qa-regression-testing MP up at https://code.launchpad.net/~ahasenack/qa-
regression-testing/+git/qa-regression-testing/+merge/381582
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR
Moved to main:
$ change-override -s focal -c main -t libcbor
Override component to main
libcbor 0.6.0-0ubuntu1 in focal: universe/misc -> main
Override [y|N]? y
1 publication overridden.
$ change-override -s focal -c main libcbor0.6 libcbor-dev
Override component to main
libcbor0.6 0.6.0-0ubuntu1
Comments #2 #16 #27 combined mean this is complete and ready.
Andreas will continue to provide qa-regression tests for this, but this
isn't gating this promotion. It shows up in component-mismatches already
- therefore the right state is Fix-Committed.
This waits for an AA to promote the two pack
** Changed in: libcbor (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcbor (dependenci
I reviewed libcbor version 0.6.0-0ubuntu1 as checked into focal-
proposed; for this latest look I only inspected the packaging, trusting
that the code quality I saw earlier hasn't degraded. (Yes, the old
version had alignment issues, but was otherwise in good shape.)
No full form since I'm on vaca
** Changed in: libfido2 (Ubuntu)
Status: Incomplete => New
** Changed in: libfido2 (Ubuntu)
Assignee: Andreas Hasenack (ahasenack) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/
libcbor and libfido2 with the changes requested here migrated to the
focal release pocket.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcbor (dependencies of opens
I do
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcbor (dependencies of openssh)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+
Thanks Andreas for working on this!
Having the new versions and the build tests enabled is already great.
Let me summarize the next steps:
- Andreas will try to add a half-manual test to qa-regression-test, this isn't
bound to uploads and can happen later, but before FF release would be a
soft-d
> Any chance to also make a autopkgtest out of it for fido?
I tried adding the regress/ tests as dep8, but in the end it didn't make
sense to me. Thinking about SRUs, the dep8 run is very late in the
process, only triggered after the sru was accepted. Catching these
failures at build time is much
Since fido2 is acked but waiting on some tests I'll mark the task incomplete
and assign to Andreas.
Once we have tests added (which we can nicely combine with the libcbor rebuild)
this would be ready.
I already see this in the PPA:
* d/rules: run regression tests at build time, and one more tim
> Security team ACK for promoting libfido2 to main once some
> autopkgtests are added if possible to run the regression tests
> or some similar tests.
I changed the libfido2 package to run the regress/ tests at build time.
Since they are very silent when they work, and only noisy when they
fail, I
MP for the libcbor update, satisfying the MIR requirements (tests, and
updated version):
https://code.launchpad.net/~ahasenack/ubuntu/+source/libcbor/+git/libcbor/+merge/381060
** Merge proposal linked:
https://code.launchpad.net/~ahasenack/ubuntu/+source/libcbor/+git/libcbor/+merge/381060
-
** No longer affects: mathjax (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcbor (dependencies of openssh)
To manage notifications about this bug go to:
h
With that patch, I get:
./obj-x86_64-linux-gnu/src/libcbor.so.0.6
./obj-x86_64-linux-gnu/src/libcbor.so
./obj-x86_64-linux-gnu/src/libcbor.so.0.6.0
$ objdump -x ./obj-x86_64-linux-gnu/src/libcbor.so.0.6.0 | grep SONAME
SONAME libcbor.so.0.6
--
You received this bug notification
I'll check a new build with the patch from
https://github.com/PJK/libcbor/pull/131/files
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcbor (dependencies of openssh
@Andreas, from reading the upstream discussion it seems they want (until
they reach 1.0) to stick with main soname 0 and only bump minor versions
within it.
That in mind the new build should IMHO look like:
libcbor.so -> libcbor.so.0.6.0
libcbor.so.0 -> libcbor.so.0.6.0
libcbor.so.0.6.0
And the
I reviewed libfido2 1.3.1-1build1 as checked into focal. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
libfido2 is a library used for communicating with FIDO U2F and FIDO 2.0
devices over USB, and for verifying associated attestation and assertion
signatur
Ok, I tried a different diff[1], and got:
obj-x86_64-linux-gnu/src/libcbor.so
obj-x86_64-linux-gnu/src/libcbor.so.0.6.0
obj-x86_64-linux-gnu/src/libcbor.so.6
With:
$ objdump -x obj-x86_64-linux-gnu/src/libcbor.so.0.6.0 | grep SONAME
SONAME libcbor.so.6
("6" was made up by me).
So
I guessed wrong how sonaming works in cmake files (ugh), but I amended
my comment a bit.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcbor (dependencies of openssh
The soname changed significantly, I'm not yet sure how to handle it:
libcbor0: /usr/lib/x86_64-linux-gnu/libcbor.so.0
libcbor0: /usr/lib/x86_64-linux-gnu/libcbor.so.0.0.0
vs
/usr/lib/x86_64-linux-gnu/libcbor.so.0.6.0 (no .so.0 symlink).
$ objdump -x /usr/lib/x86_64-linux-gnu/libcbor.so.0.6.0 |gr
PPA with test packages:
https://launchpad.net/~ahasenack/+archive/ubuntu/openssh-fido
(using focal-proposed)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcbor (de
I got the tests running at build time. I'm not doing some other
improvements to the package and will have an MP up early next week
(shooting for Monday).
Current branch, for the curious, is
https://code.launchpad.net/~ahasenack/ubuntu/+source/libcbor/+git/libcbor/+ref
/focal-libcbor-mir-effort
No
Took note of it, let's see what I can do.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcbor (dependencies of openssh)
To manage notifications about this bug go to
Thanks Andreas; while you're there, could you give a look to running the
tests in test/ during the build or as autopkgtests?
Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR
I'll take on libcbor
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcbor (dependencies of openssh)
To manage notifications about this bug go to:
https://bugs.launch
Version 0.5.0+dfsg-2 of libcbor as packaged in focal appears to have
significant unaligned data access problems.
The version in github appears to be fixed: see eg
https://github.com/PJK/libcbor/commit/c745f6b88a739e700c6ea2baa96bcfef1d51cc0f
We need to update libcbor before we can use this librar
** Changed in: libfido2 (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => Alex Murray
(alexmurray)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1864439
Title:
[MIR] libfido2, libcb
28 matches
Mail list logo
