pcp - Debian Package Tracker

general

source: pcp (main)
version: 6.3.1-1
maintainer: PCP Development Team (DMD)
uploaders: Ken McDonell [DMD] – Nathan Scott [DMD]
arch: all any
std-ver: 3.9.3
VCS: unknown

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 4.3.2+really4.3.1-0.1
oldstable: 5.2.6-1
stable: 6.0.3-1.1
unstable: 6.3.1-1

versioned links

4.3.2+really4.3.1-0.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.2.6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.0.3-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.2.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.3.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libpcp-archive1
libpcp-archive1-dev
libpcp-gui2
libpcp-gui2-dev
libpcp-import-perl
libpcp-import1
libpcp-import1-dev
libpcp-logsummary-perl
libpcp-mmv-perl
libpcp-mmv1
libpcp-mmv1-dev
libpcp-pmda-perl
libpcp-pmda3
libpcp-pmda3-dev
libpcp-trace2
libpcp-trace2-dev
libpcp-web1
libpcp-web1-dev
libpcp3
libpcp3-dev
pcp (13 bugs: 1, 12, 0, 0)
pcp-conf
pcp-doc
pcp-export-pcp2elasticsearch
pcp-export-pcp2graphite
pcp-export-pcp2influxdb
pcp-export-pcp2json
pcp-export-pcp2spark
pcp-export-pcp2xlsx
pcp-export-pcp2xml
pcp-export-pcp2zabbix
pcp-export-zabbix-agent
pcp-gui
pcp-import-collectl2pcp
pcp-import-ganglia2pcp
pcp-import-iostat2pcp
pcp-import-mrtg2pcp
pcp-import-sar2pcp
pcp-import-sheet2pcp
pcp-pmda-infiniband
pcp-testsuite
pcp-zeroconf
python3-pcp

action needed

A new upstream version is available: 6.3.2 high

A new upstream version 6.3.2 is available, you should consider packaging it.

Created: 2024-11-08 Last update: 2024-11-21 07:31

lintian reports 18 errors and 184 warnings high

Lintian reports 18 errors and 184 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2024-09-17 Last update: 2024-10-19 06:02

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.0 instead of 3.9.3).

Created: 2014-07-13 Last update: 2024-09-17 13:09

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2024-3019: A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.

Created: 2024-03-29 Last update: 2024-05-15 09:30

AppStream hints: 1 error and 1 warning high

AppStream found metadata issues for packages:

pcp-gui: 1 error and 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2022-01-21 06:05

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2024-09-27 Last update: 2024-11-21 09:32

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

pcp-doc could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2024-11-21 08:30

4 low-priority security issues in bookworm low

There are 4 open security issues in bookworm.

4 issues left for the package maintainer to handle:

CVE-2023-6917: (needs triaging) A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
CVE-2024-3019: (needs triaging) A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
CVE-2024-45769: (needs triaging) A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.
CVE-2024-45770: (needs triaging) A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-02-29 Last update: 2024-10-23 17:30

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2024-10-15 Last update: 2024-10-15 19:04

testing migrations

excuses:
- Migration status for pcp (- to 6.3.1-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- ∙ ∙ Updating pcp would introduce bugs in testing: #1071103
- ∙ ∙ pcp unsatisfiable Build-Depends(-Arch) on ppc64el: bpftrace (>= 0.9.2) [amd64 arm64 ppc64el]
- ∙ ∙ missing build on i386
- ∙ ∙ missing build on ppc64el
- ∙ ∙ arch:i386 not built yet, autopkgtest delayed there
- ∙ ∙ arch:ppc64el not built yet, autopkgtest delayed there
- Additional info:
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/p/pcp.html
- ∙ ∙ New but not reproducible on amd64 - info ♻
- ∙ ∙ New but not reproducible on arm64 - info ♻
- ∙ ∙ Waiting for reproducibility test results on armhf - info ♻
- ∙ ∙ 65 days old (needed 5 days)
- Not considered

news

[rss feed]

[2024-09-17] Accepted pcp 6.3.1-1 (source) into unstable (Nathan Scott)
[2024-07-30] Accepted pcp 6.3.0-1 (source) into unstable (Nathan Scott)
[2024-06-03] pcp REMOVED from testing (Debian testing watch)
[2024-05-15] Accepted pcp 6.2.2-1 (source) into unstable (Nathan Scott)
[2024-05-07] Accepted pcp 6.2.1-1 (source arm64 all) into unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2024-02-29] Accepted pcp 6.2.0-1.1 (source) into unstable (Benjamin Drung)
[2024-02-22] pcp 6.2.0-1 MIGRATED to testing (Debian testing watch)
[2024-02-19] Accepted pcp 6.2.0-1.1~exp1 (source) into experimental (Steve Langasek)
[2024-02-11] Accepted pcp 6.2.0-1 (source) into unstable (Nathan Scott)
[2023-11-27] pcp 6.1.1-1 MIGRATED to testing (Debian testing watch)
[2023-11-17] Accepted pcp 6.1.1-1 (source) into unstable (Nathan Scott)
[2023-09-19] pcp 6.1.0-1 MIGRATED to testing (Debian testing watch)
[2023-09-06] Accepted pcp 6.1.0-1 (source) into unstable (Nathan Scott)
[2023-07-06] pcp 6.0.5-1 MIGRATED to testing (Debian testing watch)
[2023-06-26] Accepted pcp 6.0.5-1 (source) into unstable (Nathan Scott)
[2023-05-19] pcp 6.0.3-1.1 MIGRATED to testing (Debian testing watch)
[2023-05-11] Accepted pcp 6.0.3-1.1 (source) into unstable (Andreas Metzler)
[2023-03-05] pcp 6.0.3-1 MIGRATED to testing (Debian testing watch)
[2023-02-23] Accepted pcp 6.0.3-1 (source) into unstable (Nathan Scott)
[2023-02-13] Accepted pcp 6.0.2-1 (source) into unstable (Nathan Scott)
[2022-11-01] pcp 6.0.1-1 MIGRATED to testing (Debian testing watch)
[2022-10-28] pcp REMOVED from testing (Debian testing watch)
[2022-10-27] Accepted pcp 6.0.1-1 (source) into unstable (Nathan Scott)
[2022-10-22] Accepted pcp 6.0.0-1.1 (source) into unstable (Paul Gevers)
[2022-09-07] Accepted pcp 6.0.0-1 (source amd64 all) into unstable, unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2022-04-20] pcp 5.3.7-1 MIGRATED to testing (Debian testing watch)
[2022-04-05] Accepted pcp 5.3.7-1 (source) into unstable (Nathan Scott)
[2022-02-13] pcp 5.3.6-1 MIGRATED to testing (Debian testing watch)
[2022-02-02] Accepted pcp 5.3.6-1 (source) into unstable (Nathan Scott)
[2021-11-23] pcp 5.3.5-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 14
RC: 1
I&N: 12
M&W: 1
F&P: 0
patch: 0

links

homepage
lintian (18, 184)
buildd: logs, checks, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 6.3.0-1
8 bugs