Hi,
On 2020-08-23 17:06, Sebastian Ramacher wrote:
> On 2020-08-23 13:37:42 +0200, Aurelien Jarno wrote:
> > Package: release.debian.org
> > Severity: normal
> > X-Debbugs-Cc: debian-glibc@lists.debian.org, md@linux.it
> >
> > Dear release team,
> >
> > Back in December we moved libcrypt.so.1 from the libc6 package to the
> > libcrypt1 package, which is built from the libxcrypt source package.
> > libcrypt will eventually get removed from glibc upstream, this will
> > allow faster development independently from glibc.
> >
> > As the ABI is compatible the "transition" has been transparent, libc6
> > depending on libcrypt1, and libc6-dev depending on libcrypt-dev.
> > However it would be good to rebuild the affected packages:
> > - They will get a direct dependency on libcrypt1. That would open the
> > possibility to remove the libc6 dependency on libcrypt1 in bookworm.
> > That would also allow to identify the affected packages to remove the
> > libc6-dev dependency on libcrypt-dev, or to handle a possible ABI
> > transition.
> > - They might start using additional functionalities (e.g. hashing
> > algorithms) provided by libcrypt1.
> >
> > Many packages have already been rebuilt against libxcrypt due to source
> > uploads or unrelated binNMUs. We are now down to less than 80 affected
> > packages on amd64, so it's probably acceptable to start binNMUing them.
> >
> > You will find the list below. It has been computed on amd64 only as it's
> > a long operation involving unpacking all the packages in the archive and
> > checking all the binaries they contains. As the change has been
> > introduced at the same time on all architectures, I believe the same
> > binNMUs are need for all of them, and anyway we need to keep them in
> > sync for multiarch libraries. Once we have been able to get all of the
> > packages fixed on amd64, I'll also check the other architectures to see
> > if some of them have been missed.
[snip]
> Scheduled binNMUs on all architectures.
Thanks for scheduling the binNMUs. We are down to the following list in
sid/amd64:
apr_1.6.5-1
=> The dependency are not installable, I filled #969065.
apr-util_1.6.1-4
=> The dependency are not installable, I filled #969064.
cernlib_20061220+dfsg3-4.4
=> FTBFS due to #957080, not in testing
fgetty_0.7-6
=> It got rebuilt fine and got correctly linked against the new
libcrypt.so.1. However it's not reflected in the dependencies as the
package doesn't use ${shlibs:Depends}. I filled #969063.
francine_0.99.8+orig-2
=> FTBFS due to #957226, not in testing
gadmin-proftpd_1:0.4.2-1
=> FTBFS due to #957248, not in testing
gadmin-rsync_0.1.7-1
=> FTBFS due to #957250, not in testing
gauche_0.9.6-10
=> FTBFS due to #957256, not in testing
gauche-c-wrapper_0.6.1-11
=> FTBFS due to #925691, not in testing
geant321_1:3.21.14.dfsg-11
=> FTBFS due to #957263, not in testing
gridengine_8.1.9+dfsg-9
=> FTBFS due to #957310, not in testing
mclibs_20061220+dfsg3-3.1
=> FTBFS due to #957522, not in testing
mysql-5.7_5.7.26-1
=> FTBFS due to #969115, not in testing
netatalk_3.1.12~ds-4
=> FTBFS due to #957590, not in testing
pam_1.3.1-5
=> FTBFS due to #956355
paw_1:2.14.04.dfsg.2-9.1
=> FTBFS due to #957665, not in testing
quagga_1.2.4-4
=> FTBFS due to #957737, not in testing
In short the affected ones that are also in testing are:
apr_1.6.5-1
apr-util_1.6.1-4
fgetty_0.7-6
pam_1.3.1-5
I'll track them to see if they get fixed or removed.
Regards,
Aurelien
--
Aurelien Jarno GPG: 4096R/1DDD8C9B
aurelien@aurel32.net http://www.aurel32.net
Attachment:
signature.asc
Description: PGP signature