1. Forum
  2. Usenet
  3. LINUX.DEBIAN.PORTS.HPPA

  • OpenSSH upgrade problem (8.0 => 8.4)

    From Frank Scheiner@21:1/5 to All on Wed Oct 13 22:40:03 2021
    Dear all,

    just upgraded one of my rp3440s (last login was sometime in 2019) and
    stumbled across an issue with upgrading openssh-* to 8.4 from 8.0 (8.0p1-3).

    More recent OpenSSH versions in Debian seem to depend on "libfido2-1",
    which itself depends on "libcbor[...]". Now the problem is, that there
    is no "libcbor0" (anymore?) in the archive for hppa, there's only a "libcbor0.8", but that does not suffice the "libcbor[...]" dependency of "libfido2-1". Strangely the buildinfo file of "libfido2-1" ([1]) states
    it could install a "libcbor0" for hppa:

    ```
    [...]
    Installed-Build-Depends:
    [...]
    libcbor-dev (= 0.5.0+dfsg-2),
    libcbor0 (= 0.5.0+dfsg-2),
    [...]
    ```

    [1]: http://ftp.ports.debian.org/debian-ports/pool-hppa/main/libf/libfido2/libfido2_1.6.0-2_hppa.buildinfo

    According to [2] "libfido2-1" depends on "libcbor0" for "alpha, hppa,
    ia64, sparc64" and on "libcbor0.8" for every other arch (i.e. "not
    alpha, hppa, ia64, sparc64").

    [2]: https://packages.debian.org/sid/libfido2-1

    I could solve the issue by installing this "libcbor0" ([3]) from 2018
    from snapshots.debian.org and then upgrading the OpenSSH packages.

    [3]: http://snapshot.debian.org/archive/debian-ports/20180517T201824Z/pool-hppa/main/libc/libcbor/libcbor0_0.5.0%2Bdfsg-2_hppa.deb

    For reference I have:

    ```
    deb http://ftp.ports.debian.org/debian-ports unstable main
    deb http://ftp.ports.debian.org/debian-ports unreleased main
    deb http://ftp.ports.debian.org/debian-ports experimental main
    ```

    ...in my `/etc/apt/sources.list`.

    Cheers,
    Frank

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Scheiner@21:1/5 to John David Anglin on Thu Oct 14 00:40:01 2021
    Hi Dave,

    On 14.10.21 00:14, John David Anglin wrote:
    Hi Frank,

    Should be fixed.  I upload a new build of libfido2.

    Thanks a lot! :-)

    There's a bug in the check for -fstack-protector-all: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996428

    As "libcbor0.8" is existing for hppa, could it be an alternative to
    build libfido2 1.8.0 instead of 1.6.0? Or is this version also affected
    by this bug?

    Cheers,
    Frank

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From John David Anglin@21:1/5 to Frank Scheiner on Thu Oct 14 00:20:02 2021
    Hi Frank,

    Should be fixed.  I upload a new build of libfido2.

    There's a bug in the check for -fstack-protector-all: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996428

    Dave

    On 2021-10-13 4:33 p.m., Frank Scheiner wrote:
    Dear all,

    just upgraded one of my rp3440s (last login was sometime in 2019) and stumbled across an issue with upgrading openssh-* to 8.4 from 8.0 (8.0p1-3).

    More recent OpenSSH versions in Debian seem to depend on "libfido2-1",
    which itself depends on "libcbor[...]". Now the problem is, that there
    is no "libcbor0" (anymore?) in the archive for hppa, there's only a "libcbor0.8", but that does not suffice the "libcbor[...]" dependency of "libfido2-1". Strangely the buildinfo file of "libfido2-1" ([1]) states
    it could install a "libcbor0" for hppa:

    ```
    [...]
    Installed-Build-Depends:
    [...]
     libcbor-dev (= 0.5.0+dfsg-2),
     libcbor0 (= 0.5.0+dfsg-2),
    [...]
    ```

    [1]: http://ftp.ports.debian.org/debian-ports/pool-hppa/main/libf/libfido2/libfido2_1.6.0-2_hppa.buildinfo

    According to [2] "libfido2-1" depends on "libcbor0" for "alpha, hppa,
    ia64, sparc64" and on "libcbor0.8" for every other arch (i.e. "not
    alpha, hppa, ia64, sparc64").

    [2]: https://packages.debian.org/sid/libfido2-1

    I could solve the issue by installing this "libcbor0" ([3]) from 2018
    from snapshots.debian.org and then upgrading the OpenSSH packages.

    [3]: http://snapshot.debian.org/archive/debian-ports/20180517T201824Z/pool-hppa/main/libc/libcbor/libcbor0_0.5.0%2Bdfsg-2_hppa.deb

    For reference I have:

    ```
    deb http://ftp.ports.debian.org/debian-ports unstable main
    deb http://ftp.ports.debian.org/debian-ports unreleased main
    deb http://ftp.ports.debian.org/debian-ports experimental main
    ```

    ...in my `/etc/apt/sources.list`.

    Cheers,
    Frank



    --
    John David Anglin dave.anglin@bell.net

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From John David Anglin@21:1/5 to Frank Scheiner on Thu Oct 14 02:50:02 2021
    On 2021-10-13 6:31 p.m., Frank Scheiner wrote:
    There's a bug in the check for -fstack-protector-all:
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996428

    As "libcbor0.8" is existing for hppa, could it be an alternative to
    build libfido2 1.8.0 instead of 1.6.0? Or is this version also affected
    by this bug?
    The problem was the libfido2_1.8.0-1 build previously failed due to the cmake configuration
    bug, and libcbor0 got removed from the archive.  This prevented the last build of libfido2
    (1.6.0) from being upgraded as it depended on libcbor0.  I suspect openssh was built before libcbor0
    was removed.

    Dependency problems like this are common on Debian ports and it is often necessary to rebuild
    packages to resolve dependencies.

    Dave

    --
    John David Anglin dave.anglin@bell.net

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Frank Scheiner@21:1/5 to John David Anglin on Thu Oct 14 10:40:02 2021
    On 14.10.21 02:41, John David Anglin wrote:
    On 2021-10-13 6:31 p.m., Frank Scheiner wrote:
    There's a bug in the check for -fstack-protector-all:
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996428

    As "libcbor0.8" is existing for hppa, could it be an alternative to
    build libfido2 1.8.0 instead of 1.6.0? Or is this version also affected
    by this bug?
    The problem was the libfido2_1.8.0-1 build previously failed due to the
    cmake configuration
    bug, and libcbor0 got removed from the archive.  This prevented the last build of libfido2
    (1.6.0) from being upgraded as it depended on libcbor0.  I suspect
    openssh was built before libcbor0
    was removed.

    I see, thanks for the explanation. I actually wondered why nobody else
    seemed to have hit that block, as I assumed that "libcbor0" was removed
    before "openssh-*" actually depended on it through "libfido2-1" due to
    its age. But checking the changelog of "libcbor0.8" ([1]), the
    replacement happened just last month, so its understandable that I only
    ran into this, because I didn't upgrade my installation for two years or
    so prior to my recent upgrade.

    [1]: https://metadata.ftp-master.debian.org/changelogs//main/libc/libcbor/libcbor_0.8.0-1_changelog

    Dependency problems like this are common on Debian ports and it is often necessary to rebuild
    packages to resolve dependencies.

    Well, I seem to have a talent to run into these issues. :-)

    Cheers,
    Frank

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)