[Bug 2052362] Re: cmake FTBFS due to test failure w/ git protocol.file.allow=user default

Launchpad Bug Tracker 2052362 at bugs.launchpad.net
Thu Feb 22 21:33:34 UTC 2024 

This bug was fixed in the package cmake - 3.22.1-1ubuntu1.22.04.2

---------------
cmake (3.22.1-1ubuntu1.22.04.2) jammy; urgency=medium

  * Cherry pick upstream fix to avoid a segfault when encountering
    an empty /proc/cpuinfo (LP: #2052360).
  * Cherry pick upstream fix for test failure caused by git setting
    protocol.file.allow=user by default to mitigate CVE-2022-39253
    (LP: #2052362).

 -- dann frazier <dannf at ubuntu.com>  Sat, 03 Feb 2024 16:33:56 -0700

** Changed in: cmake (Ubuntu Jammy)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-39253

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cmake in Ubuntu.
https://bugs.launchpad.net/bugs/2052362

Title:
  cmake FTBFS due to test failure w/ git protocol.file.allow=user
  default

Status in cmake package in Ubuntu:
  Fix Released
Status in cmake source package in Jammy:
  Fix Released
Status in cmake source package in Mantic:
  Fix Released
Status in cmake source package in Noble:
  Fix Released

Bug description:
  [Impact]
  cmake no longer builds from source in jammy due to a git security update that sets protocol.file.allow=user by default. This doesn't currently impact our builders because they seem to have an old version of git pinned - but it does impact anyone building w/ latest jammy updates applied. Here's a tail of the buildlog:

  <...>
          Start 161: ExternalProjectLocal
  663/664 Test #161: ExternalProjectLocal ........................................   Passed   38.40 sec
          Start 163: ExternalProjectUpdate
  664/664 Test #163: ExternalProjectUpdate .......................................   Passed   34.81 sec

  99% tests passed, 2 tests failed out of 664

  Label Time Summary:
  CMake      = 4485.67 sec*proc (263 tests)
  CUDA       = 488.20 sec*proc (9 tests)
  HIP        =  97.83 sec*proc (5 tests)
  ISPC       = 306.75 sec*proc (5 tests)
  Label1     =   0.07 sec*proc (1 test)
  Label2     =   0.07 sec*proc (1 test)
  Qt5        = 1859.09 sec*proc (43 tests)
  command    =   6.62 sec*proc (27 tests)
  policy     = 476.79 sec*proc (38 tests)
  run        = 4479.05 sec*proc (236 tests)

  Total Test time (real) = 447.01 sec

  The following tests FAILED:
   157 - ExternalProject (Failed)
   225 - CTest.UpdateGIT (Failed)
  Errors while running CTest
  make[2]: *** [Makefile:94: test] Error 8
  make[2]: Leaving directory '/home/ubuntu/cmake-3.22.1/Build'
  dh_auto_test: error: cd Build && make -j64 test ARGS\+=--verbose ARGS\+=-j64 -j1 "ARGS=-E CTestTestUpload\\|curl --timeout 5000 -j64" returned exit code 2
  make[1]: *** [debian/rules:81: override_dh_auto_test] Error 25
  make[1]: Leaving directory '/home/ubuntu/cmake-3.22.1'
  make: *** [debian/rules:108: binary] Error 2
  dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2

  [Test Case]
  Rebuild cmake in latest jammy.

  [Regression Risk]
  The fix is to a test case. A risk is that the test may no longer test a valid use case, and future updates could thereby sneak an actual functional regression through.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cmake/+bug/2052362/+subscriptions

More information about the foundations-bugs mailing list