[Group.of.nepali.translators] [Bug 1634545] Re: ipv6: connected routes are missing after a down/up cycle on the loopback

[Joseph Salisbury]

** No longer affects: linux (Ubuntu Trusty)

** Changed in: linux (Ubuntu Xenial)
   Status: Triaged => In Progress

** Changed in: linux (Ubuntu Yakkety)
   Status: Triaged => In Progress

** Changed in: linux (Ubuntu)
   Status: Triaged => In Progress

** Changed in: linux (Ubuntu)
 Assignee: (unassigned) => Joseph Salisbury (jsalisbury)

** Changed in: linux (Ubuntu Xenial)
 Assignee: (unassigned) => Joseph Salisbury (jsalisbury)

** Changed in: linux (Ubuntu Yakkety)
 Assignee: (unassigned) => Joseph Salisbury (jsalisbury)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1634545

Title:
  ipv6: connected routes are missing after a down/up cycle on the
  loopback

Status in linux package in Ubuntu:
  In Progress
Status in linux source package in Xenial:
  In Progress
Status in linux source package in Yakkety:
  In Progress

Bug description:
  This upstream patch is missing:
  
http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=a220445f9f4382c36a53d8ef3e08165fa27f7e2c

  ipv6: correctly add local routes when lo goes up

  The goal of the patch is to fix this scenario:
   ip link add dummy1 type dummy
   ip link set dummy1 up
   ip link set lo down ; ip link set lo up

  After that sequence, the local route to the link layer address of dummy1 is
  not there anymore.

  When the loopback is set down, all local routes are deleted by
  addrconf_ifdown()/rt6_ifdown(). At this time, the rt6_info entry still
  exists, because the corresponding idev has a reference on it. After the rcu
  grace period, dst_rcu_free() is called, and thus ___dst_free(), which will
  set obsolete to DST_OBSOLETE_DEAD.

  In this case, init_loopback() is called before dst_rcu_free(), thus
  obsolete is still sets to something <= 0. So, the function doesn't add the
  route again. To avoid that race, let's check the rt6 refcnt instead.

  Fixes: 25fb6ca4ed9c ("net IPv6 : Fix broken IPv6 routing table after loopback 
down-up")
  Fixes: a881ae1f625c ("ipv6: don't call addrconf_dst_alloc again when enable 
lo")
  Fixes: 33d99113b110 ("ipv6: reallocate addrconf router for ipv6 address when 
lo device up")
  Reported-by: Francesco Santoro 
  Reported-by: Samuel Gauthier 
  CC: Balakumaran Kannan 
  CC: Maruthi Thotad 
  CC: Sabrina Dubroca 
  CC: Hannes Frederic Sowa 
  CC: Weilong Chen 
  CC: Gao feng 
  Signed-off-by: Nicolas Dichtel 
  Signed-off-by: David S. Miller 

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1634545/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1449062] Re: [OSSA 2016-012] qemu-img calls need to be restricted by ulimit (CVE-2015-5162)

[Brian Rosmaita]

Fix released to all stable branches

** Changed in: glance
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1449062

Title:
  [OSSA 2016-012] qemu-img calls need to be restricted by ulimit
  (CVE-2015-5162)

Status in Cinder:
  Fix Released
Status in Cinder mitaka series:
  Fix Committed
Status in Cinder newton series:
  Fix Released
Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive liberty series:
  Fix Committed
Status in Ubuntu Cloud Archive mitaka series:
  Fix Committed
Status in Ubuntu Cloud Archive newton series:
  Fix Released
Status in Glance:
  Fix Released
Status in Glance liberty series:
  Fix Released
Status in Glance mitaka series:
  Fix Released
Status in Glance newton series:
  Fix Released
Status in OpenStack Compute (nova):
  Fix Released
Status in OpenStack Security Advisory:
  Fix Released
Status in python-oslo.concurrency package in Ubuntu:
  Fix Released
Status in python-oslo.concurrency source package in Wily:
  Fix Committed
Status in python-oslo.concurrency source package in Xenial:
  Fix Released
Status in python-oslo.concurrency source package in Yakkety:
  Fix Released

Bug description:
  Reported via private E-mail from Richard W.M. Jones.

  Turns out qemu image parser is not hardened against malicious input
  and can be abused to allocated an arbitrary amount of memory and/or
  dump a lot of information when used with "--output=json".

  The solution seems to be: limit qemu-img ressource using ulimit.

  Example of abuse:

  -- afl1.img --

  $ /usr/bin/time qemu-img info afl1.img
  image: afl1.img
  [...]
  0.13user 0.19system 0:00.36elapsed 92%CPU (0avgtext+0avgdata 
642416maxresident)k
  0inputs+0outputs (0major+156927minor)pagefaults 0swaps

  The original image is 516 bytes, but it causes qemu-img to allocate
  640 MB.

  -- afl2.img --

  $ qemu-img info --output=json afl2.img | wc -l
  589843

  This is a 200K image which causes qemu-img info to output half a
  million lines of JSON (14 MB of JSON).

  Glance runs the --output=json variant of the command.

  -- afl3.img --

  $ /usr/bin/time qemu-img info afl3.img
  image: afl3.img
  [...]
  0.09user 0.35system 0:00.47elapsed 94%CPU (0avgtext+0avgdata 
1262388maxresident)k
  0inputs+0outputs (0major+311994minor)pagefaults 0swaps

  qemu-img allocates 1.3 GB (actually, a bit more if you play with
  ulimit -v).  It appears that you could change it to allocate
  arbitrarily large amounts of RAM.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1449062/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1449062] Re: [OSSA 2016-012] qemu-img calls need to be restricted by ulimit (CVE-2015-5162)

[Brian Rosmaita]

See comment #90 for glance fix to stable/liberty

** Changed in: glance/liberty
   Status: In Progress => Fix Committed

** Changed in: glance/liberty
   Status: Fix Committed => Fix Released

** Changed in: glance/mitaka
   Status: Fix Committed => Fix Released

** Changed in: glance/newton
   Status: Fix Committed => Fix Released

** Changed in: glance/newton
Milestone: newton-rc2 => None

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1449062

Title:
  [OSSA 2016-012] qemu-img calls need to be restricted by ulimit
  (CVE-2015-5162)

Status in Cinder:
  Fix Released
Status in Cinder mitaka series:
  Fix Committed
Status in Cinder newton series:
  Fix Released
Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive liberty series:
  Fix Committed
Status in Ubuntu Cloud Archive mitaka series:
  Fix Committed
Status in Ubuntu Cloud Archive newton series:
  Fix Released
Status in Glance:
  Fix Released
Status in Glance liberty series:
  Fix Released
Status in Glance mitaka series:
  Fix Released
Status in Glance newton series:
  Fix Released
Status in OpenStack Compute (nova):
  Fix Released
Status in OpenStack Security Advisory:
  Fix Released
Status in python-oslo.concurrency package in Ubuntu:
  Fix Released
Status in python-oslo.concurrency source package in Wily:
  Fix Committed
Status in python-oslo.concurrency source package in Xenial:
  Fix Released
Status in python-oslo.concurrency source package in Yakkety:
  Fix Released

Bug description:
  Reported via private E-mail from Richard W.M. Jones.

  Turns out qemu image parser is not hardened against malicious input
  and can be abused to allocated an arbitrary amount of memory and/or
  dump a lot of information when used with "--output=json".

  The solution seems to be: limit qemu-img ressource using ulimit.

  Example of abuse:

  -- afl1.img --

  $ /usr/bin/time qemu-img info afl1.img
  image: afl1.img
  [...]
  0.13user 0.19system 0:00.36elapsed 92%CPU (0avgtext+0avgdata 
642416maxresident)k
  0inputs+0outputs (0major+156927minor)pagefaults 0swaps

  The original image is 516 bytes, but it causes qemu-img to allocate
  640 MB.

  -- afl2.img --

  $ qemu-img info --output=json afl2.img | wc -l
  589843

  This is a 200K image which causes qemu-img info to output half a
  million lines of JSON (14 MB of JSON).

  Glance runs the --output=json variant of the command.

  -- afl3.img --

  $ /usr/bin/time qemu-img info afl3.img
  image: afl3.img
  [...]
  0.09user 0.35system 0:00.47elapsed 94%CPU (0avgtext+0avgdata 
1262388maxresident)k
  0inputs+0outputs (0major+311994minor)pagefaults 0swaps

  qemu-img allocates 1.3 GB (actually, a bit more if you play with
  ulimit -v).  It appears that you could change it to allocate
  arbitrarily large amounts of RAM.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1449062/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1633414] Re: linux: 4.4.0-44.64 -proposed tracker

[Brad Figg]

tests ran:   1, failed: 0;
  
http://kernel.ubuntu.com/testing/4.4.0-43.63/s2lp3__4.4.0-43.63__2016-10-18_17-18-00/results-index.html

** Changed in: kernel-sru-workflow/automated-testing
   Status: New => Confirmed

** Changed in: kernel-sru-workflow/certification-testing
   Status: New => Confirmed

** Changed in: kernel-sru-workflow/promote-to-proposed
   Status: In Progress => Fix Released

** Changed in: kernel-sru-workflow/regression-testing
   Status: New => Confirmed

** Changed in: kernel-sru-workflow/security-signoff
   Status: New => Confirmed

** Changed in: kernel-sru-workflow/verification-testing
   Status: New => Confirmed

** Description changed:

  This bug is for tracking the 4.4.0-44.64 upload package. This bug will
  contain status and testing results related to that upload.
  
  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  
  -- swm properties --
  boot-testing-requested: true
  derivative-trackers-created: true
  phase: Uploaded
+ kernel-stable-phase:Promoted to proposed
+ kernel-stable-phase-changed:Tuesday, 18. October 2016 17:17 UTC

** Description changed:

  This bug is for tracking the 4.4.0-44.64 upload package. This bug will
  contain status and testing results related to that upload.
  
  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  
  -- swm properties --
  boot-testing-requested: true
  derivative-trackers-created: true
- phase: Uploaded
- kernel-stable-phase:Promoted to proposed
- kernel-stable-phase-changed:Tuesday, 18. October 2016 17:17 UTC
+ phase: Promoted to proposed
+ proposed-announcement-sent: true
+ proposed-testing-requested: true

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1633414

Title:
  linux: 4.4.0-44.64 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Confirmed
Status in Kernel SRU Workflow certification-testing series:
  Confirmed
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-signed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  Confirmed
Status in Kernel SRU Workflow security-signoff series:
  Confirmed
Status in Kernel SRU Workflow verification-testing series:
  Confirmed
Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Xenial:
  New

Bug description:
  This bug is for tracking the 4.4.0-44.64 upload package. This bug will
  contain status and testing results related to that upload.

  For an explanation of the tasks and the associated workflow see:
  https://wiki.ubuntu.com/Kernel/kernel-sru-workflow

  -- swm properties --
  boot-testing-requested: true
  derivative-trackers-created: true
  phase: Promoted to proposed
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1633414/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1633419] Re: linux-raspi2: 4.4.0-1028.34 -proposed tracker

[Brad Figg]

** Changed in: kernel-sru-workflow/automated-testing
   Status: New => Confirmed

** Changed in: kernel-sru-workflow/certification-testing
   Status: New => Confirmed

** Changed in: kernel-sru-workflow/promote-to-proposed
   Status: In Progress => Fix Released

** Changed in: kernel-sru-workflow/regression-testing
   Status: New => Confirmed

** Changed in: kernel-sru-workflow/verification-testing
   Status: New => Confirmed

** Description changed:

  This bug is for tracking the  upload package. This
  bug will contain status and testing results related to that upload.
  
  For an explanation of the tasks and the associated workflow see: 
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  -- swm properties --
  boot-testing-requested: true
  derivative-trackers-created: true
  kernel-stable-master-bug: 1633414
  phase: Uploaded
+ kernel-stable-phase:Promoted to proposed
+ kernel-stable-phase-changed:Tuesday, 18. October 2016 16:33 UTC

** Description changed:

  This bug is for tracking the  upload package. This
  bug will contain status and testing results related to that upload.
  
  For an explanation of the tasks and the associated workflow see: 
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  -- swm properties --
  boot-testing-requested: true
  derivative-trackers-created: true
  kernel-stable-master-bug: 1633414
- phase: Uploaded
- kernel-stable-phase:Promoted to proposed
- kernel-stable-phase-changed:Tuesday, 18. October 2016 16:33 UTC
+ phase: Promoted to proposed
+ proposed-announcement-sent: true
+ proposed-testing-requested: true

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1633419

Title:
  linux-raspi2: 4.4.0-1028.34 -proposed tracker

Status in Kernel SRU Workflow:
  In Progress
Status in Kernel SRU Workflow automated-testing series:
  Confirmed
Status in Kernel SRU Workflow certification-testing series:
  Confirmed
Status in Kernel SRU Workflow prepare-package series:
  Fix Released
Status in Kernel SRU Workflow prepare-package-meta series:
  Fix Released
Status in Kernel SRU Workflow promote-to-proposed series:
  Fix Released
Status in Kernel SRU Workflow promote-to-security series:
  New
Status in Kernel SRU Workflow promote-to-updates series:
  New
Status in Kernel SRU Workflow regression-testing series:
  Confirmed
Status in Kernel SRU Workflow security-signoff series:
  New
Status in Kernel SRU Workflow upload-to-ppa series:
  New
Status in Kernel SRU Workflow verification-testing series:
  Confirmed
Status in linux-raspi2 package in Ubuntu:
  Invalid
Status in linux-raspi2 source package in Xenial:
  Confirmed

Bug description:
  This bug is for tracking the  upload package.
  This bug will contain status and testing results related to that
  upload.

  For an explanation of the tasks and the associated workflow see: 
https://wiki.ubuntu.com/Kernel/kernel-sru-workflow
  -- swm properties --
  boot-testing-requested: true
  derivative-trackers-created: true
  kernel-stable-master-bug: 1633414
  phase: Promoted to proposed
  proposed-announcement-sent: true
  proposed-testing-requested: true

To manage notifications about this bug go to:
https://bugs.launchpad.net/kernel-sru-workflow/+bug/1633419/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1634475] Re: Files missing from package

[Corey Bryant]

** Also affects: mistral (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: cloud-archive
   Importance: Undecided
   Status: New

** Changed in: cloud-archive
   Status: New => In Progress

** Changed in: mistral (Ubuntu)
   Status: New => In Progress

** Changed in: mistral (Ubuntu Xenial)
   Status: New => In Progress

** Also affects: cloud-archive/mitaka
   Importance: Undecided
   Status: New

** Changed in: cloud-archive/mitaka
   Status: New => In Progress

** Changed in: cloud-archive
 Assignee: (unassigned) => Corey Bryant (corey.bryant)

** Changed in: mistral (Ubuntu Xenial)
 Assignee: (unassigned) => Corey Bryant (corey.bryant)

** Changed in: cloud-archive/mitaka
 Assignee: (unassigned) => Corey Bryant (corey.bryant)

** Summary changed:

- Files missing from package
+ [SRU] Files missing from package

** Changed in: mistral (Ubuntu)
 Assignee: (unassigned) => Corey Bryant (corey.bryant)

** Description changed:

  After the package is installed some of the files that support the
  initialisation of the database seem to missing. As does the policy.json.
  
  The files that are missing:
  
  /usr/lib/python2.7/dist-packages/mistral/actions/openstack/mapping.json
  /usr/lib/python2.7/dist-packages/mistral/resources (directory + contents)
  /etc/mistral/policy.json
  
  Without the DB files the schema initialisation fails:
  # mistral-db-manage --config-file /etc/mistral/mistral.conf populate
  Traceback (most recent call last):
-   File "/usr/bin/mistral-db-manage", line 10, in 
- sys.exit(main())
-   File 
"/usr/lib/python2.7/dist-packages/mistral/db/sqlalchemy/migration/cli.py", line 
129, in main
- CONF.command.func(config, CONF.command.name)
-   File 
"/usr/lib/python2.7/dist-packages/mistral/db/sqlalchemy/migration/cli.py", line 
70, in do_populate
- action_manager.sync_db()
-   File "/usr/lib/python2.7/dist-packages/mistral/services/action_manager.py", 
line 82, in sync_db
- register_action_classes()
-   File "/usr/lib/python2.7/dist-packages/mistral/services/action_manager.py", 
line 128, in register_action_classes
- _register_dynamic_action_classes()
-   File "/usr/lib/python2.7/dist-packages/mistral/services/action_manager.py", 
line 88, in _register_dynamic_action_classes
- actions = generator.create_actions()
-   File 
"/usr/lib/python2.7/dist-packages/mistral/actions/openstack/action_generator/base.py",
 line 77, in create_actions
- mapping = get_mapping()
-   File 
"/usr/lib/python2.7/dist-packages/mistral/actions/openstack/action_generator/base.py",
 line 45, in get_mapping
- MAPPING_PATH)).read())
+   File "/usr/bin/mistral-db-manage", line 10, in 
+ sys.exit(main())
+   File 
"/usr/lib/python2.7/dist-packages/mistral/db/sqlalchemy/migration/cli.py", line 
129, in main
+ CONF.command.func(config, CONF.command.name)
+   File 
"/usr/lib/python2.7/dist-packages/mistral/db/sqlalchemy/migration/cli.py", line 
70, in do_populate
+ action_manager.sync_db()
+   File "/usr/lib/python2.7/dist-packages/mistral/services/action_manager.py", 
line 82, in sync_db
+ register_action_classes()
+   File "/usr/lib/python2.7/dist-packages/mistral/services/action_manager.py", 
line 128, in register_action_classes
+ _register_dynamic_action_classes()
+   File "/usr/lib/python2.7/dist-packages/mistral/services/action_manager.py", 
line 88, in _register_dynamic_action_classes
+ actions = generator.create_actions()
+   File 
"/usr/lib/python2.7/dist-packages/mistral/actions/openstack/action_generator/base.py",
 line 77, in create_actions
+ mapping = get_mapping()
+   File 
"/usr/lib/python2.7/dist-packages/mistral/actions/openstack/action_generator/base.py",
 line 45, in get_mapping
+ MAPPING_PATH)).read())
  IOError: [Errno 2] No such file or directory: 
'/usr/lib/python2.7/dist-packages/mistral/actions/openstack/mapping.json'
  
  And without the policy.json clients cannot authorise.
- 
  
  Reproduce db issue:
  lxc launch ubuntu-daily:yakkety
  lxc execbash
  apt update
  apt install mistral-api
  mistral-db-manage --config-file /etc/mistral/mistral.conf populate

** Description changed:

- After the package is installed some of the files that support the
- initialisation of the database seem to missing. As does the policy.json.
+ [Description]
+ After the package is installed some of the files that support the 
initialisation of the database seem to missing. As does the policy.json.
  
  The files that are missing:
  
  /usr/lib/python2.7/dist-packages/mistral/actions/openstack/mapping.json
  /usr/lib/python2.7/dist-packages/mistral/resources (directory + contents)
  /etc/mistral/policy.json
  
  Without the DB files the schema initialisation fails:
  # mistral-db-manage --config-file /etc/mistral/mistral.conf populate
  Traceback (most recent call last):
    File "/usr/bin/mistral-db-manage", line 10, in 
  sys.exit(main())
    File 

[Group.of.nepali.translators] [Bug 1584485] Re: Upgrading samba to latest security fixes together with winbind in nsswitch.conf can harm entire OS

[Jorge Niedbalski]

** No longer affects: samba (Ubuntu Precise)

** Changed in: samba (Ubuntu Xenial)
   Status: New => In Progress

** Changed in: samba (Ubuntu Xenial)
   Importance: Undecided => High

** Changed in: samba (Ubuntu Xenial)
 Assignee: (unassigned) => Jorge Niedbalski (niedbalski)

** Patch added: "Yakkety Patch for 1584485"
   
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1584485/+attachment/4763305/+files/fix-1584485-yakkety.debdiff

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1584485

Title:
  Upgrading samba to latest security fixes together with winbind in
  nsswitch.conf can harm entire OS

Status in samba package in Ubuntu:
  In Progress
Status in samba source package in Trusty:
  In Progress
Status in samba source package in Xenial:
  In Progress
Status in samba source package in Yakkety:
  In Progress

Bug description:
  [Impact]

  * Upgrading samba when using winbind as NSS service can break OS.
  * Probably not triggered if "compat" is BEFORE "winbind" in nsswitch.conf.
  * Huge impact due to big version different between winbind and libraries.

  [Test Case]

  1) Start an ubuntu Trusty container
  2) cp /etc/apt/sources.list /etc/apt/sources.list.back
  3) Disable the trusty-updates and trusty-security archives in 
/etc/apt/sources.list
  4) sudo apt-get update
  5) sudo apt-get install samba winbind libnss-winbind libpam-winbind
  6) Set /etc/nsswitch.conf to : passwd: winbind compat
  7) Restart the services
 7.1) sudo restart smbd
 7.2) sudo restart nmbd
 7.3) sudo restart winbind
  8) cp /etc/apt/sources.list.back /etc/apt/sources.list
  9) sudo apt-get update
  7) sudo apt-get install samba winbind libnss-winbind libpam-winbind

  While installing, you will see things similar to this :

  > Unpacking libnss-winbind:amd64 (2:4.3.11+dfsg-0ubuntu0.14.04.1) over 
(2:4.1.6+dfsg-1ubuntu2) ...
  > dpkg-deb: error: subprocess tar was killed by signal (Segmentation fault), 
core dumped
  > dpkg: error processing archive 
/var/cache/apt/archives/libpam-winbind_2%3a4.3.11+dfsg-0ubuntu0.14.04.1_amd64.deb
 (-
  > -unpack):
  >  subprocess dpkg-deb --control returned error exit status 2
  > dpkg-deb: error: subprocess tar was killed by signal (Segmentation fault), 
core dumped

  [Regression Potential]

  * "preinst" and "postrm" maintainer scripts are acting only in "upgrade"
  * uninstalling packages and reinstalling would bypass this change

  [Other Info]

  * Original Bug Description:

  It was brought to my attention that, because of latest security fixes
  for samba:

  https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1577739

  samba (2:4.3.9+dfsg-0ubuntu0.14.04.1) trusty-security; urgency=medium
  samba (2:4.3.8+dfsg-0ubuntu0.14.04.2) trusty-security; urgency=medium
  samba (2:4.1.6+dfsg-1ubuntu2.14.04.13) trusty-security; urgency=medium

  when library symbols changed, a samba upgrade MAY jeopardize an entire
  Ubuntu OS installation IF /etc/nsswitch.conf uses winbind as a service
  (specially if used before compat mechanism).

  

  How to reproduce easily:

  $ cat /etc/nsswitch.conf
  passwd: winbind compat
  shadow: compat
  group: winbind compat

  (winbind is usually used after compat, in this case it was used
  before)

  to have samba version "4.1.6+dfsg-1ubuntu2.14.04.13" installed and do
  a:

  $ sudo apt-get update

  and FINALLY:

  https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1584485/comments/1

  Leading into an unusable system in the following state:

  https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1584485/comments/2

  ## state

  Workaround:

  DO REMOVE winbind from /etc/nsswitch.conf (and possibly from pam.d
  with "pam-auth-update") before ANY attempt of upgrading samba to
  latest version.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1584485/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1593075] Re: linux: Implement secure boot state variables

[Seth Forshee]

** Also affects: linux (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Changed in: linux (Ubuntu Trusty)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Trusty)
   Status: New => Fix Committed

** Tags removed: verification-done-trusty

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1593075

Title:
  linux: Implement secure boot state variables

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Fix Committed
Status in linux source package in Xenial:
  Fix Released

Bug description:
  User space needs a way to determine the state of secure boot and
  MOKSBState.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1593075/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1634235] Re: Update to include zesty

[Launchpad Bug Tracker]

This bug was fixed in the package distro-info-data - 0.29ubuntu0.1

---
distro-info-data (0.29ubuntu0.1) yakkety; urgency=medium

  * Fix release date of Ubuntu 16.10.
  * Add Ubuntu 17.04, Zesty Zapus, with provisional release date.
(LP: #1634235)

 -- Martin Pitt   Mon, 17 Oct 2016 21:21:33
+0200

** Changed in: distro-info-data (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1634235

Title:
  Update to include zesty

Status in distro-info-data package in Ubuntu:
  Fix Released
Status in distro-info-data source package in Precise:
  Fix Released
Status in distro-info-data source package in Trusty:
  Fix Released
Status in distro-info-data source package in Xenial:
  Fix Released
Status in distro-info-data source package in Yakkety:
  Fix Released
Status in distro-info-data source package in Zesty:
  Fix Released

Bug description:
  It's that time of year.
  This package just contains data, with no format changes.

  [ QA ]
  "ubuntu-distro-info -d" should return "yakkety" not an error that the data is 
out of date.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/distro-info-data/+bug/1634235/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1580740] Re: [SRU] Cannot open a browser link from a snap that provides a link

[Launchpad Bug Tracker]

This bug was fixed in the package snapd-xdg-open - 0.0.0~16.04

---
snapd-xdg-open (0.0.0~16.04) xenial; urgency=medium

  * Backport to xenial (LP: #1580740)

 -- Ubuntu Desktop Team   Fri, 07 Jul
2016 12:45:00 -0400

** Changed in: snapd-xdg-open (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1580740

Title:
  [SRU] Cannot open a browser link from a snap that provides a link

Status in Snappy:
  Triaged
Status in snapd-xdg-open package in Ubuntu:
  Fix Released
Status in snapd-xdg-open source package in Xenial:
  Fix Released

Bug description:
  [Impact]

  Links in snaps cannot be opened on the host.

  [Test Case]

  Steps to reproduce:

  - Run `sudo snap install telegram-sergiusens`
  - Launch telegram-sergiusens.sergiusens (or from the dash)
  - Receive a link
  - Try an open the link.

  The reason for it not working is that there is no browser in ubuntu-
  core and there is no handler that knows how to redirect this to the
  classic Ubuntu instance.

  [Regression Potential]

   * The fix is a new package to be pulled in by snapd, so there is
  little risk of regression

  [Other Info]

   * snapd-xdg-open is just one piece of two that are needed to fix this
  bug. The other piece is a fake xdg-open script that is available in
  the OS snap, which simply makes a D-Bus method invocation to the
  service in snapd-xdg-open

To manage notifications about this bug go to:
https://bugs.launchpad.net/snappy/+bug/1580740/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1580740] Re: [SRU] Cannot open a browser link from a snap that provides a link

[Brian Murray]

** Changed in: snapd-xdg-open (Ubuntu)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1580740

Title:
  [SRU] Cannot open a browser link from a snap that provides a link

Status in Snappy:
  Triaged
Status in snapd-xdg-open package in Ubuntu:
  Fix Released
Status in snapd-xdg-open source package in Xenial:
  Fix Released

Bug description:
  [Impact]

  Links in snaps cannot be opened on the host.

  [Test Case]

  Steps to reproduce:

  - Run `sudo snap install telegram-sergiusens`
  - Launch telegram-sergiusens.sergiusens (or from the dash)
  - Receive a link
  - Try an open the link.

  The reason for it not working is that there is no browser in ubuntu-
  core and there is no handler that knows how to redirect this to the
  classic Ubuntu instance.

  [Regression Potential]

   * The fix is a new package to be pulled in by snapd, so there is
  little risk of regression

  [Other Info]

   * snapd-xdg-open is just one piece of two that are needed to fix this
  bug. The other piece is a fake xdg-open script that is available in
  the OS snap, which simply makes a D-Bus method invocation to the
  service in snapd-xdg-open

To manage notifications about this bug go to:
https://bugs.launchpad.net/snappy/+bug/1580740/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1634235] Re: Update to include zesty

[Launchpad Bug Tracker]

This bug was fixed in the package distro-info-data - 0.8ubuntu0.11

---
distro-info-data (0.8ubuntu0.11) precise; urgency=medium

  * Copy data from 0.30 (LP: #1634235)
- Fix release date of Ubuntu 16.10.
- Add Ubuntu 17.04, Zesty Zapus, with provisional release date.

 -- Martin Pitt   Mon, 17 Oct 2016 21:26:05
+0200

** Changed in: distro-info-data (Ubuntu Xenial)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1634235

Title:
  Update to include zesty

Status in distro-info-data package in Ubuntu:
  In Progress
Status in distro-info-data source package in Precise:
  Fix Released
Status in distro-info-data source package in Trusty:
  Fix Released
Status in distro-info-data source package in Xenial:
  Fix Released
Status in distro-info-data source package in Yakkety:
  Fix Released
Status in distro-info-data source package in Zesty:
  Fix Committed

Bug description:
  It's that time of year.
  This package just contains data, with no format changes.

  [ QA ]
  "ubuntu-distro-info -d" should return "yakkety" not an error that the data is 
out of date.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/distro-info-data/+bug/1634235/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1634235] Re: Update to include zesty

[Launchpad Bug Tracker]

This bug was fixed in the package distro-info-data - 0.18ubuntu0.6

---
distro-info-data (0.18ubuntu0.6) trusty; urgency=medium

  * Copy data from 0.30 (LP: #1634235)
- Fix release date of Ubuntu 16.10.
- Add Ubuntu 17.04, Zesty Zapus, with provisional release date.

 -- Martin Pitt   Mon, 17 Oct 2016 21:25:03
+0200

** Changed in: distro-info-data (Ubuntu Trusty)
   Status: Fix Committed => Fix Released

** Changed in: distro-info-data (Ubuntu Yakkety)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1634235

Title:
  Update to include zesty

Status in distro-info-data package in Ubuntu:
  In Progress
Status in distro-info-data source package in Precise:
  Fix Released
Status in distro-info-data source package in Trusty:
  Fix Released
Status in distro-info-data source package in Xenial:
  Fix Released
Status in distro-info-data source package in Yakkety:
  Fix Released
Status in distro-info-data source package in Zesty:
  Fix Committed

Bug description:
  It's that time of year.
  This package just contains data, with no format changes.

  [ QA ]
  "ubuntu-distro-info -d" should return "yakkety" not an error that the data is 
out of date.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/distro-info-data/+bug/1634235/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1634450] [NEW] ftbfs in xenial proposed

[James Page]

Public bug reported:

vmware-nsx fails to build from source in xenial proposed (as revealed by
8.0.0-0ubuntu0.16.04.3).

This is due to some changes in Neutron core that need to be accommodated
in this project as well.

** Affects: vmware-nsx (Ubuntu)
 Importance: Undecided
 Status: Invalid

** Affects: vmware-nsx (Ubuntu Xenial)
 Importance: High
 Assignee: James Page (james-page)
 Status: Triaged

** Changed in: vmware-nsx (Ubuntu)
   Status: New => Triaged

** Also affects: vmware-nsx (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: vmware-nsx (Ubuntu)
   Status: Triaged => Invalid

** Changed in: vmware-nsx (Ubuntu Xenial)
   Status: New => Triaged

** Changed in: vmware-nsx (Ubuntu Xenial)
   Importance: Undecided => High

** Changed in: vmware-nsx (Ubuntu Xenial)
 Assignee: (unassigned) => James Page (james-page)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1634450

Title:
  ftbfs in xenial proposed

Status in vmware-nsx package in Ubuntu:
  Invalid
Status in vmware-nsx source package in Xenial:
  Triaged

Bug description:
  vmware-nsx fails to build from source in xenial proposed (as revealed
  by 8.0.0-0ubuntu0.16.04.3).

  This is due to some changes in Neutron core that need to be
  accommodated in this project as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vmware-nsx/+bug/1634450/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1633220] Re: Dovecot panics when sieve filter outputs much data

[ChristianEhrhardt]

** Also affects: dovecot (Ubuntu Yakkety)
   Importance: Undecided
   Status: New

** Changed in: dovecot (Ubuntu Yakkety)
 Assignee: (unassigned) => ChristianEhrhardt (paelzer)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1633220

Title:
  Dovecot panics when sieve filter outputs much data

Status in dovecot package in Ubuntu:
  Triaged
Status in dovecot source package in Xenial:
  Triaged
Status in dovecot source package in Yakkety:
  Triaged

Bug description:
  When using dovecot with vnd.dovecot.filter, where the filter returns
  at least ~60KB of data back to dovecot, dovecot panics (see dovecot
  log in attached apport report).

  The error's origin is the pigeonhole plugin. The described error is
  already fixed in the github repo for sieve-pigeonhole [1].

  We successfully managed to apply the patch locally for ubuntu's
  current version of pigeonhole (0.4.13 (7b14904)) by simply cherry
  picking the mentioned commit.

  System information:
Description:Ubuntu 16.04.1 LTS
Release:16.04
dovecot-core:
  Installed: 1:2.2.22-1ubuntu2.1
dovecot-sieve:
  Installed: 1:2.2.22-1ubuntu2.1

$ doveconf | head -n2
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)

  [1] https://github.com/dovecot/pigeonhole/commit/a95b0579

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/1633220/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp