[Bug 1694697] Update Released

Adam Conrad adconrad at 0c3.net
Mon Jul 31 16:25:52 UTC 2017 

The verification of the Stable Release Update for apt has completed
successfully and the package has now been released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1694697

Title:
  build-depends keeps OR flag if end of or group is ignored

Status in apt package in Ubuntu:
  Fix Released
Status in apt source package in Trusty:
  New
Status in apt source package in Xenial:
  Fix Released
Status in apt source package in Yakkety:
  Won't Fix
Status in apt source package in Zesty:
  Fix Committed

Bug description:
  [Impact]
  If the last alternative(s) of an Or group is ignored, because it does
  not match an architecture list, we would end up keeping the or flag,
  effectively making the next AND an OR.

  For example, when parsing (on amd64):

      debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
   => debhelper (>= 9), libnacl-dev |

  Which can cause python-apt and apt-get build-dep to crash.

  Even worse:

       debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
    => debhelper (>= 9), libnacl-dev [amd64] | foobar

  [Test case]
  On amd64:

  cat > segv.dsc  << EOF
  Format: 3.0 (native)
  Source: foobar
  Binary: foobar
  Architecture: all
  Version: 1
  Maintainer: Joe Sixpack <joe at example.org>
  Build-Depends: build-essential [amd64] | build-essential [fancy]
  Standards-Version: 3.9.8
  EOF
  cat > failure.dsc  << EOF
  Format: 3.0 (native)
  Source: foobar
  Binary: foobar
  Architecture: all
  Version: 1
  Maintainer: Joe Sixpack <joe at example.org>
  Build-Depends: build-essential [amd64] | build-essential [fancy], a-non-existing-package
  Standards-Version: 3.9.8
  EOF

  (1) apt-get build-dep -s ./segv.dsc should succeed instead of crash
  (2) apt-get build-dep -s ./failure.dsc should complain about "Depends: a-non-existing-package but it is not installable" instead of succeeding.

  This is the same test as run by CI and autopkgtests, so if they pass
  the tests passed. You can also run apt-get build-dep -s dq for a real
  life example that should not segfault.

  [Regression Potential]
  apt-get build-dep and friends can now fail where they succeeded previously for packages that employ architecture-limited alternatives in their build depends, as in the second example given above, because now additional packages need to be installed (which is correct, though).

  [Other info]
  By setting the previous alternatives Or flag to the current Or flag
  if the current alternative is ignored, we solve the issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1694697/+subscriptions

More information about the foundations-bugs mailing list