I need to see the filenames that got rejected. You can send them to me
in private is required. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsync in Ubuntu.
https://bugs.launchpad.net/bugs/2009575
Title:
Upgrade
Yes, I plan on releasing 3.2.7 to jammy and kinetic as a security update
possibly next week, so that should take care of this issue at the same
time.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsync in Ubuntu.
https://bug
Thanks! New changelog looks good, I am uploading it now, with a slight
change to split one of the lines that was long and generating a lintian
error.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs
It looks like you forgot to add the following to the changelog:
- debian/control:
+ Build-Conflicts on fakeroot (<< 1.25.3-1.1ubuntu1)
- debian/sudo[-ldap].manpages: install man/man8/sudo_root.8
- debian/sudo[-ldap].init: delete init scripts, as they are no longer
necessary
Minor OpenSSL releases have historically introduced a whole lot of
behaviour and API changes that required fixing dozens of other packages
in the archive. I don't recommend putting 3.0.5 in backports.
What I suggest is to actually SRU the 3-4 commits that fix
SSL_OP_LEGACY_SERVER_CONNECT to the ve
** Changed in: ca-certificates (Ubuntu Lunar)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ca-certificates in Ubuntu.
https://bugs.launchpad.net/bugs/1998785
Title:
Remove Trus
/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ
Upstream commit:
https://hg.mozilla.org/projects/nss/rev/a871902c05907db3150ac8b7f6a80dd01b5d38c9
** Affects: ca-certificates (Ubuntu)
Importance: High
Assignee: Marc Deslauriers (mdeslaur)
Status: In Progress
Thanks for taking the time to report this bug and helping to make Ubuntu
better. This is not a bug, but rather expected behavior:
https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions
Please feel free to report any other bugs you may find.
** Information type changed from Private Security to Public
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
ACK from the security team to sync from unstable.
Please make sure the policy overrides in policykit-desktop-privileges
still work or are converted to their equivalent JS before doing so.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is sub
** Changed in: qtbase-opensource-src (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to qtbase-opensource-src in
Ubuntu.
https://bugs.launchpad.net/bugs/1987336
Title:
Multiple vulnerab
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
I also don't think this is a blocker anymore, as long as polkitd-pkla is
a strong dependency in Ubuntu, so we don't inadvertently stop shipping
it. It would be nice to get a similar list of packages in Ubuntu, as I
suspect we have many more than Debian. We may also need to update the
policykit-desk
This was addressed in the python packages in Jammy.
We will not be enabling PIE in the stable releases, so I am marking those
particular tasks as Won't Fix.
Thanks!
** Changed in: python3.6 (Ubuntu)
Status: Confirmed => Won't Fix
** Changed in: python3.7 (Ubuntu)
Status: Confirmed
** Changed in: openafs (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279
Title:
linux from security may force reb
** Changed in: gst-plugins-bad1.0 (Ubuntu)
Status: New => Fix Committed
** Changed in: gst-plugins-bad1.0 (Ubuntu)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, wh
** Changed in: binutils (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1974265
Title:
`demangle_const` causes infinite recursion
** Changed in: gdk-pixbuf (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gdk-pixbuf in Ubuntu.
https://bugs.launchpad.net/bugs/1982898
Title:
CVE-2021-46829: Buffer overw
ACK on the debdiff in comment #5, I am currently building it (with a
slight change to add the bug number to the changelog) and will release
it as a security update next week. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribe
Since the upstream bug is public, I am making this bug public also.
** Bug watch added: GCC Bugzilla #105115
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105115
** Also affects: binutils via
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105115
Importance: Unknown
Status: Unknown
*
Oh, so it only copies the file over on new installs, that makes sense,
and could be easily changed in stable releases.
I have no big preference, but perhaps it would be good to have it SRUed
to 22.04.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
** Bug watch added: Debian Bug tracker #1009927
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009927
** Also affects: krb5 (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009927
Importance: Unknown
Status: Unknown
** Changed in: krb5 (Ubuntu)
Status: Ne
There is an openssl security update announced for June 21st. If the
package in -proposed doesn't get tested and switched to "verification-
done", it will be superseded by a security update once again.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
This is also required:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/profiles/audio/avdtp.c?id=0388794dc5fdb73a4ea88bcf148de0a12b4364d4
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bluez in Ubuntu.
https://bugs
*** This bug is a security vulnerability ***
Public security bug reported:
This bug is to track the security update that will contain these
possibly security-relevant commits:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e2b0f0d8d63e1223bb714a9efb37e2257818268b
https://git.kern
My understanding is the Debian experimental version doesn't support both
at the same time, it's one or the other depending on which binary
package you install. We definitely don't want that.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is s
Changed in: ca-certificates (Ubuntu Bionic)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Focal)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Impish)
Assignee: (unassigned) => Ma
)
Importance: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: In Progress
** Affects: ca-certificates (Ubuntu Focal)
Importance: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: In Progress
** Affects: ca-certificates (Ubuntu Impish)
Importance
** Information type changed from Private Security to Public Security
** Also affects: accountsservice (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: accountsservice (Ubuntu Kinetic)
Importance: High
Status: Fix Released
** Changed in: accountsservice (Ubunt
This was published here:
https://ubuntu.com/security/notices/USN-5427-1
Thanks!
** Changed in: apport (Ubuntu)
Status: In Progress => Fix Released
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubun
** Bug watch added:
gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues #840
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/840
** Also affects: network-manager via
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/840
Importance: Unkn
Great, thanks!
** Changed in: policykit-1 (Ubuntu)
Status: Incomplete => Invalid
** Changed in: systemd (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
I'm setting the status of this bug as "incomplete". Please let us know
if that solved the problem for you or not. Thanks!
** Changed in: policykit-1 (Ubuntu)
Status: New => Incomplete
** Changed in: systemd (Ubuntu)
Status: New => Incomplete
--
You received this bug notification b
Systemd has a bunch of "imply" rules on other actionstry adding the
following:
[Disable more reboot actions]
Identity=unix-user:*
Action=org.freedesktop.login1.reboot-ignore-inhibit;org.freedesktop.login1.set-reboot-*
ResultActive=no
ResultInactive=no
ResultAny=no
--
You received this bug no
** Changed in: apport (Ubuntu Eoan)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1885633
Title:
[ZDI-CAN-11233]: apport Unnecessary
We do not want policykit to use the unmaintainable mozjs backend. That
would be a hard NACK from the Security Team.
The duktape backend has been merged upstream. So in order to sync this
to Ubuntu, the following must be done:
1- Get Debian to switch to the duktape backend
2- Get Debian to transit
Unfortunately the package in bionic-proposed got superseded by a
security update and will need to be re-uploaded.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1940141
Titl
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is availabl
** Changed in: tiff (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tiff in Ubuntu.
https://bugs.launchpad.net/bugs/1971001
Title:
Multiple vulnerabilities in Trusty, Xenial, Bionic,
Thanks, I've added it to our tracker now.
** Information type changed from Private Security to Public Security
** Changed in: nss (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss i
Oh, so the other alternative is to leave the following after the "auth
sufficient pam_faillock.so authsucc":
auth requisite pam_deny.so
The example in the manpage uses pam_deny.so, so that's why it works.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded pack
I believe the problem is here:
auth sufficient pam_faillock.so authsucc
sufficient = "A failure of a sufficient module is ignored and processing
of the PAM module stack continues unaffected."
So if you want pam_faillock to be able to reject authentication
attempts, it needs to be:
auth required
Thanks for reporting this. I don't see that attached reproducer. Could
you please attach it again?
** Changed in: binutils (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
ACK on the two PR9780* patches, but I must say I'm a bit uncomfortable
making a bug fix optional (which is what is done in the lp1940141*
patches).
While it does change what is returned to the client, that part shouldn't
be there in the first place. While it's nice to be overly cautious, we
don't
ACK from the security team to pocket-copy to -security.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
https://bugs.launchpad.net/bugs/1965791
Title:
Update tzdata to version 2022a
Status in tzdata packa
This update will fix CVE-2022-0778, so the security team is interested
in seeing it in jammy.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0778
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in U
Any updates on this?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1958284
Title:
shutdown hangs at "Waiting for process: ..." for 90s, ignoring
DefaultTimeoutStopSec
** Package changed: unattended-upgrades (Ubuntu) => webkit2gtk (Ubuntu)
** Changed in: webkit2gtk (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu
I just rebuilt and released libglvnd binaries into the -security pocket.
This includes the libopengl0 binary package. This should allow
unattended-upgrades to install libopengl0 automatically when pulling in
the webkitgtk update.
--
You received this bug notification because you are a member of U
> To upgrade to webkit2gtk 2.34.6-0ubuntu0.20.04.1, u-a must install
libopengl0, either 1.3.1-1 from the main archive or
1.3.2-1~ubuntu0.20.04.1 from -updates. However, -updates is not a
trusted source for u-a when configured like this, so the only candidate
is 1.3.1-1. Unfortunately libopengl0 1.3
The new dependency on libopengl0 is expected. The new version of
WebKitGTK fixed opengl detection and the new dependency is now required.
I am going to re-assign this bug to unattended-upgrades. If it's not
willing to install new dependencies, it definitely should get fixed as
some security update
ACK, other changes look good. Synced. Thanks!
** Changed in: audit (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to audit in Ubuntu.
https://bugs.launchpad.net/bugs/1961981
Title:
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: poppler (Ubuntu)
Status: New => Confirmed
** Changed in: poppler (Ubuntu)
Importance: Undecided => Low
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to poppler in Ubuntu.
https://bugs.launchpad.net/bug
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1960736
Title:
Libnss3 doesn't log SEC_ERROR_UNKNOWN_PKCS11_ERROR pr
ACK from the security team on the changes in the MP.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1863930
Title:
SSH 1.99 clients fail to connect to openssh-server 1:7.6
This update needs to go in the -security pocket since it is a security
fix, but it likely can't just be copied, it would need to be rebuilt.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to qtbase-opensource-src in
Ubuntu.
http
This was released today: https://ubuntu.com/security/notices/USN-5179-1
** Changed in: busybox (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to busybox in Ubuntu.
https://bugs.launch
It's "low" because I don't believe our use of busybox runs untrusted awk
scripts.
There are test packages available in the security team PPA here:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages
They will probably be released this week.
--
You received this bug n
ACK on the package. Looks good, uploaded. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1945795
Title:
krb5: Fail to build against OpenSSL 3.0
Status in krb5 packag
Oh! Right, I didn't notice it was just an extra changelog entry for the
ppa.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1945795
Title:
krb5: Fail to build against OpenSSL
Hi, thanks for preparing the package, but to be sponsored the
debian/changelog needs a better description than "PPA upload". Could you
please update it with an appropriate changelog including the patch name,
what the patch does, and a LP tag to this bug?
Thanks!
--
You received this bug notifica
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1944788
Title:
URI defined for connectivity check is rel
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
If you look into the openvpn configuration file that Network Manager
creates for your connection in /etc/NetworkManager/system-connections,
could you please paste the [ipv4] and [ipv6] sections?
** No longer affects: ubuntu
** Changed in: network-manager (Ubuntu)
Status: New => Incomplete
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is availabl
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Older releases of Ubuntu used a group called "admin" instead of "sudo"
which is the name Debian chose later on.
We need to maintain the "admin" group rights in our sudoers file for
people upgrading from earlier Ubuntu releases. If we remove it, they
will no longer have sudo rights after upgrading.
** Changed in: apport (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1948657
Title:
Oct 2021 security update tracking bug
Statu
*** This bug is a security vulnerability ***
Public security bug reported:
This is the tracking bug for the October 2021 security udpdate.
** Affects: apport (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch
** Changed in: ca-certificates (Ubuntu Impish)
Status: New => Fix Committed
** Changed in: ca-certificates (Ubuntu Trusty)
Status: New => Fix Released
** Changed in: ca-certificates (Ubuntu Xenial)
Status: New => Fix Released
--
You received this bug notification because yo
** Changed in: libcaca (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libcaca in Ubuntu.
https://bugs.launchpad.net/bugs/1923273
Title:
buffer-overflow on libcaca-0.99.beta20/export
** Changed in: openjdk-13 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-14 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-15 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-16 (Ubuntu)
Status: New => Won't Fix
** Changed in: openjdk-17 (
)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Focal)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-certificates (Ubuntu Hirsute)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: ca-cer
*** This bug is a security vulnerability ***
Public security bug reported:
USN-5079-1 introduced a regression in bionic:
https://ubuntuforums.org/showthread.php?t=2467177
Focal+ appear to work as intended.
** Affects: curl (Ubuntu)
Importance: Undecided
Status: New
--
You recei
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1933832
Title:
Path traversal leads to arbitrary file re
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1934308
Title:
Arbitrary file read in general hook (ubun
I'd rather these go through the SRU process first, and they will get
picked up automatically next time we do an openssl security update.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad
No, they do not include the fixes from this bug.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1921518
Title:
OpenSSL "double free" error
Status in openssl package in Ub
Thanks for reporting this issue, but we disabled SSLv3 in 2015 in Ubuntu
16.04 LTS. There is absolutely no chance we will be enabling it again.
** Changed in: openssl (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded pa
Here's the debconf bug report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1934501
Title:
CVE-2018-15473 patch
This isn't specific to the openssh update. Debian packages use tools
such as debconf that need to write to /tmp to function correctly.
** Bug watch added: Debian Bug tracker #223683
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683
--
You received this bug notification because you are
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1934501
Title:
CVE-2018-15473 patch introduce user enum
** Information type changed from Private Security to Public Security
** Changed in: apport (Ubuntu)
Status: Incomplete => Confirmed
** Changed in: apport (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Touch seeded pa
** Changed in: openssh (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1937883
Title:
ssh-agent Shielded Private Key Extraction
St
dpkg-buildpackage: info: source changed by Marc Deslauriers
dpkg-source --before-build .
dpkg-source: warning: can't parse dependency perl:native
dpkg-source: error: diff 'openssl-1.1.1f/debian/patches/pr12272.patch'
patches files multiple times; split the diff in multiple files
I think the patch in comment #1 looks reasonable.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1928989
Title:
expiring trust anchor compatibility issue
Status in openss
** Changed in: apport (Ubuntu Impish)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary
** Bug watch added: github.com/cacalabs/libcaca/issues #55
https://github.com/cacalabs/libcaca/issues/55
** Also affects: libcaca via
https://github.com/cacalabs/libcaca/issues/55
Importance: Unknown
Status: Unknown
** Changed in: libcaca (Ubuntu)
Status: New => Triaged
--
** Bug watch added: github.com/cacalabs/libcaca/issues #56
https://github.com/cacalabs/libcaca/issues/56
** Also affects: libcaca via
https://github.com/cacalabs/libcaca/issues/56
Importance: Unknown
Status: Unknown
** Changed in: libcaca (Ubuntu)
Status: New => Triaged
--
** Changed in: apport (Ubuntu Bionic)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
** Changed in: apport (Ubuntu Focal)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
** Changed in: apport (Ubuntu Groovy)
Assignee: SatoshiNakamoto (evansanita713) => (unassig
** Changed in: apport (Ubuntu Bionic)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary
There was an update to libwebp that fixed a bunch of security issues:
https://ubuntu.com/security/notices/USN-4971-1
Could you test again to see if the issue is resolved? Thanks!
** Changed in: libwebp (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you
Thanks for reporting the issue!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1930917
Title:
Latest isc-dhcp-server rejects proper dhcpd.conf
Status in isc-dhcp package
101 - 200 of 1123 matches
Mail list logo
