Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bind: Upgrade from 9.18 to 9.20 series #38160

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

xnox
Copy link
Member

@xnox xnox commented Dec 21, 2024

Bind uses even/odd series for stable/devel releases, with 9.20.x being
the latest stable and 9.21.x being the latest devel. Ideally we would
have "no-odd" semver flag in our update monitors; or jut a regexp
support for tag filtering.

Noticed via OSS Security post about 9.20.4 critical issue.

With this update, a new PR should be opened by the bot to upgrade to v9.20.x series:

$ GITHUB_TOKEN=$(gh auth token) ~/chainguard-dev/mono/cg/cg check update bind.yaml 
2024/12/21 11:06:32 WARN using GITHUB_TOKEN for token exchange
2024/12/21 11:06:32 INFO found 1 packages

2024/12/21 11:06:32 INFO checking package bind: bind
2024/12/21 11:06:32 INFO [1/1] bind: checking release monitor using id 374094

2024/12/21 11:06:33 INFO found dereferenced tag v9.20.4 for package with commit 283ac230b9277cad7ea509cafcd404573a7270ab
2024/12/21 11:06:33 INFO commit SHA for package bind: 283ac230b9277cad7ea509cafcd404573a7270ab
2024/12/21 11:06:33 INFO attempting to bump version to 9.20.4
2024/12/21 11:06:33 INFO processing git-checkout node
2024/12/21 11:06:33 INFO   expected-commit: 283ac230b9277cad7ea509cafcd404573a7270ab
2024/12/21 11:06:34 INFO git-checkout was successful package=bind
2024/12/21 11:06:34 INFO update config passed validation for packages bind.yaml

xnox added 2 commits December 23, 2024 23:21
Bind uses even/odd series for stable/devel releases, with 9.20.x being
the latest stable and 9.21.x being the latest devel. Ideally we would
have "no-odd" semver flag in our update monitors; or jut a regexp
support for tag filtering.

Noticed via [OSS Security post](https://www.openwall.com/lists/oss-security/2024/12/21/1) about 9.20.4 critical issue.
Copy link
Contributor

octo-sts bot commented Dec 23, 2024

Gen AI suggestions to solve the build error:

Based on the build error, I'll analyze and provide a solution:

• Detected Error:

Package requirements (liburcu >= 0.10.0 liburcu-cds >= 0.10.0) were not met:
Package 'liburcu' not found
Package 'liburcu-cds' not found

• Error Category: Dependency

• Failure Point: autoconf/configure step

• Root Cause Analysis: The build is failing because it requires the userspace RCU (liburcu) library and its CDS component, which are missing from the build environment.

• Suggested Fix:
Add the following dependencies to the environment.packages section:

environment:
  contents:
    packages:
      - liburcu
      - liburcu-dev
      # ... existing packages ...

• Explanation: BIND uses the userspace RCU (Read-Copy-Update) library for concurrent programming optimization. Adding these packages will provide the required libraries and development files needed for compilation.

• Additional Notes:

  • liburcu is a userspace implementation of the RCU (Read-Copy-Update) synchronization mechanism
  • The error indicates BIND requires version 0.10.0 or higher
  • Both the runtime library and development files are needed for compilation

• References:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant