Bug#962267: marked as done (xen: please consider to not install NEWS into runtime library packages)

[Debian Bug Tracking System]

Your message dated Mon, 09 May 2022 22:43:34 +0000
with message-id <e1noc6i-000f2s...@fasolo.debian.org>
and subject line Bug#962267: fixed in xen 4.16.1-1
has caused the Debian Bug report #962267,
regarding xen: please consider to not install NEWS into runtime library packages
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
962267: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962267
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: xen
Version: 4.11.4-1
Severity: minor
File: /usr/share/doc/libxenmisc4.11/NEWS.Debian.gz

Please consider to not install debian/NEWS into runtime library
packages.  They get pulled into systems that do not run Xen at all in
which case the NEWS aren't very helpful (just noise that
apt-listchanges shows).  For my system for example:

+---
| % aptitude why libxenmisc4.11
| i   qemu-kvm        Depends qemu-system-x86
| i A qemu-system-x86 Depends libxenmisc4.11
+---

Installing NEWS into xen*, but not libxen* probably still reaches all
relevant users.

Ansgar

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 
'testing'), (500, 'stable'), (300, 'buildd-unstable'), (300, 'unstable'), (1, 
'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.6.0-2-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, 
TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=C (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libxenmisc4.11:amd64 depends on:
ii  libc6                 2.30-8
ii  libext2fs2            1.45.6-1
ii  liblzma5              5.2.4-1+b1
ii  libuuid1              2.35.2-2
ii  libxencall1           4.11.4-1
ii  libxendevicemodel1    4.11.4-1
ii  libxenevtchn1         4.11.4-1
ii  libxenforeignmemory1  4.11.4-1
ii  libxengnttab1         4.11.4-1
ii  libxenstore3.0        4.11.4-1
ii  libxentoollog1        4.11.4-1
ii  libyajl2              2.1.0-3
ii  zlib1g                1:1.2.11.dfsg-2

libxenmisc4.11:amd64 recommends no packages.

libxenmisc4.11:amd64 suggests no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

Source: xen
Source-Version: 4.16.1-1
Done: Hans van Kranenburg <h...@knorrie.org>

We believe that the bug you reported is fixed in the latest version of
xen, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 962...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Hans van Kranenburg <h...@knorrie.org> (supplier of updated xen package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 09 May 2022 22:29:23 +0200
Source: xen
Architecture: source
Version: 4.16.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Xen Team <pkg-xen-de...@lists.alioth.debian.org>
Changed-By: Hans van Kranenburg <h...@knorrie.org>
Closes: 962267
Changes:
 xen (4.16.1-1) unstable; urgency=medium
 .
   * Update to new upstream version 4.16.1, which also contains security fixes
     for the following issues:
     - Racy interactions between dirty vram tracking and paging log dirty
       hypercalls
       XSA-397 CVE-2022-26356
     - Multiple speculative security issues
       XSA-398 (no CVE yet)
     - race in VT-d domain ID cleanup
       XSA-399 CVE-2022-26357
     - IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues
       XSA-400 CVE-2022-26358 CVE-2022-26359 CVE-2022-26360 CVE-2022-26361
   * Note that the following XSA are not listed, because...
     - XSA-396 has patches for the Linux kernel.
   * Don't ship NEWS in libxen* packages. Instead, only ship relevant NEWS
     items for actual hypervisor and/or utils packages they belong to.
     (Closes: #962267)
   * d/control: make xen-hypervisor-common arch specific, just like
     xen-utils-common.
   * d/control: stop recommending qemu-system-x86 on arm, because qemu is not
     being built with xen support on arm...
   * Add a patch for tools/libs/light/Makefile which prevents build.o and
     build.opic to be rebuilt unneededly during the package install phase,
     causing a FTBFS because it triggers the use of ccache, which is not
     allowed in the install phase of building the Debian packages.
 .
   Improvements related to Qemu integration:  [Michael Tokarev]
   * d/xen-utils-common.xen.init: properly disable qemu monitor/serial/parallel
     devices for qemu started at boot.
   * debian: switch from recommending qemu-system-x86 to qemu-system-xen and
     mention this change in the NEWS file.
   * Add patch "give meaningful error message if qemu device model is
     unavailable" to give a useful error message only in case the domU needs
     the qemu device model which is not installed, instead of giving a warning
     about missing qemu even if it is not used by this domain.
 .
   Documentation, grammar and spelling fixes and improvements:
   * d/control: drop obsolete paragraph about separate xen linux kernel package
   * d/control: Harmonize the capitalization of the 'Xen' word  [Diederik de 
Haas]
   * d/control: Improve spelling and grammar  [Diederik de Haas]`
Checksums-Sha1:
 11e29ee0ff4c2891cddd68ade7f1faab4d0bf830 4023 xen_4.16.1-1.dsc
 0659f2c9468c74fa0941746b5e07fb441cf91d17 4551484 xen_4.16.1.orig.tar.xz
 757fc8879a07e9642301907f611389abc717c93a 130964 xen_4.16.1-1.debian.tar.xz
Checksums-Sha256:
 ac4103e03c877a44f94fa538860144e0b2ade80bf2a9090c01fb6bc059ed1075 4023 
xen_4.16.1-1.dsc
 97bc9ebe9aa5e36b359f99257e0bff02d0deb7238ddbc16ee8c9e48dcb1f6165 4551484 
xen_4.16.1.orig.tar.xz
 d4508c72e0c73269db13e2cf19ec07f6364b511d0ffa7e19268583198d66a845 130964 
xen_4.16.1-1.debian.tar.xz
Files:
 66310f2452d455d9f75845b123c99e29 4023 admin optional xen_4.16.1-1.dsc
 e3608b606d74fc54bf8e6bf6c5387bf4 4551484 admin optional xen_4.16.1.orig.tar.xz
 7e36b5be0fcbebd989cfa3dae7b69eb5 130964 admin optional 
xen_4.16.1-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEESWyddwNaG9637koYssHfcmNhX2wFAmJ5jqQACgkQssHfcmNh
X2yaEQ//cGHyQYBBlRMp6fjt41lNXWoLuKnd10uTbKAcW6jF93SeSVw+oOMM0o2i
aqEU9ha5B082AXIqFjccJH8aFpEzh19snZPiwrYstspKJr89iV6kgvbAfyKJylQ8
eW99RzqWy26m61hJ5ess2o6wIHy/jP+mTekt7/Tj+wV6MXOstWSYo4siSi24f2ru
l8maSS7ROhU5kk56FXxsDYuWtFQcP3ZMmQQk892MLpBjkj0MF8gNGGgFKyW596v7
wPACdRDCq/jpoHPn9cgjRhtpj0GshBuo0OLLi7v9tZmufyPW8v5P7J4b7c2zVbrp
ThmFwLYxa8kSGzt00uAB0pllf32UI7ODltWr0gzvt+kDhVFhfs7Ubp6mFKkI2S9H
QzuhXrGOVpuxoNw0iHdmEc5O66gK2b5FkcXStcsYjku52ZTfO8R/1POKpkfiADIP
lDHNcpfcdoG2QiX6ifcUXi4ZRfiMob6Ns/KADMQyzgvcshYSx8KE33gfESfnxYzM
g16el2NaBKRDmKDBiA2NoQJr8lCe22mDkcuRfERbLmijOiGXeynNDmBMtsHW7Rw8
fkksk58awWPJMwBXndyqrazGj1m8BGao8tZ6LFjNyzb7KnDDyclwCFqqPdXsXrZo
EDbpggRjMC8FoU5nqNBCW4nBHgIZ5G91TU+PnfMvGt65fzboIoE=
=3I72
-----END PGP SIGNATURE-----

--- End Message ---