[MIR] protobuf-c

Bug #1956617 reported by Mario Limonciello
20
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OEM Priority Project
In Progress
High
Unassigned
protobuf-c (Ubuntu)
Status tracked in Kinetic
Focal
Fix Committed
Undecided
Unassigned
Jammy
Fix Released
Undecided
Unassigned
Kinetic
Fix Released
Undecided
Unassigned

Bug Description

[Availability]
The package protobuf-c is already in Ubuntu universe, and was in main some years ago.
The package protobuf-c builds for the architectures it is designed to work on.
It currently builds and works for architectures: amd64 arm64 armhf i386 ppc64el riscv64 s390x
Link to package https://launchpad.net/ubuntu/+source/protobuf-c

[Rationale]
- The package protobuf-c is required in Ubuntu main for fwupd 1.7.x to handle firmware updates for Logitech devices that use logitech_bulkcontroller such as their 4k webcams.
- The feature is only going to be useful to users owning such hardware but it is important for those users.

[Security]
- No CVEs/security issues in this software in the past

- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does not install services, timers or recurring jobs
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software

[Quality assurance - function/usage]
- The package works well right after install

[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has no bugs open in Debian or Ubuntu
  - Ubuntu https://bugs.launchpad.net/ubuntu/+source/protobuf-c/+bug
  - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=protobuf-c
- The package does not deal with exotic hardware we cannot support

[Quality assurance - testing]
- The package runs a test suite on build time, if it fails
  it makes the build fail, link to build log https://launchpadlibrarian.net/464904971/buildlog_ubuntu-focal-amd64.protobuf-c_1.3.3-1_BUILDING.txt.gz

- The package does not run an autopkgtest but there is no reason they shouldn't be added.

[Quality assurance - packaging]
- debian/watch is not present, no reason it shouldn't have one though

- This package has some minor lintian warnings

# lintian --pedantic
running with root privileges is not recommended!
W: protobuf-c-compiler: no-manual-page usr/bin/protoc-c
W: protobuf-c-compiler: no-manual-page usr/bin/protoc-gen-c
P: protobuf-c source: package-uses-old-debhelper-compat-version 12
P: protobuf-c source: silent-on-rules-requiring-root
P: protobuf-c source: update-debian-copyright 2019 vs 2020 [debian/copyright:65]

and some warnings about long lines in upstream sources

- Lintian overrides are not present

- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies

- The package will be installed by default, but does not ask debconf questions

- Packaging and build is easy, link to d/rules https://salsa.debian.org/edmonds/protobuf-c/-/blob/master/debian/rules

[UI standards]
- Application is not end-user facing (does not need translation)

[Dependencies]
- No further depends or recommends dependencies that are not yet in main

[Standards compliance]
- This package correctly follows FHS and Debian Policy

[Maintenance/Owner]
- Owning Team should be foundations since they own fwupd
- Team is not yet, but will subscribe to the package before promotion

- This does not use static builds
- This does not use vendored code

[Background information]
The Package description explains the package well
Upstream Name is protobuf-c
Link to upstream project https://github.com/protobuf-c/protobuf-c

CVE References

Revision history for this message
Sebastien Bacher (seb128) wrote :

The original MIR request was bug #801735

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi Mario,
Thanks for the request, given so much time passed I think we might want to apply the full process of today which has much harder quality bars to pass.

Furthermore this got demoted so long ago that according to [1] no team owns it anymore, not even for trusty or such. Therefore this won't be just "bring it back in".

We'd need to find a team that is willing to commit owning protobuf-c and once that is clear kick off the MIR process by filling in all of the template (as if it is entirely new).

[1]: http://reqorts.qa.ubuntu.com/reports/m-r-package-team-mapping.html

Changed in protobuf-c (Ubuntu):
status: New → Incomplete
Revision history for this message
Sebastien Bacher (seb128) wrote :

@Christian, I've written the MIR content to help moving things forward but the owning team should probably be foundation since it's a requirement from fwupd that they own.

From the MIR perspective those items need work

- the package doesn't include autopkgtests
- there is no debian/watch
- there are some lintian warnings

Changed in protobuf-c (Ubuntu):
status: Incomplete → New
description: updated
description: updated
Lukas Märdian (slyon)
tags: added: rls-jj-incoming
Revision history for this message
Lukas Märdian (slyon) wrote :

Thank you for updating the MIR content. Foundations agreed to take ownership of this package in our weekly #ubuntu-meeting and signed up as a team subscriber. The outstanding issues are still to be done.

tags: added: fr-1990
tags: removed: rls-jj-incoming
Changed in protobuf-c (Ubuntu):
assignee: nobody → Christian Ehrhardt  (paelzer)
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :
Download full text (4.4 KiB)

Review for Package: protobuf-c

[Summary]
MIR team ACK under the constraint to resolve the below listed
required TODOs and as much as possible having a look at the
recommended TODOs.

This does need a security review, so I'll assign ubuntu-security

List of specific binary packages to be promoted to main: protobuf-c-compiler
Specific binary packages built, but NOT to be promoted to main: libprotobuf-c1 (at least not needed for the current case, but should be ok to promote if needed later)

Notes:
- Needed in fwupd due to https://github.com/fwupd/fwupd/pull/3609

Required TODOs:
- please add a debian/watch file to help auto-detecting new versions
Recommended TODOs:
- consider adding an autopkgtest, at least running the self-tests in
  autopkgtest or better some use case using the lib/compiler
- have a look at the compiler warnings if we could help upstream to fix those

[Duplication]
This is rather interesting in this case, as there are many users and
implementations of protobuf in general. The "main" src:protobuf is the core
project and provides c++, python, ruby, java, ... bindings.
https://developers.google.com/protocol-buffers
But no "C" in that, so protobuf-c exists.
But TBH also several other projects. Of the 6 listed by upstream:
https://github.com/protocolbuffers/protobuf/blob/master/docs/third_party.md
Only two are packaged upb and protobuf-c, both in universe.
Also - as outlined in the report - formerly protobuf-c was in main.
So there is similarity, but no duplication problem here.

[Dependencies]
OK:
- no other Dependencies to MIR due to this

Problems: None

[Embedded sources and static linking]
OK:
- no embedded source present
- no static linking
- does not have odd Built-Using entries
- not a go package, no extra constraints to consider in that regard

Problems: None

[Security]
OK:
- history of CVEs does not look concerning
- does not run a daemon as root
- does not use webkit1,2
- does not use lib*v8 directly
- does not open a port/socket
- does not process arbitrary web content
- does not use centralized online accounts
- does not integrate arbitrary javascript into the desktop
- does not deal with system authentication (eg, pam), etc)
- does not deal with security attestation (secure boot, tpm, signatures)

Problems:
- does parse data formats

Depending on where it is used that could be from external sources.
Also the current reason for the MIR is the use to update firmware which usually
runs with high privilege, so being able to inject some protobuf data on the
download could then - if it breaks in the handling - cause quite some issues.
I think a security review is needed here.
Also confirmed by the fact that the more common lib "protobuf" also had a bunch
of CVEs in the past.

[Common blockers]
OK:
- does not FTBFS currently
- does have a test suite that runs at build time
  - test suite fails will fail the build upon error.
- if special HW does prevent build/autopkgtest is there a test plan, code,
  log provided?
- if a non-trivial test on this level does not make sense (the lib alone
  is only doing rather simple things), is the overall solution (app+libs)
  extensively covered i.e. via end to end autopkgtest ?
- no new...

Read more...

Changed in protobuf-c (Ubuntu):
assignee: Christian Ehrhardt  (paelzer) → Ubuntu Security Team (ubuntu-security)
Revision history for this message
Lukas Märdian (slyon) wrote :

I've uploaded https://launchpad.net/ubuntu/+source/protobuf-c/1.3.3-1ubuntu1 to contain a debian/watch file and run the unit-tests/self-tests as an autopkgtest, too.

Also, I've send those suggestions to the Debian maintainer:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004962

So I think this is just pending on security-review now.

Steve Beattie (sbeattie)
tags: added: sec-754
Revision history for this message
Mark Esler (eslerm) wrote :

There are two open security vulnerabilities for protobuf-c [0][1] and each has a pull request [2][3]. One is designated CVE-2022-33070.

protobuf-c is used in sudo and sudo's maintainer has reviewed or created the pull requests.

On the protobuf-c mailing list I requested a release for vulnerability fixes [4].

[0] https://github.com/protobuf-c/protobuf-c/issues/499
[1] https://github.com/protobuf-c/protobuf-c/issues/506
[2] https://github.com/protobuf-c/protobuf-c/pull/500
[3] https://github.com/protobuf-c/protobuf-c/pull/508
[4] https://groups.google.com/g/protobuf-c/c/LCNHAGPkk60

Revision history for this message
Mark Esler (eslerm) wrote :

protobuf-c maintainer released an update patching the above:
https://github.com/protobuf-c/protobuf-c/releases/tag/v1.4.1

Revision history for this message
Mark Esler (eslerm) wrote :

I reviewed protobuf-c 1.3.3-1 as checked into focal, protobuf-c 1.3.3-1ubuntu2 as checked into jammy, and protobuf-c 1.4.0 from upstream's git repo.

"This is protobuf-c, a C implementation of the Google Protocol Buffers data serialization format. It includes libprotobuf-c, a pure C library that implements protobuf encoding and decoding, and protoc-c, a code generator that converts Protocol Buffer .proto files to C descriptor code, based on [Google's] original protoc."

- CVE History:
  - two recent vulnerabilities
  - one was assigned CVE-2022-33070
  - patched in v1.4.1
- Build-Depends?
  - protobuf
  - ldd /usr/bin/protoc-gen-c
    - linux-vdso.so.1
    - libprotobuf.so.23 => /lib/x86_64-linux-gnu/libprotobuf.so.23
    - libprotoc.so.23 => /lib/x86_64-linux-gnu/libprotoc.so.23
    - libstdc++.so.6 => /lib/x86_64-linux-gnu/libstdc++.so.6
    - libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1
    - libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6
    - libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1
    - /lib64/ld-linux-x86-64.so.2
    - libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6
  - ldd /usr/lib/x86_64-linux-gnu/libprotobuf-c.so.1.0.0
    - no additional dependencies
- pre/post inst/rm scripts?
  - none
- init scripts?
  - none
- systemd units?
  - none
- dbus services?
  - none
- setuid binaries?
  - none
- binaries in PATH?
  - /usr/bin/protoc-gen-c
  - proto-c -> protoc-gen-c
- sudo fragments?
  - none
- polkit files?
  - none
- udev rules?
  - none
- unit tests / autopkgtests?
  - requested in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004962
- cron jobs?
  - none
- Build logs:
  - OK
  - No errors. All warnings are trivial.
- Processes spawned?
  - only for documentation generation
- Memory management?
  - See vulnerabilities above
  - Use of memcpy, malloc, free, and memset LGTM
  - An OOB memory access exists in test file
  - Defensive programming reasoning commented throughout code
- File IO?
  - none
- Logging?
  - none
- Environment variable usage?
  - none (outside of debian build scripts)
- Use of privileged functions?
  - none
- Use of cryptography / random number sources etc?
  - none
- Use of temp files?
  - none
- Use of networking?
  - none
- Use of WebKit?
  - none
- Use of PolicyKit?
  - none
- Any significant cppcheck results?
  - none
- Any significant Coverity results?
  - none
  - OOB in a test
- Any significant shellcheck results?
  - none
- Any significant bandit results?
  - none

Packages in Main already use protobuf-c as part of their build (such as sudo). The two recent vulnerabilities in protobuf-c's history were patched promptly. One of the patches is by sudo's maintainer. protobuf-c is also tracked by Google's OSS-Fuzz. The authors of protobuf-c took a lot of care to handle input and protect memory. It is well written and a good candidate for Main.

Security team ACK for promoting protobuf-c to Main.

Changed in protobuf-c (Ubuntu):
assignee: Ubuntu Security Team (ubuntu-security) → nobody
Changed in protobuf-c (Ubuntu):
status: New → In Progress
Revision history for this message
Lukas Märdian (slyon) wrote :

I've merged protobuf-c 1.4.1 from Debian unstable: https://launchpad.net/ubuntu/+source/protobuf-c/1.4.1-1ubuntu1

We got the security team ACK and all MIR team required TODOs have been resolved. I think this is good to be promoted!

Changed in protobuf-c (Ubuntu):
status: In Progress → Fix Committed
Lukas Märdian (slyon)
Changed in protobuf-c (Ubuntu):
status: Fix Committed → In Progress
Revision history for this message
Lukas Märdian (slyon) wrote :

CC @superm1

Here's a debdiff to enable this feature in fwupd (and pull in the protobuf-c dependency) in Debian.

Revision history for this message
Mario Limonciello (superm1) wrote :

Thanks Lukas! The MIR is only going to be effective for kinetic and newer right?

As fwupd tends to get backported for new hardware support lately I want to make sure that we don't accidentally enable this in focal/jammy if it backports again when it shouldn't.

So in that case maybe we want to look at the target OS in debian/rules and only enable if kinetic or newer?
If the MIR can be retroactive it would make this easier though of course.

Revision history for this message
Lukas Märdian (slyon) wrote :

We have done retroactive MIRs in the past. Also, the security team ACKed the 1.3 version (Focal), the 1.3 version + Ubuntu delta (Jammy) and the upstream 1.4 version (now Kinetic), so we should be fine on that.

I've created the bug tasks for Kinetic/Jammy/Focal, so we can have explicit MIR approval for each series. Let's try to get feedback from the original MIR reviewer about this case.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Correct - as long as all reviewers along the way were aware and agreed we can promote things in active releases.

I rechecked the versions in Focal and later - they are not changing massively, my MIR Ack is valid for >=Focal.

I might only wonder (not sure) if it would be worth to bring the test improvements to those releases as well. @Lukas that should be fairly simple and provide at least a basic coverage for future SRUs right?

Revision history for this message
Lukas Märdian (slyon) wrote (last edit ):

Thanks for the confirmation @paelzer! I think it'd make sense in this case, as we tend to backport fwupdate to the LTS series and we would like to have support for updating the Logitech webcams there, too.

The Ubuntu delta of protobuf-c is fairly simple and should apply 1:1 to the Focal version. So yes, it is worth preparing this for future SRUs. It's already included in Jammy. I'll prepare an SRU bug for Focal and tag it "block-proposed-focal", as we probably don't want to push an update just for that (no benefit to the user), but have it staged in -proposed for whenever the next SRU happens so that tests will be included.

And @superm1 can go ahead and enable the feature in Debian, so we can sync it into Kinetic. Afterwards, it can slowly trickle down into the LTS series.

Changed in protobuf-c (Ubuntu Jammy):
status: New → In Progress
Revision history for this message
Lukas Märdian (slyon) wrote :

Focal SRU prepared in bug #1981538 and uploaded into the Focal "unapproved" queue, to be reviewed/accepted by the SRU-team.

https://launchpad.net/ubuntu/focal/+queue?queue_state=1&queue_text=protobuf-c

Changed in protobuf-c (Ubuntu Focal):
status: New → In Progress
Revision history for this message
Mario Limonciello (superm1) wrote :

> Here's a debdiff to enable this feature in fwupd (and pull in the protobuf-c dependency) in Debian.

Thanks!

Merged upstream packaging
https://github.com/fwupd/fwupd/commit/7a9fffe3a6ccc185a19b2b2a70d0ba2dca7cb435

Also staged in next fwupd upload for Debian (with your attribution, thanks!)
https://salsa.debian.org/efi-team/fwupd/-/commit/44bcf084717cb0cbc78d8e31d87186d5e63f4db7

Revision history for this message
Mark Esler (eslerm) wrote :

I am hoping to see protobuf-c version 1.4.1 in kinetic which fixes several vulnerabilities. To ACK focal >= we should update the package or add security patches first.

Changed in protobuf-c (Ubuntu Kinetic):
status: In Progress → Fix Released
Revision history for this message
Lukas Märdian (slyon) wrote :

protobuf-c 1.4.1 landed in Kinetic, as well as fwupd pulling in the new protobuf-c dependency. Now, we need an Archive Admin to promote protobuf-c to "main".

Changed in protobuf-c (Ubuntu Kinetic):
status: Fix Released → Fix Committed
Revision history for this message
Lukas Märdian (slyon) wrote :

@eslerm Is applying the security patches to protobuf-c for Focal/Jammy something the security team will take care of?

Revision history for this message
Steve Langasek (vorlon) wrote :

Override component to main
protobuf-c 1.4.1-1ubuntu1 in kinetic: universe/devel -> main
libprotobuf-c-dev 1.4.1-1ubuntu1 in kinetic amd64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.4.1-1ubuntu1 in kinetic arm64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.4.1-1ubuntu1 in kinetic armhf: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.4.1-1ubuntu1 in kinetic i386: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.4.1-1ubuntu1 in kinetic ppc64el: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.4.1-1ubuntu1 in kinetic riscv64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.4.1-1ubuntu1 in kinetic s390x: universe/libdevel/optional/100% -> main
libprotobuf-c1 1.4.1-1ubuntu1 in kinetic amd64: universe/libs/optional/100% -> main
libprotobuf-c1 1.4.1-1ubuntu1 in kinetic arm64: universe/libs/optional/100% -> main
libprotobuf-c1 1.4.1-1ubuntu1 in kinetic armhf: universe/libs/optional/100% -> main
libprotobuf-c1 1.4.1-1ubuntu1 in kinetic i386: universe/libs/optional/100% -> main
libprotobuf-c1 1.4.1-1ubuntu1 in kinetic ppc64el: universe/libs/optional/100% -> main
libprotobuf-c1 1.4.1-1ubuntu1 in kinetic riscv64: universe/libs/optional/100% -> main
libprotobuf-c1 1.4.1-1ubuntu1 in kinetic s390x: universe/libs/optional/100% -> main
protobuf-c-compiler 1.4.1-1ubuntu1 in kinetic amd64: universe/devel/optional/100% -> main
protobuf-c-compiler 1.4.1-1ubuntu1 in kinetic arm64: universe/devel/optional/100% -> main
protobuf-c-compiler 1.4.1-1ubuntu1 in kinetic armhf: universe/devel/optional/100% -> main
protobuf-c-compiler 1.4.1-1ubuntu1 in kinetic i386: universe/devel/optional/100% -> main
protobuf-c-compiler 1.4.1-1ubuntu1 in kinetic ppc64el: universe/devel/optional/100% -> main
protobuf-c-compiler 1.4.1-1ubuntu1 in kinetic riscv64: universe/devel/optional/100% -> main
protobuf-c-compiler 1.4.1-1ubuntu1 in kinetic s390x: universe/devel/optional/100% -> main
22 publications overridden.

Changed in protobuf-c (Ubuntu Kinetic):
status: Fix Committed → Fix Released
Revision history for this message
Mark Esler (eslerm) wrote :

@slyon can do.

Revision history for this message
Lukas Märdian (slyon) wrote (last edit ):

Thanks @eslerm! The security fixes are now included in Focal & Jammy.

So the next fwupd SRU should be able to depend on it and pull it into main!

Lukas Märdian (slyon)
Changed in protobuf-c (Ubuntu Focal):
status: In Progress → Fix Committed
Changed in protobuf-c (Ubuntu Jammy):
status: In Progress → Fix Committed
status: Fix Committed → In Progress
Changed in protobuf-c (Ubuntu Focal):
status: Fix Committed → In Progress
Revision history for this message
Mark Esler (eslerm) wrote :

@slyon the updated versions of Focal and Jammy are live.

Revision history for this message
Lukas Märdian (slyon) wrote :

@superm1 Would you be interested in preparing those fwupd (hardware enablement) SRUs for Jammy & Focal? I guess we could also include the fix for bug #1969976 in the same uploads.

Revision history for this message
Mario Limonciello (superm1) wrote :

YC is already working on them in another bug.

Revision history for this message
Luís Infante da Câmara (luis220413) wrote (last edit ):

If the packages libprotobuf-c1 and libfstrm0 are promoted to the main component in Focal and later releases, DNSTAP support can be enabled in BIND 9 in those releases and Unbound, that is highly recommended online as a local validating resolver for Ubuntu, can be promoted to main in those releases (the source package is already in main).

I would really like to have DNSTAP support in BIND 9 and Unbound in the main component in Focal and Jammy.

Changed in oem-priority:
importance: Undecided → High
status: New → Confirmed
status: Confirmed → In Progress
tags: added: fwupd
tags: added: oem-priority
Revision history for this message
Luís Infante da Câmara (luis220413) wrote :

I just completed a MIR for the fstrm source package in bug #1986591.

Revision history for this message
Luís Infante da Câmara (luis220413) wrote (last edit ):

Why did the protobuf-c-compiler binary package move to the universe component in Ubuntu Kinetic?

Revision history for this message
Christian Ehrhardt  (paelzer) wrote (last edit ):

It was universe all the time AFAICS:

 protobuf-c-compiler | 0.15-1build1 | trusty/universe | amd64, arm64, armhf, i386, powerpc, ppc64el
 protobuf-c-compiler | 1.2.1-1 | xenial/universe | amd64, arm64, armhf, i386, powerpc, ppc64el, s390x
 protobuf-c-compiler | 1.2.1-2 | bionic/universe | amd64, arm64, armhf, i386, ppc64el, s390x
 protobuf-c-compiler | 1.3.3-1 | focal/universe | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 protobuf-c-compiler | 1.3.3-1ubuntu0.1 | focal-security/universe | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 protobuf-c-compiler | 1.3.3-1ubuntu0.1 | focal-updates/universe | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 protobuf-c-compiler | 1.3.3-1ubuntu0.2 | focal-proposed/universe | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 protobuf-c-compiler | 1.3.3-1ubuntu2 | jammy/universe | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 protobuf-c-compiler | 1.3.3-1ubuntu2.1 | jammy-security/universe | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 protobuf-c-compiler | 1.3.3-1ubuntu2.1 | jammy-updates/universe | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x
 protobuf-c-compiler | 1.4.1-1ubuntu1 | kinetic/universe | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x

Probably it lost a dependency that kept it in before?

Found it, fwupd is what is in main already (it is directly seeded).
That in turn depend only on: libprotobuf-c1

That is still in main
 libprotobuf-c1 | 1.4.1-1ubuntu1 | kinetic | amd64, arm64, armhf, i386, ppc64el, riscv64, s390x

The other binary packages of protobuf-c will auto-demote if not being needed by something in main.
libprotobuf-c-dev stays in main as all -dev/-doc packges get added automatically if the source is in main.

But if you want/need protobuf-c-compiler in main then:
a) it isn't for fwupd, as that is not having a dependency to it
b) that needs a change in the seeds

You can see what germinate finds while walking the tree from the seeds in https://people.canonical.com/~ubuntu-archive/germinate-output/ubuntu.kinetic/all+extra

Revision history for this message
Łukasz Zemczak (sil2100) wrote :
Download full text (4.2 KiB)

Per check-in with Christian, I'm promoting the jammy protobuf-c to main (it's causing component-mismatch issues with the new fwupd in jammy-proposed).

$ change-override -c main -S protobuf-c -s jammy-security
Override component to main
protobuf-c 1.3.3-1ubuntu2.1 in jammy: universe/devel -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy amd64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy arm64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy armhf: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy i386: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy ppc64el: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy riscv64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy s390x: universe/libdevel/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jammy amd64: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jammy arm64: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jammy armhf: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jammy i386: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jammy ppc64el: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jammy riscv64: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jammy s390x: universe/libs/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu2.1 in jammy amd64: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu2.1 in jammy arm64: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu2.1 in jammy armhf: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu2.1 in jammy i386: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu2.1 in jammy ppc64el: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu2.1 in jammy riscv64: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu2.1 in jammy s390x: universe/devel/optional/100% -> main
Override [y|N]? y
22 publications overridden.

$ change-override -c main -S protobuf-c -s jammy-updates
Override component to main
protobuf-c 1.3.3-1ubuntu2.1 in jammy: universe/devel -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy amd64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy arm64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy armhf: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy i386: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy ppc64el: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy riscv64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu2.1 in jammy s390x: universe/libdevel/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jammy amd64: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jammy arm64: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu2.1 in jam...

Read more...

Changed in protobuf-c (Ubuntu Jammy):
status: In Progress → Fix Released
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Same for focal (in prep for the new fwupd SRU). This time I'm only promoting the focal-proposed version, as I see it has some special MIR-based fixups:

$ change-override -c main -S protobuf-c -s focal-proposed
Override component to main
protobuf-c 1.3.3-1ubuntu0.2 in focal: universe/devel -> main
libprotobuf-c-dev 1.3.3-1ubuntu0.2 in focal amd64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu0.2 in focal arm64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu0.2 in focal armhf: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu0.2 in focal i386: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu0.2 in focal ppc64el: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu0.2 in focal riscv64: universe/libdevel/optional/100% -> main
libprotobuf-c-dev 1.3.3-1ubuntu0.2 in focal s390x: universe/libdevel/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu0.2 in focal amd64: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu0.2 in focal arm64: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu0.2 in focal armhf: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu0.2 in focal i386: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu0.2 in focal ppc64el: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu0.2 in focal riscv64: universe/libs/optional/100% -> main
libprotobuf-c1 1.3.3-1ubuntu0.2 in focal s390x: universe/libs/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu0.2 in focal amd64: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu0.2 in focal arm64: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu0.2 in focal armhf: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu0.2 in focal i386: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu0.2 in focal ppc64el: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu0.2 in focal riscv64: universe/devel/optional/100% -> main
protobuf-c-compiler 1.3.3-1ubuntu0.2 in focal s390x: universe/devel/optional/100% -> main
Override [y|N]? y
22 publications overridden.

Changed in protobuf-c (Ubuntu Focal):
status: In Progress → Fix Committed
tags: removed: fr-1990
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.