** Attachment removed: "SPAM REMOVED"
https://bloxstrapdl.com/
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2072486
Title:
netplan-ovs-cleanup.service is marked world-inaccessible
To manage not
I have added gerald to https://launchpad.net/~ubuntu-
security/+archive/ubuntu/ubuntu-security-collab - where we have the
current gcc built
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054343
Title:
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
What should be the next step here then? Do we still want to publish with
the bumped up version?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054343
Title:
CVE-2023-4039: ARM64 GCC
To manage notif
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
What r0lf said is true
apt-cacher-ng upstream is https://salsa.debian.org/blade/apt-cacher-ng
and you can try to send a PR there, it'll trickle down to Ubuntu and
would benefit debian users as well
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribe
As pointed to me by @mdeslaur
> copy from mm
these were the previous attempts:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+sourcepub/15153630/+listing-archive-extra
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+sourcepub/15153732/+listing-archive
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages?field.name_filter=gcc&field.status_filter=&field.series_filter=jammy
Looks like a past upload from sbeattie was done with the same versions.
I'm just confirming - bumping up the version and republishing should
work?
-
riscv64 passed as well. I'll copy to the proposed today
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054343
Title:
CVE-2023-4039: ARM64 GCC
To manage notifications about this bug go to:
https://b
I had triggered builds over lp on friday and looks like they worked
https://launchpad.net/~ubuntu-security/+archive/ubuntu/ubuntu-security-
collab/+packages?field.name_filter=gcc&field.status_filter=published&field.series_filter=
Its the collab PPA we use for different teams. I'll copy to propose
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Hello Gerald
Yes. I could build it. I'll push this on Monday
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054343
Title:
CVE-2023-4039: ARM64 GCC
To manage notifications about this bug go to:
htt
*** This bug is a duplicate of bug 2111217 ***
https://bugs.launchpad.net/bugs/2111217
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
The bug report is now Public Security
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2100694
Title:
gnome-shell crashed with SIGS
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Your bug report is more likely to get attention if it is made in
English, since this is the language understood by the majority of Ubuntu
developers. Additionally, please only mark a bug as "security" if it
shows evid
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Your bug report is more likely to get attention if it is made in
English, since this is the language understood by the majority of Ubuntu
developers. Additionally, please only mark a bug as "security" if it
shows evid
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for that Gerald
UMT : https://git.launchpad.net/ubuntu-security-tools/tree/build-
tools/umt
is a script used by the security team to build the packages - we usually
build them in schroots
```
(focal-amd64-shm)root@builder:~# cat /etc/apt/sources.list
deb http://archive.ubuntu.com/ubuntu
I tried building this
with
```
gcc-10/focal/gcc-10-10.5.0
16:57:18 $ patch -p1 < ../../../2054343/gcc-10-focal.debdiff
$ umt build -c focal-amd64-shm --parallel=32 -s -f ; alert
```
but the build fails on the gcn stage
Attaching logs.
reading from the above comment
My machine is noble, AMD 795
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Summary changed:
- Zenmap crash
+ zenmap: missing dependency
** Changed in: ubuntu-manpage-repository
Status: New => Invalid
** Changed in: nmap (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
Nice find!
If you push in a debdiff I can try to get someone to sponsor it
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2109689
Title:
Zenmap crash
To manage notifications about this bug go to:
h
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2109611
Title:
türkçe bilen biri varmı
To manage notifications about this bug go to:
https:
** Bug watch added: Debian Bug tracker #1104091
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104091
** Also affects: debmirror (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104091
Importance: Unknown
Status: Unknown
--
You received this bug notification be
Merged upstream
https://salsa.debian.org/debian/debmirror/-/commit/120ae9d8c6f60b395272c9bb06e31ee301f0f50c
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107686
Title:
Debian12 netinstall, 4 hours ago, had a popup
To manage notifications about
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Can you add more details - Which ubuntu release? what is the version of
the `passwd` package?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107726
Title:
Edge case while using `passwd` cmd
To mana
Hello Marcos
Have you made contact with upstream on this yet?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2107255
Title:
Papers crash with a segment fault after opening a PDF file
To manage notif
Hey aisonthemission
This bug only seems to be affecting you and doesn't seem to be security
related. I'm making this bug public .
Please add more details about your issue and how we can reproduce them.
** Information type changed from Private Security to Public
--
You received this bug notific
looks like when you upgraded the third party sources file
/etc/apt/sources.list.d/oem-somerville-squirtle-meta.list.distUpgrade
was created to back up
/etc/apt/sources.list.d/oem-somerville-squirtle-meta.list
or something similar happened.
Can you do
sudo mv /etc/apt/sources.list.d/oem-somervi
Hello rk2b
That's not how we do security patches. Older releases of Ubuntu have an
fixed version which was released, tested and deemed to be stable when
the release was published
On top of this - we prepare security patches which should apply cleanly,
be tested thoroughly and then release fixed v
I reviewed jpeg-xl 0.10.4-2 as checked into plucky. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
jpeg-xl is a reference implementation of JPEG XL. This library includes a
complete set of well tested JPEG XL decoder and encoder implementations.
This librar
W: An error occurred during the signature verification. The repository is not
updated and the previous index files will be used. GPG error:
http://in.archive.ubuntu.com/ubuntu noble-updates InRelease: The following
signatures were invalid: BADSIG 871920D1991BC93C Ubuntu Archive Automatic
Signin
The workaround right now is
Comment out the proxy in
/etc/apt/apt.conf.d/01acng
and then run
apt update
once - without proxy and then revert the proxy back to apt-cacher-ng
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://b
Hey lazylad
This doesn't look like a security issue at all
Can you add more details on how you got to this point? Like add commands
that you ran or config that you changed to get here?
Thanks
** Information type changed from Private Security to Public
--
You received this bug notification bec
Sorry. I added the BUG.md - without feedback here.
https://github.com/canonical/sec-mir-audits/pull/15
with some comments.
I am in ACK for this well built codebase. Lets see some feedback from
Seth and others :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, whi
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-22563
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-22564
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-36691
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-36692
** CVE
Thanks for the test
rsync 3.3.0-1ubuntu0.2 has been just copied to the archive -
ubuntu/primary oracular (security)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2096914
Title:
rsync 3.3.0-1ubuntu0
In the new build on proposed
```
checking whether to enable ipv6... yes
```
https://launchpadlibrarian.net/775244180/buildlog_ubuntu-oracular-amd64.rsync_3.3.0-1ubuntu0.2_BUILDING.txt.gz
If you can test for this - it'd be great. I'll push to the archive later
tonight
security-proposed PPA : ht
buntu)
Assignee: (unassigned) => Sudhakar Verma (sudhackar)
** Changed in: rsync (Ubuntu)
Milestone: None => oracular-updates
** Changed in: rsync (Ubuntu)
Assignee: Sudhakar Verma (sudhackar) => (unassigned)
** Changed in: rsync (Ubuntu)
Assignee: (unassigned) =&g
** Changed in: rsync (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: rsync (Ubuntu)
Assignee: (unassigned) => Sudhakar Verma (sudhackar)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchp
I'll prepare an update and test this weekend, thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2096914
Title:
rsync 3.3.0-1ubuntu0.1 patch breaks IPv6 over SSH: "ssh: Could not
resolve hostnam
,relro -Wl,-z -Wl,now -Wl,-soname
-Wl,mod_wrap.so -o .libs/mod_wrap.so
/usr/bin/ld: cannot find -lnsl: No such file or directory
collect2: error: ld returned 1 exit status
```
** Affects: proftpd-dfsg (Ubuntu)
Importance: Undecided
Assignee: Sudhakar Verma (sudhackar)
Status
** Description changed:
Hi, I am the developer of Web Apps
(https://flathub.org/apps/net.codelogistics.webapps) which is a Flatpak
application which uses XDG Desktop Portal's Dynamic Launcher portal to
create desktop files. However, on Ubuntu 24.04, this fails with this
output in the ter
** Changed in: pulseaudio (Ubuntu)
Assignee: (unassigned) => Sudhakar Verma (sudhackar)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2078822
Title:
With Bluetooth headset connect, a malici
** Changed in: rsync (Ubuntu Xenial)
Status: In Progress => Fix Released
** Changed in: rsync (Ubuntu Bionic)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net
A USN-7206-2 will go out for
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Sorry for the inconvenience folks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://
thanks stockrest, soeby :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095004
Title:
Internal hashtable error: illegal key supplied!
To manage notifications about this bug go to:
https://bugs.la
I have uploaded fixes to
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages?field.name_filter=rsync&field.status_filter=published&field.series_filter=
which is a public ppa
You cant try this meanwhile.
Fixes for other releases and this in main will go out tonight
--
This can be tracked upstream as
https://github.com/RsyncProject/rsync/issues/702
I'll follow up and keep this bug updated
** Bug watch added: github.com/RsyncProject/rsync/issues #702
https://github.com/RsyncProject/rsync/issues/702
--
You received this bug notification because you are a mem
Public bug reported:
A placeholder lp for a full release with fixes including for lxc -
different than #2089193
See https://github.com/liske/needrestart/issues/317
** Affects: needrestart (Ubuntu)
Importance: Undecided
Assignee: Sudhakar Verma (sudhackar)
Status: In Progress
I'll work on releasing the patch tonight
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2091096
Title:
lxc fp in needrestart
To manage notifications about this bug go to:
https://bugs.launchpad.net/
I went through this - as my first thought this looks perfectly
plausible. I'll try to repro this and create a PoC for the usecase
mentioned here.
I'll additionally like people from bug #2019026 to weigh in as well
--
You received this bug notification because you are a member of Ubuntu
Bugs, whi
I am unable to repro this
```
sudhackar@sec-jammy-server-amd64:/tmp/lp2088263$ sudo docker build .
DEPRECATED: The legacy builder is deprecated and will be removed in a future
release.
Install the buildx component to build images with BuildKit:
https://docs.docker.com/go/b
https://ubuntu.com/security/notices/USN-7117-2 was released today as a
fix :)
thanks for all the co-ordination Ivan
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2089193
Title:
containerd false pos
The regression fix is available - It'll be worked on today and will be
available in `security-proposed` ppa soon to test
** Changed in: needrestart (Ubuntu)
Assignee: (unassigned) => Sudhakar Verma (sudhackar)
--
You received this bug notification because you are a member of Ubu
Will need to validate - A patch was recently merged from upstream for
https://ubuntu.com/security/notices/USN-7117-1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2089193
Title:
containerd false pos
Did you try building with
```
$ clang -fPIC -shared -o lol -lzstd
```
I am able to build with
```
$ clang-15 -fPIC -shared 2086543.c -o lol -lzstd
$ # this will fail
$ clang-15 -fPIC -shared 2086543.c -o lol /usr/lib/x86_64-linux-gnu/libzstd.a
/usr/bin/ld: /usr/lib/x86_64-linux-gnu/libzstd.a(z
** Description changed:
I have a router making up one local NAT network connected to the
internet. The router allows to connect both wired and wireless. My
laptops are configured to use both wired and wireless. So I can walk
around with them and also connect to the quicker wired network if
Adding my review - ACK for sysprof
I reviewed sysprof 46.0-2 as checked into oracular. This shouldn't be considered
a full audit but rather a quick gauge of maintainability.
sysprof is a system wide Linux profiler. It can be used to collect and analyze
profiling data from the entire system - use
** Information type changed from Private Security to Public Security
** Changed in: wpa (Ubuntu)
Status: New => Fix Released
** Changed in: wpa (Ubuntu)
Assignee: (unassigned) => Sudhakar Verma (sudhackar)
--
You received this bug notification because you are a member of
This was already fixed upstream with
https://github.com/file/file/commit/d860e5a1f83027dd013b698292aff22885e0
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2073286
Title:
Typo "PhotometricIntepr
Hello Abhishek
Looks like you are trying to install a 3rd party nmap deb
```
Start-Date: 2024-07-16 22:37:17
Commandline: apt install ./ncat_7.95-3_amd64.deb
Requested-By: abhishek (1000)
Upgrade: ncat:amd64 (7.94+git20230807.3be01efb1+dfsg-3build2, 7.95-3)
End-Date: 2024-07-16 22:37:21
Start-
I have made the mentioned changes and uploaded to
https://launchpad.net/~ubuntu-security-proposed ppa for testing
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2071333
Title:
netplan.io causes syste
I have prepared updates in the security-proposed ppa. If you can test this - it
would be great.
These will be released later today
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+builds?build_text=cups&build_state=all
--
You received this bug notification because you are a
I tried on my laptop and was able to repro this. I'll get back to you on
this.
** Changed in: cups (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2070315
Title
Looking at this I am not able to repro
```
sudhackar@sec-focal-amd64:~$ sudo systemctl status cups
● cups.service - CUPS Scheduler
Loaded: loaded (/lib/systemd/system/cups.service; enabled; vendor preset:
enabled)
Active: active (running) since Thu 2024-06-27 00:49:01 IST; 2min 29s ago
I worked on this patch. I'll take a look.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2070315
Title:
error in /etc/cups/cupsd.conf from today's patch
To manage notifications about this bug go to:
87 matches
Mail list logo
