[Touch-packages] [Bug 1404648] Re: security issues in ntp
http://www.ubuntu.com/usn/usn-2449-1/ ** Changed in: ntp (Ubuntu Lucid) Status: In Progress = Fix Released ** Changed in: ntp (Ubuntu Precise) Status: In Progress = Fix Released ** Changed in: ntp (Ubuntu Trusty) Status: In Progress = Fix Released ** Changed in: ntp (Ubuntu Utopic) Status: In Progress = Fix Released ** Changed in: ntp (Ubuntu) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1404648 Title: security issues in ntp Status in ntp package in Ubuntu: Fix Released Status in ntp source package in Lucid: Fix Released Status in ntp source package in Precise: Fix Released Status in ntp source package in Trusty: Fix Released Status in ntp source package in Utopic: Fix Released Bug description: http://support.ntp.org/bin/view/Main/SecurityNotice lists 4 issues: Buffer overflow in crypto_recv() References: Sec 2667 / CVE-2014-9295 / VU#852879 CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5 Versions: All releases before 4.2.8 Date Resolved: Stable (4.2.8) 18 Dec 2014 Buffer overflow in ctl_putdata() References: Sec 2668 / CVE-2014-9295 / VU#852879 Versions: All NTP4 releases before 4.2.8 CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5 Date Resolved: Stable (4.2.8) 18 Dec 2014 Buffer overflow in configure() References: Sec 2669 / CVE-2014-9295 / VU#852879 Versions: All NTP4 releases before 4.2.8 CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5 Date Resolved: Stable (4.2.8) 18 Dec 2014 receive(): missing return on error References: Sec 2670 / CVE-2014-9296 / VU#852879 Versions: All NTP4 releases before 4.2.8 CVSS: (AV:N/AC:L/Au:N/C:N/I:N/A:P) Base Score: 5.0 Date Resolved: Stable (4.2.8) 18 Dec 2014 ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: ntp 1:4.2.6.p5+dfsg-3ubuntu2 ProcVersionSignature: Ubuntu 3.13.0-39.66-lowlatency 3.13.11.8 Uname: Linux 3.13.0-39-lowlatency x86_64 ApportVersion: 2.14.1-0ubuntu3.6 Architecture: amd64 Date: Sun Dec 21 13:24:35 2014 InstallationDate: Installed on 2012-08-23 (849 days ago) InstallationMedia: Ubuntu-Server 12.04 LTS Precise Pangolin - Release amd64 (20120424.1) KernLog: SourcePackage: ntp UpgradeStatus: Upgraded to trusty on 2014-03-02 (293 days ago) modified.conffile..etc.ntp.conf: [modified] mtime.conffile..etc.ntp.conf: 2014-06-02T17:06:11.921841 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1404648/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1356843] Re: ccs received early errors after openssl security update
There also is an issue with the openssl package in Lucid, which was worked around with the postfix fix. Adding openssl to this bug since it's better if we fix both. ** Also affects: openssl (Ubuntu) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: postfix (Ubuntu Lucid) Importance: Undecided Status: New ** Changed in: openssl (Ubuntu Precise) Status: New = Invalid ** Changed in: openssl (Ubuntu) Status: New = Invalid ** Changed in: openssl (Ubuntu Lucid) Status: New = Confirmed ** Changed in: openssl (Ubuntu Lucid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: postfix (Ubuntu Lucid) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1356843 Title: ccs received early errors after openssl security update Status in “openssl” package in Ubuntu: Invalid Status in “postfix” package in Ubuntu: Fix Released Status in “openssl” source package in Lucid: Confirmed Status in “postfix” source package in Lucid: Invalid Status in “openssl” source package in Precise: Invalid Status in “postfix” source package in Precise: Fix Released Bug description: SRU request: [Impact] The CVE-2014-0224 update for openssl will now reject CCS messages when they are received before encryption is negotiated. This has caused an issue for certain sites attempting to send mail to Ubuntu 12.04 servers running postfix. It turns out there is an incompatibility between postfix in Ubuntu 12.04 and openssl in 12.04 that mishandles session ids. This was fixed in Postfix 2.10.2, and the minimal fix is included in this debdiff. [Test Case] Server A = Ubuntu 10.04 with postfix configured to forward mail, ie: relayhost = server b's FQDN smtp_tls_security_level = encrypt Server B = Ubuntu 12.04 with postfix configured to receive mail with forced tls: smtpd_tls_security_level = encrypt Send more than one mail from Server A to Server B, and see if the following error appears in mail.log: warning: TLS library problem: 31807:error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early:s3_pkt.c:1146: [Regression potential] This patch disables TLS session tickets, which is what later postfix versions do. If this introduces a regression, it may cause TLS to ether fail completely, or to break when resuming sessions. Original description: Postfix is causing a TLS error, when relaying mails with TLS encryption: warning: TLS library problem: 31807:error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early:s3_pkt.c:1146: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1356843/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1354903] Re: Apparmor crashes when I create a new profile, with traceback
** Changed in: apparmor (Ubuntu) Status: New = Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1354903 Title: Apparmor crashes when I create a new profile, with traceback Status in “apparmor” package in Ubuntu: Incomplete Bug description: I created a new profile in order to protect Thunderbird with apparmor to after the creation crashed with a traceback. root@Host:/etc/apparmor.d# aa-genprof thunderbird Writing updated profile for /usr/lib/thunderbird/thunderbird.sh. Setting /usr/lib/thunderbird/thunderbird.sh to complain mode. Before you begin, you may wish to check if a profile already exists for the application you wish to confine. See the following wiki page for more information: http://wiki.apparmor.net/index.php/Profiles Please start the application to be profiled in another window and exercise its functionality now. Once completed, select the Scan option below in order to scan the system logs for AppArmor events. For each AppArmor event, you will be given the opportunity to choose whether the access should be allowed or denied. Profiling: /usr/lib/thunderbird/thunderbird.sh [(S)can system log for AppArmor events] / (F)inish Reading log entries from /var/log/syslog. Updating AppArmor profiles in /etc/apparmor.d. Traceback (most recent call last): File /usr/sbin/aa-genprof, line 150, in module lp_ret = apparmor.do_logprof_pass(logmark, passno) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2246, in do_logprof_pass read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2564, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2590, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2700, in parse_profile_data filelist[file]['profiles'][profile][hat] = True TypeError: 'bool' object does not support item assignment ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: apparmor 2.8.95~2430-0ubuntu5 ProcVersionSignature: Ubuntu 3.13.0-32.57-generic 3.13.11.4 Uname: Linux 3.13.0-32-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.3 Architecture: amd64 Date: Sun Aug 10 19:13:19 2014 InstallationDate: Installed on 2014-08-10 (0 days ago) InstallationMedia: Xubuntu 14.04.1 LTS Trusty Tahr - Release amd64 (20140723) ProcEnviron: LANGUAGE=de_CH:de TERM=xterm PATH=(custom, no user) LANG=de_CH.UTF-8 SHELL=/bin/bash ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-3.13.0-32-generic root=UUID=6b17645b-9b01-4a8f-99a4-7d2e21efb8af ro quiet splash vt.handoff=7 SourcePackage: apparmor UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1354903/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1334618] Re: Fullscreen apps are displayed on the lock screen for some time after suspend
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1334618 Title: Fullscreen apps are displayed on the lock screen for some time after suspend Status in Unity: New Status in “unity” package in Ubuntu: New Bug description: The bug appears on low perfomance hardware (netbooks) Steps to reproduce: 1)Open in Evinve some file on netbook. 2)Go to fullscreen mode (F11) 3)Close the lid of your netbook (or if you are trsting on the desktop press Alt+F10 and navigate by arrow to Suspend button 4)Press suspend and wake up the device 5) So the bug: for 2 or three seconds after waking up The pdf will be displayed on your netbook instead of Unity-greeter. Than unity greeter will ask you your password It is unsecure, because somebody my see your content, while you are just opened the lid To manage notifications about this bug go to: https://bugs.launchpad.net/unity/+bug/1334618/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1243506] Re: unity no lens, search no dash
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally, in the report please include: 1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System - About Ubuntu. 2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by checking in Synaptic. 3) What happened and what you expected to happen. The Ubuntu community has also created debugging procedures for a wide variety of packages at https://wiki.ubuntu.com/DebuggingProcedures . Following the debugging instructions for the affected package will make your bug report much more complete. Thanks! ** Information type changed from Private Security to Public ** Changed in: unity Status: New = Invalid ** Changed in: unity (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1243506 Title: unity no lens, search no dash Status in Unity: Invalid Status in “unity” package in Ubuntu: Invalid Bug description: No search in Dash, No lens in the Dash! Вообще в Даше всё пусто, ни чего ни найти в нём! To manage notifications about this bug go to: https://bugs.launchpad.net/unity/+bug/1243506/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1192789] Re: search disrupting unity lens research
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally, in the report please include: 1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System - About Ubuntu. 2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by checking in Synaptic. 3) What happened and what you expected to happen. The Ubuntu community has also created debugging procedures for a wide variety of packages at https://wiki.ubuntu.com/DebuggingProcedures . Following the debugging instructions for the affected package will make your bug report much more complete. Thanks! ** Information type changed from Private Security to Public ** Changed in: unity Status: New = Invalid ** Changed in: unity (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1192789 Title: search disrupting unity lens research Status in Unity: Invalid Status in “unity” package in Ubuntu: Invalid Bug description: unity 8 search disrupting unity lens research, several surveys do not work properly, levels of errors are still visible, latches to FIND things simple conflict of languages. To manage notifications about this bug go to: https://bugs.launchpad.net/unity/+bug/1192789/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1358762] Re: Included gzip 1.2.4 has several vulnerabilities
** Information type changed from Private Security to Public Security ** Changed in: klibc (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to klibc in Ubuntu. https://bugs.launchpad.net/bugs/1358762 Title: Included gzip 1.2.4 has several vulnerabilities Status in “klibc” package in Ubuntu: Confirmed Bug description: The included gzip version is quite old (version 1.2.4) and has several security vulnerabilities. Check http://web.nvd.nist.gov/view/vuln/search- results?adv_search=truecves=oncpe_version=cpe:/a:gnu:gzip:1.2.4 for example. I explicitly checked for CVE-2001-1228, which was not fixed by a patch in the klibc package, so I assume the other vulnerabilities are not fixed either. I think it would be a good idea to update the included gzip to a current version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/klibc/+bug/1358762/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1225096] Re: sshd_config ForceCommand option is not enforced due to SSH_SOURCE_BASHRC option in bash
** Bug watch added: Debian Bug tracker #702559 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702559 ** Also affects: bash (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702559 Importance: Unknown Status: Unknown ** Information type changed from Private Security to Public ** Changed in: bash (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1225096 Title: sshd_config ForceCommand option is not enforced due to SSH_SOURCE_BASHRC option in bash Status in “bash” package in Ubuntu: Confirmed Status in “bash” package in Debian: Unknown Bug description: The sshd_config ForceCommand directive is intended to cause that command, and only that command, to run when affected users log in. sshd invokes the command by running shell -c cmd, where shell is the user's shell and cmd is the command specified by ForceCommand. The most common user shell is bash. The bash manual page clearly specifies that the -c argument causes that invocation to be a non- interactive shell, and specifies that non-interactive shells do not run ~/.bashrc. However, Ubuntu (at least on Precise, and presumably elsewhere) compiles bash with the SSH_SOURCE_BASHRC option set. In bash's run_startup_files() function in shell.c, when SSH_SOURCE_BASHRC is defined, a top-level shell run under sshd runs ~/.bashrc, even for non-interactive shells. When the shell runs ~/.bashrc, a user that controls their own .bashrc file can execute any command they want (as themselves). This is a security bug, largely because it is both undocumented in the Ubuntu Bash man page as the default setting, and because there is no way around it while still using bash as a user shell. An administrator who sets ForceCommand wants only that command to be able to run. By allowing bash to run ~/.bashrc, that intention is subverted. As a concrete example, consider an ISP/hosting company that runs a web application under an LXC container, and wants to allow shell commands to run inside a container---and uses ForceCommand to impose the container on commands run via ssh. If the user has a persistent home directory, either the web app or a contained shell command can edit the .bashrc, and on the next ssh login, the .bashrc file will run its commands outside of the container, subverting the limitations imposed by ForceCommand. The bare minimum fix is for Ubuntu to change the bash man page to at least document this behavior, since it directly contradicts the current man page and can only be discovered by reading source code. A better solution would be to allow an administrator to disable the unexpected functionality, perhaps by offering a different bash package with the compile-time option turned off (and also document this in the man page). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1225096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1349387] Re: server settings are inaccessible
** No longer affects: system-config-printer (Ubuntu) ** Also affects: cups (Ubuntu Utopic) Importance: Undecided Status: Confirmed ** Also affects: cups (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: cups (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: cups (Ubuntu Precise) Importance: Undecided Status: New ** Changed in: cups (Ubuntu Lucid) Status: New = Confirmed ** Changed in: cups (Ubuntu Precise) Status: New = Confirmed ** Changed in: cups (Ubuntu Trusty) Status: New = Confirmed ** Changed in: cups (Ubuntu Lucid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: cups (Ubuntu Precise) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: cups (Ubuntu Trusty) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: cups (Ubuntu Utopic) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cups in Ubuntu. https://bugs.launchpad.net/bugs/1349387 Title: server settings are inaccessible Status in “cups” package in Ubuntu: Confirmed Status in “cups” source package in Lucid: Confirmed Status in “cups” source package in Precise: Confirmed Status in “cups” source package in Trusty: Confirmed Status in “cups” source package in Utopic: Confirmed Bug description: When trying to access server settings via gnome gui in trusty I get a cups server error: There was an HTTP error: Not found. Adding/removing printers with the gui works fine. The server settings are accessible via a web browser and the web interface. system-config-printer --debug (when calling the settings menu entry): Connected as user kiran Authentication pass: 1 Authentication: password callback set PolicyKit call to FileGet did not work: dbus.String(u'Not Found') Authentication pass: 2 Forbidden: False Authentication: Try as root Connected as user root Authentication pass: 3 Forbidden: False Authentication: giving up cups access.log: localhost - - [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 401 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - - [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 401 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - cups error.log: D [28/Jul/2014:13:41:22 +0200] [Client 15] Accepted from localhost (Domain) D [28/Jul/2014:13:41:22 +0200] [Client 15] Waiting for request. D [28/Jul/2014:13:41:22 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:22 +0200] [Client 16] Accepted from localhost (Domain) D [28/Jul/2014:13:41:22 +0200] [Client 16] Waiting for request. D [28/Jul/2014:13:41:22 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] GET /admin/conf/cupsd.conf HTTP/1.1 D [28/Jul/2014:13:41:23 +0200] cupsdSetBusyState: newbusy=Active clients, busy=Not busy D [28/Jul/2014:13:41:23 +0200] [Client 16] No authentication data provided. D [28/Jul/2014:13:41:23 +0200] cupsdIsAuthorized: username= D [28/Jul/2014:13:41:23 +0200] [Client 16] WWW-Authenticate: Basic realm=CUPS, trc=y D [28/Jul/2014:13:41:23 +0200] [Client 16] Closing connection. D [28/Jul/2014:13:41:23 +0200] cupsdSetBusyState: newbusy=Not busy, busy=Active clients D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] Accepted from localhost (Domain) D [28/Jul/2014:13:41:23 +0200] [Client 16] Waiting for request. D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] HTTP_STATE_WAITING Closing on EOF D [28/Jul/2014:13:41:23 +0200] [Client 16] Closing connection. D [28/Jul/2014:13:41:23 +0200] cupsdSetBusyState: newbusy=Not busy, busy=Not busy D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] Accepted from localhost (Domain) D [28/Jul/2014:13:41:23 +0200] [Client 16] Waiting for request. D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] HTTP_STATE_WAITING Closing on EOF D [28/Jul/2014:13:41:23 +0200] [Client 16] Closing connection. D [28/Jul/2014:13:41:23 +0200] cupsdSetBusyState: newbusy=Not busy
[Touch-packages] [Bug 1349387] Re: server settings are inaccessible
** Changed in: cups (Ubuntu Utopic) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cups in Ubuntu. https://bugs.launchpad.net/bugs/1349387 Title: server settings are inaccessible Status in “cups” package in Ubuntu: Fix Released Status in “cups” source package in Lucid: Confirmed Status in “cups” source package in Precise: Confirmed Status in “cups” source package in Trusty: Confirmed Status in “cups” source package in Utopic: Fix Released Bug description: When trying to access server settings via gnome gui in trusty I get a cups server error: There was an HTTP error: Not found. Adding/removing printers with the gui works fine. The server settings are accessible via a web browser and the web interface. system-config-printer --debug (when calling the settings menu entry): Connected as user kiran Authentication pass: 1 Authentication: password callback set PolicyKit call to FileGet did not work: dbus.String(u'Not Found') Authentication pass: 2 Forbidden: False Authentication: Try as root Connected as user root Authentication pass: 3 Forbidden: False Authentication: giving up cups access.log: localhost - - [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 401 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - - [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 401 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - localhost - root [28/Jul/2014:13:40:42 +0200] GET /admin/conf/cupsd.conf HTTP/1.1 404 0 - - cups error.log: D [28/Jul/2014:13:41:22 +0200] [Client 15] Accepted from localhost (Domain) D [28/Jul/2014:13:41:22 +0200] [Client 15] Waiting for request. D [28/Jul/2014:13:41:22 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:22 +0200] [Client 16] Accepted from localhost (Domain) D [28/Jul/2014:13:41:22 +0200] [Client 16] Waiting for request. D [28/Jul/2014:13:41:22 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] GET /admin/conf/cupsd.conf HTTP/1.1 D [28/Jul/2014:13:41:23 +0200] cupsdSetBusyState: newbusy=Active clients, busy=Not busy D [28/Jul/2014:13:41:23 +0200] [Client 16] No authentication data provided. D [28/Jul/2014:13:41:23 +0200] cupsdIsAuthorized: username= D [28/Jul/2014:13:41:23 +0200] [Client 16] WWW-Authenticate: Basic realm=CUPS, trc=y D [28/Jul/2014:13:41:23 +0200] [Client 16] Closing connection. D [28/Jul/2014:13:41:23 +0200] cupsdSetBusyState: newbusy=Not busy, busy=Active clients D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] Accepted from localhost (Domain) D [28/Jul/2014:13:41:23 +0200] [Client 16] Waiting for request. D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] HTTP_STATE_WAITING Closing on EOF D [28/Jul/2014:13:41:23 +0200] [Client 16] Closing connection. D [28/Jul/2014:13:41:23 +0200] cupsdSetBusyState: newbusy=Not busy, busy=Not busy D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] Accepted from localhost (Domain) D [28/Jul/2014:13:41:23 +0200] [Client 16] Waiting for request. D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] HTTP_STATE_WAITING Closing on EOF D [28/Jul/2014:13:41:23 +0200] [Client 16] Closing connection. D [28/Jul/2014:13:41:23 +0200] cupsdSetBusyState: newbusy=Not busy, busy=Not busy D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] Accepted from localhost (Domain) D [28/Jul/2014:13:41:23 +0200] [Client 16] Waiting for request. D [28/Jul/2014:13:41:23 +0200] cupsd is not idle any more, canceling shutdown. D [28/Jul/2014:13:41:23 +0200] [Client 16] GET /admin/conf/cupsd.conf HTTP/1.1 D [28/Jul/2014:13:41:23 +0200] cupsdSetBusyState: newbusy=Active clients, busy=Not busy D [28/Jul/2014:13:41:23 +0200] [Client 16] Authorized as root using PeerCred D [28/Jul/2014:13:41:23 +0200] cupsdIsAuthorized: username=root I [28/Jul/2014:13:41:23 +0200] [Client 16] Files/directories such as /etc/cups/cupsd.conf must be world-readable. D [28/Jul/2014:13:41:23 +0200] [Client 16] Closing because Keep-Alive disabled D [28/Jul/2014:13:41:23 +0200] [Client 16] Closing
[Touch-packages] [Bug 1329274] Re: apt-get source fails to warn on unauthenticated packages
@ Forest Bond: Please file a new bug, this bug is closed. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1329274 Title: apt-get source fails to warn on unauthenticated packages Status in APT: Fix Released Status in “apt” package in Ubuntu: Fix Released Status in “apt” source package in Lucid: Fix Released Status in “apt” source package in Precise: Fix Released Status in “apt” source package in Saucy: Fix Released Status in “apt” source package in Trusty: Fix Released Status in “apt” source package in Utopic: Fix Released Bug description: apt-get source foo will not warn if the repository that foo belongs to has no signature attached. It should fails in this case - this is CVE-2014-0478 To manage notifications about this bug go to: https://bugs.launchpad.net/apt/+bug/1329274/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1396205] Re: Lock screen can be bypassed using a large monitor
** Information type changed from Private Security to Public Security ** Package changed: unity (Ubuntu) = gnome-screensaver (Ubuntu) ** Changed in: gnome-screensaver (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1396205 Title: Lock screen can be bypassed using a large monitor Status in “gnome-screensaver” package in Ubuntu: Confirmed Bug description: $ lsb_release -rd Description: Ubuntu 12.04.5 LTS Release: 12.04 I've managed to reproduce an error that lets me interact with applications while the lock screen is active. Here are the steps to reproduce, as specifically as I've been able to tell: 1. I have my Dell XPS laptop attached to a Benq desktop monitor via the laptop's mini DVI port. The laptop is closed, the screen is unlocked, and the desktop monitor shows my Ubuntu desktop and apps. 2. Unplug the display cable from the laptop and open the laptop up. Wait a couple of seconds for the monitor to report no input device. The screen should still be unlocked and the laptop screen should show the OS desktop. 3. Plug the display cable back in, and immediately close the laptop. 4. Observe that moving the mouse (Evoluent vertical mouse attached to an Apple keyboard, plugged into the laptop via USB) does not bring up the login dialog. The desktop monitor remains blank. 5. Open the laptop lid slightly, and as soon as the screen blacks out, close it again. The desktop monitor should remain blank. 6. Move the mouse. This time, the lock screen login dialog appears on the desktop monitor, but it does not cover the whole desktop. I am able to interact with a web browser running behind the lock screen, read pages, click links, etc. It seems like the lock screen is drawn for my laptop's small screen, and then not enlarged for the bigger monitor, leaving apps visible and accepting mouse input. See the attached image for an example. I can repro this bug every time by following the above instructions. ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: unity 5.20.0-0ubuntu3 ProcVersionSignature: Ubuntu 3.13.0-40.69~precise1-generic 3.13.11.10 Uname: Linux 3.13.0-40-generic x86_64 ApportVersion: 2.0.1-0ubuntu17.8 Architecture: amd64 CompizPlugins: [core,composite,opengl,compiztoolbox,decor,vpswitch,move,snap,place,session,gnomecompat,mousepoll,regex,resize,imgpng,grid,unitymtgrabhandles,animation,workarounds,wall,fade,scale,expo,ezoom,unityshell] Date: Tue Nov 25 14:53:21 2014 EcryptfsInUse: Yes InstallationMedia: Ubuntu 12.04.3 LTS Precise Pangolin - Release amd64 (20130820.1) MarkForUpload: True ProcEnviron: LANGUAGE=en_GB:en TERM=xterm-256color PATH=(custom, no user) LANG=en_GB.UTF-8 SHELL=/bin/bash SourcePackage: unity UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1396205/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1396270] Re: specifying AppArmorProfile doesn't result in processes launched under the named profile
systemd in vivid isn't compiled with apparmor support: AppArmor:no -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1396270 Title: specifying AppArmorProfile doesn't result in processes launched under the named profile Status in “systemd” package in Ubuntu: New Bug description: Steps to reproduce 1. grab attached tarball and unpack in /tmp: tar -zxvf /tmp/test.tar.gz 2. cd /tmp/test 3. Load the apparmor profile: sudo apparmor_parser -r ./apparmor.profile 4. verify you see 'test-service' profile is loaded via 'sudo aa-status'. Eg: $ sudo aa-status apparmor module is loaded. 6 profiles are loaded. 6 profiles are in enforce mode. ... test-service ... 5. enable the systemd service file: $ cat ./test.service [Unit] Description=test webserver [Service] Environment=PYTHONDONTWRITEBYTECODE=1 ExecStart=/tmp/test/bin/webserver Restart=on-failure WorkingDirectory=/tmp/test/www AppArmorProfile=test-service [Install] WantedBy=multi-user.target $ sudo cp ./test.service /etc/systemd/system/ $ sudo systemctl enable test.service 6. start the service $ sudo systemctl start test.service $ sudo systemctl --no-pager status test.service ● test.service - test webserver Loaded: loaded (/etc/systemd/system/test.service; enabled) Active: active (running) since Tue 2014-11-25 17:33:51 UTC; 4min 8s ago Main PID: 1246 (webserver) CGroup: /system.slice/test.service └─1246 /usr/bin/python3 /tmp/test/bin/webserver Nov 25 17:33:51 localhost.localdomain systemd[1]: Started test webserver. 7. verify that the service is confined (use Main PID from the last step. You can also use aa-status): $ ps -Z 1246 LABEL PID TTY STAT TIME COMMAND unconfined 1246 ?Ss 0:00 /usr/bin/python3 /tmp/test/bin/webserver Because the service file uses 'AppArmorProfile=test-service' and the 'test-service' profile is already loaded into the kernel, I would expect /tmp/test/bin/webserver to be running under the 'test-service' label, not 'unconfined'. Note: you can manually start the webserver under apparmor using aa-exec. Eg: $ sudo aa-exec -p test-service /tmp/test/bin/webserver To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1396270/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1396270] Re: specifying AppArmorProfile doesn't result in processes launched under the named profile
Here is a debdiff to turn on AppArmor support, which appears to have solved the issue. ** Patch added: systemd_215-6ubuntu2.debdiff https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1396270/+attachment/4268304/+files/systemd_215-6ubuntu2.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1396270 Title: specifying AppArmorProfile doesn't result in processes launched under the named profile Status in “systemd” package in Ubuntu: New Bug description: Steps to reproduce 1. grab attached tarball and unpack in /tmp: tar -zxvf /tmp/test.tar.gz 2. cd /tmp/test 3. Load the apparmor profile: sudo apparmor_parser -r ./apparmor.profile 4. verify you see 'test-service' profile is loaded via 'sudo aa-status'. Eg: $ sudo aa-status apparmor module is loaded. 6 profiles are loaded. 6 profiles are in enforce mode. ... test-service ... 5. enable the systemd service file: $ cat ./test.service [Unit] Description=test webserver [Service] Environment=PYTHONDONTWRITEBYTECODE=1 ExecStart=/tmp/test/bin/webserver Restart=on-failure WorkingDirectory=/tmp/test/www AppArmorProfile=test-service [Install] WantedBy=multi-user.target $ sudo cp ./test.service /etc/systemd/system/ $ sudo systemctl enable test.service 6. start the service $ sudo systemctl start test.service $ sudo systemctl --no-pager status test.service ● test.service - test webserver Loaded: loaded (/etc/systemd/system/test.service; enabled) Active: active (running) since Tue 2014-11-25 17:33:51 UTC; 4min 8s ago Main PID: 1246 (webserver) CGroup: /system.slice/test.service └─1246 /usr/bin/python3 /tmp/test/bin/webserver Nov 25 17:33:51 localhost.localdomain systemd[1]: Started test webserver. 7. verify that the service is confined (use Main PID from the last step. You can also use aa-status): $ ps -Z 1246 LABEL PID TTY STAT TIME COMMAND unconfined 1246 ?Ss 0:00 /usr/bin/python3 /tmp/test/bin/webserver Because the service file uses 'AppArmorProfile=test-service' and the 'test-service' profile is already loaded into the kernel, I would expect /tmp/test/bin/webserver to be running under the 'test-service' label, not 'unconfined'. Note: you can manually start the webserver under apparmor using aa-exec. Eg: $ sudo aa-exec -p test-service /tmp/test/bin/webserver To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1396270/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1396471] Re: glibc vulnerability CVE-2014-7817
** Also affects: eglibc (Ubuntu Vivid) Importance: Undecided Status: Confirmed ** Also affects: eglibc (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: eglibc (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: eglibc (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: eglibc (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: glibc (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to eglibc in Ubuntu. https://bugs.launchpad.net/bugs/1396471 Title: glibc vulnerability CVE-2014-7817 Status in eglibc package in Ubuntu: Confirmed Status in glibc package in Ubuntu: New Status in eglibc source package in Lucid: New Status in glibc source package in Lucid: New Status in eglibc source package in Precise: New Status in glibc source package in Precise: New Status in eglibc source package in Trusty: New Status in glibc source package in Trusty: New Status in eglibc source package in Utopic: New Status in glibc source package in Utopic: New Status in eglibc source package in Vivid: Confirmed Status in glibc source package in Vivid: New Bug description: http://www.cvedetails.com/cve-details.php?t=1cve_id=CVE-2014-7817 https://security-tracker.debian.org/tracker/CVE-2014-7817 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1396471/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1396471] Re: glibc vulnerability CVE-2014-7817
** Changed in: eglibc (Ubuntu Lucid) Importance: Undecided = Medium ** Changed in: eglibc (Ubuntu Lucid) Status: New = Confirmed ** Changed in: eglibc (Ubuntu Lucid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: eglibc (Ubuntu Precise) Importance: Undecided = Medium ** Changed in: eglibc (Ubuntu Precise) Status: New = Confirmed ** Changed in: eglibc (Ubuntu Precise) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: eglibc (Ubuntu Trusty) Importance: Undecided = Medium ** Changed in: eglibc (Ubuntu Trusty) Status: New = Confirmed ** Changed in: eglibc (Ubuntu Trusty) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: eglibc (Ubuntu Utopic) Status: New = Invalid ** Changed in: eglibc (Ubuntu Vivid) Status: Confirmed = Invalid ** Changed in: glibc (Ubuntu Lucid) Status: New = Invalid ** Changed in: glibc (Ubuntu Precise) Status: New = Invalid ** Changed in: glibc (Ubuntu Trusty) Status: New = Invalid ** Changed in: glibc (Ubuntu Utopic) Importance: Undecided = Medium ** Changed in: glibc (Ubuntu Utopic) Status: New = Confirmed ** Changed in: glibc (Ubuntu Utopic) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: glibc (Ubuntu Vivid) Importance: Undecided = Medium ** Changed in: glibc (Ubuntu Vivid) Status: New = Confirmed ** Changed in: glibc (Ubuntu Vivid) Assignee: (unassigned) = adicarlo (adam) ** Changed in: glibc (Ubuntu Vivid) Assignee: adicarlo (adam) = Adam Conrad (adconrad) ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-7817 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to eglibc in Ubuntu. https://bugs.launchpad.net/bugs/1396471 Title: glibc vulnerability CVE-2014-7817 Status in eglibc package in Ubuntu: Invalid Status in glibc package in Ubuntu: Confirmed Status in eglibc source package in Lucid: Confirmed Status in glibc source package in Lucid: Invalid Status in eglibc source package in Precise: Confirmed Status in glibc source package in Precise: Invalid Status in eglibc source package in Trusty: Confirmed Status in glibc source package in Trusty: Invalid Status in eglibc source package in Utopic: Invalid Status in glibc source package in Utopic: Confirmed Status in eglibc source package in Vivid: Invalid Status in glibc source package in Vivid: Confirmed Bug description: http://www.cvedetails.com/cve-details.php?t=1cve_id=CVE-2014-7817 https://security-tracker.debian.org/tracker/CVE-2014-7817 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/eglibc/+bug/1396471/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1391296] Re: 14.10: NFS drives in fstab not mounted automatically
FWIW, the package in utopic-proposed fixes the issue for me. I'm not marking as verification-done, as I would really like for someone else who is affected by this bug to test it also. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to upstart in Ubuntu. https://bugs.launchpad.net/bugs/1391296 Title: 14.10: NFS drives in fstab not mounted automatically Status in nfs-utils package in Ubuntu: Fix Released Status in upstart package in Ubuntu: Confirmed Status in nfs-utils source package in Utopic: Fix Committed Status in upstart source package in Utopic: Confirmed Status in nfs-utils source package in Vivid: Fix Released Status in upstart source package in Vivid: Confirmed Bug description: [SRU Request] Due to a change in Upstart behaviour, the statd daemon no longer starts automatically at boot, resulting in nfs mounts not being mounted at boot. This has been corrected by modifying the statd upstart job to wait for the rpcbind job to start, instead of waiting for the compatibility portmap event. [Test Case] 1- set up an NFS mount in /etc/fstab 2- Reboot, notice the directory didn't get mounted 3- Install update 4- Reboot, notice the directory is mounted [Regression Potential] The upstart jobs to get the proper daemons started up at boot have complex relationships, and have suffered from race conditions in the past. Although this change is small, it may slightly change previous behaviour. Of course, not having it work at all is worse than having a possible race condition, so this fix is unlikely to be any worse than the broken behaviour. Original description: After upgrading to 14.10 (fresh install) my NFS drive does no longer mounts automatically at boot when the network is up and running. Manually running mount -a mounts the drive as expected and hacking a mount -a command into mountall-net.conf makes my system function normally again. Trying to manually to killall -USR1 mountall does not work. ProblemType: Bug DistroRelease: Ubuntu 14.10 Package: mountall 2.54build1 ProcVersionSignature: Ubuntu 3.16.0-24.32-generic 3.16.4 Uname: Linux 3.16.0-24-generic x86_64 ApportVersion: 2.14.7-0ubuntu8 Architecture: amd64 CurrentDesktop: Unity Date: Mon Nov 10 20:37:39 2014 EcryptfsInUse: Yes InstallationDate: Installed on 2014-11-09 (1 days ago) InstallationMedia: Ubuntu 14.10 Utopic Unicorn - Release amd64 (20141022.1) ProcKernelCmdline: BOOT_IMAGE=/boot/vmlinuz-3.16.0-24-generic root=UUID=e1197618-b55d-40d3-9b81-df2dcb847c1f ro quiet splash vt.handoff=7 SourcePackage: mountall UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.init.mountall.net.conf: 2014-11-10T20:26:00.795161 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1391296/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1397410] [NEW] TextField isn't rendering correctly ubuntu-rtm
Public bug reported: At some point in the development cycle, TextFields stopped rendering correctly on actual devices and in the emulator. Attached are two screenshots: desktop.png is what the textfield look like on the desktop, and emulator.png is what they look like on the emulator. Code to display those textfields is here: http://bazaar.launchpad.net/~mdeslaur/tipcalc/trunk/view/head:/tipcalc.qml#L203 ** Affects: ubuntu-ui-toolkit (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-ui-toolkit in Ubuntu. https://bugs.launchpad.net/bugs/1397410 Title: TextField isn't rendering correctly ubuntu-rtm Status in ubuntu-ui-toolkit package in Ubuntu: New Bug description: At some point in the development cycle, TextFields stopped rendering correctly on actual devices and in the emulator. Attached are two screenshots: desktop.png is what the textfield look like on the desktop, and emulator.png is what they look like on the emulator. Code to display those textfields is here: http://bazaar.launchpad.net/~mdeslaur/tipcalc/trunk/view/head:/tipcalc.qml#L203 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-ui-toolkit/+bug/1397410/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1397410] Re: TextField isn't rendering correctly ubuntu-rtm
** Attachment added: desktop.png https://bugs.launchpad.net/ubuntu/+source/ubuntu-ui-toolkit/+bug/1397410/+attachment/4270296/+files/desktop.png -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-ui-toolkit in Ubuntu. https://bugs.launchpad.net/bugs/1397410 Title: TextField isn't rendering correctly ubuntu-rtm Status in ubuntu-ui-toolkit package in Ubuntu: New Bug description: At some point in the development cycle, TextFields stopped rendering correctly on actual devices and in the emulator. Attached are two screenshots: desktop.png is what the textfield look like on the desktop, and emulator.png is what they look like on the emulator. Code to display those textfields is here: http://bazaar.launchpad.net/~mdeslaur/tipcalc/trunk/view/head:/tipcalc.qml#L203 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-ui-toolkit/+bug/1397410/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1397410] Re: TextField isn't rendering correctly ubuntu-rtm
** Attachment added: emulator.png https://bugs.launchpad.net/ubuntu/+source/ubuntu-ui-toolkit/+bug/1397410/+attachment/4270297/+files/emulator.png -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-ui-toolkit in Ubuntu. https://bugs.launchpad.net/bugs/1397410 Title: TextField isn't rendering correctly ubuntu-rtm Status in ubuntu-ui-toolkit package in Ubuntu: New Bug description: At some point in the development cycle, TextFields stopped rendering correctly on actual devices and in the emulator. Attached are two screenshots: desktop.png is what the textfield look like on the desktop, and emulator.png is what they look like on the emulator. Code to display those textfields is here: http://bazaar.launchpad.net/~mdeslaur/tipcalc/trunk/view/head:/tipcalc.qml#L203 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-ui-toolkit/+bug/1397410/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1397410] Re: TextField isn't rendering correctly ubuntu-rtm
This issue exists both in the emulator, and on a nexus 4. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-ui-toolkit in Ubuntu. https://bugs.launchpad.net/bugs/1397410 Title: TextField isn't rendering correctly ubuntu-rtm Status in ubuntu-ui-toolkit package in Ubuntu: New Bug description: At some point in the development cycle, TextFields stopped rendering correctly on actual devices and in the emulator. Attached are two screenshots: desktop.png is what the textfield look like on the desktop, and emulator.png is what they look like on the emulator. Code to display those textfields is here: http://bazaar.launchpad.net/~mdeslaur/tipcalc/trunk/view/head:/tipcalc.qml#L203 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-ui-toolkit/+bug/1397410/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1397410] Re: TextField isn't rendering correctly ubuntu-rtm
FYI, I can confirm the device and emulator matched the style of textfields on the desktop last time I uploaded the app, which was on August 13th, so something changed since then. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-ui-toolkit in Ubuntu. https://bugs.launchpad.net/bugs/1397410 Title: TextField isn't rendering correctly ubuntu-rtm Status in ubuntu-ui-toolkit package in Ubuntu: New Bug description: At some point in the development cycle, TextFields stopped rendering correctly on actual devices and in the emulator. Attached are two screenshots: desktop.png is what the textfield look like on the desktop, and emulator.png is what they look like on the emulator. Code to display those textfields is here: http://bazaar.launchpad.net/~mdeslaur/tipcalc/trunk/view/head:/tipcalc.qml#L203 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-ui-toolkit/+bug/1397410/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1385903] Re: imagemagick crashes with stack smashing detected
This is CVE-2014-9092 ** Package changed: imagemagick (Ubuntu) = libjpeg-turbo (Ubuntu) ** Changed in: libjpeg-turbo (Ubuntu) Importance: Undecided = Low ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9092 ** Also affects: libjpeg-turbo (Ubuntu Vivid) Importance: Low Status: New ** Also affects: libjpeg-turbo (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: libjpeg-turbo (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: libjpeg-turbo (Ubuntu Utopic) Importance: Undecided Status: New ** Changed in: libjpeg-turbo (Ubuntu Precise) Status: New = Confirmed ** Changed in: libjpeg-turbo (Ubuntu Trusty) Status: New = Confirmed ** Changed in: libjpeg-turbo (Ubuntu Utopic) Status: New = Confirmed ** Changed in: libjpeg-turbo (Ubuntu Vivid) Status: New = Confirmed ** Changed in: libjpeg-turbo (Ubuntu Utopic) Importance: Undecided = Low ** Changed in: libjpeg-turbo (Ubuntu Trusty) Importance: Undecided = Low ** Changed in: libjpeg-turbo (Ubuntu Precise) Importance: Undecided = Low -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libjpeg-turbo in Ubuntu. https://bugs.launchpad.net/bugs/1385903 Title: imagemagick crashes with stack smashing detected Status in libjpeg-turbo package in Ubuntu: Confirmed Status in libjpeg-turbo source package in Precise: Confirmed Status in libjpeg-turbo source package in Trusty: Confirmed Status in libjpeg-turbo source package in Utopic: Confirmed Status in libjpeg-turbo source package in Vivid: Confirmed Bug description: Every now and then imagemagick convert crashes like this: $ convert -rotate 270 003632r270.jpg koe.jpg *** stack smashing detected ***: convert terminated Aborted (core dumped) This is perfectly reproducible and happens in every Ubuntu 14.04 box I have at hand that has ImageMagick in it, but not in 12.04. I'll attach the file used in above example (I have several more in case someone wants them). --- ApportVersion: 2.14.1-0ubuntu3.5 Architecture: i386 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: tt 2149 F pulseaudio CurrentDesktop: LXDE CurrentDmesg: Error: command ['sh', '-c', 'dmesg | comm -13 --nocheck-order /var/log/dmesg -'] failed with exit code 1: comm: /var/log/dmesg: Permission denied dmesg: write failed: Broken pipe DistroRelease: Ubuntu 14.04 IwConfig: br0 no wireless extensions. lono wireless extensions. eth0 no wireless extensions. Package: linux (not installed) ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.13.0-37-generic root=/dev/mapper/hostname-root ro acpi_enforce_resources=lax ProcVersionSignature: Ubuntu 3.13.0-37.64-generic 3.13.11.7 RfKill: Tags: trusty Uname: Linux 3.13.0-37-generic i686 UpgradeStatus: Upgraded to trusty on 2014-07-15 (103 days ago) UserGroups: sudo WifiSyslog: _MarkForUpload: True dmi.bios.date: 08/09/2007 dmi.bios.vendor: Phoenix Technologies, LTD dmi.bios.version: 6.00 PG dmi.board.name: 945GM dmi.chassis.type: 3 dmi.modalias: dmi:bvnPhoenixTechnologies,LTD:bvr6.00PG:bd08/09/2007:svn:pn:pvr:rvn:rn945GM:rvr:cvn:ct3:cvr: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libjpeg-turbo/+bug/1385903/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423031] Re: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain
** Also affects: nss (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: nss (Ubuntu Vivid) Importance: Undecided Status: Confirmed ** Also affects: nss (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: nss (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: nss (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: nss (Ubuntu Vivid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Utopic) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Trusty) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Precise) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Lucid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: nss (Ubuntu Lucid) Status: New = Confirmed ** Changed in: nss (Ubuntu Precise) Status: New = Confirmed ** Changed in: nss (Ubuntu Trusty) Status: New = Confirmed ** Changed in: nss (Ubuntu Utopic) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1423031 Title: NSS incorrectly preferring a longer, weaker chain over a shorter, stronger chain Status in nss package in Ubuntu: Confirmed Status in nss source package in Lucid: Confirmed Status in nss source package in Precise: Confirmed Status in nss source package in Trusty: Confirmed Status in nss source package in Utopic: Confirmed Status in nss source package in Vivid: Confirmed Status in nss package in Debian: Confirmed Bug description: See: https://code.google.com/p/chromium/issues/detail?id=437733 and https://code.google.com/p/chromium/issues/detail?id=459131 This issue is fixed in upstream libnss3 version = 3.17.4 This issue causes incorrect SHA1 sunset behaviour in Google Chrome. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1423031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1423904] [NEW] CA certs are outdated
*** This bug is a security vulnerability *** Public security bug reported: CA certs in stable releases are outdated. They should be updated to the version in vivid. ** Affects: ca-certificates (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: ca-certificates (Ubuntu Lucid) Importance: Undecided Assignee: Marc Deslauriers (mdeslaur) Status: In Progress ** Affects: ca-certificates (Ubuntu Precise) Importance: Undecided Assignee: Marc Deslauriers (mdeslaur) Status: In Progress ** Affects: ca-certificates (Ubuntu Trusty) Importance: Undecided Assignee: Marc Deslauriers (mdeslaur) Status: In Progress ** Affects: ca-certificates (Ubuntu Utopic) Importance: Undecided Assignee: Marc Deslauriers (mdeslaur) Status: In Progress ** Affects: ca-certificates (Ubuntu Vivid) Importance: Undecided Status: Fix Released ** Also affects: ca-certificates (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: ca-certificates (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: ca-certificates (Ubuntu Vivid) Importance: Undecided Status: New ** Also affects: ca-certificates (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: ca-certificates (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: ca-certificates (Ubuntu Vivid) Status: New = Fix Released ** Changed in: ca-certificates (Ubuntu Lucid) Status: New = In Progress ** Changed in: ca-certificates (Ubuntu Lucid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: ca-certificates (Ubuntu Precise) Status: New = In Progress ** Changed in: ca-certificates (Ubuntu Precise) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: ca-certificates (Ubuntu Trusty) Status: New = In Progress ** Changed in: ca-certificates (Ubuntu Trusty) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: ca-certificates (Ubuntu Utopic) Status: New = In Progress ** Changed in: ca-certificates (Ubuntu Utopic) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1423904 Title: CA certs are outdated Status in ca-certificates package in Ubuntu: Fix Released Status in ca-certificates source package in Lucid: In Progress Status in ca-certificates source package in Precise: In Progress Status in ca-certificates source package in Trusty: In Progress Status in ca-certificates source package in Utopic: In Progress Status in ca-certificates source package in Vivid: Fix Released Bug description: CA certs in stable releases are outdated. They should be updated to the version in vivid. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1423904/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1416070] Re: Encryption Password Visible in Virt Terminal w/Wrong Screen Res
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1416070 Title: Encryption Password Visible in Virt Terminal w/Wrong Screen Res Status in lightdm package in Ubuntu: New Bug description: I have my hard drive set up with encryption. When the machine boots, it asks me for the security key to decrypt the drive. This is normal, expeced behaviour. However,in my case the screen is not the correct resolution, so I can't type in the box. However, since the box is there and I'm used to tryng that, I have still done it as a matter of habit. If you type the password for the Security Key and it doen't go into the box, if you switch to a different virtual Terminal (Ctrl+Alt+F1 or Ctrl+Alt+F2 for instance) and then back to the Virtual Terminal which the login manager uses (Ctrl+Alt+F7) instead of seeing the same screen, you get a black screen and at the top is the password to decrypt the drive in plain text. I can usually get around the incorrect resolution by rebooting, and then a different screen comes up asking for password - an all text screen that doesn't have the issue. However, if the lightDM screen comes up I must always reboot as my password is not being entered into that screen where it should be and can be seen in plain text by switching virtual terminals. ProblemType: Bug DistroRelease: Ubuntu 14.10 Package: lightdm 1.12.1-0ubuntu1 ProcVersionSignature: Ubuntu 3.16.0-29.39-generic 3.16.7-ckt2 Uname: Linux 3.16.0-29-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.14.7-0ubuntu8.1 Architecture: amd64 CurrentDesktop: Unity Date: Thu Jan 29 19:04:13 2015 EcryptfsInUse: Yes InstallationDate: Installed on 2015-01-28 (1 days ago) InstallationMedia: Ubuntu 14.10 Utopic Unicorn - Release amd64 (20141022.1) SourcePackage: lightdm UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1416070/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1414389] Re: package libgstreamer-plugins-bad1.0-0 (not installed) failed to install/upgrade: cannot copy extracted data for './usr/lib/x86_64-linux-gnu/libgstgl-1.0.so.0.403.0'
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gst-plugins-bad1.0 in Ubuntu. https://bugs.launchpad.net/bugs/1414389 Title: package libgstreamer-plugins-bad1.0-0 (not installed) failed to install/upgrade: cannot copy extracted data for './usr/lib/x86_64 -linux-gnu/libgstgl-1.0.so.0.403.0' to '/usr/lib/x86_64-linux- gnu/libgstgl-1.0.so.0.403.0.dpkg-new': unexpected end of file or stream Status in gst-plugins-bad1.0 package in Ubuntu: New Bug description: I dont knw exact issue , automatically failed ProblemType: Package DistroRelease: Ubuntu 14.10 Package: libgstreamer-plugins-bad1.0-0 (not installed) ProcVersionSignature: Ubuntu 3.16.0-23.31-generic 3.16.4 Uname: Linux 3.16.0-23-generic x86_64 ApportVersion: 2.14.7-0ubuntu8 Architecture: amd64 Date: Sun Jan 25 08:52:23 2015 DpkgTerminalLog: Preparing to unpack .../libgstreamer-plugins-bad1.0-0_1.4.3-1ubuntu1_amd64.deb ... Unpacking libgstreamer-plugins-bad1.0-0:amd64 (1.4.3-1ubuntu1) ... dpkg-deb (subprocess): cannot copy archive member from '/var/cache/apt/archives/libgstreamer-plugins-bad1.0-0_1.4.3-1ubuntu1_amd64.deb' to decompressor pipe: unexpected end of file or stream dpkg-deb (subprocess): decompressing archive member: lzma error: unexpected end of input dpkg-deb: error: subprocess decompress returned error exit status 2 DuplicateSignature: package:libgstreamer-plugins-bad1.0-0:(not installed):cannot copy extracted data for './usr/lib/x86_64-linux-gnu/libgstgl-1.0.so.0.403.0' to '/usr/lib/x86_64-linux-gnu/libgstgl-1.0.so.0.403.0.dpkg-new': unexpected end of file or stream ErrorMessage: cannot copy extracted data for './usr/lib/x86_64-linux-gnu/libgstgl-1.0.so.0.403.0' to '/usr/lib/x86_64-linux-gnu/libgstgl-1.0.so.0.403.0.dpkg-new': unexpected end of file or stream InstallationDate: Installed on 2015-01-24 (0 days ago) InstallationMedia: Ubuntu 14.10 Utopic Unicorn - Release amd64 (20141022.1) SourcePackage: gst-plugins-bad1.0 Title: package libgstreamer-plugins-bad1.0-0 (not installed) failed to install/upgrade: cannot copy extracted data for './usr/lib/x86_64-linux-gnu/libgstgl-1.0.so.0.403.0' to '/usr/lib/x86_64-linux-gnu/libgstgl-1.0.so.0.403.0.dpkg-new': unexpected end of file or stream UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gst-plugins-bad1.0/+bug/1414389/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1415753] Re: help asked
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1415753 Title: help asked Status in xorg package in Ubuntu: New Bug description: I can't record my music to m SD card,at the beginnig and at the end when I use the computer.the screen who ask the password don't function correctly,it come back occasionnaly.the computer say me this is a spam in my boxletter who make that,but I think this is the system of the computer who is touch. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: xorg 1:7.7+1ubuntu8.1 ProcVersionSignature: Ubuntu 3.13.0-45.74-generic 3.13.11-ckt13 Uname: Linux 3.13.0-45-generic x86_64 .tmp.unity.support.test.0: ApportVersion: 2.14.1-0ubuntu3.6 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None Date: Thu Jan 29 07:40:39 2015 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu DkmsStatus: ndiswrapper, 1.59, 3.13.0-40-generic, x86_64: installed ndiswrapper, 1.59, 3.13.0-41-generic, x86_64: installed ndiswrapper, 1.59, 3.13.0-43-generic, x86_64: installed ndiswrapper, 1.59, 3.13.0-44-generic, x86_64: installed ndiswrapper, 1.59, 3.13.0-45-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation 2nd Generation Core Processor Family Integrated Graphics Controller [8086:0106] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Acer Incorporated [ALI] Device [1025:0649] InstallationDate: Installed on 2014-05-19 (254 days ago) InstallationMedia: It Lsusb: Bus 002 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 001 Device 003: ID 04f2:b337 Chicony Electronics Co., Ltd Bus 001 Device 002: ID 8087:0024 Intel Corp. Integrated Rate Matching Hub Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: Packard Bell EasyNote TE11HC ProcEnviron: LANGUAGE=fr_FR PATH=(custom, no user) LANG=fr_FR.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-45-generic root=UUID=c41f8877-7f18-4fb7-ac14-8934c002fa97 ro splash quiet drm.debug=0xe plymouth:debug SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 01/17/2013 dmi.bios.vendor: Insyde Corp. dmi.bios.version: V2.13 dmi.board.asset.tag: Type2 - Board Asset Tag dmi.board.name: EG50_HC_HR dmi.board.vendor: Packard Bell dmi.board.version: Type2 - Board Version dmi.chassis.type: 10 dmi.chassis.vendor: Insyde Corp. dmi.chassis.version: V2.13 dmi.modalias: dmi:bvnInsydeCorp.:bvrV2.13:bd01/17/2013:svnPackardBell:pnEasyNoteTE11HC:pvrV2.13:rvnPackardBell:rnEG50_HC_HR:rvrType2-BoardVersion:cvnInsydeCorp.:ct10:cvrV2.13: dmi.product.name: EasyNote TE11HC dmi.product.version: V2.13 dmi.sys.vendor: Packard Bell version.compiz: compiz 1:0.9.11.3+14.04.20141104-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.56-1~ubuntu1 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.3-0ubuntu0.3 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.3-0ubuntu0.3 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2.6 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3.1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1.4 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Thu Jan 29 07:20:09 2015 xserver.configfile: default xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.outputs: product id8940 vendor AUO xserver.version: 2:1.15.1-0ubuntu2.6 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1415753/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1411318] Re: arbitrary code execution
Have you reported this issue to the upstream bash developers?
** Changed in: bash (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1411318
Title:
arbitrary code execution
Status in bash package in Ubuntu:
Confirmed
Bug description:
The problem with bash's name references
Bash 4.3 introduced declare -n (name references) to mimic Korn
shell's nameref feature, which permits variables to hold references to
other variables (see FAQ 006 to see these in action). Unfortunately,
the implementation used in Bash has some issues.
{…} Bash's name reference implementation still allows arbitrary code
execution:
$ foo() { declare -n var=$1; echo $var; }
$ foo 'x[i=$(date)]'
bash: i=Thu Mar 27 16:34:09 EDT 2014: syntax error in expression (error token
is Mar 27 16:34:09 EDT 2014)
It's not an elegant example, but you can clearly see that the date
command was actually executed. This is not at all what one wants.
source: http://mywiki.wooledge.org/BashFAQ/048
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1411318/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1414959] Re: sudo script from user to admin w/sudo account provides root prompt
It's perfectly normal for the script command to give you an interactive shell prompt, that's what it was designed for. This behaviour is perfectly normal, and works as expected. ** Changed in: shadow (Ubuntu) Status: New = Invalid ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1414959 Title: sudo script from user to admin w/sudo account provides root prompt Status in shadow package in Ubuntu: Invalid Bug description: Script started on Tue 27 Jan 2015 01:29:17 AM PST ^[]0;b21an@ai7: ~^Gb21an@ai7:~$ ^M ^[]0;b21an@ai7: ~^Gb21an@ai7:~$ whoami^M b21an^M ^[]0;b21an@ai7: ~^Gb21an@ai7:~$ ^M ^[]0;b21an@ai7: ~^Gb21an@ai7:~$ su admin^M Password: ^M ^[]0;admin@ai7: /home/b21an^Gadmin@ai7:/home/b21an$ cd^M ^[]0;admin@ai7: ~^Gadmin@ai7:~$ ^M ^[]0;admin@ai7: ~^Gadmin@ai7:~$ whoami^M admin^M ^[]0;admin@ai7: ~^Gadmin@ai7:~$ sudo script another ^H^[[K=^H^[[K-typescript-`sh ~/bin/date.sh`^M [sudo] password for admin: ^M Script started, file is another-typescript-20150127-1422351055^M ^[]0;root@ai7: ~^Groot@ai7:~# ^M ^[]0;root@ai7: ~^Groot@ai7:~# whoami^M root^M ^[]0;root@ai7: ~^Groot@ai7:~# exit^M exit^M Script done, file is another-typescript-20150127-1422351055^M exit^M Script done on Tue 27 Jan 2015 01:31:03 AM PST^M ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: login 1:4.1.5.1-1ubuntu9 ProcVersionSignature: Ubuntu 3.2.0-68.102-generic 3.2.62 Uname: Linux 3.2.0-68-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.6 Architecture: amd64 Date: Tue Jan 27 01:24:36 2015 SourcePackage: shadow UpgradeStatus: Upgraded to trusty on 2014-11-01 (87 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1414959/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1407826] Re: Merge nss 2:3.17.2-1.1 (main) from Debian unstable (main)
ACK on the merge. Looks good, thanks! I've uploaded it. ** Changed in: nss (Ubuntu) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1407826 Title: Merge nss 2:3.17.2-1.1 (main) from Debian unstable (main) Status in nss package in Ubuntu: Fix Committed Bug description: nss (2:3.17.2-1.1) unstable; urgency=medium * Non-maintainer upload. * Fix CVE-2014-1569. Closes: #773625. -- Matt Kraai kr...@debian.org Sun, 21 Dec 2014 19:46:52 -0800 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1407826/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1271166] Re: Gómez Peer under Wine appears on the lock screen
** Changed in: xorg (Ubuntu) Status: New = Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1271166 Title: Gómez Peer under Wine appears on the lock screen Status in xorg package in Ubuntu: Triaged Bug description: When running the Gómez Peer under Wine (including upstream), the application is still visible on top of the lock screen. Nothing running should be visible on top of the lock screen and this is a security concern. To work around this I run Wine with WINEDLLOVERRIDES=wined3d= Wine can be blamed for this, but X (or whatever provides the lock screen - Gnome?) shouldn't allow applications to break through the lock screen. Attached photo shows part of the application where it has updated its GUI. On a full update the full GUI is visible. ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: xorg 1:7.6+12ubuntu2 Uname: Linux 3.11.10-031110-generic x86_64 NonfreeKernelModules: wl .tmp.unity.support.test.0: ApportVersion: 2.0.1-0ubuntu17.6 Architecture: amd64 CompizPlugins: [core,bailer,detection,composite,opengl,decor,mousepoll,vpswitch,regex,animation,snap,expo,move,compiztoolbox,place,grid,imgpng,gnomecompat,wall,ezoom,workarounds,staticswitcher,resize,fade,unitymtgrabhandles,scale,session,unityshell] CompositorRunning: None Date: Tue Jan 21 12:39:34 2014 DistUpgraded: Fresh install DistroCodename: precise DistroVariant: ubuntu ExtraDebuggingInterest: Yes, even including gdb or git bisection work if needed GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] RS880M [Mobility Radeon HD 4225/4250] [1002:9712] (prog-if 00 [VGA controller]) Subsystem: Acer Incorporated [ALI] Device [1025:036e] InstallationMedia: Ubuntu 12.04.3 LTS Precise Pangolin - Release amd64 (20130820.1) MachineType: Acer Aspire 5551 MarkForUpload: True ProcEnviron: LANGUAGE=en_GB:en TERM=xterm PATH=(custom, no user) LANG=en_GB.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.11.10-031110-generic root=UUID=a8da15b6-5377-4984-90ce-9ff3c6d3f047 ro zcache radeon.dpm=1 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 07/27/2011 dmi.bios.vendor: Acer dmi.bios.version: V2.14 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: JE50_DN dmi.board.vendor: Acer dmi.board.version: Base Board Version dmi.chassis.type: 10 dmi.chassis.vendor: Acer dmi.chassis.version: V2.14 dmi.modalias: dmi:bvnAcer:bvrV2.14:bd07/27/2011:svnAcer:pnAspire5551:pvrV2.14:rvnAcer:rnJE50_DN:rvrBaseBoardVersion:cvnAcer:ct10:cvrV2.14: dmi.product.name: Aspire 5551 dmi.product.version: V2.14 dmi.sys.vendor: Acer drirc: driconf /driconf version.compiz: compiz 1:0.9.7.12-0ubuntu3 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.46-1ubuntu0.0.0.1 version.libgl1-mesa-dri: libgl1-mesa-dri N/A version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.xserver-xorg-core: xserver-xorg-core N/A version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati N/A version.xserver-xorg-video-intel: xserver-xorg-video-intel N/A version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau N/A To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1271166/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1409117] Re: GPG does not verify keys received when using --recv-keys leaving communicaiton with key servers vulnerable to MITM
Fixed in 2.0.24 and 1.4.17. ** Information type changed from Private Security to Public Security ** Also affects: gnupg (Ubuntu) Importance: Undecided Status: New ** Bug watch added: Debian Bug tracker #725411 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725411 ** Also affects: gnupg (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725411 Importance: Unknown Status: Unknown ** Bug watch added: bugs.gnupg.org/gnupg/ #1579 http://bugs.gnupg.org/gnupg/issue1579 ** Also affects: gnupg via http://bugs.gnupg.org/gnupg/issue1579 Importance: Unknown Status: Unknown ** Also affects: gnupg (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: gnupg2 (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: gnupg (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: gnupg2 (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: gnupg (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: gnupg2 (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: gnupg (Ubuntu Vivid) Importance: Undecided Status: New ** Also affects: gnupg2 (Ubuntu Vivid) Importance: Undecided Status: New ** Also affects: gnupg (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: gnupg2 (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: gnupg2 (Ubuntu Utopic) Status: New = Fix Released ** Changed in: gnupg2 (Ubuntu Vivid) Status: New = Fix Released ** Changed in: gnupg (Ubuntu Vivid) Status: New = Fix Released ** Changed in: gnupg (Ubuntu Lucid) Importance: Undecided = Wishlist ** Changed in: gnupg (Ubuntu Lucid) Status: New = Confirmed ** Changed in: gnupg (Ubuntu Lucid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: gnupg (Ubuntu Precise) Importance: Undecided = Wishlist ** Changed in: gnupg (Ubuntu Precise) Status: New = Confirmed ** Changed in: gnupg (Ubuntu Precise) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: gnupg (Ubuntu Trusty) Importance: Undecided = Wishlist ** Changed in: gnupg (Ubuntu Trusty) Status: New = Confirmed ** Changed in: gnupg (Ubuntu Trusty) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: gnupg (Ubuntu Utopic) Importance: Undecided = Wishlist ** Changed in: gnupg (Ubuntu Utopic) Status: New = Confirmed ** Changed in: gnupg (Ubuntu Utopic) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: gnupg2 (Ubuntu Lucid) Importance: Undecided = Wishlist ** Changed in: gnupg2 (Ubuntu Lucid) Status: New = Confirmed ** Changed in: gnupg2 (Ubuntu Lucid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: gnupg2 (Ubuntu Precise) Importance: Undecided = Wishlist ** Changed in: gnupg2 (Ubuntu Precise) Status: New = Confirmed ** Changed in: gnupg2 (Ubuntu Precise) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: gnupg2 (Ubuntu Trusty) Importance: Undecided = Wishlist ** Changed in: gnupg2 (Ubuntu Trusty) Status: New = Confirmed ** Changed in: gnupg2 (Ubuntu Trusty) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnupg in Ubuntu. https://bugs.launchpad.net/bugs/1409117 Title: GPG does not verify keys received when using --recv-keys leaving communicaiton with key servers vulnerable to MITM Status in GNU Privacy Guard: Unknown Status in gnupg package in Ubuntu: Fix Released Status in gnupg2 package in Ubuntu: Fix Released Status in gnupg source package in Lucid: Confirmed Status in gnupg2 source package in Lucid: Confirmed Status in gnupg source package in Precise: Confirmed Status in gnupg2 source package in Precise: Confirmed Status in gnupg source package in Trusty: Confirmed Status in gnupg2 source package in Trusty: Confirmed Status in gnupg source package in Utopic: Confirmed Status in gnupg2 source package in Utopic: Fix Released Status in gnupg source package in Vivid: Fix Released Status in gnupg2 source package in Vivid: Fix Released Status in gnupg package in Debian: Unknown Bug description: The patch from http://bugs.gnupg.org/gnupg/issue1579 is critical and should be backported to 12.04; right now, it is not. This leaves 12.04 users of GPG2 vulnerable to MITM attacks on gpg2 --recv-keys. See https://evil32.com/ for an example (the text that is striked out; the gpg2 package on 12.04 is still vulnerable). To manage notifications about this bug go to: https://bugs.launchpad.net/gnupg/+bug/1409117/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https
[Touch-packages] [Bug 1409117] Re: GPG does not verify keys received when using --recv-keys leaving communicaiton with key servers vulnerable to MITM
apt-add-repository validates that the key that was downloaded is the right one before importing it, it doesn't blindly trust the key that gpg downloaded from the keyserver. This is wishlist simply because it's security hardening. I will include it in the next gnupg security upload. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnupg in Ubuntu. https://bugs.launchpad.net/bugs/1409117 Title: GPG does not verify keys received when using --recv-keys leaving communicaiton with key servers vulnerable to MITM Status in GNU Privacy Guard: Unknown Status in gnupg package in Ubuntu: Fix Released Status in gnupg2 package in Ubuntu: Fix Released Status in gnupg source package in Lucid: Confirmed Status in gnupg2 source package in Lucid: Confirmed Status in gnupg source package in Precise: Confirmed Status in gnupg2 source package in Precise: Confirmed Status in gnupg source package in Trusty: Confirmed Status in gnupg2 source package in Trusty: Confirmed Status in gnupg source package in Utopic: Confirmed Status in gnupg2 source package in Utopic: Fix Released Status in gnupg source package in Vivid: Fix Released Status in gnupg2 source package in Vivid: Fix Released Status in gnupg package in Debian: Unknown Bug description: The patch from http://bugs.gnupg.org/gnupg/issue1579 is critical and should be backported to 12.04; right now, it is not. This leaves 12.04 users of GPG2 vulnerable to MITM attacks on gpg2 --recv-keys. See https://evil32.com/ for an example (the text that is striked out; the gpg2 package on 12.04 is still vulnerable). To manage notifications about this bug go to: https://bugs.launchpad.net/gnupg/+bug/1409117/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1406634] Re: Sync flac 1.3.1-1 (main) from Debian experimental (main)
This bug was fixed in the package flac - 1.3.1-1 Sponsored for Jackson Doak (noskcaj) --- flac (1.3.1-1) experimental; urgency=medium [ Jackson Doak ] * Disable silent rules * Enable hardening * Add symbols files [ Fabian Greffrath ] * Adapt debian/watch file to reflect actual upstream versioning scheme. * Imported Upstream version 1.3.1 + Fixes CVE-2014-8962 and CVE-2014-9028 (Closes: #770918). + Support for 3DNOW! optimizations has been removed. + Localized RU documentation has been removed. * Drop patches applied upstream. * Backport patch from upstream GIT to fix another input validation bug. * Fix privacy-breach-logo and privacy-breach-w3c-valid-html lintian errors. * In debian/rules, remove the override_dh_makeshlibs rule for the symbols files to have effect. * Update, improve and convert debian/copyright to machine-readable format. * Bump Standards-Version to 3.9.6. -- Fabian Greffrath fabian+deb...@greffrath.com Mon, 01 Dec 2014 18:32:57 +0100 ** Changed in: flac (Ubuntu) Status: New = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-8962 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2014-9028 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to flac in Ubuntu. https://bugs.launchpad.net/bugs/1406634 Title: Sync flac 1.3.1-1 (main) from Debian experimental (main) Status in flac package in Ubuntu: Fix Released Bug description: Please sync flac 1.3.1-1 (main) from Debian experimental (main) Changelog entries since current vivid version 1.3.0-3: flac (1.3.1-1) experimental; urgency=medium [ Jackson Doak ] * Disable silent rules * Enable hardening * Add symbols files [ Fabian Greffrath ] * Adapt debian/watch file to reflect actual upstream versioning scheme. * Imported Upstream version 1.3.1 + Fixes CVE-2014-8962 and CVE-2014-9028 (Closes: #770918). + Support for 3DNOW! optimizations has been removed. + Localized RU documentation has been removed. * Drop patches applied upstream. * Backport patch from upstream GIT to fix another input validation bug. * Fix privacy-breach-logo and privacy-breach-w3c-valid-html lintian errors. * In debian/rules, remove the override_dh_makeshlibs rule for the symbols files to have effect. * Update, improve and convert debian/copyright to machine-readable format. * Bump Standards-Version to 3.9.6. -- Fabian Greffrath fabian+deb...@greffrath.com Mon, 01 Dec 2014 18:32:57 +0100 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/flac/+bug/1406634/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1400473] Re: Apache 2.2 on Ubuntu 12.04 LTS only supports TLS1.0 which is vulnerable to BEAST attack
Can you try with: SSLProtocol +TLSv1.1 +TLSv1.2 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1400473 Title: Apache 2.2 on Ubuntu 12.04 LTS only supports TLS1.0 which is vulnerable to BEAST attack Status in openssl package in Ubuntu: Incomplete Bug description: For PCI compliance, one must not be vulnerable to the POODLE or BEAST or CRIME attacks. POODLE suggests removing SSLv2 and SSLv3, and BEAST suggests removing TLSv1. However, since TLSv1.1 and TLSv1.2 do not seem to be supported by apache 2.2 on 12.04 LTS, and since apache 2.4 on 12.04 LTS does not support PHP 5.3.X, the last branch to allow PHP register_globals, which is required for lots of legacy production code often used by sites with payment systems, and since Ubuntu 14.04 LTS does not support apache 2.2, and since Ubuntu 10.04 LTS does not support SHA256 signed SSL certificates, there may be no feasible way for someone to run a credit card processing system with any Ubuntu LTS system if they require both PCI compliance and PHP register_globals support. It looks like manually compiling PHP may be the only plausible way to surmount this issue in this particular circumstance. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1400473/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1432610] [NEW] Libav security fixes March 2015
*** This bug is a security vulnerability *** Public security bug reported: Libav 0.8.17, 9.18 and 11.3 are out that fix a number of security issues. version 0.8.17: - utvideodec: Handle slice_height being zero (CVE-2014-9604) - tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544) - rmenc: limit packet size - eamad: check for out of bounds read (CID/1257500) - h264_cabac: Break infinite loops - matroskadec: Fix read-after-free in matroska_read_seek() (chromium/427266) - gifdec: refactor interleave end handling (CVE-2014-8547) - smc: fix the bounds check (CVE-2014-8548) - mmvideo: check frame dimensions (CVE-2014-8543) - jvdec: check frame dimensions (CVE-2014-8542) - mov: avoid a memleak when multiple stss boxes are present - apetag: Fix APE tag size check - x86: Only use optimizations with cmov if the CPU supports the instruction - x86: Add CPU flag for the i686 cmov instruction version 9.18: - tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544) - utvideodec: Handle slice_height being zero (CVE-2014-9604) - rmenc: limit packet size - rv10: check size of s-mb_width * s-mb_height - eamad: check for out of bounds read (CID/1257500) - arm: Suppress tags about used cpu arch and extensions - img2dec: correctly use the parsed value from -start_number - h264_cabac: Break infinite loops - matroskadec: Fix read-after-free in matroska_read_seek() (chromium/427266) - smc: fix the bounds check (CVE-2014-8548) - gifdec: refactor interleave end handling (CVE-2014-8547) - mmvideo: check frame dimensions (CVE-2014-8543) - jvdec: check frame dimensions (CVE-2014-8542) - mov: avoid a memleak when multiple stss boxes are present - mp3enc: fix a triggerable assert - apetag: Fix APE tag size check version 11.3: - utvideodec: Handle slice_height being zero (CVE-2014-9604) - adxdec: set avctx-channels in adx_read_header - rmenc: limit packet size - webp: validate the distance prefix code - rv10: check size of s-mb_width * s-mb_height - eamad: check for out of bounds read (CID/1257500) - mdec: check for out of bounds read (CID/1257501) - configure: Properly fail when libcdio/cdparanoia is not found - tiff: Check that there is no aliasing in pixel format selection (CVE-2014-8544) - aic: Fix decoding files with odd dimensions - vorbis: Check the vlc value in setup_classifs - arm: Suppress tags about used cpu arch and extensions - prores: Extend the padding check to 16bit - icecast: Do not use chunked post, allows feeding to icecast properly - img2dec: correctly use the parsed value from -start_number - h264_cabac: Break infinite loops - hevc_deblock: Fix compilation with nasm (libav #795) - h264: initialize H264Context.avctx in init_thread_copy - h264: Do not share rbsp_buffer across threads - h264: only ref cur_pic in update_thread_context if it is initialized - matroskadec: Fix read-after-free in matroska_read_seek() (chromium #427266) - log: Unbreak no-tty support on 256color terminals ** Affects: libav (Ubuntu) Importance: Undecided Status: Confirmed ** Affects: libav (Ubuntu Precise) Importance: Undecided Assignee: Marc Deslauriers (mdeslaur) Status: Confirmed ** Affects: libav (Ubuntu Trusty) Importance: Undecided Assignee: Marc Deslauriers (mdeslaur) Status: Confirmed ** Affects: libav (Ubuntu Utopic) Importance: Undecided Status: Confirmed ** Affects: libav (Ubuntu Vivid) Importance: Undecided Status: Confirmed ** Also affects: libav (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: libav (Ubuntu Vivid) Importance: Undecided Status: New ** Also affects: libav (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: libav (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: libav (Ubuntu Precise) Status: New = Confirmed ** Changed in: libav (Ubuntu Trusty) Status: New = Confirmed ** Changed in: libav (Ubuntu Utopic) Status: New = Confirmed ** Changed in: libav (Ubuntu Vivid) Status: New = Confirmed ** Changed in: libav (Ubuntu Precise) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: libav (Ubuntu Trusty) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libav in Ubuntu. https://bugs.launchpad.net/bugs/1432610 Title: Libav security fixes March 2015 Status in libav package in Ubuntu: Confirmed Status in libav source package in Precise: Confirmed Status in libav source package in Trusty: Confirmed Status in libav source package in Utopic: Confirmed Status in libav source package in Vivid: Confirmed Bug description: Libav 0.8.17, 9.18 and 11.3 are out that fix a number of security issues. version 0.8.17: - utvideodec: Handle slice_height being zero (CVE-2014-9604) - tiff: Check
[Touch-packages] [Bug 1400473] Re: Apache 2.2 on Ubuntu 12.04 LTS only supports TLS1.0 which is vulnerable to BEAST attack
While apache in Ubuntu 12.04 does support TLSv1.2, it doesn't allow specifying the configuration options to selectively disable TLSv1.0. The following commit needs to be backported: https://svn.apache.org/viewvc?view=revisionrevision=1445104 ** Package changed: openssl (Ubuntu) = apache2 (Ubuntu) ** Summary changed: - Apache 2.2 on Ubuntu 12.04 LTS only supports TLS1.0 which is vulnerable to BEAST attack + Apache 2.2 on Ubuntu 12.04 LTS doesn't allow disabling TLS1.0 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1400473 Title: Apache 2.2 on Ubuntu 12.04 LTS doesn't allow disabling TLS1.0 Status in apache2 package in Ubuntu: Fix Released Status in apache2 source package in Precise: Confirmed Bug description: For PCI compliance, one must not be vulnerable to the POODLE or BEAST or CRIME attacks. POODLE suggests removing SSLv2 and SSLv3, and BEAST suggests removing TLSv1. However, since TLSv1.1 and TLSv1.2 do not seem to be supported by apache 2.2 on 12.04 LTS, and since apache 2.4 on 12.04 LTS does not support PHP 5.3.X, the last branch to allow PHP register_globals, which is required for lots of legacy production code often used by sites with payment systems, and since Ubuntu 14.04 LTS does not support apache 2.2, and since Ubuntu 10.04 LTS does not support SHA256 signed SSL certificates, there may be no feasible way for someone to run a credit card processing system with any Ubuntu LTS system if they require both PCI compliance and PHP register_globals support. It looks like manually compiling PHP may be the only plausible way to surmount this issue in this particular circumstance. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1400473/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1400473] Re: Apache 2.2 on Ubuntu 12.04 LTS only supports TLS1.0 which is vulnerable to BEAST attack
** Changed in: openssl (Ubuntu) Status: Expired = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1400473 Title: Apache 2.2 on Ubuntu 12.04 LTS only supports TLS1.0 which is vulnerable to BEAST attack Status in openssl package in Ubuntu: Confirmed Bug description: For PCI compliance, one must not be vulnerable to the POODLE or BEAST or CRIME attacks. POODLE suggests removing SSLv2 and SSLv3, and BEAST suggests removing TLSv1. However, since TLSv1.1 and TLSv1.2 do not seem to be supported by apache 2.2 on 12.04 LTS, and since apache 2.4 on 12.04 LTS does not support PHP 5.3.X, the last branch to allow PHP register_globals, which is required for lots of legacy production code often used by sites with payment systems, and since Ubuntu 14.04 LTS does not support apache 2.2, and since Ubuntu 10.04 LTS does not support SHA256 signed SSL certificates, there may be no feasible way for someone to run a credit card processing system with any Ubuntu LTS system if they require both PCI compliance and PHP register_globals support. It looks like manually compiling PHP may be the only plausible way to surmount this issue in this particular circumstance. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1400473/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1429975] Re: nfs no longer mounted at boot with systemd
I have always used network-manager, so I'll wait. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1429975 Title: nfs no longer mounted at boot with systemd Status in systemd package in Ubuntu: In Progress Bug description: I updated my vivid laptop today, and now boot with systemd by default. Unfortunately, my nfs mount no longer mounts at boot. From syslog: Mar 9 14:38:20 mdlinux mount[866]: mount.nfs: Network is unreachable Mar 9 14:38:20 mdlinux systemd[1]: mnt-server.mount mount process exited, code=exited status=32 Mar 9 14:38:20 mdlinux systemd[1]: Failed to mount /mnt/server. Mar 9 14:38:20 mdlinux systemd[1]: Dependency failed for Remote File Systems. Mar 9 14:38:20 mdlinux systemd[1]: Job remote-fs.target/start failed with result 'dependency'. Mar 9 14:38:20 mdlinux systemd[1]: Unit mnt-server.mount entered failed state. This is happening before my network interfaces are ready: Mar 9 14:38:21 mdlinux NetworkManager[820]: info (eth0): preparing device ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: nfs-common 1:1.2.8-9ubuntu6 ProcVersionSignature: Ubuntu 3.19.0-7.7-generic 3.19.0 Uname: Linux 3.19.0-7-generic x86_64 ApportVersion: 2.16.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Mon Mar 9 14:45:48 2015 InstallationDate: Installed on 2013-11-26 (467 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: nfs-utils UpgradeStatus: Upgraded to vivid on 2015-03-07 (2 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1429975/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1430307] [NEW] Deprecation warning should be turned off for release
Public bug reported: A lot of applications that are currently shipping in vivid display gtk deprecation warnings. While this is useful to developers, it is a nuisance for users who are powerless to fix these issues. For certain graphical applications, printing warnings on the console isn't much of an issue, but for others, such as gedit, it's annoying and inelegant. Here are a few examples: $ ubuntu-bug sdasdasd dpkg-query: no packages found matching sdasdasd Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged. $ gedit sys:1: Warning: The property GtkSettings:gtk-menu-images is deprecated and shouldn't be used anymore. It will be removed in a future version. sys:1: Warning: The property GtkToolButton:stock-id is deprecated and shouldn't be used anymore. It will be removed in a future version. sys:1: Warning: The property GtkWidget:margin-right is deprecated and shouldn't be used anymore. It will be removed in a future version. sys:1: Warning: The property GtkButton:use-stock is deprecated and shouldn't be used anymore. It will be removed in a future version. sys:1: Warning: The property GtkSettings:gtk-button-images is deprecated and shouldn't be used anymore. It will be removed in a future version. sys:1: Warning: The property GtkButton:xalign is deprecated and shouldn't be used anymore. It will be removed in a future version. sys:1: Warning: The property GtkAlignment:left-padding is deprecated and shouldn't be used anymore. It will be removed in a future version. sys:1: Warning: The property GtkTreeView:rules-hint is deprecated and shouldn't be used anymore. It will be removed in a future version. $ brasero (brasero:5606): GLib-GObject-WARNING **: The property GtkSettings:gtk-menu-images is deprecated and shouldn't be used anymore. It will be removed in a future version. (brasero:5606): GLib-GObject-WARNING **: The property GtkSettings:gtk-button-images is deprecated and shouldn't be used anymore. It will be removed in a future version. (brasero:5606): GLib-GObject-WARNING **: The property GtkAlignment:xalign is deprecated and shouldn't be used anymore. It will be removed in a future version. (brasero:5606): GLib-GObject-WARNING **: The property GtkAlignment:yalign is deprecated and shouldn't be used anymore. It will be removed in a future version. (brasero:5606): GLib-GObject-WARNING **: The property GtkButton:use-stock is deprecated and shouldn't be used anymore. It will be removed in a future version. $ gnote (gnote:5712): GLib-GObject-WARNING **: The property GSettings:schema is deprecated and shouldn't be used anymore. It will be removed in a future version. (gnote:5712): GLib-GObject-WARNING **: The property GtkTextTag:foreground-gdk is deprecated and shouldn't be used anymore. It will be removed in a future version. (gnote:5712): GLib-GObject-WARNING **: The property GtkSettings:gtk-menu-images is deprecated and shouldn't be used anymore. It will be removed in a future version. (gnote:5712): GLib-GObject-WARNING **: The property GtkAlignment:xalign is deprecated and shouldn't be used anymore. It will be removed in a future version. (gnote:5712): GLib-GObject-WARNING **: The property GtkAlignment:yalign is deprecated and shouldn't be used anymore. It will be removed in a future version. (gnote:5712): GLib-GObject-WARNING **: The property GtkAlignment:xscale is deprecated and shouldn't be used anymore. It will be removed in a future version. (gnote:5712): GLib-GObject-WARNING **: The property GtkAlignment:yscale is deprecated and shouldn't be used anymore. It will be removed in a future version. (gnote:5712): GLib-GObject-WARNING **: The property GtkImage:stock is deprecated and shouldn't be used anymore. It will be removed in a future version. (gnote:5712): GLib-GObject-WARNING **: The property GtkSettings:gtk-button-images is deprecated and shouldn't be used anymore. It will be removed in a future version. ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: libgtk-3-0 3.14.8-0ubuntu2 ProcVersionSignature: Ubuntu 3.19.0-7.7-generic 3.19.0 Uname: Linux 3.19.0-7-generic x86_64 ApportVersion: 2.16.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Tue Mar 10 08:34:20 2015 InstallationDate: Installed on 2013-11-26 (468 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: gtk+3.0 UpgradeStatus: Upgraded to vivid on 2015-03-07 (2 days ago) ** Affects: gtk+3.0 (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug vivid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu. https://bugs.launchpad.net/bugs/1430307 Title: Deprecation warning should be turned off for release Status in gtk+3.0 package in Ubuntu: New Bug description: A lot of applications that are currently shipping in vivid display gtk deprecation warnings. While this is useful to
[Touch-packages] [Bug 1429975] Re: nfs no longer mounted at boot with systemd
In case this is helpful: $ cat /run/systemd/generator/mnt-server.mount # Automatically generated by systemd-fstab-generator [Unit] SourcePath=/etc/fstab Documentation=man:fstab(5) man:systemd-fstab-generator(8) Before=remote-fs.target [Mount] What=192.x.x.x:/opt/share Where=/mnt/server Type=nfs Options=rw,rsize=8192,wsize=8192,hard,intr $ grep nfs /etc/fstab 192.x.x.x:/opt/share /mnt/server nfs rw,rsize=8192,wsize=8192,hard,intr 0 0 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1429975 Title: nfs no longer mounted at boot with systemd Status in systemd package in Ubuntu: In Progress Bug description: I updated my vivid laptop today, and now boot with systemd by default. Unfortunately, my nfs mount no longer mounts at boot. From syslog: Mar 9 14:38:20 mdlinux mount[866]: mount.nfs: Network is unreachable Mar 9 14:38:20 mdlinux systemd[1]: mnt-server.mount mount process exited, code=exited status=32 Mar 9 14:38:20 mdlinux systemd[1]: Failed to mount /mnt/server. Mar 9 14:38:20 mdlinux systemd[1]: Dependency failed for Remote File Systems. Mar 9 14:38:20 mdlinux systemd[1]: Job remote-fs.target/start failed with result 'dependency'. Mar 9 14:38:20 mdlinux systemd[1]: Unit mnt-server.mount entered failed state. This is happening before my network interfaces are ready: Mar 9 14:38:21 mdlinux NetworkManager[820]: info (eth0): preparing device ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: nfs-common 1:1.2.8-9ubuntu6 ProcVersionSignature: Ubuntu 3.19.0-7.7-generic 3.19.0 Uname: Linux 3.19.0-7-generic x86_64 ApportVersion: 2.16.2-0ubuntu2 Architecture: amd64 CurrentDesktop: Unity Date: Mon Mar 9 14:45:48 2015 InstallationDate: Installed on 2013-11-26 (467 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: nfs-utils UpgradeStatus: Upgraded to vivid on 2015-03-07 (2 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1429975/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1429043] Re: libicu48 4.8.1.1-3ubuntu0.3 causes libreoffice 3 calc format cells crash
I have now published a new version with the security patches put back in and the regression fixed: http://www.ubuntu.com/usn/usn-2522-3/ -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to icu in Ubuntu. https://bugs.launchpad.net/bugs/1429043 Title: libicu48 4.8.1.1-3ubuntu0.3 causes libreoffice 3 calc format cells crash Status in icu package in Ubuntu: Fix Released Bug description: Since upgrading libicu48 4.8.1.1-3ubuntu0.1 - 4.8.1.1-3ubuntu0.3 (32 bit version) yesterday, LibreOffice 3 Calc (current on Precise) immediately crashes when you select a cell or cells and go to Menu Format/Cells. The problem can be bypassed by reverting to libicu48 4.8.1.1-3 which is available in aptitude, though this back levels the system and exposes it to the security vulnerabilities fixed in the ubuntu0.3 release. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1429043/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1425071] Re: package ca-certificates 20141019ubuntu0.14.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128
** Changed in: ca-certificates (Ubuntu) Status: In Progress = New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1425071 Title: package ca-certificates 20141019ubuntu0.14.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128 Status in ca-certificates package in Ubuntu: New Bug description: failed to install/upgrade: subprocess installed post-installation script returned error exit status 128 ProblemType: Package DistroRelease: Ubuntu 14.04 Package: ca-certificates 20141019ubuntu0.14.04.1 ProcVersionSignature: Ubuntu 3.16.0-30.40~14.04.1-generic 3.16.7-ckt3 Uname: Linux 3.16.0-30-generic x86_64 ApportVersion: 2.14.1-0ubuntu3.7 Architecture: amd64 Date: Tue Feb 24 12:14:00 2015 DuplicateSignature: package:ca-certificates:20141019ubuntu0.14.04.1:subprocess installed post-installation script returned error exit status 128 ErrorMessage: subprocess installed post-installation script returned error exit status 128 InstallationDate: Installed on 2015-02-24 (0 days ago) InstallationMedia: Mythbuntu 14.04.2 LTS Trusty Tahr - Release amd64 (20150218.1) PackageArchitecture: all SourcePackage: ca-certificates Title: package ca-certificates 20141019ubuntu0.14.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1425071/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1425188] Re: Sync icu 52.1-7.1 (main) from Debian unstable (main)
It's been done, thanks. ** Changed in: icu (Ubuntu) Status: New = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to icu in Ubuntu. https://bugs.launchpad.net/bugs/1425188 Title: Sync icu 52.1-7.1 (main) from Debian unstable (main) Status in icu package in Ubuntu: Fix Released Bug description: Please sync icu 52.1-7.1 (main) from Debian unstable (main) Changelog entries since current vivid version 52.1-7: icu (52.1-7.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Unfixed issue from the previous upload (closes: #776264) - CVE-2014-6585: out-of-bounds read. * Issues fixed in chromium 40.0.2214.91 (closes: #776265, #776719). - CVE-2014-7923: memory corruption in regular expression comparison. - CVE-2014-7926: memory corruption in regular expression comparison. - CVE-2014-7940: uninitialized memory in i18n/icol.cpp. - CVE-2014-9654: more regular expression handling issues. -- Michael Gilbert mgilb...@debian.org Sun, 15 Feb 2015 22:19:14 + To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1425188/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1429043] Re: libicu48 4.8.1.1-3ubuntu0.3 causes libreoffice 3 calc format cells crash
I can reproduce this issue, and will investigate it. ** Changed in: icu (Ubuntu) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to icu in Ubuntu. https://bugs.launchpad.net/bugs/1429043 Title: libicu48 4.8.1.1-3ubuntu0.3 causes libreoffice 3 calc format cells crash Status in icu package in Ubuntu: Confirmed Bug description: Since upgrading libicu48 4.8.1.1-3ubuntu0.1 - 4.8.1.1-3ubuntu0.3 (32 bit version) yesterday, LibreOffice 3 Calc (current on Precise) immediately crashes when you select a cell or cells and go to Menu Format/Cells. The problem can be bypassed by reverting to libicu48 4.8.1.1-3 which is available in aptitude, though this back levels the system and exposes it to the security vulnerabilities fixed in the ubuntu0.3 release. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1429043/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1430280] Re: NetworkManager-wait-online.service not enabled after package installation
I confirm the instructions in comment #6 have solved my issue with nfs mounts at boot. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1430280 Title: NetworkManager-wait-online.service not enabled after package installation Status in network-manager package in Ubuntu: Confirmed Bug description: After installing NetworkManager in a fresh vivid VM, NetworkManager- wait-online.service is disabled. We should consider enabling it on systems which don't have any static interfaces in /etc/network/interfaces, so that units that need network-online.target work properly. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1430280/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1315434] Re: Mouse with no time remaining estimate showing in preference to battery being charged
Devices that report a wrong time remaining need to be blacklisted, just like any other misbehaving hardware device. The fact that such devices exist is not a valid reason to get rid of a sane and elegant notification system. Do you own a mouse with an incorrect time remaining estimate? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to indicator-power in Ubuntu. https://bugs.launchpad.net/bugs/1315434 Title: Mouse with no time remaining estimate showing in preference to battery being charged Status in indicator-power package in Ubuntu: In Progress Bug description: When my laptop battery is in a charging state, but is not fully charged, I expect it to be displayed in preference to my mouse, which has no time remaining estimate. The spec here: https://wiki.ubuntu.com/Power says: If anything is discharging, the menu title should represent the component (not battery, but component) that is estimated to lose power first. For example, if your notebook battery is estimated to discharge in 1 hour 47 minutes, and your wireless mouse battery is estimated to discharge in 27 minutes, the menu title should represent the mouse. but there doesn't seem to be any guideline to what happens when a battery is being charged. I suggest the time remaining to charge a battery should be displayed in preference to the power level in a wireless mouse. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: indicator-power 12.10.6+14.04.20140411-0ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9 Uname: Linux 3.13.0-24-generic x86_64 ApportVersion: 2.14.1-0ubuntu3 Architecture: amd64 CurrentDesktop: Unity Date: Fri May 2 11:50:36 2014 InstallationDate: Installed on 2013-11-26 (156 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: indicator-power UpgradeStatus: Upgraded to trusty on 2014-01-17 (104 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/indicator-power/+bug/1315434/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1315434] Re: Mouse with no time remaining estimate showing in preference to battery being charged
JW, It will, yes. If your laptop battery is charging, or is discharging, it will now be shown in preference to your mouse. If your laptop battery is fully charged, your mouse will be shown. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to indicator-power in Ubuntu. https://bugs.launchpad.net/bugs/1315434 Title: Mouse with no time remaining estimate showing in preference to battery being charged Status in indicator-power package in Ubuntu: In Progress Bug description: When my laptop battery is in a charging state, but is not fully charged, I expect it to be displayed in preference to my mouse, which has no time remaining estimate. The spec here: https://wiki.ubuntu.com/Power says: If anything is discharging, the menu title should represent the component (not battery, but component) that is estimated to lose power first. For example, if your notebook battery is estimated to discharge in 1 hour 47 minutes, and your wireless mouse battery is estimated to discharge in 27 minutes, the menu title should represent the mouse. but there doesn't seem to be any guideline to what happens when a battery is being charged. I suggest the time remaining to charge a battery should be displayed in preference to the power level in a wireless mouse. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: indicator-power 12.10.6+14.04.20140411-0ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9 Uname: Linux 3.13.0-24-generic x86_64 ApportVersion: 2.14.1-0ubuntu3 Architecture: amd64 CurrentDesktop: Unity Date: Fri May 2 11:50:36 2014 InstallationDate: Installed on 2013-11-26 (156 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: indicator-power UpgradeStatus: Upgraded to trusty on 2014-01-17 (104 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/indicator-power/+bug/1315434/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1315434] Re: Mouse with no time remaining estimate showing in preference to battery being charged
Devices that report a wrong time remaining need to be blacklisted, just like any other misbehaving hardware device. Even if this means most devices will need to be blacklisted? Wouldn't it require an extreme amount of effort to start blacklisting every mouse that doesn't work with this feature? I have never actually seen a mouse that gives an estimated time remaining, so I don't think it would be much of an issue. Most mice I've seen don't give a time remaining, they only give a percentage of battery left, which works fine with the latest commit. Do you own a mouse that gives a time remaining, and that the time remaining is grossly inaccurate? If so, could you please attach the output of upower --dump? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to indicator-power in Ubuntu. https://bugs.launchpad.net/bugs/1315434 Title: Mouse with no time remaining estimate showing in preference to battery being charged Status in indicator-power package in Ubuntu: In Progress Bug description: When my laptop battery is in a charging state, but is not fully charged, I expect it to be displayed in preference to my mouse, which has no time remaining estimate. The spec here: https://wiki.ubuntu.com/Power says: If anything is discharging, the menu title should represent the component (not battery, but component) that is estimated to lose power first. For example, if your notebook battery is estimated to discharge in 1 hour 47 minutes, and your wireless mouse battery is estimated to discharge in 27 minutes, the menu title should represent the mouse. but there doesn't seem to be any guideline to what happens when a battery is being charged. I suggest the time remaining to charge a battery should be displayed in preference to the power level in a wireless mouse. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: indicator-power 12.10.6+14.04.20140411-0ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9 Uname: Linux 3.13.0-24-generic x86_64 ApportVersion: 2.14.1-0ubuntu3 Architecture: amd64 CurrentDesktop: Unity Date: Fri May 2 11:50:36 2014 InstallationDate: Installed on 2013-11-26 (156 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: indicator-power UpgradeStatus: Upgraded to trusty on 2014-01-17 (104 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/indicator-power/+bug/1315434/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1436330] Re: Network Manager doesn't set metric for local networks any more, causing connection issues
** Bug watch added: GNOME Bug Tracker #723178 https://bugzilla.gnome.org/show_bug.cgi?id=723178 ** Changed in: network-manager Importance: Undecided = Unknown ** Changed in: network-manager Status: New = Unknown ** Changed in: network-manager Remote watch: None = GNOME Bug Tracker #723178 ** Also affects: network-manager (Ubuntu Vivid) Importance: Critical Status: Incomplete ** Changed in: network-manager (Ubuntu Vivid) Status: Incomplete = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1436330 Title: Network Manager doesn't set metric for local networks any more, causing connection issues Status in NetworkManager: Unknown Status in network-manager package in Ubuntu: Confirmed Status in network-manager source package in Vivid: Confirmed Bug description: With Vivid, having two connections to the same network subnet is unstable due to missing metrics for local networks. Example: Being connected to 192.168.1.0/24 via both wired and wireless will cause connectivity issues as sent packets hop between the two interfaces. It used to be that this wasn't an issue. I would go between work and home and plug in and my machine would automatically connect to wireless and it would use the lower metric ethernet interface for all communications, while the wlan interface would remain connected but unused. ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: network-manager 0.9.10.0-4ubuntu11 ProcVersionSignature: Ubuntu 3.19.0-9.9-generic 3.19.1 Uname: Linux 3.19.0-9-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.16.2-0ubuntu4 Architecture: amd64 CurrentDesktop: KDE Date: Wed Mar 25 09:17:27 2015 IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback InstallationDate: Installed on 2015-01-25 (58 days ago) InstallationMedia: Kubuntu 14.10 Utopic Unicorn - Release amd64 (20141022.1) SourcePackage: network-manager UpgradeStatus: Upgraded to vivid on 2015-03-17 (8 days ago) nmcli-nm: Error: command ['nmcli', '-f', 'all', 'nm'] failed with exit code 2: Error: Object 'nm' is unknown, try 'nmcli help'. To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1436330/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1409117] Re: GPG does not verify keys received when using --recv-keys leaving communicaiton with key servers vulnerable to MITM
Lucid is near end-of-life, we're not going to be fixing this. ** Changed in: gnupg (Ubuntu Lucid) Status: Confirmed = Won't Fix ** Changed in: gnupg2 (Ubuntu Lucid) Status: Confirmed = Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnupg in Ubuntu. https://bugs.launchpad.net/bugs/1409117 Title: GPG does not verify keys received when using --recv-keys leaving communicaiton with key servers vulnerable to MITM Status in GNU Privacy Guard: Fix Released Status in gnupg package in Ubuntu: Fix Released Status in gnupg2 package in Ubuntu: Fix Released Status in gnupg source package in Lucid: Won't Fix Status in gnupg2 source package in Lucid: Won't Fix Status in gnupg source package in Precise: Fix Released Status in gnupg2 source package in Precise: Fix Released Status in gnupg source package in Trusty: Fix Released Status in gnupg2 source package in Trusty: Fix Released Status in gnupg source package in Utopic: Fix Released Status in gnupg2 source package in Utopic: Fix Released Status in gnupg source package in Vivid: Fix Released Status in gnupg2 source package in Vivid: Fix Released Status in gnupg package in Debian: Fix Released Bug description: The patch from http://bugs.gnupg.org/gnupg/issue1579 is critical and should be backported to 12.04; right now, it is not. This leaves 12.04 users of GPG2 vulnerable to MITM attacks on gpg2 --recv-keys. See https://evil32.com/ for an example (the text that is striked out; the gpg2 package on 12.04 is still vulnerable). To manage notifications about this bug go to: https://bugs.launchpad.net/gnupg/+bug/1409117/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1371766] Re: Latest CVE-2014-5270 patch breaks ElGamal keys of 16k
This should now be fixed in stable releases also in this update: http://www.ubuntu.com/usn/usn-2554-1/ -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnupg in Ubuntu. https://bugs.launchpad.net/bugs/1371766 Title: Latest CVE-2014-5270 patch breaks ElGamal keys of 16k Status in gnupg package in Ubuntu: Fix Released Status in gnupg package in Debian: Fix Released Bug description: I'm currenty using Ubuntu 12.04.5 LTS, 32-bit. This is what i get with GnuPG version 1.4.11-3ubuntu2.6 using Enigmail (correct behavior): 2014-09-19 13:44:09.630 [CONSOLE] enigmail /usr/bin/gpg --charset utf-8 --display-charset utf-8 --batch --no-tty --status-fd 2 -a -t --encrypt --encrypt-to 0x135C7291 - r 0x0B7D1987135C7291 -u 0x135C7291 2014-09-19 13:44:40.545 [DEBUG] enigmailCommon.jsm: encryptMessageEnd: uiFlags=16, sendFlags=0142, outputLen=5768 2014-09-19 13:44:40.545 [DEBUG] enigmailCommon.jsm: parseErrorOutput: status message: gpg: 0x0B7D1987135C7291: skipped: public key already present [GNUPG:] BEGIN_ENCRYPTION 2 9 [GNUPG:] END_ENCRYPTION 2014-09-19 13:44:40.548 [DEBUG] enigmailCommon.jsm: parseErrorOutput: statusFlags = 8000 2014-09-19 13:44:40.549 [DEBUG] enigmailMsgComposeOverlay.js: Enigmail.msg.keySelection(): return toAddrStr=0x0B7D1987135C7291 bccAddrStr= 2014-09-19 13:44:40.550 [DEBUG] enigmailMsgComposeOverlay.js: hasAttachments = false 2014-09-19 13:44:40.551 [DEBUG] enigmailMsgComposeOverlay.js: Enigmail.msg.editorGetContentAs 2014-09-19 13:44:40.551 [DEBUG] enigmailMsgComposeOverlay.js: Enigmail.msg.replaceEditorText: 2014-09-19 13:44:40.556 [DEBUG] enigmailMsgComposeOverlay.js: Enigmail.msg.editorInsertText 2014-09-19 13:44:40.569 [DEBUG] enigmailMsgComposeOverlay.js: Enigmail.msg.editorInsertText 2014-09-19 13:44:40.573 [DEBUG] enigmailMsgComposeOverlay.js: Enigmail.msg.editorGetContentAs 2014-09-19 13:44:40.574 [DEBUG] enigmailMsgComposeOverlay.js: Enigmail.msg.editorGetCharset 2014-09-19 13:44:40.574 [DEBUG] enigmailMsgComposeOverlay.js: Enigmail.msg.encryptMsg: charset=utf-8 2014-09-19 13:44:40.575 [DEBUG] enigmail.js: Enigmail.encryptMessage: 9 bytes from 0x135C7291 to 0x0B7D1987135C7291 (67) 2014-09-19 13:44:40.575 [DEBUG] enigmailCommon.jsm: encryptMessageStart: uiFlags=1, from 0x135C7291 to 0x0B7D1987135C7291, hashAlgorithm=null (0043) 2014-09-19 13:44:40.575 [DEBUG] enigmailCommon.jsm: getEncryptCommand: hashAlgorithm=null 2014-09-19 13:44:40.577 enigmailCommon.jsm: execStart: command = /usr/bin/gpg --charset utf-8 --display-charset utf-8 --batch --no-tty --status-fd 2 -a -t --encrypt --sign --encrypt-to 0x135C7291 -r 0x0B7D1987135C7291 -u 0x135C7291, needPassphrase=1, domWindow=[object ChromeWindow], listener=[object Object] 2014-09-19 13:44:40.577 [DEBUG] enigmailCommon.jsm: getPassphrase: 2014-09-19 13:44:40.578 [CONSOLE] enigmail /usr/bin/gpg --charset utf-8 --display-charset utf-8 --batch --no-tty --status-fd 2 -a -t --encrypt --sign --encrypt-to 0x135C7291 -r 0x0B7D1987135C7291 -u 0x135C7291 --use-agent 2014-09-19 13:45:15.448 [DEBUG] enigmailCommon.jsm: encryptMessageEnd: uiFlags=1, sendFlags=0043, outputLen=5906 2014-09-19 13:45:15.448 [DEBUG] enigmailCommon.jsm: parseErrorOutput: status message: [GNUPG:] USERID_HINT 0B7D1987135C7291 Ciaby ci...@autistici.org [GNUPG:] NEED_PASSPHRASE 0B7D1987135C7291 0B7D1987135C7291 17 0 [GNUPG:] GOOD_PASSPHRASE gpg: 0x0B7D1987135C7291: skipped: public key already present [GNUPG:] BEGIN_SIGNING [GNUPG:] SIG_CREATED S 17 10 01 1411152280 D0178161A8FA6E506BD07C000B7D1987135C7291 [GNUPG:] BEGIN_ENCRYPTION 2 9 [GNUPG:] END_ENCRYPTION This is what i get with GnuPG version 1.4.11-3ubuntu2.7 using Enigmail (incorrect behavior): 2014-09-18 22:41:19.504 [CONSOLE] enigmail /usr/bin/gpg --charset utf-8 --display-charset utf-8 --batch --no-tty --status-fd 2 -a -t --encrypt --sign --encrypt-to 0x135 C7291 -r 0x834AC0577A169C63 -u 0x135C7291 --use-agent 2014-09-18 22:41:37.732 [DEBUG] enigmailCommon.jsm: encryptMessageEnd: uiFlags=1, sendFlags=0043, outputLen=0 2014-09-18 22:41:37.733 [DEBUG] enigmailCommon.jsm: parseErrorOutput: status message: [GNUPG:] USERID_HINT 0B7D1987135C7291 Ciaby ci...@autistici.org [GNUPG:] NEED_PASSPHRASE 0B7D1987135C7291 0B7D1987135C7291 17 0 [GNUPG:] GOOD_PASSPHRASE gpg: out of secure memory while allocating 2048 bytes gpg: (this may be caused by too many secret keys used simultaneously or due to excessive large key sizes) Obviously, the latest security patch breaks ElGamal encryption with large keys (in this case, 16384 bytes). Although GnuPG doesn't allow to generate these keys, the PGP standard (and GnuPG itself) supports large key sizes. Please review the latest patch and make sure that all key sizes are supported. To manage notifications about this bug go to:
[Touch-packages] [Bug 787027] Re: python-software-properties: keyserver receive failed: keyserver error
This bug was filed against a version of Ubuntu that is no longer supported. I am closing this bug. Please file a new one if the problem is still reproducible with Ubuntu 14.04 LTS. ** Changed in: software-properties (Ubuntu) Status: Confirmed = Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/787027 Title: python-software-properties: keyserver receive failed: keyserver error Status in software-properties package in Ubuntu: Won't Fix Bug description: Although keyserver.ubuntu.com is up and running I get a gpg error when using add-apt-repository on a newly installed ubuntu server 11.04 (64bit). I've been trying with different PPA's... redtux@kyoto:~$ sudo add-apt-repository ppa:cherokee-webserver/ppa Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver hkp://keyserver.ubuntu.com:80/ --recv 0AD0B667B67DAA477F5FF89F51BB8E83EBA7BD49 gpg: requesting key EBA7BD49 from hkp server keyserver.ubuntu.com gpg: keyserver timed out gpg: keyserver receive failed: keyserver error redtux@kyoto:~$ apt-cache policy python-software-properties python-software-properties: Installiert: 0.80.9 Kandidat:0.80.9 Versionstabelle: *** 0.80.9 0 500 http://at.archive.ubuntu.com/ubuntu/ natty/main amd64 Packages 100 /var/lib/dpkg/status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/787027/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 933659] Re: evolution calendar does not check SSL certificates
This is fixed in Ubuntu 14.04 LTS and above, and older versions will not get updated because it may break existing installation. I'm marking this bug as fixed. ** Changed in: evolution-data-server (Ubuntu) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to evolution-data-server in Ubuntu. https://bugs.launchpad.net/bugs/933659 Title: evolution calendar does not check SSL certificates Status in Evolution Data Server: Fix Released Status in evolution-data-server package in Ubuntu: Fix Released Status in evolution-data-server package in openSUSE: Won't Fix Bug description: When using a google calendar in evolution, evolution uses HTTPS. However, certificate correctness is not checked. Using a tool like sslsniff allows to capture user name and password. Given the calendar is periodically updated, it is trivial for an attacker to retrieve user private data when connected to the same local network. To manage notifications about this bug go to: https://bugs.launchpad.net/evolution-data-server/+bug/933659/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 889889] Re: Use PNG or SVG instead of GIF
I'm not fixing this in the Ubuntu openssl package, go bug upstream if you want them to change their image format. ** Changed in: openssl (Ubuntu) Status: New = Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to chardet in Ubuntu. https://bugs.launchpad.net/bugs/889889 Title: Use PNG or SVG instead of GIF Status in Ubuntu Adium Theme: Fix Released Status in ace package in Ubuntu: New Status in app-install-data-ubuntu package in Ubuntu: Confirmed Status in blender package in Ubuntu: New Status in chardet package in Ubuntu: New Status in cups package in Ubuntu: New Status in dvd+rw-tools package in Ubuntu: New Status in foo2zjs package in Ubuntu: New Status in libcgi-pm-perl package in Ubuntu: New Status in openssl package in Ubuntu: Won't Fix Status in python3.4 package in Ubuntu: New Status in software-center package in Ubuntu: Invalid Bug description: Use modern file formats such as PNG or SVG instead of the legacy GIF file formats. $ find /usr -name *.gif To manage notifications about this bug go to: https://bugs.launchpad.net/adium-theme-ubuntu/+bug/889889/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1436003] Re: ubuntu 14.04 can't shut down
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1436003 Title: ubuntu 14.04 can't shut down Status in xorg package in Ubuntu: New Bug description: My camputer can't shut down or lock after install unity tweak took dan compiz ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: xorg 1:7.7+1ubuntu8.1 ProcVersionSignature: Ubuntu 3.16.0-33.44~14.04.1-generic 3.16.7-ckt7 Uname: Linux 3.16.0-33-generic x86_64 .tmp.unity.support.test.0: ApportVersion: 2.14.1-0ubuntu3.8 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true Date: Tue Mar 24 13:52:20 2015 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu DkmsStatus: ndiswrapper, 1.59, 3.16.0-30-generic, x86_64: installed ndiswrapper, 1.59, 3.16.0-33-generic, x86_64: installed GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Trinity [Radeon HD 7520G] [1002:9990] (prog-if 00 [VGA controller]) Subsystem: Samsung Electronics Co Ltd Device [144d:c0dd] InstallationDate: Installed on 2015-03-13 (11 days ago) InstallationMedia: Ubuntu 14.04.2 LTS Trusty Tahr - Release amd64 (20150218.1) MachineType: SAMSUNG ELECTRONICS CO., LTD. 355V4C/356V4C/3445VC/3545VC ProcEnviron: LANGUAGE=en_US PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.16.0-33-generic root=UUID=4c202b17-05c7-48e4-90dc-868651309352 ro quiet splash acpi=force SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 07/04/2013 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: P09AAN dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: NP355V4X-A02ID dmi.board.vendor: SAMSUNG ELECTRONICS CO., LTD. dmi.board.version: BOARD REVISION 00 dmi.chassis.asset.tag: No Asset Tag dmi.chassis.type: 9 dmi.chassis.vendor: SAMSUNG ELECTRONICS CO., LTD. dmi.chassis.version: 0.1 dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrP09AAN:bd07/04/2013:svnSAMSUNGELECTRONICSCO.,LTD.:pn355V4C/356V4C/3445VC/3545VC:pvrP09AAN.031.CP:rvnSAMSUNGELECTRONICSCO.,LTD.:rnNP355V4X-A02ID:rvrBOARDREVISION00:cvnSAMSUNGELECTRONICSCO.,LTD.:ct9:cvr0.1: dmi.product.name: 355V4C/356V4C/3445VC/3545VC dmi.product.version: P09AAN.031.CP dmi.sys.vendor: SAMSUNG ELECTRONICS CO., LTD. version.compiz: compiz 1:0.9.11.3+14.04.20150122-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.56-1~ubuntu2 version.libgl1-mesa-dri: libgl1-mesa-dri N/A version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.xserver-xorg-core: xserver-xorg-core N/A version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati N/A version.xserver-xorg-video-intel: xserver-xorg-video-intel N/A version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau N/A xserver.bootTime: Tue Mar 24 13:49:13 2015 xserver.configfile: default xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.version: 2:1.16.0-1ubuntu1.2~trusty2 xserver.video_driver: radeon To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1436003/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1177534] Re: booting: the Quantal stopped booting after update
Ubuntu 12.10 is no longer supported. I am closing this bug report. Please file a new one if you can reproduce the issue with Ubuntu 14.04 LTS. Thank you. ** Changed in: openssl (Ubuntu) Status: New = Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1177534 Title: booting: the Quantal stopped booting after update Status in openssl package in Ubuntu: Won't Fix Bug description: Kubuntu 12.10 enters some kind of loop on boot, that makes the system virtually unusable That happens after the following: apt-get --only-upgrade install openssl Preparing to replace openssl 1.0.1c-3ubuntu2.3 (using .../openssl_1.0.1c-3ubuntu2.4_amd64.deb) ... Setting up openssl (1.0.1c-3ubuntu2.4). When I restored the system state before update and locked the openssl package with the following apt-mark hold openssl The system boots with the old version of openssl and with other updates just fine The following is the list of other updates: Install: linux-image-3.5.0-28-generic:amd64 (3.5.0-28.48), linux-headers-3.5.0-28-generic:amd64 (3.5.0-28.48), linux-headers-3.5.0-28:amd64 (3.5.0-28.48, automatic), linux-image-extra-3.5.0-28-generic:amd64 (3.5.0-28.48) Upgrade: clamav:amd64 (0.97.7+dfsg-1ubuntu0.12.10.1, 0.97.8+dfsg-1ubuntu1.12.10.1), linux-generic:amd64 (3.5.0.27.43, 3.5.0.28.44), clamav-base:amd64 (0.97.7+dfsg-1ubuntu0.12.10.1, 0.97.8+dfsg-1ubuntu1.12.10.1), libclamav6:amd64 (0.97.7+dfsg-1ubuntu0.12.10.1, 0.97.8+dfsg-1ubuntu1.12.10.1), linux-headers-generic:amd64 (3.5.0.27.43, 3.5.0.28.44), linux-image-generic:amd64 (3.5.0.27.43, 3.5.0.28.44), clamav-freshclam:amd64 (0.97.7+dfsg-1ubuntu0.12.10.1, 0.97.8+dfsg-1ubuntu1.12.10.1), linux-libc-dev:amd64 (3.5.0-27.46, 3.5.0-28.48), libssl1.0.0:amd64 (1.0.1c-3ubuntu2.3, 1.0.1c-3ubuntu2.4), libssl1.0.0:i386 (1.0.1c-3ubuntu2.3, 1.0.1c-3ubuntu2.4) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1177534/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 886489] Re: [Solved]0: acer-wireless: Wireless LAN Soft blocked: yes - DISABLED Wireless interface Intel WiFi Link 5100 not working on Packard Bell Easynote TN-65 in Ubuntu 11.1
This bug was filed for an Ubuntu version that is no longer supported. I am closing this bug. Please file a new bug if the problem is still present in Ubuntu 14.04 LTS. ** Changed in: network-manager (Ubuntu) Status: Confirmed = Won't Fix ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/886489 Title: [Solved]0: acer-wireless: Wireless LAN Soft blocked: yes - DISABLED Wireless interface Intel WiFi Link 5100 not working on Packard Bell Easynote TN-65 in Ubuntu 11.10 32 and 64-bit Status in network-manager package in Ubuntu: Won't Fix Status in network-manager package in Fedora: New Bug description: posted in the answer. See the link https://answers.launchpad.net/ubuntu/+source/network-manager/+question/177610 --- ApportVersion: 1.23-0ubuntu4 Architecture: amd64 CheckboxSubmission: 665a48dcfe9a07a3b6ad7da82c8fb62c CheckboxSystem: 395ba7d0222b82846032af4f5bf07f33 DistroRelease: Ubuntu 11.10 IfupdownConfig: auto lo iface lo inet loopback InstallationMedia: Ubuntu 11.10 Oneiric Ocelot - Release amd64 (20111012) IpRoute: default via 10.0.0.1 dev ppp0 proto static 10.0.0.1 dev ppp0 proto kernel scope link src 151.81.125.214 169.254.0.0/16 dev ppp0 scope link metric 1000 NetworkManager.state: [main] NetworkingEnabled=true WirelessEnabled=true WWANEnabled=true WimaxEnabled=true NonfreeKernelModules: fglrx Package: network-manager 0.9.1.90-0ubuntu5 PackageArchitecture: amd64 ProcEnviron: PATH=(custom, no user) LANG=it_IT.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 3.0.0-12.20-generic 3.0.4 RfKill: 0: phy0: Wireless LAN Soft blocked: no Hard blocked: no Tags: oneiric Uname: Linux 3.0.0-12-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/886489/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 326135] Re: policykit introduction broke unix user groups
The version of Ubuntu this bug applied to has been out of support for a long time now. Closing. ** Changed in: gnome-system-tools (Ubuntu) Status: Confirmed = Won't Fix ** Changed in: network-manager (Ubuntu) Status: Confirmed = Won't Fix ** Changed in: policykit-1 (Ubuntu) Status: Confirmed = Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/326135 Title: policykit introduction broke unix user groups Status in gnome-system-tools package in Ubuntu: Won't Fix Status in network-manager package in Ubuntu: Won't Fix Status in policykit package in Ubuntu: Invalid Status in policykit-1 package in Ubuntu: Won't Fix Status in ubuntu-meta package in Ubuntu: Invalid Bug description: I have set up a number of user accounts. On one of these accounts I adjusted the user privileges (System-Administration-Users and Groups-Properties-User Privileges). For one particular user I de- selected the two options: * Connect to Internet using a modem * Connect to wireless and ethernet networks However, despite disabling access to the internet, the user is still able to connect to the internet through a wireless connection. I am assuming that this is a security vulnerability, because the intention is to deny access and this doesn't occur. I am using Ubuntu 8.10 Policykit has been introduced without supporting the unix groups. (used by admins and set up by the installer) i.e. It is possible to create a policy that just said yes rather than auth_* where the default was no, for anyone in the netdev group so theiy could do it without a password. - we should ship PolicyKit config files that make use of these groups. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-system-tools/+bug/326135/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1438870] [NEW] Lock screen doesn't emit ActiveChanged signal
*** This bug is a security vulnerability *** Public security bug reported: tl;dr; Unity doesn't emit the ActiveChanged signal when the screen is locked/unlocked Long version: unity-settings-daemon's automount plugin has code to detect whether the screen is locked or not before automatically mounting a volume. This prevents someone from inserting a USB thumb drive when the screen is locked and exploiting a possible nautilus thumbnailer vulnerability. (See bug #714958 for original implementation details.) In Ubuntu 14.04, this code no longer works. Inserting a USB thumb drive while the screen is locked results in a Nautilus window opening underneath the lock screen, and the contents of the USB thumb drive being read. Since the screen lock got switched to Unity in Ubuntu 14.04, Unity no longer emits the org.gnome.ScreenSaver ActiveChanged signal when the screen gets locked or unlocked. To test: 1- in terminal, type: dbus-monitor type='signal',sender='org.gnome.ScreenSaver',interface='org.gnome.ScreenSaver' 2- Lock the screen 3- Unlock the screen 4- Notice that no signal was received ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: unity 7.3.2+15.04.20150330-0ubuntu1 ProcVersionSignature: Ubuntu 3.19.0-10.10-generic 3.19.2 Uname: Linux 3.19.0-10-generic x86_64 ApportVersion: 2.17-0ubuntu1 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CurrentDesktop: Unity Date: Tue Mar 31 15:15:48 2015 InstallationDate: Installed on 2013-11-26 (489 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: unity UpgradeStatus: Upgraded to vivid on 2015-03-07 (24 days ago) ** Affects: unity (Ubuntu) Importance: Undecided Status: New ** Affects: unity (Ubuntu Trusty) Importance: Undecided Status: New ** Affects: unity (Ubuntu Utopic) Importance: Undecided Status: New ** Affects: unity (Ubuntu Vivid) Importance: Undecided Status: New ** Tags: amd64 apport-bug third-party-packages vivid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1438870 Title: Lock screen doesn't emit ActiveChanged signal Status in unity package in Ubuntu: New Status in unity source package in Trusty: New Status in unity source package in Utopic: New Status in unity source package in Vivid: New Bug description: tl;dr; Unity doesn't emit the ActiveChanged signal when the screen is locked/unlocked Long version: unity-settings-daemon's automount plugin has code to detect whether the screen is locked or not before automatically mounting a volume. This prevents someone from inserting a USB thumb drive when the screen is locked and exploiting a possible nautilus thumbnailer vulnerability. (See bug #714958 for original implementation details.) In Ubuntu 14.04, this code no longer works. Inserting a USB thumb drive while the screen is locked results in a Nautilus window opening underneath the lock screen, and the contents of the USB thumb drive being read. Since the screen lock got switched to Unity in Ubuntu 14.04, Unity no longer emits the org.gnome.ScreenSaver ActiveChanged signal when the screen gets locked or unlocked. To test: 1- in terminal, type: dbus-monitor type='signal',sender='org.gnome.ScreenSaver',interface='org.gnome.ScreenSaver' 2- Lock the screen 3- Unlock the screen 4- Notice that no signal was received ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: unity 7.3.2+15.04.20150330-0ubuntu1 ProcVersionSignature: Ubuntu 3.19.0-10.10-generic 3.19.2 Uname: Linux 3.19.0-10-generic x86_64 ApportVersion: 2.17-0ubuntu1 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CurrentDesktop: Unity Date: Tue Mar 31 15:15:48 2015 InstallationDate: Installed on 2013-11-26 (489 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: unity UpgradeStatus: Upgraded to vivid on 2015-03-07 (24 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1438870/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1438870] Re: Lock screen doesn't emit ActiveChanged signal
** Attachment removed: JournalErrors.txt https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1438870/+attachment/4362321/+files/JournalErrors.txt ** Also affects: unity (Ubuntu Vivid) Importance: Undecided Status: New ** Also affects: unity (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: unity (Ubuntu Utopic) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1438870 Title: Lock screen doesn't emit ActiveChanged signal Status in unity package in Ubuntu: New Status in unity source package in Trusty: New Status in unity source package in Utopic: New Status in unity source package in Vivid: New Bug description: tl;dr; Unity doesn't emit the ActiveChanged signal when the screen is locked/unlocked Long version: unity-settings-daemon's automount plugin has code to detect whether the screen is locked or not before automatically mounting a volume. This prevents someone from inserting a USB thumb drive when the screen is locked and exploiting a possible nautilus thumbnailer vulnerability. (See bug #714958 for original implementation details.) In Ubuntu 14.04, this code no longer works. Inserting a USB thumb drive while the screen is locked results in a Nautilus window opening underneath the lock screen, and the contents of the USB thumb drive being read. Since the screen lock got switched to Unity in Ubuntu 14.04, Unity no longer emits the org.gnome.ScreenSaver ActiveChanged signal when the screen gets locked or unlocked. To test: 1- in terminal, type: dbus-monitor type='signal',sender='org.gnome.ScreenSaver',interface='org.gnome.ScreenSaver' 2- Lock the screen 3- Unlock the screen 4- Notice that no signal was received ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: unity 7.3.2+15.04.20150330-0ubuntu1 ProcVersionSignature: Ubuntu 3.19.0-10.10-generic 3.19.2 Uname: Linux 3.19.0-10-generic x86_64 ApportVersion: 2.17-0ubuntu1 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CurrentDesktop: Unity Date: Tue Mar 31 15:15:48 2015 InstallationDate: Installed on 2013-11-26 (489 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: unity UpgradeStatus: Upgraded to vivid on 2015-03-07 (24 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1438870/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1424206] Re: Login into the password set account without asking password during boot up.
Looks to me like the user is in the nopasswdlogin group. Please remove the user from that group and see if the problem is resolved. Thanks! ** Changed in: shadow (Ubuntu) Status: New = Incomplete ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1424206 Title: Login into the password set account without asking password during boot up. Status in shadow package in Ubuntu: Incomplete Bug description: Ubuntu 14.04 on booting login's into one of the account without asking for the password. though a password is set for all accounts. See at this link http://youtu.be/vXkAOkW-aUo ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: login 1:4.1.5.1-1ubuntu9 ProcVersionSignature: Ubuntu 3.13.0-45.74-generic 3.13.11-ckt13 Uname: Linux 3.13.0-45-generic i686 ApportVersion: 2.14.1-0ubuntu3.7 Architecture: i386 CurrentDesktop: Unity Date: Sat Feb 21 21:13:31 2015 InstallationDate: Installed on 2015-02-07 (13 days ago) InstallationMedia: Ubuntu 14.04.1 LTS Trusty Tahr - Release i386 (20140722.2) SourcePackage: shadow UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1424206/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1424308] Re: xkillxkillcompiz crashed with SIGSEGV in xcb_take_socket()
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1424308 Title: xkillxkillcompiz crashed with SIGSEGV in xcb_take_socket() Status in unity package in Ubuntu: New Bug description: unity is gone trying to get it back ProblemType: Crash DistroRelease: Ubuntu 15.04 Package: unity 7.3.1+15.04.20150219.2-0ubuntu1 ProcVersionSignature: Ubuntu 3.16.0-30.40-generic 3.16.7-ckt3 Uname: Linux 3.16.0-30-generic x86_64 NonfreeKernelModules: wl fglrx ApportVersion: 2.16.1-0ubuntu2 Architecture: amd64 Date: Sat Feb 21 21:35:21 2015 ExecutablePath: /usr/bin/compiz InstallationDate: Installed on 2015-02-21 (0 days ago) InstallationMedia: Ubuntu 14.04.2 LTS Trusty Tahr - Release amd64 (20150218.1) ProcCmdline: compiz --replace ProcEnviron: LANGUAGE=en_US TERM=xterm PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash SegvAnalysis: Segfault happened at: 0x7fd8f0d23963 xcb_take_socket+19: mov (%rdi),%edi PC (0x7fd8f0d23963) ok source (%rdi) (0x0001) not located in a known VMA region (needed readable region)! destination %edi ok SegvReason: reading NULL VMA Signal: 11 SourcePackage: unity StacktraceTop: xcb_take_socket () from /usr/lib/x86_64-linux-gnu/libxcb.so.1 ?? () from /usr/lib/x86_64-linux-gnu/libX11.so.6 _XFlush () from /usr/lib/x86_64-linux-gnu/libX11.so.6 _XGetRequest () from /usr/lib/x86_64-linux-gnu/libX11.so.6 XGetSelectionOwner () from /usr/lib/x86_64-linux-gnu/libX11.so.6 Title: compiz crashed with SIGSEGV in xcb_take_socket() UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1424308/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1425948] Re: The screen freezes and stop all process.
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally, in the report please include: 1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System - About Ubuntu. 2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by checking in Synaptic. 3) What happened and what you expected to happen. The Ubuntu community has also created debugging procedures for a wide variety of packages at https://wiki.ubuntu.com/DebuggingProcedures . Following the debugging instructions for the affected package will make your bug report much more complete. Thanks! ** Information type changed from Private Security to Public ** Changed in: indicator-sound (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to indicator-sound in Ubuntu. https://bugs.launchpad.net/bugs/1425948 Title: The screen freezes and stop all process. Status in indicator-sound package in Ubuntu: Invalid Bug description: The screen freezes and stop all process. ProblemType: Crash DistroRelease: Ubuntu 15.04 Package: indicator-sound 12.10.2+15.04.20150219.1-0ubuntu1 Uname: Linux 4.0.0-04rc1-lowlatency x86_64 ApportVersion: 2.16.1-0ubuntu2 Architecture: amd64 CrashCounter: 1 Date: Thu Feb 26 11:22:22 2015 ExecutablePath: /usr/lib/x86_64-linux-gnu/indicator-sound/indicator-sound-service InstallationDate: Installed on 2015-02-25 (0 days ago) InstallationMedia: Lubuntu 15.04 Vivid Vervet - Alpha amd64 (20150224) ProcCmdline: /usr/lib/x86_64-linux-gnu/indicator-sound/indicator-sound-service Signal: 5 SourcePackage: indicator-sound UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/indicator-sound/+bug/1425948/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1425067] Re: package ca-certificates 20141019ubuntu0.10.04.1 failed to install/upgrade: cannot access archive: No such file or directory
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1425067 Title: package ca-certificates 20141019ubuntu0.10.04.1 failed to install/upgrade: cannot access archive: No such file or directory Status in ca-certificates package in Ubuntu: New Bug description: From uname -a: Linux madmod-laptop 2.6.32-60-generic #122-Ubuntu SMP Wed May 7 20:16:42 UTC 2014 i686 GNU/Linux I'm using Ubuntu 10.04 Desktop on this computer. The update manager presented a text page with the certificates change log. The only option for the page was Close which I used. (On my 14.04 Desktop, the change log appears in the command screen and I usually just type q to bypass it so that the updates can continue.) After I clicked on the Close button, the screen didn't close but went gray as if it was busy or low on memory. Meanwhile, on the command screen, the update hung with messages such as apt-changelog ... with some options. But this just hung. I don't think that this utility apt-changelog is in my computer as there is no man page for it. (probably not in the 10.04 Ubuntu) Finally I used the force quit to kill the text page and the command screen. The update manager continued to a normal stop without completing the tasks. I then rebooted the computer and gave the command sudo apt-get autoremove to clear whatever junk had piled up. It was clean. Another attempt at using the update manager failed the same way. I then rebooted, reissued autoremove and got the other updates-- bypassing the certificate update. That set of updates installed normally and the update manager indicated that I still had certificates to go. At this point I don't remember what happened except that the certificates update failed and hung up the same way. So I aborted and used autoremove again. Otherwise the 10.04 computer is behaving normally. Hope that's useful enough info. --Dave ProblemType: Package DistroRelease: Ubuntu 10.04 Package: ca-certificates 20141019ubuntu0.10.04.1 ProcVersionSignature: Ubuntu 2.6.32-60.122-generic 2.6.32.61+drm33.26 Uname: Linux 2.6.32-60-generic i686 AptOrdering: ca-certificates: Install ca-certificates: Configure Architecture: i386 Date: Tue Feb 24 07:24:51 2015 ErrorMessage: cannot access archive: No such file or directory InstallationMedia: Ubuntu 10.04 LTS Lucid Lynx - Release i386 (20100429) PackageArchitecture: all SourcePackage: ca-certificates Title: package ca-certificates 20141019ubuntu0.10.04.1 failed to install/upgrade: cannot access archive: No such file or directory To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1425067/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1425676] Re: I don't know.
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally, in the report please include: 1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System - About Ubuntu. 2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by checking in Synaptic. 3) What happened and what you expected to happen. The Ubuntu community has also created debugging procedures for a wide variety of packages at https://wiki.ubuntu.com/DebuggingProcedures . Following the debugging instructions for the affected package will make your bug report much more complete. Thanks! ** Information type changed from Private Security to Public ** Changed in: indicator-sound (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to indicator-sound in Ubuntu. https://bugs.launchpad.net/bugs/1425676 Title: I don't know. Status in indicator-sound package in Ubuntu: Invalid Bug description: I don't know. ProblemType: Crash DistroRelease: Ubuntu 15.04 Package: indicator-sound 12.10.2+15.04.20150219.1-0ubuntu1 ProcVersionSignature: Ubuntu 3.18.0-13.14-generic 3.18.5 Uname: Linux 3.18.0-13-generic x86_64 ApportVersion: 2.16.1-0ubuntu2 Architecture: amd64 Date: Thu Feb 26 03:09:57 2015 ExecutablePath: /usr/lib/x86_64-linux-gnu/indicator-sound/indicator-sound-service InstallationDate: Installed on 2015-02-25 (0 days ago) InstallationMedia: Lubuntu 15.04 Vivid Vervet - Alpha amd64 (20150224) ProcCmdline: /usr/lib/x86_64-linux-gnu/indicator-sound/indicator-sound-service Signal: 5 SourcePackage: indicator-sound UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/indicator-sound/+bug/1425676/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1424312] Re: compiz crashed with SIGSEGV in unity::XdndStartStopNotifierImp::DndTimeoutSetup()
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1424312 Title: compiz crashed with SIGSEGV in unity::XdndStartStopNotifierImp::DndTimeoutSetup() Status in unity package in Ubuntu: New Bug description: problems with unity ProblemType: Crash DistroRelease: Ubuntu 15.04 Package: unity 7.3.1+15.04.20150219.2-0ubuntu1 ProcVersionSignature: Ubuntu 3.16.0-30.40-generic 3.16.7-ckt3 Uname: Linux 3.16.0-30-generic x86_64 NonfreeKernelModules: fglrx wl ApportVersion: 2.16.1-0ubuntu2 Architecture: amd64 CrashCounter: 1 CurrentDesktop: Unity Date: Sat Feb 21 22:08:10 2015 EcryptfsInUse: Yes ExecutablePath: /usr/bin/compiz InstallationDate: Installed on 2015-02-21 (0 days ago) InstallationMedia: Ubuntu 14.04.2 LTS Trusty Tahr - Release amd64 (20150218.1) ProcCmdline: compiz Signal: 11 SourcePackage: unity StacktraceTop: unity::XdndStartStopNotifierImp::DndTimeoutSetup() () from /usr/lib/compiz/libunityshell.so sigc::internal::signal_emit1void, unsigned long, sigc::nil::emit(sigc::internal::signal_impl*, unsigned long const) () from /usr/lib/compiz/libunityshell.so unity::PluginAdapter::Notify(CompWindow*, CompWindowNotify) () from /usr/lib/compiz/libunityshell.so unity::UnityWindow::windowNotify(CompWindowNotify) () from /usr/lib/compiz/libunityshell.so CompWindow::windowNotify(CompWindowNotify) () from /usr/lib/x86_64-linux-gnu/libcompiz_core.so.ABI-20140123 Title: compiz crashed with SIGSEGV in unity::XdndStartStopNotifierImp::DndTimeoutSetup() UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1424312/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1426275] Re: i dont know exactly
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally, in the report please include: 1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System - About Ubuntu. 2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by checking in Synaptic. 3) What happened and what you expected to happen. The Ubuntu community has also created debugging procedures for a wide variety of packages at https://wiki.ubuntu.com/DebuggingProcedures . Following the debugging instructions for the affected package will make your bug report much more complete. Thanks! ** Information type changed from Private Security to Public ** Changed in: xorg (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1426275 Title: i dont know exactly Status in xorg package in Ubuntu: Invalid Bug description: my vga card dont worksaround ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: xorg 1:7.7+1ubuntu8 ProcVersionSignature: Ubuntu 3.13.0-45.74-generic 3.13.11-ckt13 Uname: Linux 3.13.0-45-generic i686 .tmp.unity.support.test.0: ApportVersion: 2.14.1-0ubuntu3.6 Architecture: i386 CompizPlugins: [core,composite,opengl,compiztoolbox,decor,vpswitch,snap,mousepoll,resize,place,move,wall,grid,regex,imgpng,session,gnomecompat,animation,fade,staticswitcher,workarounds,scale,expo,ezoom,dbus] CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true CurrentDesktop: Unity Date: Fri Feb 27 16:04:12 2015 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu ExtraDebuggingInterest: I just need to know a workaround GraphicsCard: Intel Corporation 3rd Gen Core processor Graphics Controller [8086:0166] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Toshiba America Info Systems Device [1179:fa41] InstallationDate: Installed on 2014-12-04 (85 days ago) InstallationMedia: Ubuntu 14.04 LTS Trusty Tahr - Release i386 (20140417) MachineType: TOSHIBA Satellite S55-A ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-45-generic root=UUID=9285322c-558d-489a-8a2d-6df072507cb9 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 04/22/2014 dmi.bios.vendor: Insyde Corp. dmi.bios.version: 1.70 dmi.board.asset.tag: Type2 - Board Asset Tag dmi.board.name: VG10F dmi.board.vendor: Intel dmi.board.version: Type2 - Board Version dmi.chassis.asset.tag: No Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: OEM Chassis Manufacturer dmi.chassis.version: OEM Chassis Version dmi.modalias: dmi:bvnInsydeCorp.:bvr1.70:bd04/22/2014:svnTOSHIBA:pnSatelliteS55-A:pvrPSKJJU-018009B:rvnIntel:rnVG10F:rvrType2-BoardVersion:cvnOEMChassisManufacturer:ct10:cvrOEMChassisVersion: dmi.product.name: Satellite S55-A dmi.product.version: PSKJJU-018009B dmi.sys.vendor: TOSHIBA version.compiz: compiz 1:0.9.11.3+14.04.20141104-0ubuntu1 version.libdrm2: libdrm2 2.4.56-1~ubuntu1 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.3-0ubuntu0.3 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.3-0ubuntu0.3 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2.6 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3.1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1.4 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Fri Feb 27 14:09:24 2015 xserver.configfile: default xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.outputs: product id 17477 vendor SDC xserver.version: 2:1.15.1-0ubuntu2.6 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1426275/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1424301] Re: ubuntu
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally, in the report please include: 1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System - About Ubuntu. 2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by checking in Synaptic. 3) What happened and what you expected to happen. The Ubuntu community has also created debugging procedures for a wide variety of packages at https://wiki.ubuntu.com/DebuggingProcedures . Following the debugging instructions for the affected package will make your bug report much more complete. Thanks! ** Information type changed from Private Security to Public ** Changed in: xorg (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1424301 Title: ubuntu Status in xorg package in Ubuntu: Invalid Bug description: i worte 4 and a half hours ago and i stilll have not got a answer.3 days ago this was suppose to be fixed but it was a lie.all my files,pictures,music,videos are all missing because of this probelm with ubuntu.it still won,t get off guest session,my programs are still missing but when i try to redownload them them it says they are still on ubuntu but they are not showing up ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: xorg 1:7.7+1ubuntu8 ProcVersionSignature: Ubuntu 3.13.0-45.74-generic 3.13.11-ckt13 Uname: Linux 3.13.0-45-generic x86_64 .tmp.unity.support.test.0: Error: [Errno 13] Permission denied: '/tmp/unity_support_test.0' ApportVersion: 2.14.1-0ubuntu3.6 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true CurrentDesktop: Unity CurrentDmesg: Error: command ['sh', '-c', 'dmesg | comm -13 --nocheck-order /var/log/dmesg -'] failed with exit code 1: comm: /var/log/dmesg: Permission denied Date: Sat Feb 21 20:06:15 2015 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu ExtraDebuggingInterest: Yes, including running git bisection searches GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Wrestler [Radeon HD 6310] [1002:9802] (prog-if 00 [VGA controller]) Subsystem: Hewlett-Packard Company Device [103c:188b] InstallationDate: Installed on 2014-09-22 (152 days ago) InstallationMedia: Ubuntu 14.04.1 LTS Trusty Tahr - Release amd64 (20140722.2) MachineType: Hewlett-Packard HP 2000 Notebook PC ProcEnviron: PATH=(custom, no user) XDG_RUNTIME_DIR=set LANG=en_US.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-45-generic.efi.signed root=UUID=bb76e6fa-b809-4644-916e-7c9ba635f6f7 ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 06/26/2013 dmi.bios.vendor: Insyde dmi.bios.version: F.37 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: 188B dmi.board.vendor: Hewlett-Packard dmi.board.version: KBC Version 69.18 dmi.chassis.asset.tag: 5CG347876Q dmi.chassis.type: 10 dmi.chassis.vendor: Hewlett-Packard dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnInsyde:bvrF.37:bd06/26/2013:svnHewlett-Packard:pnHP2000NotebookPC:pvr088613000330591620100:rvnHewlett-Packard:rn188B:rvrKBCVersion69.18:cvnHewlett-Packard:ct10:cvrChassisVersion: dmi.product.name: HP 2000 Notebook PC dmi.product.version: 088613000330591620100 dmi.sys.vendor: Hewlett-Packard version.compiz: compiz 1:0.9.11.2+14.04.20140714-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.56-1~ubuntu1 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.3-0ubuntu0.3 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.3-0ubuntu0.3 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2.6 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3.1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1.3 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Sat Feb 21 19:57:17 2015 xserver.configfile: default xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.version: 2:1.15.1-0ubuntu2.6 xserver.video_driver: radeon To manage notifications about this bug go to:
[Touch-packages] [Bug 1424286] Re: bugs
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1424286 Title: bugs Status in xorg package in Ubuntu: New Bug description: i was doing a work when i start my laptop the linux grub its see a little distorsion on the screen ProblemType: Bug DistroRelease: Ubuntu 14.10 Package: xorg 1:7.7+7ubuntu2 ProcVersionSignature: Ubuntu 3.16.0-30.40-generic 3.16.7-ckt3 Uname: Linux 3.16.0-30-generic x86_64 .tmp.unity.support.test.0: ApportVersion: 2.14.7-0ubuntu8.1 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true Date: Sat Feb 21 19:04:46 2015 DistUpgraded: Fresh install DistroCodename: utopic DistroVariant: ubuntu GraphicsCard: Intel Corporation Mobile 4 Series Chipset Integrated Graphics Controller [8086:2a42] (rev 07) (prog-if 00 [VGA controller]) Subsystem: Toshiba America Info Systems Device [1179:fde0] Subsystem: Toshiba America Info Systems Device [1179:fde0] InstallationDate: Installed on 2015-01-27 (25 days ago) InstallationMedia: Ubuntu 14.10 Utopic Unicorn - Release amd64 (20141022.1) MachineType: TOSHIBA Satellite C655 ProcEnviron: LANGUAGE=es_PR:es PATH=(custom, no user) LANG=es_PR.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.16.0-30-generic root=UUID=6bee895c-8dc6-4ee3-aa93-0ddd1bed5b9a ro splash quiet SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 07/07/2011 dmi.bios.vendor: INSYDE dmi.bios.version: 1.70 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: Portable PC dmi.board.vendor: TOSHIBA dmi.board.version: Base Board Version dmi.chassis.asset.tag: No Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: Chassis Manufacturer dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnINSYDE:bvr1.70:bd07/07/2011:svnTOSHIBA:pnSatelliteC655:pvrPSC08U-061037:rvnTOSHIBA:rnPortablePC:rvrBaseBoardVersion:cvnChassisManufacturer:ct10:cvrChassisVersion: dmi.product.name: Satellite C655 dmi.product.version: PSC08U-061037 dmi.sys.vendor: TOSHIBA version.compiz: compiz 1:0.9.12+14.10.20140918-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.56-1 version.libgl1-mesa-dri: libgl1-mesa-dri 10.3.2-0ubuntu0.1 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.3.2-0ubuntu0.1 version.xserver-xorg-core: xserver-xorg-core 2:1.16.0-1ubuntu1.3 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.9.0-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.4.0-2ubuntu2 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.914-1~exp1ubuntu4.2 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.11-1ubuntu2 xserver.bootTime: Sat Feb 21 18:58:14 2015 xserver.configfile: default xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.outputs: product id5522 vendor CMO xserver.version: 2:1.16.0-1ubuntu1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1424286/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1424375] Re: package rsyslog-mysql 7.4.4-1ubuntu2.5 failed to install/upgrade: sub-processo script pre-removal instalado retornou estado de saída de erro 1
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1424375 Title: package rsyslog-mysql 7.4.4-1ubuntu2.5 failed to install/upgrade: sub- processo script pre-removal instalado retornou estado de saída de erro 1 Status in rsyslog package in Ubuntu: New Bug description: Não sei explicar o que aconteceu. ProblemType: Package DistroRelease: Ubuntu 14.04 Package: rsyslog-mysql 7.4.4-1ubuntu2.5 ProcVersionSignature: Ubuntu 3.13.0-45.74-generic 3.13.11-ckt13 Uname: Linux 3.13.0-45-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.14.1-0ubuntu3.7 Architecture: amd64 Date: Sun Feb 22 10:40:48 2015 ErrorMessage: sub-processo script pre-removal instalado retornou estado de saída de erro 1 InstallationDate: Installed on 2015-02-10 (12 days ago) InstallationMedia: Xubuntu 14.04.1 LTS Trusty Tahr - Release amd64 (20140723) SourcePackage: rsyslog Title: package rsyslog-mysql 7.4.4-1ubuntu2.5 failed to install/upgrade: sub-processo script pre-removal instalado retornou estado de saída de erro 1 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1424375/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1426518] Re: Windowed fullscreen apps left sided corruption
Oh! I see, sorry, I got confused as I thought the video was showing the whole desktop. That really is a weird bug, and I can't reproduce it on my machines with the intel driver. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1426518 Title: Windowed fullscreen apps left sided corruption Status in Unity: Triaged Status in unity package in Ubuntu: Triaged Bug description: This is a bug that I presumed was known but after talking about it on reddit I went looking and couldn't find a report about it. To reproduce the bug: 1. Open either Steam, a game or google chrome 2. Open into fullscreen, if the corruption isn't there toggle fullscreen on and off a few times You will see a bit of dead space on the left side beside the Unity sidebar, the corruption is just graphical so all the buttons still are in their old positions they just look like they are offset. As well as that all the content of the page or what ever is still in the same position so its very easy to miss click things obviously. I made a video of the problem: https://www.youtube.com/watch?v=-wSb93MBCgI ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: unity 7.2.4+14.04.20141217-0ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-46.75-generic 3.13.11-ckt15 Uname: Linux 3.13.0-46-generic x86_64 NonfreeKernelModules: fglrx .tmp.unity.support.test.0: ApportVersion: 2.14.1-0ubuntu3.7 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true CurrentDesktop: Unity Date: Fri Feb 27 18:41:57 2015 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu DkmsStatus: fglrx-core, 14.501, 3.13.0-45-generic, x86_64: installed fglrx-core, 14.501, 3.13.0-46-generic, x86_64: installed GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Curacao PRO [Radeon R9 270] [1002:6811] (prog-if 00 [VGA controller]) Subsystem: ASUSTeK Computer Inc. Device [1043:048d] InstallationDate: Installed on 2015-02-14 (13 days ago) InstallationMedia: Ubuntu 14.04.1 LTS Trusty Tahr - Release amd64 (20140722.2) MachineType: ASUS All Series ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.13.0-46-generic.efi.signed root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=7 SourcePackage: unity UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/20/2014 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 0805 dmi.board.asset.tag: To be filled by O.E.M. dmi.board.name: H81M-PLUS dmi.board.vendor: ASUSTeK COMPUTER INC. dmi.board.version: Rev X.0x dmi.chassis.asset.tag: Asset-1234567890 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr0805:bd02/20/2014:svnASUS:pnAllSeries:pvrSystemVersion:rvnASUSTeKCOMPUTERINC.:rnH81M-PLUS:rvrRevX.0x:cvnChassisManufacture:ct3:cvrChassisVersion: dmi.product.name: All Series dmi.product.version: System Version dmi.sys.vendor: ASUS version.compiz: compiz 1:0.9.11.3+14.04.20150122-0ubuntu1 version.fglrx-installer: fglrx-installer N/A version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.56-1~ubuntu2 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.3-0ubuntu0.3 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.3-0ubuntu0.3 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2.7 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3.1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1.4 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Fri Feb 27 16:20:50 2015 xserver.configfile: default xserver.errors: open /dev/dri/card0: No such file or directory AIGLX error: failed to open /usr/X11R6/lib64/modules/dri/fglrx_dri.so, error[/usr/X11R6/lib64/modules/dri/fglrx_dri.so: cannot open shared object file: No such file or directory] AIGLX error: failed to open /usr/lib64/dri/fglrx_dri.so, error[/usr/lib64/dri/fglrx_dri.so: cannot open shared object file: No such file or directory] AIGLX error: failed to open /usr/X11R6/lib/modules/dri/fglrx_dri.so, error[/usr/X11R6/lib/modules/dri/fglrx_dri.so: cannot open shared object file: No such file or directory] xserver.logfile: /var/log/Xorg.0.log xserver.version: 2:1.15.1-0ubuntu2.7 xserver.video_driver: fglrx To manage notifications about this bug go to: https://bugs.launchpad.net/unity/+bug/1426518/+subscriptions -- Mailing list:
[Touch-packages] [Bug 1426518] Re: Windowed fullscreen apps left sided corruption
How are you making Chrome go full-screen like that? If I maximize it, I still have the global menu at the top and the unity launcher on the left. If I hit f11, I no longer have the tabs or the URL bar. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1426518 Title: Windowed fullscreen apps left sided corruption Status in unity package in Ubuntu: Incomplete Bug description: This is a bug that I presumed was known but after talking about it on reddit I went looking and couldn't find a report about it. To reproduce the bug: 1. Open either Steam, a game or google chrome 2. Open into fullscreen, if the corruption isn't there toggle fullscreen on and off a few times You will see a bit of dead space on the left side beside the Unity sidebar, the corruption is just graphical so all the buttons still are in their old positions they just look like they are offset. As well as that all the content of the page or what ever is still in the same position so its very easy to miss click things obviously. I made a video of the problem: https://www.youtube.com/watch?v=-wSb93MBCgI ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: unity 7.2.4+14.04.20141217-0ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-46.75-generic 3.13.11-ckt15 Uname: Linux 3.13.0-46-generic x86_64 NonfreeKernelModules: fglrx .tmp.unity.support.test.0: ApportVersion: 2.14.1-0ubuntu3.7 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true CurrentDesktop: Unity Date: Fri Feb 27 18:41:57 2015 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu DkmsStatus: fglrx-core, 14.501, 3.13.0-45-generic, x86_64: installed fglrx-core, 14.501, 3.13.0-46-generic, x86_64: installed GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Curacao PRO [Radeon R9 270] [1002:6811] (prog-if 00 [VGA controller]) Subsystem: ASUSTeK Computer Inc. Device [1043:048d] InstallationDate: Installed on 2015-02-14 (13 days ago) InstallationMedia: Ubuntu 14.04.1 LTS Trusty Tahr - Release amd64 (20140722.2) MachineType: ASUS All Series ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.13.0-46-generic.efi.signed root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=7 SourcePackage: unity UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/20/2014 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 0805 dmi.board.asset.tag: To be filled by O.E.M. dmi.board.name: H81M-PLUS dmi.board.vendor: ASUSTeK COMPUTER INC. dmi.board.version: Rev X.0x dmi.chassis.asset.tag: Asset-1234567890 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr0805:bd02/20/2014:svnASUS:pnAllSeries:pvrSystemVersion:rvnASUSTeKCOMPUTERINC.:rnH81M-PLUS:rvrRevX.0x:cvnChassisManufacture:ct3:cvrChassisVersion: dmi.product.name: All Series dmi.product.version: System Version dmi.sys.vendor: ASUS version.compiz: compiz 1:0.9.11.3+14.04.20150122-0ubuntu1 version.fglrx-installer: fglrx-installer N/A version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.56-1~ubuntu2 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.3-0ubuntu0.3 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.3-0ubuntu0.3 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2.7 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3.1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1.4 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Fri Feb 27 16:20:50 2015 xserver.configfile: default xserver.errors: open /dev/dri/card0: No such file or directory AIGLX error: failed to open /usr/X11R6/lib64/modules/dri/fglrx_dri.so, error[/usr/X11R6/lib64/modules/dri/fglrx_dri.so: cannot open shared object file: No such file or directory] AIGLX error: failed to open /usr/lib64/dri/fglrx_dri.so, error[/usr/lib64/dri/fglrx_dri.so: cannot open shared object file: No such file or directory] AIGLX error: failed to open /usr/X11R6/lib/modules/dri/fglrx_dri.so, error[/usr/X11R6/lib/modules/dri/fglrx_dri.so: cannot open shared object file: No such file or directory] xserver.logfile: /var/log/Xorg.0.log xserver.version: 2:1.15.1-0ubuntu2.7 xserver.video_driver: fglrx To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1426518/+subscriptions -- Mailing list:
[Touch-packages] [Bug 1426518] Re: Windowed fullscreen apps left sided corruption
Possibly related to bug 1390234 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1426518 Title: Windowed fullscreen apps left sided corruption Status in Unity: Triaged Status in unity package in Ubuntu: Triaged Bug description: This is a bug that I presumed was known but after talking about it on reddit I went looking and couldn't find a report about it. To reproduce the bug: 1. Open either Steam, a game or google chrome 2. Open into fullscreen, if the corruption isn't there toggle fullscreen on and off a few times You will see a bit of dead space on the left side beside the Unity sidebar, the corruption is just graphical so all the buttons still are in their old positions they just look like they are offset. As well as that all the content of the page or what ever is still in the same position so its very easy to miss click things obviously. I made a video of the problem: https://www.youtube.com/watch?v=-wSb93MBCgI ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: unity 7.2.4+14.04.20141217-0ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-46.75-generic 3.13.11-ckt15 Uname: Linux 3.13.0-46-generic x86_64 NonfreeKernelModules: fglrx .tmp.unity.support.test.0: ApportVersion: 2.14.1-0ubuntu3.7 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true CurrentDesktop: Unity Date: Fri Feb 27 18:41:57 2015 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu DkmsStatus: fglrx-core, 14.501, 3.13.0-45-generic, x86_64: installed fglrx-core, 14.501, 3.13.0-46-generic, x86_64: installed GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Curacao PRO [Radeon R9 270] [1002:6811] (prog-if 00 [VGA controller]) Subsystem: ASUSTeK Computer Inc. Device [1043:048d] InstallationDate: Installed on 2015-02-14 (13 days ago) InstallationMedia: Ubuntu 14.04.1 LTS Trusty Tahr - Release amd64 (20140722.2) MachineType: ASUS All Series ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.13.0-46-generic.efi.signed root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=7 SourcePackage: unity UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/20/2014 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 0805 dmi.board.asset.tag: To be filled by O.E.M. dmi.board.name: H81M-PLUS dmi.board.vendor: ASUSTeK COMPUTER INC. dmi.board.version: Rev X.0x dmi.chassis.asset.tag: Asset-1234567890 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr0805:bd02/20/2014:svnASUS:pnAllSeries:pvrSystemVersion:rvnASUSTeKCOMPUTERINC.:rnH81M-PLUS:rvrRevX.0x:cvnChassisManufacture:ct3:cvrChassisVersion: dmi.product.name: All Series dmi.product.version: System Version dmi.sys.vendor: ASUS version.compiz: compiz 1:0.9.11.3+14.04.20150122-0ubuntu1 version.fglrx-installer: fglrx-installer N/A version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.56-1~ubuntu2 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.3-0ubuntu0.3 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.3-0ubuntu0.3 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2.7 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3.1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1.4 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Fri Feb 27 16:20:50 2015 xserver.configfile: default xserver.errors: open /dev/dri/card0: No such file or directory AIGLX error: failed to open /usr/X11R6/lib64/modules/dri/fglrx_dri.so, error[/usr/X11R6/lib64/modules/dri/fglrx_dri.so: cannot open shared object file: No such file or directory] AIGLX error: failed to open /usr/lib64/dri/fglrx_dri.so, error[/usr/lib64/dri/fglrx_dri.so: cannot open shared object file: No such file or directory] AIGLX error: failed to open /usr/X11R6/lib/modules/dri/fglrx_dri.so, error[/usr/X11R6/lib/modules/dri/fglrx_dri.so: cannot open shared object file: No such file or directory] xserver.logfile: /var/log/Xorg.0.log xserver.version: 2:1.15.1-0ubuntu2.7 xserver.video_driver: fglrx To manage notifications about this bug go to: https://bugs.launchpad.net/unity/+bug/1426518/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help :
[Touch-packages] [Bug 1417637] Re: Kdeinit4 is leaking memory on every ssh login due to known bug on policykit-1
ACK on the debdiff. I've uploaded to vivid. I've uploaded to trusty and utopic for processing by the SRU team. Thanks! ** Description changed: + A memory leak in policykit causes memory exhaustion over time in + kdeinit4. + + [Test Case] + 1- check memory usage of kdeinit4 under htop (RES column) + 2- ssh in + 3- check to make sure it stays constant + + [Regression Potential] + If the patch is incorrect, policykit could possibly crash. + + Every time ssh login is made on ubuntu 14.04, kdeinit4 leaks 2-3 Mb (when kde is installed). - According to previous bug report in: https://bugs.kde.org/show_bug.cgi?id=271934 - this is a bug in policykit-1 package, and it has been already fixed on upstream. + According to previous bug report in: https://bugs.kde.org/show_bug.cgi?id=271934 + this is a bug in policykit-1 package, and it has been already fixed on upstream. Update of policykit-1 should fix this problem on kubuntu 14.04 and Ubuntu 14.04 + Kde. - This bug is severe in some specific scenarios where ssh is often used. + This bug is severe in some specific scenarios where ssh is often used. In my case, I have a lot of scripts running processes every hour between ubuntu and kubuntu machines using passwordless ssh login. In few days kubuntu machines don't have free memory, due to the referred leak. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: policykit-1 0.105-4ubuntu2 ProcVersionSignature: Ubuntu 3.13.0-43.72-generic 3.13.11.11 Uname: Linux 3.13.0-43-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.14.1-0ubuntu3.6 Architecture: amd64 CurrentDesktop: KDE Date: Tue Feb 3 15:33:04 2015 InstallationDate: Installed on 2013-09-26 (494 days ago) InstallationMedia: Kubuntu 13.10 Saucy Salamander - Alpha amd64 (20130902.2) SourcePackage: policykit-1 UpgradeStatus: Upgraded to trusty on 2014-04-14 (294 days ago) ** Changed in: policykit-1 (Ubuntu Vivid) Status: Confirmed = Fix Committed ** Changed in: policykit-1 (Ubuntu Trusty) Status: Confirmed = In Progress ** Changed in: policykit-1 (Ubuntu Utopic) Status: Confirmed = In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to policykit-1 in Ubuntu. https://bugs.launchpad.net/bugs/1417637 Title: Kdeinit4 is leaking memory on every ssh login due to known bug on policykit-1 Status in System policy: Fix Released Status in policykit-1 package in Ubuntu: Fix Committed Status in policykit-1 source package in Trusty: In Progress Status in policykit-1 source package in Utopic: In Progress Status in policykit-1 source package in Vivid: Fix Committed Bug description: A memory leak in policykit causes memory exhaustion over time in kdeinit4. [Test Case] 1- check memory usage of kdeinit4 under htop (RES column) 2- ssh in 3- check to make sure it stays constant [Regression Potential] If the patch is incorrect, policykit could possibly crash. Every time ssh login is made on ubuntu 14.04, kdeinit4 leaks 2-3 Mb (when kde is installed). According to previous bug report in: https://bugs.kde.org/show_bug.cgi?id=271934 this is a bug in policykit-1 package, and it has been already fixed on upstream. Update of policykit-1 should fix this problem on kubuntu 14.04 and Ubuntu 14.04 + Kde. This bug is severe in some specific scenarios where ssh is often used. In my case, I have a lot of scripts running processes every hour between ubuntu and kubuntu machines using passwordless ssh login. In few days kubuntu machines don't have free memory, due to the referred leak. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: policykit-1 0.105-4ubuntu2 ProcVersionSignature: Ubuntu 3.13.0-43.72-generic 3.13.11.11 Uname: Linux 3.13.0-43-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.14.1-0ubuntu3.6 Architecture: amd64 CurrentDesktop: KDE Date: Tue Feb 3 15:33:04 2015 InstallationDate: Installed on 2013-09-26 (494 days ago) InstallationMedia: Kubuntu 13.10 Saucy Salamander - Alpha amd64 (20130902.2) SourcePackage: policykit-1 UpgradeStatus: Upgraded to trusty on 2014-04-14 (294 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/policykit-1/+bug/1417637/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1315434] Re: Mouse with no time remaining estimate showing in preference to battery being charged
Here is a patch that implements the preferred sorting order as described by mpt, and described in comment #12. ** Patch added: lp1315434.patch https://bugs.launchpad.net/ubuntu/+source/indicator-power/+bug/1315434/+attachment/4334474/+files/lp1315434.patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to indicator-power in Ubuntu. https://bugs.launchpad.net/bugs/1315434 Title: Mouse with no time remaining estimate showing in preference to battery being charged Status in indicator-power package in Ubuntu: In Progress Bug description: When my laptop battery is in a charging state, but is not fully charged, I expect it to be displayed in preference to my mouse, which has no time remaining estimate. The spec here: https://wiki.ubuntu.com/Power says: If anything is discharging, the menu title should represent the component (not battery, but component) that is estimated to lose power first. For example, if your notebook battery is estimated to discharge in 1 hour 47 minutes, and your wireless mouse battery is estimated to discharge in 27 minutes, the menu title should represent the mouse. but there doesn't seem to be any guideline to what happens when a battery is being charged. I suggest the time remaining to charge a battery should be displayed in preference to the power level in a wireless mouse. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: indicator-power 12.10.6+14.04.20140411-0ubuntu1 ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9 Uname: Linux 3.13.0-24-generic x86_64 ApportVersion: 2.14.1-0ubuntu3 Architecture: amd64 CurrentDesktop: Unity Date: Fri May 2 11:50:36 2014 InstallationDate: Installed on 2013-11-26 (156 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: indicator-power UpgradeStatus: Upgraded to trusty on 2014-01-17 (104 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/indicator-power/+bug/1315434/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1425914] Re: DTLS handshake broken - precise x64
** Changed in: openssl (Ubuntu Precise) Status: Confirmed = In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1425914 Title: DTLS handshake broken - precise x64 Status in OpenSSL cryptography and SSL/TLS toolkit: Fix Released Status in openssl package in Ubuntu: Fix Released Status in openssl source package in Precise: In Progress Status in openssl source package in Trusty: Fix Released Status in openssl source package in Utopic: Fix Released Status in openssl source package in Vivid: Fix Released Bug description: Hi, there is a problem in DTLS handshake in OpenSSL library in Ubuntu 12.04 x86_64. The affected library version is libssl 1.0.1-4ubuntu5.21. The problem causes, that it is impossible to establish DTLS session with Chrome or Firefox when trying to perform a SIP call via WebRTC. The problem is fixed in OpenSSL upstream by commit https://github.com/openssl/openssl/commit/a20152bdaf7a99b006ff5a0eef081502e0e11553 committed April 4th 2012. 32bit version of Ubuntu 12.04 is not affected by this issue, because it doesn't support HMAC ciphers, which cause the problem. I've checked other distributions (Centos6, Centos7, Ubuntu 14.04 and especially Debian 7 - which should be close to Ubuntu 12.04) and all has this patch applied and thus WebRTC calls work. Please merge this upstream fix to Ubuntu 12.04 x86_64 libssl package. Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/openssl/+bug/1425914/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1417637] Re: Kdeinit4 is leaking memory on every ssh login due to known bug on policykit-1
** Changed in: policykit-1 (Ubuntu Trusty) Status: New = Confirmed ** Changed in: policykit-1 (Ubuntu Utopic) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to policykit-1 in Ubuntu. https://bugs.launchpad.net/bugs/1417637 Title: Kdeinit4 is leaking memory on every ssh login due to known bug on policykit-1 Status in System policy: Fix Released Status in policykit-1 package in Ubuntu: Confirmed Status in policykit-1 source package in Trusty: Confirmed Status in policykit-1 source package in Utopic: Confirmed Status in policykit-1 source package in Vivid: Confirmed Bug description: Every time ssh login is made on ubuntu 14.04, kdeinit4 leaks 2-3 Mb (when kde is installed). According to previous bug report in: https://bugs.kde.org/show_bug.cgi?id=271934 this is a bug in policykit-1 package, and it has been already fixed on upstream. Update of policykit-1 should fix this problem on kubuntu 14.04 and Ubuntu 14.04 + Kde. This bug is severe in some specific scenarios where ssh is often used. In my case, I have a lot of scripts running processes every hour between ubuntu and kubuntu machines using passwordless ssh login. In few days kubuntu machines don't have free memory, due to the referred leak. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: policykit-1 0.105-4ubuntu2 ProcVersionSignature: Ubuntu 3.13.0-43.72-generic 3.13.11.11 Uname: Linux 3.13.0-43-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.14.1-0ubuntu3.6 Architecture: amd64 CurrentDesktop: KDE Date: Tue Feb 3 15:33:04 2015 InstallationDate: Installed on 2013-09-26 (494 days ago) InstallationMedia: Kubuntu 13.10 Saucy Salamander - Alpha amd64 (20130902.2) SourcePackage: policykit-1 UpgradeStatus: Upgraded to trusty on 2014-04-14 (294 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/policykit-1/+bug/1417637/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1425914] Re: DTLS handshake broken - precise x64
Hi Pavel, Thanks for reporting this issue. I have prepared an update for precise which I will upload for processing by the SRU team. In the meantime, could you please describe the simple steps required to reproduce this issue, to help with testing? Thanks! ** Bug watch added: OpenSSL RT #2778 http://rt.openssl.org/Ticket/Display.html?id=2778 ** Also affects: openssl via http://rt.openssl.org/Ticket/Display.html?id=2778 Importance: Unknown Status: Unknown ** Also affects: openssl (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Vivid) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Utopic) Importance: Undecided Status: New ** Changed in: openssl (Ubuntu Trusty) Status: New = Fix Released ** Changed in: openssl (Ubuntu Utopic) Status: New = Fix Released ** Changed in: openssl (Ubuntu Vivid) Status: New = Fix Released ** Changed in: openssl (Ubuntu Precise) Status: New = Confirmed ** Changed in: openssl (Ubuntu Precise) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1425914 Title: DTLS handshake broken - precise x64 Status in OpenSSL cryptography and SSL/TLS toolkit: Unknown Status in openssl package in Ubuntu: Fix Released Status in openssl source package in Precise: Confirmed Status in openssl source package in Trusty: Fix Released Status in openssl source package in Utopic: Fix Released Status in openssl source package in Vivid: Fix Released Bug description: Hi, there is a problem in DTLS handshake in OpenSSL library in Ubuntu 12.04 x86_64. The affected library version is libssl 1.0.1-4ubuntu5.21. The problem causes, that it is impossible to establish DTLS session with Chrome or Firefox when trying to perform a SIP call via WebRTC. The problem is fixed in OpenSSL upstream by commit https://github.com/openssl/openssl/commit/a20152bdaf7a99b006ff5a0eef081502e0e11553 committed April 4th 2012. 32bit version of Ubuntu 12.04 is not affected by this issue, because it doesn't support HMAC ciphers, which cause the problem. I've checked other distributions (Centos6, Centos7, Ubuntu 14.04 and especially Debian 7 - which should be close to Ubuntu 12.04) and all has this patch applied and thus WebRTC calls work. Please merge this upstream fix to Ubuntu 12.04 x86_64 libssl package. Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/openssl/+bug/1425914/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1434464] Re: package shared-mime-info 1.3-1 failed to install/upgrade: los disparadores han entrado en bucle, abandonando
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shared-mime-info in Ubuntu. https://bugs.launchpad.net/bugs/1434464 Title: package shared-mime-info 1.3-1 failed to install/upgrade: los disparadores han entrado en bucle, abandonando Status in shared-mime-info package in Ubuntu: New Bug description: acer one aspire ProblemType: Package DistroRelease: Ubuntu 15.04 Package: shared-mime-info 1.3-1 ProcVersionSignature: Ubuntu 3.19.0-7.7-generic 3.19.0 Uname: Linux 3.19.0-7-generic i686 ApportVersion: 2.16.2-0ubuntu3 Architecture: i386 Date: Fri Mar 20 10:13:08 2015 DuplicateSignature: package:shared-mime-info:1.3-1:los disparadores han entrado en bucle, abandonando ErrorMessage: los disparadores han entrado en bucle, abandonando InstallationDate: Installed on 2015-02-06 (41 days ago) InstallationMedia: Ubuntu 15.04 Vivid Vervet - Alpha i386 (20150205) SourcePackage: shared-mime-info Title: package shared-mime-info 1.3-1 failed to install/upgrade: los disparadores han entrado en bucle, abandonando UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shared-mime-info/+bug/1434464/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1413790] Re: It's possible to bypasss lockscreen if user is in nopasswdlogin group.
In fact, the User Accounts applet in the Settings allows creating a user with no password by putting it in the nopasswdlogin group, but as soon as the screen lock comes up, the user is unable to unlock the screen. So the screen lock definitely needs to honour the nopasswdlogin group, and this is a bug with no real security implications. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1413790 Title: It's possible to bypasss lockscreen if user is in nopasswdlogin group. Status in Light Display Manager: New Status in Unity: In Progress Status in lightdm package in Ubuntu: New Status in unity package in Ubuntu: In Progress Bug description: Lightdm should not emit logind unlock signal when the user is not prompted for a password. This can lead to a security issue: # Log-in (unity session). # Add the current user to nopasswdlogin group. # Lock the sessions. # Session indicator-Switch account... # Login in again. Expected behavior: The lockscreen is still active. Current behavior: The session in unlocked. We could workaround the issue directly in unity, but IMHO would be cleaner to avoid that lightdm is emitting the logind signal. To manage notifications about this bug go to: https://bugs.launchpad.net/lightdm/+bug/1413790/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1440040] Re: reboot command is executable by anybody
The reboot command uses policykit to determine who is allowed to reboot the computer. The default policy is found in the /usr/share/polkit-1/actions/org.freedesktop.login1.policy file, specifically: action id=org.freedesktop.login1.reboot descriptionReboot the system/description defaults allow_anyauth_admin_keep/allow_any allow_inactiveauth_admin_keep/allow_inactive allow_activeyes/allow_active /defaults /action This means that if a user is on the console, they can reboot the computer. If they aren't on the console, they need to authenticate as an administrator. The reasoning behind allowing console users to shutdown and reboot is that they have physical access anyway and are able to use the power button to perform the same task. You can override the default policy by creating your own policy file in /var/lib/polkit-1/localauthority. Please see the policykit documentation for specific instructions. ** Information type changed from Private Security to Public Security ** Changed in: systemd (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1440040 Title: reboot command is executable by anybody Status in systemd package in Ubuntu: Invalid Bug description: 1) Description: Ubuntu Vivid Vervet (development branch) Release: 15.04 2) systemd: Installed: 219-6ubuntu1 Candidate: 219-6ubuntu1 Version table: *** 219-6ubuntu1 0 500 http://archive.ubuntu.com/ubuntu/ vivid/main amd64 Packages 100 /var/lib/dpkg/status 3) The `reboot` command does not need to be executable by anybody. 4) It is. ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: systemd-sysv 219-6ubuntu1 ProcVersionSignature: Ubuntu 3.19.0-10.10-generic 3.19.2 Uname: Linux 3.19.0-10-generic x86_64 ApportVersion: 2.17-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Fri Apr 3 14:51:30 2015 InstallationDate: Installed on 2015-02-02 (59 days ago) InstallationMedia: Ubuntu 14.10 Utopic Unicorn - Release amd64 (20141022.1) SourcePackage: systemd UpgradeStatus: Upgraded to vivid on 2015-03-11 (22 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1440040/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1438758] Re: User to root privilege escalation (ab)using the crash forwarding feature of apport
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1438758 Title: User to root privilege escalation (ab)using the crash forwarding feature of apport Status in Apport crash detection/reporting: In Progress Status in apport package in Ubuntu: Triaged Status in apport source package in Trusty: Triaged Status in apport source package in Utopic: Triaged Status in apport source package in Vivid: Triaged Status in apport package in Debian: New Bug description: Back in Ubuntu 14.04, I introduced an apport feature that will have it forward any crash to another apport running in the task's namespace (in the case where the pid of the task in its namespace isn't equal to that in the host namespace). This feature simply checks for the presence of /usr/share/apport/apport in the task's root directory. If it exists, it will chroot and exec the script. The problem is that as apport is a coredump handler triggered by the kernel, it'll always run as real root, regardless of the crashed task's owner and namespace. This therefore allows an unprivileged user to craft a specific filesystem structure, pivot_root to it, then crash a process inside it, causing apport outside of the namespace to execute a script as real root. By bind-mounting /proc from the host into that namespace, the unprivileged user can then access any file on the host as real root, causing the privilege escalation. An exploit is attached to this bug. It's been confirmed to be runnable as a nobody user on a regular Ubuntu system and to successfully read any file on the host. To manage notifications about this bug go to: https://bugs.launchpad.net/apport/+bug/1438758/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1437649] Re: XServer crashes when visiting web page containing PDF with Firefox
I can't reproduce this, either in a VM, or on real hardware that uses the nouveau driver. Are you still able to reproduce this with all current updates applied? ** Changed in: xorg (Ubuntu) Status: New = Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1437649 Title: XServer crashes when visiting web page containing PDF with Firefox Status in xorg package in Ubuntu: Incomplete Bug description: When opening the following link with Firefox, the X Server crashes: http://www.rauchmoebel.de/fileadmin/user_upload/Prospekte_PDF/Select/Prospekt_IMPULS_D_Webseite.pdf As such a bug might be used for evil purposes like buffer overrun to execute arbitrary code, etc. this might be security relevant. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: xorg 1:7.7+1ubuntu8.1 ProcVersionSignature: Ubuntu 3.13.0-48.80-generic 3.13.11-ckt16 Uname: Linux 3.13.0-48-generic x86_64 .tmp.unity.support.test.0: ApportVersion: 2.14.1-0ubuntu3.8 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None CurrentDesktop: XFCE Date: Sat Mar 28 16:35:21 2015 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu ExtraDebuggingInterest: Yes GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Kabini [Radeon HD 8280] [1002:9836] (prog-if 00 [VGA controller]) Subsystem: ASRock Incorporation Device [1849:9836] InstallationDate: Installed on 2014-02-25 (395 days ago) InstallationMedia: Ubuntu 14.04.1 LTS Trusty Tahr - Release amd64 (20140722.2) MachineType: To Be Filled By O.E.M. To Be Filled By O.E.M. ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-48-generic root=UUID=5e706392-b33a-488d-bd51-fc1d86c7ed43 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/21/2014 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: P1.10 dmi.board.name: AM1B-ITX dmi.board.vendor: ASRock dmi.chassis.asset.tag: To Be Filled By O.E.M. dmi.chassis.type: 3 dmi.chassis.vendor: To Be Filled By O.E.M. dmi.chassis.version: To Be Filled By O.E.M. dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrP1.10:bd02/21/2014:svnToBeFilledByO.E.M.:pnToBeFilledByO.E.M.:pvrToBeFilledByO.E.M.:rvnASRock:rnAM1B-ITX:rvr:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.: dmi.product.name: To Be Filled By O.E.M. dmi.product.version: To Be Filled By O.E.M. dmi.sys.vendor: To Be Filled By O.E.M. version.compiz: compiz 1:0.9.11.3+14.04.20150122-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.56-1~ubuntu2 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.3-0ubuntu0.4 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.3-0ubuntu0.4 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2.7 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3.1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1.4 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Sat Mar 28 16:31:08 2015 xserver.configfile: default xserver.devices: inputPower Button KEYBOARD, id 6 inputPower Button KEYBOARD, id 7 inputLite-On Technology Corp. ThinkPad USB Keyboard with TrackPoint KEYBOARD, id 8 inputLite-On Technology Corp. ThinkPad USB Keyboard with TrackPoint KEYBOARD, id 9 xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.outputs: Output HDMI-0 HDMI-1 VGA-0 xserver.version: 2:1.15.1-0ubuntu2.7 xserver.video_driver: radeon To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1437649/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1440804] Re: tracker-extract assert failure: tracker-extract: /build/buildd/openjpeg-1.5.2/libopenjpeg/cio.c:193: cio_skip: Asserção `0' falhou.
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tracker in Ubuntu. https://bugs.launchpad.net/bugs/1440804 Title: tracker-extract assert failure: tracker-extract: /build/buildd/openjpeg-1.5.2/libopenjpeg/cio.c:193: cio_skip: Asserção `0' falhou. Status in tracker package in Ubuntu: New Bug description: esta ruim ProblemType: Crash DistroRelease: Ubuntu 15.04 Package: tracker-extract 1.2.5-0ubuntu2 ProcVersionSignature: Ubuntu 3.19.0-12.12-generic 3.19.3 Uname: Linux 3.19.0-12-generic i686 ApportVersion: 2.17-0ubuntu1 Architecture: i386 AssertionMessage: tracker-extract: /build/buildd/openjpeg-1.5.2/libopenjpeg/cio.c:193: cio_skip: Asserção `0' falhou. CrashCounter: 1 CurrentDesktop: GNOME Date: Mon Apr 6 13:21:04 2015 ExecutablePath: /usr/lib/tracker/tracker-extract InstallationDate: Installed on 2015-04-06 (0 days ago) InstallationMedia: Ubuntu-GNOME 15.04 Vivid Vervet - Beta i386 (20150326) ProcCmdline: /usr/lib/tracker/tracker-extract ProcEnviron: LANGUAGE=pt_BR:pt:en PATH=(custom, no user) XDG_RUNTIME_DIR=set LANG=pt_BR.UTF-8 SHELL=/bin/bash Signal: 6 SourcePackage: tracker StacktraceTop: __assert_fail_base (fmt=0xb4be1727 error: Não é possível acessar a memória no endereço 0xb4be1727, assertion=0xabb67711 0, file=0xabb672f4 /build/buildd/openjpeg-1.5.2/libopenjpeg/cio.c, line=193, function=0xb4328000 ) at assert.c:92 __GI___assert_fail (assertion=0xabb67711 0, file=0xabb672f4 /build/buildd/openjpeg-1.5.2/libopenjpeg/cio.c, line=193, function=0xabb673ec cio_skip) at assert.c:101 cio_skip () from /usr/lib/i386-linux-gnu/libopenjpeg.so.5 opj_jp2_decode () from /usr/lib/i386-linux-gnu/libopenjpeg.so.5 opj_decode_with_info () from /usr/lib/i386-linux-gnu/libopenjpeg.so.5 Title: tracker-extract assert failure: tracker-extract: /build/buildd/openjpeg-1.5.2/libopenjpeg/cio.c:193: cio_skip: Asserção `0' falhou. UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tracker/+bug/1440804/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1442844] Re: loging o unlocking screen with no password
Thanks for your comments. This does not appear to be a bug report and we are closing it. We appreciate the difficulties you are facing, but it would make more sense to raise your question in the support tracker. Please visit https://answers.launchpad.net/ubuntu/+addquestion ** Information type changed from Private Security to Public ** Changed in: unity (Ubuntu) Status: New = Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1442844 Title: loging o unlocking screen with no password Status in unity package in Ubuntu: Invalid Bug description: Hi. I can login my session without entering a password.I assigned a password to my account at installation time,and login with just typing enter. And when i lock the screen,can unlock by just clicking enter and typing anything. This problem is also present in the terminal and ttys. I installed ubuntu 14.04 x86 lts with all updates. but i haven't installed any update since installation finish. Can anybody help me with this? Thanks to all ubuntu developers for working on this operating system. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1442844/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1447821] Re: Lockscreen does not ask for ldap password
Does this happen at the login screen too, or just at the lock screen? Could you please attach the contents of /etc/pam.d ? ** Information type changed from Private Security to Public Security ** Package changed: gnome-screensaver (Ubuntu) = unity (Ubuntu) ** Changed in: unity (Ubuntu) Status: New = Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1447821 Title: Lockscreen does not ask for ldap password Status in unity package in Ubuntu: Incomplete Bug description: I manage desktops where the users log into an today updated ubuntu 14.04.1 amd64 desktop using ldap users. When the desktop goes to lockscreen, in order to unlock I may [see IMG_20150423_182816.jpg attached]: 1. Use my right ldap password: Unlock successfully; 2. Use a wrong ldap password: It doesn't unlock, showing an error message; 3. Don't use any password, just press Enter: Unlock successfully! This is a serious security failure. One unauthorized person walking around could access a machine and use it. There's no references in logs like syslog, auth.log, etc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1447821/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1447821] Re: Lockscreen does not ask for ldap password
Switching package to unity as the screenshot shows unity, not gnome- screensaver. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity in Ubuntu. https://bugs.launchpad.net/bugs/1447821 Title: Lockscreen does not ask for ldap password Status in unity package in Ubuntu: Incomplete Bug description: I manage desktops where the users log into an today updated ubuntu 14.04.1 amd64 desktop using ldap users. When the desktop goes to lockscreen, in order to unlock I may [see IMG_20150423_182816.jpg attached]: 1. Use my right ldap password: Unlock successfully; 2. Use a wrong ldap password: It doesn't unlock, showing an error message; 3. Don't use any password, just press Enter: Unlock successfully! This is a serious security failure. One unauthorized person walking around could access a machine and use it. There's no references in logs like syslog, auth.log, etc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1447821/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1447197] Re: Stale PID file, overwriting.
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a regular (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1447197 Title: Stale PID file, overwriting. Status in pulseaudio package in Ubuntu: New Bug description: I can't hear any sound henokh@henokh-Inspiron-3420:~$ pulseaudio W: [pulseaudio] pid.c: Stale PID file, overwriting. E: [pulseaudio] main.c: Daemon startup without any loaded modules, refusing to work. E: [pulseaudio] xmalloc.c: Assertion 'size 0' failed at pulse/xmalloc.c:62, function pa_xmalloc(). Aborting. Aborted ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: pulseaudio 1:4.0-0ubuntu11.1 ProcVersionSignature: Ubuntu 3.13.0-48.80-generic 3.13.11-ckt16 Uname: Linux 3.13.0-48-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.14.1-0ubuntu3.8 Architecture: amd64 AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/dsp', '/dev/snd/by-path', '/dev/snd/controlC0', '/dev/snd/hwC0D0', '/dev/snd/hwC0D3', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/pcmC0D3p', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: CurrentDesktop: Unity Date: Wed Apr 22 21:01:02 2015 InstallationDate: Installed on 2014-05-11 (345 days ago) InstallationMedia: Ubuntu 14.04 LTS Trusty Tahr - Release amd64 (20140417) PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No PulseAudio daemon running, or not running as session daemon. SourcePackage: pulseaudio Symptom: audio UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 08/15/2012 dmi.bios.vendor: Dell Inc. dmi.bios.version: A03 dmi.board.name: 05JPFK dmi.board.vendor: Dell Inc. dmi.board.version: A03 dmi.chassis.type: 8 dmi.chassis.vendor: Dell Inc. dmi.chassis.version: Not Specified dmi.modalias: dmi:bvnDellInc.:bvrA03:bd08/15/2012:svnDellInc.:pnInspiron3420:pvrNotSpecified:rvnDellInc.:rn05JPFK:rvrA03:cvnDellInc.:ct8:cvrNotSpecified: dmi.product.name: Inspiron 3420 dmi.product.version: Not Specified dmi.sys.vendor: Dell Inc. modified.conffile..etc.pulse.daemon.conf: [deleted] modified.conffile..etc.pulse.default.pa: [inaccessible: [Errno 13] Permission denied: '/etc/pulse/default.pa'] modified.conffile..etc.pulse.system.pa: [deleted] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1447197/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1437649] Re: XServer crashes when visiting web page containing PDF with Firefox
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1437649 Title: XServer crashes when visiting web page containing PDF with Firefox Status in xorg package in Ubuntu: New Bug description: When opening the following link with Firefox, the X Server crashes: http://www.rauchmoebel.de/fileadmin/user_upload/Prospekte_PDF/Select/Prospekt_IMPULS_D_Webseite.pdf As such a bug might be used for evil purposes like buffer overrun to execute arbitrary code, etc. this might be security relevant. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: xorg 1:7.7+1ubuntu8.1 ProcVersionSignature: Ubuntu 3.13.0-48.80-generic 3.13.11-ckt16 Uname: Linux 3.13.0-48-generic x86_64 .tmp.unity.support.test.0: ApportVersion: 2.14.1-0ubuntu3.8 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None CurrentDesktop: XFCE Date: Sat Mar 28 16:35:21 2015 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu ExtraDebuggingInterest: Yes GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Kabini [Radeon HD 8280] [1002:9836] (prog-if 00 [VGA controller]) Subsystem: ASRock Incorporation Device [1849:9836] InstallationDate: Installed on 2014-02-25 (395 days ago) InstallationMedia: Ubuntu 14.04.1 LTS Trusty Tahr - Release amd64 (20140722.2) MachineType: To Be Filled By O.E.M. To Be Filled By O.E.M. ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-48-generic root=UUID=5e706392-b33a-488d-bd51-fc1d86c7ed43 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/21/2014 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: P1.10 dmi.board.name: AM1B-ITX dmi.board.vendor: ASRock dmi.chassis.asset.tag: To Be Filled By O.E.M. dmi.chassis.type: 3 dmi.chassis.vendor: To Be Filled By O.E.M. dmi.chassis.version: To Be Filled By O.E.M. dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrP1.10:bd02/21/2014:svnToBeFilledByO.E.M.:pnToBeFilledByO.E.M.:pvrToBeFilledByO.E.M.:rvnASRock:rnAM1B-ITX:rvr:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.: dmi.product.name: To Be Filled By O.E.M. dmi.product.version: To Be Filled By O.E.M. dmi.sys.vendor: To Be Filled By O.E.M. version.compiz: compiz 1:0.9.11.3+14.04.20150122-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.56-1~ubuntu2 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.3-0ubuntu0.4 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.3-0ubuntu0.4 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2.7 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3.1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1.4 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Sat Mar 28 16:31:08 2015 xserver.configfile: default xserver.devices: inputPower Button KEYBOARD, id 6 inputPower Button KEYBOARD, id 7 inputLite-On Technology Corp. ThinkPad USB Keyboard with TrackPoint KEYBOARD, id 8 inputLite-On Technology Corp. ThinkPad USB Keyboard with TrackPoint KEYBOARD, id 9 xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.outputs: Output HDMI-0 HDMI-1 VGA-0 xserver.version: 2:1.15.1-0ubuntu2.7 xserver.video_driver: radeon To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1437649/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1444356] Re: apparmor fails to initialise at startup
** Changed in: apparmor (Ubuntu) Status: New = Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1444356 Title: apparmor fails to initialise at startup Status in apparmor package in Ubuntu: Triaged Bug description: apparmor is failing to intitialise and start. Systemctl status -l apparmor.service output is: sudo systemctl status -l apparmor.service ● apparmor.service - LSB: AppArmor initialization Loaded: loaded (/etc/init.d/apparmor) Active: failed (Result: exit-code) since Wed 2015-04-15 09:41:55 BST; 29s ago Docs: man:systemd-sysv-generator(8) Process: 4016 ExecStart=/etc/init.d/apparmor start (code=exited, status=123) Apr 15 09:41:55 super-R720 systemd[1]: Starting LSB: AppArmor initialization... Apr 15 09:41:55 super-R720 apparmor[4016]: * Starting AppArmor profiles Apr 15 09:41:55 super-R720 apparmor[4016]: AppArmor parser error for /etc/apparmor.d/usr.bin.evince in /etc/apparmor.d/usr.bin.evince at line 14: Could not open 'abstractions/evince' Apr 15 09:41:55 super-R720 apparmor[4016]: AppArmor parser error for /etc/apparmor.d/usr.bin.evince in /etc/apparmor.d/usr.bin.evince at line 14: Could not open 'abstractions/evince' Apr 15 09:41:55 super-R720 apparmor[4016]: ...fail! Apr 15 09:41:55 super-R720 systemd[1]: apparmor.service: control process exited, code=exited status=123 Apr 15 09:41:55 super-R720 systemd[1]: Failed to start LSB: AppArmor initialization. Apr 15 09:41:55 super-R720 systemd[1]: Unit apparmor.service entered failed state. Apr 15 09:41:55 super-R720 systemd[1]: apparmor.service failed. Not secure if one app fails and thus the whole of apparmor! Output of journalctl -xe -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apparmor.service has failed. -- -- The result is failed. Apr 15 09:41:55 super-R720 systemd[1]: Unit apparmor.service entered failed stat Apr 15 09:41:55 super-R720 systemd[1]: apparmor.service failed. Apr 15 09:41:55 super-R720 polkitd(authority=local)[1197]: Unregistered Authenti Apr 15 09:41:55 super-R720 sudo[4010]: pam_unix(sudo:session): session closed fo Apr 15 09:42:11 super-R720 sudo[4121]: super : TTY=pts/1 ; PWD=/home/super ; USE Apr 15 09:42:11 super-R720 sudo[4121]: pam_unix(sudo:session): session opened fo Apr 15 09:42:11 super-R720 sudo[4121]: pam_unix(sudo:session): session closed fo Apr 15 09:42:25 super-R720 sudo[4123]: super : TTY=pts/1 ; PWD=/home/super ; USE Apr 15 09:42:25 super-R720 sudo[4123]: pam_unix(sudo:session): session opened fo Apr 15 09:42:25 super-R720 sudo[4123]: pam_unix(sudo:session): session closed fo Apr 15 09:43:59 super-R720 wpa_supplicant[1230]: wlan0: WPA: Group rekeying comp Apr 15 09:44:50 super-R720 kernel: [UFW BLOCK] IN=wlan0 OUT= MAC=00:26:c6:19:f1: Apr 15 09:44:50 super-R720 kernel: [UFW BLOCK] IN=wlan0 OUT= MAC=00:26:c6:19:f1: Apr 15 09:44:52 super-R720 kernel: [UFW BLOCK] IN=wlan0 OUT= MAC=00:26:c6:19:f1: Apr 15 09:50:10 super-R720 polkitd(authority=local)[1197]: Operator of unix-sess Apr 15 09:50:10 super-R720 pkexec[4587]: pam_unix(polkit-1:session): session ope Apr 15 09:50:10 super-R720 pkexec[4587]: pam_ck_connector(polkit-1:session): can Apr 15 09:50:10 super-R720 pkexec[4587]: super: Executing command [USER=root] [T lines 2814-2836/2836 (END) -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit apparmor.service has failed. -- -- The result is failed. Apr 15 09:41:55 super-R720 systemd[1]: Unit apparmor.service entered failed state. Apr 15 09:41:55 super-R720 systemd[1]: apparmor.service failed. Apr 15 09:41:55 super-R720 polkitd(authority=local)[1197]: Unregistered Authentication Agent for unix-process:4011:564372 (system bus name :1.6 Apr 15 09:41:55 super-R720 sudo[4010]: pam_unix(sudo:session): session closed for user root Apr 15 09:42:11 super-R720 sudo[4121]: super : TTY=pts/1 ; PWD=/home/super ; USER=root ; COMMAND=/bin/systemctl status apparmor.service Apr 15 09:42:11 super-R720 sudo[4121]: pam_unix(sudo:session): session opened for user root by super(uid=0) Apr 15 09:42:11 super-R720 sudo[4121]: pam_unix(sudo:session): session closed for user root Apr 15 09:42:25 super-R720 sudo[4123]: super : TTY=pts/1 ; PWD=/home/super ; USER=root ; COMMAND=/bin/systemctl status -l apparmor.service Apr 15 09:42:25 super-R720 sudo[4123]: pam_unix(sudo:session): session opened for user root by super(uid=0) Apr 15 09:42:25 super-R720 sudo[4123]: pam_unix(sudo:session): session closed for user root Apr 15 09:43:59 super-R720 wpa_supplicant[1230]: wlan0: WPA: Group rekeying completed with 00:1b:2f:40:85:86 [GTK=TKIP] Apr 15 09:44:50 super-R720 kernel: [UFW BLOCK] IN=wlan0 OUT= MAC=00:26:c6:19:f1:04:00:1b:2f:40:85:86:08:00 SRC=216.58.208.67
[Touch-packages] [Bug 1447078] Re: Xorg should mark damaged window areas after some timeout
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1447078 Title: Xorg should mark damaged window areas after some timeout Status in xorg package in Ubuntu: New Bug description: When applications do not respond to Xorg redraw requests (eg. a window is raised on a non compositing desktop and the applications have some computation going on, for example LibreOffice Calc) for some area of a window for some milliseconds, Xorg should fill the area with some color. Otherwise applications not serving redraw requests may expose windows showing another applications content, leading to erratic manipulation by the user into the unresponsive application, which later responds erraticallty. For example, having LibreOffice Calc do some calculations that may take a while, bring a browser to front, bring LibreOffice to front, still seeing the browser with at some time LibreOffices' progress bar popping in at the bottom. However, most of the screen may be covered by a web page, you try to enter password at, and dang, if LibreOffice is finished, the password actually appears visible inside the spreadsheet. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1447078/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1299533] Re: Reproducible crash in tiff2png (libtiff-tools), illegal free
** Information type changed from Private Security to Public Security ** Changed in: tiff (Ubuntu) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1299533 Title: Reproducible crash in tiff2png (libtiff-tools), illegal free Status in tiff package in Ubuntu: Confirmed Bug description: I'm on Linux Mint Petra (which is essentially saucy without the Ubuntu bullshit like Unity) on x86_64. Since they use your apt repo and this might possibly warrant even a CVE, I report this bug here, since you're upstream (for the packaging at least). When trying to convert a tiff file to a png using tiff2png I can reproducibly get a crash at file generation (i.e. some output is generated but it's not a valid PDF since the footer xref table is missing). The crash always occurs because of a invalid free. Addresses vary obviously (ASLR): *** Error in `tiff2pdf': free(): invalid size: 0x7faa5cabfc20 *** === Backtrace: = /lib/x86_64-linux-gnu/libc.so.6(+0x80996)[0x7faa5b005996] tiff2pdf(+0x5d76)[0x7faa5b7e9d76] tiff2pdf(+0xc0ef)[0x7faa5b7f00ef] tiff2pdf(main+0x156)[0x7faa5b7e6586] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7faa5afa6de5] tiff2pdf(+0x2a4d)[0x7faa5b7e6a4d] === Memory map: 7faa59fc9000-7faa59fde000 r-xp 08:11 262157 /lib/x86_64-linux-gnu/libgcc_s.so.1 7faa59fde000-7faa5a1dd000 ---p 00015000 08:11 262157 /lib/x86_64-linux-gnu/libgcc_s.so.1 7faa5a1dd000-7faa5a1de000 r--p 00014000 08:11 262157 /lib/x86_64-linux-gnu/libgcc_s.so.1 7faa5a1de000-7faa5a1df000 rw-p 00015000 08:11 262157 /lib/x86_64-linux-gnu/libgcc_s.so.1 7faa5a1df000-7faa5a1e2000 r-xp 08:11 266169 /lib/x86_64-linux-gnu/libdl-2.17.so 7faa5a1e2000-7faa5a3e1000 ---p 3000 08:11 266169 /lib/x86_64-linux-gnu/libdl-2.17.so 7faa5a3e1000-7faa5a3e2000 r--p 2000 08:11 266169 /lib/x86_64-linux-gnu/libdl-2.17.so 7faa5a3e2000-7faa5a3e3000 rw-p 3000 08:11 266169 /lib/x86_64-linux-gnu/libdl-2.17.so 7faa5a3e3000-7faa5a4e6000 r-xp 08:11 266205 /lib/x86_64-linux-gnu/libm-2.17.so 7faa5a4e6000-7faa5a6e5000 ---p 00103000 08:11 266205 /lib/x86_64-linux-gnu/libm-2.17.so 7faa5a6e5000-7faa5a6e6000 r--p 00102000 08:11 266205 /lib/x86_64-linux-gnu/libm-2.17.so 7faa5a6e6000-7faa5a6e7000 rw-p 00103000 08:11 266205 /lib/x86_64-linux-gnu/libm-2.17.so 7faa5a6e7000-7faa5a6ff000 r-xp 08:11 266310 /lib/x86_64-linux-gnu/libz.so.1.2.8 7faa5a6ff000-7faa5a8fe000 ---p 00018000 08:11 266310 /lib/x86_64-linux-gnu/libz.so.1.2.8 7faa5a8fe000-7faa5a8ff000 r--p 00017000 08:11 266310 /lib/x86_64-linux-gnu/libz.so.1.2.8 7faa5a8ff000-7faa5a90 rw-p 00018000 08:11 266310 /lib/x86_64-linux-gnu/libz.so.1.2.8 7faa5a90-7faa5a943000 r-xp 08:11 1446551 /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 7faa5a943000-7faa5ab43000 ---p 00043000 08:11 1446551 /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 7faa5ab43000-7faa5ab44000 r--p 00043000 08:11 1446551 /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 7faa5ab44000-7faa5ab45000 rw-p 00044000 08:11 1446551 /usr/lib/x86_64-linux-gnu/libjpeg.so.8.0.2 7faa5ab45000-7faa5ab55000 rw-p 00:00 0 7faa5ab55000-7faa5ab6 r-xp 08:11 1451362 /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 7faa5ab6-7faa5ad5f000 ---p b000 08:11 1451362 /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 7faa5ad5f000-7faa5ad6 r--p a000 08:11 1451362 /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 7faa5ad6-7faa5ad63000 rw-p b000 08:11 1451362 /usr/lib/x86_64-linux-gnu/libjbig.so.0.0.0 7faa5ad63000-7faa5ad84000 r-xp 08:11 266202 /lib/x86_64-linux-gnu/liblzma.so.5.0.0 7faa5ad84000-7faa5af83000 ---p 00021000 08:11 266202 /lib/x86_64-linux-gnu/liblzma.so.5.0.0 7faa5af83000-7faa5af84000 r--p 0002 08:11 266202 /lib/x86_64-linux-gnu/liblzma.so.5.0.0 7faa5af84000-7faa5af85000 rw-p 00021000 08:11 266202 /lib/x86_64-linux-gnu/liblzma.so.5.0.0 7faa5af85000-7faa5b142000 r-xp 08:11 266154 /lib/x86_64-linux-gnu/libc-2.17.so 7faa5b142000-7faa5b342000 ---p 001bd000 08:11 266154 /lib/x86_64-linux-gnu/libc-2.17.so 7faa5b342000-7faa5b346000 r--p 001bd000 08:11 266154
[Touch-packages] [Bug 1449245] Re: com.canonical.NMOfono.ReadImsiContexts privilege escalation
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1449245 Title: com.canonical.NMOfono.ReadImsiContexts privilege escalation Status in network-manager package in Ubuntu: Fix Released Status in network-manager source package in Trusty: Fix Released Status in network-manager source package in Utopic: Fix Released Status in network-manager source package in Vivid: Fix Released Bug description: Tavis Ormandy reports the following: Apparently you're not happy with me for discussing local privilege escalation on oss-security, so as you requested, here's what appears to be a problem in Ubuntu-specific code. I thought I'd take a quick look at D-Bus services you add in Ubuntu after the usb-creator bug, this one jumps out at me as incorrect: http://bazaar.launchpad.net/~phablet-team/network-manager/ofono-format-cleanup/view/head:/debian/patches/add_ofono _settings_support.patch#L718 Untested, but that really looks like you can call com.canonical.NMOfono.ReadImsiContexts(imsi:../../../tmp/whatever), and supply one of those glib keyfiles (i guess you just need to call it gprs)? Tavis. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1449245/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1449051] Re: Upower doesn't handle bluetooth mice properly
Here is a dump of the same mouse, but running on trusty's kernel 3.13 on a different laptop (instead of vivid from the previous dump) ** Attachment added: rocketfish-3.13.txt https://bugs.launchpad.net/ubuntu/+source/upower/+bug/1449051/+attachment/4387130/+files/rocketfish-3.13.txt -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to upower in Ubuntu. https://bugs.launchpad.net/bugs/1449051 Title: Upower doesn't handle bluetooth mice properly Status in upower package in Ubuntu: New Bug description: I have a bluetooth Logitech M557, and it is being mis-detected by Upower as a battery instead of a mouse: Device: /org/freedesktop/UPower/devices/battery_hid_00o1fo20of5oabob5_battery native-path: hid-00:1f:20:f5:ab:b5-battery model:Bluetooth Mouse M557 power supply: no updated: Mon 27 Apr 2015 10:05:22 AM EDT (13 seconds ago) has history: yes has statistics: yes battery present: yes rechargeable:yes state: discharging warning-level: none energy: 0 Wh energy-empty:0 Wh energy-full: 0 Wh energy-full-design: 0 Wh energy-rate: 0 W percentage: 100% capacity:100% icon-name: 'battery-full-symbolic' History (charge): 1430143522100.000 discharging The patch available in the upstream bug improves the situation by parsing it as a hid device, but then mistakes it for a keyboard: https://bugs.freedesktop.org/show_bug.cgi?id=86510 ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: upower 0.99.2-2 ProcVersionSignature: Ubuntu 3.19.0-15.15-generic 3.19.3 Uname: Linux 3.19.0-15-generic x86_64 ApportVersion: 2.17.2-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Mon Apr 27 10:04:20 2015 InstallationDate: Installed on 2013-11-26 (516 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: upower UpgradeStatus: Upgraded to vivid on 2015-03-07 (50 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/upower/+bug/1449051/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1449051] Re: Upower doesn't handle bluetooth mice properly
Here is the info dump of another model of bluetooth mouse that displays the same problem. ** Attachment added: rocketfish.txt https://bugs.launchpad.net/ubuntu/+source/upower/+bug/1449051/+attachment/4387125/+files/rocketfish.txt -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to upower in Ubuntu. https://bugs.launchpad.net/bugs/1449051 Title: Upower doesn't handle bluetooth mice properly Status in upower package in Ubuntu: New Bug description: I have a bluetooth Logitech M557, and it is being mis-detected by Upower as a battery instead of a mouse: Device: /org/freedesktop/UPower/devices/battery_hid_00o1fo20of5oabob5_battery native-path: hid-00:1f:20:f5:ab:b5-battery model:Bluetooth Mouse M557 power supply: no updated: Mon 27 Apr 2015 10:05:22 AM EDT (13 seconds ago) has history: yes has statistics: yes battery present: yes rechargeable:yes state: discharging warning-level: none energy: 0 Wh energy-empty:0 Wh energy-full: 0 Wh energy-full-design: 0 Wh energy-rate: 0 W percentage: 100% capacity:100% icon-name: 'battery-full-symbolic' History (charge): 1430143522100.000 discharging The patch available in the upstream bug improves the situation by parsing it as a hid device, but then mistakes it for a keyboard: https://bugs.freedesktop.org/show_bug.cgi?id=86510 ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: upower 0.99.2-2 ProcVersionSignature: Ubuntu 3.19.0-15.15-generic 3.19.3 Uname: Linux 3.19.0-15-generic x86_64 ApportVersion: 2.17.2-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Mon Apr 27 10:04:20 2015 InstallationDate: Installed on 2013-11-26 (516 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: upower UpgradeStatus: Upgraded to vivid on 2015-03-07 (50 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/upower/+bug/1449051/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1449051] Re: Upower doesn't handle bluetooth mice properly
Looks like the file layout in /sys/class/bluetooth changed between kernels 3.13 and 3.16. ** Bug watch added: freedesktop.org Bugzilla #90222 https://bugs.freedesktop.org/show_bug.cgi?id=90222 ** Also affects: upower via https://bugs.freedesktop.org/show_bug.cgi?id=90222 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to upower in Ubuntu. https://bugs.launchpad.net/bugs/1449051 Title: Upower doesn't handle bluetooth mice properly Status in Upower: Unknown Status in upower package in Ubuntu: New Bug description: I have a bluetooth Logitech M557, and it is being mis-detected by Upower as a battery instead of a mouse: Device: /org/freedesktop/UPower/devices/battery_hid_00o1fo20of5oabob5_battery native-path: hid-00:1f:20:f5:ab:b5-battery model:Bluetooth Mouse M557 power supply: no updated: Mon 27 Apr 2015 10:05:22 AM EDT (13 seconds ago) has history: yes has statistics: yes battery present: yes rechargeable:yes state: discharging warning-level: none energy: 0 Wh energy-empty:0 Wh energy-full: 0 Wh energy-full-design: 0 Wh energy-rate: 0 W percentage: 100% capacity:100% icon-name: 'battery-full-symbolic' History (charge): 1430143522100.000 discharging The patch available in the upstream bug improves the situation by parsing it as a hid device, but then mistakes it for a keyboard: https://bugs.freedesktop.org/show_bug.cgi?id=86510 ProblemType: Bug DistroRelease: Ubuntu 15.04 Package: upower 0.99.2-2 ProcVersionSignature: Ubuntu 3.19.0-15.15-generic 3.19.3 Uname: Linux 3.19.0-15-generic x86_64 ApportVersion: 2.17.2-0ubuntu1 Architecture: amd64 CurrentDesktop: Unity Date: Mon Apr 27 10:04:20 2015 InstallationDate: Installed on 2013-11-26 (516 days ago) InstallationMedia: Ubuntu 13.10 Saucy Salamander - Release amd64 (20131016.1) SourcePackage: upower UpgradeStatus: Upgraded to vivid on 2015-03-07 (50 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/upower/+bug/1449051/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
** Also affects: sudo (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: policykit-desktop-privileges (Ubuntu Utopic) Importance: Undecided Status: New ** Also affects: sudo (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: policykit-desktop-privileges (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: sudo (Ubuntu Vivid) Importance: Undecided Status: Confirmed ** Also affects: policykit-desktop-privileges (Ubuntu Vivid) Importance: Undecided Status: Opinion ** Also affects: sudo (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: policykit-desktop-privileges (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: policykit-desktop-privileges (Ubuntu Precise) Status: New = Opinion ** Changed in: policykit-desktop-privileges (Ubuntu Trusty) Status: New = Opinion ** Changed in: policykit-desktop-privileges (Ubuntu Utopic) Status: New = Opinion ** Changed in: sudo (Ubuntu Precise) Status: New = Confirmed ** Changed in: sudo (Ubuntu Trusty) Status: New = Confirmed ** Changed in: sudo (Ubuntu Utopic) Status: New = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in Cinnamon: New Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Confirmed Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Confirmed Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Confirmed Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Confirmed Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Confirmed Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/cinnamon-desktop/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
** Changed in: sudo (Ubuntu Precise) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: sudo (Ubuntu Trusty) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: sudo (Ubuntu Utopic) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) ** Changed in: sudo (Ubuntu Vivid) Assignee: (unassigned) = Marc Deslauriers (mdeslaur) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in Cinnamon: New Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Confirmed Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Confirmed Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Confirmed Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Confirmed Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Confirmed Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/cinnamon-desktop/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
