[Bug 1959757] Re: [SRU] etcd FTBFS on Focal

Brian Murray 1959757 at bugs.launchpad.net
Tue Mar 22 22:34:48 UTC 2022 

** Changed in: etcd (Ubuntu Focal)
       Status: In Progress => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1959757

Title:
  [SRU] etcd FTBFS on Focal

Status in etcd package in Ubuntu:
  Fix Released
Status in etcd source package in Focal:
  Incomplete

Bug description:
  [Impact]

  etcd version 3.2.26+dfsg-5 had its dependency on golang-github-
  prometheus-client-golang-dev  updated to (>= 1.0.0~) but during Focal
  development cycle golang-github-prometheus-client-golang-dev >= 1.0.0
  never got out of -proposed, staying on version 0.9.2-0ubuntu3. This
  makes etcd FTBFS.

  etcd usually get CVEs assigned and even though it is a Universe
  package, it might be that it receives a critical CVE that the Ubuntu
  Security Team needs to patch, and currently it is not possible to
  patch it.

  To fix this is basically revert what was done in version
  3.2.26+dfsg-5, the attached debdiff shows the needed changes.

  Even though this is a fairly simple fix, we are not so sure on its
  affect, as this could cause regressions. That's why I'm creating this
  SRU, so we get more people to take a look at it.

  [Test Plan]

  On Ubuntu 20.04:

  $ sudo apt-get build-dep etcd
  Reading package lists... Done
  Reading package lists... Done
  Building dependency tree       
  Reading state information... Done
  Some packages could not be installed. This may mean that you have
  requested an impossible situation or if you are using the unstable
  distribution that some required packages have not yet been created
  or been moved out of Incoming.
  The following information may help to resolve the situation:

  The following packages have unmet dependencies:
   builddeps:etcd : Depends: golang-github-prometheus-client-golang-dev (>= 1.0.0~) but 0.9.2-0ubuntu3 is to be installed
  E: Unable to correct problems, you have held broken packages.

  We should be able to get etcd source and build-dep and then run
  debuild to build it.

  [Where problems could occur]

  With the proposed change, the etcd test suite is still passing and we
  can upgrade or downgrade the package through apt. But by downgrading
  the build-dependency we could be adding regressions and ABI
  incompatibility.

  [Other Info]

  This only affects Focal.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/etcd/+bug/1959757/+subscriptions

More information about the Ubuntu-sponsors mailing list