Hi, On 2020-08-23 17:06, Sebastian Ramacher wrote: > On 2020-08-23 13:37:42 +0200, Aurelien Jarno wrote: > > Package: release.debian.org > > Severity: normal > > X-Debbugs-Cc: debian-glibc@lists.debian.org, md@linux.it > > > > Dear release team, > > > > Back in December we moved libcrypt.so.1 from the libc6 package to the > > libcrypt1 package, which is built from the libxcrypt source package. > > libcrypt will eventually get removed from glibc upstream, this will > > allow faster development independently from glibc. > > > > As the ABI is compatible the "transition" has been transparent, libc6 > > depending on libcrypt1, and libc6-dev depending on libcrypt-dev. > > However it would be good to rebuild the affected packages: > > - They will get a direct dependency on libcrypt1. That would open the > > possibility to remove the libc6 dependency on libcrypt1 in bookworm. > > That would also allow to identify the affected packages to remove the > > libc6-dev dependency on libcrypt-dev, or to handle a possible ABI > > transition. > > - They might start using additional functionalities (e.g. hashing > > algorithms) provided by libcrypt1. > > > > Many packages have already been rebuilt against libxcrypt due to source > > uploads or unrelated binNMUs. We are now down to less than 80 affected > > packages on amd64, so it's probably acceptable to start binNMUing them. > > > > You will find the list below. It has been computed on amd64 only as it's > > a long operation involving unpacking all the packages in the archive and > > checking all the binaries they contains. As the change has been > > introduced at the same time on all architectures, I believe the same > > binNMUs are need for all of them, and anyway we need to keep them in > > sync for multiarch libraries. Once we have been able to get all of the > > packages fixed on amd64, I'll also check the other architectures to see > > if some of them have been missed. [snip] > Scheduled binNMUs on all architectures. Thanks for scheduling the binNMUs. We are down to the following list in sid/amd64: apr_1.6.5-1 => The dependency are not installable, I filled #969065. apr-util_1.6.1-4 => The dependency are not installable, I filled #969064. cernlib_20061220+dfsg3-4.4 => FTBFS due to #957080, not in testing fgetty_0.7-6 => It got rebuilt fine and got correctly linked against the new libcrypt.so.1. However it's not reflected in the dependencies as the package doesn't use ${shlibs:Depends}. I filled #969063. francine_0.99.8+orig-2 => FTBFS due to #957226, not in testing gadmin-proftpd_1:0.4.2-1 => FTBFS due to #957248, not in testing gadmin-rsync_0.1.7-1 => FTBFS due to #957250, not in testing gauche_0.9.6-10 => FTBFS due to #957256, not in testing gauche-c-wrapper_0.6.1-11 => FTBFS due to #925691, not in testing geant321_1:3.21.14.dfsg-11 => FTBFS due to #957263, not in testing gridengine_8.1.9+dfsg-9 => FTBFS due to #957310, not in testing mclibs_20061220+dfsg3-3.1 => FTBFS due to #957522, not in testing mysql-5.7_5.7.26-1 => FTBFS due to #969115, not in testing netatalk_3.1.12~ds-4 => FTBFS due to #957590, not in testing pam_1.3.1-5 => FTBFS due to #956355 paw_1:2.14.04.dfsg.2-9.1 => FTBFS due to #957665, not in testing quagga_1.2.4-4 => FTBFS due to #957737, not in testing In short the affected ones that are also in testing are: apr_1.6.5-1 apr-util_1.6.1-4 fgetty_0.7-6 pam_1.3.1-5 I'll track them to see if they get fixed or removed. Regards, Aurelien -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurelien@aurel32.net http://www.aurel32.net
Attachment:
signature.asc
Description: PGP signature