[Bug 1999490] Re: Missing CVE in Nvidia driver 515 packages
I think we fixed this in December 2022: https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics- drivers-510/+bug/1997087 https://git.launchpad.net/ubuntu-cve- tracker/tree/active/CVE-2022-34673#n360 Thanks ** Information type changed from Private Security to Public Security ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-34673 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1999490 Title: Missing CVE in Nvidia driver 515 packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-515/+bug/1999490/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1673431] Re: Make kernel readable by non-root users
Hello KolAflash, thanks for writing; the wiki page in question has this suggestion: # echo "UMASK=0077" >> /etc/initramfs-tools/initramfs.conf Which should take care of the secrets in case the administrator chooses to use this mechanism to automatically supply keys to LUKS, right? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1673431 Title: Make kernel readable by non-root users To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libguestfs/+bug/1673431/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2037897] Re: FreeCAD unable to create new document under wayland
** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2037897 Title: FreeCAD unable to create new document under wayland To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freecad/+bug/2037897/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1829588] Re: make it easy to add proposed; help text outdated
Apparently this exists now via the new -p flag, but doesn't currently work in releases with deb822 formatted sources lists: https://bugs.launchpad.net/ubuntu/+source/software- properties/+bug/2061128 ** Changed in: software-properties (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1829588 Title: make it easy to add proposed; help text outdated To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1829588/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064750] Re: block probing crashed with ValueError
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064750 Title: block probing crashed with ValueError To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/2064750/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064685] Re: write says write: effective gid does not match group of /dev/pts/5
Hello Robert, I believe this is intentional. If you wish to restore the previous behavior, it should be sufficient to change /usr/bin/write.ul to root:tty 02755. Thanks ** Changed in: util-linux (Ubuntu) Status: New => Confirmed ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064685 Title: write says write: effective gid does not match group of /dev/pts/5 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/2064685/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055776] Re: After updating ubuntu, the network to which the subnet address is assigned does not become active in KVM.
Two different services attempting to bind on a single (IP, port) tuple is going to lead to a failure of one of the services. Prior to this update it was a silent failure, which serves only to make debugging problems more difficult. I can empathize with the feeling that things shouldn't break in an LTS release, but it was quietly broken already. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055776 Title: After updating ubuntu, the network to which the subnet address is assigned does not become active in KVM. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/2055776/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064479] Re: file error keeps repeating after any Terminal installation with APT this is the error I receive "open `20auto-upgrades.merge-error"
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064479 Title: file error keeps repeating after any Terminal installation with APT this is the error I receive "open `20auto-upgrades.merge-error" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/2064479/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064353] Re: nslookup - hit enter with no args or options, prompt advances one line and shows a > operator; then hit ctrl c and normal prompt returns, but now all entries typed at prompt are invi
Hello Spencer, thanks for the report. This is pretty common with programs that provide a more "interactive" experience. There's two tools that can help recover from this, reset(1) and stty(1). When this happens, run: reset or stty sane Both should fix this specific case. But sometimes one or the other one is required to fix your terminal, so it's helpful to know both of them. Thanks ** Information type changed from Private Security to Public ** Changed in: bind9 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064353 Title: nslookup - hit enter with no args or options, prompt advances one line and shows a > operator; then hit ctrl c and normal prompt returns, but now all entries typed at prompt are invisible as though entering a sudo password; commands still execute. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/2064353/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064306] Re: error
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064306 Title: error To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/2064306/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064141] Re: default config in noble prevents start of fail2ban
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064141 Title: default config in noble prevents start of fail2ban To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/fail2ban/+bug/2064141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064007] Re: execve from NetworkManager fails - wrong path in app-armor profile?
Hello Christopher, thanks for the bug report. Note that due to ISC stepping back from their DHCP packages, we've switched to dhcpcd as the "default" dhcp client. Probably a patch to fix this would be accepted, but it might not be anybody's priority to work on it. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064007 Title: execve from NetworkManager fails - wrong path in app-armor profile? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/2064007/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2063932] Re: ULTS 24 AppArmor configuration parsing and loading error
** Information type changed from Private Security to Public ** Changed in: apparmor (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063932 Title: ULTS 24 AppArmor configuration parsing and loading error To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2063932/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2063927] Re: package libc6 2.35-0ubuntu3.6 failed to install/upgrade: yeni libc6:amd64 paketi pre-installation betiği alt süreci 2 hatalı çıkış kodu ile sona erdi
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063927 Title: package libc6 2.35-0ubuntu3.6 failed to install/upgrade: yeni libc6:amd64 paketi pre-installation betiği alt süreci 2 hatalı çıkış kodu ile sona erdi To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/2063927/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064192] Re: Unable to resize windows
** Package changed: ubuntu => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064192 Title: Unable to resize windows To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2064192/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064530] Re: Include support for .NET 8 for Ubuntu on Power
Was this filed against the correct package? https://launchpad.net/ubuntu/+source/dotnet8 looks more appropriate. It's a pity this request wasn't made two months ago, 24.04's Feature Freeze date was February 29 https://discourse.ubuntu.com/t/noble-numbat- release-schedule/35649 -- it might have been trivial then, I don't know what the path is for this now, but it won't be as quick and easy. I suggest working on a debdiff for the dotnet8 package to get it to build and pass the test suites etc. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064530 Title: Include support for .NET 8 for Ubuntu on Power To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2064530/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062667] Re: Fails on (and should be removed from) raspi desktop
I'm having trouble seeing what the consequences are: > the result is a permanently failed service vs > this is was a major annoyance on my m2 air after upgrading to noble Was it it more than a red line in systemctl status output? Does it have annoying logging behaviour or break some other service if it isn't running? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062667 Title: Fails on (and should be removed from) raspi desktop To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/protection-domain-mapper/+bug/2062667/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054296] Re: Don't restrict to linux-laptop
@Tobias, that bug is 15 years old. Perhaps you meant another one? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054296 Title: Don't restrict to linux-laptop To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/protection-domain-mapper/+bug/2054296/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056627] Re: PHPStorm crashes when opening a project
The unfortunate thing with AppImage is that there's no easy default path that can be confined as can be done for other systems. So you'll need to construct an AppArmor profile for your applications following the instructions at https://discourse.ubuntu.com/t/noble-numbat-release- notes/39890#unprivileged-user-namespace-restrictions-15 Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056627 Title: PHPStorm crashes when opening a project To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2056627/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2063830] Re: package nginx-core (not installed) failed to install/upgrade: installed nginx-core package post-installation script subprocess returned error exit status 1
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063830 Title: package nginx-core (not installed) failed to install/upgrade: installed nginx-core package post-installation script subprocess returned error exit status 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2063830/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2041751] Re: RM: Remove dangerously insecure MPPE PPTP from Ubuntu
Hey James, thanks for maintaining pptpd for so many years. I know I'm cranky when old software I use is removed just because it's no longer in fashion. But we do try to move people to safer protocols and safer programs over time. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2041751 Title: RM: Remove dangerously insecure MPPE PPTP from Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/2041751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2063536] Re: flickering screen
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063536 Title: flickering screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/2063536/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2063884] [NEW] ubuntu-bug can't report bugs in Ubuntu Pro packages
Public bug reported: Hello, ubuntu-bug can't report bugs in packages provided by Ubuntu Pro. For example, I have lynx installed, which has an update issued through esm-apps: $ dpkg -l lynx | grep ^ii ii lynx 2.9.0dev.5-1ubuntu0.1~esm1 amd64classic non-graphical (text-mode) web browser $ ubuntu-bug lynx *** Collecting problem information The collected information can be sent to the developers to improve the application. This might take a few minutes. . *** Problem in lynx The problem cannot be reported: This is not an official Ubuntu package. Please remove any third party package and try again. Press any key to continue... ^? No pending crash reports. Try --help for more information. ** Affects: apport (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063884 Title: ubuntu-bug can't report bugs in Ubuntu Pro packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/2063884/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2061249] Re: remmina crashed with SIGABRT in freerdp_settings_get_bool()
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2061249 Title: remmina crashed with SIGABRT in freerdp_settings_get_bool() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/remmina/+bug/2061249/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2061289] Re: drkonqi crashed with SIGABRT in QScreen::QScreen()
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2061289 Title: drkonqi crashed with SIGABRT in QScreen::QScreen() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/drkonqi/+bug/2061289/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054480] Re: [MIR] nbd-client
I gave the nbd-client.c file a very quick read and it looked moderately well-written to me. It feels like it's got nearly three decades of history to it -- solid, been around a while, and maybe you'd do things different if you were doing it again, but it exists today and solves problems, today. So, ACK. :) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054480 Title: [MIR] nbd-client To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nbd/+bug/2054480/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2063271] Re: Illegal opcode in libssl
** Package changed: openssh (Ubuntu) => openssl (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063271 Title: Illegal opcode in libssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2063271/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2063099] Re: Stopping container signal blocked by AppArmor on Ubuntu
AppArmor's signal handling is a bit more involved than eg capabilities or file accesses: both the sender profile and receiver profile need to have signal rules to allow sending the signal or receiving the signal, as appropriate. 23.10 and 24.04 LTS have introduced restrictions on unprivileged namespaces to try to mitigate against kernel exploits. The details have changed between 23.10 and 24.04 LTS, so it's possible that upgrading to 24.04 LTS will be sufficient to fix this -- especially if the AppArmor profiles have been updated during the development cycle. I'm not sure what exactly to suggest as I don't know the various kinds of Docker available, where the profiles live, etc. But hopefully these hints will help you get to a fix. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063099 Title: Stopping container signal blocked by AppArmor on Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/2063099/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2063009] Re: package linux-headers-6.5.0-28-generic 6.5.0-28.29~22.04.1 failed to install/upgrade: installed linux-headers-6.5.0-28-generic package post-installation script subprocess was killed
** Changed in: linux-hwe-6.5 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063009 Title: package linux-headers-6.5.0-28-generic 6.5.0-28.29~22.04.1 failed to install/upgrade: installed linux-headers-6.5.0-28-generic package post-installation script subprocess was killed by signal (Terminated) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-hwe-6.5/+bug/2063009/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2061869] Re: Snaps unable to connect to network under linux-lowlatency 6.8.0-25.25.3
*** This bug is a duplicate of bug 2061851 *** https://bugs.launchpad.net/bugs/2061851 ** This bug has been marked a duplicate of bug 2061851 linux-gcp 6.8.0-1005.5 (+ others) Noble kernel regression with new apparmor profiles/features -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2061869 Title: Snaps unable to connect to network under linux-lowlatency 6.8.0-25.25.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2061869/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2061029] Re: prelink FTBFS on Noble
Does prelink even work? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2061029 Title: prelink FTBFS on Noble To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/prelink/+bug/2061029/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
I've been asked to try to help these updates along; I'm not on the SRU team so I can't give concrete directions, only suggestions. My assumption is that these package updates should be published first to -updates for autopkgtest testing, and once they have passed testing and phased to users, then we should republish these updates to -security so that they are available to all users. Does this sound correct? This is much easier to execute if the updates have been built in a PPA with only -security enabled, and not -updates. (The -security pocket is built with only packages from -release and -security, not -updates.) Do packages built in such a PPA exist? The SRU workflow asks for packages to be either uploaded with dput to the queue or debdiffs provided. I see some debdiffs here, but some additional work was performed after most of the debdiffs were uploaded. Are the posted debdiffs something that the SRU team should work with? The Ubuntu Sponsors team was added around three weeks ago, before much of the work was done, it's entirely possible that this has fallen off their radar as a result. (And, the general hustle of responding to the xz-utils issue, release time goals, etc.) So, with the reminder that I'm not on the SRU team, I think the next steps should be: - prepare a PPA with only -security enabled - build packages - ask SRU team to move the packages to -proposed and see how autopkgtests go - phase the update - ask the security team to binary copy the packages to -security once it's proven in the field What do you think? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060378] Re: ubuntu stuck at every day
Hello, input/output errors like this are usually an indicator of failing hardware. Make sure your backups are in good working order, and make sure you don't overwrite backups with bad data. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060378 Title: ubuntu stuck at every day To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2060378/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060389] Re: Lock screen doesn't prevent media keys from working
Hello Jussi, thanks for the report. I believe this is an intentional design choice -- if someone cannot stop music gently they may do so violently. Thanks ** Changed in: gnome-shell (Ubuntu) Status: New => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060389 Title: Lock screen doesn't prevent media keys from working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2060389/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060084] Re: tracker-extract-3 crashed with SIGSYS in epoll_wait()
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060084 Title: tracker-extract-3 crashed with SIGSYS in epoll_wait() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tracker-miners/+bug/2060084/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058690] Re: aa-easyprof: allow mmap and link from easyprof generated profiles
The 'm' permission shouldn't be a default; restricting what the CPU will execute is a very useful security mitigation. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058690 Title: aa-easyprof: allow mmap and link from easyprof generated profiles To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2058690/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059125] Re: tracker-extract-3 crashed with SIGSYS in __GI_epoll_pwait()
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059125 Title: tracker-extract-3 crashed with SIGSYS in __GI_epoll_pwait() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tracker-miners/+bug/2059125/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058755] Re: tracker-extract-3 crashed with SIGSYS in __GI_epoll_pwait()
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058755 Title: tracker-extract-3 crashed with SIGSYS in __GI_epoll_pwait() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tracker-miners/+bug/2058755/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058688] Re: gnome-shell crashed with SIGABRT
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058688 Title: gnome-shell crashed with SIGABRT To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2058688/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2057943] Re: Can't disable or modify snap package apparmor rules
I'm adding the snapd package as it feels plausible that snapd could make this task easier, too. ** Also affects: snapd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2057943 Title: Can't disable or modify snap package apparmor rules To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2057943/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060817] Re: gnome-initial-setup hardcoded to Ubuntu branding, not overridable
Erich, I think the only 'Ubuntu system builds' that would have Ubuntu Pro enabled in any way are the images at cloud providers that automatically attach to Ubuntu Pro with on-demand subscription pricing: - https://aws.amazon.com/about-aws/whats-new/2023/04/amazon-ec2-ubuntu-pro-subscription-model/ - https://azuremarketplace.microsoft.com/en-us/marketplace/apps/canonical.0001-com-ubuntu-pro-jammy - https://cloud.google.com/blog/products/compute/ubuntu-pro-available-on-google-cloud I don't think any images have been prepared for flavors that enable Ubuntu Pro through the cloud infrastructure automatic provisioning. I'm not sure flavors even make much sense in the cloud environments. Are there other images being built somewhere out of packages only available with an Ubuntu Pro subscription? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060817 Title: gnome-initial-setup hardcoded to Ubuntu branding, not overridable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-initial-setup/+bug/2060817/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1977614] Re: [MIR] fdk-aac-free
It's on the security team's todo list to try to bring issues discovered during the MIR to the attention of the Fraunhofer team. Hopefully they'll be more receptive than the Android team. It sounds like there are open questions if this is actually useful for us; is the version without the efficiency codecs actually solving a problem? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1977614 Title: [MIR] fdk-aac-free To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/fdk-aac-free/+bug/1977614/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1977614] Re: [MIR] fdk-aac-free
** Changed in: fdk-aac-free (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => Jeremy Bícha (jbicha) ** Changed in: fdk-aac-free (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1977614 Title: [MIR] fdk-aac-free To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/fdk-aac-free/+bug/1977614/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2004516] Re: [MIR] libyuv (transitive dependency of libheif)
Hello, the MIR process says any MIRs assigned to the security team after the Beta Freeze deadline need to be discussed with the Director of Security Engineering: For a MIR to be considered for a release, it must be assigned to the Security team (by the MIR team) before Beta Freeze. This does not guarantee that a security review can be completed by Final Release. Ask the director of Security for exceptions. https://github.com/canonical/ubuntu-mir?tab=readme-ov-file#security- reviews Please find a few minutes on Alex Burrage's calendar and schedule a meeting. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2004516 Title: [MIR] libyuv (transitive dependency of libheif) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libyuv/+bug/2004516/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2019951] Re: [MIR] libmysofa
** Changed in: libmysofa (Ubuntu) Status: New => Won't Fix ** Changed in: libmysofa (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2019951 Title: [MIR] libmysofa To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libmysofa/+bug/2019951/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2046636] Re: Mouse is erratic moving even i am not using it
I had a similar problem. Flip the mouse over and look for a hair in the sensor. If that isn't it, try replacing the mouse, it might be a bad cable or similar. (That worked for me.) ** Changed in: linux (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2046636 Title: Mouse is erratic moving even i am not using it To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2046636/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059367] Re: SSH-RSA not supported for Self-SSH in Ubuntu 22.04 FIPS
Hello Arunaav, I'm curious if you could double-check the testing environment to make sure the user accounts are as you expected? chmod 0600 /home/core/.ssh/authorized_keys ssh -i .ssh/id_rsa onprem_shell@10.14.169.25 ssh -v user@10.14.169.25 debug1: identity file /root/.ssh/id_rsa type -1 There's usernames 'core', 'onprem_shell', 'user', and 'root' in play here, and I think it'd be extraordinarily easy to perhaps use sudo or another privilege changing tool in such a way that it is using the wrong private key or the wrong authorized_keys file, etc. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059367 Title: SSH-RSA not supported for Self-SSH in Ubuntu 22.04 FIPS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2059367/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058082] [NEW] wget2 --mirror leaves the specified host
Public bug reported: Hello, I wanted a mirror of the irc logs hosted on https://irclogs.ubuntu.com/ and started the project with: wget --mirror https://irclogs.ubuntu.com/ This worked okay but was very slow, as there's probably hundreds of thousands of links to traverse. I switched to wget2 to get the multiple simultaneous connections, and ran with: wget2 --mirror https://irclogs.ubuntu.com I assumed that wget2 would try to accomplish the same thing: mirror that site *and only that site*. What actually happened was that it followed a link on that site to ubuntu.com and downloaded two and a half million files like this: $ find ubuntu.com/ -ls | head -20 11190888 995121 drwxr-xr-x 48 sarnold sarnold 2417914 Mar 16 01:47 ubuntu.com/ 6717440 37 -rw-r--r-- 1 sarnold sarnold 73591 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=epiphanyamp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=40 6717456 29 -rw-r--r-- 1 sarnold sarnold 73469 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=opensshamp;amp;amp;amp;amp;offset=40 6717468 37 -rw-r--r-- 1 sarnold sarnold 73687 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=webkitgtkamp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=0 6717648 29 -rw-r--r-- 1 sarnold sarnold 73527 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=opensshamp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=0 6717662 29 -rw-r--r-- 1 sarnold sarnold 73555 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=grub2-unsignedamp;amp;amp;amp;amp;amp;amp;amp;amp;offset=60 6717758 37 -rw-r--r-- 1 sarnold sarnold 73625 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=opensshamp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=80 6717786 37 -rw-r--r-- 1 sarnold sarnold 73693 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=php8.0amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=0 6717790 37 -rw-r--r-- 1 sarnold sarnold 73591 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=grub2-unsignedamp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=80 6717980 29 -rw-r--r-- 1 sarnold sarnold 73435 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=epiphanyamp;amp;amp;amp;amp;amp;offset=80 6717984 37 -rw-r--r-- 1 sarnold sarnold 73589 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=opensshamp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=20 6717986 37 -rw-r--r-- 1 sarnold sarnold 73649 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=awstatsamp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=40 6718000 29 -rw-r--r-- 1 sarnold sarnold 73495 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=grub2-unsignedamp;amp;amp;amp;offset=60 6718034 37 -rw-r--r-- 1 sarnold sarnold 73649 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=mozjs60amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=60 6718176 29 -rw-r--r-- 1 sarnold sarnold 73555 Mar 16 01:23 ubuntu.com/security?q=amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;package=vlcamp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;offset=0 6718210 37 -rw-r--r-- 1 sarnold sarnold 73629 Mar 16 01:23
[Bug 2048768] Re: Autopkgtest failures on amd64
I added llvm and gcc toolchains to the affected packages list here based on some internet reports, not my own testing: https://stackoverflow.com/questions/77894856/possible-bug-in-gcc-sanitizers https://stackoverflow.com/questions/77826203/addresssanitizer-randomly-throws-sigsegv-with-no-explanation?noredirect=1=1 https://github.com/llvm/llvm-project/commit/fb77ca05ffb4f8e666878f2f6718a9fb4d686839 https://gitlab.archlinux.org/archlinux/packaging/packages/gcc/-/commit/15cbe5ecc28cc4f52a38bad5a5cecaaa8a66a020 https://github.com/actions/runner-images/issues/9491#issuecomment-1996621369 This looks like the most useful comment from the github runners issue: https://github.com/actions/runner- images/issues/9491#issuecomment-1989718917 -- I strongly suggest starting here. And thanks to Daniel Stenberg for bringing this to our attention: https://mastodon.social/@bagder/112093452688780674 https://answers.launchpad.net/ubuntu/+source/llvm-toolchain-14/+question/709571 Thanks ** Bug watch added: github.com/actions/runner-images/issues #9491 https://github.com/actions/runner-images/issues/9491 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048768 Title: Autopkgtest failures on amd64 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gcc-10/+bug/2048768/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048768] Re: Autopkgtest failures on amd64
** Also affects: llvm-toolchain-15 (Ubuntu) Importance: Undecided Status: New ** Also affects: llvm-toolchain-16 (Ubuntu) Importance: Undecided Status: New ** Also affects: llvm-toolchain-17 (Ubuntu) Importance: Undecided Status: New ** Also affects: llvm-toolchain-18 (Ubuntu) Importance: Undecided Status: New ** Also affects: gcc-8 (Ubuntu) Importance: Undecided Status: New ** Also affects: gcc-9 (Ubuntu) Importance: Undecided Status: New ** Also affects: gcc-10 (Ubuntu) Importance: Undecided Status: New ** Also affects: gcc-11 (Ubuntu) Importance: Undecided Status: New ** Also affects: gcc-12 (Ubuntu) Importance: Undecided Status: New ** Also affects: gcc-13 (Ubuntu) Importance: Undecided Status: New ** Also affects: gcc-14 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048768 Title: Autopkgtest failures on amd64 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gcc-10/+bug/2048768/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055434] Re: [MIR] pemmican
** Tags added: sec-3971 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055434 Title: [MIR] pemmican To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pemmican/+bug/2055434/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056616] [NEW] left-over ceph debugging printks
Public bug reported: Hello, a pal recently mentioned some debugging printk statements in our kernels, eg: evict_inodes inode d69da69b, i_count = 1, was skipped! https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2037214 has some additional details. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2041613 looks like an effort to remove it? This apparently hasn't been finished yet, and it's in the middle of a big run of actual real work, so it might not be super-easy to just yank this out, it might also justify a larger look at the surrounding context. In noble master-next: https://git.launchpad.net/~ubuntu- kernel/ubuntu/+source/linux/+git/noble/commit/fs/inode.c?h=master- next=603b74b4176fdf6ab2fb83306136947296e7aeb4 Thanks ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056616 Title: left-over ceph debugging printks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2056616/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2052961] Re: Error: OCI runtime error: crun: chmod : Operation not supported
** Also affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2052961 Title: Error: OCI runtime error: crun: chmod : Operation not supported To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2052961/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055521] Re: Xorg freeze
Hello, thanks for the bug report. I suggest taking your dmesg output (from CurrentDmesg.txt) to the virtualbox developers, it looks very unhappy. Thanks ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055521 Title: Xorg freeze To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/2055521/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055435] Re: package openmpi-bin 4.0.3-0ubuntu1 failed to install/upgrade: installed openmpi-bin package pre-removal script 서브프로세스가 오류 종료 상태 2를 반환했습니다
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055435 Title: package openmpi-bin 4.0.3-0ubuntu1 failed to install/upgrade: installed openmpi-bin package pre-removal script 서브프로세스가 오류 종료 상태 2를 반환했습니다 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openmpi/+bug/2055435/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055402] Re: Though lintian call: error: troff: Segmentation fault
Loïc, it's possible the 'fix' (really a work-around) is to add `flags=(attach_disconnected)` to the profile in question. (I'm guessing that would be enough to prevent AppArmor from replacing the file.) In your logs it looks like it's already trying to use /tmp/output. This might be unsafe, depending upon the specific sequence of systemcalls used and the settings of: /proc/sys/fs/protected_fifos /proc/sys/fs/protected_hardlinks /proc/sys/fs/protected_regular /proc/sys/fs/protected_symlinks Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055402 Title: Though lintian call: error: troff: Segmentation fault To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/groff/+bug/2055402/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055373] Re: package phpmyadmin 4:5.2.1+dfsg-1ubuntu1 failed to install/upgrade: installed phpmyadmin package pre-removal script subprocess returned error exit status 1
If I'm reading the terminal log correctly, this is a local configuration problem that you need to address on your own system. Thanks ** Information type changed from Private Security to Public ** Changed in: phpmyadmin (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055373 Title: package phpmyadmin 4:5.2.1+dfsg-1ubuntu1 failed to install/upgrade: installed phpmyadmin package pre-removal script subprocess returned error exit status 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/phpmyadmin/+bug/2055373/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055334] Re: package shim-signed 1.56+15.7-0ubuntu1 failed to install/upgrade: dependency problems - leaving triggers unprocessed
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055334 Title: package shim-signed 1.56+15.7-0ubuntu1 failed to install/upgrade: dependency problems - leaving triggers unprocessed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/2055334/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055226] Re: mount option `users` blocks ntfs to mount
Hello, thanks for the report; note that the fstab(5) and mount(8) man pages both say "user", singular, not "users", plural. That's probably why your mount command didn't work when run as a user. I don't know about the gio or udisksctl tool errors, I'm unfamiliar with their operation. Maybe they were also looking for "user"? Thanks ** Information type changed from Private Security to Public ** Changed in: util-linux (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055226 Title: mount option `users` blocks ntfs to mount To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/2055226/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055220] Re: mypaint
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055220 Title: mypaint To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mypaint/+bug/2055220/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055135] Re: [CREF-XX, Conexant SN6140, Black Headphone Out, Left] No sound at all
I suggest talking with the virtualbox devs: [4.040754] UBSAN: array-index-out-of-bounds in /tmp/vbox.0/common/log/log.c:1791:41 It may or may not be related to your audio issues, but it can't be good. Thanks ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055135 Title: [CREF-XX, Conexant SN6140, Black Headphone Out, Left] No sound at all To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/2055135/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054885] Re: Engrampa cannot open password-protected 7zip file
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054885 Title: Engrampa cannot open password-protected 7zip file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/engrampa/+bug/2054885/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054849] Re: request to /storage/v2?wait=true crashed with HTTPError
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public ** Tags added: mantic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054849 Title: request to /storage/v2?wait=true crashed with HTTPError To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/subiquity/+bug/2054849/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054613] Re: [HP EliteBook 840 G3 with Skylake GT2 [HD Graphics 520]] Did not idle and logout .. instead Screen Flickering between (1) Bright or (Low visibility) Dark or Black no inbetween & brig
I couldn't see anything to suggest vagrant was actually involved. ** Package changed: vagrant (Ubuntu) => ubuntu -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054613 Title: [HP EliteBook 840 G3 with Skylake GT2 [HD Graphics 520]] Did not idle and logout .. instead Screen Flickering between (1) Bright or (Low visibility) Dark or Black no inbetween & brightness controller does not set brightness and sound stopped working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2054613/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054613] Re: [HP EliteBook 840 G3 with Skylake GT2 [HD Graphics 520]] Did not idle and logout .. instead Screen Flickering between (1) Bright or (Low visibility) Dark or Black no inbetween & brig
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054613 Title: [HP EliteBook 840 G3 with Skylake GT2 [HD Graphics 520]] Did not idle and logout .. instead Screen Flickering between (1) Bright or (Low visibility) Dark or Black no inbetween & brightness controller does not set brightness and sound stopped working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2054613/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054507] Re: Installation is crashed for unknown reason
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054507 Title: Installation is crashed for unknown reason To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/2054507/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054370] Re: unable to ihstall
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054370 Title: unable to ihstall To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub-installer/+bug/2054370/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054343] Re: arm64 build of gcc-10 10.5.0-3ubuntu1 still broken (CVE-2023-4039 still open)
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054343 Title: arm64 build of gcc-10 10.5.0-3ubuntu1 still broken (CVE-2023-4039 still open) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gcc-10/+bug/2054343/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2052809] Re: [MIR] bpftrace
I don't have a noble vm up and running yet, has this issue been addressed yet? https://bugs.launchpad.net/ubuntu/+source/bpftrace/+bug/1969625 https://github.com/bpftrace/bpftrace/issues/954 It's pretty annoying to need to configure and install a ddeb package just to use these binaries. At least that was required on my 22.04 LTS machine: sarnold@wopr:/newsrv/trees/ubuntu/main/s/systemd/systemd_252.5-2ubuntu3 1 $ sudo apt install bpftrace Reading package lists... Done Building dependency tree... Done Reading state information... Done The following packages were automatically installed and are no longer required: libflashrom1 libftdi1-2 Use 'sudo apt autoremove' to remove them. The following additional packages will be installed: libclang1-11 The following NEW packages will be installed: bpftrace libclang1-11 0 upgraded, 2 newly installed, 0 to remove and 61 not upgraded. Need to get 0 B/6,682 kB of archives. After this operation, 27.6 MB of additional disk space will be used. Do you want to continue? [Y/n] Get:1 file:/srv/mirror/ubuntu jammy/universe amd64 libclang1-11 amd64 1:11.1.0-6 [6,053 kB] Get:2 file:/srv/mirror/ubuntu jammy/universe amd64 bpftrace amd64 0.14.0-1 [628 kB] Selecting previously unselected package libclang1-11. (Reading database ... 156956 files and directories currently installed.) Preparing to unpack .../libclang1-11_11.1.0-6_amd64.deb ... Unpacking libclang1-11 (1:11.1.0-6) ... Selecting previously unselected package bpftrace. Preparing to unpack .../bpftrace_0.14.0-1_amd64.deb ... Unpacking bpftrace (0.14.0-1) ... Setting up libclang1-11 (1:11.1.0-6) ... Setting up bpftrace (0.14.0-1) ... Processing triggers for man-db (2.10.2-1) ... Processing triggers for libc-bin (2.35-0ubuntu3.6) ... sarnold@wopr:/newsrv/trees/ubuntu/main/s/systemd/systemd_252.5-2ubuntu3 9s $ sudo opensnoop.bt Attaching 6 probes... ERROR: Could not resolve symbol: /proc/self/exe:BEGIN_trigger sarnold@wopr:/newsrv/trees/ubuntu/main/s/systemd/systemd_252.5-2ubuntu3 255 $ sudo execsnoop.bt Attaching 3 probes... ERROR: Could not resolve symbol: /proc/self/exe:BEGIN_trigger [...] sarnold@wopr:/newsrv/trees/ubuntu/main/s/systemd/systemd_252.5-2ubuntu3 255 $ sudo apt install bpftrace-dbgsym Reading package lists... Done Building dependency tree... Done Reading state information... Done E: Unable to locate package bpftrace-dbgsym sarnold@wopr:/newsrv/trees/ubuntu/main/s/systemd/systemd_252.5-2ubuntu3 100 $ echo "deb http://ddebs.ubuntu.com $(lsb_release -cs) main restricted universe multiverse deb http://ddebs.ubuntu.com $(lsb_release -cs)-updates main restricted universe multiverse deb http://ddebs.ubuntu.com $(lsb_release -cs)-proposed main restricted universe multiverse" | \ sudo tee -a /etc/apt/sources.list.d/ddebs.list deb http://ddebs.ubuntu.com jammy main restricted universe multiverse deb http://ddebs.ubuntu.com jammy-updates main restricted universe multiverse deb http://ddebs.ubuntu.com jammy-proposed main restricted universe multiverse sarnold@wopr:/newsrv/trees/ubuntu/main/s/systemd/systemd_252.5-2ubuntu3 $ sudo apt update && sudo apt install bpftrace-dbgsym Get:1 file:/srv/mirror/ubuntu jammy InRelease [270 kB] Get:1 file:/srv/mirror/ubuntu jammy InRelease [270 kB] Get:2 file:/srv/mirror/ubuntu jammy-updates InRelease [119 kB] Get:3 file:/srv/mirror/ubuntu jammy-security InRelease [110 kB] Get:2 file:/srv/mirror/ubuntu jammy-updates InRelease [119 kB] Get:3 file:/srv/mirror/ubuntu jammy-security InRelease [110 kB] Get:4 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB] Get:5 file:/srv/mirror/ubuntu jammy-updates/main Sources [475 kB] Get:6 file:/srv/mirror/ubuntu jammy-updates/main amd64 Packages [1,413 kB] Get:7 file:/srv/mirror/ubuntu jammy-updates/main i386 Packages [576 kB] Get:8 https://esm.ubuntu.com/apps/ubuntu jammy-apps-security InRelease [7,553 B] Get:9 http://ddebs.ubuntu.com jammy InRelease [41.3 kB] Get:10 https://esm.ubuntu.com/apps/ubuntu jammy-apps-updates InRelease [7,456 B] Get:11 http://ddebs.ubuntu.com jammy-updates InRelease [41.3 kB] Get:12 file:/srv/mirror/ubuntu jammy-updates amd64 Contents (deb) [88.0 MB] Get:13 https://esm.ubuntu.com/infra/ubuntu jammy-infra-security InRelease [7,450 B] Get:14 http://ddebs.ubuntu.com jammy-proposed InRelease [41.4 kB] Err:9 http://ddebs.ubuntu.com jammy InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C8CAB6595FDFF622 Get:15 https://esm.ubuntu.com/infra/ubuntu
[Bug 2052813] Re: [MIR] bpfcc
> Specific binary packages built, but NOT to be promoted to main: python3-bpfcc, > bpfcc-tools, [...] I would have thought that getting these tools would have been the entire point of this MIR. There's an immense amount of value built in them, and without the tools we've got the framework but no pre-built way to consume it. These pre-built tools are 99% of why I want this package promoted. (A similar question was raised for the bpftrace package -- we might as well just stop reviewing these packages if we remove the actual tools from the packages.) What's the rationale for not promoting the tools? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2052813 Title: [MIR] bpfcc To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bpfcc/+bug/2052813/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048781] Re: [MIR] authd
How about a debian/rules 'vendor' target that would run the crate vendor and then rm -rf the windows crates? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048781 Title: [MIR] authd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2048781/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2047374] Re: TPM PCR0 recontruction fails on Pluton fTPM
Thanks Mario and Masum for working this through. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2047374 Title: TPM PCR0 recontruction fails on Pluton fTPM To manage notifications about this bug go to: https://bugs.launchpad.net/fwupd/+bug/2047374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2047374] Re: TPM PCR0 recontruction fails on Pluton fTPM
Thanks for the report, Masum. I'm not sure if this is actually a bug against fwupd or just that fwupd is the tool that reported the change. And it's entirely possible that this is the correct outcome. If the TPM device changes on a system, it's suddenly a very different system. Hopefully someone more familiar with what's being done here will have some input; I suspect this is all "working as intended". Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2047374 Title: TPM PCR0 recontruction fails on Pluton fTPM To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/fwupd/+bug/2047374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2046372] Re: Potential security issue fixed in 1.1.2, 1.0.3 and 0.103.10
** Information type changed from Private Security to Public Security ** Also affects: libclamunrar (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2046372 Title: Potential security issue fixed in 1.1.2, 1.0.3 and 0.103.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/2046372/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2046195] Re: seems CVE-2023-2953 is not fixed in openldap 2.4.49+dfsg-2ubuntu1.9
Hello Tobias, thanks for writing. We've prioritized CVE-2023-2953 as "low", which means we'll include this if there is a future update to fix something more important, but won't make an update specifically for this issue. Thanks ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-2953 ** Changed in: ubuntu-cve-tracker Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2046195 Title: seems CVE-2023-2953 is not fixed in openldap 2.4.49+dfsg-2ubuntu1.9 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-cve-tracker/+bug/2046195/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking
On Mon, Apr 03, 2023 at 06:57:36AM -, Ralf Dünkelmann wrote: > the bug (https://bugs.launchpad.net/bugs/2013453), that nem000 created > was marked as a duplicate of this one. This is the case for most of the > related bugs listed here. So it seems that this here is the issue to go > ahead with? Heh, yeah, I'as surprised, I figured keeping newer implementations of this flaw separate from the older ones would have been the thing to do. FWIW I've been handing out the "the only safe thing to do is to lock your workstation before you walk away from it / suspend it" as advice for twenty years... Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to a duplicate bug report (2012672). https://bugs.launchpad.net/bugs/1532508 Title: Screen contents revealed briefly on resume, before even unlocking To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking
nem000 I'm sure I've seen this bug fixed a dozen times in the last fifteen years or something. It's just a popular bug to re-implement. Please file a bug with 'ubuntu-bug gnome-shell' if you're using Gnome; replace 'gnome-shell' with whatever screenlocker you're using if you're on a different environment. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to a duplicate bug report (1847960). https://bugs.launchpad.net/bugs/1532508 Title: Screen contents revealed briefly on resume, before even unlocking To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2003588] Re: CVE 2022-4378 fix is in Kinetic, needed on Lunar
Hello Charles, the development release isn't intended for production use; a lot of the things common to security updates in supported releases just won't be present for the development release. It'll eventually get a new kernel package based on a new upstream series and we'll address whatever remains to be fixed nearer to release. You can of course try to use the kinetic kernels on your own systems; the pull-lp-debs command from the ubuntu-dev-tools package might be more convenient than looking up URLs on launchpad manually or trying to manage installing the kinetic repositories on your lunar system. Thanks ** Changed in: linux (Ubuntu) Status: New => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2003588 Title: CVE 2022-4378 fix is in Kinetic, needed on Lunar To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003588/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2000304] Re: Waking up laptop from sleep lets login screen reveal desktop
** Information type changed from Private Security to Public Security ** Package changed: ubuntu => kscreenlocker (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2000304 Title: Waking up laptop from sleep lets login screen reveal desktop To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kscreenlocker/+bug/2000304/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2000020] Re: NULL Pointer Exception on Input
** Information type changed from Private Security to Public Security ** Changed in: crasm (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/220 Title: NULL Pointer Exception on Input To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/crasm/+bug/220/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2000021] Re: Floating Point Exception in User Input
** Information type changed from Private Security to Public Security ** Changed in: crasm (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/221 Title: Floating Point Exception in User Input To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/crasm/+bug/221/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1999155] Re: UFW Disabled by default
Hello Pedro, thanks for the report; this was an explicit decision: https://wiki.ubuntu.com/SecurityTeam/FAQ#UFW Making firewall rules that are tight enough to stop threats yet open enough for the computer to still be useful in a wide variety of environments is very challenging. We've decided that it's better for the tools to be available but not try to provide a default configuration. Thanks ** Information type changed from Private Security to Public Security ** Changed in: ufw (Ubuntu) Status: New => Opinion -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1999155 Title: UFW Disabled by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1999155/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 48734] Re: Home permissions too open
On Mon, Sep 12, 2022 at 07:39:37AM -, Alkis Georgopoulos wrote: > This change takes away the ability of the users to share some of their > data WITHOUT involving the administrator. Hello Alkis, do note that it is typical for users to own their own home directory; if a user wishes to share, they can run: chmod 755 ~ or chmod 751 ~ (The choice is based on whether they want to allow listing their home directory or not.) Of course, they'd be wise to inspect the permissions on their other files and directories to make sure they're only sharing what they intend to share. Of course, if the local administrator has decided that users cannot own their own home directories, then that's another question entirely, one you'll need to take up with the local administrator. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/48734 Title: Home permissions too open To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adduser/+bug/48734/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1988010] Re: systemd ignoring DHCP DNS servers and DNS servers set in Network Manager GUI
Cool, thanks Josh -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1988010 Title: systemd ignoring DHCP DNS servers and DNS servers set in Network Manager GUI To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1988010/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1988010] Re: systemd ignoring DHCP DNS servers and DNS servers set in Network Manager GUI
Hello Josh, which GUI are you using to change dns or dhcp settings? Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1988010 Title: systemd ignoring DHCP DNS servers and DNS servers set in Network Manager GUI To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1988010/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1987231] Re: package amd64-microcode 3.20191218.1ubuntu2 failed to install/upgrade: попытка перезаписать «/lib/firmware/amd/amd_sev_fam17h_model0xh.sbin», который уже имеется в пакете linux-firmw
*** This bug is a duplicate of bug 1986778 *** https://bugs.launchpad.net/bugs/1986778 ** Information type changed from Private Security to Public Security ** This bug has been marked a duplicate of bug 1986778 /var/apr-archives/amd64-microcode_3.2022.0411 trying to overwrite '/lib/firmware/amd/amd_sev_fam17h_model0xh.sbin', which is also in package linux-firmware 20220711 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1987231 Title: package amd64-microcode 3.20191218.1ubuntu2 failed to install/upgrade: попытка перезаписать «/lib/firmware/amd/amd_sev_fam17h_model0xh.sbin», который уже имеется в пакете linux-firmware 20220711.gitdfa29317-0ubuntu1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/1987231/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1987228] Re: Bug display when turning to hibernation
** Information type changed from Private Security to Public Security ** Also affects: gnome-shell (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1987228 Title: Bug display when turning to hibernation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1987228/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1977506] Re: installation crash
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1977506 Title: installation crash To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1977506/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 127626] Re: .
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/127626 Title: . To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/127626/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970228] Re: Multiple vulnerabilities in Bionic, Focal and Jammy
** No longer affects: subversion (Ubuntu Impish) ** Changed in: subversion (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1970228 Title: Multiple vulnerabilities in Bionic, Focal and Jammy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/subversion/+bug/1970228/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1976478] Re: Telegram Desktop steals input on Lock screen
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1976478 Title: Telegram Desktop steals input on Lock screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1976478/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1976484] Re: never sound ubuntu 20.04 22.04 alsamixer 1.2.6 card sof-hda-dsp
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1976484 Title: never sound ubuntu 20.04 22.04 alsamixer 1.2.6 card sof-hda-dsp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1976484/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1976335] Re: CVE-2022-25762 Score 8.6
Hello Hans, the general outline of the update preparation is sketched out on this wiki page https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation -- it's not exhaustive, but it's a good start. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1976335 Title: CVE-2022-25762 Score 8.6 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tomcat9/+bug/1976335/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1971788] Re: Failure to enable SSL out of the box when in fips mode
On Mon, May 30, 2022 at 09:38:52AM -, Tobias Heider wrote: > I don't think it does, but you have a point. It might be a little safer > not to touch the function signature. Here's an updated fix. This isn't quite as easy to read but I do like that the signature is unchanged. I sure hope upstream takes another stab at these functions, it feels pretty messy. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971788 Title: Failure to enable SSL out of the box when in fips mode To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mysql-8.0/+bug/1971788/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971185] Re: Multiple vulnerabilities in Bionic, Focal, Impish and Jammy
Hello Luís, 4.5MB feels pretty unlikely for a security fix; the diffstat on that debdiff is all over the place: $ diffstat spip_focal.debdiff /tmp/9oDFeUYni8/spip-3.2.15/plugins-dist/medias/lib/mejs/mediaelement-flash-audio-ogg.swf |binary /tmp/9oDFeUYni8/spip-3.2.15/plugins-dist/medias/lib/mejs/mediaelement-flash-audio.swf |binary /tmp/9oDFeUYni8/spip-3.2.15/plugins-dist/medias/lib/mejs/mediaelement-flash-video-hls.swf |binary /tmp/9oDFeUYni8/spip-3.2.15/plugins-dist/medias/lib/mejs/mediaelement-flash-video-mdash.swf |binary /tmp/9oDFeUYni8/spip-3.2.15/plugins-dist/medias/lib/mejs/mediaelement-flash-video.swf |binary spip-3.2.15/.gitignore | 129 spip-3.2.15/CHANGELOG.TXT | 318 + spip-3.2.15/config/ecran_securite.php | 23 ... Normally security fixes add patches to debian/patches/ directory, modify a debian/patches/series file, modifies the debian/changelog. It's very rare to modify files outside of this hierarchy (except for 'native packages', but those don't typically have version numbers this complex). Could you double-check that you've prepared the patches that you thought you prepared? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971185 Title: Multiple vulnerabilities in Bionic, Focal, Impish and Jammy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/spip/+bug/1971185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1976335] Re: CVE-2022-25762 Score 8.6
Hello Hans, the Ubuntu security team doesn't track security issues in Launchpad; you can check the status in: https://ubuntu.com/security/cve-2022-25762 tomcat9 is in universe, so it's community supported; there's currently a handful of issues still open in the 18.04 LTS version: https://ubuntu.com/security/cves?q==tomcat9==bionic= If you're in a position to be able to address this issue, it'd be nice if you could grab as many of the other open issues as possible. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1976335 Title: CVE-2022-25762 Score 8.6 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tomcat9/+bug/1976335/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1976335] Re: CVE-2022-25762 Score 8.6
** Information type changed from Private Security to Public Security ** Changed in: tomcat9 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1976335 Title: CVE-2022-25762 Score 8.6 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tomcat9/+bug/1976335/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971034] Re: Several security issues in libpod 3.4.x
The usual approach in Ubuntu is to fix specific bugs in packages rather than perform wholesale version updates: https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions You can see that a 4.x version is currently in Debian experimental: https://packages.qa.debian.org/libp/libpod.html When the maintainers are happy with it, it'll be moved to Debian unstable, at which point it will be ingested to Ubuntu's development release. I can't give you a precise date. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971034 Title: Several security issues in libpod 3.4.x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libpod/+bug/1971034/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1976276] Re: Hello sir/mam I am getting some problem regarding my brightness control i will expllain more about it in brief below.
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1976276 Title: Hello sir/mam I am getting some problem regarding my brightness control i will expllain more about it in brief below. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1976276/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1976181] Re: CVE-2021-28711 and CVE-2021-28712
** Changed in: linux-oem-5.14 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1976181 Title: CVE-2021-28711 and CVE-2021-28712 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-oem-5.14/+bug/1976181/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
