It seems like this is accidentally exposing a real IP leak? I mean, you're no longer including the literal dotted-decimal representation of the IP, but it seems that hostnamed will, under some default circumstances, set the hostname to $FOO-dashed-decimal-ip¹. If sosreport is meant to redact IP addresses from the report, then it seems reasonable to treat a default hostnamed behaviour as a meaningful IP address leak and thus the fact that the new autopkgtest catches this because the fixed autopkgtest is catching a real bug.
If you don't want to fix it now, that's fine; we can mark this version as bad-test (and the *next* upload will fail autopkgtests unless this is fixed). If you *don't* intend to fix it, then I think you should fix the autopkgtest to only consider dotted-decimal IPs as leaks.
If you intend to fix, it, though, I think the SRU team would mildly prefer it to be fixed in *this* update, so we don't need to push two separate updates to users.
So, please select from one of the following options:
1) We don't want to fix it now, but acknowledge that it's a bug.
- Please file a bug to track this bug
- We will badtest this version, so packages which trigger sosreport's autopkgtest won't be blocked
+ Note that this means that sosreport's autopkgtest will no longer catch breakage caused by any changes in your dependencies!
- We will release this SRU into -updates
2) We don't regard this as a bug
- Please do a new upload to -proposed that fixes the autopkgtest to not trigger on host-$DASHED_DECIMAL_IP
3) We'll fix it now
- Please upload a new version to -proposed that fixes the IP leak
Without knowledge of sosreport internals I can't judge the difficulty of (3), but that would be my mild preference.
It seems like this is accidentally exposing a real IP leak? I mean, you're no longer including the literal dotted-decimal representation of the IP, but it seems that hostnamed will, under some default circumstances, set the hostname to $FOO-dashed- decimal- ip¹. If sosreport is meant to redact IP addresses from the report, then it seems reasonable to treat a default hostnamed behaviour as a meaningful IP address leak and thus the fact that the new autopkgtest catches this because the fixed autopkgtest is catching a real bug.
If you don't want to fix it now, that's fine; we can mark this version as bad-test (and the *next* upload will fail autopkgtests unless this is fixed). If you *don't* intend to fix it, then I think you should fix the autopkgtest to only consider dotted-decimal IPs as leaks.
If you intend to fix, it, though, I think the SRU team would mildly prefer it to be fixed in *this* update, so we don't need to push two separate updates to users.
So, please select from one of the following options:
1) We don't want to fix it now, but acknowledge that it's a bug.
- Please file a bug to track this bug
- We will badtest this version, so packages which trigger sosreport's autopkgtest won't be blocked
+ Note that this means that sosreport's autopkgtest will no longer catch breakage caused by any changes in your dependencies!
- We will release this SRU into -updates
2) We don't regard this as a bug DECIMAL_ IP
- Please do a new upload to -proposed that fixes the autopkgtest to not trigger on host-$DASHED_
3) We'll fix it now
- Please upload a new version to -proposed that fixes the IP leak
Without knowledge of sosreport internals I can't judge the difficulty of (3), but that would be my mild preference.
¹: https:/ /www.freedeskto p.org/wiki/ Software/ systemd/ hostnamed/