[Bug 2073637] Re: Screen locking issue
Thanks, Mani. You're right, the photo is hard to see what's going on, but it does show that something is visible when probably nothing should be visible. Thanks ** Package changed: gnome-screensaver (Ubuntu) => gnome-shell (Ubuntu) ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/2073637 Title: Screen locking issue To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2073637/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2073016] Re: lock screen leaves left dock exposed and clickable
Hello Carlos. thanks for the report; if you've installed any gnome extensions yourself, I'd suggest to remove them all as a first debugging step. They are apparently very easy to screw up. If the problem goes away, try bisecting your extensions to find out which one or combination leads to the problem. Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/2073016 Title: lock screen leaves left dock exposed and clickable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2073016/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2064192] Re: Unable to resize windows
** Package changed: ubuntu => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/2064192 Title: Unable to resize windows To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2064192/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2060389] Re: Lock screen doesn't prevent media keys from working
Hello Jussi, thanks for the report. I believe this is an intentional design choice -- if someone cannot stop music gently they may do so violently. Thanks ** Changed in: gnome-shell (Ubuntu) Status: New => Won't Fix -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/2060389 Title: Lock screen doesn't prevent media keys from working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2060389/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2058688] Re: gnome-shell crashed with SIGABRT
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/2058688 Title: gnome-shell crashed with SIGABRT To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2058688/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2046844] Re: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP
Scarlett, Simon and I had discussed preparing a small program that could prepare a wrapper profile: given a path to an appimage, it could emit a small profile to /etc/apparmor.d/ for the file, with the right attachment path and then load the profile. As I understand our new strategy, it would probably also have to include whatever capabilities that appimage uses as part of setting up the new namespaces -- ideally, it'd be the same capabilities from appimage to appimage. If there's some reasonable restraints on appimages, like using XDG_SOMETHING for user data storage, that might be nice, too. But that's harder to do. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to devhelp in Ubuntu. https://bugs.launchpad.net/bugs/2046844 Title: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/akregator/+bug/2046844/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2052832] Re: Desktop lock-screen is bypassed after switching to virtual tty on console
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/2052832 Title: Desktop lock-screen is bypassed after switching to virtual tty on console To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2052832/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2039354] Re: GDM does not prevent users with login shell /sbin/nologin from logging on
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/2039354 Title: GDM does not prevent users with login shell /sbin/nologin from logging on To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/2039354/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2036595] Re: vulnerability in libcue affects tracker-extract (GHSL-2023-197)
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to libcue in Ubuntu. https://bugs.launchpad.net/bugs/2036595 Title: vulnerability in libcue affects tracker-extract (GHSL-2023-197) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libcue/+bug/2036595/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2015423] Re: Correct password not accepted.
** Information type changed from Private Security to Public Security ** Package changed: gnome-screensaver (Ubuntu) => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/2015423 Title: Correct password not accepted. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2015423/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
Re: [Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking
On Mon, Apr 03, 2023 at 06:57:36AM -, Ralf Dünkelmann wrote: > the bug (https://bugs.launchpad.net/bugs/2013453), that nem000 created > was marked as a duplicate of this one. This is the case for most of the > related bugs listed here. So it seems that this here is the issue to go > ahead with? Heh, yeah, I'as surprised, I figured keeping newer implementations of this flaw separate from the older ones would have been the thing to do. FWIW I've been handing out the "the only safe thing to do is to lock your workstation before you walk away from it / suspend it" as advice for twenty years... Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1532508 Title: Screen contents revealed briefly on resume, before even unlocking To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking
nem000 I'm sure I've seen this bug fixed a dozen times in the last fifteen years or something. It's just a popular bug to re-implement. Please file a bug with 'ubuntu-bug gnome-shell' if you're using Gnome; replace 'gnome-shell' with whatever screenlocker you're using if you're on a different environment. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1532508 Title: Screen contents revealed briefly on resume, before even unlocking To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 2012672] Re: [lunar] Screen content is shown shortly when resuming from sleep
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/2012672 Title: [lunar] Screen content is shown shortly when resuming from sleep To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2012672/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1993844] Re: three finger gesture
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1993844 Title: three finger gesture To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1993844/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1988422] Re: device discoverable by default
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-bluetooth in Ubuntu. https://bugs.launchpad.net/bugs/1988422 Title: device discoverable by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-bluetooth/+bug/1988422/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1987981] Re: nautilus crashed with SIGSEGV in g_str_hash()
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to nautilus in Ubuntu. https://bugs.launchpad.net/bugs/1987981 Title: nautilus crashed with SIGSEGV in g_str_hash() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1987981/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1987228] Re: Bug display when turning to hibernation
** Information type changed from Private Security to Public Security ** Also affects: gnome-shell (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1987228 Title: Bug display when turning to hibernation To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1987228/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1983778] Re: Major security issue in Ubuntu Desktop default config - Removable Media
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-control-center in Ubuntu. https://bugs.launchpad.net/bugs/1983778 Title: Major security issue in Ubuntu Desktop default config - Removable Media To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/1983778/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1982422] Re: Multiple vulnerabilities in Bionic, Focal and Jammy
Thanks Luís, we'll have a look at this. What testing have you done with the resulting packages? Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gimp in Ubuntu. https://bugs.launchpad.net/bugs/1982422 Title: Multiple vulnerabilities in Bionic, Focal and Jammy To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gimp/+bug/1982422/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1982030] Re: POSIX is broken
Hello, please note, the bash(1) manpage describes when the ~/.profile is read: When bash is invoked as an interactive login shell, or as a non-interactive shell with the --login option, it first reads and executes commands from the file /etc/profile, if that file exists. After reading that file, it looks for ~/.bash_profile, ~/.bash_login, and ~/.profile, in that order, and reads and executes commands from the first one that exists and is readable. The --noprofile option may be used when the shell is started to inhibit this behavior. A shell started in a terminal is an interactive shell but not a login shell. What you probably want is ~/.profile: When an interactive shell that is not a login shell is started, bash reads and executes commands from /etc/bash.bashrc and ~/.bashrc, if these files exist. This may be inhibited by using the --norc option. The --rcfile file option will force bash to read and execute commands from file instead of /etc/bash.bashrc and ~/.bashrc. Thanks ** Changed in: gnome-session (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-session in Ubuntu. https://bugs.launchpad.net/bugs/1982030 Title: POSIX is broken To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-session/+bug/1982030/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1976478] Re: Telegram Desktop steals input on Lock screen
** Package changed: unity (Ubuntu) => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1976478 Title: Telegram Desktop steals input on Lock screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1976478/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1972889] Re: Screen reader reads the data while computer is locked
Good job Loaf :3 ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1972889 Title: Screen reader reads the data while computer is locked To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1972889/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1971429] Re: gnome shell
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1971429 Title: gnome shell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1971429/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1970206] Re: Cursor goes missing in games
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1970206 Title: Cursor goes missing in games To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1970206/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1967450] Re: When switching from 175% fractional scaling back to integer scaling, only a quarter of the screen is used
But who would keep that resolution when it sure *looks* broken? I can understand the "it's not new and we don't know how to fix it" :) but probably users won't know that they'll be fine after a reboot. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to mutter in Ubuntu. https://bugs.launchpad.net/bugs/1967450 Title: When switching from 175% fractional scaling back to integer scaling, only a quarter of the screen is used To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1967450/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1957716] Re: Update for CVE-2021-43860 and second github advisory
** Also affects: flatpak (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: flatpak (Ubuntu Impish) Importance: Undecided Status: New ** Also affects: flatpak (Ubuntu Bionic) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to flatpak in Ubuntu. https://bugs.launchpad.net/bugs/1957716 Title: Update for CVE-2021-43860 and second github advisory To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1957716/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1955081] Re: Right-click on terminal causing no demand to enter user's password
(At least I think gnome-shell is the current place to put the screenlocker bugs, please let me know if it's not.) See also LP: #49579 Thanks ** Information type changed from Private Security to Public Security ** Package changed: ubuntu => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1955081 Title: Right-click on terminal causing no demand to enter user's password To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1955081/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1947642] [NEW] ipv6 enabled despite 'disabled' setting?
Public bug reported: Hello, Periodically our OpenVPN sessions fail in such a way that automated tooling that talks to Launchpad will take minutes before timing out. See https://portal.admin.canonical.com/132804 for details. We've found that manually disabling ipv6 helps, eg: sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 The network-manager-openvpn portion of the bug is that we've got IPv6 set to "disabled" in the network manager vpn GUI. Somehow this isn't sufficient on its own. The sysctl does the trick. Thanks ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: network-manager-openvpn 1.8.12-1 ProcVersionSignature: Ubuntu 5.4.0-77.86-generic 5.4.119 Uname: Linux 5.4.0-77-generic x86_64 NonfreeKernelModules: lkp_Ubuntu_5_4_0_77_86_generic_81 lkp_Ubuntu_5_4_0_77_86_generic_79 zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu27.20 Architecture: amd64 CasperMD5CheckResult: skip Date: Mon Oct 18 23:55:49 2021 SourcePackage: network-manager-openvpn UpgradeStatus: Upgraded to focal on 2020-01-24 (633 days ago) ** Affects: network-manager-openvpn (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to network-manager-openvpn in Ubuntu. https://bugs.launchpad.net/bugs/1947642 Title: ipv6 enabled despite 'disabled' setting? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1947642/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1943480] [NEW] flatpak installation permission requirements different from ubuntu software
*** This bug is a security vulnerability *** Public security bug reported: https://lists.ubuntu.com/archives/technical-board/2021-June/002560.html The flatpak tools in Ubuntu have different rules for installing packages than we use in our software center or snap tools: https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1812456/comments/14 My summary: - polkit 'admin' users can configure new flatpak remotes, authenticated by password - unix 'wheel' group users can install and remove packages from configured flatpak remotes, without password This is in contrast to our apt and snap configuration, where only updates can be installed without authentication, but new packages require using sudo or a polkit 'admin' authentication to ensure a human is in the loop. Several arguments for leaving it alone: - the status quo - existing documentation - consistency in the flatpak ecosystem regardless of distribution - maintaining a delta from Debian for this would carry long-term costs Several arguments for making changes: - consistency in the Ubuntu experience - the wheel group has historical usage; growing the privileges available to the group in this fashion may not be welcome at all sites - installing software is often a restricted operation at many sites Possible changes: - always require password authentication when installing or removing packages - change the group that has magical unauthenticated powers - change the ubuntu software center and / or snap to match flatpak - document the behaviour in hardening guides and sysadmin guides Of course there may be reasons for, reasons against, or possible changes that I did not consider. At least one flavour is intending to include flatpaks via a deb post-inst script, perhaps in their default install, so the scope is extending a bit beyond the status quo "people who have chosen to install flatpak": https://lists.ubuntu.com/archives/ubuntu-release/2021-June/005235.html ** Affects: flatpak (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to flatpak in Ubuntu. https://bugs.launchpad.net/bugs/1943480 Title: flatpak installation permission requirements different from ubuntu software To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1943480/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1942542] Re: gedit causes loss of extended attributes (xattrs)
Nice find Alex; can you please report this to upstream gedit, and report back the bug url here so we can link them together? Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gedit in Ubuntu. https://bugs.launchpad.net/bugs/1942542 Title: gedit causes loss of extended attributes (xattrs) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gedit/+bug/1942542/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking
omid, this bug report covers too many unrelated packages to be useful at this point. If you're still seeing desktop contents during resume with a currently supported version of Ubuntu, please file a new bug report with details on the specific packages you're using and steps to reproduce the issue. There's no guarantee that it can be addressed but a new bug report with one specific configuration has a chance. Bug reports are free. Specific bugs can get fixed. Bugs that collect a bunch of unrelated things are rarely fixed, there's just too much noise to find anything useful. Because this bug (among several related bugs) returns in one or more screenlocker / desktop environment every year or two, the reliable answer is to always manually lock the screen before walking away from the computer. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1532508 Title: Screen contents revealed briefly on resume, before even unlocking To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1912060] Re: [SRU] caribou: Segfault (as regression of xorg CVE-2020-25712 fix) cause security issue for cinnamon
It appears that the Focal package has three separate patches for three different issues: - vala compilation - showing an 'e' submenu - undoing xf86 workaround, necessary after an xorg update and it appears that the Groovy package has these three same fixes but all squashed into one patch. Is this intentional? Normally it's better to keep separate fixes separate, so they can be more easily enabled/removed, or backed out when it's found they're not necessary years later. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to caribou in Ubuntu. https://bugs.launchpad.net/bugs/1912060 Title: [SRU] caribou: Segfault (as regression of xorg CVE-2020-25712 fix) cause security issue for cinnamon To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/caribou/+bug/1912060/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905758] Re: package libglib2.0-0:i386 2.66.1-2 failed to install/upgrade: dependency problems - leaving triggers unprocessed
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to glib2.0 in Ubuntu. https://bugs.launchpad.net/bugs/1905758 Title: package libglib2.0-0:i386 2.66.1-2 failed to install/upgrade: dependency problems - leaving triggers unprocessed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/1905758/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1905209] Re: gnome-screensaver is blocked by an application to lock screen
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1905209 Title: gnome-screensaver is blocked by an application to lock screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1905209/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1900314] Re: Privilege escalation using vulnerabilities in gdm3 and accountsservice (GHSL-2020-187, GHSL-2020-188, GHSL-2020-202)
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1900314 Title: Privilege escalation using vulnerabilities in gdm3 and accountsservice (GHSL-2020-187, GHSL-2020-188, GHSL-2020-202) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1900314/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
Re: [Bug 1896416] Re: screen locking no longer works
On Wed, Sep 23, 2020 at 10:14:57PM -, Tessa wrote: > Sep 23 15:07:58 boxxy gnome-shell[209336]: Screen lock is locked down, > not locking > > so it appears as if it thinks the screen is already locked, even though > I'm interacting with my session. and the dbus call doesn't have any way This message indicates that the screen lock has been disabled: https://sources.debian.org/src/gnome- shell/3.36.6-1/js/ui/screenShield.js/?hl=595#L595 I'm guessing that the setting may be named 'disable-lock-screen' in the 'org.gnome.desktop.lockdown' schema: https://sources.debian.org/src/gnome- shell/3.36.6-1/js/ui/screenShield.js/?hl=24#L24 try this to see the current value of the setting: gsettings get org.gnome.desktop.lockdown disable-lock-screen try this to change it: gsettings set org.gnome.desktop.lockdown disable-lock-screen false # or true, as needed I hope this helps. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1896416 Title: screen locking no longer works To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1896416/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1893277] Re: please provide an evince mailcap file
** Description changed: Hello; when I try to view PDFs from mutt, gimp is selected. Gimp is a very poor choice for viewing PDFs. I have evince installed, but evince is listed after gimp in my /etc/mailcap file. I tried to fix this by using the /etc/mailcap.order file but this failed: $ grep application/pdf /etc/mailcap application/pdf; gimp-2.10 %s; test=test -n "$DISPLAY" application/pdf; evince %s; test=test -n "$DISPLAY" $ cat /etc/mailcap.order ### # # Mailcap.order: This file allows a system-wide override of MIME program # preferences. See the mailcap.order(5) man page for more information. # # After modifying this file, be sure to run /usr/sbin/update-mime (as root) # to propagate the changes into the /etc/mailcap file. # qiv:image/* evince:application/pdf $ sudo update-mime Warning: package evince listed in /etc/mailcap.order does not have mailcap entries. $ dpkg -L evince | grep -i mailcap + $ dpkg -L evince-common | grep -i mailcap $ Thanks ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: evince 3.36.7-0ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-42.46-generic 5.4.44 Uname: Linux 5.4.0-42-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu27.6 Architecture: amd64 CasperMD5CheckResult: skip Date: Thu Aug 27 22:02:01 2020 ProcEnviron: - TERM=rxvt-unicode-256color - PATH=(custom, no user) - LANG=en_US.UTF-8 - SHELL=/bin/bash + TERM=rxvt-unicode-256color + PATH=(custom, no user) + LANG=en_US.UTF-8 + SHELL=/bin/bash SourcePackage: evince UpgradeStatus: Upgraded to focal on 2020-01-24 (216 days ago) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1893277 Title: please provide an evince mailcap file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1893277/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1893277] [NEW] please provide an evince mailcap file
Public bug reported: Hello; when I try to view PDFs from mutt, gimp is selected. Gimp is a very poor choice for viewing PDFs. I have evince installed, but evince is listed after gimp in my /etc/mailcap file. I tried to fix this by using the /etc/mailcap.order file but this failed: $ grep application/pdf /etc/mailcap application/pdf; gimp-2.10 %s; test=test -n "$DISPLAY" application/pdf; evince %s; test=test -n "$DISPLAY" $ cat /etc/mailcap.order ### # # Mailcap.order: This file allows a system-wide override of MIME program # preferences. See the mailcap.order(5) man page for more information. # # After modifying this file, be sure to run /usr/sbin/update-mime (as root) # to propagate the changes into the /etc/mailcap file. # qiv:image/* evince:application/pdf $ sudo update-mime Warning: package evince listed in /etc/mailcap.order does not have mailcap entries. $ dpkg -L evince | grep -i mailcap $ Thanks ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: evince 3.36.7-0ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-42.46-generic 5.4.44 Uname: Linux 5.4.0-42-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu27.6 Architecture: amd64 CasperMD5CheckResult: skip Date: Thu Aug 27 22:02:01 2020 ProcEnviron: TERM=rxvt-unicode-256color PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: evince UpgradeStatus: Upgraded to focal on 2020-01-24 (216 days ago) ** Affects: evince (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1893277 Title: please provide an evince mailcap file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1893277/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1893277] Re: please provide an evince mailcap file
Oh yes, this was reported by other people (though not in any useful way) at https://askubuntu.com/questions/1118437/promote-evince-in-etc- mailcap-order Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1893277 Title: please provide an evince mailcap file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1893277/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1892400] Re: Open text files with File manager (mouse won't release)
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to nautilus in Ubuntu. https://bugs.launchpad.net/bugs/1892400 Title: Open text files with File manager (mouse won't release) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1892400/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1890957] Re: [nvidia] My Night Light doesn't work at all.
** Information type changed from Public Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1890957 Title: [nvidia] My Night Light doesn't work at all. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1890957/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1891338] Re: apparmor misconfigured for envice
Hello Kenneth, can you please include the DENIED lines from dmesg output, /var/log/syslog, or /var/log/audit/audit.log ? Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1891338 Title: apparmor misconfigured for envice To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1891338/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1890358] Re: package gir1.2-rsvg-2.0:amd64 2.48.7-1ubuntu0.20.04.1 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to librsvg in Ubuntu. https://bugs.launchpad.net/bugs/1890358 Title: package gir1.2-rsvg-2.0:amd64 2.48.7-1ubuntu0.20.04.1 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/1890358/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1889091] Re: When saving a copy save dialog cannot create directory on nfs share (due to apparmor)
Sebastien, it's hard to be confident one way or another; @{HOME} was indeed written with the usual assumptions around home directories and it is likely to be used that way in profiles, written both by AppArmor upstream, Debian, Ubuntu, and whatever else profiles may be installed and in use. I'm sorry I can't be definitive, but it'd probably take a lot more context to be sure. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1889091 Title: When saving a copy save dialog cannot create directory on nfs share (due to apparmor) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1889091/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1889091] Re: When saving a copy save dialog cannot create directory on nfs share (due to apparmor)
That'll change evince's profile but leave everything else that uses @{HOME} broken. Edit /etc/apparmor.d/tunables/home.d/site.local to match your local configuration for home directory storage, and then run sudo apparmor_parser --replace /etc/apparmor.d/ -- this will reload the system-managed profiles but not profiles managed by other services. (A reboot will reload whatever ought to be reloaded at boot, but that might be inconvenient.) Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1889091 Title: When saving a copy save dialog cannot create directory on nfs share (due to apparmor) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1889091/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1881294] Re: Apparmor blocks evince GUI-Input-Dialogs
Hello Reinhard, please see the /etc/apparmor.d/tunables/home.d/site.local file, it describes how to add additional paths to the @{HOMEDIRS} variable, which should allow evince, and all other profiles that use @{HOME}, to function in your environment. Thanks ** Changed in: evince (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1881294 Title: Apparmor blocks evince GUI-Input-Dialogs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1881294/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1877746] Re: Lock screen not working
** Information type changed from Private Security to Public Security ** Package changed: xorg (Ubuntu) => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1877746 Title: Lock screen not working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1877746/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1876928] Re: no lock screen and no password prompt when laptop lid is opened.
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1876928 Title: no lock screen and no password prompt when laptop lid is opened. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1876928/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1875034] Re: login screen will put a character in the password box when pressing key to reomve lock screen
** Package changed: shadow (Ubuntu) => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1875034 Title: login screen will put a character in the password box when pressing key to reomve lock screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1875034/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1875038] Re: Lock screen not really functioning - Gnome Shell extensions visible and active even in lock screen
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1875038 Title: Lock screen not really functioning - Gnome Shell extensions visible and active even in lock screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1875038/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1871961] Re: gnome-shell-hotplug-sniffer crashed with SIGSEGV in g_str_hash()
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1871961 Title: gnome-shell-hotplug-sniffer crashed with SIGSEGV in g_str_hash() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1871961/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1871385] Re: gnome-control-center crashed with SIGSEGV in _cogl_gpu_info_parse_version_string()
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-control-center in Ubuntu. https://bugs.launchpad.net/bugs/1871385 Title: gnome-control-center crashed with SIGSEGV in _cogl_gpu_info_parse_version_string() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/1871385/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1867821] Re: gnome-calculator crashed with signal 5 in g_object_new_valist()
I didn't spot anything private in the logs; I'm setting this public so others can see it. Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-calculator in Ubuntu. https://bugs.launchpad.net/bugs/1867821 Title: gnome-calculator crashed with signal 5 in g_object_new_valist() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-calculator/+bug/1867821/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1867734] Re: GIMP Speicherzugriffsfehler
I didn't spot anything private in here, I'll open this so others can see it. Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gimp in Ubuntu. https://bugs.launchpad.net/bugs/1867734 Title: GIMP Speicherzugriffsfehler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gimp/+bug/1867734/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1866256] Re: Disabled animations breaks lock screen and other dialogs, reveals information from the screen without unlocking
Hello, possibly related to: https://bugs.launchpad.net/ubuntu/+bug/1866219 Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1866256 Title: Disabled animations breaks lock screen and other dialogs, reveals information from the screen without unlocking To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1866256/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1861373] Re: Random Restart Crash
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1861373 Title: Random Restart Crash To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1861373/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1861373] Re: Random Restart Crash
Hello Robert, you could try disabling extensions in gnome, or gnome- shell, or mutter; I have heard those are a common cause of stability issues. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1861373 Title: Random Restart Crash To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1861373/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1858964] Re: gnome-software crashed with SIGABRT in raise()
I don't see any private information, and while hitting an abort() isn't great, I think this being publicly visible may help discover how and why it was hit. Thanks ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-software in Ubuntu. https://bugs.launchpad.net/bugs/1858964 Title: gnome-software crashed with SIGABRT in raise() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-software/+bug/1858964/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1857902] Re: Thread-safety bugs in package libpoppler-glib8
Hello, I don't see much progress on the upstream bugs; do you know if progress has been reported elsewhere? Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to poppler in Ubuntu. https://bugs.launchpad.net/bugs/1857902 Title: Thread-safety bugs in package libpoppler-glib8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/poppler/+bug/1857902/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1850977] Re: Snap installs software without user having sudo access
Maciej, that looks like javascript polkit and I believe we're staying on the pre-javascript version of polkit. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-software in Ubuntu. https://bugs.launchpad.net/bugs/1850977 Title: Snap installs software without user having sudo access To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-software/+bug/1850977/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1786046] Re: Bypass Login Screen by replugging in external monitors
> /usr/local/lib/libssl.so.1.1: version `OPENSSL_1_1_1' not found It appears you may have a local install of openssl that is not compatible with other software on your system. I hope this helps. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1786046 Title: Bypass Login Screen by replugging in external monitors To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1786046/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1836124] Re: I couldn't interact with the screenlock
Hmm. The process I killed was most definitely gnome-screensaver. It might have been running in an LXD instance. This is strange. -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1836124 Title: I couldn't interact with the screenlock To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1836124/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1836124] [NEW] I couldn't interact with the screenlock
Public bug reported: Hello, I use i3lock to lock my screen. systemd starts gnome-screensaver when I suspend my laptop because I haven't figured out how to turn that off yet. Most of the time this is no big deal, I just have to unlock twice the five or six times a year I suspend my laptop. Today, however, I couldn't actually interact with the gnome-screensaver lock screen: - I resumed my laptop - I unlocked the already-running i3lock - The gnome-screensaver was running, showed the correct time in the center of the 'titlebar', showed my user name in the right side of the titlebar, and the mouse moved around fine. - I blindly typed my password and hit enter - The mouse pointer turned to a spinner for 20~40 seconds - The mouse pointer could move around, but couldn't interact with any screen elements - ctrl+alt+f1 etc worked fine to change virtual consoles I was only able to use my X11 session after manually killing the gnome- screensaver process from a shell. Thanks ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-screensaver (not installed) ProcVersionSignature: Ubuntu 4.15.0-50.54-generic 4.15.18 Uname: Linux 4.15.0-50-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.9-0ubuntu7.6 Architecture: amd64 Date: Wed Jul 10 15:05:31 2019 InstallationDate: Installed on 2012-10-18 (2456 days ago) InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120823.1) ProcEnviron: TERM=linux PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: gnome-screensaver UpgradeStatus: Upgraded to bionic on 2018-05-02 (435 days ago) ** Affects: gnome-screensaver (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1836124 Title: I couldn't interact with the screenlock To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1836124/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1803993] Re: Password appears on the VT1 screen
Use CVE-2018-20839. Thanks ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-20839 -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1803993 Title: Password appears on the VT1 screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1803993/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1828116] Re: Password works uppercase and lowercase
It's almost certainly unrelated to your report, but check out these errors in your logs: May 16 08:16:11 hostname /usr/lib/gdm3/gdm-x-session[1820]: /usr/bin/prime-supported: 38: /usr/bin/prime-supported: cannot create /var/log/prime-supported.log: Permission denied May 16 08:16:11 hostname /usr/lib/gdm3/gdm-x-session[1820]: /sbin/prime-offload: 30: /sbin/prime-offload: cannot create /var/log/prime-offload.log: Permission denied These may be indicative of further problems elsewhere in your video drivers. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1828116 Title: Password works uppercase and lowercase To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1828116/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1828124] Re: org.gnome.evolution.dataserver.Source completely unveils account credentials in plain text while using dbus-monitor
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evolution-data-server in Ubuntu. https://bugs.launchpad.net/bugs/1828124 Title: org.gnome.evolution.dataserver.Source completely unveils account credentials in plain text while using dbus-monitor To manage notifications about this bug go to: https://bugs.launchpad.net/evolution-data-server/+bug/1828124/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1825890] Re: Login password disclosure after 3rd logout
Possibly related to https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1803993 Thanks ** Also affects: plymouth (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1825890 Title: Login password disclosure after 3rd logout To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1825890/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1825890] Re: Login password disclosure after 3rd logout
Does this still happen after updating? Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1825890 Title: Login password disclosure after 3rd logout To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1825890/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1824578] Re: Screen lock doesn't lock Launcher (left-sidebar) and Status Menus (Indicators)
** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1824578 Title: Screen lock doesn't lock Launcher (left-sidebar) and Status Menus (Indicators) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1824578/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1819086] Re: Ubuntu 19.04: Dash-to Dock extension no longer working
** Information type changed from Private Security to Public Security ** Package changed: ubuntu => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1819086 Title: Ubuntu 19.04: Dash-to Dock extension no longer working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-dashtodock/+bug/1819086/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1814935] Re: Screen not locked when coming out of suspend/hibernate - Dock bar is visible
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1814935 Title: Screen not locked when coming out of suspend/hibernate - Dock bar is visible To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1814935/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1814388] Re: After switching users, I can see the passwords in /dev/tty1
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1814388 Title: After switching users, I can see the passwords in /dev/tty1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1814388/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1809567] Re: Password Information visible after logging out/visiting virtual terminal
Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1809567 Title: Password Information visible after logging out/visiting virtual terminal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1809567/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1723857] Re: onscreen keyboard appears whenever i touch touchscreen
** Information type changed from Public Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1723857 Title: onscreen keyboard appears whenever i touch touchscreen To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell/+bug/1723857/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1809567] Re: Password Information visible after logging out/visiting virtual terminal
Hello Gaussian, if you're still seeing this can you please run: apport-collect 1809567 to attach some package information and logs to this bug? Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1809567 Title: Password Information visible after logging out/visiting virtual terminal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1809567/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1808908] Re: Screen not locked when coming out of suspend/hibernate
Hmm, I don't follow the chain of events here. Ubuntu by default doesn't have a root password; if you've set one, that's fine, but it's probably a distraction here. Can you describe what specifically happened? Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1808908 Title: Screen not locked when coming out of suspend/hibernate To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1808908/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1808903] Re: cannot connect LG Smart TV using HDMI Cable
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1808903 Title: cannot connect LG Smart TV using HDMI Cable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1808903/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1808880] Re: crashes while adding feedback to package
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-software in Ubuntu. https://bugs.launchpad.net/bugs/1808880 Title: crashes while adding feedback to package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-software/+bug/1808880/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1803993] Re: Password appears on the VT1 screen
Thanks Thomas ** Changed in: gdm3 (Ubuntu) Status: Incomplete => New ** Changed in: plymouth (Ubuntu) Status: Incomplete => New -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1803993 Title: Password appears on the VT1 screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1803993/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1803993] Re: Password appears on the VT1 screen
Hello Thomas, sadly you only got half of the version number. Can you please paste in the full version number? Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1803993 Title: Password appears on the VT1 screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1803993/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1804031] Re: gnome-shell crashed with SIGSEGV in clutter_x11_handle_event()
Could you remove all the gnome extensions you've got installed and try again? I understand those are pretty brittle. Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1804031 Title: gnome-shell crashed with SIGSEGV in clutter_x11_handle_event() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1804031/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1803993] Re: GDM is Exploitable as a Password Collector
Hello Thomas, can you please report back what version of plymouth you have installed? dpkg -l plymouth | grep ^ii Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1803993 Title: GDM is Exploitable as a Password Collector To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1803993/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1798725] Re: gvfs may crash when parsing non-valid UTF8 in autorun.inf
What does an autorun.inf file do? If an autorun.inf file can tell gvfs to execute something directly, then it's probably not too critical that a malicious one can cause memory errors in gvfs. It could probably just have an evil payload as a command. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gvfs in Ubuntu. https://bugs.launchpad.net/bugs/1798725 Title: gvfs may crash when parsing non-valid UTF8 in autorun.inf To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gvfs/+bug/1798725/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
Re: [Bug 1448778] Re: Evince fails to display some fonts (some font thing failed)
On Sat, Oct 13, 2018 at 06:54:59PM -, bitinerant wrote: > I appreciate the suggestions, but none quite fit my use case. It's > really 2 users wanting to share the fonts--one owns them and the other > has a symlink. If I put them in /usr/local/share/fonts/ then they don't > get backed up and can't be modified. I think the simplest option for me > is to use the extra 74 MB and make a copy for each user. Heh, indeed, "fonts that might be changed" never crossed my mind! > Do you agree, however, that it would be helpful to display a message for > the user rather than empty space in their PDF? Absolutely agreed. I'd expect a fallback to a font that *is* available and a notice in a status bar that fonts have been replaced due to errors. Nothing that would make a user *click* on anything but that would clearly explain the issue for a user curious why a document doesn't look right. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1448778 Title: Evince fails to display some fonts (some font thing failed) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1448778/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1448778] Re: Evince fails to display some fonts (some font thing failed)
Nearly all the AppArmor rules provided by upstream AppArmor include 'owner' prefixes on files and directories within user home directories. This is intentional -- for example, the file includes: owner @{HOME}/.fonts.conf r, owner @{HOME}/.fonts/ r, owner @{HOME}/.fonts/** r, owner @{HOME}/.local/share/fonts/ r, owner @{HOME}/.local/share/fonts/** r, owner @{HOME}/.fonts.cache-2 mr, owner @{HOME}/.{,cache/}fontconfig/ r, owner @{HOME}/.{,cache/}fontconfig/** mrl, owner @{HOME}/.fonts.conf.d/ r, owner @{HOME}/.fonts.conf.d/**r, owner @{HOME}/.config/fontconfig/ r, owner @{HOME}/.config/fontconfig/** r, /usr/local/share/fonts/ r, /usr/local/share/fonts/** r, Whoever owns the fonts in your ~/.fonts/ directory can probably gain execution privileges by whatever program is rendering the fonts. You could store your fonts in /usr/local/share/fonts/ if they are appropriate for multiple users on the system. Or you could amend /etc/apparmor.d/local/usr.bin.evince if you want these fonts to be available to evince without storing them in /usr/local/share/fonts/. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1448778 Title: Evince fails to display some fonts (some font thing failed) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1448778/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1796554] Re: seahorse crashed with SIGSEGV in g_variant_unref()
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to seahorse in Ubuntu. https://bugs.launchpad.net/bugs/1796554 Title: seahorse crashed with SIGSEGV in g_variant_unref() To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/seahorse/+bug/1796554/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1796284] Re: package gir1.2-mutter-2:amd64 3.28.3-2~ubuntu18.04.1 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to mutter in Ubuntu. https://bugs.launchpad.net/bugs/1796284 Title: package gir1.2-mutter-2:amd64 3.28.3-2~ubuntu18.04.1 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mutter/+bug/1796284/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1795140] Re: Gnome Desktop -- After Usermode Application Crashes, Reveals User Passwords by Pressing Ctrl+Alt+F1
Hello Thomas, please see if this addresses your issue: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1767918 Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-desktop in Ubuntu. https://bugs.launchpad.net/bugs/1795140 Title: Gnome Desktop -- After Usermode Application Crashes, Reveals User Passwords by Pressing Ctrl+Alt+F1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-desktop/+bug/1795140/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1795140] Re: Gnome Desktop -- After Usermode Application Crashes, Reveals User Passwords by Pressing Ctrl+Alt+F1
Hello Thomas, thanks for the bug report. I'm pretty sure I've seen an open bug for the passwords-on-vt1 recently, but I'm currently having trouble tracking it down. Good luck with your hardware issues. Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-desktop in Ubuntu. https://bugs.launchpad.net/bugs/1795140 Title: Gnome Desktop -- After Usermode Application Crashes, Reveals User Passwords by Pressing Ctrl+Alt+F1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-desktop/+bug/1795140/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1791454] Re: system-monitor produces many apparmor permission denied warnings
If this bug is about a snap package you should probably open a report with the snap author. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-system-monitor in Ubuntu. https://bugs.launchpad.net/bugs/1791454 Title: system-monitor produces many apparmor permission denied warnings To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-system-monitor/+bug/1791454/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1788740] Re: Upgrade from 16.04 to 18.04 failed with authentication error
** Information type changed from Private Security to Public ** Package changed: gdm3 (Ubuntu) => ubuntu-release-upgrader (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1788740 Title: Upgrade from 16.04 to 18.04 failed with authentication error To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1788740/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1787277] Re: gdm3 freezes then locks out user after upgrade from 16.04 to 18.04
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1787277 Title: gdm3 freezes then locks out user after upgrade from 16.04 to 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1787277/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking
Florian, please file a new bug against whatever packages kubuntu uses for screen locking for this. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1532508 Title: Screen contents revealed briefly on resume, before even unlocking To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1772919] Re: pam-gnome-keyring.so reveals user’s password credential as a plaintext form
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1772919 Title: pam-gnome-keyring.so reveals user’s password credential as a plaintext form To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-keyring/+bug/1772919/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1770547] [NEW] X11 failsafe was not very useful
Public bug reported: Hello, after upgrading from 16.04 LTS to 18.04 LTS I had a non-working X11 configuration. The first dialog box said: The system is running in low- graphics mode Your screen, graphics card, and input device settings could not be detected correctly. You will need to configure these yourself. [ OK ] The next dialog box had four options: [ ] Try running with default graphical mode [ ] Reconfigure graphics [ ] Troubleshoot the error [ ] Exit to console login [ Cancel ] [ OK ] Try running with default graphical mode --> didn't work, returned Reconfigure graphics --> a new dialog box: How would you like to reconfigure your display? [ ] Use default (generic) configuration [ ] Use your backed-up configuration [ Cancel ] [ OK ] (probably OK, my photo cut it off) Neither option worked. Troubleshoot the error --> a new dialog box: What information would you like to review? [ ] Review the xserver log file [ ] Review the startup errors [ ] Edit configuration file Review the xserver log file --> A new dialog box, with the log file. I can't recall what the "startup errors" button did. The "Edit configuration file" button didn't do anything useful. There was a lot of interaction options in this whole experience but the only ones that actually worked were (a) show the log file (which wasn't actually useful, but I was grateful for it) (b) exit to console login. That actually worked pretty well. I'm sorry I waited too long to report the bug, now my memory is pretty fuzzy. I just remember that not enough of this system worked to justify keeping it. Maybe that's due to local errors, the upgrade didn't go well, but that's precisely when such an interface will be needed most. Thanks ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gdm3 (not installed) ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 Uname: Linux 4.15.0-20-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 Date: Thu May 10 20:07:24 2018 InstallationDate: Installed on 2012-10-18 (2030 days ago) InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120823.1) ProcEnviron: TERM=rxvt-unicode-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: gdm3 UpgradeStatus: Upgraded to bionic on 2018-05-02 (9 days ago) ** Affects: gdm3 (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1770547 Title: X11 failsafe was not very useful To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1770547/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1768494] Re: Screen lock doesn't cover the whole screen
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1768494 Title: Screen lock doesn't cover the whole screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1768494/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
Re: [Bug 1767618] Re: system Brightness & Lock app ignores file permissions
On Wed, May 02, 2018 at 07:07:51AM -, steve gooberman-hill wrote: > I'm agreed that this is the way the system permissions work. But, did you > see the comment I added to the bug report? Hi Steve, indeed I did. > Further investigation shows that file ownership is also ignored > If I change the ownership and permissions of the file, then they are > ignored by the Brightness & Lock app > > eve@steve-laptop:~$ ls -l ~/.config/dconf/user > -rw-r--r-- 1 steve eve 15965 Apr 28 10:37 /home/eve/.config/dconf/user > > ==> Alter lock settings using "Brightness & Lock" app > > eve@steve-laptop:~$ ls -l ~/.config/dconf/user > -rw-rw-r-- 1 eve eve 15965 Apr 28 11:13 /home/eve/.config/dconf/user > > > Eve is no longer the file owner, but is in the group (and she is not in the > sudo group), so I don't believe that any process she is running should be > able to change the file permissions and ownership. So I am guessing that > the screen locking process is either not run by the user, or it is running > with elevated privileges, which enable it to overwrite the file with a > different privilege set. Eve owns the directory /home/eve/.config/dconf/. Thus a process running as Eve can unlink() any file in this directory regardless of who owns the file or what permissions are on the file. Then it creates a new file with any contents -- as you've seen here. > However, I am not convinced that the existing behaviour is desirable - > because the screen locking process appears not to check the file > permissions and ownership, and uses it's elevated privilege status to > overwrite them. The screen locking mechanism does not have elevated privileges. It just runs as her. The assumption is she's the one who wants to protect her session when she walks away momentarily. > PS. FWIW Eve is thankfully not interested in Unix system hacking. Social > engineering on her parents seems a better way to get increased access to > funny cat videos :-) Such a pity, I've heard there's a world-wide shortfall of roughly a million information security professionals. Practicing how to bypass access controls on childhood computers is a time-honoured traditional education for the field. Of course social engineering is also a useful skill. :) Thanks Steve -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1767618 Title: system Brightness & Lock app ignores file permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1767618/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1767918] Re: Login password is shown in plain text when shutting down
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/1767918 Title: Login password is shown in plain text when shutting down To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1767918/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1767618] Re: system Brightness & Lock app ignores file permissions
This is the way Unix discretionary access controls work. So long as the files are in Eve's home directory, and she retains ownership of her home directory, she will be able to rename the ~/.config/ directory and continue on as she wishes. Furthermore, the screen locking is handled by a process that runs as her user account in her user session. She could simply attach a debugger to it and lock it solid. Or she could write a little program to keep the X11 session 'active' and thus keep the screen from locking. Or she could click on a menu entry every time she walks away from the computer to keep the screen from locking. Or she could write her own screen locking program that would act as she wishes. You could try using the shadow 'lock account' tools; note that this is trivial to bypass if she can sit at the computer during bootup, unless you also take steps to lock the hard drive, lock the bios, and lock the grub configuration. But it cannot help you enforce screen locking when you wish. Not much short of forcibly killing her processes or rebooting the machine will help. Thanks -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1767618 Title: system Brightness & Lock app ignores file permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1767618/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 1767618] Re: system Brightness & Lock app ignores file permissions
** Information type changed from Private Security to Public Security ** Changed in: gnome-screensaver (Ubuntu) Status: New => Won't Fix -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchpad.net/bugs/1767618 Title: system Brightness & Lock app ignores file permissions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-screensaver/+bug/1767618/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs