2017-05-31 12:20:55 |
Julian Andres Klode |
bug |
|
|
added bug |
2017-05-31 12:21:46 |
Julian Andres Klode |
apt (Ubuntu): status |
New |
In Progress |
|
2017-05-31 12:21:51 |
Julian Andres Klode |
apt (Ubuntu): importance |
Undecided |
High |
|
2017-05-31 12:30:05 |
Julian Andres Klode |
description |
If the last alternative(s) of an Or group is ignored, because it does
not match an architecture list, we would end up keeping the or flag,
effectively making the next AND an OR.
For example, when parsing (on amd64):
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
=> debhelper (>= 9), libnacl-dev |
Which can cause python-apt to crash.
Even worse:
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
=> debhelper (>= 9), libnacl-dev [amd64] | foobar
By setting the previous alternatives Or flag to the current Or flag
if the current alternative is ignored, we solve the issue. |
[Impact]
If the last alternative(s) of an Or group is ignored, because it does
not match an architecture list, we would end up keeping the or flag,
effectively making the next AND an OR.
For example, when parsing (on amd64):
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
=> debhelper (>= 9), libnacl-dev |
Which can cause python-apt to crash.
Even worse:
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
=> debhelper (>= 9), libnacl-dev [amd64] | foobar
[Test case]
TODO
[Regression Potential]
apt-get build-dep and friends can now fail where they succeeded previously for packages that employ architecture-limited alternatives in their build depends, as in the second example given above, because now additional packages need to be installed (which is correct, though).
[Other info]
By setting the previous alternatives Or flag to the current Or flag
if the current alternative is ignored, we solve the issue. |
|
2017-05-31 12:52:37 |
Julian Andres Klode |
apt (Ubuntu): status |
In Progress |
Fix Committed |
|
2017-05-31 13:04:07 |
Julian Andres Klode |
description |
[Impact]
If the last alternative(s) of an Or group is ignored, because it does
not match an architecture list, we would end up keeping the or flag,
effectively making the next AND an OR.
For example, when parsing (on amd64):
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
=> debhelper (>= 9), libnacl-dev |
Which can cause python-apt to crash.
Even worse:
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
=> debhelper (>= 9), libnacl-dev [amd64] | foobar
[Test case]
TODO
[Regression Potential]
apt-get build-dep and friends can now fail where they succeeded previously for packages that employ architecture-limited alternatives in their build depends, as in the second example given above, because now additional packages need to be installed (which is correct, though).
[Other info]
By setting the previous alternatives Or flag to the current Or flag
if the current alternative is ignored, we solve the issue. |
[Impact]
If the last alternative(s) of an Or group is ignored, because it does
not match an architecture list, we would end up keeping the or flag,
effectively making the next AND an OR.
For example, when parsing (on amd64):
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
=> debhelper (>= 9), libnacl-dev |
Which can cause python-apt to crash.
Even worse:
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
=> debhelper (>= 9), libnacl-dev [amd64] | foobar
[Test case]
On amd64:
cat > segv.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy]
Standards-Version: 3.9.8
EOF
cat > failure.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy], a-non-existing-package
Standards-Version: 3.9.8
EOF
(1) apt-get build-dep -s ./segv.dsc should succeed instead of crash
(2) apt-get build-dep -s ./failure.dsc should complain about "Depends: a-non-existing-package but it is not installable" instead of succeeding.
[Regression Potential]
apt-get build-dep and friends can now fail where they succeeded previously for packages that employ architecture-limited alternatives in their build depends, as in the second example given above, because now additional packages need to be installed (which is correct, though).
[Other info]
By setting the previous alternatives Or flag to the current Or flag
if the current alternative is ignored, we solve the issue. |
|
2017-05-31 13:04:55 |
Julian Andres Klode |
description |
[Impact]
If the last alternative(s) of an Or group is ignored, because it does
not match an architecture list, we would end up keeping the or flag,
effectively making the next AND an OR.
For example, when parsing (on amd64):
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
=> debhelper (>= 9), libnacl-dev |
Which can cause python-apt to crash.
Even worse:
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
=> debhelper (>= 9), libnacl-dev [amd64] | foobar
[Test case]
On amd64:
cat > segv.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy]
Standards-Version: 3.9.8
EOF
cat > failure.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy], a-non-existing-package
Standards-Version: 3.9.8
EOF
(1) apt-get build-dep -s ./segv.dsc should succeed instead of crash
(2) apt-get build-dep -s ./failure.dsc should complain about "Depends: a-non-existing-package but it is not installable" instead of succeeding.
[Regression Potential]
apt-get build-dep and friends can now fail where they succeeded previously for packages that employ architecture-limited alternatives in their build depends, as in the second example given above, because now additional packages need to be installed (which is correct, though).
[Other info]
By setting the previous alternatives Or flag to the current Or flag
if the current alternative is ignored, we solve the issue. |
[Impact]
If the last alternative(s) of an Or group is ignored, because it does
not match an architecture list, we would end up keeping the or flag,
effectively making the next AND an OR.
For example, when parsing (on amd64):
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
=> debhelper (>= 9), libnacl-dev |
Which can cause python-apt to crash.
Even worse:
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
=> debhelper (>= 9), libnacl-dev [amd64] | foobar
[Test case]
On amd64:
cat > segv.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy]
Standards-Version: 3.9.8
EOF
cat > failure.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy], a-non-existing-package
Standards-Version: 3.9.8
EOF
(1) apt-get build-dep -s ./segv.dsc should succeed instead of crash
(2) apt-get build-dep -s ./failure.dsc should complain about "Depends: a-non-existing-package but it is not installable" instead of succeeding.
This is the same test as run by CI and autopkgtests, so if they pass the tests passed. You can also run apt-get build-dep -s dq for a real life example that should not segfault.
[Regression Potential]
apt-get build-dep and friends can now fail where they succeeded previously for packages that employ architecture-limited alternatives in their build depends, as in the second example given above, because now additional packages need to be installed (which is correct, though).
[Other info]
By setting the previous alternatives Or flag to the current Or flag
if the current alternative is ignored, we solve the issue. |
|
2017-05-31 13:06:41 |
Julian Andres Klode |
description |
[Impact]
If the last alternative(s) of an Or group is ignored, because it does
not match an architecture list, we would end up keeping the or flag,
effectively making the next AND an OR.
For example, when parsing (on amd64):
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
=> debhelper (>= 9), libnacl-dev |
Which can cause python-apt to crash.
Even worse:
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
=> debhelper (>= 9), libnacl-dev [amd64] | foobar
[Test case]
On amd64:
cat > segv.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy]
Standards-Version: 3.9.8
EOF
cat > failure.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy], a-non-existing-package
Standards-Version: 3.9.8
EOF
(1) apt-get build-dep -s ./segv.dsc should succeed instead of crash
(2) apt-get build-dep -s ./failure.dsc should complain about "Depends: a-non-existing-package but it is not installable" instead of succeeding.
This is the same test as run by CI and autopkgtests, so if they pass the tests passed. You can also run apt-get build-dep -s dq for a real life example that should not segfault.
[Regression Potential]
apt-get build-dep and friends can now fail where they succeeded previously for packages that employ architecture-limited alternatives in their build depends, as in the second example given above, because now additional packages need to be installed (which is correct, though).
[Other info]
By setting the previous alternatives Or flag to the current Or flag
if the current alternative is ignored, we solve the issue. |
[Impact]
If the last alternative(s) of an Or group is ignored, because it does
not match an architecture list, we would end up keeping the or flag,
effectively making the next AND an OR.
For example, when parsing (on amd64):
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
=> debhelper (>= 9), libnacl-dev |
Which can cause python-apt and apt-get build-dep to crash.
Even worse:
debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
=> debhelper (>= 9), libnacl-dev [amd64] | foobar
[Test case]
On amd64:
cat > segv.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy]
Standards-Version: 3.9.8
EOF
cat > failure.dsc << EOF
Format: 3.0 (native)
Source: foobar
Binary: foobar
Architecture: all
Version: 1
Maintainer: Joe Sixpack <joe@example.org>
Build-Depends: build-essential [amd64] | build-essential [fancy], a-non-existing-package
Standards-Version: 3.9.8
EOF
(1) apt-get build-dep -s ./segv.dsc should succeed instead of crash
(2) apt-get build-dep -s ./failure.dsc should complain about "Depends: a-non-existing-package but it is not installable" instead of succeeding.
This is the same test as run by CI and autopkgtests, so if they pass the tests passed. You can also run apt-get build-dep -s dq for a real life example that should not segfault.
[Regression Potential]
apt-get build-dep and friends can now fail where they succeeded previously for packages that employ architecture-limited alternatives in their build depends, as in the second example given above, because now additional packages need to be installed (which is correct, though).
[Other info]
By setting the previous alternatives Or flag to the current Or flag
if the current alternative is ignored, we solve the issue. |
|
2017-05-31 21:38:45 |
Launchpad Janitor |
apt (Ubuntu): status |
Fix Committed |
Fix Released |
|
2017-05-31 21:59:44 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Trusty |
|
2017-05-31 21:59:44 |
Julian Andres Klode |
bug task added |
|
apt (Ubuntu Trusty) |
|
2017-05-31 21:59:44 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Xenial |
|
2017-05-31 21:59:44 |
Julian Andres Klode |
bug task added |
|
apt (Ubuntu Xenial) |
|
2017-05-31 21:59:44 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Zesty |
|
2017-05-31 21:59:44 |
Julian Andres Klode |
bug task added |
|
apt (Ubuntu Zesty) |
|
2017-05-31 21:59:44 |
Julian Andres Klode |
nominated for series |
|
Ubuntu Yakkety |
|
2017-05-31 21:59:44 |
Julian Andres Klode |
bug task added |
|
apt (Ubuntu Yakkety) |
|
2017-06-19 12:21:59 |
Julian Andres Klode |
apt (Ubuntu Zesty): status |
New |
In Progress |
|
2017-06-19 12:22:01 |
Julian Andres Klode |
apt (Ubuntu Yakkety): status |
New |
In Progress |
|
2017-06-19 12:22:04 |
Julian Andres Klode |
apt (Ubuntu Xenial): status |
New |
In Progress |
|
2017-07-27 20:32:01 |
Adam Conrad |
apt (Ubuntu Yakkety): status |
In Progress |
Won't Fix |
|
2017-07-27 20:32:29 |
Adam Conrad |
apt (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
2017-07-27 20:32:31 |
Adam Conrad |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2017-07-27 20:32:34 |
Adam Conrad |
bug |
|
|
added subscriber SRU Verification |
2017-07-27 20:32:39 |
Adam Conrad |
tags |
|
verification-needed verification-needed-xenial |
|
2017-07-27 20:37:17 |
Adam Conrad |
apt (Ubuntu Zesty): status |
In Progress |
Fix Committed |
|
2017-07-28 09:35:29 |
Dimitri John Ledkov |
tags |
verification-needed verification-needed-xenial |
verification-done verification-done-xenial |
|
2017-07-28 09:47:29 |
Dimitri John Ledkov |
tags |
verification-done verification-done-xenial |
verification-done verification-done-xenial verification-failed-zesty |
|
2017-07-28 20:31:44 |
Dimitri John Ledkov |
tags |
verification-done verification-done-xenial verification-failed-zesty |
verification-done verification-done-xenial verification-done-zesty |
|
2017-07-31 16:25:38 |
Launchpad Janitor |
apt (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2017-07-31 16:25:51 |
Adam Conrad |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2017-09-13 16:00:18 |
Launchpad Janitor |
apt (Ubuntu Zesty): status |
Fix Committed |
Fix Released |
|