Google has assigned CVE-2024-6284 to describe this issue. Many thanks to
Michael from upstream for the assignment and to Cyril for raising the
need \o/
The fix for https://github.com/google/nftables/issues/225 is
https://github.com/google/nftables/commit/d746ecb0e494e7200180c3886fde9664d9100729
Please refer to this issue as CVE-2024-6388.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-6388
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2068944
Title:
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2067973
Title:
A series of infinite loop vulnerabilities in the os_ken
To manage
Marking public https://ubuntu.com/security/CVE-2022-30333
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-30333
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Cyril, upstream has agreed to assign a CVE. That will alert the Go
ecosystem and distros to the issue and fix \o/
I will update you when I learn more.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Thank you for taking the time to report this Cyril.
Do you know if Google intends to assign a CVE?
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Is Ubuntu affected by default or is this an administrative choice?
https://www.openwall.com/lists/oss-security/2024/05/30/3
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Andreas asked that I re-verify that Ubuntu Security wishes to make this
change through SRU. We do.
Since the regression was inherited from sid, it feels most appropriate
to SRU a change into -updates. Also, since a working 5.6 patch for
CVE-2019-14318 does not exist we do not have a fix for the
Marking this as invalid, since devel is not affected. Only focal is
affected.
** Package changed: libcrypto++ (Ubuntu) => ubuntu
** Changed in: ubuntu
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Sounds good!
The impact does sound low. Mostly I recommend CVEs if you want to make
sure that downstreams apply a security patch.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/129133
Title:
Hi @zyw o/
_If_ your project wants, I'm happy to assign and publish a CVE for this.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/129133
Title:
mc uses predictable temp directory path
To
*** This bug is a duplicate of bug 1987842 ***
https://bugs.launchpad.net/bugs/1987842
Please refer to this issue as CVE-2022-4968.
Marking this bug as a duplicate to
https://bugs.launchpad.net/netplan/+bug/1987842
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-4968
**
Focal (20.04) and Jammy (22.04) swaylock versions are affected
https://ubuntu.com/security/CVE-2022-26530
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-26530
** Information type changed from Private Security to Public Security
--
You received this bug notification because
*** This bug is a duplicate of bug 2045931 ***
https://bugs.launchpad.net/bugs/2045931
Ack, thanks for the explanation.
** Tags added: regression-security regression-update
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
@vorlon answered why in
https://bugs.launchpad.net/ubuntu/+source/blueman/+bug/2046084/comments/7
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2046116
Title:
bluetooth device connected but not
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064966
Title:
"accept_source_route" enabled by default in 24.04
To manage
@vanvugt, @vorlon, why is this marked as a regression?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2046116
Title:
bluetooth device connected but not recognised as output device
To manage
*** This bug is a duplicate of bug 2045931 ***
https://bugs.launchpad.net/bugs/2045931
This is not a security regression. This is upstreams fix to prevent
https://github.com/skysafe/reblog/blob/main/cve-2024-0230/README.md
If you wish to to enable legacy devices (and the vulnerability) with
** Description changed:
[ Impact ]
Focal's libcrypto++ 5.6.4-9 regresses elliptic curve generation. Uploading
this version from Debian appears to have been a mistake.
This is a security regression, but was not published through the security
pocket.
As far as I am aware,
** Description changed:
[ Impact ]
Focal's libcrypto++ 5.6.4-9 regresses elliptic curve generation. Uploading
this version from Debian appears to have been a mistake.
This is a security regression, but was not published through the security
pocket.
As far as I am aware,
Public bug reported:
[ Impact ]
Focal's libcrypto++ 5.6.4-9 regresses elliptic curve generation. Uploading
this version from Debian appears to have been a mistake.
This is a security regression, but was not published through the security
pocket.
As far as I am aware, Debian only packaged
** Attachment added: "main.cpp"
https://bugs.launchpad.net/ubuntu/+source/libcrypto++/+bug/2064751/+attachment/5774479/+files/main.cpp
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064751
Title:
** Patch added: "libcrypto++_5.6.4-9ubuntu1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/libcrypto++/+bug/2064751/+attachment/5774481/+files/libcrypto++_5.6.4-9ubuntu1.debdiff
** Also affects: libcrypto++ (Ubuntu Focal)
Importance: Undecided
Status: New
--
You received this
This has been addressed in the LXD snaps 5.21/stable
(https://github.com/canonical/lxd-pkg-snap/commit/764ee08b) and 5.0/edge
(https://github.com/canonical/lxd-pkg-snap/commit/bfe4270e).
All LXD software before version 4 are not affected.
Jammy, Mantic, and Noble do not have debs. Focal's deb is
This impacts all arm64 installs, not just raspberry pi.
The MIR for qrtr and protection-domain-mapper [0] was requested late in
the Mantic cycle and was only approved by Security since it was promised
to only be used for x13s hardware enablement. Hopefully Qualcomm IPC is
only enabled for x13s
http-parser has been deprecated [0] for llhttp [1] in libgit2 \o/
[0] https://github.com/libgit2/libgit2/issues/6074
[1] https://github.com/libgit2/libgit2/pull/6713
** Bug watch added: github.com/libgit2/libgit2/issues #6074
https://github.com/libgit2/libgit2/issues/6074
--
You received
Thank you!
This was mistriaged as not affecting Ubuntu, which has been corrected:
https://git.launchpad.net/ubuntu-cve-
tracker/commit/?id=83e00d6f10a8f7a234751a97f87a62c88d0143cb
I have messaged Debian Security to track this as well.
** CVE added:
** Changed in: jq (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2063014
Title:
CVE-2023-50246 and CVE-2023-50268
To manage notifications about this bug
CVE-2023-50246 only affects jq >= 1.7 until 1.7.1. That issue was
introduced with cf4b48c7ba30cb30e116b523cff036ea481459f6. Mantic (23.10)
has jq version 1.6-3 and Noble (24.04) has 1.7.1-3build1. This is why
unaffected versions are labeled as "Not vulnerable (code not present)"
on
I reviewed libyuv 0.0~git202401110.af6ac82-1 as checked into noble. This
shouldn't be considered a full audit but rather a quick gauge of
maintainability.
libyuv is an open source project that includes YUV scaling and
conversion functionality.
- CVE History:
- none
- open bug reports are not
** Tags added: sec-4083
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2061750
Title:
[MIR] python-s3transfer as indirect dependency of simplestreams
(simplestreams -> python-boto3 ->
** Tags added: sec-4084
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2061751
Title:
[MIR] python-botocore as indirect dependency of simplestreams
(simplestreams -> python-boto3 ->
** Tags added: sec-4082
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2061217
Title:
[MIR] python-boto3 as a dependency of simplestreams
To manage notifications about this bug go to:
Hello, the MIR process says any MIRs assigned to the security team after
the Beta Freeze deadline need to be discussed with the Director of
Security Engineering:
For a MIR to be considered for a release, it must be assigned to the
Security team (by the MIR team) before Beta Freeze. This
There is a strong chance that
https://bugs.launchpad.net/ubuntu/+source/libcrypto++/+bug/1893934 is
related to the incomplete CVE-2019-14318 patch regression.
I plan to propose an SRU to effectively downgrade this regressed package
to 5.6.4-8.
Please see
When is Security review absolutely needed by? Is April 17th, the day
before Final Freeze okay? Would that give Foundation's enough time to
promote to main?
There may not be enough time for Security to complete a review by Final
Freeze, but we are looking for someone to take this asap.
--
You
Setting to In Progress per
https://bugs.launchpad.net/ubuntu/+source/libmail-dmarc-
perl/+bug/2023971/comments/28
** Changed in: libemail-mime-perl (Ubuntu)
Status: Won't Fix => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
** Tags added: sec-4053
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2004516
Title:
[MIR] libyuv (transitive dependency of libheif)
To manage notifications about this bug go to:
** Tags added: sec-4054
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2060035
Title:
[MIR] msgraph
To manage notifications about this bug go to:
Debian `libcrypto++` 5.6.4-9 introduced a security patch for
CVE-2019-14318.
According to a post in 2019 ,
https://github.com/weidai11/cryptopp/issues/869, the CVE-2019-14318
patch for 5.6.4 was incomplete. A comment in a later 2020 issue mentions
that the 2019 8.3 patch was broken:
With fresh amd64 VMs using the latest Ubuntu point releases, I was able
to reproduce your report on Ubuntu Focal 20.04.06 (`libcrypto++` version
5.6.4-9build1). Both Bionic 18.04.06 (`libcrypto++` version 5.6.4-8) and
Jammy 22.04.04 (`libcrypto++` version 8.6.0-2ubuntu1) had the expected
result.
*** This bug is a security vulnerability ***
Public security bug reported:
This issue was reported to the Security team over email and originally
posted to https://github.com/weidai11/cryptopp/issues/1269
> I typically never use Crypto++, but I had to yesterday, and I then
> experienced a
A fix has been released to Noble proposed and the CVE has been
published.
https://launchpad.net/ubuntu/+source/grub2/2.12-1ubuntu7
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
I believe this issue can be set to In Progress and is ready for
promotion to main.
@didrocks, @slyon: please ping me if anything is needed from Security.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I am posting this Security MIR on behalf of Sudhakar Verma (@sudhackar)
since he is out of the office.
---
I reviewed authd 0.2.1 as checked into noble. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
authd is a service that builds cloud based
I reviewed trace-cmd 3.2-1 as checked into noble. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
> TRACE-CMD: The front-end application to Ftrace. The back-end
application to KernelShark.
- CVE History
- none
- Build-Depends
- most are for docs
-
I reviewed libtraceevent 1:1.8.2-1 as checked into noble. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
> libtraceevent - Linux kernel trace event library
- CVE History:
- none
- Build-Depends?
- nothing concerning
- most dependencies are for
Per MIR Team's #3 requirement, the described issue was patched on May
20th 2020 (although the GH bug remains open). There are three commits: a
fix, a test, and documentation. These landed in upstream version 1.947.
Please see https://github.com/rjbs/Email-
MIME/issues/66#issuecomment-2019041975
Public bug reported:
If pam_pwqaulity is restrictively set a user can still be created by
adduser without a password.
e.g.,
```
eslerm@mino:~$ cat /etc/pam.d/common-password |grep pwquality
password requisite pam_pwquality.so retry=3 minlen=8 maxrepeat=3 ucredit=-1
lcredit=-1 dcredit=-1
Public bug reported:
If pam_pwqaulity is restrictively set a user can still be created by
adduser without a password.
e.g.,
```
eslerm@mino:~$ cat /etc/pam.d/common-password |grep pwquality
password requisite pam_pwquality.so retry=3 minlen=8 maxrepeat=3 ucredit=-1
lcredit=-1 dcredit=-1
Thanks Wouter
It appears nbd-client existed in main at some point http://old-
releases.ubuntu.com/ubuntu/pool/main/n/nbd/ (thanks Seth).
Between this MIR and tree's LP#2056099 I am concerned that Security is
being bypassed as NN approaches. That's not to say anything is wrong
with how nbd-client
Security is not asking to review this for NN, but this might have odd
code.
```
/* Should probably use strdup(), but we like our xmalloc() */
#define scopy(x)strcpy(xmalloc(strlen(x)+1),(x))
```
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Was -server code ever reviewed by a MIR?
The client contains many ioctl calls.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054480
Title:
[MIR] nbd-client
To manage notifications about this bug
There are unnecessary crates being vendored. I filed an upstream issue:
https://gitlab.gnome.org/GNOME/snapshot/-/issues/137
This causes a bandwidth strain on mirrors or wherever the source package
is needed.
To be clear, this is not a Security issue and does not impact Security's
review (since
The upstream chain for fdk-aac-free is precarious.
The Debian package fdk-aac-free watches
https://gitlab.freedesktop.org/wtaymans/fdk-aac-stripped/ This version
specifically removes the HE (High Efficiency) and HEv2 profiles which
have patent concerns (see README.fedora).
This version does not
Thank you @seb128. I was asked to get your feedback before completing
the Security review. Get well soon!
Security team ACK for promoting dbus-broker to main, under the condition
that src:dbus' binary packages are split as described by @paelzer in
comment #19.
--
You received this bug
I reviewed bpftrace 0.20.1 as checked into noble. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
> bpftrace is a high-level tracing language for Linux enhanced Berkeley
Packet Filter (eBPF) available in recent Linux kernels (4.x). bpftrace
uses LLVM as a
Assigning to Security early, so that this is not blocked for 24.04.
After Feature Freeze, if the MIR Team has requirements for a package,
but is reasonably sure that the owning-team will accomplish them, please
assign MIRs to the Security team immediately.
** Changed in: bpftrace (Ubuntu)
I reviewed bpfcc 0.29.1+ds-1ubuntu2 as checked into noble. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
- CVE History
- no CVEs tracked in UCT, initially
- searching for "bcc" CVEs finds false-positives
- Build-Depends
- nothing concerning
-
@seb128, could you please review the recent discussion?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2015538
Title:
[MIR] dbus-broker
To manage notifications about this bug go to:
Apologize for not responding earlier! This slipped through my emails.
> I know Canonical is also Root CNA, why are you redirecting to another
CNA?
Canonical is a CNA, not a Root CNA.
I don't see how an _unprivileged_ attacker could leverage this bug to be
a vulnerability. A clear proof of
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1231178
Title:
Altec Lansing speakers remote control not working
To manage notifications
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/927225
Title:
Yukon Optima 88E8059 fails to come up as a network interface when
system is
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884207
Title:
Wifi Enterprice Login Page does not appear at connect
To manage
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1696859
Title:
package linux-image-4.10.0-22-generic (not installed) failed to
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1919150
Title:
My keyboard stop working
To manage notifications about this bug go to:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1904391
Title:
Touchpad and Keyboard not detectable in the new kernel
To manage
** Tags added: sec-3932
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2051850
Title:
[MIR] trace-cmd
To manage notifications about this bug go to:
** Tags added: sec-3931
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2051916
Title:
[MIR] promote libtraceevent as a trace-cmd dependency
To manage notifications about this bug go to:
Some of the bpf tools do not work on mantic.
e.g. `/usr/sbin/tcptop-bpfcc` from `bpfcc-tools` does not work, but
`/usr/sbin/tcptop` from `libbpfcc` does (on mantic)
Kernel configs and pahole version used to build mantic's kernel should
be okay
** Changed in: gnome-snapshot (Ubuntu)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
** Tags added: sec-3916
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2052652
Title:
A centralized vendor-linter is the best longterm option. Toolchains
needs more resources before they can provide a solution (FR-6859).
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2048781
Title:
Máté, could you please see if the rational can be broadened for FO147?
I suspect that libbpf-tools is also important.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2052813
Title:
[MIR] bpfcc
To
Promoting bpfcc-tools and bpftrace is driving promotion of bpfcc based
on FO147.
Also, bpftrace's /usr/sbin/*.bt files re-implement bpfcc-tools with
bpftrace.
Assigning to Security for MIR, with root-use scope kept in mind. Only
code for libbpfcc and bpfcc-tools will be reviewed.
** Changed in:
** Tags added: sec-3898
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2052809
Title:
[MIR] bpftrace
To manage notifications about this bug go to:
** Tags added: sec-3897
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2052813
Title:
[MIR] bpfcc
To manage notifications about this bug go to:
Thanks @didrocks!
I added a comment to the upstream cargo issue based on advice from
toolchains and ~Rust [0]. This issue is also raised in ubuntu-mir [1].
I'll mention this at the next MIR meeting.
[0] https://github.com/rust-lang/cargo/issues/11929#issuecomment-1960081509
[1]
==
Ubuntu Security Notice USN-6638-1
February 15, 2024
edk2 vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
==
Ubuntu Security Notice USN-6540-1
December 07, 2023
bluez vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-6410-1
October 04, 2023
grub2-signed, grub2-unsigned vulnerabilities
==
A security issue affects these releases of Ubuntu
==
Ubuntu Security Notice USN-6355-1
September 08, 2023
grub2-signed, grub2-unsigned, shim, and shim-signed vulnerability
==
A security issue affects
==
Ubuntu Security Notice USN-6323-1
August 31, 2023
frr vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5801-1
January 12, 2023
vim vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5775-1
December 12, 2022
vim vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5770-1
December 08, 2022
gcc-5, gccgo-6 vulnerability
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5723-1
November 14, 2022
vim vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5659-1
October 05, 2022
kitty vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
==
Ubuntu Security Notice USN-5587-1
September 01, 2022
curl vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5573-1
August 18, 2022
rsync vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5535-1
July 28, 2022
Intel Microcode vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5531-1
July 26, 2022
protobuf-c vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5499-1
July 01, 2022
curl vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5478-1
June 14, 2022
util-linux vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5464-1
June 07, 2022
e2fsprogs vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5451-1
May 31, 2022
influxdb vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5438-1
May 23, 2022
htmldoc vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
96 matches
Mail list logo
