Foundations Team Updates - Thursday 18 January 2024

Last status can be found at: Foundations Team Updates - Thursday 11 January 2024

1 Like


  • Working on a specification about disabling TLS1.0 and 1.1 everywhere in Ubuntu main, a work which was started in 2020 and related discussions
  • Also working on disabling TLS 1.0 and 1.1 for rabbitmq-server and dropping from erlang elliptic curves deprecated by RFC8422
  • ruby 3.1 tests failing due to expired certificates (WIP)

Armhf time_t


  • Discussions around the openssl release schedule
1 Like


  • prepared the 3.2 release
    • waiting for some snap build failures to be solved so we can push it to latest/candidate

+1 Maintenance

This is +1 maintenance shift:

  • golang-github-gorilla-websocket
  • golang-github-gookit-color
  • golang-github-henrybear327-go-proton-api
    • blocked because golang-github-protonmail-gluon FTBFS
      • FTBFS because the test suite is flaky
      • Build succeeded after 2 retries
      • I opened an issue upstream ( to let the maintainers know there is maybe something going on.
      • Waiting for this pkg to be published so we can retry building golang-github-henrybear327-go-proton-api
  • meson
    • autopkgtest also failing in Debian
    • One of the rust test is failing due to -fstack-protector flag missing when building on arm.
    • (lost some time learning that a tab after the filename in patches is needed when the filename contains spaces)
    • I am testing a patch but the test suite is very slow, and it looks like it killed my machine
    • I will open a bug and probably submit the patch so it can be tested on LP.
  • gitaly
    • FTBFS
    • the package is new and I understand it never built.
    • Need to investigate more to know what should be the best way forward.

The following packages only needed a retry:

  • edk2
  • golang-github-google-gnostic-models
  • golang-google-protobuf
1 Like




  • hiring
  • pulse planing
  • spec reviews/comments (FO141, KO046,FO113)
1 Like


  • I took another look at LP#2048768 (basically gcc/llvm address sanitizer is broken on Noble) and it turns out it was caused by a change in the kernel configuration where CONFIG_ARCH_MMAP_RND_BITS was increased from 28 to 32 bits (but not on Debian). Another distro had the same issue. It was supposed to be fixed upstream (llvm) but I still can reproduce the problem with llvm 17 on Ubuntu.


  • Code reviews for @slyon PR#400 PR#434
  • Merged the security topic in our docs PR#433
  • Rebased and merged my changes to the C unit tests PR#432
  • Added support for bridge/bond/VRF identification on netplan status PR#420
  • Currently investigating some issues reported by another team related to SR-IOV Ethernet cards.
1 Like

Short week, US holiday on Monday



  • Reviewed take home tests
1 Like


  • Triage and fix FTBFS packages which builds with golang-1.22.


  • debootstrap vs autopkgtest. File bug 2049737 and ask release to hint debootstrap to migrate.
1 Like


FIPS Provider prototype

TCK setup

  • Investigated failing tests. They fall under two categories - missing FTP server and missing Kerberos server.
  • Set up a Kerberos server / Key Distribution Center on a canonistack VM and got some of the tests passing. This is WIP.

openjdk January Security updates

  • Worked on the openjdk-lts merge from Debian openjdk-11 MP#458903


  • Package under review with Security. Addressed a concern from them in MP#458816


Worked on the proposed-migration excuse bug for python3-werkzeug LP2048769. Created merge proposals for two reverse dependencies


Adoptium Workgroup meeting

1 Like

1 day off this week

  • patch pilot
    • LP: #2049515 - sponsored merge for iwd
    • LP: #2049311 - per above, submitter agreed with suggestion to drop the delta on ldapscripts and sync the package. I did the sync.
  • File initramfs-tools LP: #2049540, with reproduction steps for it and log results. There are a large number of differences in the kernel modules present in the initrd after the move to dracut.
  • working on fixing mini.iso boot issues (how the initramfs-tools bug was found)
  • curtin
    • MP: #458460 - add improvements to the curtin dm-crypt action that allow cryptoswap to be implemented
  • a lot of greenhouse
1 Like


  • refactoring .NET autopkgtests
  • technical discussions about .NET Snaps implementation
  • attended .NET Security Partners meeting
  • checked out state of Godot on Ubuntu

Ubuntu Packaging Guide

1 Like


  • opened PR 1886 increasing probert timeout when os-prober is used
  • opened PR 1888 to tweak the bug reports title when an error occurs during a curtin step.
  • investigated some bug reports including:
    • installations (unknowingly) targeting the installation media
    • wrong detection of ESP
    • absence of lvm utils for edubuntu
    • partitions already mounted during file-system creation
  • nvme-o-tcp work


  • vs wpa still with me
1 Like


  • Working on autopkgtest’s unshare test: the rabbit hole made me open this shadow bug but in the meantime, a workaround was also found. We’ll see how this develops.
  • Opened an upstream MR to fix a deadlock issue upon “No space left on device”.


  • Implement an ignore-list for checking /var/crash not being empty after upgrades tests: PR and MP


  • Following a bit on curtin vmtest testsuite
  • Following a bit some MPs on autopkgtest-cloud
  • Did some archeology on some old MP that are still open, to clean up a bit the list if possible.
1 Like


  • Some work on autoinstall related exception handling
  • More spec work (better apport hooks!)
  • More security discussions for aiohttp


1 Like


  • Killed / dequeued some autopkgtests from @andersson123 which were looping.
  • Requeued all the perl packages but with the trigger=liblocale-gettext-perl%2F1.07-6build1. I did it “one more time” to catch ones that hadn’t failed yet.
  • Dequeued some tests which included triggers from an obsolete version of perl and mesa.
  • Testing @hyask’s development version of prod-proposed-migration.
  • Merged my autopkgtest MP which suppresses warnings from apt. Then dropped the cowboy in production and updated the autopkgtest branch on the workers.
  • Cowboy’ed a change from @hyask that should stop the autopkgtest-cloud-worker’s from having tests hang in the event that the worker runs out of free space in /tmp. The change is currently being reviewed upstream.
  • Discovered and fixed an error with the above cowboy. Requeued tests which failed due to the bad cowboy.

Error Tracker

  • Ran a job which populates the count of Ubuntu 24.04 users for reasons.


  • Special expedient SRU review and release of virtualbox.
  • sru-review of livecd-rootfs for Jammy which fixes raspi daily-preinstalled builds.
  • sru-review of lubuntu-update-notifier so that dist-upgrades are better supported.
  • Submitted an MP updating the timeline of an event in the EoL process.


  • Encountered an issue creating a virtual machine with uvt from ubuntu-qa-tools so I submitted an MP fixing the issue.
  • Reviewing candidate applications.
1 Like


1 Like


  • hiredis FTBFS on ppc64el LP: #2049188
  • Lot of time spent on debugging LP: #2044549
  • Did some minor changes to the Debian GRUB 2.12 merge
1 Like

Short week, MLK Jr Day on Monday. Inclement weather also impacting capacity (no school all week…)



  • did work to improve automation of tooling around SRU/NEW processing of oem metapackages
  • queue of pending oem metapackages zeroed as of 2024-01-08 (after a backlog of dozens of uploads there since November)


  • cleanup of ubuntu-archive bug list (lots of non-actionable bugs about OEM metapackages)
  • addressed various package removal requests


  • Continuing to work on sorting out the 64-bit time_t plan in Debian
1 Like


  • Created new binary packages containing runtime and SDK PDB debug symbols.
  • Attended weekly .NET partners sync meeting
  • Investigating ways to make the .NET Snap PoC work per specification FO-151
1 Like
  • Started a conversation about needrestart’s behaviour during APT transactions
  • Looking into libpam’s various versions
  • Sponsored a few Rust toolchain uploads
  • Tweaked and sponsored s390-tools upload
  • Restarted from scratch triaging glibc test rebuild results for main due to a stupid mistake making my previous results useless
  • Working on a PR for netplan to add some warning on unused error return values
  • Some Greenhouse work
1 Like