[Touch-packages] [Bug 1939857] [NEW] package openssh-server 1:7.6p1-4ubuntu0.5 failed to install/upgrade: installed openssh-server package post-installation script subprocess returned error exit statu
Public bug reported: ¯\_(ツ)_/¯ ProblemType: Package DistroRelease: Ubuntu 18.04 Package: openssh-server 1:7.6p1-4ubuntu0.5 ProcVersionSignature: Ubuntu 4.15.0-147.151-generic 4.15.18 Uname: Linux 4.15.0-147-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu7.24 Architecture: amd64 Date: Fri Aug 13 08:12:44 2021 ErrorMessage: installed openssh-server package post-installation script subprocess returned error exit status 1 InstallationDate: Installed on 2014-05-30 (2631 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417) Python3Details: /usr/bin/python3.6, Python 3.6.9, python3-minimal, 3.6.7-1~18.04 PythonDetails: /usr/bin/python2.7, Python 2.7.17, python-minimal, 2.7.15~rc1-1 RelatedPackageVersions: dpkg 1.19.0.5ubuntu2.3 apt 1.6.14 SourcePackage: openssh Title: package openssh-server 1:7.6p1-4ubuntu0.5 failed to install/upgrade: installed openssh-server package post-installation script subprocess returned error exit status 1 UpgradeStatus: Upgraded to bionic on 2019-01-28 (927 days ago) ** Affects: openssh (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-package bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1939857 Title: package openssh-server 1:7.6p1-4ubuntu0.5 failed to install/upgrade: installed openssh-server package post-installation script subprocess returned error exit status 1 Status in openssh package in Ubuntu: New Bug description: ¯\_(ツ)_/¯ ProblemType: Package DistroRelease: Ubuntu 18.04 Package: openssh-server 1:7.6p1-4ubuntu0.5 ProcVersionSignature: Ubuntu 4.15.0-147.151-generic 4.15.18 Uname: Linux 4.15.0-147-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu7.24 Architecture: amd64 Date: Fri Aug 13 08:12:44 2021 ErrorMessage: installed openssh-server package post-installation script subprocess returned error exit status 1 InstallationDate: Installed on 2014-05-30 (2631 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417) Python3Details: /usr/bin/python3.6, Python 3.6.9, python3-minimal, 3.6.7-1~18.04 PythonDetails: /usr/bin/python2.7, Python 2.7.17, python-minimal, 2.7.15~rc1-1 RelatedPackageVersions: dpkg 1.19.0.5ubuntu2.3 apt 1.6.14 SourcePackage: openssh Title: package openssh-server 1:7.6p1-4ubuntu0.5 failed to install/upgrade: installed openssh-server package post-installation script subprocess returned error exit status 1 UpgradeStatus: Upgraded to bionic on 2019-01-28 (927 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1939857/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939664] Re: Several potential bugs of memory leak
also, 18.04 doesn't have 1.6.2 but 2:1.6.4-3ubuntu0.4 which has had several CVE fixes already if you're actually looking at version 1.6.2, then your distro is Ubuntu 14.04, which was EOL two years ago. ** Changed in: libx11 (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libx11 in Ubuntu. https://bugs.launchpad.net/bugs/1939664 Title: Several potential bugs of memory leak Status in libx11 package in Ubuntu: Incomplete Bug description: Ubuntu version: 18.04 libx11-xcb-dev version:1.6.2 Hello,I found some potential bugs in package libx11-xcb-dev,and the microsoft word file in the attachment I uploaded shows the occurrence process of the bug in a graphical way.Would you help me check whether the bugs mentioned below are true? I'm not 100% sure that the bugs I submitted is correct. I hope you don't mind seeing the wrong bug I submitted.Thank you very much for your patience. In file libx11-1.6.2/modules/im/ximcp/imLcPrs.c,defination of parsestringfile,line 733. The statement "tbp=malloc(size);"allocate memory to tbp and in line 733,if select false branch at this statement,tbp will not be freed correctly.the process of this potential bug is shown in figure 1. In file libx11-1.6.2/src/xlibi18n/lcDB.c,defination of f_numeric,line 882. The statement "wordp=malloc(len+1);"allocate memory to wordp and in line 883,if select false branch at this statement,function f_numeric will go on to execute.In line 910,if select false branch at this statement,wordp will not be freed correctly.the process of this potential bug is shown in figure 2. In file libx11-1.6.2/src/xlibi18n/lcDB.c,defination of f_numeric,line 882. The statement "wordp=malloc(len+1);"allocate memory to wordp and in line 883,if select false branch at this statement,function f_numeric will go on to execute.and if select true branch in line 938,flow goto err,In line 989,if select false branch here,wordp will not be freed correctly.the process of this potential bug is shown in figure 3. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libx11/+bug/1939664/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939664] Re: Several potential bugs of memory leak
you should file such bugs upstream too, but first check that the current upstream version is affected: https://gitlab.freedesktop.org/xorg/lib/libx11/ -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libx11 in Ubuntu. https://bugs.launchpad.net/bugs/1939664 Title: Several potential bugs of memory leak Status in libx11 package in Ubuntu: Incomplete Bug description: Ubuntu version: 18.04 libx11-xcb-dev version:1.6.2 Hello,I found some potential bugs in package libx11-xcb-dev,and the microsoft word file in the attachment I uploaded shows the occurrence process of the bug in a graphical way.Would you help me check whether the bugs mentioned below are true? I'm not 100% sure that the bugs I submitted is correct. I hope you don't mind seeing the wrong bug I submitted.Thank you very much for your patience. In file libx11-1.6.2/modules/im/ximcp/imLcPrs.c,defination of parsestringfile,line 733. The statement "tbp=malloc(size);"allocate memory to tbp and in line 733,if select false branch at this statement,tbp will not be freed correctly.the process of this potential bug is shown in figure 1. In file libx11-1.6.2/src/xlibi18n/lcDB.c,defination of f_numeric,line 882. The statement "wordp=malloc(len+1);"allocate memory to wordp and in line 883,if select false branch at this statement,function f_numeric will go on to execute.In line 910,if select false branch at this statement,wordp will not be freed correctly.the process of this potential bug is shown in figure 2. In file libx11-1.6.2/src/xlibi18n/lcDB.c,defination of f_numeric,line 882. The statement "wordp=malloc(len+1);"allocate memory to wordp and in line 883,if select false branch at this statement,function f_numeric will go on to execute.and if select true branch in line 938,flow goto err,In line 989,if select false branch here,wordp will not be freed correctly.the process of this potential bug is shown in figure 3. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libx11/+bug/1939664/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939750] Re: Please merge 7.74.0-1.3
** Changed in: curl (Ubuntu) Importance: Undecided => Wishlist ** Package changed: debian => curl (Debian) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1939750 Title: Please merge 7.74.0-1.3 Status in curl package in Ubuntu: Confirmed Status in curl package in Debian: Unknown Bug description: Debian version 7.74.0-1.3 cherry-picks a fix for a command line API breakage that would be unexpected in a minor version release. Please help merge. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989064 https://github.com/curl/curl/issues/6321 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1939750/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1932010] Re: [21.10 FEAT] zlib CRC32 optimization for s390x
** Changed in: zlib (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to zlib in Ubuntu. https://bugs.launchpad.net/bugs/1932010 Title: [21.10 FEAT] zlib CRC32 optimization for s390x Status in Ubuntu on IBM z Systems: In Progress Status in zlib package in Ubuntu: In Progress Bug description: Use SIMD instructions to accelerate the zlib CRC32 implementation. Business value: Performance improvement in database area The zlib CRC32 optimization for IBM Z is currently being discussed for inclusion into zlib-ng: https://github.com/zlib-ng/zlib-ng/pull/912 The patch for zlib will be based on that. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1932010/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939751] Re: openssh FTBFS with glibc >= 2.34
** Changed in: openssh (Ubuntu) Importance: Undecided => High ** Tags added: ftbfs -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1939751 Title: openssh FTBFS with glibc >= 2.34 Status in openssh package in Ubuntu: Confirmed Status in openssh package in Debian: Unknown Bug description: Due to an incompatible function prototype in openbsd-compat tests, this package FTBFS with glibc >= 2.34. There is an upstream patch already in place to address this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1939751/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939544] Re: Merge the 1.1.1k version from Debian
** Changed in: openssl (Ubuntu) Importance: Undecided => Wishlist -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1939544 Title: Merge the 1.1.1k version from Debian Status in openssl package in Ubuntu: In Progress Bug description: Impish currently ships with a version based on the upstream 1.1.1j, while Debian bullseye/sid has 1.1.1k. Let's merge! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1939544/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939728] Re: Please merge icu 67.1-7 (main) from Debian unstable
** Changed in: icu (Ubuntu) Importance: Undecided => Wishlist -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to icu in Ubuntu. https://bugs.launchpad.net/bugs/1939728 Title: Please merge icu 67.1-7 (main) from Debian unstable Status in icu package in Ubuntu: Confirmed Bug description: This requires a merge because there are changes in the Ubuntu version not present in the Debian version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
This bug was fixed in the package lto-disabled-list - 15 --- lto-disabled-list (15) impish; urgency=medium * Add libvpx. (LP: #1939640) -- Sergio Durigan Junior Thu, 12 Aug 2021 10:39:16 -0400 ** Changed in: lto-disabled-list (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: Fix Released Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939751] Re: openssh FTBFS with glibc >= 2.34
** Patch added: "lp1939751.debdiff" https://bugs.launchpad.net/debian/+source/openssh/+bug/1939751/+attachment/5517643/+files/lp1939751.debdiff ** Changed in: openssh (Ubuntu) Status: In Progress => Confirmed ** Changed in: openssh (Ubuntu) Assignee: William Wilson (jawn-smith) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1939751 Title: openssh FTBFS with glibc >= 2.34 Status in openssh package in Ubuntu: Confirmed Status in openssh package in Debian: Unknown Bug description: Due to an incompatible function prototype in openbsd-compat tests, this package FTBFS with glibc >= 2.34. There is an upstream patch already in place to address this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1939751/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939751] Re: openssh FTBFS with glibc >= 2.34
** Bug watch added: Debian Bug tracker #992134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992134 ** Also affects: openssh (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992134 Importance: Unknown Status: Unknown ** Changed in: openssh (Ubuntu) Status: New => In Progress ** Changed in: openssh (Ubuntu) Assignee: (unassigned) => William Wilson (jawn-smith) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1939751 Title: openssh FTBFS with glibc >= 2.34 Status in openssh package in Ubuntu: In Progress Status in openssh package in Debian: Unknown Bug description: Due to an incompatible function prototype in openbsd-compat tests, this package FTBFS with glibc >= 2.34. There is an upstream patch already in place to address this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1939751/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939750] [NEW] Please merge 7.74.0-1.3
Public bug reported: Debian version 7.74.0-1.3 cherry-picks a fix for a command line API breakage that would be unexpected in a minor version release. Please help merge. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989064 https://github.com/curl/curl/issues/6321 ** Affects: curl (Ubuntu) Importance: Undecided Status: Confirmed ** Affects: debian Importance: Unknown Status: Unknown ** Tags: patch ** Patch added: "curl-1_7.74.0-1.2ubuntu4_7.74.0-1.3ubuntu1.debdiff" https://bugs.launchpad.net/bugs/1939750/+attachment/5517633/+files/curl-1_7.74.0-1.2ubuntu4_7.74.0-1.3ubuntu1.debdiff ** Bug watch added: Debian Bug tracker #989064 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989064 ** Also affects: debian via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989064 Importance: Unknown Status: Unknown ** Changed in: curl (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1939750 Title: Please merge 7.74.0-1.3 Status in curl package in Ubuntu: Confirmed Status in Debian: Unknown Bug description: Debian version 7.74.0-1.3 cherry-picks a fix for a command line API breakage that would be unexpected in a minor version release. Please help merge. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989064 https://github.com/curl/curl/issues/6321 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/curl/+bug/1939750/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939751] [NEW] openssh FTBFS with glibc >= 2.34
Public bug reported: Due to an incompatible function prototype in openbsd-compat tests, this package FTBFS with glibc >= 2.34. There is an upstream patch already in place to address this. ** Affects: openssh (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1939751 Title: openssh FTBFS with glibc >= 2.34 Status in openssh package in Ubuntu: New Bug description: Due to an incompatible function prototype in openbsd-compat tests, this package FTBFS with glibc >= 2.34. There is an upstream patch already in place to address this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1939751/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1920836] Re: Show Extended Security Maintenence status
Thank you for this submission. I was awaiting feedback on this bug to determine if you'd like to solve the outstanding issue that Extend... links aren't presented on the software-properties-gtk UI for unattached machines (and/or) dropping the error messages from the console. But, as you mentioned error console messaging isn't presented to the UI so this is a non-issue that we can remedy in future uploads. That said, I also discovered that changes in ubuntu-advantage-tools 27.2 which have already SRU'd into xenial, bionic, focal and render this current logic broken. I've filed LP: #1939732 to capture upcoming features needed in the UI to better inform about Extending your support if desired on Bionic/Focal etc. LP 1939732 could be fixed by this diff: --- /usr/lib/python3/dist-packages/softwareproperties/gtk/utils.py.old 2021-08-12 13:56:59.695413561 -0600 +++ /usr/lib/python3/dist-packages/softwareproperties/gtk/utils.py 2021-08-12 14:12:28.597659801 -0600 @@ -26,6 +26,7 @@ gi.require_version("Gtk", "3.0") from gi.repository import Gio, Gtk import json +import os import subprocess import logging @@ -79,24 +80,20 @@ # which has already run `ua status`. Calling ua status directly on # network disconnected machines will raise a TimeoutException trying to # access contracts.canonical.com/v1/resources. -try: -# Success writes UA_STATUS_JSON -result = subprocess.run(['ua', 'status', '--format=json'], stdout=subprocess.PIPE) -except Exception as e: -print("Failed to call ubuntu advantage client:\n%s" % e) -return {} -if result.returncode != 0: -print("Ubuntu advantage client returned code %d" % result.returncode) -return {} - -try: -status_file = open(UA_STATUS_JSON, "r") -except Exception as e: -print("No ua status file written:\n%s" % e) -return {} - -with status_file as stream: -status_json = stream.read() +if os.path.exists(UA_STATUS_JSON): +with open(UA_STATUS_JSON) as stream: + status_json = stream.read() +else: +try: +# Success writes UA_STATUS_JSON +result = subprocess.run(['ua', 'status', '--format=json'], stdout=subprocess.PIPE) +except Exception as e: +print("Failed to call ubuntu advantage client:\n%s" % e) +return {} +if result.returncode != 0: +print("Ubuntu advantage client returned code %d" % result.returncode) +return {} +status_json = result.stdout try: status = json.loads(status_json) except json.JSONDecodeError as e: The UX "updates" tab no longer can correctly determine that the machine is attached because a new field "available" has been published in status.json. Current utils.py:get_ua_service_status relies on a now incorrect check: if service.get("available"): # then we are not attached if service["available"] == "yes": available = True service_status = "disabled" # Disabled since unattached Since ua status output on attach machines now provides "available": "yes" in version 27.2 it broke the assumption that "available" keys represented a detached system. This 2nd issue could be fixed by this diff --- /usr/lib/python3/dist-packages/softwareproperties/gtk/utils.py.old 2021-08-12 13:56:59.695413561 -0600 +++ /usr/lib/python3/dist-packages/softwareproperties/gtk/utils.py 2021-08-12 13:57:13.951629355 -0600 @@ -123,7 +123,7 @@ service_status = "n/a" for service in status.get("services", []): if service.get("name") == service_name: -if service.get("available"): # then we are not attached +if status.get("attached", False) == False: # we are not attached if service["available"] == "yes": available = True service_status = "disabled" # Disabled since unattached the third issue is that the contract expiry date format of v 27.2 doesn't conform to software-properties-gtk expectations: with the above patches, we still see issues with ability to decode the expiry string in the console unconverted data remains: +00:00 (<--- added print of the exception msg) Unable to determine UA contract expiry this patch would be needed to suport expiry datestring formatting for ua-tools 27.2 in bionic focal etc --- /usr/lib/python3/dist-packages/softwareproperties/gtk/SoftwarePropertiesGtk.py.old 2021-08-12 14:43:33.570530853 -0600 +++ /usr/lib/python3/dist-packages/softwareproperties/gtk/SoftwarePropertiesGtk.py 2021-08-12 14:43:50.594751621 -0600 @@ -394,8 +394,11 @@ # gives software properties dialogs a chance to interact about # renewals if needed. try: +# Ignore timezone to simplify formatting python < 3.7 +# 3.7+ h
[Touch-packages] [Bug 1939729] Re: No sound after suspend / resume
** Package changed: ubuntu => alsa-driver (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1939729 Title: No sound after suspend / resume Status in alsa-driver package in Ubuntu: New Bug description: pulse-audio breaks on suspend resume. Pulse-audio needs to be restarted along with all sound applications and plasmashell (kde) ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: alsa-base 1.0.25+dfsg-0ubuntu5 ProcVersionSignature: Ubuntu 5.4.0-80.90-generic 5.4.124 Uname: Linux 5.4.0-80-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.18 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC2: matt 858931 F pulseaudio /dev/snd/controlC1: matt 858931 F pulseaudio /dev/snd/controlC0: matt 858931 F pulseaudio CasperMD5CheckResult: skip CurrentDesktop: KDE Date: Thu Aug 12 18:17:51 2021 InstallationDate: Installed on 2017-03-26 (1600 days ago) InstallationMedia: Kubuntu 16.10 "Yakkety Yak" - Release amd64 (20161012.1) PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_Card: Built-in Audio - HDA Intel PCH Symptom_Jack: Green Line Out, Rear Symptom_Type: No auto-mute between outputs Title: [P9X79 LE, Realtek ALC892, Green Line Out, Rear] No automute UpgradeStatus: Upgraded to focal on 2020-10-08 (308 days ago) dmi.bios.date: 04/27/2013 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 9505 dmi.board.asset.tag: To be filled by O.E.M. dmi.board.name: P9X79 LE dmi.board.vendor: ASUSTeK COMPUTER INC. dmi.board.version: Rev 1.xx dmi.chassis.asset.tag: P55265 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr9505:bd04/27/2013:svnOEGStone:pnP9X79LE:pvrSystemVersion:rvnASUSTeKCOMPUTERINC.:rnP9X79LE:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion: dmi.product.family: To be filled by O.E.M. dmi.product.name: P9X79 LE dmi.product.sku: SKU dmi.product.version: System Version dmi.sys.vendor: OEGStone To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1939729/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939729] [NEW] No sound after suspend / resume
You have been subscribed to a public bug: pulse-audio breaks on suspend resume. Pulse-audio needs to be restarted along with all sound applications and plasmashell (kde) ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: alsa-base 1.0.25+dfsg-0ubuntu5 ProcVersionSignature: Ubuntu 5.4.0-80.90-generic 5.4.124 Uname: Linux 5.4.0-80-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.18 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC2: matt 858931 F pulseaudio /dev/snd/controlC1: matt 858931 F pulseaudio /dev/snd/controlC0: matt 858931 F pulseaudio CasperMD5CheckResult: skip CurrentDesktop: KDE Date: Thu Aug 12 18:17:51 2021 InstallationDate: Installed on 2017-03-26 (1600 days ago) InstallationMedia: Kubuntu 16.10 "Yakkety Yak" - Release amd64 (20161012.1) PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_Card: Built-in Audio - HDA Intel PCH Symptom_Jack: Green Line Out, Rear Symptom_Type: No auto-mute between outputs Title: [P9X79 LE, Realtek ALC892, Green Line Out, Rear] No automute UpgradeStatus: Upgraded to focal on 2020-10-08 (308 days ago) dmi.bios.date: 04/27/2013 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 9505 dmi.board.asset.tag: To be filled by O.E.M. dmi.board.name: P9X79 LE dmi.board.vendor: ASUSTeK COMPUTER INC. dmi.board.version: Rev 1.xx dmi.chassis.asset.tag: P55265 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr9505:bd04/27/2013:svnOEGStone:pnP9X79LE:pvrSystemVersion:rvnASUSTeKCOMPUTERINC.:rnP9X79LE:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion: dmi.product.family: To be filled by O.E.M. dmi.product.name: P9X79 LE dmi.product.sku: SKU dmi.product.version: System Version dmi.sys.vendor: OEGStone ** Affects: alsa-driver (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal third-party-packages -- No sound after suspend / resume https://bugs.launchpad.net/bugs/1939729 You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
Thanks for the review, Lucas. Uploaded: $ dput lto-disabled-list_15_source.changes Trying to upload package to ubuntu Checking signature on .changes gpg: /home/sergio/work/lto-disabled-list/lto-disabled-list_15_source.changes: Valid signature from 106DA1C8C3CBBF14 Checking signature on .dsc gpg: /home/sergio/work/lto-disabled-list/lto-disabled-list_15.dsc: Valid signature from 106DA1C8C3CBBF14 Uploading to ubuntu (via ftp to upload.ubuntu.com): Uploading lto-disabled-list_15.dsc: done. Uploading lto-disabled-list_15.tar.xz: done. Uploading lto-disabled-list_15_source.buildinfo: done. Uploading lto-disabled-list_15_source.changes: done. Successfully uploaded packages. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: New Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
The debdiff to add libvpx to lto-disabled-list package looks good to me, +1. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: New Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1926165] Re: Bass speakers not enabled on Lenovo Yoga 9i
Thank you Hui Wang this fixed poor speaker quality on my 9i. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1926165 Title: Bass speakers not enabled on Lenovo Yoga 9i Status in alsa-driver package in Ubuntu: Confirmed Bug description: The Lenovo Yoga 9i has two sets of speakers: regular ones and bass speakers. The former work but while latter are detected and show up in alsamixer, they play no sound. Plugging headphones in and out or toggling any of the volume options does not fix the issue. A possibly related issue for a different Yoga version: https://bugzilla.kernel.org/show_bug.cgi?id=205755 ProblemType: Bug DistroRelease: Ubuntu 21.04 Package: alsa-base 1.0.25+dfsg-0ubuntu7 ProcVersionSignature: Ubuntu 5.11.0-16.17-generic 5.11.12 Uname: Linux 5.11.0-16-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu65 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: ubuntu 4466 F pulseaudio ubuntu 6219 F alsamixer /dev/snd/pcmC0D0p: ubuntu 4466 F...m pulseaudio CasperMD5CheckResult: pass CasperVersion: 1.461 CurrentDesktop: ubuntu:GNOME Date: Mon Apr 26 15:10:05 2021 LiveMediaBuild: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420) PackageArchitecture: all ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: alsa-driver Symptom: audio Symptom_AlsaPlaybackTest: ALSA playback test through plughw:sofhdadsp successful Symptom_Card: Tiger Lake-LP Smart Sound Technology Audio Controller - sof-hda-dsp Symptom_Jack: Speaker, Internal Symptom_PulsePlaybackTest: PulseAudio playback test successful Symptom_Type: None of the above Title: [82BG, Realtek ALC287, Speaker, Internal] Playback problem UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 01/28/2021 dmi.bios.release: 1.40 dmi.bios.vendor: LENOVO dmi.bios.version: EHCN40WW dmi.board.asset.tag: No Asset Tag dmi.board.name: LNVNB161216 dmi.board.vendor: LENOVO dmi.board.version: SDK0J40697WIN dmi.chassis.asset.tag: No Asset Tag dmi.chassis.type: 31 dmi.chassis.vendor: LENOVO dmi.chassis.version: Yoga 9 14ITL5 dmi.ec.firmware.release: 1.40 dmi.modalias: dmi:bvnLENOVO:bvrEHCN40WW:bd01/28/2021:br1.40:efr1.40:svnLENOVO:pn82BG:pvrYoga914ITL5:rvnLENOVO:rnLNVNB161216:rvrSDK0J40697WIN:cvnLENOVO:ct31:cvrYoga914ITL5: dmi.product.family: Yoga 9 14ITL5 dmi.product.name: 82BG dmi.product.sku: LENOVO_MT_82BG_BU_idea_FM_Yoga 9 14ITL5 dmi.product.version: Yoga 9 14ITL5 dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1926165/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1918925] Re: Rendering SVG is broken
Fixed in Ubuntu 20.10 "Groovy Gorilla" with librsvg2-bin 2.50.1+dfsg-1 ** Changed in: librsvg (Ubuntu) Status: New => Confirmed ** Changed in: librsvg (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to librsvg in Ubuntu. https://bugs.launchpad.net/bugs/1918925 Title: Rendering SVG is broken Status in librsvg package in Ubuntu: Fix Released Bug description: I'm not sure what pacakge this is related maybe core Cairo library. I have SVG file generated by new version of R library svglite version 2.0 and I'm not able to convert it to JPG and PNG correctly. The same happen also when I open default program on Ubuntu with installed XFce. The same happen on Docker that also have version 18.04. I'm attaching the svg and jpeg generated from that file. The last change in `svglite` R library was something with clip-path, but I've removed all `clip-`path from the file and the issue still happen. Just checked again and it seems that imageMagick works fine (convert command), but with `rsvg-convert` give black boxes on the graph. The same happen with default XFce image viewer. It works fine in Chrome and Inkscape. I'm not sure what did changed, but it was giving issue also with image magick (convert command) when I had fresh installation, but I've installed lot of packages including libmagick++-dev. Also magick library for R don't work. It give same issue as `rsvg- convert`, but that library use libmagick shared libraries directly and don't use `convert` command. I was checking my other laptop with Fedora 32 and it works fine there. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/1918925/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939728] Re: Please merge icu 67.1-7 (main) from Debian unstable
** Patch added: "Diff from 67.1-6ubuntu2" https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+attachment/5517575/+files/lp1939728_ubuntu_ubuntu.debdiff ** Changed in: icu (Ubuntu) Assignee: William Wilson (jawn-smith) => (unassigned) ** Changed in: icu (Ubuntu) Status: In Progress => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to icu in Ubuntu. https://bugs.launchpad.net/bugs/1939728 Title: Please merge icu 67.1-7 (main) from Debian unstable Status in icu package in Ubuntu: Confirmed Bug description: This requires a merge because there are changes in the Ubuntu version not present in the Debian version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939728] Re: Please merge icu 67.1-7 (main) from Debian unstable
** Patch added: "Diff from 67.1-6ubuntu2" https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+attachment/5517573/+files/lp1939728_ubuntu_ubuntu.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to icu in Ubuntu. https://bugs.launchpad.net/bugs/1939728 Title: Please merge icu 67.1-7 (main) from Debian unstable Status in icu package in Ubuntu: Confirmed Bug description: This requires a merge because there are changes in the Ubuntu version not present in the Debian version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939616] Re: u-r-u should leave a breadcrumb indicating a dist-upgrade is in progress
** Also affects: update-notifier (Ubuntu Impish) Importance: Undecided Status: New ** Also affects: apport (Ubuntu Impish) Importance: Undecided Status: New ** Also affects: ubuntu-release-upgrader (Ubuntu Impish) Importance: Undecided Status: New ** Tags removed: rls-ii-incoming -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1939616 Title: u-r-u should leave a breadcrumb indicating a dist-upgrade is in progress Status in apport package in Ubuntu: New Status in ubuntu-release-upgrader package in Ubuntu: New Status in update-notifier package in Ubuntu: New Status in apport source package in Impish: New Status in ubuntu-release-upgrader source package in Impish: New Status in update-notifier source package in Impish: New Bug description: Looking at the source code of ubuntu-release-upgrader it looks like an environment variable, RELEASE_UPGRADE_IN_PROGRESS, is set when an upgrade is being performed. However, it would be better if there was an indication that other programs, e.g. apport, could use to tell whether or not a release upgrade was in progress. This came up as we saw some crash reports in the error tracker that didn't make sense and a possible explanation is that a release upgrade was in progress. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1939616/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939728] Re: Please merge icu 67.1-7 (main) from Debian unstable
** Patch added: "Diff from Debian" https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+attachment/5517574/+files/lp1939728_debian_ubuntu.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to icu in Ubuntu. https://bugs.launchpad.net/bugs/1939728 Title: Please merge icu 67.1-7 (main) from Debian unstable Status in icu package in Ubuntu: Confirmed Bug description: This requires a merge because there are changes in the Ubuntu version not present in the Debian version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939728] Re: Please merge icu 67.1-7 (main) from Debian unstable
** Changed in: icu (Ubuntu) Status: New => In Progress ** Changed in: icu (Ubuntu) Assignee: (unassigned) => William Wilson (jawn-smith) ** Patch added: "Diff from Debian" https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+attachment/5517572/+files/lp1939728_debian_ubuntu.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to icu in Ubuntu. https://bugs.launchpad.net/bugs/1939728 Title: Please merge icu 67.1-7 (main) from Debian unstable Status in icu package in Ubuntu: Confirmed Bug description: This requires a merge because there are changes in the Ubuntu version not present in the Debian version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939732] [NEW] report availability of Ubuntu Advantage ESM services on unattached machines
Public bug reported: Release: bionic/focal Version: 0.96.24.32 (bionic) Issue: Software & Updates GTK UI doesn't report availability of UBuntu Advantage ESM Infra or ESM Apps services on unattached machines Steps to repropduce: Launch software-properties-gtk from the commandline. See unexpected errors on the terminal No ua status file written: [Errno 2] No such file or directory: '/var/lib/ubuntu-advantage/status.json' Navigation to the "Updates" tab See only: Basic Security Maintenance 04/26/2023 Expected results: See no error messages on terminal See a link to the right of Basic Security Maintenance on the "Updates" tab that points to ESM info Basic Security Maintenance Extend...(links to ubuntu.com/security/esm) ** Affects: software-properties (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/1939732 Title: report availability of Ubuntu Advantage ESM services on unattached machines Status in software-properties package in Ubuntu: New Bug description: Release: bionic/focal Version: 0.96.24.32 (bionic) Issue: Software & Updates GTK UI doesn't report availability of UBuntu Advantage ESM Infra or ESM Apps services on unattached machines Steps to repropduce: Launch software-properties-gtk from the commandline. See unexpected errors on the terminal No ua status file written: [Errno 2] No such file or directory: '/var/lib/ubuntu-advantage/status.json' Navigation to the "Updates" tab See only: Basic Security Maintenance 04/26/2023 Expected results: See no error messages on terminal See a link to the right of Basic Security Maintenance on the "Updates" tab that points to ESM info Basic Security Maintenance Extend...(links to ubuntu.com/security/esm) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1939732/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939728] [NEW] Please merge icu 67.1-7 (main) from Debian unstable
Public bug reported: This requires a merge because there are changes in the Ubuntu version not present in the Debian version. ** Affects: icu (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to icu in Ubuntu. https://bugs.launchpad.net/bugs/1939728 Title: Please merge icu 67.1-7 (main) from Debian unstable Status in icu package in Ubuntu: New Bug description: This requires a merge because there are changes in the Ubuntu version not present in the Debian version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/icu/+bug/1939728/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1815101] Re: [master] Restarting systemd-networkd breaks keepalived, heartbeat, corosync, pacemaker (interface aliases are restarted)
Thanks Maanus for all the testing. Much appreciated. I'll take care of the rest in a couple of days with Lukasz. Package needs to stay in proposed for a couple more days (minimum 7 days) - Eric ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1815101 Title: [master] Restarting systemd-networkd breaks keepalived, heartbeat, corosync, pacemaker (interface aliases are restarted) Status in netplan: Confirmed Status in heartbeat package in Ubuntu: Won't Fix Status in keepalived package in Ubuntu: In Progress Status in systemd package in Ubuntu: In Progress Status in keepalived source package in Xenial: Confirmed Status in systemd source package in Xenial: Won't Fix Status in keepalived source package in Bionic: Confirmed Status in systemd source package in Bionic: Fix Committed Status in systemd source package in Disco: Won't Fix Status in systemd source package in Eoan: Fix Released Status in keepalived source package in Focal: Confirmed Status in systemd source package in Focal: Fix Released Bug description: [impact] - ALL related HA software has a small problem if interfaces are being managed by systemd-networkd: nic restarts/reconfigs are always going to wipe all interfaces aliases when HA software is not expecting it to (no coordination between them. - keepalived, smb ctdb, pacemaker, all suffer from this. Pacemaker is smarter in this case because it has a service monitor that will restart the virtual IP resource, in affected node & nic, before considering a real failure, but other HA service might consider a real failure when it is not. [test case] - comment #14 is a full test case: to have 3 node pacemaker, in that example, and cause a networkd service restart: it will trigger a failure for the virtual IP resource monitor. - other example is given in the original description for keepalived. both suffer from the same issue (and other HA softwares as well). [regression potential] - this backports KeepConfiguration parameter, which adds some significant complexity to networkd's configuration and behavior, which could lead to regressions in correctly configuring the network at networkd start, or incorrectly maintaining configuration at networkd restart, or losing network state at networkd stop. - Any regressions are most likely to occur during networkd start, restart, or stop, and most likely to involve missing or incorrect ip address(es). - the change is based in upstream patches adding the exact feature we needed to fix this issue & it will be integrated with a netplan change to add the needed stanza to systemd nic configuration file (KeepConfiguration=) [other info] original description: --- Configure netplan for interfaces, for example (a working config with IP addresses obfuscated) network: ethernets: eth0: addresses: [192.168.0.5/24] dhcp4: false nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] eth2: addresses: - 12.13.14.18/29 - 12.13.14.19/29 gateway4: 12.13.14.17 dhcp4: false nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] eth3: addresses: [10.22.11.6/24] dhcp4: false nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] eth4: addresses: [10.22.14.6/24] dhcp4: false nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] eth7: addresses: [9.5.17.34/29] dhcp4: false optional: true nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] version: 2 Configure keepalived (again, a working config with IP addresses obfuscated) global_defs # Block id { notification_email { sysadm...@blah.com } notification_email_from keepali...@system3.hq.blah.com smtp_server 10.22.11.7 # IP smtp_connect_timeout 30 # integer, seconds router_id system3 # string identifying the machine, # (doesn't have to be hostname). vrrp_mcast_group4 224.0.0.18 # optional, default 224.
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: New Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1928989] Re: expiring trust anchor compatibility issue
python3.5 ADT regression is in xenial-updates regression, because the test certificates it uses have expired. ** Tags removed: verification-needed verification-needed-xenial ** Tags added: verification-done verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1928989 Title: expiring trust anchor compatibility issue Status in openssl package in Ubuntu: Fix Released Status in openssl source package in Trusty: New Status in openssl source package in Xenial: Fix Committed Bug description: [Impact] * openssl fails to talk to letsencrypt website past September 2021, despite trusting the letsencrypt root certificate. [Test Plan] * Import staging cert equivalent to ISRG Root X1 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem * Import expired staging cert equivalen tto DST Root CA X3 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem * Test connectivity to the expired-root-ca test website https://expired-root-ca-test.germancoding.com setup: apt install openssl ca-certificates wget wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem cat letsencrypt-stg-root-x1.pem letsencrypt-stg-root-dst.pem >> ca.pem test case: openssl s_client -connect expired-root-ca-test.germancoding.com:443 -servername expired-root-ca-test.germancoding.com -verify 1 -verifyCAfile ca.pem bad result: connection failed verify depth is 1 CONNECTED(0003) depth=3 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Doctored Durian Root CA X3 verify error:num=10:certificate has expired notAfter=Jan 30 14:01:15 2021 GMT 140672978626200:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264: good result: connection successful verify depth is 1 CONNECTED(0003) depth=2 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Pretend Pear X1 verify return:1 depth=1 C = US, O = (STAGING) Let's Encrypt, CN = (STAGING) Artificial Apricot R3 verify return:1 depth=0 CN = expired-root-ca-test.germancoding.com verify return:1 --- Certificate chain 0 s:/CN=expired-root-ca-test.germancoding.com i:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 1 s:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 2 s:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Doctored Durian Root CA X3 --- Server certificate -BEGIN CERTIFICATE- Connection should be successful and trusted with correctly working openssl s_client that can manage to ignore expired CA, and build a valid trust path using non-expired CA in the chain. [Testcase #2] $ sudo apt install ca-certificates wget faketime # Good connectivity $ wget -O /dev/null https://canonical.com --2021-07-13 11:54:20-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2b, 2001:67c:1360:8001::2c, 91.189.88.181, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2b|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 30933 (30K) [text/html] Saving to: '/dev/null' /dev/null 100%[>] 30.21K --.-KB/sin 0.001s 2021-07-13 11:54:20 (22.3 MB/s) - '/dev/null' saved [30933/30933] # Jump to october to experience failure $ faketime '2021-10-01' wget -O /dev/null https://canonical.com --2021-10-01 00:00:00-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2b, 2001:67c:1360:8001::2c, 91.189.88.181, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2b|:443... connected. ERROR: cannot verify canonical.com's certificate, issued by 'CN=R3,O=Let\'s Encrypt,C=US': Issued certificate has expired. To connect to canonical.com insecurely, use `--no-check-certificate'. # upgrade to new openssl, to see that connectivity is restored, even in october $ dpkg-query -W libssl1.0.0 libssl1.0.0:amd64 1.0.2g-1ubuntu4.20 $ faketime '2021-10-01' wget -O /dev/null https://canonical.com --2021-10-01 00:00:00-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2c, 2001:67c:1360:8001::2b, 91.189.88.180, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2c|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 30933 (30K) [text/html] Saving to: '/dev/null' /dev/null 100%[>] 30.21K --.-KB/sin
[Touch-packages] [Bug 1928989] Re: expiring trust anchor compatibility issue
Download of canonical.com with faketime 2021-10-01 also works. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1928989 Title: expiring trust anchor compatibility issue Status in openssl package in Ubuntu: Fix Released Status in openssl source package in Trusty: New Status in openssl source package in Xenial: Fix Committed Bug description: [Impact] * openssl fails to talk to letsencrypt website past September 2021, despite trusting the letsencrypt root certificate. [Test Plan] * Import staging cert equivalent to ISRG Root X1 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem * Import expired staging cert equivalen tto DST Root CA X3 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem * Test connectivity to the expired-root-ca test website https://expired-root-ca-test.germancoding.com setup: apt install openssl ca-certificates wget wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem cat letsencrypt-stg-root-x1.pem letsencrypt-stg-root-dst.pem >> ca.pem test case: openssl s_client -connect expired-root-ca-test.germancoding.com:443 -servername expired-root-ca-test.germancoding.com -verify 1 -verifyCAfile ca.pem bad result: connection failed verify depth is 1 CONNECTED(0003) depth=3 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Doctored Durian Root CA X3 verify error:num=10:certificate has expired notAfter=Jan 30 14:01:15 2021 GMT 140672978626200:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264: good result: connection successful verify depth is 1 CONNECTED(0003) depth=2 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Pretend Pear X1 verify return:1 depth=1 C = US, O = (STAGING) Let's Encrypt, CN = (STAGING) Artificial Apricot R3 verify return:1 depth=0 CN = expired-root-ca-test.germancoding.com verify return:1 --- Certificate chain 0 s:/CN=expired-root-ca-test.germancoding.com i:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 1 s:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 2 s:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Doctored Durian Root CA X3 --- Server certificate -BEGIN CERTIFICATE- Connection should be successful and trusted with correctly working openssl s_client that can manage to ignore expired CA, and build a valid trust path using non-expired CA in the chain. [Testcase #2] $ sudo apt install ca-certificates wget faketime # Good connectivity $ wget -O /dev/null https://canonical.com --2021-07-13 11:54:20-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2b, 2001:67c:1360:8001::2c, 91.189.88.181, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2b|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 30933 (30K) [text/html] Saving to: '/dev/null' /dev/null 100%[>] 30.21K --.-KB/sin 0.001s 2021-07-13 11:54:20 (22.3 MB/s) - '/dev/null' saved [30933/30933] # Jump to october to experience failure $ faketime '2021-10-01' wget -O /dev/null https://canonical.com --2021-10-01 00:00:00-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2b, 2001:67c:1360:8001::2c, 91.189.88.181, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2b|:443... connected. ERROR: cannot verify canonical.com's certificate, issued by 'CN=R3,O=Let\'s Encrypt,C=US': Issued certificate has expired. To connect to canonical.com insecurely, use `--no-check-certificate'. # upgrade to new openssl, to see that connectivity is restored, even in october $ dpkg-query -W libssl1.0.0 libssl1.0.0:amd64 1.0.2g-1ubuntu4.20 $ faketime '2021-10-01' wget -O /dev/null https://canonical.com --2021-10-01 00:00:00-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2c, 2001:67c:1360:8001::2b, 91.189.88.180, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2c|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 30933 (30K) [text/html] Saving to: '/dev/null' /dev/null 100%[>] 30.21K --.-KB/sin 0.001s 2021-10-01 00:00:00 (21.9 MB/s) - '/dev/null' saved [30933/30933] [Where problems could occur] * Changes as to how the trust paths are built in TLS conn
[Touch-packages] [Bug 1928989] Re: expiring trust anchor compatibility issue
ruby2.3 is not a regression on all other arches, not sure why s390x is the only "working" arch with failing test. retried psqlodbc -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1928989 Title: expiring trust anchor compatibility issue Status in openssl package in Ubuntu: Fix Released Status in openssl source package in Trusty: New Status in openssl source package in Xenial: Fix Committed Bug description: [Impact] * openssl fails to talk to letsencrypt website past September 2021, despite trusting the letsencrypt root certificate. [Test Plan] * Import staging cert equivalent to ISRG Root X1 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem * Import expired staging cert equivalen tto DST Root CA X3 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem * Test connectivity to the expired-root-ca test website https://expired-root-ca-test.germancoding.com setup: apt install openssl ca-certificates wget wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem cat letsencrypt-stg-root-x1.pem letsencrypt-stg-root-dst.pem >> ca.pem test case: openssl s_client -connect expired-root-ca-test.germancoding.com:443 -servername expired-root-ca-test.germancoding.com -verify 1 -verifyCAfile ca.pem bad result: connection failed verify depth is 1 CONNECTED(0003) depth=3 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Doctored Durian Root CA X3 verify error:num=10:certificate has expired notAfter=Jan 30 14:01:15 2021 GMT 140672978626200:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264: good result: connection successful verify depth is 1 CONNECTED(0003) depth=2 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Pretend Pear X1 verify return:1 depth=1 C = US, O = (STAGING) Let's Encrypt, CN = (STAGING) Artificial Apricot R3 verify return:1 depth=0 CN = expired-root-ca-test.germancoding.com verify return:1 --- Certificate chain 0 s:/CN=expired-root-ca-test.germancoding.com i:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 1 s:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 2 s:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Doctored Durian Root CA X3 --- Server certificate -BEGIN CERTIFICATE- Connection should be successful and trusted with correctly working openssl s_client that can manage to ignore expired CA, and build a valid trust path using non-expired CA in the chain. [Testcase #2] $ sudo apt install ca-certificates wget faketime # Good connectivity $ wget -O /dev/null https://canonical.com --2021-07-13 11:54:20-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2b, 2001:67c:1360:8001::2c, 91.189.88.181, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2b|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 30933 (30K) [text/html] Saving to: '/dev/null' /dev/null 100%[>] 30.21K --.-KB/sin 0.001s 2021-07-13 11:54:20 (22.3 MB/s) - '/dev/null' saved [30933/30933] # Jump to october to experience failure $ faketime '2021-10-01' wget -O /dev/null https://canonical.com --2021-10-01 00:00:00-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2b, 2001:67c:1360:8001::2c, 91.189.88.181, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2b|:443... connected. ERROR: cannot verify canonical.com's certificate, issued by 'CN=R3,O=Let\'s Encrypt,C=US': Issued certificate has expired. To connect to canonical.com insecurely, use `--no-check-certificate'. # upgrade to new openssl, to see that connectivity is restored, even in october $ dpkg-query -W libssl1.0.0 libssl1.0.0:amd64 1.0.2g-1ubuntu4.20 $ faketime '2021-10-01' wget -O /dev/null https://canonical.com --2021-10-01 00:00:00-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2c, 2001:67c:1360:8001::2b, 91.189.88.180, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2c|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 30933 (30K) [text/html] Saving to: '/dev/null' /dev/null 100%[>] 30.21K --.-KB/sin 0.001s 2021-10-01 00:00:00 (21.9 MB/s) - '/dev/null' saved [30933/30933] [Where problems could
[Touch-packages] [Bug 1928989] Re: expiring trust anchor compatibility issue
Reproduced the bug with: # dpkg-query -W libssl1.0.0 openssl libssl1.0.0:amd64 1.0.2g-1ubuntu4.19 openssl 1.0.2g-1ubuntu4.19 # openssl s_client -connect expired-root-ca-test.germancoding.com:443 -servername expired-root-ca-test.germancoding.com -verify 1 -verifyCAfile ca.pem verify depth is 1 CONNECTED(0003) depth=3 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Doctored Durian Root CA X3 verify error:num=10:certificate has expired notAfter=Jan 30 14:01:15 2021 GMT 140540576667288:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264: # upgrading # dpkg-query -W libssl1.0.0 openssl libssl1.0.0:amd64 1.0.2g-1ubuntu4.20 openssl 1.0.2g-1ubuntu4.20 # # openssl s_client -connect expired-root-ca-test.germancoding.com:443 -servername expired-root-ca-test.germancoding.com -verify 1 -verifyCAfile ca.pem verify depth is 1 CONNECTED(0003) depth=2 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Pretend Pear X1 verify return:1 depth=1 C = US, O = (STAGING) Let's Encrypt, CN = (STAGING) Artificial Apricot R3 verify return:1 depth=0 CN = expired-root-ca-test.germancoding.com verify return:1 --- Certificate chain 0 s:/CN=expired-root-ca-test.germancoding.com i:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 1 s:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 2 s:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Doctored Durian Root CA X3 --- Server certificate -BEGIN CERTIFICATE- MIIGgTCCBWmgAwIBAgITAPqeXD5BcpT3tXI8aoDSYano7DANBgkqhkiG9w0BAQsF connection is successful. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1928989 Title: expiring trust anchor compatibility issue Status in openssl package in Ubuntu: Fix Released Status in openssl source package in Trusty: New Status in openssl source package in Xenial: Fix Committed Bug description: [Impact] * openssl fails to talk to letsencrypt website past September 2021, despite trusting the letsencrypt root certificate. [Test Plan] * Import staging cert equivalent to ISRG Root X1 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem * Import expired staging cert equivalen tto DST Root CA X3 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem * Test connectivity to the expired-root-ca test website https://expired-root-ca-test.germancoding.com setup: apt install openssl ca-certificates wget wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem cat letsencrypt-stg-root-x1.pem letsencrypt-stg-root-dst.pem >> ca.pem test case: openssl s_client -connect expired-root-ca-test.germancoding.com:443 -servername expired-root-ca-test.germancoding.com -verify 1 -verifyCAfile ca.pem bad result: connection failed verify depth is 1 CONNECTED(0003) depth=3 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Doctored Durian Root CA X3 verify error:num=10:certificate has expired notAfter=Jan 30 14:01:15 2021 GMT 140672978626200:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264: good result: connection successful verify depth is 1 CONNECTED(0003) depth=2 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Pretend Pear X1 verify return:1 depth=1 C = US, O = (STAGING) Let's Encrypt, CN = (STAGING) Artificial Apricot R3 verify return:1 depth=0 CN = expired-root-ca-test.germancoding.com verify return:1 --- Certificate chain 0 s:/CN=expired-root-ca-test.germancoding.com i:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 1 s:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 2 s:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Doctored Durian Root CA X3 --- Server certificate -BEGIN CERTIFICATE- Connection should be successful and trusted with correctly working openssl s_client that can manage to ignore expired CA, and build a valid trust path using non-expired CA in the chain. [Testcase #2] $ sudo apt install ca-certificates wget faketime # Good connectivity $ wget -O /dev/null https://canonical.com --2021-07-13 11:54:20-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2b, 2001:67c:1360:8001::2c, 91.
[Touch-packages] [Bug 1918925] Re: Rendering SVG is broken
** Tags added: bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to librsvg in Ubuntu. https://bugs.launchpad.net/bugs/1918925 Title: Rendering SVG is broken Status in librsvg package in Ubuntu: New Bug description: I'm not sure what pacakge this is related maybe core Cairo library. I have SVG file generated by new version of R library svglite version 2.0 and I'm not able to convert it to JPG and PNG correctly. The same happen also when I open default program on Ubuntu with installed XFce. The same happen on Docker that also have version 18.04. I'm attaching the svg and jpeg generated from that file. The last change in `svglite` R library was something with clip-path, but I've removed all `clip-`path from the file and the issue still happen. Just checked again and it seems that imageMagick works fine (convert command), but with `rsvg-convert` give black boxes on the graph. The same happen with default XFce image viewer. It works fine in Chrome and Inkscape. I'm not sure what did changed, but it was giving issue also with image magick (convert command) when I had fresh installation, but I've installed lot of packages including libmagick++-dev. Also magick library for R don't work. It give same issue as `rsvg- convert`, but that library use libmagick shared libraries directly and don't use `convert` command. I was checking my other laptop with Fedora 32 and it works fine there. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/1918925/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
Actually, I *can* reproduce the bug using git HEAD. As it turns out I was using an incomplete set of build flags that didn't trigger the problem. So yeah, the problem is still present in git HEAD. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: New Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1934501] Re: CVE-2018-15473 patch introduce user enumeration vulnerability
Here's the debconf bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1934501 Title: CVE-2018-15473 patch introduce user enumeration vulnerability Status in openssh package in Ubuntu: Fix Released Bug description: I was recently using a 18.04 machine and noticed that the result of connecting to ssh with an arbitrary public key varied depending if the user was valid. After some investigation, it appears to only be present when CVE-2018-15473.patch has been applied. Directly pulling a 18.04 docker image and installing openssh server (currently 1:7.6p1-4ubuntu0.3) results in a trivial user enumeration vulnerability in the default config. Below shows the setup of environment: $ docker pull ubuntu:18.04 18.04: Pulling from library/ubuntu Digest: sha256:139b3846cee2e63de9ced83cee7023a2d95763ee2573e5b0ab6dea9dfbd4db8f Status: Image is up to date for ubuntu:18.04 docker.io/library/ubuntu:18.04 $ docker run -t -i --rm -e TERM=${TERM} ubuntu:18.04 root@75569fbf0b03:/# apt update ...snip... root@75569fbf0b03:/# apt install openssh-server ...snip... root@75569fbf0b03:/# dpkg-query -l openssh\* Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++--=-=-= ii openssh-client 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) client, for secure access to remote machines ii openssh-server 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) server, for secure access from remote machines ii openssh-sftp-server 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines root@75569fbf0b03:/# mkdir /run/sshd root@75569fbf0b03:/# /usr/sbin/sshd -D Then to perform user enumeration, connecting with a public key results in user enumeration: * in the following id_rsa-dummy.pub is removed as it slightly changes message flow * I have not checked different versions of the ssh client $ ssh -V OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 $ ssh-keygen -t rsa -C dummy -P '' -f id_rsa-dummy $ rm id_rsa-dummy.pub $ ssh -i id_rsa-dummy invalid@172.17.0.2 Connection closed by 172.17.0.2 port 22 $ ssh -i id_rsa-dummy root@172.17.0.2 root@172.17.0.2's password: That is, when invalid users are provided to public key auth the connection is closed by the server. Otherwise, it will move onto the next auth method. This can be improved by adding "ssh -o PasswordAuthentication=no" when connecting to avoid password prompt and get an easy to script error message. I have verified that this behaviour is present after starting with original source and only applying CVE-2018-15473.patch from the openssh_7.6p1-4ubuntu0.3.debian.tar.xz archive. Without this patch this behaviour is not present. $ md5sum openssh-7.6p1.tar.gz debian/patches/CVE-2018-15473.patch 06a88699018e5fef13d4655abfed1f63 openssh-7.6p1.tar.gz 6101d47f542690b0c5e354ec8b8a70a1 debian/patches/CVE-2018-15473.patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1934501/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1934501] Re: CVE-2018-15473 patch introduce user enumeration vulnerability
This isn't specific to the openssh update. Debian packages use tools such as debconf that need to write to /tmp to function correctly. ** Bug watch added: Debian Bug tracker #223683 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1934501 Title: CVE-2018-15473 patch introduce user enumeration vulnerability Status in openssh package in Ubuntu: Fix Released Bug description: I was recently using a 18.04 machine and noticed that the result of connecting to ssh with an arbitrary public key varied depending if the user was valid. After some investigation, it appears to only be present when CVE-2018-15473.patch has been applied. Directly pulling a 18.04 docker image and installing openssh server (currently 1:7.6p1-4ubuntu0.3) results in a trivial user enumeration vulnerability in the default config. Below shows the setup of environment: $ docker pull ubuntu:18.04 18.04: Pulling from library/ubuntu Digest: sha256:139b3846cee2e63de9ced83cee7023a2d95763ee2573e5b0ab6dea9dfbd4db8f Status: Image is up to date for ubuntu:18.04 docker.io/library/ubuntu:18.04 $ docker run -t -i --rm -e TERM=${TERM} ubuntu:18.04 root@75569fbf0b03:/# apt update ...snip... root@75569fbf0b03:/# apt install openssh-server ...snip... root@75569fbf0b03:/# dpkg-query -l openssh\* Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++--=-=-= ii openssh-client 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) client, for secure access to remote machines ii openssh-server 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) server, for secure access from remote machines ii openssh-sftp-server 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines root@75569fbf0b03:/# mkdir /run/sshd root@75569fbf0b03:/# /usr/sbin/sshd -D Then to perform user enumeration, connecting with a public key results in user enumeration: * in the following id_rsa-dummy.pub is removed as it slightly changes message flow * I have not checked different versions of the ssh client $ ssh -V OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 $ ssh-keygen -t rsa -C dummy -P '' -f id_rsa-dummy $ rm id_rsa-dummy.pub $ ssh -i id_rsa-dummy invalid@172.17.0.2 Connection closed by 172.17.0.2 port 22 $ ssh -i id_rsa-dummy root@172.17.0.2 root@172.17.0.2's password: That is, when invalid users are provided to public key auth the connection is closed by the server. Otherwise, it will move onto the next auth method. This can be improved by adding "ssh -o PasswordAuthentication=no" when connecting to avoid password prompt and get an easy to script error message. I have verified that this behaviour is present after starting with original source and only applying CVE-2018-15473.patch from the openssh_7.6p1-4ubuntu0.3.debian.tar.xz archive. Without this patch this behaviour is not present. $ md5sum openssh-7.6p1.tar.gz debian/patches/CVE-2018-15473.patch 06a88699018e5fef13d4655abfed1f63 openssh-7.6p1.tar.gz 6101d47f542690b0c5e354ec8b8a70a1 debian/patches/CVE-2018-15473.patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1934501/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1918925] Re: Rendering SVG is broken
** Package changed: ubuntu => librsvg (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to librsvg in Ubuntu. https://bugs.launchpad.net/bugs/1918925 Title: Rendering SVG is broken Status in librsvg package in Ubuntu: New Bug description: I'm not sure what pacakge this is related maybe core Cairo library. I have SVG file generated by new version of R library svglite version 2.0 and I'm not able to convert it to JPG and PNG correctly. The same happen also when I open default program on Ubuntu with installed XFce. The same happen on Docker that also have version 18.04. I'm attaching the svg and jpeg generated from that file. The last change in `svglite` R library was something with clip-path, but I've removed all `clip-`path from the file and the issue still happen. Just checked again and it seems that imageMagick works fine (convert command), but with `rsvg-convert` give black boxes on the graph. The same happen with default XFce image viewer. It works fine in Chrome and Inkscape. I'm not sure what did changed, but it was giving issue also with image magick (convert command) when I had fresh installation, but I've installed lot of packages including libmagick++-dev. Also magick library for R don't work. It give same issue as `rsvg- convert`, but that library use libmagick shared libraries directly and don't use `convert` command. I was checking my other laptop with Fedora 32 and it works fine there. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/1918925/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1045790] Re: Rendering error on OCAL website
** Bug watch added: gitlab.gnome.org/GNOME/librsvg/-/issues #60 https://gitlab.gnome.org/GNOME/librsvg/-/issues/60 ** Changed in: librsvg Importance: Medium => Unknown ** Changed in: librsvg Status: Expired => Unknown ** Changed in: librsvg Remote watch: GNOME Bug Tracker #670398 => gitlab.gnome.org/GNOME/librsvg/-/issues #60 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to librsvg in Ubuntu. https://bugs.launchpad.net/bugs/1045790 Title: Rendering error on OCAL website Status in librsvg: Unknown Status in openclipart: Invalid Status in librsvg package in Ubuntu: Triaged Bug description: I uploaded an SVG that is a map of the UK and Ireland http://openclipart.org/detail/171939/uk-and-ireland-by- hellocatfood-171939 It was generated in Inkscape and then cleaned up using SVG Cleaner In Inkscape, GIMP and the Firefox SVG preview it displays correctly, but on OCAL it looks very weird! Steps to reproduce: Download the original SVG https://bugs.launchpad.net/librsvg/+bug/1045790/+attachment/3302221/+files/uk-ireland-vector_original.svg Download and install SVG Cleaner https://github.com/RazrFalcon/SVGCleaner/ Run SVG Cleaner on the folder containing the SVG Look at the thumbnail preview on programs that use librsvg (Open Clip Art Library, Nautilus) To manage notifications about this bug go to: https://bugs.launchpad.net/librsvg/+bug/1045790/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1918925] [NEW] Rendering SVG is broken
You have been subscribed to a public bug: I'm not sure what pacakge this is related maybe core Cairo library. I have SVG file generated by new version of R library svglite version 2.0 and I'm not able to convert it to JPG and PNG correctly. The same happen also when I open default program on Ubuntu with installed XFce. The same happen on Docker that also have version 18.04. I'm attaching the svg and jpeg generated from that file. The last change in `svglite` R library was something with clip-path, but I've removed all `clip-`path from the file and the issue still happen. Just checked again and it seems that imageMagick works fine (convert command), but with `rsvg-convert` give black boxes on the graph. The same happen with default XFce image viewer. It works fine in Chrome and Inkscape. I'm not sure what did changed, but it was giving issue also with image magick (convert command) when I had fresh installation, but I've installed lot of packages including libmagick++-dev. Also magick library for R don't work. It give same issue as `rsvg- convert`, but that library use libmagick shared libraries directly and don't use `convert` command. I was checking my other laptop with Fedora 32 and it works fine there. ** Affects: librsvg (Ubuntu) Importance: Undecided Status: New ** Tags: bot-comment -- Rendering SVG is broken https://bugs.launchpad.net/bugs/1918925 You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to librsvg in Ubuntu. -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1938983] Re: missing modules after 5.11.0-25-generic update
It would appear that this bug report should refer to the kernel version, so I have opened a new bug report; #1939635 see https://bugs.launchpad.net/ubuntu/+source/linux-hwe-5.11/+bug/1939635, and check whether it affects you. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1938983 Title: missing modules after 5.11.0-25-generic update Status in initramfs-tools package in Ubuntu: Confirmed Bug description: After updating to kernel 5.11.0-25-generic wireless driver failed to recognize WiFi card. Possible reasons/symptoms: $ sudo update-initramfs -u -k all update-initramfs: Generating /boot/initrd.img-5.11.0-25-generic W: Possible missing firmware /lib/firmware/i915/skl_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/bxt_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/kbl_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/glk_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/kbl_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/kbl_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/cml_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/icl_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/ehl_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/ehl_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/tgl_huc_7.5.0.bin for module i915 W: Possible missing firmware /lib/firmware/i915/tgl_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/tgl_huc_7.5.0.bin for module i915 W: Possible missing firmware /lib/firmware/i915/tgl_guc_49.0.1.bin for module i915 W: Possible missing firmware /lib/firmware/i915/dg1_dmc_ver2_02.bin for module i915 update-initramfs: Generating /boot/initrd.img-5.8.0-63-generic $ lsb_release -a LSB Version: core-11.1.0ubuntu2-noarch:security-11.1.0ubuntu2-noarch Distributor ID: Ubuntu Description: July2021 Release: 20.04 Codename: focal Workaround: connected Ethernet. (Inconvenient) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1938983/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1932010] Comment bridged from LTC Bugzilla
--- Comment From i...@de.ibm.com 2021-08-12 11:39 EDT--- Thanks, everything looks good now! # time -p env DFLTCC=0 python3 -c 'import gzip; gzip.decompress(gzip.compress(b"\x00" * 5, 1))' real 2.56 user 2.23 sys 0.33 # sha1sum zlib1g_1.2.11.dfsg-2ubuntu7_s390x.deb 56f20f19ee81e025b6ee26efb803f442aeb2819a zlib1g_1.2.11.dfsg-2ubuntu7_s390x.deb # dpkg -i zlib1g_1.2.11.dfsg-2ubuntu7_s390x.deb # time -p env DFLTCC=0 python3 -c 'import gzip; gzip.decompress(gzip.compress(b"\x00" * 5, 1))' real 1.95 user 1.62 sys 0.32 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to zlib in Ubuntu. https://bugs.launchpad.net/bugs/1932010 Title: [21.10 FEAT] zlib CRC32 optimization for s390x Status in Ubuntu on IBM z Systems: In Progress Status in zlib package in Ubuntu: In Progress Bug description: Use SIMD instructions to accelerate the zlib CRC32 implementation. Business value: Performance improvement in database area The zlib CRC32 optimization for IBM Z is currently being discussed for inclusion into zlib-ng: https://github.com/zlib-ng/zlib-ng/pull/912 The patch for zlib will be based on that. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1932010/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
Good point, Oibaf. I've just tested git HEAD and verified that the bug seems to have been fixed there, indeed. I commented on the bug report. Thanks. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: New Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939413] Re: /usr/lib/aarch64-linux-gnu/libprotobuf.a’ generated with LTO version 9.2 instead of the expected 11.0
rebuilding just hides the issue. need to find out why the lto sections are in the archive. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to protobuf in Ubuntu. https://bugs.launchpad.net/bugs/1939413 Title: /usr/lib/aarch64-linux-gnu/libprotobuf.a’ generated with LTO version 9.2 instead of the expected 11.0 Status in mozc package in Ubuntu: Invalid Status in protobuf package in Ubuntu: Fix Committed Bug description: When trying to build package mozc for arm64 the following error popped up: lto1: fatal error: bytecode stream in file ‘/usr/lib/aarch64-linux- gnu/libprotobuf.a’ generated with LTO version 9.2 instead of the expected 11.0 Why does the library contain LTO information at all? Best regards Heinrich To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mozc/+bug/1939413/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939616] Re: u-r-u should leave a breadcrumb indicating a dist-upgrade is in progress
** Tags added: fr-1611 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1939616 Title: u-r-u should leave a breadcrumb indicating a dist-upgrade is in progress Status in apport package in Ubuntu: New Status in ubuntu-release-upgrader package in Ubuntu: New Status in update-notifier package in Ubuntu: New Bug description: Looking at the source code of ubuntu-release-upgrader it looks like an environment variable, RELEASE_UPGRADE_IN_PROGRESS, is set when an upgrade is being performed. However, it would be better if there was an indication that other programs, e.g. apport, could use to tell whether or not a release upgrade was in progress. This came up as we saw some crash reports in the error tracker that didn't make sense and a possible explanation is that a release upgrade was in progress. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1939616/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1928200] Re: Prompt error message "Failed to unmount /oldroot" when shutdown or reboot
** Changed in: oem-priority Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1928200 Title: Prompt error message "Failed to unmount /oldroot" when shutdown or reboot Status in OEM Priority Project: Fix Released Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Focal: Fix Released Bug description: [impact] root fs is not cleanly unmounted on shutdown [test case] create a file in /etc/binfmt.d/TestFormat.conf with the following content: :TestFormat:M::XX::/bin/true:F reboot the system, and then shutdown or reboot again, and watch the serial console for the error message: sd-umount[1334]: Failed to unmount /oldroot: Device or resource busy [regression potential] any regression would likely cause problems on shutdown and/or reboot, or may cause problems with unmounted root fs on shutdown/reboot [scope] this is needed only for f this is fixed upstream with PR 15566 which is included in v246, so this is fixed already in g and later this isn't reproducable on b [original description] On ubuntu 20.04, with latest kernel and systemd, it will show error on ThinkPad X1. sd-umount[1334]: Failed to unmount /oldroot: Device or resource busy systemd 245.4-4ubuntu3.6 kernel: 5.8.0-53 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1928200/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
I have filed an upstream bug report: https://bugs.chromium.org/p/webm/issues/detail?id=1736 Unfortunately it seems like a Google account is needed in order to view/comment on it. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: New Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
Did you eventually try if the issue is reproducible also with libvpx 1.10? It has some compiler fixes. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: New Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1934501] Re: CVE-2018-15473 patch introduce user enumeration vulnerability
Hi. I believe my Ubuntu systems just received this patch and I believe it failed to install: Can't exec "/tmp/openssh-server.config.neW0Pf": Permission denied at /usr/share/perl/5.26/IPC/Open3.pm line 178. open2: exec of /tmp/openssh-server.config.neW0Pf configure 1:7.6p1-4ubuntu0.3 failed: Permission denied at /usr/share/perl5/Debconf/ConfModule.pm line 59. - I think this is due to the fact I have noexec on /tmp. Is it possible to bundle the changes in the package instead of putting a random temporary file in /tmp and attempt to execute it? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1934501 Title: CVE-2018-15473 patch introduce user enumeration vulnerability Status in openssh package in Ubuntu: Fix Released Bug description: I was recently using a 18.04 machine and noticed that the result of connecting to ssh with an arbitrary public key varied depending if the user was valid. After some investigation, it appears to only be present when CVE-2018-15473.patch has been applied. Directly pulling a 18.04 docker image and installing openssh server (currently 1:7.6p1-4ubuntu0.3) results in a trivial user enumeration vulnerability in the default config. Below shows the setup of environment: $ docker pull ubuntu:18.04 18.04: Pulling from library/ubuntu Digest: sha256:139b3846cee2e63de9ced83cee7023a2d95763ee2573e5b0ab6dea9dfbd4db8f Status: Image is up to date for ubuntu:18.04 docker.io/library/ubuntu:18.04 $ docker run -t -i --rm -e TERM=${TERM} ubuntu:18.04 root@75569fbf0b03:/# apt update ...snip... root@75569fbf0b03:/# apt install openssh-server ...snip... root@75569fbf0b03:/# dpkg-query -l openssh\* Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++--=-=-= ii openssh-client 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) client, for secure access to remote machines ii openssh-server 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) server, for secure access from remote machines ii openssh-sftp-server 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines root@75569fbf0b03:/# mkdir /run/sshd root@75569fbf0b03:/# /usr/sbin/sshd -D Then to perform user enumeration, connecting with a public key results in user enumeration: * in the following id_rsa-dummy.pub is removed as it slightly changes message flow * I have not checked different versions of the ssh client $ ssh -V OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 $ ssh-keygen -t rsa -C dummy -P '' -f id_rsa-dummy $ rm id_rsa-dummy.pub $ ssh -i id_rsa-dummy invalid@172.17.0.2 Connection closed by 172.17.0.2 port 22 $ ssh -i id_rsa-dummy root@172.17.0.2 root@172.17.0.2's password: That is, when invalid users are provided to public key auth the connection is closed by the server. Otherwise, it will move onto the next auth method. This can be improved by adding "ssh -o PasswordAuthentication=no" when connecting to avoid password prompt and get an easy to script error message. I have verified that this behaviour is present after starting with original source and only applying CVE-2018-15473.patch from the openssh_7.6p1-4ubuntu0.3.debian.tar.xz archive. Without this patch this behaviour is not present. $ md5sum openssh-7.6p1.tar.gz debian/patches/CVE-2018-15473.patch 06a88699018e5fef13d4655abfed1f63 openssh-7.6p1.tar.gz 6101d47f542690b0c5e354ec8b8a70a1 debian/patches/CVE-2018-15473.patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1934501/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
This patch adds libvpx to the lto-disabled-list package, thus working around the problem and disabling LTO for libvpx. ** Patch added: "fix-ftbfs-libvpx-lto.patch" https://bugs.launchpad.net/ubuntu/+source/lto-disabled-list/+bug/1939640/+attachment/5517532/+files/fix-ftbfs-libvpx-lto.patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: New Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939640] Re: libvpx FTBFS with LTO enabled
** Changed in: lto-disabled-list (Ubuntu) Assignee: (unassigned) => Sergio Durigan Junior (sergiodj) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libvpx in Ubuntu. https://bugs.launchpad.net/bugs/1939640 Title: libvpx FTBFS with LTO enabled Status in libvpx package in Ubuntu: Confirmed Status in lto-disabled-list package in Ubuntu: New Bug description: libvpx FTBFS with LTO enabled on GCC 11, as can be seen here: https://people.canonical.com/~doko/ftbfs-report/test- rebuild-20210805-impish-impish.html#ubuntu-server https://launchpadlibrarian.net/552670245/buildlog_ubuntu-impish- amd64.libvpx_1.9.0-1_BUILDING.txt.gz g++ -Wl,-Bsymbolic-functions -flto=auto -Wl,-z,relro -Wl,-z,now -m64 -o test_libvpx ivfenc.c.o md5_utils.c.o test/active_map_refresh_test.cc.o test/active_map_test.cc.o test/alt_ref_aq_segment_test.cc.o test/altref_test.cc.o test/aq_segment_test.cc.o test/bench.cc.o test/borders_test.cc.o test/byte_alignment_test.cc.o test/config_test.cc.o test/cpu_speed_test.cc.o test/cq_test.cc.o test/decode_api_test.cc.o test/decode_corrupted.cc.o test/decode_svc_test.cc.o test/decode_test_driver.cc.o test/encode_api_test.cc.o test/encode_test_driver.cc.o test/error_resilience_test.cc.o test/external_frame_buffer_test.cc.o test/frame_size_tests.cc.o test/invalid_file_test.cc.o test/keyframe_test.cc.o test/level_test.cc.o test/realtime_test.cc.o test/resize_test.cc.o test/svc_datarate_test.cc.o test/svc_end_to_end_test.cc.o test/svc_test.cc.o test/test_libvpx.cc.o test/test_vector_test.cc.o test/test_vectors.cc.o test/timestamp_test.cc.o test/user_priv_test.cc.o test/vp8_datarate_test.cc.o test/vp9_datarate_test.cc.o test/vp9_end_to_end_test.cc.o test/vp9_ethread_test.cc.o test/vp9_lossless_test.cc.o test/vp9_motion_vector_test.cc.o test/vp9_skip_loopfilter_test.cc.o test/y4m_test.cc.o third_party/libwebm/mkvparser/mkvparser.cc.o third_party/libwebm/mkvparser/mkvreader.cc.o webmdec.cc.o y4menc.c.o y4minput.c.o -L. -lvpx -lgtest -lpthread -lm -lpthread ln -sf libvpx.so.6.3.0 vpx-vp8-vp9-x86_64-linux-v1.9.0/lib/libvpx.so.6 /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x1586f): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158a5): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b2): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158b7): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x158dd): undefined reference to `gtest_all.cc.5c9bdf8f' /usr/bin/ld: /tmp/ccsyaUhJ.ltrans0.ltrans.o:(.debug_info+0x15903): more undefined references to `gtest_all.cc.5c9bdf8f' follow collect2: error: ld returned 1 exit status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvpx/+bug/1939640/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1153517] Re: evince does not save filled PDF forms
** Tags added: raring -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1153517 Title: evince does not save filled PDF forms Status in Evince: Expired Status in evince package in Ubuntu: Triaged Status in poppler package in Ubuntu: Fix Released Bug description: This looks very similar to bug 153428, but it does not seem to be exactly the same. I am on Raring and open the attached PDF file with a form. I can fill in the form without problems, but if I want to save the form (there is only "Save a copy ..." not "Save", as already complained about in bug 153428) I get the error message The file could not be saved as "...". Document is encrypted The issuer of the form has explicitly allowed to save the filled form. Adobe Reader on 32-bit Precise saves it without problems and with the filled fields (and I can load the saved form with evince on my Raring box and print it with the filled data). To manage notifications about this bug go to: https://bugs.launchpad.net/evince/+bug/1153517/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1934501] Re: CVE-2018-15473 patch introduce user enumeration vulnerability
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1934501 Title: CVE-2018-15473 patch introduce user enumeration vulnerability Status in openssh package in Ubuntu: Fix Released Bug description: I was recently using a 18.04 machine and noticed that the result of connecting to ssh with an arbitrary public key varied depending if the user was valid. After some investigation, it appears to only be present when CVE-2018-15473.patch has been applied. Directly pulling a 18.04 docker image and installing openssh server (currently 1:7.6p1-4ubuntu0.3) results in a trivial user enumeration vulnerability in the default config. Below shows the setup of environment: $ docker pull ubuntu:18.04 18.04: Pulling from library/ubuntu Digest: sha256:139b3846cee2e63de9ced83cee7023a2d95763ee2573e5b0ab6dea9dfbd4db8f Status: Image is up to date for ubuntu:18.04 docker.io/library/ubuntu:18.04 $ docker run -t -i --rm -e TERM=${TERM} ubuntu:18.04 root@75569fbf0b03:/# apt update ...snip... root@75569fbf0b03:/# apt install openssh-server ...snip... root@75569fbf0b03:/# dpkg-query -l openssh\* Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++--=-=-= ii openssh-client 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) client, for secure access to remote machines ii openssh-server 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) server, for secure access from remote machines ii openssh-sftp-server 1:7.6p1-4ubuntu0.3amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines root@75569fbf0b03:/# mkdir /run/sshd root@75569fbf0b03:/# /usr/sbin/sshd -D Then to perform user enumeration, connecting with a public key results in user enumeration: * in the following id_rsa-dummy.pub is removed as it slightly changes message flow * I have not checked different versions of the ssh client $ ssh -V OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 $ ssh-keygen -t rsa -C dummy -P '' -f id_rsa-dummy $ rm id_rsa-dummy.pub $ ssh -i id_rsa-dummy invalid@172.17.0.2 Connection closed by 172.17.0.2 port 22 $ ssh -i id_rsa-dummy root@172.17.0.2 root@172.17.0.2's password: That is, when invalid users are provided to public key auth the connection is closed by the server. Otherwise, it will move onto the next auth method. This can be improved by adding "ssh -o PasswordAuthentication=no" when connecting to avoid password prompt and get an easy to script error message. I have verified that this behaviour is present after starting with original source and only applying CVE-2018-15473.patch from the openssh_7.6p1-4ubuntu0.3.debian.tar.xz archive. Without this patch this behaviour is not present. $ md5sum openssh-7.6p1.tar.gz debian/patches/CVE-2018-15473.patch 06a88699018e5fef13d4655abfed1f63 openssh-7.6p1.tar.gz 6101d47f542690b0c5e354ec8b8a70a1 debian/patches/CVE-2018-15473.patch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1934501/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1815101] Re: [master] Restarting systemd-networkd breaks keepalived, heartbeat, corosync, pacemaker (interface aliases are restarted)
I installed the package from bionic-proposed and performed the test cases using keepalived - VIP is not lost. This resolves it. Thank you! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1815101 Title: [master] Restarting systemd-networkd breaks keepalived, heartbeat, corosync, pacemaker (interface aliases are restarted) Status in netplan: Confirmed Status in heartbeat package in Ubuntu: Won't Fix Status in keepalived package in Ubuntu: In Progress Status in systemd package in Ubuntu: In Progress Status in keepalived source package in Xenial: Confirmed Status in systemd source package in Xenial: Won't Fix Status in keepalived source package in Bionic: Confirmed Status in systemd source package in Bionic: Fix Committed Status in systemd source package in Disco: Won't Fix Status in systemd source package in Eoan: Fix Released Status in keepalived source package in Focal: Confirmed Status in systemd source package in Focal: Fix Released Bug description: [impact] - ALL related HA software has a small problem if interfaces are being managed by systemd-networkd: nic restarts/reconfigs are always going to wipe all interfaces aliases when HA software is not expecting it to (no coordination between them. - keepalived, smb ctdb, pacemaker, all suffer from this. Pacemaker is smarter in this case because it has a service monitor that will restart the virtual IP resource, in affected node & nic, before considering a real failure, but other HA service might consider a real failure when it is not. [test case] - comment #14 is a full test case: to have 3 node pacemaker, in that example, and cause a networkd service restart: it will trigger a failure for the virtual IP resource monitor. - other example is given in the original description for keepalived. both suffer from the same issue (and other HA softwares as well). [regression potential] - this backports KeepConfiguration parameter, which adds some significant complexity to networkd's configuration and behavior, which could lead to regressions in correctly configuring the network at networkd start, or incorrectly maintaining configuration at networkd restart, or losing network state at networkd stop. - Any regressions are most likely to occur during networkd start, restart, or stop, and most likely to involve missing or incorrect ip address(es). - the change is based in upstream patches adding the exact feature we needed to fix this issue & it will be integrated with a netplan change to add the needed stanza to systemd nic configuration file (KeepConfiguration=) [other info] original description: --- Configure netplan for interfaces, for example (a working config with IP addresses obfuscated) network: ethernets: eth0: addresses: [192.168.0.5/24] dhcp4: false nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] eth2: addresses: - 12.13.14.18/29 - 12.13.14.19/29 gateway4: 12.13.14.17 dhcp4: false nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] eth3: addresses: [10.22.11.6/24] dhcp4: false nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] eth4: addresses: [10.22.14.6/24] dhcp4: false nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] eth7: addresses: [9.5.17.34/29] dhcp4: false optional: true nameservers: search: [blah.com, other.blah.com, hq.blah.com, cust.blah.com, phone.blah.com] addresses: [10.22.11.1] version: 2 Configure keepalived (again, a working config with IP addresses obfuscated) global_defs # Block id { notification_email { sysadm...@blah.com } notification_email_from keepali...@system3.hq.blah.com smtp_server 10.22.11.7 # IP smtp_connect_timeout 30 # integer, seconds router_id system3 # string identifying the machine, # (doesn't have to be hostname). vrrp_mcast_group4 224.0.0.18 # optional, default 224.0.0.18 vrrp_mcast_group6 ff02::12 # optional, default ff02::12 enable_traps # enable SNMP traps } v
[Touch-packages] [Bug 1859013] Re: openssh tests use "not valid yet" certificate from 2020, which is now valid
This bug was fixed in the package openssh - 1:7.6p1-4ubuntu0.5 --- openssh (1:7.6p1-4ubuntu0.5) bionic-security; urgency=medium * SECURITY REGRESSION: User enumeration issue (LP: #1934501) - debian/patches/CVE-2018-15473.patch: updated to fix bad patch backport. -- Marc Deslauriers Wed, 11 Aug 2021 14:02:09 -0400 ** Changed in: openssh (Ubuntu Bionic) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-15473 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1859013 Title: openssh tests use "not valid yet" certificate from 2020, which is now valid Status in openssh package in Ubuntu: Fix Released Status in openssh source package in Precise: New Status in openssh source package in Trusty: New Status in openssh source package in Xenial: Fix Released Status in openssh source package in Bionic: Fix Released Status in openssh source package in Disco: Won't Fix Status in openssh source package in Eoan: Fix Released Status in openssh source package in Focal: Fix Released Bug description: [Impact] * regression testsuite uses 1st of January 2020 as the date in the future, however that is now in the past making autpkgtests fail. [Test Case] * Autopkgtest must pass [Regression Potential] * Testsuite assertion update only [Other Info] This is a staged update to be rolled up with any other openssh update in the future. fixed in debian https://tracker.debian.org/news/1092767/accepted- openssh-181p1-4-source-into-unstable/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1859013/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1871794] Re: [Bluetooth] No audio output/input in HSP/HFP mode
Same issue for me. Bluetooth is one of the most annoying issues on Linux. - OS: Ubuntu 20.04.1 LTS - Kernel: 5.4.0-80-generic - Machine: Dell precision M4700 - Headset: Sony WH-CH510 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1871794 Title: [Bluetooth] No audio output/input in HSP/HFP mode Status in bluez package in Ubuntu: Confirmed Status in pulseaudio package in Ubuntu: Fix Released Bug description: I'm testing with Sony bluetooth headset SBH20, works fine in A2DP profile, but I can't get audio input and output work in HSP/HFP profile. [Reproduce steps] 1. Scan and pair BT headset in Bluetooth setting 2. Switch to HSP/HFP profile in Sound setting 3. Test sound output/input [Machine information] ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: pulseaudio 1:13.99.1-1ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27 Uname: Linux 5.4.0-21-generic x86_64 ApportVersion: 2.20.11-0ubuntu25 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: ubuntu 1359 F pulseaudio CurrentDesktop: ubuntu:GNOME Date: Thu Apr 9 16:26:52 2020 InstallationDate: Installed on 2020-04-09 (0 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Beta amd64 (20200402) SourcePackage: pulseaudio Symptom: audio Symptom_Card: SBH20 Symptom_DevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: ubuntu 1359 F pulseaudio Symptom_Type: No sound at all Title: [SBH20, recording] No sound at all UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/17/2019 dmi.bios.vendor: Dell Inc. dmi.bios.version: 1.0.13 dmi.board.name: 0188D1 dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 31 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr1.0.13:bd09/17/2019:svnDellInc.:pnXPS1373902-in-1:pvr:rvnDellInc.:rn0188D1:rvrA00:cvnDellInc.:ct31:cvr: dmi.product.family: XPS dmi.product.name: XPS 13 7390 2-in-1 dmi.product.sku: 08B0 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1871794/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939413] Re: /usr/lib/aarch64-linux-gnu/libprotobuf.a’ generated with LTO version 9.2 instead of the expected 11.0
Thanks for reporting this, Heinrich! It looks like protobuf needs to be built with gcc-11. ** Changed in: protobuf (Ubuntu) Status: New => Fix Committed ** Changed in: protobuf (Ubuntu) Assignee: (unassigned) => Gunnar Hjalmarsson (gunnarhj) ** Changed in: mozc (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to protobuf in Ubuntu. https://bugs.launchpad.net/bugs/1939413 Title: /usr/lib/aarch64-linux-gnu/libprotobuf.a’ generated with LTO version 9.2 instead of the expected 11.0 Status in mozc package in Ubuntu: Invalid Status in protobuf package in Ubuntu: Fix Committed Bug description: When trying to build package mozc for arm64 the following error popped up: lto1: fatal error: bytecode stream in file ‘/usr/lib/aarch64-linux- gnu/libprotobuf.a’ generated with LTO version 9.2 instead of the expected 11.0 Why does the library contain LTO information at all? Best regards Heinrich To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mozc/+bug/1939413/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939658] Re: Several potential bugs of null pointer dereference
** Tags removed: patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libx11 in Ubuntu. https://bugs.launchpad.net/bugs/1939658 Title: Several potential bugs of null pointer dereference Status in libx11 package in Ubuntu: New Bug description: Ubuntu version: 18.04 libx11-xcb-dev version:1.6.2 Hello,I found some potential bugs in package libx11-xcb-dev,and the word file in the attachment I uploaded shows the occurrence process of the bug in a graphical way.Would you help me check whether the bugs mentioned below are true? I'm not 100% sure that the bugs I submitted is correct. I hope you don't mind seeing the wrong bug I submitted.Thank you very much for your patience. In file libx11-1.6.2/src/Xrm.c,defination of function XrmCombineFileDatabase,line 1700 or line 1702. there is a statement call function NewDataBase(),load its return value to db,and this function may return a null pointer.in line 1703,there is a statement derefer db without check it.the process of this potential bug is shown in figure 1. In file libx11-1.6.2/src/Xrm.c,defination of function XrmGetStringDatebase,line 1559. there is a statement call function NewDataBase(),load its return value to db,and this function may return a null pointer.in line 1560,there is a statement derefer db without check it.the process of this potential bug is shown in figure 2. In file libx11-1.6.2/src/Xrm.c,defination of function append_value_list,line 489. there is a statement call function Xmalloc to allocate memory,load its return value to value_list,but Xmalloc may fail to allocate memory,so value_list may be a null pointer.in line 490,there is a statement derefer value_list without check it.the process of this potential bug is shown in figure 3. In file libx11-1.6.2/modules/im/ximcp/imLcIm.c,defination of function _XimWriteCachedDefaultTree,line 472. there is a statement call function Xmalloc to allocate memory,load its return value to m,but Xmalloc may fail to allocate memory,so m may be a null pointer.statements after derefer value_list without check it.the process of this potential bug is shown in figure 4. In file libx11-1.6.2/src/PolyReg.c,defination of function InsertEdgeInET,line 98. there is a statement call function Xmalloc to allocate memory,load its return value to tmpSLLBlock,but Xmalloc may fail to allocate memory,so tmpSLLBlock may be a null pointer.in line 100,there is a statement derefer tmpSLLBlock without check it.the process of this potential bug is shown in figure 5. In file libx11-1.6.2/modules/im/ximcp/imCallbk.c,defination of function _XimStrConversionCallback,line 342. there is a statement call function Xmalloc to allocate memory,load its return value to buf,but Xmalloc may fail to allocate memory,so buf may be a null pointer.in line 344,buf act as the first parameter of funcion _XimSetHeader(this function is in file libx11-1.6.2/modules/im/ximcp/imDefIm.c,line 78),in this function there are several statement derefer buf without check.the process of this potential bug is shown in figure 6. In file libx11-1.6.2/modules/im/ximcp/imCallbk.c,defination of function _read_text_from_packet,line 532. there is a statement call function Xmalloc to allocate memory,load its return value to text->feedback,but Xmalloc may fail to allocate memory,so text->feedback may be a null pointer.In line 535,there is a statement derefer text->feedback without check it.the process of this potential bug is shown in figure 7. In file libx11-1.6.2/src/xcms/cmsColNm.c,defination of function _XcmsParseColorString,line 212. there is a statement call function Xmalloc to allocate memory,load its return value to string_lowered ,but Xmalloc may fail to allocate memory,so string_lowered may be a null pointer.In line 219,there is a statement derefer string_lowered without check it.the process of this potential bug is shown in figure 8. In file libx11-1.6.2/src/xcms/cmsColNm.c,defination of function _XcmsLookupColorName,line 421. there is a statement call function Xmalloc to allocate memory,load its return value to name_lowered ,but Xmalloc may fail to allocate memory,so name_lowered may be a null pointer.In line 432,there is a statement derefer name_lowered without check it.the process of this potential bug is shown in figure 9. In file libx11-1.6.2/src/xcms/IdOfPr.c,defination of function XcmsFormatOfPrefix,line 70. there is a statement call function Xmalloc to allocate memory,load its return value to string_lowered ,but Xmalloc may fail to allocate memory,so string_lowered may be a null pointer.In line 82,there is a statement derefer string_lowered without check it.the process of this potential bug is shown in figure 10. In file libx11-1.6.2/src/InitExt.c,defination of function XESetWireToError,line 332. there is a statement call function Xmalloc to allocate memory,load it
[Touch-packages] [Bug 1939665] Re: "apt-get update" fails if another instance is running
In practice the two processes that run apt-get update are unaware of each other. When I'm updating of course I wouldn't intentionally run two instances in parallel. Indeed the other process is likely apt- daily.service. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1939665 Title: "apt-get update" fails if another instance is running Status in apt package in Ubuntu: Triaged Bug description: This snippet: sudo apt-get update & sudo apt-get update & wait; wait will result in one apt-get run succeeding and the other failing on the lock: [1] 3006473 [2] 3006474 Hit:1 http://ports.ubuntu.com/ubuntu-ports groovy InRelease Hit:2 http://ports.ubuntu.com/ubuntu-ports groovy-backports InRelease Hit:3 http://ports.ubuntu.com/ubuntu-ports groovy-security InRelease Hit:4 http://ports.ubuntu.com/ubuntu-ports groovy-updates InRelease Reading package lists... Done E: Could not get lock /var/lib/apt/lists/lock. It is held by process 3006476 (apt-get) N: Be aware that removing the lock file is not a solution and may break your system. E: Unable to lock directory /var/lib/apt/lists/ Reading package lists... Done [1]- Donesudo apt-get update [2]+ Exit 100sudo apt-get update Note that apt-get upgrade will correctly wait. ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: apt 2.1.10ubuntu0.3 ProcVersionSignature: Ubuntu 5.8.0-48.54-generic 5.8.18 Uname: Linux 5.8.0-48-generic aarch64 ApportVersion: 2.20.11-0ubuntu50.7 Architecture: arm64 CasperMD5CheckResult: skip Date: Thu Aug 12 07:50:16 2021 ProcEnviron: LC_TIME=C.UTF-8 TERM=xterm-256color PATH=(custom, no user) LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: apt UpgradeStatus: Upgraded to groovy on 2021-03-25 (139 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1939665/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939658] Re: Several potential bugs of null pointer dereference
The attachment "libx11_nullptr_dereference.docx" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libx11 in Ubuntu. https://bugs.launchpad.net/bugs/1939658 Title: Several potential bugs of null pointer dereference Status in libx11 package in Ubuntu: New Bug description: Ubuntu version: 18.04 libx11-xcb-dev version:1.6.2 Hello,I found some potential bugs in package libx11-xcb-dev,and the word file in the attachment I uploaded shows the occurrence process of the bug in a graphical way.Would you help me check whether the bugs mentioned below are true? I'm not 100% sure that the bugs I submitted is correct. I hope you don't mind seeing the wrong bug I submitted.Thank you very much for your patience. In file libx11-1.6.2/src/Xrm.c,defination of function XrmCombineFileDatabase,line 1700 or line 1702. there is a statement call function NewDataBase(),load its return value to db,and this function may return a null pointer.in line 1703,there is a statement derefer db without check it.the process of this potential bug is shown in figure 1. In file libx11-1.6.2/src/Xrm.c,defination of function XrmGetStringDatebase,line 1559. there is a statement call function NewDataBase(),load its return value to db,and this function may return a null pointer.in line 1560,there is a statement derefer db without check it.the process of this potential bug is shown in figure 2. In file libx11-1.6.2/src/Xrm.c,defination of function append_value_list,line 489. there is a statement call function Xmalloc to allocate memory,load its return value to value_list,but Xmalloc may fail to allocate memory,so value_list may be a null pointer.in line 490,there is a statement derefer value_list without check it.the process of this potential bug is shown in figure 3. In file libx11-1.6.2/modules/im/ximcp/imLcIm.c,defination of function _XimWriteCachedDefaultTree,line 472. there is a statement call function Xmalloc to allocate memory,load its return value to m,but Xmalloc may fail to allocate memory,so m may be a null pointer.statements after derefer value_list without check it.the process of this potential bug is shown in figure 4. In file libx11-1.6.2/src/PolyReg.c,defination of function InsertEdgeInET,line 98. there is a statement call function Xmalloc to allocate memory,load its return value to tmpSLLBlock,but Xmalloc may fail to allocate memory,so tmpSLLBlock may be a null pointer.in line 100,there is a statement derefer tmpSLLBlock without check it.the process of this potential bug is shown in figure 5. In file libx11-1.6.2/modules/im/ximcp/imCallbk.c,defination of function _XimStrConversionCallback,line 342. there is a statement call function Xmalloc to allocate memory,load its return value to buf,but Xmalloc may fail to allocate memory,so buf may be a null pointer.in line 344,buf act as the first parameter of funcion _XimSetHeader(this function is in file libx11-1.6.2/modules/im/ximcp/imDefIm.c,line 78),in this function there are several statement derefer buf without check.the process of this potential bug is shown in figure 6. In file libx11-1.6.2/modules/im/ximcp/imCallbk.c,defination of function _read_text_from_packet,line 532. there is a statement call function Xmalloc to allocate memory,load its return value to text->feedback,but Xmalloc may fail to allocate memory,so text->feedback may be a null pointer.In line 535,there is a statement derefer text->feedback without check it.the process of this potential bug is shown in figure 7. In file libx11-1.6.2/src/xcms/cmsColNm.c,defination of function _XcmsParseColorString,line 212. there is a statement call function Xmalloc to allocate memory,load its return value to string_lowered ,but Xmalloc may fail to allocate memory,so string_lowered may be a null pointer.In line 219,there is a statement derefer string_lowered without check it.the process of this potential bug is shown in figure 8. In file libx11-1.6.2/src/xcms/cmsColNm.c,defination of function _XcmsLookupColorName,line 421. there is a statement call function Xmalloc to allocate memory,load its return value to name_lowered ,but Xmalloc may fail to allocate memory,so name_lowered may be a null pointer.In line 432,there is a statement derefer name_lowered without check it.the process of this potential bug is shown in figure 9. In file libx11-1.6.2/src/xcms/IdOfPr.c,defination of function XcmsFormatOfPrefix,line 70. there is a statement call function Xmalloc to allocate memory,load its return value to string_lowered ,but Xmalloc may fail t
[Touch-packages] [Bug 1939665] Re: "apt-get update" fails if another instance is running
Please ignore Chris (well, do upgrade though, 20.10 is ld, it hasn't seen security updates in months) I understand your report, I only implemented lock waiting for the dpkg lock, not for the list lock that update holds. Note that apt-get generally doesn't wait for the lock, only apt does (you can pass/set options to make apt-get behave the same). I'm not sure update lock waiting is necessary - there's little point in running update again if you are already updating. It makes sense for install, because you might just want to schedule two installs. OTOH, I can see you writing a script that does update and install, and which breaks because apt-daily.service is running in the background. ** Changed in: apt (Ubuntu) Status: Invalid => Triaged ** Changed in: apt (Ubuntu) Importance: Undecided => Wishlist -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1939665 Title: "apt-get update" fails if another instance is running Status in apt package in Ubuntu: Triaged Bug description: This snippet: sudo apt-get update & sudo apt-get update & wait; wait will result in one apt-get run succeeding and the other failing on the lock: [1] 3006473 [2] 3006474 Hit:1 http://ports.ubuntu.com/ubuntu-ports groovy InRelease Hit:2 http://ports.ubuntu.com/ubuntu-ports groovy-backports InRelease Hit:3 http://ports.ubuntu.com/ubuntu-ports groovy-security InRelease Hit:4 http://ports.ubuntu.com/ubuntu-ports groovy-updates InRelease Reading package lists... Done E: Could not get lock /var/lib/apt/lists/lock. It is held by process 3006476 (apt-get) N: Be aware that removing the lock file is not a solution and may break your system. E: Unable to lock directory /var/lib/apt/lists/ Reading package lists... Done [1]- Donesudo apt-get update [2]+ Exit 100sudo apt-get update Note that apt-get upgrade will correctly wait. ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: apt 2.1.10ubuntu0.3 ProcVersionSignature: Ubuntu 5.8.0-48.54-generic 5.8.18 Uname: Linux 5.8.0-48-generic aarch64 ApportVersion: 2.20.11-0ubuntu50.7 Architecture: arm64 CasperMD5CheckResult: skip Date: Thu Aug 12 07:50:16 2021 ProcEnviron: LC_TIME=C.UTF-8 TERM=xterm-256color PATH=(custom, no user) LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: apt UpgradeStatus: Upgraded to groovy on 2021-03-25 (139 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1939665/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1641303] Re: Wish: apt shouldn't show kept-back packages within the list of upgradable
There's some misconception here; held back is a package-level flag. ALinuxUser: Just use pinning instead of holds to achieve that. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1641303 Title: Wish: apt shouldn't show kept-back packages within the list of upgradable Status in apt package in Ubuntu: Confirmed Bug description: Should apt consider kept-back packages as upgradable? Current state is: 1. Within 'apt dist-upgrade' it doesn't. 2. Within 'apt list --upgradable' and 'apt update' it does. For example: $ sudo apt update > [...] > Fetched 94,5 kB in 1s (66,0 kB/s) > Reading package lists... Done > Building dependency tree > Reading state information... Done > 1 package can be upgraded. Run 'apt list --upgradable' to see it. $ apt list --upgradable > Listing... Done > nvidia-304/xenial-updates,xenial-security 304.132-0ubuntu0.16.04.2 amd64 [upgradable from: 304.131-0ubuntu3] > N: There is 1 additional version. Please use the '-a' switch to see it $ sudo apt dist-upgrade > Reading package lists... Done > Building dependency tree > Reading state information... Done > Calculating upgrade... Done > The following packages have been kept back: > nvidia-304 > 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. 1) $ lsb_release -rd Description:Ubuntu 16.04.1 LTS Release:16.04 2) $ apt-cache policy apt apt: Installed: 1.2.12~ubuntu16.04.1 Candidate: 1.2.12~ubuntu16.04.1 Version table: *** 1.2.12~ubuntu16.04.1 500 500 http://ua.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 100 /var/lib/dpkg/status 1.2.10ubuntu1 500 500 http://ua.archive.ubuntu.com/ubuntu xenial/main amd64 Packages 3) I expected output of 'apt update' and 'apt list --upgradable' to be consistent with output of 'apt dist-upgrade': i.e. if the former say there're upgradable packages, the latter should upgrade them. 4) 'apt update' and 'apt list --upgradable' consider kept-back packages as upgradable; luckily, 'apt dist-upgrade' doesn't. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: apt 1.2.12~ubuntu16.04.1 ProcVersionSignature: Ubuntu 4.4.0-47.68-generic 4.4.24 Uname: Linux 4.4.0-47-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.20.1-0ubuntu2.1 Architecture: amd64 CurrentDesktop: KDE Date: Sat Nov 12 12:38:20 2016 InstallationDate: Installed on 2015-11-10 (367 days ago) InstallationMedia: Kubuntu 16.04 LTS "Xenial Xerus" - Alpha amd64 (20151110) SourcePackage: apt UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1641303/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939665] Re: "apt-get update" fails if another instance is running
Please note: I see your issue as being opinion & expected behavior. Many users use the conditional "&&" in commands like yours as it can be considered safer. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1939665 Title: "apt-get update" fails if another instance is running Status in apt package in Ubuntu: Triaged Bug description: This snippet: sudo apt-get update & sudo apt-get update & wait; wait will result in one apt-get run succeeding and the other failing on the lock: [1] 3006473 [2] 3006474 Hit:1 http://ports.ubuntu.com/ubuntu-ports groovy InRelease Hit:2 http://ports.ubuntu.com/ubuntu-ports groovy-backports InRelease Hit:3 http://ports.ubuntu.com/ubuntu-ports groovy-security InRelease Hit:4 http://ports.ubuntu.com/ubuntu-ports groovy-updates InRelease Reading package lists... Done E: Could not get lock /var/lib/apt/lists/lock. It is held by process 3006476 (apt-get) N: Be aware that removing the lock file is not a solution and may break your system. E: Unable to lock directory /var/lib/apt/lists/ Reading package lists... Done [1]- Donesudo apt-get update [2]+ Exit 100sudo apt-get update Note that apt-get upgrade will correctly wait. ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: apt 2.1.10ubuntu0.3 ProcVersionSignature: Ubuntu 5.8.0-48.54-generic 5.8.18 Uname: Linux 5.8.0-48-generic aarch64 ApportVersion: 2.20.11-0ubuntu50.7 Architecture: arm64 CasperMD5CheckResult: skip Date: Thu Aug 12 07:50:16 2021 ProcEnviron: LC_TIME=C.UTF-8 TERM=xterm-256color PATH=(custom, no user) LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: apt UpgradeStatus: Upgraded to groovy on 2021-03-25 (139 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1939665/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939665] Re: "apt-get update" fails if another instance is running
Thank you for reporting this bug to Ubuntu. Ubuntu 20.10 (groovy) reached end-of-life on July 22, 2021. See this document for currently supported Ubuntu releases: https://wiki.ubuntu.com/Releases We appreciate that this bug may be old and you might not be interested in discussing it any more. But if you are then please upgrade to the latest Ubuntu version and re-test. If you then find the bug is still present in the newer Ubuntu version, please re-report the issue using `ubuntu-bug`. ** Changed in: apt (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1939665 Title: "apt-get update" fails if another instance is running Status in apt package in Ubuntu: Triaged Bug description: This snippet: sudo apt-get update & sudo apt-get update & wait; wait will result in one apt-get run succeeding and the other failing on the lock: [1] 3006473 [2] 3006474 Hit:1 http://ports.ubuntu.com/ubuntu-ports groovy InRelease Hit:2 http://ports.ubuntu.com/ubuntu-ports groovy-backports InRelease Hit:3 http://ports.ubuntu.com/ubuntu-ports groovy-security InRelease Hit:4 http://ports.ubuntu.com/ubuntu-ports groovy-updates InRelease Reading package lists... Done E: Could not get lock /var/lib/apt/lists/lock. It is held by process 3006476 (apt-get) N: Be aware that removing the lock file is not a solution and may break your system. E: Unable to lock directory /var/lib/apt/lists/ Reading package lists... Done [1]- Donesudo apt-get update [2]+ Exit 100sudo apt-get update Note that apt-get upgrade will correctly wait. ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: apt 2.1.10ubuntu0.3 ProcVersionSignature: Ubuntu 5.8.0-48.54-generic 5.8.18 Uname: Linux 5.8.0-48-generic aarch64 ApportVersion: 2.20.11-0ubuntu50.7 Architecture: arm64 CasperMD5CheckResult: skip Date: Thu Aug 12 07:50:16 2021 ProcEnviron: LC_TIME=C.UTF-8 TERM=xterm-256color PATH=(custom, no user) LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: apt UpgradeStatus: Upgraded to groovy on 2021-03-25 (139 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1939665/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939665] [NEW] "apt-get update" fails if another instance is running
Public bug reported: This snippet: sudo apt-get update & sudo apt-get update & wait; wait will result in one apt-get run succeeding and the other failing on the lock: [1] 3006473 [2] 3006474 Hit:1 http://ports.ubuntu.com/ubuntu-ports groovy InRelease Hit:2 http://ports.ubuntu.com/ubuntu-ports groovy-backports InRelease Hit:3 http://ports.ubuntu.com/ubuntu-ports groovy-security InRelease Hit:4 http://ports.ubuntu.com/ubuntu-ports groovy-updates InRelease Reading package lists... Done E: Could not get lock /var/lib/apt/lists/lock. It is held by process 3006476 (apt-get) N: Be aware that removing the lock file is not a solution and may break your system. E: Unable to lock directory /var/lib/apt/lists/ Reading package lists... Done [1]- Donesudo apt-get update [2]+ Exit 100sudo apt-get update Note that apt-get upgrade will correctly wait. ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: apt 2.1.10ubuntu0.3 ProcVersionSignature: Ubuntu 5.8.0-48.54-generic 5.8.18 Uname: Linux 5.8.0-48-generic aarch64 ApportVersion: 2.20.11-0ubuntu50.7 Architecture: arm64 CasperMD5CheckResult: skip Date: Thu Aug 12 07:50:16 2021 ProcEnviron: LC_TIME=C.UTF-8 TERM=xterm-256color PATH=(custom, no user) LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: apt UpgradeStatus: Upgraded to groovy on 2021-03-25 (139 days ago) ** Affects: apt (Ubuntu) Importance: Undecided Status: New ** Tags: apport-bug arm64 groovy uec-images -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1939665 Title: "apt-get update" fails if another instance is running Status in apt package in Ubuntu: New Bug description: This snippet: sudo apt-get update & sudo apt-get update & wait; wait will result in one apt-get run succeeding and the other failing on the lock: [1] 3006473 [2] 3006474 Hit:1 http://ports.ubuntu.com/ubuntu-ports groovy InRelease Hit:2 http://ports.ubuntu.com/ubuntu-ports groovy-backports InRelease Hit:3 http://ports.ubuntu.com/ubuntu-ports groovy-security InRelease Hit:4 http://ports.ubuntu.com/ubuntu-ports groovy-updates InRelease Reading package lists... Done E: Could not get lock /var/lib/apt/lists/lock. It is held by process 3006476 (apt-get) N: Be aware that removing the lock file is not a solution and may break your system. E: Unable to lock directory /var/lib/apt/lists/ Reading package lists... Done [1]- Donesudo apt-get update [2]+ Exit 100sudo apt-get update Note that apt-get upgrade will correctly wait. ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: apt 2.1.10ubuntu0.3 ProcVersionSignature: Ubuntu 5.8.0-48.54-generic 5.8.18 Uname: Linux 5.8.0-48-generic aarch64 ApportVersion: 2.20.11-0ubuntu50.7 Architecture: arm64 CasperMD5CheckResult: skip Date: Thu Aug 12 07:50:16 2021 ProcEnviron: LC_TIME=C.UTF-8 TERM=xterm-256color PATH=(custom, no user) LANG=C.UTF-8 SHELL=/bin/bash SourcePackage: apt UpgradeStatus: Upgraded to groovy on 2021-03-25 (139 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1939665/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939664] [NEW] Several potential bugs of memory leak
Public bug reported: Ubuntu version: 18.04 libx11-xcb-dev version:1.6.2 Hello,I found some potential bugs in package libx11-xcb-dev,and the microsoft word file in the attachment I uploaded shows the occurrence process of the bug in a graphical way.Would you help me check whether the bugs mentioned below are true? I'm not 100% sure that the bugs I submitted is correct. I hope you don't mind seeing the wrong bug I submitted.Thank you very much for your patience. In file libx11-1.6.2/modules/im/ximcp/imLcPrs.c,defination of parsestringfile,line 733. The statement "tbp=malloc(size);"allocate memory to tbp and in line 733,if select false branch at this statement,tbp will not be freed correctly.the process of this potential bug is shown in figure 1. In file libx11-1.6.2/src/xlibi18n/lcDB.c,defination of f_numeric,line 882. The statement "wordp=malloc(len+1);"allocate memory to wordp and in line 883,if select false branch at this statement,function f_numeric will go on to execute.In line 910,if select false branch at this statement,wordp will not be freed correctly.the process of this potential bug is shown in figure 2. In file libx11-1.6.2/src/xlibi18n/lcDB.c,defination of f_numeric,line 882. The statement "wordp=malloc(len+1);"allocate memory to wordp and in line 883,if select false branch at this statement,function f_numeric will go on to execute.and if select true branch in line 938,flow goto err,In line 989,if select false branch here,wordp will not be freed correctly.the process of this potential bug is shown in figure 3. ** Affects: libx11 (Ubuntu) Importance: Undecided Status: New ** Attachment added: "libx11_memory_leak.docx" https://bugs.launchpad.net/bugs/1939664/+attachment/5517495/+files/libx11_memory_leak.docx -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libx11 in Ubuntu. https://bugs.launchpad.net/bugs/1939664 Title: Several potential bugs of memory leak Status in libx11 package in Ubuntu: New Bug description: Ubuntu version: 18.04 libx11-xcb-dev version:1.6.2 Hello,I found some potential bugs in package libx11-xcb-dev,and the microsoft word file in the attachment I uploaded shows the occurrence process of the bug in a graphical way.Would you help me check whether the bugs mentioned below are true? I'm not 100% sure that the bugs I submitted is correct. I hope you don't mind seeing the wrong bug I submitted.Thank you very much for your patience. In file libx11-1.6.2/modules/im/ximcp/imLcPrs.c,defination of parsestringfile,line 733. The statement "tbp=malloc(size);"allocate memory to tbp and in line 733,if select false branch at this statement,tbp will not be freed correctly.the process of this potential bug is shown in figure 1. In file libx11-1.6.2/src/xlibi18n/lcDB.c,defination of f_numeric,line 882. The statement "wordp=malloc(len+1);"allocate memory to wordp and in line 883,if select false branch at this statement,function f_numeric will go on to execute.In line 910,if select false branch at this statement,wordp will not be freed correctly.the process of this potential bug is shown in figure 2. In file libx11-1.6.2/src/xlibi18n/lcDB.c,defination of f_numeric,line 882. The statement "wordp=malloc(len+1);"allocate memory to wordp and in line 883,if select false branch at this statement,function f_numeric will go on to execute.and if select true branch in line 938,flow goto err,In line 989,if select false branch here,wordp will not be freed correctly.the process of this potential bug is shown in figure 3. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libx11/+bug/1939664/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939658] [NEW] Several potential bugs of null pointer dereference
Public bug reported: Ubuntu version: 18.04 libx11-xcb-dev version:1.6.2 Hello,I found some potential bugs in package libx11-xcb-dev,and the word file in the attachment I uploaded shows the occurrence process of the bug in a graphical way.Would you help me check whether the bugs mentioned below are true? I'm not 100% sure that the bugs I submitted is correct. I hope you don't mind seeing the wrong bug I submitted.Thank you very much for your patience. In file libx11-1.6.2/src/Xrm.c,defination of function XrmCombineFileDatabase,line 1700 or line 1702. there is a statement call function NewDataBase(),load its return value to db,and this function may return a null pointer.in line 1703,there is a statement derefer db without check it.the process of this potential bug is shown in figure 1. In file libx11-1.6.2/src/Xrm.c,defination of function XrmGetStringDatebase,line 1559. there is a statement call function NewDataBase(),load its return value to db,and this function may return a null pointer.in line 1560,there is a statement derefer db without check it.the process of this potential bug is shown in figure 2. In file libx11-1.6.2/src/Xrm.c,defination of function append_value_list,line 489. there is a statement call function Xmalloc to allocate memory,load its return value to value_list,but Xmalloc may fail to allocate memory,so value_list may be a null pointer.in line 490,there is a statement derefer value_list without check it.the process of this potential bug is shown in figure 3. In file libx11-1.6.2/modules/im/ximcp/imLcIm.c,defination of function _XimWriteCachedDefaultTree,line 472. there is a statement call function Xmalloc to allocate memory,load its return value to m,but Xmalloc may fail to allocate memory,so m may be a null pointer.statements after derefer value_list without check it.the process of this potential bug is shown in figure 4. In file libx11-1.6.2/src/PolyReg.c,defination of function InsertEdgeInET,line 98. there is a statement call function Xmalloc to allocate memory,load its return value to tmpSLLBlock,but Xmalloc may fail to allocate memory,so tmpSLLBlock may be a null pointer.in line 100,there is a statement derefer tmpSLLBlock without check it.the process of this potential bug is shown in figure 5. In file libx11-1.6.2/modules/im/ximcp/imCallbk.c,defination of function _XimStrConversionCallback,line 342. there is a statement call function Xmalloc to allocate memory,load its return value to buf,but Xmalloc may fail to allocate memory,so buf may be a null pointer.in line 344,buf act as the first parameter of funcion _XimSetHeader(this function is in file libx11-1.6.2/modules/im/ximcp/imDefIm.c,line 78),in this function there are several statement derefer buf without check.the process of this potential bug is shown in figure 6. In file libx11-1.6.2/modules/im/ximcp/imCallbk.c,defination of function _read_text_from_packet,line 532. there is a statement call function Xmalloc to allocate memory,load its return value to text->feedback,but Xmalloc may fail to allocate memory,so text->feedback may be a null pointer.In line 535,there is a statement derefer text->feedback without check it.the process of this potential bug is shown in figure 7. In file libx11-1.6.2/src/xcms/cmsColNm.c,defination of function _XcmsParseColorString,line 212. there is a statement call function Xmalloc to allocate memory,load its return value to string_lowered ,but Xmalloc may fail to allocate memory,so string_lowered may be a null pointer.In line 219,there is a statement derefer string_lowered without check it.the process of this potential bug is shown in figure 8. In file libx11-1.6.2/src/xcms/cmsColNm.c,defination of function _XcmsLookupColorName,line 421. there is a statement call function Xmalloc to allocate memory,load its return value to name_lowered ,but Xmalloc may fail to allocate memory,so name_lowered may be a null pointer.In line 432,there is a statement derefer name_lowered without check it.the process of this potential bug is shown in figure 9. In file libx11-1.6.2/src/xcms/IdOfPr.c,defination of function XcmsFormatOfPrefix,line 70. there is a statement call function Xmalloc to allocate memory,load its return value to string_lowered ,but Xmalloc may fail to allocate memory,so string_lowered may be a null pointer.In line 82,there is a statement derefer string_lowered without check it.the process of this potential bug is shown in figure 10. In file libx11-1.6.2/src/InitExt.c,defination of function XESetWireToError,line 332. there is a statement call function Xmalloc to allocate memory,load its return value to dpy->error_vec ,but Xmalloc may fail to allocate memory,so dpy->error_vec may be a null pointer.In line 334,there is a statement derefer dpy->error_vec without check it.the process of this potential bug is shown in figure 11. In file libx11-1.6.2/src/xlibi18n/XDefaultIMIF.c,defination of function _SetIMValues,line 279. there i