[Bug 1892448] Re: ceph 15.2.3-0ubuntu0.20.04.2 collides with ceph-deploy 2.0.1-0ubuntu1
Hi, I'm not really following this bug report anymore, and I won't test this, but thanks for (most likely) fixing the issue. On a more general note, a question to Canonical: Why does a commercial distro even bother to have things like "-proposed" repos or a bug tracker if it takes 9-10 months to fix an issue *this* trivial in a supposedly supported package, in the most current supposedly supported distro release? And why should people even bother to write bug reports at all? Other people manage to conceive and give birth to a child during the timespan it takes Canonical to simply delete a file. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1892448 Title: ceph 15.2.3-0ubuntu0.20.04.2 collides with ceph-deploy 2.0.1-0ubuntu1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1892448/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1892448] [NEW] ceph 15.2.3-0ubuntu0.20.04.2 collides with ceph-deploy 2.0.1-0ubuntu1
Public bug reported: On an Ubuntu 20.04 installation with the focal-proposed repos enabled and both the ceph/ceph-base/ceph-* packages (which are in main) and the ceph-deploy package (which is in universe) installed, the upgrade from ceph 15.2.3-0ubuntu0.20.04.1 to ceph 15.2.3-0ubuntu0.20.04.2 breaks with the following error message: dpkg: error processing archive /var/cache/apt/archives/ceph-base_15.2.3-0ubuntu0.20.04.2_amd64.deb (--unpack): trying to overwrite '/usr/share/man/man8/ceph-deploy.8.gz', which is also in package ceph-deploy 2.0.1-0ubuntu1 I wasn't even able to solve this by trying to uninstall/purge ceph- deploy using apt-get or aptitude - instead, I had to resort to dpkg --remove --force-remove-reinstreq ceph-deploy I think this is a bug in ceph 15.2.3-0ubuntu0.20.04.2, more specifically in the packaging of ceph-base 15.2.3-0ubuntu0.20.04.2, which probably shouldn't contain the man page for ceph-deploy since it doesn't seem to contain any other ceph-deploy files either. ** Affects: ceph (Ubuntu) Importance: Undecided Status: New ** Description changed: - On an Ubuntu 20.04 installation with the focal-proposed repo enabled and - both the ceph/ceph-base/ceph-* packages (which are in main) and the + On an Ubuntu 20.04 installation with the focal-proposed repos enabled + and both the ceph/ceph-base/ceph-* packages (which are in main) and the ceph-deploy package (which is in universe) installed, the upgrade from ceph 15.2.3-0ubuntu0.20.04.1 to ceph 15.2.3-0ubuntu0.20.04.2 breaks with the following error message: dpkg: error processing archive /var/cache/apt/archives/ceph-base_15.2.3-0ubuntu0.20.04.2_amd64.deb (--unpack): - trying to overwrite '/usr/share/man/man8/ceph-deploy.8.gz', which is also in package ceph-deploy 2.0.1-0ubuntu1 + trying to overwrite '/usr/share/man/man8/ceph-deploy.8.gz', which is also in package ceph-deploy 2.0.1-0ubuntu1 I wasn't even able to solve this by trying to uninstall/purge ceph- deploy using apt-get or aptitude - instead, I had to resort to dpkg --remove --force-remove-reinstreq ceph-deploy - - I think this is a bug in ceph 15.2.3-0ubuntu0.20.04.2, more specifically in the packaging of ceph-base 15.2.3-0ubuntu0.20.04.2, which probably shouldn't contain the man page for ceph-deploy since it doesn't seem to contain any other ceph-deploy files either. + I think this is a bug in ceph 15.2.3-0ubuntu0.20.04.2, more specifically + in the packaging of ceph-base 15.2.3-0ubuntu0.20.04.2, which probably + shouldn't contain the man page for ceph-deploy since it doesn't seem to + contain any other ceph-deploy files either. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1892448 Title: ceph 15.2.3-0ubuntu0.20.04.2 collides with ceph-deploy 2.0.1-0ubuntu1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1892448/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1857257] Re: linux-image-5.0.0-35-generic breaks checkpointing of container
Dear Ubuntu kernel package "maintainers", it seems like you have somehow managed to push *again* a kernel with this broken patch into the bionic- proposed repo - this time, it's kernel 5.4.0-31. Are you doing this on purpose? Kernel 5.4.0-33 with two reverted patches *for this specific bug* and *no other changes* has been out for a whole week now. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1857257 Title: linux-image-5.0.0-35-generic breaks checkpointing of container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1857257/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1857257] Re: linux-image-5.0.0-35-generic breaks checkpointing of container
It seems like the patch you committed to fix this bug causes the overlay module to crash on one of my Ubuntu 18.04 machines. When using linux-generic 5.3.0-52.46, as soon as my gitlab-runner tries to start up a Docker container, dmesg spits out the stuff you can see in the "dmesg-excerpt.txt" attachment. Downgrading to linux-generic 5.3.0-51.44 solves the issue. I haven't bisected this, but looking at the git commit history, your patch looks like the obvious culprit to me. https://kernel.ubuntu.com/git/ubuntu/ubuntu- eoan.git/log/?h=Ubuntu-5.3.0-52.46 ** Attachment added: "dmesg excerpt showing the overlay module crashing" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1857257/+attachment/5366880/+files/dmesg-excerpt.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1857257 Title: linux-image-5.0.0-35-generic breaks checkpointing of container To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1857257/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1875370] [NEW] Add "AmbientCapabilities=CAP_NET_BIND_SERVICE" to systemd unit file
Public bug reported: Please add the line "AmbientCapabilities=CAP_NET_BIND_SERVICE" to the [Service] section of coturn.service so that coturn can bind to ports <1024. See also upstream bug https://github.com/coturn/coturn/issues/421 ** Affects: coturn (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1875370 Title: Add "AmbientCapabilities=CAP_NET_BIND_SERVICE" to systemd unit file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/coturn/+bug/1875370/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1874413] Re: openssl 1.1.1f-1ubuntu2 breaks some TLS connections
*** This bug is a duplicate of bug 1864689 *** https://bugs.launchpad.net/bugs/1864689 This might be a duplicate of bug #1864689 "openssl in 20.04 can't connect to site that was fine in 19.10 and is fine in Chrome and Firefox" https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1864689 https://github.com/openssl/openssl/issues/11236 pub.orcid.org is probably running CentOS 8 or RHEL 8 (educated guess based upon the HTTP Server header "nginx/1.16.1"). ** Bug watch added: github.com/openssl/openssl/issues #11236 https://github.com/openssl/openssl/issues/11236 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1874413 Title: openssl 1.1.1f-1ubuntu2 breaks some TLS connections To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1874413/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1874413] Re: openssl 1.1.1f-1ubuntu2 breaks some TLS connections
** Description changed: On a machine with Ubuntu 20.04 and all available updates installed - (including openssl and libssl openssl 1.1.1f-1ubuntu2): + (including openssl and libssl1.1 1.1.1f-1ubuntu2): user@host:~$ curl 'https://pub.orcid.org/' curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure - - On the same machine, but with the openssl and libssl packages downgraded - to version 1.1.1c-1ubuntu4 from Ubuntu 19.10: + On the same machine, but with the openssl and libssl1.1 packages + downgraded to version 1.1.1c-1ubuntu4 from Ubuntu 19.10: user@host:~$ curl -I 'https://pub.orcid.org/' HTTP/1.1 302 Found Server: nginx/1.16.1 Date: Thu, 23 Apr 2020 09:34:38 GMT Location: https://pub.orcid.org/v3.0/ Transfer-Encoding: chunked Connection: Keep-Alive Set-Cookie: X-Mapping-fjhppofk=EDEB8B375DA428655747278237992826; path=/ - I've also checked this with machines running other distros (OpenWRT and Archlinux), and with those distros, the error occurs neither with - OpenSSL/libssl 1.1.1f nor with OpenSSL/libssl 1.1.1g. This leads me to - assume that the backported patch for CVE-2020-1967 in openssl/libssl 1.1 - .1f-1ubuntu2 is broken. + OpenSSL/libssl1.1 1.1.1f nor with OpenSSL/libssl1.1 1.1.1g. This leads + me to assume that the backported patch for CVE-2020-1967 in + openssl/libssl1.1 1.1.1f-1ubuntu2 is broken. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1874413 Title: openssl 1.1.1f-1ubuntu2 breaks some TLS connections To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1874413/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1874413] [NEW] openssl 1.1.1f-1ubuntu2 breaks some TLS connections
Public bug reported: On a machine with Ubuntu 20.04 and all available updates installed (including openssl and libssl openssl 1.1.1f-1ubuntu2): user@host:~$ curl 'https://pub.orcid.org/' curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure On the same machine, but with the openssl and libssl packages downgraded to version 1.1.1c-1ubuntu4 from Ubuntu 19.10: user@host:~$ curl -I 'https://pub.orcid.org/' HTTP/1.1 302 Found Server: nginx/1.16.1 Date: Thu, 23 Apr 2020 09:34:38 GMT Location: https://pub.orcid.org/v3.0/ Transfer-Encoding: chunked Connection: Keep-Alive Set-Cookie: X-Mapping-fjhppofk=EDEB8B375DA428655747278237992826; path=/ I've also checked this with machines running other distros (OpenWRT and Archlinux), and with those distros, the error occurs neither with OpenSSL/libssl 1.1.1f nor with OpenSSL/libssl 1.1.1g. This leads me to assume that the backported patch for CVE-2020-1967 in openssl/libssl 1.1 .1f-1ubuntu2 is broken. ** Affects: openssl (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1874413 Title: openssl 1.1.1f-1ubuntu2 breaks some TLS connections To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1874413/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1823053] [NEW] wpasupplicant 2.6 w/ openssl 1.1.1 triggers TLSv1.3 version intolerance on WPA2-Enterprise networks on Cosmic and Disco
Public bug reported: Ubuntu 18.10 "Cosmic" and 19.04 "Disco" currently ship with both wpasupplicant 2.6 and openssl/libssl 1.1.1, although upstream only supports OpenSSL 1.1.1 starting with wpasupplicant 2.7. OpenSSL 1.1.1 introduced support for TLS 1.3, and introduced new APIs to configure the parameters governing TLS connections using TLS >= 1.3. OpenSSL also decided that it would enable TLS 1.3 by default even for software that had only been built for libssl <= 1.1.0 and hence couldn't "know" about the new APIs. This leads to a situation where software that was designed/built for OpenSSL 1.1.0 and TLS 1.2 will also offer TLS 1.3, without any possibility for end users to disable such behavior. One case where this causes problems is wpasupplicant: wpasupplicant 2.7 officially introduced support for OpenSSL 1.1.1, which mainly consists of disabling TLS 1.3 by default and adding a configuration flag allowing end users to selectively enable it for connections when they see fit. wpasupplicant 2.6, however, as shipped with Ubuntu 18.10 and 19.04, does not offer such a possibility, and hence tries negotiating TLS 1.3 (alongside with older versions all the way down to TLS 1.0). Sadly, there are RADIUS servers which suffer from TLS version intolerance and will refuse authentication when the client offers TLS 1.3. I know of such a case with a German university's eduroam wifi, but I doubt this is the only case where this causes problems. As a dirty stopgap measure, I've installed the wpasupplicant 2.7 package from Debian Buster (https://packages.debian.org/buster/wpasupplicant), and I've asked the NOC at the affected university to upgrade/reconfigure their RADIUS server to make the version intolerance go away - but still, this is a bug that should be fixed in Ubuntu, preferably by backporting wpasupplicant 2.7. ** Affects: wpa (Ubuntu) Importance: Undecided Status: New ** Tags: eap eduroam libssl openssl peap tls1.3 tlsv1.3 ttls wpa wpa-enterprise wpasupplicant -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1823053 Title: wpasupplicant 2.6 w/ openssl 1.1.1 triggers TLSv1.3 version intolerance on WPA2-Enterprise networks on Cosmic and Disco To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1823053/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1777474] Re: Netinstall ISO offers usage of HTTPS mirrors but lacks ca-certificates
Can somebody please have a look at this? Booting an ISO and checking if HTTPS works, or simply adding a certain deb package to the default installer ISO shouldn't really be rocket science. ** Changed in: debian-installer (Ubuntu) Status: Expired => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1777474 Title: Netinstall ISO offers usage of HTTPS mirrors but lacks ca-certificates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1777474/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1777474] Re: Netinstall ISO offers usage of HTTPS mirrors but lacks ca-certificates
Yes, I can reproduce the issue with that ISO as well. Since I've booted the ISO in a VM with only a serial console and no video card, I've added "console=ttyS0,115200" to the installer kernel's cmdline in GRUB, and cancelled installation as soon as possible to get to the big menu with all the installation steps, so I could select "Execute shell". From there, I've tried downloading a file from an HTTPS site with a valid Let's Encrypt certificate, and got the ominous "ERROR: cannot verify $HOSTNAME's certificate, issued by $CA: Unable to locally verify the issuer's authority." message. So yes, the "official" installer ISO images seem to lack the ca- certificates package as well. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1777474 Title: Netinstall ISO offers usage of HTTPS mirrors but lacks ca-certificates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1777474/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1777474] [NEW] Netinstall ISO offers usage of HTTPS mirrors but lacks ca-certificates
Public bug reported: When using the netboot ISO (https://ftp.halifax.rwth- aachen.de/ubuntu/dists/bionic/main/installer- amd64/20101020ubuntu543/images/netboot/mini.iso) in the "expert command line mode", the installer asks the user to select between the protocols HTTP, HTTPS and FTP when specifying a mirror server. However, HTTPS mirrors don't work at all since the ISO lacks the "ca-certificates" package. When using the installer in the "non-expert"/"normal" command line mode, even when manually specifying an HTTPS mirror, either HTTP gets used or the mirror server's certificates don't get checked at all (haven't found out yet which of the two possibilities applies). Either way, the ca-certificates package should be included in the netboot iso. ** Affects: ubuntu Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1777474 Title: Netinstall ISO offers usage of HTTPS mirrors but lacks ca-certificates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1777474/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
