Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1564451
Title:
User processes are counted towards systemd limit f
The policykit-desktop-privileges package was changed in 2011 to allow
writing images without a password:
policykit-desktop-privileges (0.7) oneiric; urgency=low
* Allow local admins to do the less harmful usb-creator actions (mounting
and writing image) without a password.
-- Martin Pitt
** Summary changed:
- Cups SSL is vulernable to POODLE
+ Cups SSL is vulnerable to POODLE
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/1505328
Title:
Cups SSL is vulnerabl
Curiously, I can't reproduce that. This is what I get:
$ openssl s_client -connect localhost:631
SSL-Session:
Protocol : TLSv1.2
Cipher: AES256-SHA256
Please attach the output of "apt-cache policy libssl1.0.0" and your
/etc/cups/cupsd.conf
Thanks!
** Information type changed fr
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1475050
Title:
unprivileged guest to host real-root escape
http://www.ubuntu.com/usn/usn-2865-1/
** Information type changed from Private Security to Public Security
** Changed in: gnutls26 (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to g
I can't think of any reason why having a session would be important in
this case, so I think changing allow_any to yes should be fine.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to accountsservice in Ubuntu.
https://bugs.lau
load it to proposed as an SRU.
Thanks!
** Changed in: sudo (Ubuntu)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: sudo (Ubuntu Xenial)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Bug watch added: bugzilla.sudo.ws/ #743
http://bugzilla.sudo.ws/sho
** Also affects: sudo (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: sudo (Ubuntu Xenial)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bug
Packages in the PPA have been successfully tested, and upstream has
commited a slightly more exhaustive fix:
https://www.sudo.ws/repos/sudo/rev/1d13341d53ec
I have uploaded the fix to yakkety.
I have uploaded the fix to xenial for processing by the SRU team.
** Changed in: sudo (Ubuntu)
S
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
I can't reproduce this, which dns server are you using?
** Changed in: dnsmasq (Ubuntu)
Status: New => Incomplete
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
*** This bug is a duplicate of bug 1570310 ***
https://bugs.launchpad.net/bugs/1570310
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a
This may be a dupe of bug 1565567.
Have you tried the sudo package in xenial-proposed? (1.8.16-0ubuntu1.1)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1575239
Title:
sudo
Don't worry about it, I changed it back. :)
** Changed in: sudo (Ubuntu Xenial)
Status: Fix Released => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1565
*** This bug is a duplicate of bug 1565567 ***
https://bugs.launchpad.net/bugs/1565567
Thanks for testing it. Could you please add a comment to bug 1565567
that you tested it successfully? Thanks!
** This bug has been marked a duplicate of bug 1565567
segv in sudo_getgrgid
--
You receive
** Also affects: openldap (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: openldap (Ubuntu Yakkety)
Importance: Medium
Status: Confirmed
** Also affects: openldap (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: openldap (Ubuntu Wily
Thanks for the patched packages!
I've uploaded your changes to yakkety with a slight change in the
changelog to better describe the issue. I've also uploaded updates to
wily and xenial for processing by the SRU team. Thanks!
** Changed in: openldap (Ubuntu Yakkety)
Status: Confirmed => Fi
As per the SRU requirements, could you please update the bug description
with a testing procedure? See here for more information:
https://wiki.ubuntu.com/StableReleaseUpdates
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscri
Current ca-certificates should already have the required CA.
Which version of ca-certificates, and which version of wget are you
trying?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.
I can reproduce this with wget on 12.04, but not on 14.04. Both use the
same version of ca-certificates.
Using openssl directly also works:
openssl s_client -CAfile /etc/ssl/certs/ca-certificates.crt -connect
www.x.org:443
I suspect wget on 12.04 is doing something odd, I'll look into this.
--
Ubuntu 12.04 has wget 1.13.4, which doesn't have support for TLS Server
Name Indication, which was included in 1.14. That needs to get
backported.
** No longer affects: ca-certificates (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which
tus: New => Confirmed
** Changed in: wget (Ubuntu Precise)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Description changed:
+ [Impact]
+ wget in Ubuntu 12.04 doesn't have support for TLS Server Name Indication,
which makes it incompatible with certain sites, includes
It's not useless, it is used by /etc/bash.bashrc to know whether or not
to print the help message if the user has not used sudo before.
As for moving the file to xdg-cache, please file a bug with the upstream
developers here:
https://bugzilla.sudo.ws/index.cgi
Once the bug has been filed, please
in: openssl (Ubuntu)
Status: New => Confirmed
** Changed in: openssl (Ubuntu)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.
If you've added precise-proposed to your /etc/apt/sources.list, all you
need to do is perform the two following commands:
1- apt-get update
2- apt-get install wget
Don't forget to remove precise-proposed from your /etc/apt/sources.list
when you're done.
--
You received this bug notification bec
The debdiff looked fine, but needed fixing. Curl is a particular package
as the last two patches get unapplied during the build to accommodate
for different library backends. New patches need to get added earlier in
the series file.
I've fixed the debdiff, made sure it builds properly, and have up
Thanks for the patch. Could you please prepare a debdiff for trusty and
wily suitable for sponsoring as an SRU?
Thanks!
** Also affects: pcre3 (Ubuntu Wily)
Importance: Undecided
Status: New
** Also affects: pcre3 (Ubuntu Xenial)
Importance: Medium
Status: New
** Also affect
ACK on the debdiffs in comment #9 and #10. I've uploaded them for
processing by the SRU team, but I've added the missing start/stop
dependencies change to the trusty one first.
Thanks!
** Changed in: lvm2 (Ubuntu Trusty)
Status: Triaged => In Progress
** Changed in: lvm2 (Ubuntu Wily)
The GTE CyberTrust Global Root certificate was removed by the following
security update:
http://www.ubuntu.com/usn/usn-2913-1/
Here is some more information on why that CA was removed:
https://blog.mozilla.org/security/2015/01/28/phase-2-phasing-out-certificates-with-1024-bit-rsa-keys/
https://bu
Which eclipse package are you using, and what site are you accessing
that is giving the error?
** Changed in: ca-certificates (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certif
That certificate is not going to be added back. I suggest filing a bug
with Eclipse so that they sign using a different CA, especially since
that one expires in 2018.
The package in trusty-security doesn't contain this certificate. I'm not sure
why you believe it does.
trusty-updates and trusty-s
That link shows the contents of the original ca-certificates package
that shipped with trusty, not the one from trusty-security.
Closing this bug. Thanks!
** Changed in: ca-certificates (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member
Xenial now has 1.8.16, marking released.
** Changed in: sudo (Ubuntu Xenial)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1512781
Ti
ded
Status: New
** Changed in: libsoup2.4 (Ubuntu Trusty)
Status: New => Confirmed
** Changed in: libsoup2.4 (Ubuntu Trusty)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: libsoup2.4 (Ubuntu Wily)
Status: New => Confirmed
** Changed in: libsoup2.4
I've put updated libsoup packages that fix this issue in the security
team PPA here:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages
I'd appreciate if someone could test them to see if they fix evolution-
ews NTLM authentication and comment here. If they test ok, I'
Thanks for testing it Simon!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libsoup2.4 in Ubuntu.
https://bugs.launchpad.net/bugs/1573494
Title:
winbind 4.3.8 has an ntlm_auth that breaks evolution-ews
Status in libsoup:
** Information type changed from Private Security to Public
** Package changed: ubuntu => apt (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1518785
Title:
Root-owne
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: light-locker (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1515662
Title:
Major security issue with light-locker - c
I'm not sure what the attack vector here is. /etc/hostname is only
writeable by root.
Is there any way for an attacker to control /etc/hostname?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.lau
Hi Bryan,
Thanks for the debdiffs!
Where did you obtain the patch from Hanno Boeck from?
** Also affects: gnutls26 (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: gnutls26 (Ubuntu Trusty)
Importance: Undecided
Status: New
--
You received this bug notifi
d => High
** Changed in: gnutls26 (Ubuntu Precise)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: gnutls26 (Ubuntu Trusty)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: gnutls26 (Ubuntu)
Status: New => Fix Released
--
I can't seem to reproduce this. https://www.google.com works fine in an
up-to-date image with Chromium and nss 2:3.21-1ubuntu2.
Could you please give the exact steps require to see this issue?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which i
Publishing as a security update now, thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1510163
Title:
Poodle TLS1.0 issue in Trusty (and Precise)
Status in gnutls26
OK, a few more notes on reproducing this:
1- I can't reproduce this by installing the daily live cd in a VM
2- I can reproduce it successfully by installing the daily live cd on real
hardware
This means it's probably not related to which Google servers are being
hit, and is likely hardware-depen
nss 3.20.1 works, nss 3.21 doesn't.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1520568
Title:
All queries fails when 'google' is used: ERR_SSL_PROTOCOL_ERROR
Status in ch
I can't reproduce this issue in midori at all.
I can reproduce it with https://te-st.ru
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1520568
Title:
All queries fails when '
This part of the patch is wrong:
@@ -895,18 +922,6 @@ _cupsSetDefaults(void)
* Look for ~/.cups/client.conf...
*/
- snprintf(filename, sizeof(filename), "%s/.cups/client.conf", home);
- fp = cupsFileOpen(filename, "r");
-}
-else
- fp = NULL;
-
-if (!fp)
-
Uploaded same fix to Wily for processing by the SRU team.
** Description changed:
+ [Impact]
+
+ On systems with a long hostname, nano either segfaults or refuses to
+ work properly.
+
+ [Test Case]
+ 1- set a long hostname with "hostname thisisareallyreallyreallylonghostname"
+ 2- try and edit
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for your comments. This does not appear to be a bug report and we
are closing it. We appreciate the difficulties you are facing, but it
would make more sense to raise your question in the support tracker.
Please visit https://answers.launchpad.net/ubuntu/+addquestion
** Information type cha
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
ACK on the updated debdiff, thanks!
I've changed my mind, and will release it as a security update after all
if testing goes well.
Thanks!
** Changed in: cups (Ubuntu Trusty)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
--
You received this bug notification because y
*** This bug is a security vulnerability ***
Public security bug reported:
USN-2834-1 contained a fix for CVE-2015-7499, but did not contain the
following subsequent commit:
https://git.gnome.org/browse/libxml2/commit/?id=ce0b0d0d81fdbb5f722a890432b52d363e4de57b
See post from Tom Lane here:
ht
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1482786
Title:
man-db daily cron job TOCTOU bug when proces
This is CVE-2015-7946
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-7946
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity8 in Ubuntu.
https://bugs.launchpad.net/bugs/1525981
Title:
Device can b
OK, so that pretty much confirms that the likely issue is your wireless network
using a small DH.
I'm not quite sure what else to suggest, since the problem isn't client-side.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to o
)
Importance: Undecided
Status: New
** Changed in: openssh (Ubuntu Precise)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: openssh (Ubuntu Trusty)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: openssh (Ubuntu Vivid)
As
*** This bug is a duplicate of bug 1485719 ***
https://bugs.launchpad.net/bugs/1485719
** This bug has been marked a duplicate of bug 1485719
Uninitialized struct field in the fix for CVE-2015-5600 causes random auth
failures
--
You received this bug notification because you are a member
I have uploaded updated packages to fix this issue to the following PPA:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages
Please test and see if they fix the issue in your environment. If they
do, and they pass QA, I will publish them as security updates tomorrow.
T
Debdiff looks great, thanks!
Uploaded to wily.
** Changed in: bash (Ubuntu)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1479542
Title:
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Since you managed to get this to work, I am closing this bug. Thanks!
** Changed in: cups (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
ibxml2 (Ubuntu Vivid)
Status: New => Confirmed
** Changed in: libxml2 (Ubuntu Wily)
Status: New => Confirmed
** Changed in: libxml2 (Ubuntu Xenial)
Status: New => Confirmed
** Changed in: libxml2 (Ubuntu Precise)
Assignee: (unassigned) => Marc Deslauriers (mde
The gnutls26 security update disabled md5 support. Are you sure one of your
server certs isn't using md5?
Could you perhaps attach them here?
** Changed in: gnutls26 (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Touch seeded p
Perhaps try:
gnutls-cli -p 636 xx.xx.xx.xx
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1534230
Title:
LDAP TLS connection stopped working
Status in gnutls26 package
Oh, unfortunately not. I was hoping gnutls-cli would print out the
certs, but it appears it stops before it gets a chance to.
Perhaps:
openssl s_client -connect xx.xx.xx.xx:636
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
ok, since you haven't pasted the actual certs, you need to run both of
them though "openssl x509 -noout -text" and see what it lists as the
"Signature Algorithm".
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in Ubu
Yep, unfortunately those are signed with md5, so it's normal that gnutls
will no longer connect.
You need to request those certs be changed, and use the older version of
gnutls26 in the meantime.
Since this is expected behaviour, I am closing this bug. Thanks!
** Changed in: gnutls26 (Ubuntu)
ACK on the debdiff in comment #1, uploading now. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to wpa in Ubuntu.
https://bugs.launchpad.net/bugs/1517040
Title:
wpa 2.4 misses one patch from Debian to improve 2.4/5 GH
Merge looks good. Uploading. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1532648
Title:
Please merge openldap 2.4.42+dfsg-2 (main) from Debian testing (main)
901 - 1000 of 1125 matches
Mail list logo