[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-defaults-ports -
1.178ubuntu1.18.10.1

---
gcc-defaults-ports (1.178ubuntu1.18.10.1) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 21:37:28 +0200

** Changed in: gcc-defaults-ports (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

** Changed in: gcc-defaults-ports (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-8-cross-ports - 9ubuntu0.4

---
gcc-8-cross-ports (9ubuntu0.4) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 18:05:17 +0200

** Changed in: ggcov (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832333] Re: There is no firejail-default profile in Ubuntu

2019-06-13 Thread Jalon Funk 
The file clearly is inside deb pakckage, you can open it and see
yourself. It it doesn't work the your system may be broken somewhat.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1832333

Title:
  There is no firejail-default profile in Ubuntu

Status in AppArmor:
  New
Status in apparmor package in Ubuntu:
  New
Status in firejail package in Ubuntu:
  New

Bug description:
  Firejail requires the firejail-default apparmor profile in
  /etc/apparmor.d to work together with apparmor but that doesn't exist
  in Ubuntu 19.04. After I had added firejail-default to /etc/apparmor.d
  and firejail-local to /etc/apparmor.d/local everything was OK.

  Could this be default in Ubuntu?

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1832333/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-defaults-ports - 1.176ubuntu1.3

---
gcc-defaults-ports (1.176ubuntu1.3) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 21:38:37 +0200

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package binutils - 2.30-21ubuntu1~18.04.2

---
binutils (2.30-21ubuntu1~18.04.2) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 08 May
2019 10:14:07 +0200

** Changed in: binutils (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-7-cross-ports - 17ubuntu0.3

---
gcc-7-cross-ports (17ubuntu0.3) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 18:04:46 +0200

** Changed in: gcc-7-cross-ports (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-8-cross-ports - 9ubuntu0.4

---
gcc-8-cross-ports (9ubuntu0.4) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 18:05:17 +0200

** Changed in: gcc-8-cross-ports (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-8-cross - 18ubuntu0.4

---
gcc-8-cross (18ubuntu0.4) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 17:47:37 +0200

** Changed in: gcc-defaults-ports (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package ggcov - 0.9+20190314-0ubuntu1~18.04.1

---
ggcov (0.9+20190314-0ubuntu1~18.04.1) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 29 May
2019 17:35:01 +0200

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package ggcov - 0.9+20190314-0ubuntu1~18.04.1

---
ggcov (0.9+20190314-0ubuntu1~18.04.1) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 29 May
2019 17:35:01 +0200

** Changed in: ggcov (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package binutils - 2.30-21ubuntu1~18.04.2

---
binutils (2.30-21ubuntu1~18.04.2) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 08 May
2019 10:14:07 +0200

** Changed in: gcc-7-cross-ports (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-8-cross - 18ubuntu0.4

---
gcc-8-cross (18ubuntu0.4) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 17:47:37 +0200

** Changed in: gcc-8-cross (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-7-cross-ports - 17ubuntu0.3

---
gcc-7-cross-ports (17ubuntu0.3) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 18:04:46 +0200

** Changed in: gcc-8-cross (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-defaults-ports -
1.178ubuntu1.18.10.1

---
gcc-defaults-ports (1.178ubuntu1.18.10.1) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 21:37:28 +0200

** Changed in: binutils (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828215] Re: openssl ca -spkac output regressed

2019-06-13 Thread Marc Deslauriers 
ACK from the security team on the low CVE being included in this SRU.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1828215

Title:
  openssl ca -spkac output regressed

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  Fix Committed
Status in openssl source package in Cosmic:
  Fix Committed
Status in openssl source package in Disco:
  Fix Committed
Status in openssl source package in Eoan:
  Fix Committed

Bug description:
  [Impact]

   * openssl command line utility option parsing has regressed in
  1.1.0i+ and produces binary output, where text output is expected,
  breaking applications that parse that.

  [Test Case]

  Setup CA:
  $ apt install openssl
  $ mkdir -p  demoCA/private demoCA/newcerts
  $ touch demoCA/index.txt
  $ echo 01 > demoCA/serial

  $ openssl req -new -x509 -days 365 -newkey rsa:4096 -keyout
  demoCA/private/cakey.pem -out demoCA/cacert.pem

  # Use password test
  # Accept defaults for all other settings

  $ openssl req -new -days 365 -newkey rsa:4096 -keyout
  demoCA/sslkey.pem -out demoCA/sslcert.pem

  Generate regular request / key:
  # Use password test
  # Set common name to: example.com
  # Accept defaults for all other settings

  Generate spkac request:
  $ openssl spkac -key demoCA/sslkey.pem -out demoCA/sslcert.spkac
  $ cat <>demoCA/sslcert.spkac 
  countryName=AU
  stateOrProvinceName=Some-State
  organizationName=Internet Widgits Pty Ltd
  commonName=example.com
  EOF

  Sign spkac request:
  $ echo test | openssl ca -passin stdin -batch -spkac demoCA/sslcert.spkac 
-startdate 190121130654Z

  Expected: pure text output
  Unexpected: binary output for the signed cert

  
   Currently produces binary goop.

   Should produce PEM format Base64 encoded certificate data in a block 
surrounded
   with BEGIN/END certificate.

  [Regression Potential]

   * This is a regression in cosmic and up, and impeding regression in
  bionic with the upcoming 1.1.1 SRU. A bugfix exists upstream.

  [Other Info]

   * Originally reported
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1797386/comments/39

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1828215/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832522] Re: openssl maintainer scripts do not trigger services restart

2019-06-13 Thread Marc Deslauriers 
ACK from the security team on the low CVE being included in this SRU.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832522

Title:
  openssl maintainer scripts do not trigger services restart

Status in openssl package in Ubuntu:
  Confirmed
Status in openssl source package in Bionic:
  Fix Committed

Bug description:
  [Impact]

   * Major libssl ugprades require services to be restarted, for them to 
continue to function correctly at runtime.
   * The maintainer scripts were not adjusted to trigger.

  [Test Case]

   * Install bionic from release pocket and install ssl using daemon e.g. 
openssh-server libapache-mod-ssl
   * Upgrade libssl1.1
   * Ensure that services that use openssl are offered to be restarted.

  [Regression Potential]

   * We are rebuilding libssl1.1 and changing maintainer scripts. Given
  that we have missed upgrade trigger, we will ask users to restart
  services again even if they may have restarted them already.

  [Other Info]
   
   * Previous major libssl upgrade issue of similar nature was
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743889

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832522/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832414] Re: Removing document files spam from cups

2019-06-13 Thread Dave Jones 
For anyone else that encounters this, running "cancel -x -a" to delete
everything from the queue (including historical control files) seems to
have cured the problem. Sorry for not keeping the evidence around, but
I'm afraid after it generated 70Mb of logs in two days I needed to fix
it :)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/1832414

Title:
  Removing document files spam from cups

Status in cups package in Ubuntu:
  New

Bug description:
  Since my server (running xenial) updated to cups 2.1.3-4ubuntu0.9 last
  night the CUPS logs have had a considerable number of messages from
  cupsd stating "Removing document files" - about 3 or 4 a second
  constantly. Stopping the cups service stops the log-spam, and starting
  it again immediately resumes it (after a few hundred "Loading from
  cache..." messages). I've tried removing document files from the cache
  (there were a couple of ancient ones lying around - it's not a heavily
  used printer), but this made little difference to the symptoms.

  I'm pretty confident this is due to the upgrade as:

  1. the spam in the logs starts immediately after CUPS reloads (after
  the upgrade)

  2. looking at the diff for 2.1.3-4ubuntu0.9 it does seem to be
  fiddling with things related to job clean-up (e.g. cupsdUpdateJobs and
  cupsdCleanJobs in scheduler/job.c)

  If I can provide any further information, do let me know!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/1832414/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 508522] Re: Mic is not available with A2DP Bluetooth profile

2019-06-13 Thread Bug Watch Updater 
** Changed in: pulseaudio
   Status: Unknown => New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pulseaudio in Ubuntu.
https://bugs.launchpad.net/bugs/508522

Title:
  Mic is not available with A2DP Bluetooth profile

Status in PulseAudio:
  New
Status in pulseaudio package in Ubuntu:
  Confirmed

Bug description:
  Binary package hint: pulseaudio

  I'm testing a Nokia BH-905i headset (see 
http://www.wissel.net/blog/d6plinks/SHWL-8AZGGF ) on Ubuntu 10.10. The 
Bluetooth module correctly identifies the headset and the both audio profiles 
"HSP/ HFP Telephony duplex" and "A2DP High Fidelity Playback". For music 
playback only A2DP is suitable (HSP/HFP sounds like listening to music played 
through an old telephone). A2DP does not have an INPUT mode, so use of the 
headset for VoiP isn't possible.
  What would be needed is a separate selection to allow to select A2DP for 
output and HSP/HFP for input. Smartphones (a lot of them *nix based) phones do 
that (or they switch on the fly?).

  Formal structure:
  1) Ubuntu 10.10
  2) Pulse-Audio 1:0.9.22~0.9.21+stable-queue-32-g8478-0ubuntu21.1
  consisting og pluseaudio, pulseaudio-esound-compat, 
pulseaudio-module-bluetooth, pulseaudio-module-gconf, pulseaudio-module-x11, 
pulseaudio-utils
  3) Select high quality audio output and still use the Bluetooth microphone
  4) Had to choose: either high quality audio or "telephone quality" with 
microphone

  I can change the profile without the Bluetooth connection dropping,
  but that's ridiculous. E.g. listening to music, a call comes in. Then
  I would need to switch the profile before answering. Please note that
  in Windows, Mac OS, iOS, Android, and Windows Mobile it's done
  automatically.

  Check out attached screencast.

  ProblemType: Bug
  AplayDevices:
    List of PLAYBACK Hardware Devices 
   card 0: Intel [HDA Intel], device 0: AD198x Analog [AD198x Analog]
     Subdevices: 1/1
     Subdevice #0: subdevice #0
  Architecture: i386
  ArecordDevices:
    List of CAPTURE Hardware Devices 
   card 0: Intel [HDA Intel], device 0: AD198x Analog [AD198x Analog]
     Subdevices: 2/2
     Subdevice #0: subdevice #0
     Subdevice #1: subdevice #1
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  oivasyuv   2309 F pulseaudio
  Card0.Amixer.info:
   Card hw:0 'Intel'/'HDA Intel at 0xd850 irq 17'
     Mixer name : 'Analog Devices AD1984A'
     Components : 'HDA:11d4194a,103c30e8,00100400'
     Controls  : 22
     Simple ctrls  : 14
  Date: Sat Jan 16 22:31:41 2010
  DistroRelease: Ubuntu 9.10
  InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release i386 (20091028.5)
  Package: pulseaudio 1:0.9.19-0ubuntu4
  ProcEnviron:
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcVersionSignature: Ubuntu 2.6.31-17.54-generic-pae
  SourcePackage: pulseaudio
  Uname: Linux 2.6.31-17-generic-pae i686

To manage notifications about this bug go to:
https://bugs.launchpad.net/pulseaudio/+bug/508522/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832689] Re: TPM certification tests now failing after update to 1.1.1 (test_output_formats)

2019-06-13 Thread Dimitri John Ledkov 
Is it possible to get output from that script without &>/dev/null
redirection? to get all the stdout and stderr messages?


** Also affects: plainbox-provider-tpm2
   Importance: Undecided
   Status: New

** Changed in: openssl (Ubuntu)
   Status: New => Incomplete

** Changed in: plainbox-provider-tpm2
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832689

Title:
  TPM certification tests now failing after update to 1.1.1
  (test_output_formats)

Status in Provider for Plainbox - TPM2:
  Incomplete
Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  The certification team is running automated tests for every supported
  ubuntu-core device for every new core18 snap update. The recent core18
  includes the openssl 1.1.1 update and seems to have caused regressions
  in the TPM test suite (for the dawson-i device). I was able to dig out
  the test suite itself, with the failing test code located here:

  https://git.launchpad.net/plainbox-provider-
  tpm2/tree/data/tpm2-tools-3.0.4/test/system/test_output_formats.sh

  Test failure log seems to be this:

  openssl rsa -pubin -inform "$fmt" -text -in "$this_key" &> /dev/null
  on line 95 failed: 1

  The certification team will follow up with more information. This is
  currently causing core18 promotions to be blocked (and there has been
  over a month without a new core18 stable snap). Setting to critical.

  I noticed a follow-up SRU for openssl with fix for LP: #1828215 and
  was wondering if it might be related?

To manage notifications about this bug go to:
https://bugs.launchpad.net/plainbox-provider-tpm2/+bug/1832689/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832689] [NEW] TPM certification tests now failing after update to 1.1.1 (test_output_formats)

2019-06-13 Thread Łukasz Zemczak 
Public bug reported:

The certification team is running automated tests for every supported
ubuntu-core device for every new core18 snap update. The recent core18
includes the openssl 1.1.1 update and seems to have caused regressions
in the TPM test suite (for the dawson-i device). I was able to dig out
the test suite itself, with the failing test code located here:

https://git.launchpad.net/plainbox-provider-
tpm2/tree/data/tpm2-tools-3.0.4/test/system/test_output_formats.sh

Test failure log seems to be this:

openssl rsa -pubin -inform "$fmt" -text -in "$this_key" &> /dev/null on
line 95 failed: 1

The certification team will follow up with more information. This is
currently causing core18 promotions to be blocked (and there has been
over a month without a new core18 stable snap). Setting to critical.

I noticed a follow-up SRU for openssl with fix for LP: #1828215 and was
wondering if it might be related?

** Affects: openssl (Ubuntu)
 Importance: Critical
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832689

Title:
  TPM certification tests now failing after update to 1.1.1
  (test_output_formats)

Status in openssl package in Ubuntu:
  New

Bug description:
  The certification team is running automated tests for every supported
  ubuntu-core device for every new core18 snap update. The recent core18
  includes the openssl 1.1.1 update and seems to have caused regressions
  in the TPM test suite (for the dawson-i device). I was able to dig out
  the test suite itself, with the failing test code located here:

  https://git.launchpad.net/plainbox-provider-
  tpm2/tree/data/tpm2-tools-3.0.4/test/system/test_output_formats.sh

  Test failure log seems to be this:

  openssl rsa -pubin -inform "$fmt" -text -in "$this_key" &> /dev/null
  on line 95 failed: 1

  The certification team will follow up with more information. This is
  currently causing core18 promotions to be blocked (and there has been
  over a month without a new core18 stable snap). Setting to critical.

  I noticed a follow-up SRU for openssl with fix for LP: #1828215 and
  was wondering if it might be related?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832689/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package ggcov - 0.9+20190314-0ubuntu1~18.10.1

---
ggcov (0.9+20190314-0ubuntu1~18.10.1) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 29 May
2019 17:33:56 +0200

** Changed in: ggcov (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package eclipse-titan - 6.3.1-1build4.2

---
eclipse-titan (6.3.1-1build4.2) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 22 May
2019 11:39:29 +0200

** Changed in: eclipse-titan (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-7-cross - 21ubuntu0.3

---
gcc-7-cross (21ubuntu0.3) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 17:41:20 +0200

** Changed in: gcc-7-cross (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-7-cross - 26ubuntu1.2

---
gcc-7-cross (26ubuntu1.2) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 17:35:59 +0200

** Changed in: gcc-7-cross-ports (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-7-cross-ports - 21ubuntu1.2

---
gcc-7-cross-ports (21ubuntu1.2) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 18:01:54 +0200

** Changed in: gcc-8 (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package binutils - 2.31.1-6ubuntu1.2

---
binutils (2.31.1-6ubuntu1.2) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 08 May
2019 09:03:59 +0200

** Changed in: binutils (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

** Changed in: binutils (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-8 - 8.3.0-6ubuntu1~18.04.1

---
gcc-8 (8.3.0-6ubuntu1~18.04.1) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 08 May
2019 17:51:17 +0200

** Changed in: gcc-8-cross-ports (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-8-cross - 21ubuntu1.2

---
gcc-8-cross (21ubuntu1.2) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 17:45:06 +0200

** Changed in: gcc-8-cross-ports (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1798369] Re: Reinstall Ubuntu (with preserving existing data) shows error message due to "Could not get lock /target/var/cache/apt/archives/lock"

2019-06-13 Thread Brian Murray 
** Also affects: apt (Ubuntu Eoan)
   Importance: Undecided
   Status: Invalid

** Also affects: ubiquity (Ubuntu Eoan)
   Importance: High
   Status: Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1798369

Title:
  Reinstall Ubuntu (with preserving existing data) shows error message
  due to "Could not get lock /target/var/cache/apt/archives/lock"

Status in APT:
  New
Status in ubiquity:
  New
Status in apt package in Ubuntu:
  Invalid
Status in ubiquity package in Ubuntu:
  Confirmed
Status in apt source package in Eoan:
  Invalid
Status in ubiquity source package in Eoan:
  Confirmed

Bug description:
  When trying to reinstall an existing Ubuntu cosmic installation using
  latest 18.10 desktop images, the install shows an error dialog around
  the end of the installation with an "Error restoring installed
  applications". Looking at the syslog such a traceback can be seen:

  apt_pkg.Error: E:Could not get lock
  /target/var/cache/apt/archives/lock - open (11: Resource temporarily
  unavailable), E:Unable to lock directory
  /target/var/cache/apt/archives/

  After reproducing this on a live session, after chrooting into /target
  indeed any apt-get install operations result in the same lock-file
  error. The whole syslog of the reinstall attached to the bug.

  Test case:
   * Download latest cosmic image
   * Install cosmic on the whole disk (can be on a VM)
   * (optional) Boot into the system and leave a file in the home directory (to 
leave a trace, just in case)
   * Reboot and install cosmic using the first option in ubiquity: Reinstall 
Ubuntu
   * Finish configuration

  The install itself doesn't fail, but around the end of the
  installation process the error dialog appears. System is still
  bootable but left with old packages.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apt/+bug/1798369/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1818527] Re: Stub resolver cache is corrupted

2019-06-13 Thread Łukasz Zemczak 
Hello Abam, or anyone else affected,

Accepted systemd into bionic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.23 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: systemd (Ubuntu Bionic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1818527

Title:
  Stub resolver cache is corrupted

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Xenial:
  Invalid
Status in systemd source package in Bionic:
  Fix Committed

Bug description:
  [Impact]
  systemd-resolved fails to resolve A records

  [Description]
  When systemd-resolve caches a non-existent CNAME record for a specific 
domain, further attempts at resolving A records for that same domain  fail. 
This has been fixed upstream in v240.

  Upstream commit:
  https://github.com/systemd/systemd/commit/3740146a4cbd

  $ git describe --contains 3740146a4cbd
  v240~839

  $ rmadison systemd --arch amd64
   systemd | 229-4ubuntu4 | xenial  | source, ...
   systemd | 229-4ubuntu21.21 | xenial-security | source, ...
   systemd | 229-4ubuntu21.21 | xenial-updates  | source, ...
   systemd | 237-3ubuntu10| bionic  | source, ...
   systemd | 237-3ubuntu10.19 | bionic-security | source, ...
   systemd | 237-3ubuntu10.21 | bionic-updates  | source, ...
   systemd | 237-3ubuntu10.22 | bionic-proposed | source, ...
   systemd | 239-7ubuntu10| cosmic  | source, ...
   systemd | 239-7ubuntu10.12 | cosmic-security | source, ...
   systemd | 239-7ubuntu10.13 | cosmic-updates  | source, ...
   systemd | 239-7ubuntu10.14 | cosmic-proposed | source, ...
   systemd | 240-6ubuntu5 | disco   | source, ...
   systemd | 240-6ubuntu5.1   | disco-proposed  | source, ...
   systemd | 240-6ubuntu9 | eoan| source, ...

  Despite the package versions above, only Bionic is affected. Cosmic
  already includes a backported fix, and Xenial doesn't seem affected
  due  to resolvconf handling DNS resolution.

  [Test Case]
  Flush resolved's caches and try resolving a non-existent CNAME record. 
Further resolution attempts for the corresponding A record will fail:

  #1
  On a Bionic host:
  $ systemd-resolve --flush-caches
  $ dig github.com CNAME
  
  ;; QUESTION SECTION:
  ;github.com.  IN  CNAME

  ;; Query time: 47 msec
  .

  $ dig github.com A
  
  ;; QUESTION SECTION:
  ;github.com.  IN  A

  ;; Query time: 0 msec
  

  While in reality, if no non-existent CNAME result query has been made
  first:

  $ systemd-resolve --flush-caches
  $ dig github.com
  
  ; QUESTION SECTION:
  ;github.com.  IN  A

  ;; ANSWER SECTION:
  github.com.   59  IN  A   192.30.253.112

  ;; Query time: 51 msec
  

  #2
  On a Bionic host:
  $ systemd-resolve --flush-caches
  $ dig github.com CNAME
  $ dig github.com A

  Build a lxd container with Cosmic/Disco/Eoan (systemd-240):
  $ lxc launch ubuntu:cosmic cosmiclxd
  $ lxd exec cosmiclxd bash
  $ dig github.com A
  
  ;; QUESTION SECTION:
  ;github.com.  IN  A

  ;; Query time: 0 msec
  

  Despite the fact that Cosmic and late has the proper systemd fix,
  Cosmic/Disco/Eoan container can suffer from the bug too if the host is
  Bionic (container uses the host as a DNS resolver).

  So you may face the problem inside Cosmic/Disco/Eoan container, but
  it's still the same Bionic systemd bug.

  [Regression Potential]
  The regression potential for this fix should be very low, as it's a direct 
cherry-pick from upstream systemd. It has seen extensive testing  in both 
upstream and other Ubuntu releases, and was verified for Bionic through 
autopkgtests.

[Touch-packages] [Bug 1832370] Re: Unable to configure or disable TLS 1.3 via openssl.cnf

2019-06-13 Thread Dimitri John Ledkov 
** Changed in: openssl (Ubuntu)
 Assignee: (unassigned) => Dimitri John Ledkov (xnox)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832370

Title:
  Unable to configure or disable TLS 1.3 via openssl.cnf

Status in openssl package in Ubuntu:
  New
Status in openssl source package in Bionic:
  New
Status in openssl source package in Cosmic:
  New
Status in openssl source package in Disco:
  New
Status in openssl source package in Eoan:
  New

Bug description:
  [Description]

  Since OpenSSL 1.1.1 was backported to Bionic, some (all?) applications
  gained access to TLS 1.3 by default. The applications that were not
  rebuilt against OpenSSL 1.1.1 can't tune the TLS 1.3 settings
  (protocol, ciphersuites selection, ciphersuites order) like it's
  possible with 1.2 and below. As such, one should turn to configuring
  /etc/ssl/openssl.cnf to alter TLS 1.3 settings.

  Here is how I'd expect to be able to turn off TLS 1.3:

  # diff -Naur /etc/ssl/openssl.cnf{.orig,}
  --- /etc/ssl/openssl.cnf.orig 2019-06-11 10:33:02.330143086 -0400
  +++ /etc/ssl/openssl.cnf  2019-06-11 11:15:23.805113804 -0400
  @@ -12,6 +12,16 @@
   HOME = .
   RANDFILE = $ENV::HOME/.rnd
   
  +ssl_conf = ssl_sect
  +
  +[ssl_sect]
  +
  +system_default = system_default_sect
  +
  +[system_default_sect]
  +
  +MaxProtocol = TLSv1.2
  +
   # Extra OBJECT IDENTIFIER info:
   #oid_file= $ENV::HOME/.oid
   oid_section  = new_oids

  This doesn't work as 'openssl s_client -connect
  rproxy.sdeziel.info:443' negotiates TLS 1.3 with
  TLS_AES_256_GCM_SHA384.

  
  Similarly, trying to change the 'Ciphers' or the 'Ciphersuites' list with:

  # diff -Naur /etc/ssl/openssl.cnf{.orig,}
  --- /etc/ssl/openssl.cnf.orig 2019-06-11 10:33:02.330143086 -0400
  +++ /etc/ssl/openssl.cnf  2019-06-11 11:37:23.362889367 -0400
  @@ -12,6 +12,17 @@
   HOME = .
   RANDFILE = $ENV::HOME/.rnd
   
  +ssl_conf = ssl_sect
  +
  +[ssl_sect]
  +
  +system_default = system_default_sect
  +
  +[system_default_sect]
  +
  +Ciphers = TLS_AES_128_GCM_SHA256
  +Ciphersuites = TLS_AES_128_GCM_SHA256
  +
   # Extra OBJECT IDENTIFIER info:
   #oid_file= $ENV::HOME/.oid
   oid_section  = new_oids

  Doesn't work as s_client keeps negotiating TLS 1.3 with
  TLS_AES_256_GCM_SHA384 (!= 128)

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: openssl 1.1.1-1ubuntu2.1~18.04.1
  ProcVersionSignature: Ubuntu 4.15.0-51.55-generic 4.15.18
  Uname: Linux 4.15.0-51-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.9-0ubuntu7.6
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Jun 11 11:22:47 2019
  InstallationDate: Installed on 2018-07-15 (331 days ago)
  InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180714)
  ProcEnviron:
   LANG=en_CA.UTF-8
   TERM=xterm-256color
   SHELL=/bin/bash
   XDG_RUNTIME_DIR=
   PATH=(custom, no user)
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832370/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1756595] Re: disk space info inadvertently provides all installed snaps

2019-06-13 Thread Julian Andres Klode 
** Changed in: apt (Ubuntu)
   Status: Triaged => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1756595

Title:
  disk space info inadvertently provides all installed snaps

Status in apport package in Ubuntu:
  Invalid
Status in apt package in Ubuntu:
  Fix Committed
Status in apport source package in Bionic:
  Invalid
Status in apt source package in Bionic:
  Triaged

Bug description:
  When apport is reporting a crash, it includes the output of the "df"
  utility, to list the free disk space information per mount point.

  That output nowadays will inadvertently include all snaps that the
  user may have installed, including their revision numbers.

  Here is a simple df output:
  andreas@nsn7:~$ df
  Filesystem  1K-blocksUsed Available Use% Mounted on
  udev  8119680   0   8119680   0% /dev
  tmpfs 16301561828   1628328   1% /run
  nsn7/ROOT/ubuntu433084288 2500608 430583680   1% /
  tmpfs 8150776   1   8131888   1% /dev/shm
  tmpfs5120   4  5116   1% /run/lock
  tmpfs 8150776   0   8150776   0% 
/sys/fs/cgroup
  nsn7/var/log430763136  179456 430583680   1% /var/log
  nsn7/var/tmp430583808 128 430583680   1% /var/tmp
  /dev/sda2 1032088  160336871752  16% /boot
  /dev/sda1  5232482720520528   1% /boot/efi
  nsn7/home   430651264   67584 430583680   1% /home
  nsn7/var/cache  430653312   69632 430583680   1% /var/cache
  nsn7/var/mail   430583808 128 430583680   1% /var/mail
  nsn7/var/spool  430583808 128 430583680   1% /var/spool
  tmpfs 1630152  16   1630136   1% /run/user/120
  tmpfs 100   0   100   0% 
/var/lib/lxd/shmounts
  tmpfs 100   0   100   0% 
/var/lib/lxd/devlxd
  tmpfs 1630152  36   1630116   1% 
/run/user/1000
  nsn7/lxd/containers/squid-ds216 431444096  860416 430583680   1% 
/var/lib/lxd/storage-pools/default/containers/squid-ds216
  /dev/loop0  83712   83712 0 100% 
/snap/core/4206
  /dev/loop1 102144  102144 0 100% 
/snap/git-ubuntu/402

  You can see I have the core snap at revision 4206, and git-ubuntu at
  revision 402.

  There are already many bug reports in launchpad where one can see this
  information.

  Granted, the user can review it, refuse to send this data, etc. This
  bug is about the unexpectedness of having that information in the disk
  space data.

  If the user sees a prompt like "Would you like to include disk free
  space information in your report?", or "Would you like to include the
  output of the df(1) command in your report?", that doesn't immediately
  translate to "Would you like to include disk free space information
  and a list of all installed snaps and their revision numbers in your
  report?".

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1756595/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832659] Re: openssl 1.1.1-1ubuntu2.1~18.04.1 contains upstream bug 7350

2019-06-13 Thread Dimitri John Ledkov 
So bionic-release, disco, eoan are all good.

Regressions are in bionic-updates|-proposed and cosmic.

I.e. regression introduced in 1.1.1, present in 1.1.1a, fixed in 1.1.1b
and later.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832659

Title:
  openssl 1.1.1-1ubuntu2.1~18.04.1 contains upstream bug 7350

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Bionic:
  New
Status in openssl source package in Cosmic:
  New
Status in openssl source package in Disco:
  Fix Released
Status in openssl source package in Eoan:
  Fix Released

Bug description:
  After the update of openssl in bionic, I started having an issue and
  after troubleshooting found this issue:

  https://github.com/openssl/openssl/issues/7350

  Applying the patch linked in that issue and rebuilding the openssl
  package avoided the issue.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: openssl 1.1.1-1ubuntu2.1~18.04.1
  ProcVersionSignature: Ubuntu 4.15.0-51.55-generic 4.15.18
  Uname: Linux 4.15.0-51-generic x86_64
  ApportVersion: 2.20.9-0ubuntu7.6
  Architecture: amd64
  Date: Thu Jun 13 00:21:16 2019
  InstallationDate: Installed on 2019-06-12 (0 days ago)
  InstallationMedia: Ubuntu-Server 18.04 LTS "Bionic Beaver" - Release amd64 
(20180426)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1832659/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-7 - 7.4.0-1ubuntu1~18.10.1

---
gcc-7 (7.4.0-1ubuntu1~18.10.1) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 08 May
2019 16:15:35 +0200

** Changed in: gcc-7-cross (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-defaults - 1.179ubuntu1.2

---
gcc-defaults (1.179ubuntu1.2) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 18:07:51 +0200

** Changed in: ggcov (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-8-cross-ports - 12ubuntu1.2

---
gcc-8-cross-ports (12ubuntu1.2) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 18:02:32 +0200

** Changed in: gcc-defaults (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-7 - 7.4.0-1ubuntu1~18.04.1

---
gcc-7 (7.4.0-1ubuntu1~18.04.1) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 08 May
2019 17:53:03 +0200

** Changed in: gcc-7-cross (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package ggcov - 0.9+20190314-0ubuntu1~18.10.1

---
ggcov (0.9+20190314-0ubuntu1~18.10.1) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 29 May
2019 17:33:56 +0200

** Changed in: eclipse-titan (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package eclipse-titan - 6.3.1-1build1.3

---
eclipse-titan (6.3.1-1build1.3) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 22 May
2019 11:44:51 +0200

** Changed in: gcc-7 (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-7-cross - 21ubuntu0.3

---
gcc-7-cross (21ubuntu0.3) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 17:41:20 +0200

** Changed in: gcc-8 (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-8 - 8.3.0-6ubuntu1~18.10.1

---
gcc-8 (8.3.0-6ubuntu1~18.10.1) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 08 May
2019 14:02:39 +0200

** Changed in: gcc-8-cross (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package binutils - 2.31.1-6ubuntu1.2

---
binutils (2.31.1-6ubuntu1.2) cosmic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Wed, 08 May
2019 09:03:59 +0200

** Changed in: eclipse-titan (Ubuntu Cosmic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Committed
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Committed
Status in gcc-defaults-ports source package in Bionic:
  Fix Committed
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832421] Re: openssl reboot needed message using incorrect path to X server

2019-06-13 Thread Dimitri John Ledkov 
** Changed in: openssl (Ubuntu Eoan)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832421

Title:
  openssl reboot needed message using incorrect path to X server

Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  New
Status in openssl source package in Cosmic:
  New
Status in openssl source package in Disco:
  New
Status in openssl source package in Eoan:
  Fix Committed

Bug description:
  Hello, the openssl library postinst file is using pidof /usr/bin/X,
  but that doesn't appear to be the path to the X11 server any more:

  debian/libssl1.1.postinst:

  # Only issue the reboot notification for servers; we proxy this by
  # testing that the X server is not running (LP: #244250)
  if ! pidof /usr/bin/X > /dev/null && [ -x 
/usr/share/update-notifier/notify-reboot-required ]; then
  /usr/share/update-notifier/notify-reboot-required
  fi

  
  On my 18.04 LTS laptop:

  $ ps auxw | grep Xorg
  root  2440  0.5  0.4 495932 78996 tty7 Rsl+ May10 264:45 
/usr/lib/xorg/Xorg :0 vt7 -nolisten tcp -auth /var/l

  Thanks

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: openssl 1.1.1-1ubuntu2.1~18.04.1
  ProcVersionSignature: Ubuntu 4.15.0-50.54-generic 4.15.18
  Uname: Linux 4.15.0-50-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.9-0ubuntu7.6
  Architecture: amd64
  Date: Tue Jun 11 18:06:51 2019
  InstallationDate: Installed on 2012-10-18 (2427 days ago)
  InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 
(20120823.1)
  ProcEnviron:
   TERM=rxvt-unicode-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: openssl
  UpgradeStatus: Upgraded to bionic on 2018-05-02 (406 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832421/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832522] Re: openssl maintainer scripts do not trigger services restart

2019-06-13 Thread Dimitri John Ledkov 
** Changed in: openssl (Ubuntu)
   Status: Confirmed => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832522

Title:
  openssl maintainer scripts do not trigger services restart

Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  Fix Committed

Bug description:
  [Impact]

   * Major libssl ugprades require services to be restarted, for them to 
continue to function correctly at runtime.
   * The maintainer scripts were not adjusted to trigger.

  [Test Case]

   * Install bionic from release pocket and install ssl using daemon e.g. 
openssh-server libapache-mod-ssl
   * Upgrade libssl1.1
   * Ensure that services that use openssl are offered to be restarted.

  [Regression Potential]

   * We are rebuilding libssl1.1 and changing maintainer scripts. Given
  that we have missed upgrade trigger, we will ask users to restart
  services again even if they may have restarted them already.

  [Other Info]
   
   * Previous major libssl upgrade issue of similar nature was
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743889

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832522/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1825000] Re: Add ability for mirrors to distinguish interactive and non-interactive apt runs

2019-06-13 Thread Steve Langasek 
** Tags removed: rls-ee-incoming

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1825000

Title:
  Add ability for mirrors to distinguish interactive and non-interactive
  apt runs

Status in apt package in Ubuntu:
  Triaged
Status in apt source package in Eoan:
  Triaged

Bug description:
  As part of a larger scale plan to manage traffic to the main archive
  servers it would be useful if apt could provide a facility for us to
  identify interactive vs. non-interactive traffic on the server side,
  ideally via a header of some kind.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1825000/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832659] Re: openssl 1.1.1-1ubuntu2.1~18.04.1 contains upstream bug 7350

2019-06-13 Thread Steve Wills 
Here's a reduced reproducer that is python but isn't salt. All it does
is verify the bug in OpenSSL, should return 1 for both calls. I can post
a version in C if that would be helpful. It fails with the current
version in Bionic and succeeds with the bug fixed version.

** Attachment added: "p.py"
   
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832659/+attachment/5270616/+files/p.py

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832659

Title:
  openssl 1.1.1-1ubuntu2.1~18.04.1 contains upstream bug 7350

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Bionic:
  New
Status in openssl source package in Cosmic:
  New
Status in openssl source package in Disco:
  Fix Released
Status in openssl source package in Eoan:
  Fix Released

Bug description:
  After the update of openssl in bionic, I started having an issue and
  after troubleshooting found this issue:

  https://github.com/openssl/openssl/issues/7350

  Applying the patch linked in that issue and rebuilding the openssl
  package avoided the issue.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: openssl 1.1.1-1ubuntu2.1~18.04.1
  ProcVersionSignature: Ubuntu 4.15.0-51.55-generic 4.15.18
  Uname: Linux 4.15.0-51-generic x86_64
  ApportVersion: 2.20.9-0ubuntu7.6
  Architecture: amd64
  Date: Thu Jun 13 00:21:16 2019
  InstallationDate: Installed on 2019-06-12 (0 days ago)
  InstallationMedia: Ubuntu-Server 18.04 LTS "Bionic Beaver" - Release amd64 
(20180426)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1832659/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828215] Re: openssl ca -spkac output regressed

2019-06-13 Thread Dimitri John Ledkov 
Disco:

# dpkg-query -W openssl libssl1.1
libssl1.1:amd64 1.1.1b-1ubuntu2.2
openssl 1.1.1b-1ubuntu2.2

Run the procedure, got text output:

...
N8j0iLb0NtNIssnxRKKlw7NG4fGCOs7uHUbIcDg2u8nFM9bUoAQoUauRaNQjmWkZ
tx4U93+m6UnLSCxc9fyZWrax5mVL05C/AyB9H6NcfTYEyYyBPob5C4fG
-END CERTIFICATE-
Data Base Updated


** Tags removed: verification-needed verification-needed-disco
** Tags added: verification-done verification-done-disco

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1828215

Title:
  openssl ca -spkac output regressed

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  Fix Committed
Status in openssl source package in Cosmic:
  Fix Committed
Status in openssl source package in Disco:
  Fix Committed
Status in openssl source package in Eoan:
  Fix Committed

Bug description:
  [Impact]

   * openssl command line utility option parsing has regressed in
  1.1.0i+ and produces binary output, where text output is expected,
  breaking applications that parse that.

  [Test Case]

  Setup CA:
  $ apt install openssl
  $ mkdir -p  demoCA/private demoCA/newcerts
  $ touch demoCA/index.txt
  $ echo 01 > demoCA/serial

  $ openssl req -new -x509 -days 365 -newkey rsa:4096 -keyout
  demoCA/private/cakey.pem -out demoCA/cacert.pem

  # Use password test
  # Accept defaults for all other settings

  $ openssl req -new -days 365 -newkey rsa:4096 -keyout
  demoCA/sslkey.pem -out demoCA/sslcert.pem

  Generate regular request / key:
  # Use password test
  # Set common name to: example.com
  # Accept defaults for all other settings

  Generate spkac request:
  $ openssl spkac -key demoCA/sslkey.pem -out demoCA/sslcert.spkac
  $ cat <>demoCA/sslcert.spkac 
  countryName=AU
  stateOrProvinceName=Some-State
  organizationName=Internet Widgits Pty Ltd
  commonName=example.com
  EOF

  Sign spkac request:
  $ echo test | openssl ca -passin stdin -batch -spkac demoCA/sslcert.spkac 
-startdate 190121130654Z

  Expected: pure text output
  Unexpected: binary output for the signed cert

  
   Currently produces binary goop.

   Should produce PEM format Base64 encoded certificate data in a block 
surrounded
   with BEGIN/END certificate.

  [Regression Potential]

   * This is a regression in cosmic and up, and impeding regression in
  bionic with the upcoming 1.1.1 SRU. A bugfix exists upstream.

  [Other Info]

   * Originally reported
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1797386/comments/39

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1828215/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828215] Re: openssl ca -spkac output regressed

2019-06-13 Thread Dimitri John Ledkov 
Cosmic

# dpkg-query -W openssl libssl1.1
libssl1.1:amd64 1.1.1-1ubuntu2.3
openssl 1.1.1-1ubuntu2.3

Run the procedure, got text output:
...
tEInj8E8hiIwr3qgnHEeaoHrk2v3H82zDSI6NFalcwqCVeLtP3SeLFNvBYovISBX
JQrpUFhq1/+PwOMogxfRZQBmS1Za0Yxd8VK12M5smfI4WRDbqUbmZfqA
-END CERTIFICATE-
Data Base Updated

All is good.

** Tags removed: verification-needed-cosmic
** Tags added: verification-done-cosmic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1828215

Title:
  openssl ca -spkac output regressed

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  Fix Committed
Status in openssl source package in Cosmic:
  Fix Committed
Status in openssl source package in Disco:
  Fix Committed
Status in openssl source package in Eoan:
  Fix Committed

Bug description:
  [Impact]

   * openssl command line utility option parsing has regressed in
  1.1.0i+ and produces binary output, where text output is expected,
  breaking applications that parse that.

  [Test Case]

  Setup CA:
  $ apt install openssl
  $ mkdir -p  demoCA/private demoCA/newcerts
  $ touch demoCA/index.txt
  $ echo 01 > demoCA/serial

  $ openssl req -new -x509 -days 365 -newkey rsa:4096 -keyout
  demoCA/private/cakey.pem -out demoCA/cacert.pem

  # Use password test
  # Accept defaults for all other settings

  $ openssl req -new -days 365 -newkey rsa:4096 -keyout
  demoCA/sslkey.pem -out demoCA/sslcert.pem

  Generate regular request / key:
  # Use password test
  # Set common name to: example.com
  # Accept defaults for all other settings

  Generate spkac request:
  $ openssl spkac -key demoCA/sslkey.pem -out demoCA/sslcert.spkac
  $ cat <>demoCA/sslcert.spkac 
  countryName=AU
  stateOrProvinceName=Some-State
  organizationName=Internet Widgits Pty Ltd
  commonName=example.com
  EOF

  Sign spkac request:
  $ echo test | openssl ca -passin stdin -batch -spkac demoCA/sslcert.spkac 
-startdate 190121130654Z

  Expected: pure text output
  Unexpected: binary output for the signed cert

  
   Currently produces binary goop.

   Should produce PEM format Base64 encoded certificate data in a block 
surrounded
   with BEGIN/END certificate.

  [Regression Potential]

   * This is a regression in cosmic and up, and impeding regression in
  bionic with the upcoming 1.1.1 SRU. A bugfix exists upstream.

  [Other Info]

   * Originally reported
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1797386/comments/39

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1828215/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1829566] Re: network-manager 1.10.14-0ubuntu2 ignores systemd-resolved configured dns

2019-06-13 Thread Till Kamppeter 
Mal, thanks for the logs, could you tell me, to make it easier for me to
find what went wrong, tell me which host names you queried with "dig",
which IP they should return, and through which DNS? Thank you.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1829566

Title:
  network-manager 1.10.14-0ubuntu2 ignores systemd-resolved configured
  dns

Status in network-manager package in Ubuntu:
  Triaged
Status in network-manager source package in Bionic:
  Triaged

Bug description:
  On 18.04.2 the `upgrade network-manager:amd64 1.10.6-2ubuntu1.1
  1.10.14-0ubuntu2` lead to scoped DNS servers defined in
  `/etc/systemd/resolved.conf.d/*.conf` being ignored.

  Downgrading with `sudo apt-get install network-
  manager=1.10.6-2ubuntu1.1` has resolved the issue for now.

  Example systemd-resolved conf:

  [Resolve]
  Cache=no
  DNS=127.0.0.54
  Domains=~.local.org.com

  Where 127.0.0.54:53 is bound to a dnsmasq server capable of resolving
  queries in that subdomain.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1829566/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832370] Re: Unable to configure or disable TLS 1.3 via openssl.cnf

2019-06-13 Thread Steve Langasek 
** Also affects: openssl (Ubuntu Cosmic)
   Importance: Undecided
   Status: New

** Also affects: openssl (Ubuntu Eoan)
   Importance: Undecided
 Assignee: Dimitri John Ledkov (xnox)
   Status: New

** Also affects: openssl (Ubuntu Bionic)
   Importance: Undecided
   Status: New

** Also affects: openssl (Ubuntu Disco)
   Importance: Undecided
   Status: New

** Changed in: openssl (Ubuntu Bionic)
   Importance: Undecided => High

** Changed in: openssl (Ubuntu Cosmic)
   Importance: Undecided => High

** Changed in: openssl (Ubuntu Disco)
   Importance: Undecided => High

** Changed in: openssl (Ubuntu Eoan)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832370

Title:
  Unable to configure or disable TLS 1.3 via openssl.cnf

Status in openssl package in Ubuntu:
  New
Status in openssl source package in Bionic:
  New
Status in openssl source package in Cosmic:
  New
Status in openssl source package in Disco:
  New
Status in openssl source package in Eoan:
  New

Bug description:
  [Description]

  Since OpenSSL 1.1.1 was backported to Bionic, some (all?) applications
  gained access to TLS 1.3 by default. The applications that were not
  rebuilt against OpenSSL 1.1.1 can't tune the TLS 1.3 settings
  (protocol, ciphersuites selection, ciphersuites order) like it's
  possible with 1.2 and below. As such, one should turn to configuring
  /etc/ssl/openssl.cnf to alter TLS 1.3 settings.

  Here is how I'd expect to be able to turn off TLS 1.3:

  # diff -Naur /etc/ssl/openssl.cnf{.orig,}
  --- /etc/ssl/openssl.cnf.orig 2019-06-11 10:33:02.330143086 -0400
  +++ /etc/ssl/openssl.cnf  2019-06-11 11:15:23.805113804 -0400
  @@ -12,6 +12,16 @@
   HOME = .
   RANDFILE = $ENV::HOME/.rnd
   
  +ssl_conf = ssl_sect
  +
  +[ssl_sect]
  +
  +system_default = system_default_sect
  +
  +[system_default_sect]
  +
  +MaxProtocol = TLSv1.2
  +
   # Extra OBJECT IDENTIFIER info:
   #oid_file= $ENV::HOME/.oid
   oid_section  = new_oids

  This doesn't work as 'openssl s_client -connect
  rproxy.sdeziel.info:443' negotiates TLS 1.3 with
  TLS_AES_256_GCM_SHA384.

  
  Similarly, trying to change the 'Ciphers' or the 'Ciphersuites' list with:

  # diff -Naur /etc/ssl/openssl.cnf{.orig,}
  --- /etc/ssl/openssl.cnf.orig 2019-06-11 10:33:02.330143086 -0400
  +++ /etc/ssl/openssl.cnf  2019-06-11 11:37:23.362889367 -0400
  @@ -12,6 +12,17 @@
   HOME = .
   RANDFILE = $ENV::HOME/.rnd
   
  +ssl_conf = ssl_sect
  +
  +[ssl_sect]
  +
  +system_default = system_default_sect
  +
  +[system_default_sect]
  +
  +Ciphers = TLS_AES_128_GCM_SHA256
  +Ciphersuites = TLS_AES_128_GCM_SHA256
  +
   # Extra OBJECT IDENTIFIER info:
   #oid_file= $ENV::HOME/.oid
   oid_section  = new_oids

  Doesn't work as s_client keeps negotiating TLS 1.3 with
  TLS_AES_256_GCM_SHA384 (!= 128)

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: openssl 1.1.1-1ubuntu2.1~18.04.1
  ProcVersionSignature: Ubuntu 4.15.0-51.55-generic 4.15.18
  Uname: Linux 4.15.0-51-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.9-0ubuntu7.6
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Jun 11 11:22:47 2019
  InstallationDate: Installed on 2018-07-15 (331 days ago)
  InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180714)
  ProcEnviron:
   LANG=en_CA.UTF-8
   TERM=xterm-256color
   SHELL=/bin/bash
   XDG_RUNTIME_DIR=
   PATH=(custom, no user)
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832370/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1831736] Re: [MIR] lz4 by default

2019-06-13 Thread Francis Ginther 
** Tags added: id-5d0162d5caee4b55443d4eda

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1831736

Title:
  [MIR] lz4 by default

Status in initramfs-tools package in Ubuntu:
  Fix Released
Status in linux package in Ubuntu:
  Confirmed
Status in live-build package in Ubuntu:
  Fix Released
Status in livecd-rootfs package in Ubuntu:
  Fix Released
Status in lz4 package in Ubuntu:
  Fix Released
Status in partman-auto package in Ubuntu:
  Triaged
Status in ubuntu-release-upgrader package in Ubuntu:
  Triaged

Bug description:
  Use `lz4 -9 -l` compression for initramfs by default as discussed on
  ubuntu-devel.

  This would also pull the lz4 package into main

  https://lists.ubuntu.com/archives/ubuntu-devel/2019-June/040726.html

  [Regression Potential]

  We are trying to optimize for total boot speed, but performing a
  micro-optimization upon time to create/unpack kernel/initrd is an
  insufficient benchmark for total boot speed. This is because it
  ignores time to load the kernel/initrd, and whether the
  firmware/bootloader were able to stream decompress it whilst loading
  it. I.e. it is argued that in the real world, subsecond decompression
  gains are irrelevant if UEFI firmware, tftp boot, etc. take a lot
  longer than that to read extra 10s of MBs of boot material.

  [TODO]
  Measure pure i/o load speed with stopwatch, to figure out MB/s speed of 
loading initrds/kernel off FAT32, EXT4, TFTP, HTTP.
  Re-evaluate if we should provide different compression mechanisms:
  - ie. gzip instead of lz4 for most cases (revert)
  - ie. xz for painful i/o cases (e.g. netboot)

  I booted grub2 and measured loading largish amount of files, ie. $
  date; initrd (hd0,gpt5)/initrd.img;  initrd (hd0,gpt5)/initrd.img;
  initrd (hd0,gpt5)/initrd.img; initrd (hd0,gpt5)/initrd.img; initrd
  (hd0,gpt5)/initrd.img; date

  To get a rough speed between 30 and 44 MB/s of loading these files off
  ext4 on nvme.

  With lz4 initrd taking 67M, and gzip initrd taking 59M, the grub i/o
  penalty is 0.18s whilst I gain over a second in faster decompression
  time. Overall a win.

  xz initrd is 36M meaning saving e.g. 0.8s of i/o time whilst gaining
  2.4s of decompression time, meaning overall worse than gzip.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1831736/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package gcc-defaults - 1.176ubuntu2.3

---
gcc-defaults (1.176ubuntu2.3) bionic; urgency=medium

  * No-change rebuild strictly against -security only (LP: #1828171).

 -- Łukasz 'sil2100' Zemczak   Mon, 20 May
2019 18:08:41 +0200

** Changed in: gcc-defaults (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171

Title:
  New toolchain updates need to be rebuilt against -security only

Status in binutils package in Ubuntu:
  New
Status in eclipse-titan package in Ubuntu:
  New
Status in gcc-7 package in Ubuntu:
  New
Status in gcc-7-cross package in Ubuntu:
  New
Status in gcc-7-cross-ports package in Ubuntu:
  New
Status in gcc-8 package in Ubuntu:
  New
Status in gcc-8-cross package in Ubuntu:
  New
Status in gcc-8-cross-ports package in Ubuntu:
  New
Status in gcc-defaults package in Ubuntu:
  New
Status in gcc-defaults-ports package in Ubuntu:
  New
Status in ggcov package in Ubuntu:
  New
Status in binutils source package in Bionic:
  Fix Released
Status in eclipse-titan source package in Bionic:
  Fix Released
Status in gcc-7 source package in Bionic:
  Fix Released
Status in gcc-7-cross source package in Bionic:
  Fix Released
Status in gcc-7-cross-ports source package in Bionic:
  Fix Released
Status in gcc-8 source package in Bionic:
  Fix Released
Status in gcc-8-cross source package in Bionic:
  Fix Released
Status in gcc-8-cross-ports source package in Bionic:
  Fix Released
Status in gcc-defaults source package in Bionic:
  Fix Released
Status in gcc-defaults-ports source package in Bionic:
  Fix Released
Status in ggcov source package in Bionic:
  Fix Released
Status in binutils source package in Cosmic:
  Fix Released
Status in eclipse-titan source package in Cosmic:
  Fix Released
Status in gcc-7 source package in Cosmic:
  Fix Released
Status in gcc-7-cross source package in Cosmic:
  Fix Released
Status in gcc-7-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-8 source package in Cosmic:
  Fix Released
Status in gcc-8-cross source package in Cosmic:
  Fix Released
Status in gcc-8-cross-ports source package in Cosmic:
  Fix Released
Status in gcc-defaults source package in Cosmic:
  Fix Released
Status in gcc-defaults-ports source package in Cosmic:
  Fix Released
Status in ggcov source package in Cosmic:
  Fix Released

Bug description:
  [Impact]
  With LP: #1814369, the toolchain packages have been updated in both cosmic 
and bionic, but due to an error those packages were built in -proposed as any 
regular SRU. For toolchain updates there exists a policy that those should be 
always built against -security *only*, and then released to both -security and 
-updates.

  Since this is not the case with the current toolchain update, we need
  to no-change rebuild all of the previously released toolchain packages
  in a -security enabled devirt PPA, sync them to -proposed with
  binaries and then release into the archives.

  [Regression Potential]
  As these are toolchain packages, there is always some regression potential. 
These will be no-change rebuilds so in theory the risk should be low, but the 
current versions of the packages have not been built against -security only 
before. It is hard to say how any regressions could manifest themselves.

  [Test Case]
  Making sure there are no reported regressions in the GCC and binutils test 
suites. Hopefully this will be sufficient.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1828171/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832421] Re: openssl reboot needed message using incorrect path to X server

2019-06-13 Thread Dimitri John Ledkov 
** Also affects: openssl (Ubuntu Disco)
   Importance: Undecided
   Status: New

** Also affects: openssl (Ubuntu Eoan)
   Importance: Undecided
   Status: New

** Also affects: openssl (Ubuntu Bionic)
   Importance: Undecided
   Status: New

** Also affects: openssl (Ubuntu Cosmic)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832421

Title:
  openssl reboot needed message using incorrect path to X server

Status in openssl package in Ubuntu:
  New
Status in openssl source package in Bionic:
  New
Status in openssl source package in Cosmic:
  New
Status in openssl source package in Disco:
  New
Status in openssl source package in Eoan:
  New

Bug description:
  Hello, the openssl library postinst file is using pidof /usr/bin/X,
  but that doesn't appear to be the path to the X11 server any more:

  debian/libssl1.1.postinst:

  # Only issue the reboot notification for servers; we proxy this by
  # testing that the X server is not running (LP: #244250)
  if ! pidof /usr/bin/X > /dev/null && [ -x 
/usr/share/update-notifier/notify-reboot-required ]; then
  /usr/share/update-notifier/notify-reboot-required
  fi

  
  On my 18.04 LTS laptop:

  $ ps auxw | grep Xorg
  root  2440  0.5  0.4 495932 78996 tty7 Rsl+ May10 264:45 
/usr/lib/xorg/Xorg :0 vt7 -nolisten tcp -auth /var/l

  Thanks

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: openssl 1.1.1-1ubuntu2.1~18.04.1
  ProcVersionSignature: Ubuntu 4.15.0-50.54-generic 4.15.18
  Uname: Linux 4.15.0-50-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.9-0ubuntu7.6
  Architecture: amd64
  Date: Tue Jun 11 18:06:51 2019
  InstallationDate: Installed on 2012-10-18 (2427 days ago)
  InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 
(20120823.1)
  ProcEnviron:
   TERM=rxvt-unicode-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: openssl
  UpgradeStatus: Upgraded to bionic on 2018-05-02 (406 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832421/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832356] Re: Upgrade OpenSSH to 7.9p1-10 or better in stable series

2019-06-13 Thread Francis Ginther 
** Tags added: id-5cf798031b7b1b7ce9d91438

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1832356

Title:
  Upgrade OpenSSH to 7.9p1-10 or better in stable series

Status in openssh package in Ubuntu:
  Fix Released
Status in openssh source package in Bionic:
  Confirmed
Status in openssh source package in Cosmic:
  Confirmed
Status in openssh source package in Disco:
  Fix Released
Status in openssh source package in Eoan:
  Fix Released

Bug description:
  [Impact]

   * 18.04 LTS release with a long support time frame
   * There are two versions of OpenSSL shipped in 18.04:
 - obsolete 1.0.2
 - current long term supported 1.1.1 series
   * OpenSSH in 18.04 is the only package in main using libcrypto from 1.0.2
   * The fact that OpenSSH uses a different libcrypto implementation impacts 
certification, 
 compliance, and security maintenance.
   * Furthermore OpenSSH does not benefit from hardware accelerated crypto, as 
available in 1.1.1
   * Thus there is a desire to upgrade OpenSSH in 18.04 from 1:7.6p1-4 to 
1:7.9p1-10 and compile 
 against OpenSSL 1.1.1
   * 1:7.9p1-10 is currently shipped in Disco/Eoan, and it is likely that 20.04 
will ship with 
 1:8.0p1 or newer. Thus security maintainance burden is slightly increased. 
However, 1:7.9p1-10
 is likely to be shipped in the next stable Debian release, and supported 
there for a long-ish
 time including debian-lts efforts. Thus there are some synergies.

  [Upstream Changelogs]

   * https://www.openssh.com/txt/release-7.9
   * https://www.openssh.com/txt/release-7.8
   * https://www.openssh.com/txt/release-7.7

  [Test Case]

   * Install openssh-server and openssh-client, check that they depend on 
libssl1.1 and do not depend 
 on libssl1.0
   
   * Check that there are no new connectivity issues between old/new servers 
and clients,
 at the very least between various Ubuntu releases in the public clouds.

  [Regression Potential]

  v7.9

   * ssh(1), sshd(8): the setting of the new CASignatureAlgorithms
 option (see below) bans the use of DSA keys as certificate
 authorities.

  DSA keys as certificate authorities are widely banned already. May
  affect connectivity.

   * sshd(8): the authentication success/failure log message has
 changed format slightly. It now includes the certificate
 fingerprint (previously it included only key ID and CA key
 fingerprint).

  This may impact log parsers, i.e. logwatch and similar. Possibly worth
  a NEWS entry.

  v7.8

   * ssh-keygen(1): write OpenSSH format private keys by default
 instead of using OpenSSL's PEM format. The OpenSSH format,
 supported in OpenSSH releases since 2014 and described in the
 PROTOCOL.key file in the source distribution, offers substantially
 better protection against offline password guessing and supports
 key comments in private keys. If necessary, it is possible to write
 old PEM-style keys by adding "-m PEM" to ssh-keygen's arguments
 when generating or updating a key.

  Normally, it shouldn't matter which format newly generated keys use.
  Existing keys remain unchanged. Systems that automatically
  generate/parse/store keys may be impacted. The risk here is low. As
  potential mitigation we can revert the default back to PEM for the SRU
  into bionic.

   * sshd(8): remove internal support for S/Key multiple factor
 authentication. S/Key may still be used via PAM or BSD auth.

  S/Key is not widely deployed. Most common OTP implementations use PAM
  stack, and use HOTP, TOTP, Yubikey and similar one time passwords,
  rather than S/Key. This is deemed low.

   * ssh(1): remove vestigal support for running ssh(1) as setuid. This
 used to be required for hostbased authentication and the (long
 gone) rhosts-style authentication, but has not been necessary for
 a long time. Attempting to execute ssh as a setuid binary, or with
 uid != effective uid will now yield a fatal error at runtime.

  This is security and hardening improvement. We do not ship sshd
  setuid.

   * sshd(8): the semantics of PubkeyAcceptedKeyTypes and the similar
 HostbasedAcceptedKeyTypes options have changed. These now specify
 signature algorithms that are accepted for their respective
 authentication mechanism, where previously they specified accepted
 key types. This distinction matters when using the RSA/SHA2
 signature algorithms "rsa-sha2-256", "rsa-sha2-512" and their
 certificate counterparts. Configurations that override these
 options but omit these algorithm names may cause unexpected
 authentication failures (no action is required for configurations
 that accept the default for these options).

  This is potentially a problem. We can add upgrade hooks to warn users
  about these, or abort the upgrade. This will require user

[Touch-packages] [Bug 1832689] Re: TPM certification tests now failing after update to 1.1.1 (test_output_formats)

2019-06-13 Thread Dimitri John Ledkov 
Removed /dev/null redirects and everything seems to be passing for
me


https://paste.ubuntu.com/p/4w5X6Rx3j9/

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832689

Title:
  TPM certification tests now failing after update to 1.1.1
  (test_output_formats)

Status in Provider for Plainbox - TPM2:
  Incomplete
Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  The certification team is running automated tests for every supported
  ubuntu-core device for every new core18 snap update. The recent core18
  includes the openssl 1.1.1 update and seems to have caused regressions
  in the TPM test suite (for the dawson-i device). I was able to dig out
  the test suite itself, with the failing test code located here:

  https://git.launchpad.net/plainbox-provider-
  tpm2/tree/data/tpm2-tools-3.0.4/test/system/test_output_formats.sh

  Test failure log seems to be this:

  openssl rsa -pubin -inform "$fmt" -text -in "$this_key" &> /dev/null
  on line 95 failed: 1

  The certification team will follow up with more information. This is
  currently causing core18 promotions to be blocked (and there has been
  over a month without a new core18 stable snap). Setting to critical.

  I noticed a follow-up SRU for openssl with fix for LP: #1828215 and
  was wondering if it might be related?

To manage notifications about this bug go to:
https://bugs.launchpad.net/plainbox-provider-tpm2/+bug/1832689/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832659] Re: openssl 1.1.1-1ubuntu2.1~18.04.1 contains upstream bug 7350

2019-06-13 Thread Dimitri John Ledkov 
** Tags added: regression-update

** Tags added: regression-release

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832659

Title:
  openssl 1.1.1-1ubuntu2.1~18.04.1 contains upstream bug 7350

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Bionic:
  New
Status in openssl source package in Cosmic:
  New
Status in openssl source package in Disco:
  Fix Released
Status in openssl source package in Eoan:
  Fix Released

Bug description:
  After the update of openssl in bionic, I started having an issue and
  after troubleshooting found this issue:

  https://github.com/openssl/openssl/issues/7350

  Applying the patch linked in that issue and rebuilding the openssl
  package avoided the issue.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: openssl 1.1.1-1ubuntu2.1~18.04.1
  ProcVersionSignature: Ubuntu 4.15.0-51.55-generic 4.15.18
  Uname: Linux 4.15.0-51-generic x86_64
  ApportVersion: 2.20.9-0ubuntu7.6
  Architecture: amd64
  Date: Thu Jun 13 00:21:16 2019
  InstallationDate: Installed on 2019-06-12 (0 days ago)
  InstallationMedia: Ubuntu-Server 18.04 LTS "Bionic Beaver" - Release amd64 
(20180426)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: openssl
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1832659/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1829968] Re: motd [on at least some instances] does not auto-update daily

2019-06-13 Thread Brian Murray 
** Changed in: base-files (Ubuntu Eoan)
 Assignee: (unassigned) => Brian Murray (brian-murray)

** Changed in: base-files (Ubuntu Eoan)
   Status: Triaged => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to base-files in Ubuntu.
https://bugs.launchpad.net/bugs/1829968

Title:
  motd [on at least some instances] does not auto-update daily

Status in base-files package in Ubuntu:
  In Progress
Status in base-files source package in Bionic:
  Triaged
Status in base-files source package in Eoan:
  In Progress

Bug description:
  I have a VM running on AWS. It was launched on May 9th:

$ uptime
 05:26:21 up 12 days,  6:34,  1 user,  load average: 0.00, 0.00, 0.00
$ date
Wed May 22 05:26:24 UTC 2019

  I touched none of the system defaults, and yet the motd has not
  updated automatically.

$ ls -l /var/cache/motd-news
-rw-r--r-- 1 root root 0 May  9 22:53 /var/cache/motd-news

  The systemd timer unit looks like this:

$ systemctl status motd-news.timer 
● motd-news.timer - Message of the Day
   Loaded: loaded (/lib/systemd/system/motd-news.timer; enabled; vendor 
preset: enabled)
   Active: active (elapsed) since Thu 2019-05-09 22:51:58 UTC; 1 weeks 5 
days ago
  Trigger: n/a

May 09 22:51:58 ip-172-31-23-224 systemd[1]: Started Message of the
  Day.

  If I run /etc/update-motd.d/50-motd-news --force manually, the file
  does update correctly.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1829968/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1831775] Re: ss seems broken when using multiple filters in the same cmdline

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package iproute2 - 4.18.0-1ubuntu3

---
iproute2 (4.18.0-1ubuntu3) eoan; urgency=medium

  * d/p/ss-review-ssfilter.patch: fixed issue with ss and ssfilter
where ssfilter rejects single expressions if enclosed in
braces (LP: #1831775)

 -- Rafael David Tinoco   Wed, 05 Jun 2019
21:26:00 -0300

** Changed in: iproute2 (Ubuntu Eoan)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iproute2 in Ubuntu.
https://bugs.launchpad.net/bugs/1831775

Title:
  ss seems broken when using multiple filters in the same cmdline

Status in iproute2 package in Ubuntu:
  Fix Released
Status in iproute2 source package in Cosmic:
  In Progress
Status in iproute2 source package in Disco:
  In Progress
Status in iproute2 source package in Eoan:
  Fix Released

Bug description:
  [Impact]

   * ss won't be able to run commands with single filters inside
  parentheses, like: "( sport == :X )", for example.

   * A workaround is to remove "( )" from single filters, since it looks
  the issue does not affect 2 filters being put together in the same
  parentheses, like: " ( X and Y ) and Y " instead of ( X and Y ) and (
  Y )".

   * CTDB is unable to use ss filter to obtain nodes public IP addresses
  in order to fail over services (LP: #722201).

  [Test Case]

   * Having an Ubuntu Cosmic, Disco or Eoan, try to execute the
  following command:

  $ ss -tn state established "( src [172.16.17.2] || src [172.16.17.3]
  )" "( sport == :2049 )"

 Independent of the IPs or ports being used. Copying and pasting the
  command should be enough for you to know if you are affected.

  Bad Result:

  ss: bison bellows (while parsing filter): "syntax error!" Sorry.
  Usage: ss [ OPTIONS ]
     ss [ OPTIONS ] [ FILTER ]
     -h, --help  this message
  ...

  Expected Result:

  Recv-QSend-Q Local Address:Port   
  Peer Address:Port
  ...

   * test case was discovered during CTDB scripts execution

  [Regression Potential]

   * biggest risk would be to affect ss interpreter (worst case scenario).
   * the proposed patch is based in upstream fix and was tested against the 
same issue reported as the reproducer (above) and some other generic ss 
commands.
   * any problem here is unlikely to change iproute2 most important command 
interpreter, "ip", since the patch is applied against ss code.

  [Other Info]

  ORIGINAL DESCRIPTION:

  Investigating an issue for CTDB (LP: #722201), after suggesting a fix
  on ss syntax to CTDB upstream project, we discovered that "ss" seems
  to be broken in Ubuntu since Ubuntu Cosmic:

  

  # Debian Sid

  inaddy@workstation:~$ ss -tn state established "( src [172.16.17.2] || src 
[172.16.17.3] )" "( sport == :2049 )"
  Recv-QSend-Q Local Address:Port   
  Peer Address:Port

  # Ubuntu Ubuntu 16.04 LTS (Xenial Xerus)

  (c)inaddy@xenial:~$ ss -tn state established "( src [172.16.17.2] || src 
[172.16.17.3] )" "( sport == :2049 )"
  Recv-Q Send-QLocal Address:Port   
Peer Address:Port

  # Ubuntu 18.04 LTS (Bionic Beaver)

  (c)inaddy@bionic:~$ ss -tn state established "( src [172.16.17.2] || src 
[172.16.17.3] )" "( sport == :2049 )"
  Recv-Q   Send-Q  Local Address:Port   
  Peer Address:Port

  # Ubuntu 18.10 (Cosmic Cuttlefish)

  (c)inaddy@cosmic:~$ ss -tn state established "( src [172.16.17.2] || src 
[172.16.17.3] )" "( sport == :2049 )"
  ss: bison bellows (while parsing filter): "syntax error!" Sorry.
  Usage: ss [ OPTIONS ]
     ss [ OPTIONS ] [ FILTER ]
     -h, --help  this message

  # Ubuntu 19.04 (Disco Dingo)

  (c)inaddy@disco:~$ ss -tn state established "( src [172.16.17.2] || src 
[172.16.17.3] )" "( sport == :2049 )"
  ss: bison bellows (while parsing filter): "syntax error!" Sorry.
  Usage: ss [ OPTIONS ]
     ss [ OPTIONS ] [ FILTER ]

  # Ubuntu 19.10 (Eoan Ermine)

  (c)inaddy@eoan:~$ ss -tn state established "( src [172.16.17.2] || src 
[172.16.17.3] )" "( sport == :2049 )"
  ss: bison bellows (while parsing filter): "syntax error!" Sorry.
  Usage: ss [ OPTIONS ]
     ss [ OPTIONS ] [ FILTER ]

  

  I have generated a pkg using upstream iproute2 source code and it does
  not suffer the issue. I have generated a package using Ubuntu cosmic
  source package, without debian/patches/*, and verified the issue still
  persists (not being introduced by any of our packages, and being
  present if vanilla upstream version used in Cosmic).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1831775/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe :

[Touch-packages] [Bug 1829968] Re: motd [on at least some instances] does not auto-update daily

2019-06-13 Thread Brian Murray 
** Also affects: base-files (Ubuntu Disco)
   Importance: Undecided
   Status: New

** Also affects: base-files (Ubuntu Cosmic)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to base-files in Ubuntu.
https://bugs.launchpad.net/bugs/1829968

Title:
  motd [on at least some instances] does not auto-update daily

Status in base-files package in Ubuntu:
  In Progress
Status in base-files source package in Bionic:
  Triaged
Status in base-files source package in Cosmic:
  New
Status in base-files source package in Disco:
  New
Status in base-files source package in Eoan:
  In Progress

Bug description:
  I have a VM running on AWS. It was launched on May 9th:

$ uptime
 05:26:21 up 12 days,  6:34,  1 user,  load average: 0.00, 0.00, 0.00
$ date
Wed May 22 05:26:24 UTC 2019

  I touched none of the system defaults, and yet the motd has not
  updated automatically.

$ ls -l /var/cache/motd-news
-rw-r--r-- 1 root root 0 May  9 22:53 /var/cache/motd-news

  The systemd timer unit looks like this:

$ systemctl status motd-news.timer 
● motd-news.timer - Message of the Day
   Loaded: loaded (/lib/systemd/system/motd-news.timer; enabled; vendor 
preset: enabled)
   Active: active (elapsed) since Thu 2019-05-09 22:51:58 UTC; 1 weeks 5 
days ago
  Trigger: n/a

May 09 22:51:58 ip-172-31-23-224 systemd[1]: Started Message of the
  Day.

  If I run /etc/update-motd.d/50-motd-news --force manually, the file
  does update correctly.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1829968/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1763870] Re: openssl: After symbol versioning, distributed pkgs are missing API symbols (e.g. EVP_PKEY_asn1_set_item)

2019-06-13 Thread Nicola Tuveri 
Here is a minimal working example to test the issue:
https://gist.github.com/romen/b95e99b3563a8ba4c27d88512c7932ff

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1763870

Title:
  openssl: After symbol versioning, distributed pkgs are missing API
  symbols (e.g. EVP_PKEY_asn1_set_item)

Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Xenial:
  New
Status in openssl package in Debian:
  Fix Released

Bug description:
  I'm developing an ENGINE for OpenSSL, and close to release, I noticed
  that in Ubuntu 16.04 LTS and in Debian oldstable-backports the build fails 
with the following output:

  ```
  /usr/bin/cc  -fPIC -g  -shared -Wl,-soname,liblibsuola.so -o liblibsuola.so 
CMakeFiles/suola.dir/suola.c.o CMakeFiles/suola.dir/suola_keypair.c.o 
CMakeFiles/suola.dir/debug/debug.c.o CMakeFiles/suola.dir/meths/X25519_meth.c.o 
CMakeFiles/suola.dir/meths/ed25519_meth.c.o 
CMakeFiles/suola.dir/meths/suola_asn1_meth.c.o 
CMakeFiles/suola.dir/meths/suola_md_identity_meth.c.o 
CMakeFiles/suola.dir/ossl/ossl_compat.c.o 
CMakeFiles/suola.dir/ossl/suola_err.c.o 
CMakeFiles/suola.dir/ossl/suola_objects.c.o 
CMakeFiles/suola.dir/providers/libsodium/base.c.o 
CMakeFiles/suola.dir/providers/libsodium/curve25519.c.o 
CMakeFiles/suola.dir/providers/libsodium/ed25519.c.o -lssl -lcrypto 
/opt/libsodium-stable/lib/libsodium.so -Wl,-z,defs 
-Wl,-rpath,/opt/libsodium-stable/lib:
  CMakeFiles/suola.dir/meths/suola_asn1_meth.c.o: In function 
`suola_register_asn1_meth':
  /usr/local/src/libsuola/meths/suola_asn1_meth.c:505: undefined reference to 
`EVP_PKEY_asn1_set_item'
  collect2: error: ld returned 1 exit status
  make[2]: *** [liblibsuola.so] Error 1
  CMakeFiles/suola.dir/build.make:412: recipe for target 'liblibsuola.so' failed
  make[2]: Leaving directory '/usr/local/src/libsuola/build'
  make[1]: *** [CMakeFiles/suola.dir/all] Error 2
  make: *** [all] Error 2
  ```

  This does not happen linking against the same exact release of openssl
  compiled from source on the same system.

  I then learned that one of the patches applied by Debian and inherited
  also by Ubuntu has the goal of versioning library symbols to avoid
  conflicts.

  Unfortunately said patch is not updated regularly with each release of
  OpenSSL, resulting, like in my case, in symbols available in the public
  header files but masked through versioning in the shared library binary.

  The attached patch fixes my need by adding `EVP_PKEY_asn1_set_item` to
  the list, but you might consider an internal review of your release
  process to make sure that the list of symbols is updated whenever a new
  upstream releases makes new functions publicly available.

  
  I believe this bug is important, as it stops everyone using official
  packages from using third-party ENGINEs that require to use that
  function to set special handling of ASN.1 format, which basically
  includes every ENGINE that would add support for cryptosystems that
  upstream OpenSSL does not support (defying the purpose of using some
  ENGINEs).

  The patch I propose covers my use case, but basically the package as is 
results
  unusable to any user of any application that may require functions
  available in the public headers but accidentally masked in the symbol
  versioning step.

  The ideal outcome of fixing this issue would consist in making the
  versioning patch dynamic, checking when symbols are added (or removed)
  in newer releases and updating the list accordingly.

  
  You might have the same versioning patch applied in other releases, so it's
  worth tagging this bug also for those to make the handling of the exposed 
symbols consistent.

  Finally I also opened a similar bug against the equivalent Debian 
oldstable-backports package, but I opened an Ubuntu-specific bug report because 
16.04 ships a more recent version of the package and the inherited symbol 
versioning patch has already been modified compared with the original Debian 
one.
  For reference this is the Debian bug report: 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895547

  
  -- System information --

  # lsv_release -rd
  Description:Ubuntu 16.04.4 LTS
  Release:16.04

  # apt-cache policy libssl-dev
  libssl-dev:
Installed: 1.0.2g-1ubuntu4.11
Candidate: 1.0.2g-1ubuntu4.11
Version table:
   *** 1.0.2g-1ubuntu4.11 500
  500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 
Packages
  500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 
Packages
  100 /var/lib/dpkg/status
   1.0.2g-1ubuntu4 500
  500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: libssl-dev 1.0.2g-1ubuntu4.11
  ProcVersionSignature: Ubuntu 4.13.0-36.40~16.04.1-generic 4.13.13
  Uname: Linux 4.13.0-36-generic

[Touch-packages] [Bug 1763870] Re: openssl: After symbol versioning, distributed pkgs are missing API symbols (e.g. EVP_PKEY_asn1_set_item)

2019-06-13 Thread Nicola Tuveri 
I can also further confirm that even on the latest LTS, bionic, the same
problem still exists today when using the latest version of the official
packages `openssl1.0`, `libssl1.0.0`, and `libssl1.0-dev` to have access
OpenSSL 1.0.2.

So I would also formally request to reevaluate the "fixed" status for
Ubuntu releases after xenial that are still offering official packages
for OpenSSL <1.1.0.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1763870

Title:
  openssl: After symbol versioning, distributed pkgs are missing API
  symbols (e.g. EVP_PKEY_asn1_set_item)

Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Xenial:
  New
Status in openssl package in Debian:
  Fix Released

Bug description:
  I'm developing an ENGINE for OpenSSL, and close to release, I noticed
  that in Ubuntu 16.04 LTS and in Debian oldstable-backports the build fails 
with the following output:

  ```
  /usr/bin/cc  -fPIC -g  -shared -Wl,-soname,liblibsuola.so -o liblibsuola.so 
CMakeFiles/suola.dir/suola.c.o CMakeFiles/suola.dir/suola_keypair.c.o 
CMakeFiles/suola.dir/debug/debug.c.o CMakeFiles/suola.dir/meths/X25519_meth.c.o 
CMakeFiles/suola.dir/meths/ed25519_meth.c.o 
CMakeFiles/suola.dir/meths/suola_asn1_meth.c.o 
CMakeFiles/suola.dir/meths/suola_md_identity_meth.c.o 
CMakeFiles/suola.dir/ossl/ossl_compat.c.o 
CMakeFiles/suola.dir/ossl/suola_err.c.o 
CMakeFiles/suola.dir/ossl/suola_objects.c.o 
CMakeFiles/suola.dir/providers/libsodium/base.c.o 
CMakeFiles/suola.dir/providers/libsodium/curve25519.c.o 
CMakeFiles/suola.dir/providers/libsodium/ed25519.c.o -lssl -lcrypto 
/opt/libsodium-stable/lib/libsodium.so -Wl,-z,defs 
-Wl,-rpath,/opt/libsodium-stable/lib:
  CMakeFiles/suola.dir/meths/suola_asn1_meth.c.o: In function 
`suola_register_asn1_meth':
  /usr/local/src/libsuola/meths/suola_asn1_meth.c:505: undefined reference to 
`EVP_PKEY_asn1_set_item'
  collect2: error: ld returned 1 exit status
  make[2]: *** [liblibsuola.so] Error 1
  CMakeFiles/suola.dir/build.make:412: recipe for target 'liblibsuola.so' failed
  make[2]: Leaving directory '/usr/local/src/libsuola/build'
  make[1]: *** [CMakeFiles/suola.dir/all] Error 2
  make: *** [all] Error 2
  ```

  This does not happen linking against the same exact release of openssl
  compiled from source on the same system.

  I then learned that one of the patches applied by Debian and inherited
  also by Ubuntu has the goal of versioning library symbols to avoid
  conflicts.

  Unfortunately said patch is not updated regularly with each release of
  OpenSSL, resulting, like in my case, in symbols available in the public
  header files but masked through versioning in the shared library binary.

  The attached patch fixes my need by adding `EVP_PKEY_asn1_set_item` to
  the list, but you might consider an internal review of your release
  process to make sure that the list of symbols is updated whenever a new
  upstream releases makes new functions publicly available.

  
  I believe this bug is important, as it stops everyone using official
  packages from using third-party ENGINEs that require to use that
  function to set special handling of ASN.1 format, which basically
  includes every ENGINE that would add support for cryptosystems that
  upstream OpenSSL does not support (defying the purpose of using some
  ENGINEs).

  The patch I propose covers my use case, but basically the package as is 
results
  unusable to any user of any application that may require functions
  available in the public headers but accidentally masked in the symbol
  versioning step.

  The ideal outcome of fixing this issue would consist in making the
  versioning patch dynamic, checking when symbols are added (or removed)
  in newer releases and updating the list accordingly.

  
  You might have the same versioning patch applied in other releases, so it's
  worth tagging this bug also for those to make the handling of the exposed 
symbols consistent.

  Finally I also opened a similar bug against the equivalent Debian 
oldstable-backports package, but I opened an Ubuntu-specific bug report because 
16.04 ships a more recent version of the package and the inherited symbol 
versioning patch has already been modified compared with the original Debian 
one.
  For reference this is the Debian bug report: 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895547

  
  -- System information --

  # lsv_release -rd
  Description:Ubuntu 16.04.4 LTS
  Release:16.04

  # apt-cache policy libssl-dev
  libssl-dev:
Installed: 1.0.2g-1ubuntu4.11
Candidate: 1.0.2g-1ubuntu4.11
Version table:
   *** 1.0.2g-1ubuntu4.11 500
  500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 
Packages
  500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 
Packages
  100 /var/lib/dpkg/status

[Touch-packages] [Bug 1829366] Re: [SRU] Bugfix release 1.14.4

2019-06-13 Thread Łukasz Zemczak 
Hello Iain, or anyone else affected,

Accepted gstreamer-vaapi into bionic-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/gstreamer-
vaapi/1.14.4-1~ubuntu18.04.1 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: gstreamer-vaapi (Ubuntu Bionic)
   Status: In Progress => Fix Committed

** Changed in: gstreamer-editing-services1.0 (Ubuntu Bionic)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1829366

Title:
  [SRU]  Bugfix release 1.14.4

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  In Progress
Status in gst-plugins-bad1.0 source package in Bionic:
  In Progress
Status in gst-plugins-base1.0 source package in Bionic:
  In Progress
Status in gst-plugins-good1.0 source package in Bionic:
  In Progress
Status in gst-plugins-ugly1.0 source package in Bionic:
  In Progress
Status in gst-python1.0 source package in Bionic:
  In Progress
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-vaapi source package in Bionic:
  Fix Committed
Status in gstreamer1.0 source package in Bionic:
  Fix Committed

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  If one of the fixes is bad then it might break video or audio
  playback, or could crash any application that tries to use gstreamer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1829366/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1829366] Please test proposed package

2019-06-13 Thread Łukasz Zemczak 
Hello Iain, or anyone else affected,

Accepted gstreamer-editing-services1.0 into bionic-proposed. The package
will build now and be available at https://launchpad.net/ubuntu/+source
/gstreamer-editing-services1.0/1.14.4-1~ubuntu18.04.1 in a few hours,
and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1829366

Title:
  [SRU]  Bugfix release 1.14.4

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  In Progress
Status in gst-plugins-bad1.0 source package in Bionic:
  In Progress
Status in gst-plugins-base1.0 source package in Bionic:
  In Progress
Status in gst-plugins-good1.0 source package in Bionic:
  In Progress
Status in gst-plugins-ugly1.0 source package in Bionic:
  In Progress
Status in gst-python1.0 source package in Bionic:
  In Progress
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-vaapi source package in Bionic:
  Fix Committed
Status in gstreamer1.0 source package in Bionic:
  Fix Committed

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  If one of the fixes is bad then it might break video or audio
  playback, or could crash any application that tries to use gstreamer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1829366/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1829366] Please test proposed package

2019-06-13 Thread Łukasz Zemczak 
Hello Iain, or anyone else affected,

Accepted gst-plugins-ugly1.0 into bionic-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source/gst-
plugins-ugly1.0/1.14.4-1~ubuntu18.04.1 in a few hours, and then in the
-proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1829366

Title:
  [SRU]  Bugfix release 1.14.4

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-bad1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-base1.0 source package in Bionic:
  In Progress
Status in gst-plugins-good1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-ugly1.0 source package in Bionic:
  Fix Committed
Status in gst-python1.0 source package in Bionic:
  Fix Committed
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-vaapi source package in Bionic:
  Fix Committed
Status in gstreamer1.0 source package in Bionic:
  Fix Committed

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  If one of the fixes is bad then it might break video or audio
  playback, or could crash any application that tries to use gstreamer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1829366/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1829366] Please test proposed package

2019-06-13 Thread Łukasz Zemczak 
Hello Iain, or anyone else affected,

Accepted gst-libav1.0 into bionic-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/gst-
libav1.0/1.14.4-0ubuntu1~ubuntu18.04.1 in a few hours, and then in the
-proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: gst-plugins-ugly1.0 (Ubuntu Bionic)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1829366

Title:
  [SRU]  Bugfix release 1.14.4

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-bad1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-base1.0 source package in Bionic:
  In Progress
Status in gst-plugins-good1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-ugly1.0 source package in Bionic:
  Fix Committed
Status in gst-python1.0 source package in Bionic:
  Fix Committed
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-vaapi source package in Bionic:
  Fix Committed
Status in gstreamer1.0 source package in Bionic:
  Fix Committed

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  If one of the fixes is bad then it might break video or audio
  playback, or could crash any application that tries to use gstreamer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1829366/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1756595] Re: disk space info inadvertently provides all installed snaps

2019-06-13 Thread Brian Murray 
** Also affects: apt (Ubuntu Disco)
   Importance: Undecided
   Status: New

** Also affects: apport (Ubuntu Disco)
   Importance: Undecided
   Status: New

** Changed in: apt (Ubuntu Disco)
   Status: New => Triaged

** Changed in: apt (Ubuntu Disco)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1756595

Title:
  disk space info inadvertently provides all installed snaps

Status in apport package in Ubuntu:
  Invalid
Status in apt package in Ubuntu:
  Fix Committed
Status in apport source package in Bionic:
  Invalid
Status in apt source package in Bionic:
  Triaged
Status in apport source package in Disco:
  New
Status in apt source package in Disco:
  Triaged

Bug description:
  When apport is reporting a crash, it includes the output of the "df"
  utility, to list the free disk space information per mount point.

  That output nowadays will inadvertently include all snaps that the
  user may have installed, including their revision numbers.

  Here is a simple df output:
  andreas@nsn7:~$ df
  Filesystem  1K-blocksUsed Available Use% Mounted on
  udev  8119680   0   8119680   0% /dev
  tmpfs 16301561828   1628328   1% /run
  nsn7/ROOT/ubuntu433084288 2500608 430583680   1% /
  tmpfs 8150776   1   8131888   1% /dev/shm
  tmpfs5120   4  5116   1% /run/lock
  tmpfs 8150776   0   8150776   0% 
/sys/fs/cgroup
  nsn7/var/log430763136  179456 430583680   1% /var/log
  nsn7/var/tmp430583808 128 430583680   1% /var/tmp
  /dev/sda2 1032088  160336871752  16% /boot
  /dev/sda1  5232482720520528   1% /boot/efi
  nsn7/home   430651264   67584 430583680   1% /home
  nsn7/var/cache  430653312   69632 430583680   1% /var/cache
  nsn7/var/mail   430583808 128 430583680   1% /var/mail
  nsn7/var/spool  430583808 128 430583680   1% /var/spool
  tmpfs 1630152  16   1630136   1% /run/user/120
  tmpfs 100   0   100   0% 
/var/lib/lxd/shmounts
  tmpfs 100   0   100   0% 
/var/lib/lxd/devlxd
  tmpfs 1630152  36   1630116   1% 
/run/user/1000
  nsn7/lxd/containers/squid-ds216 431444096  860416 430583680   1% 
/var/lib/lxd/storage-pools/default/containers/squid-ds216
  /dev/loop0  83712   83712 0 100% 
/snap/core/4206
  /dev/loop1 102144  102144 0 100% 
/snap/git-ubuntu/402

  You can see I have the core snap at revision 4206, and git-ubuntu at
  revision 402.

  There are already many bug reports in launchpad where one can see this
  information.

  Granted, the user can review it, refuse to send this data, etc. This
  bug is about the unexpectedness of having that information in the disk
  space data.

  If the user sees a prompt like "Would you like to include disk free
  space information in your report?", or "Would you like to include the
  output of the df(1) command in your report?", that doesn't immediately
  translate to "Would you like to include disk free space information
  and a list of all installed snaps and their revision numbers in your
  report?".

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1756595/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1763870] Re: openssl: After symbol versioning, distributed pkgs are missing API symbols (e.g. EVP_PKEY_asn1_set_item)

2019-06-13 Thread Nicola Tuveri 
I can confirm that while this is "fixed" by updating to a newer release
of Ubuntu (or Debian, as can be read in the Debian bug tracker), this
problem is still present in Xenial.

The reason it is fixed in newer releases is that they ship OpenSSL >=
1.1.0 where upstream takes care of symbol versioning for the public
symbols in the library.

Xenial uses OpenSSL 1.0.2, and the package maintainers have a custom
script to tag known symbols in the library with a version number, and
mask all the symbols not explicitly whitelisted in the script.

As reported more than 1 year ago, this script has not been properly
maintained, so in Xenial, today, there are still symbols like
`EVP_PKEY_asn1_set_item` that are exposed to application developers as
part of the public API in the headers contained in the latest package
version for libssl-dev, but that are not linkable because they have
never been whitelisted by the package maintainers.

In Debian this is now considered Fixed, as the currently supported
releases all ship OpenSSL >=1.1.0, but Ubuntu Xenial is supposed to be
supported until April 2021.

What can I do to get some attention to this issue and fix the problem in
Xenial?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1763870

Title:
  openssl: After symbol versioning, distributed pkgs are missing API
  symbols (e.g. EVP_PKEY_asn1_set_item)

Status in openssl package in Ubuntu:
  Fix Released
Status in openssl source package in Xenial:
  New
Status in openssl package in Debian:
  Fix Released

Bug description:
  I'm developing an ENGINE for OpenSSL, and close to release, I noticed
  that in Ubuntu 16.04 LTS and in Debian oldstable-backports the build fails 
with the following output:

  ```
  /usr/bin/cc  -fPIC -g  -shared -Wl,-soname,liblibsuola.so -o liblibsuola.so 
CMakeFiles/suola.dir/suola.c.o CMakeFiles/suola.dir/suola_keypair.c.o 
CMakeFiles/suola.dir/debug/debug.c.o CMakeFiles/suola.dir/meths/X25519_meth.c.o 
CMakeFiles/suola.dir/meths/ed25519_meth.c.o 
CMakeFiles/suola.dir/meths/suola_asn1_meth.c.o 
CMakeFiles/suola.dir/meths/suola_md_identity_meth.c.o 
CMakeFiles/suola.dir/ossl/ossl_compat.c.o 
CMakeFiles/suola.dir/ossl/suola_err.c.o 
CMakeFiles/suola.dir/ossl/suola_objects.c.o 
CMakeFiles/suola.dir/providers/libsodium/base.c.o 
CMakeFiles/suola.dir/providers/libsodium/curve25519.c.o 
CMakeFiles/suola.dir/providers/libsodium/ed25519.c.o -lssl -lcrypto 
/opt/libsodium-stable/lib/libsodium.so -Wl,-z,defs 
-Wl,-rpath,/opt/libsodium-stable/lib:
  CMakeFiles/suola.dir/meths/suola_asn1_meth.c.o: In function 
`suola_register_asn1_meth':
  /usr/local/src/libsuola/meths/suola_asn1_meth.c:505: undefined reference to 
`EVP_PKEY_asn1_set_item'
  collect2: error: ld returned 1 exit status
  make[2]: *** [liblibsuola.so] Error 1
  CMakeFiles/suola.dir/build.make:412: recipe for target 'liblibsuola.so' failed
  make[2]: Leaving directory '/usr/local/src/libsuola/build'
  make[1]: *** [CMakeFiles/suola.dir/all] Error 2
  make: *** [all] Error 2
  ```

  This does not happen linking against the same exact release of openssl
  compiled from source on the same system.

  I then learned that one of the patches applied by Debian and inherited
  also by Ubuntu has the goal of versioning library symbols to avoid
  conflicts.

  Unfortunately said patch is not updated regularly with each release of
  OpenSSL, resulting, like in my case, in symbols available in the public
  header files but masked through versioning in the shared library binary.

  The attached patch fixes my need by adding `EVP_PKEY_asn1_set_item` to
  the list, but you might consider an internal review of your release
  process to make sure that the list of symbols is updated whenever a new
  upstream releases makes new functions publicly available.

  
  I believe this bug is important, as it stops everyone using official
  packages from using third-party ENGINEs that require to use that
  function to set special handling of ASN.1 format, which basically
  includes every ENGINE that would add support for cryptosystems that
  upstream OpenSSL does not support (defying the purpose of using some
  ENGINEs).

  The patch I propose covers my use case, but basically the package as is 
results
  unusable to any user of any application that may require functions
  available in the public headers but accidentally masked in the symbol
  versioning step.

  The ideal outcome of fixing this issue would consist in making the
  versioning patch dynamic, checking when symbols are added (or removed)
  in newer releases and updating the list accordingly.

  
  You might have the same versioning patch applied in other releases, so it's
  worth tagging this bug also for those to make the handling of the exposed 
symbols consistent.

  Finally I also opened a similar bug against the equivalent Debian 
oldstable-backports package, but I opened an

[Touch-packages] [Bug 1772898] Re: [SRU] New stable release 1.14.1

2019-06-13 Thread Łukasz Zemczak 
Hello Iain, or anyone else affected,

Accepted gst-plugins-good1.0 into bionic-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source/gst-
plugins-good1.0/1.14.4-1ubuntu1~ubuntu18.04.1 in a few hours, and then
in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: gst-plugins-good1.0 (Ubuntu Bionic)
   Status: Fix Released => Fix Committed

** Tags removed: verification-done verification-done-bionic
** Tags added: verification-needed verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1772898

Title:
  [SRU] New stable release 1.14.1

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-bad1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-base1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-good1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-ugly1.0 source package in Bionic:
  Fix Released
Status in gst-python1.0 source package in Bionic:
  Fix Released
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Released
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Released
Status in gstreamer-vaapi source package in Bionic:
  Fix Released
Status in gstreamer1.0 source package in Bionic:
  Fix Released

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  One of the fixes could be bad. Watch out for it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1772898/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1829366] Re: [SRU] Bugfix release 1.14.4

2019-06-13 Thread Łukasz Zemczak 
Hello Iain, or anyone else affected,

Accepted gst-plugins-good1.0 into bionic-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source/gst-
plugins-good1.0/1.14.4-1ubuntu1~ubuntu18.04.1 in a few hours, and then
in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: gst-plugins-good1.0 (Ubuntu Bionic)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1829366

Title:
  [SRU]  Bugfix release 1.14.4

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  In Progress
Status in gst-plugins-bad1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-base1.0 source package in Bionic:
  In Progress
Status in gst-plugins-good1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-ugly1.0 source package in Bionic:
  In Progress
Status in gst-python1.0 source package in Bionic:
  Fix Committed
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-vaapi source package in Bionic:
  Fix Committed
Status in gstreamer1.0 source package in Bionic:
  Fix Committed

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  If one of the fixes is bad then it might break video or audio
  playback, or could crash any application that tries to use gstreamer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1829366/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832754] [NEW] ubuntu-bug systemd

2019-06-13 Thread Tim Ritberg 
Public bug reported:

I am using Xubuntu 18.04 64 bit and got "shutdown[1]: Failed to wait for
process: Protocol error" at shutdown or reboot and hangs.

systemd: 237-3ubuntu10.22

It's this issue:
https://github.com/systemd/systemd/issues/8155

** Affects: systemd (Ubuntu)
 Importance: Undecided
 Status: New

** Package changed: nvidia-graphics-drivers-390 (Ubuntu) => systemd
(Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1832754

Title:
  ubuntu-bug systemd

Status in systemd package in Ubuntu:
  New

Bug description:
  I am using Xubuntu 18.04 64 bit and got "shutdown[1]: Failed to wait
  for process: Protocol error" at shutdown or reboot and hangs.

  systemd: 237-3ubuntu10.22

  It's this issue:
  https://github.com/systemd/systemd/issues/8155

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1832754/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832754] [NEW] ubuntu-bug systemd

2019-06-13 Thread Launchpad Bug Tracker 
You have been subscribed to a public bug:

I am using Xubuntu 18.04 64 bit and got "shutdown[1]: Failed to wait for
process: Protocol error" at shutdown or reboot and hangs.

systemd: 237-3ubuntu10.22

It's this issue:
https://github.com/systemd/systemd/issues/8155

** Affects: systemd (Ubuntu)
 Importance: Undecided
 Status: New

-- 
ubuntu-bug systemd
https://bugs.launchpad.net/bugs/1832754
You received this bug notification because you are a member of Ubuntu Touch 
seeded packages, which is subscribed to systemd in Ubuntu.

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1829366] Re: [SRU] Bugfix release 1.14.4

2019-06-13 Thread Łukasz Zemczak 
Hello Iain, or anyone else affected,

Accepted gst-plugins-bad1.0 into bionic-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/gst-
plugins-bad1.0/1.14.4-1ubuntu1~ubuntu18.04.1 in a few hours, and then in
the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: gst-plugins-bad1.0 (Ubuntu Bionic)
   Status: In Progress => Fix Committed

** Changed in: gst-python1.0 (Ubuntu Bionic)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1829366

Title:
  [SRU]  Bugfix release 1.14.4

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-bad1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-base1.0 source package in Bionic:
  In Progress
Status in gst-plugins-good1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-ugly1.0 source package in Bionic:
  Fix Committed
Status in gst-python1.0 source package in Bionic:
  Fix Committed
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-vaapi source package in Bionic:
  Fix Committed
Status in gstreamer1.0 source package in Bionic:
  Fix Committed

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  If one of the fixes is bad then it might break video or audio
  playback, or could crash any application that tries to use gstreamer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1829366/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828215] Re: openssl ca -spkac output regressed

2019-06-13 Thread Marc Deslauriers 
I have run bionic-proposed cosmic-proposed and disco-proposed through
the usual security team test procedure. They can be released with the
fix for CVE-2019-1543.

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-1543

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1828215

Title:
  openssl ca -spkac output regressed

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  Fix Committed
Status in openssl source package in Cosmic:
  Fix Committed
Status in openssl source package in Disco:
  Fix Committed
Status in openssl source package in Eoan:
  Fix Committed

Bug description:
  [Impact]

   * openssl command line utility option parsing has regressed in
  1.1.0i+ and produces binary output, where text output is expected,
  breaking applications that parse that.

  [Test Case]

  Setup CA:
  $ apt install openssl
  $ mkdir -p  demoCA/private demoCA/newcerts
  $ touch demoCA/index.txt
  $ echo 01 > demoCA/serial

  $ openssl req -new -x509 -days 365 -newkey rsa:4096 -keyout
  demoCA/private/cakey.pem -out demoCA/cacert.pem

  # Use password test
  # Accept defaults for all other settings

  $ openssl req -new -days 365 -newkey rsa:4096 -keyout
  demoCA/sslkey.pem -out demoCA/sslcert.pem

  Generate regular request / key:
  # Use password test
  # Set common name to: example.com
  # Accept defaults for all other settings

  Generate spkac request:
  $ openssl spkac -key demoCA/sslkey.pem -out demoCA/sslcert.spkac
  $ cat <>demoCA/sslcert.spkac 
  countryName=AU
  stateOrProvinceName=Some-State
  organizationName=Internet Widgits Pty Ltd
  commonName=example.com
  EOF

  Sign spkac request:
  $ echo test | openssl ca -passin stdin -batch -spkac demoCA/sslcert.spkac 
-startdate 190121130654Z

  Expected: pure text output
  Unexpected: binary output for the signed cert

  
   Currently produces binary goop.

   Should produce PEM format Base64 encoded certificate data in a block 
surrounded
   with BEGIN/END certificate.

  [Regression Potential]

   * This is a regression in cosmic and up, and impeding regression in
  bionic with the upcoming 1.1.1 SRU. A bugfix exists upstream.

  [Other Info]

   * Originally reported
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1797386/comments/39

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1828215/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1667016] Re: tcpdump in lxd container: apparmor blocks writing to stdout/stderr

2019-06-13 Thread Brian Candler 
*** This bug is a duplicate of bug 1641236 ***
https://bugs.launchpad.net/bugs/1641236

I believe this bug has been wrongly marked as a duplicate of #1641236.
I described in the second paragraph of the bug report why this is *not*
a duplicate.

#1641236 is when lxc exec passes an open pty from the host to the
container.

This bug (#1667016) is specifically when the pty is opened within the
container, by connecting to sshd inside the container.

See also: https://github.com/lxc/lxd/issues/2930

** Bug watch added: LXD bug tracker #2930
   https://github.com/lxc/lxd/issues/2930

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1667016

Title:
  tcpdump in lxd container: apparmor blocks writing to stdout/stderr

Status in apparmor package in Ubuntu:
  Confirmed

Bug description:
  [ubuntu 16.04, lxd 2.0.8 or 2.0.9, tcpdump 4.7.4 or 4.9.0]

  If you ssh into an lxd container as a normal user, and inside that
  container run "sudo tcpdump", the tcpdump process is blocked from
  writing to stdout/stderr.  This appears to be due to apparmor:
  disabling apparmor for tcpdump makes the problem go away.

  ln -s /etc/apparmor.d/usr.sbin.tcpdump /etc/apparmor.d/disable/

  Note: this is a different bug from #1641236. In that bug, the user did
  "lxc exec  bash" to get a shell in the container; the
  stdout fd was being passed from the outer host to the container.  But
  in this case, the pty is being created entirely inside the container
  by sshd.

  Details copied from https://github.com/lxc/lxd/issues/2930

  # Steps to reproduce

  1. Create two Ubuntu 16.04 lxd containers, one privileged, one not.
  2. ssh into each one, and then use `sudo -s` to get root. (Do not use `lxc 
exec` because of issue #1641236)
  3. Inside one run `tcpdump -i eth0 -nn not tcp port 22`, and ping from the 
other.

  tcpdump in the privileged container works just fine.

  tcpdump in the unprivileged container does not show any output. But if
  I run strace on it I see errors attempting to access stdout and
  stderr:

  ~~~
  ioctl(1, TCGETS, 0x7fff97c8d680)= -1 ENOTTY (Inappropriate ioctl for 
device)
  ...
  write(2, "tcpdump: verbose output suppress"..., 75) = -1 EACCES (Permission 
denied)
  write(2, "listening on eth0, link-type EN1"..., 74) = -1 EACCES (Permission 
denied)
  ~~~

  This is very weird.  Even more weird: the following command *does*
  capture packets:

  ~~~
  tcpdump -i eth0 -nn -w foo.pcap
  ~~~

  The file foo.pcap grows. This proves it's nothing to do with network
  capture perms.

  But the following command shows no output:

  ~~~
  tcpdump -r foo.pcap -nn
  ~~~

  And again it's because it can't write to stdout:

  ~~~
  fstat(1, 0x7ffe2fb5eb10)= -1 EACCES (Permission denied)
  read(3, "", 4096)   = 0
  write(1, "14:34:30.618180 IP6 fe80::c609:6"..., 1740) = -1 EACCES (Permission 
denied)
  ~~~

  I had originally thought this was to do with capabilities.  But if I
  run `capsh --print` inside both containers, they both have
  `cap_net_raw` and `cap_net_admin`.  In fact, the unprivileged
  container has two additional capabilities!  (`cap_mac_override` and
  `cap_mac_admin`)

  So now I suspect that apparmor is at fault.

   dmesg

  dmesg output generated by the following steps:

  * start tcpdump
  * wait 5 seconds
  * send 1 ping from other side
  * wait 5 seconds
  * stop tcpdump

  ~~~
  [429020.685987] audit: type=1400 audit(1487774339.708:3597): 
apparmor="DENIED" operation="file_inherit" 
namespace="root//lxd-srv2-campus1_" profile="/usr/sbin/tcpdump" 
name="/dev/pts/0" pid=12539 comm="tcpdump" requested_mask="wr" denied_mask="wr" 
fsuid=10 ouid=101001
  [429020.686000] audit: type=1400 audit(1487774339.708:3598): 
apparmor="DENIED" operation="file_inherit" 
namespace="root//lxd-srv2-campus1_" profile="/usr/sbin/tcpdump" 
name="/dev/pts/0" pid=12539 comm="tcpdump" requested_mask="wr" denied_mask="wr" 
fsuid=10 ouid=101001
  [429020.686013] audit: type=1400 audit(1487774339.708:3599): 
apparmor="DENIED" operation="file_inherit" 
namespace="root//lxd-srv2-campus1_" profile="/usr/sbin/tcpdump" 
name="/dev/pts/0" pid=12539 comm="tcpdump" requested_mask="wr" denied_mask="wr" 
fsuid=10 ouid=101001
  [429020.686022] audit: type=1400 audit(1487774339.708:3600): 
apparmor="DENIED" operation="file_inherit" 
namespace="root//lxd-srv2-campus1_" profile="/usr/sbin/tcpdump" 
name="/dev/pts/0" pid=12539 comm="tcpdump" requested_mask="wr" denied_mask="wr" 
fsuid=10 ouid=101001
  [429020.716725] device eth0 entered promiscuous mode
  [429020.741308] audit: type=1400 audit(1487774339.764:3601): 
apparmor="DENIED" operation="file_perm" info="Failed name lookup - disconnected 
path" error=-13 namespace="root//lxd-srv2-campus1_" 
profile="/usr/sbin/tcpdump" name="apparmor/.null" pid=12539 comm="tcpdump" 
requested_mask="w"

[Touch-packages] [Bug 1782535] Re: cifs - poor upload speed with nautilus compared to rsync

2019-06-13 Thread Florian Schwarz 
Issue may get closed.

Solved with upgrading to Ubuntu 19.04.

Nevertheless thanks for your help.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to glib2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1782535

Title:
  cifs - poor upload speed with nautilus compared to rsync

Status in glib2.0 package in Ubuntu:
  Triaged

Bug description:
  I'm mounting folders from my NAS on my computer (Ubuntu 18.04) with
  cifs. Copying an 8 GB file...

  Upload (local -> mounted)
  - Nautilus/Nemo -> 6 MB/s
  - rsync -> 50-60 MB/s

  Download performance is also strange, but not my biggest concern.
  Download (mounted -> local)
  - Nautilus/Nemo -> 90 MB/s
  - rsync -> 50-60 MB/s

  rsync command (upload):
  rsync --progress /home/me/file.iso /mnt/cifs_media/

  fstab entry:
  //nas/media /mnt/cifs_media cifs 
vers=3.0,uid=me,gid=me,credentials=/home/me/.smbcredentials,dir_mode=0700,file_mode=0700
 0 0

  Any idea, why Nautilus is uploading up to 10 times more slowly than
  rsync, although both using the same cifs, os, hardware, network etc.?

  PS: Further info for bug report
  1) The release of Ubuntu: Ubuntu 18.04 LTS
  2) The version of the package: Nautilus 3.26.3
  3) What you expected to happen: At least same speed as with using rsync
  4) What happened instead: See above

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/1782535/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1772898] Re: [SRU] New stable release 1.14.1

2019-06-13 Thread Łukasz Zemczak 
** Changed in: gst-plugins-base1.0 (Ubuntu Bionic)
   Status: Fix Released => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1772898

Title:
  [SRU] New stable release 1.14.1

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-bad1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-base1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-good1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-ugly1.0 source package in Bionic:
  Fix Released
Status in gst-python1.0 source package in Bionic:
  Fix Released
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Released
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Released
Status in gstreamer-vaapi source package in Bionic:
  Fix Released
Status in gstreamer1.0 source package in Bionic:
  Fix Released

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  One of the fixes could be bad. Watch out for it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1772898/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1829366] Please test proposed package

2019-06-13 Thread Łukasz Zemczak 
Hello Iain, or anyone else affected,

Accepted gst-python1.0 into bionic-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/gst-
python1.0/1.14.4-1~ubuntu18.04.1 in a few hours, and then in the
-proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: gst-libav1.0 (Ubuntu Bionic)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1829366

Title:
  [SRU]  Bugfix release 1.14.4

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-bad1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-base1.0 source package in Bionic:
  In Progress
Status in gst-plugins-good1.0 source package in Bionic:
  Fix Committed
Status in gst-plugins-ugly1.0 source package in Bionic:
  Fix Committed
Status in gst-python1.0 source package in Bionic:
  Fix Committed
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Committed
Status in gstreamer-vaapi source package in Bionic:
  Fix Committed
Status in gstreamer1.0 source package in Bionic:
  Fix Committed

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  If one of the fixes is bad then it might break video or audio
  playback, or could crash any application that tries to use gstreamer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1829366/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1772898] Re: [SRU] New stable release 1.14.1

2019-06-13 Thread Łukasz Zemczak 
Hello Iain, or anyone else affected,

Accepted gst-plugins-bad1.0 into bionic-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/gst-
plugins-bad1.0/1.14.4-1ubuntu1~ubuntu18.04.1 in a few hours, and then in
the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: gst-plugins-good1.0 (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

** Changed in: gst-plugins-base1.0 (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1772898

Title:
  [SRU] New stable release 1.14.1

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-bad1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-base1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-good1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-ugly1.0 source package in Bionic:
  Fix Released
Status in gst-python1.0 source package in Bionic:
  Fix Released
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Released
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Released
Status in gstreamer-vaapi source package in Bionic:
  Fix Released
Status in gstreamer1.0 source package in Bionic:
  Fix Released

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  One of the fixes could be bad. Watch out for it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1772898/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1772898] Re: [SRU] New stable release 1.14.1

2019-06-13 Thread Łukasz Zemczak 
The three packages that have been just marked as 'Fix Committed' here
are just mix-ins in the .changes files for the 1.14.4 version SRUs. The
1.14.1 version already landed in bionic some time ago. Changing those
back to Fix Released and switching to verification-done.

SRU members: please generally ignore this bug for the SRU.

** Tags removed: verification-needed verification-needed-bionic
** Tags added: verification-done verification-done-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in
Ubuntu.
https://bugs.launchpad.net/bugs/1772898

Title:
  [SRU] New stable release 1.14.1

Status in gst-libav1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-bad1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-base1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-good1.0 package in Ubuntu:
  Fix Released
Status in gst-plugins-ugly1.0 package in Ubuntu:
  Fix Released
Status in gst-python1.0 package in Ubuntu:
  Fix Released
Status in gst-rtsp-server1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-editing-services1.0 package in Ubuntu:
  Fix Released
Status in gstreamer-vaapi package in Ubuntu:
  Fix Released
Status in gstreamer1.0 package in Ubuntu:
  Fix Released
Status in gst-libav1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-bad1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-base1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-good1.0 source package in Bionic:
  Fix Released
Status in gst-plugins-ugly1.0 source package in Bionic:
  Fix Released
Status in gst-python1.0 source package in Bionic:
  Fix Released
Status in gst-rtsp-server1.0 source package in Bionic:
  Fix Released
Status in gstreamer-editing-services1.0 source package in Bionic:
  Fix Released
Status in gstreamer-vaapi source package in Bionic:
  Fix Released
Status in gstreamer1.0 source package in Bionic:
  Fix Released

Bug description:
  [ Description ]

  We should keep up with GStreamer's bugfix releases in the 1.14 series
  that 18.04 shipped with.

  [ QA and testing ]

  Play a range of videos in Totem. Play a range of audio tracks in
  Rhythmbox. Try to stream audio and/or video. Try to install a missing
  codec.

  In all cases, make sure that everything which worked before still
  works.

  [ Regression potential ]

  One of the fixes could be bad. Watch out for it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gst-libav1.0/+bug/1772898/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1826459] Re: systemd-networkd not installing GatewayOnlink=true

2019-06-13 Thread sascha arthur 
** Changed in: netplan
   Status: Invalid => New

** Changed in: systemd (Ubuntu)
   Status: Incomplete => Opinion

** Changed in: systemd (Ubuntu)
   Status: Opinion => New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1826459

Title:
  systemd-networkd not installing GatewayOnlink=true

Status in netplan:
  New
Status in systemd package in Ubuntu:
  New

Bug description:
  root@search-3 /run/systemd/network # for i in *; do echo $i; echo; cat $i; 
done ; sudo service systemd-networkd stop; SYSTEMD_LOG_LEVEL=debug 
/lib/systemd/systemd-networkd
  10-netplan-enp0s31f6.network

  [Match]
  Name=enp0s31f6

  [Network]
  LinkLocalAddressing=ipv6
  Address=95.216.96.148/26
  Gateway=95.216.96.129
  DNS=8.8.8.8
  DNS=1.1.1.1
  Domains=148.96.216.95.clients.your-server.de
  VLAN=vlan4000

  [Route]
  Destination=95.216.96.148/26
  Gateway=95.216.96.129
  GatewayOnlink=true
  10-netplan-vlan4000.netdev

  [NetDev]
  Name=vlan4000
  MTUBytes=1400
  Kind=vlan

  [VLAN]
  Id=4000
  10-netplan-vlan4000.network

  [Match]
  Name=vlan4000

  [Network]
  LinkLocalAddressing=ipv6
  Address=10.0.2.3/24
  ConfigureWithoutCarrier=yes
  Failed to read $container of PID 1, ignoring: Permission denied
  Found container virtualization none.
  Bus n/a: changing state UNSET → OPENING
  Bus n/a: changing state OPENING → AUTHENTICATING
  Failed to open configuration file '/etc/systemd/networkd.conf': No such file 
or directory
  timestamp of '/etc/systemd/network' changed
  timestamp of '/run/systemd/network' changed
  Ignoring /run/systemd/network/10-netplan-enp0s31f6.network, because it's not 
a regular file with suffix .netdev.
  Ignoring /run/systemd/network/10-netplan-vlan4000.network, because it's not a 
regular file with suffix .netdev.
  Ignoring /lib/systemd/network/99-default.link, because it's not a regular 
file with suffix .netdev.
  Ignoring /lib/systemd/network/80-container-vz.network, because it's not a 
regular file with suffix .netdev.
  Ignoring /lib/systemd/network/80-container-ve.network, because it's not a 
regular file with suffix .netdev.
  Ignoring /lib/systemd/network/80-container-host0.network, because it's not a 
regular file with suffix .netdev.
  vlan4000: loaded vlan
  Ignoring /run/systemd/network/10-netplan-vlan4000.netdev, because it's not a 
regular file with suffix .network.
  Ignoring /lib/systemd/network/99-default.link, because it's not a regular 
file with suffix .network.
  tun0: MAC address not found for new device, continuing without
  tun0: Flags change: +UP +LOWER_UP +RUNNING +MULTICAST +POINTOPOINT +NOARP
  tun0: Link 12 added
  tun0: udev initialized link
  tun0: Saved original MTU: 1500
  veth20a5a67: Flags change: +UP +LOWER_UP +RUNNING +MULTICAST +BROADCAST
  veth20a5a67: Link 8 added
  veth20a5a67: udev initialized link
  veth20a5a67: Saved original MTU: 1500
  vlan4000: Flags change: +UP +LOWER_UP +RUNNING +MULTICAST +BROADCAST
  vlan4000: Link 6 added
  vlan4000: udev initialized link
  vlan4000: netdev has index 6
  vlan4000: Saved original MTU: 1400
  br-c7cc901345e8: Flags change: +UP +LOWER_UP +RUNNING +MULTICAST +BROADCAST
  br-c7cc901345e8: Link 5 added
  br-c7cc901345e8: udev initialized link
  br-c7cc901345e8: Saved original MTU: 1500
  docker0: Flags change: +UP +MULTICAST +BROADCAST
  docker0: Link 3 added
  docker0: udev initialized link
  docker0: Saved original MTU: 1500
  enp0s31f6: Flags change: +UP +LOWER_UP +RUNNING +MULTICAST +BROADCAST
  enp0s31f6: Link 2 added
  enp0s31f6: udev initialized link
  enp0s31f6: Saved original MTU: 1500
  lo: Flags change: +LOOPBACK +UP +LOWER_UP +RUNNING
  lo: Link 1 added
  lo: udev initialized link
  lo: Saved original MTU: 0
  vlan4000: Adding address: fe80::921b:eff:fe93:5015/64 (valid forever)
  vlan4000: Gained IPv6LL
  tun0: Adding address: 10.0.0.13/24 (valid forever)
  vlan4000: Adding address: 10.0.2.3/24 (valid forever)
  br-c7cc901345e8: Adding address: 172.18.0.1/16 (valid forever)
  docker0: Adding address: 172.17.0.1/16 (valid forever)
  enp0s31f6: Adding address: 95.216.96.148/26 (valid forever)
  lo: Adding address: 127.0.0.1/8 (valid forever)
  rtnl: received address with invalid family 129, ignoring
  Enumeration completed
  Bus n/a: changing state AUTHENTICATING → HELLO
  Sent message type=method_call sender=n/a destination=org.freedesktop.DBus 
path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=Hello cookie=1 
reply_cookie=0 signature=n/a error-name=n/a error-message=n/a
  Sent message type=method_call sender=n/a destination=org.freedesktop.DBus 
path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=RequestName 
cookie=2 reply_cookie=0 signature=su error-name=n/a error-message=n/a
  Sent message type=method_call sender=n/a destination=org.freedesktop.DBus 
path=/org/freedesktop/DBus interface=org.freedesktop.DBus member=AddMatch 
cookie=3

[Touch-packages] [Bug 1796501] Re: systemd-resolved tries to mitigate DVE-2018-0001 even if DNSSEC=yes

2019-06-13 Thread Bryan Quigley 
I grabbed the top 500 hosts in an Eaon LXD container with DNS=1.1.1.1
wget -O top500.csv https://moz.com/top-500/download/?table=top500Domains
cut -d, -f2 < top500.csv | cut -d\" -f2 > top500

I ran this script twice (with and without dnssec=yes):
while read p; do
  sleep 1
  echo "$p"
  resolvectl query $p > with_dnssec/$p
done https://bugs.launchpad.net/bugs/1796501

Title:
  systemd-resolved tries to mitigate DVE-2018-0001 even if DNSSEC=yes

Status in systemd package in Ubuntu:
  In Progress
Status in systemd source package in Bionic:
  In Progress
Status in systemd source package in Cosmic:
  In Progress
Status in systemd source package in Disco:
  In Progress

Bug description:
  I ask systemd-resolved through dig to resolve the SOA of test.asdf. (doesn't 
exist) but it returns SERVFAIL instead of NXDOMAIN. It seems to do the 
following steps:
  1. Ask upstream for SOA of test.asdf. with EDNS0, DO-bit and 4k size.
  2. Ask upstream for SOA of test.asdf. with EDNS0 and DO-bit.
  3. Ask upstream for SOA of test.asdf. with EDNS0.
  4. Ask upstream for SOA of test.asdf. without EDNS0.
  5. Repeat 1-4 for DS of test.asdf.
  6. Repeat 1-5 for asdf.
  7. Ask upstream for SOA of . with EDNS0, DO-bit and 4k size.
  8. Ask upstream for DNSKEY of . with EDNS0, DO-bit and 4k size.

  The upstream returns an unfragmented NXDOMAIN response for steps 1-6,
  an unfragmented NOERROR response for step 7 and a fragmented NOERROR
  response for step 8 which is the correct behaviour. DNSSEC records are
  included in the response if the DO-bit in the request was set.

  systemd-resolved should take the response from step 1 and start with
  validation instead of starting useless retries with reduced feture
  set. Step 3 and 4 are completely useless and probably lead to the
  SERVFAIL because I have configured it with DNSSEC=yes to prevent
  downgrade attacks.

  This regression seems to be caused by the patch resolved-Mitigate-
  DVE-2018-0001-by-retrying-NXDOMAIN-with.patch. The downgrade logic
  should only be executed if it is configured as DNSSEC=allow-downgrade
  or DNSSEC=no. See also
  https://github.com/systemd/systemd/pull/8608#issuecomment-396927885.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796501/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832787] [NEW] fontconfig 2.12 in 18.04 causes firefox to freeze when launching chrome

2019-06-13 Thread Jason Pleau 
Public bug reported:

fontconfig version: 2.12.6-0ubuntu2

Related:

https://askubuntu.com/questions/1076412/firefox-freezing-with-100-cpu-
usage-for-30-seconds-when-launching-chromium

https://bugzilla.mozilla.org/show_bug.cgi?id=1495900

https://bugzilla.mozilla.org/show_bug.cgi?id=1411338


Steps to reproduce:

1) Launch firefox, open a few tabs

2) Launch chrome

3) Go back to firefox, and notice it starts being very slow, switching
tabs do nothing (the content area remains blank).

4) Backport fontconfig 2.13 from cosmic to bionic

5) Try to reproduce 1-3, be happy because it is now working fine!


I backported 2.13.0-5ubuntu3 from cosmic to bionic, if that helps. I don't have 
the right setup right now to do a bisect from upstream or from debian patches 
sadly.

~ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:Ubuntu 18.04.2 LTS
Release:18.04
Codename:   bionic

** Affects: fontconfig (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to fontconfig in Ubuntu.
https://bugs.launchpad.net/bugs/1832787

Title:
  fontconfig 2.12 in 18.04 causes firefox to freeze when launching
  chrome

Status in fontconfig package in Ubuntu:
  New

Bug description:
  fontconfig version: 2.12.6-0ubuntu2

  Related:

  https://askubuntu.com/questions/1076412/firefox-freezing-with-100-cpu-
  usage-for-30-seconds-when-launching-chromium

  https://bugzilla.mozilla.org/show_bug.cgi?id=1495900

  https://bugzilla.mozilla.org/show_bug.cgi?id=1411338

  
  Steps to reproduce:

  1) Launch firefox, open a few tabs

  2) Launch chrome

  3) Go back to firefox, and notice it starts being very slow, switching
  tabs do nothing (the content area remains blank).

  4) Backport fontconfig 2.13 from cosmic to bionic

  5) Try to reproduce 1-3, be happy because it is now working fine!

  
  I backported 2.13.0-5ubuntu3 from cosmic to bionic, if that helps. I don't 
have the right setup right now to do a bisect from upstream or from debian 
patches sadly.

  ~ lsb_release -a
  No LSB modules are available.
  Distributor ID:   Ubuntu
  Description:  Ubuntu 18.04.2 LTS
  Release:  18.04
  Codename: bionic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/fontconfig/+bug/1832787/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Re: [Touch-packages] [Bug 1832397] Re: dbus errors and running older version

2019-06-13 Thread Dorian Rosse 
You dream an easiest issue go to ubuntu kernel then you will see kernel
5.1.9

Télécharger Outlook pour Android


From: boun...@canonical.com  on behalf of Marc 
Deslauriers 
Sent: Wednesday, June 12, 2019 9:17:06 PM
To: dorianbr...@hotmail.fr
Subject: [Bug 1832397] Re: dbus errors and running older version

> If you go to It Linux kernel web page you see kernel is at 5.1.x

Your issues are caused by the fact that you're running an unsupported
kernel that isn't configured to work properly with Ubuntu. Please switch
back to running a proper Ubuntu kernel.

--
You received this bug notification because you are subscribed to the bug
report.
https://bugs.launchpad.net/bugs/1832397

Title:
  dbus errors and running older version

Status in dbus package in Ubuntu:
  Incomplete

Bug description:
  Hello,


  I am running this older version :

  Traitement des actions différées (« triggers ») pour dbus
  (1.12.2-1ubuntu1) ...


  I have errors as following :

  Failed to open connection to "system" message bus: Did not receive a
  reply. Possible causes include: the remote application did not send a
  reply, the message bus security policy blocked the reply, the reply
  timeout expired, or the network connection was broken.


  Thank you in advance to help me debugg dbus then update It,

  Regards.


  Dorian ROSSE.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1832397/+subscriptions

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1832397

Title:
  dbus errors and running older version

Status in dbus package in Ubuntu:
  Incomplete

Bug description:
  Hello,

  
  I am running this older version :

  Traitement des actions différées (« triggers ») pour dbus
  (1.12.2-1ubuntu1) ...

  
  I have errors as following :

  Failed to open connection to "system" message bus: Did not receive a
  reply. Possible causes include: the remote application did not send a
  reply, the message bus security policy blocked the reply, the reply
  timeout expired, or the network connection was broken.

  
  Thank you in advance to help me debugg dbus then update It,

  Regards.

  
  Dorian ROSSE.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1832397/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1825940] Re: [graphics] Enable ICL

2019-06-13 Thread Rex Tsai 
** Tags added: icelake

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1825940

Title:
  [graphics] Enable ICL

Status in intel:
  Fix Committed
Status in linux package in Ubuntu:
  Confirmed
Status in linux-oem-osp1 package in Ubuntu:
  New
Status in mesa package in Ubuntu:
  Fix Released
Status in linux source package in Bionic:
  Invalid
Status in linux-oem-osp1 source package in Bionic:
  New
Status in mesa source package in Bionic:
  New

Bug description:
  [Impact]
  Ice Lake (ICL) graphics needs to be enabled for OEM OSP1 image which is based 
on 18.04.3 graphics stack with linux-oem-osp1 kernel.

  
  [Test case]
  The usual desktop usage, graphics tests etc.

  
  [Regression potential]
  Linux-oem-osp1 kernel is a new kernel used only on new OEM enablements, and 
it can't regress any currently running system.

  Mesa backports are limited to ICL, so they shouldn't regress earlier
  generations either.

  --

  Original description:

  ICL graphics is not enabled in 19.04.
  if you want to use 19.04 on ICL platform, you need do like this

  Add kernel option
  i915.alpha_support=1

  Target Release:19.10
  Target Kernel: 5.2
  Target Mesa: 19.1

To manage notifications about this bug go to:
https://bugs.launchpad.net/intel/+bug/1825940/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1831688] Re: Flickering triangles in OpenGL apps on Radeon KAVERI

2019-06-13 Thread Velnias 
Either the latest git version or my - very rare - cold reboot solved it.
I don't know, but the errors are away :-)

** Changed in: mesa (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1831688

Title:
  Flickering triangles in OpenGL apps on Radeon KAVERI

Status in mesa package in Ubuntu:
  Invalid

Bug description:
  On (K)Ubuntu 18.04 I get strange triangles in almost all (I guess in
  all) apps using OpenGL.

  glxinfo | grep 'string\|version' prints the following:

  server glx vendor string: SGI
  server glx version string: 1.4
  client glx vendor string: Mesa Project and SGI
  client glx version string: 1.4
  GLX version: 1.4
  Max core profile version: 4.5
  Max compat profile version: 4.5
  Max GLES1 profile version: 1.1
  Max GLES[23] profile version: 3.2
  OpenGL vendor string: X.Org
  OpenGL renderer string: AMD KAVERI (DRM 2.50.0, 5.0.0-16-generic, LLVM 8.0.0)
  OpenGL core profile version string: 4.5 (Core Profile) Mesa 19.2.0-devel 
(git-73dda85 2019-06-04 bionic-oibaf-ppa)
  OpenGL core profile shading language version string: 4.50
  OpenGL version string: 4.5 (Compatibility Profile) Mesa 19.2.0-devel 
(git-73dda85 2019-06-04 bionic-oibaf-ppa)
  OpenGL shading language version string: 4.50
  OpenGL ES profile version string: OpenGL ES 3.2 Mesa 19.2.0-devel 
(git-73dda85 2019-06-04 bionic-oibaf-ppa)
  OpenGL ES profile shading language version string: OpenGL ES GLSL ES 3.20

  lshw -C display:

   *-display
 description: VGA compatible controller
 product: Kaveri [Radeon R5 Graphics]
 vendor: Advanced Micro Devices, Inc. [AMD/ATI]
 physical id: 1
 bus info: pci@:00:01.0
 version: 00
 width: 64 bits
 clock: 33MHz
 capabilities: pm pciexpress msi vga_controller bus_master cap_list rom
 configuration: driver=radeon latency=0
 resources: irq:43 memory:e000-efff memory:f000-f07f 
ioport:f000(size=256) memory:feb0-feb3 memory:c-d

  journalctl -p err -xb:

  Jun 04 15:51:49 alischa kernel: ACPI BIOS Error (bug): Could not resolve 
[\_SB.PCI0.VGA.LCD._BCM.AFN7], AE_NOT_FOUND (20181213/psargs-330)
  Jun 04 15:51:49 alischa kernel: ACPI Error: Method parse/execution failed 
\_SB.PCI0.VGA.LCD._BCM, AE_NOT_FOUND (20181213/psparse-531)
  Jun 04 15:51:49 alischa kernel: ACPI Error: Evaluating _BCM failed 
(20181213/video-364)

  Note on oibaf-ppa: the same happens also with the standard repository
  packages and using this PPA was an attempt to fix the problem.

  I can reproduce this bug in Minecraft (see attached screenshot),
  Stellarium, and in Firefox with the page https://deck.gl/#/examples
  /core-layers/geojson-layer-paths

  I tried all combinations of graphics drivers. fbdev finally used
  software rendering (I think it was llvmpipe), which worked correct at
  the expense of a very low frame rate.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mesa/+bug/1831688/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832672] [NEW] systemd-resolve not ignoring comments in /etc/hosts

2019-06-13 Thread Bruno 
Public bug reported:

$ lsb_release -rd
Description:Ubuntu 18.04.2 LTS
Release:18.04

$ LANG=C apt-cache policy systemd
systemd:
  Installed: 237-3ubuntu10.22
  Candidate: 237-3ubuntu10.22
  Version table:
 *** 237-3ubuntu10.22 500
500 http://ch.archive.ubuntu.com/ubuntu bionic-updates/main amd64 
Packages
100 /var/lib/dpkg/status
 237-3ubuntu10.19 500
500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 
Packages
 237-3ubuntu10 500
500 http://ch.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
500 http://mirrors.kernel.org/ubuntu bionic/main amd64 Packages


$ head -1 /etc/hosts
127.0.2.1 foo # bar

$ /usr/bin/systemd-resolve -4 bar

expected
--
bar: resolve call failed: 'bar' not found

What happened instead
-
bar: 127.0.2.1


HOSTS(5)  
> Text from a "#" character until the end of the line is a comment, and is 
> ignored.

This is fixed in upstream:
https://github.com/systemd/systemd/issues/10779
https://github.com/systemd/systemd/commit/bd0052777981044cf54a1e9d6e3acb1c3d813656

Please backport to current LTS version.
I accidentally connected to wrong systems because of this bug.

** Affects: systemd (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: hosts systemd-resolve

** Summary changed:

- systemd-resolve not ignoring comments /etc/hosts
+ systemd-resolve not ignoring comments in /etc/hosts

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1832672

Title:
  systemd-resolve not ignoring comments in /etc/hosts

Status in systemd package in Ubuntu:
  New

Bug description:
  $ lsb_release -rd
  Description:  Ubuntu 18.04.2 LTS
  Release:  18.04

  $ LANG=C apt-cache policy systemd
  systemd:
Installed: 237-3ubuntu10.22
Candidate: 237-3ubuntu10.22
Version table:
   *** 237-3ubuntu10.22 500
  500 http://ch.archive.ubuntu.com/ubuntu bionic-updates/main amd64 
Packages
  100 /var/lib/dpkg/status
   237-3ubuntu10.19 500
  500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 
Packages
   237-3ubuntu10 500
  500 http://ch.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
  500 http://mirrors.kernel.org/ubuntu bionic/main amd64 Packages

  
  $ head -1 /etc/hosts
  127.0.2.1 foo # bar

  $ /usr/bin/systemd-resolve -4 bar

  expected
  --
  bar: resolve call failed: 'bar' not found

  What happened instead
  -
  bar: 127.0.2.1


  HOSTS(5)  
  > Text from a "#" character until the end of the line is a comment, and is 
ignored.

  This is fixed in upstream:
  https://github.com/systemd/systemd/issues/10779
  
https://github.com/systemd/systemd/commit/bd0052777981044cf54a1e9d6e3acb1c3d813656

  Please backport to current LTS version.
  I accidentally connected to wrong systems because of this bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1832672/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832798] [NEW] Better qt experience out of the box (suggestion)

2019-06-13 Thread Carlos Pita 
Public bug reported:

(I'm unsure about the right package to report this to)

The qt experience out of the box is currently a mess. Short of proper
Yaru integration, why not install qt5ct with consistent Ubuntu fonts and
icons and Breeze by default? Every qt app will work just fine with
Breeze. Currently we’re exposing a newcomer that barely knows that gtk
and qt are things, let alone different things, to a difficult manual
configuration process that’s not even well documented. That’s much worse
than theme integration issues. A new user wanting to launch lyx or
qbittorrent should just launch lyx or qbittorrent and have a pleasant
experience. That’s not so hard:

* Preinstall kde-style-breeze and qt5ct
* Set ubuntu fonts, dialogs and icons in qt5ct
* Add
export QT_QPA_PLATFORMTHEME=qt5ct
export QT_AUTO_SCREEN_SCALE_FACTOR=1
  to the default profile.

** Affects: ubuntu-meta (Ubuntu)
 Importance: Undecided
 Status: New

** Description changed:

  (I'm unsure about the right package to report this to)
  
  The qt experience out of the box is currently a mess. Short of proper
  Yaru integration, why not install qt5ct with consistent Ubuntu fonts and
  icons and Breeze by default? Every qt app will work just fine with
  Breeze. Currently we’re exposing a newcomer that barely knows gtk and qt
  are things, let alone different things, to a difficult manual
  configuration process that’s not even well documented. That’s much worse
  than theme integration issues. A new user wanting to launch lyx or
  qbittorrent should just launch lyx or qbittorrent and have a pleasant
  experience. That’s not so hard:
  
- Preinstall kde-style-breeze and qt5ct
- Set ubuntu fonts, dialogs and icons in qt5ct
- Add
- export QT_QPA_PLATFORMTHEME=qt5ct
- export QT_AUTO_SCREEN_SCALE_FACTOR=1
- 
- to the default profile.
+ * Preinstall kde-style-breeze and qt5ct
+ * Set ubuntu fonts, dialogs and icons in qt5ct
+ * Add
+ export QT_QPA_PLATFORMTHEME=qt5ct
+ export QT_AUTO_SCREEN_SCALE_FACTOR=1
+   to the default profile.

** Description changed:

  (I'm unsure about the right package to report this to)
  
  The qt experience out of the box is currently a mess. Short of proper
  Yaru integration, why not install qt5ct with consistent Ubuntu fonts and
  icons and Breeze by default? Every qt app will work just fine with
- Breeze. Currently we’re exposing a newcomer that barely knows gtk and qt
- are things, let alone different things, to a difficult manual
+ Breeze. Currently we’re exposing a newcomer that barely knows that gtk
+ and qt are things, let alone different things, to a difficult manual
  configuration process that’s not even well documented. That’s much worse
  than theme integration issues. A new user wanting to launch lyx or
  qbittorrent should just launch lyx or qbittorrent and have a pleasant
  experience. That’s not so hard:
  
  * Preinstall kde-style-breeze and qt5ct
  * Set ubuntu fonts, dialogs and icons in qt5ct
  * Add
- export QT_QPA_PLATFORMTHEME=qt5ct
- export QT_AUTO_SCREEN_SCALE_FACTOR=1
-   to the default profile.
+ export QT_QPA_PLATFORMTHEME=qt5ct
+ export QT_AUTO_SCREEN_SCALE_FACTOR=1
+   to the default profile.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1832798

Title:
  Better qt experience out of the box (suggestion)

Status in ubuntu-meta package in Ubuntu:
  New

Bug description:
  (I'm unsure about the right package to report this to)

  The qt experience out of the box is currently a mess. Short of proper
  Yaru integration, why not install qt5ct with consistent Ubuntu fonts
  and icons and Breeze by default? Every qt app will work just fine with
  Breeze. Currently we’re exposing a newcomer that barely knows that gtk
  and qt are things, let alone different things, to a difficult manual
  configuration process that’s not even well documented. That’s much
  worse than theme integration issues. A new user wanting to launch lyx
  or qbittorrent should just launch lyx or qbittorrent and have a
  pleasant experience. That’s not so hard:

  * Preinstall kde-style-breeze and qt5ct
  * Set ubuntu fonts, dialogs and icons in qt5ct
  * Add
  export QT_QPA_PLATFORMTHEME=qt5ct
  export QT_AUTO_SCREEN_SCALE_FACTOR=1
    to the default profile.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1832798/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832802] [NEW] disco: curl error while loading shared libraries: libssl.so.1.0.0

2019-06-13 Thread Berg Lloyd-Haig 
Public bug reported:

Linux 5.0.0-16-generic #17-Ubuntu SMP Wed May 15 10:52:21 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
DISTRIB_RELEASE=19.04
DISTRIB_DESCRIPTION="Ubuntu 19.04"

curl:
  Installed: 7.64.0-2ubuntu1.1
  Candidate: 7.64.0-2ubuntu1.1
  Version table:
 *** 7.64.0-2ubuntu1.1 1001
   1001 http://security.ubuntu.com/ubuntu disco-security/main amd64 Packages
   1001 http://mirror.aarnet.edu.au/pub/ubuntu/archive disco-updates/main 
amd64 Packages
100 /var/lib/dpkg/status
 7.64.0-2ubuntu1 1001
   1001 http://mirror.aarnet.edu.au/pub/ubuntu/archive disco/main amd64 
Packages


When I run curl, I get the following error:

curl: error while loading shared libraries: libssl.so.1.0.0: cannot open
shared object file: No such file or directory

On other disco machines I'm not experiencing this issue. I apt purged
openssl/libssl/curl and re-installed, but the error persists. I'm sure
my system has some issue, but I'm unable to figure it out, and this felt
like a bug as curl was working before upgrade to disco.

I tried proposed packages to see if openssl 1.1.1b-1ubuntu2.2 instead of
1.1.1b-1ubuntu2 would make any difference, but the error persists.

me@mbp:/usr/lib/x86_64-linux-gnu$ curl
curl: error while loading shared libraries: libssl.so.1.0.0: cannot open shared 
object file: No such file or directory

me@mbp:/usr/lib/x86_64-linux-gnu$ which curl
/usr/bin/curl

me@mbp:/usr/lib/x86_64-linux-gnu$ sudo dpkg -l | grep curl
ii  curl
7.64.0-2ubuntu1.1   amd64command line tool for 
transferring data with URL syntax
ii  libcurl3-gnutls:amd64   
7.64.0-2ubuntu1.1   amd64easy-to-use 
client-side URL transfer library (GnuTLS flavour)
ii  libcurl4:amd64  
7.64.0-2ubuntu1.1   amd64easy-to-use 
client-side URL transfer library (OpenSSL flavour)
ii  python3-pycurl  7.43.0.2-0.1
amd64Python bindings to libcurl (Python 3)

me@mbp:/usr/lib/x86_64-linux-gnu$ sudo dpkg -l | grep ssl
ii  android-libboringssl8.1.0+r23-2 
amd64Google's internal fork of OpenSSL for 
the Android SDK
rc  docbook-dsssl   1.79-9.1
all  modular DocBook DSSSL stylesheets, for 
print and HTML
ii  libflac++6v5:amd64  1.3.2-3 
amd64Free Lossless Audio Codec - C++ 
runtime library
ii  libflac8:amd64  1.3.2-3 
amd64Free Lossless Audio Codec - runtime C 
library
ii  libflac8:i386   1.3.2-3 
i386 Free Lossless Audio Codec - runtime C 
library
ii  libio-socket-ssl-perl   2.060-3 
all  Perl module implementing object 
oriented interface to SSL sockets
ii  libnet-smtp-ssl-perl1.04-1  
all  Perl module providing SSL support to 
Net::SMTP
ii  libnet-ssleay-perl  1.85-2ubuntu3   
amd64Perl module for Secure Sockets Layer 
(SSL)
ii  libssl-dev:amd64
1.1.1b-1ubuntu2.2   amd64Secure Sockets Layer 
toolkit - development files
ii  libssl1.1:amd64 
1.1.1b-1ubuntu2.2   amd64Secure Sockets Layer 
toolkit - shared libraries
ii  libssl1.1:i386  
1.1.1b-1ubuntu2.2   i386 Secure Sockets Layer 
toolkit - shared libraries
ii  libwavpack1:amd64   
5.1.0-5ubuntu0.1amd64audio codec (lossy and 
lossless) - library
ii  libwavpack1:i386
5.1.0-5ubuntu0.1i386 audio codec (lossy and 
lossless) - library
ii  libzstd1:amd64  1.3.8+dfsg-3
amd64fast lossless compression algorithm
ii  libzstd1:i386   1.3.8+dfsg-3
i386 fast lossless compression algorithm
ii  openssl 
1.1.1b-1ubuntu2.2   amd64Secure Sockets Layer 
toolkit - cryptographic utility
ii  perl-openssl-defaults:amd64

[Touch-packages] [Bug 1832801] [NEW] disco: curl error while loading shared libraries: libssl.so.1.0.0

2019-06-13 Thread Berg Lloyd-Haig 
Public bug reported:

Linux 5.0.0-16-generic #17-Ubuntu SMP Wed May 15 10:52:21 UTC 2019 x86_64 
x86_64 x86_64 GNU/Linux
DISTRIB_RELEASE=19.04
DISTRIB_DESCRIPTION="Ubuntu 19.04"

curl:
  Installed: 7.64.0-2ubuntu1.1
  Candidate: 7.64.0-2ubuntu1.1
  Version table:
 *** 7.64.0-2ubuntu1.1 1001
   1001 http://security.ubuntu.com/ubuntu disco-security/main amd64 Packages
   1001 http://mirror.aarnet.edu.au/pub/ubuntu/archive disco-updates/main 
amd64 Packages
100 /var/lib/dpkg/status
 7.64.0-2ubuntu1 1001
   1001 http://mirror.aarnet.edu.au/pub/ubuntu/archive disco/main amd64 
Packages


When I run curl, I get the following error:

curl: error while loading shared libraries: libssl.so.1.0.0: cannot open
shared object file: No such file or directory

On other disco machines I'm not experiencing this issue. I apt purged
openssl/libssl/curl and re-installed, but the error persists. I'm sure
my system has some issue, but I'm unable to figure it out, and this felt
like a bug as curl was working before upgrade to disco.

I tried proposed packages to see if openssl 1.1.1b-1ubuntu2.2 instead of
1.1.1b-1ubuntu2 would make any difference, but the error persists.

me@mbp:/usr/lib/x86_64-linux-gnu$ curl
curl: error while loading shared libraries: libssl.so.1.0.0: cannot open shared 
object file: No such file or directory

me@mbp:/usr/lib/x86_64-linux-gnu$ which curl
/usr/bin/curl

me@mbp:/usr/lib/x86_64-linux-gnu$ sudo dpkg -l | grep curl
ii  curl
7.64.0-2ubuntu1.1   amd64command line tool for 
transferring data with URL syntax
ii  libcurl3-gnutls:amd64   
7.64.0-2ubuntu1.1   amd64easy-to-use 
client-side URL transfer library (GnuTLS flavour)
ii  libcurl4:amd64  
7.64.0-2ubuntu1.1   amd64easy-to-use 
client-side URL transfer library (OpenSSL flavour)
ii  python3-pycurl  7.43.0.2-0.1
amd64Python bindings to libcurl (Python 3)

me@mbp:/usr/lib/x86_64-linux-gnu$ sudo dpkg -l | grep ssl
ii  android-libboringssl8.1.0+r23-2 
amd64Google's internal fork of OpenSSL for 
the Android SDK
rc  docbook-dsssl   1.79-9.1
all  modular DocBook DSSSL stylesheets, for 
print and HTML
ii  libflac++6v5:amd64  1.3.2-3 
amd64Free Lossless Audio Codec - C++ 
runtime library
ii  libflac8:amd64  1.3.2-3 
amd64Free Lossless Audio Codec - runtime C 
library
ii  libflac8:i386   1.3.2-3 
i386 Free Lossless Audio Codec - runtime C 
library
ii  libio-socket-ssl-perl   2.060-3 
all  Perl module implementing object 
oriented interface to SSL sockets
ii  libnet-smtp-ssl-perl1.04-1  
all  Perl module providing SSL support to 
Net::SMTP
ii  libnet-ssleay-perl  1.85-2ubuntu3   
amd64Perl module for Secure Sockets Layer 
(SSL)
ii  libssl-dev:amd64
1.1.1b-1ubuntu2.2   amd64Secure Sockets Layer 
toolkit - development files
ii  libssl1.1:amd64 
1.1.1b-1ubuntu2.2   amd64Secure Sockets Layer 
toolkit - shared libraries
ii  libssl1.1:i386  
1.1.1b-1ubuntu2.2   i386 Secure Sockets Layer 
toolkit - shared libraries
ii  libwavpack1:amd64   
5.1.0-5ubuntu0.1amd64audio codec (lossy and 
lossless) - library
ii  libwavpack1:i386
5.1.0-5ubuntu0.1i386 audio codec (lossy and 
lossless) - library
ii  libzstd1:amd64  1.3.8+dfsg-3
amd64fast lossless compression algorithm
ii  libzstd1:i386   1.3.8+dfsg-3
i386 fast lossless compression algorithm
ii  openssl 
1.1.1b-1ubuntu2.2   amd64Secure Sockets Layer 
toolkit - cryptographic utility
ii  perl-openssl-defaults:amd64

[Touch-packages] [Bug 1726160] Re: On login, display rotates to wrong orientation [HP Pavilion]

2019-06-13 Thread Caya B 
Had this same problem on Acer Spin 1, with Intel Celeron CPU and Intel
HD Graphics 500 (Broxton). Removing iio-sensor-proxy fixed it perfectly!
Thank you!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1726160

Title:
  On login, display rotates to wrong orientation [HP Pavilion]

Status in IIO Sensor Proxy:
  Fix Released
Status in systemd:
  Fix Released
Status in iio-sensor-proxy package in Ubuntu:
  Invalid
Status in systemd package in Ubuntu:
  Fix Released
Status in iio-sensor-proxy source package in Bionic:
  Invalid
Status in systemd source package in Bionic:
  Triaged
Status in iio-sensor-proxy source package in Cosmic:
  Invalid
Status in systemd source package in Cosmic:
  Triaged
Status in iio-sensor-proxy source package in Disco:
  Invalid
Status in systemd source package in Disco:
  Fix Released

Bug description:
  I'm using a laptop, and on 17.04 the display always showed correctly,
  but after upgrading to 17.10,  when I log in the display rotates to
  the right (portrait), and I have to open a terminal and run 'xrandr -o
  1' to get it back to the correct (landscape) orientation. In previous
  versions 'xrandr -o 0' was landscape, and '1' was portrait the other
  way.

  ProblemType: Bug
  DistroRelease: Ubuntu 17.10
  Package: xorg 1:7.7+19ubuntu3
  ProcVersionSignature: Ubuntu 4.13.0-16.19-generic 4.13.4
  Uname: Linux 4.13.0-16-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia
  .proc.driver.nvidia.gpus..01.00.0: Error: [Errno 21] Is a directory: 
'/proc/driver/nvidia/gpus/:01:00.0'
  .proc.driver.nvidia.registry: Binary: ""
  .proc.driver.nvidia.version:
   NVRM version: NVIDIA UNIX x86_64 Kernel Module  340.104  Thu Sep 14 17:13:13 
PDT 2017
   GCC version:  gcc version 7.2.0 (Ubuntu 7.2.0-8ubuntu3)
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.20.7-0ubuntu3
  Architecture: amd64
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Sun Oct 22 15:15:08 2017
  DistUpgraded: 2017-10-22 14:17:00,381 DEBUG icon theme changed, re-reading
  DistroCodename: artful
  DistroVariant: ubuntu
  DkmsStatus:
   bbswitch, 0.8, 4.10.0-37-generic, x86_64: installed
   bbswitch, 0.8, 4.13.0-16-generic, x86_64: installed
   nvidia-340, 340.104, 4.10.0-37-generic, x86_64: installed
   nvidia-340, 340.104, 4.13.0-16-generic, x86_64: installed
  ExtraDebuggingInterest: Yes
  GraphicsCard:
   NVIDIA Corporation GT216M [GeForce GT 230M] [10de:0a28] (rev a2) (prog-if 00 
[VGA controller])
 Subsystem: Hewlett-Packard Company GT216M [GeForce GT 230M] [103c:363c]
  InstallationDate: Installed on 2017-01-11 (284 days ago)
  InstallationMedia: Ubuntu 16.10 "Yakkety Yak" - Release amd64 (20161012.2)
  LightdmDisplayLog: (II) Server terminated successfully (0). Closing log file.
  MachineType: Hewlett-Packard HP Pavilion dv7 Notebook PC
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.13.0-16-generic 
root=/dev/mapper/ubuntu--vg-root ro quiet splash
  SourcePackage: xorg
  Symptom: display
  UpgradeStatus: Upgraded to artful on 2017-10-22 (0 days ago)
  dmi.bios.date: 10/05/2010
  dmi.bios.vendor: Hewlett-Packard
  dmi.bios.version: F.1D
  dmi.board.asset.tag: Base Board Asset Tag
  dmi.board.name: 363C
  dmi.board.vendor: Hewlett-Packard
  dmi.board.version: 32.25
  dmi.chassis.type: 10
  dmi.chassis.vendor: Hewlett-Packard
  dmi.chassis.version: N/A
  dmi.modalias: 
dmi:bvnHewlett-Packard:bvrF.1D:bd10/05/2010:svnHewlett-Packard:pnHPPaviliondv7NotebookPC:pvr039D222412102:rvnHewlett-Packard:rn363C:rvr32.25:cvnHewlett-Packard:ct10:cvrN/A:
  dmi.product.family: 103C_5335KV
  dmi.product.name: HP Pavilion dv7 Notebook PC
  dmi.product.version: 039D222412102
  dmi.sys.vendor: Hewlett-Packard
  version.compiz: compiz 1:0.9.13.1+17.10.20170901-0ubuntu1
  version.libdrm2: libdrm2 2.4.83-1
  version.libgl1-mesa-dri: libgl1-mesa-dri 17.2.2-0ubuntu1
  version.libgl1-mesa-glx: libgl1-mesa-glx 17.2.2-0ubuntu1
  version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A
  version.xserver-xorg-core: xserver-xorg-core 2:1.19.5-0ubuntu2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.5-1ubuntu1
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.10.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20170309-0ubuntu1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.15-2

To manage notifications about this bug go to:
https://bugs.launchpad.net/iio-sensor-proxy/+bug/1726160/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832522] Update Released

2019-06-13 Thread Steve Langasek 
The verification of the Stable Release Update for openssl has completed
successfully and the package has now been released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832522

Title:
  openssl maintainer scripts do not trigger services restart

Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  Fix Released

Bug description:
  [Impact]

   * Major libssl ugprades require services to be restarted, for them to 
continue to function correctly at runtime.
   * The maintainer scripts were not adjusted to trigger.

  [Test Case]

   * Install bionic from release pocket and install ssl using daemon e.g. 
openssh-server libapache-mod-ssl
   * Upgrade libssl1.1
   * Ensure that services that use openssl are offered to be restarted.

  [Regression Potential]

   * We are rebuilding libssl1.1 and changing maintainer scripts. Given
  that we have missed upgrade trigger, we will ask users to restart
  services again even if they may have restarted them already.

  [Other Info]
   
   * Previous major libssl upgrade issue of similar nature was
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743889

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832522/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1832522] Re: openssl maintainer scripts do not trigger services restart

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package openssl - 1.1.1-1ubuntu2.1~18.04.2

---
openssl (1.1.1-1ubuntu2.1~18.04.2) bionic; urgency=medium

  * Cherrypick upstream patch to fix ca -spkac output to be text again.
LP: #1828215
  * Cherrypick upstream patch to prevent over long nonces in ChaCha20-Poly1305
CVE-2019-1543
  * Bump major version of OpenSSL in postinst to trigger services restart
upon upgrade. Many services listed there must be restarted when
upgrading 1.1.0 to 1.1.1. LP: #1832522

 -- Dimitri John Ledkov   Wed, 12 Jun 2019 00:12:47
+0100

** Changed in: openssl (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-1543

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1832522

Title:
  openssl maintainer scripts do not trigger services restart

Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  Fix Released

Bug description:
  [Impact]

   * Major libssl ugprades require services to be restarted, for them to 
continue to function correctly at runtime.
   * The maintainer scripts were not adjusted to trigger.

  [Test Case]

   * Install bionic from release pocket and install ssl using daemon e.g. 
openssh-server libapache-mod-ssl
   * Upgrade libssl1.1
   * Ensure that services that use openssl are offered to be restarted.

  [Regression Potential]

   * We are rebuilding libssl1.1 and changing maintainer scripts. Given
  that we have missed upgrade trigger, we will ask users to restart
  services again even if they may have restarted them already.

  [Other Info]
   
   * Previous major libssl upgrade issue of similar nature was
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743889

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1832522/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828215] Update Released

2019-06-13 Thread Steve Langasek 
The verification of the Stable Release Update for openssl has completed
successfully and the package has now been released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1828215

Title:
  openssl ca -spkac output regressed

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  Fix Released
Status in openssl source package in Cosmic:
  Fix Committed
Status in openssl source package in Disco:
  Fix Committed
Status in openssl source package in Eoan:
  Fix Committed

Bug description:
  [Impact]

   * openssl command line utility option parsing has regressed in
  1.1.0i+ and produces binary output, where text output is expected,
  breaking applications that parse that.

  [Test Case]

  Setup CA:
  $ apt install openssl
  $ mkdir -p  demoCA/private demoCA/newcerts
  $ touch demoCA/index.txt
  $ echo 01 > demoCA/serial

  $ openssl req -new -x509 -days 365 -newkey rsa:4096 -keyout
  demoCA/private/cakey.pem -out demoCA/cacert.pem

  # Use password test
  # Accept defaults for all other settings

  $ openssl req -new -days 365 -newkey rsa:4096 -keyout
  demoCA/sslkey.pem -out demoCA/sslcert.pem

  Generate regular request / key:
  # Use password test
  # Set common name to: example.com
  # Accept defaults for all other settings

  Generate spkac request:
  $ openssl spkac -key demoCA/sslkey.pem -out demoCA/sslcert.spkac
  $ cat <>demoCA/sslcert.spkac 
  countryName=AU
  stateOrProvinceName=Some-State
  organizationName=Internet Widgits Pty Ltd
  commonName=example.com
  EOF

  Sign spkac request:
  $ echo test | openssl ca -passin stdin -batch -spkac demoCA/sslcert.spkac 
-startdate 190121130654Z

  Expected: pure text output
  Unexpected: binary output for the signed cert

  
   Currently produces binary goop.

   Should produce PEM format Base64 encoded certificate data in a block 
surrounded
   with BEGIN/END certificate.

  [Regression Potential]

   * This is a regression in cosmic and up, and impeding regression in
  bionic with the upcoming 1.1.1 SRU. A bugfix exists upstream.

  [Other Info]

   * Originally reported
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1797386/comments/39

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1828215/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1828215] Re: openssl ca -spkac output regressed

2019-06-13 Thread Launchpad Bug Tracker 
This bug was fixed in the package openssl - 1.1.1-1ubuntu2.1~18.04.2

---
openssl (1.1.1-1ubuntu2.1~18.04.2) bionic; urgency=medium

  * Cherrypick upstream patch to fix ca -spkac output to be text again.
LP: #1828215
  * Cherrypick upstream patch to prevent over long nonces in ChaCha20-Poly1305
CVE-2019-1543
  * Bump major version of OpenSSL in postinst to trigger services restart
upon upgrade. Many services listed there must be restarted when
upgrading 1.1.0 to 1.1.1. LP: #1832522

 -- Dimitri John Ledkov   Wed, 12 Jun 2019 00:12:47
+0100

** Changed in: openssl (Ubuntu Bionic)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1828215

Title:
  openssl ca -spkac output regressed

Status in OpenSSL:
  Fix Released
Status in openssl package in Ubuntu:
  Fix Committed
Status in openssl source package in Bionic:
  Fix Released
Status in openssl source package in Cosmic:
  Fix Committed
Status in openssl source package in Disco:
  Fix Committed
Status in openssl source package in Eoan:
  Fix Committed

Bug description:
  [Impact]

   * openssl command line utility option parsing has regressed in
  1.1.0i+ and produces binary output, where text output is expected,
  breaking applications that parse that.

  [Test Case]

  Setup CA:
  $ apt install openssl
  $ mkdir -p  demoCA/private demoCA/newcerts
  $ touch demoCA/index.txt
  $ echo 01 > demoCA/serial

  $ openssl req -new -x509 -days 365 -newkey rsa:4096 -keyout
  demoCA/private/cakey.pem -out demoCA/cacert.pem

  # Use password test
  # Accept defaults for all other settings

  $ openssl req -new -days 365 -newkey rsa:4096 -keyout
  demoCA/sslkey.pem -out demoCA/sslcert.pem

  Generate regular request / key:
  # Use password test
  # Set common name to: example.com
  # Accept defaults for all other settings

  Generate spkac request:
  $ openssl spkac -key demoCA/sslkey.pem -out demoCA/sslcert.spkac
  $ cat <>demoCA/sslcert.spkac 
  countryName=AU
  stateOrProvinceName=Some-State
  organizationName=Internet Widgits Pty Ltd
  commonName=example.com
  EOF

  Sign spkac request:
  $ echo test | openssl ca -passin stdin -batch -spkac demoCA/sslcert.spkac 
-startdate 190121130654Z

  Expected: pure text output
  Unexpected: binary output for the signed cert

  
   Currently produces binary goop.

   Should produce PEM format Base64 encoded certificate data in a block 
surrounded
   with BEGIN/END certificate.

  [Regression Potential]

   * This is a regression in cosmic and up, and impeding regression in
  bionic with the upcoming 1.1.1 SRU. A bugfix exists upstream.

  [Other Info]

   * Originally reported
  https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1797386/comments/39

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssl/+bug/1828215/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp