[Desktop-packages] [Bug 2041751] Re: RM: Remove dangerously insecure MPPE PPTP from Ubuntu

[Seth Arnold]

Hey James, thanks for maintaining pptpd for so many years. I know I'm
cranky when old software I use is removed just because it's no longer in
fashion. But we do try to move people to safer protocols and safer
programs over time.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager-pptp in Ubuntu.
https://bugs.launchpad.net/bugs/2041751

Title:
  RM: Remove dangerously insecure MPPE PPTP from Ubuntu

Status in Release Notes for Ubuntu:
  New
Status in linux package in Ubuntu:
  New
Status in network-manager-pptp package in Ubuntu:
  New
Status in pptp-linux package in Ubuntu:
  New
Status in pptpd package in Ubuntu:
  Fix Released

Bug description:
  Remove dangerously insecure MPPE PPTP from Ubuntu

  https://pptpclient.sourceforge.net/protocol-security.phtml

  It has been dead for over 20 years now.

  Current Windows versions natively support IPSec and L2TP as much
  better alternatives.

  https://learn.microsoft.com/en-us/windows/win32/fwp/ipsec-
  configuration#how-to-use-wfp-to-configure-ipsec-policies

  https://learn.microsoft.com/en-US/troubleshoot/windows-
  server/networking/configure-l2tp-ipsec-server-behind-nat-t-device

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-release-notes/+bug/2041751/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2063536] Re: flickering screen

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/2063536

Title:
  flickering screen

Status in xorg package in Ubuntu:
  New

Bug description:
  automatically refresh and hang

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 6.5.0-28.29~22.04.1-generic 6.5.13
  Uname: Linux 6.5.0-28-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.5
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: pass
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Fri Apr 26 08:44:25 2024
  DistUpgraded: Fresh install
  DistroCodename: jammy
  DistroVariant: ubuntu
  DkmsStatus:
   rtbth/3.9.8, 6.5.0-27-generic, x86_64: installed
   rtbth/3.9.8, 6.5.0-28-generic, x86_64: installed
  ExtraDebuggingInterest: Yes
  GraphicsCard:
   Intel Corporation CometLake-S GT2 [UHD Graphics 630] [8086:9bc5] (rev 05) 
(prog-if 00 [VGA controller])
 Subsystem: Micro-Star International Co., Ltd. [MSI] CometLake-S GT2 [UHD 
Graphics 630] [1462:7d82]
  InstallationDate: Installed on 2024-04-16 (9 days ago)
  InstallationMedia: Ubuntu 22.04.4 LTS "Jammy Jellyfish" - Release amd64 
(20240220)
  Lsusb:
   Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
   Bus 001 Device 002: ID 093a:2510 Pixart Imaging, Inc. Optical Mouse
   Bus 001 Device 003: ID 1a2c:0e24 China Resource Semico Co., Ltd USB Keyboard
   Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
  Lsusb-t:
   /:  Bus 02.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/4p, 2M/x2
   /:  Bus 01.Port 1: Dev 1, Class=root_hub, Driver=xhci_hcd/16p, 480M
   |__ Port 9: Dev 2, If 0, Class=Human Interface Device, Driver=usbhid, 
1.5M
   |__ Port 10: Dev 3, If 0, Class=Human Interface Device, Driver=usbhid, 
1.5M
   |__ Port 10: Dev 3, If 1, Class=Human Interface Device, Driver=usbhid, 
1.5M
  MachineType: Micro-Star International Co., Ltd. MS-7D82
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.5.0-28-generic 
root=UUID=5d5b2975-ec40-4c41-919c-f0c2ecc1a822 ro quiet splash vt.handoff=7
  SourcePackage: xorg
  Symptom: display
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 03/24/2022
  dmi.bios.release: 5.19
  dmi.bios.vendor: American Megatrends International, LLC.
  dmi.bios.version: 1.22
  dmi.board.asset.tag: Default string
  dmi.board.name: PRO H410M-B(MS-7D82)
  dmi.board.vendor: Micro-Star International Co., Ltd.
  dmi.board.version: 1.0
  dmi.chassis.asset.tag: Default string
  dmi.chassis.type: 3
  dmi.chassis.vendor: Micro-Star International Co., Ltd.
  dmi.chassis.version: 1.0
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInternational,LLC.:bvr1.22:bd03/24/2022:br5.19:svnMicro-StarInternationalCo.,Ltd.:pnMS-7D82:pvr1.0:rvnMicro-StarInternationalCo.,Ltd.:rnPROH410M-B(MS-7D82):rvr1.0:cvnMicro-StarInternationalCo.,Ltd.:ct3:cvr1.0:skuDefaultstring:
  dmi.product.family: Default string
  dmi.product.name: MS-7D82
  dmi.product.sku: Default string
  dmi.product.version: 1.0
  dmi.sys.vendor: Micro-Star International Co., Ltd.
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.113-2~ubuntu0.22.04.1
  version.libgl1-mesa-dri: libgl1-mesa-dri 23.2.1-1ubuntu3.1~22.04.2
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core 2:21.1.4-2ubuntu1.7~22.04.10
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2ubuntu1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.17-2build1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/2063536/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2061249] Re: remmina crashed with SIGABRT in freerdp_settings_get_bool()

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to remmina in Ubuntu.
https://bugs.launchpad.net/bugs/2061249

Title:
  remmina crashed with SIGABRT in freerdp_settings_get_bool()

Status in remmina package in Ubuntu:
  Invalid

Bug description:
  erro ao conectar

  ProblemType: Crash
  DistroRelease: Ubuntu 24.04
  Package: remmina 1.4.35+dfsg-0ubuntu4
  ProcVersionSignature: Ubuntu 6.8.0-22.22-generic 6.8.1
  Uname: Linux 6.8.0-22-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  ApportVersion: 2.28.0-0ubuntu1
  Architecture: amd64
  CasperMD5CheckResult: pass
  CrashCounter: 1
  CurrentDesktop: ubuntu:GNOME
  Date: Sat Apr 13 17:22:43 2024
  ExecutablePath: /usr/bin/remmina
  InstallationDate: Installed on 2024-04-13 (0 days ago)
  InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Beta amd64 (20240410.2)
  JournalErrors: -- No entries --
  ProcCmdline: /usr/bin/remmina
  ProcEnviron:
   LANG=pt_BR.UTF-8
   PATH=(custom, no user)
   SHELL=/bin/bash
   XDG_RUNTIME_DIR=
  Signal: 6
  SignalName: SIGABRT
  SourcePackage: remmina
  StacktraceTop:
   ?? () from /lib/x86_64-linux-gnu/libfreerdp3.so.3
   freerdp_settings_get_bool () from /lib/x86_64-linux-gnu/libfreerdp3.so.3
   ?? () from /usr/lib/x86_64-linux-gnu/remmina/plugins/remmina-plugin-rdp.so
   ?? () from /usr/lib/x86_64-linux-gnu/remmina/plugins/remmina-plugin-rdp.so
   start_thread (arg=) at ./nptl/pthread_create.c:447
  Title: remmina crashed with SIGABRT in freerdp_settings_get_bool()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lpadmin plugdev sudo users
  separator:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/remmina/+bug/2061249/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2060389] Re: Lock screen doesn't prevent media keys from working

[Seth Arnold]

Hello Jussi, thanks for the report. I believe this is an intentional
design choice -- if someone cannot stop music gently they may do so
violently.

Thanks

** Changed in: gnome-shell (Ubuntu)
   Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/2060389

Title:
  Lock screen doesn't prevent media keys from working

Status in gnome-shell package in Ubuntu:
  Won't Fix

Bug description:
  Steps to reproduce:

  1) Open a music player e.g. Audacious with some music content
  2) Lock the screen
  3) Press Play/Pause media button (I'm using an Apple USB keyboard)

  What happens:

  Audacious starts playing music.

  What should happen:

  Nothing, because the screen is locked.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: gnome-shell 42.9-0ubuntu2
  ProcVersionSignature: Ubuntu 5.15.0-100.110-generic 5.15.143
  Uname: Linux 5.15.0-100-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset 
nvidia
  ApportVersion: 2.20.11-0ubuntu82.5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Sun Apr  7 17:55:16 2024
  DisplayManager: gdm3
  InstallationDate: Installed on 2019-11-09 (1610 days ago)
  InstallationMedia: Ubuntu 18.04.3 LTS "Bionic Beaver" - Release amd64 
(20190805)
  RelatedPackageVersions: mutter-common 42.9-0ubuntu5
  SourcePackage: gnome-shell
  UpgradeStatus: Upgraded to jammy on 2023-01-02 (460 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2060389/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2058688] Re: gnome-shell crashed with SIGABRT

[Seth Arnold]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/2058688

Title:
  gnome-shell crashed with SIGABRT

Status in gnome-shell package in Ubuntu:
  Invalid

Bug description:
  this ubuntu having some bug i dont know what is the issue

  ProblemType: Crash
  DistroRelease: Ubuntu 24.04
  Package: gnome-shell 45.3-1ubuntu1
  ProcVersionSignature: Ubuntu 6.8.0-11.11-generic 6.8.0-rc4
  Uname: Linux 6.8.0-11-generic x86_64
  ApportVersion: 2.28.0-0ubuntu1
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Fri Mar 22 00:22:29 2024
  DisplayManager: gdm3
  ExecutablePath: /usr/bin/gnome-shell
  InstallationDate: Installed on 2024-03-21 (0 days ago)
  InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Daily amd64 (20240320.1)
  ProcCmdline: /usr/bin/gnome-shell
  ProcEnviron:
   LANG=en_US.UTF-8
   PATH=(custom, no user)
   SHELL=/bin/bash
   XDG_RUNTIME_DIR=
  RelatedPackageVersions: mutter-common 45.3-1ubuntu1
  Signal: 6
  SignalName: SIGABRT
  SourcePackage: gnome-shell
  Stacktrace:
   #0  0x7811f7e9eb1c in ?? ()
   No symbol table info available.
   Backtrace stopped: Cannot access memory at address 0x7fffe6341970
  StacktraceTop: ?? ()
  Title: gnome-shell crashed with SIGABRT
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lpadmin plugdev sudo users
  separator:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2058688/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2019951] Re: [MIR] libmysofa

[Seth Arnold]

** Changed in: libmysofa (Ubuntu)
   Status: New => Won't Fix

** Changed in: libmysofa (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libmysofa in Ubuntu.
https://bugs.launchpad.net/bugs/2019951

Title:
  [MIR] libmysofa

Status in libmysofa package in Ubuntu:
  Won't Fix

Bug description:
  [Availability]
  The package libmysofa is already in Ubuntu universe.
  The package libmysofa build for the architectures it is designed to work on.
  It currently builds and works for architetcures: amd64 arm64 armhf i386 
ppc64el riscv64 s390x
  Link to package https://launchpad.net/ubuntu/+source/libmysofa

  [Rationale]
  - The package libmysofa is required in Ubuntu main as a (optional) depends of 
pipewire
  - the library parses spatial audio files which are used by 3D audio systems
  - the libmysofa1 binary needs to be promoted

  - There is no other/better way to solve this that is already in main or
    should go universe->main instead of this.

  - The package libmysofa is required in Ubuntu main no later than August 17th
    due to mantic feature freeze

  [Security]
  - Had 15 security issues in the past which seemed all addressed now in the 
current serie, https://ubuntu.com/security/cves?package=libmysofa
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16095
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16094
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16093
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16092
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16091
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10672
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3756
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6860
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20063
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20016
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36152
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36151
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36150
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36149
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36148

  those are also listed in https://security-
  tracker.debian.org/tracker/source-package/libmysofa

  - no `suid` or `sgid` binaries
  - no executables in `/sbin` and `/usr/sbin`
  - Package does not install services, timers or recurring jobs
  - Packages does not open privileged ports (ports < 1024)
  - Packages does not contain extensions to security-sensitive software

  [Quality assurance - function/usage]
  - The package works well right after install

  [Quality assurance - maintenance]
  - The package is maintained well in Debian/Ubuntu/Upstream and only has minor 
open bugs
    - Ubuntu https://bugs.launchpad.net/ubuntu/+source/libmysofa/+bug
    - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libmysofa
    - Upstream https://github.com/hoene/libmysofa/issues
  - The package does not deal with exotic hardware we cannot support

  [Quality assurance - testing]
  - The package runs a test suite on build time, if it fails
    it makes the build fail, link to build log 
https://launchpadlibrarian.net/31466/buildlog_ubuntu-mantic-amd64.libmysofa_1.3.1~dfsg0-1ubuntu1_BUILDING.txt.gz

  - The package runs an autopkgtest, and is currently passing on
    amd64 arm64 armhf ppc64el s390x
  https://autopkgtest.ubuntu.com/packages/libm/libmysofa

  - The tests fail on i386 due to installability issues of depends which
  isn't an issue

  [Quality assurance - packaging]
  - debian/watch is present and works

  - debian/control defines a correct Maintainer

  - This package has no lintian warnings

  - Please link to a recent build log of the package
  
https://launchpadlibrarian.net/632293649/buildlog_ubuntu-lunar-amd64.libmysofa_1.3.1~dfsg0-1_BUILDING.txt.gz
  - Please attach the full output you have got from `lintian --pedantic`

  # lintian --pedantic libmysofa_1.3.1~dfsg0-1_amd64.changes
  #

  - Lintian overrides are not present

  - This package does not rely on obsolete or about to be demoted packages.
  - This package has no python2 or GTK2 dependencies

  - The package will be installed by default, but does not ask debconf
  questions

  - Packaging and build is easy, link to debian/rules
  https://salsa.debian.org/multimedia-
  team/libmysofa/-/blob/master/debian/rules

  [UI standards]
  - Application is not end-user facing (does not need translation)

  [Dependencies]
  - No further depends or recommends dependencies that are not yet in main

  [Standards compliance]
  - This package correctly follows FHS and Debian Policy

[Desktop-packages] [Bug 2055521] Re: Xorg freeze

[Seth Arnold]

Hello, thanks for the bug report. I suggest taking your dmesg output
(from CurrentDmesg.txt) to the virtualbox developers, it looks very
unhappy.

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/2055521

Title:
  Xorg freeze

Status in xorg package in Ubuntu:
  New

Bug description:
  System is freeze after opening browsers

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 6.5.0-21.21~22.04.1-generic 6.5.8
  Uname: Linux 6.5.0-21-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.5
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: pass
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Fri Mar  1 11:59:12 2024
  DistUpgraded: Fresh install
  DistroCodename: jammy
  DistroVariant: ubuntu
  ExtraDebuggingInterest: No
  GraphicsCard:
   Intel Corporation TigerLake-LP GT2 [Iris Xe Graphics] [8086:9a49] (rev 01) 
(prog-if 00 [VGA controller])
 Subsystem: Dell TigerLake-LP GT2 [Iris Xe Graphics] [1028:0ab0]
 Subsystem: Dell GP107M [GeForce MX350] [1028:0ab0]
  InstallationDate: Installed on 2023-12-11 (80 days ago)
  InstallationMedia: Ubuntu 22.04.3 LTS "Jammy Jellyfish" - Release amd64 
(20230807.2)
  Lsusb:
   Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
   Bus 001 Device 003: ID 0c45:6730 Microdia Integrated_Webcam_HD
   Bus 001 Device 004: ID 0bda:c829 Realtek Semiconductor Corp. Bluetooth Radio 
   Bus 001 Device 002: ID 3554:fc03 CX 2.4G Receiver
   Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
  MachineType: Dell Inc. Inspiron 15 3511
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.5.0-21-generic 
root=UUID=400f7ddd-5dab-4879-8016-60995117717f ro quiet splash vt.handoff=7
  SourcePackage: xorg
  Symptom: display
  Title: Xorg freeze
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 12/19/2023
  dmi.bios.release: 1.26
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: 1.26.0
  dmi.board.name: 0YX04V
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A00
  dmi.chassis.type: 10
  dmi.chassis.vendor: Dell Inc.
  dmi.modalias: 
dmi:bvnDellInc.:bvr1.26.0:bd12/19/2023:br1.26:svnDellInc.:pnInspiron153511:pvr:rvnDellInc.:rn0YX04V:rvrA00:cvnDellInc.:ct10:cvr:sku0AB0:
  dmi.product.family: Inspiron
  dmi.product.name: Inspiron 15 3511
  dmi.product.sku: 0AB0
  dmi.sys.vendor: Dell Inc.
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.113-2~ubuntu0.22.04.1
  version.libgl1-mesa-dri: libgl1-mesa-dri 23.2.1-1ubuntu3.1~22.04.2
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core 2:21.1.4-2ubuntu1.7~22.04.8
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2ubuntu1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.17-2build1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/2055521/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2055135] Re: [CREF-XX, Conexant SN6140, Black Headphone Out, Left] No sound at all

[Seth Arnold]

I suggest talking with the virtualbox devs:

[4.040754] UBSAN: array-index-out-of-bounds in
/tmp/vbox.0/common/log/log.c:1791:41

It may or may not be related to your audio issues, but it can't be good.

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/2055135

Title:
  [CREF-XX, Conexant SN6140, Black Headphone Out, Left] No sound at all

Status in alsa-driver package in Ubuntu:
  New

Bug description:
  ubuntu-bug -s audio

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: alsa-base 1.0.25+dfsg-0ubuntu7
  ProcVersionSignature: Ubuntu 6.5.0-21.21~22.04.1-generic 6.5.8
  Uname: Linux 6.5.0-21-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.5
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  ronalp 2069 F pulseaudio
   /dev/snd/pcmC0D0p:   ronalp 2069 F...m pulseaudio
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Feb 27 16:55:13 2024
  InstallationDate: Installed on 2024-02-27 (0 days ago)
  InstallationMedia: Ubuntu 22.04.4 LTS "Jammy Jellyfish" - Release amd64 
(20240220)
  PackageArchitecture: all
  SourcePackage: alsa-driver
  Symptom: audio
  Symptom_AlsaPlaybackTest: ALSA playback test through plughw:sofhdadsp failed
  Symptom_Card: sof-hda-dsp - sof-hda-dsp
  Symptom_DevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  ronalp 2069 F pulseaudio
   /dev/snd/pcmC0D0p:   ronalp 2069 F...m pulseaudio
  Symptom_Jack: Black Headphone Out, Left
  Symptom_Type: No sound at all
  Title: [CREF-XX, Conexant SN6140, Black Headphone Out, Left] No sound at all
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 08/11/2023
  dmi.bios.release: 1.24
  dmi.bios.vendor: HUAWEI
  dmi.bios.version: 1.24
  dmi.board.asset.tag: N/A
  dmi.board.name: CREF-XX-PCB
  dmi.board.vendor: HUAWEI
  dmi.board.version: M1010
  dmi.chassis.asset.tag: N/A
  dmi.chassis.type: 10
  dmi.chassis.vendor: HUAWEI
  dmi.chassis.version: M1010
  dmi.ec.firmware.release: 1.24
  dmi.modalias: 
dmi:bvnHUAWEI:bvr1.24:bd08/11/2023:br1.24:efr1.24:svnHUAWEI:pnCREF-XX:pvrM1010:rvnHUAWEI:rnCREF-XX-PCB:rvrM1010:cvnHUAWEI:ct10:cvrM1010:skuC233:
  dmi.product.family: MateBook
  dmi.product.name: CREF-XX
  dmi.product.sku: C233
  dmi.product.version: M1010
  dmi.sys.vendor: HUAWEI

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/2055135/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2046844] Re: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP

[Seth Arnold]

Scarlett, Simon and I had discussed preparing a small program that could
prepare a wrapper profile: given a path to an appimage, it could emit a
small profile to /etc/apparmor.d/ for the file, with the right
attachment path and then load the profile.

As I understand our new strategy, it would probably also have to include
whatever capabilities that appimage uses as part of setting up the new
namespaces -- ideally, it'd be the same capabilities from appimage to
appimage.

If there's some reasonable restraints on appimages, like using
XDG_SOMETHING for user data storage, that might be nice, too. But that's
harder to do.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to bubblewrap in Ubuntu.
https://bugs.launchpad.net/bugs/2046844

Title:
  AppArmor user namespace creation restrictions cause many applications
  to crash with SIGTRAP

Status in akregator package in Ubuntu:
  Fix Released
Status in angelfish package in Ubuntu:
  In Progress
Status in apparmor package in Ubuntu:
  Confirmed
Status in bubblewrap package in Ubuntu:
  Confirmed
Status in cantor package in Ubuntu:
  Fix Released
Status in devhelp package in Ubuntu:
  Confirmed
Status in digikam package in Ubuntu:
  Fix Released
Status in epiphany-browser package in Ubuntu:
  Confirmed
Status in evolution package in Ubuntu:
  Confirmed
Status in falkon package in Ubuntu:
  Fix Released
Status in freecad package in Ubuntu:
  Confirmed
Status in ghostwriter package in Ubuntu:
  Fix Released
Status in gnome-packagekit package in Ubuntu:
  Confirmed
Status in goldendict-webengine package in Ubuntu:
  Confirmed
Status in kalgebra package in Ubuntu:
  Fix Released
Status in kchmviewer package in Ubuntu:
  Confirmed
Status in kdeplasma-addons package in Ubuntu:
  Confirmed
Status in kgeotag package in Ubuntu:
  In Progress
Status in kiwix package in Ubuntu:
  Confirmed
Status in kmail package in Ubuntu:
  Fix Released
Status in konqueror package in Ubuntu:
  Fix Released
Status in kontact package in Ubuntu:
  Fix Released
Status in marble package in Ubuntu:
  Fix Released
Status in notepadqq package in Ubuntu:
  Confirmed
Status in opam package in Ubuntu:
  Confirmed
Status in pageedit package in Ubuntu:
  Confirmed
Status in plasma-desktop package in Ubuntu:
  Confirmed
Status in plasma-welcome package in Ubuntu:
  In Progress
Status in privacybrowser package in Ubuntu:
  Confirmed
Status in qmapshack package in Ubuntu:
  Confirmed
Status in qutebrowser package in Ubuntu:
  Confirmed
Status in rssguard package in Ubuntu:
  Confirmed
Status in steam package in Ubuntu:
  Confirmed
Status in supercollider package in Ubuntu:
  Confirmed
Status in tellico package in Ubuntu:
  Fix Released

Bug description:
  Hi, I run Ubuntu development branch 24.04 and I have a problem with
  Epiphany browser 45.1-1 (Gnome Web): program doesn't launch, and I get
  this error

  $ epiphany
  bwrap: Creating new namespace failed: Permission denied

  ** (epiphany:12085): ERROR **: 14:44:35.023: Failed to fully launch 
dbus-proxy: Le processus fils s’est terminé avec le code 1
  Trappe pour point d'arrêt et de trace (core dumped)

  $ epiphany
  bwrap: Creating new namespace failed: Permission denied

  ** (epiphany:30878): ERROR **: 22:22:26.926: Failed to fully launch 
dbus-proxy: Le processus fils s’est terminé avec le code 1
  Trappe pour point d'arrêt et de trace (core dumped)

  Thanks for your help!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/akregator/+bug/2046844/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2052832] Re: Desktop lock-screen is bypassed after switching to virtual tty on console

[Seth Arnold]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/2052832

Title:
  Desktop lock-screen is bypassed after switching to virtual tty on
  console

Status in gnome-shell package in Ubuntu:
  New

Bug description:
  Expected to have to provide session user password to return to GUI
  desktop after locking that session via the task-bar power-button
  dropdown -> Lock button.

  Actually was able to resume GUI session without providing a password.

  Steps to reproduce:
   In desktop session, mouse-click the task bar power icon to show its 
dropdown, and select Lock
Desktop session locks and displays a password prompt box.
   Press CTL-ALT-F1 to show virtual console tty1
   Press CTL-ALT-F6 to return to GUI.
   GUI is restored without prompting for a password.

  Repeatable with other virtual consoles (F2 F3 etc.)

  Repeatable whether or not I logged in on the virtual console or just
  switched to it then back to the GUI.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: gnome-shell 42.9-0ubuntu2
  ProcVersionSignature: Ubuntu 5.15.0-92.102-generic 5.15.131
  Uname: Linux 5.15.0-92-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  ApportVersion: 2.20.11-0ubuntu82.5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Fri Feb  9 14:06:32 2024
  DisplayManager: lightdm
  ProcEnviron:
   LANGUAGE=en_US
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  RelatedPackageVersions: mutter-common 42.9-0ubuntu5
  SourcePackage: gnome-shell
  UpgradeStatus: Upgraded to jammy on 2022-08-12 (545 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2052832/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2049625] Re: CVE-2024-0519: Out of bounds memory access in V8

[Seth Arnold]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/2049625

Title:
  CVE-2024-0519: Out of bounds memory access in V8

Status in chromium-browser package in Ubuntu:
  Confirmed

Bug description:
  https://thehackernews.com/2024/01/zero-day-alert-update-chrome-now-to-
  fix.html

  Stable was fixed in 120.0.6099.224

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2049625/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2041751] Re: RM: Remove dangerously insecure MPPE PPTP from Ubuntu

[Seth Arnold]

Robie, good idea, I've added a note about pptpd and bcrelay being
removed, with a link back here:

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2041751

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager-pptp in Ubuntu.
https://bugs.launchpad.net/bugs/2041751

Title:
  RM: Remove dangerously insecure MPPE PPTP from Ubuntu

Status in Release Notes for Ubuntu:
  New
Status in linux package in Ubuntu:
  New
Status in network-manager-pptp package in Ubuntu:
  New
Status in pptp-linux package in Ubuntu:
  New
Status in pptpd package in Ubuntu:
  Fix Released

Bug description:
  Remove dangerously insecure MPPE PPTP from Ubuntu

  https://pptpclient.sourceforge.net/protocol-security.phtml

  It has been dead for over 20 years now.

  Current Windows versions natively support IPSec and L2TP as much
  better alternatives.

  https://learn.microsoft.com/en-us/windows/win32/fwp/ipsec-
  configuration#how-to-use-wfp-to-configure-ipsec-policies

  https://learn.microsoft.com/en-US/troubleshoot/windows-
  server/networking/configure-l2tp-ipsec-server-behind-nat-t-device

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-release-notes/+bug/2041751/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2041751] Re: RM: Remove dangerously insecure MPPE PPTP from Ubuntu

[Seth Arnold]

Microsoft has implemented an IPSec stack:
https://learn.microsoft.com/en-us/windows/win32/fwp/ipsec-
configuration#how-to-use-wfp-to-configure-ipsec-policies

"The Microsoft implementation of IPsec uses Windows Filtering Platform
to setup IPsec policies."

This page is a bit thin on which applications to open, which buttons to
click, etc, but they do have IPSec available in their ecosystem.

Microsoft has implemented LT2P: https://learn.microsoft.com/en-
US/troubleshoot/windows-server/networking/configure-l2tp-ipsec-server-
behind-nat-t-device

"This article describes how to configure a L2TP/IPsec server behind a
NAT-T device."

A third party has implemented OpenVPN for Windows:
https://openvpn.net/client/client-connect-vpn-for-windows/

"For Windows 7, 8, 10, and 11.
Note: Windows 7 and 8 are not officially supported anymore."

A third party has implemented Wireguard for Windows:
https://www.wireguard.com/install/#windows-7-81-10-11-2008r2-2012r2-2016-2019-2022

" Windows [7, 8.1, 10, 11, 2008R2, 2012R2, 2016, 2019, 2022 – v0.5.3]"

Selecting a replacement requires some effort on the part of the network
administrator with knowledge of what features and operating systems they
need for their environment.

I think pptp is bad enough that removing it makes sense.

On the other hand, we still have telnet, and there's appropriate uses
and inappropriate uses, and maybe this falls into the same category of
compatibility software where users should expect a significant reduction
in security if it is used.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager-pptp in Ubuntu.
https://bugs.launchpad.net/bugs/2041751

Title:
  RM: Remove dangerously insecure MPPE PPTP from Ubuntu

Status in linux package in Ubuntu:
  New
Status in network-manager-pptp package in Ubuntu:
  New
Status in pptp-linux package in Ubuntu:
  New
Status in pptpd package in Ubuntu:
  Incomplete

Bug description:
  Remove dangerously insecure MPPE PPTP from Ubuntu

  https://pptpclient.sourceforge.net/protocol-security.phtml

  It has been dead for over 20 years now.

  IPSec OpenVPN Strongswan are much better alternatives.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2041751/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2046633] Re: Don't include 'nmcli -f all con' output in bug report (for privacy)

[Seth Arnold]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2046633

Title:
  Don't include 'nmcli -f all con' output in bug report (for privacy)

Status in network-manager package in Ubuntu:
  New

Bug description:
  The apport bug reporting hooks for this package
  (/usr/share/apport/package/hooks/source_network-manager{,-applet}.py)
  include the output of `nmcli -f all con`.  This lists all wifi SSIDs
  that the user has ever connected to, and the date of last connection.
  I think this is a privacy problem, as it tends to reveal the user's
  recent whereabouts, and it's posted publicly on launchpad.  (Imagine
  for instance an entry for "LoveMotelGuestWifi" at a time when the user
  had said they were at the office...)

  It is disclosed to the user before the report is sent, but only if
  they think to expand that item in the "Send / Don't send" dialog
  (which is not descriptively labeled), and there is no way to opt out
  of it.  You can delete it manually from launchpad afterward, which is
  what I am going to do with this bug report, but I doubt most people
  would know to do that.

  This info should probably not be included at all, or if it is, it
  should be sanitized.  Also, it might be a good idea to purge launchpad
  of all such files.

  (Marking this as "security" in case you consider this kind of a
  privacy leak to be something the security team should handle.  If not,
  feel free to demote it to an ordinary bug.)

  ProblemType: Bug
  DistroRelease: Ubuntu 23.10
  Package: network-manager 1.44.2-1ubuntu1.2
  ProcVersionSignature: Ubuntu 6.5.0-14.14-generic 6.5.3
  Uname: Linux 6.5.0-14-generic x86_64
  ApportVersion: 2.27.0-0ubuntu5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  Date: Sat Dec 16 14:38:45 2023
  IfupdownConfig:
   # interfaces(5) file used by ifup(8) and ifdown(8)
   auto lo
   iface lo inet loopback
  InstallationDate: Installed on 2019-06-03 (1657 days ago)
  InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
  IpRoute:
   default via 192.168.1.13 dev enxa0cec8c4f782 proto dhcp src 192.168.1.60 
metric 100 
   169.254.0.0/16 dev virbr0 scope link metric 1000 linkdown 
   172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 
   192.168.1.0/24 dev enxa0cec8c4f782 proto kernel scope link src 192.168.1.60 
metric 100 
   192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 
linkdown
  ProcEnviron:
   LANG=en_US.UTF-8
   PATH=(custom, no user)
   SHELL=/bin/bash
   TERM=xterm-256color
   XDG_RUNTIME_DIR=
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to mantic on 2023-12-14 (3 days ago)
  modified.conffile..etc.default.apport:
   # set this to 0 to disable apport, or to 1 to enable it
   # you can temporarily override this with
   # sudo service apport start force_start=1
   enabled=0
  mtime.conffile..etc.default.apport: 2020-08-04T11:07:36.415303
  nmcli-nm:
   RUNNING  VERSION  STATE  STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  
WIFI WWAN-HW  WWAN
   running  1.44.2   connected  started  full  enabled enabled  
enabled  missing  enabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/2046633/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2032852] Re: package libreoffice-common 1:6.0.7-0ubuntu0.18.04.13 failed to install/upgrade: conflicting packages - not installing libreoffice-common

[Seth Arnold]

I'm concerned about this patch:

A versioned Conflicts entry is not something that someone adds lightly
-- probably an abstraction file or policy language feature was added in
that version of AppArmor, and policy compilation will fail if that
version isn't installed before the newer versions of the LibreOffice
packages are installed. That will probably be even more confusing to
diagnose and repair than this error.

This patch also suggests that:

(a) perhaps do-release-upgrade needs to be modified to change the order of 
package updates
(b) perhaps apt needs to be investigated to find out why the incorrect package 
order was selected
(c) perhaps the Debian policy needs to be consulted to make sure that a 
Conflicts: entry is actually the right way to ask apt for the necessary package 
ordering.

It's three years since Focal release. Surely we've had a few LibreOffice
users upgrade from Bionic to Focal  in those three years. Why is this
only showing up in Launchpad today?

I recommend further research into why this happened before trying to
patch it.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/2032852

Title:
  package libreoffice-common 1:6.0.7-0ubuntu0.18.04.13 failed to
  install/upgrade: conflicting packages - not installing libreoffice-
  common

Status in libreoffice package in Ubuntu:
  Confirmed
Status in libreoffice source package in Focal:
  In Progress

Bug description:
  package install error

  ProblemType: Package
  DistroRelease: Ubuntu 20.04
  Package: libreoffice-common 1:6.0.7-0ubuntu0.18.04.13
  ProcVersionSignature: Ubuntu 4.15.0-213.224-generic 4.15.18
  Uname: Linux 4.15.0-213-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.27
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Thu Aug 24 02:36:52 2023
  ErrorMessage: conflicting packages - not installing libreoffice-common
  InstallationDate: Installed on 2023-08-22 (1 days ago)
  InstallationMedia: Ubuntu 14.04.5 LTS "Trusty Tahr" - Release amd64 (20160803)
  PackageArchitecture: all
  Python3Details: /usr/bin/python3.8, Python 3.8.10, python3-minimal, 
3.8.2-0ubuntu2
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.19.7ubuntu3.2
   apt  2.0.9
  SourcePackage: libreoffice
  Title: package libreoffice-common 1:6.0.7-0ubuntu0.18.04.13 failed to 
install/upgrade: conflicting packages - not installing libreoffice-common
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/2032852/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1897369] Re: apparmor: Allow cups-browsed to change nice value (CAP_SYS_NICE)

[Seth Arnold]

@reliable-robin-22 this specific message is almost certainly unrelated
to whatever problem you're facing. There's millions of people using
Ubuntu and surely several of them print from time to time. (I may only
print once a year, but it does work for me. :)

You should open a new bug report and populate it with details from
https://wiki.ubuntu.com/DebuggingPrintingProblems

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to cups-filters in Ubuntu.
https://bugs.launchpad.net/bugs/1897369

Title:
  apparmor: Allow cups-browsed to change nice value (CAP_SYS_NICE)

Status in cups-filters package in Ubuntu:
  Triaged
Status in cups-filters package in Debian:
  New

Bug description:
  In Ubuntu 20.04.1 with *cups-browsed* 1.27.4-1, apparmor prevents
  `/usr/sbin/cups-browsed` to change its nice value.

  $ sudo dmesg | grep apparmor
  [541870.509461] audit: type=1400 audit(1600898428.089:60): 
apparmor="DENIED" operation="capable" profile="/usr/sbin/cups-browsed" 
pid=62030 comm="cups-browsed" capability=23  capname="sys_nice"
  [628298.779668] audit: type=1400 audit(1600984854.115:61): 
apparmor="DENIED" operation="capable" profile="/usr/sbin/cups-browsed" 
pid=66850 comm="cups-browsed" capability=23  capname="sys_nice"
  [714667.424963] audit: type=1400 audit(1601071220.527:62): 
apparmor="DENIED" operation="capable" profile="/usr/sbin/cups-browsed" 
pid=76828 comm="cups-browsed" capability=23  capname="sys_nice"

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups-filters/+bug/1897369/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2027626] [NEW] Firefox url bar doesn't work as expected if I type http:// or https:// before a host

[Seth Arnold]

Public bug reported:

Hello; I hit Control+L to focus the URL bar, then typed:
http://www.debian.org/

This loads a Google search page for http.

I tried again with: https://www.debian.org/

This loaded a Google search page for https.

Typing just: www.debian.org

leads to the expected Debian website, but without any choice of protocol
to use.

I expect to be able to type which specific protocol to use to load a
specific site.

Thanks

ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: firefox 115.0+build2-0ubuntu0.20.04.3
ProcVersionSignature: Ubuntu 5.4.0-152.169-generic 5.4.235
Uname: Linux 5.4.0-152-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
AddonCompatCheckDisabled: False
AlsaVersion: Advanced Linux Sound Architecture Driver Version 
k5.4.0-152-generic.
ApportVersion: 2.20.11-0ubuntu27.27
Architecture: amd64
AudioDevicesInUse:
 USERPID ACCESS COMMAND
 /dev/snd/controlC3:  sarnold   2236213 F pulseaudio
 /dev/snd/controlC2:  sarnold   2236213 F pulseaudio
 /dev/snd/controlC1:  sarnold   2236213 F pulseaudio
 /dev/snd/controlC0:  sarnold   2236213 F pulseaudio
BuildID: 20230629134642
Card0.Amixer.info:
 Card hw:0 'PCH'/'HDA Intel PCH at 0x2fe1028000 irq 145'
   Mixer name   : 'Realtek ALC285'
   Components   : 'HDA:10ec0285,17aa225c,0012 
HDA:8086280b,80860101,0010'
   Controls  : 53
   Simple ctrls  : 15
Card1.Amixer.info:
 Card hw:1 'Audio'/'Generic ThinkPad Dock USB Audio at usb-:00:14.0-4.2.4, 
high speed'
   Mixer name   : 'USB Mixer'
   Components   : 'USB17ef:306f'
   Controls  : 9
   Simple ctrls  : 4
Card2.Amixer.info:
 Card hw:2 'U0x46d0x809'/'USB Device 0x46d:0x809 at usb-:00:14.0-4.4.1.3.2, 
high speed'
   Mixer name   : 'USB Mixer'
   Components   : 'USB046d:0809'
   Controls  : 4
   Simple ctrls  : 1
Card2.Amixer.values:
 Simple mixer control 'Mic',0
   Capabilities: cvolume cvolume-joined cswitch cswitch-joined
   Capture channels: Mono
   Limits: Capture 0 - 17
   Mono: Capture 0 [0%] [6.00dB] [on]
Card3.Amixer.info:
 Card hw:3 'Device'/'USB Audio Device at usb-:00:14.0-4.4.1.3.3, full speed'
   Mixer name   : 'USB Mixer'
   Components   : 'USB0c76:160a'
   Controls  : 5
   Simple ctrls  : 2
CasperMD5CheckResult: skip
Channel: Unavailable
Date: Wed Jul 12 20:45:02 2023
DefaultProfileIncompatibleExtensions:
 Pentadactyl - pentadac...@dactyl.googlecode.com
 English (GB) Language Pack - langpack-en...@firefox.mozilla.org
 English (South Africa) Language Pack - langpack-en...@firefox.mozilla.org
 Default - {972ce4c6-7e08-4474-a285-3208198ce6fd}
DefaultProfilePrefErrors: Unexpected character ',' before close parenthesis @ 
/usr/lib/firefox/omni.ja:greprefs.js:297
DefaultProfilePrefSources: prefs.js
ForcedLayersAccel: False
MostRecentCrashID: bp-ea952d4d-f25a-4ced-893c-8cabb2160112
Profile1Extensions: extensions.sqlite corrupt or missing
Profile1IncompatibleExtensions: Unavailable (corrupt or non-existant 
compatibility.ini or extensions.sqlite)
Profile1Locales: extensions.sqlite corrupt or missing
Profile1PrefErrors: Unexpected character ',' before close parenthesis @ 
/usr/lib/firefox/omni.ja:greprefs.js:297
Profile1PrefSources: prefs.js
Profile1Themes: extensions.sqlite corrupt or missing
Profiles:
 Profile1 - LastVersion=114.0.2/20230619081400 (Out of date)
 Profile0 (Default) - LastVersion=115.0/20230629134642 (In use)
RunningIncompatibleAddons: True
SourcePackage: firefox
UpgradeStatus: Upgraded to focal on 2020-01-24 (1265 days ago)
dmi.bios.date: 10/13/2020
dmi.bios.vendor: LENOVO
dmi.bios.version: N23ET75W (1.50 )
dmi.board.asset.tag: Not Available
dmi.board.name: 20KHCTO1WW
dmi.board.vendor: LENOVO
dmi.board.version: SDK0J40709 WIN
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: None
dmi.modalias: 
dmi:bvnLENOVO:bvrN23ET75W(1.50):bd10/13/2020:svnLENOVO:pn20KHCTO1WW:pvrThinkPadX1Carbon6th:rvnLENOVO:rn20KHCTO1WW:rvrSDK0J40709WIN:cvnLENOVO:ct10:cvrNone:
dmi.product.family: ThinkPad X1 Carbon 6th
dmi.product.name: 20KHCTO1WW
dmi.product.sku: LENOVO_MT_20KH_BU_Think_FM_ThinkPad X1 Carbon 6th
dmi.product.version: ThinkPad X1 Carbon 6th
dmi.sys.vendor: LENOVO

** Affects: firefox (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug focal

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/2027626

Title:
  Firefox url bar doesn't work as expected if I type http:// or https://
  before a host

Status in firefox package in Ubuntu:
  New

Bug description:
  Hello; I hit Control+L to focus the URL bar, then typed:
  http://www.debian.org/

  This loads a Google search page for http.

  I tried again with: https://www.debian.org/

  This loaded a Google search page for https.

  Typing just: www.debian.org

  leads to the expected Debian website, but without any choice of
  protocol to use.

  I 

[Desktop-packages] [Bug 2024582] Re: Suspicious large shared memory When Connecting to a Windows System

[Seth Arnold]

It's completely normal for programs to use shared memory segments.
That's why they're there! :) rkhunter reports them because they're
persistent like the filesystem but not really visible, unlike the
filesystem. You have to know to look for them.

rkhunter is a tool for you to use as part of your investigation. I'm
very skeptical of its value in general but you absolutely cannot just
use its output as proof of anything nefarious.

Thanks

** Changed in: remmina (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to remmina in Ubuntu.
https://bugs.launchpad.net/bugs/2024582

Title:
  Suspicious large shared memory When Connecting to a Windows System

Status in remmina package in Ubuntu:
  Incomplete

Bug description:
  Hi,

  Hi When I am Connecting to a Windows Server 2019 instance with my
  Ubuntu 22.04 LTS System gets infected with rootkit and the rkhunter
  log is showing suspicious large shared memory segments, we have
  reinstalled the system and removed the malware XOR DDOS and tried
  again but again the ubuntu system is affected, we are login using RDP
  to the Windows System. we have added Time based OTP to login and SSH.

  Using Remmina 1.4.25
  Using Desktop Environment KDE Plasma 5.24.7
  Connecting to windows server 2019 Standard
  Connecting Via RDP
  FreeRDP Version 2.6.1

  I am attaching the rkhunter log along with the mail.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/remmina/+bug/2024582/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2021484] Re: Editing a VPN ask to introduce credentials but if you cancel can be accessed anyway

[Seth Arnold]

** Changed in: ubuntu-settings (Ubuntu)
   Status: Incomplete => New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ubuntu-settings in Ubuntu.
https://bugs.launchpad.net/bugs/2021484

Title:
  Editing a VPN ask to introduce credentials but if you cancel can be
  accessed anyway

Status in ubuntu-settings package in Ubuntu:
  New

Bug description:
  I'm logged as a normal user without admin privileges. When I try to
  edit a VPN I'm asked to introduce the credentials of the admin,
  nevertheless if I click cancel I can still access to the VPN
  configuration.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: ubuntu-settings 20.04.6
  ProcVersionSignature: Ubuntu 5.15.0-72.79~20.04.1-generic 5.15.98
  Uname: Linux 5.15.0-72-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.26
  Architecture: amd64
  CasperMD5CheckResult: skip
  CurrentDesktop: ubuntu:GNOME
  Date: Mon May 29 11:16:38 2023
  InstallationDate: Installed on 2022-05-04 (389 days ago)
  InstallationMedia: Ubuntu 20.04.3 LTS "Focal Fossa" - Release amd64 (20210819)
  PackageArchitecture: all
  SourcePackage: ubuntu-settings
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-settings/+bug/2021484/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2021484] Re: Editing a VPN ask to introduce credentials but if you cancel can be accessed anyway

[Seth Arnold]

Hello Cristobal, can you make changes from that interface? Or is it
read-only?

Thanks

** Information type changed from Private Security to Public Security

** Changed in: ubuntu-settings (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ubuntu-settings in Ubuntu.
https://bugs.launchpad.net/bugs/2021484

Title:
  Editing a VPN ask to introduce credentials but if you cancel can be
  accessed anyway

Status in ubuntu-settings package in Ubuntu:
  Incomplete

Bug description:
  I'm logged as a normal user without admin privileges. When I try to
  edit a VPN I'm asked to introduce the credentials of the admin,
  nevertheless if I click cancel I can still access to the VPN
  configuration.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: ubuntu-settings 20.04.6
  ProcVersionSignature: Ubuntu 5.15.0-72.79~20.04.1-generic 5.15.98
  Uname: Linux 5.15.0-72-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.26
  Architecture: amd64
  CasperMD5CheckResult: skip
  CurrentDesktop: ubuntu:GNOME
  Date: Mon May 29 11:16:38 2023
  InstallationDate: Installed on 2022-05-04 (389 days ago)
  InstallationMedia: Ubuntu 20.04.3 LTS "Focal Fossa" - Release amd64 (20210819)
  PackageArchitecture: all
  SourcePackage: ubuntu-settings
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-settings/+bug/2021484/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1993019] Re: UnboundLocalError: local variable 'version' referenced before assignment

[Seth Arnold]

Alberto, it looks like nobody verified
https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-
drivers-515/+bug/1988836

You can find the bugs that need verification or that failed verification
on https://ubuntu-archive-team.ubuntu.com/pending-sru.html

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ubuntu-drivers-common in Ubuntu.
https://bugs.launchpad.net/bugs/1993019

Title:
  UnboundLocalError: local variable 'version' referenced before
  assignment

Status in ubuntu-drivers-common package in Ubuntu:
  Fix Released
Status in ubuntu-drivers-common source package in Bionic:
  Triaged
Status in ubuntu-drivers-common source package in Focal:
  Triaged
Status in ubuntu-drivers-common source package in Jammy:
  Fix Committed
Status in ubuntu-drivers-common source package in Kinetic:
  Fix Released

Bug description:
  [ Impact ]

   * The introduction of the -open NVIDIA drivers requires a change in
  the way we detect driver series and flavours. Failing to do so, causes
  the ubuntu-drivers tool to crash (LP: #1993019), or to prefer the
  -open drivers over the non-open ones (LP: #1988836).

   * Furthermore, calling the ubuntu-drivers tool where the alsa-utils
  package is not installed (mainly on servers), ubuntu-drivers (through
  the sl-modem plugin) complains, unnecessarily about the missing aplay
  binary.

  [ Test Plan ]

   * Install the new ubuntu-drivers-common from -proposed on a system
  where the GPU is compatible with the 515 series (or higher).

   * Run the ubuntu-drivers list command, and make sure that the 515
  driver series (or higher) is listed.

   * Try installing the driver using the following command:
 sudo ubuntu-drivers install

   * Check which driver series was installed (you can use the "sudo
  ubuntu-drivers debug" command), and make sure that the installation
  does not cause ubuntu-drivers to crash.

  [ Where problems could occur ]

   * A problem in the ubuntu-drivers tool can cause it to install a driver which
 is not recommended for the detected hardware, or even cause the package
 installation to fail, and prevent users from logging in through the
 graphics interface.

  
  [ Other Info ]
   
   * To prevent failures of the test-suite on architectures such as armhf (as 
seen
 in Lunar), we are skipping the tests for any architectures other than amd64
 and arm64 (which are the only ones actually using ubuntu-drivers).
 This was already the case with riscv, and we now have an easier way
 to do so in the debian/rules file.

  
  == Changelogs ==

  === Kinetic and Jammy ===

[ Alberto Milone ]
* New upstream release:
* UbuntuDrivers/detect.py:
  - Make sure all -open drivers have a lower priority, regardless
of whether the --server parameter is passed in or not.
  - Update regex in nvidia_desktop_pre_installation_hook. This prevents
ubuntu-drivers from crashing when dealing with the -open NVIDIA
drivers (LP: #1993019).
* tests/test_ubuntu_drivers.py:
  - Add tests so we make sure to keep preferring non-open NVIDIA
modules over the -open ones, at least until the open modules catch up
feature wise and performance wise.

[ gongzhengyang ]
* UbuntuDrivers/detect.py:
  - Fix local variable 'version' being referenced before assignment
when catching ValueError (LP: #1993019).

[ Jeff Lane ]
* detect-plugins/sl-modem.py:
  - Add some error trapping when aplay is not installed (on servers).

  === Jammy only (left over from 1:0.9.6.2~0.22.04.1) ===

 * UbuntuDrivers/detect.py:
   - Make sure -open drivers have a lower priority (LP: #1988836).

  
  == Changelogs ==

  === Kinetic and Jammy ===

    [ Alberto Milone ]
    * debian/rules:
  - Limit the tests to the selected architectures (amd64, arm64).
    This prevents armhf builds from failing.
    * UbuntuDrivers/detect.py:
  - Make sure all -open drivers have a lower priority, regardless
    of whether the --server parameter is passed in or not.
  - Update regex and unify package name parsing in the following
    functions by using the new NvidiaPkgNameInfo class:
    nvidia_desktop_pre_installation_hook,
    _get_headless_no_dkms_metapackage,
    nvidia_desktop_pre_installation_hook,
    get_linux_modules_metapackage,
    This prevents ubuntu-drivers from crashing when dealing with
    the -open NVIDIA drivers (LP: #1993019).
    * tests/test_ubuntu_drivers.py:
  - Add tests so we make sure to keep preferring non-open NVIDIA
    modules over the -open ones, at least until the open modules catch up
    feature wise and performance wise.

    [ gongzhengyang ]
    * UbuntuDrivers/detect.py:
  - Fix local variable 'version' being referenced before assignment
    when catching ValueError (LP: #1993019).

    [ Jeff Lane ]
    * 

[Desktop-packages] [Bug 2019474] Re: package firefox 1:1snap1-0ubuntu2 failed to install/upgrade: le sous-processus nouveau firefox paquet pre-installation script a renvoyé un état de sortie d'erreur

[Seth Arnold]

Here's the relevant bit from the dpkg logs:

Préparation du dépaquetage de .../firefox_1%3a1snap1-0ubuntu2_amd64.deb ...
=> Installing the firefox snap
==> Checking connectivity with the snap store
==> Installing the firefox snap
erreur : snap "firefox" has "install-snap" change in progress
dpkg: erreur de traitement de l'archive 
/var/cache/apt/archives/firefox_1%3a1snap1-0ubuntu2_amd64.deb (--unpack) :
 le sous-processus nouveau firefox paquet pre-installation script a renvoyé un 
état de sortie d'erreur 10

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/2019474

Title:
  package firefox 1:1snap1-0ubuntu2 failed to install/upgrade: le sous-
  processus nouveau firefox paquet pre-installation script a renvoyé un
  état de sortie d'erreur 10

Status in firefox package in Ubuntu:
  New

Bug description:
  Plz solve my problem with snap firefox

  ProblemType: Package
  DistroRelease: Ubuntu 22.04
  Package: firefox 1:1snap1-0ubuntu2
  ProcVersionSignature: Ubuntu 5.19.0-41.42~22.04.1-generic 5.19.17
  Uname: Linux 5.19.0-41-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.4
  AptOrdering:
   firefox:amd64: Install
   NULL: ConfigurePending
  Architecture: amd64
  CasperMD5CheckResult: pass
  Date: Sat May 13 13:15:04 2023
  Dependencies:
   
  ErrorMessage: le sous-processus nouveau firefox paquet pre-installation 
script a renvoyé un état de sortie d'erreur 10
  InstallationDate: Installed on 2023-05-12 (0 days ago)
  InstallationMedia: Ubuntu 22.04.2 LTS "Jammy Jellyfish" - Release amd64 
(20230223)
  Python3Details: /usr/bin/python3.10, Python 3.10.6, python3-minimal, 
3.10.6-1~22.04
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.21.1ubuntu2.1
   apt  2.4.9
  SourcePackage: firefox
  Title: package firefox 1:1snap1-0ubuntu2 failed to install/upgrade: le 
sous-processus nouveau firefox paquet pre-installation script a renvoyé un état 
de sortie d'erreur 10
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/2019474/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2019940] Re: Directly manipulating NetworkManager keyfiles

[Seth Arnold]

jammy, lunary, and mantic:

for distro in jammy lunar mantic  ; do for component in main universe
multiverse restricted ; do for-archive
/srv/mirror/ubuntu/dists/$distro/$component/source/Sources.gz
/srv/mirror/ubuntu/ ~/bin/for-archive-tools/unpack-search '/system-
connections' ; done ; done | tee ~/system-connections-$(date
+%d-%H:%M:%S)


** Attachment added: "system-connections-17-10:41:24"
   
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/2019940/+attachment/5673652/+files/system-connections-17-10%3A41%3A24

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2019940

Title:
  Directly manipulating NetworkManager keyfiles

Status in augeas package in Ubuntu:
  New
Status in calamares package in Ubuntu:
  New
Status in cloud-init package in Ubuntu:
  New
Status in cruft-ng package in Ubuntu:
  New
Status in dracut package in Ubuntu:
  New
Status in forensic-artifacts package in Ubuntu:
  New
Status in guestfs-tools package in Ubuntu:
  New
Status in guix package in Ubuntu:
  New
Status in ltsp package in Ubuntu:
  Invalid
Status in netcfg package in Ubuntu:
  Won't Fix
Status in netplan.io package in Ubuntu:
  Won't Fix
Status in network-manager package in Ubuntu:
  New
Status in refpolicy package in Ubuntu:
  New
Status in sosreport package in Ubuntu:
  New
Status in uhd package in Ubuntu:
  New
Status in vagrant package in Ubuntu:
  New

Bug description:
  The affected packages can manipulate NetworkManager keyfiles directly
  on disk, which might not be appropriate anymore on Ubuntu, since the
  Netplan integration was enabled in NetworkManager (starting with
  Mantic), migrating any keyfile configuration from
  /etc/NetworkManager/system-connections/*[.nmconnection] to
  /etc/netplan/90-NM-*.yaml

  See Netplan's documentation for how connections are handled:
  https://netplan.readthedocs.io/en/latest/netplan-everywhere/

  PS: Packages were queried using:
  
https://codesearch.debian.net/search?q=%2Fsystem-connections=1=1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/augeas/+bug/2019940/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2019734] Re: Gnome+Wayland Ubuntu 22.04 freezes. All USB devices disconnect on ASUS Prime Z790-A Wifi

[Seth Arnold]

ignore me

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xwayland in Ubuntu.
https://bugs.launchpad.net/bugs/2019734

Title:
  Gnome+Wayland Ubuntu 22.04 freezes. All USB devices disconnect on ASUS
  Prime Z790-A Wifi

Status in xwayland package in Ubuntu:
  New

Bug description:
  On my platform when I have too many USB devices attached occasionally all USB 
fail and disconnect but sometimes and I cannot connect them again.
  The screen seems froze or just all USB devices are not responding. Hard to 
verify.

  This might be related to Razer Kiyo taking a lot of USB bandwidth.
  Beside that I got Nvidia GeForce RTX 3060 with 470.x driver.

  Maybe you could get a clue in the logs

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: xwayland 2:22.1.1-1ubuntu0.6
  ProcVersionSignature: Ubuntu 5.19.0-41.42~22.04.1-generic 5.19.17
  Uname: Linux 5.19.0-41-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia zfs zunicode zavl icp zcommon 
znvpair
  ApportVersion: 2.20.11-0ubuntu82.4
  Architecture: amd64
  CasperMD5CheckResult: unknown
  Date: Mon May 15 16:41:57 2023
  ProcEnviron:
   TERM=linux
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   SHELL=/bin/bash
  SourcePackage: xwayland
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xwayland/+bug/2019734/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2015423] Re: Correct password not accepted.

[Seth Arnold]

** Information type changed from Private Security to Public Security

** Package changed: gnome-screensaver (Ubuntu) => gnome-shell (Ubuntu)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-screensaver in Ubuntu.
https://bugs.launchpad.net/bugs/2015423

Title:
  Correct password not accepted.

Status in gnome-shell package in Ubuntu:
  New

Bug description:
  WHen I boot up and Ubuntu asks for a password, I type it in.  Instead
  of being hidden, it shows what my password and also claims it is
  incorrect, I am sure it is correct.  If I reboot it will often allow
  me to enter my concealed password, but the issue is getting more and
  more common by the day.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: gnome-screensaver (not installed)
  ProcVersionSignature: Ubuntu 5.15.0-69.76~20.04.1-generic 5.15.87
  Uname: Linux 5.15.0-69-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.25
  Architecture: amd64
  CasperMD5CheckResult: skip
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Apr  5 22:29:04 2023
  InstallationDate: Installed on 2020-09-16 (931 days ago)
  InstallationMedia: Ubuntu 20.04.1 LTS "Focal Fossa" - Release amd64 (20200731)
  ProcEnviron:
   LANGUAGE=en_CA:en
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_CA.UTF-8
   SHELL=/bin/bash
  SourcePackage: gnome-screensaver
  Symptom: security
  Title: Screen locking issue
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2015423/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Re: [Desktop-packages] [Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking

[Seth Arnold]

On Mon, Apr 03, 2023 at 06:57:36AM -, Ralf Dünkelmann wrote:
> the bug (https://bugs.launchpad.net/bugs/2013453), that nem000 created
> was marked as a duplicate of this one. This is the case for most of the
> related bugs listed here. So it seems that this here is the issue to go
> ahead with?

Heh, yeah, I'as surprised, I figured keeping newer implementations of
this flaw separate from the older ones would have been the thing to do.

FWIW I've been handing out the "the only safe thing to do is to lock your
workstation before you walk away from it / suspend it" as advice for
twenty years...

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/1532508

Title:
  Screen contents revealed briefly on resume, before even unlocking

Status in GNOME Shell:
  New
Status in Mutter:
  New
Status in gnome-shell package in Ubuntu:
  Confirmed
Status in unity package in Ubuntu:
  Fix Released
Status in unity source package in Xenial:
  Fix Released
Status in gnome-shell package in Debian:
  Confirmed

Bug description:
  [Impact]

  When lock is enabled, the screen doesn't get blank/covered by
  lockscreen before suspending, thus on early resume the content might
  be shown.

  Video showing the bug: https://youtu.be/dDOgtK1MldI

  Reproduced on Ubuntu 2015.10, Ubuntu 2014.04

  [Test case]

  1. Work on highly secret files
  2. Close the lid of your laptop and go have a break
  3. Anyone who opens the lid of the laptop can see the secret files for a half 
second before the lock screen appears

  [Possible Regression]

  Content on screen isn't painted anymore and screen stays black.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking

[Seth Arnold]

nem000 I'm sure I've seen this bug fixed a dozen times in the last
fifteen years or something. It's just a popular bug to re-implement.
Please file a bug with 'ubuntu-bug gnome-shell' if you're using Gnome;
replace 'gnome-shell' with whatever screenlocker you're using if you're
on a different environment.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/1532508

Title:
  Screen contents revealed briefly on resume, before even unlocking

Status in GNOME Shell:
  New
Status in Mutter:
  New
Status in gnome-shell package in Ubuntu:
  Confirmed
Status in unity package in Ubuntu:
  Fix Released
Status in unity source package in Xenial:
  Fix Released
Status in gnome-shell package in Debian:
  Confirmed

Bug description:
  [Impact]

  When lock is enabled, the screen doesn't get blank/covered by
  lockscreen before suspending, thus on early resume the content might
  be shown.

  Video showing the bug: https://youtu.be/dDOgtK1MldI

  Reproduced on Ubuntu 2015.10, Ubuntu 2014.04

  [Test case]

  1. Work on highly secret files
  2. Close the lid of your laptop and go have a break
  3. Anyone who opens the lid of the laptop can see the secret files for a half 
second before the lock screen appears

  [Possible Regression]

  Content on screen isn't painted anymore and screen stays black.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2012672] Re: [lunar] Screen content is shown shortly when resuming from sleep

[Seth Arnold]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/2012672

Title:
  [lunar] Screen content is shown shortly when resuming from sleep

Status in gnome-shell package in Ubuntu:
  New

Bug description:
  Hi,

  Lunar, kernel 6.2, GS 44.0, Nvidia (dGPU only mode, X11), Ubuntu
  session

  Enter sleep by closing the lid.
  Wait some seconds.
  Open the lid.
  Screen content is shown during maybe two seconds.
  Login screen is shown, then everything is ok.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2012672/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2002061] Re: package texlive-latex-extra 2022.20220722-2 failed to install/upgrade: 该软件包现在的状态极为不妥； 建议您在卸载它之前再重新安装一次

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to texlive-extra in Ubuntu.
https://bugs.launchpad.net/bugs/2002061

Title:
  package texlive-latex-extra 2022.20220722-2 failed to install/upgrade:
  该软件包现在的状态极为不妥； 建议您在卸载它之前再重新安装一次

Status in texlive-extra package in Ubuntu:
  New

Bug description:
  有 1 个软件包没有被完全安装或卸载。
  需要下载 0 B/14.3 MB 的归档。
  解压缩后会消耗 0 B 的额外空间。

  ProblemType: Package
  DistroRelease: Ubuntu 22.10
  Package: texlive-latex-extra 2022.20220722-2
  ProcVersionSignature: Ubuntu 5.19.0-26.27-generic 5.19.7
  Uname: Linux 5.19.0-26-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  ApportVersion: 2.23.1-0ubuntu3
  Architecture: amd64
  CasperMD5CheckResult: unknown
  Date: Thu Jan  5 18:44:39 2023
  DpkgTerminalLog:
   dpkg: 处理软件包 texlive-latex-extra (--remove)时出错：
该软件包现在的状态极为不妥；
   建议您在卸载它之前再重新安装一次
   dpkg: 出现过多错误，正在停止
  ErrorMessage: 该软件包现在的状态极为不妥； 建议您在卸载它之前再重新安装一次
  PackageArchitecture: all
  Python3Details: /usr/bin/python3.10, Python 3.10.7, python3-minimal, 3.10.6-1
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.21.9ubuntu1
   apt  2.5.3
  SourcePackage: texlive-extra
  Title: package texlive-latex-extra 2022.20220722-2 failed to install/upgrade: 
该软件包现在的状态极为不妥； 建议您在卸载它之前再重新安装一次
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/texlive-extra/+bug/2002061/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 2000670] Re: package libfreerdp-server2-2:amd64 2.6.1+dfsg1-3ubuntu2.3 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before a

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to freerdp2 in Ubuntu.
https://bugs.launchpad.net/bugs/2000670

Title:
  package libfreerdp-server2-2:amd64 2.6.1+dfsg1-3ubuntu2.3 failed to
  install/upgrade: package is in a very bad inconsistent state; you
  should  reinstall it before attempting configuration

Status in freerdp2 package in Ubuntu:
  New

Bug description:
  Description:  Ubuntu 22.04.1 LTS
  Release:  22.04

  libfreerdp2-2:
Installed: 2.6.1+dfsg1-3ubuntu2.3
Candidate: 2.6.1+dfsg1-3ubuntu2.3
Version table:
   *** 2.6.1+dfsg1-3ubuntu2.3 500
  500 http://us.archive.ubuntu.com/ubuntu jammy-updates/main amd64 
Packages
  500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 
Packages
  100 /var/lib/dpkg/status
   2.6.1+dfsg1-3ubuntu1 500
  500 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 Packages

  ran dpkg --configure -a manually
  ran apt-get upgrade
  ran apt --fix-broken install

  threw a bug error report

  ProblemType: Package
  DistroRelease: Ubuntu 22.04
  Package: libfreerdp-server2-2:amd64 2.6.1+dfsg1-3ubuntu2.3
  ProcVersionSignature: Ubuntu 5.15.0-56.62-generic 5.15.64
  Uname: Linux 5.15.0-56-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.11-0ubuntu82.3
  AptOrdering:
   libfreerdp2-2:amd64: Install
   libwinpr2-2:amd64: Install
   NULL: ConfigurePending
  Architecture: amd64
  CasperMD5CheckResult: pass
  Date: Wed Dec 28 22:00:24 2022
  ErrorMessage: package is in a very bad inconsistent state; you should  
reinstall it before attempting configuration
  InstallationDate: Installed on 2022-12-29 (0 days ago)
  InstallationMedia: Ubuntu 22.04.1 LTS "Jammy Jellyfish" - Release amd64 
(20220809.1)
  Python3Details: /usr/bin/python3.10, Python 3.10.6, python3-minimal, 
3.10.6-1~22.04
  PythonDetails: N/A
  RebootRequiredPkgs: Error: path contained symlinks.
  RelatedPackageVersions:
   dpkg 1.21.1ubuntu2.1
   apt  2.4.8
  SourcePackage: freerdp2
  Title: package libfreerdp-server2-2:amd64 2.6.1+dfsg1-3ubuntu2.3 failed to 
install/upgrade: package is in a very bad inconsistent state; you should  
reinstall it before attempting configuration
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freerdp2/+bug/2000670/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1993732] Re: Sound

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/1993732

Title:
  Sound

Status in alsa-driver package in Ubuntu:
  New

Bug description:
  Hi on my lenovo legion i7 10gen the same situation no sound even on
  kernel 6 in any distribution ubuntu 22.04,22.10, linux mint, open
  suse, debian, freebsd brak sound everything else works I tried
  everything

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1993732/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1993019] [NEW] UnboundLocalError: local variable 'version' referenced before assignment

[Seth Arnold]

Public bug reported:

Hello, we received a drive-by complaint about the ubuntu-drivers
autoinstall tool:

< Fhazal> hye i have problem with ubuntu 22.04 nvidia auto install command
< Fhazal> this error appear when i try to auto install recommended driver
< Fhazal> https://pastebin.com/ydZVFT24

The contents of the pastebin:

Traceback (most recent call last):
  File "/usr/bin/ubuntu-drivers", line 513, in 
greet()
  File "/usr/lib/python3/dist-packages/click/core.py", line 1128, in __call__
return self.main(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/click/core.py", line 1053, in main
rv = self.invoke(ctx)
  File "/usr/lib/python3/dist-packages/click/core.py", line 1659, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/usr/lib/python3/dist-packages/click/core.py", line 1395, in invoke
return ctx.invoke(self.callback, **ctx.params)
  File "/usr/lib/python3/dist-packages/click/core.py", line 754, in invoke
return __callback(*args, **kwargs)
  File "/usr/lib/python3/dist-packages/click/decorators.py", line 84, in 
new_func
return ctx.invoke(f, obj, *args, **kwargs)
  File "/usr/lib/python3/dist-packages/click/core.py", line 754, in invoke
return __callback(*args, **kwargs)
  File "/usr/bin/ubuntu-drivers", line 432, in autoinstall
command_install(config)
  File "/usr/bin/ubuntu-drivers", line 187, in command_install
UbuntuDrivers.detect.nvidia_desktop_pre_installation_hook(to_install)
  File "/usr/lib/python3/dist-packages/UbuntuDrivers/detect.py", line 839, in 
nvidia_desktop_pre_installation_hook
with_nvidia_kms = version >= 470
UnboundLocalError: local variable 'version' referenced before assignment


Skimming the version on my system it sure feels plausible:

def nvidia_desktop_pre_installation_hook(to_install):
'''Applies changes that need to happen before installing the NVIDIA 
drivers'''
with_nvidia_kms = False

# Enable KMS if nvidia >= 470
for package_name in to_install:
if package_name.startswith('nvidia-driver-'):
try:
version = int(package_name.split('-')[-1])
except ValueError:
pass
finally:
with_nvidia_kms = version >= 470

if with_nvidia_kms:
set_nvidia_kms(1)


If there was an exception splitting, indexing, or converting to an int,
that 'version' variable may not have a value.

Thanks

** Affects: ubuntu-drivers-common (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ubuntu-drivers-common in Ubuntu.
https://bugs.launchpad.net/bugs/1993019

Title:
  UnboundLocalError: local variable 'version' referenced before
  assignment

Status in ubuntu-drivers-common package in Ubuntu:
  New

Bug description:
  Hello, we received a drive-by complaint about the ubuntu-drivers
  autoinstall tool:

  < Fhazal> hye i have problem with ubuntu 22.04 nvidia auto install command
  < Fhazal> this error appear when i try to auto install recommended driver
  < Fhazal> https://pastebin.com/ydZVFT24

  The contents of the pastebin:

  Traceback (most recent call last):
File "/usr/bin/ubuntu-drivers", line 513, in 
  greet()
File "/usr/lib/python3/dist-packages/click/core.py", line 1128, in __call__
  return self.main(*args, **kwargs)
File "/usr/lib/python3/dist-packages/click/core.py", line 1053, in main
  rv = self.invoke(ctx)
File "/usr/lib/python3/dist-packages/click/core.py", line 1659, in invoke
  return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/lib/python3/dist-packages/click/core.py", line 1395, in invoke
  return ctx.invoke(self.callback, **ctx.params)
File "/usr/lib/python3/dist-packages/click/core.py", line 754, in invoke
  return __callback(*args, **kwargs)
File "/usr/lib/python3/dist-packages/click/decorators.py", line 84, in 
new_func
  return ctx.invoke(f, obj, *args, **kwargs)
File "/usr/lib/python3/dist-packages/click/core.py", line 754, in invoke
  return __callback(*args, **kwargs)
File "/usr/bin/ubuntu-drivers", line 432, in autoinstall
  command_install(config)
File "/usr/bin/ubuntu-drivers", line 187, in command_install
  UbuntuDrivers.detect.nvidia_desktop_pre_installation_hook(to_install)
File "/usr/lib/python3/dist-packages/UbuntuDrivers/detect.py", line 839, in 
nvidia_desktop_pre_installation_hook
  with_nvidia_kms = version >= 470
  UnboundLocalError: local variable 'version' referenced before assignment

  
  Skimming the version on my system it sure feels plausible:

  def nvidia_desktop_pre_installation_hook(to_install):
  '''Applies changes that need to happen before installing the NVIDIA 
drivers'''
  with_nvidia_kms = False

  # Enable KMS if nvidia >= 470
  for package_name in to_install:
  if package_name.startswith('nvidia-driver-'):
 

[Desktop-packages] [Bug 1988588] Re: Xeon E3-1200 v2/3rd Gen Core processor Graphics Controller Drivers missing

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1988588

Title:
  Xeon E3-1200 v2/3rd Gen Core processor Graphics Controller Drivers
  missing

Status in xorg package in Ubuntu:
  New

Bug description:
  Please upgrade the Ubuntu OS and provide Graphics drivers for Ubuntu
  22.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 5.15.0-47.51-generic 5.15.46
  Uname: Linux 5.15.0-47-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.1
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: pass
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Fri Sep  2 20:59:09 2022
  DistUpgraded: Fresh install
  DistroCodename: jammy
  DistroVariant: ubuntu
  ExtraDebuggingInterest: Yes, including running git bisection searches
  GraphicsCard:
   Intel Corporation Xeon E3-1200 v2/3rd Gen Core processor Graphics Controller 
[8086:0152] (rev 09) (prog-if 00 [VGA controller])
 Subsystem: Intel Corporation Xeon E3-1200 v2/3rd Gen Core processor 
Graphics Controller [8086:204d]
  InstallationDate: Installed on 2022-09-02 (0 days ago)
  InstallationMedia: Ubuntu 22.04.1 LTS "Jammy Jellyfish" - Release amd64 
(20220809.1)
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-47-generic 
root=UUID=85140ee7-0511-45cd-aa7c-903f11fd90d1 ro quiet splash
  SourcePackage: xorg
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 09/07/2012
  dmi.bios.release: 4.6
  dmi.bios.vendor: Intel Corp.
  dmi.bios.version: MLZ7510H.86A.0006.2012.0907.1307
  dmi.board.name: DZ75ML-45K
  dmi.board.vendor: Intel Corporation
  dmi.board.version: AAG75008-102
  dmi.chassis.type: 3
  dmi.modalias: 
dmi:bvnIntelCorp.:bvrMLZ7510H.86A.0006.2012.0907.1307:bd09/07/2012:br4.6:svn:pn:pvr:rvnIntelCorporation:rnDZ75ML-45K:rvrAAG75008-102:cvn:ct3:cvr:skuTobefilledbyO.E.M.:
  dmi.product.family: To be filled by O.E.M.
  dmi.product.sku: To be filled by O.E.M.
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.110.5+1038
  version.libgl1-mesa-dri: libgl1-mesa-dri 22.0.5-0ubuntu0.1
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core 2:21.1.3-2ubuntu2.1
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2ubuntu1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.17-2build1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1988588/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1987981] Re: nautilus crashed with SIGSEGV in g_str_hash()

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nautilus in Ubuntu.
https://bugs.launchpad.net/bugs/1987981

Title:
  nautilus crashed with SIGSEGV in g_str_hash()

Status in nautilus package in Ubuntu:
  Incomplete

Bug description:
  nothing

  ProblemType: Crash
  DistroRelease: Ubuntu 22.10
  Package: nautilus 1:43~beta.1-2ubuntu3
  ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30
  Uname: Linux 5.15.0-27-generic x86_64
  NonfreeKernelModules: wl zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.23.0-0ubuntu1
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Sun Aug 28 16:25:29 2022
  ExecutablePath: /usr/bin/nautilus
  GsettingsChanges:
   
  InstallationDate: Installed on 2022-08-28 (0 days ago)
  InstallationMedia: Ubuntu 22.10 "Kinetic Kudu" - Alpha amd64 (20220828)
  ProcCmdline: nautilus
  ProcEnviron:
   LANGUAGE=de_CH:de
   LANG=de_CH.UTF-8
   TERM=xterm-256color
   PATH=(custom, no user)
   SHELL=/bin/bash
  SegvAnalysis:
   Segfault happened at: 0x7f9f0cc15434 : movsbl (%rdi),%edx
   PC (0x7f9f0cc15434) ok
   source "(%rdi)" (0x) not located in a known VMA region (needed 
readable region)!
   destination "%edx" ok
  SegvReason: reading NULL VMA
  Signal: 11
  SourcePackage: nautilus
  StacktraceTop:
   g_str_hash () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
   g_hash_table_contains () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
   () at /lib/x86_64-linux-gnu/libgtk-4.so.1
   () at /lib/x86_64-linux-gnu/libgtk-4.so.1
   () at /lib/x86_64-linux-gnu/libgtk-4.so.1
  Title: nautilus crashed with SIGSEGV in g_str_hash()
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: N/A
  separator:
   
  usr_lib_nautilus:
   file-roller   43~alpha-1
   nautilus-extension-gnome-terminal 3.45.90-1ubuntu1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1987981/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1988016] Re: package firefox 104.0+build3-0ubuntu0.20.04.1 failed to install/upgrade: end of file on stdin at conffile prompt

[Seth Arnold]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1988016

Title:
  package firefox 104.0+build3-0ubuntu0.20.04.1 failed to
  install/upgrade: end of file on stdin at conffile prompt

Status in firefox package in Ubuntu:
  New

Bug description:
  i don't knoq

  ProblemType: Package
  DistroRelease: Ubuntu 20.04
  Package: firefox 104.0+build3-0ubuntu0.20.04.1
  ProcVersionSignature: Ubuntu 5.15.0-46.49~20.04.1-generic 5.15.39
  Uname: Linux 5.15.0-46-generic x86_64
  AddonCompatCheckDisabled: False
  ApportVersion: 2.20.11-0ubuntu27.24
  AptOrdering:
   firefox:amd64: Install
   NULL: ConfigurePending
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC1:  akash  1878 F pulseaudio
   /dev/snd/controlC0:  akash  1878 F pulseaudio
  BuildID: 20220818191623
  CasperMD5CheckResult: skip
  Channel: Unavailable
  Date: Mon Aug 29 09:36:54 2022
  ErrorMessage: end of file on stdin at conffile prompt
  ForcedLayersAccel: False
  InstallationDate: Installed on 2021-10-11 (321 days ago)
  InstallationMedia: Ubuntu 20.04.2.0 LTS "Focal Fossa" - Release amd64 
(20210209.1)
  IpRoute:
   default via 192.168.29.1 dev wlp3s0 proto dhcp metric 600
   169.254.0.0/16 dev wlp3s0 scope link metric 1000
   192.168.29.0/24 dev wlp3s0 proto kernel scope link src 192.168.29.158 metric 
600
  NoProfiles: True
  PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No 
PulseAudio daemon running, or not running as session daemon.
  Python3Details: /usr/bin/python3.8, Python 3.8.10, unpackaged
  PythonDetails: /usr/bin/python3.6, Python 3.6.15, unpackaged
  RelatedPackageVersions:
   dpkg 1.19.7ubuntu3.2
   apt  2.0.9
  RunningIncompatibleAddons: False
  SourcePackage: firefox
  Title: package firefox 104.0+build3-0ubuntu0.20.04.1 failed to 
install/upgrade: end of file on stdin at conffile prompt
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 12/19/2020
  dmi.bios.release: 1.10
  dmi.bios.vendor: LENOVO
  dmi.bios.version: R1AET34W (1.10 )
  dmi.board.asset.tag: Not Available
  dmi.board.name: 20T6S0UQ00
  dmi.board.vendor: LENOVO
  dmi.board.version: Not Defined
  dmi.chassis.asset.tag: No Asset Information
  dmi.chassis.type: 10
  dmi.chassis.vendor: LENOVO
  dmi.chassis.version: None
  dmi.ec.firmware.release: 1.10
  dmi.modalias: 
dmi:bvnLENOVO:bvrR1AET34W(1.10):bd12/19/2020:br1.10:efr1.10:svnLENOVO:pn20T6S0UQ00:pvrThinkPadE14Gen2:rvnLENOVO:rn20T6S0UQ00:rvrNotDefined:cvnLENOVO:ct10:cvrNone:skuLENOVO_MT_20T6_BU_Think_FM_ThinkPadE14Gen2:
  dmi.product.family: ThinkPad E14 Gen 2
  dmi.product.name: 20T6S0UQ00
  dmi.product.sku: LENOVO_MT_20T6_BU_Think_FM_ThinkPad E14 Gen 2
  dmi.product.version: ThinkPad E14 Gen 2
  dmi.sys.vendor: LENOVO
  modified.conffile..etc.apport.blacklist.d.firefox:
   /usr/lib/firefox/firefox
   /usr/lib/firefox/plugin-container
  modified.conffile..etc.apport.native-origins.d.firefox:
   LP-PPA-ubuntu-mozilla-daily
   LP-PPA-ubuntu-mozilla-daily-firefox-aurora
   LP-PPA-mozillateam-firefox-next
  modified.conffile..etc.firefox.syspref.js:
   // This file can be used to configure global preferences for Firefox
   // Example: Homepage
   //pref("browser.startup.homepage", "http://www.weebls-stuff.com/wab/;);
  mtime.conffile..etc.apparmor.d.usr.bin.firefox: 2022-05-20T11:44:35
  mtime.conffile..etc.apport.blacklist.d.firefox: 2021-02-05T17:24:22
  mtime.conffile..etc.apport.native-origins.d.firefox: 2021-02-05T17:24:22
  mtime.conffile..etc.firefox.syspref.js: 2020-09-21T22:09:02

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1988016/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1987911] Re: package firefox 104.0+build3-0ubuntu0.20.04.1 failed to install/upgrade: new firefox package pre-installation script subprocess returned error exit status 1

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1987911

Title:
  package firefox 104.0+build3-0ubuntu0.20.04.1 failed to
  install/upgrade: new firefox package pre-installation script
  subprocess returned error exit status 1

Status in firefox package in Ubuntu:
  New

Bug description:
  eerror

  ProblemType: Package
  DistroRelease: Ubuntu 22.04
  Package: firefox 104.0+build3-0ubuntu0.20.04.1
  ProcVersionSignature: Ubuntu 5.15.0-46.49~20.04.1-generic 5.15.39
  Uname: Linux 5.15.0-46-generic x86_64
  NonfreeKernelModules: aufs
  AddonCompatCheckDisabled: False
  ApportVersion: 2.20.11-0ubuntu82.1
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC1:  europassistance   2340 F pulseaudio
   /dev/snd/controlC0:  europassistance   2340 F pulseaudio
  BuildID: 20220818191623
  CasperMD5CheckResult: unknown
  Channel: Unavailable
  Date: Fri Aug 26 20:59:33 2022
  ErrorMessage: new firefox package pre-installation script subprocess returned 
error exit status 1
  ForcedLayersAccel: False
  InstallationDate: Installed on 2022-03-09 (170 days ago)
  InstallationMedia: Ubuntu 20.04.4 LTS "Focal Fossa" - Release amd64 (20220223)
  IpRoute:
   default via 192.168.1.254 dev wlp1s0 proto dhcp metric 600 
   169.254.0.0/16 dev br-b0b9255f7446 scope link metric 1000 linkdown 
   172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 
   172.18.0.0/16 dev br-b0b9255f7446 proto kernel scope link src 172.18.0.1 
linkdown 
   192.168.1.0/24 dev wlp1s0 proto kernel scope link src 192.168.1.124 metric 
600
  NoProfiles: True
  PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No 
PulseAudio daemon running, or not running as session daemon.
  Python3Details: /usr/bin/python3.10, Python 3.10.4, python3-minimal, 
3.10.4-0ubuntu2
  PythonDetails: N/A
  RebootRequiredPkgs: Error: path contained symlinks.
  RelatedPackageVersions:
   dpkg 1.21.1ubuntu2.1
   apt  2.4.7
  RunningIncompatibleAddons: False
  SourcePackage: firefox
  Title: package firefox 104.0+build3-0ubuntu0.20.04.1 failed to 
install/upgrade: new firefox package pre-installation script subprocess 
returned error exit status 1
  UpgradeStatus: Upgraded to jammy on 2022-08-26 (0 days ago)
  dmi.bios.date: 11/12/2021
  dmi.bios.release: 7.1
  dmi.bios.vendor: HP
  dmi.bios.version: T82 Ver. 01.07.01
  dmi.board.name: 8895
  dmi.board.vendor: HP
  dmi.board.version: KBC Version 43.25.00
  dmi.chassis.type: 10
  dmi.chassis.vendor: HP
  dmi.ec.firmware.release: 67.37
  dmi.modalias: 
dmi:bvnHP:bvrT82Ver.01.07.01:bd11/12/2021:br7.1:efr67.37:svnHP:pnHPEliteBook845G8NotebookPC:pvr:rvnHP:rn8895:rvrKBCVersion43.25.00:cvnHP:ct10:cvr:sku458Z6EA#ABF:
  dmi.product.family: 103C_5336AN HP EliteBook
  dmi.product.name: HP EliteBook 845 G8 Notebook PC
  dmi.product.sku: 458Z6EA#ABF
  dmi.sys.vendor: HP

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1987911/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1987228] Re: Bug display when turning to hibernation

[Seth Arnold]

** Information type changed from Private Security to Public Security

** Also affects: gnome-shell (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1987228

Title:
  Bug display when turning to hibernation

Status in gnome-shell package in Ubuntu:
  New
Status in xorg package in Ubuntu:
  New

Bug description:
  When I put the computer to sleep, there are small display glitches for
  a few seconds. Then, when I wake from sleep mode, my desktop and
  opened windows show up for a few seconds before the login screen.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 5.15.0-46.49-generic 5.15.39
  Uname: Linux 5.15.0-46-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.1
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: unknown
  Date: Mon Aug 22 00:22:25 2022
  DistUpgraded: 2022-08-11 21:55:03,477 DEBUG Running PostInstallScript: 
'/usr/lib/ubuntu-advantage/upgrade_lts_contract.py'
  DistroCodename: jammy
  DistroVariant: ubuntu
  ExtraDebuggingInterest: Yes, including running git bisection searches
  GraphicsCard:
   Intel Corporation 2nd Generation Core Processor Family Integrated Graphics 
Controller [8086:0126] (rev 09) (prog-if 00 [VGA controller])
 Subsystem: Hewlett-Packard Company 2nd Generation Core Processor Family 
Integrated Graphics Controller [103c:161c]
  InstallationDate: Installed on 2021-03-26 (513 days ago)
  InstallationMedia: Ubuntu 20.04.2.0 LTS "Focal Fossa" - Release amd64 
(20210209.1)
  MachineType: Hewlett-Packard HP EliteBook 8460p
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-46-generic 
root=UUID=c83ab0ab-bcc6-4f8e-a43f-c872be521021 ro quiet splash vt.handoff=7
  SourcePackage: xorg
  Symptom: display
  UpgradeStatus: Upgraded to jammy on 2022-08-11 (10 days ago)
  dmi.bios.date: 02/13/2018
  dmi.bios.release: 15.103
  dmi.bios.vendor: Hewlett-Packard
  dmi.bios.version: 68SCF Ver. F.67
  dmi.board.name: 161C
  dmi.board.vendor: Hewlett-Packard
  dmi.board.version: KBC Version 97.4E
  dmi.chassis.asset.tag: CZC23633JQ
  dmi.chassis.type: 10
  dmi.chassis.vendor: Hewlett-Packard
  dmi.ec.firmware.release: 151.78
  dmi.modalias: 
dmi:bvnHewlett-Packard:bvr68SCFVer.F.67:bd02/13/2018:br15.103:efr151.78:svnHewlett-Packard:pnHPEliteBook8460p:pvrA0001D02:rvnHewlett-Packard:rn161C:rvrKBCVersion97.4E:cvnHewlett-Packard:ct10:cvr:skuSN246UP#ABF:
  dmi.product.family: 103C_5336AN
  dmi.product.name: HP EliteBook 8460p
  dmi.product.sku: SN246UP#ABF
  dmi.product.version: A0001D02
  dmi.sys.vendor: Hewlett-Packard
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.110-1ubuntu1
  version.libgl1-mesa-dri: libgl1-mesa-dri 22.0.5-0ubuntu0.1
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core 2:21.1.3-2ubuntu2.1
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2ubuntu1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.17-2build1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1987228/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1983778] Re: Major security issue in Ubuntu Desktop default config - Removable Media

[Seth Arnold]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-control-center in Ubuntu.
https://bugs.launchpad.net/bugs/1983778

Title:
  Major security issue in Ubuntu Desktop default config - Removable
  Media

Status in gnome-control-center package in Ubuntu:
  Incomplete

Bug description:
  There is a MAJOR SECURITY VULNERABILITY in Ubuntu Desktop since
  release 18.04 !

  Recently I used Ubuntu 22.04 LTS and noticed that the issue still
  exist!

  
  I don’t know the reason for it, but default values for “Removable Media” are 
VERY Risky!
  It will automatically run the software which is attached to the removable 
media.
  Why? Why has Ubuntu still didn’t disable that option?

  
  The following is the default configuration (the “bad” configuration):
  https://imgur.com/XXXQlV2

  The following is the configuration which Ubuntu should be having (it is the 
fix to the problem):
  https://imgur.com/a/0JeM6ve

  Please change the default configurations for Ubuntu!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/1983778/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1985987] Re: package firefox 103.0+build1-0ubuntu0.20.04.1 failed to install/upgrade: o subprocesso do pacote firefox, novo script pre-installation retornou erro do status de s

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1985987

Title:
  package firefox 103.0+build1-0ubuntu0.20.04.1 failed to
  install/upgrade: o subprocesso do pacote firefox, novo script pre-
  installation retornou erro do status de saída 1

Status in firefox package in Ubuntu:
  New

Bug description:
  Firefox with installation problems.

  ProblemType: Package
  DistroRelease: Ubuntu 22.04
  Package: firefox 103.0+build1-0ubuntu0.20.04.1
  ProcVersionSignature: Ubuntu 5.15.0-46.49~20.04.1-generic 5.15.39
  Uname: Linux 5.15.0-46-generic x86_64
  AddonCompatCheckDisabled: False
  ApportVersion: 2.20.11-0ubuntu27.24
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC2:  alexandre  27846 F pulseaudio
   /dev/snd/controlC0:  alexandre  27846 F pulseaudio
   /dev/snd/controlC1:  alexandre  27846 F pulseaudio
  BuildID: 20220718155818
  CasperMD5CheckResult: unknown
  Channel: Unavailable
  Date: Thu Aug 11 22:28:31 2022
  ErrorMessage: o subprocesso do pacote firefox, novo script pre-installation 
retornou erro do status de saída 1
  ForcedLayersAccel: False
  IpRoute:
   default via 192.168.0.1 dev enp3s0 proto dhcp metric 100 
   169.254.0.0/16 dev enp3s0 scope link metric 1000 
   192.168.0.0/24 dev enp3s0 proto kernel scope link src 192.168.0.80 metric 100
  NoProfiles: True
  PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No 
PulseAudio daemon running, or not running as session daemon.
  Python3Details: /usr/bin/python3.10, Python 3.10.4, python3-minimal, 
3.10.4-0ubuntu2
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.21.1ubuntu2.1
   apt  2.4.7
  RunningIncompatibleAddons: False
  SourcePackage: firefox
  Title: package firefox 103.0+build1-0ubuntu0.20.04.1 failed to 
install/upgrade: o subprocesso do pacote firefox, novo script pre-installation 
retornou erro do status de saída 1
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 06/01/2007
  dmi.bios.release: 8.10
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: 0208
  dmi.board.asset.tag: To Be Filled By O.E.M.
  dmi.board.name: P5LD2-X
  dmi.board.vendor: ASUSTeK Computer INC.
  dmi.board.version: Rev x.xx
  dmi.chassis.asset.tag: Asset-1234567890
  dmi.chassis.type: 3
  dmi.chassis.vendor: ASUSTek Computer INC.
  dmi.chassis.version: Rev 1.xx
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvr0208:bd06/01/2007:br8.10:svnSystemmanufacturer:pnSystemProductName:pvrRev1.xx:rvnASUSTeKComputerINC.:rnP5LD2-X:rvrRevx.xx:cvnASUSTekComputerINC.:ct3:cvrRev1.xx:skuToBeFilledByO.E.M.:
  dmi.product.family: To Be Filled By O.E.M.
  dmi.product.name: System Product Name
  dmi.product.sku: To Be Filled By O.E.M.
  dmi.product.version: Rev 1.xx
  dmi.sys.vendor: System manufacturer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1985987/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1983748] Re: package firefox 103.0+build1-0ubuntu0.20.04.1 failed to install/upgrade: »neues firefox-Skript des Paketes pre-installation«-Unterprozess gab den Fehlerwert 1 zurü

[Seth Arnold]

Guten tag, mein Deutsch ist sehr slecht, aber ich hoffe gut genug..

Ich glaube, sie mussen:

sudo snap install firefox

wenn dass schoen ist:

sudo dpkg --configure -a
sudo apt install -f

Bitte schreiben sie schon wieder, falls es nicht genug.

Danke

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1983748

Title:
  package firefox 103.0+build1-0ubuntu0.20.04.1 failed to
  install/upgrade: »neues firefox-Skript des Paketes pre-
  installation«-Unterprozess gab den Fehlerwert 1 zurück

Status in firefox package in Ubuntu:
  New

Bug description:
  ICh verstehe kein Englich und komme mit den Fehlerberichten nicht
  zurecht, da ich nicht weis was ich machen soll oder machen muss

  ProblemType: Package
  DistroRelease: Ubuntu 22.04
  Package: firefox 103.0+build1-0ubuntu0.20.04.1
  ProcVersionSignature: Ubuntu 5.4.0-122.138-generic 5.4.192
  Uname: Linux 5.4.0-122-generic x86_64
  AddonCompatCheckDisabled: False
  ApportVersion: 2.20.11-0ubuntu27.24
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  ingo  21810 F pulseaudio
  BuildID: 20220718155818
  CasperMD5CheckResult: unknown
  Channel: Unavailable
  Date: Sat Aug  6 11:39:59 2022
  ErrorMessage: »neues firefox-Skript des Paketes 
pre-installation«-Unterprozess gab den Fehlerwert 1 zurück
  ForcedLayersAccel: False
  InstallationDate: Installed on 2022-08-06 (0 days ago)
  InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
  IpRoute:
   default via 192.168.0.1 dev enp1s0 proto dhcp metric 100 
   default via 192.168.86.1 dev wlp2s0 proto dhcp metric 600 
   169.254.0.0/16 dev enp1s0 scope link metric 1000 
   192.168.0.0/24 dev enp1s0 proto kernel scope link src 192.168.0.42 metric 
100 
   192.168.86.0/24 dev wlp2s0 proto kernel scope link src 192.168.86.88 metric 
600
  NoProfiles: True
  PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No 
PulseAudio daemon running, or not running as session daemon.
  Python3Details: /usr/bin/python3.10, Python 3.10.4, python3-minimal, 
3.10.4-0ubuntu2
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.21.1ubuntu2.1
   apt  2.4.6
  RunningIncompatibleAddons: False
  SourcePackage: firefox
  Title: package firefox 103.0+build1-0ubuntu0.20.04.1 failed to 
install/upgrade: »neues firefox-Skript des Paketes 
pre-installation«-Unterprozess gab den Fehlerwert 1 zurück
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 08/24/2018
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: X541NA.321
  dmi.board.asset.tag: ATN12345678901234567
  dmi.board.name: X541NA
  dmi.board.vendor: ASUSTeK COMPUTER INC.
  dmi.board.version: 1.0
  dmi.chassis.asset.tag: No Asset Tag
  dmi.chassis.type: 10
  dmi.chassis.vendor: ASUSTeK COMPUTER INC.
  dmi.chassis.version: 1.0
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvrX541NA.321:bd08/24/2018:svnASUSTeKCOMPUTERINC.:pnX541NA:pvr1.0:rvnASUSTeKCOMPUTERINC.:rnX541NA:rvr1.0:cvnASUSTeKCOMPUTERINC.:ct10:cvr1.0:
  dmi.product.family: VivoBook
  dmi.product.name: X541NA
  dmi.product.version: 1.0
  dmi.sys.vendor: ASUSTeK COMPUTER INC.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1983748/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1982898] Re: CVE-2021-46829: Buffer overwrite in io-gif-animation.c composite_frame() in gdk-pixbuf

[Seth Arnold]

** Description changed:

  [Impact]
  
   * A buffer overwrite exists in gdk-pixbuf's thumbnailer.
  
   * The GIF loader runs out of memory with specifically crafted files
  with bad frame data (and images with its sizes) over the integer limit.
  
   * After gdk-pixbuf-thum runs out of memory, other apps can and on low
  RAM systems like my old iMac, the system can completely run out of
  memory.
  
   * Or, in other ways, bad gif files in other applications can open the
  door for exploits.
  
   * Any app using gdk-pixbuf is affected, mainly file managers and image
  viewers.
  
  [Test Plan]
  
   * Take the POC's - they can be found in the issue in the GNOME repo
  
   * Open them in an application that uses gdk-pixbuf. I have managed to 
produce reactions with:
   - Nautilus, GNOME's file manager
   - Nemo, Cinnamon's file manager
   - Thunar, XFCE's file manager, which has its own thumbnailere (tumbler) that 
also inevitably fails and crashes
   - PCManFM, LXDE's file manager which straight up crashes
-  - Caja, MATE's file manager causes libpixbufloader-gif to segfault (app 
still usable, no memory issues)
-  - Eye of GNOME (eog) triggers the segfault in syslog
+  - Caja, MATE's file manager causes libpixbufloader-gif to segfault (app 
still usable, no memory issues)
+  - Eye of GNOME (eog) triggers the segfault in syslog
  
   * If you or the system couldn't tell something is wrong, cat
  /var/log/syslog and enjoy the segfaults or out of memory warnings or
  even kernel spam.
  
  [Where problems could occur]
  
   * The patch itself is simple, but since gdk-pixbuf is often used with
  GTK apps a mistake here could be problematic.
  
   * It is possible, and has happened in the past (which has been patched)
  that other bad GIFs can cause other crashes.
  
   * That patch is essentially overflow checks -  changes with GLib
  (GNOME's, not to be confused with glibc) and the functions used in not
  only the patch but all of gdk-pixbuf can cause problems
  
   * Other failures to properly handle GIFs and broken or intentionally
  tampered GIFs can continue and always will open the door for security
  holes for other bugs
  
  * Again, overall a simple patch but as long as the GIFs remain handled
  properly, and no changes to the GLib functions are made and to other
  apps that use gdk-pixbuf (and assuming are not affected by the change
  and still work), the patch does not have much regression potential.
  
  [Other Info]
  
   * Besides Buffer overwrite/overflow issues, as aforementioned out of memory 
errors can happen.
   * Files attached are examples or crashes
   * Again, all apps using gdk-pixbuf are affected
   * https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/121/
-  * 
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/190https://github.com/pedrib/PoC/blob/master/fuzzing/CVE-2021-46829/CVE-2021-46829.md
+  * https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/190
+  * 
https://github.com/pedrib/PoC/blob/master/fuzzing/CVE-2021-46829/CVE-2021-46829.md
  
  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: libgdk-pixbuf2.0-0 2.40.0+dfsg-3ubuntu0.2
  ProcVersionSignature: Ubuntu 5.15.0-43.46~20.04.1-generic 5.15.39
  Uname: Linux 5.15.0-43-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.24
  Architecture: amd64
  CasperMD5CheckResult: skip
  CurrentDesktop: X-Cinnamon
  Date: Tue Jul 26 19:33:41 2022
  InstallationDate: Installed on 2021-11-24 (244 days ago)
  InstallationMedia: ubuntucinnamonremix "@BASECODENAME" (20210826)
  SourcePackage: gdk-pixbuf
  UpgradeStatus: No upgrade log present (probably fresh install)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gdk-pixbuf in Ubuntu.
https://bugs.launchpad.net/bugs/1982898

Title:
  CVE-2021-46829: Buffer overwrite in  io-gif-animation.c
  composite_frame() in gdk-pixbuf

Status in gdk-pixbuf package in Ubuntu:
  In Progress

Bug description:
  [Impact]

   * A buffer overwrite exists in gdk-pixbuf's thumbnailer.

   * The GIF loader runs out of memory with specifically crafted files
  with bad frame data (and images with its sizes) over the integer
  limit.

   * After gdk-pixbuf-thum runs out of memory, other apps can and on low
  RAM systems like my old iMac, the system can completely run out of
  memory.

   * Or, in other ways, bad gif files in other applications can open the
  door for exploits.

   * Any app using gdk-pixbuf is affected, mainly file managers and
  image viewers.

  [Test Plan]

   * Take the POC's - they can be found in the issue in the GNOME repo

   * Open them in an application that uses gdk-pixbuf. I have managed to 
produce reactions with:
   - Nautilus, GNOME's file manager
   - Nemo, Cinnamon's file manager
   - Thunar, XFCE's file manager, which has its own thumbnailere (tumbler) that 
also inevitably fails and crashes
   - PCManFM, LXDE's file manager which straight up crashes
   - Caja, MATE's file manager causes 

[Desktop-packages] [Bug 1982030] Re: POSIX is broken

[Seth Arnold]

Hello, please note, the bash(1) manpage describes when the ~/.profile is
read:

   When bash is invoked as an interactive login shell, or as a
   non-interactive shell with the --login option, it first reads
   and executes commands from the file /etc/profile, if that
   file exists.  After reading that file, it looks for
   ~/.bash_profile, ~/.bash_login, and ~/.profile, in that
   order, and reads and executes commands from the first one
   that exists and is readable.  The --noprofile option may be
   used when the shell is started to inhibit this behavior.


A shell started in a terminal is an interactive shell but not a login shell.

What you probably want is ~/.profile:

   When an interactive shell that is not a login shell is
   started, bash reads and executes commands from
   /etc/bash.bashrc and ~/.bashrc, if these files exist.  This
   may be inhibited by using the --norc option.  The --rcfile
   file option will force bash to read and execute commands from
   file instead of /etc/bash.bashrc and ~/.bashrc.

Thanks

** Changed in: gnome-session (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-session in Ubuntu.
https://bugs.launchpad.net/bugs/1982030

Title:
  POSIX is broken

Status in gnome-session package in Ubuntu:
  Invalid

Bug description:
  It seems that ~/.profile is not sourced anymore when gnome-terminal is 
launched for the first time as it should be the case in the POSIX standard :
  https://www.gnu.org/software/bash/manual/html_node/Bash-Startup-Files.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-session/+bug/1982030/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1961458] Re: chown of script directory and contents

[Seth Arnold]

Brian, sorry, the bug is open now. Thanks

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to adsys in Ubuntu.
https://bugs.launchpad.net/bugs/1961458

Title:
  chown of script directory and contents

Status in adsys package in Ubuntu:
  Fix Released
Status in adsys source package in Focal:
  New

Bug description:
  [Impact]
  Potential security issues in ApplyPolicy due to race when scripts are enabled.

  [Test Plan]
  1. Attach your machine to Ubuntu Advantage to get script support.
  2. Add a script to one GPO for user login/logout
  3. Login as an user, starting a new user session (no session should be 
currently running for that given user).
  4. Check the permissions are following what is described from the discussion 
below.

  [Where problems could occur]
  Script support was added recently, and it needs Ubuntu Advantage enablement 
to be activated. However, to this day, there is still no official 
ubuntu-advantage-desktop-daemon packaged on focal.

  

  ./internal/policies/scripts/scripts.go ApplyPolicy() unsafe owner
  changes:

  Changing the scripts directory owner allows any user processes to create
  symbolic links within, and then they can take ownership of any file on
  writable mounts.

  If the files must be owned by the user, the best way is to switch to the
  user's uid before creating the files. fchown(2) of the file descriptor
  before closing it should also work.

  I lose track of what's happening around the "Running machine startup
  scripts" -- it looks to me like adsys is also *executing* the scripts that
  were moments ago given to the user to modify. It is not safe for root to run
  user-owned files.

  Does the user *have* to own the directory and scripts?

  Thanks

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961458/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1976484] Re: never sound ubuntu 20.04 22.04 alsamixer 1.2.6 card sof-hda-dsp

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/1976484

Title:
  never sound ubuntu 20.04  22.04 alsamixer 1.2.6 card sof-hda-dsp

Status in alsa-driver package in Ubuntu:
  New

Bug description:
  no sound ubuntu 20.04 and 22.04 alsamixer 1.2.6 card sof-hda-dsp ships
  Intel Broxton HDMI, with and no pulseaudio

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: alsa-base 1.0.25+dfsg-0ubuntu7
  ProcVersionSignature: Ubuntu 5.15.0-33.34-generic 5.15.30
  Uname: Linux 5.15.0-33-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.1
  Architecture: amd64
  AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', 
'/dev/snd/controlC0', '/dev/snd/hwC0D2', '/dev/snd/pcmC0D3p', 
'/dev/snd/pcmC0D2p', '/dev/snd/pcmC0D1p', '/dev/snd/pcmC0D7c', 
'/dev/snd/pcmC0D6c', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Jun  1 11:15:42 2022
  InstallationDate: Installed on 2022-05-26 (5 days ago)
  InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 
(20220419)
  PackageArchitecture: all
  ProcEnviron:
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=fr_FR.UTF-8
   SHELL=/bin/bash
  SourcePackage: alsa-driver
  Symptom: audio
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 08/11/2021
  dmi.bios.release: 5.12
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: APD-BI-14.1-Y116AR150-098-E
  dmi.board.asset.tag: Default string
  dmi.board.name: N14C4WH64
  dmi.board.vendor: THOMSON
  dmi.board.version: Default string
  dmi.chassis.asset.tag: Default string
  dmi.chassis.type: 10
  dmi.chassis.vendor: Default string
  dmi.chassis.version: Default string
  dmi.ec.firmware.release: 5.1
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvrAPD-BI-14.1-Y116AR150-098-E:bd08/11/2021:br5.12:efr5.1:svnTHOMSON:pnN14C4WH64:pvrDefaultstring:rvnTHOMSON:rnN14C4WH64:rvrDefaultstring:cvnDefaultstring:ct10:cvrDefaultstring:skuN14C4WH64:
  dmi.product.family: Notebook
  dmi.product.name: N14C4WH64
  dmi.product.sku: N14C4WH64
  dmi.product.version: Default string
  dmi.sys.vendor: THOMSON

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1976484/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1973028] Re: gnome-remote-desktop user service is always running

[Seth Arnold]

Please use CVE-2022-1736 for the gnome-remote-desktop user service being
enabled on Ubuntu.

The Debian packaging, and derivatives of both Ubuntu and Debian, for
gnome-remote-desktop are probably very similar. The Debian policy
strongly encourages services to be running by default after
installation[1]. Ubuntu, however, strongly discourages open ports by
default[2].

So, while there may be identical code in the other distributions, this
may or may not be considered a vulnerability by the other distributions,
based on their own policies.

Thanks

[1]: https://www.debian.org/doc/debian-policy/ch-opersys.html#managing-the-links
 "The default behaviour is to enable autostarting your package’s daemon"

[2]: https://wiki.ubuntu.com/Security/Features#ports
 "Default installations of Ubuntu must have no listening network services 
after initial install. Exceptions to this rule [enumerated exceptions elided]"

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1736

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-remote-desktop in Ubuntu.
https://bugs.launchpad.net/bugs/1973028

Title:
  gnome-remote-desktop user service is always running

Status in gnome-remote-desktop package in Ubuntu:
  Fix Released
Status in gnome-remote-desktop source package in Jammy:
  Triaged

Bug description:
  Impact
  --
  The gnome-remote-desktop systemd user service is always running.

  This was a contributing factor for LP: #1971415

  Although it's "harmless" for the user service to be running if remote
  desktop sharing is not enabled, it's a waste of resources to run a
  service if it's not needed.

  Test Case
  -
  Install all Ubuntu updates and the gnome-remote-desktop update.
  From a clean install (or new user), run this command:
  systemctl --user status gnome-remote-desktop.service

  It should show the service as "Active: inactive"

  Open the Settings app to the Sharing page. Turn on Sharing and turn on
  Remote Desktop. Use the systemctl command to verify that the service
  is "Active: active (running). Log out and log back in and reverify.

  Now turn off Remote Desktop Sharing and verify that the service is
  inactive. Log out and log back in and reverify.

  More details
  ---
  This fix uses a dpkg maintscript to remove 
/etc/systemd/user/gnome-session.target.wants/gnome-remote-desktop.service . 
(That file is a symlink to the actual service).

  It also modifies debian/rules so that that file is no longer
  automatically added.

  Instead of /etc/systemd/user/ , the user service is intended to be
  enabled with the symlink ~/.config/systemd/user/gnome-
  session.target.wants/gnome-remote-desktop.service . That is
  appropriate since the GNOME implementation is per-user, not system-
  wide and it is also disabled by default.

  Fixing this bug has been strongly urged by the GNOME Remote Desktop
  maintainers, and this brings us in line with how non-Debian distros
  have been packaging gnome-remote-desktop.

  What could go wrong
  ---
  The RDP and VNC sharing services in GNOME could start when they shouldn't or 
not start when they should.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1973028/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1972889] Re: Screen reader reads the data while computer is locked

[Seth Arnold]

Good job Loaf :3

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/1972889

Title:
  Screen reader reads the data while computer is locked

Status in gnome-shell package in Ubuntu:
  New

Bug description:
  # lsb_release -rd
  Description:  Ubuntu 22.04 LTS
  Release:  22.04

  # apt-cache policy gnome-shell
  gnome-shell:
Installed: 42.0-2ubuntu1
Candidate: 42.0-2ubuntu1
Version table:
   *** 42.0-2ubuntu1 500
  500 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 Packages
  100 /var/lib/dpkg/status

  Ubuntu is installed on a laptop. Within five minutes of inactivity,
  the screen lock activates and locks the system. Computer is secured.
  10 minutes later, my cat (her name is Loaf) comes up to the laptop and
  sits down on the keyboard. This activates a screen reader. (Shortcut
  is Alt + Super + S)

  What I've expected:
  Screen reader would start reading the contents of a lock screen

  What happened:
  Screen reader app started reading contents of a Brave Browser window that was 
opened on my desktop. It read all tabs and proceeded reading the opened web 
page. 

  
  I've reported this bug at secur...@ubuntu.org and got the following answer:

  > Nice find - I am able to reproduce this locally in Ubuntu 22.04 LTS too
  > - I suspect this is a vulnerability in gnome-shell as it is
  > responsible for handling the lock screen in standard Ubuntu.

  As per further directions, I'm posting this bug here and in gnome
  repo.

  
  P.S. I expect Loaf being credited for this find. She really likes treats.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1972889/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1972114]

[Seth Arnold]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

** Tags added: community-security

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1972114

Title:
  Pressing Ctl Alt F7 allows me to bypass lock screen

Status in lightdm package in Ubuntu:
  New

Bug description:
  When I hid Ctl Alt f7 after locking the screen or starting the pc up
  from a suspended state it just takes me to my desktop without
  requiring a password.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: lightdm 1.30.0-0ubuntu5
  ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30
  Uname: Linux 5.15.0-27-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  ApportVersion: 2.20.11-0ubuntu82
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Sun May  8 20:35:50 2022
  InstallationDate: Installed on 2022-03-12 (57 days ago)
  InstallationMedia: Ubuntu 20.04.4 LTS "Focal Fossa" - Release amd64 (20220223)
  SourcePackage: lightdm
  UpgradeStatus: Upgraded to jammy on 2022-04-29 (8 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1972114/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1971415] Re: Remote desktop is automatically enabled after login

[Seth Arnold]

*** This bug is a duplicate of bug 1969619 ***
https://bugs.launchpad.net/bugs/1969619

Probably this is a duplicate, feel free to break the duplication if it
isn't. Thanks

** This bug has been marked a duplicate of bug 1969619
   RDP Sharing appears on by default in jammy

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-remote-desktop in Ubuntu.
https://bugs.launchpad.net/bugs/1971415

Title:
  Remote desktop is automatically enabled after login

Status in gnome-remote-desktop package in Ubuntu:
  New

Bug description:
  If I disable sharing/remote desktop in GNOME Control Center, then log
  out and back in, it is automatically enabled again. I report this as a
  security vulnerability because remote desktop is enabled without the
  user's knowledge.

  Software versions:
  - Ubuntu 22.04
  - gnome-remote-desktop 42.0-4ubuntu1
  - gnome-control-center 1:41.4-1ubuntu13

  Steps to reproduce:
  1. Start with Remote Desktop enabled. "systemctl --user status 
gnome-remote-desktop.service" reports "active (running)".
  2. Disable Remote Desktop in Control Center. systemctl reports "inactive 
(dead)".
  3. Log out and back in.
  4. Open Control Center. Remote Desktop is enabled again. systemctl reports 
"active (running)".

  Expected behavior:
  Remote Desktop should stay disabled upon the new login.

  Actual behavior:
  Remote Desktop was automatically enabled again.

  Previous discussion: https://gitlab.gnome.org/GNOME/gnome-control-
  center/-/issues/1775#note_1443319

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1971415/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1971429] Re: gnome shell

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/1971429

Title:
  gnome shell

Status in gnome-shell package in Ubuntu:
  New

Bug description:
  gjs show all time on bar menu

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: gnome-shell 42.0-2ubuntu1
  ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30
  Uname: Linux 5.15.0-27-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Tue May  3 09:50:23 2022
  DisplayManager: gdm3
  InstallationDate: Installed on 2022-04-27 (5 days ago)
  InstallationMedia: Ubuntu 20.04.4 LTS "Focal Fossa" - Release amd64 (20220223)
  RelatedPackageVersions: mutter-common 42.0-3ubuntu2
  SourcePackage: gnome-shell
  UpgradeStatus: Upgraded to jammy on 2022-04-27 (5 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1971429/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1971221] Re: firefox is flashing

[Seth Arnold]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1971221

Title:
  firefox  is flashing

Status in xorg package in Ubuntu:
  New

Bug description:
  when  firefox window  behind other APP  windows,  it  is  flashing.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30
  Uname: Linux 5.15.0-27-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  .proc.driver.nvidia.capabilities.gpu0: Error: path was not a regular file.
  .proc.driver.nvidia.capabilities.mig: Error: path was not a regular file.
  .proc.driver.nvidia.gpus..01.00.0: Error: path was not a regular file.
  .proc.driver.nvidia.registry: Binary: ""
  .proc.driver.nvidia.suspend: suspend hibernate resume
  .proc.driver.nvidia.suspend_depth: default modeset uvm
  .proc.driver.nvidia.version:
   NVRM version: NVIDIA UNIX x86_64 Kernel Module  510.60.02  Wed Mar 16 
11:24:05 UTC 2022
   GCC version:
  ApportVersion: 2.20.11-0ubuntu82
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: pass
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Tue May  3 11:53:34 2022
  DistUpgraded: Fresh install
  DistroCodename: jammy
  DistroVariant: ubuntu
  GraphicsCard:
   NVIDIA Corporation GP104 [GeForce GTX 1080] [10de:1b80] (rev a1) (prog-if 00 
[VGA controller])
 Subsystem: Hewlett-Packard Company GP104 [GeForce GTX 1080] [103c:82fb]
  InstallationDate: Installed on 2022-05-01 (1 days ago)
  InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 
(20220419)
  MachineType: ASUS System Product Name
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-27-generic 
root=UUID=ff0f1b3b-e57d-46bf-817b-a2bf7bd47098 ro quiet splash vt.handoff=7
  SourcePackage: xorg
  Symptom: display
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 04/01/2022
  dmi.bios.release: 14.4
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: 1404
  dmi.board.asset.tag: Default string
  dmi.board.name: ROG STRIX Z690-A GAMING WIFI D4
  dmi.board.vendor: ASUSTeK COMPUTER INC.
  dmi.board.version: Rev 1.xx
  dmi.chassis.asset.tag: Default string
  dmi.chassis.type: 3
  dmi.chassis.vendor: Default string
  dmi.chassis.version: Default string
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInc.:bvr1404:bd04/01/2022:br14.4:svnASUS:pnSystemProductName:pvrSystemVersion:rvnASUSTeKCOMPUTERINC.:rnROGSTRIXZ690-AGAMINGWIFID4:rvrRev1.xx:cvnDefaultstring:ct3:cvrDefaultstring:skuSKU:
  dmi.product.family: To be filled by O.E.M.
  dmi.product.name: System Product Name
  dmi.product.sku: SKU
  dmi.product.version: System Version
  dmi.sys.vendor: ASUS
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.110-1ubuntu1
  version.libgl1-mesa-dri: libgl1-mesa-dri 22.0.1-1ubuntu2
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A
  version.xserver-xorg-core: xserver-xorg-core 2:21.1.3-2ubuntu2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2build3
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.17-2build1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1971221/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1970593] Re: package firefox-locale-de 1:1snap1-0ubuntu2 failed to install/upgrade: Abhängigkeitsprobleme - verbleibt unkonfiguriert

[Seth Arnold]

Hello, this looks like the starting point of the problem:

Start-Date: 2022-04-17  16:08:22
Commandline: apt-get purge firefox
Purge: firefox-locale-de:amd64 (1:1snap1-0ubuntu2), firefox:amd64 
(1:1snap1-0ubuntu2)
End-Date: 2022-04-17  16:08:24

Start-Date: 2022-04-17  16:12:17
Commandline: apt-get install firefox firefox-locale-de
Install: firefox-locale-de:amd64 (1:1snap1-0ubuntu2), firefox:amd64 
(1:1snap1-0ubuntu2)
Error: Sub-process /usr/bin/dpkg returned an error code (1)
End-Date: 2022-04-17  16:12:19


I suggest trying:

sudo apt purge firefox-locale-de firefox+

(The + at the end of firefox+ will ask apt to install firefox.)

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1970593

Title:
  package firefox-locale-de 1:1snap1-0ubuntu2 failed to install/upgrade:
  Abhängigkeitsprobleme - verbleibt unkonfiguriert

Status in firefox package in Ubuntu:
  New

Bug description:
  Guten Tag,
  nach der Systemupgrade von ubuntu 21.04 lts auf 22.04 lts läuft mein Firefox 
Mozilla nicht mehr.
  Beim Aufruf kann ich auf Refresh nur eine englgische abgespeckte Version 
benützen, nachdem ich mehrmals Firefox aufrufe.  

  Folgendes erscheint in meinem Terminal.

  insgesamt 48
  drwx--  5 arman arman  4096 Apr 21 23:43 .
  drwxr-xr-x 44 arman arman 28672 Apr 22 16:40 ..
  drwx--  2 arman arman  4096 Apr 20 15:10 extensions
  drwx--  5 arman arman  4096 Dez 14 23:48 firefox
  drwx--  2 arman arman  4096 Feb 22  2019 systemextensionsdev

  
  root@AB-Desk:/home/arman/fullscreenhack# sudo su -c "dpkg --configure -a"
  firefox (1:1snap1-0ubuntu2) wird eingerichtet ...
  update-alternatives: Fehler: Alternativen-Pfad /usr/bin/firefox existiert 
nicht
  dpkg: Fehler beim Bearbeiten des Paketes firefox (--configure):
   »installiertes firefox-Skript des Paketes post-installation«-Unterprozess 
gab den Fehlerwert 2 zurück
  dpkg: Abhängigkeitsprobleme verhindern Konfiguration von firefox-locale-de:
   firefox-locale-de hängt ab von firefox (>= 1:1snap1-0ubuntu2); aber:
Paket firefox ist noch nicht konfiguriert.

  dpkg: Fehler beim Bearbeiten des Paketes firefox-locale-de (--configure):
   Abhängigkeitsprobleme - verbleibt unkonfiguriert
  Fehler traten auf beim Bearbeiten von:
   firefox
   firefox-locale-de



  dpkg: Fehler beim Bearbeiten des Paketes firefox-locale-de (--configure):
   Abhängigkeitsprobleme - verbleibt unkonfiguriert
  Es wurde kein Apport-Bericht verfasst, da die Fehlermeldung darauf hindeutet, 
dass dies lediglich ein Folgefehler eines vorherigen Problems ist.
  Fehler traten 
auf beim Bearbeiten von:
   firefox
   firefox-locale-de
  libdvd-pkg: Checking orig.tar integrity...
  /usr/src/libdvd-pkg/libdvdcss_1.4.3.orig.tar.bz2: OK
  libdvd-pkg: `apt-get check` failed, you may have broken packages. Aborting...
  E: Sub-process /usr/bin/dpkg returned an error code (1)

  ProblemType: Package
  DistroRelease: Ubuntu 22.04
  Package: firefox-locale-de 1:1snap1-0ubuntu2
  ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30
  Uname: Linux 5.15.0-27-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82
  AptOrdering:
   linux-modules-extra-5.15.0-23-generic:amd64: Remove
   NULL: ConfigurePending
  Architecture: amd64
  CasperMD5CheckResult: unknown
  Date: Wed Apr 27 11:08:35 2022
  ErrorMessage: Abhängigkeitsprobleme - verbleibt unkonfiguriert
  InstallationDate: Installed on 2019-02-21 (1160 days ago)
  InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
  PackageArchitecture: all
  Python3Details: /usr/bin/python3.10, Python 3.10.4, python3-minimal, 
3.10.4-0ubuntu2
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.21.1ubuntu2
   apt  2.4.5
  SourcePackage: firefox
  Title: package firefox-locale-de 1:1snap1-0ubuntu2 failed to install/upgrade: 
Abhängigkeitsprobleme - verbleibt unkonfiguriert
  UpgradeStatus: Upgraded to jammy on 2021-12-17 (130 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1970593/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1970206] Re: Cursor goes missing in games

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/1970206

Title:
  Cursor goes missing in games

Status in gnome-shell package in Ubuntu:
  New

Bug description:
  Unable to play any games in Full screen mode like 0AD or Kingdom Rush
  (steam) which involve a custom cursor.

  MOnitor is Acer T231 (Touchscreen monitor)

  Hardware is B68 motherboard with Athlon processor.

  I wonder if it has to do with Wayland and full screen games.

  With the cursor going invisible it is impossible to play the games.
  have to exit the games to get back the cursor. Effectively cannot play
  games at all.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1970206/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1970459] Re: import of ca-certificate in browser does not work

[Seth Arnold]

I switched this from ca-certificates to firefox and chromium-browser,
since both browsers manage their own certificate lists and don't use the
system-provided ca-certificates. (You manage that with different tools,
see the first few lines of /etc/ca-certificates.conf for details.)

Thanks

** Package changed: ca-certificates (Ubuntu) => firefox (Ubuntu)

** Also affects: chromium-browser (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1970459

Title:
  import of ca-certificate in browser does not work

Status in chromium-browser package in Ubuntu:
  New
Status in firefox package in Ubuntu:
  New

Bug description:
  I tried to import a CA root certificate into both Firefox and Chrome.
  In Firefox, the import button just didn't do anything, in Chrome
  pressing "import" hangs up the browser. This means I can't reach the
  intranet of the company I work for.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: ca-certificates 20211016
  ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30
  Uname: Linux 5.15.0-27-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  ApportVersion: 2.20.11-0ubuntu82
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Apr 26 19:16:12 2022
  InstallationDate: Installed on 2022-04-23 (3 days ago)
  InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 
(20220419)
  PackageArchitecture: all
  SourcePackage: ca-certificates
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1970459/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1969593] Re: rules to prevent non-root users from rebooting not taken into account

[Seth Arnold]

** Also affects: systemd (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to policykit-1 in Ubuntu.
https://bugs.launchpad.net/bugs/1969593

Title:
  rules to prevent non-root users from rebooting not taken into account

Status in policykit-1 package in Ubuntu:
  New
Status in systemd package in Ubuntu:
  New

Bug description:
  On fresh Ubuntu Jammy installation, I add a 
"/etc/polkit-1/localauthority/90-mandatory.d/restriction.pkla" file with the 
following contents :
  [Disable power-off]
  Identity=unix-user:*
  Action=org.freedesktop.login1.power-off
  ResultActive=no
  ResultInactive=no
  ResultAny=no

  [Disable power-off when others are logged in]
  Identity=unix-user:*
  Action=org.freedesktop.login1.power-off-multiple-sessions
  ResultActive=no
  ResultInactive=no
  ResultAny=no

  [Disable_reboot]
  Identity=unix-user:*
  Action=org.freedesktop.login1.reboot
  ResultActive=no
  ResultInactive=no
  ResultAny=no

  [Disable_reboot_when_others_are_logged_in]
  Identity=unix-user:*
  Action=org.freedesktop.login1.reboot-multiple-sessions
  ResultActive=no
  ResultInactive=no
  ResultAny=no


  
  It must prevent non-root users from shutdowning and rebooting the system. But 
it only prevent shutdowning. Rebooting is still possible for a non-root user.

  We can see it using pkcheck command (as a non-root user) :
  $ pkcheck --action-id org.freedesktop.login1.power-off --process $PPID ; echo 
$?
  Not authorized.
  1
  $ pkcheck --action-id org.freedesktop.login1.reboot --process $PPID ; echo $?
  0

  
  As this problem can lead to unexpected reboot on multi-users systems (a 
disponibilty concern), I checked the "This bug is a security vulnerability" box.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: policykit-1 0.105-33
  ProcVersionSignature: Ubuntu 5.15.0-25.25-generic 5.15.30
  Uname: Linux 5.15.0-25-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Apr 20 10:53:27 2022
  InstallationDate: Installed on 2022-04-20 (0 days ago)
  InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 
(20220419)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no username)
   XDG_RUNTIME_DIR=
   LANG=fr_FR.UTF-8
   SHELL=/bin/bash
  SourcePackage: policykit-1
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1969593/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1969593] Re: rules to prevent non-root users from rebooting not taken into account

[Seth Arnold]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to policykit-1 in Ubuntu.
https://bugs.launchpad.net/bugs/1969593

Title:
  rules to prevent non-root users from rebooting not taken into account

Status in policykit-1 package in Ubuntu:
  New

Bug description:
  On fresh Ubuntu Jammy installation, I add a 
"/etc/polkit-1/localauthority/90-mandatory.d/restriction.pkla" file with the 
following contents :
  [Disable power-off]
  Identity=unix-user:*
  Action=org.freedesktop.login1.power-off
  ResultActive=no
  ResultInactive=no
  ResultAny=no

  [Disable power-off when others are logged in]
  Identity=unix-user:*
  Action=org.freedesktop.login1.power-off-multiple-sessions
  ResultActive=no
  ResultInactive=no
  ResultAny=no

  [Disable_reboot]
  Identity=unix-user:*
  Action=org.freedesktop.login1.reboot
  ResultActive=no
  ResultInactive=no
  ResultAny=no

  [Disable_reboot_when_others_are_logged_in]
  Identity=unix-user:*
  Action=org.freedesktop.login1.reboot-multiple-sessions
  ResultActive=no
  ResultInactive=no
  ResultAny=no


  
  It must prevent non-root users from shutdowning and rebooting the system. But 
it only prevent shutdowning. Rebooting is still possible for a non-root user.

  We can see it using pkcheck command (as a non-root user) :
  $ pkcheck --action-id org.freedesktop.login1.power-off --process $PPID ; echo 
$?
  Not authorized.
  1
  $ pkcheck --action-id org.freedesktop.login1.reboot --process $PPID ; echo $?
  0

  
  As this problem can lead to unexpected reboot on multi-users systems (a 
disponibilty concern), I checked the "This bug is a security vulnerability" box.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: policykit-1 0.105-33
  ProcVersionSignature: Ubuntu 5.15.0-25.25-generic 5.15.30
  Uname: Linux 5.15.0-25-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Apr 20 10:53:27 2022
  InstallationDate: Installed on 2022-04-20 (0 days ago)
  InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 
(20220419)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no username)
   XDG_RUNTIME_DIR=
   LANG=fr_FR.UTF-8
   SHELL=/bin/bash
  SourcePackage: policykit-1
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1969593/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1969118] Re: Certificate viewer shows extra bytes for RSA keys

[Seth Arnold]

Hello Mikko, thanks for the report; I believe that's working as
intended, those bytes are part of the DER encoding; there's an excellent
answer at https://crypto.stackexchange.com/a/19982/1400 that describes
the meanings of each of those bytes.

Thanks

** Information type changed from Private Security to Public Security

** Changed in: gcr (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gcr in Ubuntu.
https://bugs.launchpad.net/bugs/1969118

Title:
  Certificate viewer shows extra bytes for RSA keys

Status in gcr package in Ubuntu:
  Invalid

Bug description:
  When I view a x509 certificate using

  gcr-viewer .../path/to/certificate.pem

  and open the "Details" section and check the RSA public key
  information, the section that lists the public key renders extra 8
  bytes at the start and 5 bytes at the end which are not actually part
  of the key.

  I haven't tried if this happens with other file types except x509, or
  with encryption methods except RSA. The exact certificate I viewed can
  be downloaded from https://crt.sh/?d=6454583403 and the expected
  public key modulus should start with 00:b6:28:0b:44:... but the
  certificate viewer shows public key starting with bytes 30 82 01 0A 02
  82 01 01 00 B6 28 0B 44. Note the extra bytes 30 82 01 0A 02 82 01 01.
  The extra bytes seem to be static and do not change after re-lanching
  the viewer again. There are also extra bytes in the end of the
  displayed key.

  I'm marking this bug as a security vulnerability for now because

  (1) This tool is supposed to used to check encryption credentials, and
  (2) It's still unknown if this is some kind of 8 byte underflow/5 byte 
overflow or just a rendering problem. I'm not aware of the viewer writing extra 
bytes to any memory location so I would assume this is just a rendering issue.

  I'm fine with this issue being public so feel free to publish at your
  discretion.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: gcr 3.28.0-1
  ProcVersionSignature: Ubuntu 5.4.0-107.121~18.04.1-lowlatency 5.4.174
  Uname: Linux 5.4.0-107-lowlatency x86_64
  ApportVersion: 2.20.9-0ubuntu7.27
  Architecture: amd64
  CurrentDesktop: MATE
  Date: Thu Apr 14 15:47:18 2022
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2019-01-05 (1194 days ago)
  InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 
(20180725)
  SourcePackage: gcr
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gcr/+bug/1969118/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1967450] Re: When switching from 175% fractional scaling back to integer scaling, only a quarter of the screen is used

[Seth Arnold]

But who would keep that resolution when it sure *looks* broken? I can
understand the "it's not new and we don't know how to fix it" :) but
probably users won't know that they'll be fine after a reboot.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/1967450

Title:
  When switching from 175% fractional scaling back to integer scaling,
  only a quarter of the screen is used

Status in gnome-shell package in Ubuntu:
  Confirmed
Status in mutter package in Ubuntu:
  Confirmed

Bug description:
  Steps
  =

  - In Settings > Display, activate Fractional Scaling, and set it to 175%.
  - Deactivate fractional scaling and press Apply

  Expected results
  

  The screen goes back to 200% integer scaling

  
  Actual results
  ==

  Only the upper left quarter of the screen is being used.

  Workaround
  ==

  After pressing Apply, a popup asks if we want to keep changes or
  revert them.

  Pressing "Revert" does not revert anything, but actually updates the
  screen to use the full screen instead of just the upper left section,
  while remaining in 200% integer scaling!

  
  Information
  ===

  Version: Ubuntu Jammy Jellyfish (development branch) [Beta image]
  Release: 22.04

  Device: Dell Precision 7760 with Nvidia GPU
  CID: 202103-28858

  Third party software installed during installation

  Wayland in use.

  ii linux-generic-hwe-20.04 5.15.0.23.25 amd64 Complete Generic Linux kernel 
and headers
  ii linux-headers-5.15.0-23 5.15.0-23.23 all Header files related to Linux 
kernel version 5.15.0
  ii linux-headers-5.15.0-23-generic 5.15.0-23.23 amd64 Linux kernel headers 
for version 5.15.0 on 64 bit x86 SMP
  ii linux-headers-generic-hwe-20.04 5.15.0.23.25 amd64 Generic Linux kernel 
headers
  ii linux-image-5.15.0-23-generic 5.15.0-23.23 amd64 Signed kernel image 
generic
  ii linux-image-generic-hwe-20.04 5.15.0.23.25 amd64 Generic Linux kernel image
  ii linux-modules-5.15.0-23-generic 5.15.0-23.23 amd64 Linux kernel extra 
modules for version 5.15.0 on 64 bit x86 SMP
  ii linux-modules-extra-5.15.0-23-generic 5.15.0-23.23 amd64 Linux kernel 
extra modules for version 5.15.0 on 64 bit x86 SMP
  ii linux-modules-nvidia-510-5.15.0-23-generic 5.15.0-23.23+1 amd64 Linux 
kernel nvidia modules for version 5.15.0-23
  ii linux-modules-nvidia-510-generic-hwe-20.04 5.15.0-23.23+1 amd64 Extra 
drivers for nvidia-510 for the generic-hwe-20.04 flavour
  ii linux-objects-nvidia-510-5.15.0-23-generic 5.15.0-23.23+1 amd64 Linux 
kernel nvidia modules for version 5.15.0-23 (objects)
  ii linux-signatures-nvidia-5.15.0-23-generic 5.15.0-23.23+1 amd64 Linux 
kernel signatures for nvidia modules for version 5.15.0-23-generic

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: gnome-shell 42~beta-1ubuntu3
  ProcVersionSignature: Ubuntu 5.15.0-23.23-generic 5.15.27
  Uname: Linux 5.15.0-23-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  ApportVersion: 2.20.11-0ubuntu79
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Fri Apr  1 10:51:09 2022
  DisplayManager: gdm3
  GsettingsChanges:
   b'org.gnome.shell' b'welcome-dialog-last-shown-version' b"'42.beta'"
   b'org.gnome.desktop.input-sources' b'sources' b"[('xkb', 'us')]"
   b'org.gnome.desktop.interface' b'gtk-im-module' b"'gtk-im-context-simple'"
   b'org.gnome.desktop.privacy' b'report-technical-problems' b'true'
   b'org.gnome.mutter' b'experimental-features' b"['scale-monitor-framebuffer']"
  InstallationDate: Installed on 2022-04-01 (0 days ago)
  InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Beta amd64 
(20220329.1)
  RelatedPackageVersions: mutter-common 42~beta-1ubuntu2
  SourcePackage: gnome-shell
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1967450/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1966572] Re: Chromium Zero Day

[Seth Arnold]

B[], aha, you've received no Chromium updates since November 2021
because the author of that PPA hasn't provided any.

apt-file will report what files are in the Ubuntu package whether or not
you have it installed. It's very handy to see what files are in an
Ubuntu package without installing it.

dpkg -l will report what files are in the package that you've got
installed. It's the better tool if you have installed third-party
packages.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1966572

Title:
  Chromium Zero Day

Status in chromium-browser package in Ubuntu:
  Fix Released

Bug description:
  Please see: https://chromereleases.googleblog.com/2022/03/stable-
  channel-update-for-desktop_25.html

  Apparently this also affects the Chromium package and is being
  actively exploited in the wild:

  > [$TBD][1309225] High CVE-2022-1096: Type Confusion in V8. Reported
  by anonymous on 2022-03-23

  Please update from Version 97.0.4692.20 (last updated 2021-11-26) to
  latest.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1966572/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1966572] Re: Chromium Zero Day

[Seth Arnold]

The 20.04 LTS chromium-browser deb package exists only to install the
chromium snap and deliver a few files to the filesystem outside the snap
packaging system:

$ apt-file show chromium-browser
chromium-browser: /usr/bin/chromium-browser
chromium-browser: /usr/share/applications/chromium-browser.desktop
chromium-browser: /usr/share/apport/package-hooks/chromium-browser.py
chromium-browser: /usr/share/doc/chromium-browser/changelog.Debian.gz
chromium-browser: /usr/share/doc/chromium-browser/copyright
chromium-browser: /usr/share/icons/hicolor/128x128/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/22x22/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/24x24/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/256x256/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/48x48/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/64x64/apps/chromium-browser.png
chromium-browser: /usr/share/lintian/overrides/chromium-browser
chromium-browser: /usr/share/pixmaps/chromium-browser.png
$ 

The deb package doesn't need to be updated for snapd to automatically
install a chromium update when one is made available.

Check snap info chromium on your system to see if you've received the
update yet.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1966572

Title:
  Chromium Zero Day

Status in chromium-browser package in Ubuntu:
  Fix Released

Bug description:
  Please see: https://chromereleases.googleblog.com/2022/03/stable-
  channel-update-for-desktop_25.html

  Apparently this also affects the Chromium package and is being
  actively exploited in the wild:

  > [$TBD][1309225] High CVE-2022-1096: Type Confusion in V8. Reported
  by anonymous on 2022-03-23

  Please update from Version 97.0.4692.20 (last updated 2021-11-26) to
  latest.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1966572/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1961854] Re: Thunderbid saves accepted calendar events in different identity

[Seth Arnold]

Hello Bartłomiej, can you report this to the upstream developers? This
will need their input to address.

Thanks

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to thunderbird in Ubuntu.
https://bugs.launchpad.net/bugs/1961854

Title:
  Thunderbid saves accepted calendar events in different identity

Status in thunderbird package in Ubuntu:
  New

Bug description:
  When user have configured e.g:
  1. One self hosted e-mail
  2. One GMail account
  3. One Microsoft Office360 account with calendar

  When he will accept calendar event in 1 or 2 and the only available
  calendar (from Thunderbird perspective)  is 3, clicking the bluebar
  over e-mail to add calendar entry will save it in wrong identity(the
  3). As identities are also boundaries for control -this should be
  considered privacy threat.  E.g one can have private and business
  e-mail accounts in one Thunderbird where business ones could be
  inspected manually of automatically .

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1961854/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1963714] Re: Internal hard disk partition cannot be mounted manually

[Seth Arnold]

Hello Girish, there's some errors in your dmesg that make me think you
may have hardware problems. It's not clear, but it's possible. Also,
there's some packages in the Dependencies.txt marked with [origin:
unknown] that might be worth investigating.

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to udisks2 in Ubuntu.
https://bugs.launchpad.net/bugs/1963714

Title:
  Internal hard disk partition cannot be mounted manually

Status in udisks2 package in Ubuntu:
  New

Bug description:
  system crashed suddently after hard stop and start it

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: udisks2 2.8.4-1ubuntu2
  ProcVersionSignature: Ubuntu 4.15.0-136.140-generic 4.15.18
  Uname: Linux 4.15.0-136-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.21
  Architecture: amd64
  CasperMD5CheckResult: skip
  CurrentDesktop: ubuntu:GNOME
  CustomUdevRuleFiles: 70-snap.gnome-system-monitor.rules 60-vboxdrv.rules 
70-snap.canonical-livepatch.rules 70-snap.core.rules 
70-snap.gnome-characters.rules 70-snap.teams-for-linux.rules 
70-snap.gnome-logs.rules 70-snap.gnome-calculator.rules
  Date: Sat Mar  5 00:06:18 2022
  InstallationDate: Installed on 2018-10-31 (1220 days ago)
  InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
  MachineType: Acer Aspire ES1-521
  ProcEnviron:
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_IN
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-136-generic 
root=UUID=5088648c-9dc3-42d9-a5ab-30581e1951a4 ro quiet splash vt.handoff=1
  SourcePackage: udisks2
  Symptom: storage
  Title: Internal hard disk partition cannot be mounted manually
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 04/18/2016
  dmi.bios.vendor: Insyde Corp.
  dmi.bios.version: V1.07
  dmi.board.asset.tag: Base Board Asset Tag
  dmi.board.name: BELLEMERE_BE
  dmi.board.vendor: Acer
  dmi.board.version: V1.07
  dmi.chassis.asset.tag: Chassis Asset Tag
  dmi.chassis.type: 9
  dmi.chassis.vendor: Acer
  dmi.chassis.version: Chassis Version
  dmi.modalias: 
dmi:bvnInsydeCorp.:bvrV1.07:bd04/18/2016:svnAcer:pnAspireES1-521:pvrV1.07:rvnAcer:rnBELLEMERE_BE:rvrV1.07:cvnAcer:ct9:cvrChassisVersion:
  dmi.product.family: BE
  dmi.product.name: Aspire ES1-521
  dmi.product.version: V1.07
  dmi.sys.vendor: Acer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/udisks2/+bug/1963714/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1963861] Re: Can't tell what application will be launched with custom schemes

[Seth Arnold]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Public Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1963861

Title:
  Can't tell what application will be launched with custom schemes

Status in snapd:
  New
Status in firefox package in Ubuntu:
  New
Status in snapd package in Ubuntu:
  New

Bug description:
  If a url is opened such as:

  mailto:
  feed:

  The firefox snap package no longer shows what application will be
  launched. This means that websites can potentially trick a user to
  start applications.

To manage notifications about this bug go to:
https://bugs.launchpad.net/snapd/+bug/1963861/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1964118] Re: package nvidia-utils-510 (not installed) failed to install/upgrade: trying to overwrite '/usr/bin/nvidia-bug-report.sh', which is also in package nvidia-340 340.10

[Seth Arnold]

** Also affects: nvidia-graphics-drivers-340 (Ubuntu)
   Importance: Undecided
   Status: New

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nvidia-graphics-drivers-340 in Ubuntu.
https://bugs.launchpad.net/bugs/1964118

Title:
  package nvidia-utils-510 (not installed) failed to install/upgrade:
  trying to overwrite '/usr/bin/nvidia-bug-report.sh', which is also in
  package nvidia-340 340.108-0ubuntu5.20.04.2

Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in nvidia-graphics-drivers-510 package in Ubuntu:
  New

Bug description:
  nvidia rtx 3050 drivers

  ProblemType: Package
  DistroRelease: Ubuntu 20.04
  Package: nvidia-utils-510 (not installed)
  ProcVersionSignature: Ubuntu 5.13.0-30.33~20.04.1-generic 5.13.19
  Uname: Linux 5.13.0-30-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia
  ApportVersion: 2.20.11-0ubuntu27.21
  AptOrdering:
   libcuda1-340:amd64: Remove
   nvidia-opencl-icd-340:amd64: Remove
   libnvidia-compute-510:amd64: Install
   nvidia-utils-510:amd64: Install
   NULL: ConfigurePending
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Tue Mar  8 20:32:14 2022
  ErrorMessage: trying to overwrite '/usr/bin/nvidia-bug-report.sh', which is 
also in package nvidia-340 340.108-0ubuntu5.20.04.2
  InstallationDate: Installed on 2022-03-08 (0 days ago)
  InstallationMedia: Ubuntu 20.04.4 LTS "Focal Fossa" - Release amd64 (20220223)
  Python3Details: /usr/bin/python3.8, Python 3.8.10, python3-minimal, 
3.8.2-0ubuntu2
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.19.7ubuntu3
   apt  2.0.6
  SourcePackage: nvidia-graphics-drivers-510
  Title: package nvidia-utils-510 (not installed) failed to install/upgrade: 
trying to overwrite '/usr/bin/nvidia-bug-report.sh', which is also in package 
nvidia-340 340.108-0ubuntu5.20.04.2
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/+bug/1964118/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1963861] Re: Can't tell what application will be launched with custom schemes

[Seth Arnold]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1963861

Title:
  Can't tell what application will be launched with custom schemes

Status in snapd:
  New
Status in firefox package in Ubuntu:
  New
Status in snapd package in Ubuntu:
  New

Bug description:
  If a url is opened such as:

  mailto:
  feed:

  The firefox snap package no longer shows what application will be
  launched. This means that websites can potentially trick a user to
  start applications.

To manage notifications about this bug go to:
https://bugs.launchpad.net/snapd/+bug/1963861/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1963751] Re: focal security update 2.34.6-0ubuntu0.20.04.1 cannot be automatically installed due to new dependency

[Seth Arnold]

Hello Steve, thanks for the report; can you run a manual:

sudo apt update && sudo apt upgrade

and report back the apt output, which will give a better idea of what
exactly is holding back the upgrade?

Thanks

** Changed in: webkit2gtk (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to webkit2gtk in Ubuntu.
https://bugs.launchpad.net/bugs/1963751

Title:
  focal security update 2.34.6-0ubuntu0.20.04.1 cannot be automatically
  installed due to new dependency

Status in webkit2gtk package in Ubuntu:
  Incomplete

Bug description:
  Version: 2.34.6-0ubuntu0.20.04.1

  This security update for focal does not seem to be automatically
  upgradeable by unattended-upgrades:

  2022-03-05 14:32:35,653 WARNING package libwebkit2gtk-4.0-37 upgradable but 
fails to be marked for upgrade (E:Unable to correct problems, you have held 
broken packages.)
  2022-03-05 14:32:36,685 WARNING package libwebkit2gtk-4.0-37 upgradable but 
fails to be marked for upgrade (E:Unable to correct problems, you have held 
broken packages.)
  2022-03-05 14:32:38,031 INFO No packages found that can be upgraded 
unattended and no pending auto-removals
  2022-03-05 14:32:38,232 INFO Package libjavascriptcoregtk-4.0-18 is kept back 
because a related package is kept back or due to local apt_preferences(5).
  2022-03-05 14:32:38,382 INFO Package libwebkit2gtk-4.0-37 is kept back 
because a related package is kept back or due to local apt_preferences(5).

  apt-mark showhold lists no held packages, and there are no
  apt_preferences set. The actual cause seems to be an extra dependency
  on libopengl0 which has been added with the upgrade. Is this
  intentional?

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: libwebkit2gtk-4.0-37 2.34.6-0ubuntu0.20.04.1
  ProcVersionSignature: Ubuntu 5.4.0-100.113-generic 5.4.166
  Uname: Linux 5.4.0-100-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.21
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Sat Mar  5 14:39:24 2022
  InstallationDate: Installed on 2018-06-15 (1358 days ago)
  InstallationMedia: Xubuntu 18.04 LTS "Bionic Beaver" - Release amd64 
(20180426)
  ProcEnviron:
   TERM=screen.xterm-256color
   PATH=(custom, no user)
   LANG=en_GB.UTF-8
   SHELL=/bin/bash
  SourcePackage: webkit2gtk
  UpgradeStatus: Upgraded to focal on 2021-05-30 (278 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/webkit2gtk/+bug/1963751/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1963751] Re: focal security update 2.34.6-0ubuntu0.20.04.1 cannot be automatically installed due to new dependency

[Seth Arnold]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to webkit2gtk in Ubuntu.
https://bugs.launchpad.net/bugs/1963751

Title:
  focal security update 2.34.6-0ubuntu0.20.04.1 cannot be automatically
  installed due to new dependency

Status in webkit2gtk package in Ubuntu:
  New

Bug description:
  Version: 2.34.6-0ubuntu0.20.04.1

  This security update for focal does not seem to be automatically
  upgradeable by unattended-upgrades:

  2022-03-05 14:32:35,653 WARNING package libwebkit2gtk-4.0-37 upgradable but 
fails to be marked for upgrade (E:Unable to correct problems, you have held 
broken packages.)
  2022-03-05 14:32:36,685 WARNING package libwebkit2gtk-4.0-37 upgradable but 
fails to be marked for upgrade (E:Unable to correct problems, you have held 
broken packages.)
  2022-03-05 14:32:38,031 INFO No packages found that can be upgraded 
unattended and no pending auto-removals
  2022-03-05 14:32:38,232 INFO Package libjavascriptcoregtk-4.0-18 is kept back 
because a related package is kept back or due to local apt_preferences(5).
  2022-03-05 14:32:38,382 INFO Package libwebkit2gtk-4.0-37 is kept back 
because a related package is kept back or due to local apt_preferences(5).

  apt-mark showhold lists no held packages, and there are no
  apt_preferences set. The actual cause seems to be an extra dependency
  on libopengl0 which has been added with the upgrade. Is this
  intentional?

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: libwebkit2gtk-4.0-37 2.34.6-0ubuntu0.20.04.1
  ProcVersionSignature: Ubuntu 5.4.0-100.113-generic 5.4.166
  Uname: Linux 5.4.0-100-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.21
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Sat Mar  5 14:39:24 2022
  InstallationDate: Installed on 2018-06-15 (1358 days ago)
  InstallationMedia: Xubuntu 18.04 LTS "Bionic Beaver" - Release amd64 
(20180426)
  ProcEnviron:
   TERM=screen.xterm-256color
   PATH=(custom, no user)
   LANG=en_GB.UTF-8
   SHELL=/bin/bash
  SourcePackage: webkit2gtk
  UpgradeStatus: Upgraded to focal on 2021-05-30 (278 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/webkit2gtk/+bug/1963751/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1936907] Re: [MIR] ADSys

[Seth Arnold]

I reviewed adsys 0.8 as checked into jammy.  This shouldn't be
considered a full audit but rather a quick gauge of maintainability. As
usual with golang code, there's vastly more code in the package than we've
authored, and it's not feasible to review the entirety.

adsys allows network administrators to include Ubuntu systems in Windows
Group Policy ecosystem. There's easy support for a lot of individual
tunable elements, as well as generic support for running both machine and
user scripts on login, logout, etc.

- CVE History:
  none :)
- Build-Depends?
  Build-Depends: debhelper-compat (= 13),
   dh-apport,
   dh-golang,
   golang-go (>= 2:1.16~),
   libsmbclient-dev,
   libdbus-1-dev,
   python3,
   python3-samba,
   samba-dsdb-modules,
   libpam0g-dev,
   samba,
   dbus,
- pre/post inst/rm scripts?
  mostly added automatically by dh_ helpers; registers and unregisters pam
  module, enables systemd units, purges and unmasks systemd units, etc.
- init scripts?
  none
- systemd units?
  sets up socket activation, sets up timers, refreshes policies, runs
  machine scripts in machine units, runs user scripts in user units
- dbus services?
  none
- setuid binaries?
  none
- binaries in PATH?
  adsysd, adsysctl
- sudo fragments?
  /etc/sudoers.d/99-adsys-privilege-enforcement is under control of the
  application:

"%admin  ALL=(ALL) !ALL\n"
"%sudo   ALL=(ALL:ALL) !ALL\n"

contentSudo += fmt.Sprintf("\"%s\"  ALL=(ALL:ALL) ALL\n", e)

  these are very powerful; I'd appreciate a second set of eyes here :)

- polkit files?
  yes, seems reasonable
- udev rules?
  none
- unit tests / autopkgtests?
  yes, many tests, run during the build
- cron jobs?
  none, systemd timer units used instead
- Build logs:
  the shell completion files are dumped during build, it's a bit noisy,
  but otherwise looks clean

- Processes spawned?
  Yes -- pam module, copied from pam_exec.c
  Yes -- adsys spawned from the user manager will run scripts, seems okay
- Memory management?
  Most is golang, safe enough
  pam module has some memory leaks; when reported to upstream pam_exec.c
  folks, they appear to be leaning towards leaking even more memory :) so
  probably fine.
- File IO?
  Some issues, raised elsewhere.
- Logging?
  pam module looked fine
- Environment variable usage?
  NO_COLOR and KRB5CCNAME, seemed safe
- Use of privileged functions?
  chown
- Use of cryptography / random number sources etc?
  none
- Use of temp files?
  none
- Use of networking?
  grpc; to the extent I looked at it, it felt safe enough
- Use of WebKit?
  none
- Use of PolicyKit?
  yes, internal/authorizer/authorizer.go
  looks up process start time by searching *backwards* through
  /proc/pid/stat file for a ), then looking forward 19 fields. I didn't
  double-check the math but it sure sounds promising.

- Any significant cppcheck results?
  memory leaks in pam_adsys.c, upstream for inspiration pam_exec didn't seem 
bothered
- Any significant Coverity results?
  none
- Any significant shellcheck results?
  none
- Any significant bandit results?
  none

adsys is carefully written, well-documented, and didrocks and jibel were
very responsive to comments and feedback.

Security team ACK for promoting adsys to main.

I filed a few bugs along the way:

https://github.com/grpc/grpc-go/issues/5137
https://github.com/olekukonko/tablewriter/issues/199

And some miscellaneous notes I took:


Are there any conditions that can be added to adsys-boot.service to make
it less likely to spam the journal every five seconds for ten hours when on an 
airplane?

https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459

pam_adsys.c update_policy() arggv leak in fork() failure
pam_adsys.c update_machine_policy() arggv leak in fork() failure
pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to
work but I don't think that's how that API is supposed to be used
pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny

https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961458

[redacted]

./internal/policies/scripts/scripts.go -- typo %qto

./conf.example/adsys.yaml
./doc/5.-The-adsys-daemon.md
Both these use /tmp/adsysd/ .. paths in configuration files -- is this
the recommended way to use adsys? It'd be nice if the configs were "real",
production-ready, defaults, etc.


** Bug watch added: github.com/grpc/grpc-go/issues #5137
   https://github.com/grpc/grpc-go/issues/5137

** Bug watch added: github.com/olekukonko/tablewriter/issues #199
   https://github.com/olekukonko/tablewriter/issues/199

** Changed in: adsys (Ubuntu)
   Status: New => In Progress

** Changed in: adsys (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to adsys in Ubuntu.

[Desktop-packages] [Bug 1961459] Re: adsys pam issues

[Seth Arnold]

Heh, so Dmitry might actually remove the other 'free' calls in the error
paths :) -- and he spotted that the strdup() calls are unchecked:

https://github.com/linux-pam/linux-pam/issues/444

It might be worth mirroring whatever he decides to do.

Thanks

** Bug watch added: github.com/linux-pam/linux-pam/issues #444
   https://github.com/linux-pam/linux-pam/issues/444

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to adsys in Ubuntu.
https://bugs.launchpad.net/bugs/1961459

Title:
  adsys pam issues

Status in adsys package in Ubuntu:
  New

Bug description:
  These may not be security issues but it's possible I overlooked
  something; since they live in a security boundary I thought it worth
  reporting with a bit of hassle. If you'd rather work on this in the
  open, feel free to open this.

  pam_adsys.c update_policy() arggv leak in fork() failure
  pam_adsys.c update_machine_policy() arggv leak in fork() failure
  pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to
  work but I don't think that's how that API is supposed to be used
  pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny

  Thanks

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1961459] Re: adsys pam issues

[Seth Arnold]

Oh yes, the waitpid() stuff.. if it works in testing, leaving it alone
is probably fine then. Thanks.

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to adsys in Ubuntu.
https://bugs.launchpad.net/bugs/1961459

Title:
  adsys pam issues

Status in adsys package in Ubuntu:
  New

Bug description:
  These may not be security issues but it's possible I overlooked
  something; since they live in a security boundary I thought it worth
  reporting with a bit of hassle. If you'd rather work on this in the
  open, feel free to open this.

  pam_adsys.c update_policy() arggv leak in fork() failure
  pam_adsys.c update_machine_policy() arggv leak in fork() failure
  pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to
  work but I don't think that's how that API is supposed to be used
  pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny

  Thanks

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1961459] Re: adsys pam issues

[Seth Arnold]

Hah so I've got another bug to report then? :) Thanks!

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to adsys in Ubuntu.
https://bugs.launchpad.net/bugs/1961459

Title:
  adsys pam issues

Status in adsys package in Ubuntu:
  New

Bug description:
  These may not be security issues but it's possible I overlooked
  something; since they live in a security boundary I thought it worth
  reporting with a bit of hassle. If you'd rather work on this in the
  open, feel free to open this.

  pam_adsys.c update_policy() arggv leak in fork() failure
  pam_adsys.c update_machine_policy() arggv leak in fork() failure
  pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to
  work but I don't think that's how that API is supposed to be used
  pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny

  Thanks

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1957716] Re: Update for CVE-2021-43860 and second github advisory

[Seth Arnold]

** Also affects: flatpak (Ubuntu Focal)
   Importance: Undecided
   Status: New

** Also affects: flatpak (Ubuntu Impish)
   Importance: Undecided
   Status: New

** Also affects: flatpak (Ubuntu Bionic)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to flatpak in Ubuntu.
https://bugs.launchpad.net/bugs/1957716

Title:
  Update for CVE-2021-43860 and second github advisory

Status in flatpak package in Ubuntu:
  In Progress
Status in flatpak source package in Bionic:
  New
Status in flatpak source package in Focal:
  New
Status in flatpak source package in Impish:
  New

Bug description:
  [Links]
  https://github.com/flatpak/flatpak/security/advisories/GHSA-qpjc-vq3c-572j
  https://github.com/flatpak/flatpak/security/advisories/GHSA-8ch7-5j3h-g4fx
  https://security-tracker.debian.org/tracker/CVE-2021-43860

  [Impact]
  Versions in Ubuntu right now:
  Jammy: 1.12.2-2
  Impish: 1.10.2-3ubuntu0.1
  Focal: 1.6.5-0ubuntu0.4
  Bionic: 1.0.9-0ubuntu0.4

  Affected versions:
  all

  Patched versions:
  1.12.3, 1.10.6

  [Test Case]
  Unknown

  [Regression Potential]
  Flatpak has a test suite, which is run on build across all relevant 
architectures and passes.

  There is also a manual test plan
  https://wiki.ubuntu.com/Process/Merges/TestPlan/flatpak .

  Flatpak has autopkgtests enabled
  http://autopkgtest.ubuntu.com/packages/f/flatpak .

  Regression potential is low, and upstream is very responsive to any
  issues raised.

  [Patches]
  There are two separate github advisories but only one of them has a CVE.

  The advisory with the CVE has 5 patches, the other has 2 patches.

  
  [Other Information]

  For the first advisory with the CVE:

  Ryan Gonzalez discovered that Flatpak doesn't properly validate that
  the permissions displayed to the user for an app at install time match
  the actual permissions granted to the app at runtime, in the case that
  there's a null byte in the metadata file of an app. Therefore apps can
  grant themselves permissions without the consent of the user.

  Flatpak shows permissions to the user during install by reading them
  from the "xa.metadata" key in the commit metadata. This cannot contain
  a null terminator, because it is an untrusted GVariant. Flatpak
  compares these permissions to the actual metadata, from the "metadata"
  file to ensure it wasn't lied to.

  However, the actual metadata contents are loaded in several places
  where they are read as simple C-style strings. That means that, if the
  metadata file includes a null terminator, only the content of the file
  from before the terminator gets compared to xa.metadata. Thus, any
  permissions that appear in the metadata file after a null terminator
  are applied at runtime but not shown to the user. Maliciously crafted
  apps can use this to give themselves hidden permissions.

  In addition, a similar weakness was discovered, where if the
  permissions in the summary metadata are invalid, they would not be
  displayed to the user, but the the actual permissions would be
  granted, even though it didn't match the invalid version.


  For the second advisory:

  flatpak-builder applies finish-args last in the build. At this point
  the build directory will have the full access that is specified in the
  manifest, so running flatpak build against it will gain that
  permissions. Normally this will not be done, so this is not problem.
  However, if --mirror-screenshots-url is specified, then flatpak-
  builder will launch flatpak build --nofilesystem=host appstream-utils
  mirror-screenshots after finalization, which can lead to issues even
  with the --nofilesystem=host protection.


  These changes result in a behaviour change as debian have noted in
  their changelog:

* Behaviour changes, as a result of how GHSA-8ch7-5j3h-g4fx was fixed:
  - --nofilesystem=host is now special-cased to negate all --filesystem
permissions. Previously, it would cancel out --filesystem=host but
not --filesystem=/some/dir.
  - --nofilesystem=home is now special-cased to negate several
home-directory-related filesystem permssions such as
--filesystem=xdg-config/foo, not just --filesystem=host.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1957716/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1853977] Re: nvidia-340 dpkg: error: version '-' has bad syntax: revision number is empty

[Seth Arnold]

Hello Alberto, any chance for a fix for this issue? Users are still
finding this issue. In #ubuntu, 25 December 2021:

Sat 25 00:12:58 < sem> if you're curious this is the dryrun: 
https://pastebin.ubuntu.com/p/N7kP5Z4mRj/
Sat 25 00:15:32 < Bashing-om> sem: I do want to know - looking ^ ,
Sat 25 00:17:13 < sem> do you think this message is relevant? "dpkg: error: 
version '-' has bad syntax: revision number is empty" 
https://pastebin.ubuntu.com/p/PGj9rjzKXF/


Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nvidia-graphics-drivers-340 in Ubuntu.
https://bugs.launchpad.net/bugs/1853977

Title:
  nvidia-340 dpkg: error: version '-' has bad syntax: revision number is
  empty

Status in linux package in Ubuntu:
  Confirmed
Status in nvidia-graphics-drivers package in Ubuntu:
  Confirmed
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  Confirmed

Bug description:
  Hello,

  When installing `nvidia-340` there is an error is the postinst script:

  philippe@pv-desktop:~$ sudo apt install --reinstall nvidia-340
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  0 to upgrade, 0 to newly install, 1 reinstalled, 0 to remove and 7 not to 
upgrade.
  Need to get 0 B/51.9 MB of archives.
  After this operation, 0 B of additional disk space will be used.
  (Reading database ... 309892 files and directories currently installed.)
  Preparing to unpack .../nvidia-340_340.107-0ubuntu0.18.04.4_amd64.deb ...
  Stopping nvidia-persistenced
  nvidia-persistenced: no process found
  Done.
  (snip)
  Setting up nvidia-340 (340.107-0ubuntu0.18.04.4) ...
  dpkg: error: version '-' has bad syntax: revision number is empty
  dpkg: error: version '-' has bad syntax: revision number is empty
  update-initramfs: deferring update (trigger activated)
  INFO:Enable nvidia-340
  DEBUG:Parsing /usr/share/ubuntu-drivers-common/quirks/put_your_quirks_here
  DEBUG:Parsing /usr/share/ubuntu-drivers-common/quirks/lenovo_thinkpad
  DEBUG:Parsing /usr/share/ubuntu-drivers-common/quirks/dell_latitude
  Loading new nvidia-340-340.107 DKMS files...
  Building for 4.15.0-70-generic
  Building for architecture x86_64
  Building initial module for 4.15.0-70-generic
  Done.

  The comment at https://askubuntu.com/questions/969352/uninstalling-
  and-then-reinstalling-nvidia-384-kills-colord tells us that
  /var/lib/dpkg/info/nvidia-340.postinst has a typo: replace $KERNELS
  with $CURRENT_KERNEL then `dpkg-reconfigure nvidia-340` works as
  expected.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1853977/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1955081] Re: Right-click on terminal causing no demand to enter user's password

[Seth Arnold]

(At least I think gnome-shell is the current place to put the
screenlocker bugs, please let me know if it's not.)

See also LP: #49579

Thanks

** Information type changed from Private Security to Public Security

** Package changed: ubuntu => gnome-shell (Ubuntu)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/1955081

Title:
  Right-click on terminal causing no demand to enter user's password

Status in gnome-shell package in Ubuntu:
  New

Bug description:
  If I press right-click on a terminal supporting right click mouse
  options, e.g. gnome-terminal, Konsole, and then I close the laptop
  Lid. the pc goes in suspend mode, and that is correct.

  But when I wake up again from suspend mode, the screensaver/screenlock
  program is not demanding to enter user's password.

  I tested the vulnerability on Ubuntu 20.04.2 LTS and Kali Linux
  2021.4.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1955081/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1952548] Re: package libgdk-pixbuf2.0-0:i386 2.40.0+dfsg-3ubuntu0.2 failed to install/upgrade: el paquete está en un estado muy malo e inconsistente - debe reinstalarlo antes

[Seth Arnold]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gdk-pixbuf in Ubuntu.
https://bugs.launchpad.net/bugs/1952548

Title:
  package libgdk-pixbuf2.0-0:i386 2.40.0+dfsg-3ubuntu0.2 failed to
  install/upgrade: el paquete está en un estado muy malo e inconsistente
  - debe reinstalarlo  antes de intentar desinstalarlo.

Status in gdk-pixbuf package in Ubuntu:
  New

Bug description:
  System is onto an infinite bucle

  ProblemType: Package
  DistroRelease: Ubuntu 20.04
  Package: libgdk-pixbuf2.0-0:i386 2.40.0+dfsg-3ubuntu0.2
  ProcVersionSignature: Ubuntu 5.11.0-40.44~20.04.2-generic 5.11.22
  Uname: Linux 5.11.0-40-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.21
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Sun Nov 28 09:15:56 2021
  DpkgTerminalLog:
   dpkg: error al procesar el paquete libgdk-pixbuf2.0-0:i386 
(--remove):
el paquete está en un estado muy malo e inconsistente - debe reinstalarlo
antes de intentar desinstalarlo.
   dpkg: demasiados errores, parando
  ErrorMessage: el paquete está en un estado muy malo e inconsistente - debe 
reinstalarlo  antes de intentar desinstalarlo.
  InstallationDate: Installed on 2021-11-19 (8 days ago)
  InstallationMedia: Ubuntu 20.04.3 LTS "Focal Fossa" - Release amd64 (20210819)
  PackageArchitecture: i386
  Python3Details: /usr/bin/python3.8, Python 3.8.10, python3-minimal, 
3.8.2-0ubuntu2
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.19.7ubuntu3
   apt  2.0.6
  SourcePackage: gdk-pixbuf
  Title: package libgdk-pixbuf2.0-0:i386 2.40.0+dfsg-3ubuntu0.2 failed to 
install/upgrade: el paquete está en un estado muy malo e inconsistente - debe 
reinstalarlo  antes de intentar desinstalarlo.
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/1952548/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1853977] Re: nvidia-340 dpkg: error: version '-' has bad syntax: revision number is empty

[Seth Arnold]

Users are still finding this issue. In #ubuntu, 3 November 2021:

 https://justpaste.it/97emx

Thanks

** Also affects: nvidia-graphics-drivers-340 (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nvidia-graphics-drivers-340 in Ubuntu.
https://bugs.launchpad.net/bugs/1853977

Title:
  nvidia-340 dpkg: error: version '-' has bad syntax: revision number is
  empty

Status in linux package in Ubuntu:
  Confirmed
Status in nvidia-graphics-drivers package in Ubuntu:
  Confirmed
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New

Bug description:
  Hello,

  When installing `nvidia-340` there is an error is the postinst script:

  philippe@pv-desktop:~$ sudo apt install --reinstall nvidia-340
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  0 to upgrade, 0 to newly install, 1 reinstalled, 0 to remove and 7 not to 
upgrade.
  Need to get 0 B/51.9 MB of archives.
  After this operation, 0 B of additional disk space will be used.
  (Reading database ... 309892 files and directories currently installed.)
  Preparing to unpack .../nvidia-340_340.107-0ubuntu0.18.04.4_amd64.deb ...
  Stopping nvidia-persistenced
  nvidia-persistenced: no process found
  Done.
  (snip)
  Setting up nvidia-340 (340.107-0ubuntu0.18.04.4) ...
  dpkg: error: version '-' has bad syntax: revision number is empty
  dpkg: error: version '-' has bad syntax: revision number is empty
  update-initramfs: deferring update (trigger activated)
  INFO:Enable nvidia-340
  DEBUG:Parsing /usr/share/ubuntu-drivers-common/quirks/put_your_quirks_here
  DEBUG:Parsing /usr/share/ubuntu-drivers-common/quirks/lenovo_thinkpad
  DEBUG:Parsing /usr/share/ubuntu-drivers-common/quirks/dell_latitude
  Loading new nvidia-340-340.107 DKMS files...
  Building for 4.15.0-70-generic
  Building for architecture x86_64
  Building initial module for 4.15.0-70-generic
  Done.

  The comment at https://askubuntu.com/questions/969352/uninstalling-
  and-then-reinstalling-nvidia-384-kills-colord tells us that
  /var/lib/dpkg/info/nvidia-340.postinst has a typo: replace $KERNELS
  with $CURRENT_KERNEL then `dpkg-reconfigure nvidia-340` works as
  expected.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1853977/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1948339] Re: Logon screen can be bypassed using various shortcuts

[Seth Arnold]

Your daughter does good work :)

Thanks

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1948339

Title:
  Logon screen can be bypassed using various shortcuts

Status in Ubuntu MATE:
  New
Status in arctica-greeter package in Ubuntu:
  New
Status in lightdm package in Ubuntu:
  New
Status in mate-settings-daemon package in Ubuntu:
  New

Bug description:
  Hi,

  my little daughter discovered a logon screen bypass in Ubuntu Mate
  21.10 after hitting the keyboard for a while.

  It turns out that several keyboard shortcuts are allowed while Ubuntu
  Mate is locked (arctica-greeter):

  - Mod4 + S (mate-search-tool)
  - Mod4 + E (Open Caja / File Explorer)
  - CTRL + Shift + Esc (mate-system-monitor)
  - PRNT (Screenshot)

  All of the mentioned shortcuts could be used to spawn a file explorer
  (Caja) or various other binaries as user "lightdm", who owns the logon
  screen.

  Although an interactive terminal like mate-terminal, xterm, lxterm
  etc. could not be opened directly, there are various options to run
  commands as the lightdm user, for example by creating a shell script
  using "caja", and execute it directly using the GUI.

  I've attached Proof-of-Concept GIFs for all shortcuts mentioned above.
  There might be additional shortcuts that could be used to achieve the
  same, however I'm not aware about every shortcut that is configured,
  but I suppose that the root cause is located somewhere in arctica-
  greeter, rather than within every single binary launched by shortcuts.

  The bug was reproduced on a fresh installation of Ubuntu Mate 21.10. I
  haven't tested other versions of Ubuntu Mate yet.

  Please find additional version details below:

  $ apt-cache policy lightdm

  lightdm:
    Installed: 1.30.0-0ubuntu4
    Candidate: 1.30.0-0ubuntu4
    Version table:
   *** 1.30.0-0ubuntu4 500
  500 http://de.archive.ubuntu.com/ubuntu impish/universe amd64 Packages
  100 /var/lib/dpkg/status

  $ apt-cache policy arctica-greeter

  arctica-greeter:
    Installed: 0.99.1.5-2nmu1
    Candidate: 0.99.1.5-2nmu1
    Version table:
   *** 0.99.1.5-2nmu1 500
  500 http://de.archive.ubuntu.com/ubuntu impish/universe amd64 Packages
  100 /var/lib/dpkg/status

  Thanks,
  Basti

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-mate/+bug/1948339/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1947857] Re: ubuntu-drivers devices

[Seth Arnold]

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ubuntu-drivers-common in Ubuntu.
https://bugs.launchpad.net/bugs/1947857

Title:
  ubuntu-drivers devices

Status in ubuntu-drivers-common package in Ubuntu:
  Incomplete

Bug description:
  Output of "ubuntu-drivers devices" in the same VM:

  mac@mac-VirtualBox:~$ sudo ubuntu-drivers devices
  [sudo] password for mac: 
  == /sys/devices/pci:00/:00:04.0 ==
  modalias : pci:v80EEdCAFEsvsdbc08sc80i00
  vendor   : InnoTek Systemberatung GmbH
  model: VirtualBox Guest Service
  manual_install: True
  driver   : virtualbox-guest-dkms - distro non-free
  driver   : virtualbox-guest-dkms-hwe - distro non-free

  == /sys/devices/pci:00/:00:02.0 ==
  modalias : pci:v15ADd0405sv15ADsd0405bc03sc00i00
  vendor   : VMware
  model: SVGA II Adapter
  manual_install: True
  driver   : open-vm-tools-desktop - distro free

  Output of "sudo ubuntu-drivers install"

  mac@mac-VirtualBox:~$ sudo ubuntu-drivers install
  [sudo] password for mac: 
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  Some packages could not be installed. This may mean that you have
  requested an impossible situation or if you are using the unstable
  distribution that some required packages have not yet been created
  or been moved out of Incoming.
  The following information may help to resolve the situation:

  The following packages have unmet dependencies:
   virtualbox-guest-dkms-hwe : Conflicts: virtualbox-guest-dkms
  E: Unable to correct problems, you have held broken packages.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-drivers-common/+bug/1947857/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1947642] [NEW] ipv6 enabled despite 'disabled' setting?

[Seth Arnold]

Public bug reported:

Hello,

Periodically our OpenVPN sessions fail in such a way that automated
tooling that talks to Launchpad will take minutes before timing out.

See https://portal.admin.canonical.com/132804 for details.

We've found that manually disabling ipv6 helps, eg:

sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1

The network-manager-openvpn portion of the bug is that we've got IPv6
set to "disabled" in the network manager vpn GUI. Somehow this isn't
sufficient on its own. The sysctl does the trick.

Thanks

ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: network-manager-openvpn 1.8.12-1
ProcVersionSignature: Ubuntu 5.4.0-77.86-generic 5.4.119
Uname: Linux 5.4.0-77-generic x86_64
NonfreeKernelModules: lkp_Ubuntu_5_4_0_77_86_generic_81 
lkp_Ubuntu_5_4_0_77_86_generic_79 zfs zunicode zavl icp zcommon znvpair
ApportVersion: 2.20.11-0ubuntu27.20
Architecture: amd64
CasperMD5CheckResult: skip
Date: Mon Oct 18 23:55:49 2021
SourcePackage: network-manager-openvpn
UpgradeStatus: Upgraded to focal on 2020-01-24 (633 days ago)

** Affects: network-manager-openvpn (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug focal

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to network-manager-openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/1947642

Title:
  ipv6 enabled despite 'disabled' setting?

Status in network-manager-openvpn package in Ubuntu:
  New

Bug description:
  Hello,

  Periodically our OpenVPN sessions fail in such a way that automated
  tooling that talks to Launchpad will take minutes before timing out.

  See https://portal.admin.canonical.com/132804 for details.

  We've found that manually disabling ipv6 helps, eg:

  sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1

  The network-manager-openvpn portion of the bug is that we've got IPv6
  set to "disabled" in the network manager vpn GUI. Somehow this isn't
  sufficient on its own. The sysctl does the trick.

  Thanks

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: network-manager-openvpn 1.8.12-1
  ProcVersionSignature: Ubuntu 5.4.0-77.86-generic 5.4.119
  Uname: Linux 5.4.0-77-generic x86_64
  NonfreeKernelModules: lkp_Ubuntu_5_4_0_77_86_generic_81 
lkp_Ubuntu_5_4_0_77_86_generic_79 zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.11-0ubuntu27.20
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Mon Oct 18 23:55:49 2021
  SourcePackage: network-manager-openvpn
  UpgradeStatus: Upgraded to focal on 2020-01-24 (633 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/1947642/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1892559] Re: [MIR] ccid opensc pcsc-lite

[Seth Arnold]

Now that the security team has some new hires, we're looking at reviving
this series of tasks. Looking through the bug I have come up with the
following outstanding items:

- Add a .symbols file to opensc
- try to add vsmartcard-vpicc + vsmartcard-vpcd autopkgtests
- a formal list of 'supported cards' that we will test with and expect to work
- try to address the awkward path of libraries, /lib/pam_pkcs11/
- make pcscd not run as root 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930530

Did I overlook anything?

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to pcsc-lite in Ubuntu.
https://bugs.launchpad.net/bugs/1892559

Title:
  [MIR] ccid opensc pcsc-lite

Status in ccid package in Ubuntu:
  New
Status in opensc package in Ubuntu:
  Incomplete
Status in pam-pkcs11 package in Ubuntu:
  Invalid
Status in pcsc-lite package in Ubuntu:
  New
Status in pcsc-perl package in Ubuntu:
  Invalid
Status in pcsc-tools package in Ubuntu:
  Invalid

Bug description:
  ==> ccid <==
  [Availability]
  ccid is in universe, and builds on all architectures.

  [Rationale]
  The desktop team and security team are interested in bringing smartcard
  authentication to enterprise desktop environments.

  [Security]
  No CVEs for ccid are listed in our database.
  Doesn't appear to bind to a socket.
  No privileged executables, but does have udev rules.
  Probably needs a security review.

  [Quality assurance]
  No test suite.
  Does require odd hardware that we'll probably need to buy.
  I don't see debconf questions.
  ccid is well maintained in Debian by upstream author.
  One open wishlist bug in BTS, harmless.

  One open bug in launchpad, not security, but looks very frustrating
  for the users. The upstream author was engaged but it never reached
  resolution.  https://bugs.launchpad.net/ubuntu/+source/ccid/+bug/1175465

  Has a debian/watch file.
  Quilt packaging.

  P: ccid source: no-dep5-copyright
  P: ccid source: package-uses-experimental-debhelper-compat-version 13

  [Dependencies]
  Minimal dependencies, in main

  [Standards compliance]
  Appears to satisfy FHS and Debian policy

  [Maintenance]
  The desktop team will subscribe to bugs, however it is expected that the
  security team will assist with security-relevant questions.

  [Background information]
  ccid provides drivers to interact with usb-connected smart card readers.

  ==> libpam-pkcs11 <==
  [Availability]
  Source package pam-pkcs11 is in universe and builds on all architectures.

  [Rationale]
  The desktop team and security team are interested in bringing smartcard
  authentication to enterprise desktop environments.

  [Security]
  No CVEs in our database.
  Doesn't appear to bind to sockets.
  No privileged executables (but is a PAM module).
  As a PAM module this will require a security review.

  [Quality assurance]
  The package does not call pam-auth-update in its postinst #1650366
  Does not ask questions during install.
  One Ubuntu bug claims very poor behaviour if a card isn't plugged in.
  No Debian bugs.
  Occasional updates in Debian by long-term maintainer.
  Does require odd hardware that we'll probably need to buy.
  Does not appear to run tests during build.
  Has scary warnings in the build logs.
  Has a debian/watch file.

  Ancient standards version; other smaller lintian messages, mostly
  documentation problems.

  Quilt packaging.

  [Dependencies]
  Depends on libcurl4, libldap-2.4-2, libpam0g, libpcsclite1, libssl1.1
  All are in main.

  [Standards compliance]
  The package does not call pam-auth-update in its postinst #1650366
  Otherwise looks to conform to FHS and Debian policies

  [Maintenance]
  The desktop team will subscribe to bugs, however it is expected that the
  security team will assist with security-relevant questions.

  [Background information]
  This PAM module can use CRLs and full-chain verification of certificates.
  It can also do LDAP, AD, and Kerberos username mapping.

  ==> libpcsc-perl <==
  [Availability]
  Source package pcsc-perl is in universe, builds for all architectures,
  plus i386

  [Rationale]
  The desktop team and security team are interested in bringing smartcard
  authentication to enterprise desktop environments.

  [Security]
  There are no cves for pcsc-perl in our database.
  No privileged executables.
  Doesn't appear to bind to sockets.
  Probably needs a security review.

  [Quality assurance]
  Library package not intended to be used directly.
  No debconf questions.
  No bugs in Debian.
  No bugs in Ubuntu.
  Does require odd hardware that we'll probably need to buy.
  Tests exist, not run during the build; probably can't run during the build.
  Includes debian/watch file.
  A handful of lintian issues
  Quilt packaging.

  [Dependencies]
  libpcsc-perl depends upon libpcsclite1, libc6, perl, perlapi-5.30.0.
  All are in main.

  [Standards compliance]
  One oddity, Card.pod is stored in 

[Desktop-packages] [Bug 1943480] [NEW] flatpak installation permission requirements different from ubuntu software

[Seth Arnold]

*** This bug is a security vulnerability ***

Public security bug reported:

https://lists.ubuntu.com/archives/technical-board/2021-June/002560.html

The flatpak tools in Ubuntu have different rules for installing packages
than we use in our software center or snap tools:
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1812456/comments/14

My summary:
- polkit 'admin' users can configure new flatpak remotes, authenticated by
  password
- unix 'wheel' group users can install and remove packages from configured
  flatpak remotes, without password

This is in contrast to our apt and snap configuration, where only updates
can be installed without authentication, but new packages require using
sudo or a polkit 'admin' authentication to ensure a human is in the loop.

Several arguments for leaving it alone:
- the status quo
- existing documentation
- consistency in the flatpak ecosystem regardless of distribution
- maintaining a delta from Debian for this would carry long-term costs

Several arguments for making changes:
- consistency in the Ubuntu experience
- the wheel group has historical usage; growing the privileges available
  to the group in this fashion may not be welcome at all sites
- installing software is often a restricted operation at many sites

Possible changes:
- always require password authentication when installing or removing
  packages
- change the group that has magical unauthenticated powers
- change the ubuntu software center and / or snap to match flatpak
- document the behaviour in hardening guides and sysadmin guides

Of course there may be reasons for, reasons against, or possible changes
that I did not consider.

At least one flavour is intending to include flatpaks via a deb post-inst
script, perhaps in their default install, so the scope is extending a
bit beyond the status quo "people who have chosen to install flatpak":
https://lists.ubuntu.com/archives/ubuntu-release/2021-June/005235.html

** Affects: flatpak (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to flatpak in Ubuntu.
https://bugs.launchpad.net/bugs/1943480

Title:
  flatpak installation permission requirements different from ubuntu
  software

Status in flatpak package in Ubuntu:
  New

Bug description:
  https://lists.ubuntu.com/archives/technical-
  board/2021-June/002560.html

  The flatpak tools in Ubuntu have different rules for installing packages
  than we use in our software center or snap tools:
  https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1812456/comments/14

  My summary:
  - polkit 'admin' users can configure new flatpak remotes, authenticated by
password
  - unix 'wheel' group users can install and remove packages from configured
flatpak remotes, without password

  This is in contrast to our apt and snap configuration, where only updates
  can be installed without authentication, but new packages require using
  sudo or a polkit 'admin' authentication to ensure a human is in the loop.

  Several arguments for leaving it alone:
  - the status quo
  - existing documentation
  - consistency in the flatpak ecosystem regardless of distribution
  - maintaining a delta from Debian for this would carry long-term costs

  Several arguments for making changes:
  - consistency in the Ubuntu experience
  - the wheel group has historical usage; growing the privileges available
to the group in this fashion may not be welcome at all sites
  - installing software is often a restricted operation at many sites

  Possible changes:
  - always require password authentication when installing or removing
packages
  - change the group that has magical unauthenticated powers
  - change the ubuntu software center and / or snap to match flatpak
  - document the behaviour in hardening guides and sysadmin guides

  Of course there may be reasons for, reasons against, or possible changes
  that I did not consider.

  At least one flavour is intending to include flatpaks via a deb post-inst
  script, perhaps in their default install, so the scope is extending a
  bit beyond the status quo "people who have chosen to install flatpak":
  https://lists.ubuntu.com/archives/ubuntu-release/2021-June/005235.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1943480/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1942542] Re: gedit causes loss of extended attributes (xattrs)

[Seth Arnold]

Nice find Alex; can you please report this to upstream gedit, and report
back the bug url here so we can link them together?

Thanks

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gedit in Ubuntu.
https://bugs.launchpad.net/bugs/1942542

Title:
  gedit causes loss of extended attributes (xattrs)

Status in gedit package in Ubuntu:
  New

Bug description:
  Ubuntu 21.04 hirsute
  gedit 3.38.1-1

  If a file with extended attributes (xattrs) is edited and saved with
  gedit, the xattrs are lost. This problem - as well as the loss of
  birth time, reported in
  https://bugs.launchpad.net/ubuntu/+source/gedit/+bug/1940758 - seems
  to be caused by gedit creating a new file when saving. Compare this
  with nano, which does not destroy xattrs.

  Steps to reproduce:
  1 echo testing > testfile.txt
  2 setfattr -n user.test -v "this is my test xattr" testfile.txt
  3 getfattr -d testfile.txt
  # file: testfile.txt
  user.test="this is my test xattr"
  4 gedit testfile.txt
  make edit and save
  5 getfattr -d testfile.txt
  no output

  This bug also causes a loss of ACLs for the edited file, as they are
  stored as extended attributes. Because of this I am marking this bug
  as a security vulnerability.

  This bug is not limited to gedit; it applies to a number of other text
  editors.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gedit/+bug/1942542/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking

[Seth Arnold]

omid, this bug report covers too many unrelated packages to be useful at
this point.

If you're still seeing desktop contents during resume with a currently
supported version of Ubuntu, please file a new bug report with details
on the specific packages you're using and steps to reproduce the issue.
There's no guarantee that it can be addressed but a new bug report with
one specific configuration has a chance. Bug reports are free. Specific
bugs can get fixed. Bugs that collect a bunch of unrelated things are
rarely fixed, there's just too much noise to find anything useful.

Because this bug (among several related bugs) returns in one or more
screenlocker / desktop environment every year or two, the reliable
answer is to always manually lock the screen before walking away from
the computer.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to gnome-shell in Ubuntu.
https://bugs.launchpad.net/bugs/1532508

Title:
  Screen contents revealed briefly on resume, before even unlocking

Status in GNOME Shell:
  Unknown
Status in Ubuntu GNOME:
  Confirmed
Status in gdm3 package in Ubuntu:
  Confirmed
Status in gnome-shell package in Ubuntu:
  Confirmed
Status in unity package in Ubuntu:
  Fix Released
Status in unity source package in Xenial:
  Fix Released
Status in gnome-shell package in Debian:
  Confirmed

Bug description:
  [Impact]

  When lock is enabled, the screen doesn't get blank/covered by
  lockscreen before suspending, thus on early resume the content might
  be shown.

  Video showing the bug: https://youtu.be/dDOgtK1MldI

  Reproduced on Ubuntu 2015.10, Ubuntu 2014.04

  [Test case]

  1. Work on highly secret files
  2. Close the lid of your laptop and go have a break
  3. Anyone who opens the lid of the laptop can see the secret files for a half 
second before the lock screen appears

  [Possible Regression]

  Content on screen isn't painted anymore and screen stays black.

To manage notifications about this bug go to:
https://bugs.launchpad.net/gnome-shell/+bug/1532508/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1941945] Re: nvidia-340 340.108-0ubuntu5.20.04.2: nvidia-340 kernel module failed to build

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nvidia-graphics-drivers-340 in Ubuntu.
https://bugs.launchpad.net/bugs/1941945

Title:
  nvidia-340 340.108-0ubuntu5.20.04.2: nvidia-340 kernel module failed
  to build

Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New

Bug description:
  I don't the issue details. I got a pop-up saying, there's a crash
  report while updating nvidia (driver). Hence, I'm submitting it.

  ProblemType: Package
  DistroRelease: Ubuntu 20.04
  Package: nvidia-340 340.108-0ubuntu5.20.04.2
  ProcVersionSignature: Ubuntu 5.8.0-63.71~20.04.1-generic 5.8.18
  Uname: Linux 5.8.0-63-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.20.11-0ubuntu27.18
  Architecture: amd64
  CasperMD5CheckResult: skip
  DKMSKernelVersion: 5.11.0-27-generic
  Date: Sat Aug 28 15:33:00 2021
  InstallationDate: Installed on 2021-07-03 (55 days ago)
  InstallationMedia: Ubuntu 20.04.2.0 LTS "Focal Fossa" - Release amd64 
(20210209.1)
  PackageVersion: 340.108-0ubuntu5.20.04.2
  Python3Details: /usr/bin/python3.8, Python 3.8.10, python3-minimal, 
3.8.2-0ubuntu2
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.19.7ubuntu3
   apt  2.0.6
  SourcePackage: nvidia-graphics-drivers-340
  Title: nvidia-340 340.108-0ubuntu5.20.04.2: nvidia-340 kernel module failed 
to build
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/+bug/1941945/+subscriptions


-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1892454] Re: [MIR] libostree-1-1

[Seth Arnold]

I reviewed ostree 2020.8-2 as checked into hirsute.  This shouldn't be
considered a full audit but rather a quick gauge of maintainability. I
didn't make any effort to find which portion of the sources correspond
with the exact binary package that is under discussion.

ostree is a tool to manage giant farms of hardlinks and boot configurations
with a goal of providing transactional system updates, complete with
chain-of-trust using gpg.

I did not inspect ostree from this perspective at all -- the security team
is not interested in supporting ostree as a system management tool.

- CVE History:
  None in our database
- Build-Depends?
  Includes gpg, libgpgme-dev, among others
- pre/post inst/rm scripts?
  The ostree and ostree-boot package maintainer scripts have some dracut
  and grub configuration file handling, systemd service management, and
  will update the initrams
- init scripts?
  None
- systemd units?
  Not inspected, only in ostree-boot and ostree-tests
- dbus services?
  None
- setuid binaries?
  None
- sudo fragments?
  None
- polkit files?
  None
- udev rules?
  None
- unit tests / autopkgtests?
  Some tests run during the build, not inspected
- cron jobs?
  None
- Build logs:
  A lot of doc warnings; nothing code-related stood out

- Processes spawned?
  A lot of process spawning; some using arrays, some using strings with
  quoted filenames (presumably so the user could put pipelines into EDITOR
  or VISUAL environment variables)
- Memory management?
  Stack allocation is used a lot more often than I'd like.
  Because it's C, there's necessarily a lot of memory management and some
  of it is very fiddly. I'm pretty sure I found bugs, though maybe they
  just lead to crashes and memory leaks.
- File IO?
  Extensive file IO -- some file operations rely upon umask having a
  sane value for the files to have sane permissions. File paths come
  from packages. A lot of operations are done on files as instructed by
  whatever is the equivalent of packages -- xattrs, setuid/setgid bits,
  etc. It's basically a full package manager tool. The inputs must
  be safe.
- Logging?
  Extensive logging; I did spot-checks and didn't find errors.
- Environment variable usage?
  Moderate use, some are validated and some are used as-is without any
  verification at all. Probably fine.
- Use of privileged functions?
  Extensive. ostree is a general system management tool. Spot checks of
  calls looked careful but I did not do full call hierarchy checks to see
  if all inputs to privileged functions were properly sanitized.
- Use of cryptography / random number sources etc?
  Uses an embedded soup to do some https validation. It wasn't obvious
  that it's correct but it did go to effort to pass the system CA store,
  so someone at least tried.
- Use of temp files?
  I'm slightly worried about the random number use for XX files; it is
  using non-cryptographic tool. It's probably fine and I'm a worry-wart.
- Use of networking?
  Yes, some, I didn't closely inspect it. What I did see looked primarily
  client-oriented rather than server-oriented
- Use of WebKit?
  None
- Use of PolicyKit?
  None

- Any significant cppcheck results?
  None
- Any significant Coverity results?
  Some issues, maybe just crashes, but might be worse. A lot of false
  positives.
- Any significant shellcheck results?
  None
- Any significant bandit results?
  None

Security team ACK for promoting strictly libostree-1-1 to main and with
the understanding that we're not supporting the ostree system management
in any way.

I've elided the notes I made while reading this, pending feedback from Red
Hat's security team. I don't like that there's no listed way to report
security issues.

Thanks

** Changed in: ostree (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

** Changed in: ostree (Ubuntu)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1892454

Title:
  [MIR] libostree-1-1

Status in ostree package in Ubuntu:
  In Progress

Bug description:
  Many applications have Flatpak integration using libflatpak. The
  Ubuntu desktop team would like libflatpak in main so we can easily
  build such applications (LP: #1812456). libostree-1-1 is a dependency
  of this, so it would also need to be in main. We don't need OSTree
  functionality, and do not expect any other OSTree packages to be
  installed by default.

  Availability
  
  In Universe, builds for all architectures and in sync with Debian.

  Rationale
  =
  Required for libflatpak0 being in main (LP: #1812456)

  Security
  
  This will need a Security review.

  Quality Assurance
  =
  Should be subscribed to by Ubuntu Desktop Bugs.

  Contains a single .so and doesn't have any debconf prompts. Package is
  maintained in Debian. No major bugs in Debian or Ubuntu.

[Desktop-packages] [Bug 1812456] Re: [MIR] libflatpak0

[Seth Arnold]

I reviewed flatpak 1.10.2-1ubuntu1 as checked into hirsute.  This shouldn't be
considered a full audit but rather a quick gauge of maintainability.

flatpak is an application packaging and sandbox tool.

- CVE History:
  we have six cves in our database, they appear to have been handled well,
  quickly, and even proactively when a snapd issue was found they went
  looking for the same flaw family.

  The coverity discoveries I reported to them were handled pretty well
  considering it was a bit of a firehose; they said they were going to set
  up the free coverity scan instance to keep a handle on issues going
  forward.
- Build-Depends?
  enough that listing them all feels useless; uses gnupg, fuse, dbus,
  bubblewrap, malcontent, polkit, libxml2, ostree -- complicated code with
  tendrils.
- pre/post inst/rm scripts?
  mostly automatically added contents; creates _flatpak user; populates
  the catalog during install; seems safe
- init scripts?
  none
- systemd units?
  system flatpak-system-helper.service
  user flatpak-oci-authenticator.service
  user flatpak-portal.service
  user flatpak-session-helper.service
- dbus services?
  several, start the system helper service, portal service, oci
  authenticator service, session helper service
- setuid binaries?
  none
- binaries in PATH?
  in flatpak, flatpak
  in libflatpak-dev flatpak-bisect, flatpak-coredumpctl
- sudo fragments?
  only in documentation
- polkit files?
  extensive polkit rules, someone else giving them a double-check would be
  wonderful. I'm not sure I like this:

  - Normal users need admin authentication to install software
system-wide.
  - Note that we install polkit rules that allow local users
in the wheel group to install without authenticating.

- udev rules?
  none
- unit tests / autopkgtests?
  A huge and uncertain number of tests are run during the build. There's a
  flatpak-tests binary package, I have no idea what it does, but it might
  also come in handy.
- cron jobs?
  none
- Build logs:
  A fair number of things, but for the size of the project a pretty
  reasonable ratio.

- Processes spawned?
  Significant spawning other processes; I'm concerned about parsing the
  .desktop files but didn't find any issues in my simple tests.
  Historically glib-based programs have done a decent job in this area.
- Memory management?
  Significant use of autofree tooling. Coverity reported some memory
  leaks, but they were all small and temporary, and upstream fixed them
  the 'right' way very quickly and enthusiastically.
- File IO?
  skipped
- Logging?
  spot checks look fine
- Environment variable usage?
  OSTREE_DEBUG_HTTP environment variable asks soup to log http bodies
  FLATPAK_GL_DRIVERS looks like it can give alternative paths to drivers
  FLATPAK_BWRAP looks like it can replace bubblewrap
  FLATPAK_SYSTEM_CACHE_DIR is used to create mode 755 directory
  FLATPAK_SYSTEM_HELPER_ON_SESSION switches between system and session dbus
  FLATPAK_TRIGGERSDIR indicates a directory of 'triggers' to run
  FLATPAK_REVOKEFS_FUSE selects an executable to use when revoking a fuse mount
  SSH_AUTH_SOCK appears to be copied to applications
  PCSCLITE_CSOCK_NAME appears to be copied to applications
  CUPS_SERVER causes local cups servers to be used
  PULSE_SERVER and PULSE_CLIENTCONFIG and PULSE_RUNTIME_PATHmodify pulse in the 
applications
  DBUS_SYSTEM_BUS_ADDRESS selects a dbus system bus
  DBUS_SESSION_BUS_ADDRESS selects a dbus session bus
  FLATPAK_DBUSPROXY executes a program to serve as a dbus proxy
  LD_LIBRARY_PATH appears to pass through to applications
  XDG_DESKTOP_PORTAL_DIR selects a directory of portal applications
  BROWSER selects a web browser to use
  FLATPAK_VALIDATE_ICON selects a tool to validate icons
  ... it goes on. A huge number of things can be configured via
  environment variables.
- Use of privileged functions?
  Yes, most looked good, questions sent to flatpak team
- Use of cryptography / random number sources etc?
  Uses SoupSession
- Use of temp files?
  Seemed fine
- Use of networking?
  Yes, a lot, spot checks looked fine
- Use of WebKit?
  None
- Use of PolicyKit?
  yes polkit_unix_process_new_for_owner() is used (should be safe)

- Any significant cppcheck results?
  One small issue
- Any significant Coverity results?
  I can't recall now just how significant they were, but many of them were
  handled very quickly when reported, and upstream expressed an interest
  in using the free coverity service, which is promising.
- Any significant shellcheck results?
  only in tests and autotools
- Any significant bandit results?
  only in tests, ignored

Security team gives a provisional ACK for libflatpak0 to be promoted
to main -- though I think we need a discussion about the 'allow wheel
users to install software without authentication'. That's unusual and
unexpected. We may ask for these to be tightened.

It's large, and complicated, and intricate, but upstream has been

[Desktop-packages] [Bug 1812456] Re: [MIR] libflatpak0

[Seth Arnold]

There's something from the polkit rules that worries me. I don't think
we want the rules to be this open. Could someone more conversant with
polkit rules give them a read and report back if this is something we
really want?

Something that specifically worried me:

  - Normal users need admin authentication to install software
system-wide.
  - Note that we install polkit rules that allow local users
in the wheel group to install without authenticating.


Thanks

** Bug watch added: gitlab.gnome.org/GNOME/libglnx/-/issues #2
   https://gitlab.gnome.org/GNOME/libglnx/-/issues/2

** Bug watch added: github.com/flatpak/flatpak/issues #4223
   https://github.com/flatpak/flatpak/issues/4223

** Bug watch added: github.com/flatpak/flatpak/issues #4224
   https://github.com/flatpak/flatpak/issues/4224

** Bug watch added: github.com/flatpak/flatpak/issues #4233
   https://github.com/flatpak/flatpak/issues/4233

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1812456

Title:
  [MIR] libflatpak0

Status in flatpak package in Ubuntu:
  New

Bug description:
  Many applications have Flatpak integration using libflatpak. The
  Ubuntu desktop team would like libflatpak0 in main so we can easily
  build such applications. It takes a lot of work to make these
  dependencies optional and sometimes that is not possible. We don't
  need the Flatpak functionality to work by default and do not expect
  any other Flatpak packages to be installed by default.

  Default packages that have flatpak integration:
  - gnome-control-center (application panel).
  - malcontent (parental controls)

  Availability
  
  In Universe, builds for all architectures and in sync with Debian.

  Rationale
  =
  Multiple default packages have libflatpak as a dependency, including 
malcontent (LP: #1892456).

  Security
  
  This will need a Security review.

  https://security-tracker.debian.org/tracker/source-package/flatpak

  There have been two CVEs, both have been fixed in all supported Ubuntu
  releases.

  More recently, there is LP: #1815528

  Quality Assurance
  =
  Bug subscriber: should be Ubuntu Desktop Bugs

  https://bugs.launchpad.net/ubuntu/+source/flatpak
  https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=flatpak
  https://github.com/flatpak/flatpak/issues

  tests are run as build tests (with dh_auto_test) and installed autopkgtests 
on Debian and Ubuntu.
  https://ci.debian.net/packages/f/flatpak
  http://autopkgtest.ubuntu.com/packages/f/flatpak

  UI Standards
  
  N/A

  Dependencies
  
  All in main except for libostree-1-1 (LP: #1892454)

  Standards Compliance
  
  Package uses standards version 4.5.0.

  Maintenance
  ===
  - Actively developed upstream
  https://github.com/flatpak/flatpak

  - Maintained in Debian by the pkg-utopia team but more specifically,
  it is maintained by Simon McVittie (smcv) who maintains Flatpak,
  ostree, xdg-dbus-proxy, xdg-desktop-portal and xdg-desktop-portal-gtk.

  short dh7 style rules, dh compat 10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1812456/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1886092] Re: libreoffice doesn't list gpg private key for a digital signature due to apparmor

[Seth Arnold]

Marcelo, you can see which versions of libreoffice are packaged in which
Ubuntu releases via the libreoffice source package page on launchpad
https://launchpad.net/ubuntu/+source/libreoffice

There's a link at the bottom of that page to help you explore versions
that might be published in PPAs.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libreoffice in Ubuntu.
https://bugs.launchpad.net/bugs/1886092

Title:
  libreoffice doesn't list gpg private key for a digital signature due
  to apparmor

Status in libreoffice package in Ubuntu:
  Fix Released
Status in libreoffice source package in Focal:
  Confirmed
Status in libreoffice source package in Groovy:
  New
Status in libreoffice source package in Hirsute:
  Fix Released

Bug description:
  LibreOffice should be able to digitally sign a document with a GPG
  private key in the GPG key chain. However, the key is not listed in
  the list of certificates shown following the menu File - Digital
  Signatures - Digital Signatures... - Sign Document..., after, e.g.,
  creating and saving a document on LibreOffice Writer.

  This seems to be because apparmor doesn't allow LibreOffice to
  communicate with GPG agent. /var/log/syslog shows lines like:

  Jul  1 15:15:14 misoan kernel: [20238.265212] audit: type=1400
  audit(1593652514.311:333): apparmor="DENIED" operation="connect"
  profile="libreoffice-soffice//gpg" name="/run/user/1001/gnupg/S.gpg-
  agent" pid=23725 comm="gpg" requested_mask="wr" denied_mask="wr"
  fsuid=1001 ouid=1001

  Locally, I could make LibreOffice show the GPG private key with the
  following change against
  /etc/apparmor.d/usr.lib.libreoffice.program.soffice.bin

  --- apparmor.d.20200702/usr.lib.libreoffice.program.soffice.bin   
2019-10-03 10:31:21.0 -1000
  +++ apparmor.d/usr.lib.libreoffice.program.soffice.bin2020-07-02 
08:59:44.516754728 -1000
  @@ -223,6 +223,7 @@
   
   owner @{HOME}/.gnupg/* r,
   owner @{HOME}/.gnupg/random_seed rk,
  +owner /{,var/}run/user/*/** rw,
 }
   
 # probably should become a subprofile like gpg above, but then it doesn't

  Tested with the following packages on Xfce4
  $ lsb_release -rd
  Description:  Ubuntu 20.04 LTS
  Release:  20.04
  $ apt-cache policy libreoffice-common | grep Installed
Installed: 1:6.4.3-0ubuntu0.20.04.1
  $ apt-cache policy gpg gpg-agent | grep -B1 Installed
  gpg:
Installed: 2.2.19-3ubuntu2
  --
  gpg-agent:
Installed: 2.2.19-3ubuntu2
  $ apt-cache policy apparmor | grep Installed
Installed: 2.13.3-7ubuntu5.1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1886092/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Re: [Desktop-packages] [apparmor] [Bug 1928360] Re: Switch to Fcitx 5 for Chinese

[Seth Arnold]

On Sat, Jun 05, 2021 at 01:27:19AM -, Gunnar Hjalmarsson wrote:
> It means that it explicitly looks for the fcitx 5 gtk im module, while
> Chromium only has access to the fcitx 4 one.

Oh! Excellent debugging to find the root cause.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to language-selector in Ubuntu.
https://bugs.launchpad.net/bugs/1928360

Title:
  Switch to Fcitx 5 for Chinese

Status in Lubuntu default settings:
  New
Status in Snappy:
  New
Status in Ubuntu Kylin:
  In Progress
Status in im-config package in Ubuntu:
  New
Status in language-selector package in Ubuntu:
  Fix Released

Bug description:
  In Debian 11 Fcitx 5 will be the default IM framework for Chinese on
  non-GNOME desktops. I can think it's time to make the equivalent
  changes in Ubuntu 21.10 as well.

  I'd appreciate input on the topic from the Ubuntu Kylin team as well
  as other Chinese speaking users.

To manage notifications about this bug go to:
https://bugs.launchpad.net/lubuntu-default-settings/+bug/1928360/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1930579] Re: package libvdpau1 1.3-1ubuntu2 failed to install/upgrade: intentando sobreescribir el compartido `/etc/vdpau_wrapper.cfg', que es distinto de otras instancias del

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libvdpau in Ubuntu.
https://bugs.launchpad.net/bugs/1930579

Title:
  package libvdpau1 1.3-1ubuntu2 failed to install/upgrade: intentando
  sobreescribir el compartido `/etc/vdpau_wrapper.cfg', que es distinto
  de otras instancias del paquetes libvdpau1:amd64

Status in libvdpau package in Ubuntu:
  New

Bug description:
  It happens every time I start the system

  ProblemType: Package
  DistroRelease: Ubuntu 20.04
  Package: libvdpau1 1.3-1ubuntu2
  ProcVersionSignature: Ubuntu 5.8.0-53.60~20.04.1-generic 5.8.18
  Uname: Linux 5.8.0-53-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.18
  Architecture: amd64
  CasperMD5CheckResult: skip
  CompositorRunning: None
  Date: Tue Jun  1 18:08:05 2021
  DistUpgraded: Fresh install
  DistroCodename: focal
  DistroVariant: ubuntu
  DkmsStatus: nvidia, 460.73.01, 5.8.0-53-generic, x86_64: installed
  ErrorMessage: intentando sobreescribir el compartido 
`/etc/vdpau_wrapper.cfg', que es distinto de otras instancias del paquetes 
libvdpau1:amd64
  GraphicsCard:
   Intel Corporation HD Graphics 5500 [8086:1616] (rev 09) (prog-if 00 [VGA 
controller])
 Subsystem: Acer Incorporated [ALI] HD Graphics 5500 [1025:098a]
 Subsystem: Acer Incorporated [ALI] GK208BM [GeForce 920M] [1025:098b]
  InstallationDate: Installed on 2021-06-01 (0 days ago)
  InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423)
  MachineType: Acer Aspire E5-573G
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.8.0-53-generic 
root=UUID=6ae46f6e-4613-41c8-8428-3c6c3408fd90 ro quiet splash vt.handoff=7
  Python3Details: /usr/bin/python3.8, Python 3.8.5, python3-minimal, 
3.8.2-0ubuntu2
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.19.7ubuntu3
   apt  2.0.5
  SourcePackage: libvdpau
  Title: package libvdpau1 1.3-1ubuntu2 failed to install/upgrade: intentando 
sobreescribir el compartido `/etc/vdpau_wrapper.cfg', que es distinto de otras 
instancias del paquetes libvdpau1:amd64
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 02/16/2016
  dmi.bios.release: 0.0
  dmi.bios.vendor: Insyde Corp.
  dmi.bios.version: V1.37
  dmi.board.asset.tag: Type2 - Board Asset Tag
  dmi.board.name: ZORO_BH
  dmi.board.vendor: Acer
  dmi.board.version: Type2 - A01 Board Version
  dmi.chassis.type: 10
  dmi.chassis.vendor: Chassis Manufacturer
  dmi.chassis.version: Chassis Version
  dmi.ec.firmware.release: 1.8
  dmi.modalias: 
dmi:bvnInsydeCorp.:bvrV1.37:bd02/16/2016:br0.0:efr1.8:svnAcer:pnAspireE5-573G:pvrV3.72:rvnAcer:rnZORO_BH:rvrType2-A01BoardVersion:cvnChassisManufacturer:ct10:cvrChassisVersion:
  dmi.product.family: BDW
  dmi.product.name: Aspire E5-573G
  dmi.product.sku: Aspire E5-573G_098A_1_37
  dmi.product.version: V3.72
  dmi.sys.vendor: Acer
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.102-1ubuntu1~20.04.1
  version.libgl1-mesa-dri: libgl1-mesa-dri 20.2.6-0ubuntu0.20.04.1
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core 2:1.20.9-2ubuntu1.2~20.04.2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20200226-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.16-1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvdpau/+bug/1930579/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1930528] Re: Mozilla Firefox Multiple Vulnerabilities

[Seth Arnold]

Hello, Firefox was updated in:

https://ubuntu.com/security/notices/USN-4978-1

Thanks

** Information type changed from Private Security to Public Security

** Changed in: firefox (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1930528

Title:
  Mozilla Firefox Multiple Vulnerabilities

Status in firefox package in Ubuntu:
  Fix Released

Bug description:
  CVE Numbers

  CVE‑2021‑29961  , CVE‑2021‑29967
   ,
  CVE‑2021‑29966  , CVE‑2021‑29965
  

  Description

  Multiple vulnerabilities have been reported in Mozilla Firefox, which
  can be exploited by malicious people to conduct spoofing attacks,
  bypass certain security restrictions, and compromise a vulnerable
  system.

  1

  Some errors related to memory safety can be exploited to corrupt
  memory.

  2

  Some further errors related to memory safety can be exploited to
  corrupt memory.

  Successful exploitation of the vulnerabilities #1 and #2 may allow
  execution of arbitrary code.

  3

  An error related to domain spoofing within the built-in password
  manager can be exploited to suggest otherwise restricted passwords for
  the currently active website.

  Note: The vulnerability #3 affects the Android platform only.

  4

  An error when styling and rendering an oversized "select" element can
  be exploited to conduct spoofing attacks.

  The vulnerabilities are reported in versions prior to 89.0.

  Affected Software

  The following software is affected by the described vulnerability.
  Please check the vendor links below to see if exactly your version is
  affected.

  Mozilla Firefox 88.x

  Solution

  Upgrade to version 89.0

  References

  1. https://www.mozilla.org/en-US/security/advisories/mfsa2021-23
  

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1930528/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1928360] Re: Switch to Fcitx 5 for Chinese

[Seth Arnold]

Gunnar, indeed, it had much less in it than I expected; I don't know
much about the snap packaging for Chromium, but it looked to me like it
was trying to do bluetooth things and that's all that was denied.

I'm no fcitx expert but I didn't think it looked related.

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to language-selector in Ubuntu.
https://bugs.launchpad.net/bugs/1928360

Title:
  Switch to Fcitx 5 for Chinese

Status in Lubuntu default settings:
  New
Status in Ubuntu Kylin:
  In Progress
Status in apparmor package in Ubuntu:
  New
Status in language-selector package in Ubuntu:
  Fix Released

Bug description:
  In Debian 11 Fcitx 5 will be the default IM framework for Chinese on
  non-GNOME desktops. I can think it's time to make the equivalent
  changes in Ubuntu 21.10 as well.

  I'd appreciate input on the topic from the Ubuntu Kylin team as well
  as other Chinese speaking users.

To manage notifications about this bug go to:
https://bugs.launchpad.net/lubuntu-default-settings/+bug/1928360/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Re: [Desktop-packages] [apparmor] [Bug 1928360] Re: Switch to Fcitx 5 for Chinese

[Seth Arnold]

On Tue, May 18, 2021 at 07:39:48PM -, Gunnar Hjalmarsson wrote:
> On 2021-05-16 22:23, Gunnar Hjalmarsson wrote:
> > As regards apparmor it's possible that no change is needed.
> 
> Well, I simply tested with the Chromium snap. fcitx5 does not work in
> Chromium, while fcitx4 does. So something needs to be done.

Excellent, can you paste the DENIED lines from your test into the bug
report?

Thanks

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to language-selector in Ubuntu.
https://bugs.launchpad.net/bugs/1928360

Title:
  Switch to Fcitx 5 for Chinese

Status in Lubuntu default settings:
  New
Status in Ubuntu Kylin:
  New
Status in apparmor package in Ubuntu:
  New
Status in language-selector package in Ubuntu:
  In Progress

Bug description:
  In Debian 11 Fcitx 5 will be the default IM framework for Chinese on
  non-GNOME desktops. I can think it's time to make the equivalent
  changes in Ubuntu 21.10 as well.

  I'd appreciate input on the topic from the Ubuntu Kylin team as well
  as other Chinese speaking users.

To manage notifications about this bug go to:
https://bugs.launchpad.net/lubuntu-default-settings/+bug/1928360/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1892559] Re: [MIR] ccid libpam-pkcs1 libpcsc-perl opensc pcsc-tools pcsc-lite

[Seth Arnold]

Thanks Marco, I'll take pam-pkcs11 off our todo list. (This can be
reversed, of course. If it turns out to be necessary for something,
someone shout. :)

Thanks

** Changed in: pam-pkcs11 (Ubuntu)
   Status: New => Invalid

** Changed in: pam-pkcs11 (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to pcsc-lite in Ubuntu.
https://bugs.launchpad.net/bugs/1892559

Title:
  [MIR] ccid libpam-pkcs1 libpcsc-perl opensc pcsc-tools pcsc-lite

Status in ccid package in Ubuntu:
  New
Status in opensc package in Ubuntu:
  Incomplete
Status in pam-pkcs11 package in Ubuntu:
  Invalid
Status in pcsc-lite package in Ubuntu:
  New
Status in pcsc-perl package in Ubuntu:
  Invalid
Status in pcsc-tools package in Ubuntu:
  Invalid

Bug description:
  ==> ccid <==
  [Availability]
  ccid is in universe, and builds on all architectures.

  [Rationale]
  The desktop team and security team are interested in bringing smartcard
  authentication to enterprise desktop environments.

  [Security]
  No CVEs for ccid are listed in our database.
  Doesn't appear to bind to a socket.
  No privileged executables, but does have udev rules.
  Probably needs a security review.

  [Quality assurance]
  No test suite.
  Does require odd hardware that we'll probably need to buy.
  I don't see debconf questions.
  ccid is well maintained in Debian by upstream author.
  One open wishlist bug in BTS, harmless.

  One open bug in launchpad, not security, but looks very frustrating
  for the users. The upstream author was engaged but it never reached
  resolution.  https://bugs.launchpad.net/ubuntu/+source/ccid/+bug/1175465

  Has a debian/watch file.
  Quilt packaging.

  P: ccid source: no-dep5-copyright
  P: ccid source: package-uses-experimental-debhelper-compat-version 13

  [Dependencies]
  Minimal dependencies, in main

  [Standards compliance]
  Appears to satisfy FHS and Debian policy

  [Maintenance]
  The desktop team will subscribe to bugs, however it is expected that the
  security team will assist with security-relevant questions.

  [Background information]
  ccid provides drivers to interact with usb-connected smart card readers.

  ==> libpam-pkcs11 <==
  [Availability]
  Source package pam-pkcs11 is in universe and builds on all architectures.

  [Rationale]
  The desktop team and security team are interested in bringing smartcard
  authentication to enterprise desktop environments.

  [Security]
  No CVEs in our database.
  Doesn't appear to bind to sockets.
  No privileged executables (but is a PAM module).
  As a PAM module this will require a security review.

  [Quality assurance]
  The package does not call pam-auth-update in its postinst #1650366
  Does not ask questions during install.
  One Ubuntu bug claims very poor behaviour if a card isn't plugged in.
  No Debian bugs.
  Occasional updates in Debian by long-term maintainer.
  Does require odd hardware that we'll probably need to buy.
  Does not appear to run tests during build.
  Has scary warnings in the build logs.
  Has a debian/watch file.

  Ancient standards version; other smaller lintian messages, mostly
  documentation problems.

  Quilt packaging.

  [Dependencies]
  Depends on libcurl4, libldap-2.4-2, libpam0g, libpcsclite1, libssl1.1
  All are in main.

  [Standards compliance]
  The package does not call pam-auth-update in its postinst #1650366
  Otherwise looks to conform to FHS and Debian policies

  [Maintenance]
  The desktop team will subscribe to bugs, however it is expected that the
  security team will assist with security-relevant questions.

  [Background information]
  This PAM module can use CRLs and full-chain verification of certificates.
  It can also do LDAP, AD, and Kerberos username mapping.

  ==> libpcsc-perl <==
  [Availability]
  Source package pcsc-perl is in universe, builds for all architectures,
  plus i386

  [Rationale]
  The desktop team and security team are interested in bringing smartcard
  authentication to enterprise desktop environments.

  [Security]
  There are no cves for pcsc-perl in our database.
  No privileged executables.
  Doesn't appear to bind to sockets.
  Probably needs a security review.

  [Quality assurance]
  Library package not intended to be used directly.
  No debconf questions.
  No bugs in Debian.
  No bugs in Ubuntu.
  Does require odd hardware that we'll probably need to buy.
  Tests exist, not run during the build; probably can't run during the build.
  Includes debian/watch file.
  A handful of lintian issues
  Quilt packaging.

  [Dependencies]
  libpcsc-perl depends upon libpcsclite1, libc6, perl, perlapi-5.30.0.
  All are in main.

  [Standards compliance]
  One oddity, Card.pod is stored in 
/usr/lib/x86_64-linux-gnu/perl5/5.30/Chipcard/PCSC/
  Many other perl packages have .pod files in these directory trees so maybe
  it's fine, but it seems funny all 

[Desktop-packages] [Bug 1923273] Re: libcaca buffer-overflow

[Seth Arnold]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libcaca in Ubuntu.
https://bugs.launchpad.net/bugs/1923273

Title:
  libcaca buffer-overflow

Status in libcaca package in Ubuntu:
  New

Bug description:
  Hello Ubuntu Security Team
  I use libfuzzer to test libcaca api .I found two crash

  - https://github.com/cacalabs/libcaca/issues/53

  - https://github.com/cacalabs/libcaca/issues/54

  
  ## Vendor of Product
  https://github.com/cacalabs/libcaca

  
  ## Affected Product Code Base
  libcaca e4968ba
  
  ## Affected Component
  affected component:libcaca.so
  
  ## Affected source code file
  affected source code file(As call stack):

 ->caca_export_canvas_to_memory()  in
  libcaca/caca/codec/export.c

 ->caca_export_memory()in
  libcaca/caca/codec/export.c

 -> export_tga()in  
libcaca/caca/codec/export.c

-> export_troff()   in  
libcaca/caca/codec/export.c

   
  ## Attack Type
  Context-dependent

  
  ## Impact Denial of Service
  true

  
  ## Reference
  https://github.com/cacalabs/libcaca

  
  ## Discoverer
  fdgnneig

  
  ## Verification process and POC

  ### Verification steps：

  1.Get the source code of libcaca:

  2.Compile the libcaca.so library:

  ```shell
  $ cd libcaca
  $ apt-get install automake libtool pkg-config -y
  $ ./bootstrap
  $ ./configure
  $ make

  3.Run POC.sh to compile poc_troff.cc 、poc_tga.cc

  4.Run POC

  
  POC.sh
  ```
  cat << EOF > poc_troff.cc
  #include "config.h"
  #include "caca.h"
  //#include "common-image.h"
  #include 
  #include 
  #include 
  #include 
  #include 
  #include 

  using namespace std;

  extern "C"  int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t
  Size) {

   if(Size<8) return 0;
   size_t len=0;
   char* buffer = (char*)malloc(Size+1);
   memset(buffer,0,Size);
   memcpy(buffer,Data,Size);
   buffer[Size]='\0';
   caca_canvas_t *cv;
   cv = caca_create_canvas(0,0);
   for(int i=0;i<4;i++)
 caca_create_frame(cv,0);
   for(int i=0;i<4;i++){
 caca_set_frame(cv,i);
 caca_import_canvas_from_memory(cv,buffer,strlen(buffer),"");
   }
   void* reData = caca_export_canvas_to_memory(cv,"troff",);
   if(reData!=NULL) free(reData);
   caca_free_canvas(cv);
   cv=NULL;
   free(buffer);
   buffer=NULL;

  }

  
  int main(int args,char* argv[]){

 size_t  len = 0;
 unsigned char buffer[] = 
{0x5f,0x20,0x6f,0x75,0x6e,0x64,0x0a,0x40,0x11};
 len = sizeof(buffer)/sizeof(unsigned char);
 LLVMFuzzerTestOneInput((const uint8_t*)buffer,len);
 printf("%d\n",sizeof(buffer)/sizeof(unsigned char));

 return 0;

  }
  EOF

  clang++ -g poc_troff.cc -O2 -fno-omit-frame-pointer -fsanitize=address
  -I./caca/ -lcaca -L./caca/.libs/ -Wl,-rpath,./caca/.libs/  -o
  poc_troff

  
  cat << EOF > poc_tga.cc
  #include "config.h"
  #include "caca.h"
  #include 
  #include 
  #include 
  #include 
  #include 
  #include 

  using namespace std;

  extern "C"  int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t
  Size) {

   if(Size<8) return 0;
   size_t len=0;
   char* buffer = (char*)malloc(Size+1);
   memset(buffer,0,Size);
   memcpy(buffer,Data,Size);
   buffer[Size]='\0';
   caca_canvas_t *cv;
   cv = caca_create_canvas(0,0);
   for(int i=0;i<4;i++)
 caca_create_frame(cv,0);
   for(int i=0;i<4;i++){
 caca_set_frame(cv,i);
 caca_import_canvas_from_memory(cv,buffer,strlen(buffer),"");
   }
   void* reData = caca_export_canvas_to_memory(cv,"tga",);
   if(reData!=NULL) free(reData);
   caca_free_canvas(cv);
   cv=NULL;
   free(buffer);
   buffer=NULL;
 return 0;
  }

  int main(int args,char* argv[]){

 size_t  len = 0;
 unsigned char buffer[] = 
{0x00,0xff,0xff,0x23,0x64,0x72,0x23,0x20,0x11};
 len = sizeof(buffer)/sizeof(unsigned char);
 LLVMFuzzerTestOneInput((const uint8_t*)buffer,len);
 printf("%d\n",sizeof(buffer)/sizeof(unsigned char));

 return 0;
  }
  EOF

  clang++ -g poc_tga.cc -O2 -fno-omit-frame-pointer -fsanitize=address  

[Desktop-packages] [Bug 1921552] Re: xscreensavers

[Seth Arnold]

Thank you for taking the time to report this bug and helping to make
Ubuntu better.  Reviewing your dmesg attachment to this bug report it
seems that there may be a problem with your hardware.  I'd recommend
performing a back up and then investigating the situation.  Measures you
might take include checking cable connections and using software tools
to investigate the health of your hardware.  In the event that is is not
in fact an error with your hardware please set the bug's status back to
New.  Thanks and good luck!

** Changed in: xorg (Ubuntu)
   Status: Fix Released => Invalid

** Changed in: xorg (Ubuntu)
   Importance: Undecided => Low

** Tags added: hardware-error

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1921552

Title:
  xscreensavers

Status in xorg package in Ubuntu:
  Invalid

Bug description:
  Something about 'daemon' or 'run demo'

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: xorg 1:7.7+19ubuntu14
  ProcVersionSignature: Ubuntu 5.4.0-70.78-generic 5.4.94
  Uname: Linux 5.4.0-70-generic x86_64
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.20.11-0ubuntu27.16
  Architecture: amd64
  CasperMD5CheckResult: skip
  CompizPlugins: No value set for 
`/apps/compiz-1/general/screen0/options/active_plugins'
  CompositorRunning: None
  Date: Fri Mar 26 16:31:19 2021
  DistUpgraded: 2021-01-08 14:56:49,798 DEBUG icon theme changed, re-reading
  DistroCodename: focal
  DistroVariant: ubuntu
  ExtraDebuggingInterest: I just need to know a workaround
  GraphicsCard:
   Advanced Micro Devices, Inc. [AMD/ATI] Wrestler [Radeon HD 6310] [1002:9802] 
(prog-if 00 [VGA controller])
 Subsystem: Lenovo Wrestler [Radeon HD 6310] [17aa:397f]
  InstallationDate: Installed on 2020-12-18 (98 days ago)
  InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 
(20140722.2)
  MachineType: LENOVO 2181
  ProcEnviron:
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-70-generic 
root=UUID=c44a1ac5-9dee-4bf8-a246-6303f68e5c24 ro quiet splash
  SourcePackage: xorg
  UpgradeStatus: Upgraded to focal on 2021-01-08 (77 days ago)
  dmi.bios.date: 10/02/2012
  dmi.bios.vendor: LENOVO
  dmi.bios.version: 6CCN93WW(V8.05)
  dmi.board.asset.tag: No Asset Tag
  dmi.board.name: Lenovo G585
  dmi.board.vendor: LENOVO
  dmi.board.version: 3193WIN8 STD MLT
  dmi.chassis.asset.tag: No Asset Tag
  dmi.chassis.type: 10
  dmi.chassis.vendor: LENOVO
  dmi.chassis.version: Lenovo G585
  dmi.modalias: 
dmi:bvnLENOVO:bvr6CCN93WW(V8.05):bd10/02/2012:svnLENOVO:pn2181:pvrLenovoG585:rvnLENOVO:rnLenovoG585:rvr3193WIN8STDMLT:cvnLENOVO:ct10:cvrLenovoG585:
  dmi.product.family: IDEAPAD
  dmi.product.name: 2181
  dmi.product.sku: LENOVO_MT_2181
  dmi.product.version: Lenovo G585
  dmi.sys.vendor: LENOVO
  version.compiz: compiz 1:0.9.14.1+20.04.20200211-0ubuntu1
  version.libdrm2: libdrm2 2.4.102-1ubuntu1~20.04.1
  version.libgl1-mesa-dri: libgl1-mesa-dri 20.2.6-0ubuntu0.20.04.1
  version.libgl1-mesa-glx: libgl1-mesa-glx 20.2.6-0ubuntu0.20.04.1
  version.xserver-xorg-core: xserver-xorg-core 2:1.20.9-2ubuntu1.2~20.04.1
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.6-1
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20200226-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.16-1
  xserver.bootTime: Tue Feb  9 06:34:08 2021
  xserver.configfile: default
  xserver.logfile: /var/log/Xorg.0.log
  xserver.version: 2:1.20.9-2ubuntu1.2~20.04.1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1921552/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1916256] Re: NVIDIA Driver not working

[Seth Arnold]

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1916256

Title:
  NVIDIA Driver not working

Status in xorg package in Ubuntu:
  New

Bug description:
  hello so i have a issue with NVIDIA driver on a 4k res the system is laggy 1 
frame per sec and 
  it shows me a glitch when i move the taps 

  like : https://imgur.com/3LWJbbC

  thanks in advance

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: xorg 1:7.7+19ubuntu14
  ProcVersionSignature: Ubuntu 5.8.0-43.49~20.04.1-generic 5.8.18
  Uname: Linux 5.8.0-43-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  .proc.driver.nvidia.capabilities.gpu0: Error: [Errno 21] Is a directory: 
'/proc/driver/nvidia/capabilities/gpu0'
  .proc.driver.nvidia.capabilities.mig: Error: [Errno 21] Is a directory: 
'/proc/driver/nvidia/capabilities/mig'
  .proc.driver.nvidia.gpus..01.00.0: Error: [Errno 21] Is a directory: 
'/proc/driver/nvidia/gpus/:01:00.0'
  .proc.driver.nvidia.registry: Binary: ""
  .proc.driver.nvidia.suspend: suspend hibernate resume
  .proc.driver.nvidia.suspend_depth: default modeset uvm
  .proc.driver.nvidia.version:
   NVRM version: NVIDIA UNIX x86_64 Kernel Module  460.32.03  Sun Dec 27 
19:00:34 UTC 2020
   GCC version:
  ApportVersion: 2.20.11-0ubuntu27.16
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: skip
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Fri Feb 19 09:30:48 2021
  DistUpgraded: Fresh install
  DistroCodename: focal
  DistroVariant: ubuntu
  ExtraDebuggingInterest: Yes, if not too technical
  GraphicsCard:
   Intel Corporation Skylake GT2 [HD Graphics 520] [8086:1916] (rev 07) 
(prog-if 00 [VGA controller])
 Subsystem: Hewlett-Packard Company Skylake GT2 [HD Graphics 520] 
[103c:80e5]
 Subsystem: Hewlett-Packard Company GM107M [GeForce GTX 950M] [103c:80e5]
  InstallationDate: Installed on 2021-02-19 (0 days ago)
  InstallationMedia: Ubuntu 20.04.2.0 LTS "Focal Fossa" - Release amd64 
(20210209.1)
  MachineType: HP HP ENVY Notebook
  ProcEnviron:
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.8.0-43-generic 
root=UUID=d6d44f80-a9fe-4951-b886-8035f1017eff ro quiet splash vt.handoff=7
  SourcePackage: xorg
  Symptom: display
  UpgradeStatus: No upgrade log present (probably fresh install)
  acpidump: Error: command ['pkexec', '/usr/share/apport/dump_acpi_tables.py'] 
failed with exit code 126: Error executing command as another user: Request 
dismissed
  dmi.bios.date: 03/04/2016
  dmi.bios.release: 15.53
  dmi.bios.vendor: Insyde
  dmi.bios.version: F.35
  dmi.board.asset.tag: Type2 - Board Asset Tag
  dmi.board.name: 80E5
  dmi.board.vendor: HP
  dmi.board.version: 87.60
  dmi.chassis.asset.tag: Chassis Asset Tag
  dmi.chassis.type: 10
  dmi.chassis.vendor: HP
  dmi.chassis.version: Chassis Version
  dmi.ec.firmware.release: 87.60
  dmi.modalias: 
dmi:bvnInsyde:bvrF.35:bd03/04/2016:br15.53:efr87.60:svnHP:pnHPENVYNotebook:pvrType1ProductConfigId:rvnHP:rn80E5:rvr87.60:cvnHP:ct10:cvrChassisVersion:
  dmi.product.family: 103C_5335KV G=N L=CON B=HP S=ENV
  dmi.product.name: HP ENVY Notebook
  dmi.product.sku: V8S44EA#A2N
  dmi.product.version: Type1ProductConfigId
  dmi.sys.vendor: HP
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.102-1ubuntu1~20.04.1
  version.libgl1-mesa-dri: libgl1-mesa-dri 20.2.6-0ubuntu0.20.04.1
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A
  version.xserver-xorg-core: xserver-xorg-core 2:1.20.9-2ubuntu1.2~20.04.1
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-1
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20200226-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.16-1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1916256/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1878194] Re: [Sennheiser HD 4.50 BTNC] Bluetooth headset not working when selecting HSP/HFP audio profile in Focal Fossa

[Seth Arnold]

*** This bug is a duplicate of bug 1871794 ***
https://bugs.launchpad.net/bugs/1871794

** Information type changed from Public Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to pulseaudio in Ubuntu.
https://bugs.launchpad.net/bugs/1878194

Title:
  [Sennheiser HD 4.50 BTNC] Bluetooth headset not working when selecting
  HSP/HFP audio profile in Focal Fossa

Status in bluez package in Ubuntu:
  Confirmed
Status in pulseaudio package in Ubuntu:
  Confirmed

Bug description:
  After updating the release from Ubuntu 19.10 to 20.04, the bluetooth
  headset doesn't work anymore when HSP/HFP profile is selected.

  With Ubuntu 19.10 the headset was working, there was audio and the mic
  was perfect for video conferencing.

  [Steps to reproduce]
  1. Connect headset (used blueman to setup and connect)
  1.1. When connected the system automatically selects A2DP profile
  2. Start playing audio (browser or other)
  3. Change profile to HSP/HFP with pavucontrol (or blueman)
  4. The audio disappears and microphone is not working (no input)
  5. Optionally switch back to A2DP and the audio comes back

  [Expected]
  When switching to HSP/HFP the audio should keep playing and the microphone 
should start working

  [Notes]
  I tried with pavucontrol to switch between profiles while playing audio from 
a browser.
  As side note there's a led in the headset that still blinks when switching 
profile.

  I tried deleting the pulse folder under user's profile .config without
  success, also reinstalled packages and did a `sudo alsa force-reload`
  and rebooting several times.

  Note: not sure this is a duplicate of [Bug #1576559], it looks quite
  different since the profile changes but the headset stops working.

  [System info]
  Ubuntu: 20.04 - Linux 5.4.0-29-generic x86_64
  pulseaudio: 1:13.99.1-1ubuntu3
  bluez: 5.53-0ubuntu3

  Headset: Sennheiser HD 4.50 BTNC

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1878194/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1914148] Re: Firefox connstantly disabled on Apparmor

[Seth Arnold]

The Firefox AppArmor profile isn't enabled by default because it forces
the user to change how they interact with their browser.

Consider that the profile really allows downloads only into ~/Downloads/
directories. (There's other places that are writable, but even less
suitable for downloads.) Many users prefer to download directly to their
existing directory structure.

Consider the wide variety of plugins that may supply helper executables.
Plugins failing without a good interface in the browser to know why they
have failed would be very confusing.

Consider the huge number of applications that people install to handle
mime types. People want to be able to click a link to any random file
and have the browser offer to launch the helper.

People who are fine with all these impositions in how they can use
Firefox can enable the Firefox profile. They'll know how to debug issues
when they arise, and furthermore, probably already have a workflow that
makes it easy to work with the AppArmor policy restrictions.

But most Ubuntu users are completely unaware that they're running
AppArmor on many of their services. Surely some of this group would like
to use it more, if only they knew about it, but also many people just
need their computers to keep working as they always have.

If we enable this one profile, we run the serious risk that users will
disable AppArmor entirely.

Thanks

** Package changed: apparmor (Ubuntu) => firefox (Ubuntu)

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1914148

Title:
  Firefox connstantly  disabled on Apparmor

Status in firefox package in Ubuntu:
  New

Bug description:
  Once again Apparmor policies are constantly disabled for Firefox. 
  -I've reported this bug in December, then came a patch, then for the last 
month of January -  regardless of updates, Firefox profiles are skipped.
  - You cannot be serious?
  -This is a consistent seccurity issue!
  - Please write rules that consistently work or teach us how to do so / deal 
with Mozilla

  "Feb 02 00:17:24 USER apparmor.systemd[1117]: Skipping profile in 
/etc/apparmor.d/disable: usr.bin.firefox
  Feb 02 00:17:24 USER apparmor.systemd[1118]: Skipping profile in 
/etc/apparmor.d/disable: usr.sbin.rsyslogd
  Feb 02 00:17:24 USER systemd[1]: Finished Load AppArmor profiles.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1914148/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1872504] Re: date modified is wrong for files on an exfat formatted drive

[Seth Arnold]

I added the linux source package to this bug because I've heard this
commit addresses the issue:

https://github.com/gregkh/linux/commit/099340d3e758cca06a82bf5dcff8b9a8acbdcb0a

Thanks

** Also affects: linux (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1872504

Title:
  date modified is wrong for files on an exfat formatted drive

Status in linux package in Ubuntu:
  New
Status in ubuntu-meta package in Ubuntu:
  Confirmed

Bug description:
  When using exfat formatted drives (e.g. my camera card) with focal
  fossa any access causes the date modified to be set, even when it
  would not normally be set, and it is set a month into the future.

  Installing exfat-fuse and exfat-utils results in the correct
  behaviour.

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: ubuntu-release-upgrader-core 1:20.04.18
  ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27
  Uname: Linux 5.4.0-21-generic x86_64
  ApportVersion: 2.20.11-0ubuntu26
  Architecture: amd64
  CasperMD5CheckResult: skip
  CrashDB: ubuntu
  CurrentDesktop: ubuntu:GNOME
  Date: Mon Apr 13 17:27:30 2020
  InstallationDate: Installed on 2020-04-12 (1 days ago)
  InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Beta amd64 (20200409)
  PackageArchitecture: all
  ProcEnviron:
   LANGUAGE=en_GB:en
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_GB.UTF-8
   SHELL=/bin/bash
  SourcePackage: ubuntu-release-upgrader
  Symptom: dist-upgrade
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1872504/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

[Desktop-packages] [Bug 1908915] Re: package chromium-browser 1:85.0.4183.83-0ubuntu2 failed to install/upgrade: new chromium-browser package pre-installation script subprocess returned error exit sta

[Seth Arnold]

Hello mohsen, probably this can get you moving again:

sudo apt update
sudo apt install -f
sudo apt upgrade

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to chromium-browser in Ubuntu.
https://bugs.launchpad.net/bugs/1908915

Title:
  package chromium-browser 1:85.0.4183.83-0ubuntu2 failed to
  install/upgrade: new chromium-browser package pre-installation script
  subprocess returned error exit status 10

Status in chromium-browser package in Ubuntu:
  New

Bug description:
  Errors were encountered while processing:
   /var/cache/apt/archives/chromium-browser_1%3a85.0.4183.83-0ubuntu2_amd64.deb
  E: Sub-process /usr/bin/dpkg returned an error code (1)

  ProblemType: Package
  DistroRelease: Ubuntu 20.10
  Package: chromium-browser 1:85.0.4183.83-0ubuntu2
  ProcVersionSignature: Ubuntu 5.8.0-33.36-generic 5.8.17
  Uname: Linux 5.8.0-33-generic x86_64
  ApportVersion: 2.20.11-0ubuntu50.3
  AptOrdering:
   chromium-browser:amd64: Install
   NULL: ConfigurePending
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Mon Dec 21 19:13:28 2020
  Dependencies:
   
  ErrorMessage: new chromium-browser package pre-installation script subprocess 
returned error exit status 10
  Python3Details: /usr/bin/python3.8, Python 3.8.6, python3-minimal, 
3.8.6-0ubuntu1
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.20.5ubuntu2
   apt  2.1.10ubuntu0.1
  SourcePackage: chromium-browser
  Title: package chromium-browser 1:85.0.4183.83-0ubuntu2 failed to 
install/upgrade: new chromium-browser package pre-installation script 
subprocess returned error exit status 10
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1908915/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp