** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1947853
Title:
ubuntu20.04 crash
To manage notifications about this bug go to:
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1947994
Title:
MySQL Server Multiple Vulnerabilities
To manage notifications
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Hello, in addition to the hardware errors that appear in your logs,
please note that 16.04 is no longer in standard support, but in ESM --
you'd probably be best served to use a 20.04 installer when you've
addressed your hardware problems.
Thanks
--
You received this bug notification because
Thank you for taking the time to report this bug and helping to make
Ubuntu better. Reviewing your dmesg attachment to this bug report it
seems that there may be a problem with your hardware. I'd recommend
performing a back up and then investigating the situation. Measures you
might take
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1947489
Title:
grub-instailer
To manage notifications about this bug go to:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1947594
Title:
INSTALATION FAILURE
To manage notifications about this bug go to:
Hello Andrew, I don't understand what exactly is broken; your logs show
a lot of AppArmor profiles loading without trouble.
What are you trying to do? What's going wrong?
Thanks
** Changed in: apparmor (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you
Public bug reported:
Hello,
Periodically our OpenVPN sessions fail in such a way that automated
tooling that talks to Launchpad will take minutes before timing out.
See https://portal.admin.canonical.com/132804 for details.
We've found that manually disabling ipv6 helps, eg:
sudo sysctl -w
** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1937004
Title:
Add additional Mediatek MT7921 WiFi/BT device IDs
To manage notifications
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1947469
Title:
i am not able to use touchpad and inbuilt sound as well as headphones
To
** Package changed: ca-certificates (Ubuntu) => ubuntu-release-upgrader
(Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1947394
Title:
package ca-certificates 20210119ubuntu0.21.04.1 failed
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1947348
Title:
i was installing ubunto on my device than it said my installation is
My inclination is to treat these fixes as hardening steps rather than
security fixes.
Thanks
** Information type changed from Private Security to Public Security
** Changed in: power-profiles-daemon (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1947061
Title:
En el proceso de instalación reporta error grave en la creación del gl
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
I reviewed python-prometheus-client 0.9.0-1 as checked into impish. This
shouldn't be
considered a full audit but rather a quick gauge of maintainability.
python-prometheus-client is a middleware layer to provide metrics for
openstack software. (It could probably be asked to work outside the
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946784
Title:
Le systeme a planté pendant l'installation
To manage notifications about
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946683
Title:
package systemd-timesyncd 245.4-4ubuntu3.13 failed to install/upgrade:
** Package changed: debian-installer (Ubuntu) => ubiquity (Ubuntu)
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946682
Title:
No login
I reviewed python-oslo.metrics 0.3.0-0ubuntu1 as checked into impish. This
shouldn't be
considered a full audit but rather a quick gauge of maintainability. ANY
OTHER NOTES REGARDING THE NATURE OF THE REVIEW ITSELF.
python-oslo.metrics is a middleware between statistics publishers and
Okay, I set it public after not hearing a 'no' :)
Thanks
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1945533
Title:
Now that the security team has some new hires, we're looking at reviving
this series of tasks. Looking through the bug I have come up with the
following outstanding items:
- Add a .symbols file to opensc
- try to add vsmartcard-vpicc + vsmartcard-vpcd autopkgtests
- a formal list of 'supported
** Summary changed:
- no fatrace output in focal
+ fatrace doesn't trace on zfs filesystems
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1861053
Title:
fatrace doesn't trace on zfs filesystems
Heinrich, you might have hit the nail on the head: I'm using only ZFS on
this system. Maybe fatrace thinks zfs doesn't exist, and thus doesn't
bother tracing it -- that would explain why the only fatrace output I
get on this computer is on squashfs mounts.
A quick test on a Bionic system with
Thank you Corey, I've filed
https://bugs.launchpad.net/oslo.metrics/+bug/1945533 -- perhaps it
doesn't need to remain private, but it does feel like it has security
implications, so I'd like to give the OpenStack team a chance to triage
it as they wish.
Thanks
--
You received this bug
Does anyone here know how to file bugs against oslo metrics? The link
given in the CONTRIBUTING.rst:
https://bugs.launchpad.net/oslo.metrics
currently gives:
oslo.metrics must be configured in order for Launchpad to forward bugs
to the project's developers.
Thanks
--
You received this
Worked for me on my daily workstation:
⏚ [sarnold:~/trees] 100 $ sudo apt install -tfocal-proposed libpam0g
libpam-runtime libpam-modules-bin libpam-modules
Reading package lists... Done
Building dependency tree
Reading state information... Done
Recommended packages:
update-motd
The
Hello Alberto,
Thanks for sketching out the QA steps for this package; egl-wayland is
the first package to go through our new testing requirements, so we're
still iterating on what we'd like to see. We discussed this and decided
that we needed more information to have confidence that someone else
Public bug reported:
zdb -b has given me some very long progress estimates:
$ sudo zdb -b fst
[sudo] password for sarnold:
Traversing all blocks to verify nothing leaked ...
loading space map for vdev 0 of 1, metaslab 115 of 116 ...
4.72T completed (2659MB/s) estimated time remaining:
You can find older packages on the "full publishing history" from
launchpad:
https://launchpad.net/ubuntu/+source/ca-certificates/+publishinghistory
You can either download it manually or use the pull-lp-debs(1) command
from the ubuntu-dev-tools package.
Thanks
--
You received this bug
I reviewed fence-agents 4.7.1-1ubuntu6 as checked into impish. This shouldn't
be
considered a full audit but rather a quick gauge of maintainability.
fence-agents provides per-hardware or cloud details on how to forcibly
remove a machine from a high-availability setup, whether it's by yanking
Thanks Lucas, that's the trouble with looking at nine-year-old software,
sometimes which package is responsible for which files changes over
time. :)
** Also affects: update-notifier (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a
Public bug reported:
Hello, 12.04 ESM support has ended; however, on a 12.04 machine, the
MOTD still says:
This Ubuntu 12.04 system is configured to receive extended security updates
from Canonical:
* https://www.ubuntu.com/esm
I think the MOTD should clearly state that ESM support has ended
I initially preferred your option two, a drop-in file in whichever nis
and ldap binary packages, on principle of trying to keep the mitigations
in place if we can.
But your case for a difficult debugging session is persuasive. Reading
the various bug reports around this, option three seems pretty
This bug is part of the security team's process -- I know I'm in favor
of standardizing flatpak's rules to match apt and snap so the experience
is consistent across Ubuntu.
Alex? Marc? et al?
Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Hello, can you please look for ip_tables.ko in
/lib/modules/*/kernel/net/ipv4/netfilter/ip_tables.ko ? Which linux-
modules-* package and which linux-image-* packages do you have
installed?
Thanks
** Package changed: iptables (Ubuntu) => linux (Ubuntu)
--
You received this bug notification
Hello, thanks for reporting this to us.
Fuzzers are fantastic tools but getting good results from them is
difficult: they do not actually point out 'the flaw', it still requires
significant investigation of the process state to determine what
internal inconsistency has been exposed, before fixing
*** This bug is a security vulnerability ***
Public security bug reported:
https://lists.ubuntu.com/archives/technical-board/2021-June/002560.html
The flatpak tools in Ubuntu have different rules for installing packages
than we use in our software center or snap tools:
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Nice find Alex; can you please report this to upstream gedit, and report
back the bug url here so we can link them together?
Thanks
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
I reviewed egl-wayland 1:1.1.7-2build1 as checked into impish. This shouldn't
be
considered a full audit but rather a quick gauge of maintainability.
egl-wayland is a bit of graphics glue. I don't understand what it does.
- CVE History:
Nothing in our database
- Build-Depends?
omid, this bug report covers too many unrelated packages to be useful at
this point.
If you're still seeing desktop contents during resume with a currently
supported version of Ubuntu, please file a new bug report with details
on the specific packages you're using and steps to reproduce the
On Tue, Aug 31, 2021 at 12:45:38AM -, Ubfan wrote:
> Since 20.04, there are no /bin and /sbin directories, they are just
> links to /usr/sbin and /usr/bin -- perhaps they should be eliminated
> from the default PATH.
Does it matter if you upgraded from 18.04 or 19.10 vs a fresh install?
Both bugs complain about this pgyvpn package. I suggest uninstalling it
and seeing how things go.
Thanks
insserv: warning: script 'pgyvpn' missing LSB tags and overrides
insserv: There is a loop between service watchdog and pgyvpn if stopped
insserv: loop involving service pgyvpn at depth 2
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1941945
Title:
nvidia-340 340.108-0ubuntu5.20.04.2: nvidia-340 kernel module failed
to
Hello, there's some notices about deleted configuration files -- maybe
reinstalling the ubuntu-advantage-tools package will help:
sudo apt install --reinstall ubuntu-advantage-tools
Sometimes dpkg will remember that you've deleted configuration files; I
don't know exactly when this happens, but
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks David for the notice; I've asked MITRE to assign a CVE for us.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1941790
The security team doesn't update cloud-archive packages, just Ubuntu
archive packages.
Is it really sufficient to modify just the requirements.txt file in the
git tree? I'm accustomed to seeing debian/changelog changes,
debian/patches/ changes, etc., but I've never done any of the git-based
I inspected some of the python3-xstatic-bootstrap-scss package:
./python-xstatic-bootstrap-
scss_3.3.7.1-5/xstatic/pkg/bootstrap_scss/data/js/bootstrap/tooltip.js
While the header sure looks related, I couldn't find *any* hints that
the patch from
Just how bad are the consequences of not promoting this package to main?
The code is fairly gross. There's absolute gobs of writing outside array
bounds, resource leaks, potential uses of uninitialized variables, etc.
I don't know if there's any security-relevant findings -- busybox is
almost
dmesg in bug reports is fantastically helpful: it is a very fast and
reliable way to diagnose many classes of hardware problems or filesystem
flaws or kernel module incompatibilities that show up to the user as
bugs in their programs. Having it available has saved both developers
and users a *lot*
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1937107
Title:
Kernel Oops - unable to handle kernel paging request at
To manage
On Tue, Aug 03, 2021 at 03:12:11PM -, Bernd Zeimetz wrote:
> That bug is fixed upstream and also in Debian.
Woot, thanks Bernd :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1938730
Title:
** Description changed:
Hello, some of our releases may need a gpsd update in order to give
correct results after October 2021:
https://gitlab.com/gpsd/gpsd/-/issues/144
AFAIK there's not yet a clear solution for this issue, it's just
something to keep an eye on for the moment.
Public bug reported:
Hello, some of our releases may need a gpsd update in order to give
correct results after October 2021:
https://gitlab.com/gpsd/gpsd/-/issues/144
AFAIK there's not yet a clear solution for this issue, it's just
something to keep an eye on for the moment.
Thanks
**
I reviewed ostree 2020.8-2 as checked into hirsute. This shouldn't be
considered a full audit but rather a quick gauge of maintainability. I
didn't make any effort to find which portion of the sources correspond
with the exact binary package that is under discussion.
ostree is a tool to manage
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1427600
Title:
apport-unpack: ValueError: ['UserGroups'] has no binary content
To manage
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Information type changed from Private Security to Public Security
** Changed in: mysql-5.7 (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1937218
Title:
Ah, I see, a co-worker has pointed out that that USN covered only the
openvswitch (where the CVE was reported) and not lldpd, where the code
originated from. Thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1937141
Title:
package mysql-server-8.0 8.0.25-0ubuntu0.20.04.1 failed to
Hello Thomas, we addressed CVE-2020-27827 in
https://ubuntu.com/security/notices/USN-4691-1
Thanks
** Information type changed from Private Security to Public Security
** Changed in: lldpd (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a
Hello Rucel, my guess is you've installed the lilo package. This is not
supported. If you can identify a bugfix it could probably be integrated
but honestly it'd be easier to either figure out how to use grub in your
environment or switch to another distribution that does support using
lilo. Grub
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1937071
Title:
package initramfs-tools 0.136ubuntu6.6 failed to install/upgrade:
I reviewed backuppc-rsync 3.1.3.0-3 as checked into hirsute. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
backuppc-rsync is a purpose-specific fork of rsync that is used by the
backuppc tool, to use their format for storing backups.
- CVE History:
Hello Bryce, I anticipate returning to work on this MIR Monday, I'd like
to finish it up then, but you know how predicting progress goes. I think
that's the final step before archive admins can promote the package.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Beautiful, thanks for the large range of tests :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1927078
Title:
Don't allow useradd to use fully numeric names
To manage notifications about this bug
I reviewed flatpak 1.10.2-1ubuntu1 as checked into hirsute. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
flatpak is an application packaging and sandbox tool.
- CVE History:
we have six cves in our database, they appear to have been handled well,
There's something from the polkit rules that worries me. I don't think
we want the rules to be this open. Could someone more conversant with
polkit rules give them a read and report back if this is something we
really want?
Something that specifically worried me:
- Normal users need
Ah, that explains that.
Would you mind adding tests for a few more usernames?
0root
0
00
0.0
0x0
0-0
0_0
0.o
0xo
0-o
0_o
Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1927078
Title:
Don't
See also https://github.com/snapcrafters/discord/issues/23 -- there may
be some other advice buried in there on how to deal with the deluge
while also not giving discord permission to see all the processes you're
running.
Thanks
** Bug watch added: github.com/snapcrafters/discord/issues #23
Hello Sergio, it's not forgotten, but it is currently behind backuppc-
rsync and fence-agents in the server queue https://trello.com/b/EGj5Msfo
/security-mir-backlog
Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Heh, a comment in Jawn's debdiff:
* User/group names must match [a-z_][a-z0-9_-]*[$]
I found period also worked fine:
root@u20:~# useradd 0.0
root@u20:~# getent passwd 0.0
0.0:x:1001:1001::/home/0.0:/bin/sh
root@u20:~# userdel 0.0
root@u20:~# getent passwd 0.0
root@u20:~# exit
I know
On Wed, Jun 16, 2021 at 09:15:32PM -, Steve Langasek wrote:
> Disallowing leading numeric digits entirely would, unfortunately,
> disable a significant class of valid usernames in conflict with
> historical usage.
Admins are still able to hand-edit /etc/passwd, /etc/shadow, and mv
home
Public bug reported:
Hello, I wanted to search the systemd.exec(5) manpage for an opening
brace character, {, in a manner that would be easy to copy-and-paste the
results if there were any. This unfortunately gives an error message:
$ MANPAGER="grep -F {" man systemd.exec
man: command exited
Wow, thanks so much for the archaeology, Christian. That removal commit
explains so much.
I prefer (b) for this case:
- fewer moving pieces in the change is more likely to be reliable
- adding abstractions/nameservice to a profile that didn't already have it is a
fairly large increase in
On Sat, Jun 12, 2021 at 03:15:10PM -, sgubuntuuser wrote:
> We have ran apt upgrade in our Ubuntu 18.04 systems and systems are up
> to date now. However, the vulnerability tools still show up that
> vulnerability is existing. Also when checking the Python3 version in
> systems it shows 3.6.9.
Ah, sorry, I missed the 'merge' link; you're not using the ../local/..
file :) Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1890858
Title:
AppArmor profile causes QEMU/KVM - Not Connected
Hello Christian, a few thoughts:
- it sounds like we're going to modify the ../local/.. version of the
file in a package update. I think this is a mistake. If we're going to
modify policy, we should modify the 'real' policy and leave the
../local/.. version for the system administrator.
- it
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary file reads
To manage notifications about this bug go to:
Marcelo, you can see which versions of libreoffice are packaged in which
Ubuntu releases via the libreoffice source package page on launchpad
https://launchpad.net/ubuntu/+source/libreoffice
There's a link at the bottom of that page to help you explore versions
that might be published in PPAs.
Wonderful, thanks Daniel!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926548
Title:
The gatt protocol has out-of-bounds read that leads to information
leakage
To manage notifications about
Daniel, are you sure about that fixed-in-5.56 bug tag? I can't spot the
referenced commit in the tarballs 5.55, 5.56, 5.57, 5.58 from:
http://www.bluez.org/
nor in the github sources:
https://github.com/bluez/bluez/blob/master/src/gatt-database.c#L1054
nor the kernel.org sources:
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926548
Title:
The gatt protocol has out-of-bounds read that leads to information
Hello Hadar, I'm sorry for the trouble.
These have been fixed:
https://ubuntu.com/security/notices/USN-4577-1
https://ubuntu.com/security/notices/USN-4576-1
https://ubuntu.com/security/notices/USN-4578-1
https://ubuntu.com/security/notices/USN-4579-1
Public bug reported:
$ sudo apt install python3-genshi
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
doc-base python-genshi-doc
The following NEW packages will be installed:
python3-genshi
0 upgraded, 1 newly installed, 0
On Sat, Jun 05, 2021 at 01:27:19AM -, Gunnar Hjalmarsson wrote:
> It means that it explicitly looks for the fcitx 5 gtk im module, while
> Chromium only has access to the fcitx 4 one.
Oh! Excellent debugging to find the root cause.
Thanks
--
You received this bug notification because you
I've added a few more packages to the bug; nothing in the various links
suggested to me that anyone has yet identified where the fault lies.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Information type changed from Private Security to Public Security
** Also affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Also affects: samba (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Hmm, I thought the only 'reliable' way of addressing the 'not yet
active' problem was to use the sd_notify(3) family of functions to let
systemd know when a service is actually ready to handle requests. I
suggest proposing your patch in a Debian bug to get the maintainer's
feedback on it. (A test
** Changed in: clamav (Ubuntu)
Status: New => Confirmed
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1930393
Title:
any
Here's the part of the logs that feels most relevant to me:
Jun 3 07:13:05 ubuntu ubiquity: Preparing to unpack
.../shim_15+1552672080.a4a1fbe-0ubuntu2_amd64.deb ...
Jun 3 07:13:05 ubuntu ubiquity: Unpacking shim
(15+1552672080.a4a1fbe-0ubuntu2) ...
Jun 3 07:13:05 ubuntu ubiquity: Selecting
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Hello Eric, thanks for doing the research on this issue.
Does the coredump look like this may be exploitable in some fashion?
Is the crash something that affects anything beyond the specific process
serving the client in question?
Thanks
--
You received this bug notification because you are a
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1930579
Title:
package libvdpau1 1.3-1ubuntu2 failed to install/upgrade: intentando
Hello, Firefox was updated in:
https://ubuntu.com/security/notices/USN-4978-1
Thanks
** Information type changed from Private Security to Public Security
** Changed in: firefox (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1930357
Title:
package mysql-server-8.0 8.0.25-0ubuntu0.20.04.1 failed to
** Also affects: debconf (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1930301
Title:
package libpam0g:amd64 1.3.1-5ubuntu4.2 failed to
301 - 400 of 6676 matches
Mail list logo
