Ubuntu
openssl package

[SRU] Openssl copyright/changelog.Debian.gz file points at non-existent location

Bug #2067672 reported by Bin Li
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OEM Priority Project
Triaged
High
Bin Li
openssl (Ubuntu)
Status tracked in Oracular
Noble
In Progress
Medium
Unassigned
Ubuntu ubuntu-24.04.1
Oracular
Fix Committed
Medium
Adrien Nader
Ubuntu ubuntu-24.10

Bug Description

[ Impact ]

Due to the t64 transition, the changelog.Debian.gz and copyright symlinks in various binary packages built from openssl source are dangling symlinks, because /usr/share/doc/libssl3 no longer exists. This gives users an error when trying to look at these files, and is an impediment to inspecting the copyright status of the packages in an installed system.

[ Test Plan ]

 * list the openssl or libssl-dev to check if symbol link is valid.
   $ l -thal /usr/share/doc/libssl-dev/
   $ l -thal /usr/share/doc/openssl/
   $ file /usr/share/doc/libssl-dev/copyright
   $ file /usr/share/doc/openssl/copyright

[ Where problems could occur ]

 * It didn't affects any functions, just the symbol links are misssing.

[ Other Info ]
 Currently it link to the old version libssl3, currently libssl3 is purely virtual.

$ l -thal /usr/share/doc/openssl-dev/
lrwxrwxrwx 1 root root 30 May 14 17:06 changelog.Debian.gz -> ../libssl3/changelog.Debian.gz
lrwxrwxrwx 1 root root 23 May 14 17:06 changelog.gz -> ../libssl3/changelog.gz
lrwxrwxrwx 1 root root 20 May 14 17:06 copyright -> ../libssl3/copyright

$ l -thal /usr/share/doc/libssl-dev/
total 84K
drwxr-xr-x 2 root root 4.0K May 23 16:08 ./
drwxr-xr-x 2180 root root 76K May 16 20:13 ../
lrwxrwxrwx 1 root root 30 May 14 17:06 changelog.Debian.gz -> ../libssl3/changelog.Debian.gz
lrwxrwxrwx 1 root root 23 May 14 17:06 changelog.gz -> ../libssl3/changelog.gz
lrwxrwxrwx 1 root root 20 May 14 17:06 copyright -> ../libssl3/copyright

See original description
Bin Li (binli)
description: updated
description: updated
Bin Li (binli)
tags: added: oem-priority originate-from-2067643 sutton
Bin Li (binli)
Changed in oem-priority:
importance: Undecided → High
assignee: nobody → Bin Li (binli)
status: New → In Progress
description: updated
Revision history for this message
Bin Li (binli) wrote :

Here the debdiff for noble

Revision history for this message
Bin Li (binli) wrote :

Here is defdiff for oracular

Bin Li (binli)
description: updated
summary: - Openssl copyright/changelog.Debian.gz file points at non-existent
+ [SRU] Openssl copyright/changelog.Debian.gz file points at non-existent
location
Changed in oem-priority:
status: In Progress → Triaged
Revision history for this message
Adrien Nader (adrien) wrote :

Hi and thanks for the patch.

Process-wise, the changes should land in oracular first and I don't think I changed anything regarding that, even in my merge proposal for 3.2.1. I think we can integrate your patch in oracular in the version that follows the 3.2.1 merge (I'd prefer not to respin my current merge request) and which will also include at least afix for https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1297025 (and maybe a security patch too).

  lrwxrwxrwx 1 root root 23 Feb 21 11:45 /usr/share/doc/libssl-dev/changelog.gz -> ../libssl3/changelog.gz

but ../libssl3/changelog.gz doesn't exist.

This is on my list of things to do in the comings days, or weeks at most.

I guess your main worry was the copyright file however.

Revision history for this message
Bin Li (binli) wrote :

hi adrien,

 Thanks, and will the noble use 3.2.1?
 And yes, our worry is the copyright file, especially in noble. :)

Revision history for this message
Adrien Nader (adrien) wrote :

Noble will not use 3.2.1. Only oracular will.

Unfortunately, I don't have a very good answer about how to get this fix in Noble as quickly as possible.

Revision history for this message
Bin Li (binli) wrote (last edit ):

I need someone from the sponsor team to help upload the new package for noble. From the changelog, I found 'Steve Langasek' which is from sponsor team.

Hi vorlon,

 Could you help this in noble? Thanks!

Simon Chopin (schopin)
tags: added: rls-nn-incoming
Revision history for this message
Adrien Nader (adrien) wrote :

Hey, a quick update.

With openssl 3.2.1 uploaded to Oracular, I've prepared the subsequent 3.2.2 (doing it so soon wasn't planned initially).

I'm including a fix for this and for #1297025 :
https://git.launchpad.net/~adrien/ubuntu/+source/openssl/commit/?id=5f94de31126ae59f2481fe77a397df9fb0941bd8

This will satisfy the SRU requirement that the fix is first included in the development release.

Adrien Nader (adrien)
Changed in openssl (Ubuntu):
milestone: none → ubuntu-24.10
Changed in openssl (Ubuntu Noble):
importance: Undecided → Medium
milestone: none → ubuntu-24.04.1
status: New → Triaged
Changed in openssl (Ubuntu Oracular):
importance: Undecided → Medium
status: New → In Progress
assignee: nobody → Adrien Nader (adrien)
Julian Andres Klode (juliank)
tags: removed: rls-nn-incoming
Revision history for this message
Steve Langasek (vorlon) wrote :

Per the above comment this is reported to be fixed in 3.2.2-1ubuntu1 which is in oracular-proposed, so setting the status to 'fix committed'.

Changed in openssl (Ubuntu Oracular):
status: In Progress → Fix Committed
Revision history for this message
Steve Langasek (vorlon) wrote :

+ * Fixed the symbolic links with libssl3t64. (LP: #2067672)

This is insufficiently clear as a changelog entry for an SRU. I am adjusting this to:

+ * Fixed the symbolic link target for the changelog and copyright files. (LP: #2067672)

Otherwise, this is straightforward and I am sponsoring to the noble SRU queue.

However, in terms of SRU policy, I don't think it makes sense for us to release an SRU of openssl to all users' systems that changes only this. Therefore I am tagging this bug 'block-proposed-noble' so that it will not actually be released to noble-updates until there are further changes to be landed.

tags: added: block-proposed-noble
description: updated
Steve Langasek (vorlon)
Changed in openssl (Ubuntu Noble):
status: Triaged → In Progress
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.