Please backport znc 1.6.0-2 (universe) from vivid

Bug #1449248 reported by Thomas Ward
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
trusty-backports
Wishlist
Unassigned
utopic-backports
Wishlist
Unassigned

Bug Description

Please backport znc 1.6.0-2 (universe) from vivid to trusty, utopic.

Reason for the backport:
========================
ZNC 1.4 as exists in Trusty is vulnerable to the SSLv3 issue of POODLE. It was requested that a backport of ZNC 1.6 be made available for Trusty as exists in Vivid to get the ability to disable SSLv3 by default out of the box, and to enable the SSL-related features of cipher selection, protocol selection, and other Security centric changes.

PREREQUISITE BEFORE ACCEPTING:
https://bugs.launchpad.net/bugs/1448823 - swig3.0 library is required in Ubuntu Trusty, via source package 'swig'. It produces swig3.0 binaries.

RELATED:
https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1444943 - Initial request as a bug against the ZNC package.
https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1389264 - Security bug against ZNC indicating that the SSL listeners are vulnerable to POODLE.

Build tests in PPA: https://launchpad.net/~teward/+archive/ubuntu/backport-buildtests/+packages
NOTE: The build test PPA also contains the no changes backport of the swig package from Utopic as referenced in Bug #1448823

Related Important Bugs Which Should Be Fixed First:
https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1449271 - znc-dev cannot build modules which need libicu support, due to no libicu-dev dependency.

Testing:
========
Mark off items in the checklist [X] as you test them, but please leave the checklist so that backporters can quickly evaluate the state of testing.

You can test-build the backport in your PPA with backportpackage:
$ backportpackage -u ppa:<lp username>/<ppa name> -s vivid -d trusty znc
$ backportpackage -u ppa:<lp username>/<ppa name> -s vivid -d utopic znc

* trusty:
[X] Package builds without modification
[X] znc installs cleanly and runs
[X] znc-dev installs cleanly and runs (See "Test Notes" below)
[X] znc-perl installs cleanly and runs
[X] znc-tcl installs cleanly and runs
[X] znc-dbg installs cleanly - No run test (see below)
[X] znc-python installs cleanly and runs
* utopic:
[X] Package builds without modification
[X] znc installs cleanly and runs
[ ] znc-dev installs cleanly and runs
[X] znc-perl installs cleanly and runs
[X] znc-tcl installs cleanly and runs
[X] znc-dbg installs cleanly - No run test (see below)
[X] znc-python installs cleanly and runs

Run Test Definitions:
* znc binary: Configure and run ZNC.
* znc-dev: Run znc-buildmod against any third-party ZNC module that works with ZNC 1.6. (znc-buildmod does the actual compiling provided by this package) For the purposes of this test the ZNC Push module will be being compiled with znc-buildmod (https://github.com/jreese/znc-push).
* znc-perl: After running ZNC, load the modperl global module.
* znc-tcl: After running ZNC, load the modtcl global module.
* znc-python: After running ZNC, load the modpython global module.

Binaries without Run Tests:
* znc-dbg: Contains debug symbols, and does not have executable code. Install test

Reverse dependencies:
=====================
The following reverse-dependencies need to be tested against the new version of znc. For reverse-build-dependencies (-Indep), please test that the package still builds against the new znc. For reverse-dependencies, please test that the version of the package currently in the release still works with the new znc installed. Reverse- Recommends, Suggests, and Enhances don't need to be tested, and are listed for completeness-sake.

znc
---
* f-irc
  [ ] trusty (Reverse-Suggests) - TESTS / REBUILDS NOT REQUIRED (per Micah Gersten and discussion on #ubuntu-motu)
  [ ] utopic (Reverse-Suggests) - TESTS / REBUILDS NOT REQUIRED (per Micah Gersten and discussion on #ubuntu-motu)

znc-dev
-------

znc-perl
--------

znc-tcl
-------

znc-dbg
-------

znc-python
----------

Test Notes:
===========

Trusty
------
znc-dev and the corresponding znc-buildmod program does correctly build modules for use in ZNC. HOWEVER, any modules being built which are depending on the charset capabilities will fail to build due to Bug #1449271

Utopic
------
(Untested)

Thomas Ward (teward)
description: updated
Thomas Ward (teward)
description: updated
Thomas Ward (teward)
description: updated
description: updated
Micah Gersten (micahg)
Changed in trusty-backports:
status: New → In Progress
Changed in utopic-backports:
status: New → In Progress
Changed in trusty-backports:
assignee: nobody → Micah Gersten (micahg)
Changed in utopic-backports:
assignee: nobody → Micah Gersten (micahg)
Micah Gersten (micahg)
Changed in utopic-backports:
assignee: Micah Gersten (micahg) → Thomas Ward (teward)
Changed in trusty-backports:
assignee: Micah Gersten (micahg) → Thomas Ward (teward)
importance: Undecided → Wishlist
Changed in utopic-backports:
importance: Undecided → Wishlist
Micah Gersten (micahg)
Changed in trusty-backports:
status: In Progress → Triaged
Changed in utopic-backports:
status: In Progress → Triaged
Revision history for this message
Mikaela Suomalainen (mikaela) wrote :

And ZNC will be releasing 1.6.1 soon...

Thomas Ward (teward)
description: updated
Revision history for this message
Micah Gersten (micahg) wrote :

Utopic is now EOL

Changed in utopic-backports:
assignee: Thomas Ward (teward) → nobody
status: Triaged → Won't Fix
Thomas Ward (teward)
Changed in trusty-backports:
assignee: Thomas Ward (teward) → nobody
Revision history for this message
Micah Gersten (micahg) wrote :

Per discussion on IRC, a new request will be opened when the next point release is uploaded.

Changed in trusty-backports:
status: Triaged → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers