pcp - Debian Package Tracker

general

source: pcp (main)
version: 7.1.5-1
maintainer: PCP Development Team (DMD)
uploaders: Ken McDonell [DMD] – Nathan Scott [DMD]
arch: all any
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 5.2.6-1
oldstable: 6.0.3-1.1
stable: 6.3.8-1
testing: 7.1.4-1
unstable: 7.1.5-1

versioned links

5.2.6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.0.3-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.3.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.1.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libpcp-archive1
libpcp-archive1-dev
libpcp-gui2
libpcp-gui2-dev
libpcp-import-perl
libpcp-import1
libpcp-import1-dev
libpcp-logsummary-perl
libpcp-mmv-perl
libpcp-mmv1
libpcp-mmv1-dev
libpcp-pmda-perl
libpcp-pmda3
libpcp-pmda3-dev
libpcp-trace2
libpcp-trace2-dev
libpcp-web1
libpcp-web1-dev
libpcp3
libpcp3-dev
libpcp4
libpcp4-dev
pcp (1 bugs: 0, 1, 0, 0)
pcp-conf
pcp-doc
pcp-export-pcp2elasticsearch
pcp-export-pcp2graphite
pcp-export-pcp2influxdb
pcp-export-pcp2json
pcp-export-pcp2spark
pcp-export-pcp2xlsx
pcp-export-pcp2xml
pcp-export-pcp2zabbix
pcp-export-zabbix-agent
pcp-gui
pcp-import-benchmarks
pcp-import-collectl2pcp
pcp-import-ganglia2pcp
pcp-import-guidellm2pcp
pcp-import-iostat2pcp
pcp-import-mrtg2pcp
pcp-import-sar2pcp
pcp-import-sheet2pcp
pcp-pmda-infiniband
pcp-testsuite
pcp-zeroconf
python3-pcp

action needed

Marked for autoremoval on 20 June due to mongo-c-driver: #1133063, #1135502 high

Version 7.1.4-1 of pcp is marked for autoremoval from testing on Sat 20 Jun 2026. It is affected by #1133063. The removal of pcp will also cause the removal of (transitive) reverse dependency: bpftune. It depends (transitively) on mongo-c-driver, affected by #1135502. You should try to prevent the removal by fixing these RC bugs.

Created: 2026-04-10 Last update: 2026-05-28 21:03

lintian reports 2 errors and 18 warnings high

Lintian reports 2 errors and 18 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2026-05-27 Last update: 2026-05-27 21:01

AppStream hints: 1 error and 1 warning for pcp-gui high

AppStream found metadata issues for packages:

pcp-gui: 1 error and 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2026-02-23 04:00

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 2-day delay is over. Check why.

Created: 2026-05-28 Last update: 2026-05-28 21:02

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2025-12-05 Last update: 2026-05-28 16:00

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 7.1.6-1, distribution unstable) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 0746f00004ed6e08abbb4eb641b70683cb70689d
Author: Jan Kurik <jkurik@redhat.com>
Date:   Wed May 27 05:28:32 2026 +0200

    ci: add Fedora 44 and Ubuntu 26.04 to GitHub automation
    
    Add platform definitions, QA package lists, and workflow matrix entries
    for fedora44-container, ubuntu2604-container, and ubuntu2604. Map
    ubuntu2604 releases to the resolute codename for Packagecloud uploads.
    
    Drop obsolete suggestion-mode from .pylintrc for pylint 4.x. Stop using
    deprecated argparse.FileType in the lmsensors PMDA. Use
    /usr/lib/systemd/systemd as PID 1 on Ubuntu 26.04 where /usr/bin/systemd
    is no longer shipped. Fix Ubuntu 26.04 package list Perl and ICU names.
    Report OSError when the lmsensors inject file cannot be read.
    
    Co-authored-by: Cursor <cursoragent@cursor.com>

commit d653a7e182a8b5ba12f8729f1e61523e6c007feb
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed May 27 15:07:55 2026 +1000

    Makepkgs: revert dh_auto_configure change
    
    We cannot use dh_auto_configure in the early part of the source
    code packaging ... go back to using ./configure directly.

commit d65a9f0ddda077c025e36e4fa5bef6ecb9c10441
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed May 27 13:41:18 2026 +1000

    qa/988: permissions and remake
    
    Same test files, same fix needed (as previously applied to qa/987).

commit 17c5b86b8995dce5095b47828601316b5c154869
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed May 27 13:35:19 2026 +1000

    qa/1426: tweak filter to dodge Debian Multilib path

commit 24cfa916bc2d36475a987644be0f5f7b0b2cffac
Merge: 8bc11083 da237643
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed May 27 13:05:11 2026 +1000

    Merge branch 'main' of ../pcp

commit da2376438b96fe180dcbf92ae7f33e7b16e01709
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed May 27 13:03:55 2026 +1000

    debian/pcp-testsuite.lintian: Multilib strikes again
    
    One more place where there is a path that depends on Multilib.

commit 2dd2f5cd07d18d671b4235afe48a407b83cb1d8a
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed May 27 11:25:38 2026 +1000

    qa/987: fix permissions and other problems
    
    The tarballs this test uses have been created by various people
    over time and they do not share the same ownerships and permissions.
    
    The net result is that the test with the latest
    qa/linux/xfs-root-003.tgz is failing on all the machines in the
    QA Farm.
    
    - half because of one variant of the permissions issue
    - half because dodging the first permissions issue exposes a second
      permissions issue that shows the committed 987.out is bad ... lots of
      values are available but 987.out shows No values
    
    Fix the script (big chmod hammer) and remake 987.out.

commit 8bc1108330271a1c947ff997ee221d1ae815a635
Author: Nathan Scott <nathans@redhat.com>
Date:   Tue May 26 12:48:28 2026 +1000

    docs: bump version and changelogs for next planned release

commit e21c41bbb6e8a3461a2e59362efe0a20a65ca72b
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Mon May 25 07:11:22 2026 +1000

    Makepkgs & qa/admin/myconfigure: use dh_auto_configure when available
    
    For Debian builds this means
        $ qa/admin/myconfigure
    leaves the source tree in a state where
        $ sudo make install
    works for all the src/libpcp* directories because the Multilib path
    below /usr/lib will be used to match the place the libraries are
    installed by dpkg.
    
    For Makepkgs this is pretty much a no-op, other than it will not
    undo changes made by qa/admin/myconfigure.

Created: 2026-05-23 Last update: 2026-05-28 07:32

Multiarch hinter reports 2 issue(s) low

There are issues with the multiarch metadata for this package.

pcp-doc could be marked Multi-Arch: foreign
pcp-export-zabbix-agent could be converted to Architecture: all and marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2026-05-28 17:31

4 low-priority security issues in bookworm low

There are 4 open security issues in bookworm.

4 issues left for the package maintainer to handle:

CVE-2023-6917: (needs triaging) A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
CVE-2024-3019: (needs triaging) A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
CVE-2024-45769: (needs triaging) A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.
CVE-2024-45770: (needs triaging) A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-02-29 Last update: 2026-05-26 12:02

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.2).

Created: 2025-12-23 Last update: 2026-05-26 12:02

testing migrations

This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
excuses:
- Migration status for pcp (7.1.4-1 to 7.1.5-1): Will attempt migration (Any information below is purely informational)
- Additional info (not blocking):
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/p/pcp.html
- ∙ ∙ Not reproduced on amd64 (not a regression): pcp-testsuite
- ∙ ∙ Not reproduced on arm64 (not a regression): pcp, pcp-testsuite
- ∙ ∙ Not reproduced on armhf (not a regression): pcp, pcp-testsuite
- ∙ ∙ Not reproduced on i386 (not a regression): pcp, pcp-testsuite
- ∙ ∙ 3 days old (needed 2 days)

news

[rss feed]

[2026-05-26] Accepted pcp 7.1.5-1 (source) into unstable (Nathan Scott)
[2026-05-25] pcp 7.1.4-1 MIGRATED to testing (Debian testing watch)
[2026-05-22] Accepted pcp 7.1.4-1 (source) into unstable (Nathan Scott)
[2026-05-02] Accepted pcp 7.1.3-2 (source) into unstable (Nathan Scott)
[2026-04-27] pcp 7.1.2-1 MIGRATED to testing (Debian testing watch)
[2026-04-24] Accepted pcp 7.1.2-1 (source) into unstable (Nathan Scott)
[2026-04-02] pcp 7.1.1-1 MIGRATED to testing (Debian testing watch)
[2026-03-30] Accepted pcp 7.1.1-1 (source) into unstable (Nathan Scott)
[2026-01-30] pcp 7.1.0-1 MIGRATED to testing (Debian testing watch)
[2026-01-28] Accepted pcp 7.1.0-1 (source) into unstable (Nathan Scott)
[2025-12-05] pcp 7.0.5-1 MIGRATED to testing (Debian testing watch)
[2025-11-21] Accepted pcp 7.0.5-1 (source) into unstable (Nathan Scott)
[2025-11-19] Accepted pcp 7.0.4-1 (source) into unstable (Nathan Scott)
[2025-11-12] Accepted pcp 7.0.3-1 (source arm64 all) into unstable (Nathan Scott)
[2025-11-01] pcp REMOVED from testing (Debian testing watch)
[2025-10-16] Accepted pcp 7.0.2-1 (source arm64 all) into unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2025-09-23] Accepted pcp 7.0.1-1 (source arm64 all) into unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2025-09-01] Accepted pcp 7.0.0-1 (source arm64 all) into unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2025-04-21] pcp 6.3.8-1 MIGRATED to testing (Debian testing watch)
[2025-04-11] Accepted pcp 6.3.8-1 (source) into unstable (Nathan Scott)
[2025-04-07] pcp 6.3.7-1 MIGRATED to testing (Debian testing watch)
[2025-03-28] Accepted pcp 6.3.7-1 (source) into unstable (Nathan Scott)
[2025-03-17] Accepted pcp 6.3.6-1 (source) into unstable (Nathan Scott)
[2025-03-15] Accepted pcp 6.3.5-1 (source) into unstable (Nathan Scott)
[2025-03-13] Accepted pcp 6.3.4-1 (source) into unstable (Nathan Scott)
[2025-01-28] Accepted pcp 6.3.3-1 (source) into unstable (Nathan Scott)
[2024-09-17] Accepted pcp 6.3.1-1 (source) into unstable (Nathan Scott)
[2024-07-30] Accepted pcp 6.3.0-1 (source) into unstable (Nathan Scott)
[2024-06-03] pcp REMOVED from testing (Debian testing watch)
[2024-05-15] Accepted pcp 6.2.2-1 (source) into unstable (Nathan Scott)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (2, 18)
buildd: logs, reproducibility, cross
popcon
browse source code
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 7.1.4-1
2 bugs