[Touch-packages] [Bug 1978351] Re: MITM vector: ifupdown puts .domains TLD in resolv.conf

[Robert]

Here's a quick-and-dirty temporary workaround:

It uses a post-up hook to remove DOMAINS=DOMAINS from the systemd-
resolved state files if it ends up there.  Put it in /etc/network/if-
up.d/zzz-fix-domains

```
#!/bin/sh
statedir=/run/systemd/resolve/netif
grep -rl DOMAINS $statedir | xargs -r perl -pi -e 's/DOMAINS=DOMAINS//'
systemctl try-restart systemd-resolved || true
```

Running `resolvectl domains $INTERFACE ""` doesn't work because the
network comes up before dbus, which is a prereq for systemd-resolved.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ifupdown in Ubuntu.
https://bugs.launchpad.net/bugs/1978351

Title:
  MITM vector: ifupdown puts .domains TLD in resolv.conf

Status in ifupdown package in Ubuntu:
  Confirmed

Bug description:
  The bug described in
  https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1907878?comments=all
  is a security vulnerability because DNS names that would normally fail
  are now attempted as "foo.domains".

  ".domains" is a real TLD, with the registrar "Donuts, Inc." based in Bellvue, 
WA.
  "google.com.domains" is registered, for example. So is "test.domains".

  For users with ifupdown, any Internet request (especially that does
  not involve some cryptographic payload and destination signature
  verification) is potentially sending packets to an unintended
  audience. It's impossible to say, but likely, that malicious
  registrants are squatting sensitive and common names in the .domains
  TLD.

  The ifupdown package is still used by some cloud providers that have not 
adopted netplan.
  This vulnerability affects 22.04 and potentially other releases.

  This issue has not been corrected in 0.8.36+nmu1ubuntu4.

  With 0.8.36+nmu1ubuntu3 and after an update to 0.8.36+nmu1ubuntu4, the
  resolv.conf looks like the following (which is vulnerable to mitm
  attacks):

  ```
  root@foo:~# cat /etc/resolv.conf
  # This is /run/systemd/resolve/stub-resolv.conf managed by 
man:systemd-resolved(8).
  # Do not edit.
  #
  # This file might be symlinked as /etc/resolv.conf. If you're looking at
  # /etc/resolv.conf and seeing this text, you have followed the symlink.
  #
  # This is a dynamic resolv.conf file for connecting local clients to the
  # internal DNS stub resolver of systemd-resolved. This file lists all
  # configured search domains.
  #
  # Run "resolvectl status" to see details about the uplink DNS servers
  # currently in use.
  #
  # Third party programs should typically not access this file directly, but 
only
  # through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
  # different way, replace this symlink by a static file or a different symlink.
  #
  # See man:systemd-resolved.service(8) for details about the supported modes of
  # operation for /etc/resolv.conf.

  nameserver 127.0.0.53
  options edns0 trust-ad
  search DOMAINS
  ```

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1978351/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1978738] Re: systemd-oomd and zram-config services: "Swap is currently not detected; memory pressure usage will be degraded"

[Eugene San]

@mantas
Thanks for letting me know about the bug/fix.
Looks like my version was not affected due to slightly different systemd config.
Nevertheless, I've added the fix (just in case) and pushed it to 
lp:~eugenesan/+git/zram-config
PPA was updated as well.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1978738

Title:
  systemd-oomd and zram-config services: "Swap is currently not
  detected; memory pressure usage will be degraded"

Status in systemd package in Ubuntu:
  Invalid
Status in zram-config package in Ubuntu:
  Fix Released

Bug description:
  Problem summary:
  
  I've installed the zram-config package. By default it creates a zram swap 
device with half the physical memory size of the system. For instance, in an 
8GB RAM system:

  # swapon
  NAME   TYPE  SIZE USED PRIO
  /dev/zram0 partition 3,8G   1M5

  #zramctl
  NAME   ALGORITHM DISKSIZE  DATA COMPR TOTAL STREAMS MOUNTPOINT
  /dev/zram0 lzo-rle   3,8G  496K 74,9K  376K   4 [SWAP]

  The problem is that when systemd-oomd.service is started during boot
  it doesn't detect that zram swap device because zram-config.service is
  started later. So when systemd-oomd.service was started the zram
  device didn't exists yet. This is the message shown during boot:

  systemd-oomd[587]: Swap is currently not detected; memory pressure
  usage will be degraded

  If you restart systemd-oomd.service after boot it's correctly started
  because zram-config.service was previously loaded and zram device
  exists. So I think it's just a matter of dependencies during boot
  process; it's necessary to make zram-config.service be started before
  systemd-oomd.service (or to make systemd-oomd.service be restarted
  when zram-config.service is started).

  Aditional info:
  ---
  # lsb_release -rd
  Description:  Ubuntu 22.04 LTS
  Release:  22.04

  # apt-cache policy systemd-oomd
  systemd-oomd:
Instalados: 249.11-0ubuntu3.1
Candidato:  249.11-0ubuntu3.1
Tabla de versión:
   *** 249.11-0ubuntu3.1 500
  500 http://ports.ubuntu.com/ubuntu-ports jammy-updates/main arm64 
Packages
  100 /var/lib/dpkg/status
   249.11-0ubuntu3 500
  500 http://ports.ubuntu.com/ubuntu-ports jammy/main arm64 Packages

  # apt-cache policy zram-config
  zram-config:
Instalados: 0.7build1
Candidato:  0.7build1
Tabla de versión:
   *** 0.7build1 500
  500 http://ports.ubuntu.com/ubuntu-ports jammy/universe arm64 Packages
  100 /var/lib/dpkg/status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1978738/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1960383] Re: package libglib2.0-0:i386 2.64.6-1~ubuntu20.04.4 failed to install/upgrade: dependency problems - leaving triggers unprocessed

[Launchpad Bug Tracker]

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: glib2.0 (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to glib2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1960383

Title:
  package libglib2.0-0:i386 2.64.6-1~ubuntu20.04.4 failed to
  install/upgrade: dependency problems - leaving triggers unprocessed

Status in glib2.0 package in Ubuntu:
  Confirmed

Bug description:
  While installing 21.04

  ProblemType: Package
  DistroRelease: Ubuntu 20.04
  Package: libglib2.0-0:i386 2.64.6-1~ubuntu20.04.4
  ProcVersionSignature: Ubuntu 5.13.0-28.31~20.04.1-generic 5.13.19
  Uname: Linux 5.13.0-28-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.21
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Wed Feb  9 13:04:28 2022
  ErrorMessage: dependency problems - leaving triggers unprocessed
  InstallationDate: Installed on 2022-02-03 (5 days ago)
  InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423)
  PackageArchitecture: i386
  Python3Details: /usr/bin/python3.8, Python 3.8.10, python3-minimal, 
3.8.2-0ubuntu2
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.19.7ubuntu3.1
   apt  2.0.6
  SourcePackage: glib2.0
  Title: package libglib2.0-0:i386 2.64.6-1~ubuntu20.04.4 failed to 
install/upgrade: dependency problems - leaving triggers unprocessed
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/1960383/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992105] Re: missing httpform plugin for saslauthd

[Amit]

Hi, thanks for the quick response!

Yes, this is critical for us because we configure postfix to do SMTP
authentication using an HTTP endpoint on our backend (rather than using
lookup tables etc).  The other available auth mechanisms do not allow
for authentication using an HTTP web service.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cyrus-sasl2 in Ubuntu.
https://bugs.launchpad.net/bugs/1992105

Title:
  missing httpform plugin for saslauthd

Status in cyrus-sasl2 package in Ubuntu:
  Confirmed
Status in cyrus-sasl2 source package in Jammy:
  Confirmed
Status in cyrus-sasl2 source package in Kinetic:
  Confirmed

Bug description:
  Hi, we noticed missing httpform plugin for saslauthd.  We are
  migrating from Centos.

  == On Centos (Notice the httpform at the end)

  /usr/sbin/saslauthd -v
  saslauthd 2.1.26
  authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap httpform

  
  == On Ubuntu jammy
  /usr/sbin/saslauthd -v
  saslauthd 2.1.27
  authentication mechanisms: sasldb getpwent kerberos5 pam rimap shadow ldap

  
  == Potential fix

  add the "--enable-httpform" flag to the sasl2-bin package build

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: sasl2-bin 2.1.27+dfsg2-3ubuntu1
  ProcVersionSignature: Ubuntu 5.15.0-48.54-generic 5.15.53
  Uname: Linux 5.15.0-48-generic aarch64
  ApportVersion: 2.20.11-0ubuntu82.1
  Architecture: arm64
  CasperMD5CheckResult: unknown
  Date: Thu Oct  6 14:54:13 2022
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=C.UTF-8
   SHELL=/bin/bash
  SourcePackage: cyrus-sasl2
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/1992105/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1991771] Re: [FFe] Update to 3.0.6

[Steve Langasek]

Given the late glibc change now in flight, I do not think we have the
capacity to take an openssl change this late in the release cycle
without significantly taxing the team to make the release happen.
Especially since the security fixes are low impact and the upstream
release is not security-fix-only, I definitely do not think we can grant
a freeze exception at this point, and think the chances of granting one
on Tuesday when the upstream release has happened are low.  I would
advise that you work with the Security Team to work out what a zero-day
security update of this package should look like.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1991771

Title:
  [FFe] Update to 3.0.6

Status in openssl package in Ubuntu:
  New

Bug description:
  There's an upcoming security release for OpenSSL according to
  https://mta.openssl.org/pipermail/openssl-
  users/2022-October/015477.html

  The timing is somewhat unfortunate given our own release schedule.

  The current version of openssl in kinetic, 3.0.5-2ubuntu1, is actually
  a snapshot of the 3.0 branch ahead of 3.0.5 (inherited from Debian
  during the last merge).

  Sadly, they don't have a proper changelog (even partial) for the
  upcoming release yet, but I'll attach the diff and shortlog between
  our current version and the current state of the branch to get an idea
  of what's to come. As usual for their 3.0 point releases, it's not
  just security fixes but general bugfixes as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1991771/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992105] Re: missing httpform plugin for saslauthd

[Lena Voytek]

Hello,
Thank you for the bug report. I can confirm Ubuntu does not currently support 
the httpform auth mechanism. I reproduced this with the following in both 22.04 
and 22.10:

# lxc launch images:ubuntu/jammy test-saslauthd
# lxc exec test-saslauthd bash

# apt update && apt dist-upgrade -y
# apt install sasl2-bin
# saslauthd -v

It seems that it would be relatively easy to add this to Ubuntu if
needed. Is there anything specific you require this authentication
mechanism for instead of the other available ones?


** Also affects: cyrus-sasl2 (Ubuntu Kinetic)
   Importance: Undecided
   Status: New

** Also affects: cyrus-sasl2 (Ubuntu Jammy)
   Importance: Undecided
   Status: New

** Changed in: cyrus-sasl2 (Ubuntu Jammy)
   Status: New => Confirmed

** Changed in: cyrus-sasl2 (Ubuntu Kinetic)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cyrus-sasl2 in Ubuntu.
https://bugs.launchpad.net/bugs/1992105

Title:
  missing httpform plugin for saslauthd

Status in cyrus-sasl2 package in Ubuntu:
  Confirmed
Status in cyrus-sasl2 source package in Jammy:
  Confirmed
Status in cyrus-sasl2 source package in Kinetic:
  Confirmed

Bug description:
  Hi, we noticed missing httpform plugin for saslauthd.  We are
  migrating from Centos.

  == On Centos (Notice the httpform at the end)

  /usr/sbin/saslauthd -v
  saslauthd 2.1.26
  authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap httpform

  
  == On Ubuntu jammy
  /usr/sbin/saslauthd -v
  saslauthd 2.1.27
  authentication mechanisms: sasldb getpwent kerberos5 pam rimap shadow ldap

  
  == Potential fix

  add the "--enable-httpform" flag to the sasl2-bin package build

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: sasl2-bin 2.1.27+dfsg2-3ubuntu1
  ProcVersionSignature: Ubuntu 5.15.0-48.54-generic 5.15.53
  Uname: Linux 5.15.0-48-generic aarch64
  ApportVersion: 2.20.11-0ubuntu82.1
  Architecture: arm64
  CasperMD5CheckResult: unknown
  Date: Thu Oct  6 14:54:13 2022
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=C.UTF-8
   SHELL=/bin/bash
  SourcePackage: cyrus-sasl2
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/1992105/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992206] Re: bash: non existent locale crashes bash

[Bug Watch Updater]

** Changed in: bash (Debian)
   Importance: Undecided => Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1992206

Title:
  bash: non existent locale crashes bash

Status in bash package in Ubuntu:
  Triaged
Status in bash package in Debian:
  New

Bug description:
  Imported from Debian bug http://bugs.debian.org/1021109:

  Package: libc6
  Version: 2.35-1
  Severity: grave
  Justification: renders package unusable
  X-Debbugs-Cc: kos...@debian.org

  Dear maintainer,

  After upgrading to libc6 2.35-1 (or 2.36-1 in experimental), nonexistent 
locale setting
  starts to crash the system.

  This is dangerous because a remote system might not always have the same 
locale installed.
  An auto update will soft-brick the system unless the sysadmin knows to set 
their LC_ALL=POSIX
  before attempting to ssh.

  Steps to reproduce:

  From a clean installed Debian sid, upgrade to libc6 2.35-1.
  Only install C locale and en_US.UTF-8.

  $ LC_ALL=ja_JP.UTF-8 bash
  bash: warning: setlocale: LC_ALL: cannot change locale (ja_JP.UTF-8)
  Segmentation fault (core dumped)

  $ LC_ALL=ja_JP.UTF-8 gdb bash

  Fatal signal: Segmentation fault
  - Backtrace -
  0x55ed3e1e8dcf ???
  0x55ed3e2df312 ???
  0x55ed3e2df488 ???
  0x7f0b4a39ba9f ???
  0x7f0b4b412204 _rl_init_locale
  0x7f0b4b4122f1 _rl_init_eightbit
  0x7f0b4b3f10f2 rl_initialize
  ... snip ...

  Downgrade to 2.34-8 seems also don't fix the issue, probably some locale
  state was invalidated when upgrading.

  Thanks,
  Kan-Ru

  
  -- System Information:
  Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
  Architecture: amd64 (x86_64)

  Kernel: Linux 5.19.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
  Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
  Shell: /bin/sh linked to /usr/bin/dash
  Init: systemd (via /run/systemd/system)
  LSM: AppArmor: enabled

  Versions of packages libc6 depends on:
  ii  libgcc-s1  12.2.0-3

  Versions of packages libc6 recommends:
  ii  libidn2-0  2.3.3-1+b1

  Versions of packages libc6 suggests:
  ii  debconf [debconf-2.0]  1.5.79
  pn  glibc-doc  
  ii  libc-l10n  2.35-1
  pn  libnss-nis 
  pn  libnss-nisplus 
  ii  locales2.35-1

  -- debconf information:
glibc/kernel-too-old:
glibc/restart-failed:
glibc/disable-screensaver:
glibc/upgrade: true
  * libraries/restart-without-asking: false
  * glibc/restart-services: cron
glibc/kernel-not-supported:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1992206/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992206] Re: bash: non existent locale crashes bash

[Nick Rosbrook]

** Patch added: "bash_5.2-1ubuntu2.debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1992206/+attachment/5622152/+files/bash_5.2-1ubuntu2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1992206

Title:
  bash: non existent locale crashes bash

Status in bash package in Ubuntu:
  Triaged
Status in bash package in Debian:
  New

Bug description:
  Imported from Debian bug http://bugs.debian.org/1021109:

  Package: libc6
  Version: 2.35-1
  Severity: grave
  Justification: renders package unusable
  X-Debbugs-Cc: kos...@debian.org

  Dear maintainer,

  After upgrading to libc6 2.35-1 (or 2.36-1 in experimental), nonexistent 
locale setting
  starts to crash the system.

  This is dangerous because a remote system might not always have the same 
locale installed.
  An auto update will soft-brick the system unless the sysadmin knows to set 
their LC_ALL=POSIX
  before attempting to ssh.

  Steps to reproduce:

  From a clean installed Debian sid, upgrade to libc6 2.35-1.
  Only install C locale and en_US.UTF-8.

  $ LC_ALL=ja_JP.UTF-8 bash
  bash: warning: setlocale: LC_ALL: cannot change locale (ja_JP.UTF-8)
  Segmentation fault (core dumped)

  $ LC_ALL=ja_JP.UTF-8 gdb bash

  Fatal signal: Segmentation fault
  - Backtrace -
  0x55ed3e1e8dcf ???
  0x55ed3e2df312 ???
  0x55ed3e2df488 ???
  0x7f0b4a39ba9f ???
  0x7f0b4b412204 _rl_init_locale
  0x7f0b4b4122f1 _rl_init_eightbit
  0x7f0b4b3f10f2 rl_initialize
  ... snip ...

  Downgrade to 2.34-8 seems also don't fix the issue, probably some locale
  state was invalidated when upgrading.

  Thanks,
  Kan-Ru

  
  -- System Information:
  Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
  Architecture: amd64 (x86_64)

  Kernel: Linux 5.19.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
  Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
  Shell: /bin/sh linked to /usr/bin/dash
  Init: systemd (via /run/systemd/system)
  LSM: AppArmor: enabled

  Versions of packages libc6 depends on:
  ii  libgcc-s1  12.2.0-3

  Versions of packages libc6 recommends:
  ii  libidn2-0  2.3.3-1+b1

  Versions of packages libc6 suggests:
  ii  debconf [debconf-2.0]  1.5.79
  pn  glibc-doc  
  ii  libc-l10n  2.35-1
  pn  libnss-nis 
  pn  libnss-nisplus 
  ii  locales2.35-1

  -- debconf information:
glibc/kernel-too-old:
glibc/restart-failed:
glibc/disable-screensaver:
glibc/upgrade: true
  * libraries/restart-without-asking: false
  * glibc/restart-services: cron
glibc/kernel-not-supported:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1992206/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992206] Re: bash: non existent locale crashes bash

[Nick Rosbrook]

I came across this today debugging the recent TEST-69-SHUTDOWN failures
in systemd autopkgtest[1]. That test automates a login, which due to the
test environment triggers this segfault and causes the test to fail.

[1] https://autopkgtest.ubuntu.com/results/autopkgtest-
kinetic/kinetic/amd64/s/systemd/20221003_103148_cc8ac@/log.gz

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1992206

Title:
  bash: non existent locale crashes bash

Status in bash package in Ubuntu:
  Triaged
Status in bash package in Debian:
  New

Bug description:
  Imported from Debian bug http://bugs.debian.org/1021109:

  Package: libc6
  Version: 2.35-1
  Severity: grave
  Justification: renders package unusable
  X-Debbugs-Cc: kos...@debian.org

  Dear maintainer,

  After upgrading to libc6 2.35-1 (or 2.36-1 in experimental), nonexistent 
locale setting
  starts to crash the system.

  This is dangerous because a remote system might not always have the same 
locale installed.
  An auto update will soft-brick the system unless the sysadmin knows to set 
their LC_ALL=POSIX
  before attempting to ssh.

  Steps to reproduce:

  From a clean installed Debian sid, upgrade to libc6 2.35-1.
  Only install C locale and en_US.UTF-8.

  $ LC_ALL=ja_JP.UTF-8 bash
  bash: warning: setlocale: LC_ALL: cannot change locale (ja_JP.UTF-8)
  Segmentation fault (core dumped)

  $ LC_ALL=ja_JP.UTF-8 gdb bash

  Fatal signal: Segmentation fault
  - Backtrace -
  0x55ed3e1e8dcf ???
  0x55ed3e2df312 ???
  0x55ed3e2df488 ???
  0x7f0b4a39ba9f ???
  0x7f0b4b412204 _rl_init_locale
  0x7f0b4b4122f1 _rl_init_eightbit
  0x7f0b4b3f10f2 rl_initialize
  ... snip ...

  Downgrade to 2.34-8 seems also don't fix the issue, probably some locale
  state was invalidated when upgrading.

  Thanks,
  Kan-Ru

  
  -- System Information:
  Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
  Architecture: amd64 (x86_64)

  Kernel: Linux 5.19.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
  Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
  Shell: /bin/sh linked to /usr/bin/dash
  Init: systemd (via /run/systemd/system)
  LSM: AppArmor: enabled

  Versions of packages libc6 depends on:
  ii  libgcc-s1  12.2.0-3

  Versions of packages libc6 recommends:
  ii  libidn2-0  2.3.3-1+b1

  Versions of packages libc6 suggests:
  ii  debconf [debconf-2.0]  1.5.79
  pn  glibc-doc  
  ii  libc-l10n  2.35-1
  pn  libnss-nis 
  pn  libnss-nisplus 
  ii  locales2.35-1

  -- debconf information:
glibc/kernel-too-old:
glibc/restart-failed:
glibc/disable-screensaver:
glibc/upgrade: true
  * libraries/restart-without-asking: false
  * glibc/restart-services: cron
glibc/kernel-not-supported:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1992206/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992206] [NEW] bash: non existent locale crashes bash

[Nick Rosbrook]

Public bug reported:

Imported from Debian bug http://bugs.debian.org/1021109:

Package: libc6
Version: 2.35-1
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: kos...@debian.org

Dear maintainer,

After upgrading to libc6 2.35-1 (or 2.36-1 in experimental), nonexistent locale 
setting
starts to crash the system.

This is dangerous because a remote system might not always have the same locale 
installed.
An auto update will soft-brick the system unless the sysadmin knows to set 
their LC_ALL=POSIX
before attempting to ssh.

Steps to reproduce:

>From a clean installed Debian sid, upgrade to libc6 2.35-1.
Only install C locale and en_US.UTF-8.

$ LC_ALL=ja_JP.UTF-8 bash
bash: warning: setlocale: LC_ALL: cannot change locale (ja_JP.UTF-8)
Segmentation fault (core dumped)

$ LC_ALL=ja_JP.UTF-8 gdb bash

Fatal signal: Segmentation fault
- Backtrace -
0x55ed3e1e8dcf ???
0x55ed3e2df312 ???
0x55ed3e2df488 ???
0x7f0b4a39ba9f ???
0x7f0b4b412204 _rl_init_locale
0x7f0b4b4122f1 _rl_init_eightbit
0x7f0b4b3f10f2 rl_initialize
... snip ...

Downgrade to 2.34-8 seems also don't fix the issue, probably some locale
state was invalidated when upgrading.

Thanks,
Kan-Ru


-- System Information:
Debian Release: bookworm/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.19.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libc6 depends on:
ii  libgcc-s1  12.2.0-3

Versions of packages libc6 recommends:
ii  libidn2-0  2.3.3-1+b1

Versions of packages libc6 suggests:
ii  debconf [debconf-2.0]  1.5.79
pn  glibc-doc  
ii  libc-l10n  2.35-1
pn  libnss-nis 
pn  libnss-nisplus 
ii  locales2.35-1

-- debconf information:
  glibc/kernel-too-old:
  glibc/restart-failed:
  glibc/disable-screensaver:
  glibc/upgrade: true
* libraries/restart-without-asking: false
* glibc/restart-services: cron
  glibc/kernel-not-supported:

** Affects: bash (Ubuntu)
 Importance: Medium
 Status: Triaged

** Affects: bash (Debian)
 Importance: Undecided
 Status: New


** Tags: foundations-todo

** Bug watch added: Debian Bug tracker #1021109
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021109

** Changed in: bash (Debian)
 Remote watch: None => Debian Bug tracker #1021109

** Changed in: bash (Ubuntu)
   Status: New => Triaged

** Changed in: bash (Ubuntu)
   Importance: Undecided => Medium

** Tags added: foundations-todo

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1992206

Title:
  bash: non existent locale crashes bash

Status in bash package in Ubuntu:
  Triaged
Status in bash package in Debian:
  New

Bug description:
  Imported from Debian bug http://bugs.debian.org/1021109:

  Package: libc6
  Version: 2.35-1
  Severity: grave
  Justification: renders package unusable
  X-Debbugs-Cc: kos...@debian.org

  Dear maintainer,

  After upgrading to libc6 2.35-1 (or 2.36-1 in experimental), nonexistent 
locale setting
  starts to crash the system.

  This is dangerous because a remote system might not always have the same 
locale installed.
  An auto update will soft-brick the system unless the sysadmin knows to set 
their LC_ALL=POSIX
  before attempting to ssh.

  Steps to reproduce:

  From a clean installed Debian sid, upgrade to libc6 2.35-1.
  Only install C locale and en_US.UTF-8.

  $ LC_ALL=ja_JP.UTF-8 bash
  bash: warning: setlocale: LC_ALL: cannot change locale (ja_JP.UTF-8)
  Segmentation fault (core dumped)

  $ LC_ALL=ja_JP.UTF-8 gdb bash

  Fatal signal: Segmentation fault
  - Backtrace -
  0x55ed3e1e8dcf ???
  0x55ed3e2df312 ???
  0x55ed3e2df488 ???
  0x7f0b4a39ba9f ???
  0x7f0b4b412204 _rl_init_locale
  0x7f0b4b4122f1 _rl_init_eightbit
  0x7f0b4b3f10f2 rl_initialize
  ... snip ...

  Downgrade to 2.34-8 seems also don't fix the issue, probably some locale
  state was invalidated when upgrading.

  Thanks,
  Kan-Ru

  
  -- System Information:
  Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
  Architecture: amd64 (x86_64)

  Kernel: Linux 5.19.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
  Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en
  Shell: /bin/sh linked to /usr/bin/dash
  Init: systemd (via /run/systemd/system)
  LSM: AppArmor: enabled

  Versions of packages libc6 depends on:
  ii  libgcc-s1  12.2.0-3

  Versions of packages libc6 recommends:
  ii  libidn2-0  2.3.3-1+b1

  Versions of packages libc6 suggests:
  ii  debconf [debconf-2.0]  1.5.79
  pn  glibc-doc  
  ii  libc-l10n  2.35-1
  pn  

[Touch-packages] [Bug 1991919] Re: libgoogle-glog-dev has unmet dependencies due to libunwind

[Hans Joachim Desserud]

** Tags added: jammy un

** Tags removed: un
** Tags added: unmetdeps

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to google-glog in Ubuntu.
https://bugs.launchpad.net/bugs/1991919

Title:
  libgoogle-glog-dev has unmet dependencies due to libunwind

Status in google-glog package in Ubuntu:
  New

Bug description:
  # Error Description

  Installing `libgoogle-glog-dev` results in an error:

  ```
  $ sudo apt install libgoogle-glog-dev
  Reading package lists... Done
  Building dependency tree... Done
  Reading state information... Done
  Some packages could not be installed. This may mean that you have
  requested an impossible situation or if you are using the unstable
  distribution that some required packages have not yet been created
  or been moved out of Incoming.
  The following information may help to resolve the situation:

  The following packages have unmet dependencies:
   libunwind-14-dev : Breaks: libunwind-dev but 1.3.2-2build2 is to be installed
  E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by 
held packages.
  ```

  # Comments

  I have the packages libc++-14-dev and libc++-dev installed.
  The package libgoogle-glog-dev dependes on "libunwind-dev | libunwind7-dev". 
But Package 'libunwind7-dev' has no installation candidate. Package 
'libunwind-dev' is incompatible with libc++-14-dev and libc++-dev:

  ```
  $ sudo apt install libunwind-dev
  Reading package lists... Done
  Building dependency tree... Done
  Reading state information... Done
  The following packages will be REMOVED:
libc++-14-dev libc++-dev libunwind-14-dev
  The following NEW packages will be installed:
libunwind-dev
  0 upgraded, 1 newly installed, 3 to remove and 14 not upgraded.
  Need to get 0 B/1.882 kB of archives.
  After this operation, 3.176 kB disk space will be freed.
  Do you want to continue? [Y/n] n
  Abort.
  ```

  # Additional information:

  $ lsb_release -rd
  Description:Ubuntu 22.04.1 LTS
  Release:22.04

  $ apt-cache policy libgoogle-glog-dev
  libgoogle-glog-dev:
Installed: (none)
Candidate: 0.5.0+really0.4.0-2
Version table:
   0.5.0+really0.4.0-2 500
  500 http://de.archive.ubuntu.com/ubuntu jammy/universe amd64 Packages

  $ apt show libgoogle-glog-dev
  Package: libgoogle-glog-dev
  Version: 0.5.0+really0.4.0-2
  Priority: optional
  Section: universe/libdevel
  Source: google-glog
  Origin: Ubuntu
  Maintainer: Ubuntu Developers 
  Original-Maintainer: Laszlo Boszormenyi (GCS) 
  Bugs: https://bugs.launchpad.net/ubuntu/+filebug
  Installed-Size: 388 kB
  Depends: libgoogle-glog0v5 (= 0.5.0+really0.4.0-2), libgflags-dev, 
libunwind-dev | libunwind7-dev
  Homepage: https://github.com/google/glog
  Download-Size: 91,9 kB
  APT-Sources: http://de.archive.ubuntu.com/ubuntu jammy/universe amd64 Packages
  Description: library that implements application-level logging.
   This library provides logging APIs based on C++-style streams and
   various helper macros.
   .
   This package contains static and debug libraries and header files for
   developing applications.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/google-glog/+bug/1991919/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1991975] Re: dev file system is mounted without nosuid or noexec

[Dave Chiluk]

Here is a workaround for this issue in case anyone finds this in the
future.

Copy remount_dev.service to /etc/systemd/system
sudo chown root:root /etc/systemd/system/remount_dev.service
sudo systemctl daemon-reload
sudo systemctl enable remount_dev.service

Still I think the kernel patch should be applied, but at least there's a
workaround for now.

** Attachment added: "Systemd unit file as workaround"
   
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1991975/+attachment/5622080/+files/remount_dev.service

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1991975

Title:
  dev file system is mounted without nosuid or noexec

Status in linux package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Confirmed
Status in linux source package in Focal:
  Confirmed
Status in systemd source package in Focal:
  Confirmed
Status in linux source package in Jammy:
  Confirmed
Status in systemd source package in Jammy:
  Confirmed

Bug description:
  [ SRU TEMPLATE ]
  [ Impact ]

   * nosuid, and noexec bits are not set on /dev
   * This has the potential for nefarious actors to use this as an avenue for 
attack. see https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1450960 for more 
discussion around this.
   * It is not best security practice.

  [ Test Plan ]

     1.Boot a Canonical Supplied EC2 instance
     2.Check the mount options for /dev.
     3.You will notice the lack of nosuid and noexec on /dev.

  [ Where problems could occur ]

   * As of 2022/10/06, I need to test this, but don't know how to build
  -aws flavored ubuntu kernels. Instructions welcome.  I'm holding off
  on adding SRU tags until I can actually get this tested.

   * If this is applied to non initramfs-less kernels it could potentially 
cause a regression for very old hardware that does nefarious things with 
memory.  For a larger discussion about that see:
  
https://lore.kernel.org/lkml/YcMfDOyrg647RCmd@debian-BULLSEYE-live-builder-AMD64/T/

   * Low risk if a driver depends on /dev allowing suid or exec this
  might prevent boot.  That being said, all kernels that have been
  booting with an initramfs have been getting nosuid, and noexec set so
  hopefully we can consider that risk fairly well tested.

  [ Other Info ]

   * Patch is accepted into 5.17, and will drop out quickly
   * Any server booting with an initramfs already has nosuid, and noexec set, 
so hopefully

  <<< ORIGINAL TEXT 

  This is similar to
  https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1450960 but new.

  I discovered that my ec2 instances based off of Canonical supplied AMI
  ami-0a23d90349664c6ee *(us-east-2), have dev mounted mounted without
  the nosuid option.

  https://us-east-2.console.aws.amazon.com/ec2/home?region=us-
  east-2#Images:visibility=public-images;imageId=ami-0a23d90349664c6ee

  My usb installed 20.04.4 home machine does not have this problem, but
  it has been installed for quite some time.  My 22.04 laptop machine
  also does not have this issue.

  Reproduce.
  Start an ec2 instance based off of ami-0a23d90349664c6ee.
  $ mount | grep devtmpfs
  nosuid is not found in the options list.

  I've checked the initrd, and /etc/init.d/udev script and all places I
  know of where dev gets mounted set nosuid, so it's non-obvious what
  boot code-path is being taken that results in nosuid missing.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: udev 245.4-4ubuntu3.18
  ProcVersionSignature: Ubuntu 5.15.0-1020.24~20.04.1-aws 5.15.53
  Uname: Linux 5.15.0-1020-aws x86_64
  ApportVersion: 2.20.11-0ubuntu27.24
  Architecture: amd64
  CasperMD5CheckResult: skip
  CustomUdevRuleFiles: 60-cdrom_id.rules 70-snap.snapd.rules
  Date: Thu Oct  6 17:39:42 2022
  Ec2AMI: ami-0a23d90349664c6ee
  Ec2AMIManifest: (unknown)
  Ec2AvailabilityZone: us-east-2c
  Ec2InstanceType: t2.medium
  Ec2Kernel: unavailable
  Ec2Ramdisk: unavailable
  Lsusb: Error: command ['lsusb'] failed with exit code 1:
  Lsusb-t:

  Lsusb-v: Error: command ['lsusb', '-v'] failed with exit code 1:
  MachineType: Xen HVM domU
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=C.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-1020-aws 
root=PARTUUID=5bb90437-9efc-421d-aa94-c512c3b666a3 ro console=tty1 
console=ttyS0 nvme_core.io_timeout=4294967295 panic=-1
  SourcePackage: systemd
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 08/24/2006
  dmi.bios.release: 4.2
  dmi.bios.vendor: Xen
  dmi.bios.version: 4.2.amazon
  dmi.chassis.type: 1
  dmi.chassis.vendor: Xen
  dmi.modalias: 
dmi:bvnXen:bvr4.2.amazon:bd08/24/2006:br4.2:svnXen:pnHVMdomU:pvr4.2.amazon:cvnXen:ct1:cvr:sku:
  dmi.product.name: HVM domU
  dmi.product.version: 4.2.amazon
  dmi.sys.vendor: Xen

To manage notifications about this bug go to:

[Touch-packages] [Bug 1992172] Re: test_run_crash_kernel fails on ppc64el

[Benjamin Drung]

** Changed in: apport (Ubuntu)
   Status: Triaged => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1992172

Title:
  test_run_crash_kernel fails on ppc64el

Status in Apport:
  Triaged
Status in apport package in Ubuntu:
  Fix Committed

Bug description:
  The autopkgtest for apport 2.23.1-0ubuntu1 fails on ppc64el:

  ```
  ==
  FAIL: test_run_crash_kernel (tests.integration.test_ui.T)
  run_crash() for a kernel error
  --
  Traceback (most recent call last):
File "/usr/lib/python3.10/unittest/mock.py", line 1369, in patched
  return func(*newargs, **newkeywargs)
File 
"/tmp/autopkgtest.W5WLIN/autopkgtest_tmp/tests/integration/test_ui.py", line 
1617, in test_run_crash_kernel
  self.assertEqual(
  AssertionError: 'http://linux.bugs.example.com/5' != 
'http://linux-signed.bugs.example.com/5'
  - http://linux.bugs.example.com/5
  + http://linux-signed.bugs.example.com/5
  ? +++

  
  --
  ```

  Full log: https://autopkgtest.ubuntu.com/results/autopkgtest-
  kinetic/kinetic/ppc64el/a/apport/20221007_113450_023d9@/log.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1992172/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1966849] Re: gzip exec format error under WSL1

[Robert Giles]

Thanks for fixing this - 1.10-4ubuntu4.1 works!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gzip in Ubuntu.
https://bugs.launchpad.net/bugs/1966849

Title:
  gzip exec format error under WSL1

Status in gzip:
  New
Status in gzip package in Ubuntu:
  Fix Released
Status in gzip source package in Jammy:
  Fix Released
Status in gzip source package in Kinetic:
  Fix Released

Bug description:
  [Impact]

   * Optimization features included in jammy cause atypical alignment of
  LOAD ELF sections. This in turn causes failure to execute binaries on
  WSL1. Upstream have since integrated the optimization features
  included in jammy, but also reverted alignment to a previously used
  one. This also results in working binary under WSL1.

   * Cherry-pick upstream applied revert to alignment to resolve running
  gzip under WSL1.

  [Test Plan]

   * Use powershell to set default WSL version to 1

   * Deploy WSL1, unpack and use updated gzip package

   * gzip --version should execute correctly under WSL 1

  [Where problems could occur]

   * I cannot tell why performance improvement patches introduced
  alignment change, and if revert of the alignment change affects the
  performance. Note that this change aligns the codebase closer to what
  kinetic & upstream now are.

  [Other Info]
   
   * This bug fix is upstream commit 
https://git.savannah.gnu.org/cgit/gzip.git/commit/gzip.c?id=23a870d14a49803c6d2579071886c1acf497c9d1

  ---

  gzip version 1.10-4ubuntu3 fails to run under WSL1 on Windows
  19044.1620, making WSL pretty much unusable.

  bash: /usr/bin/gzip: cannot execute binary file: Exec format error

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: gzip 1.10-4ubuntu3
  ProcVersionSignature: Microsoft 4.4.0-19041.1237-Microsoft 4.4.35
  Uname: Linux 4.4.0-19041-Microsoft x86_64
  ApportVersion: 2.20.11-0ubuntu79
  Architecture: amd64
  CasperMD5CheckResult: unknown
  Date: Tue Mar 29 06:40:33 2022
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=pl_PL.UTF-8
   SHELL=/usr/bin/fish
  SourcePackage: gzip
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/gzip/+bug/1966849/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1989309] Re: [FFe] new apparmor features for 3.0.7

[Utkarsh Gupta]

I've sponsored this package for Georgia:

Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading apparmor_3.0.7-1ubuntu2.dsc: done.
  Uploading apparmor_3.0.7.orig.tar.gz: done.  
  Uploading apparmor_3.0.7.orig.tar.gz.asc: done.
  Uploading apparmor_3.0.7-1ubuntu2.debian.tar.xz: done.
  Uploading apparmor_3.0.7-1ubuntu2_source.buildinfo: done.
  Uploading apparmor_3.0.7-1ubuntu2_source.changes: done.
Successfully uploaded packages.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1989309

Title:
  [FFe] new apparmor features for 3.0.7

Status in apparmor package in Ubuntu:
  Triaged

Bug description:
  We propose two new features for 3.0.7 Apparmor:

  1. parser support for user namespace mediation.

  Since the last kernel update with commit 
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?h=master-next=30bce26855c9171f8dee74d93308fd506730c914
  Ubuntu 22.10 mediates user namespaces which allows for confined applications 
to have unprivileged user namespace creation, instead of disabling it 
completely.
  If we want applications to have this ability, then we need to add support on 
the parser, which is a feature we are introducing. Bug 1990064 is an example 
caused by this.

  2. userspace support for posix message queue mediation

  Kernel also has POSIX message queue mediation with commit
  https://git.launchpad.net/~ubuntu-
  kernel/ubuntu/+source/linux/+git/kinetic/commit/?h=master-
  next=44f28e2ccee2000c7da971876dd003d38a8232d8 which indicates that
  if admins want to allow legitimate use of POSIX message queues, then
  they will need the support of userspace tools.

  We are also adding a fix for Bug 1990692 which will make the AppArmor
  profiles for samba to be up to date with upstream.

  TESTING

  This has been extensively tested by the security team - this includes
  following the documented Ubuntu merges test plan[1] for AppArmor and the
  extensive QA Regression Tests[2] for AppArmor as well. This ensures that
  the various applications that make heavy use of AppArmor (LXD, docker,
  lxc, dbus, libvirt, snapd etc) have all been exercised and no regressions
  have been observed. All tests have passed and demonstrated both apparmor
  and the various applications that use it to be working as expected.

  BUILD LOGS

  This is currently uploaded to 
https://launchpad.net/~georgiag/+archive/ubuntu/apparmor-kinetic-ffe, build 
logs can be found on
  Launchpad at:
  https://launchpad.net/~georgiag/+archive/ubuntu/test2/+build/24518253 for 
amd64

  DEBDIFF

  The debdiff can be found in the PPA:
  
https://launchpadlibrarian.net/626954017/apparmor_3.0.7-1ubuntu1_3.0.7-1ubuntu2.diff.gz

  INSTALL / UPGRADE LOG

  The apt upgrade log is attached in:
  
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1989309/+attachment/5620824/+files/apparmor-3.0.7-1ubuntu2-apt-upgrade.log

  [1] https://wiki.ubuntu.com/Process/Merges/TestPlans/AppArmor
  [2] 
https://git.launchpad.net/qa-regression-testing/tree/scripts/test-apparmor.py

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1989309/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992172] Re: test_run_crash_kernel fails on ppc64el

[Benjamin Drung]

Proposed fix upstream: https://github.com/canonical/apport/pull/19

** Changed in: apport (Ubuntu)
   Status: New => Triaged

** Changed in: apport (Ubuntu)
   Importance: Undecided => High

** Changed in: apport
   Status: New => Triaged

** Changed in: apport
   Importance: Undecided => High

** Changed in: apport
Milestone: None => 2.24.0

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1992172

Title:
  test_run_crash_kernel fails on ppc64el

Status in Apport:
  Triaged
Status in apport package in Ubuntu:
  Triaged

Bug description:
  The autopkgtest for apport 2.23.1-0ubuntu1 fails on ppc64el:

  ```
  ==
  FAIL: test_run_crash_kernel (tests.integration.test_ui.T)
  run_crash() for a kernel error
  --
  Traceback (most recent call last):
File "/usr/lib/python3.10/unittest/mock.py", line 1369, in patched
  return func(*newargs, **newkeywargs)
File 
"/tmp/autopkgtest.W5WLIN/autopkgtest_tmp/tests/integration/test_ui.py", line 
1617, in test_run_crash_kernel
  self.assertEqual(
  AssertionError: 'http://linux.bugs.example.com/5' != 
'http://linux-signed.bugs.example.com/5'
  - http://linux.bugs.example.com/5
  + http://linux-signed.bugs.example.com/5
  ? +++

  
  --
  ```

  Full log: https://autopkgtest.ubuntu.com/results/autopkgtest-
  kinetic/kinetic/ppc64el/a/apport/20221007_113450_023d9@/log.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1992172/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1971984] Re: pcscd 1.9.5-3 do not start automatically, only manual

[Ondrej Vachálek]

Hello, a simple code helped me. From now on, pcscd.socket always starts
for me


$sudo -i
#systemctl enable pcscd.socket
#sudo systemctl start pcscd.socket

Repeat exactly, the second sudo must also be.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcsc-lite in Ubuntu.
https://bugs.launchpad.net/bugs/1971984

Title:
  pcscd 1.9.5-3 do not start automatically, only manual

Status in pcsc-lite package in Ubuntu:
  Confirmed

Bug description:
  Ubuntu Mate 22.04 with the latest updates.
  Problem is present with internal smart-card reader and also external usb 
smart-card reader.

  eid-viewer sees no card reader,but When i do:

  sudo pcscd -f

  it is working, also following the tips of Ludovic:
  
https://ludovicrousseau.blogspot.com/2011/11/pcscd-auto-start-using-systemd.html

  sudo systemctl stop pcscd.socket
  sudo systemctl start pcscd.socket

  It is working until next restart.

  libacsccid1  version: 1.1.8-1
  libccid version: 1.5.0-2
  pcscd version: 1.9.5-3
  eid-archive version: 2022.3
  eid-mw version: 5.0.28v5.0.28-0u2204-1
  eid-viewer version: 5.0.28v5.0.28-0u2204-1

  In Firefox, my eid card is then also recognized, but only in the ESR
  version, but this is a know Mozilla bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcsc-lite/+bug/1971984/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1991975] Re: dev file system is mounted without nosuid

[Dave Chiluk]

** Information type changed from Private Security to Public Security

** Summary changed:

- dev file system is mounted without nosuid
+ dev file system is mounted without nosuid or noexec

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1991975

Title:
  dev file system is mounted without nosuid or noexec

Status in linux package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Confirmed
Status in linux source package in Focal:
  Confirmed
Status in systemd source package in Focal:
  Confirmed
Status in linux source package in Jammy:
  Confirmed
Status in systemd source package in Jammy:
  Confirmed

Bug description:
  [ SRU TEMPLATE ]
  [ Impact ]

   * nosuid, and noexec bits are not set on /dev
   * This has the potential for nefarious actors to use this as an avenue for 
attack. see https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1450960 for more 
discussion around this.
   * It is not best security practice.

  [ Test Plan ]

     1.Boot a Canonical Supplied EC2 instance
     2.Check the mount options for /dev.
     3.You will notice the lack of nosuid and noexec on /dev.

  [ Where problems could occur ]

   * As of 2022/10/06, I need to test this, but don't know how to build
  -aws flavored ubuntu kernels. Instructions welcome.  I'm holding off
  on adding SRU tags until I can actually get this tested.

   * If this is applied to non initramfs-less kernels it could potentially 
cause a regression for very old hardware that does nefarious things with 
memory.  For a larger discussion about that see:
  
https://lore.kernel.org/lkml/YcMfDOyrg647RCmd@debian-BULLSEYE-live-builder-AMD64/T/

   * Low risk if a driver depends on /dev allowing suid or exec this
  might prevent boot.  That being said, all kernels that have been
  booting with an initramfs have been getting nosuid, and noexec set so
  hopefully we can consider that risk fairly well tested.

  [ Other Info ]

   * Patch is accepted into 5.17, and will drop out quickly
   * Any server booting with an initramfs already has nosuid, and noexec set, 
so hopefully

  <<< ORIGINAL TEXT 

  This is similar to
  https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1450960 but new.

  I discovered that my ec2 instances based off of Canonical supplied AMI
  ami-0a23d90349664c6ee *(us-east-2), have dev mounted mounted without
  the nosuid option.

  https://us-east-2.console.aws.amazon.com/ec2/home?region=us-
  east-2#Images:visibility=public-images;imageId=ami-0a23d90349664c6ee

  My usb installed 20.04.4 home machine does not have this problem, but
  it has been installed for quite some time.  My 22.04 laptop machine
  also does not have this issue.

  Reproduce.
  Start an ec2 instance based off of ami-0a23d90349664c6ee.
  $ mount | grep devtmpfs
  nosuid is not found in the options list.

  I've checked the initrd, and /etc/init.d/udev script and all places I
  know of where dev gets mounted set nosuid, so it's non-obvious what
  boot code-path is being taken that results in nosuid missing.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: udev 245.4-4ubuntu3.18
  ProcVersionSignature: Ubuntu 5.15.0-1020.24~20.04.1-aws 5.15.53
  Uname: Linux 5.15.0-1020-aws x86_64
  ApportVersion: 2.20.11-0ubuntu27.24
  Architecture: amd64
  CasperMD5CheckResult: skip
  CustomUdevRuleFiles: 60-cdrom_id.rules 70-snap.snapd.rules
  Date: Thu Oct  6 17:39:42 2022
  Ec2AMI: ami-0a23d90349664c6ee
  Ec2AMIManifest: (unknown)
  Ec2AvailabilityZone: us-east-2c
  Ec2InstanceType: t2.medium
  Ec2Kernel: unavailable
  Ec2Ramdisk: unavailable
  Lsusb: Error: command ['lsusb'] failed with exit code 1:
  Lsusb-t:

  Lsusb-v: Error: command ['lsusb', '-v'] failed with exit code 1:
  MachineType: Xen HVM domU
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   LANG=C.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-1020-aws 
root=PARTUUID=5bb90437-9efc-421d-aa94-c512c3b666a3 ro console=tty1 
console=ttyS0 nvme_core.io_timeout=4294967295 panic=-1
  SourcePackage: systemd
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 08/24/2006
  dmi.bios.release: 4.2
  dmi.bios.vendor: Xen
  dmi.bios.version: 4.2.amazon
  dmi.chassis.type: 1
  dmi.chassis.vendor: Xen
  dmi.modalias: 
dmi:bvnXen:bvr4.2.amazon:bd08/24/2006:br4.2:svnXen:pnHVMdomU:pvr4.2.amazon:cvnXen:ct1:cvr:sku:
  dmi.product.name: HVM domU
  dmi.product.version: 4.2.amazon
  dmi.sys.vendor: Xen

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1991975/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992178] Re: autopkgtest: upstream tests that run in qemu hang on ppc64el

[Nick Rosbrook]

** Summary changed:

- autopkgtest: upstream tests that run in qemu hang on ppc64l
+ autopkgtest: upstream tests that run in qemu hang on ppc64el

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1992178

Title:
  autopkgtest: upstream tests that run in qemu hang on ppc64el

Status in systemd package in Ubuntu:
  New

Bug description:
  I believe this started early in the kinetic cycle, cf.
  https://autopkgtest.ubuntu.com/packages/systemd/kinetic/ppc64el vs
  https://autopkgtest.ubuntu.com/packages/systemd/jammy/ppc64el.
  Timeouts in the upstream tests have been an issue for a while, but
  kinetic on ppc64el consistently times out with upstream tests that run
  in QEMU.

  Skipping individual tests does not help, because *which* tests time
  out appears to change with each build. For example, in 251.4-1ubuntu4
  the TEST-36-NUMAPOLICY test was consistently the culprit, but now in
  251.4-1ubuntu6 the TEST-14-MACHINE-ID often times out.

  I have not been able to identify a root cause for this, but it seems
  that running tests in QEMU is very fragile on ppc64el, where as the
  tests that run in nspawn are more consistent.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1992178/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992178] [NEW] autopkgtest: upstream tests that run in qemu hang on ppc64l

[Nick Rosbrook]

Public bug reported:

I believe this started early in the kinetic cycle, cf.
https://autopkgtest.ubuntu.com/packages/systemd/kinetic/ppc64el vs
https://autopkgtest.ubuntu.com/packages/systemd/jammy/ppc64el. Timeouts
in the upstream tests have been an issue for a while, but kinetic on
ppc64el consistently times out with upstream tests that run in QEMU.

Skipping individual tests does not help, because *which* tests time out
appears to change with each build. For example, in 251.4-1ubuntu4 the
TEST-36-NUMAPOLICY test was consistently the culprit, but now in
251.4-1ubuntu6 the TEST-14-MACHINE-ID often times out.

I have not been able to identify a root cause for this, but it seems
that running tests in QEMU is very fragile on ppc64el, where as the
tests that run in nspawn are more consistent.

** Affects: systemd (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1992178

Title:
  autopkgtest: upstream tests that run in qemu hang on ppc64l

Status in systemd package in Ubuntu:
  New

Bug description:
  I believe this started early in the kinetic cycle, cf.
  https://autopkgtest.ubuntu.com/packages/systemd/kinetic/ppc64el vs
  https://autopkgtest.ubuntu.com/packages/systemd/jammy/ppc64el.
  Timeouts in the upstream tests have been an issue for a while, but
  kinetic on ppc64el consistently times out with upstream tests that run
  in QEMU.

  Skipping individual tests does not help, because *which* tests time
  out appears to change with each build. For example, in 251.4-1ubuntu4
  the TEST-36-NUMAPOLICY test was consistently the culprit, but now in
  251.4-1ubuntu6 the TEST-14-MACHINE-ID often times out.

  I have not been able to identify a root cause for this, but it seems
  that running tests in QEMU is very fragile on ppc64el, where as the
  tests that run in nspawn are more consistent.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1992178/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1969901] Re: network-manager fails to renew ipv6 address

[Håkan Kvist]

Updated patch also including d017022dfc7e531c23caddeac7b3a8b03b1aa5d0

we will test this further.

** Patch added: "updated patch including 
d017022dfc7e531c23caddeac7b3a8b03b1aa5d0"
   
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1969901/+attachment/5622069/+files/network-manager_1.10.6-2ubuntu1.6-update.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1969901

Title:
  network-manager fails to renew ipv6 address

Status in network-manager package in Ubuntu:
  Fix Released
Status in network-manager source package in Bionic:
  Incomplete

Bug description:
  [Impact]

   * This affects Ubuntu 18.04 where Network Manager version 1.10.6 is
  used.

   * Network manager might kill dhclient(6) and fail to start it again
     causing the IPv6 address to be lost on a network that uses mixed
     IPv4/IPV6.
     The network status will still be seen as online in gnome since ipv4
     is still active.
     The user then have to manually remove the dhcpv6 lease files and
     restart ipv6 connection/restart network manager to regain IPv6
     connectivity.

   * This is a cherry-pick from Network manager 1.10.8 (Ubuntu's version
     is based on 1.10.6):
     
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/7fbbe7ebee99785e38d39c37e515a64a28edef0f

   * Upstream bug:
     https://bugzilla.gnome.org/show_bug.cgi?id=783391

  [Test Plan]

  The test requires three computers
  * one computer runing isc dhcpd server (with network configured static)
  * one computer running patched network manager
  * one computer running vanilla ubuntu

  The idea is to execute on an isolated network and trigger the error by 
changing
  ip range handed out by the dhcp-server to force a nack response back to the
  clients.

  Expected result
  * patched network keeps dhclient6 alive
  * vanilla network manager will fail to keep dhclient6 alive
in network manager logs dhcp6 will expire and not be restarted

  ON THE SERVER
  # Disable app-armor, as it has rules restricting dhcpd
  aa-teardown

  # install isc dhcpserver
  isc-dhcp-server

  # configure network static
  sudo nmcli connection modify "${CONNECTION_NAME}" \
   ipv4.method "manual" \
   ipv4.addresses "192.168.1.1/24" \
   ipv4.gateway "192.168.1.254" \
   ipv4.dns "192.168.1.1" \
   ipv6.method "manual" \
   ipv6.addresses "2001:db8:0:1::1/64" \
   ipv6.gateway "2001:db8:0:1::ffbb" \
   ipv6.dns "2001:db8:0:1::1/64"

  mkdir -p tmp
  touch tmp/dhcpd4_a.leases
  touch tmp/dhcpd4_b.leases
  touch tmp/dhcpd6_a.leases
  touch tmp/dhcpd6_b.leases

  Then it is time to execute dhcpd
  -f - run in foreground
  -d - print errors to stderr instead of syslog

  # Start in separate terminals
  dhcpd -f -d -4 -cf dhcp_v4_a.conf -lf tmp/dhcpd4_a.leases enp0s31f6
  dhcpd -f -d -6 -cf dhcp_v6_a.conf -lf tmp/dhcpd6_a.leases enp0s31f6

  Press ctrl-C to kill servers, then restart with the b configurations

  dhcpd -f -d -4 -cf dhcp_v4_b.conf -lf tmp/dhcpd4_b.leases enp0s31f6
  dhcpd -f -d -6 -cf dhcp_v6_b.conf -lf tmp/dhcpd6_b.leases enp0s31f6

  Then leases to expire (check for clients that kills dhclient)
  Press ctrl-C to kill servers, then restart with the a configurations

  ON THE CLIENTS
  Setup:
  Configure ipv6 network in settings to use dhcp (using the gui)

  Test:
  check that dhcp clients are still running:
  ps aux|grep dhclient

  Expected in output
  one client for dhcpv4
  one client for dhcpv6

  Also check network manager status :
  journalctl -u NetworkManager.service
  journalctl -u NetworkManager.service|grep dhcp6 # to only view dhclient6
  journalctl -u NetworkManager.service|grep dhcp4 # to only view dhclient4

  if dhclient is not running:
  stop network in gui
  remove lease files (/var/lib/NetworkManager/dhclient*.lease). Only remove the 
lease for the client not running.
  start network in gui

  if dhclients are running:
  wait additional ten minutes, repeat from beginning of test

  [Where problems could occur]

   * The change is in the dchp lease expiration handling so verify that
  there is no regression in dhcp renewals on different type of
  configuration include IPv6

  [Other Info]
   * We have tested this patch on a couple of clients where we have seen this
     this problem. If this patch is feasible to include in Ubuntu 18.04 we
     could request more users to test.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1969901/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1990379] Re: [FFe][UBUNTU 20.04] zlib: inflate() does not update strm.adler if DFLTCC is used

[Frank Heimes]

** Description changed:

  SRU Justification:
  --
  
  [ Impact ]
  
-  * The zlib function inflate() does not update strm.adler
-in case DFLTCC is used.
+  * The zlib function inflate() does not update strm.adler
+    in case DFLTCC is used.
  
-  * This issue was exposed by Java Certification Kit (JCK) running on z15
-hardware and newer and impacts all JDK versions (8,11,17, etc.)
-that use the system default settings.
+  * This issue was exposed by Java Certification Kit (JCK) running on z15
+    hardware and newer and impacts all JDK versions (8,11,17, etc.)
+    that use the system default settings.
  
-  * The JCK failure impacts the ability to certify Java SDKs on this
-platform/Linux-distribution combination.
+  * The JCK failure impacts the ability to certify Java SDKs on this
+    platform/Linux-distribution combination.
  
-  * On top the incorrect alder32 result may cause functional issues with
-Java applications that depend on the result.
+  * On top the incorrect alder32 result may cause functional issues with
+    Java applications that depend on the result.
  
  [ Test Plan ]
  
-  * An affected Ubuntu release (20.04, 22.04 and 22.10) installed
-on a z15/LinuxONE III or newer system is needed.
+  * An affected Ubuntu release (20.04, 22.04 and 22.10) installed
+    on a z15/LinuxONE III or newer system is needed.
  
-  * Then it's possible to test the updated package with the help
-of a small test program (in C) that makes use of the zlib1g library
-or run the Java Certification Kit.
+  * Then it's possible to test the updated package with the help
+    of a small test program (in C) that makes use of the zlib1g library
+    or run the Java Certification Kit.
  
-  * Test will be done by IBM.
+  * Test will be done by IBM.
  
  [ Where problems could occur ]
  
-  * The patch is a one-line change:
-https://launchpadlibrarian.net/626003193/410-lp1990379.patch
-and there are not many issues to expect.
+  * The patch is a one-line change:
+    https://launchpadlibrarian.net/626003193/410-lp1990379.patch
+    and there are not many issues to expect.
  
-  * There could be a potential problem with the adler field
-in the strm struct.
-For example in case the struct is not as assumed or contains
-and unexpected value, which would then ripple through
-the other fields, too.
+  * There could be a potential problem with the adler field
+    in the strm struct.
+    For example in case the struct is not as assumed or contains
+    and unexpected value, which would then ripple through
+    the other fields, too.
  
-  * Structural changes could be identified with a test build that was done
-for all affected Ubuntu releases and for all major architectures:
-https://launchpad.net/~fheimes/+archive/ubuntu/lp1990379
+  * Structural changes could be identified with a test build that was done
+    for all affected Ubuntu releases and for all major architectures:
+    https://launchpad.net/~fheimes/+archive/ubuntu/lp1990379
  
  [ Other Info ]
-  
-  * The patch itself is the same for all zlib version in
-20.04, 22.04 and 22.10 - no further adjustments were needed.
+ 
+  * The patch itself is the same for all zlib version in
+    20.04, 22.04 and 22.10 - no further adjustments were needed.
+ 
+  * This bug (LP#1990379) is solved in combination with LP#1982583,
+so that only one package update is needed.
+However, this bug affects Kinetic, jammy and Focal,
+but LP#1982583 only Jammy and Kinetic.
+ 
+  * The debdiffs for Kinetic and Jammy should be taken from LP#1982583,
+and the remaining debdiff for Focal from here.
+ 
  __
  
  == Comment: #0 - Ilya Leoshkevich  - 2022-09-21 05:02:24 ==
  inflate() does not update strm.adler if DFLTCC is used.
  
  Found with a JDK test.
  
  zlib-ng PR: https://github.com/zlib-ng/zlib-ng/pull/1349
  
  Updated zlib PR: https://github.com/madler/zlib/pull/410
  
  zlib tag: https://github.com/iii-i/zlib/releases/tag/dfltcc-20220920
  
  zlib diff:
  
https://github.com/madler/zlib/compare/e6aed68ff815be74855ec6a19d6ae35065a4adb4..171d0ff3c9ed40da0ac14085ab16b766b1162069#diff-325baa03829572a9f26b4bb8b3cada1ddc637854529d6a6cb111b8c3ca785620
  
  Ubuntu 20.04 and later need to be fixed.
  
  ---
  External link: https://warthogs.atlassian.net/browse/PEI-28

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zlib in Ubuntu.
https://bugs.launchpad.net/bugs/1990379

Title:
  [FFe][UBUNTU 20.04] zlib: inflate() does not update strm.adler if
  DFLTCC is used

Status in Ubuntu on IBM z Systems:
  In Progress
Status in zlib package in Ubuntu:
  In Progress
Status in zlib source package in Focal:
  In Progress
Status in zlib source package in Jammy:
  In Progress
Status in zlib source package in Kinetic:
  In Progress

Bug description:
  SRU Justification:
  --

  [ Impact ]

   * The zlib 

[Touch-packages] [Bug 1990379] Re: [FFe][UBUNTU 20.04] zlib: inflate() does not update strm.adler if DFLTCC is used

[Simon Chopin]

** Summary changed:

- [UBUNTU 20.04] zlib: inflate() does not update strm.adler if DFLTCC is used
+ [FFe][UBUNTU 20.04] zlib: inflate() does not update strm.adler if DFLTCC is 
used

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zlib in Ubuntu.
https://bugs.launchpad.net/bugs/1990379

Title:
  [FFe][UBUNTU 20.04] zlib: inflate() does not update strm.adler if
  DFLTCC is used

Status in Ubuntu on IBM z Systems:
  In Progress
Status in zlib package in Ubuntu:
  In Progress
Status in zlib source package in Focal:
  In Progress
Status in zlib source package in Jammy:
  In Progress
Status in zlib source package in Kinetic:
  In Progress

Bug description:
  SRU Justification:
  --

  [ Impact ]

   * The zlib function inflate() does not update strm.adler
     in case DFLTCC is used.

   * This issue was exposed by Java Certification Kit (JCK) running on z15
     hardware and newer and impacts all JDK versions (8,11,17, etc.)
     that use the system default settings.

   * The JCK failure impacts the ability to certify Java SDKs on this
     platform/Linux-distribution combination.

   * On top the incorrect alder32 result may cause functional issues with
     Java applications that depend on the result.

  [ Test Plan ]

   * An affected Ubuntu release (20.04, 22.04 and 22.10) installed
     on a z15/LinuxONE III or newer system is needed.

   * Then it's possible to test the updated package with the help
     of a small test program (in C) that makes use of the zlib1g library
     or run the Java Certification Kit.

   * Test will be done by IBM.

  [ Where problems could occur ]

   * The patch is a one-line change:
     https://launchpadlibrarian.net/626003193/410-lp1990379.patch
     and there are not many issues to expect.

   * There could be a potential problem with the adler field
     in the strm struct.
     For example in case the struct is not as assumed or contains
     and unexpected value, which would then ripple through
     the other fields, too.

   * Structural changes could be identified with a test build that was done
     for all affected Ubuntu releases and for all major architectures:
     https://launchpad.net/~fheimes/+archive/ubuntu/lp1990379

  [ Other Info ]

   * The patch itself is the same for all zlib version in
     20.04, 22.04 and 22.10 - no further adjustments were needed.

   * This bug (LP#1990379) is solved in combination with LP#1982583,
 so that only one package update is needed.
 However, this bug affects Kinetic, jammy and Focal,
 but LP#1982583 only Jammy and Kinetic.

   * The debdiffs for Kinetic and Jammy should be taken from LP#1982583,
 and the remaining debdiff for Focal from here.

  __

  == Comment: #0 - Ilya Leoshkevich  - 2022-09-21 05:02:24 ==
  inflate() does not update strm.adler if DFLTCC is used.

  Found with a JDK test.

  zlib-ng PR: https://github.com/zlib-ng/zlib-ng/pull/1349

  Updated zlib PR: https://github.com/madler/zlib/pull/410

  zlib tag: https://github.com/iii-i/zlib/releases/tag/dfltcc-20220920

  zlib diff:
  
https://github.com/madler/zlib/compare/e6aed68ff815be74855ec6a19d6ae35065a4adb4..171d0ff3c9ed40da0ac14085ab16b766b1162069#diff-325baa03829572a9f26b4bb8b3cada1ddc637854529d6a6cb111b8c3ca785620

  Ubuntu 20.04 and later need to be fixed.

  ---
  External link: https://warthogs.atlassian.net/browse/PEI-28

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1990379/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1982583] Re: Fix for zlib CRC32 optimization for s390x

[Frank Heimes]

** Description changed:

+ SRU Justification:
+ --
+ 
+ [ Impact ]
+ 
+  * There were two issues identified in the current
+zlib CRC32 optimization for s390x implementation:
+ 
+  * 1) s390_crc32_vx() signature mismatch
+   which causes a warning
+ 
+  * 2) '-DS390_CRC32_VX' was not added to SFLAGS
+   which results in vectorization being enabled only in the static library.
+ 
+  * The fixes are quite small and affect each only one line:
+ 
+  * 1) by using unsigned longs instead of uint32_t in s390_crc32_vx
+ declaration
+ 
+  * 2) by add line 'SFLAGS="$SFLAGS -DS390_CRC32_VX"'
+ 
+ [ Test Plan ]
+ 
+  * An affected Ubuntu release ([20.04], 22.04 and 22.10) installed
+on a z15/LinuxONE III or newer system is needed.
+ 
+  * Then it's possible to test the updated package with the help
+of a small test program (in C) that checks for
+s390_crc32_vx() signature mismatches.
+ 
+  * The bug reporter has a set of s390x-specific tests that will be
+ executed.
+ 
+  * Test will be done by IBM.
+ 
+ [ Where problems could occur ]
+ 
+  * The fixes are each limited to one line, hence there are
+not many issues to expect, other than:
+ 
+  * Typos (e.g. in the flags), mixing of CFLAGS and SFLAGS,
+ 
+  * in case the changed data type in s390_crc32_vx is causing issues
+inside of s390_crc32_vx or in other parts of the code.
+ 
+  * Structural and syntactical issues can be identified with a test build
+that was done for all affected Ubuntu releases and for all major archs:
+https://launchpad.net/~fheimes/+archive/ubuntu/lp1990379+lp1982583
+ 
+ [ Other Info ]
+ 
+  * This bug (LP#1982583) is solved in combination with LP#1982583,
+so that only one package update is needed.
+However, LP#1982583 also affects Focal, but this bug only Jammy and 
Kinetic.
+ 
+  * To fix LP#1982583 also for focal the debdiff mentioned there is needed, 
too.
+ __
+ 
  'zlib CRC32 optimization for s390x works only in a static library'
  
  I've discovered two issues in lp1932010-ibm-z-add-vectorized-
  crc32-implementation.patch:
  
  1) s390_crc32_vx() signature mismatch, resulting in a warning.
  2) -DS390_CRC32_VX is not added to SFLAGS, resulting in vectorization being 
enabled only in the static library.
  
  I've attached the updated patch.

** Description changed:

  SRU Justification:
  --
  
  [ Impact ]
  
-  * There were two issues identified in the current
-zlib CRC32 optimization for s390x implementation:
+  * There were two issues identified in the current
+    zlib CRC32 optimization for s390x implementation:
  
-  * 1) s390_crc32_vx() signature mismatch
-   which causes a warning
+  * 1) s390_crc32_vx() signature mismatch
+   which causes a warning
  
-  * 2) '-DS390_CRC32_VX' was not added to SFLAGS
-   which results in vectorization being enabled only in the static library.
+  * 2) '-DS390_CRC32_VX' was not added to SFLAGS
+   which results in vectorization being enabled only in the static library.
  
-  * The fixes are quite small and affect each only one line:
+  * The fixes are quite small and affect each only one line:
  
-  * 1) by using unsigned longs instead of uint32_t in s390_crc32_vx
+  * 1) by using unsigned longs instead of uint32_t in s390_crc32_vx
  declaration
  
-  * 2) by add line 'SFLAGS="$SFLAGS -DS390_CRC32_VX"'
+  * 2) by add line 'SFLAGS="$SFLAGS -DS390_CRC32_VX"'
  
  [ Test Plan ]
  
-  * An affected Ubuntu release ([20.04], 22.04 and 22.10) installed
-on a z15/LinuxONE III or newer system is needed.
+  * An affected Ubuntu release ([20.04], 22.04 and 22.10) installed
+    on a z15/LinuxONE III or newer system is needed.
  
-  * Then it's possible to test the updated package with the help
-of a small test program (in C) that checks for
-s390_crc32_vx() signature mismatches.
+  * Then it's possible to test the updated package with the help
+    of a small test program (in C) that checks for
+    s390_crc32_vx() signature mismatches.
  
-  * The bug reporter has a set of s390x-specific tests that will be
+  * The bug reporter has a set of s390x-specific tests that will be
  executed.
  
-  * Test will be done by IBM.
+  * Test will be done by IBM.
  
  [ Where problems could occur ]
  
-  * The fixes are each limited to one line, hence there are
-not many issues to expect, other than:
+  * The fixes are each limited to one line, hence there are
+    not many issues to expect, other than:
  
-  * Typos (e.g. in the flags), mixing of CFLAGS and SFLAGS,
+  * Typos (e.g. in the flags), mixing of CFLAGS and SFLAGS,
  
-  * in case the changed data type in s390_crc32_vx is causing issues
-inside of s390_crc32_vx or in other parts of the code.
+  * in case the changed data type in s390_crc32_vx is causing issues
+    inside of s390_crc32_vx or in other parts of the code.
  
-  * Structural and syntactical issues can be identified with a test build
-that was done for all affected 

[Touch-packages] [Bug 1992172] Re: test_run_crash_kernel fails on ppc64el

[Benjamin Drung]

** Also affects: apport
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1992172

Title:
  test_run_crash_kernel fails on ppc64el

Status in Apport:
  New
Status in apport package in Ubuntu:
  New

Bug description:
  The autopkgtest for apport 2.23.1-0ubuntu1 fails on ppc64el:

  ```
  ==
  FAIL: test_run_crash_kernel (tests.integration.test_ui.T)
  run_crash() for a kernel error
  --
  Traceback (most recent call last):
File "/usr/lib/python3.10/unittest/mock.py", line 1369, in patched
  return func(*newargs, **newkeywargs)
File 
"/tmp/autopkgtest.W5WLIN/autopkgtest_tmp/tests/integration/test_ui.py", line 
1617, in test_run_crash_kernel
  self.assertEqual(
  AssertionError: 'http://linux.bugs.example.com/5' != 
'http://linux-signed.bugs.example.com/5'
  - http://linux.bugs.example.com/5
  + http://linux-signed.bugs.example.com/5
  ? +++

  
  --
  ```

  Full log: https://autopkgtest.ubuntu.com/results/autopkgtest-
  kinetic/kinetic/ppc64el/a/apport/20221007_113450_023d9@/log.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1992172/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992171] Re: goa-daemon crashed with SIGABRT in pthread_kill()

[Apport retracing service]

*** This bug is a duplicate of bug 1990200 ***
https://bugs.launchpad.net/bugs/1990200

Thank you for taking the time to report this crash and helping to make
this software better.  This particular crash has already been reported
and is a duplicate of bug #1990200, so is being marked as such.  Please
look at the other bug report to see if there is any missing information
that you can provide, or to see if there is a workaround for the bug.
Additionally, any further discussion regarding the bug should occur in
the other report.  Please continue to report any other bugs you may
find.

** Attachment removed: "CoreDump.gz"
   
https://bugs.launchpad.net/bugs/1992171/+attachment/5622056/+files/CoreDump.gz

** Attachment removed: "Disassembly.txt"
   
https://bugs.launchpad.net/bugs/1992171/+attachment/5622058/+files/Disassembly.txt

** Attachment removed: "ProcMaps.txt"
   
https://bugs.launchpad.net/bugs/1992171/+attachment/5622061/+files/ProcMaps.txt

** Attachment removed: "ProcStatus.txt"
   
https://bugs.launchpad.net/bugs/1992171/+attachment/5622062/+files/ProcStatus.txt

** Attachment removed: "Registers.txt"
   
https://bugs.launchpad.net/bugs/1992171/+attachment/5622063/+files/Registers.txt

** Attachment removed: "Stacktrace.txt"
   
https://bugs.launchpad.net/bugs/1992171/+attachment/5622064/+files/Stacktrace.txt

** Attachment removed: "ThreadStacktrace.txt"
   
https://bugs.launchpad.net/bugs/1992171/+attachment/5622065/+files/ThreadStacktrace.txt

** This bug has been marked a duplicate of private bug 1990200

** Information type changed from Private to Public

** Tags removed: need-amd64-retrace

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnome-online-accounts in
Ubuntu.
https://bugs.launchpad.net/bugs/1992171

Title:
  goa-daemon crashed with SIGABRT in pthread_kill()

Status in gnome-online-accounts package in Ubuntu:
  New

Bug description:
  Recently updated from 20.04->22.04->22.10 with 5.19.0-15-generic
  kernel on a Dell Precision 5570 Laptop. Many other failures like this
  have popped up. Not sure how to troubleshoot this one or what other
  information I can provide.

  ProblemType: Crash
  DistroRelease: Ubuntu 22.10
  Package: gnome-online-accounts 3.46.0-1
  ProcVersionSignature: Ubuntu 5.19.0-15.15-generic 5.19.0
  Uname: Linux 5.19.0-15-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  ApportVersion: 2.23.0-0ubuntu2
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CrashCounter: 1
  Date: Fri Oct  7 09:08:53 2022
  DistributionChannelDescriptor:
   # This is the distribution channel descriptor for the OEM CDs
   # For more information see 
http://wiki.ubuntu.com/DistributionChannelDescriptor
   canonical-oem-somerville-focal-amd64-20200502-85
  ExecutablePath: /usr/libexec/goa-daemon
  InstallationDate: Installed on 2022-08-30 (37 days ago)
  InstallationMedia: Ubuntu 20.04 "Focal" - Build amd64 LIVE Binary 
20200502-05:58
  ProcCmdline: /usr/libexec/goa-daemon
  ProcEnviron:
   SHELL=/bin/bash
   XDG_RUNTIME_DIR=
   PATH=(custom, no user)
   LANG=en_US.UTF-8
  Signal: 6
  SourcePackage: gnome-online-accounts
  StacktraceTop:
   pthread_kill () at /lib/x86_64-linux-gnu/libc.so.6
   raise () at /lib/x86_64-linux-gnu/libc.so.6
   abort () at /lib/x86_64-linux-gnu/libc.so.6
   () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
   g_assertion_message_expr () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
  Title: goa-daemon crashed with SIGABRT in pthread_kill()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip docker kvm libvirt lpadmin plugdev sambashare sudo
  separator:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-online-accounts/+bug/1992171/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1992172] [NEW] test_run_crash_kernel fails on ppc64el

[Benjamin Drung]

Public bug reported:

The autopkgtest for apport 2.23.1-0ubuntu1 fails on ppc64el:

```
==
FAIL: test_run_crash_kernel (tests.integration.test_ui.T)
run_crash() for a kernel error
--
Traceback (most recent call last):
  File "/usr/lib/python3.10/unittest/mock.py", line 1369, in patched
return func(*newargs, **newkeywargs)
  File "/tmp/autopkgtest.W5WLIN/autopkgtest_tmp/tests/integration/test_ui.py", 
line 1617, in test_run_crash_kernel
self.assertEqual(
AssertionError: 'http://linux.bugs.example.com/5' != 
'http://linux-signed.bugs.example.com/5'
- http://linux.bugs.example.com/5
+ http://linux-signed.bugs.example.com/5
? +++


--
```

Full log: https://autopkgtest.ubuntu.com/results/autopkgtest-
kinetic/kinetic/ppc64el/a/apport/20221007_113450_023d9@/log.gz

** Affects: apport (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1992172

Title:
  test_run_crash_kernel fails on ppc64el

Status in apport package in Ubuntu:
  New

Bug description:
  The autopkgtest for apport 2.23.1-0ubuntu1 fails on ppc64el:

  ```
  ==
  FAIL: test_run_crash_kernel (tests.integration.test_ui.T)
  run_crash() for a kernel error
  --
  Traceback (most recent call last):
File "/usr/lib/python3.10/unittest/mock.py", line 1369, in patched
  return func(*newargs, **newkeywargs)
File 
"/tmp/autopkgtest.W5WLIN/autopkgtest_tmp/tests/integration/test_ui.py", line 
1617, in test_run_crash_kernel
  self.assertEqual(
  AssertionError: 'http://linux.bugs.example.com/5' != 
'http://linux-signed.bugs.example.com/5'
  - http://linux.bugs.example.com/5
  + http://linux-signed.bugs.example.com/5
  ? +++

  
  --
  ```

  Full log: https://autopkgtest.ubuntu.com/results/autopkgtest-
  kinetic/kinetic/ppc64el/a/apport/20221007_113450_023d9@/log.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1992172/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1982583] Re: Fix for zlib CRC32 optimization for s390x

[Frank Heimes]

I transferred the modification into a separate patch 
(d/p/lp1982583-fix-for-zlib-crc32-optimization-for-s390x.patch),
and build a patched version (for all major architectures) in PPA for jammy and 
kinetic:
https://launchpad.net/~fheimes/+archive/ubuntu/lp1990379+lp1982583
and attaching here the debdiff for jammy and kinetic - which are for both LP 
bugs, this LP#1982583 and LP#1990379.

** Attachment added: "lp1990379+lp1982583_debdiffs.tgz"
   
https://bugs.launchpad.net/ubuntu/+source/zlib/+bug/1982583/+attachment/5622051/+files/lp1990379+lp1982583_debdiffs.tgz

** Also affects: ubuntu-z-systems
   Importance: Undecided
   Status: New

** Changed in: ubuntu-z-systems
 Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team)

** Changed in: zlib (Ubuntu)
   Importance: Undecided => High

** Changed in: ubuntu-z-systems
   Importance: Undecided => High

** Changed in: zlib (Ubuntu)
   Status: New => In Progress

** Changed in: ubuntu-z-systems
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zlib in Ubuntu.
https://bugs.launchpad.net/bugs/1982583

Title:
  Fix for zlib CRC32 optimization for s390x

Status in Ubuntu on IBM z Systems:
  In Progress
Status in zlib package in Ubuntu:
  In Progress

Bug description:
  'zlib CRC32 optimization for s390x works only in a static library'

  I've discovered two issues in lp1932010-ibm-z-add-vectorized-
  crc32-implementation.patch:

  1) s390_crc32_vx() signature mismatch, resulting in a warning.
  2) -DS390_CRC32_VX is not added to SFLAGS, resulting in vectorization being 
enabled only in the static library.

  I've attached the updated patch.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1982583/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1990379] Re: [UBUNTU 20.04] zlib: inflate() does not update strm.adler if DFLTCC is used

[Frank Heimes]

I've just noticed another bug that I want to fix with the same package update: 
LP#1982583
But LP#1982583 affects only jammy and kinetic, not focal.

This means for fixing this bug (LP#1990379) for jammy and kinetic, please use 
these debdiffs:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1982583/comments/2
and for fixing this bug (LP#1990379) for focal, please take the focal debdiff 
from the previous comment:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1990379/comments/7

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zlib in Ubuntu.
https://bugs.launchpad.net/bugs/1990379

Title:
  [UBUNTU 20.04] zlib: inflate() does not update strm.adler if DFLTCC is
  used

Status in Ubuntu on IBM z Systems:
  In Progress
Status in zlib package in Ubuntu:
  In Progress
Status in zlib source package in Focal:
  In Progress
Status in zlib source package in Jammy:
  In Progress
Status in zlib source package in Kinetic:
  In Progress

Bug description:
  SRU Justification:
  --

  [ Impact ]

   * The zlib function inflate() does not update strm.adler
 in case DFLTCC is used.

   * This issue was exposed by Java Certification Kit (JCK) running on z15
 hardware and newer and impacts all JDK versions (8,11,17, etc.)
 that use the system default settings.

   * The JCK failure impacts the ability to certify Java SDKs on this
 platform/Linux-distribution combination.

   * On top the incorrect alder32 result may cause functional issues with
 Java applications that depend on the result.

  [ Test Plan ]

   * An affected Ubuntu release (20.04, 22.04 and 22.10) installed
 on a z15/LinuxONE III or newer system is needed.

   * Then it's possible to test the updated package with the help
 of a small test program (in C) that makes use of the zlib1g library
 or run the Java Certification Kit.

   * Test will be done by IBM.

  [ Where problems could occur ]

   * The patch is a one-line change:
 https://launchpadlibrarian.net/626003193/410-lp1990379.patch
 and there are not many issues to expect.

   * There could be a potential problem with the adler field
 in the strm struct.
 For example in case the struct is not as assumed or contains
 and unexpected value, which would then ripple through
 the other fields, too.

   * Structural changes could be identified with a test build that was done
 for all affected Ubuntu releases and for all major architectures:
 https://launchpad.net/~fheimes/+archive/ubuntu/lp1990379

  [ Other Info ]
   
   * The patch itself is the same for all zlib version in
 20.04, 22.04 and 22.10 - no further adjustments were needed.
  __

  == Comment: #0 - Ilya Leoshkevich  - 2022-09-21 05:02:24 ==
  inflate() does not update strm.adler if DFLTCC is used.

  Found with a JDK test.

  zlib-ng PR: https://github.com/zlib-ng/zlib-ng/pull/1349

  Updated zlib PR: https://github.com/madler/zlib/pull/410

  zlib tag: https://github.com/iii-i/zlib/releases/tag/dfltcc-20220920

  zlib diff:
  
https://github.com/madler/zlib/compare/e6aed68ff815be74855ec6a19d6ae35065a4adb4..171d0ff3c9ed40da0ac14085ab16b766b1162069#diff-325baa03829572a9f26b4bb8b3cada1ddc637854529d6a6cb111b8c3ca785620

  Ubuntu 20.04 and later need to be fixed.

  ---
  External link: https://warthogs.atlassian.net/browse/PEI-28

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1990379/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1901723] Re: backport Refactor BN_R_NO_INVERSE logic in internal functions

[Simon Chopin]

Reading the upstream bugs, this might still be worth backporting, but
since python-cryptography has implemented a workaround and it's been
sitting here for a while this isn't critical.

** Changed in: openssl (Ubuntu)
   Importance: Undecided => Medium

** Changed in: openssl (Ubuntu)
   Status: Confirmed => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1901723

Title:
  backport Refactor BN_R_NO_INVERSE logic in internal functions

Status in openssl package in Ubuntu:
  Triaged

Bug description:
  backport Refactor BN_R_NO_INVERSE logic in internal functions

  
https://github.com/openssl/openssl/commit/35bb0e44c6168facbb3acedbc7d4f2dcbdd65224

  https://github.com/openssl/openssl/issues/12129

  https://github.com/pyca/cryptography/issues/5521#issuecomment-717293145

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1901723/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1988796] Re: Incorrect rendering triggered by cairo CAIRO_OPERATOR_SATURATE with subpixel positioning

[Athos Ribeiro]

Hi Benjamin,

Thanks for taking the time to provide this fix!

Would you be willing to file the SRU template [1] for this bug so we can
proceed here?

It would also be nice to add dep3 headers [2] to that patch.

[1] https://wiki.ubuntu.com/StableReleaseUpdates#SRU_Bug_Template
[2] https://dep-team.pages.debian.net/deps/dep3/

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pixman in Ubuntu.
https://bugs.launchpad.net/bugs/1988796

Title:
  Incorrect rendering triggered by cairo CAIRO_OPERATOR_SATURATE with
  subpixel positioning

Status in pixman package in Ubuntu:
  New

Bug description:
  pixman 0.38.4-0ubuntu1 in focal (and actually pixman 0.38.x generally)
  has a regression that causes incorrect rendering in some
  circumstances.  This can be triggered by the use of cairo with
  CAIRO_OPERATOR_SATURATE and subpixel positioning, and causes OpenSlide
   to produce incorrect output.

  The attached test program will print "Failed" if the bug exists, or
  "OK" if it doesn't.

  This is fixed upstream in
  https://gitlab.freedesktop.org/pixman/pixman/-/commit/8256c235, which
  is in pixman 0.40.0.

  See https://github.com/openslide/openslide/issues/278 for more
  context.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pixman/+bug/1988796/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1969901] Re: network-manager fails to renew ipv6 address

[Håkan Kvist]

Agreed, commit d017022 seems to be missing.
I will cherry-pick it locally and retest.

I did some more comparing of the file nm-device.c where the changes was
made.

I think d017022 is the only relevant follow up change.

I compared the commit with the original fix with on the 1.10 track with
latest commit on the 1.10 track by doing:

git blame 7fbbe7ebee99785e38d39c37e515a64a28edef0f -- src/devices/nm-device.c > 
commit_7fbbe7ebee99785e38d39c37e515a64a28edef0f.txt
git blame remotes/origin/nm-1-10 -- src/devices/nm-device.c > commit_1_10.txt
 commit_7fbbe7ebee99785e38d39c37e515a64a28edef0f.txt 
commit_1_10.txt

I could not find any other connected changes on rows (or close to rows)
modified by 7fbbe7ebee99785e38d39c37e515a64a28edef0f except for the
changes by d017022.

The commit d7ebbd69a05c8bee636c5eeba2206176ba29bdc3 (core: implement
setting MDNS setting for systemd) was changing into the same methods,
but it added completely new functionality so not related.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1969901

Title:
  network-manager fails to renew ipv6 address

Status in network-manager package in Ubuntu:
  Fix Released
Status in network-manager source package in Bionic:
  Incomplete

Bug description:
  [Impact]

   * This affects Ubuntu 18.04 where Network Manager version 1.10.6 is
  used.

   * Network manager might kill dhclient(6) and fail to start it again
     causing the IPv6 address to be lost on a network that uses mixed
     IPv4/IPV6.
     The network status will still be seen as online in gnome since ipv4
     is still active.
     The user then have to manually remove the dhcpv6 lease files and
     restart ipv6 connection/restart network manager to regain IPv6
     connectivity.

   * This is a cherry-pick from Network manager 1.10.8 (Ubuntu's version
     is based on 1.10.6):
     
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/7fbbe7ebee99785e38d39c37e515a64a28edef0f

   * Upstream bug:
     https://bugzilla.gnome.org/show_bug.cgi?id=783391

  [Test Plan]

  The test requires three computers
  * one computer runing isc dhcpd server (with network configured static)
  * one computer running patched network manager
  * one computer running vanilla ubuntu

  The idea is to execute on an isolated network and trigger the error by 
changing
  ip range handed out by the dhcp-server to force a nack response back to the
  clients.

  Expected result
  * patched network keeps dhclient6 alive
  * vanilla network manager will fail to keep dhclient6 alive
in network manager logs dhcp6 will expire and not be restarted

  ON THE SERVER
  # Disable app-armor, as it has rules restricting dhcpd
  aa-teardown

  # install isc dhcpserver
  isc-dhcp-server

  # configure network static
  sudo nmcli connection modify "${CONNECTION_NAME}" \
   ipv4.method "manual" \
   ipv4.addresses "192.168.1.1/24" \
   ipv4.gateway "192.168.1.254" \
   ipv4.dns "192.168.1.1" \
   ipv6.method "manual" \
   ipv6.addresses "2001:db8:0:1::1/64" \
   ipv6.gateway "2001:db8:0:1::ffbb" \
   ipv6.dns "2001:db8:0:1::1/64"

  mkdir -p tmp
  touch tmp/dhcpd4_a.leases
  touch tmp/dhcpd4_b.leases
  touch tmp/dhcpd6_a.leases
  touch tmp/dhcpd6_b.leases

  Then it is time to execute dhcpd
  -f - run in foreground
  -d - print errors to stderr instead of syslog

  # Start in separate terminals
  dhcpd -f -d -4 -cf dhcp_v4_a.conf -lf tmp/dhcpd4_a.leases enp0s31f6
  dhcpd -f -d -6 -cf dhcp_v6_a.conf -lf tmp/dhcpd6_a.leases enp0s31f6

  Press ctrl-C to kill servers, then restart with the b configurations

  dhcpd -f -d -4 -cf dhcp_v4_b.conf -lf tmp/dhcpd4_b.leases enp0s31f6
  dhcpd -f -d -6 -cf dhcp_v6_b.conf -lf tmp/dhcpd6_b.leases enp0s31f6

  Then leases to expire (check for clients that kills dhclient)
  Press ctrl-C to kill servers, then restart with the a configurations

  ON THE CLIENTS
  Setup:
  Configure ipv6 network in settings to use dhcp (using the gui)

  Test:
  check that dhcp clients are still running:
  ps aux|grep dhclient

  Expected in output
  one client for dhcpv4
  one client for dhcpv6

  Also check network manager status :
  journalctl -u NetworkManager.service
  journalctl -u NetworkManager.service|grep dhcp6 # to only view dhclient6
  journalctl -u NetworkManager.service|grep dhcp4 # to only view dhclient4

  if dhclient is not running:
  stop network in gui
  remove lease files (/var/lib/NetworkManager/dhclient*.lease). Only remove the 
lease for the client not running.
  start network in gui

  if dhclients are running:
  wait additional ten minutes, repeat from beginning of test

  [Where problems could occur]

   * The change is in the dchp lease expiration handling so verify that
  there is no regression in dhcp renewals on different type of
  configuration include IPv6

  [Other Info]
   * We have tested this patch 

[Touch-packages] [Bug 1990891] Re: after today's Kinetic updates, WiFi no longer working, so laptop basically useless

[Sebastien Bacher]

** Package changed: network-manager (Ubuntu) => iwd (Ubuntu)

** Changed in: iwd (Ubuntu)
   Status: Confirmed => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1990891

Title:
  after today's Kinetic updates, WiFi no longer working, so laptop
  basically useless

Status in iwd package in Ubuntu:
  Fix Committed

Bug description:
  ThinkPad X1 Carbon 6th Gen
  WiFi was working fine.
  Installed today's batch of Kinetic updates.
  Laptop can no longer see any WiFi networks (had to dig out my old ThinkPad 
USB dongle and plug into my router to be able to submit this bug report).

  ProblemType: Bug
  DistroRelease: Ubuntu 22.10
  Package: network-manager 1.40.0-1ubuntu1
  ProcVersionSignature: Ubuntu 5.19.0-15.15-generic 5.19.0
  Uname: Linux 5.19.0-15-generic x86_64
  ApportVersion: 2.23.0-0ubuntu2
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Mon Sep 26 17:09:25 2022
  IfupdownConfig:
   # interfaces(5) file used by ifup(8) and ifdown(8)
   auto lo
   iface lo inet loopback
  InstallationDate: Installed on 2019-08-16 (1137 days ago)
  InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
  IpRoute:
   default via 192.168.4.1 dev enp0s31f6 proto dhcp src 192.168.4.158 metric 
100 
   169.254.0.0/16 dev docker0 scope link metric 1000 linkdown 
   172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 
   192.168.4.0/24 dev enp0s31f6 proto kernel scope link src 192.168.4.158 
metric 100
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to kinetic on 2022-09-24 (2 days ago)
  nmcli-nm:
   RUNNING  VERSION  STATE  STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  
WIFI WWAN-HW  WWAN
   running  1.40.0   connected  started  full  enabled enabled  
enabled  missing  enabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iwd/+bug/1990891/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1760106] Re: Enable configuring resume offset via sysfs

[Yuan-Chen Cheng]

** Tags added: oem-priority

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1760106

Title:
  Enable configuring resume offset via sysfs

Status in OEM Priority Project:
  Fix Released
Status in klibc package in Ubuntu:
  Fix Released
Status in linux package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Fix Released
Status in klibc source package in Bionic:
  New
Status in linux source package in Bionic:
  Fix Released
Status in systemd source package in Bionic:
  Fix Released
Status in klibc source package in Cosmic:
  New
Status in linux source package in Cosmic:
  Fix Released
Status in systemd source package in Cosmic:
  Fix Released

Bug description:
  [Impact]

   * Cannot hibernate & resume from a swapfile

  [Test Case]

   * Create or enlarge swapfile to be big enough for hibernation
   * Attempt to hibernate and resume

  [Regression Potential]

   * Hibernation is not reliable technology in itself, and multiple
  things may cause failure to resume. Thus it is sufficient to validate
  this bug after swapfile is attempted for hibernation and the disk
  offset kernel parameter is modified. Irrespective if actual suspending
  or resume were successful or not.

  [Other Info]
   
   * Original bug report

  In 4.17 a new attribute is introduced to configure the hibernation
  resume offset. Since Ubuntu enables a swapfile by default this
  attribute is important to be able to make hibernation work "out of the
  box".

  The patch in the kernel is here:
  
https://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm.git/commit/?h=linux-next=355064675f1c997cea017ea64c8f2c216e5425d9

  Systemd support for adopting this change is available here:
  https://github.com/systemd/systemd/pull/8406
  As of 3/30/18 it's not yet been merged however.

  Klibc support for adopting this change is available here:
  https://www.zytor.com/pipermail/klibc/2018-March/003986.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1760106/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1760106] Re: FFe: Enable configuring resume offset via sysfs

[Utkarsh Gupta]

Since this is no longer an FFe thing, I am removing so from the title.
This should help fix our searches better. The ideal way would be to
unsubscribe ubuntu-release, though.

** Summary changed:

- FFe: Enable configuring resume offset via sysfs
+ Enable configuring resume offset via sysfs

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1760106

Title:
  Enable configuring resume offset via sysfs

Status in OEM Priority Project:
  Fix Released
Status in klibc package in Ubuntu:
  Fix Released
Status in linux package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Fix Released
Status in klibc source package in Bionic:
  New
Status in linux source package in Bionic:
  Fix Released
Status in systemd source package in Bionic:
  Fix Released
Status in klibc source package in Cosmic:
  New
Status in linux source package in Cosmic:
  Fix Released
Status in systemd source package in Cosmic:
  Fix Released

Bug description:
  [Impact]

   * Cannot hibernate & resume from a swapfile

  [Test Case]

   * Create or enlarge swapfile to be big enough for hibernation
   * Attempt to hibernate and resume

  [Regression Potential]

   * Hibernation is not reliable technology in itself, and multiple
  things may cause failure to resume. Thus it is sufficient to validate
  this bug after swapfile is attempted for hibernation and the disk
  offset kernel parameter is modified. Irrespective if actual suspending
  or resume were successful or not.

  [Other Info]
   
   * Original bug report

  In 4.17 a new attribute is introduced to configure the hibernation
  resume offset. Since Ubuntu enables a swapfile by default this
  attribute is important to be able to make hibernation work "out of the
  box".

  The patch in the kernel is here:
  
https://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm.git/commit/?h=linux-next=355064675f1c997cea017ea64c8f2c216e5425d9

  Systemd support for adopting this change is available here:
  https://github.com/systemd/systemd/pull/8406
  As of 3/30/18 it's not yet been merged however.

  Klibc support for adopting this change is available here:
  https://www.zytor.com/pipermail/klibc/2018-March/003986.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1760106/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1978738] Re: systemd-oomd and zram-config services: "Swap is currently not detected; memory pressure usage will be degraded"

[Mantas Kriaučiūnas]

@eugenesan
Is this bug fixed in your version of zram-config - 
https://git.launchpad.net/~eugenesan/+git/zram-config ?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1978738

Title:
  systemd-oomd and zram-config services: "Swap is currently not
  detected; memory pressure usage will be degraded"

Status in systemd package in Ubuntu:
  Invalid
Status in zram-config package in Ubuntu:
  Fix Released

Bug description:
  Problem summary:
  
  I've installed the zram-config package. By default it creates a zram swap 
device with half the physical memory size of the system. For instance, in an 
8GB RAM system:

  # swapon
  NAME   TYPE  SIZE USED PRIO
  /dev/zram0 partition 3,8G   1M5

  #zramctl
  NAME   ALGORITHM DISKSIZE  DATA COMPR TOTAL STREAMS MOUNTPOINT
  /dev/zram0 lzo-rle   3,8G  496K 74,9K  376K   4 [SWAP]

  The problem is that when systemd-oomd.service is started during boot
  it doesn't detect that zram swap device because zram-config.service is
  started later. So when systemd-oomd.service was started the zram
  device didn't exists yet. This is the message shown during boot:

  systemd-oomd[587]: Swap is currently not detected; memory pressure
  usage will be degraded

  If you restart systemd-oomd.service after boot it's correctly started
  because zram-config.service was previously loaded and zram device
  exists. So I think it's just a matter of dependencies during boot
  process; it's necessary to make zram-config.service be started before
  systemd-oomd.service (or to make systemd-oomd.service be restarted
  when zram-config.service is started).

  Aditional info:
  ---
  # lsb_release -rd
  Description:  Ubuntu 22.04 LTS
  Release:  22.04

  # apt-cache policy systemd-oomd
  systemd-oomd:
Instalados: 249.11-0ubuntu3.1
Candidato:  249.11-0ubuntu3.1
Tabla de versión:
   *** 249.11-0ubuntu3.1 500
  500 http://ports.ubuntu.com/ubuntu-ports jammy-updates/main arm64 
Packages
  100 /var/lib/dpkg/status
   249.11-0ubuntu3 500
  500 http://ports.ubuntu.com/ubuntu-ports jammy/main arm64 Packages

  # apt-cache policy zram-config
  zram-config:
Instalados: 0.7build1
Candidato:  0.7build1
Tabla de versión:
   *** 0.7build1 500
  500 http://ports.ubuntu.com/ubuntu-ports jammy/universe arm64 Packages
  100 /var/lib/dpkg/status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1978738/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1982583] Re: zlib CRC32 optimization for s390x works only in a static library

[Frank Heimes]

** Description changed:

+ 'zlib CRC32 optimization for s390x works only in a static library'
+ 
  I've discovered two issues in lp1932010-ibm-z-add-vectorized-
  crc32-implementation.patch:
  
  1) s390_crc32_vx() signature mismatch, resulting in a warning.
  2) -DS390_CRC32_VX is not added to SFLAGS, resulting in vectorization being 
enabled only in the static library.
  
  I've attached the updated patch.

** Summary changed:

- zlib CRC32 optimization for s390x works only in a static library
+ Fix for zlib CRC32 optimization for s390x

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zlib in Ubuntu.
https://bugs.launchpad.net/bugs/1982583

Title:
  Fix for zlib CRC32 optimization for s390x

Status in zlib package in Ubuntu:
  New

Bug description:
  'zlib CRC32 optimization for s390x works only in a static library'

  I've discovered two issues in lp1932010-ibm-z-add-vectorized-
  crc32-implementation.patch:

  1) s390_crc32_vx() signature mismatch, resulting in a warning.
  2) -DS390_CRC32_VX is not added to SFLAGS, resulting in vectorization being 
enabled only in the static library.

  I've attached the updated patch.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zlib/+bug/1982583/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1990448] Re: Show Ubuntu Pro settings

[Sebastien Bacher]

** Description changed:

+ Assuming that it doesn't require a FFe for Kinetic since the code is
+ only active on LTS series.
+ 
  Expose more of the Ubuntu Pro (aka Ubuntu Advantage) services instead of
  just Livepatch.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to software-properties in
Ubuntu.
https://bugs.launchpad.net/bugs/1990448

Title:
  Show Ubuntu Pro settings

Status in software-properties package in Ubuntu:
  Fix Committed
Status in software-properties source package in Xenial:
  New
Status in software-properties source package in Bionic:
  New
Status in software-properties source package in Focal:
  New
Status in software-properties source package in Jammy:
  Incomplete
Status in software-properties source package in Kinetic:
  Fix Committed

Bug description:
  Assuming that it doesn't require a FFe for Kinetic since the code is
  only active on LTS series.

  Expose more of the Ubuntu Pro (aka Ubuntu Advantage) services instead
  of just Livepatch.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1990448/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp