[Group.of.nepali.translators] [Bug 1812353] Re: content injection in http method (CVE-2019-3462)
This bug was fixed in the package apt - 1.8.0~alpha3.1 --- apt (1.8.0~alpha3.1) unstable; urgency=emergency * SECURITY UPDATE: content injection in http method (CVE-2019-3462) (LP: #1812353) -- Julian Andres Klode Tue, 22 Jan 2019 19:52:38 +0100 ** Changed in: apt (Ubuntu Disco) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1812353 Title: content injection in http method (CVE-2019-3462) Status in apt package in Ubuntu: Fix Released Status in apt source package in Precise: Fix Released Status in apt source package in Trusty: Fix Released Status in apt source package in Xenial: Fix Released Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: Fix Released Bug description: apt, starting with version 0.8.15, decodes target URLs of redirects, but does not check them for newlines, allowing MiTM attackers (or repository mirrors) to inject arbitrary headers into the result returned to the main process. If the URL embeds hashes of the supposed file, it can thus be used to disable any validation of the downloaded file, as the fake hashes will be prepended in front of the right hashes. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1812353/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1553811] Re: Thinkpad T460: Trackpoint mouse buttons instantly generate "release" event on press
** Changed in: linux-lts-utopic (Ubuntu Trusty) Status: In Progress => Fix Released ** Changed in: linux-lts-vivid (Ubuntu) Status: In Progress => Fix Released ** Changed in: linux-lts-utopic (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1553811 Title: Thinkpad T460: Trackpoint mouse buttons instantly generate "release" event on press Status in linux package in Ubuntu: Fix Released Status in linux-lts-utopic package in Ubuntu: Fix Released Status in linux-lts-vivid package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux-lts-utopic source package in Trusty: Fix Released Status in linux-lts-vivid source package in Trusty: Fix Released Status in linux source package in Wily: Fix Released Status in linux source package in Xenial: Fix Released Bug description: When using the trackpoint mouse buttons on the laptop, when any of the buttons are pressed a release event immediately follows, even if the mouse button is being held down. This prevents moving of windows, typical drag & drop operations, selection etc with the mouse. Example output from xev for button 1: ButtonPress event, serial 40, synthetic NO, window 0x7e1, root 0xb6, subw 0x0, time 1097221, (116,59), root:(116,142), state 0x0, button 1, same_screen YES ButtonRelease event, serial 40, synthetic NO, window 0x7e1, root 0xb6, subw 0x0, time 1097229, (116,59), root:(116,142), state 0x100, button 1, same_screen YES Button 2: ButtonPress event, serial 40, synthetic NO, window 0x7e1, root 0xb6, subw 0x0, time 1100941, (116,59), root:(116,142), state 0x0, button 2, same_screen YES ButtonRelease event, serial 40, synthetic NO, window 0x7e1, root 0xb6, subw 0x0, time 1100941, (116,59), root:(116,142), state 0x200, button 2, same_screen YES Button 3: ButtonPress event, serial 40, synthetic NO, window 0x7e1, root 0xb6, subw 0x0, time 1098467, (116,59), root:(116,142), state 0x0, button 3, same_screen YES ButtonRelease event, serial 40, synthetic NO, window 0x7e1, root 0xb6, subw 0x0, time 1098477, (116,59), root:(116,142), state 0x400, button 3, same_screen YES Possibly relevant output from journal: kernel: thinkpad_acpi: ThinkPad ACPI Extras v0.25 kernel: thinkpad_acpi: http://ibm-acpi.sf.net/ kernel: thinkpad_acpi: ThinkPad BIOS R06ET33W (1.07 ), EC unknown kernel: thinkpad_acpi: Lenovo ThinkPad T460, model 20FNCTO1WW kernel: thinkpad_acpi: detected a 8-level brightness capable ThinkPad kernel: thinkpad_acpi: unknown version of the HKEY interface: 0x200 kernel: thinkpad_acpi: please report this to ibm-acpi-de...@lists.sourceforge.net kernel: thinkpad_acpi: radio switch found; radios are enabled kernel: thinkpad_acpi: This ThinkPad has standard ACPI backlight brightness control, supported by the ACPI video driver kernel: thinkpad_acpi: Disabling thinkpad-acpi brightness events by default... kernel: thinkpad_acpi: rfkill switch tpacpi_bluetooth_sw: radio is unblocked kernel: thinkpad_acpi: Standard ACPI backlight interface available, not loading native one kernel: input: ThinkPad Extra Buttons as /devices/platform/thinkpad_acpi/input/input7 sensors[1000]: thinkpad-isa- kernel: thinkpad_acpi: EC reports that Thermal Table has changed kernel: thinkpad_acpi: acpi_evalf(GTRW, dd, ...) failed: AE_NOT_FOUND kernel: thinkpad_acpi: Cannot read adaptive keyboard mode. kernel: thinkpad_acpi: acpi_evalf(STRW, vd, ...) failed: AE_NOT_FOUND kernel: thinkpad_acpi: Cannot set adaptive keyboard mode. kernel: thinkpad_acpi: EC reports that Thermal Table has changed ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-10-generic 4.4.0-10.25 ProcVersionSignature: Ubuntu 4.4.0-10.25-generic 4.4.3 Uname: Linux 4.4.0-10-generic x86_64 ApportVersion: 2.20-0ubuntu3 Architecture: amd64 CurrentDesktop: KDE Date: Sun Mar 6 12:38:59 2016 HibernationDevice: RESUME=UUID=04e04e17-3976-4daa-a1dd-2dd369aee83d InstallationDate: Installed on 2015-09-21 (166 days ago) InstallationMedia: It Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: LENOVO 20FNCTO1WW ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-10-generic root=/dev/mapper/it--vg-root ro quiet intel_pstate=no_hwp RelatedPackageVersions: linux-restricted-modules-4.4.0-10-generic N/A linux-backports-modules-4.4.0-10-generic N/A linux-firmware1.156 SourcePackage: linux UpgradeStatus: Upgraded to xenial on 2016-02-24 (10 days ago) dmi.bios.date: 01/05/2016
[Group.of.nepali.translators] [Bug 1619766] Re: Backport E3 Skylake Support in ie31200_edac to Xenial
** Changed in: linux (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1619766 Title: Backport E3 Skylake Support in ie31200_edac to Xenial Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Bug description: Skylake E3 Support was added to ie31200_edac with the following commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/drivers/edac/ie31200_edac.c?id=953dee9bbd245f5515173126b9cc8b1a2c340797 Could we get this support backported to Xenial? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1619766/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1613787] Re: xfrm: ipsec crash when updating spd thresholds
** Changed in: linux (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1613787 Title: xfrm: ipsec crash when updating spd thresholds Status in linux package in Ubuntu: Fix Released Status in linux source package in Vivid: Fix Released Status in linux source package in Xenial: Fix Released Bug description: Fixed upstream by this commit (only in IPsec tree for now): https://git.kernel.org/cgit/linux/kernel/git/klassert/ipsec.git/commit/?id=6916fb3b10b3cbe3b1f9f5b680675f53e4e299eb http://patchwork.ozlabs.org/patch/654026/ To update the thresholds: 'ip xfrm policy set hthresh4 24 32' To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1613787/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1633404] Re: audit: prevent a new auditd to stop an old auditd still alive
** Changed in: linux (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1633404 Title: audit: prevent a new auditd to stop an old auditd still alive Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Xenial: Fix Released Bug description: The following upstream patch (v4.6) has fixed this problem: audit: stop an old auditd being starved out by a new auditd http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=133e1e5acd4a To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1633404/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1634545] Re: ipv6: connected routes are missing after a down/up cycle on the loopback
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1634545
Title:
ipv6: connected routes are missing after a down/up cycle on the
loopback
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Trusty:
Fix Released
Status in linux source package in Vivid:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Yakkety:
Fix Released
Bug description:
This upstream patch is missing:
http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=a220445f9f4382c36a53d8ef3e08165fa27f7e2c
ipv6: correctly add local routes when lo goes up
The goal of the patch is to fix this scenario:
ip link add dummy1 type dummy
ip link set dummy1 up
ip link set lo down ; ip link set lo up
After that sequence, the local route to the link layer address of dummy1 is
not there anymore.
When the loopback is set down, all local routes are deleted by
addrconf_ifdown()/rt6_ifdown(). At this time, the rt6_info entry still
exists, because the corresponding idev has a reference on it. After the rcu
grace period, dst_rcu_free() is called, and thus ___dst_free(), which will
set obsolete to DST_OBSOLETE_DEAD.
In this case, init_loopback() is called before dst_rcu_free(), thus
obsolete is still sets to something <= 0. So, the function doesn't add the
route again. To avoid that race, let's check the rt6 refcnt instead.
Fixes: 25fb6ca4ed9c ("net IPv6 : Fix broken IPv6 routing table after loopback
down-up")
Fixes: a881ae1f625c ("ipv6: don't call addrconf_dst_alloc again when enable
lo")
Fixes: 33d99113b110 ("ipv6: reallocate addrconf router for ipv6 address when
lo device up")
Reported-by: Francesco Santoro
Reported-by: Samuel Gauthier
CC: Balakumaran Kannan
CC: Maruthi Thotad
CC: Sabrina Dubroca
CC: Hannes Frederic Sowa
CC: Weilong Chen
CC: Gao feng
Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1634545/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1683976] Re: Please backport fix to reference leak in cgroup blkio throttle
** Changed in: linux (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1683976 Title: Please backport fix to reference leak in cgroup blkio throttle Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Xenial: Fix Released Bug description: This is fixed in Linux 4.5 https://github.com/torvalds/linux/commit/39a169b62b415390398291080dafe63aec751e0a Basically the module reference will leak whenever you write to /sys/fs/cgroup/blkio/blkio.throttle.* $ uname -a Linux david-kvm 4.4.0-72-generic #93-Ubuntu SMP Fri Mar 31 14:07:41 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux $ lsmod | grep ^zfs zfs 2813952 1 $ sudo sh -c 'i=100; while [ $i -gt 0 ]; do echo "230:0 1024" > /sys/fs/cgroup/blkio/blkio.throttle.read_bps_device; i=$(($i - 1)); done' $ lsmod | grep ^zfs zfs 2813952 101 This patch should be applied to all kernel < 4.5 Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1683976/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1667323] Re: Backlight control does not work and there are no entries in /sys/class/backlight
** Changed in: linux (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1667323 Title: Backlight control does not work and there are no entries in /sys/class/backlight Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Bug description: It was working fine until today. The folder /sys/class/backlight/ use to have "acpi_video0/brightness", but now is empty. I am using Nvidia Proprietary driver 340.101 (proprietary, tested). The problem persists even with the 304 driver. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-64-generic 4.4.0-64.85 ProcVersionSignature: Ubuntu 4.4.0-64.85-generic 4.4.44 Uname: Linux 4.4.0-64-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: desgua 2028 F pulseaudio /dev/snd/controlC0: desgua 2028 F pulseaudio CurrentDesktop: Unity Date: Thu Feb 23 11:31:18 2017 HibernationDevice: RESUME=UUID=f23a6347-9483-460e-aa29-cbc47850f890 InstallationDate: Installed on 2014-05-01 (1028 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417) Lsusb: Bus 002 Device 003: ID 064e:a127 Suyin Corp. Bus 002 Device 002: ID 8087:0020 Intel Corp. Integrated Rate Matching Hub Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 001 Device 002: ID 8087:0020 Intel Corp. Integrated Rate Matching Hub Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: Hewlett-Packard HP Pavilion dv6 Notebook PC ProcFB: ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-64-generic root=/dev/mapper/ubuntu--vg-root ro RelatedPackageVersions: linux-restricted-modules-4.4.0-64-generic N/A linux-backports-modules-4.4.0-64-generic N/A linux-firmware1.157.8 SourcePackage: linux UpgradeStatus: Upgraded to xenial on 2016-08-17 (189 days ago) dmi.bios.date: 12/03/2009 dmi.bios.vendor: Hewlett-Packard dmi.bios.version: F.13 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: 3659 dmi.board.vendor: Hewlett-Packard dmi.board.version: 32.23 dmi.chassis.type: 10 dmi.chassis.vendor: Hewlett-Packard dmi.chassis.version: N/A dmi.modalias: dmi:bvnHewlett-Packard:bvrF.13:bd12/03/2009:svnHewlett-Packard:pnHPPaviliondv6NotebookPC:pvr049D212412102:rvnHewlett-Packard:rn3659:rvr32.23:cvnHewlett-Packard:ct10:cvrN/A: dmi.product.name: HP Pavilion dv6 Notebook PC dmi.product.version: 049D212412102 dmi.sys.vendor: Hewlett-Packard To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1667323/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1745130] Re: Support rfkill-any led trigger for Fujitsu u727
** Changed in: linux (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1745130 Title: Support rfkill-any led trigger for Fujitsu u727 Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Bug description: == SRU Justification == This bug was reported against a Fujitsu u7x7 laptop series based on Skylake hardware. It has a single rfkill button and a single LED for wlan and bluetooth. Both drivers currently provide a single rfkill trigger, so the led could just be assigned to one. This was resolved by mainline commit 9b8e34e211, which added a "rfkill-any" led trigger to correctly handle the led with multiple rfkill devices. That was added by one of the fujitsu-laptop maintainers and the driver sets it as the default trigger. Commit 9b8e34e211b1 is in mainline as of 4.11-rc1. == Fix == commit 9b8e34e211b15af429b72388a8f2b3b1823d172e Author: Michał Kępień Date: Fri Jan 6 07:07:47 2017 +0100 rfkill: Add rfkill-any LED trigger == Regression Potential == Medium. This commit affects all arches, but it has been in mainline since 4.11-rc1 with no reported issues. == Test Case == A test kernel was built with this patch and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. == Original Bug Description == I got new HW from our supplier, which is the Fujitsu u7x7 laptop series based on Skylake hardware. It has a single rfkill button and a single LED for wlan and bluetooth. Both device driver currently provide a single rfkill trigger, so the led could just be assigned to one. As a result the upstream kernel got a new "rfkill-any" led trigger to correctly handle the led with multiple rfkill devices. That was added by one of the fujitsu-laptop maintainers and the driver sets it as the default trigger. commit 9b8e34e211b15af429b72388a8f2b3b1823d172e Author: Michał Kępień Date: Fri Jan 6 07:07:47 2017 +0100 rfkill: Add rfkill-any LED trigger Normally I would simply patch the affected modules using DKMS, like the i915_bpo driver, fujitsu-laptop and snd_hda_codec_realtek to support the HW without messing with the kernel packages. I'm currently waiting for some reviews, like https://www.spinics.net/lists/platform-driver-x86/msg14606.html But the rfkill support is compiled in, so I can't patch it using DKMS. So my first proposed fix would be to include a backport of this patch. Alternatively rfkill can be compiled as a module, so I can patch it and provide an updated module. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: linux-image-4.4.0-111-generic 4.4.0-111.134~14.04.1 ProcVersionSignature: Ubuntu 4.4.0-111.134~14.04.1-generic 4.4.98 Uname: Linux 4.4.0-111-generic i686 ApportVersion: 2.14.1-0ubuntu3.27 Architecture: i386 Date: Wed Jan 24 10:48:28 2018 SourcePackage: linux-lts-xenial UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1745130/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1713884] Re: [CIFS] Fix maximum SMB2 header size
** Changed in: linux (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1713884 Title: [CIFS] Fix maximum SMB2 header size Status in linux package in Ubuntu: Fix Released Status in linux source package in Vivid: Won't Fix Status in linux source package in Xenial: Fix Released Status in linux source package in Zesty: Fix Released Status in linux source package in Artful: Won't Fix Bug description: Currently the maximum size of SMB2/3 header is set incorrectly which leads to hanging of directory listing operations on encrypted SMB3 connections. Fix this by setting the maximum size to 170 bytes that is calculated as RFC1002 length field size (4) + transform header size (52) + SMB2 header size (64) + create response size (56). https://git.kernel.org/pub/scm/linux/kernel/git/next/linux- next.git/commit/?id=47690ab81f4f29b12bbb0676d3579e61ab4d84de This applies across the board 3.16, 4.4, 4.10, artful, and azure. Microsoft would be happy to help test. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1713884/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1735977] Re: Using asymmetric key for IMA appraisal crashes the system in Ubuntu 16.04
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1735977
Title:
Using asymmetric key for IMA appraisal crashes the system in Ubuntu
16.04
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Bug description:
== SRU Justification ==
The bug reporter was trying to enable IMA appraisal with signatures for
executable
files on Xenial. However, when enabling IMA appriasl the system would crash
and generate a trace.
This bug is happening because the following commit was applied to Xenial in
bug 1569924:
db6c43bd2132 ("crypto: KEYS: convert public key and digsig asym to the
akcipher api")
However, the following commit is also required or this bug happens:
eb5798f2e28f ("integrity: convert digsig to akcipher api")
== Fix ==
commit eb5798f2e28f3b43091cecc71c84c3f6fb35c7de
Author: Tadeusz Struk
Date: Tue Feb 2 10:08:58 2016 -0800
integrity: convert digsig to akcipher api
== Regression Potential ==
The requested commit is requred to fix an existing regression caused by bug
1569924.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
== Original Bug Description ==
I'm trying to enable IMA appraisal with signatures for executable files on
xenial with Linux 4.4. I took the following steps:
* Downloaded ubuntu-xenial kernel sources
* Run fakeroot debian/rules editconfigs to set CONFIG_SYSTEM_TRUSTED_KEYS to
my key
* Run fakeroot debian/rules binary-headers binary-generic binary-perarch to
build the kernel deb packaes
* Installed the kernel
* Signed the filesystem with my key using 'evmctl sing'
* Enabled IMA policy so that it will include the following line
appraise fowner=0 appraise_type=imasig
* From this point invocation of a signed binary cases a kernel BUG():
[ 1395.036910] kernel BUG at
/home/rapoport/git/ubuntu-xenial/crypto/asymmetric_keys/public_key.c:80!
[ 1395.038963] invalid opcode: [#1] SMP
[ 1395.039973] Modules linked in: isofs ppdev kvm_intel kvm irqbypass joydev
input_leds serio_raw parport_pc parport ib_iser rdma_cm iw_cm ib_cm ib_sa
ib_mad ib_core ib_addr iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi
autofs4 btrfs raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor
async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear crct10dif_pclmul
crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul
glue_helper ablk_helper psmouse cryptd floppy
[ 1395.050761] CPU: 6 PID: 31586 Comm: bash Not tainted 4.4.0-101-generic #124
[ 1395.051909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 1395.053510] task: 8800bae9c600 ti: 88042c52c000 task.ti:
88042c52c000
[ 1395.054763] RIP: 0010:[] []
public_key_verify_signature+0x46/0x50
[ 1395.056406] RSP: 0018:88042c52fa98 EFLAGS: 00010246
[ 1395.057307] RAX: 813bdb80 RBX: fff4 RCX:
0001
[ 1395.058518] RDX: 81ea73c0 RSI: 88042c52fac8 RDI:
88042a107c10
[ 1395.059709] RBP: 88042c52faa0 R08: 88042a849100 R09:
0007
[ 1395.061109] R10: 88042a0f9d00 R11: 88042c52fb07 R12:
0080
[ 1395.062289] R13: 88042abd9a80 R14: 0014 R15:
88042a849ac4
[ 1395.063404] FS: 7f5e21958700() GS:88043fd8()
knlGS:
[ 1395.064771] CS: 0010 DS: ES: CR0: 80050033
[ 1395.065809] CR2: 7f5e20f5c3cc CR3: 00042cabc000 CR4:
000406e0
[ 1395.067058] Stack:
[ 1395.067540] 813bdb95 88042c52fab0 813bdaec
88042c52fb38
[ 1395.068964] 813a759e 88042c52fac8
[ 1395.070417] 88042a849ac4 02000114 88042a849100
[ 1395.071973] Call Trace:
[ 1395.072510] [] ? public_key_verify_signature_2+0x15/0x20
[ 1395.073605] [] verify_signature+0x3c/0x50
[ 1395.074526] [] asymmetric_verify+0x17e/0x2a0
[ 1395.075475] [] integrity_digsig_verify+0x70/0x110
[ 1395.076481] [] ima_appraise_measurement+0x244/0x420
[ 1395.077518] [] process_measurement+0x3fa/0x480
[ 1395.078479] [] ima_file_check+0x18/0x20
[ 1395.079381] [] path_openat+0x1f3/0x1330
[ 1395.080274] [] ? __slab_free+0xcb/0x2c0
[ 1395.081165] [] do_filp_open+0x91/0x100
[ 1395.082050] [] ? apparmor_cred_prepare+0x2f/0x50
[ 1395.083046] [] ? security_prepare_creds+0x43/0x60
[ 1395.084056] [] do_open_execat+0x78/0x1d0
[ 1395.084952] [] do_execveat_common.isra.33+0x240/0x760
[ 1395.086016] [] SyS_execve+0x3a/0x50
[ 1395.0868
[Group.of.nepali.translators] [Bug 1738219] Re: the kernel is blackholing IPv6 packets to linkdown nexthops
** Changed in: linux (Ubuntu Bionic)
Status: In Progress => Confirmed
** Changed in: linux (Ubuntu Bionic)
Assignee: Joseph Salisbury (jsalisbury) => (unassigned)
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1738219
Title:
the kernel is blackholing IPv6 packets to linkdown nexthops
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Zesty:
Won't Fix
Status in linux source package in Artful:
Fix Released
Status in linux source package in Bionic:
Confirmed
Bug description:
== SRU Justification ==
When the 'ignore_routes_with_linkdown' sysctl is set, we should not
consider linkdown nexthops during route lookup.
While the code correctly verifies that the initially selected route
('match') has a carrier, it does not perform the same check in the
subsequent multipath selection, resulting in a potential packet loss.
In case the chosen route does not have a carrier and the sysctl is set,
choose the initially selected route.
This is a regression introduced by commit 35103d11173b in 4.3-rc1. Commit
bbfcd7763 resolves this regression and is mainline as of 4.15-rc1.
== Fix ==
commit bbfcd77631573ac4a9f57eb6169e04256a111bc1
Author: Ido Schimmel
Date: Tue Nov 21 09:50:12 2017 +0200
ipv6: Do not consider linkdown nexthops during multipath
== Regression Potential ==
This fix is specific to ipv6 and fixes a current regression.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1738219/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1744078] Re: linux < 4.8: x-netns vti is broken
** Changed in: linux (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1744078 Title: linux < 4.8: x-netns vti is broken Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Bug description: The following upstream patch is missing: 11d7a0bb95ea xfrm: Only add l3mdev oif to dst lookups https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=11d7a0bb95ea There are several ways to reproduce this problem. Here an example: # Prepare netns ip netns add test ip netns exec test sysctl -q -w net.ipv4.conf.all.forwarding=1 ip netns exec test ip link set lo up ip netns exec test ip addr add 172.16.1.1/24 dev lo # Create VTI iface and move it in netns test ip addr add 1.1.1.1/32 dev lo ip link add name vti_test type vti local 1.1.1.1 remote 2.2.2.2 key 0x1 ip link set dev vti_test netns test # Configure IPsec ip xfrm state add src 1.1.1.1 dst 2.2.2.2 proto esp spi 1 mode tunnel enc 'cbc(aes)' '0x' auth-trunc 'hmac(sha1)' '0x' 96 flag align4 mark 0x1 ip xfrm state add src 2.2.2.2 dst 1.1.1.1 proto esp spi 2 mode tunnel enc 'cbc(aes)' '0x' auth-trunc 'hmac(sha1)' '0x' 96 flag align4 mark 0x1 ip xfrm policy add dir out tmpl src 1.1.1.1 dst 2.2.2.2 proto esp mode tunnel mark 0x1 ip xfrm policy add dir in tmpl src 2.2.2.2 dst 1.1.1.1 proto esp mode tunnel mark 0x1 # Configure SVTI ip netns exec test ip link set dev vti_test up # Add route ip netns exec test ip route add 172.16.2.0/24 dev vti_test # Run a tcpdump on the output interface (given by "ip route get 2.2.2.2") tcpdump -nei eth0 & # Ping from the netns ip netns exec test ping 172.16.2.1 -I 172.16.1.1 -c 4 -- On 4.4.0-109-generic: (ping) From 172.16.1.1 icmp_seq=1 Destination Host Unreachable (tcpdump) no IPsec packet => Problem On 4.8.0-58-generic: (ping): no error raised (tcpdump) 15:09:45.109776 de:ad:de:01:02:03 > 52:55:0a:00:02:02, ethertype IPv4 (0x0800), length 166: 1.1.1.1 > 2.2.2.2: ESP(spi=0x0001,seq=0x2), length 132 (tcpdump) 15:10:05.422243 de:ad:de:01:02:03 > 52:55:0a:00:02:02, ethertype IPv4 (0x0800), length 166: 1.1.1.1 > 2.2.2.2: ESP(spi=0x0001,seq=0x3), length 132 => No problem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1744078/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1774225] Re: netns: unable to follow an interface that moves to another netns
** Changed in: linux (Ubuntu Xenial)
Status: In Progress => Confirmed
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
** Changed in: linux (Ubuntu Xenial)
Assignee: Joseph Salisbury (jsalisbury) => (unassigned)
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1774225
Title:
netns: unable to follow an interface that moves to another netns
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Confirmed
Status in linux source package in Bionic:
Fix Released
Bug description:
== SRU Justification ==
6Wind is requesting these three patches. The patches fix a bug that prevents
a user
from following an interface that moves to another netns.
These commits are also needed in Xenial. However, they will be sent in
a separate SRU request due to additional prereq commits being needed for
Xenial.
== Fixes ==
b2d3bcfa26a7 ("net: core: Expose number of link up/down transitions")
c36ac8e23073 ("dev: always advertise the new nsid when the netns iface
changes")
38e01b30563a ("dev: advertise the new ifindex when the netns iface changes")
== Regression Potential ==
Medium due to three patches needed and the changes to core networking.
== Test Case ==
A test kernel was built with these patches and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
The following upstream patches are missing (v4.16):
6621dd29eb9b ("dev: advertise the new nsid when the netns iface changes")
c36ac8e23073 ("dev: always advertise the new nsid when the netns iface
changes")
38e01b30563a ("dev: advertise the new ifindex when the netns iface changes")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6621dd29eb9b
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c36ac8e23073
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=38e01b30563a
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1774225/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1779830] Re: vfio/pci: cannot assign a i40e pf device to a vm using vfio-pci
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1779830
Title:
vfio/pci: cannot assign a i40e pf device to a vm using vfio-pci
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Bug description:
The following upstream patch (v4.7) is missing in xenial:
450744051d20 ("vfio/pci: Hide broken INTx support from user")
http://scm/kernels/linux-upstream/commit/?id=450744051d20
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1779830/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1789653] Re: regression with EXT4 file systems and meta_bg flag
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1789653
Title:
regression with EXT4 file systems and meta_bg flag
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Bug description:
== SRU Justification ==
A regression was introduced where ext4_check_descriptors() was getting
called before s_gdb_count was initialized. This regression was
introduced to Xenial in 4.4.0-134. This is fixed by mainline commit
44de022c4382.
Commit 44de022c4382 was also cc'd to upstream stable. However, it has
not made it's way into Xenial via stable updates as of yet.
== Fix ==
44de022c4382 ("ext4: fix false negatives *and* false positives in
ext4_check_descriptors()")
== Regression Potential ==
Low. This commit has been cc'd upstream stable, so it has had
additional upstream review.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
Hello,
In 16.04 lts (Ubuntu 4.4.0-134.160-generic 4.4.140) with all
partitions in ext4 with flag meta_bg :
kernel: [ 1905.799557] EXT4-fs (dm-7): ext4_check_descriptors: Block bitmap
for group 0 overlaps block group descriptors
kernel: [ 1905.799858] EXT4-fs (dm-7): group descriptors corrupted!
Go back with the kernel 4.4.0-133-generic and all partitions mount
correctly.
It looks like this:
https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=44de022c4382541cebdd6de4465d1f4f465ff1dd
The patch is available in 4.4.147 (https://lwn.net/Articles/762083/)
---
AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code
2: ls: cannot access '/dev/snd/': No such file or directory
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.20.1-0ubuntu2.18
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
CRDA: N/A
DistroRelease: Ubuntu 16.04
HibernationDevice: RESUME=/dev/mapper/vg_system-lv_system_swap
InstallationDate: Installed on 2017-04-28 (488 days ago)
InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Release amd64
(20160719)
IwConfig: Error: [Errno 2] No such file or directory
Lsusb: Error: [Errno 2] No such file or directory
MachineType: VMware, Inc. VMware Virtual Platform
Package: linux (not installed)
PciMultimedia:
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
LANG=fr_FR.UTF-8
SHELL=/bin/bash
ProcFB:
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-134-generic
root=/dev/mapper/vg_system-lv_system_root ro ipv6.disable=1
ProcVersionSignature: Ubuntu 4.4.0-134.160-generic 4.4.140
RelatedPackageVersions:
linux-restricted-modules-4.4.0-134-generic N/A
linux-backports-modules-4.4.0-134-generic N/A
linux-firmware N/A
RfKill: Error: [Errno 2] No such file or directory
Tags: xenial xenial
Uname: Linux 4.4.0-134-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:
_MarkForUpload: True
dmi.bios.date: 07/31/2013
dmi.bios.vendor: Phoenix Technologies LTD
dmi.bios.version: 6.00
dmi.board.name: 440BX Desktop Reference Platform
dmi.board.vendor: Intel Corporation
dmi.board.version: None
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 1
dmi.chassis.vendor: No Enclosure
dmi.chassis.version: N/A
dmi.modalias:
dmi:bvnPhoenixTechnologiesLTD:bvr6.00:bd07/31/2013:svnVMware,Inc.:pnVMwareVirtualPlatform:pvrNone:rvnIntelCorporation:rn440BXDesktopReferencePlatform:rvrNone:cvnNoEnclosure:ct1:cvrN/A:
dmi.product.name: VMware Virtual Platform
dmi.product.version: None
dmi.sys.vendor: VMware, Inc.
---
AlsaDevices: Error: command ['ls', '-l', '/dev/snd/'] failed with exit code
2: ls: cannot access '/dev/snd/': No such file or directory
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.20.1-0ubuntu2.18
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
CRDA: N/A
DistroRelease: Ubuntu 16.04
HibernationDevice: RESUME=/dev/mapper/vg_system-lv_system_swap
InstallationDate: Installed on 2017-04-28 (488 days ago)
InstallationMedia: Ubuntu-Server 16.04.1 LTS "Xenial Xerus" - Release amd64
(20160719)
IwConfig: Error: [Errno 2] No such file or directory
Lsusb: Error: [Errno 2] No such file or directory
MachineType: VMware, Inc. VMware Virtual Platform
Package: linux (not installed)
PciMultimedia:
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
LANG=fr_FR.UTF-8
SHELL=/bin/bash
ProcFB:
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-134-generic
root=/dev/mapper/vg_system-lv_system_root ro ipv6.disable=1
ProcV
[Group.of.nepali.translators] [Bug 1791790] Re: Kernel hang on drive pull caused by regression introduced by commit 287922eb0b18
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1791790
Title:
Kernel hang on drive pull caused by regression introduced by commit
287922eb0b18
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Bug description:
== SRU Justification ==
The following commit was applied to Xenial and introduced this
regression:
287922eb0b18 ("block: defer timeouts to a workqueue")
This regression was introduced in mainline as of v4.5-rc1. Bionc was
also affected by this regression, but it already go the fix when commit
4e9b6f20828a was applied to mainline in v4.15-rc1.
The regression caused a kernel hang because the HPSA driver has a tendency
to aggressively remove missing devices.
== Fix ==
4e9b6f20828a ("block: Fix a race between blk_cleanup_queue() and timeout
handling")
== Regression Potential ==
Low. This commit fixes a regression and has been cc'd to stable, so it
has had addition upstream review. This commit is already applied to
Bionic and Cosmic.
== Test Case ==
A test kernel was built with this patch and tested by the original bug
reporter.
The bug reporter states the test kernel resolved the bug.
A bug was introduced when backporting the fix for
http://bugs.launchpad.net/bugs/1597908. This bug exists in all Ubuntu 16.04 LTS
4.4 kernels >= 4.4.0-36, and many other non-LTS kernels.
This patch changes the context in which timeout work is scheduled for
block devices in the kernel. Previously, timeout work was executed
directly from the timer callback that fired when a deadline was met.
After the patch, timeout work is scheduled using a background work
queue. This means that by the time the work executes, the device queue
which originally scheduled the work could be torn down. In order to
prevent this, the patch takes a reference on the device queue when
executing the timeout work.
The problem is that the last reference to this queue can be removed
before the timeout work can be executed. During teardown, the block
system executes a freeze followed by a drain. The freeze drops the
last reference on the queue. The drain tries to clean up any
outstanding work, including timeout work. After a freeze, the timeout
work in the background queue is unable to obtain a reference, and
exits early without completing work. The work is now permanently stuck
in the queue and it will never be completed. The drain in the device
teardown path spins indefinitely.
The bug manifests as a hang that looks like this:
[] schedule+0x35/0x80
[] hpsa_scan_start+0x109/0x140 [hpsa]
[] ? wake_atomic_t_function+0x60/0x60
[] hpsa_rescan_ctlr_worker+0x1d2/0x652 [hpsa]
[] process_one_work+0x165/0x480
[] worker_thread+0x4b/0x4c0
[] ? process_one_work+0x480/0x480
[] kthread+0xd8/0xf0
[] ? kthread_create_on_node+0x1e0/0x1e0
[] ret_from_fork+0x3f/0x70
[] ? kthread_create_on_node+0x1e0/0x1e0
The fix exists upstream. It applies, builds, and runs cleanly on Ubuntu's
most recent 4.4 kernel.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=4e9b6f20828ac880dbc1fa2fdbafae779473d1af
We hit this bug nearly 100% of the time on some of our HP hardware.
The HPSA driver has a tendency to aggressively remove missing devices,
so it widens the race. As a result, we've been building our own kernel
with this patch applied. It would be really nice if we could get it
into mainline Ubuntu.
Let me know what additional information is needed. Thanks!
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1791790/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1811431] Re: linux-azure: 4.15.0-1037.39~16.04.1 -proposed tracker
Tests completed successfully. ** Changed in: kernel-sru-workflow/stakeholder-signoff Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1811431 Title: linux-azure: 4.15.0-1037.39~16.04.1 -proposed tracker Status in Kernel SRU Workflow: In Progress Status in Kernel SRU Workflow automated-testing series: Fix Released Status in Kernel SRU Workflow certification-testing series: Invalid Status in Kernel SRU Workflow prepare-package series: Fix Released Status in Kernel SRU Workflow prepare-package-meta series: Fix Released Status in Kernel SRU Workflow prepare-package-signed series: Fix Released Status in Kernel SRU Workflow promote-to-proposed series: Fix Released Status in Kernel SRU Workflow promote-to-security series: New Status in Kernel SRU Workflow promote-to-updates series: New Status in Kernel SRU Workflow regression-testing series: Confirmed Status in Kernel SRU Workflow security-signoff series: In Progress Status in Kernel SRU Workflow snap-release-to-beta series: Fix Released Status in Kernel SRU Workflow snap-release-to-candidate series: Fix Released Status in Kernel SRU Workflow snap-release-to-edge series: Fix Released Status in Kernel SRU Workflow snap-release-to-stable series: Invalid Status in Kernel SRU Workflow stakeholder-signoff series: Fix Released Status in Kernel SRU Workflow upload-to-ppa-dnu series: New Status in Kernel SRU Workflow verification-testing series: Confirmed Status in linux-azure package in Ubuntu: Invalid Status in linux-azure source package in Xenial: Confirmed Bug description: This bug is for tracking the upload package. This bug will contain status and testing results related to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true kernel-stable-master-bug: 1811419 phase: Testing -- verification-testing in progress phase-changed: Tuesday, 22. January 2019 16:32 UTC proposed-announcement-sent: true proposed-testing-requested: true reason: regression-testing: Ongoing -- testing in progress security-signoff: Pending -- waiting for signoff stakeholder-signoff: Pending -- waiting for signoff verification-testing: Ongoing -- testing in progress To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/1811431/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1806425] Re: linux-azure-edge: 4.18.0-1007.7~16.04.2 -proposed tracker
*** This bug is a duplicate of bug 1811418 *** https://bugs.launchpad.net/bugs/1811418 ** This bug has been marked a duplicate of bug 1811418 linux-azure-edge: 4.18.0-1008.8~16.04.2 -proposed tracker -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1806425 Title: linux-azure-edge: 4.18.0-1007.7~16.04.2 -proposed tracker Status in Kernel SRU Workflow: Invalid Status in Kernel SRU Workflow automated-testing series: Invalid Status in Kernel SRU Workflow certification-testing series: Invalid Status in Kernel SRU Workflow prepare-package series: Invalid Status in Kernel SRU Workflow prepare-package-meta series: Invalid Status in Kernel SRU Workflow prepare-package-signed series: Invalid Status in Kernel SRU Workflow promote-to-proposed series: Invalid Status in Kernel SRU Workflow promote-to-security series: Invalid Status in Kernel SRU Workflow promote-to-updates series: Invalid Status in Kernel SRU Workflow regression-testing series: Invalid Status in Kernel SRU Workflow security-signoff series: Invalid Status in Kernel SRU Workflow stakeholder-signoff series: Invalid Status in Kernel SRU Workflow upload-to-ppa-dnu series: Invalid Status in Kernel SRU Workflow verification-testing series: Invalid Status in linux-azure-edge package in Ubuntu: Invalid Status in linux-azure-edge source package in Xenial: Invalid Bug description: This bug is for tracking the upload package. This bug will contain status and testing results related to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true kernel-stable-master-bug: 1806409 phase: Promoted to proposed phase-changed: Monday, 10. December 2018 13:38 UTC proposed-announcement-sent: true proposed-testing-requested: true To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/1806425/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1812353] Re: content injection in http method (CVE-2019-3462)
** Changed in: apt (Ubuntu Precise) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1812353 Title: content injection in http method (CVE-2019-3462) Status in apt package in Ubuntu: In Progress Status in apt source package in Precise: Fix Released Status in apt source package in Trusty: Fix Released Status in apt source package in Xenial: Fix Released Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: In Progress Bug description: apt, starting with version 0.8.15, decodes target URLs of redirects, but does not check them for newlines, allowing MiTM attackers (or repository mirrors) to inject arbitrary headers into the result returned to the main process. If the URL embeds hashes of the supposed file, it can thus be used to disable any validation of the downloaded file, as the fake hashes will be prepended in front of the right hashes. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1812353/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1811432] Re: linux-gcp: 4.15.0-1027.28~16.04.1 -proposed tracker
** Changed in: kernel-sru-workflow/snap-release-to-candidate Status: Confirmed => Fix Released ** Description changed: This bug is for tracking the upload package. This bug will contain status and testing results related to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true kernel-stable-master-bug: 1811419 phase: Testing -- automated-testing FAILED phase-changed: Tuesday, 22. January 2019 13:08 UTC proposed-announcement-sent: true proposed-testing-requested: true reason: automated-testing: Stalled -- testing FAILED promote-to-updates: Pending -- nvidia GCP object not found -- 4.15.0-1027 regression-testing: Ongoing -- testing in progress security-signoff: Pending -- waiting for signoff - snap-release-to-candidate: Pending -- snap not in candidate channel verification-testing: Ongoing -- testing in progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1811432 Title: linux-gcp: 4.15.0-1027.28~16.04.1 -proposed tracker Status in Kernel SRU Workflow: In Progress Status in Kernel SRU Workflow automated-testing series: Incomplete Status in Kernel SRU Workflow certification-testing series: Invalid Status in Kernel SRU Workflow prepare-package series: Fix Released Status in Kernel SRU Workflow prepare-package-meta series: Fix Released Status in Kernel SRU Workflow prepare-package-signed series: Fix Released Status in Kernel SRU Workflow promote-to-proposed series: Fix Released Status in Kernel SRU Workflow promote-to-security series: New Status in Kernel SRU Workflow promote-to-updates series: New Status in Kernel SRU Workflow regression-testing series: Confirmed Status in Kernel SRU Workflow security-signoff series: In Progress Status in Kernel SRU Workflow snap-release-to-beta series: Fix Released Status in Kernel SRU Workflow snap-release-to-candidate series: Fix Released Status in Kernel SRU Workflow snap-release-to-edge series: Fix Released Status in Kernel SRU Workflow snap-release-to-stable series: Invalid Status in Kernel SRU Workflow upload-to-ppa-dnu series: New Status in Kernel SRU Workflow verification-testing series: Confirmed Status in linux-gcp package in Ubuntu: Invalid Status in linux-gcp source package in Xenial: Confirmed Bug description: This bug is for tracking the upload package. This bug will contain status and testing results related to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true kernel-stable-master-bug: 1811419 phase: Testing -- automated-testing FAILED phase-changed: Tuesday, 22. January 2019 13:08 UTC proposed-announcement-sent: true proposed-testing-requested: true reason: automated-testing: Stalled -- testing FAILED promote-to-updates: Pending -- nvidia GCP object not found -- 4.15.0-1027 regression-testing: Ongoing -- testing in progress security-signoff: Pending -- waiting for signoff verification-testing: Ongoing -- testing in progress To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/1811432/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1686470] Re: Apt updates that are uniformly spread across all timezones, with predictable application windows
This bug was fixed in the package unattended-upgrades - 0.90ubuntu0.10 --- unattended-upgrades (0.90ubuntu0.10) xenial-security; urgency=medium * No change rebuild in the -security pocket (See LP #1686470) -- Marc Deslauriers Fri, 18 Jan 2019 13:34:27 -0500 ** Changed in: unattended-upgrades (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1686470 Title: Apt updates that are uniformly spread across all timezones, with predictable application windows Status in apt package in Ubuntu: Fix Released Status in unattended-upgrades package in Ubuntu: Fix Released Status in apt source package in Xenial: Fix Released Status in unattended-upgrades source package in Xenial: Fix Released Status in apt source package in Yakkety: Won't Fix Status in unattended-upgrades source package in Yakkety: Won't Fix Status in apt source package in Zesty: Fix Released Status in unattended-upgrades source package in Zesty: Fix Released Status in apt source package in Artful: Fix Released Status in unattended-upgrades source package in Artful: Fix Released Status in apt package in Debian: Fix Released Status in unattended-upgrades package in Debian: Fix Released Bug description: [ Impact ] * unattended-upgrades are enabled by default in Ubuntu 16.04 and later * Currently the following three things happen as a monolithic event: - metadata updates: apt update - download of updates: apt upgrade --download-only - application of updates: apt upgrade * For the long running instances, all of the above happens at random times throughout the day. * If systems were poweredoff / suspended, this happens on boot / resume * End-users would like to have predictable timing, and control over when the updates happen. Considering all of the above, the following new behavior is proposed which should address all concerns in question. It combines all the desired properties from both end-user and mirror perspectives. [ Proposed Default Behavior ] * Decouple unattended-upgrades application, from apt update * apt update: - shall be a systemd timer based unit, triggered every 12h with a random delay of 12h, therefore executed randomly twice a day. - if unattened-upgrades (default on), or download-upgreadaeble-packages are enabled, it should result in updates being downloaded aka `apt upgrade --download-only` * unattended-upgrades: - shall be a separate systemd timer based unit triggered at 6am local time with a random delay of 1h, therefore executed between 6am and 7am local time. * On boot / resume: - if we have missed one, or more, apt update timers, apt update / download upgrades / unattended-upgrade will happen in sequence. This may result in mirror spikes, but we do want to secure cold/stale-booted systems as soon as possible. [Test Case] * Run system for more than 24h, and check that apt updates were automatically executed twice. * Check that unattended upgrades were triggered to be applied at 6am..7am window, if any. * Poweroff the machine over the period when apt-get update was scheduled, poweron and observe that apt-get update / download / unattended upgrade are all performed on boot. * Downgrade systemd to the release version of the package (from -security). Remove apt periodic stamp files rm /var/lib/apt/periodic/*. Then run 'sudo systemctl start apt-daily.service'. Confirm that the systemd package is downloaded, but not upgraded. [Regression Potential] * The newly proposed behavior is a mix of Pre-xenial behavior of "do everything at 6am..6:30am window" and the xenial+ behavior of "do everything at random times throughout the day". If there are specific deployments that rely on the previous types of behaviour they will be able to adjust manually the systemd timers with the overrides to be executed exactly as they wish; or match the .0 release behaviour that they prefer. * If timers behavior is coded wrongly the proposed behaviour might not be executed as intended, thus requiring further SRUs to bring us in-line with the great expectations. [Other Info] * Related bug reports and history: - bug #1615482 - bug #1554848 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1686470/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/L
[Group.of.nepali.translators] [Bug 1654600] Re: unattended-upgrade-shutdown hangs when /var is a separate filesystem
This bug was fixed in the package unattended-upgrades - 0.90ubuntu0.10
---
unattended-upgrades (0.90ubuntu0.10) xenial-security; urgency=medium
* No change rebuild in the -security pocket (See LP #1686470)
-- Marc Deslauriers Fri, 18 Jan 2019
13:34:27 -0500
** Changed in: unattended-upgrades (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1654600
Title:
unattended-upgrade-shutdown hangs when /var is a separate filesystem
Status in unattended-upgrades package in Ubuntu:
Fix Released
Status in unattended-upgrades source package in Xenial:
Fix Released
Status in unattended-upgrades source package in Yakkety:
Fix Released
Status in unattended-upgrades source package in Zesty:
Fix Released
Status in unattended-upgrades package in Debian:
Fix Released
Bug description:
[SRU justification]
This fix is needed to make sure that the system does not hang on shutdown
when /var is a speparate file system
[Impact]
System can hang up to 10 minutes if not fixed.
[Fix]
Change the systemd unit's ExecStart to an ExecStop so the unit is correctly
sequenced.
Change WantedBy to multi-user.target. This requires working around Debian Bug
#797108 which causes the new unit not to be enabled.
Remove the unneeded override_dh_isntallinit
Add Default-Start levels to the SysV initscript
Improve DEP8 testing
[Test Case]
In a VM with /var separated from the / file system, shutdown the VM. It will
hang for 10 minutes
[Regression]
Upgrade has been tested on Xenial, Yakkety, Zesty. do-release-upgrade has
been tested from Trusty to Xenial. All behave as expected.
A change of behavior may occur now that the systemd unit is correctly
enabled, which would make functionalities like InstallOnShutdown to
work as expected whereas it could have been broken previously. This
cannot be considered as a regression as it is expected behavior.
Shutdown may be slowed down as it now correctly depends on /var and
/boot to be available so the unit will run earlier than previously.
[Original description of the problem]
The systemd unit file unattended-upgrades.service is used to stop a running
unattended-upgrade
process during shutdown. This unit file is running together with all
filesystem
unmount services.
The unattended-upgrades service checks if the lockfile for unattended-upgrade
(in /var/run) exists, and if it does, there is an unattended-upgrade in
progress
and the service will wait until it finishes (and therefore automatically wait
at
shutdown).
However, if /var is a separate filesystem, it will get unmounted even though
/var/run
is a tmpfs that's still mounted on top of the /var/run directory in the /var
filesystem.
The unattended-upgrade script will fail to find lockfile, sleeps for 5
seconds, and
tries to check the lockfile again. After 10 minutes (the default timeout), it
will finally
exit and the system will continue shutdown.
The problem is the error handling in
/usr/share/unattended-upgrades/unattended-upgrade-shutdown
where it tries to lock itself:
while True:
res = apt_pkg.get_lock(options.lock_file)
logging.debug("get_lock returned %i" % res)
# exit here if there is no lock
if res > 0:
logging.debug("lock not taken")
break
lock_was_taken = True
The function apt_pkg.get_lock() either returns a file descriptor, or -1 on an
error.
File descriptors are just C file descriptors, so they are always positive
integers.
The code should check the result to be negative, not positive. I have
attached a patch
to reverse the logic.
Additional information:
1)
Description: Ubuntu 16.04.1 LTS
Release: 16.04
2)
unattended-upgrades:
Installed: 0.90ubuntu0.3
Candidate: 0.90ubuntu0.3
Version table:
*** 0.90ubuntu0.3 500
500 http://nl.archive.ubuntu.com/ubuntu xenial-updates/main amd64
Packages
500 http://nl.archive.ubuntu.com/ubuntu xenial-updates/main i386
Packages
100 /var/lib/dpkg/status
0.90 500
500 http://nl.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
500 http://nl.archive.ubuntu.com/ubuntu xenial/main i386 Packages
3)
Fast reboot
4)
Very slow reboot (after a 10 minutes timeout)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1654600/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1811432] Re: linux-gcp: 4.15.0-1027.28~16.04.1 -proposed tracker
** Changed in: kernel-sru-workflow/snap-release-to-beta Status: Confirmed => Fix Released ** Changed in: kernel-sru-workflow/snap-release-to-candidate Status: New => Confirmed ** Changed in: kernel-sru-workflow/snap-release-to-edge Status: Confirmed => Fix Released ** Description changed: This bug is for tracking the upload package. This bug will contain status and testing results related to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true kernel-stable-master-bug: 1811419 - phase: Promote to Proposed -- snap release to edge ready - phase-changed: Tuesday, 22. January 2019 12:30 UTC + phase: Testing -- automated-testing FAILED + phase-changed: Tuesday, 22. January 2019 13:08 UTC proposed-announcement-sent: true proposed-testing-requested: true reason: automated-testing: Stalled -- testing FAILED promote-to-updates: Pending -- nvidia GCP object not found -- 4.15.0-1027 regression-testing: Ongoing -- testing in progress security-signoff: Pending -- waiting for signoff - snap-release-to-beta: Pending -- snap not in beta channel - snap-release-to-edge: Pending -- snap not in edge channel + snap-release-to-candidate: Pending -- snap not in candidate channel verification-testing: Ongoing -- testing in progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1811432 Title: linux-gcp: 4.15.0-1027.28~16.04.1 -proposed tracker Status in Kernel SRU Workflow: In Progress Status in Kernel SRU Workflow automated-testing series: Incomplete Status in Kernel SRU Workflow certification-testing series: Invalid Status in Kernel SRU Workflow prepare-package series: Fix Released Status in Kernel SRU Workflow prepare-package-meta series: Fix Released Status in Kernel SRU Workflow prepare-package-signed series: Fix Released Status in Kernel SRU Workflow promote-to-proposed series: Fix Released Status in Kernel SRU Workflow promote-to-security series: New Status in Kernel SRU Workflow promote-to-updates series: New Status in Kernel SRU Workflow regression-testing series: Confirmed Status in Kernel SRU Workflow security-signoff series: In Progress Status in Kernel SRU Workflow snap-release-to-beta series: Fix Released Status in Kernel SRU Workflow snap-release-to-candidate series: Confirmed Status in Kernel SRU Workflow snap-release-to-edge series: Fix Released Status in Kernel SRU Workflow snap-release-to-stable series: Invalid Status in Kernel SRU Workflow upload-to-ppa-dnu series: New Status in Kernel SRU Workflow verification-testing series: Confirmed Status in linux-gcp package in Ubuntu: Invalid Status in linux-gcp source package in Xenial: Confirmed Bug description: This bug is for tracking the upload package. This bug will contain status and testing results related to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true kernel-stable-master-bug: 1811419 phase: Testing -- automated-testing FAILED phase-changed: Tuesday, 22. January 2019 13:08 UTC proposed-announcement-sent: true proposed-testing-requested: true reason: automated-testing: Stalled -- testing FAILED promote-to-updates: Pending -- nvidia GCP object not found -- 4.15.0-1027 regression-testing: Ongoing -- testing in progress security-signoff: Pending -- waiting for signoff snap-release-to-candidate: Pending -- snap not in candidate channel verification-testing: Ongoing -- testing in progress To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/1811432/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1812353] Re: content injection in http method (CVE-2019-3462)
This bug was fixed in the package apt - 1.6.6ubuntu0.1 --- apt (1.6.6ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: content injection in http method (CVE-2019-3462) (LP: #1812353) -- Julian Andres Klode Fri, 18 Jan 2019 11:39:50 +0100 ** Changed in: apt (Ubuntu Bionic) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1812353 Title: content injection in http method (CVE-2019-3462) Status in apt package in Ubuntu: In Progress Status in apt source package in Precise: New Status in apt source package in Trusty: Fix Released Status in apt source package in Xenial: Fix Released Status in apt source package in Bionic: Fix Released Status in apt source package in Cosmic: Fix Released Status in apt source package in Disco: In Progress Bug description: apt, starting with version 0.8.15, decodes target URLs of redirects, but does not check them for newlines, allowing MiTM attackers (or repository mirrors) to inject arbitrary headers into the result returned to the main process. If the URL embeds hashes of the supposed file, it can thus be used to disable any validation of the downloaded file, as the fake hashes will be prepended in front of the right hashes. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1812353/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1574320] Re: package xserver-xorg-core 2:1.18.3-1ubuntu2 failed to install/upgrade: trying to overwrite '/usr/lib/xorg/modules/libglamoregl.so', which is also in pac
Closing as issue fixed some time ago ** Changed in: hundredpapercuts Status: Confirmed => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1574320 Title: package xserver-xorg-core 2:1.18.3-1ubuntu2 failed to install/upgrade: trying to overwrite '/usr/lib/xorg/modules/libglamoregl.so', which is also in package xserver-xorg-video-glamoregl 0.6.0-0ubuntu4 Status in One Hundred Papercuts: Fix Released Status in xorg-server source package in Xenial: Fix Released Bug description: package xserver-xorg-core 2:1.18.3-1ubuntu2 failed to install/upgrade: trying to overwrite '/usr/lib/xorg/modules/libglamoregl.so', which is also in package xserver-xorg-video-glamoregl 0.6.0-0ubuntu4. The error occurred after upgrading to 16.04. ProblemType: Package DistroRelease: Ubuntu 16.04 Package: xserver-xorg-core 2:1.18.3-1ubuntu2 ProcVersionSignature: Ubuntu 4.4.0-21.37-generic 4.4.6 Uname: Linux 4.4.0-21-generic x86_64 .tmp.unity_support_test.0: ApportVersion: 2.20.1-0ubuntu2 Architecture: amd64 BootLog: Scanning for Btrfs filesystems /dev/sda8: clean, 442377/1160992 files, 3820414/4638183 blocks CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true Date: Sun Apr 24 15:32:02 2016 DistUpgraded: 2016-04-22 21:43:04,293 DEBUG disabling apt cron job (0o755) DistroCodename: xenial DistroVariant: ubuntu DkmsStatus: nvidia-304, 304.131, 3.13.0-85-generic, x86_64: installed nvidia-304, 304.131, 4.4.0-21-generic, x86_64: installed ErrorMessage: trying to overwrite '/usr/lib/xorg/modules/libglamoregl.so', which is also in package xserver-xorg-video-glamoregl 0.6.0-0ubuntu4 ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation 82Q33 Express Integrated Graphics Controller [8086:29d2] (rev 02) (prog-if 00 [VGA controller]) Subsystem: Micro-Star International Co., Ltd. [MSI] 82Q33 Express Integrated Graphics Controller [1462:7352] InstallationDate: Installed on 2014-05-14 (711 days ago) InstallationMedia: Custom 14.04 - Release amd64 MachineType: Hewlett-Packard HP Compaq dx7400 Small Form Factor. ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-21-generic root=UUID=d34389e0-e11f-4e62-8ca9-331d24db62ce ro quiet splash vt.handoff=7 RelatedPackageVersions: dpkg 1.18.4ubuntu1 apt 1.2.10ubuntu1 SourcePackage: xorg-server Title: package xserver-xorg-core 2:1.18.3-1ubuntu2 failed to install/upgrade: trying to overwrite '/usr/lib/xorg/modules/libglamoregl.so', which is also in package xserver-xorg-video-glamoregl 0.6.0-0ubuntu4 UpgradeStatus: Upgraded to xenial on 2016-04-22 (1 days ago) dmi.bios.date: 09/03/2008 dmi.bios.vendor: Phoenix Technologies, LTD dmi.bios.version: MS7352 1.14 dmi.board.name: 0AB8 dmi.board.vendor: MSI dmi.chassis.asset.tag: INA90904TR dmi.chassis.type: 3 dmi.chassis.vendor: MSI dmi.modalias: dmi:bvnPhoenixTechnologies,LTD:bvrMS73521.14:bd09/03/2008:svnHewlett-Packard:pnHPCompaqdx7400SmallFormFactor.:pvr:rvnMSI:rn0AB8:rvr:cvnMSI:ct3:cvr: dmi.product.name: HP Compaq dx7400 Small Form Factor. dmi.sys.vendor: Hewlett-Packard version.compiz: compiz 1:0.9.12.2+16.04.20160415-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.67-1 version.libgl1-mesa-dri: libgl1-mesa-dri 11.2.0-1ubuntu2 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 11.2.0-1ubuntu2 version.xserver-xorg-core: xserver-xorg-core 2:1.18.3-1ubuntu2 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.1-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.7.0-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20160325-1ubuntu1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.12-1build2 xserver.bootTime: Sun Apr 24 19:36:43 2016 xserver.configfile: default xserver.devices: inputPower Button KEYBOARD, id 6 inputPower Button KEYBOARD, id 7 inputUSB OPTICAL MOUSEMOUSE, id 8 inputUSB2.0 PC CAMERA KEYBOARD, id 9 inputAT Translated Set 2 keyboard KEYBOARD, id 10 xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.outputs: product id9963 vendor HWP xserver.version: 2:1.18.3-1ubuntu2 To manage notifications about this bug go to: https://bugs.launchpad.net/hundredpapercuts/+bug/1574320/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translator
[Group.of.nepali.translators] [Bug 1811432] Re: linux-gcp: 4.15.0-1027.28~16.04.1 -proposed tracker
** Changed in: kernel-sru-workflow/automated-testing Status: New => Confirmed ** Changed in: kernel-sru-workflow/promote-to-proposed Status: Fix Committed => Fix Released ** Changed in: kernel-sru-workflow/regression-testing Status: New => Confirmed ** Changed in: kernel-sru-workflow/security-signoff Status: New => In Progress ** Changed in: kernel-sru-workflow/snap-release-to-beta Status: New => Confirmed ** Changed in: kernel-sru-workflow/snap-release-to-edge Status: New => Confirmed ** Changed in: kernel-sru-workflow/verification-testing Status: New => Confirmed ** Changed in: kernel-sru-workflow/automated-testing Status: Confirmed => In Progress ** Description changed: This bug is for tracking the upload package. This bug will contain status and testing results related to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true kernel-stable-master-bug: 1811419 - phase: Promote to Proposed -- release to Proposed in progress - phase-changed: Tuesday, 22. January 2019 09:11 UTC + phase: Promote to Proposed -- snap release to beta ready + phase-changed: Tuesday, 22. January 2019 11:04 UTC + proposed-announcement-sent: true + proposed-testing-requested: true reason: - promote-to-proposed: Ongoing -- packages waiting in -proposed for mirror sync + automated-testing: Ongoing -- testing in progress promote-to-updates: Pending -- nvidia GCP object not found -- 4.15.0-1027 + regression-testing: Ongoing -- testing in progress + security-signoff: Pending -- waiting for signoff + snap-release-to-beta: Pending -- snap not in beta channel + snap-release-to-edge: Pending -- snap not in edge channel + verification-testing: Ongoing -- testing in progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1811432 Title: linux-gcp: 4.15.0-1027.28~16.04.1 -proposed tracker Status in Kernel SRU Workflow: In Progress Status in Kernel SRU Workflow automated-testing series: In Progress Status in Kernel SRU Workflow certification-testing series: Invalid Status in Kernel SRU Workflow prepare-package series: Fix Released Status in Kernel SRU Workflow prepare-package-meta series: Fix Released Status in Kernel SRU Workflow prepare-package-signed series: Fix Released Status in Kernel SRU Workflow promote-to-proposed series: Fix Released Status in Kernel SRU Workflow promote-to-security series: New Status in Kernel SRU Workflow promote-to-updates series: New Status in Kernel SRU Workflow regression-testing series: Confirmed Status in Kernel SRU Workflow security-signoff series: In Progress Status in Kernel SRU Workflow snap-release-to-beta series: Confirmed Status in Kernel SRU Workflow snap-release-to-candidate series: New Status in Kernel SRU Workflow snap-release-to-edge series: Confirmed Status in Kernel SRU Workflow snap-release-to-stable series: Invalid Status in Kernel SRU Workflow upload-to-ppa-dnu series: New Status in Kernel SRU Workflow verification-testing series: Confirmed Status in linux-gcp package in Ubuntu: Invalid Status in linux-gcp source package in Xenial: Confirmed Bug description: This bug is for tracking the upload package. This bug will contain status and testing results related to that upload. For an explanation of the tasks and the associated workflow see: https://wiki.ubuntu.com/Kernel/kernel-sru-workflow -- swm properties -- boot-testing-requested: true kernel-stable-master-bug: 1811419 phase: Promote to Proposed -- snap release to beta ready phase-changed: Tuesday, 22. January 2019 11:04 UTC proposed-announcement-sent: true proposed-testing-requested: true reason: automated-testing: Ongoing -- testing in progress promote-to-updates: Pending -- nvidia GCP object not found -- 4.15.0-1027 regression-testing: Ongoing -- testing in progress security-signoff: Pending -- waiting for signoff snap-release-to-beta: Pending -- snap not in beta channel snap-release-to-edge: Pending -- snap not in edge channel verification-testing: Ongoing -- testing in progress To manage notifications about this bug go to: https://bugs.launchpad.net/kernel-sru-workflow/+bug/1811432/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
