(Ubuntu Focal)
Importance: High
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Also affects: linux (Ubuntu Disco)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Eoan)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Eoan
On 2019-11-30 21:44:33, A. Denton wrote:
> Will the required pat set be backported to older kernel, such as Ubuntu
> 4.15.0-70.79-generic 4.15.18?
No, there are no plans to backport them at this time.
If you'd like to make use of a kernel containing those patches in Ubuntu
18.04 LTS, please
Importance: Undecided
Status: Invalid
** Affects: linux (Ubuntu Xenial)
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Xen
I don't think that we should make this change. I explained my reasoning
in this email:
https://lists.ubuntu.com/archives/kernel-
team/2019-September/103615.html
For posterity, I'm copying the content below.
=
While enabling kernel hardening features is
Public bug reported:
[Impact]
Some cloud-focused kernels have CONFIG_BT enabled but cloud instances
shouldn't need bluetooth support. Disabling the bluetooth subsystem
reduces the amount of security-sensitive code we have to worry about in
the cloud kernels and also has the nice side effect of
Ubuntu 14.04 ESM's base kernel was fixed with version 3.13.0-171.222.
Ubuntu 12.04 ESM's base kernel was fixed with version 3.2.0-141.188.
** Changed in: linux (Ubuntu Trusty)
Status: New => Fix Released
** Changed in: linux (Ubuntu Precise)
Status: New => Fix Released
--
You
Ubuntu 14.04 ESM's base kernel was fixed with version 3.13.0-171.222.
Ubuntu 12.04 ESM's base kernel was fixed with version 3.2.0-141.188.
** Changed in: linux (Ubuntu Trusty)
Status: New => Fix Released
** Changed in: linux (Ubuntu Precise)
Status: New => Fix Released
--
You
I messed up when writing the test and forgot to consider that
CONFIG_BINFMT_AOUT is specific to i386. I've fixed that in QRT:
https://git.launchpad.net/qa-regression-
testing/commit/?id=6e659984b07987dd24acf5872d408afafbdb6510
I'm going to mark this bug as invalid since those test failures
Disco is based on a 5.0 upstream kernel so it has enhanced IBRS support.
** Changed in: linux (Ubuntu Disco)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching
** Also affects: linux (Ubuntu Disco)
Importance: Undecided
Status: Confirmed
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Cosmic)
Bionic: https://lists.ubuntu.com/archives/kernel-team/2019-February/098532.html
Xenial: https://lists.ubuntu.com/archives/kernel-team/2019-February/098538.html
** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Xenial)
Importance:
** Also affects: initramfs-tools (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Changed in: initramfs-tools (Ubuntu Xenial)
Assignee: (unassigned) => Marcelo Cerri (mhcerri)
** Changed in: initramfs-tools (Ubuntu Bionic)
Assignee: (unassigned) => Marcelo Cerri (mhcerri)
** Also affects: initramfs-tools (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: initramfs-tools (Ubuntu Xenial)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is
tu Cosmic)
Status: Incomplete => In Progress
** Changed in: linux (Ubuntu Dd-series)
Status: New => In Progress
** Changed in: linux (Ubuntu Dd-series)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: linux (Ubuntu Cosmic)
Assignee: (unassigned) =>
The reporter states in the linuxcontainers.org discussion and in this
bug description that he's not using an Ubuntu kernel.
This is fixed in Ubuntu 18.04 and will soon be available in Ubuntu 16.04
via the hardware enablement kernel. I'm marking this Xenial task as
Won't Fix in regards to its 4.4
The commit mentioned in comment #4 has been upstream since kernel v4.5.
Marking the main linux task as fix released.
** Changed in: linux (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is
** Also affects: znc (Ubuntu Cosmic)
Importance: Medium
Assignee: Thomas Ward (teward)
Status: In Progress
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
** Also affects: znc (Ubuntu Artful)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1781925
I don't think the Security or Foundations teams plan to make any changes
in Whoopsie so I'm marking these tasks as invalid.
** Changed in: whoopsie (Ubuntu Trusty)
Status: New => Invalid
** Changed in: whoopsie (Ubuntu Xenial)
Status: New => Invalid
** Changed in: whoopsie (Ubuntu
** Description changed:
[Impact]
Currently the DKMS package fails to install on supported custom
kernels that are based on 4.15. That includes the current 4.15
hwe-edge and some of the custom and cloud kernels as well.
[Test Case]
- Install the broadcom-sta package with the
** Changed in: dahdi-linux (Ubuntu)
Status: In Progress => Invalid
** Also affects: dahdi-linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: dahdi-linux (Ubuntu Xenial)
Status: New => In Progress
** Changed in: dahdi-linux (Ubuntu Xenial)
This debdiff looks good. I've sponsored it to xenial-proposed. Thanks!
** Also affects: ndiswrapper (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: ndiswrapper (Ubuntu Xenial)
Assignee: (unassigned) => Marcelo Cerri (mhcerri)
** Changed in: ndiswrapper (Ubuntu
** Description changed:
[Impact]
Currently the DKMS package fails to install on supported custom
kernels that are based on 4.15. That includes the current 4.15
hwe-edge and some of the custom and cloud kernels as well.
[Test Case]
- Install the broadcom-sta package with the
** Description changed:
[Impact]
Currently the DKMS package fails to install on supported custom
kernels that are based on 4.15. That includes the current 4.15
hwe-edge and some of the custom and cloud kernels as well.
[Test Case]
- Install the broadcom-sta package with the
The Xenial 4.4 kernel was fixed in 4.4.0-127.153:
https://launchpad.net/ubuntu/+source/linux/4.4.0-127.153
** Changed in: linux (Ubuntu Xenial)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is
Looks good! I've uploaded it to xenial.
** Also affects: bcmwl (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: bcmwl (Ubuntu Xenial)
Assignee: (unassigned) => Marcelo Cerri (mhcerri)
** Changed in: bcmwl (Ubuntu Xenial)
Status: New => In Progress
**
Thanks for fixing up the debdiff! I've sponsored it to Bionic after
making a couple changes:
- Added links to the upstream commits in the changelog. This is helpful
since the patchless style of packaging doesn't have broken out patches
where you can add the origin in the patch tags.
- Used the
** Changed in: iotop (Ubuntu Xenial)
Status: Confirmed => Invalid
** Changed in: iotop (Ubuntu)
Status: Confirmed => Invalid
** Changed in: linux (Ubuntu Xenial)
Status: Incomplete => In Progress
** Changed in: linux (Ubuntu Xenial)
Assignee: (unassigned)
** Also affects: crash (Ubuntu Cosmic)
Importance: High
Assignee: Canonical Kernel Team (canonical-kernel-team)
Status: New
** Also affects: crash (Ubuntu Artful)
Importance: Undecided
Status: New
** Also affects: crash (Ubuntu Bionic)
Importance: Undecided
cascardo asked me to sponsor his upload to xenial-proposed. I've compare
the build logs between the 4.0ubuntu1 version currently in xenial to the
build logs from his 4.5ubuntu1~16.04.1 change. The build logs are clean
with no surprises. I also compared the binary packages and was able to
confirm
Undecided => High
** Changed in: linux (Ubuntu Xenial)
Importance: Undecided => High
** Changed in: linux (Ubuntu Trusty)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: linux (Ubuntu Xenial)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in:
** Description changed:
+ [Impact]
+
+ * Some systems experience kernel lockups after updating to the latest
intel-microcode
+package or when receiving updated microcode from a BIOS update.
+
+ * In many cases, the lockups occur before users can reach the login screen
which makes
+
** Also affects: lttng-modules (Ubuntu)
Importance: Undecided
Status: New
** Changed in: lttng-modules (Ubuntu Xenial)
Status: New => In Progress
** Changed in: lttng-modules (Ubuntu Artful)
Status: New => In Progress
** Changed in: lttng-modules (Ubuntu Xenial)
@Khaled after giving it a little more thought, I think these changes
might be needed in bionic in the situation that an artful user is
upgrading to bionic or when a xenial hwe user is upgrading to bionic. I
think that if the lttng-modules-dkms binary package is upgraded to the
bionic package
Updates were released for this issue:
https://usn.ubuntu.com/3595-1/
** Also affects: samba (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: samba (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: samba (Ubuntu Trusty)
Importance:
ntu Zesty)
Importance: Undecided => High
** Changed in: squashfs-tools (Ubuntu Artful)
Importance: Undecided => High
** Changed in: squashfs-tools (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: squashfs-tools (Ubuntu Trusty)
Assignee: (unassigned) => Tyler Hicks
the incorrect comment
for the purposes of this SRU.
** Changed in: audit (Ubuntu)
Assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) =>
Tyler Hicks (tyhicks)
** Changed in: audit (Ubuntu)
Status: New => In Progress
** Changed in: audit (Ubuntu)
Importance: Und
This bug is fixed with the following updates:
1.4-2+deb8u1build0.17.04.2 zesty-security
1.4-2+deb8u1build0.16.04.2 xenial-security
1.4-2+deb8u1build0.14.04.2 trusty-security
** Changed in: wordpress-shibboleth (Ubuntu Trusty)
Status: In Progress => Fix Released
** Changed in:
s. They do not change
the behavior of seccomp logging by default but offer ways applications
to opt into more logging and, on the flipside, ways for the
administrator to quite any additional logging.
** Affects: snappy
Importance: Medium
Assignee: Tyler Hicks (tyhicks)
Stat
** Also affects: varnish (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: varnish (Ubuntu Zesty)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to
Thanks Otto! The 17.04 upload looks good to me and I've sponsored it
into ppa:ubuntu-security-proposed/ppa. I should be able to release it
later today.
Unfortunately, 16.10 went EoL before we got around to sponsoring your
mariadb-10.0 update. I'll release the corresponding 16.04 update later
Hi Balint - Thanks for the updates. I happened to notice that these are
security updates. Security updates that are to be sponsored should
follow this process:
https://wiki.ubuntu.com/SecurityTeam/SponsorsQueue#Notes_for_Contributors
I'll update the bug tasks and subscribe
This bug was fixed in the package ruby-zip - 1.2.0-1.1
---
ruby-zip (1.2.0-1.1) unstable; urgency=medium
* Non-maintainer upload.
* CVE-2017-5946: directory traversal vulnerability in Zip::File component
(Closes: #856269)
-- Salvatore Bonaccorso Mon, 27
Hello again, Phillip. I made a mistake while triaging this bug last week
because I mistakenly thought that ruby-zip was in main. It turns out
that ruby-zip is in universe and, therefore, it is community supported.
If you are able, I suggest coordinating with upstream and posting a
debdiff for this
** Changed in: virt-manager (Ubuntu Xenial)
Status: In Progress => Fix Committed
** Changed in: virt-manager (Ubuntu Yakkety)
Status: In Progress => Fix Committed
** Changed in: virt-manager (Ubuntu Zesty)
Status: In Progress => Fix Committed
** No longer affects:
question for upstream should block the
uploads. If needed, we can address the question later before Zesty
releases.
Thanks for the clean debdiffs, Dave!
** Changed in: virt-manager (Ubuntu Xenial)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: virt-manager (Ubuntu Yakk
=> Won't Fix
** Changed in: upstart (Ubuntu Trusty)
Status: Incomplete => Won't Fix
** Changed in: upstart (Ubuntu Trusty)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
** Changed in: apparmor (Ubuntu Trusty)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
signed) => Tyler Hicks (tyhicks)
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1611078
Title:
Support snaps inside of lxd container
signee: (unassigned) => Tyler Hicks (tyhicks)
** Also affects: upstart (Ubuntu)
Importance: Undecided
Status: New
** No longer affects: upstart (Ubuntu Xenial)
** Changed in: upstart (Ubuntu)
Status: New => Invalid
** Changed in: upstart (Ubuntu Trusty)
Status: New =&
All three uploads are building in the ubuntu-security-proposed ppa:
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa
I won't publish them until I've heard back regarding the mdev-9479
-oqgraph-boost.patch patch that I asked about in comment #7.
** No longer affects:
Otto, can you confirm that you intended to drop mdev-9479-oqgraph-
boost.patch in the Yakkety upload? There's no mention in the changelog
so I'd like to be sure before I sponsor the upload.
** Also affects: mariadb-5.5 (Ubuntu Yakkety)
Importance: Undecided
Status: New
** Also affects:
hanged in: apparmor (Ubuntu Yakkety)
Status: New => Won't Fix
** Changed in: apparmor (Ubuntu Xenial)
Status: New => In Progress
** Changed in: apparmor (Ubuntu Xenial)
Importance: Undecided => Low
** Changed in: apparmor (Ubuntu Xenial)
Assignee: (unassigned) => Ty
** Changed in: file-roller (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1171236
ntu Xenial)
Status: New => In Progress
** Changed in: file-roller (Ubuntu Trusty)
Importance: Undecided => Medium
** Changed in: file-roller (Ubuntu Trusty)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Changed in: file-roller (Ubuntu Xenial)
Assignee: (unassigned) =&
** Also affects: apparmor (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Yakkety)
Importance: Low
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Changed in: apparmor (Ubuntu Xenial)
Importance: Undecided => Low
** Chan
der Snappy confinement. It has a high
potential to confuse Snappy users because they may think that the
snaps running on their system are malicious.
Fix: The fix was authored by Tyler Hicks and acked by Serge Hallyn. It
creates a new ns_capable() function that calls into the LSM ho
policy is being loosened instead of being restricted.
** Also affects: apparmor (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu Xenial)
Status: New => In Progress
** Changed in: apparmor (Ubuntu Xenial)
Importance: Undecided => High
** Ch
signee: (unassigned) => Tyler Hicks (tyhicks)
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1584069
Title:
change_profile rules need a modifier
This fix was released in yakkety via 2.10.95-4ubuntu2.
** Changed in: apparmor (Ubuntu)
Status: New => Fix Released
** Changed in: apparmor (Ubuntu)
Importance: Undecided => Medium
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
*
I cannot reproduce this with linux-generic-lts-xenial. I think it is
safe to say that this bug was fixed in 16.04.
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: linux (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects:
60 matches
Mail list logo