Hi chuegen,
As cacti is in the universe component of the repository, it is community
maintained and therefore there is no timeframe as to when such a package
will be patched in Ubuntu nor any clear indication if a community member
is working on this at this time.
You can see the status of this
Hi Daniel
In Ubuntu we generally do not upgrade to new package versions to fix
security issues but instead backport the individual fixes. As such you
should not expect to see say apache 2.4.56 in Ubuntu 23.04. Instead we
just add the minimal change needed to fix the vulnerability on top of
the
Hi Robert
On Fri, 2023-01-20 at 19:24:19 +0100, Robert Landers wrote:
> Hello,
>
> I could not, for the life of me, figure out how to report a bug or
> request a package to be updated (other than emailing this list or
> getting on IRC). But thought I'd give this a try.
The easiest way to report
Hi
Thanks for reporting this issue - in general it is better to report bugs
via launchpad than email (e.g. by running the following command (without
the quotation marks) in a terminal: "ubuntu-bug ntfs-3g" or by
https://bugs.launchpad.net/ubuntu/+source/ntfs-3g/+filebug)
I notice you also appear
of the releases at the time of review (see the
> details in the link).
>
>
>
> --
>
> Thomas
>
>
> [1]: https://rsync.samba.org/security.html
> [2]: https://ubuntu.com/security/CVE-2022-37434
> [3]: https://ubuntu.com/security/CVE-2022-29154
>
>
> ___
Hi
In Ubuntu we generally do not upload new versions of packages once a
particular Ubuntu release is made. Instead when a security bug (CVE) is
announced, if the version of the particular package in that Ubuntu
release is affected, the security team will backport the patch which
fixes the bug to
Hi Josh,
The Ubuntu Security team endeavours to support the various packages in
each Ubuntu release for the lifetime of the Ubuntu release itself,
regardless of corresponding upstream project's release / support cycles.
In this case, even though upstream RabbitMQ will be ending support for
On Tue, 2022-05-03 at 10:48:21 -0400, Ken Mandelberg wrote:
> All the other packages for bacula (director, sd) are available but not
> bacula-fd. bacula cannot run without it.
It seems it was removed during the jammy development cycle as it failed
to build from source:
FYI - updates to remediate this for Ubuntu 20.04 LTS and Ubuntu 21.10
were published earlier via USN-5316-1
https://ubuntu.com/security/notices/USN-5316-1
Thanks,
Alex
On Mon, 2022-03-07 at 13:14:12 +1030, Alex Murray wrote:
> Hi Reginaldo,
>
> I am taking a look at this now for Ubu
Hi Reginaldo,
I am taking a look at this now for Ubuntu (note as redis is in universe
it is community maintained but since this is a relatively trivial fix
and you are planning to release a PoC exploit I have taken this on
myself).
Thanks,
Alex
On Thu, 2022-03-03 at 16:21:19 -0300, Reginaldo
Hi Jeff
On Fri, 2021-12-10 at 15:53:51 -0500, Jeffrey Walton wrote:
> Hi Everyone,
>
> Has Ubuntu pushed a patch for the log4j rce that was dropped earlier today?
>
> At work, we think we are seeing activity due to zero day. But I am not
> sure the servers are fully patched at the moment.
>
>
On Tue, 2021-02-16 at 20:04:58 +1030, Matthias Klose wrote:
On 2/15/21 3:17 AM, Alex Murray wrote:
Hi Michael,
For Ubuntu we try and take an approach where we want as much code that
is compiled for and *on* Ubuntu to try and take advantage of the various
toolchain hardening options
Hi Michael,
For Ubuntu we try and take an approach where we want as much code that
is compiled for and *on* Ubuntu to try and take advantage of the various
toolchain hardening options that are available. This gives end-users
the most protection with the least amount of work.
In some cases
Hi Dmitriy
Can you please file a bug via launchpad against the intel-microcode
package?
The easiest way to do this is to run the following command in a
terminal on a machine which is experiencing this issue:
ubuntu-bug intel-microcode
This will then collect various information about the
encounter any significant issues :)
On Fri, 2020-11-27 at 16:40:48 +1030, Alex Murray wrote:
On Fri, 2020-11-27 at 03:39:36 +1030, Dimitri John Ledkov wrote:
On Thu, Nov 26, 2020 at 2:31 AM Alex Murray
wrote:
setfacl -m u:libvirt-qemu:rx $HOME
Similar to above for qemu are there similar
On Fri, 2020-11-27 at 03:39:36 +1030, Dimitri John Ledkov wrote:
> On Thu, Nov 26, 2020 at 2:31 AM Alex Murray wrote:
>>
>> setfacl -m u:libvirt-qemu:rx $HOME
>>
>
> Similar to above for qemu are there similar setfacl commands, would
> something similar be
Hi folks,
After more than 14 years[1] of debate, I propose that it is time we
moved ahead and stopped creating home directories as world-readable on
Ubuntu for hirsute onwards. The old arguments from the bug referenced in
[1] mainly centered on the convenience of this feature when considered
in
On Wed, 2019-10-23 at 21:51:27 +1030, Robert Loehning wrote:
> Am 23.10.19 um 09:29 schrieb Alex Murray:
>>
>> On Wed, 2019-10-23 at 17:32:58 +1030, Robert Loehning wrote:
>>
>>> Am 22.10.19 um 18:41 schrieb Dmitry Shachnev:
>>>> Hi again Robert,
&g
On Wed, 2019-10-23 at 17:32:58 +1030, Robert Loehning wrote:
> Am 22.10.19 um 18:41 schrieb Dmitry Shachnev:
>> Hi again Robert,
>>
>> On Fri, Oct 18, 2019 at 02:14:01PM +, Robert Loehning wrote:
>>> Hi,
>>>
>>> every application based on Qt will crash when opening a crafted plain
>>> text
On Wed, 2019-05-15 at 02:42:56 +0930, Dan Streetman wrote:
> in Ubuntu, sudo retains the calling user's $HOME
>
> this is different from upstream sudo as well as all other UNIXes and
> even the sudo documentation we provide. Should we remove our custom
> patch that adds this behavior?
I would
20 matches
Mail list logo