Bug#990069: marked as done (openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade)
Your message dated Mon, 4 Oct 2021 13:15:52 +0200 with message-id and subject line Re: Bug#990069: Still broken in ssh 8.4p1-5, libc6 2.31-13 has caused the Debian Bug report #990069, regarding openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 990069: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990069 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: openssh-server Version: 1:8.4p1-5 Severity: normal Dear Maintainer, During a Debian 10 -> 11 upgrade, the SSH server doesn't appear to be accepting new connections. IMO this is less than optimal, and not sure if this was always the case. Would it be possible to keep accepting connections, or at least to make the time window in which SSH is down as short as possible? Greetings, Olaf -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-server depends on: ii adduser3.118 ii debconf [debconf-2.0] 1.5.71 ii dpkg 1.19.7 ii libaudit1 1:2.8.4-3 iu libc6 2.31-12 ii libcom-err21.44.5-1+deb10u3 ii libcrypt1 1:4.4.18-4 ii libgssapi-krb5-2 1.17-3+deb10u1 ii libkrb5-3 1.17-3+deb10u1 ii libpam-modules 1.3.1-5 ii libpam-runtime 1.3.1-5 ii libpam0g 1.3.1-5 ii libselinux13.1-3 ii libssl1.1 1.1.1d-0+deb10u6 ii libsystemd0241-7~deb10u7 ii libwrap0 7.6.q-28 ii lsb-base 10.2019051400 iu openssh-client 1:8.4p1-5 iu openssh-sftp-server1:8.4p1-5 ii procps 2:3.3.15-2 iu runit-helper 2.10.3 ii ucf3.0038+nmu1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages openssh-server recommends: ii libpam-systemd [logind] 241-7~deb10u7 ii ncurses-term 6.1+20181013-2+deb10u2 ii xauth1:1.0.10-1 Versions of packages openssh-server suggests: pn molly-guard pn monkeysphere pn ssh-askpass pn ufw -- debconf information: openssh-server/permit-root-login: true openssh-server/password-authentication: true --- End Message --- --- Begin Message --- Source: glibc Source-Version: 2.31-14 Done: Aurelien Jarno -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net--- End Message ---
Bug#990069: marked as done (openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade)
Your message dated Mon, 4 Oct 2021 12:29:09 +0200 with message-id and subject line Re: Bug#990069: Still broken in ssh 8.4p1-5, libc6 2.31-13 has caused the Debian Bug report #990069, regarding openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 990069: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990069 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: openssh-server Version: 1:8.4p1-5 Severity: normal Dear Maintainer, During a Debian 10 -> 11 upgrade, the SSH server doesn't appear to be accepting new connections. IMO this is less than optimal, and not sure if this was always the case. Would it be possible to keep accepting connections, or at least to make the time window in which SSH is down as short as possible? Greetings, Olaf -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-server depends on: ii adduser3.118 ii debconf [debconf-2.0] 1.5.71 ii dpkg 1.19.7 ii libaudit1 1:2.8.4-3 iu libc6 2.31-12 ii libcom-err21.44.5-1+deb10u3 ii libcrypt1 1:4.4.18-4 ii libgssapi-krb5-2 1.17-3+deb10u1 ii libkrb5-3 1.17-3+deb10u1 ii libpam-modules 1.3.1-5 ii libpam-runtime 1.3.1-5 ii libpam0g 1.3.1-5 ii libselinux13.1-3 ii libssl1.1 1.1.1d-0+deb10u6 ii libsystemd0241-7~deb10u7 ii libwrap0 7.6.q-28 ii lsb-base 10.2019051400 iu openssh-client 1:8.4p1-5 iu openssh-sftp-server1:8.4p1-5 ii procps 2:3.3.15-2 iu runit-helper 2.10.3 ii ucf3.0038+nmu1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages openssh-server recommends: ii libpam-systemd [logind] 241-7~deb10u7 ii ncurses-term 6.1+20181013-2+deb10u2 ii xauth1:1.0.10-1 Versions of packages openssh-server suggests: pn molly-guard pn monkeysphere pn ssh-askpass pn ufw -- debconf information: openssh-server/permit-root-login: true openssh-server/password-authentication: true --- End Message --- --- Begin Message --- Source: glibc Source-Version: 2.31-13+deb11u1 Done: Aurelien Jarno On 2021-10-04 21:04, Tim Connors wrote: > reopen 990069 > thanks. > > With these packages installed: > > 24573,4> dpkg --get-selections | grep ssh > clusterssh install > libssh-4:amd64 install > libssh-gcrypt-4:amd64 install > libssh2-1:amd64 install > openssh-client install > openssh-server install > openssh-sftp-server install > ssh-askpass install > sshfs install > > This particular system is sysv, but I think my other machines suffering > this same problem were already on systemd by the time I upgraded. > > > 24583,14> sudo grep -e ssh -e libc6 -e Restarting -e '^ [a-z]' -e Services > /var/log/apt/term.log > Replacing files in old package libc6:amd64 (2.28-10) ... > Replacing files in old package libc6:i386 (2.28-10) ... > Preparing to unpack .../06-openssh-sftp-server_1%3a8.4p1-5_amd64.deb ... > Unpacking openssh-sftp-server (1:8.4p1-5) over (1:7.9p1-10+deb10u2) ... > Preparing to unpack .../13-openssh-client_1%3a8.4p1-5_amd64.deb ... > Unpacking openssh-client (1:8.4p1-5) over (1:7.9p1-10+deb10u2) ... > Preparing to unpack .../15-openssh-server_1%3a8.4p1-5_amd64.deb ... > Unpacking openssh-server (1:8.4p1-5) over (1:7.9p1-10+deb10u2) ... > Preparing to unpack .../0-libc6-dev_2.31-13_amd64.deb ... You are still using the old version which is not fixed. This is fixed in 2.31-13+deb11u1, not in 2.31-13. This version in in bullseye-proposed-updates and will be moved to bullseye during the next point release. Closing the bug again. -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net
Bug#990069: marked as done (openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade)
Your message dated Fri, 01 Oct 2021 12:02:07 + with message-id and subject line Bug#990069: fixed in glibc 2.31-13+deb11u1 has caused the Debian Bug report #990069, regarding openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 990069: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990069 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: openssh-server Version: 1:8.4p1-5 Severity: normal Dear Maintainer, During a Debian 10 -> 11 upgrade, the SSH server doesn't appear to be accepting new connections. IMO this is less than optimal, and not sure if this was always the case. Would it be possible to keep accepting connections, or at least to make the time window in which SSH is down as short as possible? Greetings, Olaf -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-server depends on: ii adduser3.118 ii debconf [debconf-2.0] 1.5.71 ii dpkg 1.19.7 ii libaudit1 1:2.8.4-3 iu libc6 2.31-12 ii libcom-err21.44.5-1+deb10u3 ii libcrypt1 1:4.4.18-4 ii libgssapi-krb5-2 1.17-3+deb10u1 ii libkrb5-3 1.17-3+deb10u1 ii libpam-modules 1.3.1-5 ii libpam-runtime 1.3.1-5 ii libpam0g 1.3.1-5 ii libselinux13.1-3 ii libssl1.1 1.1.1d-0+deb10u6 ii libsystemd0241-7~deb10u7 ii libwrap0 7.6.q-28 ii lsb-base 10.2019051400 iu openssh-client 1:8.4p1-5 iu openssh-sftp-server1:8.4p1-5 ii procps 2:3.3.15-2 iu runit-helper 2.10.3 ii ucf3.0038+nmu1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages openssh-server recommends: ii libpam-systemd [logind] 241-7~deb10u7 ii ncurses-term 6.1+20181013-2+deb10u2 ii xauth1:1.0.10-1 Versions of packages openssh-server suggests: pn molly-guard pn monkeysphere pn ssh-askpass pn ufw -- debconf information: openssh-server/permit-root-login: true openssh-server/password-authentication: true --- End Message --- --- Begin Message --- Source: glibc Source-Version: 2.31-13+deb11u1 Done: Aurelien Jarno We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 990...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 30 Sep 2021 22:47:49 +0200 Source: glibc Architecture: source Version: 2.31-13+deb11u1 Distribution: bullseye Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 990069 994042 Changes: glibc (2.31-13+deb11u1) bullseye; urgency=medium . [ Aurelien Jarno ] * debian/script.in/nsscheck.sh: restart openssh-server even if it has been deconfigured during the upgrade. Closes: #990069. * debian/debhelper.in/libc.preinst: fix text fallback when debconf is unusable, the current debconf configuration should be queried without first sourcing the confmodule to avoid losing control of the tty. Big thanks to Colin Watson for the help diagnosing the issue and for providing an easy reproducer. Closes: #994042. Checksums-Sha1: ac8313b8a3ec16fb55b1dba1ef66075d6143d093 8347 glibc_2.31-13+deb11u1.dsc ea695731aa16c723d6d873a5e5104036fd787886 911796 glibc_2.31-13+deb11u1.debian.tar.xz d747aae74973b1e28a6053f30ca6af3533ef25c2 8674 glibc_2.31-13+deb11u1_source.buildinfo Checksums-Sha256: 6cc9d5ff699d6c58f02999aa79c1ab3a2bc91c05a
Bug#990069: marked as done (openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade)
Your message dated Tue, 17 Aug 2021 15:04:03 + with message-id and subject line Bug#990069: fixed in glibc 2.31-14 has caused the Debian Bug report #990069, regarding openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 990069: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990069 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: openssh-server Version: 1:8.4p1-5 Severity: normal Dear Maintainer, During a Debian 10 -> 11 upgrade, the SSH server doesn't appear to be accepting new connections. IMO this is less than optimal, and not sure if this was always the case. Would it be possible to keep accepting connections, or at least to make the time window in which SSH is down as short as possible? Greetings, Olaf -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-server depends on: ii adduser3.118 ii debconf [debconf-2.0] 1.5.71 ii dpkg 1.19.7 ii libaudit1 1:2.8.4-3 iu libc6 2.31-12 ii libcom-err21.44.5-1+deb10u3 ii libcrypt1 1:4.4.18-4 ii libgssapi-krb5-2 1.17-3+deb10u1 ii libkrb5-3 1.17-3+deb10u1 ii libpam-modules 1.3.1-5 ii libpam-runtime 1.3.1-5 ii libpam0g 1.3.1-5 ii libselinux13.1-3 ii libssl1.1 1.1.1d-0+deb10u6 ii libsystemd0241-7~deb10u7 ii libwrap0 7.6.q-28 ii lsb-base 10.2019051400 iu openssh-client 1:8.4p1-5 iu openssh-sftp-server1:8.4p1-5 ii procps 2:3.3.15-2 iu runit-helper 2.10.3 ii ucf3.0038+nmu1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages openssh-server recommends: ii libpam-systemd [logind] 241-7~deb10u7 ii ncurses-term 6.1+20181013-2+deb10u2 ii xauth1:1.0.10-1 Versions of packages openssh-server suggests: pn molly-guard pn monkeysphere pn ssh-askpass pn ufw -- debconf information: openssh-server/permit-root-login: true openssh-server/password-authentication: true --- End Message --- --- Begin Message --- Source: glibc Source-Version: 2.31-14 Done: Aurelien Jarno We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 990...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 17 Aug 2021 16:27:59 +0200 Source: glibc Architecture: source Version: 2.31-14 Distribution: unstable Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 603914 975077 981650 982360 986951 987266 990031 990069 Changes: glibc (2.31-14) unstable; urgency=medium . [ Samuel Thibault ] * debian/testsuite-xfail-debian.mk: Update tests. * debian/patches/hurd-i386/tg-eintr.diff: Replace with upstream's more complete git-eintr.diff. * debian/patches/hurd-i386/proc_reauth.diff: Use the new __proc_reauthenticate_complete protocol. * control: Break hurd version that erroneously depended on an update libc0.3 for the auth_complete_reauthentication RPC * debian/libc0.3.symbols.hurd-i386: Add missing gsync_wait_intr symbol. * debian/patches/hurd-i386/git-AT_NO_AUTOMOUNT.diff: Fix glib's fileinfo. * debian/patches/hurd-i386/git-ELF_MACHINE_USER_ADDRESS_MASK.diff: Fix ELF_MACHINE_USER_ADDRESS_MASK value. * debian/patches/hurd-i386/tg-bigmem.diff: Relace by git-drop-rmh.diff. * debian/patches/series: Reorder hurd-i386 git patches
Bug#990069: marked as done (openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade)
Your message dated Tue, 06 Jul 2021 20:18:00 + with message-id and subject line Bug#990069: fixed in glibc 2.31-13 has caused the Debian Bug report #990069, regarding openssh-server: Not accepting new connections during Debian 10 -> 11 upgrade to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 990069: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990069 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: openssh-server Version: 1:8.4p1-5 Severity: normal Dear Maintainer, During a Debian 10 -> 11 upgrade, the SSH server doesn't appear to be accepting new connections. IMO this is less than optimal, and not sure if this was always the case. Would it be possible to keep accepting connections, or at least to make the time window in which SSH is down as short as possible? Greetings, Olaf -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-server depends on: ii adduser3.118 ii debconf [debconf-2.0] 1.5.71 ii dpkg 1.19.7 ii libaudit1 1:2.8.4-3 iu libc6 2.31-12 ii libcom-err21.44.5-1+deb10u3 ii libcrypt1 1:4.4.18-4 ii libgssapi-krb5-2 1.17-3+deb10u1 ii libkrb5-3 1.17-3+deb10u1 ii libpam-modules 1.3.1-5 ii libpam-runtime 1.3.1-5 ii libpam0g 1.3.1-5 ii libselinux13.1-3 ii libssl1.1 1.1.1d-0+deb10u6 ii libsystemd0241-7~deb10u7 ii libwrap0 7.6.q-28 ii lsb-base 10.2019051400 iu openssh-client 1:8.4p1-5 iu openssh-sftp-server1:8.4p1-5 ii procps 2:3.3.15-2 iu runit-helper 2.10.3 ii ucf3.0038+nmu1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages openssh-server recommends: ii libpam-systemd [logind] 241-7~deb10u7 ii ncurses-term 6.1+20181013-2+deb10u2 ii xauth1:1.0.10-1 Versions of packages openssh-server suggests: pn molly-guard pn monkeysphere pn ssh-askpass pn ufw -- debconf information: openssh-server/permit-root-login: true openssh-server/password-authentication: true --- End Message --- --- Begin Message --- Source: glibc Source-Version: 2.31-13 Done: Aurelien Jarno We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 990...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 06 Jul 2021 21:16:59 +0200 Source: glibc Architecture: source Version: 2.31-13 Distribution: unstable Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 990069 990542 Changes: glibc (2.31-13) unstable; urgency=medium . [ Colin Watson ] * debian/debhelper.in/libc.postinst, script.in/nsscheck.sh: Look for openssh-server package rather than ssh. Closes: #990069 . [ Aurelien Jarno ] * debian/patches/git-updates.diff: update from upstream stable branch: - Fix an arbitrary read in wordexp() (CVE-2021-35942). Closes: #990542. Checksums-Sha1: 8b605f3f6e7a706e9c191e45f9bcb9eca62891b6 8315 glibc_2.31-13.dsc 77fd52762e70da4c16d26185f38f4b447980ba6d 911724 glibc_2.31-13.debian.tar.xz 7825505d9379137ed514e778424d2fbf3f790a94 8582 glibc_2.31-13_source.buildinfo Checksums-Sha256: 85cab7f072d1371775f225d3bbf89a7c2baff10fa1c4de0116e9868716c47a97 8315 glibc_2.31-13.dsc a1f2a1ef54a13edb7185a995f4db050a8fa74f05fe4f271ef0c51d8d99285436 911724 glibc_2.31-13.debian.tar.xz b0ff883c8fb15cf0d18a015f443a457cdf7809f8886a29b4353b4c9f80016107 8582