This bug was fixed in the package livecd-rootfs - 2.694.4
---
livecd-rootfs (2.694.4) groovy; urgency=medium
[ Gauthier Jolly ]
* ubuntu-cpc: secure esp mountpoint (LP: #1881006)
Change mount option for ubuntu-cpc images from "defaults" to "umask=0077"
ESP partitions
This bug was fixed in the package livecd-rootfs - 2.664.20
---
livecd-rootfs (2.664.20) focal; urgency=medium
[ Gauthier Jolly ]
* ubuntu-cpc: secure esp mountpoint (LP: #1881006)
Change mount option for ubuntu-cpc images from "defaults" to "umask=0077"
ESP partitions
This bug was fixed in the package livecd-rootfs - 2.525.52
---
livecd-rootfs (2.525.52) bionic; urgency=medium
[ Gauthier Jolly ]
* ubuntu-cpc: secure esp mountpoint (LP: #1881006)
Change mount option for ubuntu-cpc images from "defaults" to "umask=0077"
ESP partitions
This bug was fixed in the package livecd-rootfs - 2.408.68
---
livecd-rootfs (2.408.68) xenial; urgency=medium
[ Gauthier Jolly ]
* ubuntu-cpc: secure esp mountpoint (LP: #1881006)
Change mount option for ubuntu-cpc images from "defaults" to "umask=0077"
ESP partitions
Finally, I forgot bionic:
AWS bionic arm64:
ubuntu@ip-172-31-6-24:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:Ubuntu 18.04.5 LTS
Release:18.04
Codename: bionic
ubuntu@ip-172-31-6-24:~$ uname -a
Linux ip-172-31-6-24 5.4.0-1045-aws
** Tags removed: verification-needed-focal verification-needed-groovy
verification-needed-xenial
** Tags added: verification-done-focal verification-done-groovy
verification-done-xenial
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Hi,
I built livecd-rootfs packages with this change and built cloud images
from them. I focused my testing on cloud supporting UEFI. All VMs are
amd64 except for AWS.
KVM (Groovy):
ubuntu@ubuntu:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:Ubuntu 20.10
The autopkgtest regression noted in comment #17 was due to an ephemeral failure
trying to reach people.canonical.com for seeds:
! Could not open (any of):
!
http://people.canonical.com/~ubuntu-archive/seeds/ubuntu.focal/desktop-minimal-zh
!
Hello Dimitri, or anyone else affected,
Accepted livecd-rootfs into xenial-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/livecd-
rootfs/2.408.68 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
Hello Dimitri, or anyone else affected,
Accepted livecd-rootfs into groovy-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/livecd-
rootfs/2.694.4 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
** Merge proposal linked:
https://code.launchpad.net/~gjolly/livecd-rootfs/+git/livecd-rootfs/+merge/399845
** Merge proposal linked:
https://code.launchpad.net/~gjolly/livecd-rootfs/+git/livecd-rootfs/+merge/399846
** Merge proposal linked:
** Merge proposal linked:
https://code.launchpad.net/~gjolly/livecd-rootfs/+git/livecd-rootfs/+merge/399805
** Merge proposal linked:
https://code.launchpad.net/~gjolly/livecd-rootfs/+git/livecd-rootfs/+merge/399806
--
You received this bug notification because you are a member of
** Description changed:
+ [Impact]
+
+ * For the affected images`, the ESP is currently mounted with default
+ (0755) permissions. This means anyone can read the ESP partition. This
+ can cause security issues as sensitive data might be put in this
+ partition[0]
+
+ [Test Plan]
+
+ * Build
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1881006
Title:
Incorrect ESP mount options
To manage notifications about this bug
14 matches
Mail list logo