Debian Patches
Status for etcd/3.5.16-11
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-ignore-bind-error-in-embed-serve_test.go.patch | ignore bind error in embed/serve_test.go In autopkgtest-go, this test will be run when etcd is running. etcd-server is installed, then the service is started by default. |
Shengjing Zhu <zhsj@debian.org> | not-needed | 2020-10-07 | ||
| 0002-don-t-exit-on-unsupported-arch.patch | don't exit on unsupported arch | Shengjing Zhu <zhsj@debian.org> | not-needed | 2020-10-08 | ||
| 0003-Ignore-etcd-package-without-v3-suffix-when-checking-.patch | Ignore etcd package without v3 suffix when checking leaking goroutines Debian uses GOPATH mode to build. |
Shengjing Zhu <zhsj@debian.org> | not-needed | 2024-08-01 | ||
| 0004-Increase-the-given-latency-in-test.patch | Increase the given latency in test We have some slow architectures like mips to support. |
Shengjing Zhu <zhsj@debian.org> | no | 2019-02-25 | ||
| 0005-fix-TestCorruptedBackupFileCheck-on-big-endian.patch | fix TestCorruptedBackupFileCheck on big-endian | Shengjing Zhu <zhsj@debian.org> | no | 2023-01-04 | ||
| 0006-Skip-flaky-TestReadWriteTimeout.patch | Skip flaky TestReadWriteTimeout https://buildd.debian.org/status/fetch.php?pkg=etcd&arch=s390x&ver=3.4.23-3&stamp=1673262122&raw=0 RUN TestReadWriteTimeoutDialer timeout_dialer_test.go:60: err = <nil>, want write i/o timeout error RUN TestWriteReadTimeoutListener timeout_listener_test.go:85: err = <nil>, want write i/o timeout error |
Shengjing Zhu <zhsj@debian.org> | no | 2023-01-09 | ||
| 0007-skip-default-host-route-tests.patch | These tests fail for me locally, as well as in all the reproducible builds | Mathias Gibbens <gibmat@debian.org> | no | 2024-02-28 | ||
| 0008-skip-flaky-TestPageWriterRandom.patch | Skip a flaky test that failed on 3/10 buildds | Mathias Gibbens <gibmat@debian.org> | no | 2024-02-28 | ||
| 0009-upgrade-grpc-gateway-from-v1-to-v2.patch | upgrade grpc-gateway from v1 to v2 | Wei Fu <fuweid89@gmail.com> | no | 2023-09-13 | ||
| 0010-Import-generated-pw.gw-files-from-9431e3a95276f92268.patch | Import generated pw.gw files from 9431e3a95276f92268d8101bb93bb0fd5cc282f8 | Chun-Hung Tseng <henrybear327@gmail.com> | no | 2024-05-20 | ||
| 0011-remove-all-usage-of-v1-grpc-gateway.patch | remove all usage of v1 grpc-gateway | Benjamin Wang <wachao@vmware.com> | no | 2023-09-13 | ||
| 0012-grpc-middleware-fixes-1.patch | Cherry-pick some upstream changes to fix API breakage in updated grpc-middleware | Mathias Gibbens <gibmat@debian.org> | yes | 2024-08-01 | ||
| 0013-grpc-middleware-fixes-2.patch | In the interest of unblocking the grpc transition, for now rip out some use of old grpc-middleware from a test | Mathias Gibbens <gibmat@debian.org> | not-needed | 2024-08-01 | ||
| 0014-skip-salsa-failing-test.patch | Skip test that fails in salsa CI pipeline | Mathias Gibbens <gibmat@debian.org> | not-needed | 2024-08-01 | ||
| 0015-Disable-curl-related-tests.patch | Disable curl-related-tests These integration tests are suspected to be caused by Debian switching it's default curl implementation to gnutls |
Reinhard Tartler <siretart@tauware.de> | no | 2024-08-04 | ||
| 0016-Skip-test-TestEtcdExampleConfig.patch | Skip test TestEtcdExampleConfig This test seems to expect being called from the root of the directory, which is not how the debian test harness calls the tests |
Reinhard Tartler <siretart@tauware.de> | no | 2024-10-21 | ||
| 0017-tests-functional-Disable-some-tests.patch | tests/functional: Disable some tests - TestAuthority: run in wrong directory - TestMaxLearnerInCluster: timeout |
Reinhard Tartler <siretart@tauware.de> | no | 2024-10-21 | ||
| 0018-TestHashKVWhenCompacting-increase-timeout-10s-15s.patch | TestHashKVWhenCompacting: increase timeout 10s->15s This should help with autopkgtest on armel |
Reinhard Tartler <siretart@tauware.de> | no | 2024-11-01 | ||
| 0019-Fix-tests-compatibility-with-go-1.24.patch | Fix tests compatibility with go 1.24 This fixes the following test failure: === RUN TestLogRotation/invalid_logger_config config_test.go:440: test "invalid logger config", expected error: invalid log rotation config: json: cannot unmarshal bool into Go struct field logRotationConfig.maxsize of type int, got: invalid log rotation config: json: cannot unmarshal bool into Go struct field logRotationConfig.Logger.maxsize of type int It seems go 1.24 changed the error messages of the encoding/json package. Ideally the test would only assert the part of the message produced by etcd, but it is easier to simply not check it in Debian. This allows to make the test compatible with more go versions that just go 1.24. |
Nicolas Peugnet <nicolas@club1.fr> | no | 2025-03-04 | ||
| 0020-dependency-bump-github.com-olekukonko-tablewriter-fr.patch | dependency: bump github.com/olekukonko/tablewriter from 0.0.5 to 1.0.6 * Updates changes to version 1.0.x API to build tables. * Updates the bill of materials. Dependabot pull request: https://github.com/etcd-io/etcd/pull/19978 |
Ivan Valdes <ivan@vald.es> | no | 2025-05-21 | ||
| 0021-Fix-compilation-with-golang-1.25.2.patch | Fix compilation with golang 1.25.2 | Reinhard Tartler <siretart@tauware.de> | not-needed | 2025-10-12 | ||
| 0022-Support-prometheus-common-v0.66.0.patch | Support prometheus-common v0.66.0 | Daniel Swarbrick <dswarbrick@debian.org> | no | 2026-01-02 | ||
| 0023-Disable-leak-detection-when-running-test.patch | Disable leak detection when running test | Reinhard Tartler <siretart@tauware.de> | no | 2026-02-07 | ||
| 0024-Fix-FTBFS-with-OpenTelemetry-0.60.patch | Fix FTBFS with OpenTelemetry 0.60+ Migrate from deprecated and removed OpenTelemetry gRPC interceptors to the newer StatsHandler API. The old interceptor-based API was removed in recent OpenTelemetry Go instrumentation releases, causing build failures. Changes: - In server/etcdserver/api/v3rpc/grpc.go: Replace Unary/StreamServerInterceptor with StatsHandler using NewServerHandler. - In tests/integration/tracing_test.go: Update tests to use NewClientHandler via WithStatsHandler. |
Reinhard Tartler <siretart@tauware.de> | no | debian | vendor | 2026-05-30 |
| 0025-server-etcdserver-guard-unauthenticated-endpoints-wi.patch | server/etcdserver: guard unauthenticated endpoints with auth checks This patch fixes CVE-2026-33413 where several sensitive gRPC endpoints (Maintenance.Alarm, KV.Compact, Lease.LeaseGrant, Cluster.MemberList) were not correctly protected by RBAC, allowing unauthenticated or under-privileged users to bypass authorization. |
Wei Fu <fuweid89@gmail.com> | no | debian | backport, https://github.com/etcd-io/etcd/commit/f936af2c0b2ad01ba34c5ed7c1a416155fbd82f4 | 2026-03-10 |
| 0026-server-etcdserver-enforce-auth-checks-for-nested-txn.patch | server/etcdserver: enforce auth checks for nested txn ops This patch fixes CVE-2026-33343 where nested etcd transactions could bypass RBAC authorization checks. The fix ensures that all operations within nested transactions are recursively validated against the user's permissions. |
Wei Fu <fuweid89@gmail.com> | no | debian | backport, https://github.com/etcd-io/etcd/commit/9e43033616518520a81a4a7ca1294033cf1d85f5 | 2026-03-18 |
| 0027-server-etcdserver-fix-PrevKv-and-Lease-auth-bypass-i.patch | server/etcdserver: fix PrevKv and Lease auth bypass in Txn This patch fixes CVE-2026-44283 where users could bypass RBAC checks by using the 'PrevKv' feature or attaching leases within nested transactions. The fix introduces 'checkPutAuth' to consolidate authorization logic and ensures it is consistently applied to all 'Put' operations, including those inside transactions. |
Benjamin Wang <benjamin.ahrtr@gmail.com> | no | debian | backport, https://github.com/etcd-io/etcd/commit/e8ce1ae41f18a938d0d8ad85dbc034c489e468db | 2026-05-30 |
All known versions for source package 'etcd'
- 3.5.22-2 (experimental)
- 3.5.16-11 (sid)
- 3.5.16-10 (forky)
- 3.5.16-4 (trixie, trixie-backports)
- 3.4.23-4 (bookworm, bookworm-backports)