[Bug 2054621] Re: Fix PHP crashes due to accessing dangling pointers

[Brian Morton]

8.2 and 8.3 are unaffected. I'll let Athos chime in with the steps
necessary.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054621

Title:
  Fix PHP crashes due to accessing dangling pointers

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php8.1/+bug/2054621/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2054621] Re: PHP crashes on Laravel 9+ with certain extensions

[Brian Morton]

Hi Athos,

Looks great, and thanks for your help! Let me know if I can do anything
else to help with this or future bugs.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054621

Title:
  PHP crashes on Laravel 9+ with certain extensions

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php8.1/+bug/2054621/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2054621] Re: PHP crashes on Laravel 9+ with certain extensions

[Brian Morton]

** Description changed:

  SRU Justification
  
  [ Impact ]
  
  Invoking reflection via the observer API on a class with an attribute
  annotation causes a dangling pointer and segmentation fault. Certain PHP
  extensions may register an observer of an attribute instantiation using
  reflection. Since Laravel 9+ and Symfony make use of attribute
  annotations, it's a fairly common case that can be reproduced using the
  Datadog PHP extension and any Laravel application. See
  https://github.com/DataDog/dd-trace-php/issues/1734.
  
  This bug was fixed in PHP 8.1.3 https://bugs.php.net/bug.php?id=81430 in
  the PR https://github.com/php/php-src/pull/7885/files
  
- This bug potentially impacts the stability of the SRU release for anyone
+ This bug potentially impacts the stability of the LTS release for anyone
  using Laravel or Symfony which are very popular frameworks alongside
  tracing extensions.
  
  [ Test Plan ]
  
  Run the test suite for php8.1 with the test case (but not the fix) from
  the attached patch. You will observe "Bug #81430 (Attribute
  instantiation frame accessing invalid frame pointer)
  [ext/zend_test/tests/observer_bug81430_1.phpt]" in the failed tests
  section.
  
  After the patch is fully applied, both new tests pass.
  
  [ Where problems could occur ]
  
  Could potentially impact the performance or stability of reflection
  operations, but this is a fairly old patch at this point.

** Patch removed: "fix-attribute-instantion-dangling-pointer.patch"
   
https://bugs.launchpad.net/ubuntu/+source/php8.1/+bug/2054621/+attachment/5748286/+files/fix-attribute-instantion-dangling-pointer.patch

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054621

Title:
  PHP crashes on Laravel 9+ with certain extensions

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php8.1/+bug/2054621/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1891953] Re: CVE-2019-8936

[Brian Morton]

@alexmurray - The debdiff for Groovy is identical to the one from Focal
(same source package version). Let me know if you need a distinct
debdiff with the release pocket (groovy-security) identified.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1891953

Title:
  CVE-2019-8936

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1891953] Re: CVE-2019-8936

[Brian Morton]

Patch for Focal

** Patch added: "Patch for Focal"
   
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+attachment/5438836/+files/1-ntp_4.2.8p12+dfsg-3ubuntu5.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1891953

Title:
  CVE-2019-8936

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1891953] Re: CVE-2019-8936

[Brian Morton]

@alexmurray - Yes, I'll work on it this week.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1891953

Title:
  CVE-2019-8936

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1891953] Re: CVE-2019-8936

[Brian Morton]

Hi Alex, thanks very much for fixing that loose end in the changelog and
for sponsoring this fix. I can produce them for the other releases as
well.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1891953

Title:
  CVE-2019-8936

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1891953] Re: CVE-2019-8936

[Brian Morton]

** Patch added: "Debdiff for Bionic"
   
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+attachment/5402291/+files/1-4.2.8p10+dfsg-5ubuntu7.3.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1891953

Title:
  CVE-2019-8936

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1891953] Re: CVE-2019-8936

[Brian Morton]

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-8936

** Information type changed from Public to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1891953

Title:
  CVE-2019-8936

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1891953] [NEW] CVE-2019-8936

[Brian Morton]

Public bug reported:

It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer
dereference into NTP. An attacker could use this vulnerability to cause a
denial of service (crash).

https://people.canonical.com/~ubuntu-
security/cve/2019/CVE-2019-8936.html

** Affects: ntp (Ubuntu)
 Importance: Undecided
 Assignee: Brian Morton (rokclimb15)
 Status: In Progress

** Changed in: ntp (Ubuntu)
 Assignee: (unassigned) => Brian Morton (rokclimb15)

** Changed in: ntp (Ubuntu)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1891953

Title:
  CVE-2019-8936

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1891953] Re: CVE-2019-8936

[Brian Morton]

Requires security backport for Bionic only.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1891953

Title:
  CVE-2019-8936

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1891953/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1770481] Re: core: fall back to bind-mounts for PrivateDevices= execution environments

[Brian Morton]

Confirmed problem on Ubuntu 16.04 host running 16.04 container with a
packaged version of Proxysql2. Changing PrivateDevices to "no" allows
the service to start.

```
[Unit]
Description=High Performance Advanced Proxy for MySQL
After=network.target

[Service]
Type=forking
RuntimeDirectory=proxysql
ExecStart=/usr/bin/proxysql -c /etc/proxysql.cnf
PIDFile=/var/lib/proxysql/proxysql.pid
SyslogIdentifier=proxysql
Restart=no
User=proxysql
Group=proxysql
PermissionsStartOnly=true
UMask=0007
LimitNOFILE=102400
LimitCORE=1073741824
ProtectHome=yes
NoNewPrivileges=true
CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX AF_ALG
ProtectSystem=full
PrivateDevices=yes

[Install]
Alias=proxysql
WantedBy=multi-user.target
```

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1770481

Title:
  core: fall back to bind-mounts for PrivateDevices= execution
  environments

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1770481/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: [Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Ah, that makes sense.

On Mon, Dec 10, 2018 at 6:50 AM Andreas Hasenack 
wrote:

> > However, I would prefer that someone with more Apache experience
> reviewed the fix.
>
> Right, that was actually my (very unclear, sorry) point when I commented
> on upstream's interest in this, since they would be experienced
> reviewers.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1630413
>
> Title:
>   segfault in server/mpm/event/event.c:process_socket
>
> Status in apache2 package in Ubuntu:
>   Triaged
>
> Bug description:
>   We have seen consistent but infrequent segfaults of apache on a trusty
>   production server with 2.4.7-1ubuntu4.13 (for more examples, see [1])
>
>   ---
>   Oct  2 19:01:03 static kernel: [8029151.932468] apache2[10642]: segfault
> at 7fac797803a8 ip 7fac90b345e0 sp 7fac84ff8e20 error 6 in
> mod_mpm_event.so[7fac90b2e000+d000]
>   ---
>
>   Taking the ip - base seems to put us at a consistent offset
>
>   ---
>   (gdb) p/x 0x7fac90b345e0 - 0x7fac90b2e000
>   $1 = 0x65e0
>
>   $ addr2line -e ./mod_mpm_event.so  0x65e0
>   /build/apache2-Rau9Dr/apache2-2.4.7/server/mpm/event/event.c:1064
>   ---
>
>   which is at the bottom of process_socket(), which looks like
>
>   ---
> 1058  /*
> 1059   * Prevent this connection from writing to our connection
> state after it
> 1060   * is no longer associated with this thread. This would
> happen if the EOR
> 1061   * bucket is destroyed from the listener thread due to a
> connection abort
> 1062   * or timeout.
> 1063   */
> 1064  c->sbh = NULL;
> 1065  return;
> 1066  }
>   ---
>
>   1064 seems at least plausible as a faulting location...
>
>   Some digging through httpd history reveals that this assignment was
>   removed on the 2.4 branch with commit [2], which seems to be largely
>   based on [3].  Things have been shuffled around so much it's hard to
>   tell exactly what might have avoided us going down this path.  Even so
>   I'm honestly not sure how to reproduce it -- on a fairly busy server
>   it's seen at most a few times a day.
>
>   [1] http://paste.openstack.org/show/584330/
>   [2]
> https://github.com/apache/httpd/commit/043eba1a0a190829c073d9ef084358f6693dbbd2
>   [3]
> https://github.com/apache/httpd/commit/285e67883e396f97dc3aad50d9dc345f15220827
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions
>

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: [Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Andreas,

I think patching this in Ubuntu only rather than upstream makes sense for
the reasons you've outlined. However, I would prefer that someone with more
Apache experience reviewed the fix.

Thanks,

Brian

On Fri, Dec 7, 2018 at 10:21 AM Christophe Meron <1630...@bugs.launchpad.net>
wrote:

> Unfortunately, not really
>
> I can argue on why we use Trusty: as we deploy storage software which
> runs for years in controlled environment, we never upgrade OSes to new
> releases. Our older platforms are still on Trusty and that makes sense
> to me.
>
> But that doesn't make an argument to why they should fix an old version
> of apache.
>
> We can workaround our issue by using backports or hand-made packages.
> But as it seems to affect anyone using MPM + a not so heavy parallel
> workload, it seems worth fixing this in the distribution by default
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1630413
>
> Title:
>   segfault in server/mpm/event/event.c:process_socket
>
> Status in apache2 package in Ubuntu:
>   Triaged
>
> Bug description:
>   We have seen consistent but infrequent segfaults of apache on a trusty
>   production server with 2.4.7-1ubuntu4.13 (for more examples, see [1])
>
>   ---
>   Oct  2 19:01:03 static kernel: [8029151.932468] apache2[10642]: segfault
> at 7fac797803a8 ip 7fac90b345e0 sp 7fac84ff8e20 error 6 in
> mod_mpm_event.so[7fac90b2e000+d000]
>   ---
>
>   Taking the ip - base seems to put us at a consistent offset
>
>   ---
>   (gdb) p/x 0x7fac90b345e0 - 0x7fac90b2e000
>   $1 = 0x65e0
>
>   $ addr2line -e ./mod_mpm_event.so  0x65e0
>   /build/apache2-Rau9Dr/apache2-2.4.7/server/mpm/event/event.c:1064
>   ---
>
>   which is at the bottom of process_socket(), which looks like
>
>   ---
> 1058  /*
> 1059   * Prevent this connection from writing to our connection
> state after it
> 1060   * is no longer associated with this thread. This would
> happen if the EOR
> 1061   * bucket is destroyed from the listener thread due to a
> connection abort
> 1062   * or timeout.
> 1063   */
> 1064  c->sbh = NULL;
> 1065  return;
> 1066  }
>   ---
>
>   1064 seems at least plausible as a faulting location...
>
>   Some digging through httpd history reveals that this assignment was
>   removed on the 2.4 branch with commit [2], which seems to be largely
>   based on [3].  Things have been shuffled around so much it's hard to
>   tell exactly what might have avoided us going down this path.  Even so
>   I'm honestly not sure how to reproduce it -- on a fairly busy server
>   it's seen at most a few times a day.
>
>   [1] http://paste.openstack.org/show/584330/
>   [2]
> https://github.com/apache/httpd/commit/043eba1a0a190829c073d9ef084358f6693dbbd2
>   [3]
> https://github.com/apache/httpd/commit/285e67883e396f97dc3aad50d9dc345f15220827
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions
>

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1613737] Re: Proftpd - MLSD lines not properly terminated with CRLF

[Brian Morton]

Verified successfully in 1.3.5a-1ubuntu0.1

Command: MLSD
Status: Data connection established.
Reply: 150 Opening BINARY mode data connection for MLSD

Listing:
modify=20181119215133;perm=fle;type=pdir;unique=9AU7A5;UNIX.group=0;UNIX.mode=0755;UNIX.owner=0;
..

Reply: 226 Transfer complete
Status: Success

** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial

** Tags removed: removal-candidate verification-needed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Thanks for the clarification Christophe. So it sounds like the fix
addresses the problem. I think the patch in that PPA should get more
review from an Apache developer before it is used further.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Hi Christophe,

Sorry for the delay. Apparently I wasn't getting these notifications for
some reason. I'm not well versed enough with Docker to set up an
environment to reproduce. I use LXD almost exclusively. Does the crash
occur in your Docker container with my patched PPA build? Andreas seems
to indicate that it's fixed by the PPA build. Is there any non-default
configuration you're running?

Andreas, it might be worth getting a review from someone better versed
in Apache internals if possible. I just took an educated guess about the
problem based on the traceback.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1613737] Re: Proftpd - MLSD lines not properly terminated with CRLF

[Brian Morton]

** Description changed:

+ [Impact]
+ 
+  * A bug exists in Proftpd version 1.3.5a. which causes FTP sessions to
+ fail or timeout with strict clients
+ 
+  * The package, as published in LTS, does not comply with the FTP
+ protocol
+ 
+  * Ported upstream patch and test changes
+ 
+ [Test Case]
+ 
+  * Connect to an affected server with ftptest.net
+ 
+  * Prior to the patch, it will fail to perform an MLSD command with an
+ explicit error and explanation
+ 
+  * After the patch, this works as expected
+ 
+ [Regression Potential]
+ 
+  * Failures in SSL connection handling
+ 
  A bug exists in Proftpd version 1.3.5a. which causes ssl sessions to
  fail or timeout with some clients
  
  Excerpt from http://bugs.proftpd.org/show_bug.cgi?id=4202
  
  Server seems to send an improperly formatted response causing some clients to
  time out.
  
  Log from ftptest.net:
  [snip]
  Command: TYPE I
  Reply: 200 Type set to I
  Command: EPSV
  Reply: 229 Entering Extended Passive Mode (|||45766|)
  Command: MLSD
  Status: Data connection established.
  Reply: 150 Opening BINARY mode data connection for MLSD
  Error: Malformed directory listing
  Error: Line feed received without preceding carriage return
  
  This bug has been fixed upstream in version 1.3.5b I recommend getting
  this fixed this is causing a lot of havoc with my servers I've had to
  delay my rollout of 16.04 because of this.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1613737] Re: Proftpd - MLSD lines not properly terminated with CRLF

[Brian Morton]

Hi Simon,

Thanks for your notes. I've attached a new patch and I'm adding SRU
justification to the description now.

** Patch removed: "Xenial debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1613737/+attachment/5017207/+files/proftpd-dfsg_1.3.5a-1build2.debdiff

** Attachment removed: "Test log after patch"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1613737/+attachment/5017210/+files/goodtest.txt

** Patch added: "Xenial debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1613737/+attachment/5070320/+files/proftpd-dfsg_1.3.5a-1.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1613737] Re: Proftpd - MLSD lines not properly terminated with CRLF

[Brian Morton]

** Attachment added: "Test log after patch"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1613737/+attachment/5017210/+files/goodtest.txt

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1613737] Re: Proftpd - MLSD lines not properly terminated with CRLF

[Brian Morton]

** Attachment added: "Test log after patch"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1613737/+attachment/5017209/+files/goodtest.txt

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1613737] Re: Proftpd - MLSD lines not properly terminated with CRLF

[Brian Morton]

Debdiff attached for Xenial along with before and after patch test logs
from ftptest.net

** Patch added: "Xenial debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1613737/+attachment/5017207/+files/proftpd-dfsg_1.3.5a-1build2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1613737] Re: Proftpd - MLSD lines not properly terminated with CRLF

[Brian Morton]

Test log before patch

** Attachment added: "Test log before patch"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1613737/+attachment/5017208/+files/badtest.txt

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1512068] Re: Python ctypes.util , Shell Injection in find_library()

[Brian Morton]

** Changed in: python2.7 (Ubuntu Xenial)
 Assignee: (unassigned) => Brian Morton (rokclimb15)

** Changed in: python2.7 (Ubuntu)
 Assignee: Brian Morton (rokclimb15) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1512068

Title:
  Python ctypes.util , Shell Injection in find_library()

To manage notifications about this bug go to:
https://bugs.launchpad.net/python/+bug/1512068/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1613737] Re: Proftpd - MLSD lines not properly terminated with CRLF

[Brian Morton]

https://github.com/proftpd/proftpd/pull/152

** Changed in: proftpd-dfsg (Ubuntu)
 Assignee: (unassigned) => Brian Morton (rokclimb15)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1613737

Title:
  Proftpd - MLSD lines not properly terminated with CRLF

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1613737/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1398506] Re: logrotate's restart of proftpd fails to start

[Brian Morton]

*** This bug is a duplicate of bug 1246245 ***
https://bugs.launchpad.net/bugs/1246245

** This bug has been marked a duplicate of bug 1246245
   proftpd service fails to restart (including via logrotate)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1398506

Title:
  logrotate's restart of proftpd fails to start

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1398506/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1325338] Re: proftpd service stopped by it's own

[Brian Morton]

*** This bug is a duplicate of bug 1246245 ***
https://bugs.launchpad.net/bugs/1246245

** This bug has been marked a duplicate of bug 1246245
   proftpd service fails to restart (including via logrotate)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1325338

Title:
  proftpd service stopped by it's own

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1325338/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1598187] Re: mlsd/mlst fails on some clients

[Brian Morton]

*** This bug is a duplicate of bug 1613737 ***
https://bugs.launchpad.net/bugs/1613737

** This bug has been marked a duplicate of bug 1613737
   Proftpd - MLSD lines not properly terminated with CRLF

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1598187

Title:
  mlsd/mlst fails on some clients

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1598187/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1717356] Re: CVE-2016-6298

[Brian Morton]

Tests are here:
https://github.com/latchset/jwcrypto/pull/66/commits/b2b66b53bc0df72eb761959fe39700451803d8ab

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1717356

Title:
  CVE-2016-6298

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-jwcrypto/+bug/1717356/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Hi Christophe,

Thanks for your hard work on this one. Unfortunately I can't reproduce
the crash with your test. I even raised the file size to 500M, but still
nothing.

Is there anything I could be missing? Any PPA packages with newer
versions of PHP or other Apache modules loaded?

root@trusty-mpm-event-crash-test:~# apache2ctl -M
Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 fastcgi_module (shared)
 filter_module (shared)
 mime_module (shared)
 mpm_event_module (shared)
 negotiation_module (shared)
 setenvif_module (shared)
 status_module (shared)
root@trusty-mpm-event-crash-test:~# apache2ctl -S
VirtualHost configuration:
*:80   trusty-mpm-event-crash-test.lxd 
(/etc/apache2/sites-enabled/000-default.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
root@trusty-mpm-event-crash-test:~# apache2ctl -V
Server version: Apache/2.4.7 (Ubuntu)
Server built:   Jul 27 2017 15:20:24
Server's Module Magic Number: 20120211:27
Server loaded:  APR 1.5.1-dev, APR-UTIL 1.5.3
Compiled using: APR 1.5.1-dev, APR-UTIL 1.5.3
Architecture:   64-bit
Server MPM: event
  threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/apache2"
 -D SUEXEC_BIN="/usr/lib/apache2/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="mime.types"
 -D SERVER_CONFIG_FILE="apache2.conf"

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1717356] Re: CVE-2016-6298

[Brian Morton]

17.04 and 17.10 are not affected since they publish the fixed version
0.3.2. 16.04 appears to be affected, but the code is significantly
different. I've requested info from the source project owner to test my
proposed patch for 16.04.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1717356

Title:
  CVE-2016-6298

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-jwcrypto/+bug/1717356/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1717356] [NEW] CVE-2016-6298

[Brian Morton]

*** This bug is a security vulnerability ***

Public security bug reported:

The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in
jwcrypto before 0.3.2 lacks the Random Filling protection mechanism,
which makes it easier for remote attackers to obtain cleartext data via
a Million Message Attack (MMA).

https://people.canonical.com/~ubuntu-
security/cve/2016/CVE-2016-6298.html

** Affects: python-jwcrypto (Ubuntu)
 Importance: Undecided
 Assignee: Brian Morton (rokclimb15)
 Status: In Progress

** Information type changed from Private Security to Public Security

** Changed in: python-jwcrypto (Ubuntu)
 Assignee: (unassigned) => Brian Morton (rokclimb15)

** Changed in: python-jwcrypto (Ubuntu)
   Status: New => In Progress

** Description changed:

  The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in
  jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which
- makes it easier for remote attackers to obtain cleartext data via a Million
- Message Attack (MMA).
+ makes it easier for remote attackers to obtain cleartext data via a Million 
Message Attack (MMA).
  
  https://people.canonical.com/~ubuntu-
  security/cve/2016/CVE-2016-6298.html

** Description changed:

  The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in
- jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which
- makes it easier for remote attackers to obtain cleartext data via a Million 
Message Attack (MMA).
+ jwcrypto before 0.3.2 lacks the Random Filling protection mechanism,
+ which makes it easier for remote attackers to obtain cleartext data via
+ a Million Message Attack (MMA).
  
  https://people.canonical.com/~ubuntu-
  security/cve/2016/CVE-2016-6298.html

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-6298

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1717356

Title:
  CVE-2016-6298

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-jwcrypto/+bug/1717356/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Hi Christophe,

That is excellent. Could you please provide me with a test case that
previously reproduced the crash? I'd like to try to boil it down to
something simple. I will need to demonstrate that it can be reproduced
easily and consistently to get an SRU approved. There aren't a lot of
reporters of this issue, so it's pretty critical.

Of course, if it doesn't get approved you're welcome to use my PPA until
you upgrade to 16.04.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Fantastic news! My biggest concern now is that my monkey-patch has
introduced some unexpected behavior since we don't try to dereference
sbh on each read request (only when the connection state is suspended).
This is based on my own observation of the problem rather than an
upstream patch since all of the fixes rely on APR functionality
introduced in 2.4.10.

Can you do some parallel tests of functionality in addition to crash
testing? Ideally, I would test from two different clients to see if it
confuses connection information or something else strange. Assuming it
doesn't, I might ask if an Apache dev could review my patch for a sanity
check.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Hi Christophe,

Let's try something completely different. I have a new build uploaded
for testing.

Thanks,

Brian

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Hi Christophe,

I believe I've narrowed down the problem to one fixed in these two changesets:
https://github.com/apache/httpd/commit/59eea59c4be383d004e92fa63b57b995e7a8ef01
https://github.com/apache/httpd/commit/285e67883e396f97dc3aad50d9dc345f15220827

The latter only applies to 2.4.10 since it applies to the suspend/resume
hooks. That leaves the first one, which I've applied in my PPA for
testing. I've started with 2.4.7 since typically backports aren't for
bugfixes.

Would you mind being my guinea pig?

https://launchpad.net/~rokclimb15/+archive/ubuntu/apache2

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Thanks for the core dump and bt Christophe. After a bit of research, I
believe this is a race condition present in 2.4.7 which was subsequently
patched, and then the patch refactored when the suspend/resume hooks
were added in 2.4.10. The fix in 2.4.7 seems simply enough (just move
c->sbh = NULL into the suspend condition above it) but I don't think it
would pass SRU justification since it only happens under load and is
hard to reproduce. Can you and/or Ian use 2.4.10 from trusty-backports?
That shouldn't suffer from this problem.

If not, reply here and I'll get someone to validate my SRU opinion
before proceeding.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: [Bug 1597450] Re: mod-gnutls FTBFS: test failure: apache2 seg fault

[Brian Morton]

Adam,

Thanks for the idea, that's helpful and makes sense. I checked the debian
build logs for libapache2-mod-gnutls, p11-kit, softhsm2, and glibc. They're
all built with stack-protector-strong.

On Tue, May 30, 2017 at 3:39 PM, Adam Conrad  wrote:

> The difference between Ubuntu and Debian could simply be that Ubuntu
> defaults to -fstack-protector-strong and Debian might still not.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1597450
>
> Title:
>   mod-gnutls FTBFS: test failure: apache2 seg fault
>
> Status in apache2 package in Ubuntu:
>   Confirmed
> Status in mod-gnutls package in Ubuntu:
>   Confirmed
>
> Bug description:
>   mod-gnutls 0.7.5-2 in yakkety fails to build on all architectures
>   except amd64:
>
>   https://launchpad.net/ubuntu/+source/mod-gnutls/0.7.5-2/
>
>   FAIL: test-24_pkcs11_cert.bash
>   ==
>
>   Generated temporary SoftHSM config mod_gnutls_test-BtVH7L.conf:
>   objectstore.backend = file
>   directories.tokendir = /«PKGBUILDDIR»/test/server/softhsm2.db
>   checking /usr/lib64/pkcs11/libsofthsm2.so ...
>   checking /usr/lib/softhsm/libsofthsm2.so ...
>   found!
>   TESTING: 24_pkcs11_cert
>   ./runtests failed at line 188!
>   FAILURE: 24_pkcs11_cert
>   httpd (no pid file) not running
>
>   Apache error logs:
>   [Wed Jun 29 17:23:26.375898 2016] [core:notice] [pid 12681:tid
> 4148214336] AH00060: seg fault or similar nasty error detected in the
> parent process
>   FAIL test-24_pkcs11_cert.bash (exit status: 1)
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/
> 1597450/+subscriptions
>

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1597450

Title:
  mod-gnutls FTBFS: test failure: apache2 seg fault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1597450/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1668474] Re: AH00526 when using long ProxyPass worker name

[Brian Morton]

An excellent question/point. That should probably get hashed out on the
upstream BZ first. The discussion about it was very minimal. I'll get on
there and poke at that issue.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668474

Title:
  AH00526 when using long ProxyPass worker name

To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1668474/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1668474] Re: AH00526 when using long ProxyPass worker name

[Brian Morton]

I don't think it is an actual incompatibility since the util function
for copying those values takes into consideration the size of the dst
buffer. As long as it is being lengthened, I think it's OK. It would be
a problem if we were reducing it and src were larger than dst.

#define PROXY_STRNCPY(dst, src) ap_proxy_strncpy((dst), (src),
(sizeof(dst)))

if (PROXY_STRNCPY(bshared->name, uri) != APR_SUCCESS) {
 return apr_psprintf(p, "balancer name (%s) too long", uri);
}

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668474

Title:
  AH00526 when using long ProxyPass worker name

To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1668474/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1668474] Re: AH00526 when using long ProxyPass worker name

[Brian Morton]

Hi Robie,

I do not know for certain. One user on the upstream bug mentions it
can't be backported because of an API compat issue, but if there's one
present I'm sure not seeing it. The define is entirely contained within
that header file. The only thing I would think it could affect would be
external modules built against mod_proxy.h

root@apache2-mod-proxy-length-xenial:~/apache2-2.4.18# grep -R 
'PROXY_WORKER_MAX_NAME_SIZE' *
modules/proxy/mod_proxy.h:#define PROXY_WORKER_MAX_NAME_SIZE  96
modules/proxy/mod_proxy.h:#define PROXY_BALANCER_MAX_NAME_SIZE 
PROXY_WORKER_MAX_NAME_SIZE
modules/proxy/mod_proxy.h:char  name[PROXY_WORKER_MAX_NAME_SIZE];
modules/proxy/mod_proxy.h:char  uds_path[PROXY_WORKER_MAX_NAME_SIZE];   
/* path to worker's unix domain socket if applicable */
root@apache2-mod-proxy-length-xenial:~/apache2-2.4.18# grep -R 
'PROXY_BALANCER_MAX_NAME_SIZE' *
modules/proxy/mod_proxy.h:#define PROXY_BALANCER_MAX_NAME_SIZE 
PROXY_WORKER_MAX_NAME_SIZE
modules/proxy/mod_proxy.h:char  name[PROXY_BALANCER_MAX_NAME_SIZE];
modules/proxy/mod_proxy.h:char  sname[PROXY_BALANCER_MAX_NAME_SIZE];

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668474

Title:
  AH00526 when using long ProxyPass worker name

To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1668474/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1631104] Re: The LimitNPROC line in /lib/systemd/system/openvpn@.service has to be commented out in order to be able to start OpenVPN

[Brian Morton]

Had the same error, but commenting/adjusting LimitNPROC didn't fix the
issue. Ultimately I had to make the container unconfined by AA and
privileged to get openvpn to start.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1631104

Title:
  The LimitNPROC line in /lib/systemd/system/openvpn@.service has to be
  commented out in order to be able to start OpenVPN

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1631104/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1668474] Re: AH00526 when using long ProxyPass worker name

[Brian Morton]

** Also affects: apache2 (Debian)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668474

Title:
  AH00526 when using long ProxyPass worker name

To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1668474/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1668474] Re: AH00526 when using long ProxyPass worker name

[Brian Morton]

Hi Robie, this fix is in Apache SVN trunk but isn't in upstream stable
2.4 release branch yet so all Ubuntu versions will be affected. In
addition, no such patch exists in Debian source.
https://anonscm.debian.org/cgit/pkg-
apache/apache2.git/tree/modules/proxy/mod_proxy.h#n350 and
https://anonscm.debian.org/cgit/pkg-
apache/apache2.git/tree/debian/patches

I think the best bet is to add it as a debian patch for Zesty and
coordinate it with the Debian Apache maintainers until it lands in a
stable upstream release. I adjusted the line number in the patch so it
should apply cleanly against Zesty.

** Attachment added: "Zesty patch (2.4.25)"
   
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1668474/+attachment/4834216/+files/apache-zesty-patch.txt

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668474

Title:
  AH00526 when using long ProxyPass worker name

To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1668474/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1246245] Re: proftpd service fails to restart (including via logrotate)

[Brian Morton]

bmorton@maui:~$ sudo apt-get install proftpd-basic/trusty-proposed
Reading package lists... Done
Building dependency tree
Reading state information... Done
Selected version '1.3.5~rc3-2.1ubuntu2.2' (Ubuntu:14.04/trusty-proposed 
[amd64]) for 'proftpd-basic'
Suggested packages:
  openbsd-inetd inet-superserver proftpd-doc proftpd-mod-ldap
  proftpd-mod-mysql proftpd-mod-odbc proftpd-mod-pgsql proftpd-mod-sqlite
  proftpd-mod-geoip
The following packages will be upgraded:
  proftpd-basic
1 upgraded, 0 newly installed, 0 to remove and 13 not upgraded.
Need to get 1,967 kB of archives.
After this operation, 1,024 B of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu/ trusty-proposed/universe proftpd-basic 
amd64 1.3.5~rc3-2.1ubuntu2.2 [1,967 kB]
Fetched 1,967 kB in 3s (557 kB/s)
Preconfiguring packages ...
(Reading database ... 1144721 files and directories currently installed.)
Preparing to unpack .../proftpd-basic_1.3.5~rc3-2.1ubuntu2.2_amd64.deb ...
 * Stopping ftp server proftpd  

  [ OK ]
Unpacking proftpd-basic (1.3.5~rc3-2.1ubuntu2.2) over (1.3.5~rc3-2.1ubuntu2.1) 
...
Processing triggers for ureadahead (0.100.0-16) ...
Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
Setting up proftpd-basic (1.3.5~rc3-2.1ubuntu2.2) ...
Installing new version of config file /etc/init.d/proftpd ...
 * Starting ftp server proftpd  

  [ OK ]
Processing triggers for ureadahead (0.100.0-16) ...
bmorton@maui:~$ sudo nano /etc/apt/sources.list
bmorton@maui:~$ sudo service proftpd restart
 * Stopping ftp server proftpd  

  [ OK ]
 * Starting ftp server proftpd  

  [ OK ]
bmorton@maui:~$ sudo service proftpd status
ProFTPD is started in standalone mode, currently running.

** Tags removed: verification-needed
** Tags added: verification-done

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1246245

Title:
  proftpd service fails to restart (including via logrotate)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1246245/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1668474] Re: AH00526 when using long ProxyPass worker name

[Brian Morton]

Patch attached for trusty. Unsure how to generate a debdiff in this
case.

** Patch added: "Patch for trusty"
   
https://bugs.launchpad.net/apache2/+bug/1668474/+attachment/4827987/+files/mod-proxy-worker-name-size.patch

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668474

Title:
  AH00526 when using long ProxyPass worker name

To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1668474/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1668474] Re: AH00526 when using long ProxyPass worker name

[Brian Morton]

** Changed in: apache2 (Ubuntu)
 Assignee: (unassigned) => Brian Morton (rokclimb15)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668474

Title:
  AH00526 when using long ProxyPass worker name

To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1668474/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1668474] [NEW] AH00526 when using long ProxyPass worker name

[Brian Morton]

Public bug reported:

When using a long ProxyPass worker name such as unix:///var/php-
fpm/146527084714328.sock|fcgi://localhost/home/mysite/domains/subdomain.com/public_html/$1
Apache issues the fatal error AH00526 and refuses to proceed during
reload. This is a typical configuration generated by Virtualmin for a
subdomain running php-fpm.

A couple of workarounds are available using mod_rewrite, but they do not
use connection pooling for the proxy and aren't available for packaged
solutions like Virtualmin. The patch from trunk is fairly
straightforward.

** Affects: apache2
 Importance: Unknown
 Status: Unknown

** Affects: apache2 (Ubuntu)
 Importance: Undecided
 Status: New

** Bug watch added: bz.apache.org/bugzilla/ #53218
   https://bz.apache.org/bugzilla/show_bug.cgi?id=53218

** Also affects: apache2 via
   https://bz.apache.org/bugzilla/show_bug.cgi?id=53218
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668474

Title:
  AH00526 when using long ProxyPass worker name

To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1668474/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1324828] Re: Unable to use unix socket in ProxyPassMatch directive

[Brian Morton]

As a workaround for trusty, you can use unix:///run/php-fpm/php-
fpm.sock|fcgi://127.0.0.1:9000/srv/http/ (notice the triple slash on the
unix socket). Only problem then is the length of the variable

https://bz.apache.org/bugzilla/show_bug.cgi?id=53218

** Bug watch added: bz.apache.org/bugzilla/ #53218
   https://bz.apache.org/bugzilla/show_bug.cgi?id=53218

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1324828

Title:
  Unable to use unix socket in ProxyPassMatch directive

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1324828/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] Re: CVE-2016-0787

[Brian Morton]

Seth, sorry about that. I think I was moving a little too quickly on
that one. Corrected one attached.

** Patch removed: "Debdiff for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+attachment/4820419/+files/libssh2_1.4.3-2ubuntu0.1.debdiff

** Patch added: "Debdiff for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+attachment/4821563/+files/libssh2_1.4.3-2ubuntu0.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] Re: CVE-2016-0787

[Brian Morton]

** Patch added: "Debdiff for precise"
   
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+attachment/4820426/+files/libssh2_1.2.8-2ubuntu0.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] Re: CVE-2016-0787

[Brian Morton]

Debdiff for trusty

** Patch added: "Debdiff for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+attachment/4820419/+files/libssh2_1.4.3-2ubuntu0.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] Re: CVE-2016-0787

[Brian Morton]

No problem, just let me know if they need different versioning because
of the potential conflict. I plan to produce one for trusty shortly. At
this point, is the team encouraging CVE fixes for precise? This is not
easy to exploit, so it might not be worth the review/publishing time.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] Re: CVE-2016-0787

[Brian Morton]

Debdiff for xenial

** Patch added: "Debdiff for xenial"
   
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+attachment/4819155/+files/libssh2_1.5.0-2ubuntu0.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] Re: CVE-2016-0787

[Brian Morton]

Tweaked this debdiff changelog for Zesty upload. Same package version as
Yakkety.

** Patch added: "Debdiff for zesty"
   
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+attachment/4819154/+files/libssh2_1.7.0-1ubuntu0.1.zesty.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] Re: CVE-2016-0787

[Brian Morton]

** Changed in: libssh2 (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] Re: CVE-2016-0787

[Brian Morton]

Debdiff for Yakkety

The vuln has no specific known attack methods so there is no public
exploit available. Package tests have passed and I used a somewhat
unusual method to explicitly regression test. Package php-ssh2 depends
on libssh2.

 'diffie-hellman-group1-sha1'
);

// Make our connection
$connection = ssh2_connect($server, 22, $methods);

if (!$connection) die('Connection failed');

$methods_neg = ssh2_methods_negotiated($connection);
echo "Keys negotiated with: {$methods_neg['kex']}\n";
echo "Client-to-server uses these methods:\n";
echo " Encryption: {$methods_neg["client_to_server"]["crypt"]}\n";
echo " Compression: {$methods_neg["client_to_server"]["comp"]}\n";
echo "Server-to-client uses these methods:\n";
echo " Encryption: {$methods_neg["server_to_client"]["crypt"]}\n";
echo " Compression: {$methods_neg["server_to_client"]["comp"]}\n";

** Patch added: "Debdiff for yakkety"
   
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+attachment/4819153/+files/libssh2_1.7.0-1ubuntu0.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] Re: CVE-2016-0787

[Brian Morton]

** Information type changed from Public to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1664812] [NEW] CVE-2016-0787

[Brian Morton]

Public bug reported:

The diffie_hellman_sha256 and diffie_hellman_sha1 functions in kex.c in
libssh2 1.7.0 and prior improperly truncate secrets to 128 or 256 bits,
which makes it easier for man-in-the-middle attackers to decrypt or
intercept SSH sessions via unspecified vectors, aka a "bits/bytes
confusion bug."

** Affects: libssh2 (Ubuntu)
 Importance: Undecided
 Assignee: Brian Morton (rokclimb15)
 Status: New

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-0787

** Changed in: libssh2 (Ubuntu)
 Assignee: (unassigned) => Brian Morton (rokclimb15)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1664812

Title:
  CVE-2016-0787

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1664812/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1246245] Re: proftpd service fails to restart (including via logrotate)

[Brian Morton]

Revised debdiff with correct changelog message.

** Patch added: "Debdiff for trusty with corrected changelog"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1246245/+attachment/4818195/+files/proftpd-dfsg_1.3.5~rc3-2.1ubuntu3.debdiff

** Patch removed: "Debdiff for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1246245/+attachment/4817938/+files/proftpd-dfsg_1.3.5~rc3-2.1ubuntu3.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1246245

Title:
  proftpd service fails to restart (including via logrotate)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1246245/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1246245] Re: proftpd service fails to restart (including via logrotate)

[Brian Morton]

Attaching debdiff for trusty. Editing bug to add SRU justification.

** Patch added: "Debdiff for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1246245/+attachment/4817938/+files/proftpd-dfsg_1.3.5~rc3-2.1ubuntu3.debdiff

** Description changed:

+ [Impact]
+ 
+  * ProFTPd exits with signal 15 when restarted via init script.
+Worse yet, init script returns success.
+ 
+  * Since logrotate runs via cron and performs a restart, this causes
+FTP service to stop and results in unexpected service downtime.
+ 
+  * Final version of upstream patch at https://anonscm.debian.org/git
+ /pkg-proftpd/proftpd-
+ dfsg.git/commit/?id=23c5e44b3c30a082a0e15279961c3c4c3d7393fd
+ 
+  * Only trusty and prior are affected
+ 
+ [Test Case]
+ 
+  * bmorton@maui:~$ sudo service proftpd restart
+* Stopping ftp server proftpd   [ 
OK ]
+* Starting ftp server proftpd   [ 
OK ]
+bmorton@maui:~$ sudo service proftpd status
+ProFTPD is started in standalone mode, currently not running.
+ 
+  * After a restart, status should say "currently running"
+ 
+ [Regression Potential]
+ 
+  * Failure to start/stop/restart proftpd service
+ 
+  * Patched package currently running on production host without issues
+ 
+ [Other Info]
+  
+  * This is a very old bug affecting a substantial number of users
+ 
+  * Early AM nagios notifications about FTP service are undesirable
+ 
+ 
+ -
+ 
  proftpd-basic 1.3.5~rc3-2 from Ubuntu 13.10
  proftpd-basic 1.3.5~rc3-2.1ubuntu2 from Ubuntu 14.04
  
  Init script from proftpd-basic package contains the BUG: when you run
  /etc/init.d/proftpd restart it fails because of there is the race
  between pidfile removal and start() which checks pidfile existency:
  
  ---
  ProFTPD is started in standalone mode, currently running.
  root@aa:~# /etc/init.d/proftpd restart
   * Stopping ftp server proftpd

 [ OK ]
   * Starting ftp server proftpd

 [ OK ]
  root@aa:~# /etc/init.d/proftpd status
  ProFTPD is started in standalone mode, currently not running.
  ---
  
  the next workaround helps:
  
  ---
  --- /etc/init.d/proftpd.orig2013-10-30 13:52:46.791265726 +0400
  +++ /etc/init.d/proftpd 2013-10-30 13:52:57.456265698 +0400
  @@ -107,6 +107,7 @@
   fi
   if [ -f "$PIDFILE" ]; then
  start-stop-daemon --stop --signal $SIGNAL --quiet --pidfile "$PIDFILE"
  +   sleep 1
   if [ $? = 0 ]; then
  log_end_msg 0
  else
  ---
  
  Please, fix.

** Description changed:

+ SRU request for Trusty
+ 
  [Impact]
  
-  * ProFTPd exits with signal 15 when restarted via init script.
-Worse yet, init script returns success.
+  * ProFTPd exits with signal 15 when restarted via init script.
+    Worse yet, init script returns success.
  
-  * Since logrotate runs via cron and performs a restart, this causes
-FTP service to stop and results in unexpected service downtime.
+  * Since logrotate runs via cron and performs a restart, this causes
+    FTP service to stop and results in unexpected service downtime.
  
-  * Final version of upstream patch at https://anonscm.debian.org/git
+  * Final version of upstream patch at https://anonscm.debian.org/git
  /pkg-proftpd/proftpd-
  dfsg.git/commit/?id=23c5e44b3c30a082a0e15279961c3c4c3d7393fd
  
-  * Only trusty and prior are affected
+  * Only trusty and prior are affected
  
  [Test Case]
  
-  * bmorton@maui:~$ sudo service proftpd restart
-* Stopping ftp server proftpd   [ 
OK ]
-* Starting ftp server proftpd   [ 
OK ]
-bmorton@maui:~$ sudo service proftpd status
-ProFTPD is started in standalone mode, currently not running.
+  * bmorton@maui:~$ sudo service proftpd restart
+    * Stopping ftp server proftpd   [ 
OK ]
+    * Starting ftp server proftpd   [ 
OK ]
+    bmorton@maui:~$ sudo service proftpd status
+    ProFTPD is started in standalone mode, currently not running.
  
-  * After a restart, status should say "currently running"
+  * After a restart, status should say "currently running"
  
  [Regression Potential]
  
-  * Failure to start/stop/restart proftpd service
+  * Failure to start/stop/restart proftpd service
  
-  * Patched package currently running on production host without issues
+  * Patched package currently running on production host without issues
  
  [Other Info]
-  
-  * This is a very 

[Bug 1246245] Re: proftpd service fails to restart (including via logrotate)

[Brian Morton]

** Changed in: proftpd-dfsg (Ubuntu)
 Assignee: (unassigned) => Brian Morton (rokclimb15)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1246245

Title:
  proftpd service fails to restart (including via logrotate)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1246245/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: [Bug 1597450] Re: mod-gnutls FTBFS: test failure: apache2 seg fault

[Brian Morton]

Hi Thomas,

Good info, thanks. It's definitely a possibility, but I'm having a hard
time explaining how that package could be responsible when it is synced
with Sid as well and the configure strings in the build logs appear to be
the same. I also tried a build from upstream source with the same result.

Is there anything unusual about the way Debian builds gnutls vs Ubuntu? I
can't find or think of anything relevant.

On Sat, Jan 14, 2017 at 7:23 AM, Thomas Klute <1597...@bugs.launchpad.net>
wrote:

> Another package work looking at might be p11-kit. The last function call
> above kernel and libc in the stack trace above is in libp11-kit, and so
> are the memory issues I see using Valgrind on amd64.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1597450
>
> Title:
>   mod-gnutls FTBFS: test failure: apache2 seg fault
>
> Status in apache2 package in Ubuntu:
>   Confirmed
> Status in mod-gnutls package in Ubuntu:
>   Confirmed
>
> Bug description:
>   mod-gnutls 0.7.5-2 in yakkety fails to build on all architectures
>   except amd64:
>
>   https://launchpad.net/ubuntu/+source/mod-gnutls/0.7.5-2/
>
>   FAIL: test-24_pkcs11_cert.bash
>   ==
>
>   Generated temporary SoftHSM config mod_gnutls_test-BtVH7L.conf:
>   objectstore.backend = file
>   directories.tokendir = /«PKGBUILDDIR»/test/server/softhsm2.db
>   checking /usr/lib64/pkcs11/libsofthsm2.so ...
>   checking /usr/lib/softhsm/libsofthsm2.so ...
>   found!
>   TESTING: 24_pkcs11_cert
>   ./runtests failed at line 188!
>   FAILURE: 24_pkcs11_cert
>   httpd (no pid file) not running
>
>   Apache error logs:
>   [Wed Jun 29 17:23:26.375898 2016] [core:notice] [pid 12681:tid
> 4148214336] AH00060: seg fault or similar nasty error detected in the
> parent process
>   FAIL test-24_pkcs11_cert.bash (exit status: 1)
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/
> 1597450/+subscriptions
>

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1597450

Title:
  mod-gnutls FTBFS: test failure: apache2 seg fault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1597450/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1640320] Re: FTBFS in zesty

[Brian Morton]

I don't see evidence of this error in the amd64 build log at
https://launchpadlibrarian.net/298782129/buildlog_ubuntu-zesty-amd64
.location-service_3.0.0+16.10.20160912-0ubuntu2_BUILDING.txt.gz.
However, the package does FTBFS due to this bug
https://bugs.launchpad.net/ubuntu/+source/googletest/+bug/1644062

Looks like it may need some CMakeLists changes to be compatible with
GoogleTest 1.8

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1640320

Title:
  FTBFS in zesty

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/location-service/+bug/1640320/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1637835] Re: Zesty iso stops booting

[Brian Morton]

Could you please post your libvirt config file for the domain?
Specifically, I'd like to know if it has the apic feature enabled.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1637835

Title:
  Zesty iso stops booting

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/virt-manager/+bug/1637835/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1652113] Re: package maas-rack-controller 2.1.3+bzr5573-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1

[Brian Morton]

Ref https://bugs.launchpad.net/ubuntu/+source/python3.5/+bug/1650202 and
https://github.com/python/typing/commit/7baf6fe2a6d96ab09c807aac174650baa35d15dd

Optional returns a Union, which can't be subclassed.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1652113

Title:
  package maas-rack-controller 2.1.3+bzr5573-0ubuntu1 failed to
  install/upgrade: subprocess installed post-installation script
  returned error exit status 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1652113/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1650202] Re: issubclass(a_type, union_type) has stopped working

[Brian Morton]

This is expected behavior from upstream changes.

https://github.com/python/typing/commit/7baf6fe2a6d96ab09c807aac174650baa35d15dd

Optional is shorthand for Union, and Union cannot be subclassed. This
behavior "worked" before, but was undefined and returned unpredictable
results.

** Changed in: python3.5 (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1650202

Title:
  issubclass(a_type, union_type) has stopped working

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python3.5/+bug/1650202/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1597450] Re: mod-gnutls FTBFS: test failure: apache2 seg fault

[Brian Morton]

Tried building openssl 1.1 to match Debian sid, as well as latest
apache2 and gnutls. All still segfault on i386 during this test. Out of
ideas at this point.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1597450

Title:
  mod-gnutls FTBFS: test failure: apache2 seg fault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1597450/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1304760] Re: checkinstall fails to add files to dpkg conffiles

[Brian Morton]

root@checkinstall-bug-trusty:~# apt-get install checkinstall
root@checkinstall-bug-trusty:~# apt-get source haproxy
root@checkinstall-bug-trusty:~# cd haproxy*
root@checkinstall-bug-trusty:~/haproxy-1.5.14# mkdir -p etc/haproxy
root@checkinstall-bug-trusty:~/haproxy-1.5.14# touch etc/haproxy/haproxy.cfg
root@checkinstall-bug-trusty:~/haproxy-1.5.14# echo 'etc/haproxy/haproxy.cfg' 
>> includes
root@checkinstall-bug-trusty:~/haproxy-1.5.14# checkinstall -y 
--include=includes
root@checkinstall-bug-trusty:~/haproxy-1.5.14# dpkg -e haproxy*.deb
root@checkinstall-bug-trusty:~/haproxy-1.5.14# cat DEBIAN/conffiles | wc -l
0

after applying patched package of checkinstall, repeat the above steps

root@checkinstall-bug-trusty:~/haproxy-1.5.14# cat DEBIAN/conffiles | wc -l
1

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1304760

Title:
  checkinstall fails to add files to dpkg conffiles

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1304760/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1304760] Re: checkinstall fails to add files to dpkg conffiles

[Brian Morton]

Hi Brian,

Thanks for taking the time on this really old bug. Will this work?

root@checkinstall-bug-trusty:~# apt-get source haproxy checkinstall
root@checkinstall-bug-trusty:~# cd haproxy*
root@checkinstall-bug-trusty:~/haproxy-1.5.14# mkdir -p etc/haproxy
root@checkinstall-bug-trusty:~/haproxy-1.5.14# touch etc/haproxy/haproxy.cfg
root@checkinstall-bug-trusty:~/haproxy-1.5.14# echo 'etc/haproxy.cfg' >> 
includes
root@checkinstall-bug-trusty:~/haproxy-1.5.14# checkinstall -y 
--include=includes
root@checkinstall-bug-trusty:~/haproxy-1.5.14# dpkg -e haproxy*.deb
root@checkinstall-bug-trusty:~/haproxy-1.5.14# cat DEBIAN/conffiles | wc -l
0

after applying patched package of checkinstall
dpkg -i ~/checkinstall_1.6.2-4ubuntu2_amd64.deb

root@checkinstall-bug-trusty:~/haproxy-1.5.14# checkinstall -y 
--include=includes
root@checkinstall-bug-trusty:~/haproxy-1.5.14# dpkg -e haproxy*.deb
root@checkinstall-bug-trusty:~/haproxy-1.5.14# cat DEBIAN/conffiles | wc -l
1

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1304760

Title:
  checkinstall fails to add files to dpkg conffiles

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1304760/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1597450] Re: mod-gnutls FTBFS: test failure: apache2 seg fault

[Brian Morton]

According to the Debian maintainer this does not occur in unstable on
i386. Both apache2 and libgnutls30 are newer in unstable, so that could
be related.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1597450

Title:
  mod-gnutls FTBFS: test failure: apache2 seg fault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1597450/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1597450] Re: mod-gnutls FTBFS: test failure: apache2 seg fault

[Brian Morton]

Correction, it still segfaults on test 24 after the string format issues
are fixed.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1597450

Title:
  mod-gnutls FTBFS: test failure: apache2 seg fault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1597450/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1597450] Re: mod-gnutls FTBFS: test failure: apache2 seg fault

[Brian Morton]

Using latest deps in proposed Apache no longer segfaults on i386. FTBFS
persists due to -Werror=format in the build and a few format/type issues
that are easily fixed. Beyond that, test 24 still fails now with an
error about the PKCS11 URL format which needs further investigation.
0.8.1 fixes the format string type issues for a clean build. Will
request sync with upstream or I can submit the build fix as a patch.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1597450

Title:
  mod-gnutls FTBFS: test failure: apache2 seg fault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1597450/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1304760] Re: checkinstall fails to add files to dpkg conffiles

[Brian Morton]

Bug has been fixed upstream http://bugtrack.izto.org/show_bug.cgi?id=35

** Bug watch added: izto #35
   http://bugtrack.izto.org/show_bug.cgi?id=35

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1304760

Title:
  checkinstall fails to add files to dpkg conffiles

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1304760/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1597450] Re: mod-gnutls FTBFS: test failure: apache2 seg fault

[Brian Morton]

Zesty 0.8.0-1 is the current FTBFS. I was able to progress the debugging
a bit and something is scribbling on the stack. The problem I'm
experiencing is gdb disables breakpoints in the shared lib I need to
examine the stack canary address.

Starting program: /usr/sbin/apache2 -X -f 
/home/bmorton/mod-gnutls-0.8.0/test/tests/24_pkcs11_cert/apache.conf -k start
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
AH00558: apache2: Could not reliably determine the server's fully qualified 
domain name, using 127.0.1.1. Set the 'ServerName' directive globally to 
suppress this message
warning: Temporarily disabling breakpoints for unloaded shared library 
"/usr/lib/i386-linux-gnu/libp11-kit.so.0"
*** stack smashing detected ***: /usr/sbin/apache2 terminated

Program received signal SIGABRT, Aborted.
0xb7fd9cf9 in __kernel_vsyscall ()
(gdb) bt
#0  0xb7fd9cf9 in __kernel_vsyscall ()
#1  0xb7d47050 in __libc_signal_restore_set (set=0xbfffe5cc) at 
../sysdeps/unix/sysv/linux/nptl-signals.h:79
#2  __GI_raise (sig=6) at ../sysdeps/unix/sysv/linux/raise.c:55
#3  0xb7d48577 in __GI_abort () at abort.c:89
#4  0xb7d82f4f in __libc_message (do_abort=, fmt=) at ../sysdeps/posix/libc_fatal.c:175
#5  0xb7e14c78 in __GI___fortify_fail (msg=) at fortify_fail.c:37
#6  0xb7e14c18 in __stack_chk_fail () at stack_chk_fail.c:28
#7  0xb79c95e4 in __stack_chk_fail_local () from 
/usr/lib/i386-linux-gnu/libp11-kit.so.0
#8  0xb79a57e6 in proxy_C_GenerateKey (self=0xb6d3a9f0 
::get() 
const+28>, handle=2148314568, mechanism=0xb79c95e4 <_fini>, template=0xb7e14c05 
<__stack_chk_fail+5>,
count=3221220068, key=0x0) at p11-kit/proxy.c:1470
#9  0xb6d3a53d in Mutex::lock (this=0x800b9840) at MutexFactory.cpp:60
#10 0xb6d3a5cd in MutexLocker::MutexLocker (this=0xbfffea48, 
inMutex=0x800b9840) at MutexFactory.cpp:81
#11 0xb6d7f31f in Token::getTokenInfo (this=0x800cc198, info=0xbfffec20) at 
Token.cpp:410
#12 0xb6d0a384 in SoftHSM::C_GetTokenInfo (this=0x800c4310, slotID=1566642341, 
pInfo=0xbfffec20) at SoftHSM.cpp:601
#13 0xb6ceca45 in C_GetTokenInfo (slotID=1566642341, pInfo=0xbfffec20) at 
main.cpp:220
#14 0xb7b1367c in pkcs11_get_token_info (module=0x800bc470, slot_id=1566642341, 
info=0xbfffec20) at pkcs11_int.c:65
#15 0xb7b02f1f in _pkcs11_traverse_tokens (find_func=0xb7b0490f 
, input=0xbfffef04, info=0x800bd8c0, pin_info=0x800b4f04, 
flags=2) at pkcs11.c:1342
#16 0xb7b04eb8 in gnutls_pkcs11_obj_import_url (obj=0x800b4ec0,
url=0xb7c39c48 
"pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=230076e3dd6110a5;token=mod_gnutls-test;id=%d5%32%8e%a4%57%da%03%cf%84%2a%51%14%69%c9%9d%50%d2%8a%6b%12;object=certificate;type=cert",
 flags=1)
at pkcs11.c:2068
#17 0xb7c4aa14 in mgs_load_files (pconf=, ptemp=, 
s=) at gnutls_config.c:332
#18 0xb7c4f7ea in mgs_hook_post_config (pconf=0xb7fcc018, plog=0xb7c8a018, 
ptemp=0xb7c86018, base_server=0xb7c8cf18) at gnutls_hooks.c:405
#19 0x80046370 in ap_run_post_config (pconf=0xb7fcc018, plog=0xb7c8a018, 
ptemp=0xb7c86018, s=0xb7c8cf18) at config.c:103
#20 0x80023dff in main (argc=, argv=) at 
main.c:771

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1597450

Title:
  mod-gnutls FTBFS: test failure: apache2 seg fault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1597450/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1630413] Re: segfault in server/mpm/event/event.c:process_socket

[Brian Morton]

Hi Ian, can you raise ulimit, add CoreDumpDirectory, and install
apache2-dbg (will restart to make prior two changes effective)? If you
make CoreDumpDirectory /tmp, make sure to move your core dump out of the
way before you reboot.

https://httpd.apache.org/dev/debugging.html#crashes

Then you'll get a core dump for analysis. If you post it here I can
analyze further.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1630413

Title:
  segfault in server/mpm/event/event.c:process_socket

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1630413/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1597450] Re: mod-gnutls FTBFS: test failure: apache2 seg fault

[Brian Morton]

0.7.5 was removed from yakkety-proposed, but the FTBFS continues in
Zesty. Here's a backtrace and disassembly on i386. If anyone has ideas,
I'd appreciate them.

** Tags added: zesty

** Attachment added: "gdb bt of core dump"
   
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1597450/+attachment/4791780/+files/Document.txt

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1597450

Title:
  mod-gnutls FTBFS: test failure: apache2 seg fault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1597450/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1582708] Re: HAproxy 1.6.3 mail alerts on DOWN but not UP

[Brian Morton]

This is interesting since the bug was fixed in 1.6-dev2.

https://github.com/haproxy/haproxy/commit/4cd477f3721f6a3fe7cf55ae729388bf7f279331

There are two curious conditions in the code:

if (s->admin & SRV_ADMF_MAINT)
return;

if (s->state == SRV_ST_STARTING || s->state == SRV_ST_RUNNING)
return;

Basically, if the server is in maintenance mode or is still starting, it
bails out. But that should preclude the UP logging you see. Can you
confirm the server in question isn't in maintenance mode? I might try to
reproduce this with gdb running to debug.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1582708

Title:
  HAproxy 1.6.3 mail alerts on DOWN but not UP

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/haproxy/+bug/1582708/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1383704] Re: Can't switch off SSLv3 cipher groups in haproxy

[Brian Morton]

Nominating this for wontfix since security support has ended for
releases with haproxy >= 1.5 and <= 1.5.7. Everything earlier doesn't
have SSL support built-in, and everything later is unsupported or has
received the upstream fix. The solution is to upgrade to trusty and use
backports or upgrade to xenial or newer.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1383704

Title:
  Can't switch off SSLv3 cipher groups in haproxy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/haproxy/+bug/1383704/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1304760] Re: checkinstall fails to add files to dpkg conffiles

[Brian Morton]

Debdiff for Trusty and all newer releases.

** Patch added: "Debdiff for trusty and newer"
   
https://bugs.launchpad.net/debian/+source/checkinstall/+bug/1304760/+attachment/4791416/+files/checkinstall_1.6.2-4ubuntu2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1304760

Title:
  checkinstall fails to add files to dpkg conffiles

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1304760/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1304760] Re: checkinstall fails to add files to dpkg conffiles

[Brian Morton]

After further research, the regression has been reported to Debian and a
patch is attached to that report. It does not appear to have been
applied. Debdiff attached for precise.

** Patch added: "Debdiff for precise"
   
https://bugs.launchpad.net/debian/+source/checkinstall/+bug/1304760/+attachment/4791404/+files/checkinstall_1.6.2-3ubuntu2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1304760

Title:
  checkinstall fails to add files to dpkg conffiles

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1304760/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1304760] Re: checkinstall fails to add files to dpkg conffiles

[Brian Morton]

This bug doesn't affect upstream, but is a regression from
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655453 which was filed
and fixed in Debian. The Debian patch is the source of this bug since
the fix was incorrect. I'm reporting it to Debian and adding a note to
the upstream bug to revise the fix before commit. I'll add an Ubuntu
debdiff as a patch so it can easily be removed when this package is
synced again.

** Bug watch added: Debian Bug tracker #655453
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655453

** Bug watch added: Debian Bug tracker #781169
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781169

** Also affects: checkinstall (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781169
   Importance: Unknown
   Status: Unknown

** Changed in: checkinstall (Ubuntu)
 Assignee: (unassigned) => Brian Morton (rokclimb15)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1304760

Title:
  checkinstall fails to add files to dpkg conffiles

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1304760/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1512068] Re: Python ctypes.util , Shell Injection in find_library()

[Brian Morton]

Attached is a debdiff for trusty. If someone could please review and
provide feedback, I'll produce additional ones for precise, xenial,
yakkety, and zesty

** Patch added: "Debdiff of modified upstream patch for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1512068/+attachment/4791357/+files/python2.7_2.7.6-8ubuntu0.4.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1512068

Title:
  Python ctypes.util , Shell Injection in find_library()

To manage notifications about this bug go to:
https://bugs.launchpad.net/python/+bug/1512068/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1512068] Re: Python ctypes.util , Shell Injection in find_library()

[Brian Morton]

** Changed in: python2.7 (Ubuntu)
 Assignee: (unassigned) => Brian Morton (rokclimb15)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1512068

Title:
  Python ctypes.util , Shell Injection in find_library()

To manage notifications about this bug go to:
https://bugs.launchpad.net/python/+bug/1512068/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Brian Morton]

Adding reworked patch for trusty that fixes an API issue with returning
the error code/message and is more minimal and appropriate for a
backported fix.

** Patch removed: "Debdiff of upstream patch for precise"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787127/+files/proftpd-dfsg_1.3.4a-2.debdiff

** Patch removed: "Upstream patch applied for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787121/+files/proftpd-dfsg_1.3.5~rc3-2.1ubuntu2.1.debdiff

** Patch added: "Debdiff of upstream patch for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787404/+files/proftpd-dfsg_1.3.5~rc3-2.1ubuntu2.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Brian Morton]

Adding reworked patch for precise that fixes an API issue with returning
the error code/message and is more minimal and appropriate for a
backported fix.

** Patch added: "Debdiff of upstream patch for precise"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787405/+files/proftpd-dfsg_1.3.4a-2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Brian Morton]

Attaching debdiff of upstream patch for precise. Tested in same manner
as trusty.

** Patch added: "Debdiff of upstream patch for precise"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787127/+files/proftpd-dfsg_1.3.4a-2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1462311] Re: proftpd mod_copy issue (CVE-2015-3306)

[Brian Morton]

Attaching debdiff of upstream patch for trusty package. Precise is also
vulnerable, so I will mark that as well while I work on that next.

My primary test before/after patch:

220 ProFTPD 1.3.5rc3 Server (Debian) [:::10.129.53.2]
USER bmorton
331 Password required for bmorton
PASS ***
230 User bmorton logged in
site cpfr /etc/passwd
350 File or directory exists, ready for destination name
site cpto /tmp/passwd.copy
250 Copy successful

220 ProFTPD 1.3.5rc3 Server (Debian) [:::10.129.53.2]
site cpfr /etc/passwd
Connection closed by foreign host.

** Patch added: "Upstream patch applied for trusty"
   
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1462311/+attachment/4787121/+files/proftpd-dfsg_1.3.5~rc3-2.1ubuntu2.1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1462311

Title:
  proftpd mod_copy issue (CVE-2015-3306)

To manage notifications about this bug go to:
https://bugs.launchpad.net/proftpd-dfsg/+bug/1462311/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1636617] Re: lxc set device root size fails silently when out of space

[Brian Morton]

Makes sense to me, thanks for looking into that!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1636617

Title:
  lxc set device root size fails silently when out of space

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1636617/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1636617] [NEW] lxc set device root size fails silently when out of space

[Brian Morton]

Public bug reported:

On 16.04.1, use lxd init with default responses (zfs, loopback, 10G).
Create container with lxc launch. Attempt to resize container root to
20G (larger than loopback file).

lxc set device root size 20G reports no error, but the container still
has a 1.1G root as shown by lxc exec  df -h

It would be ideal to have lxc throw an error of some kind when it does
not have enough space to complete the operation.

For documentation purposes, the fix is to grow the zfs.img file with
truncate, turn on ZFS autoexpand, then perform a zpool online resize.
After adding enough loopback device storage, the set command behaves
identically but achieves the intended result.

** Affects: lxc (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1636617

Title:
  lxc set device root size fails silently when out of space

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1636617/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1384931] Re: NRPE does not respect "dont_blame_nrpe" argument

[Brian Morton]

IMHO, this was a horribly bad decision upstream.  If you've restricted
your incoming NRPE source to a trusted one with UFW or similar, this is
a perfectly safe thing to do and helps centrally manage lots of
parameters.  I think a default arg of 0 was enough to keep a safe
config.  Users who choose to enable an unsafe configuration without
mitigations despite the documented warnings are idiots and the package
shouldn't be crippled as a result.

I volunteer to maintain this package in Ubuntu and build with a
different config than upstream.  Please contact me.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nagios-nrpe in Ubuntu.
https://bugs.launchpad.net/bugs/1384931

Title:
  NRPE does not respect "dont_blame_nrpe" argument

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nagios-nrpe/+bug/1384931/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1384931] Re: NRPE does not respect "dont_blame_nrpe" argument

[Brian Morton]

IMHO, this was a horribly bad decision upstream.  If you've restricted
your incoming NRPE source to a trusted one with UFW or similar, this is
a perfectly safe thing to do and helps centrally manage lots of
parameters.  I think a default arg of 0 was enough to keep a safe
config.  Users who choose to enable an unsafe configuration without
mitigations despite the documented warnings are idiots and the package
shouldn't be crippled as a result.

I volunteer to maintain this package in Ubuntu and build with a
different config than upstream.  Please contact me.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1384931

Title:
  NRPE does not respect "dont_blame_nrpe" argument

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nagios-nrpe/+bug/1384931/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1516451] Re: check_disk plugin broken after upgrade to 15.10

[Brian Morton]

I suspect there isn't a code change here, but rather a difference in the
way Ubuntu is presenting its mount points.  The plugin tries to
enumerate and check all mounts.  A better use might be to add the actual
mount points to be monitored with -p

/usr/lib/nagios/plugins/check_disk -w '20%' -c '10%' -e -p / -p /var -p
/boot

12.04:
mount

none on /sys/kernel/debug type debugfs (rw)


14.04:

debugfs on /sys/kernel/debug type debugfs (rw,relatime)
tracefs on /sys/kernel/debug/tracing type tracefs (rw,relatime)

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1516451

Title:
  check_disk plugin broken after upgrade to 15.10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nagios-plugins/+bug/1516451/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1516451] Re: check_disk plugin broken after upgrade to 15.10

[Brian Morton]

strace confirms that check_disk on 12.04 doesn't check
/sys/kernel/debug/tracing

Not having any luck tracking down a code change in the monitoring-
plugins github repo.  I wonder if this is a change in a dependent lib
instead.

Here's a workaround

sudo chown root:root /usr/lib/nagios/plugins/check_disk
sudo chmod u+s /usr/lib/nagios/plugins/check_disk
sudo chmod o+x /usr/lib/nagios/plugins/check_disk

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1516451

Title:
  check_disk plugin broken after upgrade to 15.10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nagios-plugins/+bug/1516451/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1516451] Re: check_disk plugin broken after upgrade to 15.10

[Brian Morton]

strace confirms that check_disk on 12.04 doesn't check
/sys/kernel/debug/tracing

Not having any luck tracking down a code change in the monitoring-
plugins github repo.  I wonder if this is a change in a dependent lib
instead.

Here's a workaround

sudo chown root:root /usr/lib/nagios/plugins/check_disk
sudo chmod u+s /usr/lib/nagios/plugins/check_disk
sudo chmod o+x /usr/lib/nagios/plugins/check_disk

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1516451

Title:
  check_disk plugin broken after upgrade to 15.10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nagios-plugins/+bug/1516451/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1516451] Re: check_disk plugin broken after upgrade to 15.10

[Brian Morton]

I suspect there isn't a code change here, but rather a difference in the
way Ubuntu is presenting its mount points.  The plugin tries to
enumerate and check all mounts.  A better use might be to add the actual
mount points to be monitored with -p

/usr/lib/nagios/plugins/check_disk -w '20%' -c '10%' -e -p / -p /var -p
/boot

12.04:
mount

none on /sys/kernel/debug type debugfs (rw)


14.04:

debugfs on /sys/kernel/debug type debugfs (rw,relatime)
tracefs on /sys/kernel/debug/tracing type tracefs (rw,relatime)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1516451

Title:
  check_disk plugin broken after upgrade to 15.10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nagios-plugins/+bug/1516451/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1214241] Re: Freezes in midgame

[Brian Morton]

Bug is fixed in Wily due to a resync with upstream.

http://changelogs.ubuntu.com/changelogs/pool/universe/z/zsnes/zsnes_1.510+bz2-8/changelog

Also, they added a debug package, which is great news.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1214241

Title:
  Freezes in midgame

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zsnes/+bug/1214241/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer

[Brian Morton]

This worked for me:

ssh -v admin@172.16.3.253 -o KexAlgorithms=diffie-hellman-group14-sha1

source:

http://stackoverflow.com/questions/25341773/cisco-ssh-key-exchange-
fails-from-ubuntu-14-04-client-dh-key-range-mismatch

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/708493

Title:
  Can't login anymore: Read from socket failed: Connection reset by peer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 708493] Re: Can't login anymore: Read from socket failed: Connection reset by peer

[Brian Morton]

This worked for me:

ssh -v admin@172.16.3.253 -o KexAlgorithms=diffie-hellman-group14-sha1

source:

http://stackoverflow.com/questions/25341773/cisco-ssh-key-exchange-
fails-from-ubuntu-14-04-client-dh-key-range-mismatch

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/708493

Title:
  Can't login anymore: Read from socket failed: Connection reset by peer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/708493/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1077650] Re: booting from raid in degraded mode ends in endless loop

[Brian Morton]

I did not file a new bug only because it was a system that I was sending
off for production use and I stuck with the non-LVM RAID for
reliability.  I could attempt reproduction on another system, but I'm
pretty sure it will happen on any system with the steps I described.

Note that I didn't attempt to install on a degraded RAID.  It was
already installed.  I was just testing the ability of the system to boot
degraded.  It fails with LVM2.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1077650

Title:
  booting from raid in degraded mode ends in endless loop

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/1077650/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs