Oh, I seem to have overlooked that one. We are hitting the exact same
issue with the new postgresql releases, so it's unrelated to the pam
SRU:
https://bugs.launchpad.net/ubuntu/+source/postgresql-12/+bug/1928773/comments/2
--
You received this bug notification because you are a member of
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary file reads
Status in apport
** Changed in: apport (Ubuntu Impish)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
I think the patch in comment #1 looks reasonable.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1928989
Title:
expiring trust anchor compatibility issue
Status in
Autopkgtests in comments #14 to #17 passed on retries except for openssh
which appears to be failing because of a date issue, which is unrelated
to the pam SRU.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
It's possible in certain upgrade scenarios that the certs have been
permanently blacklisted on your system.
Look at the /etc/ca-certificates.conf file to see if the following two
lines start with a "!" character:
mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt
No, GeoTrust Global CA is no longer to be used and has been removed from
the CA list as requested by DigiCert.
Please see:
https://bugzilla.mozilla.org/show_bug.cgi?id=1670769
** Bug watch added: Mozilla Bugzilla #1670769
https://bugzilla.mozilla.org/show_bug.cgi?id=1670769
--
You received
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1912326
Title:
Privilege escalation to root with core
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Updated for this issue have been released:
https://ubuntu.com/security/notices/USN-4738-1
** Changed in: openssl (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: openssl (Ubuntu)
Status: New => Confirmed
** Changed in: openssl (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
** Changed in: apport (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1904082
Title:
apport's log collecting leaks MAC addresses
I've read through this bug and I don't see a good way forward with a
solution here. OpenSSL 1.1.1 doesn't provide the exact API that is
required to solve it, which would probably be 3) as suggested above, but
I don't think Ubuntu should change the meaning of the value returned by
that API.
Ubuntu
The python2.7 security updates that will be released today will fix this
issue.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1899878
Title:
Python's test_ssl fails
Please disregard comment #9, this is a different issue.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1899878
Title:
Python's test_ssl fails starting from Ubuntu 20.04
New updates have been released with a fixed security patch:
https://ubuntu.com/security/notices/USN-4754-4
** Changed in: python2.7 (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
I have backported the patches and have some packages to test in the
security team PPA here:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages
Could you please see if they solve the issue for you? Once you've tried
them, I will release them as a security regression
So it looks like there are two different issues here:
Bug in handling multiple queries (openwrt bug):
Move fd into frec_src, fixes 15b60ddf935a531269bb8c68198de012a4967156
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=04490bf622ac84891aad6f2dd2edf83725decdee
Fix to
Debdiff in comment #5 looks good. There was a missing double space
between your email and the date in debian/changelog that was causing a
lintian error.
I fixed the missing space and uploaded it to hirsute.
Thanks!
** Changed in: sudo (Ubuntu)
Status: In Progress => Fix Committed
--
Thanks for reporting this issue, but we disabled SSLv3 in 2015 in Ubuntu
16.04 LTS. There is absolutely no chance we will be enabling it again.
** Changed in: openssl (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
No, they do not include the fixes from this bug.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1921518
Title:
OpenSSL "double free" error
Status in openssl package in
I'd rather these go through the SRU process first, and they will get
picked up automatically next time we do an openssl security update.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1933832
Title:
Path traversal leads to arbitrary file
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1934308
Title:
Arbitrary file read in general hook
** Information type changed from Private Security to Public Security
** Changed in: apport (Ubuntu)
Status: Incomplete => Confirmed
** Changed in: apport (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
** Changed in: openssh (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1937883
Title:
ssh-agent Shielded Private Key Extraction
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1934501
Title:
CVE-2018-15473 patch introduce user
Here's the debconf bug report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1934501
Title:
CVE-2018-15473
This isn't specific to the openssh update. Debian packages use tools
such as debconf that need to write to /tmp to function correctly.
** Bug watch added: Debian Bug tracker #223683
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683
--
You received this bug notification because you are
)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Focal)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Hirsute)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-cer
*** This bug is a security vulnerability ***
Public security bug reported:
USN-5079-1 introduced a regression in bionic:
https://ubuntuforums.org/showthread.php?t=2467177
Focal+ appear to work as intended.
** Affects: curl (Ubuntu)
Importance: Undecided
Status: New
--
You
** Changed in: libcaca (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libcaca in Ubuntu.
https://bugs.launchpad.net/bugs/1923273
Title:
buffer-overflow on
** Changed in: ca-certificates (Ubuntu Impish)
Status: New => Fix Committed
** Changed in: ca-certificates (Ubuntu Trusty)
Status: New => Fix Released
** Changed in: ca-certificates (Ubuntu Xenial)
Status: New => Fix Released
--
You received this bug notification because
** Changed in: openjdk-13 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-14 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-15 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-16 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-17
It's "low" because I don't believe our use of busybox runs untrusted awk
scripts.
There are test packages available in the security team PPA here:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages
They will probably be released this week.
--
You received this bug
This update needs to go in the -security pocket since it is a security
fix, but it likely can't just be copied, it would need to be rebuilt.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to qtbase-opensource-src in
Ubuntu.
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1944788
Title:
URI defined for connectivity check is
If you look into the openvpn configuration file that Network Manager
creates for your connection in /etc/NetworkManager/system-connections,
could you please paste the [ipv4] and [ipv6] sections?
** No longer affects: ubuntu
** Changed in: network-manager (Ubuntu)
Status: New =>
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Older releases of Ubuntu used a group called "admin" instead of "sudo"
which is the name Debian chose later on.
We need to maintain the "admin" group rights in our sudoers file for
people upgrading from earlier Ubuntu releases. If we remove it, they
will no longer have sudo rights after
*** This bug is a security vulnerability ***
Public security bug reported:
This is the tracking bug for the October 2021 security udpdate.
** Affects: apport (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch
** Changed in: apport (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1948657
Title:
Oct 2021 security update tracking bug
This was released today: https://ubuntu.com/security/notices/USN-5179-1
** Changed in: busybox (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to busybox in Ubuntu.
Hi, thanks for preparing the package, but to be sponsored the
debian/changelog needs a better description than "PPA upload". Could you
please update it with an appropriate changelog including the patch name,
what the patch does, and a LP tag to this bug?
Thanks!
--
You received this bug
Oh! Right, I didn't notice it was just an extra changelog entry for the
ppa.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1945795
Title:
krb5: Fail to build against
ACK on the package. Looks good, uploaded. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1945795
Title:
krb5: Fail to build against OpenSSL 3.0
Status in krb5
nfo: source changed by Marc Deslauriers
dpkg-source --before-build .
dpkg-source: warning: can't parse dependency perl:native
dpkg-source: error: diff 'openssl-1.1.1f/debian/patches/pr12272.patch'
patches files multiple times; split the diff in multiple files or merge the
hunks into a single
The new dependency on libopengl0 is expected. The new version of
WebKitGTK fixed opengl detection and the new dependency is now required.
I am going to re-assign this bug to unattended-upgrades. If it's not
willing to install new dependencies, it definitely should get fixed as
some security
> To upgrade to webkit2gtk 2.34.6-0ubuntu0.20.04.1, u-a must install
libopengl0, either 1.3.1-1 from the main archive or
1.3.2-1~ubuntu0.20.04.1 from -updates. However, -updates is not a
trusted source for u-a when configured like this, so the only candidate
is 1.3.1-1. Unfortunately libopengl0
** Package changed: unattended-upgrades (Ubuntu) => webkit2gtk (Ubuntu)
** Changed in: webkit2gtk (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
I just rebuilt and released libglvnd binaries into the -security pocket.
This includes the libopengl0 binary package. This should allow
unattended-upgrades to install libopengl0 automatically when pulling in
the webkitgtk update.
--
You received this bug notification because you are a member of
Any updates on this?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1958284
Title:
shutdown hangs at "Waiting for process: ..." for 90s, ignoring
DefaultTimeoutStopSec
** Changed in: poppler (Ubuntu)
Status: New => Confirmed
** Changed in: poppler (Ubuntu)
Importance: Undecided => Low
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to poppler in Ubuntu.
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1960736
Title:
Libnss3 doesn't log SEC_ERROR_UNKNOWN_PKCS11_ERROR
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
ACK, other changes look good. Synced. Thanks!
** Changed in: audit (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to audit in Ubuntu.
https://bugs.launchpad.net/bugs/1961981
Title:
This update will fix CVE-2022-0778, so the security team is interested
in seeing it in jammy.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0778
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in
ACK on the two PR9780* patches, but I must say I'm a bit uncomfortable
making a bug fix optional (which is what is done in the lp1940141*
patches).
While it does change what is returned to the client, that part shouldn't
be there in the first place. While it's nice to be overly cautious, we
don't
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for reporting this. I don't see that attached reproducer. Could
you please attach it again?
** Changed in: binutils (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see
I believe the problem is here:
auth sufficient pam_faillock.so authsucc
sufficient = "A failure of a sufficient module is ignored and processing
of the PAM module stack continues unaffected."
So if you want pam_faillock to be able to reject authentication
attempts, it needs to be:
auth
Oh, so the other alternative is to leave the following after the "auth
sufficient pam_faillock.so authsucc":
auth requisite pam_deny.so
The example in the manpage uses pam_deny.so, so that's why it works.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
ACK from the security team to pocket-copy to -security.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
https://bugs.launchpad.net/bugs/1965791
Title:
Update tzdata to version 2022a
Status in tzdata
ACK from the security team on the changes in the MP.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
Title:
SSH 1.99 clients fail to connect to openssh-server
Thanks, I've added it to our tracker now.
** Information type changed from Private Security to Public Security
** Changed in: nss (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss
I have tested the lunar-proposed package (2.4.2-3ubuntu2.3), and after
updating the package, and recreating the printer, it now defaults to
printing in colour when using Okular.
** Tags removed: verification-needed verification-needed-lunar
** Tags added: verification-done verification-done-lunar
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
This was published here:
https://ubuntu.com/security/notices/USN-5427-1
Thanks!
** Changed in: apport (Ubuntu)
Status: In Progress => Fix Released
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of
)
Importance: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: In Progress
** Affects: ca-certificates (Ubuntu Focal)
Importance: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: In Progress
** Affects: ca-certificates (Ubuntu Impish)
Importance
Changed in: ca-certificates (Ubuntu Bionic)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Focal)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Impish)
Assignee: (unassigned) => Ma
*** This bug is a security vulnerability ***
Public security bug reported:
This bug is to track the security update that will contain these
possibly security-relevant commits:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e2b0f0d8d63e1223bb714a9efb37e2257818268b
This is also required:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/profiles/audio/avdtp.c?id=0388794dc5fdb73a4ea88bcf148de0a12b4364d4
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bluez in Ubuntu.
My understanding is the Debian experimental version doesn't support both
at the same time, it's one or the other depending on which binary
package you install. We definitely don't want that.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
There is an openssl security update announced for June 21st. If the
package in -proposed doesn't get tested and switched to "verification-
done", it will be superseded by a security update once again.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
** Information type changed from Private Security to Public Security
** Also affects: accountsservice (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: accountsservice (Ubuntu Kinetic)
Importance: High
Status: Fix Released
** Changed in: accountsservice
** Bug watch added: Debian Bug tracker #1009927
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009927
** Also affects: krb5 (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009927
Importance: Unknown
Status: Unknown
** Changed in: krb5 (Ubuntu)
Status:
Oh, so it only copies the file over on new installs, that makes sense,
and could be easily changed in stable releases.
I have no big preference, but perhaps it would be good to have it SRUed
to 22.04.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
** Changed in: tiff (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tiff in Ubuntu.
https://bugs.launchpad.net/bugs/1971001
Title:
Multiple vulnerabilities in Trusty, Xenial,
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
Unfortunately the package in bionic-proposed got superseded by a
security update and will need to be re-uploaded.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1940141
I'm setting the status of this bug as "incomplete". Please let us know
if that solved the problem for you or not. Thanks!
** Changed in: policykit-1 (Ubuntu)
Status: New => Incomplete
** Changed in: systemd (Ubuntu)
Status: New => Incomplete
--
You received this bug notification
Systemd has a bunch of "imply" rules on other actionstry adding the
following:
[Disable more reboot actions]
Identity=unix-user:*
Action=org.freedesktop.login1.reboot-ignore-inhibit;org.freedesktop.login1.set-reboot-*
ResultActive=no
ResultInactive=no
ResultAny=no
--
You received this bug
** Changed in: apport (Ubuntu Eoan)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1885633
Title:
[ZDI-CAN-11233]: apport Unnecessary
Great, thanks!
** Changed in: policykit-1 (Ubuntu)
Status: Incomplete => Invalid
** Changed in: systemd (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
We do not want policykit to use the unmaintainable mozjs backend. That
would be a hard NACK from the Security Team.
The duktape backend has been merged upstream. So in order to sync this
to Ubuntu, the following must be done:
1- Get Debian to switch to the duktape backend
2- Get Debian to
** Bug watch added:
gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues #840
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/840
** Also affects: network-manager via
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/840
Importance:
** Changed in: openafs (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279
Title:
linux from security may force
This was addressed in the python packages in Jammy.
We will not be enabling PIE in the stable releases, so I am marking those
particular tasks as Won't Fix.
Thanks!
** Changed in: python3.6 (Ubuntu)
Status: Confirmed => Won't Fix
** Changed in: python3.7 (Ubuntu)
Status:
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
I also don't think this is a blocker anymore, as long as polkitd-pkla is
a strong dependency in Ubuntu, so we don't inadvertently stop shipping
it. It would be nice to get a similar list of packages in Ubuntu, as I
suspect we have many more than Debian. We may also need to update the
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: qtbase-opensource-src (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to qtbase-opensource-src in
Ubuntu.
https://bugs.launchpad.net/bugs/1987336
Title:
Multiple
901 - 1000 of 1108 matches
Mail list logo