pcp - Debian Package Tracker

general

source: pcp (main)
version: 7.1.1-1
maintainer: PCP Development Team (DMD)
uploaders: Nathan Scott [DMD] – Ken McDonell [DMD]
arch: all any
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 5.2.6-1
oldstable: 6.0.3-1.1
stable: 6.3.8-1
testing: 7.1.1-1
unstable: 7.1.1-1

versioned links

5.2.6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.0.3-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.3.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.1.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libpcp-archive1
libpcp-archive1-dev
libpcp-gui2
libpcp-gui2-dev
libpcp-import-perl
libpcp-import1
libpcp-import1-dev
libpcp-logsummary-perl
libpcp-mmv-perl
libpcp-mmv1
libpcp-mmv1-dev
libpcp-pmda-perl
libpcp-pmda3
libpcp-pmda3-dev
libpcp-trace2
libpcp-trace2-dev
libpcp-web1
libpcp-web1-dev
libpcp3
libpcp3-dev
libpcp4
libpcp4-dev
pcp (1 bugs: 0, 1, 0, 0)
pcp-conf
pcp-doc
pcp-export-pcp2elasticsearch
pcp-export-pcp2graphite
pcp-export-pcp2influxdb
pcp-export-pcp2json
pcp-export-pcp2spark
pcp-export-pcp2xlsx
pcp-export-pcp2xml
pcp-export-pcp2zabbix
pcp-export-zabbix-agent
pcp-gui
pcp-import-benchmarks
pcp-import-collectl2pcp
pcp-import-ganglia2pcp
pcp-import-guidellm2pcp
pcp-import-iostat2pcp
pcp-import-mrtg2pcp
pcp-import-sar2pcp
pcp-import-sheet2pcp
pcp-pmda-infiniband
pcp-testsuite
pcp-zeroconf
python3-pcp

action needed

Marked for autoremoval on 17 May due to openpyxl: #1132566 high

Version 7.1.1-1 of pcp is marked for autoremoval from testing on Sun 17 May 2026. It depends (transitively) on openpyxl, affected by #1132566. You should try to prevent the removal by fixing these RC bugs.

Created: 2026-04-10 Last update: 2026-04-15 12:32

lintian reports 2 errors and 6 warnings high

Lintian reports 2 errors and 6 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2026-03-30 Last update: 2026-03-30 09:31

AppStream hints: 1 error and 1 warning for pcp-gui high

AppStream found metadata issues for packages:

pcp-gui: 1 error and 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2026-02-23 04:00

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 7.1.2-1, distribution unstable) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 87e917f67a7061e868c42f78d5e51d167e340f29
Merge: 6e4d3d59 c37edbc9
Author: Nathan Scott <nathans@redhat.com>
Date:   Tue Apr 14 01:49:51 2026 +1000

    Merge branch 'pevans-merge' of github.com:pauljevans/pcp into pauljevans-pevans-merge

commit c37edbc9cb197c75632d371b67f376a76bac878f
Author: Paul Evans <pevans@redhat.com>
Date:   Wed Apr 8 16:41:19 2026 +0100

    pmdasmart: Add nvme_error_log.total metric
    
    Add smart.nvme_error_log.total metric that reports the total number
    of NVMe error log entries per disk, returning zero when no errors
    exist. Available for both device name and WWID instances.

commit 6e4d3d59c76a2f253ca6b5493fa76bf049caf555
Merge: de17a6d9 8fddb88b
Author: Nathan Scott <nathans@redhat.com>
Date:   Mon Apr 13 05:07:23 2026 +1000

    Merge branch 'pevans-merge' of github.com:pauljevans/pcp into pauljevans-pevans-merge

commit de17a6d9466bd19fa9a6505b0974783f7d6cd4ce
Merge: cfa48f50 fb62c8a4
Author: Nathan Scott <nathans@redhat.com>
Date:   Mon Apr 13 05:06:48 2026 +1000

    Merge branch 'htop-merge'

commit cfa48f508fe83be9c9a63010ddac44fe650c2d98
Merge: 7c3b63fd 784b4d8b
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Fri Apr 10 14:42:26 2026 +1000

    Merge branch 'main' of https://github.com/performancecopilot/pcp

commit 7c3b63fd2c5c28ed7cc806f7183e19ca4388d67c
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Fri Apr 10 14:33:14 2026 +1000

    COOKBOOK.md: reworked <a ...>...</a> index entries
    
    Alternate format (anchor does not span any text, index {entry} is first
    word after the anchor) is understood (now) by fix-md and seems to work
    better in terms of rendering and link navigation for github, okular
    and retext.

commit 7c533b7ad51988c1c7c5ac3d294627f1b6a22b7b
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Fri Apr 10 14:31:02 2026 +1000

    scripts/fix-md: rework emnbedded index syntax
    
    Citations used to be of the form
        <a id="idx+{ident}">{entry}</a>... (all on the same line)
    but now I also support the form
        <a id="idx+{ident}"></a>{entry}... (all on the same line)
    
    The first form is lexically better because the index term is
    defined by the span of the anchor.
    
    But the second form is better for some MD renderers where the
    anchor does not span any text (and in particular any font changes)
    ... in this case {entry} ends at the first non-word character
    in the set [ ,.<:|)]

commit 12d2b297826ed12af70a3c1214b25a1f803ebdb5
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Fri Apr 10 07:17:29 2026 +1000

    COOKBOOK.md: experiment with anchor span for github renderer

commit ac2af542a9c601761df2b33446ca618d0766ec66
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Fri Apr 10 07:12:08 2026 +1000

    qa/COOKBOOK.md: some font change tweaks and _ escaping

commit 8e1d8d82b5a06bf95cd75ddac68d0a2cde6e1c5e
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Fri Apr 10 06:22:29 2026 +1000

    qa/COOKBOOK.md: small tweaks

commit 3b4a3a82bdd18f2b89d6333277fb11e05f7bb839
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Fri Apr 10 06:21:44 2026 +1000

    scripts/fix-md: also remove ":" from charset for anchors

commit 3c5a221d2616d3294fec436ec578c43dbc575292
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Fri Apr 10 06:19:45 2026 +1000

    qa/common.check: _private_pmcd() improvement
    
    From COOKBOOK.md authoring and review, it seems sensible to add an
    optional pmcd config file as an argument.

commit bc2960ae6543b8d594f2b0bffd0204be7d45750d
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Thu Apr 9 17:30:29 2026 +1000

    COOKBOOK.md: move a section

commit 7b486508e7268f59cde55a60ee9b50b817a92ca0
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Thu Apr 9 17:15:41 2026 +1000

    qa/COOKBOOK.md: close to version 1.0

commit 8fddb88b26a09d2ed5013dbebbdab56fa0c8d2b7
Author: Paul Evans <pevans@redhat.com>
Date:   Wed Apr 8 16:41:19 2026 +0100

    pmdasmart: Add nvme_error_log.total metric
    
    Add smart.nvme_error_log.total metric that reports the total number
    of NVMe error log entries per disk, returning zero when no errors
    exist. Available for both device name and WWID instances.

commit fb62c8a427376159ecc58c15ee7a90ed979ce137
Author: Nathan Scott <nathans@redhat.com>
Date:   Wed Apr 8 10:45:10 2026 +1000

    build: update makefile for latest htop sync

commit 8014b595280d6708abf8c7d31ebb046068d5ea2b
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed Apr 8 10:40:37 2026 +1000

    qa/COOKBOOK.md: initial version almost done
    
    Also ome small changes in qa/common.check and qa/common.filter
    that were noted in passing.

commit 4942b0fc0f09e18740d22fad7e396f039cbf8c4d
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed Apr 8 10:39:50 2026 +1000

    scripts/fix-md: (#) cannot be a link ...

commit 0360d0d0d5571ef729581bacb7c7a1a549382120
Merge: 09399743 36964979
Author: Nathan Scott <nathans@redhat.com>
Date:   Wed Apr 8 10:38:55 2026 +1000

    Merge commit '36964979e69696e75c0fd1e75e22f50edd685412' into htop-merge

commit 36964979e69696e75c0fd1e75e22f50edd685412
Author: Nathan Scott <nathans@redhat.com>
Date:   Wed Apr 8 10:38:55 2026 +1000

    Squashed 'vendor/github.com/htop-dev/htop/' changes from 02a6fad076..6b15bd73f6
    
    6b15bd73f6 Merge branch 'NetworkIOMeter-label' of eworm-de/htop
    1c53fa0806 AvailableMeters: Allow KEY_RECLICK to add a meter
    319d16ab1c Change AvailableMeters function bar to same as AvailableColumns
    d00dc7052d Merge branch 'fasterit-fix-cpu-numbering'
    951a87d93b Make SMT-labeling respect the "Count CPUs from 1 instead of 0" setting, too
    99d903de9e Fix CPU labeling in MetersPanel depending on "Count CPUs from 1 instead of 0" setting
    270414ae15 ChangeLog entries for salient changes in upcoming 3.5.0 release
    c616371b10 optimize coreIndex enumeration
    0724863fda zero-out cpu0 indices
    772da756d6 Normalize physical core ID used when showCPUSMTLabels is set
    1ebab17f73 Merge branch 'line-editor'
    b1cdd93f45 Cancel move mode on rename
    a6c073456f Fix blinking red cursor on Search and stale yellow highlight bar on Filter
    138df954e4 Add fix for empty search string handling spotted in BenBE's review
    090cae1539 Merge branch 'print-time-format' of Explorer09/htop-1
    60c0f6bec7 Merge branch 'reuse-richstr-panel' of GermanAizek/htop
    73ddf5b0c6 Merge pull request #1933 from fasterit/line-editor
    19fc20c40d Implement line editor for Search, Filter and (re)naming Screens
    b3c8f55b7e Merge pull request #1935 from fasterit/numberitem-editor
    2e28615217 Merge pull request #1938 from fasterit/move-prevSelected-to-panel-class
    708a5cbd34 Work with indices for panel selection updates only
    e4b17eac99 Determine selected index where needed
    afcee3f559 Other minor code style changes
    84fb8ada73 Code style changes for asserts (no space before parens)
    8d482ee52a panel: reuse single rich str instead two alloc rich str
    43a7fd3514 Add a new printing format to Row_printNanoseconds()
    d976903a13 Row_printNanoseconds() code shrink
    b36021a2d6 Row_printTime() code shrink
    29c2885fd1 Row_printKBytes() code shrink
    58f587021d Fix assert in Meter.c
    c0300268c1 NetworkIOMeter: shorten the label
    d9384bf2a2 Address review feedback from BenBE
    7d7b16471b Move prevSelected from ScreensPanel to Panel
    0462fc55bc Merge branch 'readme-arch' of eworm-de/htop
    a5b8aa4fdd README: update instructions for Arch
    8c4ad998c2 Add build packages for OpenSUSE/SLES
    22efee7417 Merge branch 'eworm-de-align'
    06c2dee7d7 properly align help output
    a799669e03 Address review feedback from Explorer09
    f9b1695c1f Merge branch 'tjk213-tyler/smt-labeling'
    b009733ebc Merge branch 'tyler/smt-labeling' of github.com:tjk213/htop into tjk213-tyler/smt-labeling
    047442b524 Reduce regions guarded by HAVE_SENSORS_SENSORS_H
    1e4424e779 Merge branch 'BenBE-screen-edit-fixes'
    75aa72150a Merge branch 'screen-edit-fixes' of github.com:BenBE/htop into BenBE-screen-edit-fixes
    1820b73f31 Merge branches 'fasterit-fix-screens-setup-mouse-update' and 'fasterit-fix-reclick-issuance'
    2bdbcf1b1d Add digits editing for numeric options
    aa6d5825ec Only issue KEY_RECLICK when the focussed item has not changed
    8395a35c86 Track oldFocus correctly in ScreensPanel
    c64b1dea47 Add capital letters
    cbc1265ab3 Implement letter index
    e0ddc87b7d Add show_cpu_smt_labels setting
    1c6f4e8bb9 Add getCPUPhysicalCoreID() and getCPUPhysicalCoreID()
    dbdad2069f Cancel pending renaming action for a screen in dtor of ScreensPanel
    
    git-subtree-dir: vendor/github.com/htop-dev/htop
    git-subtree-split: 6b15bd73f600940e5829208628cc33830dc26fca

commit 816c066e5a628cec23eee40836e7e2e172f29634
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed Apr 8 10:38:07 2026 +1000

    scripts/man-spell: better hqandling of markdown documents
    
    For .md files ...
    - less troff hacks
    - more anchor-and-link hacks
    
    For troff ... no changes.

commit 784b4d8b8f9378b0a82c81ecee0099efb55656f0
Author: kurik <jkurik@redhat.com>
Date:   Tue Apr 7 09:01:56 2026 +0200

    Fix of a bogus date in redhat.spec
    
    May 30 2026 is a date in the future causing rpm-build to fail. This commit fixes the typo and sets the real release date to Mar 30 2026.

commit 609e66b6a2f851722efc8ae3a4dc8dade4279f78
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Mon Apr 6 11:43:24 2026 +1000

    COOKBOOK.md: completed up to the end of common.check
    
    Also some small changes to common.check and tweaks to scripts/fix-md.

commit 093997435c0854724459157ea53761d09981cb6d
Author: Jan Kurik <jkurik@redhat.com>
Date:   Tue Mar 31 15:39:11 2026 +0200

    Fix heap corruption crash in pmproxy
    
    Fix heap corruption crash (SIGSEGV) caused by unsafe cross-thread
    libuv timer operations by deferring all timer handle manipulation
    to the event loop thread via uv_async_t.

commit 35e784df741b90896212c191729343150f3fd559
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Thu Apr 2 07:44:19 2026 +1100

    qa: retire some old Irix warts and wrinkles
    
    It is coming up for 20 years the last Irix release (6.5.30 in Aug 2006)
    and so it is probably time to retire some more Irix-isms, especially in
    the QA suite.
    
    - no one has used Purify since then (cull *purify* functions from
      common.check and COOKBOOK.md, cull purify from group file)
    - the Irix version of netstat(1) is no longer interesting
    - and we haven't had a 64-bit Irix platform in the QA mix since
      then (qa/272)

commit 914a470424cef3766ec820d48b9dd548e6312415
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed Apr 1 13:47:20 2026 +1100

    qa/COOKBOOK.md: interim checkin

commit c12170937bd6c1798867675571a31105b280abb8
Merge: 94a9f2b9 c09974f4
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed Apr 1 08:10:18 2026 +1100

    Merge branch 'performancecopilot:main' into main

commit 94a9f2b9f018f491de0396f7b8ad711a109e0047
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Wed Apr 1 07:29:40 2026 +1100

    qa: audit and fix _stop_auto_restart() and _restore_auto_restart() usage
    
    Across multiple QA tests, ensure ...
    
    1. _restore_auto_restart() is only called for a service if there has
       been an earlier call to _stop_auto_restart() for the same service
    
    2. in _cleanup() in particular, make sure _restore_auto_restart()
       comes *before* _service start|restart for the same service
    
    In the QA Farm there has been instability for multiple tests over a
    long time where services failed to start|restart typically after an
    otherwise successful QA test execution.  Enforcing the protocols above
    seems to have improved the situation.

commit c09974f432b5ebb45d9665d6ebe418adf31651f5
Author: kurik <jkurik@redhat.com>
Date:   Tue Mar 31 09:00:12 2026 +0200

    Fix of broken redhat.spec file
    
    Fix of a syntax issue - forgotten `%endif` after the `%files` list extension.

commit 67a67be9687e088d2697059de77a19a614285424
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Tue Mar 31 07:28:12 2026 +1100

    qa/group: rename group BAD to not_in_qa_farm
    
    Similar to not_in_ci, these tests are so badly behaved in the QA Farm
    that they either hang QA runs or produce bad side-effects for subsequent
    tests.  They are apparently immune to triage.
    
    Initial tests in this category are
       1703: Exercise the bpftrace PMDA - run unittests
       1948: pmdaopentelemetry scalability testing
    
    Also change pcp-daily to use -x not_in_qa_farm with check.

commit 06814407bd25378f2e8c47339148d04215c25284
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Mon Mar 30 13:35:11 2026 +1100

    qa/triaged: tag 1222 for 32-bit platforms
    
    Problem for linux proc PMDA and libnl is subject to on-going triage
    and diagnosis.

commit 317e9601b6b882b62eb7c42bf5b6aff71689064e
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Mon Mar 30 13:31:57 2026 +1100

    Revert "qa/1222: add valgrind suppressions for libnl botch on 32-bit systems"
    
    This reverts commit 033abaca07f7bd7f9c90ba4d909b71f88585f988.
    
    Change of plan, deal with this via triaged.

commit a08ce161db7dd6b5def45387f3479248d61dbe6b
Merge: 272107ad 033abaca
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Mon Mar 30 13:31:21 2026 +1100

    Merge branch 'nextrel'

commit 272107ad15844b1e369516553a579247b991c2ba
Merge: 4102a620 e6fc8547
Author: Nathan Scott <nathans@redhat.com>
Date:   Mon Mar 30 13:15:33 2026 +1100

    Merge branch 'orasagar-pcp_mpstat_enhancement'

commit e6fc85476fedd2cd9d65f005d8421b8846771673
Merge: 4102a620 7e32eb2c
Author: Nathan Scott <nathans@redhat.com>
Date:   Mon Mar 30 13:15:16 2026 +1100

    Merge branch 'pcp_mpstat_enhancement' of github.com:orasagar/pcp into orasagar-pcp_mpstat_enhancement

commit 4102a620334daaa4af52906e1e710ecb2c7f66d6
Author: Nathan Scott <nathans@redhat.com>
Date:   Mon Mar 30 13:13:26 2026 +1100

    docs: bump changelogs and version for next planned release

commit 033abaca07f7bd7f9c90ba4d909b71f88585f988
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Mon Mar 30 08:05:25 2026 +1100

    qa/1222: add valgrind suppressions for libnl botch on 32-bit systems
    
    Observed on Debian-based systems.
    
    Also some cleanup of the filtering and remove the proc.numa_maps
    metrics that are not available on (at least some) of these systems.

commit ed88ddcaa27ecd4c440880b31d14441abacf5fb9
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Sun Mar 29 15:45:50 2026 +1100

    rc scripts: rework "enabled" tests
    
    This is for FreeBSD in particular where any script in /usr/local/etc/rc.d
    will be called and each is responsible for consulting /etc/rc.conf to
    see if they are "enabled".
    
    More generally, if our wrapper scripts are installed in the place where
    init (or similar) runs things from, we may need to do platform-specific
    tests to see if a particular PCP service is indeed enabled.
    
    This is all immaterial for systemd systems where the infrastructure
    deals with the "enabled" state and does no call scripts for disabled
    services.
    
    - add a new is_enabled() function into src/pmcd/rc-proc.sh ...
      today, it returns true for all platforms other than freebsd,
      and for freebsd interrogates /etc/rc.conf for most start actions
      (forcestart is a special action for FreeBSD that explicity
      by-passes the /etc/rc.conf enabling controls)
    - call is_enabled() from the rc_wrapper scripts for all actions
      except status ... pmie, pmlogger and pmproxy
    - pmcd does not have a wrapper script, so is_enabled() needs to
      be called from src/pmcd/rc_pmcd

commit b46a82a193dda262dcb623b5601b352d916a8629
Author: Ken McDonell <kenj@kenj.id.au>
Date:   Sun Mar 29 07:31:29 2026 +1100

    configure.ac: include early explicit tests for headers autoconf will use
    
    Specifically:
        stdio.h stdlib.h string.h inttypes.h stdint.h unistd.h strings.h
        sys/stat.h sys/types.h
    
    This bunch need to be in confdefs.h so that later fragments of
    conftest.c will compile properly ... on OpenBSD I saw the netinet/tcp.h
    test fail incorrectly because <sys/types.h> was conditional included
    in conftest.c but HAVE_SYS_TYPES_H had not (yet) been set.

commit 7e32eb2cd38ad8d3a5b2c78462cb9c81d8a8b7eb
Author: Sagar Sagar <sagar.sagar@oracle.com>
Date:   Fri Mar 27 11:44:19 2026 +0000

    pcp-mpstat.py: fixed build issues

commit 1fe757f64876cf4c8f8e85ab21d6a952fbb24dc3
Author: Sagar Sagar <sagar.sagar@oracle.com>
Date:   Fri Mar 27 09:22:29 2026 +0000

    qa: added pcp-mpstat4 archive coverage for interrupts
    
    Introduce QA test 1782 with expected output to exercise pcp-mpstat
    reports against the pcp-mpstat4 archive, including interrupt and
    softirq views for multiple CPU selections.
    
    changed the output in 883.out where it was just showing the cpu number instead of output for softirq and inq.
    Now it clearly throws warning for user

commit 0ea63672ad9d68e155144fa56b61984bcbda97f8
Author: Sagar Sagar <sagar.sagar@oracle.com>
Date:   Thu Mar 26 13:09:09 2026 +0000

    pcp-mpstat: interrupt ordering for -I option
    
    Added ordering strategies for hard/soft IRQ columns, prioritize
    numeric IRQs and canonical softirq sequence, and skip tables with
    clear messages when per-CPU metrics are absent; document behavior in
    the man page.
    
    this change has been done to match the mpstat output

Created: 2026-03-30 Last update: 2026-04-15 11:30

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2025-12-05 Last update: 2026-04-15 11:03

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

pcp-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2026-04-15 12:32

4 low-priority security issues in bookworm low

There are 4 open security issues in bookworm.

4 issues left for the package maintainer to handle:

CVE-2023-6917: (needs triaging) A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
CVE-2024-3019: (needs triaging) A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
CVE-2024-45769: (needs triaging) A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.
CVE-2024-45770: (needs triaging) A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-02-29 Last update: 2026-04-01 12:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.2).

Created: 2025-12-23 Last update: 2026-03-31 15:01

testing migrations

This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2026-04-02] pcp 7.1.1-1 MIGRATED to testing (Debian testing watch)
[2026-03-30] Accepted pcp 7.1.1-1 (source) into unstable (Nathan Scott)
[2026-01-30] pcp 7.1.0-1 MIGRATED to testing (Debian testing watch)
[2026-01-28] Accepted pcp 7.1.0-1 (source) into unstable (Nathan Scott)
[2025-12-05] pcp 7.0.5-1 MIGRATED to testing (Debian testing watch)
[2025-11-21] Accepted pcp 7.0.5-1 (source) into unstable (Nathan Scott)
[2025-11-19] Accepted pcp 7.0.4-1 (source) into unstable (Nathan Scott)
[2025-11-12] Accepted pcp 7.0.3-1 (source arm64 all) into unstable (Nathan Scott)
[2025-11-01] pcp REMOVED from testing (Debian testing watch)
[2025-10-16] Accepted pcp 7.0.2-1 (source arm64 all) into unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2025-09-23] Accepted pcp 7.0.1-1 (source arm64 all) into unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2025-09-01] Accepted pcp 7.0.0-1 (source arm64 all) into unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2025-04-21] pcp 6.3.8-1 MIGRATED to testing (Debian testing watch)
[2025-04-11] Accepted pcp 6.3.8-1 (source) into unstable (Nathan Scott)
[2025-04-07] pcp 6.3.7-1 MIGRATED to testing (Debian testing watch)
[2025-03-28] Accepted pcp 6.3.7-1 (source) into unstable (Nathan Scott)
[2025-03-17] Accepted pcp 6.3.6-1 (source) into unstable (Nathan Scott)
[2025-03-15] Accepted pcp 6.3.5-1 (source) into unstable (Nathan Scott)
[2025-03-13] Accepted pcp 6.3.4-1 (source) into unstable (Nathan Scott)
[2025-01-28] Accepted pcp 6.3.3-1 (source) into unstable (Nathan Scott)
[2024-09-17] Accepted pcp 6.3.1-1 (source) into unstable (Nathan Scott)
[2024-07-30] Accepted pcp 6.3.0-1 (source) into unstable (Nathan Scott)
[2024-06-03] pcp REMOVED from testing (Debian testing watch)
[2024-05-15] Accepted pcp 6.2.2-1 (source) into unstable (Nathan Scott)
[2024-05-07] Accepted pcp 6.2.1-1 (source arm64 all) into unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2024-02-29] Accepted pcp 6.2.0-1.1 (source) into unstable (Benjamin Drung)
[2024-02-22] pcp 6.2.0-1 MIGRATED to testing (Debian testing watch)
[2024-02-19] Accepted pcp 6.2.0-1.1~exp1 (source) into experimental (Steve Langasek)
[2024-02-11] Accepted pcp 6.2.0-1 (source) into unstable (Nathan Scott)
[2023-11-27] pcp 6.1.1-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 2
RC: 1
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (2, 6)
buildd: logs, reproducibility, cross
popcon
browse source code
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 7.1.1-1
1 bug