Your message dated Fri, 5 Aug 2016 09:01:04 +0200 with message-id <20160805070104.cz3cxensuarpucvn@crossbow> and subject line Re: Bug#821900: apt: changelog lookup in incorrect location, hence fails to find it has caused the Debian Bug report #821900, regarding apt: changelog lookup in incorrect location, hence fails to find it to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 821900: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=821900 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apt: changelog lookup in incorrect location, hence fails to find it
- From: Georg Bauhaus <debian.published.email@notmyhomepage.de>
- Date: Wed, 20 Apr 2016 11:36:45 +0200
- Message-id: <20160420093645.13635.30229.reportbug@v220120111274725399.yourvserver.net>
Package: apt Version: 1.0.9.8.3 Severity: normal Dear Maintainer, * What led up to the situation? # apt-get upgrade It listed the new packages in the usual fashion, including openssh-server, which in particular suggests to me that I should look at the changelog. * What exactly did you do (or not do) that was effective (or ineffective)? $ apt-get changelog openssh-server * What was the outcome of this action? $ apt-get changelog openssh-server Err Changelog for openssh-server (http://packages.debian.org/changelogs/pool/updates/main/o/openssh/openssh_6.7p1-5+deb8u2/changelog) 404 Not Found [IP: 5.153.231.3 80] Err Changelog for openssh-server (http://security.debian.org/pool/updates/main/o/openssh/openssh_6.7p1-5+deb8u2.changelog) 404 Not Found [IP: 195.20.242.89 80] E: changelog download failed * What outcome did you expect instead? To see the changelog. I noticed that the changelog file for openssh_6.7p1-5+deb8u1 (note: u1) on the web is both at a "redirected" site and under a different path, so maybe some of apt or a changelog placement script is uninformed about where the other would write or where the other should look in this case? I notice that "changelog not found" is not a new problem either, but maybe the site redirection is, or the inclusion of security host's paths in this scheme? apt(8) is a core tool and in this state suggests to the administrator to bye a pig in a poke even when he or she should install security updates such as openssh. -- Package-specific info: -- apt-config dump -- APT ""; APT::Architecture "amd64"; APT::Build-Essential ""; APT::Build-Essential:: "build-essential"; APT::Install-Recommends "1"; APT::Install-Suggests "0"; APT::Authentication ""; APT::Authentication::TrustCDROM "true"; APT::NeverAutoRemove ""; APT::NeverAutoRemove:: "^firmware-linux.*"; APT::NeverAutoRemove:: "^linux-firmware$"; APT::NeverAutoRemove:: "^linux-image-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-image-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-headers-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-headers-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-image-extra-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-image-extra-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-signed-image-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-signed-image-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^kfreebsd-image-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^kfreebsd-image-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^kfreebsd-headers-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^kfreebsd-headers-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^gnumach-image-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^gnumach-image-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^.*-modules-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^.*-modules-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^.*-kernel-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^.*-kernel-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-backports-modules-.*-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-backports-modules-.*-3\.2\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-tools-3\.16\.0-4-amd64$"; APT::NeverAutoRemove:: "^linux-tools-3\.2\.0-4-amd64$"; APT::VersionedKernelPackages ""; APT::VersionedKernelPackages:: "linux-image"; APT::VersionedKernelPackages:: "linux-headers"; APT::VersionedKernelPackages:: "linux-image-extra"; APT::VersionedKernelPackages:: "linux-signed-image"; APT::VersionedKernelPackages:: "kfreebsd-image"; APT::VersionedKernelPackages:: "kfreebsd-headers"; APT::VersionedKernelPackages:: "gnumach-image"; APT::VersionedKernelPackages:: ".*-modules"; APT::VersionedKernelPackages:: ".*-kernel"; APT::VersionedKernelPackages:: "linux-backports-modules-.*"; APT::VersionedKernelPackages:: "linux-tools"; APT::Never-MarkAuto-Sections ""; APT::Never-MarkAuto-Sections:: "metapackages"; APT::Never-MarkAuto-Sections:: "restricted/metapackages"; APT::Never-MarkAuto-Sections:: "universe/metapackages"; APT::Never-MarkAuto-Sections:: "multiverse/metapackages"; APT::Never-MarkAuto-Sections:: "oldlibs"; APT::Never-MarkAuto-Sections:: "restricted/oldlibs"; APT::Never-MarkAuto-Sections:: "universe/oldlibs"; APT::Never-MarkAuto-Sections:: "multiverse/oldlibs"; APT::Architectures ""; APT::Architectures:: "amd64"; APT::Compressor ""; APT::Compressor::. ""; APT::Compressor::.::Name "."; APT::Compressor::.::Extension ""; APT::Compressor::.::Binary ""; APT::Compressor::.::Cost "1"; APT::Compressor::gzip ""; APT::Compressor::gzip::Name "gzip"; APT::Compressor::gzip::Extension ".gz"; APT::Compressor::gzip::Binary "gzip"; APT::Compressor::gzip::Cost "2"; APT::Compressor::gzip::CompressArg ""; APT::Compressor::gzip::CompressArg:: "-9n"; APT::Compressor::gzip::UncompressArg ""; APT::Compressor::gzip::UncompressArg:: "-d"; APT::Compressor::bzip2 ""; APT::Compressor::bzip2::Name "bzip2"; APT::Compressor::bzip2::Extension ".bz2"; APT::Compressor::bzip2::Binary "bzip2"; APT::Compressor::bzip2::Cost "3"; APT::Compressor::bzip2::CompressArg ""; APT::Compressor::bzip2::CompressArg:: "-9"; APT::Compressor::bzip2::UncompressArg ""; APT::Compressor::bzip2::UncompressArg:: "-d"; APT::Compressor::xz ""; APT::Compressor::xz::Name "xz"; APT::Compressor::xz::Extension ".xz"; APT::Compressor::xz::Binary "xz"; APT::Compressor::xz::Cost "4"; APT::Compressor::xz::CompressArg ""; APT::Compressor::xz::CompressArg:: "-6"; APT::Compressor::xz::UncompressArg ""; APT::Compressor::xz::UncompressArg:: "-d"; APT::Compressor::lzma ""; APT::Compressor::lzma::Name "lzma"; APT::Compressor::lzma::Extension ".lzma"; APT::Compressor::lzma::Binary "xz"; APT::Compressor::lzma::Cost "5"; APT::Compressor::lzma::CompressArg ""; APT::Compressor::lzma::CompressArg:: "--format=lzma"; APT::Compressor::lzma::CompressArg:: "-9"; APT::Compressor::lzma::UncompressArg ""; APT::Compressor::lzma::UncompressArg:: "--format=lzma"; APT::Compressor::lzma::UncompressArg:: "-d"; Dir "/"; Dir::State "var/lib/apt/"; Dir::State::lists "lists/"; Dir::State::cdroms "cdroms.list"; Dir::State::mirrors "mirrors/"; Dir::State::extended_states "extended_states"; Dir::State::status "/var/lib/dpkg/status"; Dir::Cache "var/cache/apt/"; Dir::Cache::archives "archives/"; Dir::Cache::srcpkgcache "srcpkgcache.bin"; Dir::Cache::pkgcache "pkgcache.bin"; Dir::Etc "etc/apt/"; Dir::Etc::sourcelist "sources.list"; Dir::Etc::sourceparts "sources.list.d"; Dir::Etc::vendorlist "vendors.list"; Dir::Etc::vendorparts "vendors.list.d"; Dir::Etc::main "apt.conf"; Dir::Etc::netrc "auth.conf"; Dir::Etc::parts "apt.conf.d"; Dir::Etc::preferences "preferences"; Dir::Etc::preferencesparts "preferences.d"; Dir::Etc::trusted "trusted.gpg"; Dir::Etc::trustedparts "trusted.gpg.d"; Dir::Bin ""; Dir::Bin::methods "/usr/lib/apt/methods"; Dir::Bin::solvers ""; Dir::Bin::solvers:: "/usr/lib/apt/solvers"; Dir::Bin::dpkg "/usr/bin/dpkg"; Dir::Bin::bzip2 "/bin/bzip2"; Dir::Bin::xz "/usr/bin/xz"; Dir::Bin::lzma "/usr/bin/xz"; Dir::Media ""; Dir::Media::MountPath "/media/cdrom"; Dir::Log "var/log/apt"; Dir::Log::Terminal "term.log"; Dir::Log::History "history.log"; Dir::Ignore-Files-Silently ""; Dir::Ignore-Files-Silently:: "~$"; Dir::Ignore-Files-Silently:: "\.disabled$"; Dir::Ignore-Files-Silently:: "\.bak$"; Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$"; Dir::Ignore-Files-Silently:: "\.save$"; Dir::Ignore-Files-Silently:: "\.orig$"; Dir::Ignore-Files-Silently:: "\.distUpgrade$"; Acquire ""; Acquire::cdrom ""; Acquire::cdrom::mount "/media/cdrom"; Acquire::Languages ""; Acquire::Languages:: "en"; Acquire::Languages:: "none"; Acquire::Languages:: "de_DE"; Acquire::Languages:: "de"; DPkg ""; DPkg::Pre-Install-Pkgs ""; DPkg::Pre-Install-Pkgs:: "/usr/bin/apt-listchanges --apt || test $? -ne 10"; DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true"; DPkg::Tools ""; DPkg::Tools::Options ""; DPkg::Tools::Options::/usr/bin/apt-listchanges ""; DPkg::Tools::Options::/usr/bin/apt-listchanges::Version "2"; CommandLine ""; CommandLine::AsString "apt-config dump"; -- (no /etc/apt/preferences present) -- -- /etc/apt/sources.list -- # # deb cdrom:[Debian GNU/Linux 6.0.5 _Squeeze_ - Official amd64 NETINST Binary-1 20120512-20:40]/ wheezy main #deb cdrom:[Debian GNU/Linux 6.0.5 _Squeeze_ - Official amd64 NETINST Binary-1 20120512-20:40]/ wheezy main # squeeze < wheezy < jessie deb http://ftp.de.debian.org/debian/ jessie main deb-src http://ftp.de.debian.org/debian/ jessie main deb http://security.debian.org/ jessie/updates main deb-src http://security.debian.org/ jessie/updates main # jessie-updates, previously known as 'volatile' deb http://ftp.de.debian.org/debian/ jessie-updates main deb-src http://ftp.de.debian.org/debian/ jessie-updates main # deb http://froxlormirror.netcup.net/froxlor squeeze main -- System Information: Debian Release: 8.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages apt depends on: ii debian-archive-keyring 2014.3 ii gnupg 1.4.18-7+deb8u1 ii libapt-pkg4.12 1.0.9.8.3 ii libc6 2.19-18+deb8u4 ii libgcc1 1:4.9.2-10 ii libstdc++6 4.9.2-10 apt recommends no packages. Versions of packages apt suggests: pn apt-doc <none> ii aptitude 0.6.11-1+b1 ii dpkg-dev 1.17.26 ii python-apt 0.9.3.12 -- no debconf information
--- End Message ---
--- Begin Message ---
- To: Georg Bauhaus <debian.published.email@notmyhomepage.de>, 821900-done@bugs.debian.org
- Subject: Re: Bug#821900: apt: changelog lookup in incorrect location, hence fails to find it
- From: David Kalnischkies <david@kalnischkies.de>
- Date: Fri, 5 Aug 2016 09:01:04 +0200
- Message-id: <20160805070104.cz3cxensuarpucvn@crossbow>
- In-reply-to: <20160420093645.13635.30229.reportbug@v220120111274725399.yourvserver.net>
- References: <20160420093645.13635.30229.reportbug@v220120111274725399.yourvserver.net>
Version: 1.1~exp9 Hi, On Wed, Apr 20, 2016 at 11:36:45AM +0200, Georg Bauhaus wrote: > * What exactly did you do (or not do) that was effective (or > ineffective)? > > $ apt-get changelog openssh-server > > * What was the outcome of this action? > > $ apt-get changelog openssh-server > Err Changelog for openssh-server (http://packages.debian.org/changelogs/pool/updates/main/o/openssh/openssh_6.7p1-5+deb8u2/changelog) > 404 Not Found [IP: 5.153.231.3 80] > Err Changelog for openssh-server (http://security.debian.org/pool/updates/main/o/openssh/openssh_6.7p1-5+deb8u2.changelog) > 404 Not Found [IP: 195.20.242.89 80] > E: changelog download failed The initial implementation of the changelog command which shipped with jessie was relatively naive and could only handle the main archive correctly (aka not security.d.o) – better than nothing but not good. This got rewritten, extended (and as a result codesize wise blown up) in newer versions starting with 1.1 (released last year) so stretch will have this solved. As a side note: This also implements a public API for libapt based frontends to use & is future proof in sofar as the Release file of an archive defines were to look for changelogs. Best regards David KalnischkiesAttachment: signature.asc
Description: PGP signature
--- End Message ---