Installed patched build onto Maverick server. vnc_listen set to 0.0.0.0
in /etc/libvirt/qemu.conf
Set vnc_password=' with vnc_tls=1 in /etc/libvirt/qemu.conf and
confirmed that the lanched server now rejects authentication for any
password, whereas it turned off authentication and encryption
Please sponsor for upload
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/697197
Title:
Empty password allows access to VNC in libvirt
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
This fault probably affects all the current versions of qemu-kvm. It's
present in 0.11 and the current qemu master branch.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/697197
Title:
Empty password
Public bug reported:
Binary package hint: vinagre
When connecting to a VNC server using the VeNCrypt with TLS and x509
certificates (such as a kvm VM with vnc_tls switched on), Lucid's
vinagre hangs with a blank screen if there are no client side
credentials.
Using the --gtk-vnc-debug trace
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/708680
Title:
VNC TLS handshake hangs if client certificates are missing
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
Wire traces show that the TLS handshake does not start.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/708680
Title:
VNC TLS handshake hangs if client certificates are missing
--
ubuntu-bugs
The system is looking in /etc/pki for the CA root and not finding it.
There appears to be a missing runtime dependency on the package.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/708680
Title:
Public bug reported:
Libstomp-ruby is out of date and Debian is not responding to upgrade
requests.
Upstream source is mirrored at https://code.launchpad.net/~brightbox
/ruby-stomp/github-trunk
Working packages are in the Brightbox ppa at
https://launchpad.net/~brightbox/+archive/experimental
This is fixed in natty by the upstart job conversion. (version
1:2.3.14-7ubuntu4)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to xinetd in ubuntu.
https://bugs.launchpad.net/bugs/704435
Title:
xinetd init script - reload terminates
This is fixed in natty by the upstart job conversion. (version
1:2.3.14-7ubuntu4)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/704435
Title:
xinetd init script - reload terminates redirected
Public bug reported:
Binary package hint: xinetd
If you are using the 'redirect' service of xinetd, the redirection forks
a separate copy of xinetd for each service.
e.g
service vnc-redirect
{
type= UNLISTED
socket_type = stream
protocol= tcp
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to xinetd in ubuntu.
https://bugs.launchpad.net/bugs/704435
Title:
xinetd init script - reload terminates redirected services
--
Ubuntu-server-bugs mailing list
** Attachment added: Fixed xinetd.init
https://bugs.launchpad.net/ubuntu/+source/xinetd/+bug/704435/+attachment/1798056/+files/xinetd.init
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to xinetd in ubuntu.
** Description changed:
Binary package hint: xinetd
If you are using the 'redirect' service of xinetd, the redirection forks
a separate copy of xinetd for each service.
e.g
service vnc-redirect
{
- type= UNLISTED
- socket_type = stream
-
Public bug reported:
Binary package hint: xinetd
If you are using the 'redirect' service of xinetd, the redirection forks
a separate copy of xinetd for each service.
e.g
service vnc-redirect
{
type= UNLISTED
socket_type = stream
protocol= tcp
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/704435
Title:
xinetd init script - reload terminates redirected services
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
** Attachment added: Fixed xinetd.init
https://bugs.launchpad.net/ubuntu/+source/xinetd/+bug/704435/+attachment/1798056/+files/xinetd.init
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/704435
** Changed in: linux (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/665255
Title:
ath5k: IP layer fails - wireless remains connected
--
ubuntu-bugs
** Changed in: ifenslave-2.6 (Ubuntu)
Status: New = Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/663842
Title:
bonding module not loaded on maverick
--
ubuntu-bugs mailing list
** Description changed:
Binary package hint: xinetd
If you are using the 'redirect' service of xinetd, the redirection forks
a separate copy of xinetd for each service.
e.g
service vnc-redirect
{
- type= UNLISTED
- socket_type = stream
-
CVE issued putting the onus squarely on qemu's shoulders.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0011
** Changed in: libvirt (Ubuntu)
Status: Confirmed = Invalid
** Changed in: qemu-kvm (Ubuntu)
Status: New = Confirmed
** Bug watch added: Red Hat
CVE issued putting the onus squarely on qemu's shoulders.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0011
** Changed in: libvirt (Ubuntu)
Status: Confirmed = Invalid
** Changed in: qemu-kvm (Ubuntu)
Status: New = Confirmed
** Bug watch added: Red Hat
Libvirt is in the clear on this one. It is a mild security issue
introduced into QEMU.
** Changed in: libvirt (Ubuntu)
Status: Confirmed = Invalid
** Also affects: qemu-kvm (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a
When I say in the clear, the libvirt guys think they're in the clear.
Checked the qemu source and there is no fix for this problem. Could be a
change of behaviour.
** Changed in: libvirt (Ubuntu)
Status: Invalid = Confirmed
--
You received this bug notification because you are a member
Libvirt is in the clear on this one. It is a mild security issue
introduced into QEMU.
** Changed in: libvirt (Ubuntu)
Status: Confirmed = Invalid
** Also affects: qemu-kvm (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a
When I say in the clear, the libvirt guys think they're in the clear.
Checked the qemu source and there is no fix for this problem. Could be a
change of behaviour.
** Changed in: libvirt (Ubuntu)
Status: Invalid = Confirmed
--
You received this bug notification because you are a member
Having dug around in the guts of this machine, it looks like the
bluetooth bit is 'optional' for this particular submodel - so the
hardware actually isn't there.
Which explains a few things...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
(Ubuntu)
Assignee: (unassigned) = Serge Hallyn (serge-hallyn)
--
You received this bug notification because you are a direct subscriber
of the bug.
https://bugs.launchpad.net/bugs/697197
Title:
Empty password allows access to VNC in libvirt
--
Neil Wilson
--
You received this bug
(Ubuntu)
Assignee: (unassigned) = Serge Hallyn (serge-hallyn)
--
You received this bug notification because you are a direct subscriber
of the bug.
https://bugs.launchpad.net/bugs/697197
Title:
Empty password allows access to VNC in libvirt
--
Neil Wilson
--
You received this bug
to figure that out so I'll just mention that here to
save someone time.
--
You received this bug notification because you are a direct subscriber
of the bug.
https://bugs.launchpad.net/bugs/368962
Title:
Can't reboot kvm virtual machines using virsh
--
Neil Wilson
--
You received
to figure that out so I'll just mention that here to
save someone time.
--
You received this bug notification because you are a direct subscriber
of the bug.
https://bugs.launchpad.net/bugs/368962
Title:
Can't reboot kvm virtual machines using virsh
--
Neil Wilson
--
You received
Public bug reported:
The help in the /etc/libvirt/qemu.conf states
To allow access without passwords, leave this commented out. An empty
string will still enable passwords, but be rejected by QEMU
effectively preventing any use of VNC.
yet setting:
vnc_password=
allows access to the vnc
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
https://bugs.launchpad.net/bugs/697197
Title:
Empty password allows access to VNC in libvirt
--
Ubuntu-server-bugs mailing list
** Bug watch added: Red Hat Bugzilla #667097
https://bugzilla.redhat.com/show_bug.cgi?id=667097
** Also affects: libvirt via
https://bugzilla.redhat.com/show_bug.cgi?id=667097
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of
Public bug reported:
The help in the /etc/libvirt/qemu.conf states
To allow access without passwords, leave this commented out. An empty
string will still enable passwords, but be rejected by QEMU
effectively preventing any use of VNC.
yet setting:
vnc_password=
allows access to the vnc
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/697197
Title:
Empty password allows access to VNC in libvirt
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
** Bug watch added: Red Hat Bugzilla #667097
https://bugzilla.redhat.com/show_bug.cgi?id=667097
** Also affects: libvirt via
https://bugzilla.redhat.com/show_bug.cgi?id=667097
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member of
Note that apparmor will need adjusting to allow qemu to access /etc/sasl
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
https://bugs.launchpad.net/bugs/546745
Title:
libvirt tries to read /etc/sasl/libvirt.conf
/etc/apparmor.d/abstractions/libvirt-qemu needs
/etc/sasl/qemu.conf r,
adding to it.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
https://bugs.launchpad.net/bugs/546745
Title:
libvirt tries to read
Note that apparmor will need adjusting to allow qemu to access /etc/sasl
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/546745
Title:
libvirt tries to read /etc/sasl/libvirt.conf not
/etc/apparmor.d/abstractions/libvirt-qemu needs
/etc/sasl/qemu.conf r,
adding to it.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/546745
Title:
libvirt tries to read /etc/sasl/libvirt.conf not
** Changed in: libvirt (Ubuntu)
Status: Incomplete = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
https://bugs.launchpad.net/bugs/546745
Title:
libvirt tries to read /etc/sasl/libvirt.conf not
The cyrus-sasl package in Debian/Ubuntu uses '/etc/sasl' as the standard
directory in which to find the application configurations.
The fault here with the libvirt package is that it is putting the
example sasl configuration in /etc/sasl2 which is wrong for
Debian/Ubuntu.
--
You received this
** Patch added: sasl.patch
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/546745/+attachment/1775464/+files/sasl.patch
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in ubuntu.
** Bug watch added: Debian Bug tracker #552180
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552180
** Also affects: libvirt (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552180
Importance: Unknown
Status: Unknown
--
You received this bug notification because
** Changed in: libvirt (Ubuntu)
Status: Incomplete = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/546745
Title:
libvirt tries to read /etc/sasl/libvirt.conf not
The cyrus-sasl package in Debian/Ubuntu uses '/etc/sasl' as the standard
directory in which to find the application configurations.
The fault here with the libvirt package is that it is putting the
example sasl configuration in /etc/sasl2 which is wrong for
Debian/Ubuntu.
--
You received this
** Patch added: sasl.patch
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/546745/+attachment/1775464/+files/sasl.patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/546745
Title:
** Bug watch added: Debian Bug tracker #552180
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552180
** Also affects: libvirt (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552180
Importance: Unknown
Status: Unknown
--
You received this bug notification because
You need to use the hotplug configuration for ifenslave.
https://wiki.ubuntu.com/LucidLynx/ReleaseNotes#Bonded network interfaces
must use hotplug-style configuration
I wrote a little set of instructions here:
http://www.3spoken.co.uk/2010/11/how-to-do-ethernet-bonding-on-
ubuntu.html
--
You
of the bug.
https://bugs.launchpad.net/bugs/685258
Title:
vmbuilder fails to unmount cdrom cleanly
--
Neil Wilson
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to vm-builder in ubuntu.
https://bugs.launchpad.net/bugs/685258
of the bug.
https://bugs.launchpad.net/bugs/685258
Title:
vmbuilder fails to unmount cdrom cleanly
--
Neil Wilson
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/685258
Title:
vmbuilder
builds images with no post-MBR gap
--
Neil Wilson
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/578199
Title:
ubuntu-vm-builder builds images with no post-MBR gap
--
ubuntu-bugs mailing list
parted not use a 1 cyl default when it is told the geometry?
--
You received this bug notification because you are a direct subscriber
of the bug.
https://bugs.launchpad.net/bugs/578199
Title:
ubuntu-vm-builder builds images with no post-MBR gap
--
Neil Wilson
--
You received this bug
Just checked partition2disk from Eucalyptus and it does use '63s' as the
start specification for the first partition, so the patch is consistent
with UEC Eucalyptus.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
That's not to say that partition2disk is right either - just another
thing that needs to be made consistent.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/578199
Title:
ubuntu-vm-builder builds
Public bug reported:
Binary package hint: daemontools
The init scripts in the package are still checking /etc/event.d for the
presence of the the upstart file before starting the svscan upstart job.
This means that svscan is never started automatically when the package
is installed, and any
** Changed in: daemontools (Ubuntu)
Assignee: (unassigned) = Neil Wilson (neil-aldur)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/688054
Title:
svscan is not started when the package
** Changed in: daemontools (Ubuntu)
Assignee: (unassigned) = Neil Wilson (neil-aldur)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/665176
Title:
svscan (the upstart job) doesn't stop
*** This bug is a duplicate of bug 665176 ***
https://bugs.launchpad.net/bugs/665176
** This bug has been marked a duplicate of bug 665176
svscan (the upstart job) doesn't stop on shutdown
* You can subscribe to bug 665176 by following this link:
Sure. I've attached the build script I use.
** Attachment added: build-template.sh
https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/685258/+attachment/1760517/+files/build-template.sh
** Changed in: vm-builder (Ubuntu)
Status: Incomplete = Confirmed
--
You received this
Sure. I've attached the build script I use.
** Attachment added: build-template.sh
https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/685258/+attachment/1760517/+files/build-template.sh
** Changed in: vm-builder (Ubuntu)
Status: Incomplete = Confirmed
--
You received this
Public bug reported:
When using a cd image for building machines, vmbuilder always leaves the
loop device setup.
ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: python-vm-builder 0.12.4-0ubuntu1.1
ProcVersionSignature: Ubuntu 2.6.35-23.41-generic 2.6.35.7
Uname: Linux 2.6.35-23-generic
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to vm-builder in ubuntu.
https://bugs.launchpad.net/bugs/685258
Title:
vmbuilder fails to unmount cdrom cleanly
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Public bug reported:
When using a cd image for building machines, vmbuilder always leaves the
loop device setup.
ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: python-vm-builder 0.12.4-0ubuntu1.1
ProcVersionSignature: Ubuntu 2.6.35-23.41-generic 2.6.35.7
Uname: Linux 2.6.35-23-generic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/685258
Title:
vmbuilder fails to unmount cdrom cleanly
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
The cleanup on exception was commented out.
If there isn't a reason for that then the attached patch runs cleanup on
BaseException (to catch interrupts) and after post_install, which
removes the iso mount.
** Patch added: Cleanup after interrupt, exception and at end.
Can you demonstrate the configuration to make it fail then.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/482419
Title:
802.3ad interface bonding fails if started too early
--
ubuntu-bugs mailing
** Branch linked: lp:~brightbox/vmbuilder/exclude-first-cylinder
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/578199
Title:
ubuntu-vm-builder builds images with no post-MBR gap
--
ubuntu-bugs
** Changed in: ubuntu-vm-builder (Ubuntu)
Status: New = Confirmed
--
ubuntu-vm-builder builds images with no post-MBR gap
https://bugs.launchpad.net/bugs/578199
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
because you are a direct subscriber
of the bug.
--
Neil Wilson
--
Backport proftpd security fixes
https://bugs.launchpad.net/bugs/674798
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs
Package is in place on the main ftp server here and is performing as
expected.
--
Backport proftpd security fixes
https://bugs.launchpad.net/bugs/674798
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
notification because you are a direct subscriber
of the bug.
--
Neil Wilson
--
802.3ad interface bonding fails if started too early
https://bugs.launchpad.net/bugs/482419
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
** Changed in: ifenslave-2.6 (Ubuntu Lucid)
Assignee: (unassigned) = Neil Wilson (neil-aldur)
--
802.3ad interface bonding fails if started too early
https://bugs.launchpad.net/bugs/482419
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
** Changed in: ifenslave-2.6 (Ubuntu Lucid)
Assignee: Neil Wilson (neil-aldur) = (unassigned)
** Changed in: ifenslave-2.6 (Ubuntu Lucid)
Status: Triaged = Incomplete
--
802.3ad interface bonding fails if started too early
https://bugs.launchpad.net/bugs/482419
You received this bug
I'm no longer sure this is a bug in the package and may instead be more
of a duplicate of #559090. I cannot get the fault to replicate if I use
the correct hotplug configurations for the bonding system on a fresh
install of lucid with the vanilla lucid ifenslave-2.6 package.
All the posted
** Patch added: Debdiff patch for both security issues
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/674798/+attachment/1732143/+files/proftpd-dfsg_1.3.2c-1ubuntu0.1.debdiff
--
Backport proftpd security fixes
https://bugs.launchpad.net/bugs/674798
You received this bug
Library interfaces have changed which makes using the Debian patch
impractical. Recoded patch for 1.3.2 interfaces.
Debdiff attached and tested with modified python script based on
http://www.securiteam.com/unixfocus/6R0360A0AY.html
--
Backport proftpd security fixes
Built locally and on PPA.
https://launchpad.net/~brightbox/+archive/experimental/+sourcepub/1363310
/+listing-archive-extra
Tested on lucid VM.
--
Backport proftpd security fixes
https://bugs.launchpad.net/bugs/674798
You received this bug notification because you are a member of Ubuntu
Bugs,
** Attachment added: Mod_site_misc test script
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/674798/+attachment/1732144/+files/ftp_hack_proof.py
** Changed in: proftpd-dfsg (Ubuntu)
Status: In Progress = Confirmed
** Changed in: proftpd-dfsg (Ubuntu)
Assignee:
Public bug reported:
Vulnerability in versions of proftpd between proftpd-1.3.2rc3 and
proftpd-1.3.3
http://bugs.proftpd.org/show_bug.cgi?id=3521
Patches available in Debian.
http://packages.debian.org/changelogs/pool/main/p/proftpd-dfsg/proftpd-
dfsg_1.3.3a-5/changelog
ProblemType: Bug
** Changed in: proftpd-dfsg (Ubuntu)
Status: New = In Progress
--
CVE-2010-3867 - Telnet IAC processing stack overflow
https://bugs.launchpad.net/bugs/674646
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3867
--
CVE-2010-3867 - Telnet IAC processing stack overflow
https://bugs.launchpad.net/bugs/674646
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
** Patch added: Debdiff for security patch
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/674646/+attachment/1731749/+files/proftpd-dfsg_1.3.2c-1ubuntu0.1.debdiff
--
CVE-2010-3867 - Telnet IAC processing stack overflow
https://bugs.launchpad.net/bugs/674646
You received this
** Summary changed:
- CVE-2010-3867 - Telnet IAC processing stack overflow
+ Telnet IAC processing stack overflow
** Changed in: proftpd-dfsg (Ubuntu)
Assignee: (unassigned) = Neil Wilson (neil-aldur)
** Changed in: proftpd-dfsg (Ubuntu)
Assignee: Neil Wilson (neil-aldur) = Brightbox
*** This bug is a security vulnerability ***
Public security bug reported:
Backport security fixes from Debian to correct outstanding CVEs.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: proftpd-dev (not installed)
ProcVersionSignature: Ubuntu 2.6.32-25.45-generic 2.6.32.21+drm33.7
Vulnerability in versions of proftpd between proftpd-1.3.2rc3 and
proftpd-1.3.3
http://bugs.proftpd.org/show_bug.cgi?id=3521
Patches available in Debian.
http://packages.debian.org/changelogs/pool/main/p/proftpd-dfsg/proftpd-
dfsg_1.3.3a-5/changelog
--
Backport proftpd security fixes
*** This bug is a duplicate of bug 674798 ***
https://bugs.launchpad.net/bugs/674798
** This bug has been marked a duplicate of bug 674798
Backport proftpd security fixes
* You can subscribe to bug 674798 by following this link:
Directory traversal bug affects ProFTPd version range 1.3.0a (2006) to
1.3.3b (latest version)
--
Backport proftpd security fixes
https://bugs.launchpad.net/bugs/674798
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs
http://www.securiteam.com/unixfocus/6R0360A0AY.html
** Bug watch added: ProFTPD Bugzilla #3519
http://bugs.proftpd.org/show_bug.cgi?id=3519
--
Backport proftpd security fixes
https://bugs.launchpad.net/bugs/674798
You received this bug notification because you are a member of Ubuntu
Bugs,
Directory traversal upstream bug
http://bugs.proftpd.org/show_bug.cgi?id=3519
--
Backport proftpd security fixes
https://bugs.launchpad.net/bugs/674798
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
Security patch for directory traversal does not apply cleanly to 1.3.2
code.
The interface of mod_site_misc has not changed to the Debian version and
it seems safest and simplest to backport the entire patched module.
--
Backport proftpd security fixes
https://bugs.launchpad.net/bugs/674798
You
Anybody had any luck with the standard Lucid package using.
TLSOptions AllowClientRenegotiations
TLSRenegotiate none
Seems to work here.
** Changed in: proftpd-dfsg (Ubuntu)
Status: New = Confirmed
--
proftpd 1.3.2c with SSL is useless in Ubuntu 10.04
Public bug reported:
The Wireless remains connected at wireless level with over 50% signal
strength and supposedly at 54Mbps, but there is no IP transmission.
Forcing a manual reconnect via Network Manager brings the link back to
life.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package:
--
ath5k: IP layer fails - wireless remains connected
https://bugs.launchpad.net/bugs/665255
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
Public bug reported:
Binary package hint: ifenslave-2.6
The automatic loading of the bonding module that happened in previous
versions of Ubuntu seems to have vanished in Maverick.
** Affects: ifenslave-2.6 (Ubuntu)
Importance: Undecided
Status: New
--
bonding module not loaded
Public bug reported:
Binary package hint: corosync
corosync uses a TTL of 1 in its multicast packets - restricting its use
to a local segment and making it unusable in a multicast routed
environment (such as with routed virtual machines).
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package:
** Attachment added: Dependencies.txt
https://bugs.edge.launchpad.net/bugs/637127/+attachment/1577812/+files/Dependencies.txt
--
TTL is one - prevents multicast routing
https://bugs.launchpad.net/bugs/637127
You received this bug notification because you are a member of Ubuntu
Bugs, which
Bug reported upstream - thanks for the lead on the bug tracker. Couldn't
find it earlier.
The network is configured as follows:
Steps to Reproduce:
1. Two hosts linked by an ethernet
2. Libvirt in routed mode.
3. Virtual machines sat on a 10.x.x.x/30 subnet.
4. Unicast routing in place (I'm
Just in case it wasn't clear, each virtual machine sits on their own
10.x.x.x/30 subnet and there is one VM on each host
--
TTL is one - prevents multicast routing
https://bugs.launchpad.net/bugs/637127
You received this bug notification because you are a member of Ubuntu
Bugs, which is
401 - 500 of 1401 matches
Mail list logo