[Touch-packages] [Bug 283115] Re: Gimp: toolbox windows can't be minimized

2022-07-22 Thread Alex Murray
** Changed in: gimp (Ubuntu) Status: Fix Released => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gtk+2.0 in Ubuntu. https://bugs.launchpad.net/bugs/283115 Title: Gimp: toolbox windows can't be minimized

[Touch-packages] [Bug 1969896] Re: Evince Document Viewer(42.0) does not remember last page in 22.04 and opens in a tiny window when launched

2022-06-17 Thread Alex Murray
Kinetic) Importance: High Status: Confirmed ** Changed in: apparmor (Ubuntu Kinetic) Status: Confirmed => In Progress ** Changed in: apparmor (Ubuntu Jammy) Status: New => In Progress ** Changed in: apparmor (Ubuntu Kinetic) Assignee: (unassigned) => Al

[Touch-packages] [Bug 1969896] Re: Evince Document Viewer(42.0) does not remember last page in 22.04 and opens in a tiny window when launched

2022-06-14 Thread Alex Murray
FYI I have sent a MR to the upstream AppArmor project to remove this dbus deny rule from the exo-open abstraction: https://gitlab.com/apparmor/apparmor/-/merge_requests/884 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1978042] Re: adduser doesn't support extrausers for group management

2022-06-08 Thread Alex Murray
This looks like a duplicate of LP: #1959375 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to adduser in Ubuntu. https://bugs.launchpad.net/bugs/1978042 Title: adduser doesn't support extrausers for group management Status

[Touch-packages] [Bug 1977710] Re: /etc/adduser.conf.dpkg-save created by postinst since 3.121ubuntu1

2022-06-07 Thread Alex Murray
>From what I can see of this postinst this looks to be a bug from adduser in debian itself - and would appear to come from https://salsa.debian.org/debian/adduser/-/blob/master/debian/postinst#L33 - ie. if the default value is unchanged then an /etc/adduser.conf.dpkg- save is always generated when

[Touch-packages] [Bug 1871148] Re: services start before apparmor profiles are loaded

2022-05-23 Thread Alex Murray
@mardy I thought we had snapd.apparmor specifically to avoid this scenario but I can't see that service mentioned at all in systemd- analyze plot... -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu.

[Touch-packages] [Bug 1975407] Re: pulseaudio is getting crashed

2022-05-22 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1975408] Re: Performance is much worse than expected (Normal friendly behaviors)

2022-05-22 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1975381] Re: firewall gets disabled

2022-05-22 Thread Alex Murray
Thank you for taking the time to report this bug and helping to make Ubuntu better. Unfortunately we can't fix it, because your description didn't include enough information. You may find it helpful to read 'How to report bugs effectively' http://www.chiark.greenend.org.uk/~sgtatham/bugs.html.

[Touch-packages] [Bug 1973654] Re: Using debian-installer on a server with a Let's Encrypt cert dies

2022-05-16 Thread Alex Murray
I believe this is caused by debootstrap - it only uses packages from the release pocket (and this is frozen from the time Ubuntu 20.04 LTS was originally released). This is a known issue https://askubuntu.com/questions/744684/latest-security-updates-with- debootstrap but I am not sure if there is

[Touch-packages] [Bug 1971288] Re: Merge libseccomp from Debian unstable for kinetic

2022-05-03 Thread Alex Murray
ges: - Update autopkgtests to use syscalls from 5.16-rc1 -- Alex Murray Thu, 24 Feb 2022 09:53:35 +1030 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1971288/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages P

[Touch-packages] [Bug 1968397]

2022-04-10 Thread Alex Murray
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see

[Touch-packages] [Bug 1968397] Re: bootloader

2022-04-10 Thread Alex Murray
Thank you for taking the time to report this bug and helping to make Ubuntu better. Unfortunately we can't fix it, because your description didn't include enough information. You may find it helpful to read 'How to report bugs effectively' http://www.chiark.greenend.org.uk/~sgtatham/bugs.html.

[Touch-packages] [Bug 1968402] Re: Ubuntu 20.04.3 boots to black screen, no TTY available

2022-04-10 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1452115] Re: Python interpreter binary is not compiled as PIE

2022-04-04 Thread Alex Murray
Nice - thanks @sdeziel -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python2.7 in Ubuntu. https://bugs.launchpad.net/bugs/1452115 Title: Python interpreter binary is not compiled as PIE Status in Python: New Status in

[Touch-packages] [Bug 1452115] Re: Python interpreter binary is not compiled as PIE

2022-03-24 Thread Alex Murray
Thanks @doko :) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python2.7 in Ubuntu. https://bugs.launchpad.net/bugs/1452115 Title: Python interpreter binary is not compiled as PIE Status in Python: New Status in

[Touch-packages] [Bug 1964325] Re: Fails to print due to apparmor denied connect operation for cupsd - /run/systemd/userdb/io.systemd.Machine

2022-03-09 Thread Alex Murray
I have proposed a fix for this upstream - https://gitlab.com/apparmor/apparmor/-/merge_requests/861 - once that is reviewed then we can include the fix in jammy. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in

[Touch-packages] [Bug 1452115] Re: Python interpreter binary is not compiled as PIE

2022-02-28 Thread Alex Murray
For posterity - this is how I did the analysis above: # download the current python3.9 source package and rebuild it with PIE enabled apt source python3.9 cd python3.9-3.9.10/ sed -i "/export DEB_BUILD_MAINT_OPTIONS=hardening=-pie/d" debian/rules dch -i -D jammy "Enable PIE (LP: #1452115)"

[Touch-packages] [Bug 1452115] Re: Python interpreter binary is not compiled as PIE

2022-02-28 Thread Alex Murray
I am actively looking at this - FWIW the performance results with PIE enabled look good - https://paste.ubuntu.com/p/PZjqMFSNSR/ - so I am discussing internally whether this is something that can still land for Ubuntu 22.04. -- You received this bug notification because you are a member of

[Touch-packages] [Bug 1962276] Re: [jammy] Laptop monitor does not turn off/disconnect when the lid is closed

2022-02-28 Thread Alex Murray
See this related debian bug https://bugs.debian.org/cgi- bin/bugreport.cgi?bug=1006368 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to upower in Ubuntu. https://bugs.launchpad.net/bugs/1962276 Title: [jammy] Laptop monitor

[Touch-packages] [Bug 1962276] Re: [jammy] Laptop monitor does not turn off/disconnect when the lid is closed

2022-02-28 Thread Alex Murray
This appears to be caused (for me at least) by upower 0.99.16-1 - after upgrading today to 0.99.16-2 things are working again as expected. ** Also affects: upower (Ubuntu) Importance: Undecided Status: New ** Bug watch added: Debian Bug tracker #1006368

[Touch-packages] [Bug 1962036] Re: dbus was stopped during today's jammy update, breaking desktop

2022-02-23 Thread Alex Murray
I hit this too - just reported https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1962127 from the associated gnome-shell crash. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dbus in Ubuntu.

[Touch-packages] [Bug 1961196] Re: apparmor autotest failure on jammy with linux 5.15

2022-02-21 Thread Alex Murray
Hmm so had to redo my merge after the 3.0.3-0ubuntu9 upload... see new bileto ticket/PPA for the current version of it https://bileto.ubuntu.com/#/ticket/4797 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in

[Touch-packages] [Bug 1961196] Re: apparmor autotest failure on jammy with linux 5.15

2022-02-21 Thread Alex Murray
FYI I am preparing this in https://bileto.ubuntu.com/#/ticket/4796 - I have included the original patch from arighi to fix the aa-notify tests too. Once britney looks happy with this I will upload it to jammy- proposed. -- You received this bug notification because you are a member of Ubuntu

[Touch-packages] [Bug 1961196] Re: apparmor autotest failure on jammy with linux 5.15

2022-02-17 Thread Alex Murray
FYI I am working on merging apparmor-3.0.4 from debian unstable to jammy at the moment which should resolve this. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1961196

[Touch-packages] [Bug 1957781] Re: when i upgrade my package ask me yes or no ?

2022-01-13 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1957024] [NEW] pam-mkhomedir does not honor private home directories

2022-01-10 Thread Alex Murray
Public bug reported: As reported in https://discourse.ubuntu.com/t/private-home-directories- for-ubuntu-21-04-onwards/19533/13: A common situation is to have a central set of users (e.g. in LDAP) and use pam_mkhomedir.so to create the home directory when the user first logs in. These changes do

[Touch-packages] [Bug 1941752] Re: Regression: exiv2 0.27.3-3ubuntu1.5 makes Gwenview crash when opening images exported by darktable

2022-01-09 Thread Alex Murray
@leosilva - as you did the original update for exiv2 could you please sponsor the attached debdiff? Thanks. ** Changed in: exiv2 (Ubuntu) Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security) -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 1953301] Re: Segfault on AArch64 caused by OpenSSL affecting numerous packages

2021-12-06 Thread Alex Murray
FWIW I can't reproduce this on a RPi 4 running the aarch64/arm64 Ubuntu 20.04 LTS image: ubuntu@rpi4:~$ wget https://wrapdb.mesonbuild.com/v2/libuv_1.42.0-1/get_patch --2021-12-07 05:50:01-- https://wrapdb.mesonbuild.com/v2/libuv_1.42.0-1/get_patch Resolving wrapdb.mesonbuild.com

[Touch-packages] [Bug 1953301] Re: Segfault on AArch64 caused by OpenSSL affecting numerous packages

2021-12-06 Thread Alex Murray
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1953301 Title: Segfault on AArch64 caused by OpenSSL

[Touch-packages] [Bug 1953428] [NEW] /etc/PackageKit/Vendor.conf specifies invalid CodecUrl

2021-12-06 Thread Alex Murray
Public bug reported: CodecUrl in /etc/PackageKit/Vendor.conf on Impish at least currently has: http://shop.canonical.com/index.php?cPath=19=f1e370ea7563ed5e654c10450364ff24 shop.canonical.com does not have a DNS record and has been dead for a long time so this should be removed. ** Affects:

[Touch-packages] [Bug 1951161] Re: Please merge shadow 1:4.8.1-2 (main) from Debian unstable

2021-11-17 Thread Alex Murray
I think the changelog entry should still list the private home dirs change for login.defs under Remaining changes -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1951161

[Touch-packages] [Bug 1949316] [NEW] kmod modprobe.d scripts are named with non-inclusive language

2021-10-31 Thread Alex Murray
Public bug reported: The kmod package ships with a number of files in /etc/modprobe.d which have non-inclusive names: $ dpkg -L kmod | grep blacklist /etc/modprobe.d/blacklist-ath_pci.conf /etc/modprobe.d/blacklist-firewire.conf /etc/modprobe.d/blacklist-framebuffer.conf

[Touch-packages] [Bug 1794064] Re: Clicking a hyperlink in a PDF fails to open it if the default browser is a snap

2021-10-10 Thread Alex Murray
Is there any option to do this via portals - ie can evince use https://flatpak.github.io/xdg-desktop-portal/portal-docs.html#gdbus- org.freedesktop.portal.OpenURI to open the URI? Would then this allow to avoid going via xdg-open? -- You received this bug notification because you are a member of

[Touch-packages] [Bug 1944436] Re: Please backport support for "close_range" syscall

2021-09-21 Thread Alex Murray
Can you please post a simple reproducer? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libseccomp in Ubuntu. https://bugs.launchpad.net/bugs/1944436 Title: Please backport support for "close_range" syscall Status in

[Touch-packages] [Bug 1938938] Re: apparmor denials for gnutls configuration

2021-08-18 Thread Alex Murray
Hmm there is also a crypto abstraction too https://gitlab.com/apparmor/apparmor/-/blob/master/profiles/apparmor.d/abstractions/crypto - and this is included in the base abstraction so perhaps this *might* be another candidate..? -- You received this bug notification because you are a member of

[Touch-packages] [Bug 1938938] Re: apparmor denials for gnutls configuration

2021-08-18 Thread Alex Murray
We already have an abstraction (ie a policy fragment) for openssl - https://gitlab.com/apparmor/apparmor/-/blob/master/profiles/apparmor.d/abstractions/openssl - perhaps a similar one should be created for gnutls and then this can be #include'd into the profiles for the various applications that

[Touch-packages] [Bug 1927078] Re: Don't allow useradd to use fully numeric names

2021-06-17 Thread Alex Murray
Thanks for looking at this @William - sorry to nitpick but I wonder if rewriting the test as follows could make it a bit easier to parse (at least for me I find this version easier to grok what is being tested for): if (*name < '1' || *name > '9') -- You received this bug notification because

[Touch-packages] [Bug 1928346] Re: package libseccomp2:amd64 2.5.1-1ubuntu1 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configura

2021-05-13 Thread Alex Murray
Thanks for reporting this issue - can you please try running the following in a terminal and see if this resolves the problem: sudo apt-get install -f --reinstall libseccomp2 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1926820]

2021-05-02 Thread Alex Murray
Thank you for taking the time to report this bug and helping to make Ubuntu better. Reviewing your dmesg attachment to this bug report it seems that there may be a problem with your hardware. I'd recommend performing a back up and then investigating the situation. Measures you might take

[Touch-packages] [Bug 1926820] Re: package libseccomp2:amd64 2.4.3-1ubuntu3.20.04.3 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting c

2021-05-02 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-04-13 Thread Alex Murray
libseccomp on bionic looks good from what I can see on https://people.canonical.com/~ubuntu-archive/proposed- migration/bionic/update_excuses.html#libseccomp - can this please migrate now? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is

[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-04-13 Thread Alex Murray
similarly for xenial there is only one failure for libseccomp autopkgtests which is systemd/i386 - https://people.canonical.com /~ubuntu-archive/proposed- migration/xenial/update_excuses.html#libseccomp - and this looks reasonably flaky in recent history

[Touch-packages] [Bug 1908818] Re: pure packaging of libnss3

2021-04-05 Thread Alex Murray
@paelzer - we just got another duplicate of this filed for nss in groovy - is the server team working on a fix for this for groovy? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu.

[Touch-packages] [Bug 1922553] Re: libnss3 package contains invalid library paths

2021-04-05 Thread Alex Murray
*** This bug is a duplicate of bug 1908818 *** https://bugs.launchpad.net/bugs/1908818 ** This bug has been marked a duplicate of bug 1908818 pure packaging of libnss3 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-03-29 Thread Alex Murray
For the focal autopkgtest failures above: docker.io/19.03.8-0ubuntu1.20.04.2 (arm64) systemd/245.4-4ubuntu3.5 (ppc64el) The docker.io/arm64 failed due to network issues in the test infrastructure: + lxc launch ubuntu-daily:focal/arm64 docker -c security.nesting=true Creating docker Error:

[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-03-29 Thread Alex Murray
The systemd/229-4ubuntu21.29 (i386) test looks very flaky - this seems to fail more often than not looking at https://autopkgtest.ubuntu.com/packages/s/systemd/xenial/i386 - and the tests which failed for the libseccomp 2.5.1-1ubuntu1~16.04.1 run (boot- and-services and boot-smoke) also failed for

[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-03-29 Thread Alex Murray
Regarding the failing autopkgtests from bionic reported in comment #28: - the containerd and chrony ones on s390x are transient failures due to networking issues in the test infrastructure so should hopefully pass on a re-run. - I can't reproduce the flatpak/amd64 failure locally so I assume

[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-03-29 Thread Alex Murray
Tested for libseccomp as follows: cat

[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-03-29 Thread Alex Murray
The fix for systemd's LP: #1918696 is not in the systemd xenial SRU since, as noted in that bug, systemd in xenial doesn't include upstream commit 469830d1426a91e0897c321fdc8ee428f0a750c1 which reworked the code to switch from seccomp_rule_add to seccomp_rule_add_exact. In this case systemd could

[Touch-packages] [Bug 1918696] Re: libseccomp 2.5.1 will break unit tests on ppc

2021-03-29 Thread Alex Murray
Yes this is not needed for xenial since that version of systemd is not new enough to be affected by this issue (see the bug description for more details). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu.

[Touch-packages] [Bug 1891810] Re: Missing openat2 syscall, causes problems for fuse-overlayfs in nspawn containers

2021-03-28 Thread Alex Murray
** Changed in: libseccomp (Ubuntu Xenial) Status: Confirmed => In Progress ** Changed in: libseccomp (Ubuntu Bionic) Status: Confirmed => In Progress ** Changed in: libseccomp (Ubuntu Focal) Status: Confirmed => In Progress ** Changed in: libseccomp (Ubuntu Groovy)

[Touch-packages] [Bug 1891810] Re: Missing openat2 syscall, causes problems for fuse-overlayfs in nspawn containers

2021-03-14 Thread Alex Murray
** Patch added: "libseccomp_2.5.1-1ubuntu1~20.10.1.debdiff" https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1891810/+attachment/5476579/+files/libseccomp_2.5.1-1ubuntu1~20.10.1.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages,

[Touch-packages] [Bug 1891810] Re: Missing openat2 syscall, causes problems for fuse-overlayfs in nspawn containers

2021-03-14 Thread Alex Murray
** Description changed: - The version of libseccomp2 in bionic does not know about the openat2 - syscall. + [Impact] - In my particular usecase, I was trying to run podman/buildah in an - nspawn container, using fuse-overlayfs. This leads to peculiar failure - modes as described in this issue:

[Touch-packages] [Bug 1891810] Re: Missing openat2 syscall, causes problems for fuse-overlayfs in nspawn containers

2021-03-14 Thread Alex Murray
** Patch added: "libseccomp_2.5.1-1ubuntu1~20.04.1.debdiff" https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1891810/+attachment/5476578/+files/libseccomp_2.5.1-1ubuntu1~20.04.1.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages,

[Touch-packages] [Bug 1891810] Re: Missing openat2 syscall, causes problems for fuse-overlayfs in nspawn containers

2021-03-14 Thread Alex Murray
** Patch added: "libseccomp_2.5.1-1ubuntu1~18.04.1.debdiff" https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1891810/+attachment/5476577/+files/libseccomp_2.5.1-1ubuntu1~18.04.1.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages,

[Touch-packages] [Bug 1916485] Re: test -x fails inside shell scripts in containers

2021-03-14 Thread Alex Murray
@oded-geek - yes, the libseccomp SRU to backport 2.5.1 to these releases is being handled in https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1891810 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu.

[Touch-packages] [Bug 1891810] Re: Missing openat2 syscall, causes problems for fuse-overlayfs in nspawn containers

2021-03-14 Thread Alex Murray
Updating libseccomp to 2.5.1 breaks the systemd unit tests on ppc64el since the behaviour around filtering of the multiplexed socket() system call changes - as such a fix for systemd in https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696 is also required. -- You received this bug

[Touch-packages] [Bug 1919078] Re: Ubuntu SSO login - not working (Throws "Error connecting to server"

2021-03-14 Thread Alex Murray
** Package changed: ubuntu => gnome-online-accounts (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnome-online-accounts in Ubuntu. https://bugs.launchpad.net/bugs/1919078 Title: Ubuntu SSO login - not working

[Touch-packages] [Bug 1917920] Re: magic-proxy broke with iptables 1.8.7-1ubuntu2

2021-03-09 Thread Alex Murray
Good point re google.com - I just repeated the above test but replacing www.google.com with http://neverssl.com and verified it worked as expected so it doesn't look like http->https redirect affected the results. Hmmm perhaps there is something else at play compared to when testing locally vs on

[Touch-packages] [Bug 1917920] Re: magic-proxy broke with iptables 1.8.7-1ubuntu2

2021-03-08 Thread Alex Murray
I tried to reproduce this in an up-to-date bionic VM as follows: # inside the bionic VM sudo snap install lxd sudo lxd init # accept defauls sudo lxc launch ubuntu-daily:hirsute hirsute sudo lxc exec hirsute /bin/bash # then inside the hirsute container install livecd-rootfs apt update apt

[Touch-packages] [Bug 1891810] Re: Missing openat2 syscall, causes problems for fuse-overlayfs in nspawn containers

2021-02-28 Thread Alex Murray
** Also affects: libseccomp (Ubuntu Hirsute) Importance: Undecided Assignee: Alex Murray (alexmurray) Status: New ** Changed in: libseccomp (Ubuntu Hirsute) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch see

[Touch-packages] [Bug 1916485] Re: test -x fails inside shell scripts in containers

2021-02-28 Thread Alex Murray
As I understand it I don't see there is any issue here with libseccomp in Ubuntu as it currently stands - whilst the aforementioned runc workaround commit description specifies a number of shortcomings with libseccomp and the inability to easily handle and distinguish newly added syscalls between

[Touch-packages] [Bug 1916669] [NEW] autopkgtests flaky for hirsute across various architectures

2021-02-23 Thread Alex Murray
Public bug reported: Currently the lxc 1:4.0.4-1:4.0.4-0ubuntu3 and 1:4.0.6-0ubuntu1 autopkgtests for hirsute are quite flaky across most architectures: amd64 - https://autopkgtest.ubuntu.com/packages/l/lxc/hirsute/amd64 --- only 3

[Touch-packages] [Bug 1915874] Re: autopkgtest fails in hirsute on armhf with glibc 2.33

2021-02-22 Thread Alex Murray
** Changed in: libseccomp (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libseccomp in Ubuntu. https://bugs.launchpad.net/bugs/1915874 Title: autopkgtest fails in hirsute on

[Touch-packages] [Bug 1915906] Re: Ensure SRP BN_mod_exp follows the constant time path

2021-02-17 Thread Alex Murray
** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1915906 Title: Ensure SRP BN_mod_exp follows the constant time

[Touch-packages] [Bug 1915874] Re: autopkgtest fails in hirsute on armhf with glibc 2.33

2021-02-16 Thread Alex Murray
I'm in the process of preparing libseccomp 2.5.1 for hirsute so will add this patch for it's autopkgtests as part of that. Thanks. ** Changed in: libseccomp (Ubuntu) Assignee: (unassigned) => Alex Murray (alexmurray) -- You received this bug notification because you are a member of Ubu

[Touch-packages] [Bug 1915801] Re: version 1.9.5p2-2ubuntu1 broke system

2021-02-16 Thread Alex Murray
*** This bug is a duplicate of bug 1915250 *** https://bugs.launchpad.net/bugs/1915250 ** This bug has been marked a duplicate of bug 1915250 buildd file owner/group for shared libraries -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which

[Touch-packages] [Bug 1915792] Re: sudo is no longer owned by root so it no longer works

2021-02-16 Thread Alex Murray
*** This bug is a duplicate of bug 1915250 *** https://bugs.launchpad.net/bugs/1915250 ** This bug has been marked a duplicate of bug 1915250 buildd file owner/group for shared libraries -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which

[Touch-packages] [Bug 1915307] Re: Please merge sudo 1.9.5p2-2 (main) from Debian unstable (main)

2021-02-15 Thread Alex Murray
@iLogin - this is likely caused by https://bugs.launchpad.net/ubuntu/+source/fakeroot/+bug/1915250 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1915307 Title: Please merge

[Touch-packages] [Bug 1915250] Re: buildd file owner/group for shared libraries

2021-02-14 Thread Alex Murray
$ dpkg -c snapd_2.49+21.04_amd64.deb | grep buildd -rwxr-xr-x buildd/buildd 30952 2021-02-10 20:17 ./lib/systemd/system-generators/snapd-generator -rwxr-xr-x buildd/buildd 19558008 2021-02-10 20:17 ./usr/bin/snap -rwxr-xr-x buildd/buildd43304 2021-02-10 20:17 ./usr/bin/snapfuse -rwxr-xr-x

[Touch-packages] [Bug 1915250] Re: buildd file owner/group for shared libraries

2021-02-14 Thread Alex Murray
Oh I see - this was for shared libraries but I suspect it is also affecting setuid binaries as well? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1915250 Title: buildd

[Touch-packages] [Bug 1915250] Re: buildd file owner/group for shared libraries

2021-02-14 Thread Alex Murray
This is currently affecting snapd 2.49+21.04 which is in hirsute- proposed - https://forum.snapcraft.io/t/snapd-from-hirsute-proposed- wont-allow-snaps-to-run/22733/8 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils

[Touch-packages] [Bug 1914961] Re: Contains literal path: /usr/lib/${DEB_HOST_MULTIARCH}

2021-02-07 Thread Alex Murray
*** This bug is a duplicate of bug 1908818 *** https://bugs.launchpad.net/bugs/1908818 ** This bug has been marked a duplicate of bug 1908818 pure packaging of libnss3 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1914652] Re: Broken dir and symlinks in package

2021-02-04 Thread Alex Murray
*** This bug is a duplicate of bug 1908818 *** https://bugs.launchpad.net/bugs/1908818 ** This bug has been marked a duplicate of bug 1908818 pure packaging of libnss3 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1908818] Re: pure packaging of libnss3

2021-02-04 Thread Alex Murray
** Also affects: nss (Ubuntu Hirsute) Importance: Undecided Status: Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1908818 Title: pure packaging of

[Touch-packages] [Bug 1909334] Re: bug

2021-01-28 Thread Alex Murray
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see

[Touch-packages] [Bug 1909602] Re: package unattended-upgrades 1.1ubuntu1.18.04.7~16.04.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128

2021-01-28 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1910943] Re: package util-linux 2.34-0.1ubuntu9.1 failed to install/upgrade: package util-linux is not ready for configuration cannot configure (current status 'half-installed')

2021-01-28 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1910975] Re: package libflite1:amd64 2.2-1 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration

2021-01-28 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1913493] Re: pc

2021-01-28 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1913339] Re: wrong path install location for groovy package

2021-01-26 Thread Alex Murray
*** This bug is a duplicate of bug 1908818 *** https://bugs.launchpad.net/bugs/1908818 ** This bug has been marked a duplicate of bug 1908818 pure packaging of libnss3 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1891810] Re: Missing openat2 syscall, causes problems for fuse-overlayfs in nspawn containers

2021-01-19 Thread Alex Murray
I have packages for 2.5.1 in the ubuntu-security-proposed PPA at https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa if you would like to give them a try I would appreciate any feedback etc. -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 48734] Re: Home permissions too open

2021-01-19 Thread Alex Murray
As noted in the discourse thread on this https://discourse.ubuntu.com/t /private-home-directories-for-ubuntu-21-04-onwards/19533 - I think a similar ACL approach should be able to be used to give the www-data user or similar access to your home dir for ~/public_html or for samba as needed. --

[Touch-packages] [Bug 675560] Re: Home dirs shouldn't be world readable

2021-01-13 Thread Alex Murray
*** This bug is a duplicate of bug 48734 *** https://bugs.launchpad.net/bugs/48734 ** This bug has been marked a duplicate of bug 48734 Home permissions too open -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to adduser

[Touch-packages] [Bug 48734] Re: Home permissions too open

2021-01-13 Thread Alex Murray
s: Fix Committed => Fix Released ** Changed in: shadow (Ubuntu Hirsute) Assignee: (unassigned) => Alex Murray (alexmurray) ** Changed in: adduser (Ubuntu Hirsute) Assignee: (unassigned) => Alex Murray (alexmurray) -- You received this bug notification because you are a member of Ubun

[Touch-packages] [Bug 1904192] Re: ebtables can not rename just created chain

2020-11-24 Thread Alex Murray
** Also affects: iptables (Ubuntu Hirsute) Importance: Undecided Assignee: Alex Murray (alexmurray) Status: Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https

[Touch-packages] [Bug 1904192] Re: ebtables can not rename just created chain

2020-11-17 Thread Alex Murray
Yep I'll take this @Christian ** Changed in: iptables (Ubuntu Groovy) Assignee: (unassigned) => Alex Murray (alexmurray) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.

[Touch-packages] [Bug 1891953] Re: CVE-2019-8936

2020-11-17 Thread Alex Murray
Excellent - thank you :) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1891953 Title: CVE-2019-8936 Status in ntp package in Ubuntu: Confirmed Status in ntp source

[Touch-packages] [Bug 1891953] Re: CVE-2019-8936

2020-11-17 Thread Alex Murray
@rokclimb15 - are you still looking at producing debdiff's for focal + groovy as well? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1891953 Title: CVE-2019-8936 Status in

[Touch-packages] [Bug 1904288] Re: package bluez 5.53-0ubuntu3 failed to install/upgrade: il sottoprocesso installato pacchetto bluez script post-installation ha restituito lo stato di errore 1

2020-11-15 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1898547] Re: neutron-linuxbridge-agent fails to start with iptables 1.8.5

2020-11-12 Thread Alex Murray
jdstrand sponsored this to groovy-proposed and autopkgtests have all passed - ~ubuntu-sru - could you please review? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1898547

[Touch-packages] [Bug 1898547] Re: neutron-linuxbridge-agent fails to start with iptables 1.8.5

2020-11-12 Thread Alex Murray
** Tags removed: verification-needed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1898547 Title: neutron-linuxbridge-agent fails to start with iptables 1.8.5 Status

[Touch-packages] [Bug 1904068] [NEW] apt(-get) source fails to use credentials from /etc/apt/auth.conf(.d)

2020-11-12 Thread Alex Murray
Public bug reported: I have configured apt-src access to the private ESM PPAs via entries in /etc/apt/sources.list.d/ubuntu-security.list as follows: deb-src https://private-ppa.launchpad.net/ubuntu-esm/esm-infra- security/ubuntu trusty main and then added credentials as follows to

[Touch-packages] [Bug 1903484] Re: package python-six 1.14.0-2 failed to install/upgrade: installed python-six package post-installation script subprocess returned error exit status 127

2020-11-11 Thread Alex Murray
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1898547] Re: neutron-linuxbridge-agent fails to start with iptables 1.8.5

2020-11-05 Thread Alex Murray
FYI the two autopkgtest failures for arm64 (sshuttle & firewalld) both appear to be transient failures so these are currently being retried... -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu.

[Touch-packages] [Bug 1898547] Re: neutron-linuxbridge-agent fails to start with iptables 1.8.5

2020-11-05 Thread Alex Murray
** Description changed: [Impact] With iptables 1.8.5 neutron-linuxbridge-agent fails to properly start. The log file shows many errors like: 2020-10-05 10:20:37.998 551 ERROR neutron.plugins.ml2.drivers.agent._common_agent ; Stdout: ; Stderr: iptables-restore: line 29 failed

[Touch-packages] [Bug 1898547] Re: neutron-linuxbridge-agent fails to start with iptables 1.8.5

2020-11-04 Thread Alex Murray
** Description changed: - Ubuntu Groovy (20.10) - kernel 5.8.0-20-generic - neutron-linuxbridge-agent: 2:17.0.0~git2020091014.215a541bd4-0ubuntu1 - iptables: 1.8.5-3ubuntu1 (nf_tables) - iptables-restore points to xtables-nft-multi + [Impact] - After upgrading iptables from 1.8.4 to 1.8.5 and

[Touch-packages] [Bug 1898547] Re: neutron-linuxbridge-agent fails to start with iptables 1.8.5

2020-11-04 Thread Alex Murray
** Changed in: iptables (Ubuntu Groovy) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1898547 Title: neutron-linuxbridge-agent

[Touch-packages] [Bug 1898547] Re: neutron-linuxbridge-agent fails to start with iptables 1.8.5

2020-11-02 Thread Alex Murray
** Changed in: iptables (Ubuntu Groovy) Assignee: (unassigned) => Alex Murray (alexmurray) ** Changed in: iptables (Ubuntu Hirsute) Assignee: (unassigned) => Alex Murray (alexmurray) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages,

  1   2   3   >