** Changed in: xorg (Ubuntu)
Status: New => Invalid
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1595347
Title:
pack
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to eog in Ubuntu.
https://bugs.launchpad.net/bugs/1596161
Title:
package eog 3.10.2-0ubuntu5 failed to install/upgrade: symbolic l
Hello - The attached JournalErrors.txt shows that you're having serious
issues with your storage device. You should backup as much data as you
can and then migrate to a different drive.
Marking this bug as invalid as it is a hardware issue and not a software
bug.
** Information type changed from
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1594927
Title:
brak ekranu full hd
Status in xorg package in Ubuntu:
New
Bu
Marking invalid per comment #1.
** Information type changed from Private Security to Public Security
** Changed in: firefox (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libjpeg-turbo in Ubuntu.
https://bugs.launchpad.net/bugs/1593924
Title:
systemd-shim was not installed in 16.10 and now cannot
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1598153
Title:
ubuntu 16.04 thinkpad t560 死机
Status in xorg package in Ubuntu
@robert-ancell I tested your proposed change to the lightdm AppArmor
abstraction and can confirm that it allows the guest session to start
for me. Thanks for looking into the denials and getting that fixed!
I see that you committed the fix upstream. Do you plan on making another
lightdm upload bef
Assigning the lightdm task to Robert for now since he's already fixed it
upstream.
** Changed in: lightdm (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => Robert Ancell
(robert-ancell)
--
You received this bug notification because you are a member of Desktop
Packages, which is
** Description changed:
IMPORTANT: SRU Team, see comment #25 for why this bug is temporarily
marked verification-failed
= SRU im-config =
[Impact]
ibus-daemon by default uses a unix socket name of /tmp/dbus-... that is
indistinguishable from dbus-daemon abstract sockets. While dbus-d
** Information type changed from Private Security to Public Security
** Changed in: thunderbird (Ubuntu)
Status: New => Triaged
** Changed in: thunderbird (Ubuntu)
Importance: Undecided => Critical
** Changed in: thunderbird (Ubuntu)
Assignee: (unassigned) => Chris Coulson (chrisc
I've completed the AppArmor test plan:
https://wiki.ubuntu.com/Process/Merges/TestPlans/AppArmor
I've also manually verified the AppArmor portion of this SRU.
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1637624
Title:
having some abnormal working
Status in xorg package in Ubuntu:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to pygobject in Ubuntu.
https://bugs.launchpad.net/bugs/1637291
Title:
package python-gi 3.22.0-1 failed to install/upgrade: subpr
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
I'm temporarily marking this SRU bug as verification-failed so that it
doesn't get let through until kernel bug 1579135 is fixed. Without the
kernel bug fix for bug 1579135, this SRU has the potential for oopsing
the kernel of some users. Lets sit on this SRU until the Xenial kernel
currently in -p
ntu Xenial)
Status: New => In Progress
** Changed in: file-roller (Ubuntu Trusty)
Importance: Undecided => Medium
** Changed in: file-roller (Ubuntu Trusty)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: file-roller (Ubuntu Xenial)
Assignee: (unassigned) =&
** Changed in: file-roller (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to file-roller in Ubuntu.
https://bugs.launchpad.net/bugs/1171236
Title:
file-roller may delete the content o
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to account-plugins in Ubuntu.
https://bugs.launchpad.net/bugs/1622206
Title:
package account-plugin-google not installed failed
Hi Juan - Please see this page on how to upgrade Ubuntu:
http://www.ubuntu.com/download/desktop/upgrade
If you need additional help, please see this page for a number of
support resources:
https://community.ubuntu.com/help-information/
** Changed in: xorg (Ubuntu)
Status: New => Inva
Hi - are there any AppArmor denials in the syslog? To check, you can
trigger this bug and then look in /var/log/syslog for lines that contain
'apparmor="DENIED"'. Thanks!
** Changed in: apparmor (Ubuntu)
Importance: Critical => Undecided
** Changed in: apparmor (Ubuntu)
Status: Triaged
Swapping verification-failed for verification-needed now that bug
1579135 has been fixed for ~1 week.
** Tags removed: verification-failed
** Tags added: verification-needed
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to im-config in Ub
Thanks, I gave it a shot (after putting the profile into complain mode)
and here are the unique denials that I see when starting the guest
session:
operation="mknod" profile="/usr/lib/lightdm/lightdm-guest-session"
name="/proc/1295/fd/2" pid=1295 comm="lightdm-session" requested_mask="c"
denied_
Marking the apparmor task as invalid since the changes will likely need
to be made to the profile shipped by lightdm.
** Changed in: apparmor (Ubuntu)
Status: Incomplete => Invalid
** Changed in: lightdm (Ubuntu)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
--
Yo
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to pulseaudio in Ubuntu.
https://bugs.launchpad.net/bugs/1669654
Title:
package pulseaudio 1:8.0-0ubuntu3.2 failed to install/upgr
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/1671420
Title:
package cups-daemon 2.0.2-1ubuntu3 failed to install/upgrade: le
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for the bug report! We'll at least need to know what Ubuntu
release you're running and how to reproduce the warning. Please provide
this info and set the status back to "New".
** Changed in: ibus (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you a
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1670106
Title:
i don't know
Status in xorg package in Ubuntu:
New
Bug descr
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nvidia-graphics-drivers-304 in Ubuntu.
https://bugs.launchpad.net/bugs/1659586
Title:
NVIDIA CVE-2016-8826 and CVE-201
*** This bug is a duplicate of bug 1642966 ***
https://bugs.launchpad.net/bugs/1642966
** This bug has been marked a duplicate of bug 1642966
package cups-daemon 2.1.3-4 failed to install/upgrade: subprocess new
pre-removal script returned error exit status 1
** Information type changed f
** Information type changed from Private Security to Public Security
** Changed in: lightdm (Ubuntu Xenial)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: lightdm (Ubuntu Yakkety)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: lightdm (Ubuntu
Hello - CVE-2015-1692 was assigned to Microsoft Internet Explorer and
does not affect Ubuntu.
It seems like you're requesting support rather than reporting a security
issue. Please see http://www.ubuntu.com/support for a number of support
options.
** CVE added: http://www.cve.mitre.org/cgi-
bin/c
Marking the lightdm as invalid as it seems, from Nathan's description,
that the issue is with light-locker.
** Changed in: lightdm (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
HI Nathan - Thanks for the bug report. I'm going to make it public so
that more people can be aware of this issue in hopes that it'll get
attention.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Desktop
Pack
I've subscribed the light-locker devs team so that they're aware.
Note that bug 1473904 and bug 1440499 are similar light-locker bypass
issues.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1514016
Title:
travamentos
Status in xorg package in Ubuntu:
New
Bug descri
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1514031
Title:
i cannot boot
Status in xorg package in Ubuntu:
New
Bug desc
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1512048
Title:
non working of search on google
Status in firefox package in
** Attachment removed: "JournalErrors.txt"
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1514016/+attachment/4514553/+files/JournalErrors.txt
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to fglrx-installer in Ubuntu.
https://bugs.launchpad.net/bugs/1487563
Title:
package fglrx-amdcccle 2:15.200-0ubuntu4.2 failed to
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1487910
Title:
choppy video
Status in xorg package in Ubuntu:
New
Bug descr
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to hplip in Ubuntu.
https://bugs.launchpad.net/bugs/1487709
Title:
package hplip-data 3.14.3-0ubuntu3 failed to install/upgrade:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gconf in Ubuntu.
https://bugs.launchpad.net/bugs/1489018
Title:
package gconf2 3.2.6-0ubuntu2 failed to install/upgrade: 子进程 已安
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gconf in Ubuntu.
https://bugs.launchpad.net/bugs/1489017
Title:
package gconf2 3.2.6-0ubuntu2 failed to install/upgrade: 子进程 已安
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1487585
Title:
problemas en graficas
Status in xorg package in Ubuntu:
New
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1548106
Title:
The screen frezes when I am working
Status in xorg package in U
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1547938
Title:
starting twice to boot once
Status in xorg package in Ubuntu:
*** This bug is a duplicate of bug 1550372 ***
https://bugs.launchpad.net/bugs/1550372
** Information type changed from Private Security to Public
** This bug has been marked a duplicate of bug 1550372
package python-oneconf 0.3.7.14.04.1 failed to install/upgrade: subprocess
installed pr
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to oneconf in Ubuntu.
https://bugs.launchpad.net/bugs/1550372
Title:
package python-oneconf 0.3.7.14.04.1 failed to install/upgrad
Chromium 47 has been released with a large number of security fixes:
http://googlechromereleases.blogspot.com/2015/12/stable-channel-
update.html
** Changed in: chromium-browser (Ubuntu)
Status: New => Confirmed
** Changed in: chromium-browser (Ubuntu)
Importance: Undecided => High
The bug is not in aureport or libaudit. aureport looks for
AUDIT_USER_LOGIN events in the audit log but we're not generating them
in login programs due to libaudit support not being enabled at build
time or, in the case of lightdm, missing libaudit support.
Note that we are generating an AUDIT_LOG
I've created an upstream lightdm merge request to add login and logout
auditing support:
https://code.launchpad.net/~tyhicks/lightdm/auditing/+merge/269828
I've also submitted the (simple) changes needed in the openssh package
to Debian since Colin keeps the Debian and Ubuntu openssh package in
** Also affects: shadow (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: openssh (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: audit (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: lightdm (Ubuntu Trusty)
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1499810
Title:
package libgtk2.0-bin 2.24.23-0ubuntu1.2 failed to install/up
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1498703
Title:
resolution 640x480
Status in xorg package in Ubuntu:
New
Bug
Robert, you have to reboot the system after reverting the PAM config
changes.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1498775
Title:
Greeter auth doesn't unlock unity lockscree
Unfortunately, the PAM changes are required for the auditing
functionality.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1498775
Title:
Greeter auth doesn't unlock unity lockscreen
I am ok with reverting the entirety of the libaudit functionality in
Wily until I can sort out this bug.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1498775
Title:
Greeter auth doe
Thank you for the bug report! Can you describe the problems that you're
seeing? There's not enough information regarding the issues that you're
facing for us to take any action.
** Information type changed from Private Security to Public
** Changed in: xorg (Ubuntu)
Status: New => Incomple
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/1538656
Title:
package cups-core-drivers 1.7.2-0ubuntu1.7 failed to install/upg
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1538676
Title:
Xorg freeze
Status in xorg package in Ubuntu:
New
Bug descri
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1537204
Title:
Xorg crash
Status in xorg package in Ubuntu:
New
Bug descrip
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1537163
Title:
Xorg crash
Status in xorg package in Ubuntu:
New
Bug descrip
Hello and thanks for the report. You'll have to provide some more
details about why you think you have a security issue before we can act
on this report. After you've added more information, please reset the
bug status to "New'. Thanks!
** Information type changed from Private Security to Public S
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1537409
Title:
unmet dependencies
Status in xorg package in Ubuntu:
New
Bug
@ogra it isn't obvious how the fix for this bug could have caused bug
1733557. Can you elaborate?
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1677924
Title:
Local privilege escalat
I'm making this bug public now that we have security updates published
which disable the guest session. My hope is that we can re-enable it
after the changes suggested by pitti can be investigated/implemented.
** No longer affects: apparmor (Ubuntu Artful)
** No longer affects: apparmor (Ubuntu Z
If you have a use case which requires the guest session, you can
manually re-enable it by writing the following contents to
/etc/lightdm/lightdm.conf:
# Manually enable guest sessions despite them not being confined
# IMPORTANT: Makes the system vulnerable to CVE-2017-8900
# https://bugs.launchpad
** Changed in: lightdm (Ubuntu Artful)
Assignee: (unassigned) => Robert Ancell (robert-ancell)
** Changed in: lightdm
Assignee: (unassigned) => Robert Ancell (robert-ancell)
** Changed in: lightdm (Ubuntu Yakkety)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** C
The Details section is not visible on my laptop until I scroll down. I'm
concerned that a warning message in the Details section will go
unnoticed. BTW, that's on 17.04 with gnome-software
3.22.7-0ubuntu3.17.04.2.
I'd like for us to explore if there's a way to get a more visible
warning.
--
You
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gconf in Ubuntu.
https://bugs.launchpad.net/bugs/1690621
Title:
package gconf2-common 3.2.6-3ubuntu7 failed to install/upgrade:
*** This bug is a duplicate of bug 1688721 ***
https://bugs.launchpad.net/bugs/1688721
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gconf in Ubuntu.
https://bugs.launchpa
Hi Joseph - thanks for the report. We are aware of this CVE and have
triaged it in the Ubuntu CVE Tracker:
https://people.canonical.com/~ubuntu-
security/cve/2016/CVE-2016-7953.html
We have it rated as a 'low' which means that it will not be fixed in our
stable Ubuntu releases unless there's a
Thanks for the bug report! Unfortunately, it looks like you're having
hardware issues that could be the cause of the bug that you're
experiencing. I see a lot of I/O errors in the JournalErrors.txt
attachment. I'm afraid there's nothing that an Ubuntu developer can take
action on so I'm marking thi
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for the bug report. I've added a linux kernel task to the bug
since your logs are filled with kernel stack traces.
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1691123
Title:
AC
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Hello Paweł - thanks for the bug report. We're aware of this issue and
we are tracking it in the Ubuntu CVE Tracker:
http://people.canonical.com/~ubuntu-
security/cve/2017/CVE-2017-8798.html
** Information type changed from Private Security to Public Security
** Changed in: miniupnpc (Ubuntu)
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1690600
Title:
Issues with playing or installing you tube playlists.
Status in
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
@lahtis deb packaging doesn't provide us the granularity to have the
kernel packages specifically depend on intel-microcode packages on Intel
x86 systems and amd64-microcde on AMD x86 systems. Instead, we have to
depend on both packages. If you have an Intel processor, the AMD
microcode is not used
@amribrahim1987 you've probably noticed but we have released an
amd64-microcode update recently:
https://usn.ubuntu.com/3690-1/
Updates for AMD microcode will be provided in the amd64-microcode
package and not in linux-firmware.
--
You received this bug notification because you are a member o
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to flashplugin-nonfree in Ubuntu.
https://bugs.launchpad.net/bugs/1698601
Title:
package flashplugin-installer 26.0.0.131ubuntu0.1
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Hello and thanks for the bug report. I'm unable to reproduce this bug.
Since this does not seem to be a bug that an attacker can trigger, I'm
going to make the bug public in hopes that Ubuntu Desktop developers can
have a look and see if they can reproduce the issue. Thanks again for
the bug report
On 2011-09-30 00:23:31, Rolf Leggewie wrote:
> This is a very visible and highly annoying bug that affects a core
> package in three releases including the latest LTS. We need to identify
> the patch that fixed this and backport it.
I agree.
I've got a feeling that the fix for this is upstream c
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to
This turned out to be a tricky one. It is definitely an eCryptfs bug.
The upstream fix that I thought would solve this issue ended up not
being the right fix. Instead, it turned out to be the following two
commits:
bd4f0fe8bb7c73c738e1e11bc90d6e2cf9c6e20e
fed8859b3ab94274c986cbdf7d27130e0545f02c
201 - 300 of 303 matches
Mail list logo
