Hi, I prepared security updates for glibc/eglibc in precise, trusty, and wily. However, the updates addresses CVE-2016-2856 and CVE-2013-2207 by disabling pt_chown and not having grantpt() fail if /dev/pts got remounted incorrectly. Due to this I asked Adam Conrad to copy the updates into the proposed pockets to get more widespread testing, as earlier attempts to address these issues had resulted in breakage for users, particularly around chroots. (The same pt_chown fixes landed in glibc in time for the xenial release.)
Now that they've been in proposed for a while, I'd like to argue that the updates should be moved to the security and updates pockets. I've tested each of the versions as I would for a normal security update, as well as doing specific testing for the pt_chown issue, looking for breakage. I don't see any new bug reports or error reports for the specific versions in proposed. However, the ADT tests triggered by glibc moving into proposed show a number of failures. I've examined these, and I don't believe any of the failures are regressions introduced by the glibc packages. What follows is my analysis for each listed "regression". Given all of the above, I'd like to ask that the glibc/eglibc pacckages in proposed be moved to their respective security and updates pockets. Thanks! ADT analysis: ======= precise ======= http://people.canonical.com/~ubuntu-archive/proposed-migration/precise/update_excuses.html#eglibc Regression in autopkgtest for dahdi-linux 1:2.5.0.1+dfsg-1ubuntu2.2 (i386): Regression in autopkgtest for dahdi-linux 1:2.5.0.1+dfsg-1ubuntu2.2 (amd64): tests routinely fail: http://autopkgtest.ubuntu.com/packages/d/dahdi-linux/precise/i386/ http://autopkgtest.ubuntu.com/packages/d/dahdi-linux/precise/amd64/ I can't find what's causing these tests to be run or how they are run, dahdi-linux source package has no Testsuite: header nor a debian/tests/ directory. Regression in autopkgtest for linux-lts-trusty 3.13.0-86.130~precise1 (armhf): kernel build timeout after 10k seconds. kernel build is normally skipped in tests triggered by the meta package update (e.g. "rebuild: short circuiting build for 'linux-meta-lts-trusty/3.13.0.87.79'"): http://autopkgtest.ubuntu.com/packages/l/linux-lts-trusty/precise/armhf/ ====== Trusty ====== http://people.canonical.com/~ubuntu-archive/proposed-migration/trusty/update_excuses.html#eglibc Regression in autopkgtest for apt 1.0.1ubuntu2.13 (armhf): started failing before eglibc triggered test: http://autopkgtest.ubuntu.com/packages/a/apt/trusty/armhf/ (looks like a permissions problem with the squid proxy?) Regression in autopkgtest for dahdi-linux 1:2.5.0.1+dfsg-1ubuntu4~14.04.4 (ppc64el): Been failing long before eglibc upload: http://autopkgtest.ubuntu.com/packages/d/dahdi-linux/trusty/ppc64el/ Regression in autopkgtest for gvfs 1.20.3-0ubuntu1.2 (ppc64el): tests always failed, the tests that are listed as passing under http://autopkgtest.ubuntu.com/packages/g/gvfs/trusty/ppc64el/ were skipped due to lack of virtualization in the test environment Regression in autopkgtest for linux-keystone 3.13.0-56.81 (armhf): kernel build failures TIMEOUT after 10k seconds, previous rebuild test managed to complete. Regression in autopkgtest for linux 3.13.0-86.130 (ppc64el): An apparmor regression test failure, but not caused by glibc update, this is https://bugs.launchpad.net/qa-regression-testing/+bug/1543461 Regression in autopkgtest for linux-lts-utopic 3.16.0-71.91~14.04.1 (amd64): Regression in autopkgtest for linux-lts-utopic 3.16.0-71.91~14.04.1 (armhf): Regression in autopkgtest for linux-lts-utopic 3.16.0-71.91~14.04.1 (i386): kernel build failures TIMEOUT after 10k seconds, rebuild is normally short-circuited Regression in autopkgtest for linux-lts-utopic 3.16.0-71.91~14.04.1 (ppc64el): kernel build succeeded, but attempt to run tests failed due to version mismatch between kernel source and installed kernel: Source Package Version: 3.16.0-71.91~14.04.1 Running Kernel Version: 3.13.0-86.130 ERROR: running version does not match source package http://autopkgtest.ubuntu.com/packages/l/linux-lts-utopic/trusty/ppc64el/ Regression in autopkgtest for linux-lts-vivid 3.19.0-59.65~14.04.1 (amd64): Regression in autopkgtest for linux-lts-vivid 3.19.0-59.65~14.04.1 (armhf): Regression in autopkgtest for linux-lts-vivid 3.19.0-59.65~14.04.1 (i386): kernel build failures TIMEOUT after 10k seconds, rebuild is normally short-circuited Regression in autopkgtest for linux-lts-vivid 3.19.0-59.65~14.04.1 (ppc64el): kernel build succeeded, but attempt to run tests failed due to version mismatch between kernel source and installed kernel: Source Package Version: 3.19.0-59.65~14.04.1 Running Kernel Version: 3.13.0-86.130 ERROR: running version does not match source package http://autopkgtest.ubuntu.com/packages/l/linux-lts-vivid/trusty/ppc64el/ Regression in autopkgtest for linux-lts-wily 4.2.0-36.41~14.04.1 (armhf): kernel build failures TIMEOUT after 10k seconds, rebuild is normally short-circuited Regression in autopkgtest for linux-lts-xenial 4.4.0-21.37~14.04.1 (armhf): kernel build failures TIMEOUT after 10k seconds, rebuild is normally short-circuited Regression in autopkgtest for network-manager 0.9.8.8-0ubuntu7.2 (ppc64el): long-standing failure: http://autopkgtest.ubuntu.com/packages/n/network-manager/trusty/ppc64el (calling rfkill command with invalid argument?) Regression in autopkgtest for ofono-phonesim 1.19-0ubuntu10 (amd64): http://autopkgtest.ubuntu.com/packages/o/ofono-phonesim/trusty/amd64/ sometimes passes, sometimes fails. Regression in autopkgtest for pandas 0.13.1-2ubuntu2 (i386): FAIL: test_sum (pandas.tests.test_frame.TestDataFrame) looks to be https://github.com/pydata/pandas/issues/6982 ? not glibc related. Regression in autopkgtest for python2.7 2.7.6-8ubuntu0.2 (armhf): A couple of regression test failures that look to be permissions problems? Previous test that is listed as "passed" actually failed in the same way, just wasn't detected: http://autopkgtest.ubuntu.com/packages/p/python2.7/trusty/armhf Regression in autopkgtest for ubuntu-drivers-common 1:0.2.91.11 (i386): Been failing for a while: http://autopkgtest.ubuntu.com/packages/u/ubuntu-drivers-common/trusty/i386/ not glibc related Regression in autopkgtest for langford 0.0.20130228-3 (armhf): similar-style dkms failure to dahdi-linux? fails tests frequently: http://autopkgtest.ubuntu.com/packages/l/langford/trusty/armhf/ ==== Wily ==== http://people.canonical.com/~ubuntu-archive/proposed-migration/wily/update_excuses.html#glibc Regression in autopkgtest for apport 2.19.1-0ubuntu5 (i386): Regression in autopkgtest for apport 2.19.1-0ubuntu5 (amd64): failure to install a different version of libc for armhf testcase failure? Has been failing on both arches for a while: http://autopkgtest.ubuntu.com/packages/a/apport/wily/amd64/ http://autopkgtest.ubuntu.com/packages/a/apport/wily/i386/ Regression in autopkgtest for chromium-browser 49.0.2623.108-0ubuntu0.15.10.1.1223 (armhf): possible chromium segfault? That said, it looks like a similar sikuli error pops up even in the 'passing' test runs http://autopkgtest.ubuntu.com/packages/c/chromium-browser/wily/armhf/ Regression in autopkgtest for crash 7.1.1-1ubuntu4.1 (ppc64el): Regression in autopkgtest for crash 7.1.1-1ubuntu4.1 (i386): Regression in autopkgtest for crash 7.1.1-1ubuntu4.1 (amd64): Failures due to gpg key that signs the ddeb repo changing, preventing install of linux kernel ddeb package? Regression in autopkgtest for dahdi-linux 1:2.10.0.1~dfsg-1ubuntu4 (ppc64el): Been failing for a while: http://autopkgtest.ubuntu.com/packages/d/dahdi-linux/wily/ppc64el/ Regression in autopkgtest for ganeti 2.15.1-1 (amd64): Starting failing before glibc package: http://autopkgtest.ubuntu.com/packages/g/ganeti/wily/amd64/ Regression in autopkgtest for gdnsd 2.1.2-1 (i386): Regression in autopkgtest for gdnsd 2.1.2-1 (amd64): gdnsd fails on service startup in postinst: http://autopkgtest.ubuntu.com/packages/g/gdnsd/wily/i386/ http://autopkgtest.ubuntu.com/packages/g/gdnsd/wily/amd64/ I am able to reproduce this in a vm, as the gdnsd daemon attempts to bind to port 53, which conflicts with dnsmasq running on loopback bound port 53. I'm not sure why this isn't a problem for the successful test runs. Regression in autopkgtest for kdelibs4support 5.15.0-0ubuntu1 (ppc64el): Regression in autopkgtest for kdelibs4support 5.15.0-0ubuntu1 (amd64): dh_acc (abi-compliance-checker) is failing while generating the initial base abi dump. I can reproduce this locally in a vm with 768M allocated to it, it fails when run in non-quiet mode with 'ERROR: can't pack the ABI dump: Cannot allocate memory' but I can't tell if it's the same failure happening in adt, as returned Error code 2 is used as an Undifferentiated error code, though Error 1 is supposed to be the value returned if the ABI is incompatible. http://autopkgtest.ubuntu.com/packages/k/kdelibs4support/wily/amd64/ Regression in autopkgtest for kdepim-runtime 4:15.08.2-0ubuntu1 (ppc64el): Regression in autopkgtest for kdepim-runtime 4:15.08.2-0ubuntu1 (i386): Regression in autopkgtest for kdepim-runtime 4:15.08.2-0ubuntu1 (amd64): Regression in autopkgtest for kdepim-runtime 4:15.08.2-0ubuntu1 (armhf): tests failing for a while, not glibc related: http://autopkgtest.ubuntu.com/packages/k/kdepim-runtime/wily/amd64/ http://autopkgtest.ubuntu.com/packages/k/kdepim-runtime/wily/armhf/ http://autopkgtest.ubuntu.com/packages/k/kdepim-runtime/wily/i386/ http://autopkgtest.ubuntu.com/packages/k/kdepim-runtime/wily/ppc64el/ some kind of IMAP failure? Regression in autopkgtest for kservice 5.15.0-0ubuntu1 (ppc64el): Regression in autopkgtest for kservice 5.15.0-0ubuntu1 (i386): Regression in autopkgtest for kservice 5.15.0-0ubuntu1 (amd64): Regression in autopkgtest for kservice 5.15.0-0ubuntu1 (armhf): tests failing for a while, not glibc related: http://autopkgtest.ubuntu.com/packages/k/kservice/wily/amd64 http://autopkgtest.ubuntu.com/packages/k/kservice/wily/armhf http://autopkgtest.ubuntu.com/packages/k/kservice/wily/i386 http://autopkgtest.ubuntu.com/packages/k/kservice/wily/ppc64el Regression in autopkgtest for kwayland 4:5.4.2-0ubuntu1 (ppc64el): http://autopkgtest.ubuntu.com/packages/k/kwayland/wily/ppc64el new failure for unclear reasons, but i386 has always failed in the same way: http://autopkgtest.ubuntu.com/packages/k/kwayland/wily/i386 Regression in autopkgtest for libxml-libxml-perl 2.0116+dfsg-5 (i386): Regression in autopkgtest for libxml-libxml-perl 2.0116+dfsg-5 (amd64): missing Changes.pm from test environment? Tests frequently fail. http://autopkgtest.ubuntu.com/packages/libx/libxml-libxml-perl/wily/i386/ http://autopkgtest.ubuntu.com/packages/libx/libxml-libxml-perl/wily/amd64/ Regression in autopkgtest for libxml-libxslt-perl 1.94-1 (i386): Regression in autopkgtest for libxml-libxslt-perl 1.94-1 (amd64): missing Changes.pm from test environment? Tests frequently fail. http://autopkgtest.ubuntu.com/packages/libx/libxml-libxslt-perl/wily/amd64/ http://autopkgtest.ubuntu.com/packages/libx/libxml-libxslt-perl/wily/i386/ Regression in autopkgtest for lxcfs 0.10-0ubuntu2.1 (i386): Regression in autopkgtest for lxcfs 0.10-0ubuntu2.1 (amd64): tests failing for a while, not glibc related http://autopkgtest.ubuntu.com/packages/l/lxcfs/wily/amd64/ http://autopkgtest.ubuntu.com/packages/l/lxcfs/wily/i386/ Regression in autopkgtest for ofono-phonesim 1.20-1ubuntu3 (armhf): History is mostly failures, had one successful test run: http://autopkgtest.ubuntu.com/packages/o/ofono-phonesim/wily/armhf/ not glibc related Regression in autopkgtest for pdns 3.4.5-1build2 (i386): Regression in autopkgtest for pdns 3.4.5-1build2 (amd64): unable to resolve test host, but failure started occurring with postgresql triggered test http://autopkgtest.ubuntu.com/packages/p/pdns/wily/amd64/ http://autopkgtest.ubuntu.com/packages/p/pdns/wily/i386/ Regression in autopkgtest for pg-reorg 1.1.11-1 (i386): Regression in autopkgtest for pg-reorg 1.1.11-1 (amd64): Regression in autopkgtest for pg-reorg 1.1.11-1 (armhf): test failures started with postgresql update, not glibc related http://autopkgtest.ubuntu.com/packages/p/pg-reorg/wily/amd64/ http://autopkgtest.ubuntu.com/packages/p/pg-reorg/wily/armhf/ http://autopkgtest.ubuntu.com/packages/p/pg-reorg/wily/i386/ Regression in autopkgtest for postgresql-multicorn 1.2.2-1 (ppc64el): Regression in autopkgtest for postgresql-multicorn 1.2.2-1 (i386): Regression in autopkgtest for postgresql-multicorn 1.2.2-1 (amd64): Regression in autopkgtest for postgresql-multicorn 1.2.2-1 (armhf): test failures started with postgresql update, not glibc related http://autopkgtest.ubuntu.com/packages/p/postgresql-multicorn/wily/amd64/ http://autopkgtest.ubuntu.com/packages/p/postgresql-multicorn/wily/armhf/ http://autopkgtest.ubuntu.com/packages/p/postgresql-multicorn/wily/i386/ http://autopkgtest.ubuntu.com/packages/p/postgresql-multicorn/wily/ppc64el/ Regression in autopkgtest for python-cffi 1.1.2-1ubuntu2 (i386): Regression in autopkgtest for python-cffi 1.1.2-1ubuntu2 (amd64): Does not appear to be glibc related (missing setup.py in test cases?) http://autopkgtest.ubuntu.com/packages/p/python-cffi/wily/amd64/ http://autopkgtest.ubuntu.com/packages/p/python-cffi/wily/i386/ Regression in autopkgtest for rocs 4:15.08.2-0ubuntu1 (ppc64el): Regression in autopkgtest for rocs 4:15.08.2-0ubuntu1 (amd64): Compiler ICE on 64bit systems? First time tested since Nov 2015 http://autopkgtest.ubuntu.com/packages/r/rocs/wily/amd64/ http://autopkgtest.ubuntu.com/packages/r/rocs/wily/ppc64el/ Regression in autopkgtest for s3ql 2.13+dfsg-2 (ppc64el): Regression in autopkgtest for s3ql 2.13+dfsg-2 (armhf): 504 Gateway timeout error? Possible differing test setup? http://autopkgtest.ubuntu.com/packages/s/s3ql/wily/armhf/ http://autopkgtest.ubuntu.com/packages/s/s3ql/wily/ppc64el/ Note that i386/amd64 have failed always with the same error, so maybe devirt->virt conversion?: http://autopkgtest.ubuntu.com/packages/s/s3ql/wily/i386/ http://autopkgtest.ubuntu.com/packages/s/s3ql/wily/amd64/ Regression in autopkgtest for udisks2 2.1.6-2ubuntu1 (i386): Regression in autopkgtest for udisks2 2.1.6-2ubuntu1 (amd64): Started failing with timeouts on systemd update: http://autopkgtest.ubuntu.com/packages/u/udisks2/wily/amd64/ http://autopkgtest.ubuntu.com/packages/u/udisks2/wily/i386/ -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: PGP signature
-- Ubuntu-release mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-release
