Re: Python3.4 / CVE-2016-5636

[Brian May]

Brian May  writes:

> I saeem to be having problems building the latest Jessie version
> 3.4.2-1+deb8u1 on Jessie.

Found the problem. /etc/hosts on my chroot was had 600 permissions and
as such not readable by the build process. Somehow the failure in
looking up localhost in this test resulted in the test hanging.
-- 
Brian May 

Re: weekly unclaim runs, shortening the time

[Holger Levsen]

Hi,

so todays unclaim run (with a timeout of 3 weeks) unclaimed nss and
tiff, I've bcc'ed those who had claimed them.

Then I tried to run it with a timeout of 2 weeks and I would unclaim
krb5, phpmyadmin and wireshark, which I didnt commit, despite I said I
would, as I've decided to give some slack after the holidays.

Next week I will unclaim packages with more than 2 weeks of inactivity!

On Wed, Jan 09, 2019 at 08:42:37PM +, Holger Levsen wrote:
cc 
> As I have done this without problems since the end of November, while I
> also did test runs with 2 weeks of inactivity - which had similar
> results - I from now on intend to run it with "--unclaim 1209600" so
> that stuff with more than 2 weeks of inactivity will be unclaimed, as
> two weeks is already quite long (and updating a note is easy).
> 
> Please speak up if you think that's unreasonable or have some other
> comments.

& please excuse the top posting ;)


-- 
cheers,
Holger

---
   holger@(debian|reproducible-builds|layer-acht).org
   PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C


signature.asc
Description: PGP signature

Re: Assistance with building symfony for jessie

[Emilio Pozuelo Monfort]

On 13/01/2019 07:51, Abhijith PA wrote:
> Hi Roberto
> 
> On Sunday 13 January 2019 06:26 AM, Roberto C. Sánchez wrote:
>> Hello all,
>>
>> I have been working on the LTS update for symfony and while I completed
>> the backports of all of the patches several weeks ago I have not managed
>> to get the package to build on jessie.  In particular, the build fails
>> because of the unit tests.
>>
>> To determine if any of my changes had anything to do with the unit test
>> failures I attempted to build the current version in jessie,
>> 2.3.21+dfsg-4+deb8u3.  That build attempt also failed.
>>
>> I tried several different approaches to building the package (version
>> 2.3.21+dfsg-4+deb8u3) using different versions of dependencies to see
>> some dependency update along the way triggered new failures.  Here are
>> the build attempts I made:
>>
>> - build in an updated jessie cowbuilder with gbp (FAIL)
>> - build in a jessie chroot using dpkg-buildpackage with dependencies at
>>   versions as they existed when version 2.3.21+dfsg-4+deb8u3 was
>>   uploaded on 10 May 2016 (FAIL)
>> - build in a jessie chroot using dpkg-buildpackage with dependencies at
>>   versions as they existed at the initial release of jessie (FAIL)
>> - build in a wheezy cowbuilder with gbp (FAIL, some dependencies do not
>>   exist in wheezy)
>> - build in a stretch cowbuilder with gbp (FAIL, some dependencies do not
>>   exist in stretch)
>>
>> Since symfony is arch:all, there are no buildd logs to consult.  As a
>> result, it would be helpful if one or two others out there could attempt
>> to build symfony 2.3.21+dfsg-4+deb8u3 and report on the result.  If the
>> build is successful, I would appreciate a copy of the build log.  Or,
>> perhaps, if you are able/willing to finish the update and perform the
>> upload, I can provide my patches.
> 
> My build is also failing with around 20 unit test failures.

I also tried here, both on a chroot and on a VM, and also got that:

FAILURES!
Tests: 11817, Assertions: 22122, Failures: 20, Skipped: 1348.

Looking at the log, it seems most failures are somehow date/time related. So I
thought they could either be due to new tzdata updates, or due to the time shift
from when that package was updated (e.g. a certificate used in the test suite
could be set to expire in 2017). That was easy to test, so I set my system time
to 2015-01-14 and re-run the build on a chroot:

FAILURES!
Tests: 11817, Assertions: 22122, Failures: 4, Skipped: 1348.

Those failures are:

Time: 2.27 minutes, Memory: 759.25Mb

There were 4 failures:

1)
Symfony\Component\Validator\Tests\Constraints\IpValidatorTest::testInvalidReservedIpsV4
with data set #1 ('224.0.0.1')
Failed asserting that actual size 0 matches expected size 1.

/build/symfony-2.3.21+dfsg/src/Symfony/Component/Validator/Tests/Constraints/AbstractConstraintValidatorTest.php:335
/build/symfony-2.3.21+dfsg/src/Symfony/Component/Validator/Tests/Constraints/IpValidatorTest.php:208

2)
Symfony\Component\Validator\Tests\Constraints\IpValidatorTest::testInvalidPublicIpsV4
with data set #4 ('224.0.0.1')
Failed asserting that actual size 0 matches expected size 1.

/build/symfony-2.3.21+dfsg/src/Symfony/Component/Validator/Tests/Constraints/AbstractConstraintValidatorTest.php:335
/build/symfony-2.3.21+dfsg/src/Symfony/Component/Validator/Tests/Constraints/IpValidatorTest.php:234

3)
Symfony\Component\Validator\Tests\Constraints\IpValidatorTest::testInvalidReservedIpsAll
with data set #1 ('224.0.0.1')
Failed asserting that actual size 0 matches expected size 1.

/build/symfony-2.3.21+dfsg/src/Symfony/Component/Validator/Tests/Constraints/AbstractConstraintValidatorTest.php:335
/build/symfony-2.3.21+dfsg/src/Symfony/Component/Validator/Tests/Constraints/IpValidatorTest.php:409

4)
Symfony\Component\Validator\Tests\Constraints\IpValidatorTest::testInvalidPublicIpsAll
with data set #4 ('224.0.0.1')
Failed asserting that actual size 0 matches expected size 1.

/build/symfony-2.3.21+dfsg/src/Symfony/Component/Validator/Tests/Constraints/AbstractConstraintValidatorTest.php:335
/build/symfony-2.3.21+dfsg/src/Symfony/Component/Validator/Tests/Constraints/IpValidatorTest.php:431

I haven't investigated those.

Cheers,
Emilio

(E)LTS report for December

[Emilio Pozuelo Monfort]

Hi,

During the month of December, I spent 44 hours working on LTS on the following
tasks:

- samba security update
- llvm-4.0/gcc-4.9 update for armel support
- firefox-esr security update
- CVE triaging
- reviewed and provided feedback on enigmail and related lib updates
- mysql/mariadb lifecycle review
- rustc and cargo updates for armel support
- firefox/thunderbird ESR60 regression investigation (reported by a user)

I also spent 14 hours on ELTS:

- perl security update
- samba security update
- CVE triaging
- improved some of our triaging tooling

Cheers,
Emilio