[Touch-packages] [Bug 2054090] Re: Implicit rejection of PKCS#1 v1.5 RSA
Trusty would require a significant backport, marking it as won't fix to prevent possible regressions. ** Changed in: openssl (Ubuntu Trusty) Assignee: David Fernandez Gonzalez (litios) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2054090 Title: Implicit rejection of PKCS#1 v1.5 RSA Status in openssl package in Ubuntu: New Status in openssl source package in Trusty: Won't Fix Status in openssl source package in Xenial: Fix Released Status in openssl source package in Bionic: Fix Released Status in openssl source package in Focal: Fix Released Status in openssl source package in Jammy: Fix Released Status in openssl source package in Mantic: Fix Released Status in openssl source package in Noble: New Bug description: OpenSSL 3.2.0 introduced a change on PKCS#1 v1.5 RSA to return random output instead of an exception when detecting wrong padding (https://github.com/openssl/openssl/pull/13817). There are available backports already: * 3.0 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c9s/0120-RSA-PKCS15-implicit- rejection.patch?ref_type=heads * 1.1.1 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c8s/openssl-1.1.1-pkcs1-implicit- rejection.patch?ref_type=heads This change is needed to fix CVE-2023-50782. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2054090/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2054090] Re: Implicit rejection of PKCS#1 v1.5 RSA
Fixed released for Xenial ESM: 1.0.2g-1ubuntu4.20+esm12 https://ubuntu.com/security/notices/USN-6663-2 ** Changed in: openssl (Ubuntu Xenial) Status: New => Fix Released ** Changed in: openssl (Ubuntu Trusty) Status: New => Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2054090 Title: Implicit rejection of PKCS#1 v1.5 RSA Status in openssl package in Ubuntu: New Status in openssl source package in Trusty: Won't Fix Status in openssl source package in Xenial: Fix Released Status in openssl source package in Bionic: Fix Released Status in openssl source package in Focal: Fix Released Status in openssl source package in Jammy: Fix Released Status in openssl source package in Mantic: Fix Released Status in openssl source package in Noble: New Bug description: OpenSSL 3.2.0 introduced a change on PKCS#1 v1.5 RSA to return random output instead of an exception when detecting wrong padding (https://github.com/openssl/openssl/pull/13817). There are available backports already: * 3.0 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c9s/0120-RSA-PKCS15-implicit- rejection.patch?ref_type=heads * 1.1.1 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c8s/openssl-1.1.1-pkcs1-implicit- rejection.patch?ref_type=heads This change is needed to fix CVE-2023-50782. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2054090/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2054090] Re: Implicit rejection of PKCS#1 v1.5 RSA
https://ubuntu.com/security/notices/USN-6663-1 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2054090 Title: Implicit rejection of PKCS#1 v1.5 RSA Status in openssl package in Ubuntu: New Status in openssl source package in Trusty: New Status in openssl source package in Xenial: New Status in openssl source package in Bionic: Fix Released Status in openssl source package in Focal: Fix Released Status in openssl source package in Jammy: Fix Released Status in openssl source package in Mantic: Fix Released Status in openssl source package in Noble: New Bug description: OpenSSL 3.2.0 introduced a change on PKCS#1 v1.5 RSA to return random output instead of an exception when detecting wrong padding (https://github.com/openssl/openssl/pull/13817). There are available backports already: * 3.0 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c9s/0120-RSA-PKCS15-implicit- rejection.patch?ref_type=heads * 1.1.1 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c8s/openssl-1.1.1-pkcs1-implicit- rejection.patch?ref_type=heads This change is needed to fix CVE-2023-50782. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2054090/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2054090] Re: Implicit rejection of PKCS#1 v1.5 RSA
Bionic released in ESM Infra, version 1.1.1-1ubuntu2.1~18.04.23+esm5 ** Changed in: openssl (Ubuntu Bionic) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2054090 Title: Implicit rejection of PKCS#1 v1.5 RSA Status in openssl package in Ubuntu: New Status in openssl source package in Trusty: New Status in openssl source package in Xenial: New Status in openssl source package in Bionic: Fix Released Status in openssl source package in Focal: Fix Released Status in openssl source package in Jammy: Fix Released Status in openssl source package in Mantic: Fix Released Status in openssl source package in Noble: New Bug description: OpenSSL 3.2.0 introduced a change on PKCS#1 v1.5 RSA to return random output instead of an exception when detecting wrong padding (https://github.com/openssl/openssl/pull/13817). There are available backports already: * 3.0 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c9s/0120-RSA-PKCS15-implicit- rejection.patch?ref_type=heads * 1.1.1 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c8s/openssl-1.1.1-pkcs1-implicit- rejection.patch?ref_type=heads This change is needed to fix CVE-2023-50782. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2054090/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2054090] Re: Implicit rejection of PKCS#1 v1.5 RSA
** Changed in: openssl (Ubuntu Bionic) Assignee: (unassigned) => David Fernandez Gonzalez (litios) ** Changed in: openssl (Ubuntu Focal) Assignee: (unassigned) => David Fernandez Gonzalez (litios) ** Changed in: openssl (Ubuntu Jammy) Assignee: (unassigned) => David Fernandez Gonzalez (litios) ** Changed in: openssl (Ubuntu Mantic) Assignee: (unassigned) => David Fernandez Gonzalez (litios) ** Changed in: openssl (Ubuntu Noble) Assignee: (unassigned) => David Fernandez Gonzalez (litios) ** Changed in: openssl (Ubuntu Xenial) Assignee: (unassigned) => David Fernandez Gonzalez (litios) ** Changed in: openssl (Ubuntu Trusty) Assignee: (unassigned) => David Fernandez Gonzalez (litios) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2054090 Title: Implicit rejection of PKCS#1 v1.5 RSA Status in openssl package in Ubuntu: New Status in openssl source package in Trusty: New Status in openssl source package in Xenial: New Status in openssl source package in Bionic: New Status in openssl source package in Focal: New Status in openssl source package in Jammy: New Status in openssl source package in Mantic: New Status in openssl source package in Noble: New Bug description: OpenSSL 3.2.0 introduced a change on PKCS#1 v1.5 RSA to return random output instead of an exception when detecting wrong padding (https://github.com/openssl/openssl/pull/13817). There are available backports already: * 3.0 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c9s/0120-RSA-PKCS15-implicit- rejection.patch?ref_type=heads * 1.1.1 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c8s/openssl-1.1.1-pkcs1-implicit- rejection.patch?ref_type=heads This change is needed to fix CVE-2023-50782. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2054090/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2054090] Re: Implicit rejection of PKCS#1 v1.5 RSA
** Changed in: openssl (Ubuntu) Assignee: (unassigned) => David Fernandez Gonzalez (litios) ** Also affects: openssl (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Noble) Importance: Undecided Assignee: David Fernandez Gonzalez (litios) Status: New ** Also affects: openssl (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Mantic) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Jammy) Importance: Undecided Status: New ** Changed in: openssl (Ubuntu Noble) Assignee: David Fernandez Gonzalez (litios) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2054090 Title: Implicit rejection of PKCS#1 v1.5 RSA Status in openssl package in Ubuntu: New Status in openssl source package in Trusty: New Status in openssl source package in Xenial: New Status in openssl source package in Bionic: New Status in openssl source package in Focal: New Status in openssl source package in Jammy: New Status in openssl source package in Mantic: New Status in openssl source package in Noble: New Bug description: OpenSSL 3.2.0 introduced a change on PKCS#1 v1.5 RSA to return random output instead of an exception when detecting wrong padding (https://github.com/openssl/openssl/pull/13817). There are available backports already: * 3.0 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c9s/0120-RSA-PKCS15-implicit- rejection.patch?ref_type=heads * 1.1.1 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c8s/openssl-1.1.1-pkcs1-implicit- rejection.patch?ref_type=heads This change is needed to fix CVE-2023-50782. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2054090/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2054090] [NEW] Implicit rejection of PKCS#1 v1.5 RSA
Public bug reported: OpenSSL 3.2.0 introduced a change on PKCS#1 v1.5 RSA to return random output instead of an exception when detecting wrong padding (https://github.com/openssl/openssl/pull/13817). There are available backports already: * 3.0 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c9s/0120-RSA-PKCS15-implicit- rejection.patch?ref_type=heads * 1.1.1 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c8s/openssl-1.1.1-pkcs1-implicit- rejection.patch?ref_type=heads This change is needed to fix CVE-2023-50782. ** Affects: openssl (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2054090 Title: Implicit rejection of PKCS#1 v1.5 RSA Status in openssl package in Ubuntu: New Bug description: OpenSSL 3.2.0 introduced a change on PKCS#1 v1.5 RSA to return random output instead of an exception when detecting wrong padding (https://github.com/openssl/openssl/pull/13817). There are available backports already: * 3.0 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c9s/0120-RSA-PKCS15-implicit- rejection.patch?ref_type=heads * 1.1.1 https://gitlab.com/redhat/centos- stream/rpms/openssl/-/blob/c8s/openssl-1.1.1-pkcs1-implicit- rejection.patch?ref_type=heads This change is needed to fix CVE-2023-50782. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2054090/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1989731] Re: Non-root user unable to change own password if pam_pwhistory is used
Thanks for the heads up Alejandro! A fix was committed and merged for the CIS/USG tooling. We are preparing a new version but we are still working on some other fixes to include. I'll update the thread when it comes out. ** Changed in: pam (Ubuntu) Status: New => Fix Committed ** Changed in: pam (Ubuntu) Status: Fix Committed => In Progress ** Changed in: usg Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/1989731 Title: Non-root user unable to change own password if pam_pwhistory is used Status in Ubuntu Security Guide: Fix Committed Status in pam package in Ubuntu: In Progress Bug description: When pam_pwhistory is in use non-root users are unable to change their passwords. In fact, they are able to change it but the system spits out an error even though the password was indeed changed. Reproducer: --- 1. created an Ubuntu/Focal VM 2. added a user 'test' sudo adduser test # used passwd '123' su test 3. changed the password using 'passwd' logged in as the user 'test' passwd test # used passwd '1qaz2wsx' 4. logged out from 'test' and executed echo 'password required pam_pwhistory.so remember=5' | sudo tee -a /etc/pam.d/common-password 5. tried again to follow step 3 as user 'test' but the following happens: passwd test # used passwd '3edc4rfv' (1) Changing password for test. Current password: New password: Retype new password: Password has been already used. Choose another. passwd: Have exhausted maximum number of retries for service passwd: password unchanged However, I'm now able to log in as 'test' using the password in (1) (the one that was supposedly not set up due to having been already used) instead of the old one (the one that should be in place since the change process returned an error). 6. if I comment out 'password required pam_pwhistory.so remember=5' then I can log in as 'test' and change the password without issues This behavior has been verified with the below package versioning: ii libpam-cap:amd641:2.32-1 amd64POSIX 1003.1e capabilities (PAM module) ii libpam-modules:amd641.3.1-5ubuntu4.3 amd64Pluggable Authentication Modules for PAM ii libpam-modules-bin 1.3.1-5ubuntu4.3 amd64Pluggable Authentication Modules for PAM - helper binaries ii libpam-runtime 1.3.1-5ubuntu4.3 all Runtime support for the PAM library ii libpam-systemd:amd64245.4-4ubuntu3.15 amd64system and service manager - PAM module ii libpam0g:amd64 1.3.1-5ubuntu4.3 amd64Pluggable Authentication Modules library To manage notifications about this bug go to: https://bugs.launchpad.net/usg/+bug/1989731/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1998444] Re: Backport security fix for CVE-2022-3970
The fix for CVE-2022-3970 has been released in the following versions: Ubuntu 22.10: 4.4.0-4ubuntu3.2 Ubuntu 22.04 LTS: 4.3.0-6ubuntu0.3 Ubuntu 20.04 LTS: 4.1.0+git191117-2ubuntu0.20.04.7 Ubuntu 18.04 LTS: 4.0.9-5ubuntu0.9 ** Changed in: tiff (Ubuntu) Status: In Progress => Fix Released ** Changed in: tiff (Ubuntu Bionic) Status: New => Fix Released ** Changed in: tiff (Ubuntu Focal) Status: New => Fix Released ** Changed in: tiff (Ubuntu Jammy) Status: New => Fix Released ** Changed in: tiff (Ubuntu Kinetic) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1998444 Title: Backport security fix for CVE-2022-3970 Status in tiff package in Ubuntu: Fix Released Status in tiff source package in Bionic: Fix Released Status in tiff source package in Focal: Fix Released Status in tiff source package in Jammy: Fix Released Status in tiff source package in Kinetic: Fix Released Bug description: This CVE patch is desperately needed to fix a build failure caused by a crash in the testsuite of the current libreoffice/kinetic SRU Testing load file:///<>//vcl/qa/cppunit/graphicfilter/data/tiff/fail/CVE-2017-9936-1.tiff: *** stack smashing detected ***: terminated Fatal exception: Signal 6 Stack: /<>/instdir/program/libuno_sal.so.3(+0x417b2)[0x7fd45563a7b2] /<>/instdir/program/libuno_sal.so.3(+0x4196a)[0x7fd45563a96a] /lib/x86_64-linux-gnu/libc.so.6(+0x3bcf0)[0x7fd4550facf0] /lib/x86_64-linux-gnu/libc.so.6(pthread_kill+0x11b)[0x7fd45515126b] /lib/x86_64-linux-gnu/libc.so.6(gsignal+0x16)[0x7fd4550fac46] /lib/x86_64-linux-gnu/libc.so.6(abort+0xd7)[0x7fd4550e17fc] /lib/x86_64-linux-gnu/libc.so.6(+0x850be)[0x7fd4551440be] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x2a)[0x7fd4551ee66a] /lib/x86_64-linux-gnu/libc.so.6(+0x12f636)[0x7fd4551ee636] /lib/x86_64-linux-gnu/libtiff.so.5(+0x34386)[0x7fd44e8a3386] /lib/x86_64-linux-gnu/libtiff.so.5(_TIFFReadEncodedStripAndAllocBuffer+0xcc)[0x7fd44e8bc1cc] /lib/x86_64-linux-gnu/libtiff.so.5(+0x300e1)[0x7fd44e89f0e1] /lib/x86_64-linux-gnu/libtiff.so.5(TIFFReadRGBAImageOriented+0x100)[0x7fd44e8a2c10] /<>/instdir/program/libmergedlo.so(_Z23ImportTiffGraphicImportR8SvStreamR7Graphic+0x237)[0x7fd45367b357] /<>/workdir/LinkTarget/CppunitTest/libtest_vcl_filters_test.so(+0x1be0d)[0x7fd44a1a1e0d] /<>/workdir/LinkTarget/CppunitTest/../Library/libunotest.so(_ZN4test11FiltersTest13recursiveScanENS_12filterStatusERKN3rtl8OUStringES5_S5_14SfxFilterFlags20SotClipboardFormatIdjb+0x679)[0x7fd44a142479] /<>/workdir/LinkTarget/CppunitTest/../Library/libunotest.so(_ZN4test11FiltersTest7testDirERKN3rtl8OUStringESt17basic_string_viewIDsSt11char_traitsIDsEES4_14SfxFilterFlags20SotClipboardFormatIdjb+0xd6)[0x7fd44a142fe6] /<>/workdir/LinkTarget/CppunitTest/libtest_vcl_filters_test.so(+0x1bc7b)[0x7fd44a1a1c7b] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(+0x1e4e6)[0x7fd4556844e6] /<>/workdir/LinkTarget/Library/unoexceptionprotector.so(+0x2835)[0x7fd4556ac835] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit16DefaultProtector7protectERKNS_7FunctorERKNS_16ProtectorContextE+0x34)[0x7fd455684434] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit14ProtectorChain7protectERKNS_7FunctorERKNS_16ProtectorContextE+0x3b0)[0x7fd45567ea50] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit10TestResult7protectERKNS_7FunctorEPNS_4TestERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+0x63)[0x7fd455685be3] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit8TestCase3runEPNS_10TestResultE+0x124)[0x7fd45568eb24] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite15doRunChildTestsEPNS_10TestResultE+0x9d)[0x7fd45568484d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite3runEPNS_10TestResultE+0x3d)[0x7fd45568465d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite15doRunChildTestsEPNS_10TestResultE+0x9d)[0x7fd45568484d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite3runEPNS_10TestResultE+0x3d)[0x7fd45568465d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit10TestResult7runTestEPNS_4TestE+0x27)[0x7fd455685077] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit10TestRunner3runERNS_10TestResultERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+0x55)[0x7fd45568b6a5] /<>/workdir/LinkTarget/Executable/cppunittester(+0x711c)[0x55d4d4a1411c] /<>/workdir/LinkTarget/Executable/cppunittester(+0x7c07)[0x55d4d4a14c07] /<>/workdir/LinkTarget/Executable/cppunittester(+0x537f)[0x55d4d4a1237f] /lib/x86_64-linux-gnu/libc.so.6(+0x23510)[0x7fd4550e2510] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x89)[0x7fd4550e25c9] /<>/workdir/LinkTarget/Executable/cppunittester(+0x53c5)[0x55d4d4a123c5] Aborted (core dumped)
[Touch-packages] [Bug 1998444] Re: Backport security fix for CVE-2022-3970
** Changed in: tiff (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1998444 Title: Backport security fix for CVE-2022-3970 Status in tiff package in Ubuntu: In Progress Status in tiff source package in Bionic: New Status in tiff source package in Focal: New Status in tiff source package in Jammy: New Status in tiff source package in Kinetic: New Bug description: This CVE patch is desperately needed to fix a build failure caused by a crash in the testsuite of the current libreoffice/kinetic SRU Testing load file:///<>//vcl/qa/cppunit/graphicfilter/data/tiff/fail/CVE-2017-9936-1.tiff: *** stack smashing detected ***: terminated Fatal exception: Signal 6 Stack: /<>/instdir/program/libuno_sal.so.3(+0x417b2)[0x7fd45563a7b2] /<>/instdir/program/libuno_sal.so.3(+0x4196a)[0x7fd45563a96a] /lib/x86_64-linux-gnu/libc.so.6(+0x3bcf0)[0x7fd4550facf0] /lib/x86_64-linux-gnu/libc.so.6(pthread_kill+0x11b)[0x7fd45515126b] /lib/x86_64-linux-gnu/libc.so.6(gsignal+0x16)[0x7fd4550fac46] /lib/x86_64-linux-gnu/libc.so.6(abort+0xd7)[0x7fd4550e17fc] /lib/x86_64-linux-gnu/libc.so.6(+0x850be)[0x7fd4551440be] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x2a)[0x7fd4551ee66a] /lib/x86_64-linux-gnu/libc.so.6(+0x12f636)[0x7fd4551ee636] /lib/x86_64-linux-gnu/libtiff.so.5(+0x34386)[0x7fd44e8a3386] /lib/x86_64-linux-gnu/libtiff.so.5(_TIFFReadEncodedStripAndAllocBuffer+0xcc)[0x7fd44e8bc1cc] /lib/x86_64-linux-gnu/libtiff.so.5(+0x300e1)[0x7fd44e89f0e1] /lib/x86_64-linux-gnu/libtiff.so.5(TIFFReadRGBAImageOriented+0x100)[0x7fd44e8a2c10] /<>/instdir/program/libmergedlo.so(_Z23ImportTiffGraphicImportR8SvStreamR7Graphic+0x237)[0x7fd45367b357] /<>/workdir/LinkTarget/CppunitTest/libtest_vcl_filters_test.so(+0x1be0d)[0x7fd44a1a1e0d] /<>/workdir/LinkTarget/CppunitTest/../Library/libunotest.so(_ZN4test11FiltersTest13recursiveScanENS_12filterStatusERKN3rtl8OUStringES5_S5_14SfxFilterFlags20SotClipboardFormatIdjb+0x679)[0x7fd44a142479] /<>/workdir/LinkTarget/CppunitTest/../Library/libunotest.so(_ZN4test11FiltersTest7testDirERKN3rtl8OUStringESt17basic_string_viewIDsSt11char_traitsIDsEES4_14SfxFilterFlags20SotClipboardFormatIdjb+0xd6)[0x7fd44a142fe6] /<>/workdir/LinkTarget/CppunitTest/libtest_vcl_filters_test.so(+0x1bc7b)[0x7fd44a1a1c7b] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(+0x1e4e6)[0x7fd4556844e6] /<>/workdir/LinkTarget/Library/unoexceptionprotector.so(+0x2835)[0x7fd4556ac835] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit16DefaultProtector7protectERKNS_7FunctorERKNS_16ProtectorContextE+0x34)[0x7fd455684434] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit14ProtectorChain7protectERKNS_7FunctorERKNS_16ProtectorContextE+0x3b0)[0x7fd45567ea50] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit10TestResult7protectERKNS_7FunctorEPNS_4TestERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+0x63)[0x7fd455685be3] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit8TestCase3runEPNS_10TestResultE+0x124)[0x7fd45568eb24] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite15doRunChildTestsEPNS_10TestResultE+0x9d)[0x7fd45568484d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite3runEPNS_10TestResultE+0x3d)[0x7fd45568465d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite15doRunChildTestsEPNS_10TestResultE+0x9d)[0x7fd45568484d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite3runEPNS_10TestResultE+0x3d)[0x7fd45568465d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit10TestResult7runTestEPNS_4TestE+0x27)[0x7fd455685077] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit10TestRunner3runERNS_10TestResultERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+0x55)[0x7fd45568b6a5] /<>/workdir/LinkTarget/Executable/cppunittester(+0x711c)[0x55d4d4a1411c] /<>/workdir/LinkTarget/Executable/cppunittester(+0x7c07)[0x55d4d4a14c07] /<>/workdir/LinkTarget/Executable/cppunittester(+0x537f)[0x55d4d4a1237f] /lib/x86_64-linux-gnu/libc.so.6(+0x23510)[0x7fd4550e2510] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x89)[0x7fd4550e25c9] /<>/workdir/LinkTarget/Executable/cppunittester(+0x53c5)[0x55d4d4a123c5] Aborted (core dumped) make[4]: *** [/<>/solenv/gbuild/CppunitTest.mk:121: /<>/workdir/CppunitTest/vcl_filters_test.test] Error 134 For the log of the failed amd64 kinetic archive build, see https://launchpad.net/ubuntu/+source/libreoffice/1:7.4.3-0ubuntu0.22.10.1/+build/24883181 For the log of the successful amd64 kinetic PPA build with the updated tiff present, see https://launchpad.net/~libreoffice/+archive/ubuntu/experimental/+build/24886085 Lunar already includes this fix with the last merge from debian
[Touch-packages] [Bug 1998444] Re: Backport security fix for CVE-2022-3970
** Changed in: tiff (Ubuntu) Assignee: (unassigned) => David Fernandez Gonzalez (litios) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1998444 Title: Backport security fix for CVE-2022-3970 Status in tiff package in Ubuntu: New Status in tiff source package in Bionic: New Status in tiff source package in Focal: New Status in tiff source package in Jammy: New Status in tiff source package in Kinetic: New Bug description: This CVE patch is desperately needed to fix a build failure caused by a crash in the testsuite of the current libreoffice/kinetic SRU Testing load file:///<>//vcl/qa/cppunit/graphicfilter/data/tiff/fail/CVE-2017-9936-1.tiff: *** stack smashing detected ***: terminated Fatal exception: Signal 6 Stack: /<>/instdir/program/libuno_sal.so.3(+0x417b2)[0x7fd45563a7b2] /<>/instdir/program/libuno_sal.so.3(+0x4196a)[0x7fd45563a96a] /lib/x86_64-linux-gnu/libc.so.6(+0x3bcf0)[0x7fd4550facf0] /lib/x86_64-linux-gnu/libc.so.6(pthread_kill+0x11b)[0x7fd45515126b] /lib/x86_64-linux-gnu/libc.so.6(gsignal+0x16)[0x7fd4550fac46] /lib/x86_64-linux-gnu/libc.so.6(abort+0xd7)[0x7fd4550e17fc] /lib/x86_64-linux-gnu/libc.so.6(+0x850be)[0x7fd4551440be] /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x2a)[0x7fd4551ee66a] /lib/x86_64-linux-gnu/libc.so.6(+0x12f636)[0x7fd4551ee636] /lib/x86_64-linux-gnu/libtiff.so.5(+0x34386)[0x7fd44e8a3386] /lib/x86_64-linux-gnu/libtiff.so.5(_TIFFReadEncodedStripAndAllocBuffer+0xcc)[0x7fd44e8bc1cc] /lib/x86_64-linux-gnu/libtiff.so.5(+0x300e1)[0x7fd44e89f0e1] /lib/x86_64-linux-gnu/libtiff.so.5(TIFFReadRGBAImageOriented+0x100)[0x7fd44e8a2c10] /<>/instdir/program/libmergedlo.so(_Z23ImportTiffGraphicImportR8SvStreamR7Graphic+0x237)[0x7fd45367b357] /<>/workdir/LinkTarget/CppunitTest/libtest_vcl_filters_test.so(+0x1be0d)[0x7fd44a1a1e0d] /<>/workdir/LinkTarget/CppunitTest/../Library/libunotest.so(_ZN4test11FiltersTest13recursiveScanENS_12filterStatusERKN3rtl8OUStringES5_S5_14SfxFilterFlags20SotClipboardFormatIdjb+0x679)[0x7fd44a142479] /<>/workdir/LinkTarget/CppunitTest/../Library/libunotest.so(_ZN4test11FiltersTest7testDirERKN3rtl8OUStringESt17basic_string_viewIDsSt11char_traitsIDsEES4_14SfxFilterFlags20SotClipboardFormatIdjb+0xd6)[0x7fd44a142fe6] /<>/workdir/LinkTarget/CppunitTest/libtest_vcl_filters_test.so(+0x1bc7b)[0x7fd44a1a1c7b] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(+0x1e4e6)[0x7fd4556844e6] /<>/workdir/LinkTarget/Library/unoexceptionprotector.so(+0x2835)[0x7fd4556ac835] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit16DefaultProtector7protectERKNS_7FunctorERKNS_16ProtectorContextE+0x34)[0x7fd455684434] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit14ProtectorChain7protectERKNS_7FunctorERKNS_16ProtectorContextE+0x3b0)[0x7fd45567ea50] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit10TestResult7protectERKNS_7FunctorEPNS_4TestERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+0x63)[0x7fd455685be3] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit8TestCase3runEPNS_10TestResultE+0x124)[0x7fd45568eb24] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite15doRunChildTestsEPNS_10TestResultE+0x9d)[0x7fd45568484d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite3runEPNS_10TestResultE+0x3d)[0x7fd45568465d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite15doRunChildTestsEPNS_10TestResultE+0x9d)[0x7fd45568484d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit13TestComposite3runEPNS_10TestResultE+0x3d)[0x7fd45568465d] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit10TestResult7runTestEPNS_4TestE+0x27)[0x7fd455685077] /lib/x86_64-linux-gnu/libcppunit-1.15.so.1(_ZN7CppUnit10TestRunner3runERNS_10TestResultERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE+0x55)[0x7fd45568b6a5] /<>/workdir/LinkTarget/Executable/cppunittester(+0x711c)[0x55d4d4a1411c] /<>/workdir/LinkTarget/Executable/cppunittester(+0x7c07)[0x55d4d4a14c07] /<>/workdir/LinkTarget/Executable/cppunittester(+0x537f)[0x55d4d4a1237f] /lib/x86_64-linux-gnu/libc.so.6(+0x23510)[0x7fd4550e2510] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x89)[0x7fd4550e25c9] /<>/workdir/LinkTarget/Executable/cppunittester(+0x53c5)[0x55d4d4a123c5] Aborted (core dumped) make[4]: *** [/<>/solenv/gbuild/CppunitTest.mk:121: /<>/workdir/CppunitTest/vcl_filters_test.test] Error 134 For the log of the failed amd64 kinetic archive build, see https://launchpad.net/ubuntu/+source/libreoffice/1:7.4.3-0ubuntu0.22.10.1/+build/24883181 For the log of the successful amd64 kinetic PPA build with the updated tiff present, see https://launchpad.net/~libreoffice/+archive/ubuntu/experimental/+build/2488608
[Touch-packages] [Bug 1998169] Re: useradd command does not copy all of /etc/skel
** Changed in: shadow (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1998169
Title:
useradd command does not copy all of /etc/skel
Status in shadow package in Ubuntu:
Confirmed
Bug description:
I know the useradd command is discouraged, but I wanted to report the bug to
make the maintainers of the package aware.
Recently there was an update of Ubuntu's passwd package which is
sourced from shadow from version 4.8.1-1ubuntu5.20.04.2 to version
4.8.1-1ubuntu5.20.04.3
When using the useradd command, the /etc/skel directory with contents
below, an only copies in one empty folder.
ls -lah /etc/skel
total 60K
drwxrwxrwx 10 root user 4.0K Nov 28 18:33 .
drwxr-xr-x 155 root root 12K Nov 28 19:12 ..
drwxrwxrwx 2 root user 4.0K Nov 28 18:23 .backgrounds
-rwxrwxrwx 1 root user 220 Nov 28 18:23 .bash_logout
-rwxrwxrwx 1 root user 3.7K Nov 28 18:23 .bashrc
drwxrwxrwx 6 root user 4.0K Nov 28 18:23 .config
drwxrwxrwx 3 root user 4.0K Nov 28 18:23 Desktop
drwxrwxrwx 2 root user 4.0K Nov 28 18:30 .fonts_stuff
drwxrwxrwx 2 root user 4.0K Nov 28 18:23 .icons
-rwxrwxrwx 1 root user 765 Nov 28 18:23 .profile
drwxrwxrwx 2 root root 4.0K Nov 28 18:32 testfolderempty
drwxrwxrwx 3 root user 4.0K Nov 28 18:23 .themes
drwxrwxrwx 14 root user 4.0K Nov 28 18:23 WinAte
ls -lah /home/user20
total 12K
drwx-- 3 user20 user 4.0K Nov 28 19:12 .
drwxr-xr-x 18 root root 4.0K Nov 28 19:12 ..
drwx-- 2 user20 user 4.0K Nov 28 19:12 WinAte
ls -lah /home/user20/WinAte/
total 8.0K
drwx-- 2 user20 user 4.0K Nov 28 19:12 .
drwx-- 3 user20 user 4.0K Nov 28 19:12 ..
I noticed in the strace calls for useradd that the kernel is returning the
correct count of directories, but the useradd is clearly not copying all of
them. Below is the strace output.
strace useradd -k /etc/skel -g 900 -m -s /bin/bash -p a_password -c User20
user20
execve("/usr/sbin/useradd", ["useradd", "-k", "/etc/skel", "-g", "900", "-m",
"-s", "/bin/bash", "-p", "P@ssw0rd!", "-c", "User20", "user20"], 0x7fffe10eba10
/* 24 vars */) = 0
brk(NULL) = 0x5631ba1c2000
arch_prctl(0x3001 /* ARCH_??? */, 0x7fff0e47bab0) = -1 EINVAL (Invalid
argument)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or
directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=98383, ...}) = 0
mmap(NULL, 98383, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fea9b7bf000
close(3)= 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libaudit.so.1", O_RDONLY|O_CLOEXEC) =
3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\3407\0\0\0\0\0\0"...,
832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=133200, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7fea9b7bd000
mmap(NULL, 176296, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0x7fea9b791000
mprotect(0x7fea9b794000, 118784, PROT_NONE) = 0
mmap(0x7fea9b794000, 32768, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7fea9b794000
mmap(0x7fea9b79c000, 81920, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE,
3, 0xb000) = 0x7fea9b79c000
mmap(0x7fea9b7b1000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1f000) = 0x7fea9b7b1000
mmap(0x7fea9b7b3000, 37032, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fea9b7b3000
close(3)= 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libselinux.so.1", O_RDONLY|O_CLOEXEC)
= 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@p\0\0\0\0\0\0"...,
832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=163200, ...}) = 0
mmap(NULL, 174600, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
0x7fea9b766000
mprotect(0x7fea9b76c000, 135168, PROT_NONE) = 0
mmap(0x7fea9b76c000, 102400, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7fea9b76c000
mmap(0x7fea9b785000, 28672, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE,
3, 0x1f000) = 0x7fea9b785000
mmap(0x7fea9b78d000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x26000) = 0x7fea9b78d000
mmap(0x7fea9b78f000, 6664, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fea9b78f000
close(3)= 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libsemanage.so.1",
O_RDONLY|O_CLOEXEC) = 3
read(3,
[Touch-packages] [Bug 1989731] Re: Non-root user unable to change own password if pam_pwhistory is used
** Changed in: usg Assignee: (unassigned) => David Fernandez Gonzalez (litios) ** Changed in: usg Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/1989731 Title: Non-root user unable to change own password if pam_pwhistory is used Status in Ubuntu Security Guide: In Progress Status in pam package in Ubuntu: New Bug description: When pam_pwhistory is in use non-root users are unable to change their passwords. In fact, they are able to change it but the system spits out an error even though the password was indeed changed. Reproducer: --- 1. created an Ubuntu/Focal VM 2. added a user 'test' sudo adduser test # used passwd '123' su test 3. changed the password using 'passwd' logged in as the user 'test' passwd test # used passwd '1qaz2wsx' 4. logged out from 'test' and executed echo 'password required pam_pwhistory.so remember=5' | sudo tee -a /etc/pam.d/common-password 5. tried again to follow step 3 as user 'test' but the following happens: passwd test # used passwd '3edc4rfv' (1) Changing password for test. Current password: New password: Retype new password: Password has been already used. Choose another. passwd: Have exhausted maximum number of retries for service passwd: password unchanged However, I'm now able to log in as 'test' using the password in (1) (the one that was supposedly not set up due to having been already used) instead of the old one (the one that should be in place since the change process returned an error). 6. if I comment out 'password required pam_pwhistory.so remember=5' then I can log in as 'test' and change the password without issues This behavior has been verified with the below package versioning: ii libpam-cap:amd641:2.32-1 amd64POSIX 1003.1e capabilities (PAM module) ii libpam-modules:amd641.3.1-5ubuntu4.3 amd64Pluggable Authentication Modules for PAM ii libpam-modules-bin 1.3.1-5ubuntu4.3 amd64Pluggable Authentication Modules for PAM - helper binaries ii libpam-runtime 1.3.1-5ubuntu4.3 all Runtime support for the PAM library ii libpam-systemd:amd64245.4-4ubuntu3.15 amd64system and service manager - PAM module ii libpam0g:amd64 1.3.1-5ubuntu4.3 amd64Pluggable Authentication Modules library To manage notifications about this bug go to: https://bugs.launchpad.net/usg/+bug/1989731/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1971001] Re: Multiple vulnerabilities in Trusty, Xenial, Bionic, Focal and Jammy
New security versions of tiff have been released for focal and bionic. These versions provide the corresponding fixes for CVE-2022-0907, CVE-2022-0908, CVE-2022-0909, CVE-2022-0924 and CVE-2022-22844. https://ubuntu.com/security/notices/USN-5523-2 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1971001 Title: Multiple vulnerabilities in Trusty, Xenial, Bionic, Focal and Jammy Status in tiff package in Ubuntu: In Progress Bug description: The versions in Trusty, Xenial, Bionic, Focal and Jammy may be vulnerable to all CVEs below. Debian released an advisory on March 24. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/1971001/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1971001] Re: Multiple vulnerabilities in Trusty, Xenial, Bionic, Focal, Impish and Jammy
Packages patched for CVE-2020-35522, CVE-2022-0561, CVE-2022-0562, CVE-2022-0865 and CVE-2022-0891 are now released and available. (https://ubuntu.com/security/notices/USN-5421-1). Jammy is currently at version 4.3.0-6 which includes the patch for CVE-2022-0865 as it was introduced in 4.3.0-5. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1971001 Title: Multiple vulnerabilities in Trusty, Xenial, Bionic, Focal, Impish and Jammy Status in tiff package in Ubuntu: In Progress Bug description: The versions in Trusty, Xenial, Bionic, Focal and Impish may be vulnerable to all CVEs below. The version in Jammy is vulnerable to CVE-2022-0865. Debian released an advisory on March 24. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/1971001/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
