2020-07-17 10:57:41 |
Moisés Guimarães de Medeiros |
bug |
|
|
added bug |
2020-07-20 17:40:10 |
Bryce Harrington |
memcached (Ubuntu): importance |
Undecided |
Wishlist |
|
2020-07-20 20:48:58 |
Bryce Harrington |
nominated for series |
|
Ubuntu Focal |
|
2020-07-20 20:48:58 |
Bryce Harrington |
bug task added |
|
memcached (Ubuntu Focal) |
|
2020-07-20 21:27:34 |
Bryce Harrington |
memcached (Ubuntu Focal): importance |
Undecided |
Wishlist |
|
2020-07-20 21:28:20 |
Bryce Harrington |
tags |
|
server-triage-discuss |
|
2020-08-17 15:19:36 |
Christian Ehrhardt |
bug watch added |
|
https://github.com/memcached/memcached/issues/441 |
|
2020-08-17 15:24:03 |
Bryce Harrington |
tags |
server-triage-discuss |
|
|
2020-08-17 16:18:24 |
Bryce Harrington |
memcached (Ubuntu): status |
New |
Incomplete |
|
2020-08-17 16:18:31 |
Bryce Harrington |
bug |
|
|
added subscriber Bryce Harrington |
2020-08-19 18:21:40 |
Bryce Harrington |
description |
At OpenStack we use ubuntu (currently 20.04) at our CI jobs.
There is a current demand for TLS enablement in order to be able to cache sensitive information such as access tokens. |
[Impact]
TBD
[Test Case]
TBD
[Regression Potential]
TBD
[Fix]
This simply needs --enable-tls passed to the configure script to enable TLS. The change has been reviewed and accepted by Debian and sync'd to Ubuntu groovy. The upstream commit is https://github.com/docker-library/memcached/blob/4538128227a0e422e59df735d67b03ee23d39637/debian/Dockerfile#L56
[Discussion]
[Original Report]
At OpenStack we use ubuntu (currently 20.04) at our CI jobs.
There is a current demand for TLS enablement in order to be able to cache sensitive information such as access tokens. |
|
2020-08-19 18:21:44 |
Bryce Harrington |
memcached (Ubuntu Focal): status |
New |
Triaged |
|
2020-08-19 19:10:09 |
Bryce Harrington |
memcached (Ubuntu): status |
Incomplete |
Fix Released |
|
2020-08-19 19:16:25 |
Bryce Harrington |
bug |
|
|
added subscriber Ubuntu Security Team |
2020-08-19 19:16:48 |
Bryce Harrington |
bug |
|
|
added subscriber Ubuntu Server |
2020-08-19 19:16:55 |
Bryce Harrington |
summary |
TLS is not enabled for memcached>=1.5.13 |
[SRU] TLS is not enabled for memcached>=1.5.13 |
|
2020-08-21 10:33:23 |
Moisés Guimarães de Medeiros |
description |
[Impact]
TBD
[Test Case]
TBD
[Regression Potential]
TBD
[Fix]
This simply needs --enable-tls passed to the configure script to enable TLS. The change has been reviewed and accepted by Debian and sync'd to Ubuntu groovy. The upstream commit is https://github.com/docker-library/memcached/blob/4538128227a0e422e59df735d67b03ee23d39637/debian/Dockerfile#L56
[Discussion]
[Original Report]
At OpenStack we use ubuntu (currently 20.04) at our CI jobs.
There is a current demand for TLS enablement in order to be able to cache sensitive information such as access tokens. |
[Impact]
TLS enablement allows Memcached to both encrypt cached data on the wire as well as to provide authentication of clients and servers according to the specified TLS configuration.
TLS is a feature enabled via configuration or command-line arguments, therefore existing deployments of Memcached will not be affected and will continue to work as expected. Such deployments would then have the choice to opt-in TLS usage by providing the extra TLS configuration.
TLS support is required to safely run Memcached on cloud environments where the user does not have total control over the network.
According to [1], support for TLS was added in version 1.5.13 while Focal ships 1.5.22. The feature is just not enabled during compile time.
[Test Case]
$ apt install memcached
$ memcached -Z -v
Error loading the certificate chain: (null)
That is enough to check if TLS capabilities are enabled in Memcached.
[Regression Potential]
Enabling TLS as an SRU will introduce a new protocol in certain environments. This may be problematic for a small number of users, but the benefit of having TLS enabled greatly outweighs that.
From an update point of view, this only enables the capability to run Memcached with TLS, and as this is an opt-in feature, services that do not choose to opt-in should stay the same.
[Fix]
This simply needs --enable-tls passed to the configure script to enable TLS. The change has been reviewed and accepted by Debian and sync'd to Ubuntu groovy. The upstream commit is https://github.com/docker-library/memcached/blob/4538128227a0e422e59df735d67b03ee23d39637/debian/Dockerfile#L56
[Discussion]
[Original Report]
At OpenStack we use ubuntu (currently 20.04) at our CI jobs.
There is a current demand for TLS enablement in order to be able to cache sensitive information such as access tokens. |
|
2020-08-31 23:23:07 |
Bryce Harrington |
attachment added |
|
The debdiff from the PPA, vs. the 0.1 in -updates. https://bugs.launchpad.net/ubuntu/+source/memcached/+bug/1887943/+attachment/5406297/+files/memcached-lp1887943.diff |
|
2020-08-31 23:45:43 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~bryce/ubuntu/+source/memcached/+git/memcached/+merge/390047 |
|
2020-08-31 23:46:59 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~bryce/ubuntu/+source/memcached/+git/memcached/+merge/390048 |
|
2020-09-11 10:50:04 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~moguimar/ubuntu/+source/memcached/+git/memcached/+merge/390612 |
|
2020-09-18 17:09:13 |
Bryce Harrington |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2020-09-22 19:02:58 |
Brian Murray |
memcached (Ubuntu Focal): status |
Triaged |
Fix Committed |
|
2020-09-22 19:03:01 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
2020-09-22 19:03:09 |
Brian Murray |
tags |
|
verification-needed verification-needed-focal |
|
2020-09-23 09:39:33 |
Moisés Guimarães de Medeiros |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968603 |
|
2020-09-23 22:41:27 |
Bryce Harrington |
tags |
verification-needed verification-needed-focal |
verification-done verification-done-focal |
|
2020-10-29 23:26:34 |
Łukasz Zemczak |
memcached (Ubuntu Focal): status |
Fix Committed |
Incomplete |
|
2021-08-27 17:49:35 |
Bryce Harrington |
memcached (Ubuntu Focal): status |
Incomplete |
New |
|
2021-09-15 03:32:44 |
Chris Halse Rogers |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2021-09-15 03:33:34 |
Launchpad Janitor |
memcached (Ubuntu Focal): status |
New |
Fix Released |
|