Call for testing: 22.04.3 release candidate images ready!
Hello everyone, We just finished building our first set of 22.04.3 release candidate images, which are now available for testing from the ISO tracker: https://iso.qa.ubuntu.com/qatracker/milestones/447/builds Please pick your favorite flavor and start testing! And be sure to report your results on the ISO tracker above. Caveats: - A couple of risc-v images aren't ready yet (nezha, unmatched). They should be appear in the ISO tracker within a few hours. - The ISO tracker link to the Ubuntu Desktop images does not point to the right location. The correct location is: https://cdimage.ubuntu.com/jammy/daily-live/20230807.2/ As with every recent release, we have a discourse thread for tracking progress which we try to keep up to date as much as possible: https://discourse.ubuntu.com/t/focal-fossa-20-04-5-lts-point-release-status-tracking/29969 -- Paride -- Ubuntu-quality mailing list Ubuntu-quality@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality
Re: StackRot Vulnerability in kernels 6.1 through 6.4
Andrei Datcu wrote on 24/07/2023: > Hello! > > This is my first submission and as such I would like to report a > vulnerability: CVE-2023-3269, named "Stack Rot". > > This is a flaw in the handling of stack expansion. I won't go into too many > details, as I am a linux sysadmin, not a programmer and I will leave sources > below from the discoverer of this vulnerability and the git merge message > that Linus Torvalds published. > An unprivileged local user could use this flaw to compromise the kernel and > escalate their privileges. On June 28th, during the merge window for Linux > kernel 6.5, the fix was merged into Linus' tree. > The patches were also backported to stable kernel (6.1.37, 6.3.11 and 6.4.1), > so the bug was resolved since July 1st. However, in my testing of Mantic > Minotaur, the daily build from 24072023, I have noticed that the kernel it > was using was version 6.3.0-7. And I haven't seen any submissions regarding > this on lists.ubuntu.com, so I decided to post it here to. hopefully, apply > the patch to the kernel. Hello, the CVE is known already, how it affects Ubuntu is tracked here: https://ubuntu.com/security/CVE-2023-3269 https://launchpad.net/bugs/cve/CVE-2023-3269 Please note that this mailing list is not the right channel to report security issues in Ubuntu. Better ways are: - Report a bug against the relevant Ubuntu package, setting the information type to "Public Security" or "Private Security". - Directly email the security team. See the "How to report an issue to us" section here: https://ubuntu.com/security/disclosure-policy. Thanks, Paride -- Ubuntu-quality mailing list Ubuntu-quality@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality
Re: broken sudoers
Bozhan Boyadzhiev wrote on 30/05/2023: > what are your recommendation on broken sudoers on a system without password > for root account. Hello, you can help for issues like this from the Ubuntu Community support channels: https://ubuntu.com/community/support -- Paride -- Ubuntu-quality mailing list Ubuntu-quality@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality
Re: 21.04 (beta) x86_64 tested
Ian Bruntlett wrote on 02/04/2021: Hi, I tried reporting this on http://iso.qa.ubuntu.com/qatracker/milestones/422/builds but it said it was "(archived)". Hi Ian, It says "(archived)" because the beta images have been released already. If you want to report an issue with the ISO images the first step is to file a bug on Launchpad against the buggy component, and then link the bug to the "daily" builds in the ISO tracker. Thanks! Paride -- Ubuntu-quality mailing list Ubuntu-quality@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality
Re: How do I request an upgrade to binutils in Ubuntu 20.04 LTS?
Hello Barry, This is not really the right list. Please file a bug against the binutils Ubuntu package, here: https://launchpad.net/ubuntu/+source/binutils/+bugs Please add a link to the upstream bug and all the information you deem relevant about the Ubuntu environment where you are hitting it (Ubuntu version, exact version of the binutils package, architecture, ...). An update in Focal will have to follow the SRU process [1]. [1] https://wiki.ubuntu.com/StableReleaseUpdates Paride Tannenbaum, Barry M wrote on 02/11/2020: Hello? Is this the right list for this question? From: Tannenbaum, Barry M Sent: Friday, October 30, 2020 3:09 PM To: Ubuntu Quality Team Subject: How do I request an upgrade to binutils in Ubuntu 20.04 LTS? Binutils bug https://sourceware.org/bugzilla/show_bug.cgi?id=26262 fixes a problem that Intel Fortran is running into. It will affect any compiler using interprocess optimization (-ipo) or Link Time Optimization (LTO). How do I request that it be merged into Ubuntu 20.04 LTS? Thanks. - Barry Tannenbaum Intel Corporation -- Ubuntu-quality mailing list Ubuntu-quality@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality