Fedora has issued an advisory on July 28: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OR52UXGM6RKSCWF3KQMVZGVZVJ3WEESJ/ This is related to the "httpoxy" issue. It is fixed in 1.6.3. Mageia 5 is also affected.
Whiteboard: (none) => MGA5TOO
Blocks: (none) => 19282
Just posting a reminder to Bruno to please take care of this one.
1.6.3 pushed to mga5 updates and also to cauldron. A version of advisory written and pushed as well.
Status: NEW => ASSIGNEDAssignee: bruno => qa-bugs
Bruno: Thanks for pushing the advisory to SVN directly. Please also however copy it here, so that the QA team can refer to it easily. In particular, you should also give the list of binary RPMs that are part of the update candidate. See https://wiki.mageia.org/en/Example_update_advisory_announcement
Version: Cauldron => 5Whiteboard: MGA5TOO => advisory
Build failed in Cauldron due to a test failure on i586: http://pkgsubmit.mageia.org/uploads/failure/cauldron/core/release/20160913055038.akien.duvel.45857/log/golang-1.6.3-1.mga6/build.0.20160913055106.log
Version: 5 => Cauldron
Assigning back to Bruno. See Comment 3 and Comment 4.
CC: (none) => qa-bugsAssignee: qa-bugs => bruno
Looks like the failed test was a transient issue. Rémi just pushed it again and it built. Package list: golang-1.6.3-1.mga5 golang-docs-1.6.3-1.mga5 golang-misc-1.6.3-1.mga5 golang-tests-1.6.3-1.mga5 golang-src-1.6.3-1.mga5 golang-bin-1.6.3-1.mga5 golang-shared-1.6.3-1.mga5 from golang-1.6.3-1.mga5.src.rpm To test this package, you can just rebuild the docker package locally and make sure it builds. Assigning back to QA now.
CC: qa-bugs => brunoVersion: Cauldron => 5Assignee: bruno => qa-bugs
Whiteboard: advisory => has_procedure advisory
Tested on x86_64. Used the earlier hints from David Walser to build docker locally. Installed the updates. Rebuilt the docker package locally. Importing the source RPMS needed to be done twice: $ sudo urpmi --build-requires SRPMS/docker*.rpm $ sudo urpmi --install-src SRPMS/docker*.rpm The rebuild succeeded so this can be given the green light.
CC: (none) => tarazed25
Whiteboard: has_procedure advisory => has_procedure advisory MGA5-64-OK
Created attachment 8440 [details] How to build a package locally Feel free to modify this.
Comment on attachment 8440 [details] How to build a package locally >Note that this is not a packager tutorial but a note based on a digest provided by David Walser to help QA testers perform local builds. > >First install the mgarepo and bm packages and create <before> and <after> directories. >See /etc/mgarepo.conf. >..... >## uncomment it in case you don't have an account in the Mageia build system: >#mirror = svn://svn.mageia.org/svn/packages/ >..... >Uncomment that second line and it should use svn:// which is anonymous. > >Before enabling updates testing, download the sources: >$ cd <before> >$ mgarepo co -d 5 <packagename> >Note the reference number which this returns in case you want to revert later on. >To do that you would use: >$ mgarepo co -d 5 -r <reference> <packagename> >To download the current updated sources, enable updates testing and: >$ cd ../<after> >$ mgarepo co -d 5 <packagename> >These commands will create a set of source directories in <before> and <after>. >$ ls <after> >BUILD BUILDROOT RPMS SOURCES SPECS SRPMS > >SPECS contains <packagename>.spec, a text file containing all the build information. >It is here that you can change the compiler, add or modify compiler flags and any flags for the link-loader (ld). Hopefully you will not need to do that. >If you do then remember to perform the same edits in the before and after directories. >Then to build the package: >$ bm -ls >Providing this is successful go on to >$ sudo urpmi SRPMS/<packagename>*.rpm >$ bm -l > >The last command provides a commentary on the build which is echoed in SPECS/log.<packagename> and will tell you if the build fails. > >This might be sufficient but if you also need to install the package for further tests do: >$ sudo rpm -Uvh --force RPMS/x86_64/*.rpm >Adjust that for i586 if needed.
Started to look at trying this in i586 virtualbox running mga5.1. Installed the pre-update packages and then attempted a local build of docker. This failed: $ bm -l creating package list processing package docker-1.9.1-%mkrel 1 building source and binary packages error: Architecture is not included: i586 error: failed!
The next best thing is to actually run go code. Had a quick look at a tutorial and experimented a it. Found a very simple text analyzer on github, dup1.go and built it and ran it against the source code itself. $ go build dup1.go $ ./dup1 < dup1.go 5 2 } It correctly reports 5 blank lines and two occurrences of " }" $ go run dup1.go < dup1.go produces the same output. Not a comprehensive test but probably good enough to pass it maybe. Proper testing of the language would take time. There is a suite of test samples installed but not easy to run for a beginner. Attaching a simple test designed to output a failure message. $ go test fail_test.go --- FAIL: TestErrorreport (0.00s) fail_test.go:6: I'm in a bad mood. FAIL FAIL command-line-arguments 0.001s Adding 32-bit OK to the whiteboard.
Created attachment 8444 [details] Text analyzer of sorts, written in go
Created attachment 8445 [details] go script to demonstrate built in test function
Whiteboard: has_procedure advisory MGA5-64-OK => has_procedure advisory MGA5-64-OK MGA5-32-OK
Forgot to note that these simple tests were run before and after the updates, with the same results. Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0317.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED
Created attachment 8489 [details] How to perform a local package build
Attachment 8440 is obsolete: 0 => 1