Thanks Marques, do you know if this affects Debian as well? I wonder if
they already saw this and fixed it, or if they don't yet know about it.
THanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ifupdown in Ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/1976484
Title:
never sound ubuntu 20.04 22.04 alsamixer
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1973344
Title:
Converting PKCS#8 into PKCS#1 fails with openssl
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Alvaro, thanks for reporting back! I'm glad it worked.
I don't know the full details of which QoS settings changed in which
releases, but this email suggests that there was active interest in
changing which exact values were used:
http://lists.mindrot.org/pipermail/openssh-unix-
Alvaro, I wonder if your network is dropping packets with unexpected IP
QoS flags? Look for 'IPQoS' in ssh_config(5) to see the defaults and
available choices. This would be influenced by ssh settings but still
operate at TCP level.
Thanks
--
You received this bug notification because you are a
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
** Changed in: openssl (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1608200
Title:
please merge openssl from Debian
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Hello, note your filesystem is full:
Filesystem 1K-blocks Used Available Use% Mounted on
udev 9812920981292 0% /dev
tmpfs 202808 1508201300 1% /run
/dev/sda5 11167656 11000192 0 100% /
That causes errors like this:
cp: error
On Thu, May 05, 2022 at 09:09:07PM -, Alvaro wrote:
> acs@lsp-022:~$ ssh -vT g...@github.com
> ...
> debug1: connect to address 140.82.121.4 port 22: Connection timed out
Note that "Connection timed out" is an error at the TCP level, that
indicates that your computer wasn't able to establish
Possibly related to https://bugs.launchpad.net/bugs/1832421
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1971650
Title:
wrong check for "server" in libssl3.postinst
Yes, managing the configurations for the huge variety of cryptography
toolkits on a Linux system is definitely something of a chore. It would
be nice to give people one command they could use to return to unsafe-
but-compatible cryptography -- or enforce only modern cryptography.
Our friends at
I switched this from ca-certificates to firefox and chromium-browser,
since both browsers manage their own certificate lists and don't use the
system-provided ca-certificates. (You manage that with different tools,
see the first few lines of /etc/ca-certificates.conf for details.)
Thanks
**
** Also affects: systemd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1969593
Title:
rules to prevent non-root
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to policykit-1 in Ubuntu.
https://bugs.launchpad.net/bugs/1969593
Title:
rules to prevent non-root users
This may be a duplicate of https://launchpad.net/bugs/1969162
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1968845
Title:
Upgrade to 22.04 from 20.04 ends with dbus
Hello Mikko, thanks for the report; I believe that's working as
intended, those bytes are part of the DER encoding; there's an excellent
answer at https://crypto.stackexchange.com/a/19982/1400 that describes
the meanings of each of those bytes.
Thanks
** Information type changed from Private
Here's the postinst I've got for that package. Maybe the
reload_dbus_config() could use a --reply-timeout=5000 or something?
Thanks
$ cat /fst/trees/ubuntu/main/d/dbus/dbus_1.12.20-2ubuntu4/debian/dbus.postinst
#!/bin/sh
# Copyright © 2003 Colin Walters
# Copyright © 2006 Sjoerd Simons
set
Yikes, does it actually *stop* at that point? That's .. not ideal.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1968845
Title:
Upgrade to 22.04 from 20.04 ends
This reminds me of several previous bugs; this may or may not be a
duplicate, and this may or may not be intentional behaviour. Hopefully
these are are useful and save some debugging effort:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1922212
Hopefully this is helpful for you:
https://sources.debian.org/data/main/r/ruby3.0/3.0.3-1/debian/patches/Update-
openssl-to-version-3.0.0.patch
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to software-properties in
Ubuntu.
https://bugs.launchpad.net/bugs/1965661
Title:
software-properties-gtk crashed with
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to software-properties in
Ubuntu.
https://bugs.launchpad.net/bugs/1965857
Title:
software-properties-gtk crashed with
I can't speak for the SRU team, but it's entirely possible that if you
prepare and test a debdiff, and show that this can be fixed, you could
drive an SRU through to completion; see
https://wiki.ubuntu.com/StableReleaseUpdates for more information.
Thanks
--
You received this bug notification
Yeah it seems unlikely to be ssh to me -- can you ping the machine? does
virtualbox networking do interfaces that can ping? Does virtualbox offer
a 'console view' that you can use to debug the system?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
Corruption was my first idea, too, but the Dependencies.txt didn't
report debsums mismatches. Thanks for the explanations.
** Also affects: debconf (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
These lines from the logs look most relevant:
Unpacking libpam-runtime (1.3.1-5ubuntu4.3) over (1.3.1-5ubuntu4.1) ...
Setting up libpam-runtime (1.3.1-5ubuntu4.3) ...
Can't locate object method "new" via package
"Debconf::Element::Noninteractive::Multiselect" (perhaps you forgot to load
Thanks for doing the digging to confirm the cause; I suspect unattended-
upgrades should be modified to perform something similar to apt upgrade,
rather than apt-get upgrade, and bring in new dependencies when
necessary. A lot of systems never have interactive users any more.
Thanks
** Changed
It looks like this was added in:
https://github.com/openssl/openssl/commit/72d2670bd21becfa6a64bb03fa55ad82d6d0c0f3
in order to address servers that have not yet been updated for
CVE-2009-3555.
It's possible to add a flag at the C level to connect insecurely,
SSL_OP_LEGACY_SERVER_CONNECT, but I
This reminds me a lot of https://bugs.launchpad.net/bugs/1871538
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1962036
Title:
dbus was stopped during today's jammy update,
None of us are ARM architecture experts but the upstream code nearby
doesn't look like it's changed since this patch was introduced:
https://github.com/openssl/openssl/blame/master/crypto/poly1305/asm/poly1305-armv8.pl
Are there any log entries in your proxy that might help explain what's
happening?
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1960264
Title:
503 errors for Jammy
Thank you for taking the time to report this bug and helping to make
Ubuntu better. Reviewing your dmesg attachment to this bug report it
seems that there may be a problem with your hardware. I'd recommend
performing a back up and then investigating the situation. Measures you
might take
Pavel, OMJ, maybe execsnoop-bpfcc from bpfcc-tools can help spot what
program is starting your dbus-daemons?
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1273258
Changing away from 'nogroup' would be good, that's for NFS use (similar
to 'nobody').
Using ACLs to grant the _apt user permission to work with specific files
sounds good to me. Perhaps not all editors know to maintain those when
writing new files with the same name, or perhaps know to fall back
Oliver, from the lastlog(8) manpage:
The lastlog file is a database which contains info on the
last login of each user. You should not rotate it. It is a
sparse file, so its size on the disk is usually much smaller
than the one shown by "ls -l" (which can indicate a
ALinuxUser, Xiaofan Chen's example was unbinding the usbhid driver via
the /sys/bus/usb/drivers/usbhid/unbind control file -- yours is using
/sys/bus/usb/drivers/usb/unbind instead. You probably have to use the
control file that corresponds to the driver your device is using. (Check
lsusb -t
This comment looks promising
https://github.com/mesonbuild/meson/issues/9690#issuecomment-986872688
It identifies https://github.com/openssl/openssl/pull/13256 and
https://github.com/openssl/openssl/pull/13218 as candidate fixes.
** Bug watch added: github.com/mesonbuild/meson/issues #9690
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: linux-firmware (Ubuntu)
Assignee: Seth Forshee (sforshee) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1928393
Title:
linux-firmw
Ah, that's good for the health of your storage :)
Please follow up with the debug symbols and reproduction instructions.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
Hmm, something else to keep in mind: many aarch64 systems run on SD
cards or USB memory sticks and those are notorious garbage.
Is this a reasonable hard drive or is this cheap flash storage? Are
there messages in dmesg that might indicate filesystem or block storage
errors?
If this isn't a real
Can you provide more information on your environment and how to
reproduce this? I wasn't able to reproduce this on my rpi3b+ running
focal, with either libssl1.1 1.1.1f-1ubuntu2.8 or 1.1.1f-1ubuntu2.9:
First, 1.1.1f-1ubuntu2.8 installed:
$ curl -v https://graph.facebook.com/v12.0/act_111/
*
** Attachment added: "archive grep for CONF_modules_load_file"
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1921518/+attachment/5541087/+files/openssl-conf-modules-load-file-15-10%3A46%3A37.gz
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
This guide describes how to make a copy of gnupg files in order to
create a duplicate card:
https://zach.codes/ultimate-yubikey-setup-guide/
It would be nice if such a guide weren't necessary.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which
*** This bug is a duplicate of bug 1813873 ***
https://bugs.launchpad.net/bugs/1813873
daniel-sokolov, this bug was fixed in Ubuntu kernels two and a half
years ago. Do you really have such an old kernel? I suggest asking for
help in Mint support channels -- hopefully someone can walk you
Your daughter does good work :)
Thanks
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1948339
Title:
Hello Andrew, I don't understand what exactly is broken; your logs show
a lot of AppArmor profiles loading without trouble.
What are you trying to do? What's going wrong?
Thanks
** Changed in: apparmor (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you
** Package changed: ca-certificates (Ubuntu) => ubuntu-release-upgrader
(Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1947394
Title:
package
Now that the security team has some new hires, we're looking at reviving
this series of tasks. Looking through the bug I have come up with the
following outstanding items:
- Add a .symbols file to opensc
- try to add vsmartcard-vpicc + vsmartcard-vpcd autopkgtests
- a formal list of 'supported
Worked for me on my daily workstation:
⏚ [sarnold:~/trees] 100 $ sudo apt install -tfocal-proposed libpam0g
libpam-runtime libpam-modules-bin libpam-modules
Reading package lists... Done
Building dependency tree
Reading state information... Done
Recommended packages:
update-motd
The
You can find older packages on the "full publishing history" from
launchpad:
https://launchpad.net/ubuntu/+source/ca-certificates/+publishinghistory
You can either download it manually or use the pull-lp-debs(1) command
from the ubuntu-dev-tools package.
Thanks
--
You received this bug
I initially preferred your option two, a drop-in file in whichever nis
and ldap binary packages, on principle of trying to keep the mitigations
in place if we can.
But your case for a difficult debugging session is persuasive. Reading
the various bug reports around this, option three seems pretty
Hello, can you please look for ip_tables.ko in
/lib/modules/*/kernel/net/ipv4/netfilter/ip_tables.ko ? Which linux-
modules-* package and which linux-image-* packages do you have
installed?
Thanks
** Package changed: iptables (Ubuntu) => linux (Ubuntu)
--
You received this bug notification
On Tue, Aug 31, 2021 at 12:45:38AM -, Ubfan wrote:
> Since 20.04, there are no /bin and /sbin directories, they are just
> links to /usr/sbin and /usr/bin -- perhaps they should be eliminated
> from the default PATH.
Does it matter if you upgraded from 18.04 or 19.10 vs a fresh install?
Just how bad are the consequences of not promoting this package to main?
The code is fairly gross. There's absolute gobs of writing outside array
bounds, resource leaks, potential uses of uninitialized variables, etc.
I don't know if there's any security-relevant findings -- busybox is
almost
dmesg in bug reports is fantastically helpful: it is a very fast and
reliable way to diagnose many classes of hardware problems or filesystem
flaws or kernel module incompatibilities that show up to the user as
bugs in their programs. Having it available has saved both developers
and users a *lot*
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1427600
Title:
apport-unpack: ValueError: ['UserGroups'] has no
Hello Rucel, my guess is you've installed the lilo package. This is not
supported. If you can identify a bugfix it could probably be integrated
but honestly it'd be easier to either figure out how to use grub in your
environment or switch to another distribution that does support using
lilo. Grub
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1937071
Title:
package initramfs-tools 0.136ubuntu6.6
Beautiful, thanks for the large range of tests :)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1927078
Title:
Don't allow useradd to use fully numeric names
Status in
Public bug reported:
Ubuntu carries a patch for gdb, ptrace-error-verbosity.patch, to print
some extra information about why attaching to a process might have
failed. This inserts a fprintf_unfiltered() call between the ptrace()
and the corresponding perror(). Recently something has changed which
Ah, that explains that.
Would you mind adding tests for a few more usernames?
0root
0
00
0.0
0x0
0-0
0_0
0.o
0xo
0-o
0_o
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
See also https://github.com/snapcrafters/discord/issues/23 -- there may
be some other advice buried in there on how to deal with the deluge
while also not giving discord permission to see all the processes you're
running.
Thanks
** Bug watch added: github.com/snapcrafters/discord/issues #23
Heh, a comment in Jawn's debdiff:
* User/group names must match [a-z_][a-z0-9_-]*[$]
I found period also worked fine:
root@u20:~# useradd 0.0
root@u20:~# getent passwd 0.0
0.0:x:1001:1001::/home/0.0:/bin/sh
root@u20:~# userdel 0.0
root@u20:~# getent passwd 0.0
root@u20:~# exit
I know
On Wed, Jun 16, 2021 at 09:15:32PM -, Steve Langasek wrote:
> Disallowing leading numeric digits entirely would, unfortunately,
> disable a significant class of valid usernames in conflict with
> historical usage.
Admins are still able to hand-edit /etc/passwd, /etc/shadow, and mv
home
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary file reads
Status in apport
Wonderful, thanks Daniel!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bluez in Ubuntu.
https://bugs.launchpad.net/bugs/1926548
Title:
The gatt protocol has out-of-bounds read that leads to information
leakage
Status
Daniel, are you sure about that fixed-in-5.56 bug tag? I can't spot the
referenced commit in the tarballs 5.55, 5.56, 5.57, 5.58 from:
http://www.bluez.org/
nor in the github sources:
https://github.com/bluez/bluez/blob/master/src/gatt-database.c#L1054
nor the kernel.org sources:
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bluez in Ubuntu.
https://bugs.launchpad.net/bugs/1926548
Title:
The gatt protocol has out-of-bounds read
Hello Eric, thanks for doing the research on this issue.
Does the coredump look like this may be exploitable in some fashion?
Is the crash something that affects anything beyond the specific process
serving the client in question?
Thanks
--
You received this bug notification because you are a
** Also affects: debconf (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1930301
Title:
package libpam0g:amd64
** Summary changed:
- sudo apt install timeshift Reading package lists... Done Building dependency
treeReading state information... Done The following NEW packages will
be installed: timeshift 0 upgraded, 1 newly installed, 0 to remove and 0 not
upgraded. 1 not fully installed or
Hello Milan, I just tested an upgrade:
Unpacking isc-dhcp-server (4.4.1-2.1ubuntu5.20.04.2) over
(4.4.1-2.1ubuntu5) ...
and my /etc/default/isc-dhcp-server modifications had been left in
place.
The maintainer scripts will create a new one if the file cannot be read:
Great, thanks Ian.
** Package changed: ubuntu => openssh (Ubuntu)
** Changed in: openssh (Ubuntu)
Status: Incomplete => Invalid
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
The usual way we determine if a package is in main or not is to check
the package lists; will the promotion step make the systemd-container
binary package visible to package lists or rmadison output?
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
Gunnar, indeed, it had much less in it than I expected; I don't know
much about the snap packaging for Chromium, but it looked to me like it
was trying to do bluetooth things and that's all that was denied.
I'm no fcitx expert but I didn't think it looked related.
Thanks
--
You received this
On Tue, May 18, 2021 at 07:39:48PM -, Gunnar Hjalmarsson wrote:
> On 2021-05-16 22:23, Gunnar Hjalmarsson wrote:
> > As regards apparmor it's possible that no change is needed.
>
> Well, I simply tested with the Chromium snap. fcitx5 does not work in
> Chromium, while fcitx4 does. So
Thanks for the strace, these looked like the 'important' parts:
sendto(3, {{len=56, type=AUDIT_SET, flags=NLM_F_REQUEST|NLM_F_ACK, seq=3,
pid=0},
"\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa2\xb8\x29\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"...},
56, 0,
Matthew, thanks so much! sounds good to me.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1926254
Title:
x509 Certificate verification fails when
Hello Dan and Matthew, thanks for working on this. I gave the debdiffs a
look, skimmed through openssl changes, and don't see any reason to not
do this. There *are* larger changes to that function in
https://github.com/openssl/openssl/commit/1e41dadfa7b9f792ed0f4714a3d3d36f070cf30e
-- but it's a
Thanks Marco, I'll take pam-pkcs11 off our todo list. (This can be
reversed, of course. If it turns out to be necessary for something,
someone shout. :)
Thanks
** Changed in: pam-pkcs11 (Ubuntu)
Status: New => Invalid
** Changed in: pam-pkcs11 (Ubuntu)
Assignee: Ubuntu Security Team
** Description changed:
+ SRU Justification
+
+ [Impact]
+
+ Hot removal of disks under kvm on s390 does not result in the kernel
+ removing the block device, which can lead to hung tasks and other
+ issues.
+
+ [Test Plan]
+
+ See steps to reproduce the bug in the original description below.
The condition for css_sch_device_unregister(sch) also caught my eye,
calling it unconditionally is probably closer to right because it was
called in the !cdev case before, and in the attached patch it would no
longer be called in this case. However I think in the short term the
revert is the
The commit reverts cleanly. We need to confirm that reverting the commit
does fix the issue. I put a test build here, please test.
https://people.canonical.com/~sforshee/lp1925211/
I doubt we can get a new kernel into the release. If it's extremely
urgent we can consider a day 0 SRU kernel for
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libcaca in Ubuntu.
https://bugs.launchpad.net/bugs/1923273
Title:
libcaca buffer-overflow
Status in
Hello, this sounds like surprising advice to me -- afterall the
/etc/passwd file is 644. I don't know what would be the point of hiding
this 'backup' file. Does the benchmark give a rationale for this?
Thanks
** Information type changed from Private Security to Public Security
** Changed in:
Thank you for taking the time to report this bug and helping to make
Ubuntu better. Reviewing your dmesg attachment to this bug report it
seems that there may be a problem with your hardware. I'd recommend
performing a back up and then investigating the situation. Measures you
might take
Hello Jeffrey, this reminds me a little of
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1876320 -- but
it's also something that should have been addressed last year.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
Hello Alex, I would guess that the reason why the permissions are
incorrect is probably whatever tool added four copies of this to your
sudoers:
ALL ALL=(ALL) NOPASSWD:/usr/share/dtsremoter/remoterserver
ALL ALL=(ALL) NOPASSWD:/usr/share/dtsremoter/remoterdelegate
Any tool that would do that is
AppArmor just enforces the policies that were given to it; please report
this issue to whoever packaged the snap you're using.
Thanks
** Changed in: apparmor (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1899193
Title:
local denial of service due to parsing bugs
What's the output of:
lsattr -l /etc/sudoers
Please note that the sudoers file should only ever be edited with
visudo, which will perform safety checks on the file when you try to
save it.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1916256
Title:
NVIDIA Driver not working
Status in xorg package
Hello,
chown: alterando o dono de '/etc/sudoers': Operação não permitida
Is there any chance you've set attrs on this file to prevent it from
being modified?
THanks
** Changed in: sudo (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of
*** This bug is a duplicate of bug 1871794 ***
https://bugs.launchpad.net/bugs/1871794
** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pulseaudio in Ubuntu.
Hello, there are untested packages in https://launchpad.net/~ubuntu-
security-proposed/+archive/ubuntu/ppa/+packages in case you wish to test
them in your environment.
Thanks
** Information type changed from Private Security to Public Security
--
You received this bug notification because you
Hello, note this line from the automatically added contents:
SSHDConfig: Error: command ['/usr/sbin/sshd', '-T'] failed with exit
code 255: /etc/ssh/sshd_config line 1: garbage at end of line; "to".
It looks like your /etc/ssh/sshd_config file may be incorrect.
Thanks
** Changed in: openssh
101 - 200 of 1771 matches
Mail list logo
