/*
* Info stored in tty ticket from stat(2) to help with tty matching.
*/
static struct tty_info {
dev_t dev; /* ID of device tty resides on */
dev_t rdev; /* tty device ID */
ino_t ino; /* tty inode number */
struct timeval
Just to be clear, you can't currently bypass security by simply changing
the time, you also have to guess the tty, and create a new one with the
exact timestamp and inode. That information is in a timestamp file you
can't access.
While adding the monotonic clock is an incremental improvement,
** Changed in: hundredpapercuts
Status: Triaged = Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1448663
Title:
Wrong version format of
Yes, the tty numbers and inodes reset when you reboot. That is why sudo
has an init script that forcibly expires all the timestamp files when
you reboot.
Without rebooting, the tty, inode, sid should change for every terminal
you open.
--
You received this bug notification because you are a
Hi Mark,
In your first hexdump, this is what those values represent:
00013 = id of the device the tty is on
34816 = device id of the tty file
3 = inode of the tty file
01000 = uid of the tty file
5 = gid of the tty file
31291 = sid
The id of the device the tty is on is known. So is the
You could probably write a script that attempts to brute force low-digit
sids and inodes when you supply a tty number. That should be possible.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
Yes, there's a chance the same tty can get reused with the same inode if
nothing else requires a tty in the meantime.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1219337
So it's simply a matter of opening a bunch of terminals to get the same
tty and rolling the sid in each of them.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1219337
Title:
Attached is the output of:
export LC_ALL=C
ls -lR /sys/class/power_supply/* /tmp/out.txt 21
echo /tmp/out.txt
ls -lR /sys/class/bluetooth/* /tmp/out.txt 21
echo /tmp/out.txt
udevadm info --export-db /tmp/out.txt 21
echo /tmp/out.txt
grep -r . /sys/class/power_supply/* /sys/class/bluetooth/*
I suspect paths have changed in recent kernels, so this may also affect
the HWE kernels.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to upower in Ubuntu.
https://bugs.launchpad.net/bugs/1449051
Title:
Upower doesn't
Public bug reported:
I have a bluetooth Logitech M557, and it is being mis-detected by Upower
as a battery instead of a mouse:
Device: /org/freedesktop/UPower/devices/battery_hid_00o1fo20of5oabob5_battery
native-path: hid-00:1f:20:f5:ab:b5-battery
model:Bluetooth
** Also affects: sudo (Ubuntu Vivid)
Importance: Undecided
Status: New
** Also affects: sudo (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: sudo (Ubuntu Utopic)
Importance: Undecided
Status: New
** Changed in: sudo (Ubuntu Trusty)
Status:
You can set the time with:
timedatectl set-time 2000-01-01 10:00:00
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1219337
Title:
Users can change the clock without
Should be pretty trivial, and slightly more amusing than simply
trojaning ~/.bash* or ~/bin/sudo.
For completeness' sake, perhaps it could also do the same for the polkit
timestamp files also.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which
Hello,
Thanks for reporting this issue. Since TZ is now evaluated as part of
the default env_check list, you need to specifically remove it from that
by using the following configuration:
Defaultsenv_check-=TZ
Since this is a configuration issue, I am closing this bug. Please feel
free
ACK on the debdiff in comment #20. Uploaded for processing by the SRU
team. Thanks!
** Changed in: rsyslog (Ubuntu Trusty)
Status: Triaged = In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in
This was fixed in nfs-utils. Closing upstart tasks as they are no longer
necessary.
** Changed in: upstart (Ubuntu)
Status: Confirmed = Won't Fix
** Changed in: upstart (Ubuntu)
Status: Won't Fix = Invalid
** Changed in: upstart (Ubuntu Utopic)
Status: Confirmed = Invalid
** Patch added: Debdiff with proposed patch sent upstream
https://bugs.launchpad.net/ubuntu/+source/upower/+bug/1449051/+attachment/4390929/+files/upower_0.99.2-2ubuntu1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
Created attachment 115537
Proposed patch
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to upower in Ubuntu.
https://bugs.launchpad.net/bugs/1449051
Title:
Upower doesn't handle bluetooth mice properly
Status in Upower:
After installing the update, my ethernet and wireless routes still have
the same metric:
$ ip route
default via 192.168.100.1 dev eth0 proto static metric 100
169.254.0.0/16 dev eth0 scope link metric 1000
192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.150
@jderose: it don't think it did fix the problem for you:
10.17.75.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
10.17.75.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
Both your wlan0 and eth0 devices have the same metric.
@tagrain:
10.10.0.0 0.0.0.0 255.255.0.0 U 0 0 0 wlan0
10.10.0.0 0.0.0.0 255.255.0.0 U 0 0
Subscribing the release team to see if this is too late to get a feature
exception.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1444241
Title:
Add more POWER8
= Confirmed
** Changed in: apport (Ubuntu Trusty)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: apport (Ubuntu Utopic)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
*** This bug is a security vulnerability ***
Public security bug reported:
The fix in USN-2569-1 introduced a vulnerability when parsing
/proc/net/unix.
There is a known issue in the kernel where newlines aren't being escaped
properly:
http://www.spinics.net/lists/netdev/msg320556.html
** Changed in: apport (Ubuntu Trusty)
Status: Triaged = Fix Released
** Changed in: apport (Ubuntu Utopic)
Status: Triaged = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
This is CVE-2015-1319
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1319
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity in Ubuntu.
https://bugs.launchpad.net/bugs/1438870
Title:
Lock screen
Why do apps need to access the vibrate setting at all?
Since vibrating consumes power, the platform should be able to enforce whether
or not an app can do it, so the API should probably be implemented in a service
that is running under a different process.
--
You received this bug notification
: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: tiff (Ubuntu Precise)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: tiff (Ubuntu Trusty)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: tiff (Ubuntu Utopic)
Assignee: (unassigned
** Description changed:
Sander Bos discovered that Apport enabled a user to perform a root
escalation since it now configures fs.suid_dumpable=2.
Here's a brief description of the issue:
1- A regular user can trigger a coredump with /proc/$PID/stat as root:root
simply by doing chmod
FYI, the current plan is to wait until Debian bug #786555 gets fixed,
and then publish updates for stable Ubuntu releases based on the jessie
sudo package.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
The actual fix that went into wily is:
# pid files and sockets
/{,var/}run/slapd/* w,
/{,var/}run/slapd/ldapi rw,
/{,var/}run/nslcd/socket rw,
Ryan, could you please update your proposed debdiffs to reflect the
actual changes that went into the development release?
Thanks!
--
You received
curl 7.43.0-1ubuntu1 is now in wily-proposed, awaiting a transition.
Since there is nothing to sponsor, I am unsubscribing ubuntu-sponsors from this
bug.
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to curl in
I am unsubscribing ubuntu-sponsors for now, since there is nothing to do
until this patch gets accepted upstream.
Once you've opened the upstream bug, and have linked it to this one,
please subscribe ubuntu-sponsors again. Thanks!
--
You received this bug notification because you are a member
** Also affects: firefox (Ubuntu)
Importance: Undecided
Status: New
** Changed in: firefox (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
** Information type changed from Private Security to Public
** Package changed: ubuntu = apt (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1464801
Title:
apt-get
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for your comments. This does not appear to be a bug report and we
are closing it. We appreciate the difficulties you are facing, but it
would make more sense to raise your question in the support tracker.
Please visit https://answers.launchpad.net/ubuntu/+addquestion
** Information type
FYI, I have a merge request pending review that makes the laptop battery
have priority over the mouse battery here:
https://code.launchpad.net/~mdeslaur/indicator-power/fix-
priorities/+merge/260903
This will only display the mouse battery if it's below 10% so that the
user will still get a
I think that site is simply printing the warning based on the browser
user agent, and not actually testing for the vulnerability.
logjam is planned to be officially addressed in Firefox 39, so it will
probably change once firefox 39 gets pushed out.
** Package changed: openssl (Ubuntu) = firefox
** Bug watch added: Debian Bug tracker #787620
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787620
** Also affects: nettle (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787620
Importance: Unknown
Status: Unknown
--
You received this bug notification because
** Changed in: dash (Ubuntu)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: dash (Ubuntu)
Importance: Undecided = High
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dash in Ubuntu.
https
)
Importance: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: Triaged
** Affects: bash (Debian)
Importance: Unknown
Status: Unknown
** Bug watch added: Debian Bug tracker #720545
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720545
** Also affects: bash
This was fixed long ago. Closing.
** Changed in: bash (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1378114
Title:
Ubuntu
** Bug watch added: Debian Bug tracker #734869
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869
** Also affects: dash (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734869
Importance: Unknown
Status: Unknown
--
You received this bug notification because you
Export cipher suites are now disabled in all releases:
http://www.ubuntu.com/usn/usn-2624-1/
** Changed in: openssl (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in
*** This bug is a security vulnerability ***
Public security bug reported:
OpenSSL shouldn't use export cipher suites by default.
** Affects: openssl (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1466380
Title:
No authentication check if
ACK on the debdiffs, I've uploaded them for building. (I removed the
extra patch, and changed the pocket to -security).
What testing did you perform on these?
** Also affects: openldap (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: openldap (Ubuntu Utopic)
** Description changed:
Sander Bos discovered that Apport enabled a user to perform a root
escalation since it now configures fs.suid_dumpable=2.
Here's a brief description of the issue:
1- A regular user can trigger a coredump with /proc/$PID/stat as root:root
simply by doing chmod
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Also affects: policykit-1-gnome (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Private Security to Public Security
** Changed in: policykit-1 (Ubuntu)
Status: New = Confirmed
** Changed in: policykit-1-gnome (Ubuntu)
Status: New =
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Information type changed from Private Security to Public Security
** Also affects: freetype (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: freetype (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: freetype (Ubuntu Utopic)
*** This bug is a security vulnerability ***
Public security bug reported:
Sudo 1.8.10 switched to a new time stamp file format that uses the
monotonic clock. Timestamp files moved from /var/lib/sudo to
/var/lib/sudo/ts.
At boot, the contents of the /var/lib/sudo/ts directory needs to be
** Bug watch added: Debian Bug tracker #786555
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786555
** Also affects: sudo (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786555
Importance: Unknown
Status: Unknown
** Also affects: sudo (Ubuntu Wily)
Importance:
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1453900
Title:
root escalation via race condition
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1452239
Title:
root escalation with fs.suid_dumpable=2
ACK on the merge. Thanks!
I've uploaded it to wily with a couple of changes:
- removed the extra Disable mdb backend... from changelog
- removed d/slapd.dirs: add etc/apparmor.d/force-complain from changelog, as
it looks like that hasn't actually been done in a long time.
Thanks!
** Changed
*** This bug is a duplicate of bug 1485719 ***
https://bugs.launchpad.net/bugs/1485719
** This bug has been marked a duplicate of bug 1485719
Uninitialized struct field in the fix for CVE-2015-5600 causes random auth
failures
--
You received this bug notification because you are a
I have uploaded updated packages to fix this issue to the following PPA:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages
Please test and see if they fix the issue in your environment. If they
do, and they pass QA, I will publish them as security updates tomorrow.
Debdiff looks great, thanks!
Uploaded to wily.
** Changed in: bash (Ubuntu)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1479542
Title:
)
Importance: Undecided
Status: New
** Changed in: openssh (Ubuntu Precise)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: openssh (Ubuntu Trusty)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: openssh (Ubuntu Vivid)
Assignee
I'm sorry, but I can't help you with your issue.
Perhaps you can try asking on http://askubuntu.com or in a support forum
like http://ubuntuforums.org/ .
Since this is a support issue, and not a problem with the unattended-
upgrades package, I am closing this bug.
** Changed in:
Relevant part of your upgrade log:
insserv: warning: script 'K27dcservice' missing LSB tags and overrides
insserv: warning: script 'dcservice' missing LSB tags and overrides
insserv: There is a loop between service dcservice and grub-common if started
insserv: loop involving service grub-common
http://www.ubuntu.com/usn/usn-2694-1/
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcre3 in Ubuntu.
https://bugs.launchpad.net/bugs/1396768
Title:
pcre3 vulnerability CVE-2014, 2015
Status in pcre3 package in Ubuntu:
** Changed in: pcre3 (Ubuntu Precise)
Status: In Progress = Fix Released
** Changed in: pcre3 (Ubuntu Trusty)
Status: In Progress = Fix Released
** Changed in: pcre3 (Ubuntu Utopic)
Status: In Progress = Fix Released
** Changed in: pcre3 (Ubuntu Vivid)
Status: In
I suspect the server doesn't like the long list of curves 1.0.1 has, but
the smaller list in 1.0.2 works.
What's running on the server?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
This is the commit that allows 1.0.2 to connect successfully:
https://git.openssl.org/?p=openssl.git;a=commit;h=f4d1fb776955187a35c3ee36d4413871917c3138
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
** Changed in: openssl (Ubuntu)
Status: Confirmed = Incomplete
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1475228
Title:
openssl/curl error:
OK, so that pretty much confirms that the likely issue is your wireless network
using a small DH.
I'm not quite sure what else to suggest, since the problem isn't client-side.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
OK, I've fixed the test suite and have uploaded it to the PPA. I have
also uploaded a package for precise.
I will release the packages as security updates next week once I have
tested them.
Thanks!
** Changed in: pcre3 (Ubuntu Precise)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur
ACK on the debdiffs, they look good. Thanks!
Uploaded for processing by the SRU team.
** Changed in: openldap (Ubuntu Utopic)
Status: New = In Progress
** Changed in: openldap (Ubuntu Vivid)
Status: New = In Progress
--
You received this bug notification because you are a member
Precise archive is only signed with the old key. To support using the
precise archive in newer releases, such as with debootstrap, we need to
do the following:
1- Make sure Precise's apt supports a double-signed release file
2- Start double-signing the Precise archive
3- Double-sign old ISO *SUMS
** Changed in: ubuntu-keyring (Ubuntu)
Status: New = Confirmed
** Changed in: ubuntu-keyring (Ubuntu)
Importance: Undecided = High
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
The trusty debdiff looks good, but it's failing to compile for me with
the following:
Testsuite summary for PCRE 8.31
# TOTAL: 5
# PASS: 4
#
Forget my trusty comment, I wasn't looking at the right debdiff.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcre3 in Ubuntu.
https://bugs.launchpad.net/bugs/1396768
Title:
pcre3 vulnerability CVE-2014, 2015
Status in
ACK on the wily and vivid debdiffs. I've slightly adjusted the vivid versioning
and have removed the extra lines in the changelog.
Wily is uploaded to the archive, and vivid is uploaded here, awaiting the other
releases:
https://launchpad.net/~ubuntu-security-
Possibly fixed in 3.14.15:
https://git.gnome.org/browse/gtk+/commit/?h=gtk-3-14id=ee7083931f54bade741546adf212036028a59936
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu.
This update causes a regression for me: scrolling the mouse wheel in gtk
apps often skips immediately to the end of the window.
** Tags removed: verification-needed
** Tags added: verification-failed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
Upstream bug:
https://www.sqlite.org/src/info/520070ec7fbaac
Fixed by:
https://www.sqlite.org/src/info/ac5852d6403c9c96
** Information type changed from Private Security to Public Security
** Also affects: sqlite3 (Ubuntu Utopic)
Importance: Undecided
Status: New
** Also affects:
CVE requested:
http://www.openwall.com/lists/oss-security/2015/07/14/5
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sqlite3 in Ubuntu.
https://bugs.launchpad.net/bugs/1448758
Title:
memory corruption/crash in 64bit
This is CVE-2013-7443
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-7443
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sqlite3 in Ubuntu.
https://bugs.launchpad.net/bugs/1448758
Title:
memory
This bug was fixed in the package sed - 4.2.2-6.1
Sponsored for Jackson Doak (noskcaj)
---
sed (4.2.2-6.1) unstable; urgency=medium
* Non-maintainer upload.
* Add multiarch metadata (Closes: 693872)
-- Wookey woo...@debian.org Thu, 09 Jul 2015 01:51:06 +
sed (4.2.2-6)
Looks good, ACK!
Thanks!
** Changed in: sed (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sed in Ubuntu.
https://bugs.launchpad.net/bugs/1476389
Title:
Sync sed 4.2.2-6.1
Issue is caused by alternate certificate chains support introduced in
1.0.2b returning a slightly different error.
** Patch added: openssl-102-compat.patch
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1474541/+attachment/4429349/+files/openssl-102-compat.patch
--
You received this
** Information type changed from Private Security to Public Security
** Changed in: apport (Ubuntu Xenial)
Assignee: Martin Pitt (pitti) => Marc Deslauriers (mdeslaur)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscri
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: steam (Ubuntu)
Status: Fix Released => In Progress
** Changed in: steam (Ubuntu Wily)
Status: Fix Released => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
Uploaded packages for trusty-wily for processing by the SRU team.
** Changed in: steam (Ubuntu Trusty)
Status: Confirmed => In Progress
** Changed in: steam (Ubuntu Vivid)
Status: Confirmed => In Progress
** Changed in: steam (Ubuntu Wily)
Status: Confirmed => In Progress
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Bug watch added: freedesktop.org Bugzilla #92450
https://bugs.freedesktop.org/show_bug.cgi?id=92450
** Also affects: poppler via
https://bugs.freedesktop.org/show_bug.cgi?id=92450
Importance: Unknown
Status: Unknown
** Information type changed from Private Security to Public
201 - 300 of 1108 matches
Mail list logo