[Bug 1574911] Re: vsftpd 500 oops stack smashing detected - Ubuntu 16.04
pure-ftpd just fixed it: https://github.com/jedisct1/pure- ftpd/commit/27443b29320d85352d8b52c0120836843e10c0f9 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1574911 Title: vsftpd 500 oops stack smashing detected - Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574911/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1574911] Re: vsftpd 500 oops stack smashing detected - Ubuntu 16.04
Also submitted an issue against pure-ftpd, because it suffers from the same problem: https://github.com/jedisct1/pure-ftpd/issues/58 ** Bug watch added: github.com/jedisct1/pure-ftpd/issues #58 https://github.com/jedisct1/pure-ftpd/issues/58 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1574911 Title: vsftpd 500 oops stack smashing detected - Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574911/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1574911] Re: vsftpd 500 oops stack smashing detected - Ubuntu 16.04
Submitted an issue against one of the forks of pam_mysql: https://github.com/NigelCunningham/pam-MySQL/issues/29 ** Bug watch added: github.com/NigelCunningham/pam-MySQL/issues #29 https://github.com/NigelCunningham/pam-MySQL/issues/29 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1574911 Title: vsftpd 500 oops stack smashing detected - Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574911/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1574911] Re: vsftpd 500 oops stack smashing detected - Ubuntu 16.04
** Changed in: pam-mysql (Ubuntu) Status: New => Confirmed ** Changed in: vsftpd (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1574911 Title: vsftpd 500 oops stack smashing detected - Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574911/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1574911] Re: vsftpd 500 oops stack smashing detected - Ubuntu 16.04
pure-ftpd sorted this out by reimplementing make_scrambled_password() if
it's not exported:
https://github.com/jedisct1/pure-
ftpd/commit/2db6b50c7b7c638104bd9639994f0574e8f4813c
I don't know when make_scrambled_password() stopped being exported in
libmysqlclient, but libmysqlclient's my_make_scrambled_password() is NOT a
replacement for it. The right replacement for it is
my_make_scrambled_password_sha1(), and currently make_scrambled_password() is a
wrapper around my_make_scrambled_password_sha1(), but neither are exported in
libmysqlclient:
/*
Wrapper around my_make_scrambled_password() to maintain client lib ABI
compatibility.
In server code usage of my_make_scrambled_password() is preferred to
avoid strlen().
SYNOPSIS
make_scrambled_password()
buf OUT buffer of size 2*SHA1_HASH_SIZE + 2 to store hex string
password IN NULL-terminated password string
*/
void make_scrambled_password(char *to, const char *password)
{
my_make_scrambled_password_sha1(to, password, strlen(password));
}
So pam_mysql should probably reimplement my_make_scrambled_password_sha1() in
order to support passwords hashed with the server PASSWORD() function (the
crypt=2 option in pam_mysql).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1574911
Title:
vsftpd 500 oops stack smashing detected - Ubuntu 16.04
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam-mysql/+bug/1574911/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1688310] Re: KDC/kadmind may fail to start on IPv4-only systems
Reproducing the problem with 1.15-1: ubuntu@15-89:~$ apt-cache policy krb5-kdc krb5-kdc: Installed: 1.15-1 Candidate: 1.15-1 Version table: *** 1.15-1 500 500 http://br.archive.ubuntu.com/ubuntu zesty/universe amd64 Packages 100 /var/lib/dpkg/status After rebooting with no IPv6 support, the kerberos services are not running: ubuntu@15-89:~$ ps faxw|grep -E "(krb5kdc|kadmind)"|grep -v grep ubuntu@15-89:~$ And we have the expected failure in auth.log: ubuntu@15-89:~$ sudo grep -E "(kadmind|krb5kdc).*Failed" /var/log/auth.log May 15 13:23:40 15-89 kadmind[1195]: Failed setting up a UDP socket (for ::.464) May 15 13:23:40 15-89 krb5kdc[1196]: Failed setting up a UDP socket (for ::.750) May 15 13:24:34 15-89 sudo: ubuntu : TTY=pts/0 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/bin/grep -E (kadmind|krb5kdc).*Failed /var/log/auth.log Now we install the fixed packages from proposed: ubuntu@15-89:~$ apt-cache policy krb5-kdc krb5-kdc: Installed: 1.15-1ubuntu0.1 Candidate: 1.15-1ubuntu0.1 Version table: *** 1.15-1ubuntu0.1 500 500 http://br.archive.ubuntu.com/ubuntu zesty-proposed/universe amd64 Packages 100 /var/lib/dpkg/status 1.15-1 500 500 http://br.archive.ubuntu.com/ubuntu zesty/universe amd64 Packages Immediately after that the services are running already: ubuntu@15-89:~$ ps faxw|grep -E "(krb5kdc|kadmind)"|grep -v grep 2377 ?Ss 0:00 /usr/sbin/krb5kdc -P /var/run/krb5-kdc.pid 2443 ?Ss 0:00 /usr/sbin/kadmind -nofork We still have errors in auth.log, but they are not fatal: May 15 13:26:49 15-89 kadmind[2443]: Address family not supported by protocol - Cannot create TCP server socket on ::.464 May 15 13:26:49 15-89 kadmind[2443]: Failed setting up a UDP socket (for ::.464) And we are bound to IPv4 sockets only as expected: ubuntu@15-89:~$ sudo netstat -anp|grep -E "^(tcp|udp).*(krb5kdc|kadmind)" tcp0 0 0.0.0.0:88 0.0.0.0:* LISTEN 2377/krb5kdc tcp0 0 0.0.0.0:749 0.0.0.0:* LISTEN 2443/kadmind tcp0 0 0.0.0.0:464 0.0.0.0:* LISTEN 2443/kadmind udp0 0 0.0.0.0:88 0.0.0.0:* 2377/krb5kdc udp0 0 0.0.0.0:464 0.0.0.0:* 2443/kadmind udp0 0 0.0.0.0:750 0.0.0.0:* 2377/krb5kdc ** Tags removed: verification-needed ** Tags added: verification-done-zesty -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/1688310 Title: KDC/kadmind may fail to start on IPv4-only systems To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1688310/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1688121] Re: KDC/kadmind explicit wildcard listener addresses do not use pktinfo
I updated the test case with step (b.1) which I had forgotten. Here it goes: Reproducing the error case with 1.15-1, we can see that UDP is tried first, is ignored, and then TCP is used one second later: $ apt-cache policy krb5-kdc krb5-kdc: Installed: 1.15-1 Candidate: 1.15-1 Version table: *** 1.15-1 500 500 http://br.archive.ubuntu.com/ubuntu zesty/universe amd64 Packages 100 /var/lib/dpkg/status $ KRB5_TRACE=/dev/stdout kinit -k -t /home/ubuntu/ubuntu.keytab ubuntu [2848] 1494852873.104617: Getting initial credentials for ubu...@example.org [2848] 1494852873.105449: Looked up etypes in keytab: aes256-cts, aes128-cts [2848] 1494852873.105633: Sending request (172 bytes) to EXAMPLE.ORG [2848] 1494852873.105684: Resolving hostname 10.0.100.249 [2848] 1494852873.105840: Sending initial UDP request to dgram 10.0.100.249:88 [2848] 1494852874.108235: Initiating TCP connection to stream 10.0.100.249:88 [2848] 1494852874.108528: Sending TCP request to stream 10.0.100.249:88 [2848] 1494852874.110518: Received answer (254 bytes) from stream 10.0.100.249:88 [2848] 1494852874.110549: Terminating TCP connection to stream 10.0.100.249:88 [2848] 1494852874.285214: Response was not from master KDC [2848] 1494852874.285346: Received error from KDC: -1765328359/Additional pre-authentication required ... After installing the update, UDP is again tried first but this time kinit receives an immediate answer and the exchange remains on UDP: $ apt-cache policy krb5-kdc krb5-kdc: Installed: 1.15-1ubuntu0.1 Candidate: 1.15-1ubuntu0.1 Version table: *** 1.15-1ubuntu0.1 500 500 http://br.archive.ubuntu.com/ubuntu zesty-proposed/universe amd64 Packages 100 /var/lib/dpkg/status 1.15-1 500 500 http://br.archive.ubuntu.com/ubuntu zesty/universe amd64 Packages $ KRB5_TRACE=/dev/stdout kinit -k -t /home/ubuntu/ubuntu.keytab ubuntu [10150] 1494853325.393939: Getting initial credentials for ubu...@example.org [10150] 1494853325.395247: Looked up etypes in keytab: aes256-cts, aes128-cts [10150] 1494853325.395665: Sending request (172 bytes) to EXAMPLE.ORG [10150] 1494853325.395851: Resolving hostname 10.0.100.249 [10150] 1494853325.396225: Sending initial UDP request to dgram 10.0.100.249:88 [10150] 1494853325.398161: Received answer (254 bytes) from dgram 10.0.100.249:88 [10150] 1494853325.648728: Response was not from master KDC [10150] 1494853325.648835: Received error from KDC: -1765328359/Additional pre-authentication required ** Tags added: verification-done-zesty ** Tags removed: verification-needed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/1688121 Title: KDC/kadmind explicit wildcard listener addresses do not use pktinfo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1688121/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1688121] Re: KDC/kadmind explicit wildcard listener addresses do not use pktinfo
** Description changed:
This is fixed in artful in krb5 1.15-2
- upstream: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8530
- debian: conflated into
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860767
- debian patch in artful's krb5:
0012-Use-pktinfo-for-explicit-UDP-wildcard-listeners.patch
[Impact]
- When the KDC receives a kinit request via UDP on an aliased interface, the
response is sent with the wrong source IP and never received by kinit.
+ When the KDC is configured to listen on the wildcard address (0.0.0.0) and
receives a kinit request via UDP on an aliased interface, the response is sent
with the wrong source IP and never received by kinit.
After a short timeout, kinit tries again with TCP, in which case it works.
But if using PREAUTH (the default), that means this first request will
correctly fail, with the server demanding PREAUTH, and the client will try
again with a changed request. The whole dance starts again: first UDP, ignored,
then TCP, and finally we have a ticket.
Most clients will just see an increased lag when obtaining tickets. If
for some reason 88/TCP is blocked on the KDC and clients are expected to
use UDP at all times, then kinit requests will just fail.
A workaround is to list the aliased interface's address in kdc_listen
besides the wildcard (0.0.0.0) address.
The provided patch is applied upstream and in Debian testing.
[Test Case]
On zesty:
a) install krb5-kdc and krb5-admin-server
$ sudo apt install krb5-kdc krb5-admin-server
when prompted, use EXAMPLE.ORG (all caps) as the default realm
when prompted, select your own IP for the KDC and the Admin servers
b) configure a new realm called EXAMPLE.ORG
$ sudo krb5_newrealm
use any password of your liking when prompted
c) run kadmin.local to create a principal "ubuntu" with password "ubuntu" and
with mandatory PREAUTH:
$ sudo kadmin.local addprinc -pw ubuntu +requires_preauth ubuntu
d) extract the ubuntu principal keytab and time how long it takes to obtain a
ticket:
$ sudo kadmin.local ktadd -k /home/ubuntu/ubuntu.keytab ubuntu
$ sudo chown ubuntu:ubuntu /home/ubuntu/ubuntu.keytab
$ time kinit -k -t /home/ubuntu/ubuntu.keytab ubuntu
real 0m0.022s
$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: ubu...@example.org
Valid starting Expires Service principal
05/03/2017 21:22:08 05/04/2017 07:22:08 krbtgt/example@example.org
renew until 05/04/2017 21:22:08
e) add another IP to your network interface. For example, this adds
10.0.5.155 to ens3 (it has 10.0.5.55/24 already in my case):
$ sudo ip addr add 10.0.5.155/24 dev ens3
f) Edit the EXAMPLE.ORG realm section in /etc/krb5.conf and configure the kdc
and admin server's IP to this new IP you just added in step (e):
[realms]
EXAMPLE.ORG = {
kdc = 10.0.5.155
admin_server = 10.0.5.155
g) Time again how long it takes to obtain a ticket:
$ time kinit -k -t /home/ubuntu/ubuntu.keytab ubuntu
real 0m2.017s
Step (g) shows the bug.
On a more technical level, we can see that the server responds to kinit's UDP
request using an incorrect source IP, therefore kinit never "sees" it. It
quickly times out and switches to TCP, where the server responds using the
correct source IP:
1 0.010.0.5.55 → 10.0.5.155 KRB5 216 AS-REQ
2 0.00056668210.0.5.55 → 10.0.5.55KRB5 298 KRB Error:
KRB5KDC_ERR_PREAUTH_REQUIRED
(2) has the incorrect source ip!
After roughly 1s, kinit switches to tcp and tries again:
3 1.00323150710.0.5.55 → 10.0.5.155 TCP 76 55588 → 88 [SYN] Seq=0
Win=43690 Len=0 MSS=65495 SACK_PERM=1 TSval=3523453804 TSecr=0 WS=128
4 1.003269692 10.0.5.155 → 10.0.5.55TCP 76 88 → 55588 [SYN, ACK]
Seq=0 Ack=1 Win=43690 Len=0 MSS=65495 SACK_PERM=1 TSval=2572724273
TSecr=3523453804 WS=128
5 1.00330261410.0.5.55 → 10.0.5.155 TCP 68 55588 → 88 [ACK] Seq=1
Ack=1 Win=43776 Len=0 TSval=3523453804 TSecr=2572724273
6 1.00354520410.0.5.55 → 10.0.5.155 KRB5 244 AS-REQ
7 1.003567693 10.0.5.155 → 10.0.5.55TCP 68 88 → 55588 [ACK] Seq=1
Ack=177 Win=44800 Len=0 TSval=2572724273 TSecr=3523453804
8 1.003799664 10.0.5.155 → 10.0.5.55KRB5 326 KRB Error:
KRB5KDC_ERR_PREAUTH_REQUIRED
(continues)
(8) and the whole tcp handshake happens with the correct IP addresses and the
exchange happens and we get the ticket, but not before kinit repeats the
request with PREAUTH and UDP again. That's why it takes 2 seconds in the end :)
h) repeat step (g) with the updated packages. Timing should be similar
to the one in step (d), and a traffic capture should show UDP (and not
TCP) being used.
Alternativaly, you can also prefix the kinit command with
KRB5_TRACE=/dev/stderr and verify in the debug logs that UDP instead of
TCP is being used.
[Regression
[Bug 1688121] Re: KDC/kadmind explicit wildcard listener addresses do not use pktinfo
** Description changed:
This is fixed in artful in krb5 1.15-2
- upstream: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8530
- debian: conflated into
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860767
- debian patch in artful's krb5:
0012-Use-pktinfo-for-explicit-UDP-wildcard-listeners.patch
-
[Impact]
- When the KDC receives a kinit request via UDP on an aliased interface, the
response is sent with the wrong source IP and never received by kinit.
+ When IPv6 is disabled and the KDC receives a kinit request via UDP on an
aliased interface, the response is sent with the wrong source IP and never
received by kinit.
After a short timeout, kinit tries again with TCP, in which case it works.
But if using PREAUTH (the default), that means this first request will
correctly fail, with the server demanding PREAUTH, and the client will try
again with a changed request. The whole dance starts again: first UDP, ignored,
then TCP, and finally we have a ticket.
Most clients will just see an increased lag when obtaining tickets. If
for some reason 88/TCP is blocked on the KDC and clients are expected to
use UDP at all times, then kinit requests will just fail.
A workaround is to list the aliased interface's address in kdc_listen
besides the wildcard (0.0.0.0) address.
The provided patch is applied upstream and in Debian testing.
-
[Test Case]
On zesty:
a) install krb5-kdc and krb5-admin-server
$ sudo apt install krb5-kdc krb5-admin-server
when prompted, use EXAMPLE.ORG (all caps) as the default realm
when prompted, select your own IP for the KDC and the Admin servers
b) configure a new realm called EXAMPLE.ORG
$ sudo krb5_newrealm
use any password of your liking when prompted
c) run kadmin.local to create a principal "ubuntu" with password "ubuntu" and
with mandatory PREAUTH:
$ sudo kadmin.local addprinc -pw ubuntu +requires_preauth ubuntu
d) extract the ubuntu principal keytab and time how long it takes to obtain a
ticket:
$ sudo kadmin.local ktadd -k /home/ubuntu/ubuntu.keytab ubuntu
$ sudo chown ubuntu:ubuntu /home/ubuntu/ubuntu.keytab
$ time kinit -k -t /home/ubuntu/ubuntu.keytab ubuntu
real 0m0.022s
$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: ubu...@example.org
Valid starting Expires Service principal
05/03/2017 21:22:08 05/04/2017 07:22:08 krbtgt/example@example.org
renew until 05/04/2017 21:22:08
e) add another IP to your network interface. For example, this adds
10.0.5.155 to ens3 (it has 10.0.5.55/24 already in my case):
$ sudo ip addr add 10.0.5.155/24 dev ens3
f) Edit the EXAMPLE.ORG realm section in /etc/krb5.conf and configure the kdc
and admin server's IP to this new IP you just added in step (e):
[realms]
EXAMPLE.ORG = {
kdc = 10.0.5.155
admin_server = 10.0.5.155
g) Time again how long it takes to obtain a ticket:
$ time kinit -k -t /home/ubuntu/ubuntu.keytab ubuntu
real 0m2.017s
Step (g) shows the bug.
On a more technical level, we can see that the server responds to kinit's UDP
request using an incorrect source IP, therefore kinit never "sees" it. It
quickly times out and switches to TCP, where the server responds using the
correct source IP:
1 0.010.0.5.55 → 10.0.5.155 KRB5 216 AS-REQ
2 0.00056668210.0.5.55 → 10.0.5.55KRB5 298 KRB Error:
KRB5KDC_ERR_PREAUTH_REQUIRED
(2) has the incorrect source ip!
After roughly 1s, kinit switches to tcp and tries again:
3 1.00323150710.0.5.55 → 10.0.5.155 TCP 76 55588 → 88 [SYN] Seq=0
Win=43690 Len=0 MSS=65495 SACK_PERM=1 TSval=3523453804 TSecr=0 WS=128
4 1.003269692 10.0.5.155 → 10.0.5.55TCP 76 88 → 55588 [SYN, ACK]
Seq=0 Ack=1 Win=43690 Len=0 MSS=65495 SACK_PERM=1 TSval=2572724273
TSecr=3523453804 WS=128
5 1.00330261410.0.5.55 → 10.0.5.155 TCP 68 55588 → 88 [ACK] Seq=1
Ack=1 Win=43776 Len=0 TSval=3523453804 TSecr=2572724273
6 1.00354520410.0.5.55 → 10.0.5.155 KRB5 244 AS-REQ
7 1.003567693 10.0.5.155 → 10.0.5.55TCP 68 88 → 55588 [ACK] Seq=1
Ack=177 Win=44800 Len=0 TSval=2572724273 TSecr=3523453804
8 1.003799664 10.0.5.155 → 10.0.5.55KRB5 326 KRB Error:
KRB5KDC_ERR_PREAUTH_REQUIRED
(continues)
(8) and the whole tcp handshake happens with the correct IP addresses and the
exchange happens and we get the ticket, but not before kinit repeats the
request with PREAUTH and UDP again. That's why it takes 2 seconds in the end :)
h) repeat step (g) with the updated packages. Timing should be similar
to the one in step (d), and a traffic capture should show UDP (and not
TCP) being used.
Alternativaly, you can also prefix the kinit command with
KRB5_TRACE=/dev/stderr and verify in the debug logs that UDP instead of
TCP is being used.
-
[Regression Potential]
This affects only
[Bug 1688121] Re: KDC/kadmind explicit wildcard listener addresses do not use pktinfo
On it. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/1688121 Title: KDC/kadmind explicit wildcard listener addresses do not use pktinfo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1688121/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1690270] Re: enable-esm should also install ca-certificates
Sorry, dependency* -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ubuntu-advantage-tools in Ubuntu. https://bugs.launchpad.net/bugs/1690270 Title: enable-esm should also install ca-certificates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1690270/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1690270] Re: enable-esm should also install ca-certificates
Shouldn't apt-transport-https have a dependenci on ca-certificates? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ubuntu-advantage-tools in Ubuntu. https://bugs.launchpad.net/bugs/1690270 Title: enable-esm should also install ca-certificates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1690270/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1657305] Re: percona cluster getting wrong private ip
** Changed in: charm-nova-compute Milestone: 17.05 => 17.08 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to juju in Ubuntu. https://bugs.launchpad.net/bugs/1657305 Title: percona cluster getting wrong private ip To manage notifications about this bug go to: https://bugs.launchpad.net/charm-nova-compute/+bug/1657305/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1673411] Please test proposed package
Hello James, or anyone else affected, Accepted nova-lxd into newton-proposed. The package will build now and be available in the Ubuntu Cloud Archive in a few hours, and then in the -proposed repository. Please help us by testing this new package. To enable the -proposed repository: sudo add-apt-repository cloud-archive:newton-proposed sudo apt-get update Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-newton-needed to verification-newton-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-newton-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: cloud-archive/newton Status: Triaged => Fix Committed ** Tags added: verification-newton-needed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to cloud-init in Ubuntu. https://bugs.launchpad.net/bugs/1673411 Title: config-drive support is broken To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1673411/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1623700] Re: [SRU] multipath iscsi does not logout of sessions on xenial
This bug was fixed in the package python-os-brick - 1.2.0-2ubuntu0.3~cloud0 --- python-os-brick (1.2.0-2ubuntu0.3~cloud0) trusty-mitaka; urgency=medium . * New update for the Ubuntu Cloud Archive. . python-os-brick (1.2.0-2ubuntu0.3) xenial; urgency=medium . * d/p/Stop-calling-multipath-r-when-attaching-detaching-iS.patch: Backport Backport fix for stopping calling 'multipath -r' (LP: #1623700) ** Changed in: cloud-archive/mitaka Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1623700 Title: [SRU] multipath iscsi does not logout of sessions on xenial To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1623700/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1623700] Re: [SRU] multipath iscsi does not logout of sessions on xenial
This bug was fixed in the package python-os-brick - 1.6.1-0ubuntu1.2~cloud0 --- python-os-brick (1.6.1-0ubuntu1.2~cloud0) xenial-newton; urgency=medium . * New update for the Ubuntu Cloud Archive. . python-os-brick (1.6.1-0ubuntu1.2) yakkety; urgency=medium . * d/p/stop-calling-multipath-r-when-attaching-detaching-iS.patch Backport fix for stopping calling 'multipath -r' (LP: #1623700) ** Changed in: cloud-archive/newton Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1623700 Title: [SRU] multipath iscsi does not logout of sessions on xenial To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1623700/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1623700] Update Released
The verification of the Stable Release Update for python-os-brick has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1623700 Title: [SRU] multipath iscsi does not logout of sessions on xenial To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1623700/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1623700] Update Released
The verification of the Stable Release Update for python-os-brick has completed successfully and the package has now been released to -updates. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1623700 Title: [SRU] multipath iscsi does not logout of sessions on xenial To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1623700/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
