[Bug 1756870] [NEW] [MIR] socat

Julian Andres Klode 1756870 at bugs.launchpad.net
Mon Mar 19 12:32:35 UTC 2018 

Public bug reported:

[Availability]
Available in universe, built on all architectures.

[Rationale]
pv shows progress reports for data passing through a pipeline. It has recently become a requirement for GKE and thus should be in main.

[Security]
The tracker lists two open CVEs, but it is wrong - they have been fixed quite some time ago.

[Quality assurance]
Upstream has a test suite, but it is not run. socat has an important bug in Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793384 - it uses to few bits for DH parameters by default.

[Dependencies]
Build-Depends: debhelper (>= 10), libssl-dev, libwrap0-dev.

[Standards compliance]

[Maintenance]
The package is relatively small, but since it interfaces with (potentially SSL) sockets, it might need some security updates. Otherwise it can be kept in sync with Debian.

[Background information]
There was a previous MIR attempt in https://bugs.launchpad.net/ubuntu/+source/socat/+bug/829234

** Affects: socat (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: id-5a382bce76f6b2c4a57705a0

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to socat in Ubuntu.
https://bugs.launchpad.net/bugs/1756870

Title:
  [MIR] socat

Status in socat package in Ubuntu:
  New

Bug description:
  [Availability]
  Available in universe, built on all architectures.

  [Rationale]
  pv shows progress reports for data passing through a pipeline. It has recently become a requirement for GKE and thus should be in main.

  [Security]
  The tracker lists two open CVEs, but it is wrong - they have been fixed quite some time ago.

  [Quality assurance]
  Upstream has a test suite, but it is not run. socat has an important bug in Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793384 - it uses to few bits for DH parameters by default.

  [Dependencies]
  Build-Depends: debhelper (>= 10), libssl-dev, libwrap0-dev.

  [Standards compliance]

  [Maintenance]
  The package is relatively small, but since it interfaces with (potentially SSL) sockets, it might need some security updates. Otherwise it can be kept in sync with Debian.

  [Background information]
  There was a previous MIR attempt in https://bugs.launchpad.net/ubuntu/+source/socat/+bug/829234

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/socat/+bug/1756870/+subscriptions

More information about the foundations-bugs mailing list