From wferi at debian.org Wed Apr 2 16:45:29 2025 From: wferi at debian.org (=?utf-8?Q?Ferenc_W=C3=A1gner?=) Date: Wed, 02 Apr 2025 17:45:29 +0200 Subject: [Debian-ha-maintainers] crmsh CIB tests Message-ID: <87ecya4leu.fsf@fin.soreny> Hi Valentin, Do you plan to work on crmsh in the not too distant future? Its autopkgtests hinder the migration of Pacemaker (#1101479), so I'll try to do something about them otherwise. -- Feri. From vvidic at debian.org Wed Apr 2 19:17:55 2025 From: vvidic at debian.org (Valentin Vidic) Date: Wed, 2 Apr 2025 20:17:55 +0200 Subject: [Debian-ha-maintainers] crmsh CIB tests In-Reply-To: <87ecya4leu.fsf@fin.soreny> References: <87ecya4leu.fsf@fin.soreny> Message-ID: On Wed, Apr 02, 2025 at 05:45:29PM +0200, Ferenc W?gner wrote: > Do you plan to work on crmsh in the not too distant future? Its > autopkgtests hinder the migration of Pacemaker (#1101479), so I'll try > to do something about them otherwise. Hi, I started to work on the new crmsh version upload, but also run into some problems with the tests and documentation. But that was before Pacemaker 3, so let me do a quick check what is the problem now. -- Valentin From vvidic at debian.org Wed Apr 2 19:36:49 2025 From: vvidic at debian.org (Valentin Vidic) Date: Wed, 2 Apr 2025 20:36:49 +0200 Subject: [Debian-ha-maintainers] crmsh CIB tests In-Reply-To: References: <87ecya4leu.fsf@fin.soreny> Message-ID: On Wed, Apr 02, 2025 at 08:17:55PM +0200, Valentin Vidic wrote: > Hi, I started to work on the new crmsh version upload, but also run into > some problems with the tests and documentation. But that was before > Pacemaker 3, so let me do a quick check what is the problem now. Ok, so it seems all the crmsh 4.6.1 tests are passing with pacemaker 3, so I will try to figure out this remaining configuration build problem. -- Valentin From ftpmaster at ftp-master.debian.org Wed Apr 2 22:00:30 2025 From: ftpmaster at ftp-master.debian.org (Debian FTP Masters) Date: Wed, 02 Apr 2025 21:00:30 +0000 Subject: [Debian-ha-maintainers] Processing of crmsh_4.6.1-1_source.changes Message-ID: crmsh_4.6.1-1_source.changes uploaded successfully to localhost along with the files: crmsh_4.6.1-1.dsc crmsh_4.6.1.orig.tar.gz crmsh_4.6.1-1.debian.tar.xz crmsh_4.6.1-1_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) From ftpmaster at ftp-master.debian.org Wed Apr 2 22:19:07 2025 From: ftpmaster at ftp-master.debian.org (Debian FTP Masters) Date: Wed, 02 Apr 2025 21:19:07 +0000 Subject: [Debian-ha-maintainers] crmsh_4.6.1-1_source.changes ACCEPTED into unstable Message-ID: Thank you for your contribution to Debian. Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 02 Apr 2025 22:46:02 +0200 Source: crmsh Architecture: source Version: 4.6.1-1 Distribution: unstable Urgency: medium Maintainer: Debian HA Maintainers Changed-By: Valentin Vidic Closes: 1101479 Changes: crmsh (4.6.1-1) unstable; urgency=medium . * New upstream version 4.6.1 * d/patches: refresh for new version (Closes: #1101479) * d/rules: fix documentation build * d/tests: fix failing autopkgtest * d/control: update Standards-Version to 4.7.2 Checksums-Sha1: baadf94bf87808ea3767c62e494c0fb571f95115 2428 crmsh_4.6.1-1.dsc 9ebb33ca284ad40f0417b9420e14daa306d6eb5b 1952054 crmsh_4.6.1.orig.tar.gz f95561dfacdcdbf1a74e6d42bf64cf88cbc5d774 33928 crmsh_4.6.1-1.debian.tar.xz 7500c06de33702b3e7ef7e2fb66c34f983803da3 7323 crmsh_4.6.1-1_source.buildinfo Checksums-Sha256: 70e7d3456b73dd4b8b7adf2c0fcc9774c9dd6bdb129d9b010f8e70934e7cf169 2428 crmsh_4.6.1-1.dsc 4d4cc579012a236fa47905d984b97d0099ebb421ad186510ae3d5da94d2b9049 1952054 crmsh_4.6.1.orig.tar.gz eed5418a9158e58808725c53decbe99869d3e255264b8505e18ac114a60cb475 33928 crmsh_4.6.1-1.debian.tar.xz b7e05426e23454038b37f74d1cc688ef75f536fb47a557c9191b477cb0b4e1b5 7323 crmsh_4.6.1-1_source.buildinfo Files: e53e1ed8755cb5eb58b9054f053fb4fa 2428 admin optional crmsh_4.6.1-1.dsc 114bc37e4db5808a24a6f89390cdad6b 1952054 admin optional crmsh_4.6.1.orig.tar.gz 177e0b9a1f635bee06cd4f177410a302 33928 admin optional crmsh_4.6.1-1.debian.tar.xz 91d6acde5525c90819e93e720ff9b44c 7323 admin optional crmsh_4.6.1-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJGBAEBCgAwFiEExaW53cM9k/u2PWfIMofYmpfNqHsFAmftpNMSHHZ2aWRpY0Bk ZWJpYW4ub3JnAAoJEDKH2JqXzah7VyEP/inhgT9UgLaqCQaikk23AgvfX5+8AjW1 E9PZJHZVlljmuE8vcymRIEPYc/WWsTX4VUmAOkSSTBNeQlFs6Bzvie7xlQRY77bu zlJAseTiwIux9vw+xkQ5Z7HUPqlt2/TPm6+g/lUXFxrZ5iWnlwxp0xIfiCwjEGr0 gtCjHiPPf84T5fekjU7uX6IRLisiXzeb7nlSXG4Zpl0Hqd9tvvDNWiMzqFDh9rSm yD9CV6Owqu1/t4EyiLABI3owLG+LXc1Jq8vm7kXofNgOEUsVw3EFtp+2Ffy/45ao GzKb4YGwOMftjrEiyufbP1qD+bSNXG74K+L30MFwSewWY6Rv3uITBjhiIjZ3aIws TSR0bVFoFt6/uIUtcHD/oteiXD4DFPpiQpKdj5Oz3jLGAX6ViOSEIuQTPczAmPbs 58KVP+vuJ5M66IHrxVQa8Z4CEKhLO/1ptqTbUgPfjcbMfBq4VB2uCpXxN5v/qa0A 8KxhDMUcDZz8segXR0YBV+fIv30U08x/qauHtrzDWr4hNOMJ6PEDMYS0ckeanmmC BPenoYt2CBNoBqwf3Svu6L0+1wxrrbTksLmdZ99mgrGi2qSbXWu2EsZtixaBW8d3 lZkmhZkjfKAuGvHMiMv4usmoZoVk2xjABIH3HWFDI3r9EOhSwVKazd4iyuErx6ae 2GDxPSn8b4zR =6Aiu -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: not available URL: From owner at bugs.debian.org Wed Apr 2 22:21:03 2025 From: owner at bugs.debian.org (Debian Bug Tracking System) Date: Wed, 02 Apr 2025 21:21:03 +0000 Subject: [Debian-ha-maintainers] Bug#1101479: marked as done (pacemaker: breaks crmsh autopkgtests) References: <174314780392.1746238.16407841674079558483.reportbug@andromeda> Message-ID: Your message dated Wed, 02 Apr 2025 21:19:07 +0000 with message-id and subject line Bug#1101479: fixed in crmsh 4.6.1-1 has caused the Debian Bug report #1101479, regarding pacemaker: breaks crmsh autopkgtests to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner at bugs.debian.org immediately.) -- 1101479: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101479 Debian Bug Tracking System Contact owner at bugs.debian.org with problems -------------- next part -------------- An embedded message was scrubbed... From: Emilio Pozuelo Monfort Subject: pacemaker: breaks crmsh autopkgtests Date: Fri, 28 Mar 2025 08:43:23 +0100 Size: 4673 URL: -------------- next part -------------- An embedded message was scrubbed... From: Debian FTP Masters Subject: Bug#1101479: fixed in crmsh 4.6.1-1 Date: Wed, 02 Apr 2025 21:19:07 +0000 Size: 7170 URL: From owner at bugs.debian.org Thu Apr 3 08:51:03 2025 From: owner at bugs.debian.org (Debian Bug Tracking System) Date: Thu, 03 Apr 2025 07:51:03 +0000 Subject: [Debian-ha-maintainers] Processed: booth: autopkgtest needs update for new version of crmsh: warning on stderr References: <66501135-ac1f-4902-b9c2-cb3cb7128aaa@debian.org> <66501135-ac1f-4902-b9c2-cb3cb7128aaa@debian.org> Message-ID: Processing control commands: > affects -1 src:crmsh src:pacemaker Bug #1101968 [src:booth] booth: autopkgtest needs update for new version of crmsh: warning on stderr Added indication that 1101968 affects src:crmsh and src:pacemaker -- 1101968: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101968 Debian Bug Tracking System Contact owner at bugs.debian.org with problems From elbrus at debian.org Thu Apr 3 08:47:26 2025 From: elbrus at debian.org (Paul Gevers) Date: Thu, 3 Apr 2025 09:47:26 +0200 Subject: [Debian-ha-maintainers] Bug#1101968: booth: autopkgtest needs update for new version of crmsh: warning on stderr Message-ID: <66501135-ac1f-4902-b9c2-cb3cb7128aaa@debian.org> Source: booth Version: 1.2-2 Severity: serious X-Debbugs-CC: crmsh at packages.debian.org Tags: sid trixie User: debian-ci at lists.debian.org Usertags: needs-update Control: affects -1 src:crmsh src:pacemaker Dear maintainer(s), With a recent upload of crmsh the autopkgtest of booth fails in testing when that autopkgtest is run with the binary packages of crmsh from unstable. It passes when run with only packages from testing. In tabular form: pass fail crmsh from testing 4.6.1-1 booth from testing 1.2-2 all others from testing from testing I copied some of the output at the bottom of this report. Currently this regression is blocking the migration of crmsh to testing [1]. Of course, crmsh shouldn't just break your autopkgtest (or even worse, your package), but it seems to me that the change in crmsh was intended and your package needs to update to the new situation. There is a new warning on stderr and without a allow-stderr restriction, output to stderr causes autopkgtest to fail the test If this is a real problem in your package (and not only in your autopkgtest), the right binary package(s) from crmsh should really add a versioned Breaks on the unfixed version of (one of your) package(s). Note: the Breaks is nice even if the issue is only in the autopkgtest as it helps the migration software to figure out the right versions to combine in the tests. More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul [1] https://qa.debian.org/excuses.php?package=crmsh https://ci.debian.net/data/autopkgtest/testing/amd64/b/booth/59421938/log.gz 148s === keygen === 148s authfile = /etc/booth/authkey 148s site = 127.0.0.1 148s ticket = "ticket-A" 148s 148s === cluster === 170s Waiting for 'Online:.*node1': 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 done. 170s 170s === configure === 171s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 171s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 172s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 173s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 174s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 174s node 1: node1 174s primitive booth ocf:pacemaker:booth-site \ 174s op start timeout=100s interval=0s 174s primitive dummy Dummy 174s rsc_ticket ticket-A_dummy ticket-A: dummy 174s property cib-bootstrap-options: \ 174s have-watchdog=false \ 174s dc-version=2.1.8-2.1.8 \ 174s cluster-infrastructure=corosync \ 174s cluster-name=debian \ 174s stonith-enabled=false \ 174s no-quorum-policy=ignore 175s Waiting for 'booth.*Started': done. 175s Cluster Summary: 175s * Stack: corosync (Pacemaker is running) 175s * Current DC: node1 (version 2.1.8-2.1.8) - partition with quorum 175s * Last updated: Thu Apr 3 03:08:50 2025 on node1 175s * Last change: Thu Apr 3 03:08:49 2025 by root via root on node1 175s * 1 node configured 175s * 2 resource instances configured 175s 175s Node List: 175s * Online: [ node1 ] 175s 175s Full List of Resources: 175s * booth (ocf:pacemaker:booth-site): Started node1 175s * dummy (ocf:heartbeat:Dummy): Stopped 175s 175s 175s === booth === 175s booth_lockpid=3687 booth_lockfile='/var/run/booth//booth.pid' booth_pid=3687 booth_state=started booth_type=site booth_cfg_name='booth' booth_id=1696554816 booth_addr_string='127.0.0.1' booth_port=9929 175s ticket: ticket-A, leader: NONE 175s 175s === grant === 176s Waiting for 'dummy.*Started': done. 176s ticket ticket-A is granted 176s 176s === revoke === 177s Waiting for 'dummy.*Stopped': done. 177s ticket ticket-A is revoked 178s autopkgtest [03:08:53]: test pacemaker -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature.asc Type: application/pgp-signature Size: 495 bytes Desc: OpenPGP digital signature URL: From elbrus at debian.org Thu Apr 3 08:47:26 2025 From: elbrus at debian.org (Paul Gevers) Date: Thu, 3 Apr 2025 09:47:26 +0200 Subject: [Debian-ha-maintainers] Bug#1101968: booth: autopkgtest needs update for new version of crmsh: warning on stderr Message-ID: <66501135-ac1f-4902-b9c2-cb3cb7128aaa@debian.org> Source: booth Version: 1.2-2 Severity: serious X-Debbugs-CC: crmsh at packages.debian.org Tags: sid trixie User: debian-ci at lists.debian.org Usertags: needs-update Control: affects -1 src:crmsh src:pacemaker Dear maintainer(s), With a recent upload of crmsh the autopkgtest of booth fails in testing when that autopkgtest is run with the binary packages of crmsh from unstable. It passes when run with only packages from testing. In tabular form: pass fail crmsh from testing 4.6.1-1 booth from testing 1.2-2 all others from testing from testing I copied some of the output at the bottom of this report. Currently this regression is blocking the migration of crmsh to testing [1]. Of course, crmsh shouldn't just break your autopkgtest (or even worse, your package), but it seems to me that the change in crmsh was intended and your package needs to update to the new situation. There is a new warning on stderr and without a allow-stderr restriction, output to stderr causes autopkgtest to fail the test If this is a real problem in your package (and not only in your autopkgtest), the right binary package(s) from crmsh should really add a versioned Breaks on the unfixed version of (one of your) package(s). Note: the Breaks is nice even if the issue is only in the autopkgtest as it helps the migration software to figure out the right versions to combine in the tests. More information about this bug and the reason for filing it can be found on https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation Paul [1] https://qa.debian.org/excuses.php?package=crmsh https://ci.debian.net/data/autopkgtest/testing/amd64/b/booth/59421938/log.gz 148s === keygen === 148s authfile = /etc/booth/authkey 148s site = 127.0.0.1 148s ticket = "ticket-A" 148s 148s === cluster === 170s Waiting for 'Online:.*node1': 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 done. 170s 170s === configure === 171s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 171s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 172s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 173s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 174s WARNING: (unpack_config) warning: Blind faith: not fencing unseen nodes 174s node 1: node1 174s primitive booth ocf:pacemaker:booth-site \ 174s op start timeout=100s interval=0s 174s primitive dummy Dummy 174s rsc_ticket ticket-A_dummy ticket-A: dummy 174s property cib-bootstrap-options: \ 174s have-watchdog=false \ 174s dc-version=2.1.8-2.1.8 \ 174s cluster-infrastructure=corosync \ 174s cluster-name=debian \ 174s stonith-enabled=false \ 174s no-quorum-policy=ignore 175s Waiting for 'booth.*Started': done. 175s Cluster Summary: 175s * Stack: corosync (Pacemaker is running) 175s * Current DC: node1 (version 2.1.8-2.1.8) - partition with quorum 175s * Last updated: Thu Apr 3 03:08:50 2025 on node1 175s * Last change: Thu Apr 3 03:08:49 2025 by root via root on node1 175s * 1 node configured 175s * 2 resource instances configured 175s 175s Node List: 175s * Online: [ node1 ] 175s 175s Full List of Resources: 175s * booth (ocf:pacemaker:booth-site): Started node1 175s * dummy (ocf:heartbeat:Dummy): Stopped 175s 175s 175s === booth === 175s booth_lockpid=3687 booth_lockfile='/var/run/booth//booth.pid' booth_pid=3687 booth_state=started booth_type=site booth_cfg_name='booth' booth_id=1696554816 booth_addr_string='127.0.0.1' booth_port=9929 175s ticket: ticket-A, leader: NONE 175s 175s === grant === 176s Waiting for 'dummy.*Started': done. 176s ticket ticket-A is granted 176s 176s === revoke === 177s Waiting for 'dummy.*Stopped': done. 177s ticket ticket-A is revoked 178s autopkgtest [03:08:53]: test pacemaker -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature.asc Type: application/pgp-signature Size: 495 bytes Desc: OpenPGP digital signature URL: From carnil at debian.org Thu Apr 3 21:55:02 2025 From: carnil at debian.org (Salvatore Bonaccorso) Date: Thu, 03 Apr 2025 22:55:02 +0200 Subject: [Debian-ha-maintainers] Bug#1102006: corosync: CVE-2025-30472 Message-ID: <174371370209.395010.9905364069385345895.reportbug@eldamar.lan> Source: corosync Version: 3.1.9-1 Severity: important Tags: security upstream Forwarded: https://github.com/corosync/corosync/issues/778 X-Debbugs-Cc: carnil at debian.org, Debian Security Team Hi, The following vulnerability was published for corosync. CVE-2025-30472[0]: | Corosync through 3.1.9, if encryption is disabled or the attacker | knows the encryption key, has a stack-based buffer overflow in | orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-30472 https://www.cve.org/CVERecord?id=CVE-2025-30472 [1] https://github.com/corosync/corosync/issues/778 [2] https://github.com/corosync/corosync/pull/779 [3] https://github.com/corosync/corosync/commit/7839990f9cdf34e55435ed90109e82709032466a Please adjust the affected versions in the BTS as needed. Regards, Salvatore From ftpmaster at ftp-master.debian.org Thu Apr 3 23:17:25 2025 From: ftpmaster at ftp-master.debian.org (Debian FTP Masters) Date: Thu, 03 Apr 2025 22:17:25 +0000 Subject: [Debian-ha-maintainers] Processing of booth_1.2-3_source.changes Message-ID: booth_1.2-3_source.changes uploaded successfully to localhost along with the files: booth_1.2-3.dsc booth_1.2-3.debian.tar.xz booth_1.2-3_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org) From ftpmaster at ftp-master.debian.org Thu Apr 3 23:19:12 2025 From: ftpmaster at ftp-master.debian.org (Debian FTP Masters) Date: Thu, 03 Apr 2025 22:19:12 +0000 Subject: [Debian-ha-maintainers] booth_1.2-3_source.changes ACCEPTED into unstable Message-ID: Thank you for your contribution to Debian. Accepted: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 04 Apr 2025 00:06:45 +0200 Source: booth Architecture: source Version: 1.2-3 Distribution: unstable Urgency: medium Maintainer: Debian HA Maintainers Changed-By: Valentin Vidic Closes: 1101968 Changes: booth (1.2-3) unstable; urgency=medium . * d/control: update Standards-Version to 4.7.2 * d/copyright: update FSF address information * d/tests: ignore error messages (Closes: #1101968) * d/lintian-overrides: ignore repeated path segment Checksums-Sha1: 92d249be3a84149606d9cbae032a4097dcdc2d31 2321 booth_1.2-3.dsc 9f6e1ab36d39e17e617ab94ca3610aaf3bdf9ca0 8884 booth_1.2-3.debian.tar.xz 0a9d6526ce045ccc39c22fb5cbcbbee7f7c51b8a 8124 booth_1.2-3_source.buildinfo Checksums-Sha256: dda90fe2e644ff0d400e0e4cad2ca1499ae6a9cfa21090cfff504d191957659c 2321 booth_1.2-3.dsc c231360d1022ea0da6c8e7f21c6496b8c3fc58f55a316d1c4545c95b4ff63ea4 8884 booth_1.2-3.debian.tar.xz ea2db2f46a29a73b6bfb1616b17d62d1f7f5e40f9340ce13e694669b3a5ce1de 8124 booth_1.2-3_source.buildinfo Files: 611a78cc1161775498e90b35a189970e 2321 admin optional booth_1.2-3.dsc 078b63a440c3fc2e9aba2b4d7e0e08b7 8884 admin optional booth_1.2-3.debian.tar.xz e528c72310341b88752b3fbaf8f19e4a 8124 admin optional booth_1.2-3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJGBAEBCgAwFiEExaW53cM9k/u2PWfIMofYmpfNqHsFAmfvB9QSHHZ2aWRpY0Bk ZWJpYW4ub3JnAAoJEDKH2JqXzah7QsIP/AlEdTJFN07/mQyXe8PZdZD9Cb0UJtVA hGjMcI7+fBHA3ZdNmZ7AoJDnd9Cx3BwYhg0HATjOnBzI6LyAsA0RJJy4UZYHrM76 uG2A/auNPw4DiCVq+sj934by+lf+NruhTrn4M+o2d//gWvWihl3tnQsl6WrPXbXW WR0w2nDM1GiIMZhhBuwBrbn4oWL8oPlkDD1ZkA8h4vincIUMDDcwc0hovo1q8O/3 4HNvIyEcuBsSWijIx3YdZvLW4c1IUKp/84oEfyaqzciOSOo+HSft9vGLiqRX7E8h ocCw2KYBzCg/dizM9yhXPHBkzRpw6pd7NUe6mwnS6uMikqJc2xBPswp5x5S2XRVv ubSP4c4jRWUwtd5K9JbnHo7jSxWOjVsoGGOFoaFGp5pvodFT7tuFEuIOtjrTwEKs TVgtYQ0tfpgx4dYaa5wuuekiFbD7mz6IxGdIRmOVTNzK6Tzvbvskjk3mNb0EFB7y fJS5yGtDL1EQRAn/pVozvRwhKney+aZquG71dar8ll2rKug9KnZ1fxKEKgublqKb qb6g9wKLVhx1r7pRxO2iMAkRu3+VHt5l0GiFfLjEBjYIzPWkvT8JFdeUbdM7ZrD8 f7rQLceEL+LrU5ZtxYxVgWwZWLuILbe8dQLVQi2CpttpFhcWWL9Q/MKysC2J/CUf pCODa90MomTs =xGzA -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 228 bytes Desc: not available URL: From owner at bugs.debian.org Thu Apr 3 23:21:02 2025 From: owner at bugs.debian.org (Debian Bug Tracking System) Date: Thu, 03 Apr 2025 22:21:02 +0000 Subject: [Debian-ha-maintainers] Bug#1101968: marked as done (booth: autopkgtest needs update for new version of crmsh: warning on stderr) References: <66501135-ac1f-4902-b9c2-cb3cb7128aaa@debian.org> Message-ID: Your message dated Thu, 03 Apr 2025 22:19:12 +0000 with message-id and subject line Bug#1101968: fixed in booth 1.2-3 has caused the Debian Bug report #1101968, regarding booth: autopkgtest needs update for new version of crmsh: warning on stderr to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner at bugs.debian.org immediately.) -- 1101968: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101968 Debian Bug Tracking System Contact owner at bugs.debian.org with problems -------------- next part -------------- An embedded message was scrubbed... From: Paul Gevers Subject: booth: autopkgtest needs update for new version of crmsh: warning on stderr Date: Thu, 3 Apr 2025 09:47:26 +0200 Size: 11336 URL: -------------- next part -------------- An embedded message was scrubbed... From: Debian FTP Masters Subject: Bug#1101968: fixed in booth 1.2-3 Date: Thu, 03 Apr 2025 22:19:12 +0000 Size: 6832 URL: From noreply at release.debian.org Fri Apr 4 05:39:08 2025 From: noreply at release.debian.org (Debian testing watch) Date: Fri, 04 Apr 2025 04:39:08 +0000 Subject: [Debian-ha-maintainers] csync2 2.0-42-g83b3644-3 MIGRATED to testing Message-ID: FYI: The status of the csync2 source package in Debian's testing distribution has changed. Previous version: 2.0-42-g83b3644-2 Current version: 2.0-42-g83b3644-3 -- This email is automatically generated once a day. As the installation of new packages into testing happens multiple times a day you will receive later changes on the next day. See https://release.debian.org/testing-watch/ for more information. From wferi at debian.org Fri Apr 4 08:58:41 2025 From: wferi at debian.org (=?utf-8?Q?Ferenc_W=C3=A1gner?=) Date: Fri, 04 Apr 2025 09:58:41 +0200 Subject: [Debian-ha-maintainers] Bug#1102006: corosync: CVE-2025-30472 In-Reply-To: <174371370209.395010.9905364069385345895.reportbug@eldamar.lan> (Salvatore Bonaccorso's message of "Thu, 03 Apr 2025 22:55:02 +0200") References: <174371370209.395010.9905364069385345895.reportbug@eldamar.lan> <174371370209.395010.9905364069385345895.reportbug@eldamar.lan> Message-ID: <87mscwz7bi.fsf@fin.soreny> Salvatore Bonaccorso writes: > CVE-2025-30472[0]: > | Corosync through 3.1.9, if encryption is disabled or the attacker > | knows the encryption key, has a stack-based buffer overflow in > | orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2025-30472 > https://www.cve.org/CVERecord?id=CVE-2025-30472 > [1] https://github.com/corosync/corosync/issues/778 Dear Salvatore, Considering the linked discussion with Corosync upstream, do you think Debian should release a patched package to bookworm? According to the security tracker, this is a postponed minor issue in bullseye, and I do not see why it would be weighted differently anywhere else. If it is, I am willing to backport the patch and prepare updates packages for bookworm and unstable. Upstream has not released a new version yet. -- Thanks for your guidance, Feri. From carnil at debian.org Fri Apr 4 09:12:45 2025 From: carnil at debian.org (Salvatore Bonaccorso) Date: Fri, 4 Apr 2025 10:12:45 +0200 Subject: [Debian-ha-maintainers] Bug#1102006: corosync: CVE-2025-30472 In-Reply-To: <87mscwz7bi.fsf@fin.soreny> References: <174371370209.395010.9905364069385345895.reportbug@eldamar.lan> <174371370209.395010.9905364069385345895.reportbug@eldamar.lan> <87mscwz7bi.fsf@fin.soreny> <174371370209.395010.9905364069385345895.reportbug@eldamar.lan> Message-ID: Hi Ferenc, On Fri, Apr 04, 2025 at 09:58:41AM +0200, Ferenc W?gner wrote: > Salvatore Bonaccorso writes: > > > CVE-2025-30472[0]: > > | Corosync through 3.1.9, if encryption is disabled or the attacker > > | knows the encryption key, has a stack-based buffer overflow in > > | orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. > > > > For further information see: > > > > [0] https://security-tracker.debian.org/tracker/CVE-2025-30472 > > https://www.cve.org/CVERecord?id=CVE-2025-30472 > > [1] https://github.com/corosync/corosync/issues/778 > > Dear Salvatore, > > Considering the linked discussion with Corosync upstream, do you think > Debian should release a patched package to bookworm? According to the > security tracker, this is a postponed minor issue in bullseye, and I do > not see why it would be weighted differently anywhere else. If it is, I > am willing to backport the patch and prepare updates packages for > bookworm and unstable. Upstream has not released a new version yet. Right I do not think this will for instance warrant a DSA. I would propose to include the fix just in a point release either together with other fixes or once a more important issue arises for corosync. I will mark it as no-dsa later in the tracker. Regards, Salvatore