Description of problem: Package libkrun fails to build from source in Fedora Rawhide. Version-Release number of selected component (if applicable): 1.5.0-5.fc39 Steps to Reproduce: koji build --scratch f40 libkrun-1.5.0-5.fc39.src.rpm Additional info: This package is tracked by Koschei. See: https://koschei.fedoraproject.org/package/libkrun === This is happening be cause the v1.2.0 release of the "sev" crate unintentionally pushed breaking changes. I have reported this upstream, since it affects at least two packages in Fedora (rust-sevctl and libkrun): https://github.com/virtee/sev/issues/93 I included options for how to resolve this issue, but upstream has, so far, been unresponsive. If you know a better way to reach out to the upstream developers, please notify them that this is causing problems for us: I wanted to rebuild libkrun to address CVE-2023-41051 in the vm-memory crate, but this issue is preventing builds. c.f. https://bugzilla.redhat.com/show_bug.cgi?id=2236894 Reproducible: Always
Apologies for the delay. I've submitted a fix upstream. We could then package it and (re-)release for f39. https://github.com/containers/libkrun/pull/148
This issue has now also prevented me from rebuilding libkrun to address the RUSTSEC-2023-0044 and RUSTSEC-2023-0072 advisories.
Upstream has de-vendorized kbs-types, so we need to package it first. Working on it now.
With the packages updated to 1.7.2-1, this has been fixed in rawhide, f39 and f38.