| 2018-09-25 04:06:19 |
Woodrow Shen |
bug |
|
|
added bug |
| 2018-09-25 04:06:50 |
Woodrow Shen |
bug |
|
|
added subscriber MIR approval team |
| 2018-09-25 09:10:23 |
Christian Ehrhardt |
ledmon (Ubuntu): status |
New |
Incomplete |
|
| 2018-09-26 08:59:34 |
Woodrow Shen |
description |
[Availability]
Currently in universe.
[Rationale]
1.OEM projects needs to include ledmon for VROC suport (LP: #1759225)
2.Intel still maintains upstream for that (LP: #1668126)
3.Dependencies already in main.
[Security]
[Quality Assurance]
[Dependencies]
[Standards Compliance]
[Maintenance]
Package ownership TBD. |
== Requirements ==
[Availability]
Currently in universe.
Package in LP: https://launchpad.net/ubuntu/+source/ledmon
Upstream: https://github.com/intel/ledmon
[Rationale]
1.OEM projects needs to include ledmon for VROC suport (LP: #1759225)
2.Intel still maintains upstream for that (LP: #1668126)
3.Dependencies already in main.
[Security]
No security issues exposed so far. We may need to rely on Intel to be aware of upstream commits for security fixes.
[Quality Assurance]
1.No debconf questions
2.No outstanding bugs
3.I can help to make sure the consistency for status of important bugs in Debian's/Ubuntu's, and upstream's bug (on github).
4.Ledmon only supports Intel related storage controller (e.g. AHCI/iSCSI/VMD controller)
5.No test suite shipped with ledmon
6.No dependencies with obsolete or demoted packages
[UI standards]
1.This is a CLI tool/daemon service. It has normal CLI style short help and man pages. (man ledmon/ledctl)
2.No desktop file required as it is a backend tool.
[Dependencies]
build-depends: perl (main), libsgutils2-dev (main), libudev-dev (main)
binary-depends: openipmi (main)
[Standards Compliance]
The package should meet the FHS and Debian Policy standards.
[Maintenance]
Package owning team: The foundation team (we're discussed this recently and give them a notify)
Debian package maintained by Daniel Jared Dominguez (but seems he didn't maintain the latest one: currently the version 0.90 on upstream and it's 0.79-2 on debian)
https://tracker.debian.org/pkg/ledmon
[Background Information]
ledmon and ledctl are userspace tools designed to control storage enclosure LEDs. The user must have root privileges to use these tools.
These tools use the SGPIO and SES-2 protocols to monitor and control LEDs. They been verified to work with Intel(R) storage controllers (i.e. the Intel(R) AHCI controller) and have not been tested with storage controllers of other vendors (especially SAS/SCSI controllers).
For backplane enclosures attached to ISCI controllers, support is limited to Intel(R) Intelligent Backplanes.
== Security checks ==
1.http://cve.mitre.org/cve/search_cve_list.html: Search in the National Vulnerability Database using the package as a keyword
* There are 0 CVE entries that match your search.
2.Check OSS security mailing list (feed 'site:www.openwall.com/lists/oss-security <pkgname>' into search engine)
* No security issue found
3.Ubuntu CVE Tracker
http://people.ubuntu.com/~ubuntu-security/cve/main.htm
* No
http://people.ubuntu.com/~ubuntu-security/cve/universe.html
* No
http://people.ubuntu.com/~ubuntu-security/cve/partner.html
* No
4.Check for security relevant binaries. If any are present, this requires a more in-depth security review.
* Executables which have the suid or sgid bit set.
No
* Executables in /sbin, /usr/sbin.
Yes
* Packages which install services / daemons (/etc/init.d/*, /etc/init/*, /lib/systemd/system/*)
No
* Packages which open privileged ports (ports < 1024).
No
* Add-ons and plugins to security-sensitive software (filters, scanners, UI skins, etc)
No |
|
| 2018-09-26 09:10:56 |
Christian Ehrhardt |
bug |
|
|
added subscriber Dimitri John Ledkov |
| 2018-09-26 09:11:06 |
Christian Ehrhardt |
bug |
|
|
added subscriber Steve Langasek |
| 2018-09-26 09:26:51 |
Woodrow Shen |
ledmon (Ubuntu): status |
Incomplete |
Confirmed |
|
| 2018-09-26 09:29:45 |
Christian Ehrhardt |
ledmon (Ubuntu): assignee |
|
Ubuntu Security Team (ubuntu-security) |
|
| 2018-09-26 09:38:03 |
Christian Ehrhardt |
ledmon (Ubuntu): status |
Confirmed |
New |
|
| 2018-09-27 06:25:35 |
Steve Langasek |
bug |
|
|
added subscriber Patricia Gaughen |
| 2018-09-27 13:14:39 |
Jamie Strandboge |
ledmon (Ubuntu): assignee |
Ubuntu Security Team (ubuntu-security) |
|
|
| 2018-10-05 07:10:30 |
Woodrow Shen |
bug |
|
|
added subscriber Stéphane Verdy |
| 2018-10-09 13:05:18 |
Mathieu Trudel-Lapierre |
ledmon (Ubuntu): status |
New |
Incomplete |
|
| 2018-12-09 04:17:34 |
Launchpad Janitor |
ledmon (Ubuntu): status |
Incomplete |
Expired |
|
| 2021-01-20 08:23:21 |
Yuan-Chen Cheng |
bug task added |
|
oem-priority |
|
| 2021-01-20 08:23:26 |
Yuan-Chen Cheng |
oem-priority: importance |
Undecided |
Medium |
|
| 2021-01-20 09:29:42 |
Yuan-Chen Cheng |
ledmon (Ubuntu): status |
Expired |
New |
|
| 2021-01-26 15:47:50 |
Christian Ehrhardt |
ledmon (Ubuntu): assignee |
|
Christian Ehrhardt (paelzer) |
|
| 2021-01-27 14:12:09 |
Christian Ehrhardt |
bug |
|
|
added subscriber Matthieu Clemenceau |
| 2021-01-27 14:13:39 |
Christian Ehrhardt |
ledmon (Ubuntu): assignee |
Christian Ehrhardt (paelzer) |
Matthieu Clemenceau (mclemenceau) |
|
| 2021-01-28 00:19:40 |
Yuan-Chen Cheng |
oem-priority: assignee |
|
Yuan-Chen Cheng (ycheng-twn) |
|
| 2021-01-28 00:19:46 |
Yuan-Chen Cheng |
oem-priority: importance |
Medium |
High |
|
| 2021-02-14 21:27:02 |
Rex Tsai |
tags |
|
oem-priority |
|
| 2021-04-28 06:09:04 |
Yuan-Chen Cheng |
tags |
oem-priority |
oem-priority originate-1912445 |
|
| 2021-04-28 06:16:44 |
Yuan-Chen Cheng |
oem-priority: status |
New |
In Progress |
|
| 2021-04-28 08:48:08 |
Yuan-Chen Cheng |
oem-priority: status |
In Progress |
Confirmed |
|
| 2021-04-28 08:48:23 |
Yuan-Chen Cheng |
oem-priority: status |
Confirmed |
Fix Committed |
|
| 2021-05-04 20:04:51 |
Matthieu Clemenceau |
tags |
oem-priority originate-1912445 |
fr-1336 oem-priority originate-1912445 |
|
| 2021-05-25 08:26:50 |
Łukasz Zemczak |
ledmon (Ubuntu): status |
New |
Incomplete |
|
| 2021-12-09 16:59:58 |
Łukasz Zemczak |
description |
== Requirements ==
[Availability]
Currently in universe.
Package in LP: https://launchpad.net/ubuntu/+source/ledmon
Upstream: https://github.com/intel/ledmon
[Rationale]
1.OEM projects needs to include ledmon for VROC suport (LP: #1759225)
2.Intel still maintains upstream for that (LP: #1668126)
3.Dependencies already in main.
[Security]
No security issues exposed so far. We may need to rely on Intel to be aware of upstream commits for security fixes.
[Quality Assurance]
1.No debconf questions
2.No outstanding bugs
3.I can help to make sure the consistency for status of important bugs in Debian's/Ubuntu's, and upstream's bug (on github).
4.Ledmon only supports Intel related storage controller (e.g. AHCI/iSCSI/VMD controller)
5.No test suite shipped with ledmon
6.No dependencies with obsolete or demoted packages
[UI standards]
1.This is a CLI tool/daemon service. It has normal CLI style short help and man pages. (man ledmon/ledctl)
2.No desktop file required as it is a backend tool.
[Dependencies]
build-depends: perl (main), libsgutils2-dev (main), libudev-dev (main)
binary-depends: openipmi (main)
[Standards Compliance]
The package should meet the FHS and Debian Policy standards.
[Maintenance]
Package owning team: The foundation team (we're discussed this recently and give them a notify)
Debian package maintained by Daniel Jared Dominguez (but seems he didn't maintain the latest one: currently the version 0.90 on upstream and it's 0.79-2 on debian)
https://tracker.debian.org/pkg/ledmon
[Background Information]
ledmon and ledctl are userspace tools designed to control storage enclosure LEDs. The user must have root privileges to use these tools.
These tools use the SGPIO and SES-2 protocols to monitor and control LEDs. They been verified to work with Intel(R) storage controllers (i.e. the Intel(R) AHCI controller) and have not been tested with storage controllers of other vendors (especially SAS/SCSI controllers).
For backplane enclosures attached to ISCI controllers, support is limited to Intel(R) Intelligent Backplanes.
== Security checks ==
1.http://cve.mitre.org/cve/search_cve_list.html: Search in the National Vulnerability Database using the package as a keyword
* There are 0 CVE entries that match your search.
2.Check OSS security mailing list (feed 'site:www.openwall.com/lists/oss-security <pkgname>' into search engine)
* No security issue found
3.Ubuntu CVE Tracker
http://people.ubuntu.com/~ubuntu-security/cve/main.htm
* No
http://people.ubuntu.com/~ubuntu-security/cve/universe.html
* No
http://people.ubuntu.com/~ubuntu-security/cve/partner.html
* No
4.Check for security relevant binaries. If any are present, this requires a more in-depth security review.
* Executables which have the suid or sgid bit set.
No
* Executables in /sbin, /usr/sbin.
Yes
* Packages which install services / daemons (/etc/init.d/*, /etc/init/*, /lib/systemd/system/*)
No
* Packages which open privileged ports (ports < 1024).
No
* Add-ons and plugins to security-sensitive software (filters, scanners, UI skins, etc)
No |
== Requirements ==
[Availability]
Currently in universe.
Package in LP: https://launchpad.net/ubuntu/+source/ledmon
Upstream: https://github.com/intel/ledmon
[Rationale]
1.OEM projects needs to include ledmon for VROC suport (LP: #1759225)
2.Intel still maintains upstream for that (LP: #1668126)
3.Dependencies already in main.
[Security]
No security issues exposed so far. We may need to rely on Intel to be aware of upstream commits for security fixes.
[Quality Assurance]
1.No debconf questions
2.No outstanding bugs
3.I can help to make sure the consistency for status of important bugs in Debian's/Ubuntu's, and upstream's bug (on github).
4.Ledmon only supports Intel related storage controller (e.g. AHCI/iSCSI/VMD controller)
5.No test suite shipped with ledmon
6.No dependencies with obsolete or demoted packages
[UI standards]
1.This is a CLI tool/daemon service. It has normal CLI style short help and man pages. (man ledmon/ledctl)
2.No desktop file required as it is a backend tool.
[Dependencies]
build-depends: perl (main), libsgutils2-dev (main), libudev-dev (main)
binary-depends: openipmi (main)
[Standards Compliance]
The package should meet the FHS and Debian Policy standards.
[Maintenance]
Package owning team: The Foundations team
Debian package maintained by Daniel Jared Dominguez (but seems he didn't maintain the latest one: currently the version 0.90 on upstream and it's 0.79-2 on debian)
https://tracker.debian.org/pkg/ledmon
[Background Information]
ledmon and ledctl are userspace tools designed to control storage enclosure LEDs. The user must have root privileges to use these tools.
These tools use the SGPIO and SES-2 protocols to monitor and control LEDs. They been verified to work with Intel(R) storage controllers (i.e. the Intel(R) AHCI controller) and have not been tested with storage controllers of other vendors (especially SAS/SCSI controllers).
For backplane enclosures attached to ISCI controllers, support is limited to Intel(R) Intelligent Backplanes.
== Security checks ==
1.http://cve.mitre.org/cve/search_cve_list.html: Search in the National Vulnerability Database using the package as a keyword
* There are 0 CVE entries that match your search.
2.Check OSS security mailing list (feed 'site:www.openwall.com/lists/oss-security <pkgname>' into search engine)
* No security issue found
3.Ubuntu CVE Tracker
http://people.ubuntu.com/~ubuntu-security/cve/main.htm
* No
http://people.ubuntu.com/~ubuntu-security/cve/universe.html
* No
http://people.ubuntu.com/~ubuntu-security/cve/partner.html
* No
4.Check for security relevant binaries. If any are present, this requires a more in-depth security review.
* Executables which have the suid or sgid bit set.
No
* Executables in /sbin, /usr/sbin.
Yes
* Packages which install services / daemons (/etc/init.d/*, /etc/init/*, /lib/systemd/system/*)
No
* Packages which open privileged ports (ports < 1024).
No
* Add-ons and plugins to security-sensitive software (filters, scanners, UI skins, etc)
No |
|
| 2021-12-10 14:56:55 |
Łukasz Zemczak |
ledmon (Ubuntu): status |
Incomplete |
Confirmed |
|
| 2021-12-10 14:57:26 |
Łukasz Zemczak |
ledmon (Ubuntu): assignee |
Matthieu Clemenceau (mclemenceau) |
Christian Ehrhardt (paelzer) |
|
| 2021-12-14 14:39:42 |
Christian Ehrhardt |
ledmon (Ubuntu): assignee |
Christian Ehrhardt (paelzer) |
Ubuntu Foundations Bugs (foundations-bugs) |
|
| 2021-12-14 14:39:44 |
Christian Ehrhardt |
ledmon (Ubuntu): status |
Confirmed |
Incomplete |
|
| 2021-12-15 00:15:41 |
Yuan-Chen Cheng |
oem-priority: status |
Fix Committed |
Confirmed |
|
| 2022-01-21 12:15:28 |
Lukas Märdian |
ledmon (Ubuntu): importance |
Undecided |
Low |
|
| 2022-12-11 19:11:04 |
Matthieu Clemenceau |
removed subscriber Matthieu Clemenceau |
|
|
|
| 2023-06-13 14:51:27 |
Christian Ehrhardt |
ledmon (Ubuntu): status |
Incomplete |
Invalid |
|
