** Description changed:
+ SRU Team; the packages for focal-proposed and jammy-proposed are
+ intended as security updates prepared by the Ubuntu Security team (and
+ have built in a ppa with only the security pockets enabled). However,
+ because the fix makes mount rules in apparmor policy be
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu)
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
This has been fixed in the regression tests in the upstream AppArmor
project, and that patch has been incorporated into the lp:qa-regression-
testing script for apparmor (thanks Georgia!), so tests for the kernel
should not fail in this way now.
--
You received this bug notification because you
Ack from the Ubuntu Security team for these updates to go to the
security pocket as well, as per
https://wiki.ubuntu.com/StableReleaseUpdates#tzdata .
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
These updates have been pocket copied into the security pockets for
kinetic, jammy, and focal. Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
https://bugs.launchpad.net/bugs/1995601
Title:
tzdata
Ack from the Security Team for the tzdata updates to go to security
pocket. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
https://bugs.launchpad.net/bugs/1995209
Title:
tzdata 2022f release
tzdata updates were published to both trusty/esm and xenial/esm. Thanks!
** Also affects: tzdata (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: tzdata (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: tzdata (Ubuntu Trusty)
Status:
FYI, because of the way python has incorrectly handled timezomes in the
past, the python3-icu tests fail, at least when run in a timezone that
is -0700 for releases like bionic and older. For example, taking the
very similar testcase for the prior 2022c update in LP: #1986984, on
ubuntu 18.04 it
** Changed in: ccid (Ubuntu)
Assignee: Ray Veldkamp (rayveldkamp) => Ubuntu Security Team
(ubuntu-security)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcsc-lite in Ubuntu.
https://bugs.launchpad.net/bugs/1892559
** Changed in: apparmor (Ubuntu)
Status: Expired => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1703821
Title:
Dovecot and Apparmor complains at
Hi, thanks for reporting your issue. One possible cuase for this is that
it seems your system is having disk problems, as seen in the dmesg
output:
[13489.632083] ata4.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[13489.632092] ata4.00: BMDMA stat 0x25
[13489.632097] ata4.00: failed
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Tags added: sec-407
** Tags added: sec-408 sec-409
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcsc-lite in Ubuntu.
https://bugs.launchpad.net/bugs/1892559
Title:
[MIR] ccid opensc pcsc-lite
Status in ccid package
** Also affects: cron (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: cron (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: cron (Ubuntu Xenial)
Status: New => Triaged
** Changed in: cron (Ubuntu Bionic)
Status: New => Triaged
Given that this issue is public in the freedesktop gitlab instance, I'm
making this issue public here as well.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed
** Information type changed from Private to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to busybox in Ubuntu.
https://bugs.launchpad.net/bugs/1214787
Title:
busybox crashed with signal 7
Status in busybox package
All work for this report has been completed, I believe the linux and
linux-meta tasks can be closed out as well.
** Changed in: linux (Ubuntu)
Status: Triaged => Fix Released
** Changed in: linux-meta (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification
Okay from the Ubuntu Security team for these tzdata updates to land in
security pockets. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
https://bugs.launchpad.net/bugs/1948698
Title:
Update
This was fixed for xenial/esm with tzdata 2021a-2ubuntu0.16.04+esm1 and
for trusty/esm with tzdata 2021a-2ubuntu0.14.04+esm1. Thanks Brian, for
preparing these updates!
** Changed in: tzdata (Ubuntu Xenial)
Status: New => Fix Released
** Also affects: tzdata (Ubuntu Trusty)
Importance:
I am not aware of a security impact from this issue, so if it is to be
addressed in xenial ESM, it would eed to go through a support request.
closing the xenial tasks as Won't Fix.
** Changed in: python2.7 (Ubuntu Xenial)
Status: New => Won't Fix
** Changed in: python3.5 (Ubuntu Xenial)
For python2.7, this was fixed in
https://github.com/python/cpython/commit/a5c9112300ecd492ed6cc9759dc8028766401f61
which landed in 2.7.15, so has been fixed in bionic-updates and newer.
** Changed in: python2.7 (Ubuntu Bionic)
Status: New => Fix Released
** Changed in: python2.7 (Ubuntu)
** Information type changed from Private to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libav in Ubuntu.
https://bugs.launchpad.net/bugs/1352007
Title:
avconv crashed with SIGSEGV in paint_mouse_pointer()
** Information type changed from Private to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libav in Ubuntu.
https://bugs.launchpad.net/bugs/1368481
Title:
avconv assert failure: avconv:
** Attachment removed: "CoreDump.gz"
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980943/+attachment/3059934/+files/CoreDump.gz
** Information type changed from Private to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
The Ubuntu Security Team is okay with publishig the xenial openssl in
proposed (1.0.2g-1ubuntu4.20) to xenial-security and updates. I didn't
see any symbol changes or dependency changes in the binaries that would
have indicated that building against xenial-updates was a problem.
Thanks!
--
You
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
This was fixed in Ubuntu packages in
https://ubuntu.com/security/notices/USN-3816-1 ; adjusting the state to
reflect that a fix was released.
Thanks.
** Changed in: systemd (Ubuntu)
Status: Invalid => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Assigning the verification and publication to xenial-security to myself.
Thanks.
** Changed in: openssl (Ubuntu Xenial)
Assignee: (unassigned) => Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscri
The root issue is likely something in the utf-8 handling code in glibc
on arm64 hirsute and impish; the reproducer is:
bash -c 'i=210; echo -n $(printf "\\$(printf "%03o" $i)") | od -An -t uC'
210 138
running valgrind in a default environemnt (so LANG=en_US.UTF-8) turned
up
==46656== ERROR
Georgia's patch was committed in the upstream apparmor project in
https://gitlab.com/apparmor/apparmor/-/commit/458a981b6242e8b1cce1599ca95d89dcd10f60e7
in https://gitlab.com/apparmor/apparmor/-/merge_requests/765 and was
cherrypicked to the apparmor-3.0 branch amongst others in
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1932331
Title:
ubuntu_qrt_apparmor: i18n
Yes, the systemd-container package will end up in main, likely for the
current package in bionic-updates, and thus will be reflected that way
in rmadison etc.
For the record, ack from the Ubuntu Security Team on promoting the
systemd-container binary from universe to main in bionic.
Thanks.
--
The Ubuntu Security team is +1 on disallowing purely numeric usernames,
as they are too easily confused with UIDs.
I think our preference would be to disallow leading numeric digits
entirely so that for example, 0x0 and 0o0 would be blocked as well, to
try to prevent both user and programmatic
Public bug reported:
tcpdump has a sync from debian 4.99.0-2 that is currently blocked in
hirsute-proposed due to a regression in the apparmor adt tests. The
reason for this failure is that 'compile-policy' testcase is failing;
this test ensures that various apparmor policies included in packages
Please note that upstream has indicated that this issue only affects the
xmllint binary, and not the shared library.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libxml2 in Ubuntu.
https://bugs.launchpad.net/bugs/1895839
es can be dropped that much
easier. Thanks.
--
Steve Beattie
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1923432
Title:
apparmor-utils: missing CAP_CHECKPOINT_RESTORE in
://gitlab.com/apparmor/apparmor/-/commit/80efc15e18a6bb0d0abd2821cb03bf6be51cc517
This should be safe to cherrypick for hirsute.
(Similar cherrypicks occurred for prior AppArmor branches.)
--
Steve Beattie
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages
This was addressed in https://ubuntu.com/security/notices/USN-4891-1 .
** Information type changed from Private Security to Public Security
** Changed in: openssl (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see
Ack by the Ubuntu Security team to move rsyslog-gnutls to main, both for
hirsute, and for bionic, focal, and groovy. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsyslog in Ubuntu.
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1919285
Title:
Nvidia
Status in xorg package in Ubuntu:
New
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1916893
Title:
Regression - upate python2.7 for
Hello Yiğit,
Sorry for the delay in responding to this issue. This issue was
originally identified as CVE-2015-1197 and fixed around the same time
frame. It was addressed in upstream cpio commit
https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca
in a
Hi Adam,
Marking public given the public bug reports elsewhere.
It looks like upstream addressed this in network-manager 1.28, which has
not made it into Ubuntu yet.
** Information type changed from Private Security to Public Security
** Changed in: network-manager (Ubuntu)
Status: New
** Changed in: tar (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.net/bugs/1912091
Title:
Memory Leak GNU Tar 1.33
Status in tar package in
Hi Dimitri, I don't know that all dkms SRUs need to go to the security
pockets, but ones that fix build issues surely do, given the problems
that a dkms build failure causes in package installs.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which
Ah yes, /usr/sbin/update-ca-certificates is deleting the ca-
certificates.crt shortly before atomically moving the new version into
place.
It looks like a fic was committed in debian for this a couple of weeks ago:
For fixing this via an SRU for focal and groovy, the Ubuntu Security
team is okay with the result of this going to the security pocket,
assuming the update is built in a ppa where only security updates are
enabled.
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Hi Brian, thanks for preparing the debdiffs. I built, tested, and
published the updated tzdata packages to the trusty/esm and precise/esm
archives.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1904082
Title:
apport's log collecting leaks MAC
** Changed in: openssl (Ubuntu)
Status: New => Invalid
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
Oh, I was expecting that it would also be desirable to SRU this back to
focal, as I expected CONFIG_SECURITY_DMESG_RESTRICT to come back with
the HWE kernels, but looking at the config for linux-hwe-5.8, it appears
that the old behavior was kept.
--
You received this bug notification because you
*** This bug is a duplicate of bug 1912122 ***
https://bugs.launchpad.net/bugs/1912122
** This bug has been marked a duplicate of bug 1912122
/var/log/dmesg is 0644, should be 0640 to match new DMESG_RESTRICT
restrictions
--
You received this bug notification because you are a member of
The Ubuntu Security team would like to see this fixed, though it
probably would be worth adding the following change to the service file
so that on log rotation the permissions are corrected as well:
-ExecStartPre=-/usr/bin/savelog -q -p -n -c 5 /var/log/dmesg
+ExecStartPre=-/usr/bin/savelog
Hi Brian,
Thanks for the trusty and precise debdiffs. I have gone ahead and
published the updates to trusty-esm and precise-esm, after verifying the
fixes.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
After confirming the behavior around SystemV timezones and changed
timezones, tzdata 2020d-0ubuntu0.12.04 and tzdata 2020d-
0ubuntu0.14.04+esm1 are now published in their respective ESM releases.
Thanks for preparing the updates, Brian!
** Changed in: tzdata (Ubuntu Precise)
Status: In
Hey Vern,
Sorry you were having difficulties. 'sudo apt install -f' should cause
apt to attempt to finish installing packages that had problems during
the post install phase, where the error that is tripped over (like the
dangling symlink in /etc/ssl/certs) has been resolved.
** Changed in:
Thanks Brian, these look good, will take these into Trusty and Precise
ESM.
(For the record, I noticed that the 2020d dropped the US/Pacific-New
timezone, which was a symlink to the US/Pacific timezone. Testing
demonstrated that a system with a configured Pacific-New timezone
functioned correctly
** Changed in: tzdata (Ubuntu Precise)
Status: New => In Progress
** Changed in: tzdata (Ubuntu Trusty)
Status: New => In Progress
** Changed in: tzdata (Ubuntu Precise)
Assignee: (unassigned) => Steve Beattie (sbeattie)
** Changed in: tzdata (Ubuntu Trusty)
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-3374
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/856489
Title:
Improper verification of updated key via
That is correct (apparmor-notify package needs an added dependency on
python3-psutil). We have an upload in progress to address it.
Thanks!
** Changed in: apparmor (Ubuntu)
Status: New => In Progress
** Changed in: apparmor (Ubuntu)
Importance: Undecided => High
--
You received this
The fix for this is included in the apparmor 3.0.0~beta1-0ubuntu5 upload
into groovy-proposed, which is waiting to migrate to groovy.
** Changed in: apparmor (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch
** Changed in: apparmor (Ubuntu)
Status: Fix Released => Confirmed
** Changed in: ecryptfs-utils (Ubuntu)
Status: Fix Released => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1883793
Title:
systemd-resolved leaks mDNS queries to
Closing ntp task for groovy.
** Changed in: ntp (Ubuntu)
Status: New => Invalid
** Changed in: openssl (Ubuntu Bionic)
Status: In Progress => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ntp in
This is due to a change in behavior in make 4.3. It was addressed in the
upstream merge request
https://gitlab.com/apparmor/apparmor/-/merge_requests/461 and was
cherrypicked into the apparmor 2.13 branch via merge request
https://gitlab.com/apparmor/apparmor/-/merge_requests/465.
--
You
I also hit this again in focal on 2020-06-25, with an update to systemd
245.4-4ubuntu3.1; I had previously updated dbus to 1.12.16-2ubuntu2.1 on
2020-06-17 without event. It's still an issue at least with updates to
systemd in focal.
Similar messages end up in the journal:
Jun 25 13:04:55 kryten
** Changed in: openssl (Ubuntu Bionic)
Status: New => Confirmed
** Changed in: openssl (Ubuntu)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
** Changed in: nss (Ubuntu)
Status: New => In Progress
** Changed in: nss (Ubuntu Bionic)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
** Changed in: python3.7 (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1452115
Title:
Python interpreter binary is not
Updated groovy debdiff against the merge from debian currently in
groovy-proposed.
** Patch added: "rsyslog_8.2006.0-2ubuntu2.debdiff"
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1884887/+attachment/5388559/+files/rsyslog_8.2006.0-2ubuntu2.debdiff
** Patch removed:
Focal version.
** Patch added: "rsyslog_8.2001.0-1ubuntu1.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1884887/+attachment/5386929/+files/rsyslog_8.2001.0-1ubuntu1.1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
Fixed debdiff to add the bug reference for groovy.
** Patch removed: "rsyslog_8.2001.0-1ubuntu2.debdiff"
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1884887/+attachment/5386642/+files/rsyslog_8.2001.0-1ubuntu2.debdiff
** Patch added: "rsyslog_8.2001.0-1ubuntu2.debdiff"
Debdiff for groovy attached:
- adds a second ExecStartPost entru to chmod /var/log/dmesg
- adjusts the savelog(8) call in ExecStartPre to set the permission mode to
640 explicitly when rotating dmesg logs
** Patch added: "rsyslog_8.2001.0-1ubuntu2.debdiff"
Public bug reported:
[Impact]
The rsyslog dmesg systemd unit /lib/systemd/system/dmesg.service in
eoan, focal, and groovy create /var/log/dmesg* with the following
permissions:
-rw-r--r-- 1 root adm 45146 Jun 16 12:32 /var/log/dmesg
Most other system logs in /var/log/ are only readable by
Thanks for clarifying, closing.
** Changed in: rsyslog (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/1811861
Title:
incorrect
Hi John,
I'm not sure what's happened here, but the default
/etc/rsyslog.d/50-default.conf contains no such snippet (a pristine copy
is also stored in /usr/share/rsyslog/50-default.conf) and is managed via
ucf. The contents of a pristine version are attached.
Either another package you have
Ubuntu Security team ack for binary copying these into the security
pockets as well.
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
https://bugs.launchpad.net/bugs/1878108
Title:
new upstream
An initial port of aa-status to C landed in
https://gitlab.com/apparmor/apparmor/-/commit/8f9046b1b179190d0003ae1beacf460ee93c5090
and will e in the upcoming AppArmor 3 release. There is a follow up
improvement in https://gitlab.com/apparmor/apparmor/-/merge_requests/487
that should also land.
**
Oh, and I have no crash files in /var/crash/.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to accountsservice in Ubuntu.
https://bugs.launchpad.net/bugs/1871538
Title:
dbus timeout-ed during an upgrade, taking services
Hi, I had a similar crash this morning upgrading focal, after trying to
get unattended-upgrades to stop spinning on missing focal-security apt
list files. In this case, I don't use gnome-shell as my desktop
environment, but it still tore down my entire desktop environment and
caused gdm3 to
Public bug reported:
Unpacking libtool-doc (2.4.6-12) over (2.4.6-11) ...
dpkg: error processing archive
/tmp/apt-dpkg-install-tTUGeR/289-libtool-doc_2.4.6-12_all.deb (--unpack):
trying to overwrite '/usr/share/doc/libtool/AUTHORS', which is also in package
libtool 2.4.6-12
dpkg-deb: error:
** Summary changed:
- placeholder
+ python-apt uses MD5 for validation
** Description changed:
- Placeholder bug.
+ Only MD5 is checked (most versions)
+
** Summary changed:
- placeholder
+ python-apt downloads from untrusted sources where apt does not
** Description changed:
- Placeholder bug.
+ ptyhon-apt never checked whether the hashes it got were signed in the
+ first place. So, python-apt is happy to download files from unsigned
+
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tracker in Ubuntu.
https://bugs.launchpad.net/bugs/1843083
Title:
tracker-store crashed with SIGSEGV
Status in
Fix committed upstream:
https://gitlab.com/apparmor/apparmor/commit/7c7a4bc5311d983f2c4316252b830c52a5a0930b
and backported to apparmor-2.13.
We can work around this in qa-regression-testing or fix with an apparmor
upload.
** Changed in: apparmor (Ubuntu)
Assignee: Steve Beattie (sbeattie
The issue here is that in LP: #1817097 e2fsprogs was changed to use 4k
blocks by default regardless of the created fs size. Changing the
command to force a 1012 byte blocksize causes the mkfs.ext2 command to
succeed:
$ dd if=/dev/zero of=/tmp/image.ext3 bs=4096 count=20
20+0 records in
20+0
** Changed in: apparmor (Ubuntu)
Status: New => Confirmed
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in
Public bug reported:
The postinst for lvm2 includes a call to vgcfgbackup; in the version
included in eoan 2.03.02-2ubuntu4 (and 2.03.02-2ubuntu3 before it), this
command takes several minutes to run when invoked in an schroot as
happens when a building a package with sbuild that ends up pulling
Lukasz, all these packages look fine from the Ubuntu Security Team's
perspective. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171
Title:
New toolchain
** Changed in: binutils (Ubuntu)
Assignee: (unassigned) => Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171
Title:
New toolch
Hi Łukasz, I'll take this for the security team. Thanks.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1828171
Title:
New toolchain updates need to be rebuilt against
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
The linux kernel apport hook is provided by apport directly, so needs to
be fixed there:
$ grep -i Wifi /usr/share/apport/package-hooks/source_linux.py
apport.hookutils.attach_wifi(report)
$ dpkg -S /usr/share/apport/package-hooks/source_linux.py
apport:
1 - 100 of 493 matches
Mail list logo
