other things this could impact, backports or not.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2003903

Title:
  [BPO] openssl/3.0.5-2ubuntu2 from kinetic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2003903/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

RE: libapache2-mod-shib2 package for Ubuntu 22.04

[Thomas Ward]

If the package is not yet in 22.04 it is unlikely to land except via Backports 
which is its own process.



Sent from my Galaxy



 Original message 
From: Kent Kutan 
Date: 1/14/23 16:34 (GMT-05:00)
To: ubuntu-devel-discuss@lists.ubuntu.com
Subject: libapache2-mod-shib2 package for Ubuntu 22.04

Good evening,

I was wondering if you have a planned release date for the libapache2-mod-shib2 
package for Ubuntu 22.04 (Jammy Jellyfish).

Thanks,

Kent

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

[Bug 2002211] Re: [BPO] python-websockets/10.2-1 from kinetic

[Thomas Ward]

Sponsored to -backports.  I require at least one other backporter to
look at and OK this for acceptance into backports however.

Removing sponsors.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2002211

Title:
  [BPO] python-websockets/10.2-1 from kinetic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-websockets/+bug/2002211/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

RE: Getting Invalid version exception during apt update

[Thomas Ward]

You already got a response on this thread from Colin, quoted below:


On Tue, Jan 03, 2023 at 12:04:34PM +0530, probal basak wrote:

> I am getting the below exception while trying to issue apt update:

> Getting this issue since last week. Previously the same thing used to

> work perfectly fine.



This is a bug in appimage-builder.  As you can see from the fact that it's 
installed in /usr/local, it's not supplied by Ubuntu.



The bug is that it's apparently trying to use the Python packaging.version 
library to parse and compare the version numbers of Ubuntu packages.  Ubuntu 
package versions are not compatible with Python package versions, and it is 
incorrect to use Python's packaging.version library to do this job.



It looks like this bug was fixed in

https://github.com/AppImageCrafters/appimage-builder/pull/281, although it 
doesn't seem that there's been a release since that fix landed.  I don't know 
how best to advise you to apply that fix to your system, but presumably you 
installed this program yourself and so have some idea of how best to upgrade it.



--

Colin Watson (he/him)  [cjwat...@ubuntu.com]


From: Ubuntu-devel-discuss  On 
Behalf Of probal basak
Sent: Tuesday, January 3, 2023 1:36 AM
To: ubuntu-devel-discuss@lists.ubuntu.com
Subject: Getting Invalid version exception during apt update

Hello Team,

I am getting the below exception while trying to issue apt update:
Getting this issue since last week. Previously the same thing used to work 
perfectly fine.

Get:13 http://security.ubuntu.com/ubuntu focal-security/restricted amd64 
Packages [1385 kB]
Fetched 17.1 MB in 5s (3617 kB/s)
Reading package lists... Done
Traceback (most recent call last):
  File "/usr/local/bin/appimage-builder", line 8, in 
sys.exit(__main__())
  File "/usr/local/lib/python3.8/dist-packages/appimagebuilder/__main__.py", 
line 58, in __main__
invoker.execute(commands)
  File "/usr/local/lib/python3.8/dist-packages/appimagebuilder/invoker.py", 
line 41, in execute
command()
  File 
"/usr/local/lib/python3.8/dist-packages/appimagebuilder/commands/apt_deploy.py",
 line 46, in __call__
deployed_packages = apt_deploy.deploy(
  File 
"/usr/local/lib/python3.8/dist-packages/appimagebuilder/modules/deploy/apt/deploy.py",
 line 41, in deploy
self._prepare_apt_venv()
  File 
"/usr/local/lib/python3.8/dist-packages/appimagebuilder/modules/deploy/apt/deploy.py",
 line 57, in _prepare_apt_venv
apt_core_packages = self._remove_old_packages(apt_core_packages)
  File 
"/usr/local/lib/python3.8/dist-packages/appimagebuilder/modules/deploy/apt/deploy.py",
 line 113, in _remove_old_packages
if package > latest_packages[pkg_tuple]:
  File 
"/usr/local/lib/python3.8/dist-packages/appimagebuilder/modules/deploy/apt/package.py",
 line 79, in __gt__
return version.parse(self.version) > version.parse(other.version)
  File "/usr/local/lib/python3.8/dist-packages/packaging/version.py", line 52, 
in parse
return Version(version)
  File "/usr/local/lib/python3.8/dist-packages/packaging/version.py", line 197, 
in __init__
raise InvalidVersion(f"Invalid version: '{version}'")
packaging.version.InvalidVersion: Invalid version: '1.19.7ubuntu3'


Can you please help me to understand what the issue is about? And how to 
resolve this issue please?

Thanks in advance.


--
Thanks,
Probal Basak.
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

[Bug 1968076] Re: [BPO] ipmctl with support for CPS hardware

[Thomas Ward]

** Changed in: ipmctl (Ubuntu Focal)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1968076

Title:
  [BPO] ipmctl with support for CPS hardware

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmctl/+bug/1968076/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

RE: Tomcat9 - Ubuntu 20.04 x64

[Thomas Ward]

FYI that's MOST vulnerability scanners.  Most of them do not have privileged 
access nor the database of ubuntu patch info in them so report solely on the 
exposed version number and thats it.  It leads to a lot of false positives and 
then questions like these.  ;)



Sent from my Galaxy



 Original message 
From: Brad Turnbough 
Date: 11/21/22 16:15 (GMT-05:00)
To: Robie Basak 
Cc: ubuntu-devel-discuss@lists.ubuntu.com
Subject: RE: Tomcat9 - Ubuntu 20.04 x64

This is exactly what I was looking for.  The vulnerability was addressed in 
v9.0.31 of the package.  Nessus must look at the apache tomcat version and not 
take into consideration

Thanks for your very helpful info.  Much appreciated.




Thank you,

Brad Turnbough
Senior Technology Analyst

P: 309.272.2739 F: 309.272.2839

www.betterbanks.com
www.glasfordbank.com



NOTICE: The information contained in this email and any document attached 
hereto is intended only for the named recipient(s). If you are not the intended 
recipient, nor the employee or agent responsible for delivering this message in 
confidence to the intended recipient(s), you are hereby notified that you have 
received this transmittal in error, and any review, dissemination, distribution 
or copying of this transmittal or its attachments is strictly prohibited. If 
you have received this transmittal and/or attachments in error, please notify 
me immediately by reply e-mail and then delete this message, including any 
attachments.

www.statestreetbank.com-Original
 Message-
From: Robie Basak 
Sent: Tuesday, November 15, 2022 10:00 AM
To: Brad Turnbough 
Cc: ubuntu-devel-discuss@lists.ubuntu.com
Subject: Re: Tomcat9 - Ubuntu 20.04 x64

Hi,

On Mon, Nov 14, 2022 at 04:00:22PM +, Brad Turnbough wrote:
> Ran a nessus scan against the box and am being told that verion 9.0.31 is 
> vulnerable to a DoS attack and that I need to upgrade to >=9.0.36.  Problem 
> is, that version isn't available in the Ubuntu repos.
>
> Can someone look into getting this package updated in order to resolve this 
> vulnerability?

Please see: https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions

If after understanding that you still think the package is vulnerable, you need 
to identify a specific CVE.

Once you have that, you can search for the status of a specific CVE at 
https://ubuntu.com/security/cves.

Hope that helps,

Robie
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

[Bug 1997189] Re: [BPO] elfutils/0.188-1 from Lunar

[Thomas Ward]

> I intend to update Ubuntu's debuginfod instance to use this new
package in the near future.

By "update" do you mean SRU or via Backports?  If you are not going to
be doing this via Backports, then I would suggest that you hunt an SRU
on the sole basis that mixing and matching SRU/Backports makes things a
"Well, why do we need this?" situation on both Backports and Stable
Release Updates.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1997189

Title:
   [BPO] elfutils/0.188-1 from Lunar

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/elfutils/+bug/1997189/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1995967] Re: [BPO] qt6-base/6.2.4+dfsg-10 from kinetic

[Thomas Ward]

This sounds like something that should be an SRU not a backport.
Especially since theres an open bug on this and a patch exists.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1995967

Title:
  [BPO] qt6-base/6.2.4+dfsg-10 from kinetic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qt6-base/+bug/1995967/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1992163] Re: [BPO] man-db/2.10.2-1 from jammy

[Thomas Ward]

Mattia:  Big change or not, SRU team might let it through because it's a
*performance bug fix*.  This alone is not sufficient, in my opinion, for
a backport, when an SRU is the process it should be going through
because it fixes a bug - a performance one, granted, but it's still
SRUable I believe.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1992163

Title:
  [BPO] man-db/2.10.2-1 from jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/man-db/+bug/1992163/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1992163] Re: [BPO] man-db/2.10.2-1 from jammy

[Thomas Ward]

Is there a reason the fixes can't be cherrypicked and then SRU'd to fix
this issue?  Backports is typically NOT the way to get fixes for issues
into already stable releases.

** Changed in: man-db (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1992163

Title:
  [BPO] man-db/2.10.2-1 from jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/man-db/+bug/1992163/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1990382] Re: [BPO] libreoffice 7.3.6 for bionic

[Thomas Ward]

Not all Autopkgtests have run and therefore you cannot claim they are
all passing.  This is marked Incomplete until you have provided evidence
that all the autopkgtests and such clear for all supported
architectures.

** Changed in: libreoffice (Ubuntu Bionic)
   Status: In Progress => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1990382

Title:
  [BPO] libreoffice 7.3.6 for bionic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1990382/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1989418] Re: [BPO] libreoffice 7.3.6 for focal

[Thomas Ward]

OK just doing due diligence.

Approved for backports pocket, it'll need to build and publish then
should be available afterwards.

** Changed in: libreoffice (Ubuntu Focal)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1989418

Title:
   [BPO] libreoffice 7.3.6 for focal

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1989418/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1989418] Re: [BPO] libreoffice 7.3.6 for focal

[Thomas Ward]

I'm confused, are you asking for a backport to the backports pocket or
an SRU?  The bug refers to SRU in multiple places.

Backports in the backports pocket are NOT SRUs so its critical to
identify which process and goal you have in mind - SRU or backport.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1989418

Title:
   [BPO] libreoffice 7.3.6 for focal

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1989418/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

Re: Package Update for Ubuntu

[Thomas Ward]

To which SSL issues are you referring, in which Ubuntu releases?

There is a fix in the works for the SSL EOF client issues, if you have a 
specific CVE or information you need to link here please. CVEs are 
typically patched by the Security Team without any change to the actual 
version of the program installed, and instead relying on nitpicked fixes.




Thomas


On 8/30/22 16:45, Maxime Pietrucci-Blacher wrote:
Good evening, I have come to contact you to find out if the 
nginx-common and nginx-core packages are going to be updated soon, as 
there are many problems with the use of TLS on these two packages as 
they are no longer up to date.
Also, I would like to know if there is a way to fix this independently 
or if it is necessary to wait (an update of the package which seems 
urgent to me, considering the recent CVE).

Thank you for your help,
Maxime Pietrucci-Blacher
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: rsync - security error

[Thomas Ward]

Alex,

I believe that OP is referring to the last set of CVEs listed here[1] announced 
on the 14th.  So forgive me while I poke the thread with additional 
information.    I think the original ask was about those.

--

CVE-2022-37434 was announced on the 14th.  And is patched already in Ubuntu [2].

CVE-2022-29154 is the second one, and was deemed too intrusive [3] to include 
as a security update for any of the releases at the time of review (see the 
details in the link).



--

Thomas


[1]: https://rsync.samba.org/security.html
[2]: https://ubuntu.com/security/CVE-2022-37434
[3]: https://ubuntu.com/security/CVE-2022-29154



From: Ubuntu-devel-discuss  on 
behalf of Alex Murray 
Sent: Thursday, August 25, 2022 9:52 PM
To: mynek...@mail.de ; ubuntu-devel-discuss@lists.ubuntu.com 

Subject: Re: rsync - security error

Hi

In Ubuntu we generally do not upload new versions of packages once a
particular Ubuntu release is made. Instead when a security bug (CVE) is
announced, if the version of the particular package in that Ubuntu
release is affected, the security team will backport the patch which
fixes the bug to the older version of the package.

As such, there are currently no known CVEs which have not been patched
for rsync in Ubuntu - you can see this by looking at:

https://ubuntu.com/security/cves?q==rsync===

Thanks,
Alex

On Fri, 2022-08-19 at 21:05:42 +0200, mynek...@mail.de wrote:

>
> Hello,
>
> please provide a new version. The current one contains a security bug.
>
> The current one is 3.2.5.
> See: https://rsync.samba.org/
>
> Thank you
>
> --
> Ubuntu-devel-discuss mailing list
> Ubuntu-devel-discuss@lists.ubuntu.com
> Modify settings or unsubscribe at: 
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

[Bug 1983414] Re: [BPO] dh-python 5.20220403 to focal

[Thomas Ward]

Marking this as Won't Fix because of identified issues and Unit
indicating that this should be withdrawn.

** Changed in: dh-python (Ubuntu Focal)
   Status: Incomplete => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1983414

Title:
  [BPO] dh-python 5.20220403 to focal

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dh-python/+bug/1983414/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1987356] Re: [BPO] elfutils/0.187-1 from Kinetic

[Thomas Ward]

** Changed in: elfutils (Ubuntu)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1987356

Title:
  [BPO] elfutils/0.187-1 from Kinetic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/elfutils/+bug/1987356/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1984053] Re: [BPO] nala/0.11.1 and socksio/1.0.0-2 from Kinetic Kudu

[Thomas Ward]

Both are in the process of working.  socksio is in backports and
published.  nala is pending publication in backports.

** Changed in: socksio (Ubuntu)
   Status: In Progress => Fix Released

** Changed in: nala (Ubuntu)
   Status: In Progress => Fix Committed

** Changed in: nala (Ubuntu)
 Assignee: Joakim Malmquist (anthr) => (unassigned)

** Changed in: socksio (Ubuntu)
 Assignee: Joakim Malmquist (anthr) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1984053

Title:
  [BPO] nala/0.11.1 and socksio/1.0.0-2 from Kinetic Kudu

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nala/+bug/1984053/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1984053] Re: [BPO] nala/0.11.1 and socksio/1.0.0-2 from Kinetic Kudu

[Thomas Ward]

(Backports pocket is a little bit different than AA "NEW" queue)

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1984053

Title:
  [BPO] nala/0.11.1 and socksio/1.0.0-2 from Kinetic Kudu

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nala/+bug/1984053/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1984053] Re: [BPO] nala/0.11.1 and socksio/1.0.0-2 from Kinetic Kudu

[Thomas Ward]

socksio has been accepted but I can also accept nala as well, if it
FTBFS we'll just rerun the build.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1984053

Title:
  [BPO] nala/0.11.1 and socksio/1.0.0-2 from Kinetic Kudu

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nala/+bug/1984053/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

Re: Core Dev Application

[Thomas Ward]

As of the July 25th DMB meeting, this Core Developer application was 
approved, and we welcome Mattia into the ranks of the Ubuntu Core 
Developers.


Congratulations, Mattia!


Thomas
Ubuntu DMB Member

On 7/13/22 12:13, Mattia Rizzolo wrote:

Hi DMB!

I decided to finally send in my core-dev application.

See https://wiki.ubuntu.com/MattiaRizzolo/CoreDevApplication

I added myself to https://wiki.ubuntu.com/DeveloperMembershipBoard/Agenda
for the next meeting (scheduled on 2022-07-25 16 CEST if I can read the
pages right).





--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Re: New Official Flavor Process Issues (Was Re: Ubuntu Cinnamon Remix packages)

[Thomas Ward]

ou do that wrong consistently in a way that may be against CoC 
especially on public lists, then it becomes a Problem(TM) that may come 
back to bite you.  So as I said in the beginning of my message, take a 
deep breath and relax a little.


If you truly believe that I need to be a core dev,
(CC, DMB) Where did it say you need core-dev?  You don't need to be MOTU 
or Core Dev to have upload rights for a package - just apply via the DMB 
PPU process.  Get the upload rights for what you need specifically in 
the flavor.
then you are saying any community member who wants to create a flavor 
needs to spend YEARS getting to that high of privilege.
(DMB, Core Dev) No, you don't need YEARS to get the privilege of upload 
for the packages you need.  Refer to the PPU application process.
And that is not community friendly at all. I am a student, and I'm 
going to a magnet school in September (a CS school might I add).

(CC) Irrelevant to the point that was raised.
School is going to get more intense and I'm not going to be spending 6 
hours a day on Ubuntu development.
(Personal) I am not employed by Canonical.  The amount of *actual* 
development work I do with Ubuntu nowadays is interspersed among my free 
time and is not easily noticed to the public at large.  And while I may 
not have a ton of uploads going on right now, or a ton of development on 
packages being done here at the moment, most of my energy goes into my 
Full Time job and being paid for things, or going to school like I did 
for university and such did NOT interfere from me putting a couple hours 
a week into Ubuntu.  You don't have to go hard core six hours a day of 
Ubuntu work.  I haven't, and yet I sit on the CC, DMB, and have Core Dev 
rights today after putting a few hours work a week or so at most over 
the course of time in to get the recognition and hats I have.  That 
didn't come from six hours a day of Ubuntu contributions, that came from 
me volunteering time I have when I have it and want to contribute, over 
the course of years, to get to where I am now.  Nobody ever said you 
have to spend 6 hours a day contributing to Ubuntu or any specific 
flavor. Nor have I seen anybody be saying that now.


(DMB) Further, the requirements for PPU are a lot lower to an extent 
than the requirements for MOTU and Core Dev - we still require you to 
understand basic things like how the SRU process works, etc. so you 
don't overstep your rights to upload specific packages, but we also 
focus *only* on the pacakges you have worked on that you're applying for 
in comparison to all your contributions.  So the scope of what is 
assessed is different, and it seems you aren't understanding this.




Again, to you this is hard to understand because you already **have** 
the upload rights.
(CC) Calm down already.  This level of aggressiveness and 
pointedness/stabbing despite other posts in your message here is the 
*wrong way* to approach this, and while we all get this way from time to 
time, there's been **a lot** of this type of frustration voiced by you 
in ways that **do not** get results and get you labeled as an irritant.




Truly, with honesty,
-Josh

*From:* Jeremy Bicha 
*Sent:* Thursday, July 28, 2022 10:20
*To:* eeickme...@ubuntu.com 
*Cc:* Steve Langasek ; 
technical-bo...@lists.ubuntu.com ; 
community-coun...@lists.ubuntu.com 
; itzswirlz2...@outlook.com 
; ubuntu-release@lists.ubuntu.com 

*Subject:* Re: New Official Flavor Process Issues (Was Re: Ubuntu 
Cinnamon Remix packages)

On Thu, Jul 28, 2022 at 9:55 AM  wrote:
> This most certainly is not a hasty escalation. I've been aware of
> Ubuntu Cinnamon Remix for 3 years and in that time, Joshua's intention
> was to make it an official flavor. They have been encouraged to become
> an official flavor since Day 0.

The escalation from my perspective is that it appears to me like y'all
made a request to become an official flavor on Saturday, got a reply
on Sunday, and then invoked the authority of the Ubuntu Community
Council on Wednesday. I don't think that's being fair to the Tech
Board.
(CC) I agree with Jeremy here, the optics of this and the way you 
handled this, Erich, are bad.  Next time, wait for Council quorum on an 
issue before we wave the CC hats around as "oh now this is CC 
escalated", because the optics are just as important as the real 
processes, and you didn't *need* to bring *this* up as a CC issue. You 
could have simply emailed the TB and asked the TB to better document the 
process, and copy the CC for awareness.  This didn't need a CC 
issue/escalation task though, in my opinion, so with my CC hat on, in my 
opinion, you're taking non-consensus actions claiming this needed CC 
intervention.


You can make requests for improvement as an individual developer
without needing to speak on behalf of the Community Council.

Thank you,
Jeremy Bicha




---

Thomas Ward
"The Man o

RE: Questions about openssl in Ubuntu mirrors

[Thomas Ward]

Regarding your first question about why we don’t update directly to newer 
versions, etc.:

Once a version of OpenSSL (or most libraries) is released in Ubuntu, like many 
other pieces of software they’re more or less ‘version locked’.  For the most 
part, this answer on Ask Ubuntu is still more or less accurate: 
https://askubuntu.com/a/151304/10616

*That applies for OpenSSL as well*


Regarding your second question about Xenial:

All Ubuntu releases have a set period of standard support.  For interim non-LTS 
releases, this is 9 months.

For LTS releases, this is five years from the initial release date.  After 
those five years, it leaves the standard support period.  After which, 
Canonical (typically, from my observations) provides Extended Security 
Maintenance coverage through the Ubuntu Advantage for Infrastructure 
subscription support programs.

For Xenial 16.04, the Standard Support period ended in April 2021.  (see Ubuntu 
16.04 LTS (Xenial Xerus) 
released).
  When Standard Support ended, and Xenial entered the Extended Security 
Maintenance period, the standard cadence of the Ubuntu Security Team patching 
items in Xenial moved from the standard xenial-security repositories into the 
Ubuntu Advantage ESM repositories which you need to subscribe to Ubuntu 
Advantage for Infrastructure to get entitlement (note you need one license for 
each system you want to protect this way, so it can get Expensive).

In the Corporate IT environment (in which lethargy, inertia, extremely legacy 
software, etc. are reasons that you cannot immediately upgrade from 16.04 to 
18.04 or migrate to even newer Ubuntu), ESM allows an extra 5 years to get 
through those problems with the goal of migration or retiring of those legacy 
systems.  For the average user outside of corporations, anyone who is on 16.04 
should be migrating to newer Ubuntu, or forking out the cash per server to 
cover the ‘legacy’ software via ESM.



NOTE: I do not speak as a representative of Canonical, or the Ubuntu Security 
Team, or any other Ubuntu leadership role in this email.  The aforementioned 
information is based on my observations, information I’ve collected via my FT 
job in discussions with Canonical where we actually have UA-I subscriptions, 
and other resources and discussions with members of Canonical’s development 
teams thanks to my connections as an Ubuntu member.



Thomas


From: Ubuntu-devel-discuss  On 
Behalf Of wei tang
Sent: Wednesday, May 25, 2022 03:29
To: ubuntu-devel-discuss@lists.ubuntu.com
Cc: christoph.mar...@uni-mainz.de; k...@roeckx.be
Subject: Questions about openssl in Ubuntu mirrors

Hello, maintainers:
I am Tang Wei, a researcher in the field of open-source package management in 
Nanyang Technological University in Singapore. I am writing to you to ask some 
questions about the openssl package in Ubuntu mirrors. I would be grateful if 
you could give me some further details.

I noticed that CVE-2022-1292 affected openssl 1.1.1-1.1.1n and 1.0.2-1.0.2zd.  
It is fixed in upstream versions, OpenSSL 1.1.1o and OpenSSL 1.0.2ze. And you 
fixed it in ubuntu revisions, 1.1.1-1ubuntu2.1~18.04.17, 1.1.1f-1ubuntu2.13, 
and 1.1.1l-1ubuntu1.3.

My first question is why you modify and patch the old versions rather than 
directly updating the version to 1.1.1o. Debian maintainers seem to update to 
1.1.1o in their mirrors. 
(http://mirror.coganng.com/debian/pool/main/o/openssl/)  There is no 
compatibility issues from 1.1.1f to 1.1.1o. It seems an easier way to update it 
rather than patching it manually, isn't it?  Why not update it?

My second question is that openssl1.0.2g-1ubuntu4 in xenial is still affected 
by CVE-2022-1292. And it has been fixed in OpenSSL 1.0.2ze. Why don't you patch 
it like other ubuntu releases and leave it vulnerable. If it is caused by 
development cost, why not provide 1.0.2ze in xenial mirrors?

I look forward to hearing from you.
Thanks so much.
Tang Wei
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

[Bug 1977667] Re: package nginx-core 1.18.0-6ubuntu14.1 failed to install/upgrade: installed nginx-core package post-installation script subprocess returned error exit status 1

[Thomas Ward]

"failed to install/upgrade" also means that a package failed to
configure.  If as Simon says the packages were left unconfigured, then
that means the package is "Installed but failed to restart on upgrade"
which is an action the postinst scripts execute.  So it may not be an
'installer' failure but the configuration failure which led to a false
'installer failed' situation because postinst is configured to
reload/restart the NGINX processes on an upgrade.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1977667

Title:
  package nginx-core 1.18.0-6ubuntu14.1 failed to install/upgrade:
  installed nginx-core package post-installation script subprocess
  returned error exit status 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1977667/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1977667] Re: package nginx-core 1.18.0-6ubuntu14.1 failed to install/upgrade: installed nginx-core package post-installation script subprocess returned error exit status 1

[Thomas Ward]

Looks like during your upgrade a certificate went awry, but this isn't
an NGINX issue, it's the maintenance of your system on your end.

From the journalctl data:

Jun 04 14:21:05 heliopolis-aws nginx[44002]: nginx: [emerg] cannot load 
certificate "/etc/ssl/certs/heliosd.crt": BIO_new_file() failed (SSL: 
error:8002:system library::No such file or directory:calling 
fopen(/etc/ssl/certs/heliosd.crt, r) error:1080:BIO routines::no such file)
Jun 04 14:21:05 heliopolis-aws nginx[44002]: nginx: configuration file 
/etc/nginx/nginx.conf test failed

The required certificate file is missing and can't be found.

** Changed in: nginx (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1977667

Title:
  package nginx-core 1.18.0-6ubuntu14.1 failed to install/upgrade:
  installed nginx-core package post-installation script subprocess
  returned error exit status 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1977667/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968076] Re: [BPO] ipmctl with support for CPS hardware

[Thomas Ward]

NACK as is. (negative acknowledgement aka "Debdiff Rejected")

You are attempting to submit a new upstream version not in the Ubuntu
repositories.  Unlike Debian, an Ubuntu backport requires a little more
work to push this in.

Jammy has 03.00.00.0423-1.  Your debdiff is for 03.00.00.0429 which is
**not** available in any Ubuntu release (even the development release).

Rebase your diff against the package in Jammy (dsc link:
https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/ipmctl/03.00.00.0423-1/ipmctl_03.00.00.0423-1.dsc
- dget this), and then re-provide your debdiff here.  I'll check it for
sanity before uploading.

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1968076

Title:
  [BPO] ipmctl with support for CPS hardware

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmctl/+bug/1968076/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1968076] Re: [BPO] ipmctl with support for CPS hardware

[Thomas Ward]

NACK as is. (negative acknowledgement aka "Debdiff Rejected")

You are attempting to submit a new upstream version not in the Ubuntu
repositories.  Unlike Debian, an Ubuntu backport requires a little more
work to push this in.

Jammy has 03.00.00.0423-1.  Your debdiff is for 03.00.00.0429 which is
**not** available in any Ubuntu release (even the development release).

Rebase your diff against the package in Jammy (dsc link:
https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/ipmctl/03.00.00.0423-1/ipmctl_03.00.00.0423-1.dsc
- dget this), and then re-provide your debdiff here.  I'll check it for
sanity before uploading.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968076

Title:
  [BPO] ipmctl with support for CPS hardware

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmctl/+bug/1968076/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968076] Re: [BPO] ipmctl with support for CPS hardware

[Thomas Ward]

If you can give me an extra day or two (I'm suffering from COVID right
now), I can sponsor this.  I'll let the other backporters handle
approval, etc. but uploading the package is something that only takes a
few minutes on my part.  (Just need the patience - COVID is evil)

-- 
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1968076

Title:
  [BPO] ipmctl with support for CPS hardware

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmctl/+bug/1968076/+subscriptions


-- 
ubuntu-backports mailing list
ubuntu-backports@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports

[Bug 1968076] Re: [BPO] ipmctl with support for CPS hardware

[Thomas Ward]

If you can give me an extra day or two (I'm suffering from COVID right
now), I can sponsor this.  I'll let the other backporters handle
approval, etc. but uploading the package is something that only takes a
few minutes on my part.  (Just need the patience - COVID is evil)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968076

Title:
  [BPO] ipmctl with support for CPS hardware

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ipmctl/+bug/1968076/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1964763] Re: QtChooser doesn't support qt6

[Thomas Ward]

If Qt6 is dead upstream, then it's probably a candidate for removal as
soon as Qt5 is retired.

Note that because Debian has refused to even add Qt6 because QtChooser
is dead upstream by design, and I'm gathering as such should not be used
with Qt6, I opened a Debian bug suggesting that they mark the package as
"Breaks:" for all Qt6 libraries.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011935

** Bug watch added: Debian Bug tracker #1011935
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011935

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964763

Title:
  QtChooser doesn't support qt6

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qtchooser/+bug/1964763/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: isc-dhcp: should we start phasing it out?

[Thomas Ward]

Mark,

I'm tempted to start the migration to Kea, but the documentation is 
extremely vague on proper migration.  If we intend to move in that 
direction, we'll need to have a migration guide of some sort, so that 
it's a more seamless transition for people.  Just a thought.



Thomas



On 5/16/22 14:40, Mark Shuttleworth wrote:

On 16/05/2022 18:34, Andreas Hasenack wrote:

Could we perhaps start with phasing out the client, get its rdeps to
use alternatives, and then stop building it, and eventually get to the
server? This could be a lot of work, as I said, isc-dhcp is a classic,
but if upstream is shifting its focus elsewhere, soon we will be
alone.



Thanks for raising the topic. Upstream is clearly signalling their 
preference for a Kea-only future, so one way or another folks who are 
on ISC dhcpd are going to need to pick a new offering. I moved a 
network to Kea last year because ISC dhcpd HA had a number of 
unexpected behaviours, Kea seems much more rational in that regard and 
a good fit for our own offerings and services such as MAAS. I also 
think we might be able to contribute dqlite support for Kea upstream, 
which would make HA even easier.


Mark






--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

Re: Legality of using free VMware Workstation Player for alpha and beta testing of Ubuntu?

[Thomas Ward]

If you are in doubt for any reason, this is where you need to work with 
a lawyer in your own jurisdiction to determine the legality.


None of us are lawyers, so any advice we give should be taken with a 
grain of salt.  I don't think VMware will come after you though for 
using it to test Ubuntu or Lubuntu.



Thomas
(sent without my @ubuntu.com because GMail addresses are involved)

On 5/14/22 21:42, Aaron Rainbolt wrote:
Thank you for taking the time to reply. This is sort of what I was 
thinking when I asked the question, but it's still close enough to a 
problem that I'm worried about it. In addition, I intend on using 
Ubuntu for commercial use in the not-too-distant future, so I'd rather 
not risk getting myself on the bad side of a multi-billion dollar 
company. For now, I have virt-manager, I can get Virtualbox (the 
open-source version, not with the proprietary add-on pack), I've got 
some good physical hardware, and you guys have VMware licenses for 
testing that part of things, so I think I'll just use what I've got 
for the time being, and possibly buy a VMware license at some point in 
the future.


On Sat, May 14, 2022 at 11:21 AM John Chittum 
 wrote:


Not a lawyer, so grain of salt.

Ubuntu, the OS, is not a commercial product by itself. Ubuntu is
offered as a free and open source OS. If you are testing
non-commercial offerings of Ubuntu, as part of community work,
then it should be fine to use VMWare Player, Virtualbox, or other
items for non-commercial work. Community work is, by definition,
not commercial.

If you are working on a commercial product, for instance, testing
Ubuntu Pro features offered by Canonical, or an appliance that
will be sold to a customer, then you may be in violation. If you
are an employee of Canonical employed to work on the OS, things
get dicey _but_ there are options available (we have licenses
available). Or if you are using it as part of your job (say,
you're a sys admin, and part of your job is to vet Ubuntu, and you
just happen to also contribute upstream when you find a bug). Then
you should talk to your workplace about getting you a license.

TL:DR if it's solely community work, it shouldn't be a breach.
Other things would be case by case.


On Sat, May 14, 2022, 10:50 Aaron Rainbolt 
wrote:

Thanks, that's what I needed to know! Virt-manager is more
than sufficient for my needs, and I can always cough up the
$150-$200 if I really want to do VMware testing.

Thank you for your time and help!

On Fri, May 13, 2022 at 3:51 AM Shane O'Sullivan
 wrote:

It's a breach of the EULA. I would highly recommend
installing virt-manager as a suitable alternative.

On Fri 13 May 2022, 08:17 Aaron Rainbolt,
 wrote:

I am digging deep into the world of Ubuntu development
and am trying to make sure my alpha and beta testing
is as effective as possible. I also don't want to cash
out an arm and a leg for expensive software to do so.
I've been using virt-manager (QEMU/KVM) for testing on
virtual machines, and while things seem to be going
well, I'd like to test on other hypervisors too for
the sake of catching as many bugs as possible.

VMware provides their Workstation Player product for
free, *for non-commercial use.* Problem is, I can't
figure out if using VMware for Ubuntu testing would be
considered commercial use. One one hand, I'm not a
Canonical employee, nor am I using VMware for
employment purposes, so that would be non-commercial,
but on the other hand, I'm helping a large enterprise
build an OS that is used for commercial purposes, so
that seems like commercial use.

Do any of y'all do QA testing in the free version of
VMware Workstation Player? Does anyone know if this
is a legal use of VMware?

Thank you for your help and time.

(Note: I /think/ these kinds of questions are what
this mailing list is for, but if I'm misguided and
should have sent this to ubuntu-devel-discuss, please
let me know and I'll direct these kinds of questions
there instead.)
-- 
ubuntu-devel mailing list

ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

-- 
ubuntu-devel mailing list

ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel


-- 

[Bug 1972750] Re: torbrowser-launcher failing to run (first-run) lubuntu jammy

[Thomas Ward]

*** This bug is a duplicate of bug 1967572 ***
https://bugs.launchpad.net/bugs/1967572

Duplicate of #1967572 due to same traceback on failure.

** This bug has been marked a duplicate of bug 1967572
   torbrowser-launcher crashed with   move(self, int, int) in main(): argument 
1 has unexpected type 'float'

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972750

Title:
  torbrowser-launcher failing to run (first-run) lubuntu jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/torbrowser-launcher/+bug/1972750/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971297] Re: Merge nginx from Debian unstable for kinetic

[Thomas Ward]

Note that your Debian source target will be NGINX 1.20.2-1 once it
lands, this was uploaded to ftp-master by myself today after I was given
access to upload by Ondrej Novy.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971297

Title:
  Merge nginx from Debian unstable for kinetic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1971297/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971223] Re: package nginx-core 1.18.0-0ubuntu1.3 failed to install/upgrade: installed nginx-core package post-installation script subprocess returned error exit status 1

[Thomas Ward]

You have a symlink in /etc/nginx/sites-enabled that points to a
nonexistent config file:

nginx[1326]: nginx: [emerg] open() "/etc/nginx/sites-
enabled/frappe.conf" failed (2: No such file or directory) in
/etc/nginx/nginx.conf:62

This is not an NGINX package bug but a local config issue.

** Changed in: nginx (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971223

Title:
  package nginx-core 1.18.0-0ubuntu1.3 failed to install/upgrade:
  installed nginx-core package post-installation script subprocess
  returned error exit status 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1971223/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: rlwrap 0.44 needed for bugfix w/ readline 8.1

[Thomas Ward]

The package in Ubuntu for rlwrap is fed from Debian with no change 
rebuilds as needed it seems, and in Debian there is not a newer version 
packaged.  While it would be nice to get newest software, it looks like 
the package might not be maintained since 2018 in Debian.  And there's a 
bug in Debian requesting an updated version - 0.45.2. [1]


I don't know if the package is unmaintained, but it's probably something 
that someone who cares to could try and go salvage in Debian, otherwise 
we'd have to rely on Debian for the version, or do some kind of delta 
which is generally something that is avoided where possible unless it's 
needed.


Should the package be updated?  Probably, but it should be updated in 
Debian first, and then only in Kinetic Kudu first if that doesn't happen.


I'm not sure if this is SRUable, but that's only 'cause I haven't dug to 
see if a new version bump would be a suitable SRU.  And even then, 
again, the updated versions have to land in Kinetic first.



Thomas


[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986294

On 4/28/22 10:51, Kaleb Barrett wrote:
First time on the list so I'm not much aware of etiquette, please 
excuse me.


I noticed an issue using rlwrap on Ubuntu 22.04 (prompts are 
overwritten with the input), however the problem has been fixed 
upstream in version 0.44, which was released Jan 2021. Should this 
package be updated? The currently available version 0.43 is 5 years old.


Thanks,
ktb



--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

[Bug 1969145] Re: oss4 autopkgtest regression: unrecognized command-line option ‘-mfloat-abi=hard’

[Thomas Ward]

*** This bug is a duplicate of bug 1969752 ***
https://bugs.launchpad.net/bugs/1969752

** This bug has been marked a duplicate of bug 1969752
   oss4-dkms '-mfloat-abi=hard' build failure

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969145

Title:
  oss4 autopkgtest regression: unrecognized command-line option
  ‘-mfloat-abi=hard’

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/oss4/+bug/1969145/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs