[Group.of.nepali.translators] [Bug 1700373] Re: intel-microcode is out of date, version 20170707 fixes errata on 6th and 7th generation platforms

[Robie Basak]

Yakkety is EOL now.

** Changed in: intel-microcode (Ubuntu Yakkety)
   Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1700373

Title:
  intel-microcode is out of date, version 20170707 fixes errata on 6th
  and 7th generation platforms

Status in intel-microcode package in Ubuntu:
  Fix Released
Status in intel-microcode source package in Trusty:
  Won't Fix
Status in intel-microcode source package in Xenial:
  Fix Committed
Status in intel-microcode source package in Yakkety:
  Won't Fix
Status in intel-microcode source package in Zesty:
  Fix Committed
Status in intel-microcode source package in Artful:
  Fix Released

Bug description:
  [Impact]

  * A security fix has been made available as part of intel-microcode
  * It is advisable to apply it
  * Thus an SRU of the latest intel-microcode is desirable for all stable 
releases

  [Test Case]

  * Upgrade intel-microcode package, if it is already installed / one is
  running on Intel CPUs

  * Reboot and verify no averse results, and/or that microcode for your
  cpu was loaded as expected.

  [Test case reporting]
  * Please paste the output of:

  dpkg-query -W intel-microcode
  grep -E 'model|stepping' /proc/cpuinfo | sort -u
  journalctl -k | grep microcode

  [Regression Potential]
  Microcode are proprietary blobs, and can cause any number of new errors and 
regressions. Microcode bugs have been reported before, therefore longer than 
usual phasing and monitoring of intel-microcode bugs should be done with extra 
care.

  Additional notes from ~racb, wearing an ~ubuntu-sru hat:

  SRU verification needs to take care to consider CPUs actually tested.
  We should have a representative sample of CPUs tested in SRU
  verification reports before considering release to the updates
  pockets.

  Given the potential severity of regressions, we should keep this in
  the proposed pockets for longer than the usual minimum ageing period.
  Let's have users opt-in to this update first, and only recommend it
  once we  confidence that a reasonable number (and representative CPU
  sample) of opted-in users have not hit any problems.

  Testers: please mark verification-done-* only after you consider that
  the above additional requirements have been met.

  [Other]
  caml discussion describing test case to reproduce the crash.
  https://caml.inria.fr/mantis/view.php?id=7452

  * I did not backport the full debian/changelog, as some of the changes
  were ommitted for SRU purposes, and I don't like the idea of modifying
  the changelog of others.

  * I did not backport this below change but I feel as though the SRU team 
should evaluate including it.  I left it out due to the change as little as 
possible guidance from the SRU team.  Additionally we have already been 
shipping the microcode version that included this change for a long time. More 
information here
  
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00030=en-fr

  '''
  # 0x206c2: Intel Westmere B1 (Xeon 3600, 5600, Core i7 2nd gen).
  #
  # When Intel released a fix for Intel SA-00030, they issued a MCU that
  # bumps the minimum acceptable version of the Intel TXT ACMs in the
  # TPM persistent storage.  This permanently blacklists the vulnerable
  # ACMs *even on older microcode* in order to make it somewhat harder
  # to work around the security fix through a BIOS downgrade attack.
  #
  # It is possible that such a microcode update, when peformed by the
  # operating system, could sucessfully trigger the TPM persistent
  # storage update Intel intended to happen during firmware boot: we
  # simply don't know enough to rule it out.  Should that happen, Intel
  # TXT will be permanently disabled.  This could easily interact very
  # badly with the firmware, rendering the system unbootable.  If *that*
  # happens, it would likely require either a TPM module replacement
  # (rendering sealed data useless) or a direct flash of a new BIOS with
  # updated ACMs, to repair.
  #
  # Blacklist updates for signature 0x206c2 as a safety net.
  IUC_EXCLUDE += -s !0x206c2
  '''

  * I versioned the packages 3.20170511.1~ubuntu as I feel this
  more appropriately reflects the contents of each package rather than
  simply incrementing the ubuntu version number.

  =

  [Original bug report]

  NB: I am *not* directly affected by this bug.

  Henrique emailed a warning to Debian devel today [1] on a potentially
  serious issue with (sky|kaby)lake processors. Excerpt:

  "This warning advisory is relevant for users of systems with the Intel
  processors code-named "Skylake" and "Kaby Lake".  These are: the 6th and
  7th generation Intel Core processors (desktop, embedded, mobile and
  HEDT), their related server processors (such as 

[Group.of.nepali.translators] [Bug 1705274] Re: linux-snapdragon: 4.4.0-1068.73 -proposed tracker

[Brad Figg]

** Changed in: kernel-sru-workflow/automated-testing
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1705274

Title:
  linux-snapdragon: 4.4.0-1068.73 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Confirmed
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  Invalid
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  Confirmed
Status in linux-snapdragon package in Ubuntu:
  Invalid
Status in linux-snapdragon source package in Xenial:
  Confirmed

Bug description:
  This bug is for tracking the  upload package.
  This bug will contain status and testing results related to that
  upload.

  For an explanation of the tasks and the associated workflow see: 
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  -- swm properties --
  boot-testing-requested: true
  kernel-stable-master-bug: 1705270
  phase: Promoted to proposed
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1705274/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1705273] Re: linux-raspi2: 4.4.0-1066.74 -proposed tracker

[Brad Figg]

** Changed in: kernel-sru-workflow/automated-testing
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1705273

Title:
  linux-raspi2: 4.4.0-1066.74 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Confirmed
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  Invalid
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  Confirmed
Status in linux-raspi2 package in Ubuntu:
  Invalid
Status in linux-raspi2 source package in Xenial:
  Confirmed

Bug description:
  This bug is for tracking the  upload package.
  This bug will contain status and testing results related to that
  upload.

  For an explanation of the tasks and the associated workflow see: 
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  -- swm properties --
  boot-testing-requested: true
  kernel-stable-master-bug: 1705270
  phase: Promoted to proposed
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1705273/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1704473] Re: Traceback when using typing.Optional[Type] on xenial

[Dan Watkins]

** Changed in: python3.5 (Ubuntu Yakkety)
   Status: New => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1704473

Title:
  Traceback when using typing.Optional[Type] on xenial

Status in python3.5 package in Ubuntu:
  New
Status in python3.5 source package in Xenial:
  New
Status in python3.5 source package in Yakkety:
  Won't Fix

Bug description:
  typing in the Python 3.5.2 stdlib tracebacks when passing Type to a
  Union (of which Optional is a specific case).  (This is typing bug
  #266: https://github.com/python/typing/issues/266.)

  (This is particularly annoying because as a stdlib library, the fix
  released by upstream to PyPI can't easily be used even via pip.)

  Steps to Reproduce
  ==

  ```
  lxc launch ubuntu:x reproducer
  lxc exec reproducer -- python3 -c "from typing import Optional, Type; 
Optional[Type[BaseException]]"
  ```

  Expected Behaviour
  ==

  No output, exits 0.

  Actual Behaviour
  

  ```
  Traceback (most recent call last):
File "", line 1, in 
File "/usr/lib/python3.5/typing.py", line 649, in __getitem__
  return Union[arg, type(None)]
File "/usr/lib/python3.5/typing.py", line 552, in __getitem__
  dict(self.__dict__), parameters, _root=True)
File "/usr/lib/python3.5/typing.py", line 512, in __new__
  for t2 in all_params - {t1} if not isinstance(t2, TypeVar)):
File "/usr/lib/python3.5/typing.py", line 512, in 
  for t2 in all_params - {t1} if not isinstance(t2, TypeVar)):
File "/usr/lib/python3.5/typing.py", line 1077, in __subclasscheck__
  if super().__subclasscheck__(cls):
File "/usr/lib/python3.5/abc.py", line 225, in __subclasscheck__
  for scls in cls.__subclasses__():
  TypeError: descriptor '__subclasses__' of 'type' object needs an argument
  ```

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python3.5/+bug/1704473/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1703461] Re: Update to 3.20.5

[Launchpad Bug Tracker]

This bug was fixed in the package gnome-software -
3.20.5-0ubuntu0.16.04.5

---
gnome-software (3.20.5-0ubuntu0.16.04.5) xenial; urgency=medium

  * debian/patches/0018-Add-a-Snap-plugin.patch:
- Fix crash when failing to load icons from cache (LP: #1702122)

gnome-software (3.20.5-0ubuntu0.16.04.4) xenial; urgency=medium

  * Rebase on stable 3.20.5 release (LP: #1703461).
  * debian/patches/*.patch:
- Convert Ubuntu changes into patches
  * debian/patches/0018-Add-a-Snap-plugin.patch:
- Fix snaps without icons not showing reliably (LP: #1697565)
- Show featured snaps (LP: #1663097)

 -- Robert Ancell   Wed, 12 Jul 2017
16:24:08 +1200

** Changed in: gnome-software (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1703461

Title:
  Update to 3.20.5

Status in gnome-software package in Ubuntu:
  Fix Released
Status in gnome-software source package in Xenial:
  Fix Released

Bug description:
  [Impact]
  Ubuntu 16.04 is running a version of gnome-software based on 3.20.1 which is 
an older stable release (latest stable release is 3.20.5). The Ubuntu changes 
were managed in a git branch that is difficult to manage. We have not been able 
to bring in all the stable changes to this branch and it is difficult to 
modify. We have rebased our changes on 3.20.5 [1] and propose these as a Stable 
Release Update.

  [1] https://lists.ubuntu.com/archives/ubuntu-
  desktop/2017-June/005011.html

  [Test Case]
  1. Run GNOME Software
  2. Execute the test plan 
https://wiki.ubuntu.com/Process/Merges/TestPlans/gnome-software

  Expected result:
  Running latest stable release, no regressions from 3.20.1

  Observed result:
  Running older release.

  [Regression Potential]
  Due to the number of changes there is a risk of regression. These changes are 
all on a stable branch, so upstream considers them to be safe. We ran this 
version from a PPA to check for issues, and there don't seem to be any problems.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-software/+bug/1703461/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1543455] Re: wget crashes with openssl-ibmca

[Dimitri John Ledkov]

** Also affects: openssl-ibmca (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: openssl-ibmca (Ubuntu Artful)
   Importance: Undecided
 Assignee: Dimitri John Ledkov (xnox)
   Status: Fix Released

** Also affects: openssl-ibmca (Ubuntu Zesty)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1543455

Title:
  wget crashes with openssl-ibmca

Status in Ubuntu on IBM z Systems:
  In Progress
Status in openssl-ibmca package in Ubuntu:
  Fix Released
Status in openssl-ibmca source package in Xenial:
  New
Status in openssl-ibmca source package in Zesty:
  New
Status in openssl-ibmca source package in Artful:
  Fix Released

Bug description:
  WIth openssl-ibmca enabled, wget crashes downloading things from
  launchpad librarian.

  actual bug in openssl-ibmca package.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1543455/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1543455] Re: wget crashes with openssl-ibmca

[Frank Heimes]

** Changed in: ubuntu-z-systems
   Status: Fix Released => In Progress

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1543455

Title:
  wget crashes with openssl-ibmca

Status in Ubuntu on IBM z Systems:
  In Progress
Status in openssl-ibmca package in Ubuntu:
  Fix Released
Status in openssl-ibmca source package in Xenial:
  New
Status in openssl-ibmca source package in Zesty:
  New
Status in openssl-ibmca source package in Artful:
  Fix Released

Bug description:
  WIth openssl-ibmca enabled, wget crashes downloading things from
  launchpad librarian.

  actual bug in openssl-ibmca package.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1543455/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1641912] Re: Please backport two recent-manager patches

[LocutusOfBorg]

** Also affects: gtk+2.0 (Ubuntu Artful)
   Importance: Critical
 Assignee: Simon Quigley (tsimonq2)
   Status: In Progress

** Also affects: gtk+2.0 (Ubuntu Zesty)
   Importance: Undecided
   Status: New

** Changed in: gtk+2.0 (Ubuntu Zesty)
   Status: New => In Progress

** Changed in: gtk+2.0 (Ubuntu Zesty)
   Importance: Undecided => Critical

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1641912

Title:
  Please backport two recent-manager patches

Status in GTK+:
  Fix Released
Status in gtk+2.0 package in Ubuntu:
  In Progress
Status in gtk+2.0 source package in Xenial:
  In Progress
Status in gtk+2.0 source package in Yakkety:
  Won't Fix
Status in gtk+2.0 source package in Zesty:
  In Progress
Status in gtk+2.0 source package in Artful:
  In Progress

Bug description:
  
https://git.gnome.org/browse/gtk+/commit/?h=gtk-2-24=a3b2d6a65be9f592de9570c227df00f910167e9e
  
https://git.gnome.org/browse/gtk+/commit/?h=gtk-2-24=35871edb318083b2d7e4758cbdaad6109eed60ca

  Please apply/backport these two patches from the 2.24 branch. They fix a 
memory DOS, originally reported against mate-panel here:
  https://github.com/mate-desktop/mate-panel/issues/479

  For the GTK3 version of this bug, see bug 1641914
  Note that MATE is GTK2 only for Ubuntu 16.04 LTS.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gtk/+bug/1641912/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1663097] Re: Show featured snaps

[Launchpad Bug Tracker]

This bug was fixed in the package gnome-software -
3.20.5-0ubuntu0.16.04.5

---
gnome-software (3.20.5-0ubuntu0.16.04.5) xenial; urgency=medium

  * debian/patches/0018-Add-a-Snap-plugin.patch:
- Fix crash when failing to load icons from cache (LP: #1702122)

gnome-software (3.20.5-0ubuntu0.16.04.4) xenial; urgency=medium

  * Rebase on stable 3.20.5 release (LP: #1703461).
  * debian/patches/*.patch:
- Convert Ubuntu changes into patches
  * debian/patches/0018-Add-a-Snap-plugin.patch:
- Fix snaps without icons not showing reliably (LP: #1697565)
- Show featured snaps (LP: #1663097)

 -- Robert Ancell   Wed, 12 Jul 2017
16:24:08 +1200

** Changed in: gnome-software (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1663097

Title:
  Show featured snaps

Status in gnome-software package in Ubuntu:
  Fix Released
Status in gnome-software source package in Xenial:
  Fix Released
Status in gnome-software source package in Zesty:
  Fix Released
Status in gnome-software source package in Artful:
  Fix Released

Bug description:
  [Impact]
  GNOME Software doesn't show any snaps in the "Editor's Picks" section. snapd 
added a new feature to return snaps in the "featured" section and should be 
shown in GNOME Software.

  [Test Case]
  1. Open GNOME Software

  Expected result:
  Some of the "Editor's Picks" apps should be snaps.

  Observed result:
  There are no snaps shown.

  [Regression Potential]
  Some risk of new behaviour adversely affecting GNOME Software startup.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-software/+bug/1663097/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1697565] Re: Snaps without icons don't show as installed

[Launchpad Bug Tracker]

This bug was fixed in the package gnome-software -
3.20.5-0ubuntu0.16.04.5

---
gnome-software (3.20.5-0ubuntu0.16.04.5) xenial; urgency=medium

  * debian/patches/0018-Add-a-Snap-plugin.patch:
- Fix crash when failing to load icons from cache (LP: #1702122)

gnome-software (3.20.5-0ubuntu0.16.04.4) xenial; urgency=medium

  * Rebase on stable 3.20.5 release (LP: #1703461).
  * debian/patches/*.patch:
- Convert Ubuntu changes into patches
  * debian/patches/0018-Add-a-Snap-plugin.patch:
- Fix snaps without icons not showing reliably (LP: #1697565)
- Show featured snaps (LP: #1663097)

 -- Robert Ancell   Wed, 12 Jul 2017
16:24:08 +1200

** Changed in: gnome-software (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1697565

Title:
  Snaps without icons don't show as installed

Status in gnome-software package in Ubuntu:
  Fix Released
Status in gnome-software source package in Xenial:
  Fix Released
Status in gnome-software source package in Zesty:
  Fix Released
Status in gnome-software source package in Artful:
  Fix Released

Bug description:
  [Impact]
  Snaps without icons don't show in the installed tab. They do show in search, 
because the icon is sourced from the store.

  [Test Case]
  1. Open GNOME Software
  2. Install a snap without an icon in the snap, but does have one in the store 
(e.g. moon-buggy)
  3. Close GNOME Software
  4. Open GNOME Software
  5. Click "installed" tab

  Expected result:
  Installed snap is shown

  Observed result:
  Snap is not shown

  [Regression Potential]
  The code was refactored to download the store information for installed 
snaps. This means the store icon shows if the installed snap didn't have one. 
There is some risk of new bugs being caused by the refactoring.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-software/+bug/1697565/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1702122] Re: /usr/bin/gnome-software:11:load_icon:gs_plugin_refine_app:gs_plugin_loader_run_refine_app:gs_plugin_loader_run_refine_internal:gs_plugin_loader_run_refi

[Launchpad Bug Tracker]

This bug was fixed in the package gnome-software -
3.20.5-0ubuntu0.16.04.5

---
gnome-software (3.20.5-0ubuntu0.16.04.5) xenial; urgency=medium

  * debian/patches/0018-Add-a-Snap-plugin.patch:
- Fix crash when failing to load icons from cache (LP: #1702122)

gnome-software (3.20.5-0ubuntu0.16.04.4) xenial; urgency=medium

  * Rebase on stable 3.20.5 release (LP: #1703461).
  * debian/patches/*.patch:
- Convert Ubuntu changes into patches
  * debian/patches/0018-Add-a-Snap-plugin.patch:
- Fix snaps without icons not showing reliably (LP: #1697565)
- Show featured snaps (LP: #1663097)

 -- Robert Ancell   Wed, 12 Jul 2017
16:24:08 +1200

** Changed in: gnome-software (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1702122

Title:
  /usr/bin/gnome-
  
software:11:load_icon:gs_plugin_refine_app:gs_plugin_loader_run_refine_app:gs_plugin_loader_run_refine_internal:gs_plugin_loader_run_refine

Status in gnome-software package in Ubuntu:
  Fix Released
Status in gnome-software source package in Xenial:
  Fix Released
Status in gnome-software source package in Zesty:
  Fix Committed
Status in gnome-software source package in Artful:
  Fix Released

Bug description:
  [Impact]
  The new icon cache code has a bug where it doesn't correctly handle errors 
loading from the cache. This was picked up in the error tracker [1].

  [1]
  https://errors.ubuntu.com/problem/bc8baf24512d0c46f341376c9134e4f04ec284d0

  [Test Case]
  1. Run GNOME Software

  Expected result:
  Crash doesn't show on errors.ubuntu.com

  Observed result:
  Crash shows on errors.ubuntu.com

  [Regression Potential]
  Fix was to use correct variable (typo). Seems unlikely to be able to cause 
new issues (though may unmask other issues by now working correctly).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-software/+bug/1702122/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1683876] Re: systemtap doesn't work with HWE kernels

[Eric Desrochers]

** Also affects: systemtap (Ubuntu Trusty)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1683876

Title:
  systemtap doesn't work with HWE kernels

Status in systemtap package in Ubuntu:
  Fix Released
Status in systemtap source package in Trusty:
  New
Status in systemtap source package in Xenial:
  New
Status in systemtap source package in Yakkety:
  Fix Released

Bug description:
  [Environment]

  No LSB modules are available.
  Distributor ID: Ubuntu
  Description:Ubuntu 16.04.2 LTS
  Release:16.04
  Codename:   xenial

  
  Linux juju-niedbalski-xenial-machine-12 4.8.0-46-generic #49~16.04.1-Ubuntu 
SMP Fri Mar 31 14:51:03 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

  [Description]

  Xenial system with LTS-hwe xenial kernel enabled. Trying to run the
  following script:

  $ sudo stap -e 'probe oneshot { println("hello world") }'

  Raises the following errors:

  In file included from /usr/share/systemtap/runtime/linux/runtime.h:204:0,
   from /usr/share/systemtap/runtime/runtime.h:24,
   from 
/tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25:
  /usr/share/systemtap/runtime/linux/access_process_vm.h: In function 
‘__access_process_vm_’:
  /usr/share/systemtap/runtime/linux/access_process_vm.h:35:29: error: passing 
argument 1 of ‘get_user_pages’ makes integer from pointer without a cast 
[-Werror=int-conversion]
 ret = get_user_pages (tsk, mm, addr, 1, write, 1, , );
   ^
  In file included from ./include/linux/pid_namespace.h:6:0,
   from ./include/linux/ptrace.h:8,
   from ./include/linux/ftrace.h:13,
   from ./include/linux/kprobes.h:42,
   from /usr/share/systemtap/runtime/linux/runtime.h:21,
   from /usr/share/systemtap/runtime/runtime.h:24,
   from 
/tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25:
  ./include/linux/mm.h:1315:6: note: expected ‘long unsigned int’ but argument 
is of type ‘struct task_struct *’
   long get_user_pages(unsigned long start, unsigned long nr_pages,
^
  In file included from /usr/share/systemtap/runtime/linux/runtime.h:204:0,
   from /usr/share/systemtap/runtime/linux/runtime.h:21,
   from /usr/share/systemtap/runtime/runtime.h:24,
   from 
/tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25:
  ./include/linux/mm.h:1315:6: note: expected ‘struct page **’ but argument is 
of type ‘int’
   long get_user_pages(unsigned long start, unsigned long nr_pages,
^
  In file included from /usr/share/systemtap/runtime/linux/runtime.h:204:0,
   from /usr/share/systemtap/runtime/runtime.h:24,
   from 
/tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25:
  /usr/share/systemtap/runtime/linux/access_process_vm.h:35:54: error: passing 
argument 6 of ‘get_user_pages’ makes pointer from integer without a cast 
[-Werror=int-conversion]
 ret = get_user_pages (tsk, mm, addr, 1, write, 1, , );
^
  In file included from ./include/linux/pid_namespace.h:6:0,
   from ./include/linux/ptrace.h:8,
   from ./include/linux/ftrace.h:13,
   from ./include/linux/kprobes.h:42,
   from /usr/share/systemtap/runtime/linux/runtime.h:21,
   from /usr/share/systemtap/runtime/runtime.h:24,
   from 
/tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25:
  ./include/linux/mm.h:1315:6: note: expected ‘struct vm_area_struct **’ but 
argument is of type ‘int’
   long get_user_pages(unsigned long start, unsigned long nr_pages,
^
  In file included from /usr/share/systemtap/runtime/linux/runtime.h:204:0,
   from /usr/share/systemtap/runtime/runtime.h:24,
   from 
/tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25:
  /usr/share/systemtap/runtime/linux/access_process_vm.h:35:13: error: too many 
arguments to function ‘get_user_pages’
 ret = get_user_pages (tsk, mm, addr, 1, write, 1, , );
   ^
  In file included from ./include/linux/pid_namespace.h:6:0,
   from ./include/linux/ptrace.h:8,
   from ./include/linux/ftrace.h:13,
   from ./include/linux/kprobes.h:42,
   from /usr/share/systemtap/runtime/linux/runtime.h:21,
   from /usr/share/systemtap/runtime/runtime.h:24,
   from 
/tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25:
  ./include/linux/mm.h:1315:6: note: declared here
   long get_user_pages(unsigned long start, unsigned 

[Group.of.nepali.translators] [Bug 1706132] Re: xfs slab objects (memory) leak when xfs shutdown is called

[Stefan Bader]

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1706132

Title:
  xfs slab objects (memory) leak when xfs shutdown is called

Status in linux package in Ubuntu:
  Confirmed
Status in linux source package in Xenial:
  New

Bug description:
  [Impact]

   * xfs kernel memory leak in case of xfs shutdown due to i/o errors
   * if xfs on iscsi, iscsi disconnection and module unload will case mem leak

  [Test Case]

   * configure tgtd with 1 lun and make it available through tcp/ip
   * configure open-iscsi to map this lun
   * make sure node.session.timeo.replacement_timeout = 0 in iscsid.conf
   * mount a xfs volume using the lun from tgtd host, run bonnie -d /xfsdir
   * in tgtd server, drop iscsi packets and watch client to have i/o errors
   * after sometime (depending on timeout) xfs will call shutdown
   * make sure the i/o errors led to xfs shutdown (comment #3)
   * after shutdown you try to remove xfs module and it will leak

  [Regression Potential]

   * based on upstream fix
   * tested in the same environment
   * potential damage to xfs

  [Other Info]

  Original Description:

     This scenario is testing [iscsi <-> scsi <-> disk <-> xfs]

  [  551.125604] sd 2:0:0:1: rejecting I/O to offline device
  [  551.125615] sd 2:0:0:1: rejecting I/O to offline device
  [  551.125627] sd 2:0:0:1: rejecting I/O to offline device
  [  551.125639] sd 2:0:0:1: rejecting I/O to offline device

  [  551.135216] XFS (sda1): metadata I/O error: block 0xeffe01 
("xfs_trans_read_buf_map") error 5 numblks 1
  [  551.135274] XFS (sda1): page discard on page ea0002a89cc0, inode 0x83, 
offset 6442385408.

  # when XFS shuts down because of an error (or offline disk, example):

  [  551.850498] XFS (sda1): xfs_do_force_shutdown(0x2) called from line 1197 
of file /build/linux-lts-xenial-roXrYH/linux-lts-xenial-4.4.0/fs/xfs/xfs_log.c. 
 Return address = 0xc0300388
  [  551.850568] XFS (sda1): Log I/O Error Detected.  Shutting down filesystem

  [  551.850618] XFS (sda1): xfs_log_force: error -5 returned.

  [  551.850630] XFS (sda1): Failing async write on buffer block 0x77ff08. 
Retrying async write.
  [  551.850634] XFS (sda1): Failing async write on buffer block 0x77ff10. 
Retrying async write.
  [  551.850638] XFS (sda1): Failing async write on buffer block 0x77ff01. 
Retrying async write.
  [  551.853171] XFS (sda1): Please umount the filesystem and rectify the 
problem(s)

  [  551.874131] XFS (sda1): metadata I/O error: block 0x1dffc49 
("xlog_iodone") error 5 numblks 64
  [  551.877993] XFS (sda1): xfs_do_force_shutdown(0x2) called from line 1197 
of file /build/linux-lts-xenial-roXrYH/linux-lts-xenial-4.4.0/fs/xfs/xfs_log.c. 
 Return address = 0xc0300388

  [  551.899036] XFS (sda1): xfs_log_force: error -5 returned.
  [  569.323074] XFS (sda1): xfs_log_force: error -5 returned.
  [  599.403085] XFS (sda1): xfs_log_force: error -5 returned.
  [  629.483111] XFS (sda1): xfs_log_force: error -5 returned.
  [  659.563115] XFS (sda1): xfs_log_force: error -5 returned.
  [  689.643014] XFS (sda1): xfs_log_force: error -5 returned.

  # when I execute:

  # sudo umount /dev/sda1:

  [81634.923043] XFS (sda1): xfs_log_force: error -5 returned.
  [81640.739097] XFS (sda1): xfs_log_force: error -5 returned.
  [81640.739137] XFS (sda1): Unmounting Filesystem
  [81640.739463] XFS (sda1): xfs_log_force: error -5 returned.
  [81640.739508] XFS (sda1): xfs_log_force: error -5 returned.
  [81640.742741] sd 2:0:0:1: rejecting I/O to offline device
  [81640.745576] blk_update_request: 25 callbacks suppressed
  [81640.745601] blk_update_request: I/O error, dev sda, sector 0

  # i was able to umount and then to remove iscsi disk.

  # but if i try to unload the xfs module:

  inaddy@(trustyiscsicli):~$ sudo rmmod xfs
  [82211.059301] 
=
  [82211.063764] BUG xfs_log_ticket (Tainted: G   OE  ): Objects 
remaining in xfs_log_ticket on kmem_cache_close()
  [82211.067450] 
-
  [82211.067450]
  [82211.070580] INFO: Slab 0xea0002eb7640 objects=22 used=1 
fp=0x8800badd9f18 flags=0xc00080
  [82211.074430] INFO: Object 0x8800badd9228 @offset=552
  [82211.076133] kmem_cache_destroy xfs_log_ticket: Slab cache still has objects

  AND

  [82211.059301] 
=
  [82211.063764] BUG xfs_log_ticket (Tainted: G   OE  ): Objects 
remaining in xfs_log_ticket on kmem_cache_close()
  [82211.067450] 
-
  [82211.067450]
  [82211.070570] Disabling lock debugging 

[Group.of.nepali.translators] [Bug 1639230] Re: reschedule fails with ip already allocated error

[Eric Desrochers]

** Also affects: nova (Ubuntu Xenial)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1639230

Title:
  reschedule fails with ip already allocated error

Status in OpenStack Compute (nova):
  Fix Released
Status in OpenStack Compute (nova) newton series:
  Fix Committed
Status in nova package in Ubuntu:
  Fix Released
Status in nova source package in Xenial:
  New

Bug description:
  Tried to create a server in a multi-host environment. The create
  failed on the first host that was attempted due to a ClientException
  raised by nova.volume.cinder.API.initialize_connection while trying to
  attach a volume. When the build was rescheduled on a different host,
  it should have realized that the network was already allocated by the
  first attempt and reused that, but the network_allocated=True from
  instance.system_metadata somehow disappeared, leading to the following
  exception that causes the reschedule to fail:

  2016-10-13 04:48:29.007 16273 WARNING nova.network.neutronv2.api 
[req-9b343ef7-e8d9-4a61-b86c-a61908afe4df 
0688b01e6439ca32d698d20789d52169126fb41fb1a4ddafcebb97d854e836c9 
94e1baed634145e0aade858973ae88e8 - - -] [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] Neutron error creating port on network 
5038a36b-cb1e-4a61-b26c-a05a80b37ed6
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] Traceback (most recent call last):
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b]   File 
"/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 392, in 
_create_port_minimal
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] port_response = 
port_client.create_port(port_req_body)
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b]   File 
"/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 98, in 
wrapper
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] ret = obj(*args, **kwargs)
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b]   File 
"/usr/lib/python2.7/site-packages/neutronclient/v2_0/client.py", line 750, in 
create_port
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] return self.post(self.ports_path, 
body=body)
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b]   File 
"/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 98, in 
wrapper
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] ret = obj(*args, **kwargs)
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b]   File 
"/usr/lib/python2.7/site-packages/neutronclient/v2_0/client.py", line 365, in 
post
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] headers=headers, params=params)
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b]   File 
"/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 98, in 
wrapper
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] ret = obj(*args, **kwargs)
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b]   File 
"/usr/lib/python2.7/site-packages/neutronclient/v2_0/client.py", line 300, in 
do_request
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] 
self._handle_fault_response(status_code, replybody, resp)
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b]   File 
"/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 98, in 
wrapper
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] ret = obj(*args, **kwargs)
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b]   File 
"/usr/lib/python2.7/site-packages/neutronclient/v2_0/client.py", line 275, in 
_handle_fault_response
  2016-10-13 04:48:29.007 16273 ERROR nova.network.neutronv2.api [instance: 
b85d6c6c-e385-4601-aa47-5c580f893c9b] exception_handler_v20(status_code, 
error_body)
  2016-10-13 04:48:29.007 16273 

[Group.of.nepali.translators] [Bug 1706833] Re: atheros bt failed after S3

[Stefan Bader]

** Also affects: linux (Ubuntu Xenial)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1706833

Title:
  atheros bt failed after S3

Status in HWE Next:
  New
Status in linux package in Ubuntu:
  In Progress
Status in linux source package in Xenial:
  New

Bug description:
  [Impact]
  BT fails to load firmware after S3. On my system it's atheros' chip, but the 
same issue can be seen with broadcom's chip, too.
 [542.6274] WARNING: CPU: 0 PID: 20729 at 
/build/linux-MD8jsN/linux-4.4.0/drivers/base/firmware_class.c:1148 
_request_firmware+0x7c2/0xaf0()

  The root cause of this issue is request_firmware() is being called at
  the wrong time.

  [Fix]
  The fix is from this old thread[1], but the patch didn't be accepted by the 
maintainer.
  It prevents the work queue from being re-created and calls request_firmware() 
immediately before usermodehelper is fully resumed. Making the workqueue 
freezable preserves the delay and will postpone the firmware loading time.

  [Test Case]
  Verified on the machine has this issue, and confirm this patch works.

  [Regression Potential]
  From what I can see, I think this change should be safe, and after 240 times 
S3 test, the system and BT functions are still working.

  1. http://lists.openwall.net/netdev/2015/05/06/3

To manage notifications about this bug go to:
https://bugs.launchpad.net/hwe-next/+bug/1706833/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1665701] Re: Missing inspect-internal command

[Steve Langasek]

sounds like this compatibility issue has been resolved on the curtin
side and that this command is no longer present upstream, so there is no
change to be made to the btrfs-progs side.

** Changed in: btrfs-progs (Ubuntu)
   Status: Confirmed => Won't Fix

** Changed in: btrfs-progs (Ubuntu Xenial)
   Status: New => Won't Fix

** Changed in: btrfs-progs (Ubuntu Yakkety)
   Status: New => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1665701

Title:
  Missing inspect-internal command

Status in btrfs-progs package in Ubuntu:
  Won't Fix
Status in curtin package in Ubuntu:
  Fix Released
Status in btrfs-progs source package in Xenial:
  Won't Fix
Status in curtin source package in Xenial:
  Fix Released
Status in btrfs-progs source package in Yakkety:
  Won't Fix
Status in curtin source package in Yakkety:
  Fix Released

Bug description:
   Begin Curtin SRU Template 
  [Impact]
  This change is actually only a test change.
  Vmtest does an instllation to a btrfs device and then boots into the
  installed system and collects information to verify that the install
  worked properly.  That collection of information was using
   btrfs-show-super (

[Group.of.nepali.translators] [Bug 1635223] Re: please include mlx5_core modules in linux-image-generic package

[Dan Watkins]

** Changed in: cloud-images
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1635223

Title:
  please include mlx5_core modules in linux-image-generic package

Status in cloud-images:
  Fix Released
Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Yakkety:
  Fix Released
Status in linux source package in Zesty:
  Fix Released

Bug description:
  Because linux-image-generic pkg doesn't include mlx5_core,
  stock ubuntu cloud-images can't be used by VM guests using
  mellanox VFs, forcing the creation of an ad-hoc cloud image
  with added linux-image-extra-virtual

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-images/+bug/1635223/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1703532] Re: linux-hwe: 4.10.0-28.32~16.04.2 -proposed tracker

[Launchpad Bug Tracker]

This bug was fixed in the package linux-hwe - 4.10.0-28.32~16.04.2

---
linux-hwe (4.10.0-28.32~16.04.2) xenial; urgency=low

  * linux-hwe: 4.10.0-28.32~16.04.2 -proposed tracker (LP: #1703532)

  * CVE-2017-1000364
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
- mm/mmap.c: expand_downwards: don't require the gap if !vm_prev

  * KILLER1435-S[0489:e0a2] BT cannot search BT 4.0 device (LP: #1699651)
- Bluetooth: btusb: Add support for 0489:e0a2 QCA_ROME device

  * aacraid driver may return uninitialized stack data to userspace
(LP: #1700077)
- SAUCE: scsi: aacraid: Don't copy uninitialized stack memory to userspace

  * CVE-2017-9605
- drm/vmwgfx: Make sure backup_handle is always valid

  * CVE-2017-1000380
- ALSA: timer: Fix race between read and ioctl
- ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT

  * XDP eBPF programs fail to verify on Zesty ppc64el (LP: #1699627)
- [Config] ppc64el: build for Power8 not Power7

  * AACRAID for power9 platform (LP: #1689980)
- scripts/spelling.txt: add "therfore" pattern and fix typo instances
- scsi: aacraid: fix PCI error recovery path
- scsi: aacraid: pci_alloc_consistent() failures on ARM64
- scsi: aacraid: Remove __GFP_DMA for raw srb memory
- scsi: aacraid: Fix DMAR issues with iommu=pt
- scsi: aacraid: Added 32 and 64 queue depth for arc natives
- scsi: aacraid: Set correct Queue Depth for HBA1000 RAW disks
- scsi: aacraid: Remove reset support from check_health
- scsi: aacraid: Change wait time for fib completion
- scsi: aacraid: Log count info of scsi cmds before reset
- scsi: aacraid: Print ctrl status before eh reset
- scsi: aacraid: Using single reset mask for IOP reset
- scsi: aacraid: Rework IOP reset
- scsi: aacraid: Add periodic checks to see IOP reset status
- scsi: aacraid: Rework SOFT reset code
- scsi: aacraid: Rework aac_src_restart
- scsi: aacraid: Use correct function to get ctrl health
- scsi: aacraid: Make sure ioctl returns on controller reset
- scsi: aacraid: Enable ctrl reset for both hba and arc
- scsi: aacraid: Add reset debugging statements
- scsi: aacraid: Remove reference to Series-9
- scsi: aacraid: Update driver version to 50834

  * arm64 kernel crashdump support (LP: #1694859)
- memblock: add memblock_clear_nomap()
- memblock: add memblock_cap_memory_range()
- arm64: limit memory regions based on DT property, usable-memory-range
- arm64: kdump: reserve memory for crash dump kernel
- arm64: mm: add set_memory_valid()
- arm64: mm: use phys_addr_t instead of unsigned long in __map_memblock
- arm64: kdump: protect crash dump kernel memory
- arm64: hibernate: preserve kdump image around hibernation
- arm64: kdump: implement machine_crash_shutdown()
- arm64: kdump: add VMCOREINFO's for user-space tools
- [Config] CONFIG_CRASH_DUMP=y on arm64
- arm64: kdump: provide /proc/vmcore file
- Documentation: kdump: describe arm64 port
- Documentation: dt: chosen properties for arm64 kdump
- efi/libstub/arm*: Set default address and size cells values for an empty 
dtb

  * hibmc driver does not include "pci:" prefix in bus ID (LP: #1698700)
- SAUCE: drm: hibmc: Use set_busid function from drm core

  * Processes in "D" state due to zap_pid_ns_processes kernel call with Ubuntu +
Docker (LP: #1698264)
- pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes

  * Bugfixes for  hns network driver (LP: #1696031)
- hns_enet: use cpumask_var_t for on-stack mask
- net: hns: fix uninitialized data use
- net: hns: avoid gcc-7.0.1 warning for uninitialized data
- net: hns: Add ACPI support to check SFP present
- net: hns: Fix the implementation of irq affinity function
- net: hns: Modify GMAC init TX threshold value
- net: hns: Optimize the code for GMAC pad and crc Config
- net: hns: Remove redundant memset during buffer release
- net: hns: bug fix of ethtool show the speed
- net: hns: Optimize hns_nic_common_poll for better performance
- net: hns: Fix to adjust buf_size of ring according to mtu
- net: hns: Replace netif_tx_lock to ring spin lock
- net: hns: Correct HNS RSS key set function
- net: hns: Remove the redundant adding and deleting mac function
- net: hns: Remove redundant mac_get_id()
- net: hns: Remove redundant mac table operations
- net: hns: Clean redundant code from hns_mdio.c file
- net: hns: Optimise the code in hns_mdio_wait_ready()
- net: hns: Simplify the exception sequence in hns_ppe_init()
- net: hns: Adjust the SBM module buffer threshold
- net: hns: Avoid Hip06 chip TX packet line bug
- net: hns: Some checkpatch.pl script & warning fixes
- net: hns: support deferred probe when can not obtain irq
- net: hns: support deferred probe when no mdio
- net: hns: fix 

[Group.of.nepali.translators] [Bug 1696710] Re: Ubuntu 16.04.02: depmod: WARNING: needs unknown symbol .TOC.

[Launchpad Bug Tracker]

This bug was fixed in the package kmod - 22-1ubuntu5

---
kmod (22-1ubuntu5) xenial; urgency=medium

  * depmod-ignore-powerpc64-abiv2-toc-symbol.patch: Ignore the TOC symbol
in depmod on PPC64 as it does not need to be relocated (LP: #1696710)
  * fix-docs-build: Fix build failure with the xenial version of gtk-doc.

 -- Adam Conrad   Tue, 25 Jul 2017 07:41:35 -0600

** Changed in: kmod (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1696710

Title:
  Ubuntu 16.04.02: depmod: WARNING:  needs unknown symbol
  .TOC.

Status in The Ubuntu-power-systems project:
  Fix Released
Status in kmod package in Ubuntu:
  Fix Released
Status in kmod source package in Xenial:
  Fix Released

Bug description:
  == Comment: #0 - Douglas Miller  - 2017-01-24 07:59:54 ==
  ---Problem Description---
  depmod does not handle .TOC symbol on powerpc platforms
   
  Contact Information = Douglas Miller  
   
  ---uname output---
  Linux p8le03 4.4.0-38-generic #57-Ubuntu SMP Tue Sep 6 15:40:06 UTC 2016 
ppc64le ppc64le ppc64le GNU/Linux
   
  Machine Type = other 
   
  ---Debugger---
  A debugger is not configured
   
  ---Steps to Reproduce---
   Compile kernel, during modules_install target the messages appear. PPC64 
modules have a .TOC symbol which is required. It may be the only symbol with a 
period in the name, and so tools that restrict symbols based on a pattern may 
neglect to include .TOC.
   
  Userspace tool common name: depmod 
   
  The userspace tool has the following bit modes: 64 

  Userspace rpm: libkmod2:ppc64el

  Userspace tool obtained from project website:  na 
   
  *Additional Instructions for Douglas Miller :
  -Attach ltrace and strace of userspace application.

  == Comment: #3 - Douglas Miller  - 2017-01-24 08:12:58 ==
  kmod package:

  # dpkg --list |grep kmod
  ii  kmod   22-1ubuntu4
 ppc64el  tools for managing Linux kernel modules
  ii  libkmod2:ppc64el   22-1ubuntu4
 ppc64el  libkmod shared library

  == Comment: #7 - Douglas Miller  - 2017-06-07 16:20:38 ==
   I was doing a build of upstream origin/master on Ubuntu 16.04.2 fresh 
install and still getting these messages. In the "make modules_install" output 
I see:

  ...
DEPMOD  4.12.0-rc4
  depmod: WARNING: 
/lib/modules/4.12.0-rc4/kernel/arch/powerpc/kernel/rtas_flash.ko needs unknown 
symb
  ol .TOC.
  ...

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1696710/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1694859] Re: arm64 kernel crashdump support

[Launchpad Bug Tracker]

This bug was fixed in the package kexec-tools - 1:2.0.10-1ubuntu2.3

---
kexec-tools (1:2.0.10-1ubuntu2.3) xenial; urgency=medium

  * Add backport of upstream arm64 crashdump support (LP: #1694859).

 -- dann frazier   Fri, 23 Jun 2017 12:27:52
-0600

** Changed in: kexec-tools (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1694859

Title:
  arm64 kernel crashdump support

Status in kexec-tools package in Ubuntu:
  Fix Released
Status in linux package in Ubuntu:
  Fix Released
Status in makedumpfile package in Ubuntu:
  Fix Released
Status in kexec-tools source package in Xenial:
  Fix Released
Status in linux source package in Xenial:
  Won't Fix
Status in makedumpfile source package in Xenial:
  Fix Committed
Status in kexec-tools source package in Yakkety:
  In Progress
Status in linux source package in Yakkety:
  Won't Fix
Status in makedumpfile source package in Yakkety:
  Won't Fix
Status in kexec-tools source package in Zesty:
  Fix Released
Status in linux source package in Zesty:
  Fix Released
Status in makedumpfile source package in Zesty:
  Fix Released

Bug description:
  Note: Updates are being staged at ppa:dannf/arm64-kdump.

  [Impact]
  It is not possible to collect a kernel crash dump from a crashed arm64 server 
for later debugging.

  [Test Case]
  sudo apt install kdump-tools
  (reboot, so crashkernel= is added to the kernel commandline)
  echo c | sudo tee /proc/sysrq-trigger

  Crash dump should occur, with artifacts collected in /var/crash.

  If you want to verify that the dump is usable, install the
  corresponding linux-image--dbgsym package and run:

  sudo crash /usr/lib/debug/boot/vmlinux-
  /var/crash//dump.

  crash should successfully load, placing you at a "crash>" prompt. At that 
prompt, you can issue the 'bt' command to see a backtrace.
  Note: you need crash from zesty (7.1.8-1ubuntu1) or later.

  [Regression Risk]
  = Kernel =
  3 patches here touch code outside of arch/arm64/:

  memblock: add memblock_clear_nomap()
  This adds a new function with no callers, so regression risk is negligible.
  (A later patch adds a call to it under arch/arm64/).

  memblock: add memblock_cap_memory_range()
  This refactors some of the code in memblock_mem_limit_remove_map() into a new 
function. The only existing caller of memblock_mem_limit_remove_map() is under 
arch/arm64/, so the regression risk outside of arm64 is negligible.

  efi/libstub/arm*: Set default address and size cells values for an empty dtb
  Because this code is for EFI platforms that support device-tree, it is 
de-facto ARM-specific (as noted in the patch title).

  For arm64, we have mitigated the risk by explicit regression testing on 
several platforms:
   - Qualcomm QDF2400
   - Cavium ThunderX CRB1S
   - HP m400 (X-Gene)
   - HiSilicon D05 (Hi07)

  = kexec-tools =
  == zesty ==
  For zesty, 10 patches are required to add kdump support.

  0001-kexec-extend-the-semantics-of-kexec_iomem_for_each_l.patch:
  This modifies a function used on armhf & x86. The description explains the 
change, and why it does not impact those archs:

  -
  The current users of kexec_iomem_for_each_line(), arm, sh and x86, will not
  be affected by this change because
  * arm
    The callback function only returns -1 or 0, and the return value of
    kexec_iomem_for_each_line() will never be used.
  * sh, x86
    The callback function may return (-1 for sh,) 0 or 1, but always returns
    1 once we have reached the maximum number of entries allowed.
    Even so the current kexec_iomem_for_each_line() counts them up.
    This change actually fixes this bug.
  -

  0002-kexec-generalize-and-rename-get_kernel_stext_sym.patch:
  This generalizes a function that was duplicated by arm & x86 and makes it 
common so arm64 can use it.

  The remaining 8 of these only touch code in kexec/arch/arm64, so
  regression risk for other architectures is negligible.

  Finally, I have tested this update on both i386 and amd64 VMs. i386
  crashes do not currently work in zesty (filed LP: #1699874), and my
  test results show no change there. amd64 worked before, and continues
  to work with these changes.

  == yakkety ==
  Since yakkety is based on an older upstream, 6 additional patches are 
required:

  arm-fix-get_kernel_stext_sym-to-close-its-file.patch:
  This is a cleanup patch, cherry-picked because it allows later patches to 
apply w/o backporting. ARM-specific.

  kexec-add-max_size-to-memory_ranges.patch:
  Adds a new element to struct, to be used by later commits.

  kexec-add-generic-helper-to-add-to-memoryq_regions.patch,
  kexec-add-mem_regions-sorting-implementation.patch,
  kexec-add-helper-to-exlude-a-region-from-a-set-of-me.patch,
  kexec-fix-mem_regions_sort.patch:

[Group.of.nepali.translators] [Bug 1700994] Re: Installed snaps show twice in GNOME Software

[Launchpad Bug Tracker]

This bug was fixed in the package appstream-glib - 0.5.13-1ubuntu5

---
appstream-glib (0.5.13-1ubuntu5) xenial; urgency=medium

  * debian/patches/0001-Skip-loading-desktop-data-from-Snap-directory.patch:
- Don't load .desktop files provided by snapd - we already have this 
information
  from snapd. (LP: #1700994)

 -- Robert Ancell   Fri, 07 Jul 2017
13:49:05 +1200

** Changed in: appstream-glib (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1700994

Title:
  Installed snaps show twice in GNOME Software

Status in appstream-glib package in Ubuntu:
  Fix Released
Status in gnome-software package in Ubuntu:
  Fix Released
Status in appstream-glib source package in Xenial:
  Fix Released
Status in gnome-software source package in Xenial:
  In Progress
Status in appstream-glib source package in Zesty:
  Fix Committed
Status in gnome-software source package in Zesty:
  In Progress
Status in appstream-glib source package in Artful:
  Fix Released
Status in gnome-software source package in Artful:
  Fix Released

Bug description:
  [Impact]
  Installed snaps show twice in GNOME Software. The solution is to not scan the 
installed .desktop files - there is sufficient information provided by snapd.

  [Test Case]
  1. Open GNOME Software
  2. Install a snap (e.g. ohmygiraffe)
  3. Switched to "Installed" tab

  Expected result:
  ohmygiraffe is shown once in the installed list.

  Observed result:
  ohmygiraffe is shown twice. One entry has data from the snap metadata, the 
other from the installed .desktop file.

  [Regression Potential]
  There is some risk of breaking other appstream behaviour. The risk is low 
because we only filter out the snapd specific directory that contains this data.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/appstream-glib/+bug/1700994/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1646585] Re: oem-config replaces /etc/resolv.conf symlink with a hard file

[Adam Conrad]

Hello Newton, or anyone else affected,

Accepted ubiquity into xenial-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/ubiquity/2.21.63.4
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-xenial to verification-done-xenial. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-xenial. In either case, details of your
testing will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: netcfg (Ubuntu Yakkety)
   Status: Fix Committed => Won't Fix

** Changed in: ubiquity (Ubuntu Xenial)
   Status: Triaged => Fix Committed

** Tags removed: verification-done-xenial
** Tags added: verification-needed verification-needed-xenial

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1646585

Title:
  oem-config replaces /etc/resolv.conf symlink with a hard file

Status in Nvidia:
  New
Status in netcfg package in Ubuntu:
  Fix Released
Status in ubiquity package in Ubuntu:
  Fix Released
Status in netcfg source package in Xenial:
  Fix Released
Status in ubiquity source package in Xenial:
  Fix Committed
Status in netcfg source package in Yakkety:
  Won't Fix
Status in netcfg source package in Zesty:
  Fix Released
Status in ubiquity source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  This breaks oem-config installs because after running oem-config-firstboot, 
/etc/resolv.conf's symlink might be replaced by a regular file.

  [Test case]
  The DGX server install process uses oem-config to setup certain settings.  We 
are seeing that oem-config-firstboot is replacing the /etc/resolv.conf symlink 
to /run/resolvconf/resolv.conf with a hard file at /etc/resolv.conf.

  This was confirmed by booting in single user mode after a fresh
  install, and seeing the symlink is still there.  Then go thru oem-
  config-firstboot, and find that the symlink is no longer there when
  that is done.

  We have to run "sudo dpkg-reconfigure resolvconf" to restore that
  symlink.

  [Regression potential]
  This may regress by failing to recognize a case where resolvconf is not in 
use, or triggering a false-positive (resolvconf is not in use, by an install is 
tricked into thinking it is and removes resolv.conf). Corruption of 
/etc/resolv.conf or /run/resolvconf/resolv.conf should be considered as 
possible regressions from this SRU.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nvidia/+bug/1646585/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1593907] Re: ntpdate startup routine prevents ntp service from launching up on Ubuntu 16.04 server on system boot

[Launchpad Bug Tracker]

This bug was fixed in the package ntp - 1:4.2.8p4+dfsg-3ubuntu5.6

---
ntp (1:4.2.8p4+dfsg-3ubuntu5.6) xenial; urgency=medium

  * debian/ntpdate.if-up: Drop delta to stop/start service around ntpdate
updates - fixes ntp restart storms due to network changes, fixes
accidential start of ntp, avoids issues of ntpdate jumping too far while
running ntp was supposed to drift (LP: #1593907)

 -- Christian Ehrhardt   Fri, 07 Jul
2017 07:56:45 +0200

** Changed in: ntp (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1593907

Title:
  ntpdate startup routine prevents ntp service from launching up on
  Ubuntu 16.04 server on system boot

Status in ntp package in Ubuntu:
  Fix Released
Status in ntp source package in Trusty:
  Fix Committed
Status in ntp source package in Xenial:
  Fix Released
Status in ntp source package in Yakkety:
  Fix Released
Status in ntp source package in Zesty:
  Fix Released

Bug description:
  [Impact]

   * Fixes several broken cases, those are:
   * Case 1 - ntp configured to drift time slowly, but time jumping
   - ntp is running and drifts time towards a target being way off
   - an interface comes up
   - stop ntpd
   - warp time via ntpdate-debian (static interfaces will even set -b)
   - (re-)start ntpd
   - if users relied on non-time warp they are now in trouble

   * Case 2 - ntp start/stop storms
   - ntpd comes up normally
   - the admin brings interfaces up/down rather often
   - ntp is restarted very very often due to this for no reason
   => reason for bugs like debian 823533

   * Case 3 - unintentional enablement of ntp
   - ntpd is installed but disabled (for whatever reason)
   - all is fine on any ifup/down
   - one installs ntpdate, maybe even without realizing due to a depends
   - now on the next ifup ntpd (or openntpd) will be started

   * Solution, drop the broken Delta

  [Test Case]

   * Testing Case 2/3 as it is the easiest, case 1 needs a more complex 
 setup to cause the time drift but otherwise works the same way.
 - install ntp and ntpdate
 - stop ntp
 - ifup/ifdown an interface multiple times; as simplification you can 
   also call /etc/network/if-up.d/ntpdate directly (not that this 
   spawns the change asnchronous and locks concurrency, so do that a 
   few times over the time of a minute or so)
 - the service of ntp should still be stopped and not report plenty of 
   restarts

  
  [Regression Potential] 

   * It improves a lot of cases (otherwise we wouldn't SRU), but there is 
 one regression potential I can see:

 - users that relied on starting NTP later on after other interfaces 
   got up due to that code in ntpdate which did that as a side effect. 
   But that is outweigh by Case2/3 for the majority of users. And even 
   Case1 only hits this potential regression on e.g. late network 
   intialization, but in that case please remind that the default 
   (systemd timedatectl) would handle that.

 - Since most users of ntp do not install ntpdate (which doesn't work 
   when ntp is active) we should be rather safe to assume that almost 
   no one should rely on that side effect.

 - Furthermore this is a Ubuntu Delta for very long, cause issues (see 
   the references on the git commit) but never made it into Debian - 
   in that sense another indicator it isn't an important delta to 
   have.

  [Other Info]
   
   * The original intention "what if net is available too late" fixed 
 correctly would not be part of ntpdate, but ntp and additionally 
 check if it is actually meant to be enabled - but I never seen/heard 
 of any of it since systemd is around - maybe new ordering mostly 
 avoids the original issue.


  ---

  
  I've installed ntp service on the clean ubuntu 16.04 server system. 
Configured it. Checked that it works, but, after reboot, it doesn't start 
automatically.
  When I check: 'systemctl is-enabled ntp', it shows enabled.
  If I manually start it 'systemctl start ntp' it starts just fine and woks 
correctly,
  but until I manually start it, 'systemctl status ntp' shows:

  Loaded: loaded (/etc/init.d/ntp; bad; vendor preset: enabled)
  Active: inactive (deadi)

  Installed 1.29ubuntu2 version of init-systems-helper, but it didn't
  fix the problem.

  Found a bugreport on ntpd package:

  https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1577596

  led to solution that involves a change to be made in file:

  /etc/network/if-up.d/ntpdate

  of ntpdate package

  After changing from:
  __CODE_START__

  invoke-rc.d --quiet $service stop >/dev/null 

[Group.of.nepali.translators] [Bug 1696599] Re: backport/sync UEFI, Secure Boot support

[Steve Langasek]

** Changed in: grub2-signed (Ubuntu Yakkety)
   Status: Fix Committed => Won't Fix

** Changed in: grub2 (Ubuntu Yakkety)
   Status: Fix Committed => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1696599

Title:
  backport/sync UEFI, Secure Boot support

Status in grub2 package in Ubuntu:
  Fix Released
Status in grub2-signed package in Ubuntu:
  Fix Released
Status in grub2 source package in Trusty:
  New
Status in grub2-signed source package in Trusty:
  New
Status in grub2 source package in Xenial:
  Fix Committed
Status in grub2-signed source package in Xenial:
  Fix Committed
Status in grub2 source package in Yakkety:
  Won't Fix
Status in grub2-signed source package in Yakkety:
  Won't Fix
Status in grub2 source package in Zesty:
  Fix Released
Status in grub2-signed source package in Zesty:
  Fix Released
Status in grub2 source package in Artful:
  Fix Released
Status in grub2-signed source package in Artful:
  Fix Released

Bug description:
  [Impact]
  Since the implementation of UEFI Secure Boot in Ubuntu, there has been a 
large number of changes to the EFI patchset, handled "upstream" at 
https://github.com/vathpela/grub2-fedora/tree/sb.

  This SRU is handled as a wholesale "sync" with a known set of patches
  rather than individual cherry-picks given the high risk in cherry-
  picking individual changes; we do not want to risk subtly breaking
  Secure Boot support or introducing a security issue due to using
  different sets of patches across our currently supported releases.
  Using a common set of patches across releases and making sure we're in
  sync with "upstream" for that particular section of the grub2 codebase
  (specifically, UEFI/SB support is typically outside the GNU GRUB tree)
  allows us to make sure UEFI Secure Boot remains supportable and that
  potential security issues are easy to fix quickly given the complexity
  of the codebase.

  This is a complex set of enablement patches; most of them will be
  fairly straightforward backports, but there are a few known warts:

   * The included patches are based on grub2 2.02~beta3; as such, some
  patches require extra backporting effort of other pieces of the loader
  code down to releases that do not yet include 2.02~beta3 code.

  [Test Case]
  The desktop, server, and alternate install images should all boot and install 
on an SB-enabled system. I would recommend testing installations from both a CD 
and a USB stick. After each installation, validate that Secure Boot is enabled 
by checking /sys/firmware/efi/efivars/SecureBoot-*, as well as 
/sys/firmware/efi/efivars/Mok* variables (for the cases where shim validation 
may be disabled).

  Tests should include:
  - booting with Secure Boot enabled
  - booting with Secure Boot enabled, but shim validation disabled
  - booting with Secure Boot disabled, but still in EFI mode

  [Regression Potential]
  Check that non-SB installations of all these images still work. For this, it 
is sufficient to test with either a CD or a USB stick, but not necessarily both.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1696599/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1694859] Re: arm64 kernel crashdump support

[Launchpad Bug Tracker]

This bug was fixed in the package kexec-tools - 1:2.0.14-1ubuntu3.1

---
kexec-tools (1:2.0.14-1ubuntu3.1) zesty; urgency=medium

  * Add backport of upstream arm64 crashdump support (LP: #1694859).

 -- dann frazier   Wed, 21 Jun 2017 15:15:25 -0600

** Changed in: kexec-tools (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1694859

Title:
  arm64 kernel crashdump support

Status in kexec-tools package in Ubuntu:
  Fix Released
Status in linux package in Ubuntu:
  Fix Released
Status in makedumpfile package in Ubuntu:
  Fix Released
Status in kexec-tools source package in Xenial:
  Fix Released
Status in linux source package in Xenial:
  Won't Fix
Status in makedumpfile source package in Xenial:
  Fix Committed
Status in kexec-tools source package in Yakkety:
  In Progress
Status in linux source package in Yakkety:
  Won't Fix
Status in makedumpfile source package in Yakkety:
  Won't Fix
Status in kexec-tools source package in Zesty:
  Fix Released
Status in linux source package in Zesty:
  Fix Released
Status in makedumpfile source package in Zesty:
  Fix Released

Bug description:
  Note: Updates are being staged at ppa:dannf/arm64-kdump.

  [Impact]
  It is not possible to collect a kernel crash dump from a crashed arm64 server 
for later debugging.

  [Test Case]
  sudo apt install kdump-tools
  (reboot, so crashkernel= is added to the kernel commandline)
  echo c | sudo tee /proc/sysrq-trigger

  Crash dump should occur, with artifacts collected in /var/crash.

  If you want to verify that the dump is usable, install the
  corresponding linux-image--dbgsym package and run:

  sudo crash /usr/lib/debug/boot/vmlinux-
  /var/crash//dump.

  crash should successfully load, placing you at a "crash>" prompt. At that 
prompt, you can issue the 'bt' command to see a backtrace.
  Note: you need crash from zesty (7.1.8-1ubuntu1) or later.

  [Regression Risk]
  = Kernel =
  3 patches here touch code outside of arch/arm64/:

  memblock: add memblock_clear_nomap()
  This adds a new function with no callers, so regression risk is negligible.
  (A later patch adds a call to it under arch/arm64/).

  memblock: add memblock_cap_memory_range()
  This refactors some of the code in memblock_mem_limit_remove_map() into a new 
function. The only existing caller of memblock_mem_limit_remove_map() is under 
arch/arm64/, so the regression risk outside of arm64 is negligible.

  efi/libstub/arm*: Set default address and size cells values for an empty dtb
  Because this code is for EFI platforms that support device-tree, it is 
de-facto ARM-specific (as noted in the patch title).

  For arm64, we have mitigated the risk by explicit regression testing on 
several platforms:
   - Qualcomm QDF2400
   - Cavium ThunderX CRB1S
   - HP m400 (X-Gene)
   - HiSilicon D05 (Hi07)

  = kexec-tools =
  == zesty ==
  For zesty, 10 patches are required to add kdump support.

  0001-kexec-extend-the-semantics-of-kexec_iomem_for_each_l.patch:
  This modifies a function used on armhf & x86. The description explains the 
change, and why it does not impact those archs:

  -
  The current users of kexec_iomem_for_each_line(), arm, sh and x86, will not
  be affected by this change because
  * arm
    The callback function only returns -1 or 0, and the return value of
    kexec_iomem_for_each_line() will never be used.
  * sh, x86
    The callback function may return (-1 for sh,) 0 or 1, but always returns
    1 once we have reached the maximum number of entries allowed.
    Even so the current kexec_iomem_for_each_line() counts them up.
    This change actually fixes this bug.
  -

  0002-kexec-generalize-and-rename-get_kernel_stext_sym.patch:
  This generalizes a function that was duplicated by arm & x86 and makes it 
common so arm64 can use it.

  The remaining 8 of these only touch code in kexec/arch/arm64, so
  regression risk for other architectures is negligible.

  Finally, I have tested this update on both i386 and amd64 VMs. i386
  crashes do not currently work in zesty (filed LP: #1699874), and my
  test results show no change there. amd64 worked before, and continues
  to work with these changes.

  == yakkety ==
  Since yakkety is based on an older upstream, 6 additional patches are 
required:

  arm-fix-get_kernel_stext_sym-to-close-its-file.patch:
  This is a cleanup patch, cherry-picked because it allows later patches to 
apply w/o backporting. ARM-specific.

  kexec-add-max_size-to-memory_ranges.patch:
  Adds a new element to struct, to be used by later commits.

  kexec-add-generic-helper-to-add-to-memoryq_regions.patch,
  kexec-add-mem_regions-sorting-implementation.patch,
  kexec-add-helper-to-exlude-a-region-from-a-set-of-me.patch,
  kexec-fix-mem_regions_sort.patch:
  These 

[Group.of.nepali.translators] [Bug 1593907] Re: ntpdate startup routine prevents ntp service from launching up on Ubuntu 16.04 server on system boot

[Launchpad Bug Tracker]

This bug was fixed in the package ntp - 1:4.2.8p9+dfsg-2ubuntu1.2

---
ntp (1:4.2.8p9+dfsg-2ubuntu1.2) zesty; urgency=medium

  * debian/ntpdate.if-up: Drop delta to stop/start service around ntpdate
updates - fixes ntp restart storms due to network changes, fixes
accidential start of ntp, avoids issues of ntpdate jumping too far while
running ntp was supposed to drift (LP: #1593907)

 -- Christian Ehrhardt   Fri, 07 Jul
2017 07:59:52 +0200

** Changed in: ntp (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1593907

Title:
  ntpdate startup routine prevents ntp service from launching up on
  Ubuntu 16.04 server on system boot

Status in ntp package in Ubuntu:
  Fix Released
Status in ntp source package in Trusty:
  Fix Released
Status in ntp source package in Xenial:
  Fix Released
Status in ntp source package in Yakkety:
  Fix Released
Status in ntp source package in Zesty:
  Fix Released

Bug description:
  [Impact]

   * Fixes several broken cases, those are:
   * Case 1 - ntp configured to drift time slowly, but time jumping
   - ntp is running and drifts time towards a target being way off
   - an interface comes up
   - stop ntpd
   - warp time via ntpdate-debian (static interfaces will even set -b)
   - (re-)start ntpd
   - if users relied on non-time warp they are now in trouble

   * Case 2 - ntp start/stop storms
   - ntpd comes up normally
   - the admin brings interfaces up/down rather often
   - ntp is restarted very very often due to this for no reason
   => reason for bugs like debian 823533

   * Case 3 - unintentional enablement of ntp
   - ntpd is installed but disabled (for whatever reason)
   - all is fine on any ifup/down
   - one installs ntpdate, maybe even without realizing due to a depends
   - now on the next ifup ntpd (or openntpd) will be started

   * Solution, drop the broken Delta

  [Test Case]

   * Testing Case 2/3 as it is the easiest, case 1 needs a more complex 
 setup to cause the time drift but otherwise works the same way.
 - install ntp and ntpdate
 - stop ntp
 - ifup/ifdown an interface multiple times; as simplification you can 
   also call /etc/network/if-up.d/ntpdate directly (not that this 
   spawns the change asnchronous and locks concurrency, so do that a 
   few times over the time of a minute or so)
 - the service of ntp should still be stopped and not report plenty of 
   restarts

  
  [Regression Potential] 

   * It improves a lot of cases (otherwise we wouldn't SRU), but there is 
 one regression potential I can see:

 - users that relied on starting NTP later on after other interfaces 
   got up due to that code in ntpdate which did that as a side effect. 
   But that is outweigh by Case2/3 for the majority of users. And even 
   Case1 only hits this potential regression on e.g. late network 
   intialization, but in that case please remind that the default 
   (systemd timedatectl) would handle that.

 - Since most users of ntp do not install ntpdate (which doesn't work 
   when ntp is active) we should be rather safe to assume that almost 
   no one should rely on that side effect.

 - Furthermore this is a Ubuntu Delta for very long, cause issues (see 
   the references on the git commit) but never made it into Debian - 
   in that sense another indicator it isn't an important delta to 
   have.

  [Other Info]
   
   * The original intention "what if net is available too late" fixed 
 correctly would not be part of ntpdate, but ntp and additionally 
 check if it is actually meant to be enabled - but I never seen/heard 
 of any of it since systemd is around - maybe new ordering mostly 
 avoids the original issue.


  ---

  
  I've installed ntp service on the clean ubuntu 16.04 server system. 
Configured it. Checked that it works, but, after reboot, it doesn't start 
automatically.
  When I check: 'systemctl is-enabled ntp', it shows enabled.
  If I manually start it 'systemctl start ntp' it starts just fine and woks 
correctly,
  but until I manually start it, 'systemctl status ntp' shows:

  Loaded: loaded (/etc/init.d/ntp; bad; vendor preset: enabled)
  Active: inactive (deadi)

  Installed 1.29ubuntu2 version of init-systems-helper, but it didn't
  fix the problem.

  Found a bugreport on ntpd package:

  https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1577596

  led to solution that involves a change to be made in file:

  /etc/network/if-up.d/ntpdate

  of ntpdate package

  After changing from:
  __CODE_START__

  invoke-rc.d --quiet $service stop >/dev/null 2>&1 

[Group.of.nepali.translators] [Bug 1695578] Re: shim-signed trigger should not fail when attempting to re-prompt noninteractively and we've prompted before

[Launchpad Bug Tracker]

This bug was fixed in the package shim-signed - 1.32~16.04.1

---
shim-signed (1.32~16.04.1) xenial; urgency=medium

  * Backport shim-signed 1.32 to 16.04. (LP: #1700170)

shim-signed (1.32) artful; urgency=medium

  * Handle cleanup of /var/lib/shim-signed on package purge.

shim-signed (1.31) artful; urgency=medium

  * Fix regression in postinst when /var/lib/dkms does not exist.
(LP#1700195)
  * Sort the list of dkms modules when recording.

shim-signed (1.30) artful; urgency=medium

  * update-secureboot-policy: track the installed DKMS modules so we can skip
failing unattended upgrades if they hasn't changed (ie. if no new DKMS
modules have been installed, just honour the user's previous decision to
not disable shim validation). (LP: #1695578)
  * update-secureboot-policy: allow re-enabling shim validation when no DKMS
packages are installed. (LP: #1673904)
  * debian/source_shim-signed.py: add the textual representation of SecureBoot
and MokSBStateRT EFI variables rather than just adding the files directly;
also, make sure we include the relevant EFI bits from kernel log.
(LP: #1680279)

shim-signed (1.29) artful; urgency=medium

  * Makefile: Generate BOOT$arch.CSV, for use with fallback.
  * debian/rules: make sure we can do per-arch EFI files.

 -- Mathieu Trudel-Lapierre   Mon, 10 Jul 2017
17:43:10 -0400

** Changed in: shim-signed (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1695578

Title:
  shim-signed trigger should not fail when attempting to re-prompt
  noninteractively and we've prompted before

Status in shim-signed package in Ubuntu:
  Fix Released
Status in shim-signed source package in Trusty:
  Fix Committed
Status in shim-signed source package in Xenial:
  Fix Released
Status in shim-signed source package in Yakkety:
  Fix Committed
Status in shim-signed source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  Users may require updates to DKMS modules while shim validation is disabled, 
and expect to do these updates non-interactively, such as via 
unattended-upgrades.

  [Test Case]
  == Interactive ==
  (on an EFI system with proper Secure Boot support)
  1- Install an old version of a DKMS package (such as bbswitch-dkms or 
r8168-dkms)
  2- Follow the prompts on install to disable shim validation; reboot.

  The system should allow you to install the dkms module and prompt you
  for a password to disable Secure Boot validation in shim. This
  behavior should remain the same with or without the patch and serves
  as an extra verification to guard against regressions.

  == Uninteractive ==
  (on an EFI system with proper Secure Boot support)
  1- Install an old version of a DKMS package (such as bbswitch-dkms or 
r8168-dkms)
  2- Follow the prompts on install to disable shim validation; reboot.
  3- Run 'sudo apt update'
  4- Enable unattended-upgrades (see 
https://help.ubuntu.com/lts/serverguide/automatic-updates.html)
  4b - If necessary, using PPA packages for testing, allow the PPA source in 
/etc/apt/apt.conf.d/50unattended-upgrades.
  5- Wait/trigger unattended upgrades; observe the behavior:

  The user has not installed any new DKMS modules, and we're
  noninteractive, the trigger should silently pass. Without the patch,
  this test case should fail (upgrade fails) because update-secureboot-
  policy is unable to prompt the user.

  == New DKMS package install uninteractively ==
  1- Enable unattended upgrades
  2- Prepare a new PPA package update that adds a dependency on a -dkms package.
  3- Wait/trigger unattended upgrades; observe the behavior.

  The user is in effect installing a new DKMS module that was not
  already present on the system and being upgraded. In this case, the
  upgrade should fail, because update-secureboot-policy is unable to
  prompt the user. Without the patch, the same behavior occurs (this
  serves as another regression guard)

  [Regression Potential]
  Failure to complete an update in non-interactive (unattended-upgrades) when 
DKMS modules are in use, triggering a failure in apt's upgrade process would be 
a regression of this update. Also, being unable to correctly recognize the 
current state of Secure Boot and shim validation, or incorrectly returning 
before prompting for the password required to toggle shim validation when the 
shim validation state make sense to be changed (ie. prompting to enable when it 
is disabled only, prompting to disable only if it's currently enabled).

  [Background information]
  The upgrades should run non-interactively without issue whenever possible, 
but forcefully prompt the user if a new DKMS package is being installed 
uninteractively:

   - If the user installs a new DKMS module, we should not silently 

[Group.of.nepali.translators] [Bug 1695578] Re: shim-signed trigger should not fail when attempting to re-prompt noninteractively and we've prompted before

[Launchpad Bug Tracker]

This bug was fixed in the package shim-signed - 1.32~17.04.1

---
shim-signed (1.32~17.04.1) zesty; urgency=medium

  * Backport shim-signed 1.32 to 17.04. (LP: #1700170)

shim-signed (1.32) artful; urgency=medium

  * Handle cleanup of /var/lib/shim-signed on package purge.

shim-signed (1.31) artful; urgency=medium

  * Fix regression in postinst when /var/lib/dkms does not exist.
(LP#1700195)
  * Sort the list of dkms modules when recording.

shim-signed (1.30) artful; urgency=medium

  * update-secureboot-policy: track the installed DKMS modules so we can skip
failing unattended upgrades if they hasn't changed (ie. if no new DKMS
modules have been installed, just honour the user's previous decision to
not disable shim validation). (LP: #1695578)
  * update-secureboot-policy: allow re-enabling shim validation when no DKMS
packages are installed. (LP: #1673904)
  * debian/source_shim-signed.py: add the textual representation of SecureBoot
and MokSBStateRT EFI variables rather than just adding the files directly;
also, make sure we include the relevant EFI bits from kernel log.
(LP: #1680279)

shim-signed (1.29) artful; urgency=medium

  * Makefile: Generate BOOT$arch.CSV, for use with fallback.
  * debian/rules: make sure we can do per-arch EFI files.

 -- Mathieu Trudel-Lapierre   Mon, 10 Jul 2017
17:10:08 -0400

** Changed in: shim-signed (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1695578

Title:
  shim-signed trigger should not fail when attempting to re-prompt
  noninteractively and we've prompted before

Status in shim-signed package in Ubuntu:
  Fix Released
Status in shim-signed source package in Trusty:
  Fix Committed
Status in shim-signed source package in Xenial:
  Fix Released
Status in shim-signed source package in Yakkety:
  Fix Committed
Status in shim-signed source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  Users may require updates to DKMS modules while shim validation is disabled, 
and expect to do these updates non-interactively, such as via 
unattended-upgrades.

  [Test Case]
  == Interactive ==
  (on an EFI system with proper Secure Boot support)
  1- Install an old version of a DKMS package (such as bbswitch-dkms or 
r8168-dkms)
  2- Follow the prompts on install to disable shim validation; reboot.

  The system should allow you to install the dkms module and prompt you
  for a password to disable Secure Boot validation in shim. This
  behavior should remain the same with or without the patch and serves
  as an extra verification to guard against regressions.

  == Uninteractive ==
  (on an EFI system with proper Secure Boot support)
  1- Install an old version of a DKMS package (such as bbswitch-dkms or 
r8168-dkms)
  2- Follow the prompts on install to disable shim validation; reboot.
  3- Run 'sudo apt update'
  4- Enable unattended-upgrades (see 
https://help.ubuntu.com/lts/serverguide/automatic-updates.html)
  4b - If necessary, using PPA packages for testing, allow the PPA source in 
/etc/apt/apt.conf.d/50unattended-upgrades.
  5- Wait/trigger unattended upgrades; observe the behavior:

  The user has not installed any new DKMS modules, and we're
  noninteractive, the trigger should silently pass. Without the patch,
  this test case should fail (upgrade fails) because update-secureboot-
  policy is unable to prompt the user.

  == New DKMS package install uninteractively ==
  1- Enable unattended upgrades
  2- Prepare a new PPA package update that adds a dependency on a -dkms package.
  3- Wait/trigger unattended upgrades; observe the behavior.

  The user is in effect installing a new DKMS module that was not
  already present on the system and being upgraded. In this case, the
  upgrade should fail, because update-secureboot-policy is unable to
  prompt the user. Without the patch, the same behavior occurs (this
  serves as another regression guard)

  [Regression Potential]
  Failure to complete an update in non-interactive (unattended-upgrades) when 
DKMS modules are in use, triggering a failure in apt's upgrade process would be 
a regression of this update. Also, being unable to correctly recognize the 
current state of Secure Boot and shim validation, or incorrectly returning 
before prompting for the password required to toggle shim validation when the 
shim validation state make sense to be changed (ie. prompting to enable when it 
is disabled only, prompting to disable only if it's currently enabled).

  [Background information]
  The upgrades should run non-interactively without issue whenever possible, 
but forcefully prompt the user if a new DKMS package is being installed 
uninteractively:

   - If the user installs a new DKMS module, we should not silently 

[Group.of.nepali.translators] [Bug 1696599] Re: backport/sync UEFI, Secure Boot support

[Launchpad Bug Tracker]

This bug was fixed in the package grub2-signed - 1.80.2

---
grub2-signed (1.80.2) zesty; urgency=medium

  * Rebuild against grub2 2.02~beta3-4ubuntu2.2. (LP: #1696599)

 -- Mathieu Trudel-Lapierre   Wed, 14 Jun 2017
14:46:59 -0400

** Changed in: grub2-signed (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1696599

Title:
  backport/sync UEFI, Secure Boot support

Status in grub2 package in Ubuntu:
  Fix Released
Status in grub2-signed package in Ubuntu:
  Fix Released
Status in grub2 source package in Trusty:
  New
Status in grub2-signed source package in Trusty:
  New
Status in grub2 source package in Xenial:
  Fix Committed
Status in grub2-signed source package in Xenial:
  Fix Committed
Status in grub2 source package in Yakkety:
  Won't Fix
Status in grub2-signed source package in Yakkety:
  Won't Fix
Status in grub2 source package in Zesty:
  Fix Released
Status in grub2-signed source package in Zesty:
  Fix Released
Status in grub2 source package in Artful:
  Fix Released
Status in grub2-signed source package in Artful:
  Fix Released

Bug description:
  [Impact]
  Since the implementation of UEFI Secure Boot in Ubuntu, there has been a 
large number of changes to the EFI patchset, handled "upstream" at 
https://github.com/vathpela/grub2-fedora/tree/sb.

  This SRU is handled as a wholesale "sync" with a known set of patches
  rather than individual cherry-picks given the high risk in cherry-
  picking individual changes; we do not want to risk subtly breaking
  Secure Boot support or introducing a security issue due to using
  different sets of patches across our currently supported releases.
  Using a common set of patches across releases and making sure we're in
  sync with "upstream" for that particular section of the grub2 codebase
  (specifically, UEFI/SB support is typically outside the GNU GRUB tree)
  allows us to make sure UEFI Secure Boot remains supportable and that
  potential security issues are easy to fix quickly given the complexity
  of the codebase.

  This is a complex set of enablement patches; most of them will be
  fairly straightforward backports, but there are a few known warts:

   * The included patches are based on grub2 2.02~beta3; as such, some
  patches require extra backporting effort of other pieces of the loader
  code down to releases that do not yet include 2.02~beta3 code.

  [Test Case]
  The desktop, server, and alternate install images should all boot and install 
on an SB-enabled system. I would recommend testing installations from both a CD 
and a USB stick. After each installation, validate that Secure Boot is enabled 
by checking /sys/firmware/efi/efivars/SecureBoot-*, as well as 
/sys/firmware/efi/efivars/Mok* variables (for the cases where shim validation 
may be disabled).

  Tests should include:
  - booting with Secure Boot enabled
  - booting with Secure Boot enabled, but shim validation disabled
  - booting with Secure Boot disabled, but still in EFI mode

  [Regression Potential]
  Check that non-SB installations of all these images still work. For this, it 
is sufficient to test with either a CD or a USB stick, but not necessarily both.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1696599/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1700170] Re: backport shim-signed 1.30 from artful to supported releases

[Launchpad Bug Tracker]

This bug was fixed in the package shim-signed - 1.32~17.04.1

---
shim-signed (1.32~17.04.1) zesty; urgency=medium

  * Backport shim-signed 1.32 to 17.04. (LP: #1700170)

shim-signed (1.32) artful; urgency=medium

  * Handle cleanup of /var/lib/shim-signed on package purge.

shim-signed (1.31) artful; urgency=medium

  * Fix regression in postinst when /var/lib/dkms does not exist.
(LP#1700195)
  * Sort the list of dkms modules when recording.

shim-signed (1.30) artful; urgency=medium

  * update-secureboot-policy: track the installed DKMS modules so we can skip
failing unattended upgrades if they hasn't changed (ie. if no new DKMS
modules have been installed, just honour the user's previous decision to
not disable shim validation). (LP: #1695578)
  * update-secureboot-policy: allow re-enabling shim validation when no DKMS
packages are installed. (LP: #1673904)
  * debian/source_shim-signed.py: add the textual representation of SecureBoot
and MokSBStateRT EFI variables rather than just adding the files directly;
also, make sure we include the relevant EFI bits from kernel log.
(LP: #1680279)

shim-signed (1.29) artful; urgency=medium

  * Makefile: Generate BOOT$arch.CSV, for use with fallback.
  * debian/rules: make sure we can do per-arch EFI files.

 -- Mathieu Trudel-Lapierre   Mon, 10 Jul 2017
17:10:08 -0400

** Changed in: shim-signed (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1700170

Title:
  backport shim-signed 1.30 from artful to supported releases

Status in shim-signed package in Ubuntu:
  Fix Released
Status in shim-signed source package in Trusty:
  Fix Committed
Status in shim-signed source package in Xenial:
  Fix Released
Status in shim-signed source package in Yakkety:
  Fix Committed
Status in shim-signed source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  shim-signed ships the signed shim$arch.efi binary that goes with the shim 
package available in each release, which should remain synchronized across all 
supported releases as to make sure the security sensitive binary can be 
appropriately supported.

  shim-signed also ships some additional bits that are useful to go
  along with the shim binary; and this is what is actually targetted on
  this SRU: shim itself does not change, but in the interest of making
  support as easy as possible, the supporting files shipped with it are
  also kept synchronized across releases.

  These files are the following:
   - an apport hook, useful to let users report issues in updating the Boot 
Entries on their firmware, debugging upgrade issues, etc; and provides critical 
information about the system on which a bug is reported about the state of that 
system's EFI firmware: whether EFI validation is enabled, whether Secure Boot 
is enabled, whether it was properly started by the kernel;
   - a BOOT$arch.CSV file, to be installed by grub2 if present, where grub2 has 
that feature (in artful only), or to be installed manually by the user if 
wanted. This file is a text file that provides the location of shim on a system 
when running the shim fallback binary (also not installed prior to artful).

  [Test case]
  See the other closed bugs for this backport, which include their own test 
cases.

  == boot.csv ==
  1) Verify that /usr/lib/shim/BOOTX64.CSV contains:
  shimx64.efi,ubuntu,,This is the boot entry for Ubuntu

  [Regression potential]
  See the other closed bugs for this backport, which include their own test 
cases.

  Shipping the BOOT$arch.CSV file alone has no risk of regression, it
  constitutes a single text file shipped in a location where it is not
  used; it is only contained in the backport to simplify keeping the
  shim-signed packages synchronized.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1700170/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1696599] Re: backport/sync UEFI, Secure Boot support

[Launchpad Bug Tracker]

This bug was fixed in the package grub2 - 2.02~beta3-4ubuntu2.2

---
grub2 (2.02~beta3-4ubuntu2.2) zesty; urgency=medium

  * debian/patches: Rework linuxefi/SecureBoot support and sync with upstream
SB patch set: (LP: #1696599)
- linuxefi_arm_sb_support.patch: add Secure Boot support for arm for its
  chainloader.
- linuxefi_fix_validation_race.patch: Fix a race in validating images.
- linuxefi_chainloader_path.patch: honor the starting path for grub, so
  images do not need to be started from $root.
- linuxefi_chainloader_sb.patch: Fix some more issues in chainloader use
  when Secure Boot is enabled.
- linuxefi_loaders_enforce_sb.patch: Enforce Secure Boot policy for all
  loaders: don't load the commands when Secure Boot is enabled.
- linuxefi_re-enable_linux_cmd.patch: Since we rely on the linux and
  initrd commands to automatically hand-off to linuxefi/initrdefi; re-
  enable the linux loader.
- linuxefi_chainloader_pe_fixes.patch: PE parsing fixes for chainloading
  "special" PE images, such as Windows'.
- linuxefi_rework_non-sb_cases.patch: rework cases where Secure Boot is
  disabled or shim validation is disabled so loading works as EFI binaries
  when it is supposed to.
- Removed linuxefi_require_shim.patch; superseded by the above.
  (LP: #1689687)

 -- Mathieu Trudel-Lapierre   Wed, 14 Jun 2017
14:44:48 -0400

** Changed in: grub2 (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1696599

Title:
  backport/sync UEFI, Secure Boot support

Status in grub2 package in Ubuntu:
  Fix Released
Status in grub2-signed package in Ubuntu:
  Fix Released
Status in grub2 source package in Trusty:
  New
Status in grub2-signed source package in Trusty:
  New
Status in grub2 source package in Xenial:
  Fix Committed
Status in grub2-signed source package in Xenial:
  Fix Committed
Status in grub2 source package in Yakkety:
  Won't Fix
Status in grub2-signed source package in Yakkety:
  Won't Fix
Status in grub2 source package in Zesty:
  Fix Released
Status in grub2-signed source package in Zesty:
  Fix Released
Status in grub2 source package in Artful:
  Fix Released
Status in grub2-signed source package in Artful:
  Fix Released

Bug description:
  [Impact]
  Since the implementation of UEFI Secure Boot in Ubuntu, there has been a 
large number of changes to the EFI patchset, handled "upstream" at 
https://github.com/vathpela/grub2-fedora/tree/sb.

  This SRU is handled as a wholesale "sync" with a known set of patches
  rather than individual cherry-picks given the high risk in cherry-
  picking individual changes; we do not want to risk subtly breaking
  Secure Boot support or introducing a security issue due to using
  different sets of patches across our currently supported releases.
  Using a common set of patches across releases and making sure we're in
  sync with "upstream" for that particular section of the grub2 codebase
  (specifically, UEFI/SB support is typically outside the GNU GRUB tree)
  allows us to make sure UEFI Secure Boot remains supportable and that
  potential security issues are easy to fix quickly given the complexity
  of the codebase.

  This is a complex set of enablement patches; most of them will be
  fairly straightforward backports, but there are a few known warts:

   * The included patches are based on grub2 2.02~beta3; as such, some
  patches require extra backporting effort of other pieces of the loader
  code down to releases that do not yet include 2.02~beta3 code.

  [Test Case]
  The desktop, server, and alternate install images should all boot and install 
on an SB-enabled system. I would recommend testing installations from both a CD 
and a USB stick. After each installation, validate that Secure Boot is enabled 
by checking /sys/firmware/efi/efivars/SecureBoot-*, as well as 
/sys/firmware/efi/efivars/Mok* variables (for the cases where shim validation 
may be disabled).

  Tests should include:
  - booting with Secure Boot enabled
  - booting with Secure Boot enabled, but shim validation disabled
  - booting with Secure Boot disabled, but still in EFI mode

  [Regression Potential]
  Check that non-SB installations of all these images still work. For this, it 
is sufficient to test with either a CD or a USB stick, but not necessarily both.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1696599/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : 

[Group.of.nepali.translators] [Bug 1689687] Re: pass validation if shim protocol is not installed

[Launchpad Bug Tracker]

This bug was fixed in the package grub2 - 2.02~beta3-4ubuntu2.2

---
grub2 (2.02~beta3-4ubuntu2.2) zesty; urgency=medium

  * debian/patches: Rework linuxefi/SecureBoot support and sync with upstream
SB patch set: (LP: #1696599)
- linuxefi_arm_sb_support.patch: add Secure Boot support for arm for its
  chainloader.
- linuxefi_fix_validation_race.patch: Fix a race in validating images.
- linuxefi_chainloader_path.patch: honor the starting path for grub, so
  images do not need to be started from $root.
- linuxefi_chainloader_sb.patch: Fix some more issues in chainloader use
  when Secure Boot is enabled.
- linuxefi_loaders_enforce_sb.patch: Enforce Secure Boot policy for all
  loaders: don't load the commands when Secure Boot is enabled.
- linuxefi_re-enable_linux_cmd.patch: Since we rely on the linux and
  initrd commands to automatically hand-off to linuxefi/initrdefi; re-
  enable the linux loader.
- linuxefi_chainloader_pe_fixes.patch: PE parsing fixes for chainloading
  "special" PE images, such as Windows'.
- linuxefi_rework_non-sb_cases.patch: rework cases where Secure Boot is
  disabled or shim validation is disabled so loading works as EFI binaries
  when it is supposed to.
- Removed linuxefi_require_shim.patch; superseded by the above.
  (LP: #1689687)

 -- Mathieu Trudel-Lapierre   Wed, 14 Jun 2017
14:44:48 -0400

** Changed in: grub2 (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1689687

Title:
  pass validation if shim protocol is not installed

Status in grub2 package in Ubuntu:
  Fix Released
Status in grub2 source package in Xenial:
  Fix Committed
Status in grub2 source package in Yakkety:
  Fix Committed
Status in grub2 source package in Zesty:
  Fix Released
Status in grub2 source package in Artful:
  Fix Released

Bug description:
  [Impact]
  Users of UEFI Secure Boot that must disable SB validation in shim, for 
example to run dkms modules, may notice that the kernel incorrectly reports the 
SecureBoot/shim states.

  [Test case]
  1) Install bbswitch-dkms

  a) Validate whether you are prompted to disable Secure Boot. If Secure
  Boot is already disabled, you should not be prompted again. If it
  isn't, you should be prompted once.

  b) If shim validation was previously disabled, verify that the kernel
  reports /proc/sys/kernel/moksbstate_disabled as "1" (shim validation
  disabled)

  [Regression Potential]
  This affects the loading behavior for the kernel, which will now load as an 
EFI binary and thus execute some extra code to bring up UEFI, which would 
otherwise not get loaded in the case shim validation is disabled. Given that 
the system must have booted successfully once for validation to get disabled, 
there should not be any issues; but possible resulting regressions would be a 
failure to correctly load the kernel, or a kernel issue early on during boot. 
Furthermore, any instance where the incorrect loading behavior was relied upon 
by installs (though I can think of no examples for this) would regress. The 
kind of issue that might be seen there is where code relies on 
/proc/sys/kernel/moksbstate_disabled or /proc/sys/kernel/secure_boot, or on 
other aspects of the kernel's secure boot policy (there seems to exist at least 
one special case for SB in kernel bluetooth code), the programs that rely on 
such behavior would regress. There are no packages shipped in Ubuntu that rely 
on this incorrect behavior; the only known package to ship something that 
checks the relevant /proc files is shim-signed, and this is meant to correct 
the behavior when these values are set.

  
  ---

  GRUB currently fails SecureBoot validation (ie. calls to
  grub_linuxefi_secure_validate() fail) if shim's protocol is not
  installed when that function is called.

  This currently breaks some kernel features relying on starting in the
  EFI stub code (ie. the kernel being loaded as an EFI binary); and
  instead falls back to the 'linux' command instead of 'linuxefi'.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1689687/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1700170] Re: backport shim-signed 1.30 from artful to supported releases

[Launchpad Bug Tracker]

This bug was fixed in the package shim-signed - 1.32~16.04.1

---
shim-signed (1.32~16.04.1) xenial; urgency=medium

  * Backport shim-signed 1.32 to 16.04. (LP: #1700170)

shim-signed (1.32) artful; urgency=medium

  * Handle cleanup of /var/lib/shim-signed on package purge.

shim-signed (1.31) artful; urgency=medium

  * Fix regression in postinst when /var/lib/dkms does not exist.
(LP#1700195)
  * Sort the list of dkms modules when recording.

shim-signed (1.30) artful; urgency=medium

  * update-secureboot-policy: track the installed DKMS modules so we can skip
failing unattended upgrades if they hasn't changed (ie. if no new DKMS
modules have been installed, just honour the user's previous decision to
not disable shim validation). (LP: #1695578)
  * update-secureboot-policy: allow re-enabling shim validation when no DKMS
packages are installed. (LP: #1673904)
  * debian/source_shim-signed.py: add the textual representation of SecureBoot
and MokSBStateRT EFI variables rather than just adding the files directly;
also, make sure we include the relevant EFI bits from kernel log.
(LP: #1680279)

shim-signed (1.29) artful; urgency=medium

  * Makefile: Generate BOOT$arch.CSV, for use with fallback.
  * debian/rules: make sure we can do per-arch EFI files.

 -- Mathieu Trudel-Lapierre   Mon, 10 Jul 2017
17:43:10 -0400

** Changed in: shim-signed (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1700170

Title:
  backport shim-signed 1.30 from artful to supported releases

Status in shim-signed package in Ubuntu:
  Fix Released
Status in shim-signed source package in Trusty:
  Fix Committed
Status in shim-signed source package in Xenial:
  Fix Released
Status in shim-signed source package in Yakkety:
  Fix Committed
Status in shim-signed source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  shim-signed ships the signed shim$arch.efi binary that goes with the shim 
package available in each release, which should remain synchronized across all 
supported releases as to make sure the security sensitive binary can be 
appropriately supported.

  shim-signed also ships some additional bits that are useful to go
  along with the shim binary; and this is what is actually targetted on
  this SRU: shim itself does not change, but in the interest of making
  support as easy as possible, the supporting files shipped with it are
  also kept synchronized across releases.

  These files are the following:
   - an apport hook, useful to let users report issues in updating the Boot 
Entries on their firmware, debugging upgrade issues, etc; and provides critical 
information about the system on which a bug is reported about the state of that 
system's EFI firmware: whether EFI validation is enabled, whether Secure Boot 
is enabled, whether it was properly started by the kernel;
   - a BOOT$arch.CSV file, to be installed by grub2 if present, where grub2 has 
that feature (in artful only), or to be installed manually by the user if 
wanted. This file is a text file that provides the location of shim on a system 
when running the shim fallback binary (also not installed prior to artful).

  [Test case]
  See the other closed bugs for this backport, which include their own test 
cases.

  == boot.csv ==
  1) Verify that /usr/lib/shim/BOOTX64.CSV contains:
  shimx64.efi,ubuntu,,This is the boot entry for Ubuntu

  [Regression potential]
  See the other closed bugs for this backport, which include their own test 
cases.

  Shipping the BOOT$arch.CSV file alone has no risk of regression, it
  constitutes a single text file shipped in a location where it is not
  used; it is only contained in the backport to simplify keeping the
  shim-signed packages synchronized.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1700170/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1680279] Re: attach secureboot state files to shim-signed apport reports

[Launchpad Bug Tracker]

This bug was fixed in the package shim-signed - 1.32~16.04.1

---
shim-signed (1.32~16.04.1) xenial; urgency=medium

  * Backport shim-signed 1.32 to 16.04. (LP: #1700170)

shim-signed (1.32) artful; urgency=medium

  * Handle cleanup of /var/lib/shim-signed on package purge.

shim-signed (1.31) artful; urgency=medium

  * Fix regression in postinst when /var/lib/dkms does not exist.
(LP#1700195)
  * Sort the list of dkms modules when recording.

shim-signed (1.30) artful; urgency=medium

  * update-secureboot-policy: track the installed DKMS modules so we can skip
failing unattended upgrades if they hasn't changed (ie. if no new DKMS
modules have been installed, just honour the user's previous decision to
not disable shim validation). (LP: #1695578)
  * update-secureboot-policy: allow re-enabling shim validation when no DKMS
packages are installed. (LP: #1673904)
  * debian/source_shim-signed.py: add the textual representation of SecureBoot
and MokSBStateRT EFI variables rather than just adding the files directly;
also, make sure we include the relevant EFI bits from kernel log.
(LP: #1680279)

shim-signed (1.29) artful; urgency=medium

  * Makefile: Generate BOOT$arch.CSV, for use with fallback.
  * debian/rules: make sure we can do per-arch EFI files.

 -- Mathieu Trudel-Lapierre   Mon, 10 Jul 2017
17:43:10 -0400

** Changed in: shim-signed (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1680279

Title:
  attach secureboot state files to shim-signed apport reports

Status in shim-signed package in Ubuntu:
  Fix Released
Status in shim-signed source package in Trusty:
  Fix Committed
Status in shim-signed source package in Xenial:
  Fix Released
Status in shim-signed source package in Yakkety:
  Fix Committed
Status in shim-signed source package in Zesty:
  Fix Released

Bug description:
  [SRU Justification]
  I'm asking the same questions repeatedly of bug submitters about the state of 
secureboot on their systems, so we should just include these files in the 
apport hook.  Since shim-signed changes in stable releases for policy reasons, 
this should be SRUed back in as well.

  [Test case]
  1. Install the shim-signed package from -proposed
  2. Run apport-bug shim-signed
  3. Confirm that the apport collection succeeds
  4. Verify that the report to be sent includes keys for two files under 
/sys/firmware/efi/efivars and for /proc/sys/kernel/moksbstate_disabled

  [Regression potential]
  If I done messed up, we could fail to get bug reports about shim that we 
really need.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1673904] Re: update-secureboot-policy --enable does not work after dkms modules removed

[Launchpad Bug Tracker]

This bug was fixed in the package shim-signed - 1.32~17.04.1

---
shim-signed (1.32~17.04.1) zesty; urgency=medium

  * Backport shim-signed 1.32 to 17.04. (LP: #1700170)

shim-signed (1.32) artful; urgency=medium

  * Handle cleanup of /var/lib/shim-signed on package purge.

shim-signed (1.31) artful; urgency=medium

  * Fix regression in postinst when /var/lib/dkms does not exist.
(LP#1700195)
  * Sort the list of dkms modules when recording.

shim-signed (1.30) artful; urgency=medium

  * update-secureboot-policy: track the installed DKMS modules so we can skip
failing unattended upgrades if they hasn't changed (ie. if no new DKMS
modules have been installed, just honour the user's previous decision to
not disable shim validation). (LP: #1695578)
  * update-secureboot-policy: allow re-enabling shim validation when no DKMS
packages are installed. (LP: #1673904)
  * debian/source_shim-signed.py: add the textual representation of SecureBoot
and MokSBStateRT EFI variables rather than just adding the files directly;
also, make sure we include the relevant EFI bits from kernel log.
(LP: #1680279)

shim-signed (1.29) artful; urgency=medium

  * Makefile: Generate BOOT$arch.CSV, for use with fallback.
  * debian/rules: make sure we can do per-arch EFI files.

 -- Mathieu Trudel-Lapierre   Mon, 10 Jul 2017
17:10:08 -0400

** Changed in: shim-signed (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1673904

Title:
  update-secureboot-policy --enable does not work after dkms modules
  removed

Status in shim-signed package in Ubuntu:
  Fix Released
Status in shim-signed source package in Trusty:
  Fix Committed
Status in shim-signed source package in Xenial:
  Fix Released
Status in shim-signed source package in Yakkety:
  Fix Committed
Status in shim-signed source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  Re-enabling Secure Boot after DKMS packages are no longer needed is useful to 
benefit from the extra security afforded by having all bits of the bootloader 
and kernel signed by a proper key.

  [Test Case]
  (on a system with SHIM validation disabled)
  1- Remove all dkms modules
  2- Attempt to run 'sudo update-secureboot-policy --enable'
  3- Observe the behavior.

  With the fixed update-secureboot-policy script, you should be prompted
  to re-enable shim validation; which is otherwise skipped with no
  output with previous versions of the script in shim-signed.

  [Regression Potential]
  Possible regression from this update would be changes to expected behavior of 
the update-secureboot-policy script; such as being unable to correctly 
recognize the current state of Secure Boot and shim validation, or incorrectly 
returning before prompting for the password required to toggle shim validation 
when the shim validation state make sense to be changed (ie. prompting to 
enable when it is disabled only, prompting to disable only if it's currently 
enabled). Any change in proper prompting in a debconf non-interactive context 
could also be a regression from this update.

  ---

  If I have disabled secureboot on my system via update-secureboot-
  policy due to the presence of dkms modules, but subsequently remove
  these dkms modules because I decide I don't like not having
  secureboot, I cannot re-enable SB by running 'update-secureboot-policy
  --enable'.

  I think either the check for /var/lib/dkms should only apply when
  update-secureboot-policy is called without arguments, or this check
  should be encoded in the shim-signed postinst so that manual calls
  from the commandline DWIM.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1673904/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1673904] Re: update-secureboot-policy --enable does not work after dkms modules removed

[Launchpad Bug Tracker]

This bug was fixed in the package shim-signed - 1.32~16.04.1

---
shim-signed (1.32~16.04.1) xenial; urgency=medium

  * Backport shim-signed 1.32 to 16.04. (LP: #1700170)

shim-signed (1.32) artful; urgency=medium

  * Handle cleanup of /var/lib/shim-signed on package purge.

shim-signed (1.31) artful; urgency=medium

  * Fix regression in postinst when /var/lib/dkms does not exist.
(LP#1700195)
  * Sort the list of dkms modules when recording.

shim-signed (1.30) artful; urgency=medium

  * update-secureboot-policy: track the installed DKMS modules so we can skip
failing unattended upgrades if they hasn't changed (ie. if no new DKMS
modules have been installed, just honour the user's previous decision to
not disable shim validation). (LP: #1695578)
  * update-secureboot-policy: allow re-enabling shim validation when no DKMS
packages are installed. (LP: #1673904)
  * debian/source_shim-signed.py: add the textual representation of SecureBoot
and MokSBStateRT EFI variables rather than just adding the files directly;
also, make sure we include the relevant EFI bits from kernel log.
(LP: #1680279)

shim-signed (1.29) artful; urgency=medium

  * Makefile: Generate BOOT$arch.CSV, for use with fallback.
  * debian/rules: make sure we can do per-arch EFI files.

 -- Mathieu Trudel-Lapierre   Mon, 10 Jul 2017
17:43:10 -0400

** Changed in: shim-signed (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1673904

Title:
  update-secureboot-policy --enable does not work after dkms modules
  removed

Status in shim-signed package in Ubuntu:
  Fix Released
Status in shim-signed source package in Trusty:
  Fix Committed
Status in shim-signed source package in Xenial:
  Fix Released
Status in shim-signed source package in Yakkety:
  Fix Committed
Status in shim-signed source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  Re-enabling Secure Boot after DKMS packages are no longer needed is useful to 
benefit from the extra security afforded by having all bits of the bootloader 
and kernel signed by a proper key.

  [Test Case]
  (on a system with SHIM validation disabled)
  1- Remove all dkms modules
  2- Attempt to run 'sudo update-secureboot-policy --enable'
  3- Observe the behavior.

  With the fixed update-secureboot-policy script, you should be prompted
  to re-enable shim validation; which is otherwise skipped with no
  output with previous versions of the script in shim-signed.

  [Regression Potential]
  Possible regression from this update would be changes to expected behavior of 
the update-secureboot-policy script; such as being unable to correctly 
recognize the current state of Secure Boot and shim validation, or incorrectly 
returning before prompting for the password required to toggle shim validation 
when the shim validation state make sense to be changed (ie. prompting to 
enable when it is disabled only, prompting to disable only if it's currently 
enabled). Any change in proper prompting in a debconf non-interactive context 
could also be a regression from this update.

  ---

  If I have disabled secureboot on my system via update-secureboot-
  policy due to the presence of dkms modules, but subsequently remove
  these dkms modules because I decide I don't like not having
  secureboot, I cannot re-enable SB by running 'update-secureboot-policy
  --enable'.

  I think either the check for /var/lib/dkms should only apply when
  update-secureboot-policy is called without arguments, or this check
  should be encoded in the shim-signed postinst so that manual calls
  from the commandline DWIM.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1673904/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1680279] Re: attach secureboot state files to shim-signed apport reports

[Launchpad Bug Tracker]

This bug was fixed in the package shim-signed - 1.32~17.04.1

---
shim-signed (1.32~17.04.1) zesty; urgency=medium

  * Backport shim-signed 1.32 to 17.04. (LP: #1700170)

shim-signed (1.32) artful; urgency=medium

  * Handle cleanup of /var/lib/shim-signed on package purge.

shim-signed (1.31) artful; urgency=medium

  * Fix regression in postinst when /var/lib/dkms does not exist.
(LP#1700195)
  * Sort the list of dkms modules when recording.

shim-signed (1.30) artful; urgency=medium

  * update-secureboot-policy: track the installed DKMS modules so we can skip
failing unattended upgrades if they hasn't changed (ie. if no new DKMS
modules have been installed, just honour the user's previous decision to
not disable shim validation). (LP: #1695578)
  * update-secureboot-policy: allow re-enabling shim validation when no DKMS
packages are installed. (LP: #1673904)
  * debian/source_shim-signed.py: add the textual representation of SecureBoot
and MokSBStateRT EFI variables rather than just adding the files directly;
also, make sure we include the relevant EFI bits from kernel log.
(LP: #1680279)

shim-signed (1.29) artful; urgency=medium

  * Makefile: Generate BOOT$arch.CSV, for use with fallback.
  * debian/rules: make sure we can do per-arch EFI files.

 -- Mathieu Trudel-Lapierre   Mon, 10 Jul 2017
17:10:08 -0400

** Changed in: shim-signed (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1680279

Title:
  attach secureboot state files to shim-signed apport reports

Status in shim-signed package in Ubuntu:
  Fix Released
Status in shim-signed source package in Trusty:
  Fix Committed
Status in shim-signed source package in Xenial:
  Fix Released
Status in shim-signed source package in Yakkety:
  Fix Committed
Status in shim-signed source package in Zesty:
  Fix Released

Bug description:
  [SRU Justification]
  I'm asking the same questions repeatedly of bug submitters about the state of 
secureboot on their systems, so we should just include these files in the 
apport hook.  Since shim-signed changes in stable releases for policy reasons, 
this should be SRUed back in as well.

  [Test case]
  1. Install the shim-signed package from -proposed
  2. Run apport-bug shim-signed
  3. Confirm that the apport collection succeeds
  4. Verify that the report to be sent includes keys for two files under 
/sys/firmware/efi/efivars and for /proc/sys/kernel/moksbstate_disabled

  [Regression potential]
  If I done messed up, we could fail to get bug reports about shim that we 
really need.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1593907] Re: ntpdate startup routine prevents ntp service from launching up on Ubuntu 16.04 server on system boot

[Launchpad Bug Tracker]

This bug was fixed in the package ntp - 1:4.2.6.p5+dfsg-
3ubuntu2.14.04.12

---
ntp (1:4.2.6.p5+dfsg-3ubuntu2.14.04.12) trusty; urgency=medium

  * debian/ntpdate.if-up: Drop delta to stop/start service around ntpdate
updates - fixes ntp restart storms due to network changes, fixes
accidential start of ntp, avoids issues of ntpdate jumping too far while
running ntp was supposed to drift (LP: #1593907)

 -- Christian Ehrhardt   Fri, 07 Jul
2017 07:53:16 +0200

** Changed in: ntp (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1593907

Title:
  ntpdate startup routine prevents ntp service from launching up on
  Ubuntu 16.04 server on system boot

Status in ntp package in Ubuntu:
  Fix Released
Status in ntp source package in Trusty:
  Fix Released
Status in ntp source package in Xenial:
  Fix Released
Status in ntp source package in Yakkety:
  Fix Released
Status in ntp source package in Zesty:
  Fix Released

Bug description:
  [Impact]

   * Fixes several broken cases, those are:
   * Case 1 - ntp configured to drift time slowly, but time jumping
   - ntp is running and drifts time towards a target being way off
   - an interface comes up
   - stop ntpd
   - warp time via ntpdate-debian (static interfaces will even set -b)
   - (re-)start ntpd
   - if users relied on non-time warp they are now in trouble

   * Case 2 - ntp start/stop storms
   - ntpd comes up normally
   - the admin brings interfaces up/down rather often
   - ntp is restarted very very often due to this for no reason
   => reason for bugs like debian 823533

   * Case 3 - unintentional enablement of ntp
   - ntpd is installed but disabled (for whatever reason)
   - all is fine on any ifup/down
   - one installs ntpdate, maybe even without realizing due to a depends
   - now on the next ifup ntpd (or openntpd) will be started

   * Solution, drop the broken Delta

  [Test Case]

   * Testing Case 2/3 as it is the easiest, case 1 needs a more complex 
 setup to cause the time drift but otherwise works the same way.
 - install ntp and ntpdate
 - stop ntp
 - ifup/ifdown an interface multiple times; as simplification you can 
   also call /etc/network/if-up.d/ntpdate directly (not that this 
   spawns the change asnchronous and locks concurrency, so do that a 
   few times over the time of a minute or so)
 - the service of ntp should still be stopped and not report plenty of 
   restarts

  
  [Regression Potential] 

   * It improves a lot of cases (otherwise we wouldn't SRU), but there is 
 one regression potential I can see:

 - users that relied on starting NTP later on after other interfaces 
   got up due to that code in ntpdate which did that as a side effect. 
   But that is outweigh by Case2/3 for the majority of users. And even 
   Case1 only hits this potential regression on e.g. late network 
   intialization, but in that case please remind that the default 
   (systemd timedatectl) would handle that.

 - Since most users of ntp do not install ntpdate (which doesn't work 
   when ntp is active) we should be rather safe to assume that almost 
   no one should rely on that side effect.

 - Furthermore this is a Ubuntu Delta for very long, cause issues (see 
   the references on the git commit) but never made it into Debian - 
   in that sense another indicator it isn't an important delta to 
   have.

  [Other Info]
   
   * The original intention "what if net is available too late" fixed 
 correctly would not be part of ntpdate, but ntp and additionally 
 check if it is actually meant to be enabled - but I never seen/heard 
 of any of it since systemd is around - maybe new ordering mostly 
 avoids the original issue.


  ---

  
  I've installed ntp service on the clean ubuntu 16.04 server system. 
Configured it. Checked that it works, but, after reboot, it doesn't start 
automatically.
  When I check: 'systemctl is-enabled ntp', it shows enabled.
  If I manually start it 'systemctl start ntp' it starts just fine and woks 
correctly,
  but until I manually start it, 'systemctl status ntp' shows:

  Loaded: loaded (/etc/init.d/ntp; bad; vendor preset: enabled)
  Active: inactive (deadi)

  Installed 1.29ubuntu2 version of init-systems-helper, but it didn't
  fix the problem.

  Found a bugreport on ntpd package:

  https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1577596

  led to solution that involves a change to be made in file:

  /etc/network/if-up.d/ntpdate

  of ntpdate package

  After changing from:
  __CODE_START__

  invoke-rc.d --quiet $service 

[Group.of.nepali.translators] [Bug 1689687] Re: pass validation if shim protocol is not installed

[Steve Langasek]

** Changed in: grub2 (Ubuntu Yakkety)
   Status: Fix Committed => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1689687

Title:
  pass validation if shim protocol is not installed

Status in grub2 package in Ubuntu:
  Fix Released
Status in grub2 source package in Xenial:
  Fix Committed
Status in grub2 source package in Yakkety:
  Won't Fix
Status in grub2 source package in Zesty:
  Fix Released
Status in grub2 source package in Artful:
  Fix Released

Bug description:
  [Impact]
  Users of UEFI Secure Boot that must disable SB validation in shim, for 
example to run dkms modules, may notice that the kernel incorrectly reports the 
SecureBoot/shim states.

  [Test case]
  1) Install bbswitch-dkms

  a) Validate whether you are prompted to disable Secure Boot. If Secure
  Boot is already disabled, you should not be prompted again. If it
  isn't, you should be prompted once.

  b) If shim validation was previously disabled, verify that the kernel
  reports /proc/sys/kernel/moksbstate_disabled as "1" (shim validation
  disabled)

  [Regression Potential]
  This affects the loading behavior for the kernel, which will now load as an 
EFI binary and thus execute some extra code to bring up UEFI, which would 
otherwise not get loaded in the case shim validation is disabled. Given that 
the system must have booted successfully once for validation to get disabled, 
there should not be any issues; but possible resulting regressions would be a 
failure to correctly load the kernel, or a kernel issue early on during boot. 
Furthermore, any instance where the incorrect loading behavior was relied upon 
by installs (though I can think of no examples for this) would regress. The 
kind of issue that might be seen there is where code relies on 
/proc/sys/kernel/moksbstate_disabled or /proc/sys/kernel/secure_boot, or on 
other aspects of the kernel's secure boot policy (there seems to exist at least 
one special case for SB in kernel bluetooth code), the programs that rely on 
such behavior would regress. There are no packages shipped in Ubuntu that rely 
on this incorrect behavior; the only known package to ship something that 
checks the relevant /proc files is shim-signed, and this is meant to correct 
the behavior when these values are set.

  
  ---

  GRUB currently fails SecureBoot validation (ie. calls to
  grub_linuxefi_secure_validate() fail) if shim's protocol is not
  installed when that function is called.

  This currently breaks some kernel features relying on starting in the
  EFI stub code (ie. the kernel being loaded as an EFI binary); and
  instead falls back to the 'linux' command instead of 'linuxefi'.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1689687/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1706900] Re: CVE-2016-9877 RabbitMQ authentication vulnerability

[Marc Deslauriers]

** Also affects: rabbitmq-server (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Also affects: rabbitmq-server (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: rabbitmq-server (Ubuntu)
   Status: Triaged => Fix Released

** Changed in: rabbitmq-server (Ubuntu Trusty)
   Status: New => Confirmed

** Changed in: rabbitmq-server (Ubuntu Xenial)
   Status: New => Confirmed

** Changed in: rabbitmq-server (Ubuntu Trusty)
   Importance: Undecided => High

** Changed in: rabbitmq-server (Ubuntu Xenial)
   Importance: Undecided => High

** Changed in: rabbitmq-server (Ubuntu Trusty)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: rabbitmq-server (Ubuntu Xenial)
 Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1706900

Title:
  CVE-2016-9877 RabbitMQ authentication vulnerability

Status in RabbitMQ:
  Fix Released
Status in rabbitmq-server package in Ubuntu:
  Fix Released
Status in rabbitmq-server source package in Trusty:
  Confirmed
Status in rabbitmq-server source package in Xenial:
  Confirmed

Bug description:
  https://pivotal.io/security/cve-2016-9877

"MQTT (MQ Telemetry Transport) connection authentication with a
  username/password pair succeeds if an existing username is provided
  but the password is omitted from the connection request. Connections
  that use TLS with a client-provided certificate are not affected."

  Affects RabbitMQ "3.x versions prior to 3.5.8"

  Ubuntu's Xenial repos are currently offering 3.5.7-1ubuntu0.16.04.1,
  and according to its changelog, Pivotal's fix for CVE-2016-9877 has
  not been included.

To manage notifications about this bug go to:
https://bugs.launchpad.net/rabbitmq/+bug/1706900/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1687273] Re: Shared folder randomly not mounted

[Hans-Joachim Kliemeck]

seems to be resolved, issue did not occured again

** Changed in: linux (Ubuntu)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1687273

Title:
  Shared folder randomly not mounted

Status in Linux:
  Unknown
Status in cifs-utils package in Ubuntu:
  Invalid
Status in linux package in Ubuntu:
  Fix Released
Status in cifs-utils source package in Xenial:
  New
Status in linux source package in Xenial:
  In Progress
Status in linux package in Debian:
  Fix Released

Bug description:
  Hello Everybody,

  since last update from ubuntu 16.04.2, last night, my servers are
  randomly not able to read and write from shared folders. I got this
  message:

  lsof: WARNING: can't stat() cifs file system /mnt/record
    Output information may be incomplete.
  lsof: WARNING: can't stat() cifs file system /mnt/record
    Output information may be incomplete.
  lsof: WARNING: can't stat() cifs file system /mnt/record
    Output information may be incomplete.
  ...
  rsync: ERROR: cannot stat destination "/mnt/record/": Host is down (112)
  rsync error: errors selecting input/output files, dirs (code 3) at 
main.c(652) [Receiver=3.1.1]

  This comes from my cron script.

  When I type df -h it takes sometimes very long to get the list. And it
  also can be that the mounted share is disconnected and I have to mount
  -a (what also takes long) again.

  My fstab have this command:

  //address /mnt/storage cifs
  
auto,nofail,iocharset=utf8,rw,credentials=/path/.smb,uid=1000,gid=1000,file_mode=0660,dir_mode=0770
  0 0

  My update list from last night was this:

  linux-image-4.4.0-75-generic:amd64 (4.4.0-75.96, automatic)
  linux-image-extra-4.4.0-75-generic:amd64 (4.4.0-75.96, automatic)
  linux-headers-4.4.0-75-generic:amd64 (4.4.0-75.96, automatic)
  linux-headers-4.4.0-75:amd64 (4.4.0-75.96, automatic)
  Upgrade: libdns-export162:amd64 (1:9.10.3.dfsg.P4-8ubuntu1.5, 
1:9.10.3.dfsg.P4-8ubuntu1.6)
  linux-headers-generic:amd64 (4.4.0.72.78, 4.4.0.75.81)
  linux-libc-dev:amd64 (4.4.0-72.93, 4.4.0-75.96)
  mysql-client-5.7:amd64 (5.7.17-0ubuntu0.16.04.2, 5.7.18-0ubuntu0.16.04.1)
  libapt-inst2.0:amd64 (1.2.19, 1.2.20)
  mysql-server-5.7:amd64 (5.7.17-0ubuntu0.16.04.2, 5.7.18-0ubuntu0.16.04.1)
  libsystemd0:amd64 (229-4ubuntu16, 229-4ubuntu17)
  linux-image-generic:amd64 (4.4.0.72.78, 4.4.0.75.81)
  apt:amd64 (1.2.19, 1.2.20)
  mysql-server:amd64 (5.7.17-0ubuntu0.16.04.2, 5.7.18-0ubuntu0.16.04.1)
  udev:amd64 (229-4ubuntu16, 229-4ubuntu17)
  libapt-pkg5.0:amd64 (1.2.19, 1.2.20)
  libudev1:amd64 (229-4ubuntu16, 229-4ubuntu17)
  cifs-utils:amd64 (2:6.4-1ubuntu1, 2:6.4-1ubuntu1.1)
  dpkg:amd64 (1.18.4ubuntu1.1, 1.18.4ubuntu1.2)
  mysql-client-core-5.7:amd64 (5.7.17-0ubuntu0.16.04.2, 5.7.18-0ubuntu0.16.04.1)
  libisc-export160:amd64 (1:9.10.3.dfsg.P4-8ubuntu1.5, 
1:9.10.3.dfsg.P4-8ubuntu1.6)
  linux-virtual:amd64 (4.4.0.72.78, 4.4.0.75.81)
  systemd-sysv:amd64 (229-4ubuntu16, 229-4ubuntu17)
  distro-info-data:amd64 (0.28ubuntu0.2, 0.28ubuntu0.3)
  systemd:amd64 (229-4ubuntu16, 229-4ubuntu17)
  mysql-common:amd64 (5.7.17-0ubuntu0.16.04.2, 5.7.18-0ubuntu0.16.04.1)
  apt-utils:amd64 (1.2.19, 1.2.20)
  libmysqlclient20:amd64 (5.7.17-0ubuntu0.16.04.2, 5.7.18-0ubuntu0.16.04.1)
  linux-headers-virtual:amd64 (4.4.0.72.78, 4.4.0.75.81)
  linux-image-extra-virtual:amd64 (4.4.0.72.78, 4.4.0.75.81)
  thermald:amd64 (1.5-2ubuntu3, 1.5-2ubuntu4)
  qemu-guest-agent:amd64 (1:2.5+dfsg-5ubuntu10.10, 1:2.5+dfsg-5ubuntu10.11)
  libfreetype6:amd64 (2.6.1-0.1ubuntu2.1, 2.6.1-0.1ubuntu2.2)
  linux-image-virtual:amd64 (4.4.0.72.78, 4.4.0.75.81)
  libdpkg-perl:amd64 (1.18.4ubuntu1.1, 1.18.4ubuntu1.2)
  mysql-server-core-5.7:amd64 (5.7.17-0ubuntu0.16.04.2, 5.7.18-0ubuntu0.16.04.1)
  libxslt1.1:amd64 (1.1.28-2.1, 1.1.28-2.1ubuntu0.1)
  dpkg-dev:amd64 (1.18.4ubuntu1.1, 1.18.4ubuntu1.2)

  I saw that somebody else has the same problem:

  https://askubuntu.com/questions/910058/updates-broke-cifs-smb-mounts-
  in-16-04

  I had to remove the latest kernel update, after that it works.

  Regards

To manage notifications about this bug go to:
https://bugs.launchpad.net/linux/+bug/1687273/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1696814] Re: add openjdk hs log to list of acceptable_fields in whoopsie

[Launchpad Bug Tracker]

This bug was fixed in the package whoopsie - 0.2.55.1

---
whoopsie (0.2.55.1) zesty-proposed; urgency=medium

  [ Brian Murray ]
  * src/connectivity.c: query the correct property when trying to
network-manager's state. (LP: #1697375)
  * Modify the whoopsie service file to start after networking is on-line.
  * src/whoopsie.c: Add HotspotError from the openjdk-8 package hook which can
be larger than 1KB to the list of accepted fields. (LP: #1696814)

 -- Tiago Stürmer Daitx   Wed, 19 Jul 2017
11:34:31 -0700

** Changed in: whoopsie (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1696814

Title:
  add openjdk hs log to list of acceptable_fields in whoopsie

Status in whoopsie package in Ubuntu:
  Fix Released
Status in whoopsie source package in Xenial:
  Fix Released
Status in whoopsie source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  By default OpenJDK 8 generates an hs_err file when it crashes, this file 
contains the stacktrace generated by OpenJDK (thus it contains different data 
compared to a gdb stacktrace) plus information on the running threads, classes, 
and memory usage (OpenJDK's regions). This file is usually required by the 
OpenJDK and/or IcedTea upstream developers when filling a bug and, in the case 
of OpenJDK, is more useful than the incomplete stacktrace that GDB can generate 
from OpenJDK crashes.

  OpenJDK 8 now includes a new apport hook to collect additional data
  from crash reports as well as the hs_err log file (in the new
  HotspotError key).

  A new release is soon reaching Zesty and Xenial with the hook included
  and without SRU'ing this fix the hs_err file won't be uploaded to the
  error tracker.

  [Test Case]
  Make sure that you are using OpenJDK 8 and to stop whoopsie service before 
continuing. If any popup about submitting a crash report shows up at any time, 
ignore/cancel it - we are going to manually submit the report to the staging 
error tracker (instead of the official one).

  # SleepTest.java
  public class SleepTest { 
   public static void main(String[] args) throws Exception {
Thread.sleep(5000);
   }
  }

  1. Run whoopsie:
  $ sudo CRASH_DB_URL=https://daisy.staging.ubuntu.com whoopsie -f

  2. Run the SleepTest and SIGKILL it in another terminal:
  $ java SleepTest & sleep 1 && pkill -f -SIGILL "java SleepTest"

  3. View the crash report and submit it:
  $ apport-cli -c report 
/var/crash/_usr_lib_jvm_java-8-openjdk-amd64_jre_bin_java.1000.crash
  3a) View the report
  3b) [Optional] Search for the "HotspotError" key
  3c) Send the report

  4. Verify that the report was saved, including the hs_err content:
  4a) In whoopsie terminal, check the OOPS ID code
  4b) Browse to errors.staging.ubuntu.com/oops/$OOPSID
  4c) Confirm that the HotspotError was added to the report

  [Regression Potential]
  If the new key is added to acceptable_fields whoopsie will upload the entries 
in it. Currently the OpenJDK apport hook limits this to 100 KB, but changes to 
it could allow bigger files with in turn cause an overhead in the error tracker 
infrastructure.

  [Original bug report]
  OpenJDK 8 apport hook attaches the hs_err_pid.log (if it exists) to a 
Crash report under the HotspotError key. The hook is currently limited to 
attaching files under 100 KB.

  Please add HotspotError key to the whitelist in order for it to be
  available in error tracker.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1696814/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1502136] Re: Everything returns 403 if show_multiple_locations is true and get_image_location policy is set

[James Page]

This bug was fixed in the package glance - 1:2015.1.4-0ubuntu2
---

 glance (1:2015.1.4-0ubuntu2) trusty-kilo; urgency=medium
 .
   * d/p/allow-image-list-if-access-to-attrs-is-forbidden.patch:
 Allow to list images in v2 if get_image_location policy is set
 to role:admin and user is not admin. (LP: #1502136).


** Changed in: cloud-archive/kilo
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1502136

Title:
  Everything returns 403 if show_multiple_locations is true and
  get_image_location policy is set

Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive kilo series:
  Fix Released
Status in Glance:
  Fix Released
Status in glance package in Ubuntu:
  Fix Released
Status in glance source package in Trusty:
  Triaged
Status in glance source package in Xenial:
  Fix Released

Bug description:
  [Impact]

  If, in glance-api.conf you set:

   show_multiple_locations = true

  Things work as expected:

   $ glance --os-image-api-version 2 image-show 
13ae74f0-74bf-4792-a8bb-7c622abc5410
   
+--+--+
   | Property | Value   
 |
   
+--+--+
   | checksum | 9cb02fe7fcac26f8a25d6db3109063ae
 |
   | container_format | bare
 |
   | created_at   | 2015-10-02T12:43:33Z
 |
   | disk_format  | raw 
 |
   | id   | 13ae74f0-74bf-4792-a8bb-7c622abc5410
 |
   | locations| [{"url": 
"swift+config://ref1/glance/13ae74f0-74bf-4792-a8bb-7c622abc5410",  |
   |  | "metadata": {}}]
 |
   | min_disk | 0   
 |
   | min_ram  | 0   
 |
   | name | good-image  
 |
   | owner| 88cffb9c8aee457788066c97b359585b
 |
   | protected| False   
 |
   | size | 145 
 |
   | status   | active  
 |
   | tags | []  
 |
   | updated_at   | 2015-10-02T12:43:34Z
 |
   | virtual_size | None
 |
   | visibility   | private 
 |
   
+--+--+

  but if you then set the get_image_location policy to role:admin, most
  calls return 403:

   $ glance --os-image-api-version 2 image-list
   403 Forbidden: You are not authorized to complete this action. (HTTP 403)

   $ glance --os-image-api-version 2 image-show 
13ae74f0-74bf-4792-a8bb-7c622abc5410
   403 Forbidden: You are not authorized to complete this action. (HTTP 403)

   $ glance --os-image-api-version 2 image-delete 
13ae74f0-74bf-4792-a8bb-7c622abc5410
   403 Forbidden: You are not authorized to complete this action. (HTTP 403)

  etc.

  As https://review.openstack.org/#/c/48401/ says:

   1. A user should be able to list/show/update/download image without
   needing permission on get_image_location.
   2. A policy failure should result in a 403 return code. We're
   getting a 500

  This is v2 only, v1 works ok.

  [Test Case]

  - Set show_multiple_locations = true on glance-api.conf 
  - Set get_image_location policy to role:admin in /etc/glance/policy.json
  - Run glance --os-image-api-version 2 image-show 
13ae74f0-74bf-4792-a8bb-7c622abc5410 , This should work.

  [Regression Potential]

  * None Identified

  [Other Info]

  * Already backported to mitaka/newton.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1502136/+subscriptions

___

[Group.of.nepali.translators] [Bug 1694697] Re: build-depends keeps OR flag if end of or group is ignored

[Adam Conrad]

Hello Julian, or anyone else affected,

Accepted apt into xenial-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/apt/1.2.24 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-xenial to verification-done-xenial. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-xenial. In either case, details of your
testing will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: apt (Ubuntu Yakkety)
   Status: In Progress => Won't Fix

** Changed in: apt (Ubuntu Xenial)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-xenial

** Changed in: apt (Ubuntu Zesty)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1694697

Title:
  build-depends keeps OR flag if end of or group is ignored

Status in apt package in Ubuntu:
  Fix Released
Status in apt source package in Trusty:
  New
Status in apt source package in Xenial:
  Fix Committed
Status in apt source package in Yakkety:
  Won't Fix
Status in apt source package in Zesty:
  Fix Committed

Bug description:
  [Impact]
  If the last alternative(s) of an Or group is ignored, because it does
  not match an architecture list, we would end up keeping the or flag,
  effectively making the next AND an OR.

  For example, when parsing (on amd64):

  debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386]
   => debhelper (>= 9), libnacl-dev |

  Which can cause python-apt and apt-get build-dep to crash.

  Even worse:

   debhelper (>= 9), libnacl-dev [amd64] | libnacl-dev [i386], foobar
    => debhelper (>= 9), libnacl-dev [amd64] | foobar

  [Test case]
  On amd64:

  cat > segv.dsc  << EOF
  Format: 3.0 (native)
  Source: foobar
  Binary: foobar
  Architecture: all
  Version: 1
  Maintainer: Joe Sixpack 
  Build-Depends: build-essential [amd64] | build-essential [fancy]
  Standards-Version: 3.9.8
  EOF
  cat > failure.dsc  << EOF
  Format: 3.0 (native)
  Source: foobar
  Binary: foobar
  Architecture: all
  Version: 1
  Maintainer: Joe Sixpack 
  Build-Depends: build-essential [amd64] | build-essential [fancy], 
a-non-existing-package
  Standards-Version: 3.9.8
  EOF

  (1) apt-get build-dep -s ./segv.dsc should succeed instead of crash
  (2) apt-get build-dep -s ./failure.dsc should complain about "Depends: 
a-non-existing-package but it is not installable" instead of succeeding.

  This is the same test as run by CI and autopkgtests, so if they pass
  the tests passed. You can also run apt-get build-dep -s dq for a real
  life example that should not segfault.

  [Regression Potential]
  apt-get build-dep and friends can now fail where they succeeded previously 
for packages that employ architecture-limited alternatives in their build 
depends, as in the second example given above, because now additional packages 
need to be installed (which is correct, though).

  [Other info]
  By setting the previous alternatives Or flag to the current Or flag
  if the current alternative is ignored, we solve the issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1694697/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1686470] Re: Apt updates that are uniformly spread across all timezones, with predictable application windows

[Adam Conrad]

Hello Dimitri, or anyone else affected,

Accepted apt into xenial-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/apt/1.2.24 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-xenial to verification-done-xenial. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-xenial. In either case, details of your
testing will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: apt (Ubuntu Xenial)
   Status: In Progress => Fix Committed

** Changed in: apt (Ubuntu Yakkety)
   Status: In Progress => Won't Fix

** Tags added: verification-needed verification-needed-xenial

** Changed in: unattended-upgrades (Ubuntu Yakkety)
   Status: Triaged => Won't Fix

** Changed in: apt (Ubuntu Zesty)
   Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1686470

Title:
  Apt updates that are uniformly spread across all timezones, with
  predictable application windows

Status in apt package in Ubuntu:
  Fix Released
Status in unattended-upgrades package in Ubuntu:
  Triaged
Status in apt source package in Xenial:
  Fix Committed
Status in unattended-upgrades source package in Xenial:
  Triaged
Status in apt source package in Yakkety:
  Won't Fix
Status in unattended-upgrades source package in Yakkety:
  Won't Fix
Status in apt source package in Zesty:
  Fix Committed
Status in unattended-upgrades source package in Zesty:
  Triaged
Status in apt source package in Artful:
  Fix Released
Status in unattended-upgrades source package in Artful:
  Triaged
Status in apt package in Debian:
  Fix Released
Status in unattended-upgrades package in Debian:
  Fix Committed

Bug description:
  [ Impact ]

   * unattended-upgrades are enabled by default in Ubuntu 16.04 and
  later

   * Currently the following three things happen as a monolithic event:
     - metadata updates: apt update
     - download of updates: apt upgrade --download-only
     - application of updates: apt upgrade

   * For the long running instances, all of the above happens at random
     times throughout the day.

   * If systems were poweredoff / suspended, this happens on boot /
  resume

   * End-users would like to have predictable timing, and control over when
     the updates happen.

  Considering all of the above, the following new behavior is proposed
  which should address all concerns in question. It combines all the
  desired properties from both end-user and mirror perspectives.

  [ Proposed Default Behavior ]

   * Decouple unattended-upgrades application, from apt update

   * apt update:
     - shall be a systemd timer based unit, triggered every 12h with a
   random delay of 12h, therefore executed randomly twice a day.
     - if unattened-upgrades (default on), or download-upgreadaeble-packages
   are enabled, it should result in updates being downloaded aka
   `apt upgrade --download-only`

   * unattended-upgrades:
     - shall be a separate systemd timer based unit triggered at 6am local
   time with a random delay of 1h, therefore executed between 6am and
   7am local time.

   * On boot / resume:
     - if we have missed one, or more, apt update timers,
   apt update / download upgrades / unattended-upgrade will happen in
   sequence. This may result in mirror spikes, but we do want to secure
   cold/stale-booted systems as soon as possible.

  [Test Case]

   * Run system for more than 24h, and check that apt updates were
     automatically executed twice.

   * Check that unattended upgrades were triggered to be applied at
     6am..7am window, if any.

   * Poweroff the machine over the period when apt-get update was
     scheduled, poweron and observe that apt-get update / download / 
 unattended upgrade are all performed on boot.

  [Regression Potential]

   * The newly proposed behavior is a mix of Pre-xenial behavior of "do
     everything at 6am..6:30am window" and the xenial+ behavior of "do 
 everything at random times throughout the day". If there are specific 
 deployments that rely on the previous types of behaviour they will be 
 able to adjust manually the systemd timers with the overrides to be 
 executed exactly as they wish; or match the 

[Group.of.nepali.translators] [Bug 1672710] Re: apt fails to verify keys when Dir has space, and set via cmdline

[Adam Conrad]

Hello Dimitri, or anyone else affected,

Accepted apt into xenial-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/apt/1.2.24 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-xenial to verification-done-xenial. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-xenial. In either case, details of your
testing will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Tags added: verification-needed-xenial

** Changed in: apt (Ubuntu Yakkety)
   Status: Fix Committed => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1672710

Title:
  apt fails to verify keys when Dir has space, and set via cmdline

Status in apt package in Ubuntu:
  Fix Released
Status in apt source package in Xenial:
  Fix Committed
Status in apt source package in Yakkety:
  Won't Fix

Bug description:
  When Dir has a space, and it is set via APT_CONFIG file, keys are found and 
validated correctly.
  When Dir is set without a space via cmdline, keys are found and validated 
correctly.
  When Dir is set with a space via cmdline, keys are not found and repositories 
are not verified.

  [Test case]
  Please see attached reproducer, which works on xenial system (gpg1) but not 
on zesty system (gpg2)

  $ bash reproducer.sh
  ++ mktemp -d
  + tmpdir=/tmp/tmp.sFipy6h5yL
  + pushd /tmp/tmp.sFipy6h5yL
  /tmp/tmp.sFipy6h5yL ~
  + mkdir 'Sub Dir'
  + pushd 'Sub Dir'
  /tmp/tmp.sFipy6h5yL/Sub Dir /tmp/tmp.sFipy6h5yL ~
  + mkdir -p etc/apt/apt.conf.d
  + mkdir -p etc/apt/trusted.gpg.d
  + mkdir -p etc/apt/preferences.d
  + mkdir -p var/lib/apt/lists/partial
  + mkdir -p var/lib/dpkg
  + touch var/lib/dpkg/status
  + cp /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg 
etc/apt/trusted.gpg.d/
  + echo 'deb http://archive.ubuntu.com/ubuntu/ trusty main'
  + echo 'Dir "/tmp/tmp.sFipy6h5yL/Sub Dir";'
  + export APT_CONFIG=/tmp/tmp.sFipy6h5yL/apt.conf
  + APT_CONFIG=/tmp/tmp.sFipy6h5yL/apt.conf
  + cat /tmp/tmp.sFipy6h5yL/apt.conf
  Dir "/tmp/tmp.sFipy6h5yL/Sub Dir";
  + :
  + : == list available keys ==
  + apt-key list
  /tmp/tmp.sFipy6h5yL/Sub 
Dir/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
  
-
  pub   rsa4096 2012-05-11 [SC]
    790B C727 7767 219C 42C8  6F93 3B4F E6AC C0B2 1F32
  uid   [ unknown] Ubuntu Archive Automatic Signing Key (2012) 


  + :
  + : == update with environ APT_CONFIG setting the Dir variable ==
  + apt update
  Ign:1 http://archive.ubuntu.com/ubuntu trusty InRelease
  Get:2 http://archive.ubuntu.com/ubuntu trusty Release [58.5 kB]
  Get:3 http://archive.ubuntu.com/ubuntu trusty Release.gpg [933 B]
  Get:4 http://archive.ubuntu.com/ubuntu trusty/main amd64 Packages [1,350 kB]
  Fetched 1,410 kB in 0s (1,959 kB/s)
  Reading package lists... Done
  Building dependency tree... Done
  All packages are up to date.
  + unset APT_CONFIG
  + :
  + : == update with cmdline Dir option setting Dir to relative pwd ==
  + apt -o Dir=./ update
  Ign:1 http://archive.ubuntu.com/ubuntu trusty InRelease
  Hit:2 http://archive.ubuntu.com/ubuntu trusty Release
  Reading package lists... Done
  Building dependency tree... Done
  All packages are up to date.
  + :
  + : == update with cmdline Dir option setting Dir to absolute pwd with space 
==
  + apt -o 'Dir=/tmp/tmp.sFipy6h5yL/Sub Dir' update
  Ign:1 http://archive.ubuntu.com/ubuntu trusty InRelease
  Hit:2 http://archive.ubuntu.com/ubuntu trusty Release
  Err:3 http://archive.ubuntu.com/ubuntu trusty Release.gpg
    The following signatures couldn't be verified because the public key is not 
available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
  Reading package lists... Done
  Building dependency tree... Done
  All packages are up to date.
  W: An error occurred during the signature verification. The repository is not 
updated and the previous index files will be used. GPG error: 
http://archive.ubuntu.com/ubuntu trusty Release: The following signatures 
couldn't be verified because the public key is not available: NO_PUBKEY 
40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
  W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/Release.gpg  
The 

[Group.of.nepali.translators] [Bug 1699331] Re: linux-azure: 4.11.0-1002.2 -proposed tracker

[Marcelo Cerri]

*** This bug is a duplicate of bug 1707061 ***
https://bugs.launchpad.net/bugs/1707061

** This bug is no longer a duplicate of bug 1700833
   linux-azure: 4.11.0-1003.3 -proposed tracker
** This bug has been marked a duplicate of bug 1707061
   linux-azure: 4.11.0-1004.4 -proposed tracker

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1699331

Title:
  linux-azure: 4.11.0-1002.2 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Incomplete
Status in Kernel SRU Workflow certification-testing series:
  Confirmed
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  Fix Released
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  Invalid
Status in linux-azure package in Ubuntu:
  Invalid
Status in linux-azure source package in Xenial:
  New

Bug description:
  This bug is for tracking the 4.11.0-1002.2 upload package. This bug
  will contain status and testing results related to that upload.

  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  boot-testing-requested: true
  phase: Promoted to proposed
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1699331/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1696814] Re: add openjdk hs log to list of acceptable_fields in whoopsie

[Launchpad Bug Tracker]

This bug was fixed in the package whoopsie - 0.2.52.4

---
whoopsie (0.2.52.4) xenial-proposed; urgency=medium

  [Brian Murray]
  * src/connectivity.c: query the correct property when trying to
network-manager's state. (LP: #1697375)
  * Modify the whoopsie service file to start after networking is on-line.
  * src/whoopsie.c: Add HotspotError from the openjdk-8 package hook which can
be larger than 1KB to the list of accepted fields. (LP: #1696814)

 -- Tiago Stürmer Daitx   Wed, 19 Jul 2017
11:39:47 -0700

** Changed in: whoopsie (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1696814

Title:
  add openjdk hs log to list of acceptable_fields in whoopsie

Status in whoopsie package in Ubuntu:
  Fix Released
Status in whoopsie source package in Xenial:
  Fix Released
Status in whoopsie source package in Zesty:
  Fix Released

Bug description:
  [Impact]
  By default OpenJDK 8 generates an hs_err file when it crashes, this file 
contains the stacktrace generated by OpenJDK (thus it contains different data 
compared to a gdb stacktrace) plus information on the running threads, classes, 
and memory usage (OpenJDK's regions). This file is usually required by the 
OpenJDK and/or IcedTea upstream developers when filling a bug and, in the case 
of OpenJDK, is more useful than the incomplete stacktrace that GDB can generate 
from OpenJDK crashes.

  OpenJDK 8 now includes a new apport hook to collect additional data
  from crash reports as well as the hs_err log file (in the new
  HotspotError key).

  A new release is soon reaching Zesty and Xenial with the hook included
  and without SRU'ing this fix the hs_err file won't be uploaded to the
  error tracker.

  [Test Case]
  Make sure that you are using OpenJDK 8 and to stop whoopsie service before 
continuing. If any popup about submitting a crash report shows up at any time, 
ignore/cancel it - we are going to manually submit the report to the staging 
error tracker (instead of the official one).

  # SleepTest.java
  public class SleepTest { 
   public static void main(String[] args) throws Exception {
Thread.sleep(5000);
   }
  }

  1. Run whoopsie:
  $ sudo CRASH_DB_URL=https://daisy.staging.ubuntu.com whoopsie -f

  2. Run the SleepTest and SIGKILL it in another terminal:
  $ java SleepTest & sleep 1 && pkill -f -SIGILL "java SleepTest"

  3. View the crash report and submit it:
  $ apport-cli -c report 
/var/crash/_usr_lib_jvm_java-8-openjdk-amd64_jre_bin_java.1000.crash
  3a) View the report
  3b) [Optional] Search for the "HotspotError" key
  3c) Send the report

  4. Verify that the report was saved, including the hs_err content:
  4a) In whoopsie terminal, check the OOPS ID code
  4b) Browse to errors.staging.ubuntu.com/oops/$OOPSID
  4c) Confirm that the HotspotError was added to the report

  [Regression Potential]
  If the new key is added to acceptable_fields whoopsie will upload the entries 
in it. Currently the OpenJDK apport hook limits this to 100 KB, but changes to 
it could allow bigger files with in turn cause an overhead in the error tracker 
infrastructure.

  [Original bug report]
  OpenJDK 8 apport hook attaches the hs_err_pid.log (if it exists) to a 
Crash report under the HotspotError key. The hook is currently limited to 
attaching files under 100 KB.

  Please add HotspotError key to the whitelist in order for it to be
  available in error tracker.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1696814/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1697375] Re: whoopsie's network-manager state querying is broken

[Launchpad Bug Tracker]

This bug was fixed in the package whoopsie - 0.2.52.4

---
whoopsie (0.2.52.4) xenial-proposed; urgency=medium

  [Brian Murray]
  * src/connectivity.c: query the correct property when trying to
network-manager's state. (LP: #1697375)
  * Modify the whoopsie service file to start after networking is on-line.
  * src/whoopsie.c: Add HotspotError from the openjdk-8 package hook which can
be larger than 1KB to the list of accepted fields. (LP: #1696814)

 -- Tiago Stürmer Daitx   Wed, 19 Jul 2017
11:39:47 -0700

** Changed in: whoopsie (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1697375

Title:
  whoopsie's network-manager state querying is broken

Status in whoopsie package in Ubuntu:
  Fix Released
Status in whoopsie source package in Xenial:
  Fix Released
Status in whoopsie source package in Zesty:
  Fix Released
Status in whoopsie source package in Artful:
  Fix Released

Bug description:
  [Impact]
  whoopsie's querying of network-manager's state is broken and this results in 
whoopsie only being able to detect if the system is on-line when network 
manager's state changes. Subsequently, if one manually restarts whoopsie then 
whoopsie will stay off-line until an n-m state change. This can result in 
crashes not being uploaded.  Additionally, whoopsie's systemd service file does 
not start after networking which is incorrect since it initially needs to query 
network-manager's state. (However, this ended up allowing crash reports to 
still be submitted because whoopsie would start first then the n-m's state 
would change and whoopsie would detect that.)

  [Test Case] (state detection failure)
  1) Manually restart the whoopsie service
  2) Observe the following two messages:
  "Jul 14 14:48:09 speedy whoopsie[14137]: [14:48:09] Could not get the Network 
Manager state:
  Jul 14 14:48:09 speedy whoopsie[14137]: [14:48:09] 
GDBus.Error:org.freedesktop.DBus.Error.InvalidArgs: No such property 'state'"

  with the version of network-manager from -proposed you will not see
  these messages when restarting whoopsie.

  [Test Case] (starting after network-manager0
  1) Boot your system
  2) Observe the following in syslog:
  "Jul 17 06:46:47 speedy whoopsie[1156]: [06:46:47] Could not get the Network 
Manager state:
  Jul 17 06:46:47 speedy whoopsie[1156]: [06:46:47] 
GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name 
org.freedesktop.NetworkManager was not provided by any .service files
  "

  with the version of network-manager in -proposed you will not see the
  "NetworkManager was not provided" messages.

  [Regression Potential]
  Its possible that systems that were not submitting crash reports suddenly 
will and that will use some network bandwidth and Error Tracker resources.

  - Original Description -
  
  On artful crash reports are not uploaded automatically (several .crash files 
in /var/crash and no corresponding upload or .uploaded files)

  ProblemType: BugDistroRelease: Ubuntu 17.10
  Package: whoopsie 0.2.56
  ProcVersionSignature: Ubuntu 4.10.0-22.24-generic 4.10.15
  Uname: Linux 4.10.0-22-generic x86_64
  ApportVersion: 2.20.5-0ubuntu4
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Mon Jun 12 09:39:29 2017
  InstallationDate: Installed on 2013-09-03 (1377 days ago)
  InstallationMedia: Ubuntu 13.10 "Saucy Salamander" - Alpha amd64 (20130902)
  ProcEnviron:
   TERM=screen-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=fr_FR.UTF-8
   SHELL=/bin/bash
  RelatedPackageVersions: apport-noui N/ASourcePackage: whoopsie
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1697375/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1706165] Re: linux-azure: disable unused modules in the -extra package

[Brad Figg]

** Also affects: linux-azure (Ubuntu Xenial)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1706165

Title:
  linux-azure: disable unused modules in the -extra package

Status in linux-azure package in Ubuntu:
  Fix Committed
Status in linux-azure source package in Xenial:
  Fix Committed

Bug description:
  SRU Justification:

  Impact: Currently the linux-image-extra-*-azure package contains many unused 
modules.
  Fix: Remove modules that are not use in Azure.
  Testcase: not applied.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1706165/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1701744] Re: [Hyper-V] Add infiniband support for Azure HPC

[Brad Figg]

** Also affects: linux-azure (Ubuntu Xenial)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1701744

Title:
  [Hyper-V] Add infiniband support for Azure HPC

Status in linux-azure package in Ubuntu:
  Fix Committed
Status in linux-azure source package in Xenial:
  Fix Committed

Bug description:
  This is the infiniband driver for Azure HPC.

  Windows Azure agent will provision an image for running infiniband
  RDMA via DAPL when "OS.EnableRDMA=y" is defined in waagent.conf.

  Note: Ubuntu image needs to load rdma_ucm on boot to expose the RDMA
  CM interface to user-mode library.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1701744/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1602813] Re: openvpn-auth-ldap causing segfault on network timeout

[Launchpad Bug Tracker]

This bug was fixed in the package openvpn-auth-ldap - 2.0.3-5.1ubuntu0.1

---
openvpn-auth-ldap (2.0.3-5.1ubuntu0.1) trusty; urgency=medium

  * debian/patches/openvpn_ldap_timeout_fix-lp1602813.patch: Properly
check ldap_result() return code.  Thanks to Aaron Peschel
.  Closes LP: #1602813.

 -- Andreas Hasenack   Wed, 05 Jul 2017 16:35:52
-0300

** Changed in: openvpn-auth-ldap (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1602813

Title:
  openvpn-auth-ldap causing segfault on network timeout

Status in openvpn-auth-ldap package in Ubuntu:
  Fix Released
Status in openvpn-auth-ldap source package in Trusty:
  Fix Released
Status in openvpn-auth-ldap source package in Xenial:
  Fix Released
Status in openvpn-auth-ldap source package in Yakkety:
  Won't Fix
Status in openvpn-auth-ldap source package in Zesty:
  Fix Released
Status in openvpn-auth-ldap package in Debian:
  New

Bug description:
  [Impact]
  There is a timeout bug in the openvpn-auth-ldap package that causes
  OpenVPN to crash when the network timeout is exceeded.

  The openvpn-auth-ldap plugin is not correctly checking the error codes
  from ldap_result. As a result, it is not catching timeouts, and
  proceeds as if ldap_result was successful. This results in a segfault
  when access to the result (which is set to Null) is attempted.

  Network timeouts are somewhat common and services should be resilient
  to it. Having a service as a whole crash because of such an occurrence
  is not acceptable.

  This upload fixes the problem by simply including the timeout error
  case in an existing check. It was clearly just an oversight in that
  one call, as the remainder of the code does handle timeout errors. It
  was just never reached.

  [Test Case]
  To reproduce the problem in an openvpn server:
  * install openvpn and openvpn-auth-ldap:
  $ sudo apt install openvpn openvpn-auth-ldap

  * expand the attached openvpn-test-server.tar.gz tarball inside /etc:
  $ sudo tar -C /etc -xzf openvpn-test-server.tar.gz

  * start nc on port 389:
  $ sudo nc -l -p 389

  * In another terminal, start the openvpn server:
  $ cd /etc/openvpn
  $ sudo openvpn --config server.conf

  Next you will need an openvpn client, also configured with the SSL certs
  as usual, plus "auth-user-pass". This client can be the same for all server 
tests, if you are testing multiple Ubuntu releases, since what crashes is the 
server. It also doesn't have to be the fixed package from proposed.

  * Install openvpn:
  $ sudo apt install openvpn

  * Expand the client tarball in /etc:
  $ sudo tar -C /etc -xzf openvpn-test-client.tar.gz

  * Edit /etc/openvpn/client.conf and change the "remote "
  line to point to your openvpn server's hostname

  * Start the client:
  $ cd /etc/openvpn
  $ sudo openvpn --config client.conf

  * It will prompt you for username and password. The values you provide are 
irrelevant:
  (...)
  Enter Auth Username: asd
  Enter Auth Password: ***

  The vulnerable server will crash:
  root@trusty-openvpn-1602813:/etc/openvpn$ sudo openvpn --config server.conf
  Tue Jun 20 13:56:55 2017 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] 
[LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
  Tue Jun 20 13:56:55 2017 TUN/TAP device tun0 opened
  Tue Jun 20 13:56:55 2017 Note: Cannot set tx queue length on tun0: Operation 
not permitted (errno=1)
  Tue Jun 20 13:56:55 2017 do_ifconfig, tt->ipv6=0, 
tt->did_ifconfig_ipv6_setup=0
  Tue Jun 20 13:56:55 2017 /sbin/ip link set dev tun0 up mtu 1500
  Tue Jun 20 13:56:55 2017 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 
10.8.0.2
  Tue Jun 20 13:56:55 2017 UDPv4 link local (bound): [undef]
  Tue Jun 20 13:56:55 2017 UDPv4 link remote: [undef]
  Tue Jun 20 13:56:55 2017 Initialization Sequence Completed
  openvpn: sasl.c:257: ldap_parse_sasl_bind_result: Assertion `res != ((void 
*)0)' failed.
  Aborted (core dumped)

  The fixed version will just complain about a timeout error and remain running:
  (...)
  LDAP bind failed: Timed out
  Unable to bind as uid=john,ou=People,dc=lxd
  LDAP connect failed.
  Tue Jun 20 15:55:51 2017 10.0.100.162:1194 PLUGIN_CALL: plugin function 
PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: 
/usr/lib/openvpn/openvpn-auth-ldap.so
  Tue Jun 20 15:55:51 2017 10.0.100.162:1194 TLS Auth Error: Auth 
Username/Password verification failed for peer
  Tue Jun 20 15:55:51 2017 10.0.100.162:1194 [client] Peer Connection Initiated 
with [AF_INET]10.0.100.162:1194

  
  [Regression Potential]
  The patch is very focused. I believe the biggest regression potential lies in 
the fact that this package hasn't been rebuilt very often. This new build will 
be done with the surrounding system 

[Group.of.nepali.translators] [Bug 1602813] Re: openvpn-auth-ldap causing segfault on network timeout

[Launchpad Bug Tracker]

This bug was fixed in the package openvpn-auth-ldap -
2.0.3-6.1ubuntu0.17.04.1

---
openvpn-auth-ldap (2.0.3-6.1ubuntu0.17.04.1) zesty; urgency=medium

  * debian/patches/openvpn_ldap_timeout_fix-lp1602813.patch: Properly
check ldap_result() return code.  Thanks to Aaron Peschel
.  Closes LP: #1602813.

 -- Andreas Hasenack   Wed, 05 Jul 2017 16:26:16
-0300

** Changed in: openvpn-auth-ldap (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

** Changed in: openvpn-auth-ldap (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1602813

Title:
  openvpn-auth-ldap causing segfault on network timeout

Status in openvpn-auth-ldap package in Ubuntu:
  Fix Released
Status in openvpn-auth-ldap source package in Trusty:
  Fix Released
Status in openvpn-auth-ldap source package in Xenial:
  Fix Released
Status in openvpn-auth-ldap source package in Yakkety:
  Won't Fix
Status in openvpn-auth-ldap source package in Zesty:
  Fix Released
Status in openvpn-auth-ldap package in Debian:
  New

Bug description:
  [Impact]
  There is a timeout bug in the openvpn-auth-ldap package that causes
  OpenVPN to crash when the network timeout is exceeded.

  The openvpn-auth-ldap plugin is not correctly checking the error codes
  from ldap_result. As a result, it is not catching timeouts, and
  proceeds as if ldap_result was successful. This results in a segfault
  when access to the result (which is set to Null) is attempted.

  Network timeouts are somewhat common and services should be resilient
  to it. Having a service as a whole crash because of such an occurrence
  is not acceptable.

  This upload fixes the problem by simply including the timeout error
  case in an existing check. It was clearly just an oversight in that
  one call, as the remainder of the code does handle timeout errors. It
  was just never reached.

  [Test Case]
  To reproduce the problem in an openvpn server:
  * install openvpn and openvpn-auth-ldap:
  $ sudo apt install openvpn openvpn-auth-ldap

  * expand the attached openvpn-test-server.tar.gz tarball inside /etc:
  $ sudo tar -C /etc -xzf openvpn-test-server.tar.gz

  * start nc on port 389:
  $ sudo nc -l -p 389

  * In another terminal, start the openvpn server:
  $ cd /etc/openvpn
  $ sudo openvpn --config server.conf

  Next you will need an openvpn client, also configured with the SSL certs
  as usual, plus "auth-user-pass". This client can be the same for all server 
tests, if you are testing multiple Ubuntu releases, since what crashes is the 
server. It also doesn't have to be the fixed package from proposed.

  * Install openvpn:
  $ sudo apt install openvpn

  * Expand the client tarball in /etc:
  $ sudo tar -C /etc -xzf openvpn-test-client.tar.gz

  * Edit /etc/openvpn/client.conf and change the "remote "
  line to point to your openvpn server's hostname

  * Start the client:
  $ cd /etc/openvpn
  $ sudo openvpn --config client.conf

  * It will prompt you for username and password. The values you provide are 
irrelevant:
  (...)
  Enter Auth Username: asd
  Enter Auth Password: ***

  The vulnerable server will crash:
  root@trusty-openvpn-1602813:/etc/openvpn$ sudo openvpn --config server.conf
  Tue Jun 20 13:56:55 2017 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] 
[LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec  1 2014
  Tue Jun 20 13:56:55 2017 TUN/TAP device tun0 opened
  Tue Jun 20 13:56:55 2017 Note: Cannot set tx queue length on tun0: Operation 
not permitted (errno=1)
  Tue Jun 20 13:56:55 2017 do_ifconfig, tt->ipv6=0, 
tt->did_ifconfig_ipv6_setup=0
  Tue Jun 20 13:56:55 2017 /sbin/ip link set dev tun0 up mtu 1500
  Tue Jun 20 13:56:55 2017 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 
10.8.0.2
  Tue Jun 20 13:56:55 2017 UDPv4 link local (bound): [undef]
  Tue Jun 20 13:56:55 2017 UDPv4 link remote: [undef]
  Tue Jun 20 13:56:55 2017 Initialization Sequence Completed
  openvpn: sasl.c:257: ldap_parse_sasl_bind_result: Assertion `res != ((void 
*)0)' failed.
  Aborted (core dumped)

  The fixed version will just complain about a timeout error and remain running:
  (...)
  LDAP bind failed: Timed out
  Unable to bind as uid=john,ou=People,dc=lxd
  LDAP connect failed.
  Tue Jun 20 15:55:51 2017 10.0.100.162:1194 PLUGIN_CALL: plugin function 
PLUGIN_AUTH_USER_PASS_VERIFY failed with status 1: 
/usr/lib/openvpn/openvpn-auth-ldap.so
  Tue Jun 20 15:55:51 2017 10.0.100.162:1194 TLS Auth Error: Auth 
Username/Password verification failed for peer
  Tue Jun 20 15:55:51 2017 10.0.100.162:1194 [client] Peer Connection Initiated 
with [AF_INET]10.0.100.162:1194

  
  [Regression Potential]
  The patch is very focused. I believe the biggest regression potential lies in 
the fact that 

[Group.of.nepali.translators] [Bug 1700531] Re: linux-azure: -proposed tracker

[Marcelo Cerri]

*** This bug is a duplicate of bug 1707061 ***
https://bugs.launchpad.net/bugs/1707061

** This bug is no longer a duplicate of bug 1700833
   linux-azure: 4.11.0-1003.3 -proposed tracker
** This bug has been marked a duplicate of bug 1707061
   linux-azure: 4.11.0-1004.4 -proposed tracker

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1700531

Title:
  linux-azure:  -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  New
Status in Kernel SRU Workflow certification-testing series:
  New
Status in Kernel SRU Workflow prepare-package series:
  New
Status in Kernel SRU Workflow prepare-package-meta series:
  New
Status in Kernel SRU Workflow promote-to-proposed series:
  New
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  New
Status in Kernel SRU Workflow security-signoff series:
  New
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  New
Status in linux-azure package in Ubuntu:
  Invalid
Status in linux-azure source package in Xenial:
  Confirmed

Bug description:
  This bug is for tracking the  upload package.
  This bug will contain status and testing results related to that
  upload.

  For an explanation of the tasks and the associated workflow see: 
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  -- swm properties --
  kernel-stable-master-bug: 1700528

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1700531/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1700833] Re: linux-azure: 4.11.0-1003.3 -proposed tracker

[Marcelo Cerri]

*** This bug is a duplicate of bug 1707061 ***
https://bugs.launchpad.net/bugs/1707061

** This bug has been marked a duplicate of bug 1707061
   linux-azure: 4.11.0-1004.4 -proposed tracker

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1700833

Title:
  linux-azure: 4.11.0-1003.3 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Incomplete
Status in Kernel SRU Workflow certification-testing series:
  Invalid
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  Invalid
Status in Kernel SRU Workflow promote-to-updates series:
  Invalid
Status in Kernel SRU Workflow regression-testing series:
  Fix Released
Status in Kernel SRU Workflow security-signoff series:
  Invalid
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  Confirmed
Status in linux-azure package in Ubuntu:
  Invalid
Status in linux-azure source package in Xenial:
  Confirmed

Bug description:
  This bug is for tracking the 4.11.0-1003.3 upload package. This bug
  will contain status and testing results related to that upload.

  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  boot-testing-requested: true
  phase: Promoted to proposed
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1700833/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1697375] Re: whoopsie's network-manager state querying is broken

[Launchpad Bug Tracker]

This bug was fixed in the package whoopsie - 0.2.55.1

---
whoopsie (0.2.55.1) zesty-proposed; urgency=medium

  [ Brian Murray ]
  * src/connectivity.c: query the correct property when trying to
network-manager's state. (LP: #1697375)
  * Modify the whoopsie service file to start after networking is on-line.
  * src/whoopsie.c: Add HotspotError from the openjdk-8 package hook which can
be larger than 1KB to the list of accepted fields. (LP: #1696814)

 -- Tiago Stürmer Daitx   Wed, 19 Jul 2017
11:34:31 -0700

** Changed in: whoopsie (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1697375

Title:
  whoopsie's network-manager state querying is broken

Status in whoopsie package in Ubuntu:
  Fix Released
Status in whoopsie source package in Xenial:
  Fix Released
Status in whoopsie source package in Zesty:
  Fix Released
Status in whoopsie source package in Artful:
  Fix Released

Bug description:
  [Impact]
  whoopsie's querying of network-manager's state is broken and this results in 
whoopsie only being able to detect if the system is on-line when network 
manager's state changes. Subsequently, if one manually restarts whoopsie then 
whoopsie will stay off-line until an n-m state change. This can result in 
crashes not being uploaded.  Additionally, whoopsie's systemd service file does 
not start after networking which is incorrect since it initially needs to query 
network-manager's state. (However, this ended up allowing crash reports to 
still be submitted because whoopsie would start first then the n-m's state 
would change and whoopsie would detect that.)

  [Test Case] (state detection failure)
  1) Manually restart the whoopsie service
  2) Observe the following two messages:
  "Jul 14 14:48:09 speedy whoopsie[14137]: [14:48:09] Could not get the Network 
Manager state:
  Jul 14 14:48:09 speedy whoopsie[14137]: [14:48:09] 
GDBus.Error:org.freedesktop.DBus.Error.InvalidArgs: No such property 'state'"

  with the version of network-manager from -proposed you will not see
  these messages when restarting whoopsie.

  [Test Case] (starting after network-manager0
  1) Boot your system
  2) Observe the following in syslog:
  "Jul 17 06:46:47 speedy whoopsie[1156]: [06:46:47] Could not get the Network 
Manager state:
  Jul 17 06:46:47 speedy whoopsie[1156]: [06:46:47] 
GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name 
org.freedesktop.NetworkManager was not provided by any .service files
  "

  with the version of network-manager in -proposed you will not see the
  "NetworkManager was not provided" messages.

  [Regression Potential]
  Its possible that systems that were not submitting crash reports suddenly 
will and that will use some network bandwidth and Error Tracker resources.

  - Original Description -
  
  On artful crash reports are not uploaded automatically (several .crash files 
in /var/crash and no corresponding upload or .uploaded files)

  ProblemType: BugDistroRelease: Ubuntu 17.10
  Package: whoopsie 0.2.56
  ProcVersionSignature: Ubuntu 4.10.0-22.24-generic 4.10.15
  Uname: Linux 4.10.0-22-generic x86_64
  ApportVersion: 2.20.5-0ubuntu4
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Mon Jun 12 09:39:29 2017
  InstallationDate: Installed on 2013-09-03 (1377 days ago)
  InstallationMedia: Ubuntu 13.10 "Saucy Salamander" - Alpha amd64 (20130902)
  ProcEnviron:
   TERM=screen-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=fr_FR.UTF-8
   SHELL=/bin/bash
  RelatedPackageVersions: apport-noui N/ASourcePackage: whoopsie
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/whoopsie/+bug/1697375/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1701698] Re: update skiboot to 5.4.3 in xenial

[Launchpad Bug Tracker]

This bug was fixed in the package skiboot - 5.4.3-1ubuntu0.16.04.1

---
skiboot (5.4.3-1ubuntu0.16.04.1) xenial; urgency=medium

  * Backport latest upstream release to xenial. (LP: #1701698)
  * Merge the xenial and Debian changelogs.

 -- Łukasz 'sil2100' Zemczak   Tue, 11 Jul
2017 14:42:14 +0200

** Changed in: skiboot (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1701698

Title:
  update skiboot to 5.4.3 in xenial

Status in The Ubuntu-power-systems project:
  Fix Released
Status in skiboot package in Ubuntu:
  Fix Released
Status in skiboot source package in Xenial:
  Fix Released

Bug description:
  [Impact]

  skiboot is a hardware enablement component used by certain POWER systems and 
should be kept up-to-date on LTS releases. The new upstream version of skiboot 
is required for xenial to support the new POWER9 systems.
  The new upstream version update was requested by upstream and includes only 
hardware enablement changes and bugfixes, making it an ideal case for a new 
microrelease backport.

  [Test Case]

  On a supported system, upgrade opal-prd and opal-utils. Reboot and
  verify that system works as expected. Verify that the opal-prd service
  is running with `systemctl status opal-prd`, make sure there are no
  worrying error messages in the logs.

  [Regression Potential]

  Any new upstream release can introduce potential regressions. The opal-prd 
service is used for diagnostics and runtime maintenance of POWER systems, 
meaning a critical regression can cause the system being unusable.
  The requested release is in zesty since the end of May 2017 and no critical 
issues have been reported so far. Also, seeing that the package is still in 
universe and only targets specific ppc64el hardware, in the case of a 
regression the number of affected users should be relatively low.

  [Original Description]

  Dear Canonical,

  Current skiboot version on Xenial is not enough to full support POWER9
  machines, and the backport is not trivial, since it involves a lot of
  commit,

  We would like to migrate skiboot version 5.4.3, from Zesty into
  xenial-updates, if possible.

  Thank you,

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1701698/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1707061] Re: linux-azure: 4.11.0-1004.4 -proposed tracker

[Andy Whitcroft]

** Also affects: linux-azure (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: linux-azure (Ubuntu Xenial)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1707061

Title:
  linux-azure: 4.11.0-1004.4 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  New
Status in Kernel SRU Workflow certification-testing series:
  New
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Confirmed
Status in Kernel SRU Workflow promote-to-security series:
  Invalid
Status in Kernel SRU Workflow promote-to-updates series:
  Invalid
Status in Kernel SRU Workflow regression-testing series:
  New
Status in Kernel SRU Workflow security-signoff series:
  Invalid
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  New
Status in linux-azure package in Ubuntu:
  Invalid
Status in linux-azure source package in Xenial:
  Confirmed

Bug description:
  This bug is for tracking the 4.11.0-1004.4 upload package. This bug
  will contain status and testing results related to that upload.

  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  kernel-stable-phase:Uploaded
  kernel-stable-phase-changed:Thursday, 27. July 2017 21:01 UTC

  -- swm properties --
  boot-testing-requested: true
  phase: Uploaded

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1707061/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1703532] Re: linux-hwe: 4.10.0-28.32~16.04.2 -proposed tracker

[Andy Whitcroft]

** Changed in: kernel-sru-workflow/automated-testing
   Status: Incomplete => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1703532

Title:
  linux-hwe: 4.10.0-28.32~16.04.2 -proposed tracker

Status in Kernel SRU Workflow:
  Fix Released
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Invalid
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  Fix Released
Status in Kernel SRU Workflow promote-to-updates series:
  Fix Released
Status in Kernel SRU Workflow regression-testing series:
  Fix Released
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  Fix Released
Status in linux-hwe package in Ubuntu:
  Invalid
Status in linux-hwe source package in Xenial:
  Fix Released

Bug description:
  This bug is for tracking the 4.10.0-28.32~16.04.1 upload package. This
  bug will contain status and testing results related to that upload.

  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  boot-testing-requested: true
  phase: Released
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1703532/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1703532] Re: linux-hwe: 4.10.0-28.32~16.04.2 -proposed tracker

[Brad Figg]

The package has been published and the bug is being set to Fix Released


** Changed in: kernel-sru-workflow/promote-to-security
   Status: New => Confirmed

** Changed in: kernel-sru-workflow/promote-to-updates
   Status: New => Confirmed

** Tags removed: block-proposed-xenial

** Tags removed: block-proposed

** Changed in: kernel-sru-workflow/promote-to-security
   Status: Confirmed => Fix Released

** Changed in: kernel-sru-workflow/promote-to-updates
   Status: Confirmed => Fix Released

** Changed in: kernel-sru-workflow
   Status: In Progress => Fix Released

** Description changed:

  This bug is for tracking the 4.10.0-28.32~16.04.1 upload package. This
  bug will contain status and testing results related to that upload.
  
  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  
  -- swm properties --
  boot-testing-requested: true
  phase: Promoted to proposed
  proposed-announcement-sent: true
  proposed-testing-requested: true
+ kernel-stable-phase:Released
+ kernel-stable-phase-changed:Friday, 28. July 2017 05:35 UTC

** Description changed:

  This bug is for tracking the 4.10.0-28.32~16.04.1 upload package. This
  bug will contain status and testing results related to that upload.
  
  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  
  -- swm properties --
  boot-testing-requested: true
- phase: Promoted to proposed
+ phase: Released
  proposed-announcement-sent: true
  proposed-testing-requested: true
- kernel-stable-phase:Released
- kernel-stable-phase-changed:Friday, 28. July 2017 05:35 UTC

** Tags removed: kernel-release-tracking-bug-live

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1703532

Title:
  linux-hwe: 4.10.0-28.32~16.04.2 -proposed tracker

Status in Kernel SRU Workflow:
  Fix Released
Status in Kernel SRU Workflow automated-testing series:
  Fix Released
Status in Kernel SRU Workflow certification-testing series:
  Invalid
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  Fix Released
Status in Kernel SRU Workflow promote-to-updates series:
  Fix Released
Status in Kernel SRU Workflow regression-testing series:
  Fix Released
Status in Kernel SRU Workflow security-signoff series:
  Fix Released
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  Fix Released
Status in linux-hwe package in Ubuntu:
  Invalid
Status in linux-hwe source package in Xenial:
  Fix Released

Bug description:
  This bug is for tracking the 4.10.0-28.32~16.04.1 upload package. This
  bug will contain status and testing results related to that upload.

  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  boot-testing-requested: true
  phase: Released
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1703532/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1705132] Re: Large memory guests, "error: monitor socket did not show up: No such file or directory"

[Brian Murray]

Hello Jorge, or anyone else affected,

Accepted libvirt into zesty-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/libvirt/2.5.0-3ubuntu5.4 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-zesty to verification-done-zesty. If it does not fix
the bug for you, please add a comment stating that, and change the tag
to verification-failed-zesty. In either case, details of your testing
will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: libvirt (Ubuntu Yakkety)
   Status: In Progress => Won't Fix

** Changed in: libvirt (Ubuntu Zesty)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-zesty

** Changed in: libvirt (Ubuntu Xenial)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-xenial

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1705132

Title:
  Large memory guests, "error: monitor socket did not show up: No such
  file or directory"

Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive mitaka series:
  New
Status in Ubuntu Cloud Archive ocata series:
  New
Status in libvirt package in Ubuntu:
  Fix Released
Status in libvirt source package in Xenial:
  Fix Committed
Status in libvirt source package in Yakkety:
  Won't Fix
Status in libvirt source package in Zesty:
  Fix Committed

Bug description:
  [Description]

  - Configured a machine with 32 static VCPUs, 160GB of RAM using 1G
  hugepages on a NUMA capable machine.

  Domain definition (http://pastebin.ubuntu.com/25121106/)

  - Once started (virsh start).

  Libvirt log.

  LC_ALL=C
  PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
  QEMU_AUDIO_DRV=none /usr/bin/kvm-spice -name reproducer2 -S -machine
  pc-i440fx-2.5,accel=kvm,usb=off -cpu host -m 124928 -realtime
  mlock=off -smp 32,sockets=16,cores=1,threads=2 -object memory-backend-
  file,id=ram-node0,prealloc=yes,mem-
  path=/dev/hugepages/libvirt/qemu,share=yes,size=64424509440,host-
  nodes=0,policy=bind -numa node,nodeid=0,cpus=0-15,memdev=ram-node0
  -object memory-backend-file,id=ram-node1,prealloc=yes,mem-
  path=/dev/hugepages/libvirt/qemu,share=yes,size=66571993088,host-
  nodes=1,policy=bind -numa node,nodeid=1,cpus=16-31,memdev=ram-node1
  -uuid d7a4af7f-7549-4b44-8ceb-4a6c951388d4 -no-user-config -nodefaults
  -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-
  reproducer2/monitor.sock,server,nowait -mon
  chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown
  -boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2
  -drive
  file=/var/lib/uvtool/libvirt/images/test.qcow,format=qcow2,if=none,id
  =drive-virtio-disk0,cache=none -device virtio-blk-
  pci,scsi=off,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,id=virtio-
  disk0,bootindex=1 -chardev pty,id=charserial0 -device isa-
  serial,chardev=charserial0,id=serial0 -vnc 127.0.0.1:0 -device cirrus-
  vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-
  pci,id=balloon0,bus=pci.0,addr=0x4 -msg timestamp=on

  Then the following error is raised.

  virsh start reproducer2
  error: Failed to start domain reproducer2
  error: monitor socket did not show up: No such file or directory

  - The fix is done via backports, as a TL;DR the change does:
1. instead of sleeping too short (1ms) in a loop for very long start 
   small but exponentially increase for the few cases that need long. 
   That way fast actions are done fast, but long actions are no cpu-hogs
2. huge guests get ~1s per 1Gb extra timeout to come up, that allows 
   huge guests to initialize properly.

  [Impact]

    * Cannot start virtual machines with large pools of memory allocated
  on NUMA nodes.

  [Test Case]

   * this is a tradeoff of memory clearing speed vs guest size.
 Once the clearing of guest memory exceeds ~30 seconds the issue will 
 trigger.
   * Guest must be backed by huge pages as otherwise the kernel will fault 
 in on demand instead of needing the initial clear.
   * One way to "slow down" is to Configure a Machine with multiple NUMA 
 nodes.
     root@buneary:/home/ubuntu# virsh freepages 0 1G
     1048576KiB: 60
     root@buneary:/home/ubuntu# virsh freepages 1 1G
     1048576KiB: 62
   * Another one to 

[Group.of.nepali.translators] [Bug 1690083] Re: [SRU] 2.26.10

[Adam Conrad]

** Changed in: snapd (Ubuntu Xenial)
   Status: Fix Released => Fix Committed

** Changed in: snapd (Ubuntu Yakkety)
   Status: Fix Committed => Won't Fix

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1690083

Title:
  [SRU] 2.26.10

Status in snapd package in Ubuntu:
  Fix Released
Status in snapd source package in Trusty:
  Fix Committed
Status in snapd source package in Xenial:
  Fix Committed
Status in snapd source package in Yakkety:
  Won't Fix
Status in snapd source package in Zesty:
  Fix Committed

Bug description:
  This is a new version of snapd.

  The changelog for 2.26.8 is available here
  
https://github.com/snapcore/snapd/blob/2.26.8/packaging/ubuntu-16.04/changelog,
  the raw git changelog is available here:
  https://github.com/snapcore/snapd/commits/2.26.8 (note that the debian
  changelog is auto-generated from the merges of the git commits so
  there is usually no need to look at the raw git commits).

  The snappy team released a new 2.26.8 release that we want SRU into
  xenial. The new process described in
  https://wiki.ubuntu.com/SnapdUpdates was used and we have done
  integration-tests on the snappy images, autopkgtests on classic and
  unit tests.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1690083/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1683878] Re: blkfront: add uevent for size change

[Dan Watkins]

** No longer affects: cloud-images/x-series

** Changed in: cloud-images
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1683878

Title:
  blkfront: add uevent for size change

Status in cloud-images:
  Fix Released
Status in linux package in Ubuntu:
  Triaged
Status in linux-aws package in Ubuntu:
  In Progress
Status in linux source package in Xenial:
  New
Status in linux-aws source package in Xenial:
  Fix Released

Bug description:
  A Xen blkfront(xen-blkfront:) patch has been submitted upstream, regarding 
the resizing of a blkfront device from dom0. This patch would emit a 
KOBJ_CHANGE uevent, to notify a guest of the change. This allows for custom 
udev rules, such
  as automatically resizing a filesystem, when an event occurs. 

  We are requesting that this patch be cherry-picked/backported to the
  supported Ubuntu kernels.

  Reference: https://patchwork.kernel.org/patch/9676017/
  Reference: https://lkml.org/lkml/2017/4/11/736

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-images/+bug/1683878/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp