Public bug reported:
The cryptojs library has been deprecated by upstream
https://github.com/brix/crypto-js?tab=readme-ov-file#discontinued and
recommends the native javascript Crypt library.
It has no reverse dependencies:
$ reverse-depends src:cryptojs
No reverse dependencies found
$
** Also affects: xorg-server (Ubuntu Noble)
Importance: High
Status: Triaged
** Also affects: xwayland (Ubuntu Noble)
Importance: High
Status: Triaged
** Also affects: xorg-server (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: xwayland (Ubuntu
I have prepared test packages for ubuntu 22.04 LTS/jammy in the
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages PPA for both xorg-server:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+sourcepub/15921802/+listing-archive-extra
and for
The reproducer https://bugs.freedesktop.org/attachment.cgi?id=28621 from
the original 2009 bug report
https://bugs.freedesktop.org/show_bug.cgi?id=23286 does seem to work at
triggering this issue, at least under Xwalyand.
** Bug watch added: freedesktop.org Bugzilla #23286
Are people seeing this issue with any other Ubuntu releases, which also
received updates addressing CVE-2024-31083, or is this strictly
affecting the version in 22.04/jammy?
It looks like
https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1476 has a
proposed fix, in
** Description changed:
+ SRU Team; the packages for focal-proposed and jammy-proposed are
+ intended as security updates prepared by the Ubuntu Security team (and
+ have built in a ppa with only the security pockets enabled). However,
+ because the fix makes mount rules in apparmor policy be
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu)
==
Ubuntu Security Notice USN-6628-2
February 15, 2024
linux-intel-iotg-5.15 vulnerabilities
==
A security issue affects these releases of Ubuntu and
==
Ubuntu Security Notice USN-6639-1
February 15, 2024
linux-oem-6.1 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-6635-1
February 14, 2024
linux-gcp-6.2 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-6608-2
February 14, 2024
linux-nvidia-6.2 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-6626-2
February 14, 2024
linux-lowlatency, linux-raspi vulnerabilities
==
A security issue affects these releases of
==
Ubuntu Security Notice USN-6528-1
November 29, 2023
openjdk-8 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-6527-1
November 29, 2023
openjdk-17, openjdk-21, openjdk-lts vulnerabilities
==
A security issue affects these releases of
==
Ubuntu Security Notice USN-6454-4
November 01, 2023
linux-starfive vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-6339-2
September 08, 2023
linux-gcp-5.15, linux-gkeop-5.15 vulnerabilities
==
A security issue affects these releases of
==
Ubuntu Security Notice USN-6342-2
September 08, 2023
linux-azure, linux-azure-4.15 vulnerabilities
==
A security issue affects these releases of
==
Ubuntu Security Notice USN-6340-2
September 08, 2023
linux-azure-5.4, linux-gcp-5.4, linux-gkeop, linux-raspi, linux-raspi-5.4,
linux-xilinx-zynqmp vulnerabilities
==
Ubuntu Security Notice USN-6338-2
September 08, 2023
linux-gcp, linux-gcp-6.2, linux-ibm, linux-oracle, linux-starfive
vulnerabilities
==
A security
==
Ubuntu Security Notice USN-5804-1
January 13, 2023
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp,
linux-gcp-5.4, linux-hwe, linux-ibm, linux-kvm, linux-oracle,
linux-oracle-5.4, vulnerabilities
==
Ubuntu Security Notice USN-5803-1
January 13, 2023
linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
linux-gcp, linux-gcp-5.15, linux-hwe-5.15, linux-ibm, linux-kvm,
linux-oracle, linux-raspi,
==
Ubuntu Security Notice USN-5755-2
December 02, 2022
linux-gcp-5.15, linux-gke, linux-gke-5.15 vulnerabilities
==
A security issue affects these
==
Ubuntu Security Notice USN-5728-1
November 17, 2022
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-bluefield, linux-gcp, linux-hwe-5.4, linux-ibm, linux-ibm-5.4,
linux-kvm, linux-oracle,
==
Ubuntu Security Notice USN-5727-1
November 16, 2022
linux, linux-aws, linux-aws-hwe, linux-dell300x, linux-hwe, linux-kvm,
linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
==
Ubuntu Security Notice USN-5729-1
November 17, 2022
linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm,
linux-lowlatency,
==
Ubuntu Security Notice USN-5700-1
October 26, 2022
linux, linux-aws, linux-azure, linux-gcp, linux-ibm, linux-kvm,
linux-lowlatency, linux-oracle, linux-raspi vulnerabilities
==
Ubuntu Security Notice USN-5688-1
October 19, 2022
libksba vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5622-1
September 21, 2022
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-bluefield, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4,
linux-kvm, linux-oracle,
==
Ubuntu Security Notice USN-5621-1
September 21, 2022
linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-dell300x,
linux-gcp, linux-gcp-4.15, lnux-hwe, inux-kvm, linux-oracle, linux-raspi2,
linux-snapdragon
==
Ubuntu Security Notice USN-5624-1
September 21, 2022
linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
linux-kvm, linux-lowlatency vulnerabilities
==
Ubuntu Security Notice USN-5594-1
September 02, 2022
linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop,
linux-ibm, linux-kvm,
==
Ubuntu Security Notice USN-5590-1
August 30, 2022
linux-oem-5.14 vulnerability
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5582-1
August 25, 2022
linux-azure-fde vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5577-1
August 24, 2022
linux-oem-5.14 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5547-1
August 03, 2022
nvidia-graphics-drivers-390, nvidia-graphics-drivers-450-server,
nvidia-graphics-drivers-470, nvidia-graphics-drivers-470-server,
nvidia-graphics-drivers-510,
==
Ubuntu Security Notice USN-5544-1
August 02, 2022
linux, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15
vulnerabilities
==
A security
==
Ubuntu Security Notice USN-5541-1
July 28, 2022
linux-azure vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
==
Ubuntu Security Notice USN-5539-1
July 28, 2022
linux-bluefield, linux-gcp-5.4, linux-gke-5.4 vulnerabilities
==
A security issue affects these
==
Ubuntu Security Notice USN-5540-1
July 28, 2022
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
==
A security issue affects these
==
Ubuntu Security Notice USN-5529-1
July 21, 2022
linux-oem-5.17 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5517-1
July 13, 2022
linux-oem-5.14 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5518-1
July 14, 2022
linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-kvm,
linux-lowlatency, linux-oracle vulnerabilities
==
Ubuntu Security Notice USN-5515-1
July 13, 2022
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15,
linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2,
linux-snapdragon vulnerabilities
==
Ubuntu Security Notice USN-5514-1
July 13, 2022
linux, linux-aws, linux-azure, linux-azure-5.4, linux-azure-fde,
linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-kvm
vulnerabilities
==
Ubuntu Security Notice USN-5513-1
July 13, 2022
linux-aws vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
==
Ubuntu Security Notice USN-5505-1
July 07, 2022
linux-lts-xenial, linux-kvm vulnerabilities
==
A security issue affects these releases of Ubuntu and
==
Ubuntu Security Notice USN-5500-1
July 01, 2022
linux, linux-aws vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5485-2
July 01, 2022
linux-oem-5.14 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5493-2
July 01, 2022
linux-hwe-5.13 vulnerability
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5496-1
June 29, 2022
cloud-init vulnerability
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5493-1
June 27, 2022
linux, linux-hwe vulnerability
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5484-1
June 16, 2022
linux vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
-
==
Ubuntu Security Notice USN-5485-1
June 17, 2022
linux, linux-aws, linux-aws-hwe, linux-aws-5.13, linux-aws-5.4,
linux-azure, linux-azure-4.15, linux-azure-5.13, linux-azure-5.4,
linux-azure-fde, linux-dell300x, linux-gcp,
==
Ubuntu Security Notice USN-5469-1
June 08, 2022
linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm,
linux-intel-iotg, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi
vulnerabilities
==
Ubuntu Security Notice USN-5471-1
June 08, 2022
linux-oem-5.17 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5470-1
June 08, 2022
linux-oem-5.14 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5468-1
June 08, 2022
linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13,
linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-intel-5.13, linux-kvm,
linux-oracle, linux-oracle-5.13,
==
Ubuntu Security Notice USN-5466-1
June 08, 2022
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp,
linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon
vulnerabilities
==
Ubuntu Security Notice USN-5467-1
June 08, 2022
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-azure-fde, linux-gcp, linux-gke, linux-gke-5.4, linux-gkeop,
linux-gkeop-5.4, linux-hwe-5.4, linux-ibm,
==
Ubuntu Security Notice USN-5465-1
June 08, 2022
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
==
A security issue affects these
==
Ubuntu Security Notice USN-5442-2
June 01, 2022
linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm-5.4, linux-oracle,
linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
==
Ubuntu Security Notice USN-5443-2
June 01, 2022
linux-gcp-5.13, linux-oracle, linux-oracle-5.13 vulnerabilities
==
A security issue affects these
** Tags added: sec-1058
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1975523
Title:
[MIR] Promote to main in Jammy and Kinetic
To manage notifications about this bug go to:
** Tags added: sec-1057
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1963707
Title:
[MIR] libqrtr-glib
To manage notifications about this bug go to:
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-30594
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972740
Title:
Unprivileged users may use PTRACE_SEIZE to set
** Tags added: sec-994
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972043
Title:
Please add -ftrivial-auto-var-init=zero to default build flags
To manage notifications about this bug go to:
==
Ubuntu Security Notice USN-5417-1
May 12, 2022
linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13,
linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-kvm, linux-oracle,
linux-raspi vulnerabilities
==
Ubuntu Security Notice USN-5418-1
May 12, 2022
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15,
linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm,
linux-oracle, linux-snapdragon vulnerabilities
==
Ubuntu Security Notice USN-5416-1
May 12, 2022
linux-oem-5.14 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
==
Ubuntu Security Notice USN-5413-1
May 12, 2022
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
==
A security issue affects these
==
Ubuntu Security Notice USN-5415-1
May 12, 2022
linux, linux-aws, linux-azure, linux-azure-5.4, linux-azure-fde,
linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-gkeop-5.4,
linux-hwe-5.4, linux-ibm, linux-ibm-5.4,
** Tags added: sec-407
** Tags added: sec-408 sec-409
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1892559
Title:
[MIR] ccid opensc pcsc-lite
To manage notifications about this bug go to:
** Tags added: sec-976
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965115
Title:
[MIR] nullboot
To manage notifications about this bug go to:
** Also affects: cron (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: cron (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: cron (Ubuntu Xenial)
Status: New => Triaged
** Changed in: cron (Ubuntu Bionic)
Status: New => Triaged
** Changed in: linux-aws (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1949186
Title:
Missing Linux Kernel mitigations for 'SSB - Speculative Store
Hi, is this still on the kernel team's radar to address in trusty and in
the various linux-azure kernels?
Thanks!
** Changed in: linux-oem-5.14 (Ubuntu Trusty)
Status: New => Invalid
** Changed in: linux-oem-5.13 (Ubuntu Trusty)
Status: New => Invalid
** Changed in:
Thanks, making this public.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951927
Title:
Array overflow in au_procfs_plm_write
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961528
Title:
Security: Arbitrary shell command injection through PDF import or
Given that this issue is public in the freedesktop gitlab instance, I'm
making this issue public here as well.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Hi Bartłomiej, was this issue reported to mozilla? Do you have a bug
report there?
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1961854
Title:
Thunderbid saves accepted calendar
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Jeremy, is there any progress on this?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1971415
Title:
Remote desktop is automatically enabled after login
To manage notifications about this
** Package changed: ubuntu => gnome-shell (Ubuntu)
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972812
Title:
The operating
** Information type changed from Private to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1214787
Title:
busybox crashed with signal 7
To manage notifications about this bug go to:
==
Ubuntu Security Notice USN-5390-2
May 03, 2022
linux-raspi vulnerabilities
==
A security issue affects these releases of Ubuntu and its derivatives:
==
Ubuntu Security Notice USN-5390-1
April 26, 2022
linux, linux-gcp, linux-ibm, linux-lowlatency vulnerabilities
==
A security issue affects these
Public bug reported:
Upstream bug report: https://github.com/go-macaroon-bakery/py-macaroon-
bakery/issues/88
See above for details, but the essential bug is that doing something
like the following:
client = httpbakery.Client(cookies=MozillaCookieJar(".cooklefile"))
if
Hi, yes, from the Ubuntu Security team's perspective, this should go to
the security pocket.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969619
Title:
RDP Sharing appears on by default in jammy
==
Ubuntu Security Notice USN-5385-1
April 21, 2022
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15,
linux-dell300x, linux-gcp, inux-gcp-4.15, linux-hwe, linux-kvm,
linux-oracle, linux-snapdragon
==
Ubuntu Security Notice USN-5384-1
April 20, 2022
linux, linux-aws, linux-azure, linux-azure-5.4, linux-azure-fde,
linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop,
linux-gkeop-5.4, linux-hwe-5.4, linux-ibm,
==
Ubuntu Security Notice USN-5383-1
April 20, 2022
linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13,
linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-kvm, linux-oracle,
linux-oracle-5.13, linux-raspi
==
Ubuntu Security Notice USN-5381-1
April 20, 2022
linux-oem-5.14 vulnerabilities
==
A security issue affects these releases of Ubuntu and its
** Tags added: sec-753
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926321
Title:
[MIR] telegraf
To manage notifications about this bug go to:
** Tags added: sec-754
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1956617
Title:
[MIR] protobuf-c
To manage notifications about this bug go to:
** Tags added: sec-751
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1746629
Title:
[MIR] libbluray
To manage notifications about this bug go to:
==
Ubuntu Security Notice USN-5377-1
April 13, 2022
linux-bluefield vulnerabilities
==
A security issue affects these releases of Ubuntu and its
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1808537
Title:
[bionic] ffmpeg update to 3.4.5
To manage notifications about this
This was fixed in Jammy (Ubuntu 22.04 LTS pre-release) in phpliteadmin
1.9.8.2-2, closing that task.
** Changed in: phpliteadmin (Ubuntu Jammy)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
All work for this report has been completed, I believe the linux and
linux-meta tasks can be closed out as well.
** Changed in: linux (Ubuntu)
Status: Triaged => Fix Released
** Changed in: linux-meta (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification
1 - 100 of 12097 matches
Mail list logo