Control: retitle -1 roundcube: CVE-2023-43770: XSS vulnerability in handling of
linkrefs in plain text messages
On Mon, 18 Sep 2023 at 13:59:47 +0200, Guilhem Moulin wrote:
> I requested a CVE ID for this issue.
CVE-2023-43770 for this. I'll suggest debdiffs targetting {bullseye,
On Thu, 21 Sep 2023 at 13:58:18 +0200, J.L. Fernandez Jambrina wrote:
> Unfortunatelly I don't know how to use setDebug() to see what's is
> being passed to send()
Please see https://github.com/pear/Net_SMTP#debugging to debug Net_SMTP.
> but I used two calls to var_dump() to see it:
AFAICT this
Control: tag -1 moreinfo
On Tue, 19 Sep 2023 at 22:39:40 +0100, Tj wrote:
> On reaching initialramfs it fails to unlock either of the LUKS devices;
> eventually dropping to the shell after reporting:
>
> Error: Timeout reached while waiting for askpass.
>
> After using `break=mount` and investigat
Control: tag -1 moreinfo
Hi,
On Tue, 19 Sep 2023 at 12:42:34 +0200, J.L. Fernandez Jambrina wrote:
> As php-mail didn't change in the upgrade and I verified the arguments
> to the MAIL::send method are the same in both cases I suspect from the
> underlying php-net-smtp package, but I can be wrong
Control: tag -1 moreinfo
Hi,
On Mon, 18 Sep 2023 at 10:46:30 +0100, Luca Boccassi wrote:
> With sysvinit scripts no longer being mandatory, the udev one has been
> removed from src:systemd. It is in the process of being adopted by
> src:sysvinit, but being optional and all that might take some ti
I requested a CVE ID for this issue.
--
Guilhem.
signature.asc
Description: PGP signature
On Mon, 28 Aug 2023 at 01:56:04 +0200, Guilhem Moulin wrote:
> cryptsetup-run has been a transitional package since the buster release,
> and has now been removed following #1038285. Looks like I failed to
> properly check reverse depends; yubikey-luks should replace ‘Depends:
> cr
Source: yubikey-luks
Version: 0.5.1+29.g5df2b95-6.1
Severity: serious
Hi,
cryptsetup-run has been a transitional package since the buster release,
and has now been removed following #1038285. Looks like I failed to
properly check reverse depends; yubikey-luks should replace ‘Depends:
cryptsetup-
Control: tag -1 pending
On Sun, 09 Jul 2023 at 13:13:55 -0400, David Mandelberg via
Pkg-roundcube-maintainers wrote:
> I tried setting up oauth2 in roundcube, but when the OIDC provider redirects
> back to roundcube, I get an "Oops... something went wrong!" page. When that
> happens, /var/log/rou
Control: tag -1 pending
Control: found -1 1.6.1+dfsg-1
On Thu, 10 Aug 2023 at 07:46:40 +0300, Antti Kultanen via
Pkg-roundcube-maintainers wrote:
> in the crontab file /etc/cron.d/roundcube-core file the garbage collector
> is set run 60 times, or every minute from 5:00 to 5:59.
> […]
> Is there
On Tue, 25 Jul 2023 at 14:39:29 +0200, Jonas Smedegaard wrote:
> I have no objections at all - on the contrary: Thanks!
>
> I will have a look at applying the patch to trixie, then - since there
> is unfortunately little hope that the whole Haskell stack will get
> upgrading any time soon, so wi ca
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: pan...@packages.debian.org, Guilhem Moulin
Control: affects -1 + src:pandoc
[ Reason ]
pandoc 2.17.1.1-1.1 is vulnerable to CVE-2023-35936: Arbitrary file write
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: pan...@packages.debian.org, Guilhem Moulin
Control: affects -1 + src:pandoc
[ Reason ]
pandoc 2.9.2.1-1 is vulnerable to CVE-2023-35936: Arbitrary file write
am fix for CVE-2023-35936 from 3.1.6 release.
+
+ -- Guilhem Moulin Fri, 21 Jul 2023 20:22:42 +0200
+
pandoc (2.17.1.1-1.1) unstable; urgency=low
* Non-maintainer upload.
diff -Nru pandoc-2.17.1.1/debian/patches/CVE-2023-35936.patch
pandoc-2.17.1.1/debian/patches/CVE-2023-35936.patch
--- pan
On Fri, 30 Jun 2023 at 11:14:35 -0500, Michael Meier wrote:
> I had to edit the file /usr/share/initramfs-tools-hooks so it also copies the
> dss key:
src:dropbear doesn't ship that file, do you mean
/usr/share/initramfs-tools/hooks/dropbear?
> The option DROPBEAR_OPTIONS="-E" should be default
ree in lua_upvaluejoin in lapi.c. (Closes:
+#920321)
+ * Fix CVE-2020-24370: Segmentation fault in getlocal and setlocal functions
+in ldebug.c. (Closes: #988734)
+
+ -- Guilhem Moulin Thu, 22 Jun 2023 22:03:38 +0200
+
lua5.3 (5.3.3-1.1) unstable; urgency=medium
* Non-maintainer uploa
Hi,
On Sun, 25 Jun 2023 at 21:19:10 +, Bastien Roucariès wrote:
> I found the commit that remove the stack overlfow check line 688
> https://github.com/lua/lua/commit/287b302acb8d925178e9edb800f0a8d18c7d35f6
That also matching my finding from https://bugs.debian.org/1034847#12 .
Asked for con
Hi carnil,
On Fri, 23 Jun 2023 at 21:49:21 +0200, Salvatore Bonaccorso wrote:
> thanks for the analysis. I want to point out that it's really
> important to not rely on the POC for making the not-affected
> assessment (and when not confirmed, rather err on the safe side and
> keep something marked
On Thu, 22 Jun 2023 at 18:08:39 +0200, Guilhem Moulin wrote:
> bullseye
>
>
> $ lua5.1 ./cstack.lua
> testing stack overflow detection
> nesting coroutines running after recoverable errors
> final count:198
>
> $ lua5.2 ./cstack.lua
> te
Hi Moritz,
On Tue, 25 Apr 2023 at 20:58:00 +0200, Moritz Mühlenhoff wrote:
> CVE-2021-43519[0]:
> | Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4
> | allows attackers to perform a Denial of Service via a crafted script
> | file.
While trigaging this for LTS I was unable to
On Tue, 13 Jun 2023 at 20:45:19 -0500, Bryan K. Walton wrote:
> Previous Roundcube version: 1.4.13+dfsg.1-1~deb11u1
> Previous Debian version: 11.7
Which DB backend are you using? I'm unable to reproduce this in a
Bullseye (11.7) VM with roundcube-mysql (the default):
~# apt install -y defaul
Control: tag -1 unreproducible moreinfo
On Tue, 13 Jun 2023 at 16:16:51 -0500, Bryan K. Walton via
Pkg-roundcube-maintainers wrote:
> Today, I tried to upgrade my webserver to Debian 12.0 (bookworm).
> Everything succeeded but Roundcube.
What was the previous Roundcube (and Debian itself) versio
Control: tag -1 moreinfo unreproducible
Hi,
On Sun, 04 Jun 2023 at 10:41:56 +0200, Georg Gast wrote:
> But dropbear did not start as it was complaining about the missing dss host
> key.
> […]
> If i delete /etc/dropbear/initramfs/dropbear_dss_host_key and generate a new
> one
> dropbearkeygen -t
Control: tag -1 unreproducible
On Wed, 10 Jun 2020 at 23:19:41 +0200, Marco Herrn wrote:
> When writing into a logfile, rainloop writes the passwords of all
> login attempts (successful or not) into the logfile in cleartext.
FWIW I'm not able to reproduce this with the version from Debian buster
On Thu, 11 May 2023 at 18:12:52 +0200, Bastian Blank wrote:
> Nope, not really. Half VG was never a real thing. It might work in
> some cases.
And these use-cases are unbootable since 2.03.15…
> Then, degraded is the default activation mode, so overriding that would
> not be appropriate. But f
Guilhem.
From: Guilhem Moulin
Date: Wed, 10 May 2023 00:42:28 +0200
Subject: udev rules: Try to call activate incomplete VGs at initramfs stage.
The upstream udev rules don't autoactivate LVs residing on incomplete
VGs, see https://bugzilla.redhat.com/show_bug.cgi?id=1337220#c10 .
This change adds
Control: tag -1 - unreproducible
Control: reassign -1 lvm2 2.03.15-1
Control: forcemerge 1018730 -1
Control: affects -1 cryptsetup-initramfs
Thanks for the the reproducer! Much appreciated. So the problem is
that your VG spans over multiple PVs, but the LVs that are required at
early boot stage
Control: tag -1 - moreinfo
On Tue, 09 May 2023 at 18:39:33 +0200, Pásztor János wrote:
> I have attached the machine definition and already sent the vm images for
> you (via filesender.hu).
Many thanks! Will have something to put teeth into once the images have
been downloaded :-)
--
Guilhem.
Control: tag -1 + unreproducible moreinfo
On Tue, 09 May 2023 at 17:10:03 +0200, Pásztor János wrote:
> The machine and the disks are having two snapshots named 'good' and 'bad' so
> it is easy to jump between the states.
> I am willing to share with you the VM(disks + virsh dump) via a filesharin
Control: tag -1 unreproducible moreinfo
What does `lsinitramfs /initrd.img | grep -e{crypt,lvm}` return (after
removing your hook and rebuilding the initramfs image)? And also
install -m0700 -d /tmp/initramfs
unmkinitramfs /initrd.img /tmp/initramfs
cat /tmp/initramfs/cry
→ "valid". The latter may be what we
+observe when the server is fast enough, but according to RFC 8555 sec.
+7.1.6 the state actually transitions via "processing" and we need to
+account for that (closes: #1034834).
+ * d/gbp.conf: Set 'debian-branch = debian/bu
d of just "ready" → "valid". The latter may be what
+we observe when the server is fast enough, but according to RFC 8555
+sec. 7.1.6 the state actually transitions via "processing" state and
+we need to account for that.
+ - Test suite: Point stretch'
Package: lacme
Version: 0.8.1-1
Severity: important
Control: found -1 0.8.0-2
The lacme client fails to handle "ready" → "processing" → "valid" status
change during newOrder, instead of just "ready" → "valid". The latter
may be what we observe when the server is fast enough, but according to
RFC
00 +0200
+++ cryptsetup-2.6.1/debian/changelog 2023-04-21 00:54:29.0 +0200
@@ -1,3 +1,17 @@
+cryptsetup (2:2.6.1-4~deb12u1) bookworm; urgency=medium
+
+ * Rebuild for Bookworm.
+
+ -- Guilhem Moulin Fri, 21 Apr 2023 00:54:29 +0200
+
+cryptsetup (2:2.6.1-4) unstable; urgenc
[ Bastian Germann ]
+ * Add Breaks on cryptsetup-initramfs (see #1032235)
+
+ [ Guilhem Moulin ]
+ * d/gbp.conf: Set 'debian-branch = debian/bookworm'.
+ * d/rules: Restore threading support to libargon2-1-udeb (closes: #1034696).
+This is beneficial for cryptsetup-udeb, see #
On Fri, 21 Apr 2023 at 12:25:29 +0200, Guilhem Moulin wrote:
> Bookworm (debian-bookworm-DI-rc1-amd64-netinst.iso + cryptsetup
> 2:2.6.1-4~deb12u1,
> graphical install), 1024M RAM:
>
> root@debian:~# cryptsetup luksDump /dev/vda5 | grep -A3 PBKDF
> PB
This is beneficial for cryptsetup-udeb, see #1028250. Removing threading
+support in libargon2-1-udeb was done for historical reasons no longer
+relevant since Debian Bookworm.
+
+ -- Guilhem Moulin Fri, 21 Apr 2023 19:48:56 +0200
+
argon2 (0~20190702+dfsg-2) unstable; urgency=medium
On Fri, 21 Apr 2023 at 13:02:24 +0200, Cyril Brulebois wrote:
> Summing up some out-of-band brainstorming about what “a bit crippled”
> means, it might just be libargon2-1-udeb's being built without pthread
> support:
>
> https://salsa.debian.org/debian/argon2/-/commit/31225912349933993e49f5007e976
Hi,
On Thu, 20 Apr 2023 at 20:02:27 +0200, Cyril Brulebois wrote:
>> * Backport upstream MR !498, let it mature in sid for a few
>> weeks then upload 2:2.6.1-4~deb12u1 via t-p-u. There are only 2
>> upstream commits to cherry-pick and neither is large nor intrusive;
>> moreover like the commits p
Hi kibi,
On Sat, 01 Apr 2023 at 01:34:54 +0200, Guilhem Moulin wrote:
> Ah right, reopened the upstream issue but forgot to follow-up here :-(
> https://gitlab.com/cryptsetup/cryptsetup/-/issues/802#note_1328592911
AFAICT the issue is now fully fixed upstream: on systems without swap
the
On Thu, 13 Apr 2023 at 23:16:15 +0200, William Desportes wrote:
> Right after boot&unlock and (user login?) it prints the missing
> ipconfig missing message.
Just to confirm, you unlock (at initramfs stage) using keyboard + screen
right, not remotely using dropbear SSH right? Because at that poin
Control: tag -1 moreinfo unreproducible
On Fri, 07 Apr 2023 at 14:52:01 -0500, Jonathan Hutchins wrote:
> Loading default page (.../mail) displays PHP code inestead of login page
> after upgrade from buster to bullseye.
index.php ends with the exact same line on buster (1.3.17+dfsg.1-1~deb10u2)
On Thu, 06 Apr 2023 at 23:15:59 +0200, Guilhem Moulin wrote:
> On Thu, 06 Apr 2023 at 18:56:49 +0200, William Desportes wrote:
>> The system does not have ipconfig installed,
>
> What do you mean? Your main system (outside) initramfs stage might lack
Misplaced parenthesis, that s
On Thu, 06 Apr 2023 at 18:56:49 +0200, William Desportes wrote:
> with cryptsetup it does not like rescue mode initramfs updates.
Hm? Installing cryptsetup-initramfs, and letting it unlock devices
(incl. those holding the root FS) at early boot stage, definitely
doesn't prevent rescue mode or ge
On Wed, 05 Apr 2023 at 23:11:36 +0200, William Desportes wrote:
> My Debug did some small progress the other day, and can confirm I walked into
> https://bugs.debian.org/1015810
>
>> /scripts/init-premount/dropbear: line 300: can't open '/run/net-*.conf': No
>> such file or directory
>
> That sai
On Sun, 02 Apr 2023 at 12:57:58 +0200, Lars Silvén wrote:
> I got it working with a fix I found and modified from a Ubuntu version to
> work also for Debian testing:
> https://github.com/larssilven/systemd_with_tpm2
Oh, cool! Unfortunately that's too late for bookworm, but will be
considered for
On Sun, 02 Apr 2023 at 10:54:59 +0200, William Desportes wrote:
> Can you be more specific?, I updated some of it yesterday. The
> updating keys seems to be useful.
See the NEWS entry for 2015.68-1, /etc/ssh and the initramfs image have
different access control so blindly suggesting to convert key
Control: tag -1 unreproducible moreinfo
On Sat, 01 Apr 2023 at 18:36:47 +0200, William Desportes wrote:
> I am trying to sort out this bug, but the machine is blocked in an endless
> loop
>
> It does /scripts/init-bottom
>
> And then the monitor displays in an endless loop:
> /scripts/init-premou
Hi kibi,
On Sat, 01 Apr 2023 at 00:36:35 +0200, Cyril Brulebois wrote:
> Cyril Brulebois (2023-03-26):
>> I'm happy to have the patches included, and I can definitely live with
>> possible temporary regressions (should that happen) that might arise
>> from having them.
>
> Pre-upload testing show
Control: tag -1 - moreinfo unreproducible
Control: tag -1 + upstream
Control: retitle -1 cryptsetup-bin: `cryptsetup -v isLuks` produces misleading
output when the device isn't LUKS
On Mon, 27 Mar 2023 at 14:06:32 +0200, Alexis Huxley wrote:
> testaroli# cryptsetup isLuks /dev/loop0; echo "\`cryp
Control: tag -1 unreproducible moreinfo
Hi,
On Mon, 27 Mar 2023 at 12:35:39 +0200, Alexis Huxley wrote:
> testaroli# cryptsetup isLuks -v /dev/zvol/zpool0/test
> Command failed with code -1 (wrong or missing parameters).
> testaroli# cryptsetup -v isLuks /dev/zvol/zpool0/test
Hi kibi,
In https://bugs.debian.org/1032235#107 elbrus (CC'ed) asked for a t-p-u
upload of cryptsetup to fix a potential major regression should
bookworm's src:argon2 ever be rebuilt with the bookworm toolchain. The
version currently in sid, 2:2.6.1-3, also includes 2 upstream patches to
mitigate
Hi,
On Thu, 16 Mar 2023 at 13:44:11 +0100, Paul Gevers wrote:
>> As I already mentioned on this or some related bug, I would find it nice
>> for #1014110 to be fixed in bookworm (threaded argon2 executable) but I
>> do not insist on it.
>
> cryptsetup can only migrate when argon2 migrates,
I see
On Thu, 16 Mar 2023 at 16:01:47 +0100, Paul Gevers wrote:
> On 16-03-2023 14:31, Guilhem Moulin wrote:
>>> cryptsetup can only migrate when argon2 migrates,
>>
>> I see that in the excuse page now but don't understand the reason why,
>
> It took me a while a
Hi,
On Thu, 16 Mar 2023 at 09:13:44 +0100, Paul Gevers wrote:
> On 15-03-2023 23:28, Guilhem Moulin wrote:
>> Yes there is, namely the fact that libargon2-1 no longer links against
>> libpthread, which in turn caused a major regression in
>> cryptsetup-initramfs (mitigate
Hi,
On Wed, 15 Mar 2023 at 22:43:31 +0100, Bastian Germann wrote:
> Am 15.03.23 um 22:39 schrieb Paul Gevers:
>> Do I understand correctly that:
>> 1) argon2 in testing isn't affected
>> 2) this bug isn't solved yet, despite the closure?
>> 3) the issue for cryptsetup is worked around in cryptsetu
Control: tag -1 - moreinfo
Control: severity -1 important
Control: retitle -1 Argon2 memory cost is not future proof and might OOM on
dist-upgrade on memory-constrained systems
On Sat, 11 Mar 2023 at 14:53:37 -0500, Jérôme Charaoui wrote:
>> Jérôme, what memory cost is the keyslot using? (Paste
Control: found -1 2:2.1.0-5+deb10u2
Control: tag -1 moreinfo
Hi kibi,
On Sat, 11 Mar 2023 at 15:16:01 +0100, Cyril Brulebois wrote:
> Guilhem Moulin (2023-03-11):
>> On Sat, 11 Mar 2023 at 08:26:27 -0500, Jérôme Charaoui wrote:
>>> Today I upgraded a small KVM machine with
Control: reassign -1 cryptsetup-bin 2:2.6.1-2
Control: severity -1 important
Control: tag -1 upstream
Control: forwarded -1
https://gitlab.com/cryptsetup/cryptsetup/-/issues/802#note_1287298872
Hi,
On Sat, 11 Mar 2023 at 08:26:27 -0500, Jérôme Charaoui wrote:
> Today I upgraded a small KVM machi
Control: tag -1 pending
On Wed, 08 Mar 2023 at 14:04:42 +0100, Guilhem Moulin wrote:
> On Wed, 08 Mar 2023 at 13:42:53 +0100, Christoph Anton Mitterer wrote:
>> @Guilhem, I'm reopening this for now.
>
> No please don't, #-1 is RC so that would block transitioning i
On Wed, 08 Mar 2023 at 14:11:05 +0100, Christoph Anton Mitterer wrote:
> On Wed, 2023-03-08 at 14:04 +0100, Guilhem Moulin wrote:
>> No please don't, #-1 is RC so that would block transitioning into
>> Bookworm which only supports merged-usr… Will fix that later during
>&
Control: clone -1 -2
Control: severity -2 important
Control: done -1 2:2.6.1-2
On Wed, 08 Mar 2023 at 13:42:53 +0100, Christoph Anton Mitterer wrote:
> @Guilhem, I'm reopening this for now.
No please don't, #-1 is RC so that would block transitioning into
Bookworm which only supports merged-usr…
Hi Guido,
On Wed, 01 Mar 2023 at 12:14:51 +0100, Guido Günther wrote:
> On Tue, Aug 09, 2022 at 01:07:34PM +0200, Guilhem Moulin wrote:
>> That'd work for me, thanks! Some ideas to cover other use-cases if
>> desired:
>>
>> - Always strip ‘+ds(\.\d*)?’ and
Control: clone -1 -2
Control: reassign -1 cryptsetup-initramfs 2:2.6.1-1
On Thu, 02 Mar 2023 at 02:57:20 +0100, Guilhem Moulin wrote:
> On Wed, 01 Mar 2023 at 12:04:04 +, Debian FTP Masters wrote:
>> Changes:
>> argon2 (0~20190702-0.1) unstable; urgency=medium
>> .
&g
On Wed, 01 Mar 2023 at 12:04:04 +, Debian FTP Masters wrote:
> Changes:
> argon2 (0~20190702-0.1) unstable; urgency=medium
> .
> […]
>* Only build udeb without threads (Closes: #1014110)
AFAICT #1014110 says nothing about udeb, but that change actually builds
libargon2 (.deb) without pth
X-Debbugs-Cc: pkg-cryptsetup-de...@alioth-lists.debian.net
Hi kibi!
On Thu, 16 Feb 2023 at 20:14:20 +0100, Cyril Brulebois wrote:
> Cyril Brulebois (2023-01-09):
>> Cyril Brulebois (2023-01-08):
>>> I'm seeing at least two problems with cryptsetup while testing daily
>>> builds:
>>> - with 6.1.
On Wed, 15 Feb 2023 at 11:42:38 +0100, Wilhelm Greiner wrote:
> With this Bug encrypting Disks with key in tpm (a documented Feature) is
> completely broken, so it should be classified as bug.
This is documented in systemd not src:cryptsetup. systemd is not
involved at early boot stage, at when l
Control: tag -1 pending
On Tue, 31 Jan 2023 at 13:38:20 -0500, Amin Bandali wrote:
> Would you please consider adopting the attached patch (also forwarded
> and applied upstream) for fixing the test suite breakage both before
> and after ICU 72.1? Though Debian unstable and testing already have
>
On Sun, 15 Jan 2023 at 21:49:33 +0100, Hauke Mehrtens wrote:
> I have the output I see on the terminal when a monitor is connected.
Unfortunately that doesn't help much, please use the aforementioned
README.debug.html instructions to get a log file.
> The comments look like a udev rule should cre
On Fri, 30 Dec 2022 at 13:19:10 +0100, Łukasz Stelmach wrote:
> The 5.10 kernel is from oldstable.
Oh, didn't realize Buster had both 4.19 and 5.10. I stand corrected.
But still the buster kernel is what linux-image-686-pae pulls, namely
4.19 not 5.10.
>> OTOH mixing buster and buster-backports
Control: severity -1 wishlist
On Wed, 28 Dec 2022 at 04:01:24 +0100, Marco d'Itri wrote:
> tls.h is provided by libtls-dev.
It is (wasn't) only a build issue, along with the TLS support upstream
(OpenBSD) has added options that conflicts with Debian-specific flags:
-C certfile
L
Control: tag -1 unreproducible moreinfo
Hi,
On Wed, 28 Dec 2022 at 00:41:05 +1100, Konomi Kitten wrote:
> After doing the following updates:
>
> [UPGRADE] cryptsetup:amd64 2:2.6.0-1 -> 2:2.6.0-2
> [UPGRADE] cryptsetup-bin:amd64 2:2.6.0-1 -> 2:2.6.0-2
> [UPGRADE] cryptsetup-initramfs:amd64 2:2.6.0
Control: tag -1 = pending
On Thu, 22 Dec 2022 at 12:56:10 +1100, Russell Coker wrote:
> I run dpkg-buildpackage twice and I get the following errors:
> […]
> The following patch allows it to build twice.
Fixed using d/clean instead:
https://salsa.debian.org/cryptsetup-team/cryptsetup/-/commit/fa7
Control: tag -1 pending
Hi,
On Tue, 20 Dec 2022 at 17:54:56 +0100, Lucas Nussbaum wrote:
>> There was 1 failure:
>>
>> 1) Rcmail_Rcmail::test_format_date
>> Failed asserting that two strings are identical.
>> --- Expected
>> +++ Actual
>> @@ @@
>> -'6/1/20, 12:20 PM'
>> +'6/1/20, 12:20 PM'
>>
>
On Wed, 09 Nov 2022 at 15:14:08 +0100, Guilhem Moulin wrote:
> An LVM-specific regression in the `cryptroot-unlock` logic wouldn't have
> broken the dropbear-initramfs autopkgtests since we don't use LVM there
> anymore, but I tested it again after reverting the commit and th
Control: tag -1 moreinfo unreproducible
Hi,
On Tue, 08 Nov 2022 at 22:36:39 +0100, Hauke Mehrtens wrote:
> Unlocking and mounting of the root partitions does not work any more
> from the initramfs. When I call cryptroot-unlock and provide the disk
> password I see some error messages about mdadm,
Hi,
On Fri, 28 Oct 2022 at 14:03:51 +0100, Luca Boccassi wrote:
> Yesterday I uploaded sytemd/252~rc3 to unstable, and cryptsetup
> autopkgtests have started failing.
Thanks for the poke. AFAICT the failure comes from the fact that
`udeadm settle` calls now requires a proc(5) pseudo filesystem m
On Sat, 08 Oct 2022 at 12:48:59 +0200, Mahashakti89 wrote:
> I forgot to mention it worked at the very beginning of 6.0 kernel
> After pulling the latest commits it didn't work anymore
Ah, so you're building your own kernel? You might want to bisect then
to identify the culprit :-)
>> Please pr
On Sat, 08 Oct 2022 at 12:27:20 +0200, Guilhem Moulin wrote:
> On Sat, 08 Oct 2022 at 11:58:16 +0200, mahashakti89 wrote:
>> Cryptsetup won't work on kernel 6.0. No password input at all.
>
> cryptsetup's autopkgtests passed with linux/6.0~rc7-1~exp1 and the “Please
> u
Control: tag -1 moreinfo unreproducible
On Sat, 08 Oct 2022 at 11:58:16 +0200, mahashakti89 wrote:
> Cryptsetup won't work on kernel 6.0. No password input at all.
cryptsetup's autopkgtests passed with linux/6.0~rc7-1~exp1 and the “Please
unlock disk $NAME: […] set up successfully” messages are v
Hi,
On Sun, 02 Oct 2022 at 20:40:36 +0100, Luca Boccassi wrote:
> Could you please consider an upload of the latest cryptsetup to
> bullseye-backports?
Bookworm/sid's cryptsetup-initramfs conflicts with Bullseye's lvm2.
Could you please upload lvm2 to bullseye-backports, or ask the maintainer
to
Control: tag -1 = pending
Control: severity -1 important
On Tue, 27 Sep 2022 at 14:22:13 +0900, Yuya Nishihara wrote:
> The attached log file shows /run/udev/control exists, but it might not be what
> you suggested because the log is captured out of the chroot environment. Maybe
> that's why udevd
Hi,
On Sun, 02 Oct 2022 at 20:40:36 +0100, Luca Boccassi wrote:
> Could you please consider an upload of the latest cryptsetup to
> bullseye-backports?
Can certainly do that if it's useful.
Cheers
--
Guilhem.
signature.asc
Description: PGP signature
Hi elbrus,
On Fri, 30 Sep 2022 at 21:38:50 +0200, Paul Gevers wrote:
> On Mon, 26 Sep 2022 19:35:44 +0200 Paul Gevers wrote:
>> Assuming it works as intended, that's exactly what I was looking for, yes.
>
> Seems it doesn't always work.
Haven't uploaded 2:2.5.0-4 yet as I was traveling this wee
Control: tag -1 moreinfo
Hi,
On Fri, 23 Sep 2022 at 16:47:19 +0900, Yuya Nishihara wrote:
> This is the output of 'cryptsetup luksResume', at version 2:2.5.0-3:
Thanks for the debug log! Did you obtain that by adding ‘--debug’ to
/lib/cryptsetup/functions:resume_mapping() and rebuilding the ini
Control: tag -1 pending
Hi Paul,
On Sun, 25 Sep 2022 at 20:09:09 +0200, Paul Gevers wrote:
> However, the reason for that long run was not the failure itself, but
> the fact that your tests drop to shell on error and apparently waits
> for user input. One failure with 2:2.5.0-3 in unstable has th
Control: tag -1 pending
Hi Steve,
On Sun, 21 Aug 2022 at 16:09:24 -0700, Steve Langasek wrote:
> The dropbear autopkgtest has been failing on all architectures in Ubuntu,
> because it tries to mkdir ~/.ssh and fails if this directory already exists.
>
> The attached patch calls mkdir with -p, so
On Wed, 17 Aug 2022 at 19:01:38 +0200, Jonas Smedegaard wrote:
> - it seems related to Wayland
It does work with GNOME and Wayland though.
--
Guilhem.
signature.asc
Description: PGP signature
Control: tag -1 moreinfo
Hi Jonas!
On Tue, 16 Nov 2021 at 17:22:54 +0100, Jonas Smedegaard wrote:
> Quoting Jonas Smedegaard (2021-11-15 18:06:57)
>> cryptsetup-suspend looks promising, but unfortunately failed for me so
>> far on my ARM-based laptop - TERES-I - running an up-to-date bookwork
>
Hi Guido,
On Tue, 09 Aug 2022 at 10:54:54 +0200, Guido Günther wrote:
> We could fix the replacement to be empty:
>
> https://github.com/agx/git-buildpackage/compare/master...ds
>
> This causes trouble for people though that need this *and* to mangle the
> version by other means.
That'd work fo
Control: tag -1 patch
The trivial patch attached fixes the exception. Seems it was a
regression caused by the fix for #960267.
cheers
--
Guilhem.
diff --git a/lib/testdesc.py b/lib/testdesc.py
index 3e696a2..39e1ecb 100644
--- a/lib/testdesc.py
+++ b/lib/testdesc.py
@@ -678,7 +678,7 @@ def pars
Hi Sean,
On Sun, 31 Jul 2022 at 13:45:29 -0700, Sean Whitton wrote:
> So, the PARTUUID= source is being mapped to a /dev/mapper source, which
> I think is the work of the fix for #902943. It's the same for UUID=.
>
> The problem is that /dev/mapper/loop0p2 is valid only on the
> image-building h
Control: severity -1 minor
On Sat, 07 May 2022 at 17:40:34 -0400, Andres Salomon wrote:
> Calling the init script with 'force-start' was how I used to start the
> volume and get prompted for a password, but on a newer system with
> systemd, that doesn't _appear_ to work any more:
The init scripts
On Mon, 01 Aug 2022 at 15:32:19 +0200, Wojciech Zabołotny wrote:
> BTW. I'm really amused that no one else complained about that issue.
> The problem exists for at least a few years.
Not claiming that no one would benefit from --perf-*, but as the link
from the cloudflare blog suggests it appears
On Mon, 01 Aug 2022 at 14:10:26 +0200, Wojciech Zabołotny wrote:
> Modifying the mapping parameters with:
> # cryptsetup --perf-no_write_workqueue refresh name_of_the_mapping
>
> indeed eliminates the problem.
> Isn't it then the problem with default mapping parameters used in
> cryptsetup?
IMH
Control: tag -1 + moreinfo
Hi,
On Mon, 01 Aug 2022 at 12:27:39 +0200, Wojciech Zabołotny wrote:
> That configuration generally works, but if a massive write operations
> are performed, the syste, practically freezes.
What makes you think that is a src:cryptsetup issue? Nothing in this
package i
Package: debci
Severity: wishlist
Dear Maintainer,
In order to test behavior at early boot stage we have autopkgtests in
src:cryptsetup (resp. src:dropbear) that launch a virtual machine and
mock user interaction through the serial console (resp. SSH) to unlock
the disks and check that boot event
Package: initramfs-tools-core
Version: 0.142
Severity: normal
Tags: patch
File: /usr/bin/unmkinitramfs
Dear Maintainer,
With the default COMPRESS=zstd lsmkinitramfs fails on unsplit
/initrd.img:
$ lsmkinitramfs /initrd.img
cpio: premature end of archive
$ unmkinitramfs /initrd.img /t
Package: autopkgtest
Version: 5.22
Severity: wishlist
Dear Maintainer,
It appears that when one passes the ‘--test-name=’ option several times
only the last specified test is run. It would be nice if the option was
repeatable, so ‘--test-name=a --test-name=b ‘--test-name=c’ would run
all 3 tests
On Thu, 21 Jul 2022 at 07:10:27 -0400, Philippe Clérié wrote:
> I would like to test that.
Well you can build the package from git and try to install the .deb :-)
FWIW the aforementioned patch also removes ‘Depends: php’ from the
‘lighttpd’ and ‘hardening-dedicated-user’ DEP-8 tests, and neither
101 - 200 of 1028 matches
Mail list logo
