[Bug 2085607] Please test proposed package

Timo Aaltonen 2085607 at bugs.launchpad.net
Fri Nov 29 16:35:36 UTC 2024 

Hello Arif, or anyone else affected,

Accepted sosreport into noble-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/sosreport/4.7.2-0ubuntu1~24.04.2 in
a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
noble to verification-done-noble. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-noble. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: sosreport (Ubuntu Jammy)
       Status: In Progress => Fix Committed

** Tags added: verification-needed-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2085607

Title:
  [sru] Obfuscation issues in sosreport sos 4.7.2

Status in sosreport source package in Focal:
  Fix Committed
Status in sosreport source package in Jammy:
  Fix Committed
Status in sosreport source package in Noble:
  Fix Committed
Status in sosreport source package in Oracular:
  Fix Committed

Bug description:
  [ Impact ]

  When doing SRU for sos 4.7.2 we encountered obfuscation issues,
  although not a regression at the time, it was still an issue that had
  been present for a while

  So, these passwords would be fully visible to the end support
  personnel and therefore leaked passwords.

  [ Test Plan ]

  1. Deploy a sunbeam simple cloud, and run the sos report, check to see if passwords are obfuscated in configuration file
  2. Deploy heat, and ensure auth_encryption_key is obfuscated in configuration file
  3. Deploy placement, and ensure that both NOVA_API_PASS and PLACEMENT_PASS are obfuscated in configuration file
  4. Deploy mysql and ensure password field is obfuscated in configuration file

  [ Where problems could occur ]

  The corresponding files are not obfuscated, and we need to update the
  patches

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/focal/+source/sosreport/+bug/2085607/+subscriptions

More information about the Ubuntu-sponsors mailing list