stop using hardening-wrapper, obsoleted by recent dpkg-dev

Bug #1620313 reported by Matthias Klose on 2016-09-05
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
Undecided
Unassigned
gtk2-engines-murrine (Ubuntu)
Undecided
Unassigned
hardening-wrapper (Debian)
Fix Released
Unknown
hardening-wrapper (Ubuntu)
Undecided
Unassigned
lxc (Ubuntu)
High
Unassigned
pidgin (Ubuntu)
Undecided
Unassigned
proftpd-dfsg (Ubuntu)
Undecided
Unassigned
thunderbird (Ubuntu)
High
Unassigned
ubuntu-push-qml (Ubuntu)
High
Unassigned
unity-control-center (Ubuntu)
Undecided
Unassigned

Bug Description

stop using hardening-wrapper, obsoleted by recent dpkg-dev.

Matthias Klose (doko) on 2016-09-05
no longer affects: unity-control-center (Debian)
Sebastien Bacher (seb128) wrote :

Could you give some details? Obsoleted does it mean dpkg is doing something equivalent by itself or do the rules from those packages need to be changed in some way?

Matthias Klose (doko) on 2016-09-05
Changed in gtk2-engines-murrine (Ubuntu):
status: New → Fix Released
Changed in hardening-wrapper (Debian):
status: Unknown → New
Matthias Klose (doko) wrote :

see dpkg-buildflags(1) about setting DEB_BUILD_MAINT_OPTIONS.

Stéphane Graber (stgraber) wrote :

How far back is this supported? LXC is automatically backported all the way back to trusty without any change to the packaging being required right now.

Chris Coulson (chrisccoulson) wrote :

Ditto for firefox (but to precise)

Matthias Klose (doko) wrote :

postgresql-9.5 uses a b-d: dpkg-dev (>= 1.16.1~) | hardening-wrapper

Matthias Klose (doko) wrote :

of course, you have to conditionalize the rules file too

Matthias Klose (doko) wrote :

uploaded firefox, just dropping the unused build dependency

Changed in firefox (Ubuntu):
status: New → In Progress
Changed in hardening-wrapper (Debian):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unity-control-center - 15.04.0+16.10.20161003.1-0ubuntu1

---------------
unity-control-center (15.04.0+16.10.20161003.1-0ubuntu1) yakkety; urgency=medium

  [ Robert Ancell ]
  * Don't check if we're running under Unity - we only support Unity
    (LP: #1554878, #1629668)
  * Ubuntu only supports usernames with lowercase letters. (LP:
    #1600638)

  [ Sebastien Bacher ]
  * Revert the change from r12750 to include only graphical sessions.
    (LP: #1380364)

  [ <email address hidden> ]
  * Removed "when battery is critical" functionality from the power
    panel as this is now handled by Upower and these settings now do
    nothing. Fixes LP: #1599264 (LP: #1599264)

 -- <email address hidden> (<email address hidden>) Mon, 03 Oct 2016 11:19:09 +0000

Changed in unity-control-center (Ubuntu):
status: New → Fix Released
Launchpad Janitor (janitor) wrote :
Download full text (3.3 KiB)

This bug was fixed in the package lxc - 2.0.5-0ubuntu1

---------------
lxc (2.0.5-0ubuntu1) yakkety; urgency=medium

  * New upstream bugfix release (2.0.5):
    - Fix .gitignore after /tools/ split
    - Add lxc-test-utils to .gitignore
    - bdev: use correct overlay module name
    - cleanup: tools: remove --name from lxc-top usage message
    - cleanup: whitespaces in option alignment for lxc-execute
    - Use full GPG fingerprint instead of long IDs.
    - tools: move --rcfile to the common options list
    - tools: set configfile after load_config
    - doc: add --rcfile to common opts
    - doc: Update Korean lxc-attach(1)
    - doc: Add --rcfile to Korean common opts
    - doc: Add --rcfile to Japanese common opts
    - tools: use exit(EXIT_*) everywhere
    - tools: unify exit() calls outside of main()
    - utils: Add mips signalfd syscall numbers
    - seccomp: Implement MIPS seccomp handling
    - seccomp: Add mips and mips64 entries to lxc_config_parse_arch
    - seccomp: fix strerror()
    - confile: add more archs to lxc_config_parse_arch()
    - seccomp: add support for s390x
    - seccomp: remove double include and order includes
    - seccomp: non functional changes
    - templates: use fd 9 instead of 200
    - templates: fedora requires openssl binary
    - tools: use boolean for ret in lxc_device.c
    - c/r: use /proc/self/tid/children instead of pidfile
    - c/r: Fix pid_t on some arches
    - templates: Add mips hostarch detection to debian
    - cleanup: replace tabs wth spaces in usage strings
    - remove extra 'ret'
    - c/r: write status only after trying to parse the pid
    - set FULL_PATH_NAMES=NO in doc/api/Doxyfile
    - templates: rm halt.target -> sigpwr.target symlink
    - templates: remove creation of bogus directory
    - console: use correct log name
    - configure: add --disable-werror
    - tests: fix get_item tests
    - templates: use correct cron version in alpine template
    - c/r: zero a smaller than known migrate_opts struct
    - lxczfs: small fixes
    - c/r: free valid_opts if necessary
    - make rsync deal with sparse files efficiently
    - lxc-create -t debian fails on ppc64el arch
    - c/r: fix typo in comment
    - cgroup: add new functions for interacting with hierachies
    - utils: add lxc_deslashify
    - c/r: pass --cgroup-roots on checkpoint
    - cgroup: get rid of weird hack in cgfsng_escape
    - cgroup: drop cgroup_canonical_path
    - c/r: check that cgroup_num_hierarchies > 0
    - tools: do not add trailing spaces on lxc-ls -1
    - conf: retrieve mtu from netdev->link
    - conf: try to retrieve mtu from veth
    - c/r: detatch from controlling tty on restore
    - Fix null derefence if attach is called without access to any tty
    - utils: fix lxc_string_split()
    - tools: lxc_deslashify() handle special cases
    - tests: add unit tests for lxc_deslashify()
    - Fix for ALTLinux container creation in all branches
    - utils: lxc_deslashify() free memory
    - Fix spelling of CentOS in the templates
    - Define LXC_DEVEL to detect development releases
    - tools: lxc-checkconfig conditionalize devpts check
  * Drop all cherry-pick patches, now upstream.
  * ...

Read more...

Changed in lxc (Ubuntu):
status: New → Fix Released
Stéphane Graber (stgraber) wrote :

Re-opening LXC task as it wasn't fixed, the fix was reverted as it was causing an FTBFS.

Changed in lxc (Ubuntu):
status: Fix Released → Triaged
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package firefox - 49.0+build4-0ubuntu2

---------------
firefox (49.0+build4-0ubuntu2) yakkety; urgency=medium

  * Drop the (unused) build dependency on hardening-wrapper. LP: #1620313.

 -- Matthias Klose <email address hidden> Wed, 28 Sep 2016 17:27:46 +0200

Changed in firefox (Ubuntu):
status: In Progress → Fix Released
Matthias Klose (doko) wrote :

fixed proftpd-dfsg and pidgin

Changed in pidgin (Ubuntu):
status: New → Fix Released
Changed in proftpd-dfsg (Ubuntu):
status: New → Fix Released
Matthias Klose (doko) wrote :

Removing packages from zesty:
 hardening-wrapper 2.8+nmu3ubuntu1 in zesty
  hardening-includes 2.8+nmu3ubuntu1 in zesty amd64
  hardening-includes 2.8+nmu3ubuntu1 in zesty arm64
  hardening-includes 2.8+nmu3ubuntu1 in zesty armhf
  hardening-includes 2.8+nmu3ubuntu1 in zesty i386
  hardening-includes 2.8+nmu3ubuntu1 in zesty powerpc
  hardening-includes 2.8+nmu3ubuntu1 in zesty ppc64el
  hardening-includes 2.8+nmu3ubuntu1 in zesty s390x
  hardening-wrapper 2.8+nmu3ubuntu1 in zesty amd64
  hardening-wrapper 2.8+nmu3ubuntu1 in zesty arm64
  hardening-wrapper 2.8+nmu3ubuntu1 in zesty armhf
  hardening-wrapper 2.8+nmu3ubuntu1 in zesty i386
  hardening-wrapper 2.8+nmu3ubuntu1 in zesty powerpc
  hardening-wrapper 2.8+nmu3ubuntu1 in zesty ppc64el
  hardening-wrapper 2.8+nmu3ubuntu1 in zesty s390x
Comment: lp: #1620313: remove hardening-wrapper in zesty
1 package successfully removed.

Changed in hardening-wrapper (Ubuntu):
status: New → Fix Released
Changed in ubuntu-push-qml (Ubuntu):
importance: Undecided → High
status: New → Confirmed
Changed in thunderbird (Ubuntu):
importance: Undecided → High
status: New → Confirmed
Changed in lxc (Ubuntu):
importance: Undecided → High
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package thunderbird - 1:45.3.0+build1-0ubuntu5

---------------
thunderbird (1:45.3.0+build1-0ubuntu5) zesty; urgency=medium

  * Removed (unused) build dependency on hardening-wrapper. LP: #1620313.

 -- Matthias Klose <email address hidden> Wed, 19 Oct 2016 19:33:39 +0200

Changed in thunderbird (Ubuntu):
status: Confirmed → Fix Released
Matthias Klose (doko) wrote :

ubuntu-push-qml built in zesty

Changed in ubuntu-push-qml (Ubuntu):
status: Confirmed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lxc - 2.0.5-0ubuntu3

---------------
lxc (2.0.5-0ubuntu3) zesty; urgency=medium

  * Also skip lxc-test-ubuntu on zesty
    (LXC still doesn't support squashfs cloud images)

 -- Stéphane Graber <email address hidden> Fri, 21 Oct 2016 22:40:14 -0400

Changed in lxc (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.