Ubuntu
curl package

libcurl3-gnutls in cosmic breaks git with Azure DevOps

Bug #1805203 reported by Mark Inderhees
44
This bug affects 8 people
Affects Status Importance Assigned to Milestone
curl (Ubuntu)
Fix Released
High
Unassigned
Cosmic
Fix Committed
Undecided
Unassigned

Bug Description

* Impact
Git auth fails when trying to work with an Azure DevOps repository

* Test case
Try to git clone from an Azure DevOps repository using a Personal Access Token
The clone should work and not fail on an authentification error

* Regression potential
The diff is in the curl http code, it would be good to test a few rdepends to make sure they have no regression

--------------------------------------------

The version of libcurl3-gnutls in cosmic (7.61.0) causes authentication failures with Azure DevOps. This causes all git operations with the server to fail (eg clone, push, pull). For details see this curl bug: https://github.com/curl/curl/pull/2754

To work around this I downgraded libcurl3-gnutls to the version in bionic (7.58.0)

From the curl change list https://curl.haxx.se/changes.html#7_61_1, this issue should be fixed in package version 7.61.1 or above.

Request: please upgrade package in cosmic for libcurl3-gnutls to 7.61.1 or above

Details:
1 - Ubuntu 18.10
2 - libcurl3-gnutls (7.61.0-1ubuntu2.2 and others)
3 - Be able to git clone from an Azure DevOps repository using a Personal Access Token
4 - git operations fail to authenticate

Thank you,
Mark

See original description
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in curl (Ubuntu):
status: New → Confirmed
Revision history for this message
Johannes (johannes-schindelin) wrote :

I am the author of https://github.com/curl/curl/pull/2754 (which is the bug fix Mark talks about), and I can confirm that the upgrade is necessary to fix that bug.

Revision history for this message
Mark Inderhees (markind-msft) wrote :

Someone contacted me and requested the steps for the work around. Sharing here:

First, you need to add the bionic security repository to your apt sources list
$ sudo vim /etc/apt/sources.list
Add this line:
deb http://security.ubuntu.com/ubuntu/ bionic-security main restricted

Update packages
$ sudo apt-get update

Then you need to downgrade libcurl3-gnutls:
$ sudo apt-get install libcurl3-gnutls=7.58.0*

As security packages are updated automatically by Ubuntu on a daily basis, you'll need to re-run this last command to downgrade libcurl3-gnutls every morning.

Revision history for this message
Mikhail Shevtsov (mesouug) wrote :

Faced same issue and solved by downgrading.

To avoid upgrade of package and adding bionic-security to sources list One can do:
1. Manually download package from https://packages.ubuntu.com/bionic/libcurl3-gnutls
2. Install libcurl3-gnutls with dpkg -i libcurl3-gnutls*.deb
3. Lock package version with apt-mark hold libcurl3-gnutls
4. Once update will be pushed just unlock package with apt-mark unhold libcurl3-gnutls

Revision history for this message
Sebastien Bacher (seb128) wrote :

That's fixed to disco, upload a SRU backport to cosmic now

Changed in curl (Ubuntu):
importance: Undecided → High
status: Confirmed → Fix Released
description: updated
Revision history for this message
Thapelo Mokau Masemola (thapelo-masemola) wrote :

Greetings,
I'm quite new to Ubuntu. Recently decided to move from Windows to Ubuntu 18.10. I'm experiencing the same issue with authentication to azure devops repos during a pull. What is the fix to this?

Revision history for this message
Mark Inderhees (markind-msft) wrote :

@Thapelo, seems the back port is not yet in Cosmic (18.10). Follow the steps recommended by Mikhail Shevtsov to resolve the issue.

Revision history for this message
Timo Aaltonen (tjaalton) wrote : Please test proposed package

Hello Mark, or anyone else affected,

Accepted curl into cosmic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/curl/7.61.0-1ubuntu2.5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-cosmic to verification-done-cosmic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-cosmic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in curl (Ubuntu Cosmic):
status: New → Fix Committed
tags: added: verification-needed verification-needed-cosmic
Revision history for this message
Mark Inderhees (markatwork) wrote :

Thanks for pushing this fix through. Unfortunately, I went back to Bionic because of other hard dependencies and am unable to validate. Can others who hit this please try the fix?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.