[Touch-packages] [Bug 831487] Re: Dependency on package unattended-upgrades on Ubuntu Server
The same problem exists on Ubuntu 14.04 LTS (Trusty). In this case, add- apt-repository is in package software-properties-common, which depends on python3-software-properties, which depends (needlessly) on unattended-upgrades. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/831487 Title: Dependency on package unattended-upgrades on Ubuntu Server Status in software-properties package in Ubuntu: Confirmed Bug description: The package, which includes the always-useful add-apt-repository, depends on package unattended-upgrades. This is not good on servers, as you may want to add PPAs with the convenience of add-apt-repository but still want to control everything that gets upgraded on the machine. Tested on both Ubuntu 10.04 LTS and 11.04. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/831487/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557248] [NEW] OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
Public bug reported: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you ** Affects: openldap (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: New Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1537762] Re: syncrepl does not work when using tls
Perhaps the issue is that your certificates have too short RSA keys. In GnuTLS SECURE256 requires at least 3072-bit public key. Unfortunately, this is not clearly documented. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1537762 Title: syncrepl does not work when using tls Status in openldap package in Ubuntu: Incomplete Bug description: syncrepl gives a "slap_client_connect: URI=ldap://ldaphost.domain.com Error, ldap_start_tls failed (-11)" error syncrepl was working perfectly until I upgraded libgnutls26 from version 2.12.14-5ubuntu3.10 to version 2.12.14-5ubuntu3.11 This new version of gnutls just seems to only have a simple fix for CVE-2015-7575 ldapsearch works perfectly happily with the new version of gnutls and our SSL certificate. My syncrepl config looks like this: syncreplrid=222 provider=ldap://ldaphost.domain.com starttls=critical type=refreshAndPersist retry=60,+ searchbase="dc=ccc,dc=sss,dc=aa,dc=uu" scope=sub schemachecking=off bindmethod=simple binddn="cn=uu,dc=ccc,dc=s,dc=aa,dc=uu" credentials= ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: slapd 2.4.28-1.1ubuntu4.6 ProcVersionSignature: Ubuntu 3.2.0-97.137-generic 3.2.73 Uname: Linux 3.2.0-97-generic x86_64 ApportVersion: 2.0.1-0ubuntu17.13 Architecture: amd64 Date: Mon Jan 25 13:33:26 2016 InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1) MarkForUpload: True SourcePackage: openldap UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.slapd: 2012-10-02T10:07:38 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1537762/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1547927] Re: LDAP_OPT_X_TLS_REQUIRE_CERT handling differences between ldaps:// and STARTTLS
A bug has been found in libldap code that interferes with the value of "require cert" option. It affects libldap built with GnuTLS, as is done in packages supplied by Ubuntu and Debian. The bug causes the value to be read from previously freed memory, often resulting in incorrect or random value being used. This bug has been fixed upstream by the OpenLDAP team, but the fix has not yet been backported to Ubuntu. Bug 1557248 https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248 The problem you describe may be caused by this bug, or by an unrelated problem. However, in any case Ubuntu libldap packages currently in wily and xenial do not handle "require cert" option correctly. With this in mind, may I ask that you vote for bug 1557248 in order for it to get noticed by Ubuntu maintainers. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1547927 Title: LDAP_OPT_X_TLS_REQUIRE_CERT handling differences between ldaps:// and STARTTLS Status in openldap package in Ubuntu: Confirmed Bug description: Tested with vivid and wily... also logged with openldap as http://www.openldap.org/its/index.cgi/Incoming?id=8374 The handling of the LDAP_OPT_X_TLS_REQUIRE_CERT option appears to be different between servers accessed via ldaps:// and ldap:// (plus STARTTLS) URIs. When accessing server with a self-signed certificate, the results are: ldaps:// neverOK hard Error: can't contact LDAP server demand Error: can't contact LDAP server allowOK try Error: can't contact LDAP server ldap:// plus explicit ldap_start_tls_s() neverOK hard OK demand OK allowOK try OK To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1547927/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
Patch created by OpenLDAP team applies cleanly to openldap 2.4.41+dfsg- 1ubuntu2 (wily). ** Patch added: "tls_g.patch" https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+attachment/4607004/+files/tls_g.patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: New Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
I created a PPA with patched deb packages, available at: https://launchpad.net/~maciej-puzio/+archive/ubuntu/openldap Currently it contains openldap-2.4.41 source package with the above patch applied, as well as binary debs built from it, for amd64 and i386. These packages are for Ubuntu 15.10 (wily), but I can make them for other Ubuntu releases, if you would like that. I briefly tested the amd64 libldap, ldap-utils and slapd packages, they installed fine and appear to work. I did not test any of the i386 debs. If you would like to install and test these packages, please run the following commands: sudo apt-add-repository ppa:maciej-puzio/openldap sudo apt-get update sudo apt-get upgrade Of course, please install them on a test machine, and not on the production server. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: Confirmed Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
** Tags added: patch-accepted-upstream -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: Confirmed Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
I have just found that Howard Chu of OpenLDAP team had already uploaded this patch to Launchpad VCS: http://bazaar.launchpad.net/~vcs-imports/openldap/master/revision/20757 Hopefully we will have the package released soon. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: Confirmed Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1547927] Re: LDAP_OPT_X_TLS_REQUIRE_CERT handling differences between ldaps:// and STARTTLS
I created a PPA with patched openldap packages for wily and xenial. If you would like to test them, there is more information in bug 1557248. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1547927 Title: LDAP_OPT_X_TLS_REQUIRE_CERT handling differences between ldaps:// and STARTTLS Status in openldap package in Ubuntu: Confirmed Bug description: Tested with vivid and wily... also logged with openldap as http://www.openldap.org/its/index.cgi/Incoming?id=8374 The handling of the LDAP_OPT_X_TLS_REQUIRE_CERT option appears to be different between servers accessed via ldaps:// and ldap:// (plus STARTTLS) URIs. When accessing server with a self-signed certificate, the results are: ldaps:// neverOK hard Error: can't contact LDAP server demand Error: can't contact LDAP server allowOK try Error: can't contact LDAP server ldap:// plus explicit ldap_start_tls_s() neverOK hard OK demand OK allowOK try OK To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1547927/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
I created patched openldap packages for xenial, available on the same PPA as above. I tested amd64 packages on xenial beta 2. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: Confirmed Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
I reported the bug to Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820244 ** Bug watch added: Debian Bug tracker #820244 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820244 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: Confirmed Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 525154] Re: mountall for /var or other nfs mount races with rpc.statd
For a similar bug affecting Ubuntu 14.04, please see bug #1371564 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mountall in Ubuntu. https://bugs.launchpad.net/bugs/525154 Title: mountall for /var or other nfs mount races with rpc.statd Status in mountall package in Ubuntu: Invalid Status in nfs-utils package in Ubuntu: Fix Released Status in portmap package in Ubuntu: Fix Released Status in mountall source package in Lucid: Invalid Status in nfs-utils source package in Lucid: Fix Released Status in portmap source package in Lucid: Fix Released Status in mountall source package in Maverick: Invalid Status in nfs-utils source package in Maverick: Fix Released Status in portmap source package in Maverick: Fix Released Status in mountall source package in Natty: Invalid Status in nfs-utils source package in Natty: Fix Released Status in portmap source package in Natty: Fix Released Bug description: If one has /var (or /var/lib or /var/lib/nfs for that matter) on its own filesystem the statd.conf start races with the mounting of /var as rpc.statd needs /var/lib/nfs to be available in order to work. I am sure this is not the only occurrence of this type of problem. A knee-jerk solution is to simply spin in statd.conf waiting for /var/lib/nfs to be available, but polling sucks, especially for something like upstart whose whole purpose is to be an event driven action manager. SRU justification: NFS mounts do not start reliably on boot in lucid and maverick (depending on the filesystem layout of the client system) due to race conditions in the startup of statd. This should be fixed so users of the latest LTS can make reliable use of NFS. Regression potential: Some systems may fail to mount NFS filesystems at boot time that didn't fail before. Some systems may hang at boot. Some systems may hang while upgrading the packages (this version or in a future SRU). I believe the natty update adequately guards against all of these possibilities, but the risk is there. TEST CASE: 1. Configure a system with /var as a separate partition. 2. Add one or more mounts of type 'nfs' to /etc/fstab. 3. Boot the system. 4. Verify whether statd has started (status statd) and whether all NFS filesystems have been mounted. 5. Repeat 3-4 until the race condition is triggered. 6. Upgrade to the new version of portmap and nfs-common from -proposed. 7. Repeat steps 3-4 until satisfied that statd now starts reliably and all non-gss-authenticated NFSv3 filesystems mount correctly at boot time. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/525154/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1846821] Re: Qt print dialog has wrong default page size
I can confirm that the patch fixes the problem, i.e. Qt print dialog now defaults to page size as set in System Settings Printers applet. To apply the fix, it was enough to add the PPA repository, upgrade libqt5printsupport5 package, and then close and reopen applications that were affected by the bug. Thank you very much for your work. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to qtbase-opensource-src in Ubuntu. https://bugs.launchpad.net/bugs/1846821 Title: Qt print dialog has wrong default page size Status in qtbase-opensource-src package in Ubuntu: Fix Released Status in qtbase-opensource-src source package in Bionic: New Bug description: Please backport Qt patch 213677 to qtbase-opensource-src https://codereview.qt-project.org/c/qt/qtbase/+/213677 In Qt5 applications, print dialog (Printer Properties) always defaults to A4 paper size, even when Letter is set as a default in all system and KDE preferences. After changing manually, Letter-size pages print correctly, but the setting does not stick. The issue also affects other print settings, e.g. margins, though the aforementioned patch does not deal with these. A similar issue regarding the duplex setting was reported as Launchpad bug 1776173, and subsequently fixed, but other print settings continue to cause problems. Behavior expected: Print dialog would default to Letter paper size, which is set in all available system and KDE preferences, and that was selected for previous prints. Behavior observed: Print dialog always defaults to A4, and page size needs to be changed manually before every print. Software versions: lsb_release: Ubuntu 18.04.3 LTS libqt5core5a: 5.9.5+dfsg-0ubuntu2.3 Kernel: 5.0.0-25-generic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1846821/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1846821] Re: Qt print dialog has wrong default page size
Łukasz, thank you very much for accepting the package into bionic- proposed. I confirm that the updated binary package libqt5printsupport5 fixes the problem. I also updated other libqt5* packages available in bionic-proposed, and did not notice any obvious regressions. However, I would like to voice my differing opinion on the importance of this bug. While this is perhaps not a high-impact bug in the meaning that it does not impact system stability or security, it is nonetheless one of the "infuriating little bugs" that significantly degrade user experience. For the user who does not remember to dig into prefs to change paper size before every print job, the bug results in the necessity of printing everything twice, as the first copy (A4 on Letter) has top and bottom lines clipped and missing, rendering the printout unusable. This bug, coupled with similar ones and the general instability of KDE desktop, makes Kubuntu 18.04 unsuitable as a desktop OS for everyday use, in my opinion. Because of that I am very grateful that this bug is getting fixed. ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to qtbase-opensource-src in Ubuntu. https://bugs.launchpad.net/bugs/1846821 Title: Qt print dialog has wrong default page size Status in qtbase-opensource-src package in Ubuntu: Fix Released Status in qtbase-opensource-src source package in Bionic: Fix Committed Bug description: Please backport Qt patch 213677 to qtbase-opensource-src https://codereview.qt-project.org/c/qt/qtbase/+/213677 [Impact] In Qt5 applications, print dialog (Printer Properties) always defaults to A4 paper size, even when Letter is set as a default in all system and KDE preferences. After changing manually, Letter-size pages print correctly, but the setting does not stick. This impacts users of Qt applications who print things and live in countries where ISO 216 is not default, most notably the United States. [Test Case] 1) Use system settings (KDE preferences, gnome-control-center or system-config-printer) to set the printer size to Letter. 2) Open any Qt application (e.g. KWrite or Falkon). 3) Open a print dialog. 4) Behavior expected: Print dialog would default to Letter paper size and not A4. [Regression Potential] Two possibilities for regressions that I can imagine are: - crashes because something is not defined; - wrong default paper size (A4 wanted but CUPS returns something else). [Additional Information] The issue also affects other print settings, e.g. margins, though the aforementioned patch does not deal with these. A similar issue regarding the duplex setting was reported as Launchpad bug 1776173, and subsequently fixed, but other print settings continue to cause problems. Software versions: lsb_release: Ubuntu 18.04.3 LTS libqt5core5a: 5.9.5+dfsg-0ubuntu2.3 Kernel: 5.0.0-25-generic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1846821/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1846821] [NEW] Qt print dialog has wrong default page size
Public bug reported: Please backport Qt patch 213677 to qtbase-opensource-src https://codereview.qt-project.org/c/qt/qtbase/+/213677 In Qt5 applications, print dialog (Printer Properties) always defaults to A4 paper size, even when Letter is set as a default in all system and KDE preferences. After changing manually, Letter-size pages print correctly, but the setting does not stick. The issue also affects other print settings, e.g. margins, though the aforementioned patch does not deal with these. A similar issue regarding the duplex setting was reported as Launchpad bug 1776173, and subsequently fixed, but other print settings continue to cause problems. Behavior expected: Print dialog would default to Letter paper size, which is set in all available system and KDE preferences, and that was selected for previous prints. Behavior observed: Print dialog always defaults to A4, and page size needs to be changed manually before every print. Software versions: lsb_release: Ubuntu 18.04.3 LTS libqt5core5a: 5.9.5+dfsg-0ubuntu2.3 Kernel: 5.0.0-25-generic ** Affects: qtbase-opensource-src (Ubuntu) Importance: Undecided Status: New ** Tags: bionic ** Summary changed: - Qt print dialog does not remember page size + Qt print dialog has wrong default page size -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to qtbase-opensource-src in Ubuntu. https://bugs.launchpad.net/bugs/1846821 Title: Qt print dialog has wrong default page size Status in qtbase-opensource-src package in Ubuntu: New Bug description: Please backport Qt patch 213677 to qtbase-opensource-src https://codereview.qt-project.org/c/qt/qtbase/+/213677 In Qt5 applications, print dialog (Printer Properties) always defaults to A4 paper size, even when Letter is set as a default in all system and KDE preferences. After changing manually, Letter-size pages print correctly, but the setting does not stick. The issue also affects other print settings, e.g. margins, though the aforementioned patch does not deal with these. A similar issue regarding the duplex setting was reported as Launchpad bug 1776173, and subsequently fixed, but other print settings continue to cause problems. Behavior expected: Print dialog would default to Letter paper size, which is set in all available system and KDE preferences, and that was selected for previous prints. Behavior observed: Print dialog always defaults to A4, and page size needs to be changed manually before every print. Software versions: lsb_release: Ubuntu 18.04.3 LTS libqt5core5a: 5.9.5+dfsg-0ubuntu2.3 Kernel: 5.0.0-25-generic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qtbase-opensource-src/+bug/1846821/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1588915] Re: ifup does not block for interface to be up with static addresses
I am also affected by this issue. In my case both network.target and network-online.target are reached too early, which results in sssd and autofs to start before network interfaces are up; autofs then fails to obtain mount maps and does not attempt to retry; it is necessary to restart autofs manually after network has started fully. Similarly as the bug reporter, I run Ubuntu 16.04 server, and I use static addresses only, configured in /etc/network/interfaces. The root cause is ifup exiting with success before network interfaces start operating. However, ifup behaved the same way in Ubuntu 14.04, and there it did not cause the problem. Apparently Upstart and its network- related units were able to deal with this issue correctly. In contrast, systemd configuration files packaged in ifupdown Xenial package are causing the "async" behavior of ifup to surface and create problems. During system boot there are two attempts to start physical network interfaces by ifup: in ifup@.service (one service per interface) and in networking.service. All these services start in parallel and call ifup in parallel, but ifup uses a lock to prevent its concurrent execution (per interface), effectively serializing ifup@.service(s) and networking.service. In my tests, ifup@ services always win this race. This actually works fine if all interfaces are configured successfully. If not, networking.service performs a second attempt after ifup@.service failed, which may be problematic (see below). Targets network.target and network-online.target are reached when networking.service finishes. This happens after interfaces are configured by ifup. Interfaces became operable significantly later. The problem may be worked around in a particular configuration in several ways: 1. We can make ifup wait for the interface to come up, for example by including a loop in post-up command in /etc/network/interfaces, checking /sys/class/net/$INTERFACE/operstate. This would require using some timeout, after which the command would fail, to deal with situations such as a disconnected cable. In such a case, the delay would be twice as long as the specified timeout, because that timeout will have to be reached in both ifup@.service and networking service. If we do not configure any virtual interfaces, we can deal with this by disabling networking.service. 2. We can modify ifup@.service to wait for the interface to come up, similarly as above. It will also be necessary to change the type of this service from "simple" to "oneshot", to make it wait for its ExecStart command before exiting. 3. We can also modify networking.service to wait in a similar manner. 4. We can introduce an additional service which will wait for all or some interfaces to come up, and will delay network.target and network- online.target until it is done. It would be advantageous to wait on all interfaces in parallel, and I am not sure if that would be easy to implement in one service. 5. An active waiting in a loop is obviously not the most beautiful solution, so perhaps a cleaner way could be found? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ifupdown in Ubuntu. https://bugs.launchpad.net/bugs/1588915 Title: ifup does not block for interface to be up with static addresses Status in ifupdown package in Ubuntu: Confirmed Bug description: Description:Ubuntu 16.04 LTS (server) Release:16.04 systemd: Installed: 229-4ubuntu6 Candidate: 229-4ubuntu6 Version table: *** 229-4ubuntu6 500 500 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 100 /var/lib/dpkg/status 229-4ubuntu4 500 500 http://us.archive.ubuntu.com/ubuntu xenial/main amd64 Packages This issue is more about systemd integration then an issue with systemd package itself. The general problem is the distinction between the network being configured and the network being up and what that means for services that depend on the network. upstream systemd has network.target (network is configured) and network-online.target (network is up), however xenial server (dunno about desktop) doesn't seem to use network-online.target. The result of which is, as soon as the network is configured both network.target and network-online.target are considered complete. At which point services dependent on either of those will get started. However this can lead to problems if the services in question are actually dependent on the network (ie dns lookups) when they are starting up. Here's an example of what I mean. If you install openntpd and add the -s option there is a race on boot if it will or wont be able to do the initial sync. Jun 02 16:58:02 xenial64 systemd[1]: Reached target Network. Jun 02 16:58:02 xenial64 systemd[1]: Starting OpenNTPd Network Time Protocol... Jun 02 16:58:02 xenial64 systemd[1]: Reached target Netwo
[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
Due to the nature of this bug (referencing previously freed memory leading to an undefined behavior), a reliable testing procedure is difficult to create. This bug was originally found by looking for a cause of syncrepl failures. The reproducibility of these failures was about 50%, enough to make syncrepl unusable, but syncrepl would persistently fail or persistently work correctly, sometimes for long stretches of testing iterations. While trying to set a test environment using virtual machines, I was unable to reproduce the syncrepl failures at all. Because of that, in my original bug report to OpenLDAP project, I did not describe steps to reproduce the problem, but instead provided a debugging patch that reliably demonstrated the use-after-free issue. This patch replaced the offending free with an assignment of a special value to the variable that was to be freed. The value of that variable was then examined in places where it was accessed. However, while this approach demonstrates the bug well, it requires a rebuild of the code, and cannot be used to test the fixed package. I would like to add that I went the "debug-it-yourself" route precisely because the symptoms were too unpredictable and too "mysterious" to hope for the usual bug report to succeed (by "usual bug report" I mean complaining about symptoms, listing steps to reproduce, etc). To sum up, I can list steps I took during my testing, but these will be of limited use when reproducibility is concerned. I can also provide the debug patch with explanations. Please advise on what would be the best course of action. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: Fix Committed Status in openldap source package in Wily: In Progress Status in openldap source package in Xenial: In Progress Status in openldap source package in Yakkety: Fix Committed Status in openldap package in Debian: New Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
Chris, thank you very much for preparing the packages for -proposed repos. I started testing of xenial-proposed version, but tests are not progressing quickly, due to issues that I described above. In addition I have run into another problem, likely unrelated to this bug, which is further obscuring the results. Because of that I need more time to come up with reliable results; I hope to be ready next week. Thanks for your patience. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: Fix Released Status in openldap source package in Wily: Fix Committed Status in openldap source package in Xenial: Fix Committed Status in openldap source package in Yakkety: Fix Released Status in openldap package in Debian: New Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557248] Re: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code
I can confirm that the following packages from xenial-proposed fix the bug: slapd 2.4.42+dfsg-2ubuntu3.1 libldap-2.4-2 2.4.42+dfsg-2ubuntu3.1 ldap-utils 2.4.42+dfsg-2ubuntu3.1 I did not test the packages in wily-proposed. Setting the test environment is not trivial, and I don't think it is worthwhile to make this effort for the release that goes out of support in two months, and has been already superseded by a LTS release. I apologize for a delay in replying to the verification request. This was caused by an unpleasant surprise encountered while testing the new packages. I attempted to recreate the test environment to mimic the setup in which I originally encountered this bug, but I did so slightly differently - and discovered another OpenLDAP bug that had basically the same symptoms. It was not immediately clear whether this situation was some unfixed edge case of the bug reported here, or if it was an entirely separate bug. Further analysis showed that it was the latter, the root cause is entirely different and similarities are coincidental. For reference, report for the new bug can be found at http://www.openldap.org/its/index.cgi?findid=8427 Testing methodology and environment: Tests were done with both fixed and unfixed versions of affected packages, i.e. 2.4.42+dfsg-2ubuntu3 and 2.4.42+dfsg-2ubuntu3.1. Note that symptoms of this bug are intermittent, and several iterations may be needed for them to surface. 1. Configure two LDAP servers in dual master replication setup using slapd.conf config file as shown below. 2. Provide the servers with TLS certificates that are correct but use 1024-bit public key. (Note: SECURE256 requires 4096-bit RSA key) 3. Set tls_reqcert to allow in slapd.conf. 4. Start slapd on both servers. 5. Stop and restart slapd on server A. 6. Server B will write errors to syslog: slapd: do_syncrep2: rid=001 (-1) Can't contact LDAP server slapd: do_syncrepl: rid=001 rc -1 retrying (9 retries left) Result when using fixed packages: After predefined time server B will retry replication, and we won't see any further error messages. Result when using unfixed packages: Server B produces the following messages in a loop: slapd: do_syncrepl: rid=001 rc -1 retrying (8 retries left) slapd: slap_client_connect: URI=ldaps://10.0.0.1 DN="cn=root,dc=test" ldap_sasl_bind_s failed (-1) The relevant parts of slapd.conf: (for server A at 10.0.0.1) loglevel1 serverID001 moduleload syncprov TLSCipherSuite SECURE256:-VERS-SSL3.0 TLSCACertificateFile/etc/ldap/ssl/ca.pem TLSCertificateFile /etc/ldap/ssl/srvA.pem TLSCertificateKeyFile /etc/ldap/ssl/srvA.key syncrepl rid=001 provider=ldaps://10.0.0.2 type=refreshAndPersist retry="30 10 300 +" searchbase="dc=test" attrs="*,+" bindmethod=simple binddn="cn=root,dc=test" credentials="plaintext-password" tls_reqcert=allow keepalive="240:5:10" mirrormode TRUE overlay syncprov syncprov-checkpoint 10 1440 ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1557248 Title: OpenLDAP: Backport a fix for use-after-free in GnuTLS-related code Status in openldap package in Ubuntu: Fix Released Status in openldap source package in Wily: Fix Committed Status in openldap source package in Xenial: Fix Committed Status in openldap source package in Yakkety: Fix Released Status in openldap package in Debian: New Bug description: May I ask that you backport an upstream patch that resolves the issue of use-after-free in libldap that interferes with syncrepl, causing failures and segfaults. OpenLDAP commit: 283f3ae1713df449cc170965b311b19157f7b7ea Link: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=283f3ae1713df449cc170965b311b19157f7b7ea Modifications to file: libraries/libldap/tls_g.c This problem affects openldap 2.4.41 (in Ubuntu wily), 2.4.42 (in Ubuntu xenial), as well as in 2.4.44 (current upstream stable version). More details are availble on OpenLDAP project bug tracker at: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8385 Thank you To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557248/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1585568] Re: slapd startup fails with "connections_destroy: nothing to destroy"
It appears that GnuTLS initialization is failing with an error, perhaps because there is something in your slapd configuration that newer version of GnuTLS (in xenial) does not like. Can you post your slapd config? Please redact it so that it does not contain any host names, IP addresses, user names, passwords or any other confidential information. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1585568 Title: slapd startup fails with "connections_destroy: nothing to destroy" Status in openldap package in Ubuntu: New Bug description: I just upgraded slapd from 2.4.42+dfsg-2ubuntu3 to 2.4.42+dfsg- 2ubuntu3.1, in xenial. Now slapd won't start. The attempt fails with "connections_destroy: nothing to destroy": # systemctl status slapd.service ● slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol) Loaded: loaded (/etc/init.d/slapd; bad; vendor preset: enabled) Active: failed (Result: exit-code) since Wed 2016-05-25 06:20:47 EDT; 14s ago Docs: man:systemd-sysv-generator(8) Process: 14417 ExecStart=/etc/init.d/slapd start (code=exited, status=1/FAILURE) May 25 06:20:47 helium slapd[14424]: @(#) $OpenLDAP: slapd (Ubuntu) (May 11 2016 16:12:05) $ buildd@lgw01-10:/build/openldap-mF7Kfq/openldap-2.4.42+dfsg/debian/build/servers/slap May 25 06:20:47 helium slapd[14424]: main: TLS init def ctx failed: -1 May 25 06:20:47 helium slapd[14424]: DIGEST-MD5 common mech free May 25 06:20:47 helium slapd[14424]: slapd stopped. May 25 06:20:47 helium slapd[14424]: connections_destroy: nothing to destroy. May 25 06:20:47 helium slapd[14417]:...fail! May 25 06:20:47 helium systemd[1]: slapd.service: Control process exited, code=exited status=1 May 25 06:20:47 helium systemd[1]: Failed to start LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol). May 25 06:20:47 helium systemd[1]: slapd.service: Unit entered failed state. May 25 06:20:47 helium systemd[1]: slapd.service: Failed with result 'exit-code'. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: slapd 2.4.42+dfsg-2ubuntu3.1 ProcVersionSignature: Ubuntu 4.4.0-22.40-generic 4.4.8 Uname: Linux 4.4.0-22-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia ApportVersion: 2.20.1-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Wed May 25 06:17:19 2016 InstallationDate: Installed on 2015-05-01 (390 days ago) InstallationMedia: Ubuntu 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1) SourcePackage: openldap UpgradeStatus: Upgraded to xenial on 2016-04-29 (26 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1585568/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
