Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Older releases of Ubuntu used a group called "admin" instead of "sudo"
which is the name Debian chose later on.
We need to maintain the "admin" group rights in our sudoers file for
people upgrading from earlier Ubuntu releases. If we remove it, they
will no longer have sudo rights after upgrading.
** Changed in: apport (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1948657
Title:
Oct 2021 security update tracking bug
Statu
*** This bug is a security vulnerability ***
Public security bug reported:
This is the tracking bug for the October 2021 security udpdate.
** Affects: apport (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch
** Changed in: ca-certificates (Ubuntu Impish)
Status: New => Fix Committed
** Changed in: ca-certificates (Ubuntu Trusty)
Status: New => Fix Released
** Changed in: ca-certificates (Ubuntu Xenial)
Status: New => Fix Released
--
You received this bug notification because yo
** Changed in: libcaca (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libcaca in Ubuntu.
https://bugs.launchpad.net/bugs/1923273
Title:
buffer-overflow on libcaca-0.99.beta20/export
** Changed in: openjdk-13 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-14 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-15 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-16 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-17 (
)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Focal)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Hirsute)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-cer
*** This bug is a security vulnerability ***
Public security bug reported:
USN-5079-1 introduced a regression in bionic:
https://ubuntuforums.org/showthread.php?t=2467177
Focal+ appear to work as intended.
** Affects: curl (Ubuntu)
Importance: Undecided
Status: New
--
You recei
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1933832
Title:
Path traversal leads to arbitrary file re
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1934308
Title:
Arbitrary file read in general hook (ubun
I'd rather these go through the SRU process first, and they will get
picked up automatically next time we do an openssl security update.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad
No, they do not include the fixes from this bug.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1921518
Title:
OpenSSL "double free" error
Status in openssl package in Ub
Thanks for reporting this issue, but we disabled SSLv3 in 2015 in Ubuntu
16.04 LTS. There is absolutely no chance we will be enabling it again.
** Changed in: openssl (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded pa
Here's the debconf bug report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1934501
Title:
CVE-2018-15473 patch
This isn't specific to the openssh update. Debian packages use tools
such as debconf that need to write to /tmp to function correctly.
** Bug watch added: Debian Bug tracker #223683
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683
--
You received this bug notification because you are
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1934501
Title:
CVE-2018-15473 patch introduce user enum
** Information type changed from Private Security to Public Security
** Changed in: apport (Ubuntu)
Status: Incomplete => Confirmed
** Changed in: apport (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Touch seeded pa
** Changed in: openssh (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1937883
Title:
ssh-agent Shielded Private Key Extraction
St
dpkg-buildpackage: info: source changed by Marc Deslauriers
dpkg-source --before-build .
dpkg-source: warning: can't parse dependency perl:native
dpkg-source: error: diff 'openssl-1.1.1f/debian/patches/pr12272.patch'
patches files multiple times; split the diff in multiple files
I think the patch in comment #1 looks reasonable.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1928989
Title:
expiring trust anchor compatibility issue
Status in openss
** Changed in: apport (Ubuntu Impish)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary
** Bug watch added: github.com/cacalabs/libcaca/issues #55
https://github.com/cacalabs/libcaca/issues/55
** Also affects: libcaca via
https://github.com/cacalabs/libcaca/issues/55
Importance: Unknown
Status: Unknown
** Changed in: libcaca (Ubuntu)
Status: New => Triaged
--
** Bug watch added: github.com/cacalabs/libcaca/issues #56
https://github.com/cacalabs/libcaca/issues/56
** Also affects: libcaca via
https://github.com/cacalabs/libcaca/issues/56
Importance: Unknown
Status: Unknown
** Changed in: libcaca (Ubuntu)
Status: New => Triaged
--
** Changed in: apport (Ubuntu Bionic)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
** Changed in: apport (Ubuntu Focal)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
** Changed in: apport (Ubuntu Groovy)
Assignee: SatoshiNakamoto (evansanita713) => (unassig
** Changed in: apport (Ubuntu Bionic)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary
There was an update to libwebp that fixed a bunch of security issues:
https://ubuntu.com/security/notices/USN-4971-1
Could you test again to see if the issue is resolved? Thanks!
** Changed in: libwebp (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you
Thanks for reporting the issue!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1930917
Title:
Latest isc-dhcp-server rejects proper dhcpd.conf
Status in isc-dhcp package
gt; Confirmed
** Changed in: isc-dhcp (Ubuntu Hirsute)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: isc-dhcp (Ubuntu Impish)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: isc-dhcp (Ubuntu Hirsute)
Importance: Undecided => Critic
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary file reads
Status in apport pa
Oh, I seem to have overlooked that one. We are hitting the exact same
issue with the new postgresql releases, so it's unrelated to the pam
SRU:
https://bugs.launchpad.net/ubuntu/+source/postgresql-12/+bug/1928773/comments/2
--
You received this bug notification because you are a member of Ubuntu
do you have any resolution for this issue? It looks like i got the same.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/1652611
Title:
PCI/internal sound card not dete
Autopkgtests in comments #14 to #17 passed on retries except for openssh
which appears to be failing because of a date issue, which is unrelated
to the pam SRU.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
ht
I have uploaded packages for processing by the SRU team.
** Changed in: pam (Ubuntu Bionic)
Status: New => In Progress
** Changed in: pam (Ubuntu Focal)
Status: New => In Progress
** Changed in: pam (Ubuntu Groovy)
Status: New => In Progress
** Changed in: pam (Ubuntu Hirsu
** Patch added: "Groovy debdiff"
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+attachment/5496424/+files/pam_1.3.1-5ubuntu6.20.10.1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https
** Patch added: "Bionic debdiff"
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+attachment/5496426/+files/pam_1.1.8-3.6ubuntu2.18.04.3.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
htt
** Patch added: "Focal debdiff"
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+attachment/5496425/+files/pam_1.3.1-5ubuntu4.2.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs
** Patch added: "Hirsute debdiff"
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+attachment/5496423/+files/pam_1.3.1-5ubuntu6.21.04.1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
http
The debdiffs in comment #1 currently create a multiarch manpage
collision because of a pam packaging particularity. (See bug 1558597 for
an example)
I will update the debdiffs to correct the issue and will post them here
once done.
--
You received this bug notification because you are a member o
** Also affects: pam (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: pam (Ubuntu Hirsute)
Importance: Undecided
Status: New
** Also affects: pam (Ubuntu Groovy)
Importance: Undecided
Status: New
** Also affects: pam (Ubuntu Bionic)
Importance: U
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
I've read through this bug and I don't see a good way forward with a
solution here. OpenSSL 1.1.1 doesn't provide the exact API that is
required to solve it, which would probably be 3) as suggested above, but
I don't think Ubuntu should change the meaning of the value returned by
that API.
Ubuntu
** Changed in: apport (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1904082
Title:
apport's log collecting leaks MAC addresses may
** Changed in: openssl (Ubuntu)
Status: New => Confirmed
** Changed in: openssl (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.ne
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Updated for this issue have been released:
https://ubuntu.com/security/notices/USN-4738-1
** Changed in: openssl (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
*** This bug is a duplicate of bug 1888598 ***
https://bugs.launchpad.net/bugs/1888598
if I add blacklist= to load-module module-switch-on-connect, switching
to HDMI is no longer inhibited, and the HDMI output is listed first in
pavucontrol, but the output still disappears for good when the mo
*** This bug is a duplicate of bug 1888598 ***
https://bugs.launchpad.net/bugs/1888598
Here is what happens as seen by pulseaudio - during the monitor
sleep/wake cycle leading to disappearance of the HDMI output:
D: [pulseaudio] alsa-util.c: ELD info empty (for device=3)
D: [pulseaudio] m
*** This bug is a duplicate of bug 1888598 ***
https://bugs.launchpad.net/bugs/1888598
Hi!
Affected by this bug, but not exactly bug #1888598.
Config: Asus Extreme Omega integrated HDA Intel PCH as Card 1 + ASUS Nvidia
3090 as Card 2.
Card 0 is an USB webcam and only an audio input.
Problem
New updates have been released with a fixed security patch:
https://ubuntu.com/security/notices/USN-4754-4
** Changed in: python2.7 (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscrib
Please disregard comment #9, this is a different issue.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1899878
Title:
Python's test_ssl fails starting from Ubuntu 20.04
S
The python2.7 security updates that will be released today will fix this
issue.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1899878
Title:
Python's test_ssl fails start
I have backported the patches and have some packages to test in the
security team PPA here:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages
Could you please see if they solve the issue for you? Once you've tried
them, I will release them as a security regression fix
So it looks like there are two different issues here:
Bug in handling multiple queries (openwrt bug):
Move fd into frec_src, fixes 15b60ddf935a531269bb8c68198de012a4967156
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=04490bf622ac84891aad6f2dd2edf83725decdee
Fix to 75e2f0aec33e58ef
Debdiff in comment #5 looks good. There was a missing double space
between your email and the date in debian/changelog that was causing a
lintian error.
I fixed the missing space and uploaded it to hirsute.
Thanks!
** Changed in: sudo (Ubuntu)
Status: In Progress => Fix Committed
--
You
It's possible in certain upgrade scenarios that the certs have been
permanently blacklisted on your system.
Look at the /etc/ca-certificates.conf file to see if the following two
lines start with a "!" character:
mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt
mozilla/VeriSign_Universal
No, GeoTrust Global CA is no longer to be used and has been removed from
the CA list as requested by DigiCert.
Please see:
https://bugzilla.mozilla.org/show_bug.cgi?id=1670769
** Bug watch added: Mozilla Bugzilla #1670769
https://bugzilla.mozilla.org/show_bug.cgi?id=1670769
--
You received
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1912326
Title:
Privilege escalation to root with core fi
I agree this sounds like an undesirable scenario. I think all dkms
packages should get built in -security as part of the SRU process to
prevent this sort of thing from happening in the future.
Do we do test rebuilds of all the dkms modules before switching the
kernel meta package to a new upstream
It looks like the reverted blacklist will work fine for new installs of
groovy, so I'll be pushing a new version of the ca-certificates package
tomorrow with an updated bundle that will solve this issue at the same
time.
--
You received this bug notification because you are a member of Ubuntu
Tou
*** This bug is a security vulnerability ***
Public security bug reported:
Bug to track upgrading the ca-certificates package to the NSS 2.46
bundle.
** Affects: ca-certificates (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a mem
cates (Ubuntu Groovy)
Status: New => Confirmed
** Changed in: ca-certificates (Ubuntu Hirsute)
Status: Confirmed => Fix Committed
** Changed in: ca-certificates (Ubuntu Groovy)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates
There are updates for this issue built in the security team PPA here:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python-apt in Ubuntu.
https:
*** This bug is a security vulnerability ***
Public security bug reported:
USN-4668-1 introduced a regression in python-apt when using certain APIs
with a file handle.
See Debian bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977000
** Affects: python-apt (Ubuntu)
Importance: Unde
buntu)
Status: New => Invalid
** Changed in: poppler (Ubuntu Xenial)
Status: New => In Progress
** Changed in: poppler (Ubuntu Bionic)
Status: New => In Progress
** Changed in: poppler (Ubuntu Xenial)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in
Out of curiosity, what does the hosts line in your /etc/nsswitch.conf
file look like?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1883793
Title:
systemd-resolved leaks
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1903332
Title:
Apport get_config incorrectly drops privi
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
The fix (upgrading to HWE) doesn't change the Mesa lib version, so while
it could be caused by a newer Mesa interacting badly with the older
kernel or xorg, I feel like it seems more like to be kernel or xorg.
18.04 is LTS, and this is somewhat of a trap for those doing CI testing
of desktop appli
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to accountsservice in Ubuntu.
https://bugs.launchpad.net/bugs/1900255
Title:
accountsservice drop privileges
I don't get the issue on Ubuntu 20.04 or 20.10 server or desktop
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1902853
Title:
Failure to create core GL context with llvmpipe
Ah, forgot 20.10 was now out. Will check that too :)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1902853
Title:
Failure to create core GL context with llvmpipe when using
I'll double-check on the latest 20.04 images today. I skipped that step
as I assumed, given the much newer HWE stack fixed the issue, that this
would be fixed on 20.04.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in U
Public bug reported:
When using llvmpipe on the non-HWE xorg version GL core context creation
fails when using "GLX_ARB_context_flush_control" even though the driver
reports that the extension is supported.
Apologies if xorg is the wrong package here, this could be a libgl1
-mesa-dri/glx bug inst
Here's a proposed fix, not sure if this is the exact cause of the
double-free or if duplicate keys are acceptable or not.
** Patch added: "Proposed Fix"
https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1899100/+attachment/5427819/+files/whoopsie_0.2.73~test1.debdiff
** Information type
*** This bug is a duplicate of bug 1899100 ***
https://bugs.launchpad.net/bugs/1899100
** Information type changed from Private to Public
** This bug has been marked a duplicate of bug 1899100
whoopsie assert failure: double free or corruption (fasttop)
--
You received this bug notificat
** Changed in: nss (Ubuntu)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1897666
Title:
FTBFS: nss for groovy ftbfs due to erroneous nonn
The updates for this issue have been released:
https://ubuntu.com/security/notices/USN-4538-1
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to packagekit in Ubuntu.
https://bugs.launchpad.net/bugs/187
Title:
Re
The updates for this issue have been released:
https://ubuntu.com/security/notices/USN-4538-1
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to packagekit in Ubuntu.
https://bugs.launchpad.net/bugs/1882098
Title:
Pa
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to packagekit in Ubuntu.
https://bugs.launchpad.net/bugs/187
Title:
Reading local files as root leads to
I am currently preparing updates for this issue, and I just tested the
bionic update that includes this patch, and it works in my environment.
Could you please make sure you created the policy file ok, and have
rebooted after updating packagekit?
--
You received this bug notification because you
Hi Julian,
Could you please backport the patch in comment #9 to xenial? The code in
xenial is substantially different.
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to packagekit in Ubuntu.
https://bugs.launchpad.net/
It's not feasible to stop the affected ciphers from re-using secrets,
it's in the specification.
Removing the ciphers is what was done in later releases of openssl,
including the 1.0.2w version that was released specifically to address
this issue:
https://www.openssl.org/news/secadv/20200909.txt
This has now been fixed:
https://ubuntu.com/security/notices/USN-4504-1
** Changed in: openssl (Ubuntu Xenial)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Hi,
Could you elaborate which codes in that manpage you feel are dangerous
and are actually implemented by the common terminals? The old screendump
and window title codes were disabled long ago, I'm not sure any of the
others are anything other than a nuisance.
--
You received this bug notificat
Hi,
The only thing an attacker can do with this vulnerability is DoS their
own connection. As such, it is not considered a security issue either by
the upstream OpenSSH project, or by the Ubuntu security team.
Like other distros, we have no plans to fix this issue in our stable
releases.
** Chan
Unfortunately, this SRU has been superseded by a security update. Please
re-upload the SRU. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1881976
Title:
apport-gtk
*** This bug is a duplicate of bug 1889851 ***
https://bugs.launchpad.net/bugs/1889851
I'm pretty sure this is a dupe of #1889851. Marking as such.
** This bug has been marked a duplicate of bug 1889851
Driver QMysql can't be loaded
--
You received this bug notification because you are a
Possibly related:
https://github.com/mysql/mysql-server/commit/735bd2a53834266c7256830c8d34672ea55fe17b
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to opencv in Ubuntu.
https://bugs.launchpad.net/bugs/1890170
Title:
Import
I think this is related:
$ readelf --dynamic libmysqlclient.so.21.1.19 | grep BIND
0x001e (FLAGS) BIND_NOW
$ readelf --dynamic libmysqlclient.so.21.1.21 | grep BIND
0x001e (FLAGS) BIND_NOW STATIC_TLS
** Information type changed from Public to
** Changed in: librsvg (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to librsvg in Ubuntu.
https://bugs.launchpad.net/bugs/1889206
Title:
Regression in USN-4436-1
Status in librs
** Attachment added: "eog displaying issue rendering anglo cardset"
https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/1889206/+attachment/5396555/+files/anglo-issue.png
** Bug watch added: gitlab.gnome.org/GNOME/librsvg/-/issues #612
https://gitlab.gnome.org/GNOME/librsvg/-/issues/612
Can also be tested by running "eog
/usr/share/aisleriot/cards/anglo.svgz". See attached screenshot.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to librsvg in Ubuntu.
https://bugs.launchpad.net/bugs/1889206
Title:
Regressio
me cards are missing graphics
** Affects: librsvg (Ubuntu)
Importance: Undecided
Status: New
** Affects: librsvg (Ubuntu Xenial)
Importance: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: Confirmed
** Affects: librsvg (Ubuntu Bionic)
Importance: Undecided
201 - 300 of 1280 matches
Mail list logo