[Bug 869166] Re: Libpam-ccreds does not properly initiate libgcrypt
** Merge proposal unlinked: https://code.launchpad.net/~ahasenack/ubuntu/+source/libpam-ccreds/+git/libpam-ccreds/+merge/369787 -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/869166 Title: Libpam-ccreds does not properly initiate libgcrypt To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libpam-ccreds/+bug/869166/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1769258] Re: Cope with unsupported kernel
This is fixed in eoan. ** Also affects: ubuntu-advantage-tools (Ubuntu Eoan) Importance: Undecided Status: Triaged ** Changed in: ubuntu-advantage-tools (Ubuntu Eoan) Status: Triaged => Fix Released ** Changed in: ubuntu-advantage-tools (Ubuntu Eoan) Assignee: (unassigned) => Andreas Hasenack (ahasenack) -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to ubuntu-advantage-tools in Ubuntu. https://bugs.launchpad.net/bugs/1769258 Title: Cope with unsupported kernel To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-advantage-script/+bug/1769258/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1759258] Re: FIPS should not be allowed in a container (lxd)
This is fixed in eoan. ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Fix Released ** Changed in: ubuntu-advantage-tools (Ubuntu) Assignee: (unassigned) => Andreas Hasenack (ahasenack) -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to ubuntu-advantage-tools in Ubuntu. https://bugs.launchpad.net/bugs/1759258 Title: FIPS should not be allowed in a container (lxd) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1759258/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1829788] Re: backtrace on attach: KeyError: 'effectiveTo'
This is fixed in eoan ** Changed in: ubuntu-advantage-tools (Ubuntu Eoan) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to ubuntu-advantage-tools in Ubuntu. https://bugs.launchpad.net/bugs/1829788 Title: backtrace on attach: KeyError: 'effectiveTo' To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-advantage-script/+bug/1829788/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1833039] Re: 18.04/Apache2: rejecting client initiated renegotiation due to openssl 1.1.1
Cosmic verification Confirming the bug with the distro packages: *** 2.4.34-1ubuntu2.1 500 500 http://br.archive.ubuntu.com/ubuntu cosmic-updates/main amd64 Packages index is downloaded, but after a long delay: # curl --output index.html https://ubuntu/ --cacert /etc/apache2/cacert.pem --cert client-auth.pem --key client-auth.key --tlsv1.2 % Total% Received % Xferd Average Speed TimeTime Time Current Dload Upload Total SpentLeft Speed 100 10918 100 109180 0705 0 0:00:15 0:00:15 --:--:-- 2567 access log confirms the client certificate was used: 10.0.100.50 - - [05/Jul/2019:13:40:32 +] "GET / HTTP/1.1" 200 16544 "-" "curl/7.61.0" protocol=TLSv1.2 commonName=client-auth Updating apache and repeating the download: *** 2.4.34-1ubuntu2.2 500 500 http://br.archive.ubuntu.com/ubuntu cosmic-proposed/main amd64 Packages Now it's fast: # curl --output index.html https://ubuntu/ --cacert /etc/apache2/cacert.pem --cert client-auth.pem --key client-auth.key --tlsv1.2 % Total% Received % Xferd Average Speed TimeTime Time Current Dload Upload Total SpentLeft Speed 100 10918 100 109180 0 1332k 0 --:--:-- --:--:-- --:--:-- 1332k Log confirms client certificate authentication is still being used: 10.0.100.50 - - [05/Jul/2019:13:58:13 +] "GET / HTTP/1.1" 200 16525 "-" "curl/7.61.0" protocol=TLSv1.2 commonName=client-auth The slight difference in downloaded data (16544 vs 16525) is due to less tls keep-alive pings in the success case. The md5 of index.html is identical: # md5sum index.html* 3526531ccd6c6a1d2340574a305a18f8 index.html 3526531ccd6c6a1d2340574a305a18f8 index.html-before Cosmic verification succeeded. ** Tags removed: verification-needed-cosmic ** Tags added: verification-done-cosmic -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1833039 Title: 18.04/Apache2: rejecting client initiated renegotiation due to openssl 1.1.1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1833039/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1833039] Re: 18.04/Apache2: rejecting client initiated renegotiation due to openssl 1.1.1
bionic verification Confirming the bug with the distro packages: # apt-cache policy apache2 apache2: Installed: 2.4.29-1ubuntu4.6 Candidate: 2.4.29-1ubuntu4.6 Version table: *** 2.4.29-1ubuntu4.6 500 500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages index is downloaded, but after a long time: root@ubuntu:~# curl --output index.html https://ubuntu/ --cacert /etc/apache2/cacert.pem --cert client-auth.pem --key client-auth.key --tlsv1.2 % Total% Received % Xferd Average Speed TimeTime Time Current Dload Upload Total SpentLeft Speed 100 10918 100 109180 0705 0 0:00:15 0:00:15 --:--:-- 2559 root@ubuntu:~# ll index.html -rw-r--r-- 1 root root 10918 Jul 5 13:28 index.html apache error log shows reqtimeout kicking in: [Fri Jul 05 13:28:20.265457 2019] [reqtimeout:info] [pid 1760:tid 139887202260736] [client 10.0.100.235:34764] AH01382: Request body read timeout access log confirms the client certificate was used: 10.0.100.235 - - [05/Jul/2019:13:28:04 +] "GET / HTTP/1.1" 200 16544 "-" "curl/7.58.0" protocol=TLSv1.2 commonName=client-auth With the updated package: *** 2.4.29-1ubuntu4.7 500 500 http://br.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages The download is immediate: root@ubuntu:~# rm index.html root@ubuntu:~# curl --output index.html https://ubuntu/ --cacert /etc/apache2/cacert.pem --cert client-auth.pem --key client-auth.key --tlsv1.2 % Total% Received % Xferd Average Speed TimeTime Time Current Dload Upload Total SpentLeft Speed 100 10918 100 109180 0 969k 0 --:--:-- --:--:-- --:--:-- 969k root@ubuntu:~# ll index.html -rw-r--r-- 1 root root 10918 Jul 5 13:32 index.html bionic verification succeeded ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1833039 Title: 18.04/Apache2: rejecting client initiated renegotiation due to openssl 1.1.1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1833039/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs