The regress test is failing when ran against -proposed for all archs (in both cases for s390x), except for i386 (unmet dependencies, maybe not in the i386-white-list). From the log, the fail is the same in all archs:
1800s 21:20:13.906172151 E: run test putty-transfer.sh ... 1801s 21:20:14.536962818 O: putty transfer data: compression 0 1802s 21:20:15.670433174 O: putty transfer data: compression 1 1803s 21:20:16.693499776 O: ok putty transfer data 1803s 21:20:16.695110678 E: run test putty-ciphers.sh ... 1804s 21:20:17.585923199 O: putty ciphers: cipher aes 1804s 21:20:17.709690365 O: putty ciphers: cipher 3des 1804s 21:20:17.835865215 O: putty ciphers: cipher aes128-ctr 1804s 21:20:17.965845061 O: putty ciphers: cipher aes192-ctr 1805s 21:20:18.098941298 O: putty ciphers: cipher aes256-ctr 1805s 21:20:18.232051575 O: putty ciphers: cipher chacha20 1805s 21:20:18.278267143 E: The client-to-server cipher selected for this session is 1805s 21:20:18.279841266 E: ChaCha20-Poly1305, which, with this server, is vulnerable to 1805s 21:20:18.281237545 E: the 'Terrapin' attack CVE-2023-48795, potentially allowing 1805s 21:20:18.282623086 E: an attacker to modify the encrypted session. 1805s 21:20:18.284017245 E: Upgrading, patching, or reconfiguring this SSH server is the 1805s 21:20:18.285366255 E: best way to avoid this vulnerability, if possible. 1805s 21:20:18.286856416 E: You can also avoid this vulnerability by abandoning this 1805s 21:20:18.288221535 E: connection, moving ChaCha20 to below the 'warn below here' 1805s 21:20:18.289585505 E: line in PuTTY's SSH cipher configuration (so that an 1805s 21:20:18.291007676 E: algorithm without the vulnerability will be selected), and 1805s 21:20:18.292345334 E: starting a new connection. 1805s 21:20:18.293771875 E: Connection abandoned. 1805s 21:20:18.295117553 E: FATAL ERROR: Cannot confirm a weak crypto primitive in batch mode 1805s 21:20:18.297391166 O: ssh cat /tmp/autopkgtest.8T5BlL/autopkgtest_tmp/user/regress/data failed 1805s 21:20:18.298429901 E: cmp: EOF on /tmp/autopkgtest.8T5BlL/autopkgtest_tmp/user/regress/copy which is empty 1805s 21:20:18.317523283 O: corrupted copy 1805s 21:20:18.319527121 O: failed putty ciphers 1805s 21:20:18.319434210 E: make: *** [Makefile:247: t-exec-interop] Error 1 1805s 21:20:18.320965722 O: make: Leaving directory '/tmp/autopkgtest.8T5BlL/autopkgtest_tmp/user/regress' 1805s 21:20:18.322307881 O: ==> /tmp/autopkgtest.8T5BlL/autopkgtest_tmp/user/regress/failed-regress.log <== ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-48795 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2049552 Title: [noble] ftbfs with new zlib 1.3 Status in openssh package in Ubuntu: In Progress Bug description: The zlib detection code seems faulty: checking for possibly buggy zlib... yes configure: error: *** zlib too old - check config.log *** Your reported zlib version has known security problems. It's possible your vendor has fixed these problems without changing the version number. If you are sure this is the case, you can disable the check by running "./configure --without-zlib-version-check". If you are in doubt, upgrade zlib to version 1.2.3 or greater. See http://www.gzip.org/zlib/ for details. | #include <stdio.h> | #include <stdlib.h> | #include <zlib.h> | | int | main (void) | { | | int a=0, b=0, c=0, d=0, n, v; | n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); | if (n != 3 && n != 4) | exit(1); | v = a*1000000 + b*10000 + c*100 + d; | fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); | | /* 1.1.4 is OK */ | if (a == 1 && b == 1 && c >= 4) | exit(0); | | /* 1.2.3 and up are OK */ | if (v >= 1020300) | exit(0); | | exit(2); | | ; | return 0; | } Upstream bug report: https://bugzilla.mindrot.org/show_bug.cgi?id=3604 Upstream fix (untested): https://github.com/openssh/openssh- portable/commit/cb4ed12ffc332d1f72d054ed92655b5f1c38f621 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2049552/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
