Your message dated Wed, 01 Jan 2025 22:04:23 +0000 with message-id <E1tT6pD-00D9cQ-N4@fasolo.debian.org> and subject line Bug#1091351: fixed in apt 2.9.21 has caused the Debian Bug report #1091351, regarding seccomp doesn't work with https transport to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 1091351: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091351 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: seccomp doesn't work with https transport
- From: Antonio Russo <aerusso@aerusso.net>
- Date: Tue, 24 Dec 2024 05:54:50 -0700
- Message-id: <0207107a-822d-4148-998e-b411d6b41027@aerusso.net>
Package: apt Version: 2.9.19 Severity: normal X-Debbugs-Cc: aerusso@aerusso.net Dear Maintainer, I'm not sure which (recent) version of apt caused this (though reading the changelog makes me suspicious of 2.9.19), but as of this version, I cannot use the seccomp sandbox with any https transport repositories: I get error: **** Seccomp prevented execution of syscall 0000000217 on architecture amd64 **** which is (expectedly) resolved by allowing getdents64 in the seccomp filter: APT::Sandbox::Seccomp::allow { "getdents64" }; Presumably this is some OpenSSL/GnuTLS difference? I can reproduce this easily by just changing the deb.debian.org URL to https and turning on the seccomp filter. I can poke harder at making a reproducer if the above doesn't reproduce for you. Best, AntonioAttachment: OpenPGP_0x72DB026E04C1C768.asc
Description: OpenPGP public keyAttachment: OpenPGP_signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
- To: 1091351-close@bugs.debian.org
- Subject: Bug#1091351: fixed in apt 2.9.21
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 01 Jan 2025 22:04:23 +0000
- Message-id: <E1tT6pD-00D9cQ-N4@fasolo.debian.org>
- Reply-to: Julian Andres Klode <jak@debian.org>
Source: apt Source-Version: 2.9.21 Done: Julian Andres Klode <jak@debian.org> We believe that the bug you reported is fixed in the latest version of apt, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1091351@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Julian Andres Klode <jak@debian.org> (supplier of updated apt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 01 Jan 2025 22:48:55 +0100 Source: apt Architecture: source Version: 2.9.21 Distribution: unstable Urgency: medium Maintainer: APT Development Team <deity@lists.debian.org> Changed-By: Julian Andres Klode <jak@debian.org> Closes: 1091351 1091679 Changes: apt (2.9.21) unstable; urgency=medium . [ Simon McVittie ] * sources.list(5): Suggest VENDOR.sources for new systems . [ Guillem Jover ] * Remove non-US leftovers in code and documentation * Remove obsolete references to ftp://ftp.debian.org * Use deb.debian.org instead of ftp.debian.org URLs . [ Julian Andres Klode ] * Extend v3 subkey expiry to 2026, owing to OBS use * sqv: Avoid propagating errors between files (Closes: #1091679) * http: seccomp: Allow reading directories (Closes: #1091351) * test: Check "${METHODSDIR}/sqv" not "/usr/bin/sqv" * Unfuzzy documentation translations * Run update-po4a Checksums-Sha1: 8393b47a5553b91e99561b301f10763269c40735 3181 apt_2.9.21.dsc e4af8f89f93a187910fa8a9fc8d6a2289e2bea05 2393404 apt_2.9.21.tar.xz 67d7f435d7db2387624b38fe4f2fc2a4d9e65888 7640 apt_2.9.21_source.buildinfo Checksums-Sha256: 423decf34fbf98b16008035f0e14dc49dcb08e3a61e8ff55ae493fc0163a964d 3181 apt_2.9.21.dsc cac74e48f66e00f8c5f5bc67c439c3d551a07921a26dcd48234ad398bacd6e11 2393404 apt_2.9.21.tar.xz adcc00050dc00176eb2c65829e0067faa8194d0606a87ae54907ca54b253bea2 7640 apt_2.9.21_source.buildinfo Files: 3f6805df1385ba773728a1fbde216a1b 3181 admin required apt_2.9.21.dsc da872aa82be570f732a5e2a9075891bc 2393404 admin required apt_2.9.21.tar.xz 37c799498c4759129abe256189ccf607 7640 admin required apt_2.9.21_source.buildinfo -----BEGIN PGP SIGNATURE----- wsG7BAEBCgBvBYJndbldCRBvpFjdHbA/cUcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmf7I/eIkRwECNTH59/1jw83dFaBhOnY8oLnsc1TKA4X QBYhBE+1iKhMLd55p0x3h2+kWN0dsD9xAADnrQ/+PqCQ0vpQYpvXGZM72HZ0aj92 HFVvL7N3O+68XVkyrY+tDSOyTcqtjPIu38Hq32lqUlvN9NsnyswONg5qpqrcRK/A uHEDBDI0guchxq+/GiUQE+DE9NjPtSaXDmoozsbDOZP/355YoQejvLcrL3k0RcQn AbTCyCuXblmguQemrk1WvSbQjuB6EgXcbE+/F+k6ptQxjyd2uAcZfKG72cDkA5Ea RdQLwG0ETeV+tZZDO1JEkXL79vRhukvOuzpdOyYqKu74QHrk3ggf+Hl0s+0hT+nn PgBEepFbVFzr/R/2mtpCMJgCjloIZXKyc6N+glgIgfJDigkz2G0vezsTw/eCuxWW fZq08gZg9QluLJxu4BqQI8h+ZnGvPBGSoNOjnQxYJR6shtT1m7F9/FqEb+mLffQa XdtSB/rzi/KifrP/Cof5cH3mnntwjQLL5mgN24bCMHWTHSNmEZxEkSu4EitoZAyg jTqc9iVAujYk74HC+W/QK16bBFL5ZRbowH99o913QdHW8g8JQPTUxTOLwLX49Bs8 I1rQ7rHCl7TZtVWpQ16gE0qF49Z0x6HhfSnGDi7tuhOZPz1BwE9eHNtiTXmGV+sk 8wqkTnqAJMN8HPAXo5oqahoW5zH4S04T8GVjMAI3vAWmP+xb5zeBJNMsYkQAJv+0 uwW8UqK9CAPWd6iJY0c= =UJh7 -----END PGP SIGNATURE-----Attachment: pgpZHvxvP7Elo.pgp
Description: PGP signature
--- End Message ---