[Bug 1714602] Re: ieee-data cron fails every month because it DDoSes an upstream website
Is there anything I can do to help get this fixed in xenial? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1714602 Title: ieee-data cron fails every month because it DDoSes an upstream website To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ieee-data/+bug/1714602/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1714602] [NEW] ieee-data cron fails every month because it DDoSes an upstream website
Public bug reported: This is a known and fixed upstream bug: https://bugs.debian.org/cgi- bin/bugreport.cgi?bug=826104 The package tries to update its data every month from an apparently not so strong host, causing a classic thundering horde DDoS. Debian fixed this by deciding the cronjob wasn't such a good idea after all and simply removing it. The fixed version of the package is in zesty and above, while xenial still has a bad version. _Release Information:_ $ lsb_release -rd Description:Ubuntu 16.04.3 LTS Release:16.04 _Package Information:_ $ apt-cache policy ieee-data ieee-data: Installed: 20150531.1 Candidate: 20150531.1 Version table: *** 20150531.1 500 500 http://ubuntumirror.informatik.tu-muenchen.de/ubuntu xenial/main amd64 Packages 500 http://ubuntumirror.informatik.tu-muenchen.de/ubuntu xenial/main i386 Packages 100 /var/lib/dpkg/status _What you expected to happen:_ Nothing _What happened instead:_ I got this e-mail from cron: Subject: Crontest -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly ) Date: Fri, 1 Sep 2017 06:55:47 +0200 (CEST) From: Cron Daemon To: root@host run-parts: /etc/cron.monthly/ieee-data exited with return code 1 ** Affects: ieee-data (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1714602 Title: ieee-data cron fails every month because it DDoSes an upstream website To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ieee-data/+bug/1714602/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1563202] Re: Calamaris 2.99.4.0-19 does not understand 'PINNED' method in squid3 3.3.8-1ubuntu6.6 (trusty)
Indeed, and the package backports cleanly. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1563202 Title: Calamaris 2.99.4.0-19 does not understand 'PINNED' method in squid3 3.3.8-1ubuntu6.6 (trusty) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/calamaris/+bug/1563202/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1563202] Re: Calamaris 2.99.4.0-19 does not understand 'PINNED' method in squid3 3.3.8-1ubuntu6.6 (trusty)
** Description changed: - It seems that the Calamaris and squid packages in trusty are - incompatible. This means calamaris is essentially unuseable. + It seems that the Calamaris and squid packages in trusty appear to be + incompatible. + + This creates huge error emails from cron. This error fills Calamaris reports: unknown log_hier_method: "PINNED" found in line 1370 of input: - 1458884152.058 7 131.159.0.0 TCP_MISS/200 19145 POST http://x - PINNED/2002:x multipart/encrypted + 1458884152.058 7 131.159.0.0 TCP_MISS/200 19145 POST http://x - PINNED/2002:x multipart/encrypted ** Description changed: It seems that the Calamaris and squid packages in trusty appear to be incompatible. - This creates huge error emails from cron. - - This error fills Calamaris reports: + This creates huge error emails from cron filled with this kind of error + report: unknown log_hier_method: "PINNED" found in line 1370 of input: 1458884152.058 7 131.159.0.0 TCP_MISS/200 19145 POST http://x - PINNED/2002:x multipart/encrypted -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1563202 Title: Calamaris 2.99.4.0-19 does not understand 'PINNED' method in squid3 3.3.8-1ubuntu6.6 (trusty) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/calamaris/+bug/1563202/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1563202] [NEW] Calamaris 2.99.4.0-19 does not understand 'PINNED' method in squid3 3.3.8-1ubuntu6.6 (trusty)
Public bug reported: It seems that the Calamaris and squid packages in trusty are incompatible. This means calamaris is essentially unuseable. This error fills Calamaris reports: unknown log_hier_method: "PINNED" found in line 1370 of input: 1458884152.058 7 131.159.0.0 TCP_MISS/200 19145 POST http://x - PINNED/2002:x multipart/encrypted ** Affects: calamaris (Ubuntu) Importance: Undecided Status: New ** Description changed: It seems that the Calamaris and squid packages in trusty are incompatible. This means calamaris is essentially unuseable. + + This error fills Calamaris reports: + + unknown log_hier_method: "PINNED" found in line 1370 of input: + 1458884152.058 7 131.159.0.0 TCP_MISS/200 19145 POST http://x - PINNED/2002:x multipart/encrypted -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1563202 Title: Calamaris 2.99.4.0-19 does not understand 'PINNED' method in squid3 3.3.8-1ubuntu6.6 (trusty) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/calamaris/+bug/1563202/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1561007] Re: Upstream Bug #3769: client_netmask not evaluated since Comm redesign
One more remark - there is another open bug that has a simple, tested fix and is already marked pending for release: https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1405351 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/squid/+bug/1561007/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1561007] Re: Upstream Bug #3769: client_netmask not evaluated since Comm redesign
One more remark - there is another open bug that has a simple, tested fix and is already marked pending for release: https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1405351 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/squid/+bug/1561007/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1561007] Re: Upstream Bug #3769: client_netmask not evaluated since Comm redesign
Tested, works! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/squid/+bug/1561007/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1561007] Re: Upstream Bug #3769: client_netmask not evaluated since Comm redesign
Tested, works! -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/squid/+bug/1561007/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1561007] Re: Upstream Bug #3769: client_netmask not evaluated since Comm redesign
> I took the patch from the upstream 3.3 branch rather than your patches -- although I think the net effect is the same. You mean there was a patch in upstream 3.3 that applies cleanly? That's much better than my hacked together fix. I will install squid from your PPA and test it. ** Description changed: [Impact] http://www.squid-cache.org/mail-archive/squid-users/201403/0065.html: > This bug caused the client_netmask directive in Squid-3.2 and Squid-3.3 releases to have no effect. The designed behaviour of masking client IPs in logs is now restored. Upstream issue tracker: http://bugs.squid-cache.org/show_bug.cgi?id=3769 In all versions of squid3 between 3.2 and 3.4.4 a pretty severe bug exists that disables the scrubbing of client IPs. Scrubbing of client IPs is extremely important for any privacy-aware and risk-aware provider. [Test Case] - TBD + + 1. Install squid3: apt-get install squid3 + 2. Observe that full client IP is logged to /var/log/squid/access.log + 2. Add "client_netmask 255.255.0.0" to config + 3. Observe that full client IP is still logged + 4. Apply patch + 5. Observe that only the first two octets of client IP are logged now. [Regression Potential] - TBD + + The fix is minimally invasive and adds only an interaction with the + IP::Address class that was not present. It is also identical to upstream + changes except for cosmetic refactoring done between the trusty version + of squid3 and when the bug was fixed in upstream. ** Description changed: [Impact] http://www.squid-cache.org/mail-archive/squid-users/201403/0065.html: > This bug caused the client_netmask directive in Squid-3.2 and Squid-3.3 releases to have no effect. The designed behaviour of masking client IPs in logs is now restored. Upstream issue tracker: http://bugs.squid-cache.org/show_bug.cgi?id=3769 In all versions of squid3 between 3.2 and 3.4.4 a pretty severe bug exists that disables the scrubbing of client IPs. Scrubbing of client IPs is extremely important for any privacy-aware and risk-aware provider. [Test Case] 1. Install squid3: apt-get install squid3 2. Observe that full client IP is logged to /var/log/squid/access.log 2. Add "client_netmask 255.255.0.0" to config 3. Observe that full client IP is still logged 4. Apply patch 5. Observe that only the first two octets of client IP are logged now. [Regression Potential] - The fix is minimally invasive and adds only an interaction with the - IP::Address class that was not present. It is also identical to upstream - changes except for cosmetic refactoring done between the trusty version - of squid3 and when the bug was fixed in upstream. + The fix is minimally invasive and adds only an interaction with the IP::Address class that was not present in the current release. It is also identical to upstream changes except for cosmetic refactoring done between the trusty version of squid3 and when the bug was fixed in upstream. + Regression potential is therefore minimal. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/squid/+bug/1561007/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1561007] Re: Upstream Bug #3769: client_netmask not evaluated since Comm redesign
> I took the patch from the upstream 3.3 branch rather than your patches -- although I think the net effect is the same. You mean there was a patch in upstream 3.3 that applies cleanly? That's much better than my hacked together fix. I will install squid from your PPA and test it. ** Description changed: [Impact] http://www.squid-cache.org/mail-archive/squid-users/201403/0065.html: > This bug caused the client_netmask directive in Squid-3.2 and Squid-3.3 releases to have no effect. The designed behaviour of masking client IPs in logs is now restored. Upstream issue tracker: http://bugs.squid-cache.org/show_bug.cgi?id=3769 In all versions of squid3 between 3.2 and 3.4.4 a pretty severe bug exists that disables the scrubbing of client IPs. Scrubbing of client IPs is extremely important for any privacy-aware and risk-aware provider. [Test Case] - TBD + + 1. Install squid3: apt-get install squid3 + 2. Observe that full client IP is logged to /var/log/squid/access.log + 2. Add "client_netmask 255.255.0.0" to config + 3. Observe that full client IP is still logged + 4. Apply patch + 5. Observe that only the first two octets of client IP are logged now. [Regression Potential] - TBD + + The fix is minimally invasive and adds only an interaction with the + IP::Address class that was not present. It is also identical to upstream + changes except for cosmetic refactoring done between the trusty version + of squid3 and when the bug was fixed in upstream. ** Description changed: [Impact] http://www.squid-cache.org/mail-archive/squid-users/201403/0065.html: > This bug caused the client_netmask directive in Squid-3.2 and Squid-3.3 releases to have no effect. The designed behaviour of masking client IPs in logs is now restored. Upstream issue tracker: http://bugs.squid-cache.org/show_bug.cgi?id=3769 In all versions of squid3 between 3.2 and 3.4.4 a pretty severe bug exists that disables the scrubbing of client IPs. Scrubbing of client IPs is extremely important for any privacy-aware and risk-aware provider. [Test Case] 1. Install squid3: apt-get install squid3 2. Observe that full client IP is logged to /var/log/squid/access.log 2. Add "client_netmask 255.255.0.0" to config 3. Observe that full client IP is still logged 4. Apply patch 5. Observe that only the first two octets of client IP are logged now. [Regression Potential] - The fix is minimally invasive and adds only an interaction with the - IP::Address class that was not present. It is also identical to upstream - changes except for cosmetic refactoring done between the trusty version - of squid3 and when the bug was fixed in upstream. + The fix is minimally invasive and adds only an interaction with the IP::Address class that was not present in the current release. It is also identical to upstream changes except for cosmetic refactoring done between the trusty version of squid3 and when the bug was fixed in upstream. + Regression potential is therefore minimal. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/squid/+bug/1561007/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1561007] Re: Upstream Bug #3769: client_netmask not evaluated since Comm redesign
Second part of patch. ** Patch added: "fix-3769-2.patch" https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1561007/+attachment/4608655/+files/fix-3769-2.patch ** Description changed: + NOTE: This bug is for trusty. + http://www.squid-cache.org/mail-archive/squid-users/201403/0065.html: > This bug caused the client_netmask directive in Squid-3.2 and Squid-3.3 releases to have no effect. The designed behaviour of masking client IPs - in logs is now restored. + in logs is now restored. Upstream issue tracker: http://bugs.squid-cache.org/show_bug.cgi?id=3769 In all versions of squid3 between 3.2 and 3.4.4 a pretty severe bug exists that disables the scrubbing of client IPs. Scrubbing of client IPs is extremely important for any privacy-aware and risk-aware provider. Based on the bzr commit fixing the bug (http://bazaar.launchpad.net/~squid/squid/3.4/revision/squ...@treenet.co.nz-20140212085229-edx2i4es622uo0gm) I made a patch. The diff of the bzr revision doesn't apply but the differences are solely due to cosmetic refactoring of method names in squid 3.4. I'm not familiar with the debian / ubuntu package maintenance tools so the patch ended up as a two-parter. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid3 in Ubuntu. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1561007/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1561007] Re: Upstream Bug #3769: client_netmask not evaluated since Comm redesign
Second part of patch. ** Patch added: "fix-3769-2.patch" https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1561007/+attachment/4608655/+files/fix-3769-2.patch ** Description changed: + NOTE: This bug is for trusty. + http://www.squid-cache.org/mail-archive/squid-users/201403/0065.html: > This bug caused the client_netmask directive in Squid-3.2 and Squid-3.3 releases to have no effect. The designed behaviour of masking client IPs - in logs is now restored. + in logs is now restored. Upstream issue tracker: http://bugs.squid-cache.org/show_bug.cgi?id=3769 In all versions of squid3 between 3.2 and 3.4.4 a pretty severe bug exists that disables the scrubbing of client IPs. Scrubbing of client IPs is extremely important for any privacy-aware and risk-aware provider. Based on the bzr commit fixing the bug (http://bazaar.launchpad.net/~squid/squid/3.4/revision/squ...@treenet.co.nz-20140212085229-edx2i4es622uo0gm) I made a patch. The diff of the bzr revision doesn't apply but the differences are solely due to cosmetic refactoring of method names in squid 3.4. I'm not familiar with the debian / ubuntu package maintenance tools so the patch ended up as a two-parter. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1561007/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1561007] [NEW] Upstream Bug #3769: client_netmask not evaluated since Comm redesign
Public bug reported: NOTE: This bug is for trusty. http://www.squid-cache.org/mail-archive/squid-users/201403/0065.html: > This bug caused the client_netmask directive in Squid-3.2 and Squid-3.3 releases to have no effect. The designed behaviour of masking client IPs in logs is now restored. Upstream issue tracker: http://bugs.squid-cache.org/show_bug.cgi?id=3769 In all versions of squid3 between 3.2 and 3.4.4 a pretty severe bug exists that disables the scrubbing of client IPs. Scrubbing of client IPs is extremely important for any privacy-aware and risk-aware provider. Based on the bzr commit fixing the bug (http://bazaar.launchpad.net/~squid/squid/3.4/revision/squ...@treenet.co.nz-20140212085229-edx2i4es622uo0gm) I made a patch. The diff of the bzr revision doesn't apply but the differences are solely due to cosmetic refactoring of method names in squid 3.4. I'm not familiar with the debian / ubuntu package maintenance tools so the patch ended up as a two-parter. ** Affects: squid3 (Ubuntu) Importance: Undecided Status: New ** Patch added: "First part of patch" https://bugs.launchpad.net/bugs/1561007/+attachment/4608645/+files/fix-3769.patch -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid3 in Ubuntu. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1561007/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1561007] [NEW] Upstream Bug #3769: client_netmask not evaluated since Comm redesign
Public bug reported: NOTE: This bug is for trusty. http://www.squid-cache.org/mail-archive/squid-users/201403/0065.html: > This bug caused the client_netmask directive in Squid-3.2 and Squid-3.3 releases to have no effect. The designed behaviour of masking client IPs in logs is now restored. Upstream issue tracker: http://bugs.squid-cache.org/show_bug.cgi?id=3769 In all versions of squid3 between 3.2 and 3.4.4 a pretty severe bug exists that disables the scrubbing of client IPs. Scrubbing of client IPs is extremely important for any privacy-aware and risk-aware provider. Based on the bzr commit fixing the bug (http://bazaar.launchpad.net/~squid/squid/3.4/revision/squ...@treenet.co.nz-20140212085229-edx2i4es622uo0gm) I made a patch. The diff of the bzr revision doesn't apply but the differences are solely due to cosmetic refactoring of method names in squid 3.4. I'm not familiar with the debian / ubuntu package maintenance tools so the patch ended up as a two-parter. ** Affects: squid3 (Ubuntu) Importance: Undecided Status: New ** Patch added: "First part of patch" https://bugs.launchpad.net/bugs/1561007/+attachment/4608645/+files/fix-3769.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1561007 Title: Upstream Bug #3769: client_netmask not evaluated since Comm redesign To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1561007/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs