[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: DLA-2743-1 amd64-microcode incomplete

Hi Utkarsh,

Looking at the reports below, the DLA-2743-1 upload from a couple weeks ago did not build, probably due to specific rules for non-free.


As a result the update is currently not installable and stretch systems remain affected by CVE-2017-5715.

Do you plan to fix this?
(added to dla-needed.txt so we keep track)

Sylvain Beucler
Debian LTS Team

On 31/08/2021 13:13, Philipp Hahn wrote:
Hello Philipp Kern,

Am 30.08.21 um 11:13 schrieb Philipp Kern:
On 23.08.21 10:47, Philipp Hahn wrote:
amd64-micocode for <https://www.debian.org/lts/security/2021/dla-2743> looks incomplete:

The source page <https://packages.debian.org/search?keywords=amd64-microcode&searchon=sourcenames&suite=all&section=all> lists
stretch (admin): 3.20181128.1~deb9u1 [non-free] [security]

but the binary page <https://packages.debian.org/search?suite=all&section=all&arch=any&searchon=names&keywords=amd64-microcode> only:
3.20160316.3: amd64 i386
Similar issues already happened multiple times in the past as Debian autobuilders don't work as expected for non-free - see attached E-Mail. "non-free" is also listed as an exception on <https://wiki.debian.org/buildd> with instructions on how to autobuild things. I see
Autobuild: yes
in you package, but <https://www.debian.org/doc/manuals/developers-reference/pkgs.html#non-free-buildd> talks about
XS-Autobuild: yes

cc: non-free@builddd

The package setup seems to be correct. XS-Autobuild has been set in the source since 10 years ago[1] and it's allowlisted on the wanna-build master.

However only the main archive has non-free autobuilding thus far, security does not. (See wuiet:/srv/wanna-build/triggers/trigger.{debian,security})

What needs to be done to get "amd64-micocode" in version "3.20181128.1~deb9u1" into "stretch-security"?
Build it manually and upload it somewhere?

Can we so something to prevent this from happening again: The source package is already available, but the binary packages are missing.

Philipp Hahn

Reply to: