Promoted with slightly more gusto:
Override component to main
volume-key 0.3.9-4 in bionic: universe/misc -> main
libvolume-key-dev 0.3.9-4 in bionic amd64: universe/libdevel/optional/100% ->
main
libvolume-key-dev 0.3.9-4 in bionic arm64: universe/libdevel/optional/100% ->
main
Override component to main
volume-key 0.3.9-4 in bionic amd64: universe/utils/optional/100% -> main
volume-key 0.3.9-4 in bionic arm64: universe/utils/optional/100% -> main
volume-key 0.3.9-4 in bionic armhf: universe/utils/optional/100% -> main
volume-key 0.3.9-4 in bionic i386:
MIR approved.
The new version synced from debian in bionic (UNAPPROVED) looks good
now, and appears to have corrected test suite issues:
18057438 | X- | volume-key | 0.3.9-4 | 6 hours
| * volume-key/0.3.9-4 Component: universe Section: misc
** Changed in:
it's synced now, so never mind "pre-upload"
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1754422
Title:
[MIR] volume-key
To manage notifications about this bug go to:
volume-key_0.3.9-4 is uploaded to unstable. Although I forgot to say it
in the changelog, it runs the tests fatally.
I'd still like some confirmation that my patch is OK, but assuming it is
- it could be synced.
cyphermox - any chance you could review it pre-upload and approve the
MIR on the
ok, just needed to be run as root, I asked jibel if he could test my
proposed package in ppa:laney/ppa, just waiting to hear back
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1754422
Title:
[MIR]
umm, that's nonsense, try "just needed to have a writable home
directory"
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1754422
Title:
[MIR] volume-key
To manage notifications about this bug go
** Also affects: volume-key (Ubuntu Bionic)
Importance: Undecided
Assignee: Mathieu Trudel-Lapierre (cyphermox)
Status: Incomplete
** Changed in: volume-key (Ubuntu Bionic)
Assignee: Mathieu Trudel-Lapierre (cyphermox) => Iain Lane (laney)
** Changed in: volume-key (Ubuntu
nein, it still fails even with this from a package build, but works when
you chroot in and run the test :(
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1754422
Title:
[MIR] volume-key
To manage
gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_LOOPBACK) fixes this,
apparently this is required with newer gpg, not sure where the right
place to put this is tho
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Have the tests been fixed? I really don't much like having things in
main that run tests but don't use the result; is there any way to just
ignore the test(s) that are really broken and otherwise keep the
remaining tests failing the build if they fail, such that we can catch a
possible regression?
I think we're just waiting on final approval from cyphermox now.
** Changed in: volume-key (Ubuntu)
Assignee: (unassigned) => Mathieu Trudel-Lapierre (cyphermox)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
> The tests shouldn't be failing in a brand-new project.
Sadly, the project is not new at all (although it's only in Debian now
because of udisks2). The current release packaged in Ubuntu, 0.3.9, was
released in 2012.
https://pagure.io/volume_key/commits/master
--
You received this bug
I reviewed volume-key version 0.3.9-3 as checked into bionic. This should
not be considered a full security audit but rather a quick gauge of
maintainability.
- No CVEs in our database.
- volume-key's main purpose is to provide some key escrow capabilities for
encrypted storage
-
The security review is underway. I'm sad that tracking this test case
failure down is as complicated as it is -- the code feels overly-
generic, tracking call chains through to where anything is *done* is
harder than other code bases. Each individual line of code looks fine
but getting a handle on
I reported the test failures upstream several days ago, but I haven't
gotten a response yet.
https://pagure.io/volume_key/issue/15
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1754422
Title:
can you be extra clear with us please - are you saying that this test
needs to be made to pass or we need to explain why it doesn't or what?
Are you planning to perform a security review?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Wild guess is this is a test that expects user input, and the input
never shows up?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1754422
Title:
[MIR] volume-key
To manage notifications about this
With this commit, I now get this error:
"Error creating passphrase-encrypted packet: GPGME: Bad passphrase"
https://salsa.debian.org/utopia-team/volume-key/commit/42207b3d
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I mean this part of the log seems like it's obviously not going to work.
---
To begin, type keys on the keyboard until this progress meter
is full. DO NOT USE THE AUTOREPEAT FUNCTION ON YOUR KEYBOARD!
Continue typing until the
- Why did this not fail the build?
Because then the build wouldn't work! I mentioned this in the MIR
description under Quality Assurance.
- Why did this fail?
I don't know. Once we know how to get the tests to pass, I'll be happy
to make test failures fail the build. (Currently, they're ignored
The tests run during the build failed on my machine yet the build did
not fail:
Error creating passphrase-encrypted packet: Unknown error getting encryption
result
FAIL tests/packet_roundtrips.sh (exit status: 1)
ok it's a bit more urgent than we thought --- AIUI this not being pulled
in by udisks2 is causing bug #1757321 which is a failure to unlock
encrypted usb devices. could the security team please review?
I'll add the subscribers now.
--
You received this bug notification because you are a member
Please fix:
- Missing bug subscriber
- Package contains a limited test suite, which gets run at build time, but
failures are ignored (and it does happen to fail)
- crypto/secrets handling should have a security review
** Changed in: volume-key (Ubuntu)
Status: New => Incomplete
**
** Description changed:
Availability
Built for all supported architectures. In sync with Debian.
Rationale
=
GNOME Disks uses udisks2. Debian's udisks2 recommends libblockdev-crypto2
which depends on libvolume-key1.
The package description for
** Description changed:
- Placeholder bug.
+ Availability
+
+ Built for all supported architectures. In sync with Debian.
- Please fill in.
+ Rationale
+ =
+ GNOME Disks uses udisks2. Debian's udisks2 recommends libblockdev-crypto2
which depends on libvolume-key1.
+
+
26 matches
Mail list logo
