** Attachment added: "PPA buildlog of a successful scenario (WITH the proposed patch)" https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1864918/+attachment/5331402/+files/buildlog_TLS_test_SUCCESS.txt.gz
** Description changed: - This is a placeholder for now, while I work the patch SRU to make test pass on xenial build. - Will enhance the description soon. + [Impact] + + * Since version 3.4.10-4ubuntu1.6 on Xenial, gnutls considers SHA1 + certificates to be insecure - this affects libvirt tests + "virnettlscontexttest" and "virnettlssessiontest", preventing the + correct build of the package. + + * The fix is available upstream since libvirt v3.7.0, as commit + c666661bbc ("Fix TLS test suites with gnutls 3.6.0") [ + libvirt.org/git/?p=libvirt.git;a=commit;h=c666661b ], which uses SHA256 + for the certificates generated on tests. + + [Test Case] + + * Basic testing consists is spin-up a PPA builder and try to build + libvirt - it'll fail in amd64 and i386 architectures. With the proposed + patch, it succeeds. Both failure and success buildlogs are attached in + the LP. + + [Regression Potential] + + * The regression potential in this case is minimal, since it only + affects testing. Also, this patch is present in all subsequent releases + and is hereby introduced only in Xenial after the gnutls change (from + version 3.6) was backported to Xenial as well. ** Changed in: libvirt (Ubuntu Xenial) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1864918 Title: libvirt for Xenial failing to build due to gnutls SHA1 restriction To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1864918/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs