[Touch-packages] [Bug 1674492] Re: cron: /etc/default/cron should not actually be deprecated
This bug is related to two other bugs: Similar issue where /etc/default/cron is still relevant: https://bugs.launchpad.net/ubuntu/+source/cron/+bug/1078607 Inaccurate commit where file was wrongly marked deprecated, for a bad boot speed related reason, in the now deprecated Upstart system. This should probably be reverted in some way. https://bugs.launchpad.net/ubuntu/+source/cron/+bug/794082 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cron in Ubuntu. https://bugs.launchpad.net/bugs/1674492 Title: cron: /etc/default/cron should not actually be deprecated Status in cron package in Ubuntu: New Bug description: The /etc/default/cron file claims that it has been deprecated in its own comments, and refers to an upstart configuration file (which is deprecated in Ubuntu 15.10 and up, in favor of systemd): $ cat /etc/default/cron # This file has been deprecated. Please add custom options for cron to # /etc/init/cron.conf and/or /etc/init/cron.override directly. See # the init(5) man page for more information. EXTRA_OPTS="-L 15" *** (added on my system for debugging) *** Yet, the systemd cron.service actually respects the content of the file: $ cat /lib/systemd/system/cron.service [Unit] Description=Regular background program processing daemon Documentation=man:cron(8) [Service] EnvironmentFile=-/etc/default/cron ExecStart=/usr/sbin/cron -f $EXTRA_OPTS IgnoreSIGPIPE=false KillMode=process [Install] WantedBy=multi-user.target (venv) arceo@lab-dev-01:~/poc-connectors/scripts$ So, the inaccurate comments in /etc/default/cron, and other such files (if this was perhaps an automated error by debhelper or similar tools), should be corrected accordingly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cron/+bug/1674492/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1674492] [NEW] cron: /etc/default/cron should not actually be deprecated
Public bug reported: The /etc/default/cron file claims that it has been deprecated in its own comments, and refers to an upstart configuration file (which is deprecated in Ubuntu 15.10 and up, in favor of systemd): $ cat /etc/default/cron # This file has been deprecated. Please add custom options for cron to # /etc/init/cron.conf and/or /etc/init/cron.override directly. See # the init(5) man page for more information. EXTRA_OPTS="-L 15" *** (added on my system for debugging) *** Yet, the systemd cron.service actually respects the content of the file: $ cat /lib/systemd/system/cron.service [Unit] Description=Regular background program processing daemon Documentation=man:cron(8) [Service] EnvironmentFile=-/etc/default/cron ExecStart=/usr/sbin/cron -f $EXTRA_OPTS IgnoreSIGPIPE=false KillMode=process [Install] WantedBy=multi-user.target (venv) arceo@lab-dev-01:~/poc-connectors/scripts$ So, the inaccurate comments in /etc/default/cron, and other such files (if this was perhaps an automated error by debhelper or similar tools), should be corrected accordingly. ** Affects: cron (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cron in Ubuntu. https://bugs.launchpad.net/bugs/1674492 Title: cron: /etc/default/cron should not actually be deprecated Status in cron package in Ubuntu: New Bug description: The /etc/default/cron file claims that it has been deprecated in its own comments, and refers to an upstart configuration file (which is deprecated in Ubuntu 15.10 and up, in favor of systemd): $ cat /etc/default/cron # This file has been deprecated. Please add custom options for cron to # /etc/init/cron.conf and/or /etc/init/cron.override directly. See # the init(5) man page for more information. EXTRA_OPTS="-L 15" *** (added on my system for debugging) *** Yet, the systemd cron.service actually respects the content of the file: $ cat /lib/systemd/system/cron.service [Unit] Description=Regular background program processing daemon Documentation=man:cron(8) [Service] EnvironmentFile=-/etc/default/cron ExecStart=/usr/sbin/cron -f $EXTRA_OPTS IgnoreSIGPIPE=false KillMode=process [Install] WantedBy=multi-user.target (venv) arceo@lab-dev-01:~/poc-connectors/scripts$ So, the inaccurate comments in /etc/default/cron, and other such files (if this was perhaps an automated error by debhelper or similar tools), should be corrected accordingly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cron/+bug/1674492/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1556330] Re: upstream curl bug #1371: p12 client certificates code is broken
Hello, I am very sorry for the delay in testing this. I noticed that the package libcurl4-doc is missing. I wasn't sure if it was obsolete, or a mistake, or not included in the test packages only. Otherwise the package is working perfectly and is ready for release to Ubuntu 14.04 LTS. Thanks for all of your help to make this fix possible. Sincerely, Matthew. ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1556330 Title: upstream curl bug #1371: p12 client certificates code is broken Status in curl package in Ubuntu: Fix Released Status in curl source package in Trusty: Fix Committed Bug description: [Impact] The bug makes it impossible to use PKCS#12 secure storage of client certificates and private keys with any affected Ubuntu releases. The fix is one line fixing a broken switch statement and was already tested against Ubuntu 14.04 LTS with a rebuilt curl package. This was fixed in upstream libcurl in the following bug: https://sourceforge.net/p/curl/bugs/1371/ The bug fix consists of one missing break statement at the end of a case in a switch statement. I personally patched the bug using source code release curl_7.35.0-1ubuntu2.6.dsc, used in Ubuntu 14.04 LTS, and verified it does indeed fix the bug and all of the package's tests still pass afterwards. [Test Case] The bug can be reproduced using the following libcurl parameters (even via CLI, pycurl, etc.). CURLOPT_SSLCERTTYPE == "P12" CURLOPT_SSLCERT = path to PKCS#12 CURLOPT_SSLKEY = path to PKCS#12 CURLOPT_SSLKEYPASSWD = key for PKCS#12 if needed Basically, just use a PKCS#12 format client certificate and private key against some certificate protected web server. [Regression Potential] If it could possibly break anything, which is extraordinarily unlikely, it would break one of the three client certificate formats (most likely PKCS#12 but also PEM or DER). Note 1/3 formats is already broken due to the bug. Client certificates of all three types could be checked to prevent this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1556330/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
Re: [Touch-packages] [Bug 1556330] Re: upstream curl bug #1371: p12 client certificates code is broken
> On Mar 12, 2016, at 8:55 AM, LocutusOfBorg > wrote: > > unfortunately it doesn't seem to build. It built perfectly when I modified the source for 14.04 LTS. Also thanks for the more detailed stable release diff procedures. I did read the stable release update page to write the original report but it didn't explain the commands to run as a community member. Who has access to add the additional procedures you wrote into the page? This would be very helpful for other technical users without knowledge of the special Debian and Ubuntu processes. Matthew. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1556330 Title: upstream curl bug #1371: p12 client certificates code is broken Status in curl package in Ubuntu: Fix Released Status in curl source package in Trusty: Triaged Bug description: [Impact] The bug makes it impossible to use PKCS#12 secure storage of client certificates and private keys with any affected Ubuntu releases. The fix is one line fixing a broken switch statement and was already tested against Ubuntu 14.04 LTS with a rebuilt curl package. This was fixed in upstream libcurl in the following bug: https://sourceforge.net/p/curl/bugs/1371/ The bug fix consists of one missing break statement at the end of a case in a switch statement. I personally patched the bug using source code release curl_7.35.0-1ubuntu2.6.dsc, used in Ubuntu 14.04 LTS, and verified it does indeed fix the bug and all of the package's tests still pass afterwards. [Test Case] The bug can be reproduced using the following libcurl parameters (even via CLI, pycurl, etc.). CURLOPT_SSLCERTTYPE == "P12" CURLOPT_SSLCERT = path to PKCS#12 CURLOPT_SSLKEY = path to PKCS#12 CURLOPT_SSLKEYPASSWD = key for PKCS#12 if needed Basically, just use a PKCS#12 format client certificate and private key against some certificate protected web server. [Regression Potential] If it could possibly break anything, which is extraordinarily unlikely, it would break one of the three client certificate formats (most likely PKCS#12 but also PEM or DER). Note 1/3 formats is already broken due to the bug. Client certificates of all three types could be checked to prevent this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1556330/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1556330] Re: upstream curl bug #1371: p12 client certificates code is broken
Brian, I was hoping for some community assistance on the changelog and debdiff area because I am absolutely not expert at creating and maintaining custom Debian and Ubuntu packaging related files. If there are some things I should do to create these items documentation is of course welcome. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1556330 Title: upstream curl bug #1371: p12 client certificates code is broken Status in curl package in Ubuntu: Fix Released Status in curl source package in Trusty: Triaged Bug description: [Impact] The bug makes it impossible to use PKCS#12 secure storage of client certificates and private keys with any affected Ubuntu releases. The fix is one line fixing a broken switch statement and was already tested against Ubuntu 14.04 LTS with a rebuilt curl package. This was fixed in upstream libcurl in the following bug: https://sourceforge.net/p/curl/bugs/1371/ The bug fix consists of one missing break statement at the end of a case in a switch statement. I personally patched the bug using source code release curl_7.35.0-1ubuntu2.6.dsc, used in Ubuntu 14.04 LTS, and verified it does indeed fix the bug and all of the package's tests still pass afterwards. [Test Case] The bug can be reproduced using the following libcurl parameters (even via CLI, pycurl, etc.). CURLOPT_SSLCERTTYPE == "P12" CURLOPT_SSLCERT = path to PKCS#12 CURLOPT_SSLKEY = path to PKCS#12 CURLOPT_SSLKEYPASSWD = key for PKCS#12 if needed Basically, just use a PKCS#12 format client certificate and private key against some certificate protected web server. [Regression Potential] If it could possibly break anything, which is extraordinarily unlikely, it would break one of the three client certificate formats (most likely PKCS#12 but also PEM or DER). Note 1/3 formats is already broken due to the bug. Client certificates of all three types could be checked to prevent this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1556330/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1556330] Re: upstream curl bug #1371: p12 client certificates code is broken
Requested nomination for stable release update from Ubuntu Bug Control at 2016-03-12T00:08. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1556330 Title: upstream curl bug #1371: p12 client certificates code is broken Status in curl package in Ubuntu: New Bug description: The following bug from upstream libcurl should be fixed in Ubuntu Stable and Ubuntu LTS trains: https://sourceforge.net/p/curl/bugs/1371/ The bug fix consists of one missing break statement at the end of a case in a switch statement. I personally patched the bug using source code release curl_7.35.0-1ubuntu2.6.dsc, used in Ubuntu 14.04 LTS, and verified it does indeed fix the bug and all of the package's tests still pass afterwards. Impact: The bug makes it impossible to use PKCS#12 secure storage of client certificates and private keys with any affected Ubuntu releases. The fix is one line fixing a broken switch statement and was already tested against Ubuntu 14.04 LTS with a rebuilt curl package. Testing: The bug can be reproduced using the following libcurl parameters (even via CLI, pycurl, etc.). CURLOPT_SSLCERTTYPE == "P12" CURLOPT_SSLCERT = path to PKCS#12 CURLOPT_SSLKEY = path to PKCS#12 CURLOPT_SSLKEYPASSWD = key for PKCS#12 if needed Basically, just use a PKCS#12 format client certificate and private key against some certificate protected web server. Regression Potential: If it could possibly break anything, which is extraordinarily unlikely, it would break one of the three client certificate formats (most likely PKCS#12 but also PEM or DER). Note 1/3 formats is already broken due to the bug. Client certificates of all three types could be checked to prevent this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1556330/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1556330] [NEW] upstream curl bug #1371: p12 client certificates code is broken
Public bug reported: The following bug from upstream libcurl should be fixed in Ubuntu Stable and Ubuntu LTS trains: https://sourceforge.net/p/curl/bugs/1371/ The bug fix consists of one missing break statement at the end of a case in a switch statement. I personally patched the bug using source code release curl_7.35.0-1ubuntu2.6.dsc, used in Ubuntu 14.04 LTS, and verified it does indeed fix the bug and all of the package's tests still pass afterwards. Impact: The bug makes it impossible to use PKCS#12 secure storage of client certificates and private keys with any affected Ubuntu releases. The fix is one line fixing a broken switch statement and was already tested against Ubuntu 14.04 LTS with a rebuilt curl package. Testing: The bug can be reproduced using the following libcurl parameters (even via CLI, pycurl, etc.). CURLOPT_SSLCERTTYPE == "P12" CURLOPT_SSLCERT = path to PKCS#12 CURLOPT_SSLKEY = path to PKCS#12 CURLOPT_SSLKEYPASSWD = key for PKCS#12 if needed Basically, just use a PKCS#12 format client certificate and private key against some certificate protected web server. Regression Potential: If it could possibly break anything, which is extraordinarily unlikely, it would break one of the three client certificate formats (most likely PKCS#12 but also PEM or DER). Note 1/3 formats is already broken due to the bug. Client certificates of all three types could be checked to prevent this. ** Affects: curl (Ubuntu) Importance: Undecided Status: New ** Patch added: "official libcurl patch from Daniel Stenberg" https://bugs.launchpad.net/bugs/1556330/+attachment/4596446/+files/libcurl_broken_pkcs12.patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1556330 Title: upstream curl bug #1371: p12 client certificates code is broken Status in curl package in Ubuntu: New Bug description: The following bug from upstream libcurl should be fixed in Ubuntu Stable and Ubuntu LTS trains: https://sourceforge.net/p/curl/bugs/1371/ The bug fix consists of one missing break statement at the end of a case in a switch statement. I personally patched the bug using source code release curl_7.35.0-1ubuntu2.6.dsc, used in Ubuntu 14.04 LTS, and verified it does indeed fix the bug and all of the package's tests still pass afterwards. Impact: The bug makes it impossible to use PKCS#12 secure storage of client certificates and private keys with any affected Ubuntu releases. The fix is one line fixing a broken switch statement and was already tested against Ubuntu 14.04 LTS with a rebuilt curl package. Testing: The bug can be reproduced using the following libcurl parameters (even via CLI, pycurl, etc.). CURLOPT_SSLCERTTYPE == "P12" CURLOPT_SSLCERT = path to PKCS#12 CURLOPT_SSLKEY = path to PKCS#12 CURLOPT_SSLKEYPASSWD = key for PKCS#12 if needed Basically, just use a PKCS#12 format client certificate and private key against some certificate protected web server. Regression Potential: If it could possibly break anything, which is extraordinarily unlikely, it would break one of the three client certificate formats (most likely PKCS#12 but also PEM or DER). Note 1/3 formats is already broken due to the bug. Client certificates of all three types could be checked to prevent this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1556330/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 991481] Re: Constant dns traffic for daisy.ubuntu.com
This bug has been open two years and it's still occurring. I've noticed it during development of an open-source network security sensor I'm planning to publish in the next few weeks: { "source": "dns", "port_id": 0, "direction": 1, "self": 0, "length": 76, "eth_type": 2048, "smac": "50:e5:49:36:0a:db", "dmac": "78:96:84:71:ea:c0", "sip": "192.168.1.5", "dip": "192.168.1.254", "ip_protocol": 17, "ttl": 0, "l4_length": 42, "icmp_type": 255, "icmp_code": 255, "sport": 37657, "dport": 53, "dns_name": "daisy.ubuntu.com." } It's a little unbelievable it's been open this long with no concrete plan taking shape. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib2.0 in Ubuntu. https://bugs.launchpad.net/bugs/991481 Title: Constant dns traffic for daisy.ubuntu.com Status in Ubuntu error tracker client (whoopsie): Confirmed Status in “glib2.0” package in Ubuntu: Invalid Status in “network-manager” package in Ubuntu: In Progress Status in “whoopsie” package in Ubuntu: Triaged Bug description: Watching GNetworkMonitor's network-changed signal causes constant DNS traffic. Andy Whitcroft points out that the NETLINK_ROUTE socket set up by GNetworkMonitor will fire events every time an ARP entry appears or disappears. Unfortunately, we currently need an additional layer of connectivity checking because checking NetworkManager's state for CONNECTED_GLOBAL is not enough to know whether we're really online. Ubuntu does not yet use the NetworkManager connectivity check [1]. The likely solution to this bug is a replacement for GNetworkMonitor in whoopsie. 1: http://bazaar.launchpad.net/~daisy- pluckers/whoopsie/trunk/view/head:/src/connectivity.c#L326 Original report follows: Every few seconds, I see a dns query for daisy.ubuntu.com. After removing whoopsie, the traffic goes away. To manage notifications about this bug go to: https://bugs.launchpad.net/whoopsie/+bug/991481/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp