A new release of the Ubuntu Cloud Images for stable Ubuntu release 20.04 LTS (Focal Fossa) is available at [1]. These new images superseded the existing images [2]. Images are available for download or immediate use on EC2 via publish AMI ids. Users who wish to update their existing installations can do so with: 'sudo apt-get update && sudo apt-get dist-upgrade && sudo reboot'. The following packages have been updated. Please see the full changelogs for a complete listing of changes: * curl: 7.68.0-1ubuntu2.11 => 7.68.0-1ubuntu2.12 * libmbim: 1.24.8-1~20.04 => 1.26.2-1~ubuntu20.04.1 * libqmi: 1.28.6-1~20.04.1 => 1.30.4-1~ubuntu20.04.1 * linux-meta: 5.4.0.120.121 => 5.4.0.121.122 * linux-signed: 5.4.0-120.136 => 5.4.0-121.137 * modemmanager: 1.16.6-2~20.04.1 => 1.18.6-1~ubuntu20.04.1 * openssl: 1.1.1f-1ubuntu2.13 => 1.1.1f-1ubuntu2.15 * ubuntu-advantage-tools: 27.8~20.04.1 => 27.9~20.04.1 The following is a complete changelog for this image. new: {'linux-headers-5.4.0-121-generic': '5.4.0-121.137', 'linux-modules-5.4.0-121-generic': '5.4.0-121.137', 'linux-headers-5.4.0-121': '5.4.0-121.137'} removed: {'linux-headers-5.4.0-120-generic': '5.4.0-120.136', 'linux-headers-5.4.0-120': '5.4.0-120.136', 'linux-modules-5.4.0-120-generic': '5.4.0-120.136'} changed: ['curl', 'libcurl3-gnutls:amd64', 'libcurl4:amd64', 'libmbim-glib4:amd64', 'libmbim-proxy', 'libmm-glib0:amd64', 'libqmi-glib5:amd64', 'libqmi-proxy', 'libssl1.1:amd64', 'linux-headers-generic', 'linux-headers-virtual', 'linux-image-5.4.0-121-generic', 'linux-image-virtual', 'linux-virtual', 'modemmanager', 'openssl', 'ubuntu-advantage-tools'] new snaps: {} removed snaps: {} changed snaps: [] ==== curl: 7.68.0-1ubuntu2.11 => 7.68.0-1ubuntu2.12 ==== ==== curl libcurl3-gnutls:amd64 libcurl4:amd64 * SECURITY UPDATE: HTTP compression denial of service - debian/patches/CVE-2022-32206.patch: return error on too many compression steps in lib/content_encoding.c. - CVE-2022-32206 * SECURITY UPDATE: FTP-KRB bad msg verification - debian/patches/CVE-2022-32208.patch: return error properly on decode errors in lib/krb5.c. - CVE-2022-32208 ==== libmbim: 1.24.8-1~20.04 => 1.26.2-1~ubuntu20.04.1 ==== ==== libmbim-glib4:amd64 libmbim-proxy * Backport to focal. (LP: #1965901) * Lower debhelper to 12 which is the version available on the serie * New upstream version 1.26.2 * d/control: avoid duplicate build dependencies and sort list `gtk-doc-tools` was added to `Build-Depends` in order to fix build with latest autotools, but it was pulled in unconditionally and left in `Build-Depends-Indep`. This commit makes sure we avoid duplicates and don't need `gtk-doc-tools` when building with the `nodoc` profile. We also took the opportunity to sort build dependencies by alphabetical order for better readability. * d/libmbim-glib4: update symbols file for new version * debian: update lintian-overrides. Due to a change in how `lintian` reports issues, the `libmbim-glib4` overrides were ignored. This commit updates the corresponding file in order to fix that and adds a new override for `libmbim-glib-doc`: installing documentation to `/usr/share/gtk-doc` instead of `/usr/share/doc` is the standard practice for glib/gtk-based software. * d/rules: drop --fail-missing option for dh_missing. This is now the default with dh-compat level 13. * d/control: build-depend on gtk-doc-tools. * New upstream version 1.26.0 * d/control: change maintainer to DebianOnMobile team. * d/control: bump debhelper-compat version and Standards-Version. * d/copyright: add Upstream-Contact and update maintainer email * d/copyright: fix libmbim-glib path * debian: add salsa CI pipeline * d/source: add upstream metadata * d/control: update build dependencies. * d/libmbim-glib4: update symbols file for new version * d/watch: bump watch file version, no change required * d/rules: add hardening build options * d/changelog: prepare new release * d/control: add more Uploaders. * New upstream version * Non-maintainer upload. * New upstream version (bug fixes). * Add upstream signing key. * Non-maintainer upload. * New upstream version (bug fixes). * debian/libmbim-glib4.symbols: Updated symbols for new release. * Non-maintainer upload. * New upstream version (bug fixes). * Fix reproducibility by removing superfluous Makefiles (Closes: #963603). * Non-maintainer upload. * New upstream version. * Non-maintainer upload. * Add package for GObject introspection (new upstream feature). * Non-maintainer upload. * Bump debhelper to 12, no further changes * Bump Standards-Version to 4.5.0 (no further changes) * Move mbim-proxy to /usr/libexec (Closes: #954145) * Do not build-depend on libgudev-dev package on non-linux architectures * Add help2man to the build-dependencies to ensure that the manpages are properly built (Closes: #952124) * Move gtk-doc-tools and libglib2.0-doc to the B-D-I instead of the build-dependencies, mark the with * Add Build-Depends-Package to the symbols file to please lintian * debian/control: Remove a duplication section, to please lintian * Add a symlink for the documentation in /usr/share/doc and adjust the docbase file. This fixes the doc-base-file-references-wrong-path lintian warning * Non-maintainer upload. * Update Vcs-* to salsa. * Use Rules-Requires-Root: no * Really add the build-depends on autoconf-archive * New upstream version * debian/control.in: - Build-Depends on autoconf-archive * debian/patches/git_deprecation_warnings.patch: - removed, included in the new version * debian/patches/git_deprecation_warnings.patch: - disable deprecation warnings, fix the build with the new glib version * Non-maintainer upload. * New upstream release * New upstream release - Needed by ModemManager 1.10. * debian/libmbim-glib4.symbols: Updated symbols for new release. * New upstream release 1.16.0 (Closes: #887974) * Adopting the package. (Closes: #888680) * debian/control: bump libglib-dev Depends to (>= 2.36) as required by the new release. * debian/libmbim-glib4.symbols: update symbols for new release. * debian/rules: add DPKG_GENSYMBOLS_CHECK_LEVEL=4; it's more verbose with added or changed symbols then. [ Manuel A. Fernandez Montecelo ] * Non-maintainer upload. [ Helmut Grohne ] * Fix FTCBFS: Skip documentation in arch-only build. (Closes: #872813) * Remove myself as Maintainer and reinstate Thomas Bechtold. * New upstream version 1.14.2 * Bump debhelper compat level to 10 for automatic dh-autoreconf * Update Vcs-* following the latest recommendation * Bump Standards-Version to 4.1.0 * Switch to new dh_missing helper and use --fail-missing * New upstream release. * Explicitly build with udev support. * Update symbols file. * Bump Standards-Version to 3.9.8. * Install bash-completion file for mbimcli. [ Thomas Bechtold ] * Set biebl@debian.org as new Maintainer and move myself to Uploaders. [ Michael Biebl ] * New upstream release. * Use https:// for upstream homepage. * Drop libmbim-glib4-dbg now that we have automatic dbgsym packages. * Ensure proper upgrade from libmbim-glib4-dbg to new dbgsym packages by using dh_strip --dbgsym-migration. Bump Build-Depends on debhelper accordingly. * Bump Standards-Version to 3.9.7. * Drop debian/mbimcli.1 since we use the upstream man page. * Upload to unstable. * Add myself to Uploaders. * Team upload. [ Marius B. Kotsbak ] * Imported Upstream version 1.12.2 * Update debian/libmbim-glib4.symbols for new upstream release. * Update Debian standards version to the latest. * Add experimental branch config in gbp.conf. [ Michael Biebl ] * Update Vcs-* to use canonical URLs, use cgit and https for Vcs-Browser. * Non-maintainer upload. * Apply patch from Boris Egorov to fix bashisms (Closes: #772325) * Team upload. * Use a strictly versioned dependency between libmbim-proxy and libmbim-glib4, so the two packages don't get out of sync. * Make any package linking against libmbim-glib4 get an explicit dependency on libmbim-proxy. The mbim-proxy binary is used internally by libmbim-glib4 and the package split is an implementation detail to properly support multi-arch. Convince lintian that this is intentional. * Team upload. [ Marius B. Kotsbak ] * New upstream release. * Rename libmbim-glib0 libmbim-glib4 for the soname bump. * Add new package libmbim-proxy holding mbim-proxy binary. * Add debug info package libmbim-glib4-dbg. [ Michael Biebl ] * Use dh_install --list-missing to show uninstalled files. * Install man pages via dh_install. * Drop obsolete --with-tests configure option. * New upstream release. * Update debian/libmbim-glib0.symbols. * debian/copyright: Mention GFDL-1.3+ license which is used for documentation (Closes: #732527). * debian/control: Bump Standards-Version to 3.9.5. No further changes needed. * New upstream release (Closes: #731908) * Fix Multi-Arch: same problem with separated doc package (Closes: #728195) * debian/patches/0001-build-filter-out-non-public-symbols.patch: Dropped, applied upstream. * debian/libmbim-utils.install: Provide mbim-network binary. * debian/libmbim-utils.manpages: Install manpages provided by upstream. * debian/rules: manpage creation no longer needed. manpages are provided by upstream. * debian/control: Use Debian email address in maintainer field. * Initial release. (Closes: #716765) ==== libqmi: 1.28.6-1~20.04.1 => 1.30.4-1~ubuntu20.04.1 ==== ==== libqmi-glib5:amd64 libqmi-proxy * Backport to focal. (LP: #1965901) * Lower debhelper to 12 which is the version available on the serie * New upstream version 1.30.4 * d/rules: error out if symbols aren't up-to-date. We want to ship shared libs with up-to-date symbols file, so having the build error out if that's not the case is a good way to ensure we update those before releasing the package. * d/control: sort build dependencies. * lintian-overrides: update to new format for libqmi-glib5. The format for the `symbols-declares-dependency-on-other-package` lintian override has changed to include the corresponding library name. Update the override so it matches the current format and makes lintian happy. * New upstream version 1.30.2 * d/control: change maintainer to DebianOnMobile team. * d/control: bump debhelper-compat version and Standards-Version. * d/copyright: add Upstream-Contact field * debian: add salsa CI pipeline * d/source: add upstream metadata * d/watch: bump watch file version, no change required * d/control: update build dependencies. * d/rules: add hardening build options * d/libqmi-glib5: update symbols file for new version * New upstream version * debian/libqmi-glib5.symbols: - updated for the new version * Non-maintainer upload. * Bug fix release: + libqmi-glib: Fix internal QmiClientCtl leak in the QmiDevice when using the QMUX endpoint. * Non-maintainer upload. * Source-only upload (Closes: #980558). * Non-maintainer upload. * New upstream version. * Non-maintainer upload. * New upstream version. * debian/libqmi-glib5.symbols: add symbols for 1.26.6. * Non-maintainer upload. * New upstream version. * Non-maintainer upload. * New upstream version. * Fix reproducibility by removing superfluous Makefiles (Closes: #963485). * Non-maintainer upload. * New upstream version. * Non-maintainer upload. * Add package for GObject introspection (new upstream feature). * debian/libqmi-glib5.symbols: 280 additional symbols. * Non-maintainer upload. * New upstream version. * Non-maintainer upload. [ Laurent Bigonville ] * Add debian/gbp.conf file * debian/control: Bump Standards-Version to 4.5.0 (no further changes) * Mark libqmi-glib-doc with Build-profiles: and move libglib2.0-doc to BDI * debian/control: Switch the build-dependency to python3 (Closes: #943157) * Bump debhelper version to 12 and use dh_missing instead of dh_install --list-missing * Move qmi-proxy to /usr/libexec * debian/control: Remove duplicate sections to please lintian * debian/libqmi-glib5.symbols: Add Build-Depends-Package field * Add a symlink for the documentation in /usr/share/doc and adjust the docbase file. This fixes the doc-base-file-references-wrong-path lintian warning [ Helmut Grohne ] * Fix FTCBFS + Annotate python build dependency with :any. + Disable gtk-doc for arch-only builds. (Closes: #913113) * Non-maintainer upload. * Update Vcs-* to salsa. * Use Rules-Requires-Root: no * New upstream version * debian/control, debian/patches/versioned_python_binary.patch: - don't use an unversioned python binary * New upstream version * debian/libqmi-glib5.symbols: - refreshed the symbols for the new version * Non-maintainer upload. * New upstream release * Removed debian/patches/git_reset-offset-before-2nd-call.patch, included upstream. * Non-maintainer upload. * enable verbose build logs (Closes: #900909) * Non-maintainer upload. * Add debian/patches/git_reset-offset-before-2nd-call.patch from upstream. - equivalent to 1.22.2 release except the broken manpages in that release. * Non-maintainer upload * Bump Build-Depends on libmbim-glib-dev to 1.18.0 to fix build (Closes: #921321) * New upstream release - Needed by ModemManager 1.10. * debian/patches/0001-qmicli-remove-implicity-casts-to-GDestroyNotify-in-g.patch: Dropped, included upstream. * debian/libqmi-glib5.symbols: update symbols for new release. * Non-maintainer upload. * Add upstream fix for FTBFS with glib 2.58, thanks to Juhani Numminen. (Closes: #908016) * New upstream version 1.20.0. (Closes: #887975) * debian/patches/0001-utils-drop-useless-g_file_test-call.patch: dropped, included upstream. * debian/libqmi-glib5.symbols: update symbols for new release. * debian/control: changing Maintainer field to claim the package. Marius is no longer interested in maintaining it. * debian/control: bump Standards-Version to 4.1.3. * Remove myself from Uploaders. * Drop useless g_file_test() call. Fixes FTBFS with glib2.0 >= 2.52.1 which changed the behaviour of g_file_test(). (Closes: #865579) * Bump Standards-Version to 4.0.0 * New upstream version 1.18.0 * Bump Build-Depends on libglib2.0-dev to (>= 2.36) * Update libqmi-glib5 symbols file * Enable new qmi-firmware-update tool * Enable GUdev support for qmi-firmware-update * New upstream release. * Bump debhelper compat level to 10. * Drop Build-Depends on intltool. * New upstream release. * Enable QMi-over-MBIM support, which is required by new Sierra devices to work in MBIM mode. * Update symbols file. * Only install the upstream documentation files once. * New upstream release. * Bump Standards-Version to 3.9.8. * Update debian/copyright. * New upstream release. * Use https:// for upstream homepage. * Rename libqmi-glib1 libqmi-glib5 for the upstream SONAME bump. * Update symbols files accordingly. * Run wrap-and-sort -at. * Bump Standards-Version to 3.9.7. * Drop libqmi-glib5-dbg now that we have automatic dbgsym packages. * Ensure proper upgrade from libqmi-glib5-dbg to new dbgsym packages by using dh_strip --dbgsym-migration. Bump Build-Depends on debhelper accordingly. * Drop debian/qmicli.1 since we use the upstream man page. * Install bash-completion file for qmicli. * Drop obsolete debian/README.source. * Rename libqmi-glib.doc-base libqmi-glib-doc.doc-base so the doc-base support file is actually installed. * Upload to unstable. * New upstream release. * Add myself to Uploaders. * Team upload. * Mark binary packages as linux-any. * Team upload. [ Marius B. Kotsbak ] * Add gbp config for experimental branch. [ Michael Biebl ] * Imported Upstream version 1.12.4. * Update symbols file. * Update Vcs-Browser URL to use cgit and https. [ Marius B. Kotsbak ] * Imported Upstream version 1.12.2 (Closes: #772328) * Updated symbols file for libqmi-glib1 package for new upstream 1.12.2. * Update Debian standards version to 3.9.6 * Install NEWS file which includes the relevant upstream changes. * Team upload. [ Marius B. Kotsbak ] * Use dh_install --list-missing to show uninstalled files. * Drop obsolete --with-tests configure option. [ Michael Biebl ] * Install man pages via dh_install. * Use a strictly versioned dependency between libqmi-proxy and libqmi-glib1, so the two packages don't get out of sync. * Make any package linking against libqmi-glib1 get an explicit dependency on libqmi-proxy. The qmi-proxy binary is used internally by libqmi-glib1 and the package split is an implementation detail to properly support multi-arch. Convince lintian that this is intentional. * Add Depends on libglib2.0-dev to libqmi-glib-dev as required by qmi-glib.pc. [ Marius B. Kotsbak ] * New upstream stable version 1.10.2 - Fixed default internal proxy timeout for requests. - Added initial support for the WDA service. - Added support for cell location info retrieval. - Added support for UIM card status retrieval. - Added support to specify net open flags in the command line. - Minor bugfixes [ Marius B. Kotsbak ] * Change libqmi to only recommend libqmi-proxy package. It is possible to use the library without it (Closes: #754599). [ Marius Kotsbak ] * New upstream stable release 1.8.0 (Closes: #731002, #731907) - Support for sharing the QMI port through multiple processes with the new 'qmi-proxy' infrastructure. - api: added new known service ID enumeration values - wds: added "Get Profile List" request/response - wds: added "Get Profile Settings" request/response - wds: added "Get Default Settings" request/response - cli: add --wds-get-profile-list - cli: add --wds-get-default-settings - dms: 'SID' TLV in "Activate Manual" is a guint8, not a string - Extended API with macros to check for the libqmi-glib version in use - Setup libtool versioning in libqmi-glib - Added initial support for the PBM (phonebook) service - Added initial support for the UIM service - Added initial support for the OMA (Open Mobile Alliance) service - nas: added "Get Tx Rx Info" request/response - wds: added "Get Packet Statistics" request/response - dms: added support for the 'PRL' TLV in "Activate Manual" - cli: add --nas-get-tx-rx-info - cli: add --wds-get-packet-statistics - cli: add --get-service-version-info - cli: add --uim-read-transparent - cli: add --uim-get-file-attributes - cli: fix following network status until disconnected - tests: use gtester to run unit tests - Also fixed several minor bugs and memory leaks * Replaced "help2man" in Debian package with the same from upstream [ Marius B. Kotsbak ] * New upstream stable release 1.4.0 - Fixed DMS activation code string handling - Enhanced "start network" functionality in qmicli - dms: fix minimum version requirement for DMS Get/Set Operating Mode - nas: added 'Network Time' indication - utils: fix reading sized uints in BE systems - cli: add --dms-activate-manual - cli: implemented setting System Selection Preference - cli: fix technology preference persistence reporting - cli: fix reading new PIN in '--dms-uim-change-pin' - docs: always generate documentation at dist time - tests: fixed BE/LE tests in BE systems (Closes: #709655) * Drop patches applied upstream: - "qmi-codegen-clean-up-compiled-python-files_git_1822155" - "cli-all-sources-are-GPLv2_git_a5631ea" * Symbols for libqmi-glib0 updated * Change build-deps to Python 3 * Updated control Vcs-* fields to point to the Alioth hosted project * Corrected debian/copyright: cli/* and libqmi-glib/test/* are GPL 2+. Changed packaging to GPL 2+ too, as LGPL does not make sense here. * Added help2man generating of manpages (new debian/rules target "generate_manpages:". Edited result for qmi-network as it lacked complete help. Workaround for upstream bgo #58755. * Change to new configure option "--enable-gtk-doc-html" * Updated upstream homepage reference to new page published * Remove ${misc:Pre-Depends} from libqmi-glib-dev, it is not containing any shared libs. * Remove meaningless "All rights reserved" from debian/copyright [ Marius B. Kotsbak ] * Initial release (Closes: #692564) ==== linux-meta: 5.4.0.120.121 => 5.4.0.121.122 ==== ==== linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual * Bump ABI 5.4.0-121 * Packaging resync (LP: #1786013) - [Packaging] resync debian/dkms-versions from main package ==== linux-signed: 5.4.0-120.136 => 5.4.0-121.137 ==== ==== linux-image-5.4.0-121-generic * Master version: 5.4.0-121.137 ==== modemmanager: 1.16.6-2~20.04.1 => 1.18.6-1~ubuntu20.04.1 ==== ==== libmm-glib0:amd64 modemmanager * Backport to focal. (LP: #1965901) * Lower debhelper to 12 which is the version available on the serie [ Bjrn Brger ] * Add README.Debian. * Added upgrade notice regarding changed fcc-unlock.d defaults: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004447 [ Guido Gnther ] * Mention FCC unlock in NEWS.Debian [ Arnaud Ferraris ] * New upstream version 1.18.6 * d/libmm-glib0: update symbols file for new version. [ Cyril Brulebois ] * Fix missing dependency on policykit-1 (Closes: #991223). Without it, a lot of operations would result in the following error at the D-Bus level: The name org.freedesktop.PolicyKit1 was not provided by any .service files In bullseye, ModemManager.service wouldn't even start, because of the missing polkit.service dependency at the systemd level. [ Arnaud Ferraris ] * New upstream version 1.18.4 * d/copyright: fix wrong path for libqcdm `libqcdm` was previously `libwmc`, but the corresponding copyright entry wasn't updated when the folder was renamed. * d/control: update packages descriptions. As it was pointed out, ModemManager now supports 5G modems, make sure the packages descriptions reflect that. * debian: address lintian issues. This commit addresses multiple issues reported by lintian: - doc installed into `/usr/share/gtk-doc` instead of `/usr/share/doc`, which is normal behavior for glib-based software - missing `Build-Depends-Package` in `libmm-glib0` symbols file - ModemManager plugins not including dependency information - system-wide `fcc-unlock.d` folder installed even though we don't ship any distro-specific configuration which would be included there * d/modemmanager.prerm: don't call systemctl directly. Debian provides a helper tool for avoiding direct calls to systemctl in maintainer scripts, so let's use it. * d/control: sort build dependencies. Also avoid installing unnecessary dependencies when using the `nodoc` build profile. [ Henry-Nicolas Tourneur ] * d/rules: set with-polkit to permissive (Closes: #800598) [ Arnaud Ferraris ] * New upstream version 1.18.2 (Closes: #1000450) * d/control: change maintainer to DebianOnMobile team (Closes: #949129) * d/control: bump debhelper-compat version and Standards-Version. * d/copyright: add Upstream-Contact and update maintainer email * d/gbp.conf: fix debian branch name * debian: add salsa CI pipeline * d/source: add upstream metadata * d/control: update build dependencies. * d/watch: bump watch file version, no change required * d/libmm-glib0: update symbols file for new version * d/rules: add hardening build options * debian/control: include python build-depends for tests * New upstream version * debian/control.in: - updated libqmi requirement * debian/libmm-glib0.symbols: - updated for the new version * Non-maintainer upload. * New upstream version, bug fixes only, no new features. - MBIM: - Plug memleak in disconnection logic. - Don't fail IPv4v6 connection attempt if only IPv4 succeeds. - QMI: - Fix network registration cancellation logic with asserts disabled. [ Helmut Grohne ] * Annotate dbus dependency . (Closes: #980827) * Non-maintainer upload. * New upstream version. * Add upstream signing key. * Non-maintainer upload. * New upstream version. * Non-maintainer upload. * New upstream version. * Non-maintainer upload. * New upstream version. * Non-maintainer upload. * New upstream version. * Non-maintainer upload. * New upstream version. * debian/libmm-glib0.symbols: 13 additional symbols, mm_common_build_capability_combinations_any was not part of API, no soname bump necessary. * Non-maintainer upload. * Apply upstream patch to fix problem with wavecom modems. * Non-maintainer upload. * New upstream version. * Non-maintainer upload. * Update Vcs-* to salsa. * Use Rules-Requires-Root: no * New upstream version * New upstream version * debian/control: - updated qmi requirement * debian/libmm-glib0.symbols: - refreshed the symbols for the new version * Non-maintainer upload. * New upstream release * debian/patches/error-propagation-fix.patch: Removed, included upstream. * debian/control: Update build dependencies as now libqmi >= 1.22.4 is required. * debian/modemmanager.install: Also install /usr/share/ModemManager, for the new carrier mapping files. * debian/libmm-glib0.symbols: Updated symbols. * New upstream release * debian/control: Update build dependencies as now libmbim >= 1.18.0 and libqmi >= 1.22.0 are required. * debian/libmm-glib0.symbols: update symbols for new release. * New upstream version 1.8.2. (Closes: #910013) (Closes: #900907) * debian/modemmanager.postrm: don't unmask ModemManager on postrm; we were unmasking because we're about to remove ModemManager anyway, and prerm did its mask with --runtime which is supposed to not be persistent. (Closes: #902260) * debian/control: canonicalize Vcs-* URLs. * debian/control: bump to Standard-Version: 4.2.1; no changes required. * Merge from Debian unstable. Remaining changes: - Pass --enable-more-warnings so we build without -Werror. Patch m4/compiler_warnings.m4 to allow this. * New upstream version 1.7.990. * debian/control: Bump libqmi-glib-dev and libmbim-glib-dev Depends to new required versions (libmbim > 1.16, libqmi > 1.20) for this release. * Update Maintainer field for my 'real' address. (Closes: #884617) * debian/control: Update Vcs-* fields: moved project to salsa.d.o. * debian/control: Bump to Standards-Version 4.1.3. * debian/copyright: - Fix Format: URL to use https. - Drop extra stanza for libwmc; it really is only GPL2, not GPL2+. * debian/rules: set DPKG_GENSYMBOLS_CHECK_LEVEL=4; more verbose when there are added/changed symbols. * debian/libmm-glib0.symbols: update symbols for new release. * debian/patches/default_strict_probing_policy.patch: set the filtering policy for probing to 'strict' by default: this will avoid probing devices that are not modems, and potentially interfering with RNGs, braille, etc. (Closes: #683839) * Pass --enable-more-warnings so we build without -Werror. Patch m4/compiler_warnings.m4 to allow this. * Remove myself from Uploaders and re-instate Mathieu Trudel-Lapierre as Maintainer. * New upstream version 1.6.8 * Drop obsolete Breaks and Replaces from pre-jessie. * Move D-Bus interface files into modemmanager-dev package * New upstream release. * Drop overrides for dh_systemd_start and dh_installinit. Starting with compat level 10, --restart-after-upgrade is the default. * Drop obsolete maintainer scripts code. * New upstream release. * Bump debhelper compat level to 10. * New upstream release. * New upstream release (1.6-rc4). * Update Build-Depends as per configure.ac. * Install bash-completion file for mmcli. * Update symbols file. * Enable suspend/resume support. Requires libsystemd. * Bump Standards-Version to 3.9.8. [ Laurent Bigonville ] * New upstream release. * debian/control: Fix capitalisation of Bluetooth (Closes: #754439) * Remove modemmanager-dbg package and rely on automatic dbgsym package * debian/control: Fix Vcs-Git URL (again) to please lintian * debian/control: Bump Standards-Version to 3.9.7 (no further changes) [ Michael Biebl ] * Remove outdated debian/README.source. * Use https:// for upstream homepage. * Bump Build-Depends on debhelper for dh_strip --dbgsym-migration support. * Drop Ubuntu specific upstart job now that Ubuntu has switched to systemd as well. (Closes: #804054) * New upstream release. * New upstream release. - Blacklist: ignore devices from Posnet Polska S.A. (Closes: #791341) * Upload to unstable. * New upstream release. * Imported Upstream version 1.4.4. * Bump Build-Depends on libqmi-glib-dev to (>= 1.12.4). [ Marius B. Kotsbak ] * Imported Upstream version 1.4.2. * Removed all patches applied upstream. * Update to latest Standards-Version 3.9.6. [ Michael Biebl ] * Set debian-branch to experimental in gbp.conf. * Update Vcs-Browser to use cgit and https. * Install typelib files into multiarch paths now that gobject-introspection supports that. * Mark dev and gir packages as Multi-Arch: same. * New upstream release. - Fixes conflicting definitions of mm_manager_new. (Closes: #749387) * Refresh patches. * Bump Build-Depends on libmbim-glib-dev to (>= 1.10). * Install NEWS file which includes the relevant upstream changes. (Closes: #641467) * Update symbols file for libmm-glib0. * Add Build-Depends on dbus, required to run the test suite. [ Guido Gnther ] * New upstream version 1.2.0 (Closes: #731851) * Update patches * Install locale files * Require newer libqmi * Update symbols file * Ship gobject introspection data * Ship vala bindings [ Michael Biebl ] * Use canonical URI for Vcs-Git * Use gir dh addon * Update extendend package description (Closes: #744180) [ Michael Biebl ] * Fix typo in package description (Closes: #745140) [ Martin Pitt ] * libmm-glib: Initialize result array * Add systemd unit link to shadow upstart job (LP: #1314795) * Fix systemd/upstart job on upgrades on Ubuntu * Avoid cancelling of systemd unit stop on remove (Closes: #745621) * Kill old modem-manager process when upgrading from pre 1.0.0 versions. [ Michael Biebl ] * Upload to unstable. * Refresh patches to apply cleanly. [ Guido Gnther ] * Update VCS- URLs * Add homepage URL * Enable PolicyKit support (Closes: #736475, #736900) [ Michael Biebl ] * Update Standards Version to 3.9.5 * Drop link to Git repository from package descriptions * Build-Depend on the latest automake version * Fix D-Bus service file generation (Closes: #733752) * Add gbp.conf and enable pristine-tar * Install systemd service file * Use dh-systemd to enable the systemd service and restart it on upgrades * Set pkg-utopia-maintainers@lists.alioth.debian.org as Maintainer * Remove obsolete D-Bus policy conffile on upgrades (Closes: #733305) * Update debian/copyright using machine-readable copyright format 1.0 * Sync more changes from Ubuntu: - changelog for 0.6.0.0.really-0ubuntu4 (all changes dropped, they are patches included in the current upstream version). - changelog for 0.6.0.0.really-0ubuntu5 (all changes dropped, they are patches included in the current upstream version). - changelog for 0.6.0.0.really-0ubuntu6. - Build-Depend on automake1.11. - changelog for 0.6.0.0.really-0ubuntu7. - lp1229748_bluegiga_blacklist.patch: don't reset BLED112B. * New upstream release. (Closes: #728214, #728215) * debian/control: add a versioned dependency for libqmi -- we need at least version 1.4. * debian/control: build-depends on libmbim-glib-dev 1.4 * debian/rules: run the local autogen.sh rather than gnome-autogen.sh. * debian/rules: drop --with-tests. * debian/rules: clean up after gtk-doc files left around. * debian/patches/glib_fixes.patch: link against glib explicitly for the huawei modem helper tests. * debian/libmm-glib0.symbols: updated symbols: Contacts interface that was in 0.7.990 got dropped; it's not actually implemented, so upstream avoids exposing it. * debian/watch: update watch file for new location of upstream source. [ Mathieu Trudel-Lapierre ] * New upstream release. * debian/patches/handle_data07_capabilities_probing.patch, debian/patches/git_skip_add_utf8_check_219424a.patch, debian/patches/git_lte_etsi_mode_0af47c7.patch, debian/patches/git_lte_4g_parsing_90489ae.patch, debian/patches/git_lp1015328_segfault_in_clck_parser_318aaa0.patch, debian/patches/git_better_handle_ucs2_convert_e07c216.patch: Dropped, these patches were cherry-picks; included upstream * debian/patches/ericsson_h5321gw_usbids.patch: dropped, included upstream. * debian/control: - clean up build-depends: remove xsltproc, bump libglib2.0-dev to (>= 2.30.2), libgudev-1.0-dev to (>= 147). - Add gtk-doc-tools to Build-Depends. - Add libqmi-glib-dev to Build-Depends. - Add gnome-common to Build-Depends. - Bump debhelper Build-Depends to >= 9. - Make sure libmm-glib0 pre-depends on multiarch-support (lintian). - Make libmm-glib0 Multi-Arch: same. - Make sure all binary packages (except modemmanager-dbg) are priority optional. - Update short descriptions. - Breaks network-manager (<< 0.9.8.2-1) since otherwise NetworkManager will not see ModemManager with its new API. * debian/compat: bump to compat level 9. * debian/rules: - Replace --with-docs with --enable-gtk-doc. - Fix autoreconf to run gnome-autogen.sh. - Drop the override for installdocs; docs/spec.html isn't being built anymore. - Run dh_install with --fail-missing. - Remove test pppd plugin which we shouldn't install. - Drop old cruft for getting git snapshots. - We don't need to exclude the pppd path from makeshlibs, since nothing gets installed there. * debian/patches/lp700316_usb_blacklist.patch: refreshed. * debian/patches/arduino-blacklist.patch: refreshed. * debian/patches/linux-default-usb-id.patch: refreshed. * debian/*.install: make sure the files are properly installed given the new packages, also take into account multiarch paths. * debian/modemmanager.install: install the new mmcli binary. * debian/ubuntu/modemmanager.upstart: fix the name for the ModemManager binary, since it was changed upstream. * debian/patches/dbus_remove_max_replies_per_connection_limit.patch: dropped, included upstream. [ Michael Biebl ] * Add symbols file for libmm-glib0. [ Marius B. Kotsbak ] * Added binary packages modemmanager-doc and libmm-glib-doc for gtk-docs. * Split out modemmanager-dev package containing header files and .pc file. - add dependency on modemmanager-dev from libmm-glib-dev as stated in "mm-glib.pc" - add proper replaces/breaks for modemmanager-dev because of moved files * Build-depends: added "libglib2.0-doc" for the cross references in the doc to work. * debian/rules: make dh_makeshlibs override multiarch aware. * Update standards version to current 3.9.4. * debian/patches/lp1229748_bluegiga_blacklist.patch: don't reset BLED112B. (LP: #1229748) * Build-depend on automake1.11. * debian/patches/lp1164023_try_csq_if_cind_fails_5d854a3.patch: fallback to trying AT+CSQ if AT+CIND fails. (LP: #1164023) * debian/patches/git_udev_match_both_vid_pid_e322ccf.patch: match both VID and PID when matching devices: If the rules to tag specific USB interface numbers only apply on the PID, we'll end up seeing that if the port has a parent with another PID, and that other PID also has a rule, port will get tagged multiple times. * debian/patches/git_mbm_remove_check_poll_when_conn_1652019.patch: mbm: remove connection attempt check poll explicitly when connected: Completing a MMCallbackInfo is done asynchronously (in an idle), which means that we may get the poll timeout called in between... * debian/patches/git_cdma_double_free_05a4226.patch: cdma: avoid double free of GError (LP: #1083659) * debian/patches/git_ignore_arduino_aa84ce9.patch: properly ignore more arduino devices. (LP: #1153632) * debian/patches/git_ignore_west_mountain_radios_e608b17.patch: ignore West Mountain amateur radio systems. (LP: #1154654) * debian/patches/lp700316_usb_blacklist.patch: refreshed. * debian/patches/linux-default-usb-id.patch: blacklist the USB-Gadget default USB ID (the module actually allows you to set a custom one). The default ID is re-used by the Nexus 7 with Ubuntu images to expose a tty you can use to login to the system; but if it's not ignored ModemManager will harass it for some time trying to probe it. (LP: #1105352) * debian/patches/handle_data07_capabilities_probing.patch: properly handle probing for the Huawei Data07 modem. (LP: #1071492) * Upload the right tarball for 0.6.0.0 from upstream, which I somehow mishandled before. Thanks to Marius B. Kotsbak for pointing out the issue. * debian/patches/git_fall_back_to_csq_cind_8bd6903.patch: fallback to +CSQ if +CIND reports a signal level of 0. (LP: #1060831) * debian/patches/git_move_cind_process_func_1dee45e.patch: moving the CIND processing function down a bit to make the above change cleaner. Cherry-pick from upstream. * debian/patches/ericsson_h5321gw_usbids.patch: Add another known USB ID for the Ericsson H5321gw. (LP: #1057956) * debian/patches/git_lte_4g_parsing_90489ae.patch, debian/patches/git_lte_etsi_mode_0af47c7.patch: cherry-pick the patches to properly handle and display LTE/4G technology modes. (LP: #1044744) * debian/patches/git_lp1015328_segfault_in_clck_parser_318aaa0.patch: avoid crashing when parsing +CLCK responses. (LP: #1015328) * debian/patches/git_better_handle_ucs2_convert_e07c216.patch, debian/patches/git_skip_add_utf8_check_219424a.patch: fix UCS2 conversion for some Huawei devices which return "garbage" along with the response for the +COPS command. (LP: #1049426) * New upstream release. (LP: #1043486) * debian/patches/fix-format-string.patch: dropped, applied upstream. * debian/patches/qdl-blacklist.patch: replaced with installing the rules file directly to the udev rules directory. * debian/77-mm-qdl-device-blacklist.rules, debian/rules: additional rules file from the qdl-blacklist.patch; we now install it directly to the udev rules directory. This fixes daily builds. * debian/rules: build with --with-tests. * debian/patches/dbus_remove_max_replies_per_connection_limit.patch: Remove 'max_replies_per_connection' limit from D-Bus configuration which sets it to 512. It was intended to increase the limit from its historical value of 32. However, since 2007 the default limit has been 8192, so this is actually a reduction. (Closes: #678964) * upstream snapshot 2012-06-22 17:19:35 (GMT) + 8289a646fd19b6ddfba48214e94297ff96f731eb - decode: harmonize with git master - decode: update with latest QMI enums - zte: try to handle Icera devices that use PPP - uml290: allow setting more global modes (LP: #824114) - qcdm: fix 1x/HDR mode pref and add GSM/UMTS mode prefs - trivial: whitespace fixes - uml290: add mode switching tool - wmc: namespace stuff properly - qcdm: namespace stuff properly - wmc: add command for setting global mode - cdma: fix QCDM registration state checking - test: ignore ESN errors in info.py - dbus: remove 'max_replies_per_connection' limit from D-Bus configuration * debian/patches/fix-format-string.patch: fix a missing format string in a fprintf call for uml290mode; it makes the build fail otherwise. * upstream snapshot 2012-03-26 11:22:47 (GMT) + 16a00296e42aeceaca3d43c00baa01b7d4de3aa2 * debian/rules: switch to upstream git branch MM_06. * Upload to unstable. * debian/watch: Track .xz tarballs. * New upstream bugfix release (stable release 0.5.2). - hso: disable echo removal (LP: #953294) - gsm: retry sending SMS in PDU mode if text fails and PDU is supported * New upstream bugfix release. - release: update NEWS - cdma: fix crash on NULL error (bgo #670145) - Revert "huawei: rework probing and detection" (LP: #868034) - core: fix loop limits in echo removal - at-serial-port: implement built-in echo/garbage removal (LP: #916038) * debian/ubuntu/modemmanager.upstart: Remove unnecessary expect fork as this does the same thing as just exec'ing. Also check for existence of modemmanager in case it has been removed but not purged. (LP: #942908) * debian/ubuntu/modemmanager.upstart: fix stop condition to make sure we stop only when NetworkManager is stopped as much as possible, to avoid being respawned by it via DBus. (LP: #869635, #919071) * upstream snapshot 2012-02-08 18:07:13 (GMT) + 635fce193ff3a1dbbdee2abab9aa3ab121df25f0 * debian/rules: as for NetworkManager, drop a few characters from the version number for git snapshots. [ Mathieu Trudel-Lapierre ] * upstream snapshot 2011-12-31 17:44:44 (GMT) + 1e332abc957d7eea4521c95d1e28b097de5427e5 [ Artem Popov ] * debian/patches/arduino-blacklist.patch: add Arduino devices to blacklist to prevent managing Arduino devices. (LP: #910736) - [0403:6001] FT232 USB-Serial (UART) IC. - [03eb:204b] Atmel Corp. LUFA USB to Serial Adapter Project. - Anything with the Arduino VID (2341). * debian/patches/qdl-blacklist.patch: add more devices to the blacklist of Gobi QDL devices. (LP: #842702, #807889) - [1410:a014] Novatel Gobi found in the Google CR-48. - [03f0:241d] HP un2420 Gobi found in the HP Mini 5102 and Mini 5103. * debian/rules: override dh_autoreconf in a nicer way so we don't have to clean up manually afterwards. * New upstream release 0.5. - gsm: send init command twice to make the N900 happy (LP: #765516) - fix sierra modems' sleep mode command (LP: #459052, #738005) * debian/patches/lp700316_usb_blacklist.patch: add extra devices to blacklist of USB devices known to usually be serial dongles or other things MM should not touch. (LP: #700316) * debian/control, debian/rules: add a -dbg package for modemmanager, and override dh_strip accordingly. (LP: #415394) * debian/rules: fix .la/.a file removal to not fail if there is nothing to remove. * debian/modemmanager.install: install files to the modemmanager package explicitly now that it's not the only binary package. * debian/modemmanager.upstart: add an upstart config file so ModemManager gets started just before NM, and stopped along with it. (LP: #806082) * debian/rules: install upstart file only for Ubuntu. * debian/watch: Switch to .bz2 tarballs. * Upload to unstable. * New upstream release 0.4.997. + switch to git branch MM_05. [ Thomas Bechtold ] * debian/rules, debian/control: migrate from CDBS to using dh [ Mathieu Trudel-Lapierre ] * upstream snapshot 2011-04-29 10:31:14 (GMT) + 863dbca63132b820fca6c48a9c212f852752ee16 * debian/README.source: add instructions for using this packaging branch and how to build from it; adapted from the NetworkManager package. * debian/rules, debian/control: update control and rules to use dh-autoreconf rather than just autoreconf. * debian/control: bump Standards-Version to 3.9.2. * debian/rules: re-add DEB_* variables which got dropped from the dh migration, since we no longer include buildvars.mk. * debian/patches/git-backport-e208c52-to-0c4b944.patch, debian/patches/git-backport-verbose-cmee-errors-7d20acc.patch: dropped, applied upstream. * debian/control: bump debhelper Build-Depends to 8. * debian/compat: bump to compat level 8, according to the debhelper update. * debian/rules: cleanup extra files left behind by intltoolize. * debian/patches/git-backport-e208c52-to-0c4b944.patch: backport a number of upstream bug fixes: - gsm: fix for parsing malformed Gobi CREG response - core: allow plugins to handle custom init responses (LP: #712580) - policy: loosen permissions somewhat for reading device info (kde#266807) - logging: use glong for secs and usecs - cdma: ensure the ActivationStateChanged signal exists - log: fix spacing so messages line up - simtech: add port tags for SCT U300 (Element Mobile) - core: allow platform devices without a VID/PID - zte: fix handling of Icera simple connect process - icera: fix username and password ordering for authentication * debian/patches/0001-Use-type-glong-for-secs-and-usecs.patch: drop, included in the above backports from upstream. * debian/patches/git-backport-verbose-cmee-errors-7d20acc.patch: backport patch to make sure error reporting is set to verbose when asking modems about PIN status, so we get a useful message instead of a generic error. * debian/patches/0001-Use-type-glong-for-secs-and-usecs.patch - GVariant defines tv_usec as glong and suseconds_t is not guaranteed to be of type long on sparc, resulting in a build failure. So use type glong instead for sec and usecs. * Upload to unstable. * Fixes GTest build failures. (Closes: #614448) * Switch to source format 3.0 (quilt) - Add debian/source/format. - Drop Build-Depends on quilt. - Remove /usr/share/cdbs/1/rules/patchsys-quilt.mk from debian/rules. * Bump Standards-Version to 3.9.1. No further changes. * Bump Build-Depends on libdbus-glib-1-dev to (>= 0.86). * upstream snapshot 2011-01-24 20:36:24 (GMT) + 00b6cce4df7d4acbf3e580a03c2f044e18589d2c - rules: blacklist some unlikely USB serial dongles - gsm: enable unsolicited codes on secondary ports too - test: handle cancel and distinguish between initiate and respond - gsm: wire up USSD Respond function - api: add reply parameter to USSD Respond method - linktop: add plugin for Linktop/Teracom LW273 - gsm: prefer AT+CIND signal quality for modems that support it (LP: #682282) - huawei: don't spam syslog with tx/rx stats (LP: #673457, #662791) - gsm: query signal strength with +CIND if modem does not support +CSQ - gsm: add preliminary USSD support - huawei: fix potential double-free on error - core: prefer CDMA capabilities over GSM for dual-mode devices - gsm: allow use of GSM 03.38 character set - polkit: fix for polkit >= 0.97 - core: work around dbus-glib property access bug (CVE-2010-1172) * debian/patches/qdl-blacklist.patch: add a blacklist of Gobi QDL devices so that we don't break firmware loading by trying to initialize them before the modem is really ready. (LP: #686418) * upstream snapshot 2010-08-09 15:31:45 (GMT) + be28089dc4c1b07d9def45a3c763f432ae8322c4 - cdma: determine EVDO registration even when in 1X mode - zte: add more port tags - gsm: ensure invalid operator names don't get used (rh #597088) - nokia: N900 appears to need a longer port delay (rh #583691) - novatel: detect CDMA home/roaming status - novatel: fix S720 signal quality reporting [ Michael Biebl ] * New upstream release. (Closes: #585957) * Drop debian/patches/01-termios.patch, merged upstream. * debian/rules - Drop aclocal workaround, no longer required. - Add intltoolize call to pre-build. [ Mathieu Trudel-Lapierre ] * upstream snapshot 2010-06-24 18:09:33 (GMT) + 6e79d153efc30fb2030536f7f795c19ad4a0661a * Add myself to Uploaders. - update debian/control [ Michael Biebl ] * Use watch file to track new upstream releases. - Add debian/watch. * Add Build-Depends on intltool. - Update debian/control. [ Alexander Sack ] * also bump debhelper build-depends to >= 7 - update debian/control * recommend usb-modeswitch - update debian/control * fix lintian warning about empty quilt series file; add a single line comment - update debian/patches/series * add Michael Biebl to Uploaders - update debian/control * use asac@ubuntu.com as maintainer as the mailing list bounces bug mail (Closes: #566833) - update debian/control [ Michael Biebl ] * Bump Standards-Version to 3.8.4. No further changes. - update debian/control * Fix FTBFS on alpha by using the POSIX.1 struct termios interface instead of the obsolete struct termio ioctl interface. (Closes: #570661) - add debian/patches/01-termios.patch * initial upload to debian (Closes: #546587) * address ftpmaster comments: refined debian/copyright to list all copyright holders and explicitly declare doc-generator.xsl to be LGPL-2.1 - update debian/copyright * use debhelper compat level 7 and bump Standards-Version to 3.8.3 - update debian/compat * upstream snapshot: 2009-12-08 06:07:58 (GMT) + 07114d4f43c6e724d22294108b1e73785e7aab2a - release: bump version to 0.2.997 - gsm: handle different +COPS response behavior - gsm: implement enable/connecting/disconnecting state handling - core: fix ordering of DISABLING and DISABLED states - cdma: reset previous state if disconnect failed - cdma: correctly handle state update after disconnection - cdma: handle interim enabling/disabling states better - cdma: update for new modem states and make connect actually work - mbm: update state after enabling the device - core: schedule enabled/disabled callbacks to avoid infinite recursion - cdma: set correct modem state on connect failure - build: require glib-2.0 >= 2.6.18 for g_set_error_literal() - zte: add missing ZTE device aux port tags - gsm: more complete parsing of PIN responses - gsm: fix unsolicited registration segfaults - hso: ensure authentication works again after auth errors - serial: don't run commands when there's already one in progress - hso: fix up connection issues and error ignorance - nozomi: fix detection (LP: #425312) - gsm: CGDCONT parsing fixes (bgo #602552) - core: don't allow double scheduled callbacks (fixes crash) - serial: handle arbitrary amounts of padding in responses - gsm: make "X4 &C1" init arguments optional (LP: #455031) * upstream release 0.3 - cdma: increase data call initiation timeout - core: fix mm_modem_check_removed() to return errors correctly - cdma: allow plugins to override AT+CSS? during registration checking (rh #547294) - anydata: add plugin for AnyData CDMA devices (rh #547294) - huawei-cdma: robustify SYSINFO parsing - sierra: prefer primary port for status - core: protect against modem removal in critical callbacks (rh #553953) - cdma: prefer primary port unless it's connected - probe: add CPIN request during the probing process (bgo #604369) - zte: ignore SIM Build Main Menu requests (rh #551376) - longcheer: new plugin for Longcheer (Alcatel etc) devices (bgo #606550) - gsm: correctly parse Nokia N80 +COPS response - gsm: split out +COPS response parsing and add testcases - serial: prevent "hangs" by limiting EAGAIN retries on serial writes - gsm: ensure registration state is reset when disabling the modem - core: implement a PropertiesChanged signal for the MMModem class - core: add Enabled property to org.freedesktop.ModemManager.Modem interface - sierra: fix CDMA registration detection in some cases - zte: handle unsolicited messages during probe - cdma: fix quality parsing if modem doesn't prepend +CSQ: - sierra: use at!pcstate on CDMA modems for power control - option: always pick the right data port - mbm: ensure various unsolicited responses are turned off when disabling - cdma: try +CSQ? if CSQ fails - cdma: accept SID 0 in some cases [ Tony Espy ] * add get-snapshot-info target to rules - update debian/rules [ Alexander Sack ] * package improvements pointed out by mbiebl (thx) + exclude pkglibdir and pppd from makeshlibs - update debian/rules + generate dbus spec during build and add it to package; build depend on xsltproc accordingly - update debian/rules - update debian/control + explicitly depend on libglib2.0-dev (>= 2.18) - update debian/control + fix git url in package description - update debian/control New upstream snapshot: 2009-10-14 21:33:52 (GMT) + 16f3e00f3438507aee06ffcaee560e337b8e8279 - gsm: fix unsolicited registration by calling the statemachine callback info (LP: #416893) - mbm: use generic get_signal_quality implementation rather than our own CIND based one - helps to fix LP: #449037 as its less error prone - mbm: implement AT*ENAP polling; needed for some mbm devices, like m300 (LP: #442967) - gsm: don't issue CFUN=0 by default (LP: #438150) - mbm: fix disable after 3b19a85727458821f5df20153f8c04bc7717ba30 (LP: #447347, #438150) - nokia: fix class property overrides to stop modemmanager from sending AT+CFUN (LP: #450256) New upstream snapshot: 2009-10-03 06:33:18 (GMT) + aa78b5f5e5319e04f5b57f928bfab69dd4b93d88 * fixes - LP: #430576 - refuse to connect over Nokia N85, turns off the handset - LP: #416126 - various unsolicited messages for mbm cause fail on connect New upstream snapshot 2009-09-23 08:38:42 (GMT) + commit: f2a3825f9d10ecebc63ce3c8602473cbbb6ab72c + fix LP: #430576 - refuse to connect over Nokia N85, turns off the handset + fix various F3507g related issues on first connect * initial upload to debian (Closes: #546587) New upstream snapshot 2009-09-09 14:28:54 (GMT) + commit: 64b7be7460c3a9dbb3c9981de5754b330a8d2cdd + fix LP: #414604 - Modem Manager setting bad baud rate, breaking pppd connections. + fix LP: #416418 - First connection attempt via F3507g fails + fix LP: #424603 - Not closing modems when disconnected [ Alexander Sack ] * address MIR comments (LP: #410259) + cleanup debian/copyright + set debhelper compat level to 5, matching debian/control - add debian/compat + remove not used patches - delete debian/patches/ftbfs_hardy_glib_include_signal_h.patch + use proper automake lower and upper version bounds matching the versions referred to in debian/rules - update debian/control + don't redefine cdbs variables DEB_SOURCE, DEB_VERSION and DEB_UPSTREAM_VERSION; in turn move DEB_MAJOR_VERSION definition below the cdbs includes and use DEB_SOURCE_PACKAGE in GET_SOURCE function - update debian/rules + document why we touch aclocal.m4 in pre-build:: - update debian/rules + use Ubuntu Network Manager Team as Maintainer and add asac@debian.org to Uploaders - update debian/control [ Tony Espy ] * upstream snapshot 2009-08-20 18:32:37 (GMT) + cd750230687177b45c2b8e507a0f0b22095aeb02 - includes gsm and mbm fixes [ Alexander Sack ] * add LOCAL_BRANCH feature to play nicely with fta's build bot - update debian/rules * use automake 1.10 vs. 1.11 depending on what is currently available on the system - update debian/rules [ Tony Espy ] * update automake1.10 to automake in Build-Depends:, as automake provides automake1.10 now - update debian/control [ Alexander Sack ] * fix LP: #410261 - do not ship .la and .a files in pkglibdir for plugins; we strop .a and .la files in cdbs binary-post-install/modemmanager:: - update debian/rules * fix LP: #409943 - modemmanager debian/copyright has LGPL, but upstream source is GPL - update debian/copyright [ Tony Espy ] * upstream snapshot 2009-08-06 10:59:32 (GMT) + fixes license problems (LP: #403009) + git://anongit.freedesktop.org/ModemManager/ModemManager * drop patches superseded by upstream code base - delete debian/patches/fix_makefile.patch - update debian/patches/series * add tarball generation code; added get-curr-source to grab a specific version, and get-orig-source grabs the tip of variable GIT_BRANCH; adjusted changelog version to the new scheme. - update debian/rules * add real copyright notices and update git URL - update debian/copyright [ Alexander Sack ] * Initial release. * replace hal with gudev build dependency - update debian/control * signal.h is not implicitly included by hardy glib.h; add patch to explicitly include this in src/main.c when SIGUSR1 is not defined - add debian/patches/ftbfs_hardy_glib_include_signal_h.patch - update debian/patches/series * fix build failure due to gcc pickiness (committed upstream) - add debian/patches/ftbfs_serial_quickfix.patch - update debian/patches/series ==== openssl: 1.1.1f-1ubuntu2.13 => 1.1.1f-1ubuntu2.15 ==== ==== libssl1.1:amd64 openssl * SECURITY UPDATE: c_rehash script allows command injection - debian/patches/CVE-2022-1292.patch: switch to upstream patch, and apply it before c_rehash-compat.patch. - debian/patches/CVE-2022-2068.patch: fix file operations in tools/c_rehash.in. - debian/patches/c_rehash-compat.patch: updated patch to apply after the security updates. - CVE-2022-2068 * d/p/lp1978093/*: renew some expiring test certificates (LP: #1978093) * d/p/lp1947588.patch: Cherry-picked as our patches make it very easy to trigger the underlying bug (LP: #1947588) ==== ubuntu-advantage-tools: 27.8~20.04.1 => 27.9~20.04.1 ==== ==== ubuntu-advantage-tools * Backport new upstream release: (LP: #1973099) to focal * d/rules - remove trusty specific code - remove ua-license-check.{timer,service,path} - install ubuntu-advantage.service - only on xenial: install ubuntu-advantage-cloud-id-shim.service * d/tools.preinst: remove old config field to avoid warnings in logs * d/tools.postinst - remove trusty specific code - print warnings if /etc/os-release doesn't have required fields - hardcode service list instead of exec-ing python3 for old migration - refactor python to avoid instantiating UAConfig extra times - refactor python to always use messages module for strings - rm the old marker file that triggered ua-license-check.path - remove unnecessary deb-systemd-helper check in ua-messaging cleanup - clean up old ua-license-check state - run new cloud-id-shim script * d/tools/postrm - clean up ubuntu-advantage-daemon log files * New upstream release 27.9 (LP: #1973099) - cli: + for json formatted output, include additional_info for some errors + new subcommand `ua refresh messages` to update motd and apt messages - daemon: + replace ua-license-check timer with ubuntu-advantage.service daemon + detects on-boot if pro license was added and runs auto-attach + only runs on gcp and does not continuously long-poll by default for now - enable: + fix error message on wrong service name when unattached - fips: + allow enabling generic fips kernel on azure by default + clean up fips reboot message (LP: #1972026) - fix: + handle errors during attach process + fix bug where enable or detach during a fix failed (LP: #1969809) + fix bug where attempting to fix some CVEs would never finish - performance: + remove unnecessary UAConfig object instantiation (also cleans up logs) + cache "apt-cache policy" output to avoid unnecessary subp calls - proxy: + apt_http(s)_proxy renamed to global_apt_http(s)_proxy + apt_http(s)_proxy config var names will still work + new ua_apt_http(s)_proxy for only ua-related apt traffic (LP: #1956764) + global_apt_http(s)_proxy and ua_apt_http(s)_proxy cannot be set at the same time - realtime: adjust warning to clarify that a manual revert is possible - refresh: a normal `ua refresh` will also update motd and apt messages - security-status: add counts of packages from each archive component - status: check if contract has updated and notify user to run "ua refresh" * New upstream release 27.8 (LP: #1969125) - entitlements: apply overrides from the contract response - fips: + unhold fips packages when enabling fips-updates + Automatically disable fips service before enabling fips-updates + unhold more packages when enabling fips - lib: fix upgrade script for unsupported releases (LP: #1968067) - realtime: add support for realtime kernel beta service on Jammy * fips: - make fips service incompatible with fips-updates - unhold more packages when enabling fips * d/changelog: - fix changelog trailer line for 27.4.1 * d/logrotate: - make new logs world readable * d/tools.postinst: - refactor to catch exception from entitlement_factory - no longer always set log file to only root readable - when creating log file for the first time, make world readable - adapt postinst for new messages module * New upstream release 27.7 (LP: #1964028) - attach: --attach-config option for customizing auto-enabled services and supplying token via a file - auto-attach: fix bug where auto-attach caused a manually attached machine to detach - cli: + support --format=json for attach + support --format=json for detach + support --format=json for enable + support --format=json for disable - contract: include activity info when updating contract - detach: no longer contacts contract server on detach - fips: allow fips on containers - fix: support USNs that don't have related CVEs - logs: make all newly created logs world-readable - security-status: + show already installed esm package counts + include APT origin for each potential update + bump schema version to "0.1" + remove previously required --beta flag - status: + include blocked_by information in service status when format=json + --simulate-with-token now reports expired tokens as errors + --simulate-with-token now returns errors in the specified format * New upstream release 27.6 (LP: #1958556) - cli: only request available resources from contract server when needed - fips: + allow enabling FIPS on focal clouds + update prompt messages - jobs: disable license-check job on GCP after attach - message: fix how apt and motd messages are updated after ua commands * d/control: - Update homepage URL * d/tools.postinst: - Refactor to use valid_services * d/tools.postrm: - Use a wildcard to remove ua related gpg files * New upstream release 27.5 (LP: #1956456) - aws: add support for the IPv6 metadata endpoint - cis: update URL for the documentation - cli: + add endpoint to simulate the status using a specific contract token + fix return code when attaching an already attached machine (GH: #1867) + fix security-status to consider all possible origins to show updates + include cloud build.info in the collect-logs tarball + only show services which exist in the contracts server in ua status - docs: fix typos and wrong/outdated information - livepatch: always use the full path in livepatch calls (LP: #1951954) - logs: + improve rules to redact sensitive information from all log files + redact sensitive information from older unredacted log files + log errors from external software execution, for debugging purposes - usg: + support the presentedAs affordance from the contract server, showing services in the CLI with the appropriate names + replace the CIS entitlement by USG on Focal and onwards * d/tools.postinst: - Fix check_service_is_enabled function when the machine is unattached (LP: #1951705) * jobs: do not run the status job for unattached users * d/rules: - Remove conftest file from the package * d/tools.postinst: - hardcode python binary to run python scripts (LP: #1930121) - undo unnecessary log file creation * d/tools.prerm: - hardcode python binary to run python scripts (LP: #1930121) * New upstream release 27.4 (LP: #1949634) - cc-eal: remove beta flag - cli: + attach will save machine-id during operation + detach won't ask unnecessary questions + new security-status subcommand lists potentially available security and ESM updates (beta) - fix: + exit 0 when fix is successfully applied and completed + exit 1 when fix cannot be applied + exit 2 when fix requires a reboot to complete + check reboot-required.pkgs for better reboot suggestions - livepatch: allow livepatch and fips-updates at the same time - metering: + update how activity info is parsed + update contract response structure + enable job by default - proxy: no_proxy defaults for link-local IMDS routes - util: + cache get_platform_info calls + fix machine-id fallback path on get_machine_id * d/tools.postinst: - consider cloud to be "none" on any cloud-id error - purge old ua-messaging.timer/service files - keep ua-timer.timer disabled if ua-messaging.timer was disabled by the user - properly configure both ubuntu-advantage-timer and ubuntu-advantage-licence-check logs * d/tools.postrm: - remove ubuntu-advantage-timer and ubuntu-advantage-license-check logs during purge * systemd: - remove ua-messaging.timer/service - add new ua-timer.timer that runs every 6 hours - add new ua-license_check.timer that runs every 5 minutes only if activated by ua-license-check.path * New upstream release 27.3 (LP: #1942929) - ros: + add beta support to enable ros and ros-updates + add support for "required services" so that esm-infra and esm-apps get auto-enabled when enabling ros or ros-updates + add support for "dependent services" so that user gets prompted to disable ros/ros-updates if they disable esm-infra/esm-apps - fips: + allow fips on GCP bionic now that optimized kernel is ready + disallow enabling fips on focal on clouds until cloud-optimized focal fips-certified kernel is ready (LP: #1939449, LP: #1939932) + print warning about generic fips kernel if cloud-id fails - cloud: + rely only on cloud-id to determine cloud type (LP: #1940131) + catch errors when determining cloud type (LP: #1938207, LP: #1944676) (GH: #1541) - azure: + bump IMDS API version to support Azure published images - cli: + collect-logs command that creates a tar file with debug-relevant logs and status info (GH: #463) + clean locks on exceptions more thoroughly to avoid false "Operation in progress" status messages + retain past service state after detach + shows better error message when a port value in a proxy is invalid - non-unicode locale support: + remove unicode-only characters from help file + don't print unicode-only characters in ua fix if non-utf8 locale (GH: #1463) - logrotate: + add logrotate functionality for ubuntu-advantage-timer.log. + Fix root:root logrotate permissions. - ua-timer.timer: + introduce a single systemd timer to handle ua recurring jobs + timer runs every 2 hours to support most frequent timer job + recurring job intervals are configurable in uaclient.conf + individual jobs are disabled if their interval is set to 0 - status job: + update ua status every 12 hours - messaging job: + update APT/MOTD ESM messaging every 6 hours - metering job: + disabled until infrastructure is ready + for attached machines only, periodically update contract server with status information for proper contract metering - ua-license-check.timer: + only runs on LTS GCP instances that are not attached + runs every 5 minutes to check if gcp instance has license required to auto-attach - logs: + fixes duplicate logging (GH: #553) - tests and support: + remove groovy integration tests + various improvements to integration tests * d/tools.postinst: - Do not fail in postinst if cloud-init did not run. This fixes the regression introduced in 27.2.1. (LP: #1936833) * d/control: - remove unnecessary distro-info dependency from build-depends * d/rules: - pick right version of distro-info based on release * docs: + add information about proxy auth to manpage and readme * lib: + handle missing configStatus key in patch status json script * d/control: - add comments to explain complex build-depends - add version requirement to distro-info (LP: #1932028) * d/tools.postinst: - run status.json schema patch script to avoid non-root status errors * New upstream release 27.2: - attach: print contract server reason for 403 (GH: #1630) - cli: add ua config set, unset and show subcommands - config: + add default ua_config setting values + only allow some fields to be set by envvar + use defaults for contract and security url - docs: + add proxy config options to man page + add instructions to generate MOTD messages + add support matrix info + remove broken api link - enable: allow downgrading packages during enable (GH: #1659) - fips: + add focal test for fips-updates + alert if wrong fips package installed on gov clouds + install correct fips package on gov clouds + only install conditional_packages if necessary and available - logs: log env vars that affect config on cli runs - proxy: + add config options to set proxies + print message when setting proxy + support configuring apt proxies + support configuring snap and livepatch proxies + support setting proxy for web requests + validate urls before setting as proxies - refresh: support refreshing config and contract separately - status + add config info to json output + add env vars to json output + do not show unavailable services in json output + support yaml format with same content as json format + update account info in json output + update contract info in json output + update root level keys of json output - refactor: + remove side effects from can_enable (GH: #1654, #1571) + use DatetimeAwareJSONDecoder to parse date strings - tests: + add additional enable test for incompatible services + add flag to enable proposed pocket + add test to check and print version being tested + drop trusty specific tests * Cherrypick upstream pr #1681 to unbreak many migrations. LP: #1930741 * d/control: - specify debianutils min version * d/changelog: - fix lintian typos amend and redact incorrect 27.0 entry (GH: #1624) * lintian: - override ubuntu-advantage-pro wanted-by-target cloud-init - override xenial specific errors - rename package-specific overrides for pro vs tools * New upstream release 27.1: - apt-hook: + avoid segfault when comparing null Apt file origin to esm (LP: #1929123) + avoid wrapping static message formats at 80 chars + update go build flags based on lintian warnings (GH: #1626) + only add newlines for MOTD if message file length is non-zero - attach: do not print contract name if empty - autocomplete: Do not show beta services in autocomplete (GH: #1594) - cis: + make service non-beta + post enable message pointing to docs + update cis help url - docs: update releases.md per SRU review feedback on branch structuring - enable: correct messaging for beta service (GH: #1588) - errors: print a more helpful message when ssl fails (GH: #1618) - fips: + Block enabling fips if fips-updates once enabled (GH: #1600) + Update output of fips commands (GH: #1631) - livepatch: alert when snapd does not have wait cmd (LP: #1927329) - logging: remove tracebacks for UserFacingErrors (GH: #1586) - messaging: + Infra and Apps messaging is mutually exclusive (GH: #1573) + point to u.com/16-04 instead of u.com/advantage on ESM (GH: #1584) + separate _remove_msg_template. emit no warranty on infra disabled - pro: obtain AWS IMDSv2 API token before trying to grab pkcs7 doc (GH: #1608) - status: do not show info if not on contract (GH: #1592) - tests: + drop trusty specific tests + fix mock for handle_message_operations + fix motd message for bionic (GH: #1615) + integration tests for hirsute and groovy + manual test for trusty upgrade to xenial + reboot after dist-upgrade for upgrade test + test enabling CIS on focal (GH: #1582) + update messages in integration tests (GH: #1635) + use proposed pocket on xenial upgrade test - jenkins: + add pytest runs for xenial and bionic + run focal lxd integration tests * d/control: - order build-depends alternatives newer first (LP: #1926949) - apt-hook: do not attempt to package go APT JSON hook on some architectures (GH: #1603) (LP: #1927886, LP: #1927795) * Bug-fix release 27.0.2: build failures on riscv64 and powerpc - apt-hook: refactor json hook messaging to be dry - tests: fix subp ls error case for powerpc builds - jenkinsfile: add --resolve-alternatives for trusty builds - amend changelog: add omitted apt-hook message for 27.0.1 stanza * Add .gitignore and cleanup ignored directory .pytest_cache * apt-hook: mitigate failures with true * New upstream release 27.0: - [redacted: actually landed in 27.0.1] apt-hook: mitigate failures with true - messages: add optional (s) to apt messaging to include singular/plural pkgs - apt-hook: avoid reporting and counting duplicate package names (GH: #1578) - fix: don't say reboot required when unnecessary (LP: #1926183) - test: uncomment additional xenial upgrade tests * New upstream beta3 release: - config: avoid tracebacks on invalid features value in uaclient.conf (GH: #1564) - apt-hook: new json hook for security update counts - Remove redundant messaging from uaclient * d/control: - add distro-info dependency - add new debianutils dependency - add optional dh-systemd | debhelper (>= 13.3) to fallback on hirsute and later when dh-systemd is not present * d/rules: enable and start ua-messaging.timer on package install * d/postinst: - configure esm on any LTS release avoid beta services - configure esm-infra when is_active_esm and apps on LTS - xenial enable unauthenticated apt source for apps/infra * New upstream release 27.0~beta: - apt-hook: + adapt hook to process separate message templates + esm-apps and esm-infra pkg counts not mutually-exclusive + print static messages on apt upgrade/dist-upgrade (GH: #1546) - config: create settings_overrides on config (GH: #1507) - docs: add entry for uploading new version to ppa - esm: + add pin never when disabling esm-infra/apps on xenial + enable infra when EOL LTS and apps on all LTS (GH: #1558) - fips: add notice when installing over old fips - fix: + add links to ubuntu.com/gcp/aws in messaging when on non-PRO + add notice to reboot operation on ua fix + do not prompt user for beta services (GH: #1544) + notify users if reboot is required (GH: #1476) + update how the expired token logic works + wrap output greater than 80 chars (GH: #1487) - lib: fix notice handling on reboot script - messages + provide static message files for use in APT and MOTD + update_ua_messages on attach/detach/disable - mypy: add lib/ dir for coverage - status: do not remove notices on non-root call (GH: #1518) - subp: separate % format strings when logging (GH: #1520) - systemd: add ua-messaging.timer to update ua MOTD and APT msgs - update-motd.d: add conditional hooks for motd to source ua messages - util: add is_lts and is_active_esm funtions to support ESM - test + add integration tests asserting esm-apps setup due to postinst + manual test script for xenial upgrade + trusty and xenial infra and apps disabled in pkg install - behave: use unaltered cloud images unsetting UACLIENT_BEHAVE_PPA - jenkins: make lint and style stage run sequentially * d/*: prefix all the debhelper conf files with the package name * d/control: - add Rules-Requires-Root: no - bump Standards-Version to 4.5.1 - make ubuntu-advantage-pro Architecture: all * d/lintian-overrides: - override maintainer-script-calls-service - package-supports-alternative-init-but-no-init.d-script * d/postinst: move the u-a-pro note to a config script * d/ubuntu-advantage-tools.templates: suggest the use of apt * New upstream release 27.0~beta: - apt: add retry for apt-helper command (GH: #1431) - cli: drop subcommand repeated help output, fix enable & refresh (GH: #1440) - config: + allow parsing yaml delivered from env values + environment variable support for feature overrides (GH: #1395) + create config to add extra params to security url - docs: + add ppas and fix typos + use Ubuntu Pro not Ubuntu PRO + add stop "." punctuation to messages (GH: #1320) - fips: fix FIPS message when disable operation fails - fix: + add basic UASecurityClient to which queries CVE and USNs + add security_url to config + check if service is enabled during ua fix (GH: #1462) + closer representation of cve and usn responses + filter usns by cve details (GH: #1470) + fix regex to be more permissive and strict + get_cve_affected_source_packages_status won't list not-affected (GH: #1467) + handle other package status when running ua fix (GH: #1435) + improve error message for ua fix (GH: #1420) + install pkg fixes when they are on standard pocket (GH: #1401) + move timeout and retries to security client only + only prompt for subscription attach for UA-related pkg updates + parse all related USNS to a given CVE when fixing + parse full API responses for related CVEs and USNs + prefer USN.release_packages binary pkg versions to CVE src ver (GH: #1436) + prompt for new ua token when expired one is used (GH: #1475) + prompt to emit pro suggestion on pro_clouds if unattached (GH: #1386) + prompt to enable service during ua fix (GH: #1455) + provide related CVE URLs instead of USNs (GH: #1456) + raise errors when source_link is null or unexpected format + show packages that were not fixed in the output + update output for released packages in ua fix (GH: #1438) + update message for invalid issue in ua fix (GH: #1433) + use pocket values from USNs (GH: #1439) - logs: emit error response on API errors and redact sensitive logs (GH: #1424) - serviceclient: add 10 second timeout and two retries to API calls (GH: #1374) - util: + add error prompts on invalid selection + add timeout to readurl - tests: + Add disable_auto_attach config to all test PRO vms + add merge_usn_released_binary_package_versions tests + add unittest coverage for override_usn_release_package_status + drop traceback checks on fips integration tests + refactor integration tests for ua fix cmd + run status wait before detach in PRO tests + use ssh to run commands on lxd containers - jenkins: archiveArtifacts can only reference paths within workspace * d/control: add new debianutils dependency * New upstream release 26.3 - util: improve is_container check for chroot - cli: pass assume_yes param to services on detach (GH: #1530) * Drop dh-systemd build dependency. * status: show beta services in status if enabled (GH: #1410) * New upstream release 26.1 - contract: block detach call to contract if machine-id change - docs: add readme docs about mastering clean golden images - fips: add reboot notices for fips operations (GH: #1368) - livepatch: add retry when running canonical-livepatch status (GH: #1360) - util: use lru_cache to avoid re-reading os-release and machine-id (GH: #1329) - tests: + add disable_auto_attach config to all test PRO vms + add more log artifacts during failed integration test + check cloudinit status after launching image + mock leaking livepatch.application_status for fips test + retry package installs on apt exit 100 - jenkins: parameterize build stages to avoid parallel job collision * auto-attach: fix comparing numeric iid * New upstream release 26.0: - auto-attach: systemd unit to run before ua-reboot-cmds.service - config: remove_notice should remove notices.json when empty - fips: + add notice if running a deactivated FIPS kernel (GH: #1348) + block enabling FIPS on clouds using Xenial + block enabling fips on GCP instances + check /proc/sys/crypto/fips_enable to see if fips is enabled + override fips metapackage when on bionic cloud + update metapackage override logic on fips - notices: clear lock file and notice when encountering any exception (GH: #1326) - reboot_cmds: retry on lock held errors due to pro auto-attach - services: allow uaclient to disable services during enable - status: include beta services in json formatted output with --all (GH: #1341) - tests: + add FIPS tests to AWS and Azure bionic images + add GCP pro test for focal machine + add after_step collection of artifacts on failure + remove proc file check after disabling fips + pro: block auto-attach with cloud-config bootcmd + add validation of systemd unit ua-reboot-cmds.service + test enabling fips-updates when fips is enabled - jenkins: - add deb build stage to assert package builds - use series-specific sbuild --build-dir avoid races - use --append-to-version for each sbuild run to avoid races - presume success when no integration artifacts created * d/rules: - add --with systemd to allow reboot init script - do not remove lib/systemd/system folder * d/postinst: - create marker file when reboot script need to run: - enable livepatch across trusty to xenial upgrade - update fips on existing fips pro machines * New upstream release 26.0~beta: - gcp: add Google Cloud Platform support (GH #1269) - fips: + remove is_beta from fips sevices + fips pro: add upgrade support to require reboot to unmark held fips pkgs + update origin UbuntuFIPSUpdates - status: + add notice to tabular output + held locks emit notice about Operation in progress - cli: help sort output so trusty ordering matches xenial++ - cis: rename service from cis-audit - config: provide config notices and add_notice and remove_notice methods - contract: add resource-machine-access route and datapath - init: add init script to run commands on reboot - keys: add ubuntu-advantage-cis keyring - livepatch: make livepatch react to enableByDefault delta - log: log when we install pkgs because of contract delta - make: drop six testdeps target - pro: do not install pro debs on non-pro instances - services: Update beta info for services (GH #1220) - tools: add tox-lxd-runner, that execute the test command in a shell - tools: refresh-keyrings handles cis keys. drop series-specific keys - tests: + add GCE support for integration tests + add cis integration tests for unattached and pro + add pytest constraint for mypy tests + add unittests for reboot_cmds script + fix esm package messages for new update notifier version + pin importlib-metadata for mypy tests + repo tests for request_resource_machine_access + unit tests for config cache clearing and machine-access data - jenkins: + add basic Jenkinsfile for CI runs per PR + add jenkins parseable test results + add lxc cleanup stage on Jenkinsfile * Release version 25.0 * New upstream release 25.0~beta3: - upgrade-lts-conract: noop during do-release-upgrade on unattached (GH: #1255) - ua-auto-attach: order systemd unit before cloud-config.service - Update FIPSUpdates pin origin - fips: unmark held fips packages for ubuntu pro fips image support (GH: #1109) - repo: handle changes to additionalPackages contract deltas - repo: move package installation to install_packages method - pro: trigger auto-attach as soon as instance-data.json is available (GH: #1234) - Conditionally install packages when enabling FIPS - fips: allow disable (GH: #1168) - cli: add trailing newline to argparse errors (GH: #1236) - Install fips metapacking when enabling service - integration test improvements: + upgrade-test: fix upgrade path restart failures on trusty (GH: #1257) + Fix integration test setup scripts (GH: #1253) + strict checking for command success on behave + Update tests to use new pycloudlib LXD abstraction + Add upgrade scenario tests when FIPS is enabled + Improve FIPS tests for checking packages + Update esm-infra xenial lxd test + Fix vm tests as esm-apps is beta service + Fix azure generic integration testing + Update esm-apps check on staging_commands tests + Install pycloudlib for azure jobs only + Fix shell condition in run_azure_travis_integration_tests.sh + Update azure jobs on travis + Update travis url in README + Update travis scripts to use ppa only on master + Fix cron event type check on travis yaml * New upstream release 25.0~beta2: - help: update esm-infra help text (GH: #1212) - apt-hook: update apt cli messaging for UA Infra: ESM and UA Apps: ESM product names - help: update fips help docs (GH: #1213) - help: revert CIS help doc URL (GH: #1211) - help: add new fips help URLs to CLI help docs (GH: #1210) - Show error when enabling service with invalid repo [Lucas Moura] (GH: #954) - Update beta info for services (#1220) [Lucas Moura] (GH: #1216) - Do not enable fips when fips-updates is active [Lucas Moura] (GH: #1209) - Add vm test commands in tox.ini (#1204) [Lucas Moura] * Beta bug fix release - status: fix missing description_override key after upgrade from trusty (GH: #1201) - During contract delta processing use _check_application_status_on_cache instead of live service status * d/control: - add po-debconf dependency and fix lintian not-using-po-debconf and untranslatable-debconf-templates - add ${misc:Depends} dep to ubuntu-advantage-pro to fix lintian debhelper-but-no-misc-depends (GH: #1024) * d/rules: - drop --with systemd fix build-depends-on-obsolete-package - set fix lintian warning extra:Depends even if empty * d/postrm - Add more gpg keys to be deleted in postrm for Xenial+ support * d/postinst: - do not unconfigure non-trusty esm. no series in apt filenames (GH: #1170) - check if esm is already enabled (GH: #1095) * New upstream release 25.0: - Do not uninstall additionalPackages or livepatch when disabling services - check for issubclass on clean_apt_files - Add do-release-upgrade support for esm-infra and apps suites (GH: #1169) - Apply contract deltas during do-release-upgrade operations - cli: add ua help command - cli: status add blocking --wait param and lock files for config change - Fix livepatch behaviour on aws pro focal machine - travis: drop inapplicable workspaces from specific awsgeneric release jobs - Add possible reboot text after enabling/disabling services - apt-hook: package apt-hook and apt configuration files on all releases (GH: #1150) - Fix enable fail bug - Add uaclient.conf override mechanism for auto-attach, beta services and machine-token - Support ESM Apps [Brian Murray] (GH: #930) - Do not enable services if blocking services is active (GH: #1029) - contract: handle 401 on invalid token, 403 on expired (GH: #1335) - Hide beta services from default status output and enable/disable operations (GH: #1079) (GH: #1091) - fips: force apt noninteractive prompts during package installs (GH: #1084) - tests: add unit tests for aws-gov/aws-china cloud detection - Add AWS China and GovCloud partitions [Robert Jennings] - Disable beta services to be show/enabled without flag - Add missing build_pr command to environment - Use additionalPackages from service payload - Add integration testing for Travis runs [patriciadomin] (GH: #856) (GH: #857) (GH: #853) * New bug-fix-only release 24.4: - uaclient.version bump to 24.4 - fips: honor additionalPackage directive from contract for bionic (GH #1173) * New bug-fix-only release 24.3: - uaclient.version bump to 24.3 - fips: add conditional reboot message only if /var/run/reboot-required is present - fips: add apt repo key for FIPS and FIPS updates (GH #1026) * New bug-fix-only release 24.2: - uaclient.version bump to 24.2 - pro: Add AWS China and GovCloud partitions support (GH #1077) * New bug-fix-only release 24.1: - livepatch: run snap wait system snap.seeded before trying to install (GH: #1049) - version: return debian/changelog version when git describe fails to match upstream . tags for git-ubuntu workflow (GH: #1058) * bump version to 24.0 for new versioninig scheme * New upstream release 20.3: - ubuntu-pro: automatically reattach across instance id delta (LP: #1867573) - integration testing: + add behave tests ua subcommands for attached vm + add invalid token tests + add reuse_container test docs + refactor token parameter * d/templates: add a debconf note on upgrade from pre-ubuntu pro package * d/control: create a separate ubuntu-advantage-pro package which delivers the tooling and scripts necessary to auto-attach pro machines This change breaks/replaces ubuntu-advantage-tools <= 20.1 * d/maintscript: rm_conffile /etc/init/ua-auto-attach.conf from ua-tools pkg * d/postint: remove stale systemd symlinks which have migrated to ubuntu-pro * d/rules: only install the apt hook on trusty * d/rules: provide --no-start to debhelper to avoid auto-attach on pkg install * Release 20.2: - ubuntu-pro: + azure: fix detection of DatasourceAzureNet as azure on trusty + generalize identity_doc to return dict instead of string + auto-attach: any 4XX errors during auto-attach are the result of non-Pro + auto-attach: handle 403 errors raised by contract server for invalid vms - attach: persist any status config changes after attach failures - output: add messaging using a different subscription if attached * Release 20.1: - azure-pro, support for azure ubuntu pro auto-attach: + add azure auto-attach instance as valid cloud_instance_factory + add azure cloud instance module and tests + generalize request_aws_contract_token for multiple cloud_types + contract: request_auto_attach_contract_token takes an instance param - constraints: add constraint on pyyaml version in trusty - auto-attach: move duplicate invalid cloud_type check out of cli * d/postinst: only configure ESM on supported architectures (LP: #1851858) [Andreas Hasenack] * d/postinst: rename existing ubuntu-esm-precise.list file to trusty. This fixes the upgrade path from precise to trusty and to this client while esm is enabled (LP: #1850672) * Release 19.7: - aws: handle missing SYS_HYPERVISOR_PRODUCT_UUID - aws-pro: support for aws ubuntu pro auto-attach - pro: add cloud identity module and fix unit tests - pro: update systemd service and upstart boot scripts to auto-attach - pro: esm do not do apt pin never on disable on xenial or bionic - pro: esm-apps has origin UbuntuESMApps and esm-infra is UbuntuESM - status: dynamic status available now from refreshed machine-token - uaclient: update customer visible messages after UX review - esm-apps: allow unattended security upgrades for esm-apps - systemd: needs WantedBy=multi-user.target to get pulled into boot - cli: update docstring to describe errors raised from auto-attach - keyrings: update ubuntu-advantage-esm-apps.gpg with correct key - repo: match strict repo url in apt-policy to avoid esm substring matches - esm: don't disable_apt_auth_only for ESM entitlements - initial implementation of esm-apps - repo: don't raise exception in application_status if aptURL missing - entitlements: rely solely on contract server for repo_url - cli: exit 0 if already attached - cli: use decorators for action_attach and action_attach_premium - cli: add assert_not_attached decorator - status: custom descriptions for n/a service status * New upstream release. Main changes: - drop SSO interactive login support - d/control: no longer depend on pymacaroons, which was only needed for the SSO interactive login support - drop keyrings for services not supported in trusty: cc-eal, fips, fips-updates, cis audit - make sure /var/lib/ubuntu-advantage/private has 0700 perms - rename esm to esm-infra. Also handle upgrades - don't unecessarily remove config files that are already handled by dpkg - expand the apt related runtime dependencies - handle sources.list.d esm snippet when release upgrading from precise - ua status now reports availability of services even in unattached state - the "ua status" output was changed, including the json format option - drop "ua status" call in postinst as it now requires internet access and that is restricted in LP builders and test runners. - fix the d/t/usage DEP8 test that was also using status * d/t/usage: fix dep8 test ("entitlements" was renamed to "services") * New upstream release (LP: #1832757): - packaging: + d/control: depend on libapt-pkg to use pin-priority never + d/postinst: adjust logfile permissions + d/postinst: remove public files and generate status cache on upgrade + d/postinst: Remove the old CACHE_DIR in postinst + d/postrm: remove log files on package purge + d/postrm: remove the ESM pinning file on purge + trusty should remove v1 esm key if present after upgrade + keyrings: regenerate keyrings on a trusty host + refresh keyrings to match current production for fips and cc-eal - apt: + all repo entitlements now call apt-get update on enable + enable -updates if -updates from the Ubuntu archive is enabled + Add basic i18n (good enough for lang packs) + retry apt install and update commands 3 times simple backoff + write commented -updates lines instead of omitting them - attach/detach: + added --no-auto-enable option + suppress messages from inapplicable default entitlements + two-factor auth reprompt only two-factor auth on failed 2fa + honour enableByDefault obligations from contract server + livepatch: no auto-enable on attach for trusty + don't attempt to disable inapplicable entitlements during detach + check for root before checking for attach in assert_attached_root - status: + add --json cli formatting option + emit a SERVICE header in status output + redact technical support and expiry for free contracts + unentitled services will report n/a - cc-eal: + add a warning about download size before install + change cc to cc-eal in docs, parameters and commandline help - esm: + add esm-v2 gpg keyring, drop old keyring, ignore aptKey directive + and livepatch auto enabled on attach where supported + on upgrade do not install preferences to pin never if esm enabled + remove only the apt auth entry on disable, leaving sources.list + use Pin-Priority never apt preference file to disable esm initially - fips: + display as pending when linux-fips is not the running kernel + only install/upgrade optional packages that are already on the system - logs: + no longer redact secrets as logfile is root read-only + separate console log devel from logfile level + remove level from messages to the console - add subcommand to refresh all contract details - config: allow contract_url and sso_auth_url to have a trailing slash - docker: fix persisting generated uuid on images without machine-id files - environ: allow lowercase ua_ overrides - repo: un-comment ESM sources.list lines on repo disable - updated manpage and help docs * apt-hook: Add missing headers for APT 1.9 * Drop the self-test assert in the apt-hook, it's making the subiquity server install fail (LP: #1824523) * apt-hook: Do not crash/fail if we can't read /proc/self/status (LP: #1824523) * Ubuntu Advantage Tools rewrite in Python (LP: #1814157): - Allow attaching a system to a contract or account - More complete status output, dropping MOTD updates - Easily enable and disable services offered * Have ua status cope with the additional livepatch of running a kernel that is not supported for livepatches. * Have an option for enable-livepatch to install a compatible kernel if needed. [ Vineetha Kamath ] * Add support to common criteria EAL2 artifacts installation #144 * New upstream release - added enable-fips-updates command. This command enables the fips-updates repository to install updates to FIPS modules. The updated modules from fips-updates repository are non-certified. * d/t/update-motd-run: fix path to the esm motd (LP: #1757490) * Rename motd scripts so they are shown a bit earlier (LP: #1757171) * Move empty line placement in the livepatch motd to the beginning of the message to avoid double blank lines. * New upstream release: - repositories are only added after credentials are verified (LP: #1730361) - Livepatch MOTD script (LP: #1710976) - better "status" command output formatting (LP: #1719034) - sources.list.d files no longer contain credentials. The "auth.conf" facility is used instead. (LP: #1700611) - enabled Livepatch support for Bionic 18.04 LTS * New upstream release: - run tests during package build * New upstream release: - revert the latest name changes - instead of "advantage", add a "ua" symlink pointing at the ubuntu-advantage script. Likewise for its manpage. (LP: #1721272) * New upstream release: - rename the ubuntu-advantage script to advantage, including where it's mentioned in the documentation. Also provide symlinks pointing at the previous name. (LP: #1721272) - slightly reword some of the FIPS messages * New upstream release with FIPS support (LP: #1718291) * New upstream release: - call apt-get with the non-interactive frontend variable set, and tell dpkg to keep the old config file by default should there be any prompts about that. (LP: #1715012) - split the one big test file into multiple smaller files, for better maintainability. * Release to artful (LP: #1711369) * d/control: update package description * New release version 6. Main changes: - document return codes on the manpage (Fixes: #33) - new status command (Fixes: #40) - restrict esm to precise only (Fixes: #43) - drop the livepatch motd update, only esm has motd output now (Fixes: #44) - skip tests during package building (Fixes #49) * Only display apt output in the case of errors (Fixes #34). * Check running kernel version before enabling the Livepatch service (Fixes #30). * Add livepatch support: - New commands: + enable-livepatch + disable-livepatch + is-livepatch-enabled - new tests - new manpage - new help output - new README.md - new MOTD * ubuntu-advantage & /etc/update-motd.d/99-esm now build, run and are quiet on non-precise release. (LP: #1686183) * Add simple dep8 tests. * Also install ca-certificates (LP: #1690270) * Initial Release. LP: #1686183 -- [1] http://cloud-images.ubuntu.com/releases/focal/release-20220627.1/ [2] http://cloud-images.ubuntu.com/releases/focal/release-20220615/