I'm skipping this change for the 2.11 release because the correct
solution is still being discussed between Christian and Jamie.
** Tags added: aa-policy
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
** Also affects: apparmor
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu)
Status: New => In Progress
** Changed in: apparmor (Ubuntu)
Importance: Undecided => Low
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Tyler Hicks
** Changed in: jasper (Ubuntu)
Status: Confirmed => In Progress
** Changed in: jasper (Ubuntu)
Importance: Undecided => Medium
** Changed in: jasper (Ubuntu)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
** Information type changed from Private Security to Public
** Changed in: gnutls26 (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1550473
Title:
package libgnutls-openssl27
Hello and thank you for reporting this issue. Can you tell us what host
you're trying to connect to in Chrome when you get this error? Thank
you!
** Changed in: ca-certificates (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
** Changed in: pcre3 (Ubuntu)
Status: New => Triaged
** Changed in: pcre3 (Ubuntu)
Importance: Undecided => Low
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pcre3 in Ubuntu.
Thanks for the bug report, Craig. We are aware of the issues fixed in
8.38 but we've prioritized them as 'low' since the issues require
software that passes untrusted regexes to PCRE. We don't feel like this
is common usage of PCRE.
We track these issues in the Ubuntu CVE Tracker:
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to messaging-app in Ubuntu.
https://bugs.launchpad.net/bugs/1543070
Title:
Security breach: bubble displays
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1547938
Title:
starting twice to boot once
Status in xorg package
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1548106
Title:
The screen frezes when I am working
Status in xorg
*** This bug is a duplicate of bug 1547944 ***
https://bugs.launchpad.net/bugs/1547944
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
I agree that applications shouldn't be running untrusted SQL/PHP. We can
enable the flag in our sqlite3 package for now but, as Łukasz mentioned,
I think it would be best if James could work with upstream to get a
proper tokenizer in place in the future.
--
You received this bug notification
hanged in: apparmor
Assignee: (unassigned) => Tyler Hicks (tyhicks)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1546455
Title:
Many instances of 'apparmo
Passed QRT's test-apparmor.py in an Xenial amd64 VM.
** Patch added: "apparmor_2.10-3ubuntu2.debdiff"
https://bugs.launchpad.net/apparmor/+bug/1546455/+attachment/4574878/+files/apparmor_2.10-3ubuntu2.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch
Hi James - Is it possible to use the 1-argument variant of
fts3_tokenizer()? See the second example in
https://sqlite.org/fts3.html#f3tknzr
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mediascanner2 in Ubuntu.
Patch sent to the list:
https://lists.ubuntu.com/archives/apparmor/2016-February/009328.html
** Changed in: apparmor (Ubuntu)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor
On 2016-02-04 15:39:13, Till Kamppeter wrote:
> Any chance to get this done before Feature Freeze for 16.04?
It isn't likely to happen by feature freeze but it should be done by
16.04.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lsb in Ubuntu.
https://bugs.launchpad.net/bugs/1537883
Title:
package lsb-release 4.1+Debian11ubuntu6 failed to
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1539203
Title:
package linux-image-4.3.0-7-generic
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1539166
Title:
package dbus 1.10.6-1ubuntu1 failed to
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/1538656
Title:
package cups-core-drivers 1.7.2-0ubuntu1.7 failed
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1538676
Title:
Xorg freeze
Status in xorg package in Ubuntu:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1537409
Title:
unmet dependencies
Status in xorg package in
Hello and thanks for the report. You'll have to provide some more
details about why you think you have a security issue before we can act
on this report. After you've added more information, please reset the
bug status to "New'. Thanks!
** Information type changed from Private Security to Public
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1537163
Title:
Xorg crash
Status in xorg package in Ubuntu:
New
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1537204
Title:
Xorg crash
Status in xorg package in Ubuntu:
New
Hi Cory and Kevin! The Ubuntu Security team (most of the work was done
by Marc Deslauriers) has actively fixed individual Python packages in
Ubuntu's main archive pocket that are vulnerable to certificate
verification flaws prior to the Python 2.7.9 change. While many packages
were already doing
@kwoot - please see comment #10 for python2.7 options that may be
available in 12.04 and 14.04 in the future. I wanted to point out to you
that python3.4 in 14.04 already has the ability to enable full
certification verification through the /etc/python3.4/cert-
verification.conf configuration
The Ubuntu Security team has made the decision to not backport the fix
for CVE-2014-9365 to stable Ubuntu releases. The rationale can be found
in the Notes section of the corresponding Ubuntu CVE tracker entry:
http://people.canonical.com/~ubuntu-
security/cve/2014/CVE-2014-9365.html
I think
Thank you for the bug report! Can you describe the problems that you're
seeing? There's not enough information regarding the issues that you're
facing for us to take any action.
** Information type changed from Private Security to Public
** Changed in: xorg (Ubuntu)
Status: New =>
** Description changed:
+ [Impact]
+
+ * Users may encounter situations where they use applications, confined by
+AppArmor, that hit EACESS failures when attempting to operate on AF_UNIX
+stream sockets.
+
+ * These failures typically occur when the confined applications attempts to
+
; High
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Tyler Hicks (tyhicks)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1511791
Title:
dbus rule r
After working with James over IRC, we determined that this is not a
dbus-daemon mediation bug.
After comparing the in-kernel sha1 measurements of the wpa_supplicant
policy he linked to in the bug description, we discovered that his
kernel reported a different measurement than my kernel.
He then
I've been running with my wpa_supplicant process confined by the profile
in the bug description and, while I do see some allowed denials during
start up of the wpa_supplicant process, I do not see the denial
mentioned in the bug description.
James, can you provide more info on how to reproduce
I'm unable to reproduce this (allowed) denial. I pulled down the exact
profile linked to in the bug description and then went through these
steps:
$ sudo apparmor_parser -r /tmp/wpa_supplicant.profile
$ sudo systemctl restart wpa_supplicant.service
$ sudo d-feet # to get a valid path
$ sudo
** Attachment removed: "JournalErrors.txt"
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1514016/+attachment/4514553/+files/JournalErrors.txt
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
Hi Bernd - Thanks for the bug report! While I think that this is
something that should be fixed upstream, I don't feel like it is a
security issue.
By running `python setup.py ...`, you're already trusting that setup.py
is not malicious. It could execute xmessage directly.
Do you know if there
Marking the lightdm as invalid as it seems, from Nathan's description,
that the issue is with light-locker.
** Changed in: lightdm (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
HI Nathan - Thanks for the bug report. I'm going to make it public so
that more people can be aware of this issue in hopes that it'll get
attention.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
I've subscribed the light-locker devs team so that they're aware.
Note that bug 1473904 and bug 1440499 are similar light-locker bypass
issues.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lightdm in Ubuntu.
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1514016
Title:
travamentos
Status in xorg package in Ubuntu:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1514031
Title:
i cannot boot
Status in xorg package in Ubuntu:
Hello - This is expected behavior. When a profile requested in the
changeprofile operation has not been loaded into the kernel, the write()
on /proc/PID/attr/current will fail with errno set to ENOENT.
This is documented in the aa_change_profile(2) man page:
ENOENT
The
Hello - CVE-2015-1692 was assigned to Microsoft Internet Explorer and
does not affect Ubuntu.
It seems like you're requesting support rather than reporting a security
issue. Please see http://www.ubuntu.com/support for a number of support
options.
** CVE added: http://www.cve.mitre.org/cgi-
Thanks for the bug reports. Do any of you affected folks have a simple
reproducer? I'm unable to reproduce the bug but I also cannot get
`yowsup-cli registration` to work (pulled from github) and I don't know
what kind of setup is needed to reproduce Eli's issue.
A simple reproducer would go a
As long as these terms and conditions html files are under our control
(meaning that Canonical provides them in the system image) and the terms
and conditions html files are the only files in the location-provider-
consent directory, adding a rule such as this to the profile should be
no problem:
Yes, we should disable the certificate verification in 14.04 since 14.04
initially shipped with a version of Python 3.4 that did not perform
certificate verification by default. We may decide to enable certificate
verification by default in a future security update.
I tend to agree with Steve
The Ubuntu Security Team has produced some packages built with the
proposed fix from Serge (thanks again, Serge!). They have not been
tested by the Security Team yet but those affected by this bug may find
the packages useful. They can be found in:
https://launchpad.net/~ubuntu-security-
The regression should be fixed with lxc 1.0.7-0ubuntu0.6. See
http://www.ubuntu.com/usn/usn-2753-2/ for more details.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1476662
Hi Tobias - Can you share what Ubuntu release you're using?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1501310
Title:
Unable to start containers after upgrade to
Hello - Is anyone seeing this regression on a release other than 14.04
LTS (Trusty)?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1476662
Title:
lxc-start symlink
Robert, you have to reboot the system after reverting the PAM config
changes.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity in Ubuntu.
https://bugs.launchpad.net/bugs/1498775
Title:
Greeter auth doesn't unlock
I am ok with reverting the entirety of the libaudit functionality in
Wily until I can sort out this bug.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity in Ubuntu.
https://bugs.launchpad.net/bugs/1498775
Title:
Unfortunately, the PAM changes are required for the auditing
functionality.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity in Ubuntu.
https://bugs.launchpad.net/bugs/1498775
Title:
Greeter auth doesn't unlock unity
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1476662
Title:
lxc-start symlink vulnerabilities may allow
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1498703
Title:
resolution 640x480
Status in xorg package in
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to click in Ubuntu.
https://bugs.launchpad.net/bugs/1499209
Title:
package python3-click 0.4.21.1 failed to
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1499810
Title:
package libgtk2.0-bin 2.24.23-0ubuntu1.2 failed
I believe this is due to the pam config changes rather than the code
changes to lightdm. I commented out the new lines in the pam config
files, rebooted, and then verified that the greeter auth works as
intended.
--
You received this bug notification because you are a member of Ubuntu
Touch
** Also affects: shadow (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: openssh (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: audit (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: lightdm (Ubuntu Trusty)
I've created an upstream lightdm merge request to add login and logout
auditing support:
https://code.launchpad.net/~tyhicks/lightdm/auditing/+merge/269828
I've also submitted the (simple) changes needed in the openssh package
to Debian since Colin keeps the Debian and Ubuntu openssh package
FYI, I've been updating bug #1478087 with my findings to fix audit
login/logout event logging.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to audit in Ubuntu.
https://bugs.launchpad.net/bugs/1319278
Title:
aulastlog
Thanks Gustavo - I don't see how an attacker could leverage this since
it is seemingly harmless. I think we should treat it as a normal bug so
I'm making this report public.
** Information type changed from Private Security to Public
** Changed in: libarchive (Ubuntu)
Status: Incomplete
The bug is not in aureport or libaudit. aureport looks for
AUDIT_USER_LOGIN events in the audit log but we're not generating them
in login programs due to libaudit support not being enabled at build
time or, in the case of lightdm, missing libaudit support.
Note that we are generating an
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1487585
Title:
problemas en graficas
Status in xorg package in
** Also affects: mediascanner2 (Ubuntu)
Importance: Undecided
Status: New
** Also affects: signon-apparmor-extension (Ubuntu)
Importance: Undecided
Status: New
** Also affects: ubuntu-download-manager (Ubuntu)
Importance: Undecided
Status: New
** Also affects:
** Also affects: content-hub (Ubuntu)
Importance: Undecided
Status: New
** Changed in: content-hub (Ubuntu)
Status: New = Confirmed
** Changed in: media-hub (Ubuntu)
Status: Triaged = Confirmed
** Changed in: content-hub (Ubuntu)
Importance: Undecided = Medium
--
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gconf in Ubuntu.
https://bugs.launchpad.net/bugs/1489017
Title:
package gconf2 3.2.6-0ubuntu2 failed to
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gconf in Ubuntu.
https://bugs.launchpad.net/bugs/1489018
Title:
package gconf2 3.2.6-0ubuntu2 failed to
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python-psutil in Ubuntu.
https://bugs.launchpad.net/bugs/1487680
Title:
package python-psutil 1.2.1-1ubuntu2
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1487910
Title:
choppy video
Status in xorg package in Ubuntu:
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity in Ubuntu.
https://bugs.launchpad.net/bugs/1487826
Title:
upgrade 14.04 to 14.10 audio is not working
I forgot to mention that I manually tested the
GetConnectionAppArmorSecurityContext and GetConnectionCredentials bus
methods. Both work as expected.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
Test log from the failed test-bus test.
** Attachment added: test-suite.log
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1477086/+attachment/4447836/+files/test-suite.log
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
From the AppArmor perspective, the 1.9.20 debdiff gets the green light.
I installed the packages from your ppa and then was able to successfully
run the dbus_*.sh tests in the AppArmor regression test suite
(http://bazaar.launchpad.net/~apparmor-
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1484178
Title:
Policy cache
) or to be updated to an incorrect time.
** Affects: apparmor
Importance: Critical
Assignee: Tyler Hicks (tyhicks)
Status: In Progress
** Affects: apparmor (Ubuntu)
Importance: Critical
Status: Confirmed
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Fixed with r3220
** Changed in: apparmor
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1484178
Title:
Policy cache file
Hello and thanks for reporting this bug! This issue has been fixed in
the upstream binutils-gdb.git repo:
https://sourceware.org/git/gitweb.cgi?p=binutils-
gdb.git;a=commit;h=06614111d1be94b43ea8dd83805184d4e177bcea
Subject: More fixes for memory access violations exposed by fuzzed
binaries.
After reading through the strings / libbfd crasher
thread (part of which can be found here:
http://openwall.com/lists/oss-security/2014/10/23/4), a CVE was not assigned to
this issue.
I don't see how it could be anything more than a simple crasher and I
don't believe it to be a real security
Marking this bug as public since this was previously discussed in public
here: http://www.openwall.com/lists/oss-security/2014/11/03/16
This bug has not been fixed upstream. I'll create an upstream bug and
submit a patch.
** Information type changed from Private Security to Public Security
**
** Changed in: binutils (Ubuntu)
Status: New = Triaged
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to binutils in Ubuntu.
https://bugs.launchpad.net/bugs/1476790
Title:
SIGSEGV in elf.c
Status in binutils package
I've opened a bug in the upstream tracker:
https://sourceware.org/bugzilla/show_bug.cgi?id=18750
** Bug watch added: Sourceware.org Bugzilla #18750
http://sourceware.org/bugzilla/show_bug.cgi?id=18750
** Also affects: binutils via
http://sourceware.org/bugzilla/show_bug.cgi?id=18750
Making this public since the Fedora bug is already public. It'll help to
get more developers access to the report.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
IMPORTANT: We can drop all but *one* AppArmor patch. aa-get-connection-
apparmor-security-context.patch must stay until we've switched
everything over to the new API that was taken upstream.
Also, it looks like another patch, unrelated patch, may be dropped. See
bug 1479771.
** Description
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1479363
Title:
package systemd 219-7ubuntu6 failed to
On second look, the command that failed on 14.04 is working fine on
Wily:
$ openssl s_client -connect ms.icometrix.com:443 -cipher ECDHE-RSA-
AES256-SHA:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA
Opening this back up as it seems to be a bug in Ubuntu's openssl
package.
** Changed in:
I'm assigning this bug to network-manager for now while we wait on more
information from the reporter.
** Package changed: ubuntu = network-manager (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1478209
Title:
Xorg freeze
Status in xorg package in Ubuntu:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1475908
Title:
Xorg freeze
Status in xorg package in Ubuntu:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1475401
Title:
system crashes
Status in xorg package in Ubuntu:
On 2015-07-30 15:03:37, Iain Lane wrote:
On Thu, Jul 30, 2015 at 02:51:17PM -, Tyler Hicks wrote:
IMPORTANT: We can drop all but *one* AppArmor patch. aa-get-connection-
apparmor-security-context.patch must stay until we've switched
everything over to the new API that was taken upstream
Hi Felix - Thanks for reporting this bug. After making a number of
s_client connection attempts and using the ssllabs.com scanner, I
believe that the askubuntu member is correct in that the server is
mishandling the ECDH ciphers presented by s_client. As mentioned on
askubuntu, this command
Hi Serge - I think it is still a possibility in the wily time frame.
Also, I've just confirmed that nobody snuck a fix into the 2.10 release.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
It is worth noting that I typoed the CVE ID in the changelog.
CVE-2015-1131 should have been CVE-2015-1331.
** CVE removed: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1131
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-1131
** CVE removed:
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1470842
Title:
lxc tools lock handling vulnerable to
Public bug reported:
Starting in Ubuntu 15.04, while using systemd as init, running
containers are being stopped when an lxc package upgrade occurs. In
older Ubuntu releases, running containers are still up after lxc package
upgrades.
Serge reports that a simple `apt-get install --reinstall lxc`
401 - 500 of 574 matches
Mail list logo
