[Bug 2069875] Re: [needs-packaging] cmocka-mocks
Thank you for your review Simon. Here is a new version of the package with the modifications you proposed: https://launchpad.net/~nemos-team/+archive/ubuntu/archive- target/+sourcepub/16287616/+listing-archive-extra About the changelog, since I initially took the upstream `debian.native` packaging example, I just found it relevant to list the modifications I made to it in addition to the classic `Initial release` message. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069875 Title: [needs-packaging] cmocka-mocks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2069875/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2073866] Re: [needs-packaging] lib4sbom
Candidate available here: https://launchpad.net/~ahresse/+archive/ubuntu/sbomdiff/+packages ** Changed in: ubuntu Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073866 Title: [needs-packaging] lib4sbom To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2073866/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2073867] Re: [needs-packaging] sbomdiff
Candidate available here: https://launchpad.net/~ahresse/+archive/ubuntu/sbomdiff/+packages ** Changed in: ubuntu Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073867 Title: [needs-packaging] sbomdiff To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2073867/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2073866] [NEW] [needs-packaging] lib4sbom
Public bug reported: A library used to work with SBOMs: https://github.com/anthonyharrison/lib4sbom ** Affects: ubuntu Importance: Undecided Assignee: Alexandre Esse (ahresse) Status: New ** Changed in: ubuntu Assignee: (unassigned) => Alexandre Esse (ahresse) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073866 Title: [needs-packaging] lib4sbom To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2073866/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2073867] [NEW] [needs-packaging] sbomdiff
Public bug reported: A tool to work with SBOMs: https://github.com/anthonyharrison/sbomdiff Depending on lib4sbom (https://bugs.launchpad.net/ubuntu/+bug/2073866) ** Affects: ubuntu Importance: Undecided Assignee: Alexandre Esse (ahresse) Status: New ** Changed in: ubuntu Assignee: (unassigned) => Alexandre Esse (ahresse) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073867 Title: [needs-packaging] sbomdiff To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2073867/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2071717] Re: [MIR] linuxptp
This MIR is a joint request with Industrial team (@farshidtz & @jpm) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2071717 Title: [MIR] linuxptp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linuxptp/+bug/2071717/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2071717] [NEW] [MIR] linuxptp
Public bug reported: [MIR] linuxptp [Availability] The package linuxptp is already in Ubuntu universe. The package linuxptp builds and works on all Ubuntu architectures. Link to package: https://launchpad.net/ubuntu/+source/linuxptp [Rationale] Linux PTP is an open-source (GPL-2) software suite that is led by its main developer Richard Cochran and is supported by the Network Time Foundation (https://nwtime.org/). The package linuxptp is generally useful for a part of our user base requiring a time synchronization of their system clocks in a network since it contains a PTP implementation compliant with the IEEE standard 1588. Especially users requiring higher precision than the one you can achieve with NTP. PTP is a standard synchronization solution that could be applied to systems such as automotive, telco, industrial or multimedia systems. One specific reason for this MIR comes from the requirements of a commercial partner who would like to offer linuxptp as part of their user experience on their Ubuntu based SDK images. This partner is working with the Canonical Partner Engineering team, albeit the maintenance of linuxptp itself would likely be done by the Industrial team. There are some alternatives to linuxptp:: ptpd: https://launchpad.net/ubuntu/+source/ptpd / http://ptpd.sourceforge.net/ : package exists but upstream project seems unmaintained (with missing tag on last identified version that blocks the package upstream source version update: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934275). ptpd2: https://sourceforge.net/projects/ptpd2/ : fork of ptpd that also seems unmaintained. ptpv2d: https://code.google.com/archive/p/ptpv2d/ : seems unmaintained. Overall, linuxptp looks like the current leading solution for Linux PTP stack. And, there is no other/better way to solve this that is already in main. [Security] * CVE history: In 2021: 2 High sensitive CVE about out-of-bounds read and write operations have been filled for linuxptp version prior to 3.1.1. The version 3.1.1 being actually dedicated to the fix of these two CVE only: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3570 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3571 * CVE status: There is a reference to the fix of these CVE on OpenWall: https://www.openwall.com/lists/oss-security/2021/07/06/1 As well as on Ubuntu CVE tracker: https://ubuntu.com/security/cves?package=linuxptp With the associated Ubuntu Security Notice: https://ubuntu.com/security/notices/USN-6097-1 And Debian security tracker: https://security-tracker.debian.org/tracker/source-package/linuxptp * Project Changelog and associated commits: ``` Version 3.1.1 Fixes: CVE-2021-3570 linuxptp: missing length check of forwarded messages CVE-2021-3571 linuxptp: wrong length of one-step follow-up in transparent clock ``` https://sourceforge.net/p/linuxptp/code/ci/ce15e4de5926724557e8642ec762a210632f15ca/ https://sourceforge.net/p/linuxptp/code/ci/0b3ab45de6a96ca181a5cf62c3c2b97167e2ed20/ * Launchpad Bugs: With a quick analysis: There is no Launchpad Bug referring to any security issue: https://bugs.launchpad.net/ubuntu/+source/linuxptp Linked to linuxptp package: There is only one open bug related to the use of chronyd as the time backend(https://bugs.launchpad.net/ubuntu/+source/linuxptp/+bug/2068526) that quickly got a valid proposition to fix here( https://bugs.launchpad.net/ubuntu/+source/linuxptp/+bug/2032805/comments/11). This is a chronyd issue. * Possible security flaws identified in the state of the art: There are multiple articles about potential security issues while using PTP that got published (e.g. https://cybersecurity.springeropen.com/articles/10.1186/s42400-021-00080-y). A key sensitive point we identify is TLVs authentication that could lead to some security issues on PTP based stack (https://cybersecurity.springeropen.com/articles/10.1186/s42400-023-00140-5). Further analysis should be done by the security team. * Package content: There are no SGID/SUID binaries in the current package: On noble, running: cd /tmp/ && sudo apt download linuxptp && dpkg -c linuxptp_4.0-1_amd64.deb Returns: ``` (...) -rw-r--r-- root/root263 2024-04-02 01:32 ./usr/lib/systemd/system/phc2sys@.service -rw-r--r-- root/root251 2024-04-02 01:32 ./usr/lib/systemd/system/ptp4l@.service -rw-r--r-- root/root359 2024-04-02 01:32 ./usr/lib/systemd/system/timemaster.service (...) -rwxr-xr-x root/root14640 2024-04-02 01:42 ./usr/sbin/hwstamp_ctl -rwxr-xr-x root/root83760 2024-04-02 01:42 ./usr/sbin/nsm -rwxr-xr-x root/root91696 2024-04-02 01:42 ./usr/sbin/phc2sys -rwxr-xr-x root/root31112 2024-04-02 01:42 ./usr/sbin/phc_ctl -rwxr-xr-x root/root96640 2024-04-02 01:42 ./usr/sbin/pmc -rwxr-xr-x root/root182120 2024-04-02 01:42 ./usr/sbin/ptp4l -rwxr-xr-x root/root43320 2024-04-02 01:42 ./usr/sbin/timemaster -rwxr-xr-x root/root91616 2024-04-02 01:42 .
[Bug 2069860] Re: [needs-packaging] cmocka-extensions
** Changed in: ubuntu Assignee: (unassigned) => Alexandre Esse (ahresse) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069860 Title: [needs-packaging] cmocka-extensions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2069860/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069878] [NEW] [needs-packaging] samconf
Public bug reported: Currently working on elos (https://github.com/Elektrobit/elos) software packaging, the fourth dependency I would like to integrate into Ubuntu is samconf (https://github.com/Elektrobit/samconf). samconf is stands for signed and mergable configuration. It is used by elos. The goal of the library is to manage program configuration options from various sources including support for verification of the configuration sources. This package will depend on cmocka-extensions (https://bugs.launchpad.net/ubuntu/+bug/2069860), cmocka-mocks (https://bugs.launchpad.net/ubuntu/+bug/2069875) and safu (https://bugs.launchpad.net/ubuntu/+bug/2069877). ** Affects: ubuntu Importance: Undecided Assignee: Alexandre Esse (ahresse) Status: In Progress ** Changed in: ubuntu Assignee: (unassigned) => Alexandre Esse (ahresse) ** Changed in: ubuntu Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069878 Title: [needs-packaging] samconf To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2069878/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069879] [NEW] [needs-packaging] elos
Public bug reported: Currently working on elos (https://github.com/Elektrobit/elos) software packaging, I would like to integrate it into Ubuntu. elos is a tool to collect, store and publish various system events (i.e. syslogs, core dumps, measurements obtained from proc- and sys-fs, …) while providing easy access to the collected data. This package will depend on cmocka-extensions (https://bugs.launchpad.net/ubuntu/+bug/2069860), cmocka-mocks (https://bugs.launchpad.net/ubuntu/+bug/2069875), safu (https://bugs.launchpad.net/ubuntu/+bug/2069877) and samconf (https://bugs.launchpad.net/ubuntu/+bug/2069878). ** Affects: ubuntu Importance: Undecided Assignee: Alexandre Esse (ahresse) Status: In Progress ** Changed in: ubuntu Assignee: (unassigned) => Alexandre Esse (ahresse) ** Changed in: ubuntu Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069879 Title: [needs-packaging] elos To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2069879/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069877] [NEW] [needs-packaging] safu
Public bug reported: Currently working on elos (https://github.com/Elektrobit/elos) software packaging, the third dependency I would like to integrate into Ubuntu is safu (https://github.com/Elektrobit/safu). safu is a Library of common utility API's used in elos and samconf. This package will depend on cmocka-extensions (https://bugs.launchpad.net/ubuntu/+bug/2069860) and cmocka-mocks (https://bugs.launchpad.net/ubuntu/+bug/2069875). ** Affects: ubuntu Importance: Undecided Assignee: Alexandre Esse (ahresse) Status: In Progress ** Changed in: ubuntu Assignee: (unassigned) => Alexandre Esse (ahresse) ** Changed in: ubuntu Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069877 Title: [needs-packaging] safu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2069877/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069875] [NEW] [needs-packaging] cmocka-mocks
Public bug reported: Currently working on elos (https://github.com/Elektrobit/elos) software packaging, the second dependency I would like to integrate into Ubuntu is cmocka-mocks (https://github.com/Elektrobit/cmocka_mocks). cmocka-mocks is a library to mock common C functions, like libc and jsonc, for testing purposes. This collection of ready to use mocks is based on cmocka_extensions (https://bugs.launchpad.net/ubuntu/+bug/2069860). ** Affects: ubuntu Importance: Undecided Assignee: Alexandre Esse (ahresse) Status: In Progress ** Changed in: ubuntu Assignee: (unassigned) => Alexandre Esse (ahresse) ** Changed in: ubuntu Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069875 Title: [needs-packaging] cmocka-mocks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2069875/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2069860] [NEW] [needs-packaging] cmocka-extensions
Public bug reported: Currently working on elos (https://github.com/Elektrobit/elos) software packaging, the first dependency I would like to integrate into Ubuntu is cmocka-extensions (https://github.com/Elektrobit/cmocka_extensions). cmocka-extensions are cmocka unit testing framework for C extended features used by elos and other projects. This package extends basic cmocka features and intoduces: * weak mocking * wrap mocking * and some definitions to make creating and running the unit tests a bit easier that the basic cmocka ** Affects: ubuntu Importance: Undecided Status: In Progress ** Changed in: ubuntu Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2069860 Title: [needs-packaging] cmocka-extensions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2069860/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056099] Re: [MIR] tree
Here is a proposition of testsuite introduction with https://gitlab.com/OldManProgrammer/unix-tree/-/merge_requests/19/diffs ** Patch added: "Debdiff" https://bugs.launchpad.net/ubuntu/+source/tree/+bug/2056099/+attachment/5760629/+files/add_tree_testsuite.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056099 Title: [MIR] tree To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tree/+bug/2056099/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2032805] Re: Could not open socket /var/run/timemaster/chrony.SOCK0
** Also affects: chrony (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2032805 Title: Could not open socket /var/run/timemaster/chrony.SOCK0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/2032805/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056099] Re: [MIR] tree
Github issue related to this MIR: https://github.com/canonical/ubuntu- mir/issues/52 ** Bug watch added: github.com/canonical/ubuntu-mir/issues #52 https://github.com/canonical/ubuntu-mir/issues/52 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056099 Title: [MIR] tree To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tree/+bug/2056099/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056099] [NEW] [MIR] tree
Public bug reported: [MIR] tree [Availability] The package tree is already in Ubuntu universe. Tree is a general purpose utility that is built and works on all Ubuntu architectures. Link to package https://launchpad.net/ubuntu/+source/tree [Rationale] The package tree is generally useful for a large part of our user base using the command-line. Tree itself is tiny, but is not currently seeded in our official images (albeit it is installed by default on a number of Ubuntu derivatives (Lubuntu - https://cdimage.ubuntu.com/lubuntu/releases/mantic/release/lubuntu-23.10-desktop-amd64.manifest , Xubuntu - https://cdimage.ubuntu.com/xubuntu/releases/mantic/release/xubuntu-23.10-desktop-amd64.manifest). One specific reason for this MIR comes from the requirements of a commercial partner who would like to offer the tree command as part of their user experience on their Ubuntu based SDK images. This partner is working with the Canonical Partner Engineering team, albeit the maintenance of tree itself would likely be done by the Foundations team – this has been discussed with the Foundations team. Package tree covers the same use case as ‘ls -lR’ or ‘find’, but is better because: - It is specialized in directories tree rendering for command line interface, so it has a fancier output on a terminal. - It provides machine-friendly output formats notably with its XML/JSON/HTML output formats. - It would be useful to the community and to our partner to have “tree” in Ubuntu main, especially for their upcoming noble/24.04 based SDK. [Security] - Ubuntu CVE Tracker (https://ubuntu.com/security/cve?package=tree) : 0 results as of 2024-03-05. - Debian Security Tracker: https://security-tracker.debian.org/tracker/source-package/tree: No issue as of 2024-03-05. - Project Changelog: (CHANGES file: http://oldmanprogrammer.net/source.php?dir=projects/tree/CHANGES): No reference to any security issue. - No CVEs/security issues (found) in this software in the past: NB: “tree” is a very commonly used keyword, notably in security vulnerabilities, but searching the CVE database for software names matching “tree” didn’t yield issues with the tree utility itself. - no `suid` or `sgid` binaries: `find / -perm -u=s -type f 2>/dev/null | grep tree` returns nothing – it’s just providing a simple non-privileged command. - `ls -l /usr/bin/tree` returns: `-rwxr-xr-x 1 root root 85400 Dec 12 16:06 /usr/bin/tree`. - no executables in `/sbin` and `/usr/sbin`: `dpkg -L tree | grep sbin` returns nothing, it’s really just /usr/bin/tree. - Package does not install services, timers or recurring jobs. - Packages does not open privileged ports (ports < 1024). - Package does not expose any external endpoints. - I didn't spot any deprecated security algorithm in use. [Quality assurance - function/usage] - The package works well right after install and can be used to list the contents of directories. [Quality assurance - maintenance] The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs: - Launchpad Bug Tracker (https://launchpad.net/ubuntu/+source/tree/+bugs): 2 bugs reported in Ubuntu: * One issue seems pretty serious (buffer overflow), and there were fixes in the upstream sources that could correspond, however this bug wasn’t forwarded back then and there is no data to reproduce it – we’ve pinged the bug to request a copy of the data and to try to reproduce with a more recent version. * One issue is a feature request - Debian https://bugs.debian.org/src:tree / https://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=both;package=tree : * One resolved serious bug can be found on debian archived bug history. Releases are relatively regular for a mature utility such as tree. Upstream recently changed its home site and seems responsive. $ grep ^Version CHANGES Version 2.1.1 (05/31/2023) Version 2.1.0 (12/26/2022) Version 2.0.4 (09/06/2022) Version 2.0.3 (08/26/2022) Version 2.0.2 (02/16/2022) Version 2.0.1 (01/03/2022) The package does not deal with exotic hardware we cannot support. [Quality assurance - testing] There are no unit tests in the sources, and the autopkgtest (https://autopkgtest.ubuntu.com/packages/tree) is relatively trivial, but this seems adequate given this command-line utility. A recent amd64 build log shows no warning nor errors: https://launchpadlibrarian.net/702286929/buildlog_ubuntu-noble-amd64.tree_2.1.1-2_BUILDING.txt.gz [Quality assurance - packaging] - debian/watch is present and works. - debian/control defines a correct Maintainer field (currently: Florian Ernst ). - Running `lintian --pedantic` on tree_2.1.1-2_amd64.deb doesn’t output anything. - This package does not rely on obsolete or about to be demoted packages. - There is no Debconf questions with this package. - Packaging and build is easy, (link to debian/rules: https://git.launchpad.net/ubuntu/+source/tree/tree/debian/rules?h=applied/ubuntu/noble). [UI s
[Bug 1516441] Re: *** buffer overflow detected ***: tree terminated
Thank you Sudip. I cannot reproduce on tree package version 2.1.1-2 under Noble. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1516441 Title: *** buffer overflow detected ***: tree terminated To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tree/+bug/1516441/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055402] Re: Though lintian call: error: troff: Segmentation fault
** Description changed: Hello, I was trying to run lintian on some deb packages an run onto some errors messages from groff. Steps to reproduce: 1. Setup a LXD container with mantic or Noble: lxc launch ubuntu-daily:noble #or lxc launch ubuntu:mantic - 2. Install lintian + 2. After getting connected to the container: Install lintian on it apt install lintian - 3. Run lintian on some package: + 3. Run lintian on some package inside the container: apt download tree && lintian tree_*.deb 4. Enjoy the groff-message logs: W: tree: groff-message command exited with status 2: /usr/libexec/man-db/zsoelim | /usr/libexec/man-db/manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE | preconv -e UTF-8 | groff -mandoc -Z -rLL=117n -rLT=117n -wmac -Tutf8 [usr/share/man/man1/tree.1.gz:2] W: tree: groff-message error: troff: Segmentation fault (core dumped) [usr/share/man/man1/tree.1.gz:1] * Container infos: lsb_release -rd No LSB modules are available. Description:Ubuntu Noble Numbat (development branch) Release:24.04 * Packages infos: apt-cache policy groff groff: Installed: (none) Candidate: 1.23.0-3 Version table: 1.23.0-3 500 500 http://archive.ubuntu.com/ubuntu noble/universe amd64 Packages apt-cache policy lintian lintian: Installed: 2.117.0ubuntu1 Candidate: 2.117.0ubuntu1 Version table: *** 2.117.0ubuntu1 500 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages 100 /var/lib/dpkg/status * Expected output (on Jammy): No segfault and no problem on the tested package with lintian (tree_2.1.1-2_amd64.deb) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055402 Title: Though lintian call: error: troff: Segmentation fault To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/groff/+bug/2055402/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055402] Re: Though lintian call: error: troff: Segmentation fault
** Description changed: Hello, I was trying to run lintian on some deb packages an run onto some errors messages from groff. Steps to reproduce: 1. Setup a LXD container with mantic or Noble: lxc launch ubuntu-daily:noble #or lxc launch ubuntu:mantic 2. Install lintian apt install lintian 3. Run lintian on some package: apt download tree && lintian tree_*.deb 4. Enjoy the groff-message logs: W: tree: groff-message command exited with status 2: /usr/libexec/man-db/zsoelim | /usr/libexec/man-db/manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE | preconv -e UTF-8 | groff -mandoc -Z -rLL=117n -rLT=117n -wmac -Tutf8 [usr/share/man/man1/tree.1.gz:2] W: tree: groff-message error: troff: Segmentation fault (core dumped) [usr/share/man/man1/tree.1.gz:1] - * Container infos: lsb_release -rd No LSB modules are available. Description:Ubuntu Noble Numbat (development branch) Release:24.04 * Packages infos: apt-cache policy groff groff: - Installed: (none) - Candidate: 1.23.0-3 - Version table: - 1.23.0-3 500 - 500 http://archive.ubuntu.com/ubuntu noble/universe amd64 Packages + Installed: (none) + Candidate: 1.23.0-3 + Version table: + 1.23.0-3 500 + 500 http://archive.ubuntu.com/ubuntu noble/universe amd64 Packages apt-cache policy lintian lintian: - Installed: 2.117.0ubuntu1 - Candidate: 2.117.0ubuntu1 - Version table: - *** 2.117.0ubuntu1 500 - 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages - 100 /var/lib/dpkg/status + Installed: 2.117.0ubuntu1 + Candidate: 2.117.0ubuntu1 + Version table: + *** 2.117.0ubuntu1 500 + 500 http://archive.ubuntu.com/ubuntu noble/main amd64 Packages + 100 /var/lib/dpkg/status * Expected output (on Jammy): No segfault and no problem on the tested package with lintian (tree_2.1.1-2_amd64.deb) - - I set it to security vulnerable because it involves a segfault. ** Information type changed from Private Security to Public ** Also affects: groff (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055402 Title: Though lintian call: error: troff: Segmentation fault To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/groff/+bug/2055402/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1516441] Re: *** buffer overflow detected ***: tree terminated
Hello bananenkasper, There was some updates of tree since you reported this issue. Moreover, some fix were about buffer overflow (specifically in v1.7.0 and v2.1.1). Nowadays 2.1.1 is on noble so please, try to reproduce you issue with an up to date version. I couldn't reproduce you issue on my side. Can you please provide an updated link to the material suitable to reproduce this bug? (I wasn't able to download you file). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1516441 Title: *** buffer overflow detected ***: tree terminated To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tree/+bug/1516441/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs