superm1_infinity, ping.  I wanted to talk to you about what's happening with signed EFI packages in cosmic (Eg https://launchpad.net/ubuntu/+source/fwupdate-signed/1.20)03:11
superm1_since debian started making signed packages it looks like they're also autosynced into the wrong pocket (https://launchpad.net/ubuntu/+source/fwupdate-amd64-signed) but that causes ubuntu signed packages to fail03:12
superm1_also their signing service isn't running on every upload, so it's even out of sync now too03:12
superm1_so I think unless Ubuntu intends to move to the same signing solution as Debian some time in $future using those template packages, those autosynced packages need to get blacklisted to prevent this problem03:14
=== superm1_ is now known as superm1
dokocoreycb, jamespage: rejected zvmcloudconnector, incomplete copyright. also do you really need all the alternatives, does it matter which Python version is used for these binaries?05:50
dokocoreyb, jamespage: rejected vaultlocker, incomplete copyright again05:52
dokotjaalton: rejected jboss-annotations-1.2-api, incomplete copyright05:58
tjaaltondoko: incomplete how?06:03
dokotjaalton: Oracle not listed06:04
tjaalton           2011, Oracle and/or its affiliates06:04
tjaaltonsure is06:04
dokotjaalton: and dogtag-pki autopkg tests are failing06:12
jamespagedoko: working those both now07:48
jamespagedoko: vaultlocker re-uploaded with complete copyright07:54
jamespagedoko: re zvmcloudconnector - the d/copyright looks to have an extra copyright holder not in the upstream source which I have dropped08:01
jamespagedoko: anything else I have missed08:01
jamespagedoko: re py2 package - right now we do still need that as this is a depends for nova08:01
jamespagedoko: python-future is needed for the latest python-pysaml2 - its been in main before so can we re-promote that one?08:46
jamespageI subbed ubuntu-openstack for bugs08:47
=== popey_ is now known as popey
=== lfaraone_ is now known as lfaraone
seb128doko, hey, could you have another look to https://bugs.launchpad.net/ubuntu/+source/cpdb-backend-cups/+bug/1747760 and https://bugs.launchpad.net/ubuntu/+source/cpdb-libs/+bug/1747759 to see if Till's fixes are enough for you?09:29
ubottuLaunchpad bug 1747760 in cpdb-backend-cups (Ubuntu) "[MIR] cpdb-backend-cups" [High,In progress]09:29
ubottuLaunchpad bug 1747759 in cpdb-libs (Ubuntu) "[MIR] cpdb-libs" [High,In progress]09:29
seb128doko, what are the chances https://bugs.launchpad.net/ubuntu/+source/tracker-miners/+bug/1770877 get reviewed before ff?09:58
ubottuLaunchpad bug 1770877 in tracker-miners (Ubuntu) "[MIR] tracker-miners" [Undecided,New]09:58
rbasakCould an AA-type please review bug 1778041? For binary package disappearances in an SRU. I'm not sure what needs to be done, if anything.12:36
ubottubug 1778041 in freshplayerplugin (Ubuntu Xenial) "browser-plugin-freshplayer-pepperflash broken" [High,In progress] https://launchpad.net/bugs/177804112:36
dokoseb128: I'm just back for two days ...14:11
dokojamespage: vaultlocker accepted and built14:12
seb128doko, wb, I hope you had nice holidays :)14:15
seb128doko, and yeah, sorry to ping you, the MIR team is understaffed and things are just sitting there unsure to get them unblocked :/14:15
dokocoreycb, cpaelzer, nacc: is php 7.3 as the default planned for cosmic?14:22
cpaelzerahasenack: rbasak: ^^14:24
cpaelzermaybe to discuss on the standup14:24
rbasakI'm reluctant14:24
cpaelzerme as well14:25
rbasakphp-defaults is still in excuses for ?7.214:25
rbasakThat part isn't FF-critical I don't think.14:25
cpaelzerlacking nacc this was a bit orphaned most of this cycle with resolution planned next cycle14:25
cpaelzerI msut admit at least I haven't looked for php at all recently14:26
rbasakThat part isn't FF-critical I don't think -> but going for 7.3 seems like too much of a stretch to me without nacc. I'm not familiar enough with it all yet.14:26
rbasakThough php-defaults is in sync now, so it'll autosync if Debian do it. Seems unlikely before our FF though.14:27
jamespagedoko: ta15:02
psusibug #1683105 has had a patch waiting for someone to apply since last december... could someone please apply it?15:37
ubottubug 1683105 in dmraid (Ubuntu) "Installation of DMRaid should automatically add necessary modules to /etc/initramfs-tools/modules" [Medium,Triaged] https://launchpad.net/bugs/168310515:37
naccdoko: cpaelzer: rbasak: i really apologize about that. The hard part right now is we had to add a bunch of delta to universe packages for phpunit in 18.0416:03
naccand many of those packages are still not updated in debian, when i last looked16:04
naccand since debian, last i checked as well, still wasn't gating their CI, it will fail in our system; so they will need merges16:04
naccfairly trivial merges, but merges nonetheless16:04
nacci just haven't had the time this cycle :(16:04
GunnarHjrbasak: Thinking of bug #1778041. If I hadn't SRU'ed the fix, people with one of the dropped packages installed might upgrade to 18.10 and then keep having the old package installed. So we don't usually have a model to make sure that packages which are dropped from archive are uninstalled, do we?16:55
ubottubug 1778041 in freshplayerplugin (Ubuntu Xenial) "browser-plugin-freshplayer-pepperflash broken" [High,In progress] https://launchpad.net/bugs/177804116:55
rbasakGunnarHj: I think do-release-upgrade might take care of that. I'm not sure exactly.17:51
rbasakGunnarHj: if nobody else chimes in, how do you feel about shipping the binary packages but empty? I think that'd be the least harmful, even if it turns out later to be overkill, since it leaves thd door open to anything later without having made it difficult, IYSWIM.17:52
rbasakafk now, but back later.17:52
GunnarHjrbasak: I thought that do-release-upgrade only takes care of packages no longer needed as dependencies - like 'apt autoremove'. But I'm not sure either.19:08
GunnarHjrbasak: Sure, I can add empty packages for the two dropped binaries, if you think it's motivated.19:08
naccit would be nice if it did something more, if it doesn't know, based upon, perhaps ubuntu-support-status output, etc.19:08
nacc*if it doesn't now19:08
GunnarHjrbasak: But before doing so, please also consider that the remaining binary browser-plugin-freshplayer-pepperflash is - unlike before - only built on amd64 and i386. (See comment #4 in the bug report for the reason.) I suppose that can't be handled through empty packages.19:08
GunnarHjnacc: Would make sense. But can you confirm that no such thing is in place currently?19:11
naccGunnarHj: i can try :)19:11
GunnarHjnacc: Don't spend too much effort on it. It's merely a side discussion when discussing a special SRU case.19:12
naccyep, understood19:13
rbasakGunnarHj: that's a good point.23:54
rbasaksil2100 accepted the Bionic package so I'd like his opinion but he's not here right now.23:54
rbasakI'm also reluctant to dictate anything on this one, since I'm not certain of any right answer here, and others will know more. But I also don't want to block you :-/23:55
Unit193https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000544.html Debian 902720 was fixed in Debian, so cosmic is covered at least! :D23:57
ubottuDebian bug 902720 in ruby-zip "CVE-2018-1000544" [Grave,Fixed] http://bugs.debian.org/90272023:57
ubotturubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary f... (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000544)23:57
Unit193https://launchpadlibrarian.net/383593876/ruby-zip_1.2.1-1_1.2.1-1.1.diff.gz interesting diff though.23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!