** Description changed: [Availability] Package is in universe since trusty: $ rmadison http-parser http-parser | 2.1-2 | trusty/universe | source http-parser | 2.1-2 | xenial/universe | source http-parser | 2.1-2 | artful/universe | source http-parser | 2.7.1-2 | bionic/universe | source + + Upstream: https://github.com/nodejs/http-parser [Rationale] sssd uses http-parser in its sssd-secrets service [https://docs.pagure.org/SSSD.sssd/design_pages/secrets_service.html], which has a REST API over a unix socket. The Debian sssd package has the secrets service enabled, and disabling it in the Ubuntu package is part of the delta we carry. The secrets service can be used as a generic key/value database for secrets, and one of its users is a kerberos KDC via KCM (Kerberos Cache Manager), implemented by sssd-kcm. sssd-secrets is unix socket activated and won't be running until there is a connection to that socket. The goal of this MIR is then twofold: a) drop a delta we have with regards to debian b) provide the sssd-secrets service for Ubuntu users [Security] + ubuntu-security review in comment https://bugs.launchpad.net/ubuntu/+source/http-parser/+bug/1638957/comments/9 [Quality assurance] [Dependencies] [Standards compliance] [Maintenance] [Background information]
** Description changed: [Availability] Package is in universe since trusty: $ rmadison http-parser http-parser | 2.1-2 | trusty/universe | source http-parser | 2.1-2 | xenial/universe | source http-parser | 2.1-2 | artful/universe | source http-parser | 2.7.1-2 | bionic/universe | source Upstream: https://github.com/nodejs/http-parser [Rationale] sssd uses http-parser in its sssd-secrets service [https://docs.pagure.org/SSSD.sssd/design_pages/secrets_service.html], which has a REST API over a unix socket. The Debian sssd package has the secrets service enabled, and disabling it in the Ubuntu package is part of the delta we carry. The secrets service can be used as a generic key/value database for secrets, and one of its users is a kerberos KDC via KCM (Kerberos Cache Manager), implemented by sssd-kcm. sssd-secrets is unix socket activated and won't be running until there is a connection to that socket. The goal of this MIR is then twofold: a) drop a delta we have with regards to debian b) provide the sssd-secrets service for Ubuntu users [Security] ubuntu-security review in comment https://bugs.launchpad.net/ubuntu/+source/http-parser/+bug/1638957/comments/9 + There are still no CVEs for http-parser or libhttp-parser. + + [Quality assurance] [Dependencies] [Standards compliance] [Maintenance] [Background information] ** Description changed: [Availability] Package is in universe since trusty: $ rmadison http-parser http-parser | 2.1-2 | trusty/universe | source http-parser | 2.1-2 | xenial/universe | source http-parser | 2.1-2 | artful/universe | source http-parser | 2.7.1-2 | bionic/universe | source Upstream: https://github.com/nodejs/http-parser [Rationale] sssd uses http-parser in its sssd-secrets service [https://docs.pagure.org/SSSD.sssd/design_pages/secrets_service.html], which has a REST API over a unix socket. The Debian sssd package has the secrets service enabled, and disabling it in the Ubuntu package is part of the delta we carry. The secrets service can be used as a generic key/value database for secrets, and one of its users is a kerberos KDC via KCM (Kerberos Cache Manager), implemented by sssd-kcm. sssd-secrets is unix socket activated and won't be running until there is a connection to that socket. The goal of this MIR is then twofold: a) drop a delta we have with regards to debian b) provide the sssd-secrets service for Ubuntu users [Security] ubuntu-security review in comment https://bugs.launchpad.net/ubuntu/+source/http-parser/+bug/1638957/comments/9 There are still no CVEs for http-parser or libhttp-parser. - [Quality assurance] [Dependencies] + libhttp-parser2.7.1 + Reverse Depends: + libhttp-parser-dev + tcpflow-nox + tcpflow + tang-nagios + tang + ruby-http-parser.rb + purple-matrix + ocserv + jabberd2 + libgit2-26 + [Standards compliance] [Maintenance] [Background information] -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1638957 Title: [MIR] http-parser, dependency of sssd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/http-parser/+bug/1638957/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
