[Bug 1959757] Re: [SRU] etcd FTBFS on Focal
Brian Murray
1959757 at bugs.launchpad.net
Tue Mar 22 22:34:48 UTC 2022
** Changed in: etcd (Ubuntu Focal)
Status: In Progress => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1959757
Title:
[SRU] etcd FTBFS on Focal
Status in etcd package in Ubuntu:
Fix Released
Status in etcd source package in Focal:
Incomplete
Bug description:
[Impact]
etcd version 3.2.26+dfsg-5 had its dependency on golang-github-
prometheus-client-golang-dev updated to (>= 1.0.0~) but during Focal
development cycle golang-github-prometheus-client-golang-dev >= 1.0.0
never got out of -proposed, staying on version 0.9.2-0ubuntu3. This
makes etcd FTBFS.
etcd usually get CVEs assigned and even though it is a Universe
package, it might be that it receives a critical CVE that the Ubuntu
Security Team needs to patch, and currently it is not possible to
patch it.
To fix this is basically revert what was done in version
3.2.26+dfsg-5, the attached debdiff shows the needed changes.
Even though this is a fairly simple fix, we are not so sure on its
affect, as this could cause regressions. That's why I'm creating this
SRU, so we get more people to take a look at it.
[Test Plan]
On Ubuntu 20.04:
$ sudo apt-get build-dep etcd
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
builddeps:etcd : Depends: golang-github-prometheus-client-golang-dev (>= 1.0.0~) but 0.9.2-0ubuntu3 is to be installed
E: Unable to correct problems, you have held broken packages.
We should be able to get etcd source and build-dep and then run
debuild to build it.
[Where problems could occur]
With the proposed change, the etcd test suite is still passing and we
can upgrade or downgrade the package through apt. But by downgrading
the build-dependency we could be adding regressions and ABI
incompatibility.
[Other Info]
This only affects Focal.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/etcd/+bug/1959757/+subscriptions
More information about the Ubuntu-sponsors
mailing list