pcp - Debian Package Tracker

general

source: pcp (main)
version: 6.3.8-1
maintainer: PCP Development Team (DMD)
uploaders: Ken McDonell [DMD] – Nathan Scott [DMD]
arch: all any
std-ver: 4.7.2
VCS: unknown

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 5.2.6-1
stable: 6.0.3-1.1
testing: 6.3.8-1
unstable: 6.3.8-1

versioned links

5.2.6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.0.3-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.3.8-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libpcp-archive1
libpcp-archive1-dev
libpcp-gui2
libpcp-gui2-dev
libpcp-import-perl
libpcp-import1
libpcp-import1-dev
libpcp-logsummary-perl
libpcp-mmv-perl
libpcp-mmv1
libpcp-mmv1-dev
libpcp-pmda-perl
libpcp-pmda3
libpcp-pmda3-dev
libpcp-trace2
libpcp-trace2-dev
libpcp-web1
libpcp-web1-dev
libpcp3
libpcp3-dev
pcp (8 bugs: 0, 8, 0, 0)
pcp-conf
pcp-doc
pcp-export-pcp2elasticsearch
pcp-export-pcp2graphite
pcp-export-pcp2influxdb
pcp-export-pcp2json
pcp-export-pcp2spark
pcp-export-pcp2xlsx
pcp-export-pcp2xml
pcp-export-pcp2zabbix
pcp-export-zabbix-agent
pcp-gui
pcp-import-collectl2pcp
pcp-import-ganglia2pcp
pcp-import-iostat2pcp
pcp-import-mrtg2pcp
pcp-import-sar2pcp
pcp-import-sheet2pcp
pcp-pmda-infiniband
pcp-testsuite
pcp-zeroconf
python3-pcp

action needed

lintian reports 8 errors and 32 warnings high

Lintian reports 8 errors and 32 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-04-10 Last update: 2025-04-11 12:31

AppStream hints: 1 error and 1 warning high

AppStream found metadata issues for packages:

pcp-gui: 1 error and 1 warning

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2022-01-21 06:05

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2025-04-09 Last update: 2025-07-27 03:30

Multiarch hinter reports 2 issue(s) low

There are issues with the multiarch metadata for this package.

pcp-doc could be marked Multi-Arch: foreign
pcp-export-pcp2xlsx could be converted to Architecture: all and marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2025-07-27 03:30

4 low-priority security issues in bookworm low

There are 4 open security issues in bookworm.

4 issues left for the package maintainer to handle:

CVE-2023-6917: (needs triaging) A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.
CVE-2024-3019: (needs triaging) A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
CVE-2024-45769: (needs triaging) A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.
CVE-2024-45770: (needs triaging) A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.

You can find information about how to handle these issues in the security team's documentation.

Created: 2024-02-29 Last update: 2025-04-21 06:01

news

[rss feed]

[2025-04-21] pcp 6.3.8-1 MIGRATED to testing (Debian testing watch)
[2025-04-11] Accepted pcp 6.3.8-1 (source) into unstable (Nathan Scott)
[2025-04-07] pcp 6.3.7-1 MIGRATED to testing (Debian testing watch)
[2025-03-28] Accepted pcp 6.3.7-1 (source) into unstable (Nathan Scott)
[2025-03-17] Accepted pcp 6.3.6-1 (source) into unstable (Nathan Scott)
[2025-03-15] Accepted pcp 6.3.5-1 (source) into unstable (Nathan Scott)
[2025-03-13] Accepted pcp 6.3.4-1 (source) into unstable (Nathan Scott)
[2025-01-28] Accepted pcp 6.3.3-1 (source) into unstable (Nathan Scott)
[2024-09-17] Accepted pcp 6.3.1-1 (source) into unstable (Nathan Scott)
[2024-07-30] Accepted pcp 6.3.0-1 (source) into unstable (Nathan Scott)
[2024-06-03] pcp REMOVED from testing (Debian testing watch)
[2024-05-15] Accepted pcp 6.2.2-1 (source) into unstable (Nathan Scott)
[2024-05-07] Accepted pcp 6.2.1-1 (source arm64 all) into unstable (Debian FTP Masters) (signed by: Nathan Scott)
[2024-02-29] Accepted pcp 6.2.0-1.1 (source) into unstable (Benjamin Drung)
[2024-02-22] pcp 6.2.0-1 MIGRATED to testing (Debian testing watch)
[2024-02-19] Accepted pcp 6.2.0-1.1~exp1 (source) into experimental (Steve Langasek)
[2024-02-11] Accepted pcp 6.2.0-1 (source) into unstable (Nathan Scott)
[2023-11-27] pcp 6.1.1-1 MIGRATED to testing (Debian testing watch)
[2023-11-17] Accepted pcp 6.1.1-1 (source) into unstable (Nathan Scott)
[2023-09-19] pcp 6.1.0-1 MIGRATED to testing (Debian testing watch)
[2023-09-06] Accepted pcp 6.1.0-1 (source) into unstable (Nathan Scott)
[2023-07-06] pcp 6.0.5-1 MIGRATED to testing (Debian testing watch)
[2023-06-26] Accepted pcp 6.0.5-1 (source) into unstable (Nathan Scott)
[2023-05-19] pcp 6.0.3-1.1 MIGRATED to testing (Debian testing watch)
[2023-05-11] Accepted pcp 6.0.3-1.1 (source) into unstable (Andreas Metzler)
[2023-03-05] pcp 6.0.3-1 MIGRATED to testing (Debian testing watch)
[2023-02-23] Accepted pcp 6.0.3-1 (source) into unstable (Nathan Scott)
[2023-02-13] Accepted pcp 6.0.2-1 (source) into unstable (Nathan Scott)
[2022-11-01] pcp 6.0.1-1 MIGRATED to testing (Debian testing watch)
[2022-10-28] pcp REMOVED from testing (Debian testing watch)

bugs [bug history graph]

all: 11
RC: 0
I&N: 9
M&W: 2
F&P: 0
patch: 0

links

homepage
lintian (8, 32)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 6.3.8-1
7 bugs