No current issues with modern android and modern ubuntu
** Changed in: openssl (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
Hmm, I don't have any systems left with systemd-shim installed, so I
can't do a "real world" test of this. The test case is the description
seems reasonable, so if that passes, I would consider this bug fixed. :)
Thanks!
--
You received this bug notification because you are a member of Ubuntu
I think it's fine. It sounds like there will just be no way to override
package-installed blacklists any more. That's unfortunate, but it's a
very rare situation.
** Changed in: systemd (Ubuntu)
Status: Incomplete => Won't Fix
** Changed in: linux (Ubuntu)
Status: Incomplete =>
So I'd like to bring this back up and reiterate the issue: there is no
benefit to the early truncation, and it actively breaks lots of existing
software (which is why Debian and Ubuntu have had this fix for 10 years
now).
What is the _benefit_ of early truncation that justifies breaking so
many
It's not defined in POSIX, but it has worked a certain way in glibc for
decades. There's no _reason_ to break it for _FORTIFY_SOURCE. Pre-
truncating just silently breaks programs and does weird stuff. If you
want to expose it with _FORITFY_SOURCE then have vsprintf notice that
the target and
I'd still like to have this patch applied -- while we can claim the
behavior is "undefined", it is not, in fact, undefined. It behaves one
way without -D_FORTIFY_SOURCE=2, and differently with it. And that
difference doesn't need to exist. Ubuntu carried this patch for quite a
while.
--
You
# dpkg -L systemd-shim
/.
/usr
/usr/lib
/usr/lib/i386-linux-gnu
/usr/lib/i386-linux-gnu/systemd-shim
/usr/lib/i386-linux-gnu/systemd-shim-cgroup-release-agent
/usr/lib/systemd
/usr/lib/systemd/ntp-units.d
/usr/lib/systemd/ntp-units.d/systemd-shim.list
/usr/share
/usr/share/dbus-1
# cat /usr/share/dbus-1/system-services/org.freedesktop.systemd1.service
[D-BUS Service]
Name=org.freedesktop.systemd1
User=root
Exec=/usr/lib/x86_64-linux-gnu/systemd-shim
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
** Package changed: libjpeg-turbo (Ubuntu) => systemd-shim (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd-shim in Ubuntu.
https://bugs.launchpad.net/bugs/1593924
Title:
systemd-shim was not installed in
Public bug reported:
$ sudo apt upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages will be REMOVED:
systemd-shim
0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
1 not fully installed
https://github.com/systemd/systemd/pull/8830
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1767172
Title:
Regression: /etc/modules checked against blacklist
Status in
Public bug reported:
Before systemd-modules-load, /etc/init.d/kmod would load modules
directly with "modprobe" (and _not_ "modprobe -b"):
load_module() {
local module args
module="$1"
args="$2"
if [ "$VERBOSE" != no ]; then
log_action_msg "Loading kernel module $module"
modprobe
This is (sort of) a bug in file. The problem is not being able to
distinguish between shared objects and PIE binaries. (The latter have
INTERP ELF sections and can be run directly.)
$ readelf -l /bin/true
...
Elf file type is EXEC (Executable file)
...
INTERP 0x0238
This creates an upgrade burden on anyone already including the php5
abstraction. I think there should be a single abstraction (named php)
but a symlink back to php5 that includes 5 and current...
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
Public bug reported:
Apache2 needs updates for proper signal handling, optional saslauth, and
OCSP stapling...
--- apache2-common 2014-06-24 11:06:06.0 -0700
+++ /etc/apparmor.d/abstractions/apache2-common 2015-05-21 07:51:49.0
-0700
@@ -8,6 +8,8 @@
signal (receive)
Public bug reported:
There are yet more glibc-needed files missing from the base abstraction:
--- base2017-01-20 15:37:50.0 -0800
+++ /etc/apparmor.d/abstractions/base 2016-12-06 14:13:58.0 -0800
@@ -92,7 +92,7 @@
/sys/devices/system/cpu/online r,
# glibc's
Public bug reported:
The php abstraction (also wrongly named php5 now) was not updated for
php7. Attached is a diff I used...
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "php.diff"
ptrace(PTRACE_GETREGSET, 27642, NT_FPREGSET, 0xffcc67f0) = -1 EINVAL
(Invalid argument)
NT_FPREGSET is "2", which the kernel calls NT_PRFPREG.
arm64 kernels don't implement this for compat processes, they only
support NT_ARM_VFP. If I understand correctly, VFP is hard float, so it
seems like
I'm able to use these (and I can verify they fix the problems I was
having), so +1 to promotion to -updates. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1586673
** Changed in: openssh (Ubuntu Trusty)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1534340
Title:
openssh server 6.6 does not report
mportance: Undecided
Assignee: Kees Cook (kees)
Status: New
** Also affects: openssh (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: openssh (Ubuntu)
Status: New => Fix Released
** Changed in: openssh (Ubuntu Trusty)
Assignee: (unassig
** Patch added: "openssh_6.6p1-2ubuntu2.5.debdiff"
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1534340/+attachment/4550125/+files/openssh_6.6p1-2ubuntu2.5.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
Thanks to mdeslaur for finding that the _root_ cert is the problem, not
mine, nor a code problem with gnutls:
http://blog.cacert.org/2015/12/re-signing-root-certificate/
** Changed in: gnutls26 (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a
Public bug reported:
$ gnutls-cli -p 587 smtp.outflux.net -s --print-cert
STARTTLS
ctrl-D
*** Starting TLS handshake
*** Fatal error: The signature algorithm is not supported.
*** Handshake has failed
This does not happen with 2.12.23-12ubuntu2.3.
$ echo QUIT | openssl s_client -connect
:
Kees Cook reported signal mediation issues stemming from the 'signal
peer=@{profile_name},' rule in the base abstraction. It does not work
as expected when @{profile_name} contains a regex match. If an
application confined with a profile that uses a regex match as the
name attempts to signal
Running fc-cache -sfv as root solved the warning about
/var/cache/fontconfig chmod stuff.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1185331
Title:
Apparmor logs
Using nfsvers=2 worked for me, but if you need =3, this seems like a
bug in util-linux.
** Changed in: util-linux (Ubuntu)
Status: Invalid = Confirmed
** Also affects: util-linux (Ubuntu Vivid)
Importance: Undecided
Status: Confirmed
** Also affects: util-linux (Ubuntu Utopic)
27 matches
Mail list logo
