[Touch-packages] [Bug 1948698] Re: Update tzdata to version 2021e

2021-10-26 Thread Steve Beattie
Okay from the Ubuntu Security team for these tzdata updates to land in security pockets. Thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tzdata in Ubuntu. https://bugs.launchpad.net/bugs/1948698 Title: Update

[Touch-packages] [Bug 1945527] Re: Update tzdata to version 2021a-2

2021-10-21 Thread Steve Beattie
This was fixed for xenial/esm with tzdata 2021a-2ubuntu0.16.04+esm1 and for trusty/esm with tzdata 2021a-2ubuntu0.14.04+esm1. Thanks Brian, for preparing these updates! ** Changed in: tzdata (Ubuntu Xenial) Status: New => Fix Released ** Also affects: tzdata (Ubuntu Trusty) Importance:

[Touch-packages] [Bug 1755447] Re: issue 32185: SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2021-10-20 Thread Steve Beattie
I am not aware of a security impact from this issue, so if it is to be addressed in xenial ESM, it would eed to go through a support request. closing the xenial tasks as Won't Fix. ** Changed in: python2.7 (Ubuntu Xenial) Status: New => Won't Fix ** Changed in: python3.5 (Ubuntu Xenial)

[Touch-packages] [Bug 1755447] Re: issue 32185: SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2021-10-20 Thread Steve Beattie
For python2.7, this was fixed in https://github.com/python/cpython/commit/a5c9112300ecd492ed6cc9759dc8028766401f61 which landed in 2.7.15, so has been fixed in bionic-updates and newer. ** Changed in: python2.7 (Ubuntu Bionic) Status: New => Fix Released ** Changed in: python2.7 (Ubuntu)

[Touch-packages] [Bug 1352007] Re: avconv crashed with SIGSEGV in paint_mouse_pointer()

2021-09-30 Thread Steve Beattie
** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libav in Ubuntu. https://bugs.launchpad.net/bugs/1352007 Title: avconv crashed with SIGSEGV in paint_mouse_pointer()

[Touch-packages] [Bug 1368481] Re: avconv assert failure: avconv: /build/buildd/libav-11~beta1/libavcodec/put_bits.h:139: put_bits: Assertion `n <= 31 && value < (1U << n)' failed.

2021-09-30 Thread Steve Beattie
** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libav in Ubuntu. https://bugs.launchpad.net/bugs/1368481 Title: avconv assert failure: avconv:

[Touch-packages] [Bug 980943] Re: ffmpeg crashed with SIGSEGV in __libc_start_main()

2021-09-30 Thread Steve Beattie
** Attachment removed: "CoreDump.gz" https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980943/+attachment/3059934/+files/CoreDump.gz ** Information type changed from Private to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages,

[Touch-packages] [Bug 1943328] Re: display 1920x1080 not showing in setting

2021-09-14 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1943417] Re: Xorg freeze

2021-09-14 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1940202] Re: touchpad

2021-08-25 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1928989] Re: expiring trust anchor compatibility issue

2021-08-19 Thread Steve Beattie
The Ubuntu Security Team is okay with publishig the xenial openssl in proposed (1.0.2g-1ubuntu4.20) to xenial-security and updates. I didn't see any symbol changes or dependency changes in the binaries that would have indicated that building against xenial-updates was a problem. Thanks! -- You

[Touch-packages] [Bug 1939265] Re: Having graphic driver error.

2021-08-10 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1796402] Re: systemd: reexec state injection: fgets() on overlong lines leads to line splitting

2021-07-28 Thread Steve Beattie
This was fixed in Ubuntu packages in https://ubuntu.com/security/notices/USN-3816-1 ; adjusting the state to reflect that a fix was released. Thanks. ** Changed in: systemd (Ubuntu) Status: Invalid => Fix Released -- You received this bug notification because you are a member of Ubuntu

[Touch-packages] [Bug 1928989] Re: expiring trust anchor compatibility issue

2021-07-21 Thread Steve Beattie
Assigning the verification and publication to xenial-security to myself. Thanks. ** Changed in: openssl (Ubuntu Xenial) Assignee: (unassigned) => Steve Beattie (sbeattie) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscri

[Touch-packages] [Bug 1932331] Re: ubuntu_qrt_apparmor: i18n test fails on arm64 Hirsute / Impish

2021-06-30 Thread Steve Beattie
The root issue is likely something in the utf-8 handling code in glibc on arm64 hirsute and impish; the reproducer is: bash -c 'i=210; echo -n $(printf "\\$(printf "%03o" $i)") | od -An -t uC' 210 138 running valgrind in a default environemnt (so LANG=en_US.UTF-8) turned up ==46656== ERROR

[Touch-packages] [Bug 1932331] Re: ubuntu_qrt_apparmor: i18n test fails on arm64 Hirsute / Impish

2021-06-30 Thread Steve Beattie
Georgia's patch was committed in the upstream apparmor project in https://gitlab.com/apparmor/apparmor/-/commit/458a981b6242e8b1cce1599ca95d89dcd10f60e7 in https://gitlab.com/apparmor/apparmor/-/merge_requests/765 and was cherrypicked to the apparmor-3.0 branch amongst others in

[Touch-packages] [Bug 1932331] Re: ubuntu_qrt_apparmor: i18n test fails on arm64 Hirsute / Impish

2021-06-29 Thread Steve Beattie
** Also affects: apparmor (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1932331 Title: ubuntu_qrt_apparmor: i18n

[Touch-packages] [Bug 1152187] Re: [MIR] systemd

2021-05-27 Thread Steve Beattie
Yes, the systemd-container package will end up in main, likely for the current package in bionic-updates, and thus will be reflected that way in rmadison etc. For the record, ack from the Ubuntu Security Team on promoting the systemd-container binary from universe to main in bionic. Thanks. --

[Touch-packages] [Bug 1927078] Re: Don't allow useradd to use fully numeric names

2021-05-10 Thread Steve Beattie
The Ubuntu Security team is +1 on disallowing purely numeric usernames, as they are too easily confused with UIDs. I think our preference would be to disallow leading numeric digits entirely so that for example, 0x0 and 0o0 would be blocked as well, to try to prevent both user and programmatic

[Touch-packages] [Bug 1925411] [NEW] apparmor adt test failure blocking tcpdump migration

2021-04-21 Thread Steve Beattie
Public bug reported: tcpdump has a sync from debian 4.99.0-2 that is currently blocked in hirsute-proposed due to a regression in the apparmor adt tests. The reason for this failure is that 'compile-policy' testcase is failing; this test ensures that various apparmor policies included in packages

[Touch-packages] [Bug 1895839] Re: CVE-2020-24977

2021-04-12 Thread Steve Beattie
Please note that upstream has indicated that this issue only affects the xmllint binary, and not the shared library. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libxml2 in Ubuntu. https://bugs.launchpad.net/bugs/1895839

Re: [Touch-packages] [Bug 1923432] Re: apparmor-utils: missing CAP_CHECKPOINT_RESTORE in /etc/apparmor/severity.db

2021-04-12 Thread Steve Beattie
es can be dropped that much easier. Thanks. -- Steve Beattie -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1923432 Title: apparmor-utils: missing CAP_CHECKPOINT_RESTORE in

Re: [Touch-packages] [Bug 1923432] [NEW] apparmor-utils: missing CAP_CHECKPOINT_RESTORE in /etc/apparmor/severity.db

2021-04-12 Thread Steve Beattie
://gitlab.com/apparmor/apparmor/-/commit/80efc15e18a6bb0d0abd2821cb03bf6be51cc517 This should be safe to cherrypick for hirsute. (Similar cherrypicks occurred for prior AppArmor branches.) -- Steve Beattie -- You received this bug notification because you are a member of Ubuntu Touch seeded packages

[Touch-packages] [Bug 1921485] Re: Bosch CERT Advisory: OpenSSL Multiple Vulnerabilities

2021-03-30 Thread Steve Beattie
This was addressed in https://ubuntu.com/security/notices/USN-4891-1 . ** Information type changed from Private Security to Public Security ** Changed in: openssl (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 1921690] Re: I dont know

2021-03-30 Thread Steve Beattie
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see

[Touch-packages] [Bug 388605] Re: [MIR] rsyslog

2021-03-30 Thread Steve Beattie
Ack by the Ubuntu Security team to move rsyslog-gnutls to main, both for hirsute, and for bionic, focal, and groovy. Thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu.

[Touch-packages] [Bug 1919285] Re: Nvidia

2021-03-16 Thread Steve Beattie
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1919285 Title: Nvidia Status in xorg package in Ubuntu: New

[Touch-packages] [Bug 1916893] Re: Regression - upate python2.7 for cover CVE-2021-3177 modifying unicode parts cause serious regressions

2021-02-25 Thread Steve Beattie
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python2.7 in Ubuntu. https://bugs.launchpad.net/bugs/1916893 Title: Regression - upate python2.7 for

[Touch-packages] [Bug 1904615] Re: cpio symlink traversal

2021-02-09 Thread Steve Beattie
Hello Yiğit, Sorry for the delay in responding to this issue. This issue was originally identified as CVE-2015-1197 and fixed around the same time frame. It was addressed in upstream cpio commit https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca in a

[Touch-packages] [Bug 1909608] Re: networkmanager sets DNS server configuration without proper dns-search/dns-priority causing DNS requests leak to ISP (openconnect+split-tunnel+non-split DNS)

2021-02-09 Thread Steve Beattie
Hi Adam, Marking public given the public bug reports elsewhere. It looks like upstream addressed this in network-manager 1.28, which has not made it into Ubuntu yet. ** Information type changed from Private Security to Public Security ** Changed in: network-manager (Ubuntu) Status: New

[Touch-packages] [Bug 1912091] Re: Memory Leak GNU Tar 1.33

2021-02-09 Thread Steve Beattie
** Changed in: tar (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tar in Ubuntu. https://bugs.launchpad.net/bugs/1912091 Title: Memory Leak GNU Tar 1.33 Status in tar package in

[Touch-packages] [Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2021-02-09 Thread Steve Beattie
Hi Dimitri, I don't know that all dkms SRUs need to go to the security pockets, but ones that fix build issues surely do, given the problems that a dkms build failure causes in package installs. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which

[Touch-packages] [Bug 1914839] Re: package upgrade should replace /etc/ssl/certs/ca-certificates.crt atomically

2021-02-09 Thread Steve Beattie
Ah yes, /usr/sbin/update-ca-certificates is deleting the ca- certificates.crt shortly before atomically moving the new version into place. It looks like a fic was committed in debian for this a couple of weeks ago:

[Touch-packages] [Bug 1914481] Re: use the size of the data when determing the server response

2021-02-04 Thread Steve Beattie
For fixing this via an SRU for focal and groovy, the Ubuntu Security team is okay with the result of this going to the security pocket, assuming the update is built in a ppa where only security updates are enabled. Thanks! -- You received this bug notification because you are a member of Ubuntu

[Touch-packages] [Bug 1913482] Re: Update tzdata to version 2021a

2021-01-31 Thread Steve Beattie
Hi Brian, thanks for preparing the debdiffs. I built, tested, and published the updated tzdata packages to the trusty/esm and precise/esm archives. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tzdata in Ubuntu.

[Touch-packages] [Bug 1904082] Re: apport's log collecting leaks MAC addresses maybe helping WiFi attacks?

2021-01-21 Thread Steve Beattie
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1904082 Title: apport's log collecting leaks MAC

[Touch-packages] [Bug 1911211] Re: Please upgrade to openssl 1.1.1g or later for 20.04

2021-01-20 Thread Steve Beattie
** Changed in: openssl (Ubuntu) Status: New => Invalid ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu.

[Touch-packages] [Bug 1912122] Re: /var/log/dmesg is 0644, should be 0640 to match new DMESG_RESTRICT restrictions

2021-01-18 Thread Steve Beattie
Oh, I was expecting that it would also be desirable to SRU this back to focal, as I expected CONFIG_SECURITY_DMESG_RESTRICT to come back with the HWE kernels, but looking at the config for linux-hwe-5.8, it appears that the old behavior was kept. -- You received this bug notification because you

[Touch-packages] [Bug 1884887] Re: rsyslogd dmesg unit leaves /var/log/dmesg* world readable

2021-01-18 Thread Steve Beattie
*** This bug is a duplicate of bug 1912122 *** https://bugs.launchpad.net/bugs/1912122 ** This bug has been marked a duplicate of bug 1912122 /var/log/dmesg is 0644, should be 0640 to match new DMESG_RESTRICT restrictions -- You received this bug notification because you are a member of

[Touch-packages] [Bug 1912122] Re: /var/log/dmesg is 0644, should be 0640 to match new DMESG_RESTRICT restrictions

2021-01-18 Thread Steve Beattie
The Ubuntu Security team would like to see this fixed, though it probably would be worth adding the following change to the service file so that on log rotation the permissions are corrected as well: -ExecStartPre=-/usr/bin/savelog -q -p -n -c 5 /var/log/dmesg +ExecStartPre=-/usr/bin/savelog

[Touch-packages] [Bug 1909698] Re: new upstream release 2020f

2021-01-11 Thread Steve Beattie
Hi Brian, Thanks for the trusty and precise debdiffs. I have gone ahead and published the updates to trusty-esm and precise-esm, after verifying the fixes. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tzdata in Ubuntu.

[Touch-packages] [Bug 1901020] Re: new upstream release 2020d

2020-10-29 Thread Steve Beattie
After confirming the behavior around SystemV timezones and changed timezones, tzdata 2020d-0ubuntu0.12.04 and tzdata 2020d- 0ubuntu0.14.04+esm1 are now published in their respective ESM releases. Thanks for preparing the updates, Brian! ** Changed in: tzdata (Ubuntu Precise) Status: In

[Touch-packages] [Bug 1881447] Re: package ca-certificates 20180409 failed to install/upgrade: installed ca-certificates package post-installation script subprocess returned error exit status 1

2020-10-28 Thread Steve Beattie
Hey Vern, Sorry you were having difficulties. 'sudo apt install -f' should cause apt to attempt to finish installing packages that had problems during the post install phase, where the error that is tripped over (like the dangling symlink in /etc/ssl/certs) has been resolved. ** Changed in:

[Touch-packages] [Bug 1901020] Re: new upstream release 2020d

2020-10-27 Thread Steve Beattie
Thanks Brian, these look good, will take these into Trusty and Precise ESM. (For the record, I noticed that the 2020d dropped the US/Pacific-New timezone, which was a symlink to the US/Pacific timezone. Testing demonstrated that a system with a configured Pacific-New timezone functioned correctly

[Touch-packages] [Bug 1901020] Re: new upstream release 2020d

2020-10-27 Thread Steve Beattie
** Changed in: tzdata (Ubuntu Precise) Status: New => In Progress ** Changed in: tzdata (Ubuntu Trusty) Status: New => In Progress ** Changed in: tzdata (Ubuntu Precise) Assignee: (unassigned) => Steve Beattie (sbeattie) ** Changed in: tzdata (Ubuntu Trusty)

[Touch-packages] [Bug 856489] Re: Improper verification of updated key via apt-key net-update

2020-10-24 Thread Steve Beattie
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-3374 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/856489 Title: Improper verification of updated key via

[Touch-packages] [Bug 1899046] Re: /usr/bin/aa-notify:ModuleNotFoundError:/usr/bin/aa-notify@39

2020-10-08 Thread Steve Beattie
That is correct (apparmor-notify package needs an added dependency on python3-psutil). We have an upload in progress to address it. Thanks! ** Changed in: apparmor (Ubuntu) Status: New => In Progress ** Changed in: apparmor (Ubuntu) Importance: Undecided => High -- You received this

[Touch-packages] [Bug 1887577] Re: DEP8: Invalid capability setuid

2020-09-21 Thread Steve Beattie
The fix for this is included in the apparmor 3.0.0~beta1-0ubuntu5 upload into groovy-proposed, which is waiting to migrate to groovy. ** Changed in: apparmor (Ubuntu) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch

[Touch-packages] [Bug 1385013] Re: proper fix for apparmor mediation of lower (encrypted) filesystem

2020-08-25 Thread Steve Beattie
** Changed in: apparmor (Ubuntu) Status: Fix Released => Confirmed ** Changed in: ecryptfs-utils (Ubuntu) Status: Fix Released => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu.

[Touch-packages] [Bug 1883793] Re: systemd-resolved leaks mDNS queries to DNS

2020-08-18 Thread Steve Beattie
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1883793 Title: systemd-resolved leaks mDNS queries to

[Touch-packages] [Bug 1884265] Re: [fips] ntpq segfaults when attempting to use MD5 from FIPS-openssl library.

2020-08-18 Thread Steve Beattie
Closing ntp task for groovy. ** Changed in: ntp (Ubuntu) Status: New => Invalid ** Changed in: openssl (Ubuntu Bionic) Status: In Progress => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ntp in

[Touch-packages] [Bug 1887577] Re: DEP8: Invalid capability setuid

2020-07-27 Thread Steve Beattie
This is due to a change in behavior in make 4.3. It was addressed in the upstream merge request https://gitlab.com/apparmor/apparmor/-/merge_requests/461 and was cherrypicked into the apparmor 2.13 branch via merge request https://gitlab.com/apparmor/apparmor/-/merge_requests/465. -- You

[Touch-packages] [Bug 1871538] Re: dbus timeout-ed during an upgrade, taking services down including gdm

2020-07-19 Thread Steve Beattie
I also hit this again in focal on 2020-06-25, with an update to systemd 245.4-4ubuntu3.1; I had previously updated dbus to 1.12.16-2ubuntu2.1 on 2020-06-17 without event. It's still an issue at least with updates to systemd in focal. Similar messages end up in the journal: Jun 25 13:04:55 kryten

[Touch-packages] [Bug 1884265] Re: [fips] Not fully initialized digest segfaulting some client applications

2020-07-14 Thread Steve Beattie
** Changed in: openssl (Ubuntu Bionic) Status: New => Confirmed ** Changed in: openssl (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu.

[Touch-packages] [Bug 1885562] Re: [fips] freebl_fipsSoftwareIntegrityTest fails in FIPS mode

2020-07-14 Thread Steve Beattie
** Changed in: nss (Ubuntu) Status: New => In Progress ** Changed in: nss (Ubuntu Bionic) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu.

[Touch-packages] [Bug 1452115] Re: Python interpreter binary is not compiled as PIE

2020-07-14 Thread Steve Beattie
** Changed in: python3.7 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python2.7 in Ubuntu. https://bugs.launchpad.net/bugs/1452115 Title: Python interpreter binary is not

[Touch-packages] [Bug 1884887] Re: rsyslogd dmesg unit leaves /var/log/dmesg* world readable

2020-06-30 Thread Steve Beattie
Updated groovy debdiff against the merge from debian currently in groovy-proposed. ** Patch added: "rsyslog_8.2006.0-2ubuntu2.debdiff" https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1884887/+attachment/5388559/+files/rsyslog_8.2006.0-2ubuntu2.debdiff ** Patch removed:

[Touch-packages] [Bug 1884887] Re: rsyslogd dmesg unit leaves /var/log/dmesg* world readable

2020-06-24 Thread Steve Beattie
Focal version. ** Patch added: "rsyslog_8.2001.0-1ubuntu1.1.debdiff" https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1884887/+attachment/5386929/+files/rsyslog_8.2001.0-1ubuntu1.1.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages,

[Touch-packages] [Bug 1884887] Re: rsyslogd dmesg unit leaves /var/log/dmesg* world readable

2020-06-24 Thread Steve Beattie
Fixed debdiff to add the bug reference for groovy. ** Patch removed: "rsyslog_8.2001.0-1ubuntu2.debdiff" https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1884887/+attachment/5386642/+files/rsyslog_8.2001.0-1ubuntu2.debdiff ** Patch added: "rsyslog_8.2001.0-1ubuntu2.debdiff"

[Touch-packages] [Bug 1884887] Re: rsyslogd dmesg unit leaves /var/log/dmesg* world readable

2020-06-24 Thread Steve Beattie
Debdiff for groovy attached: - adds a second ExecStartPost entru to chmod /var/log/dmesg - adjusts the savelog(8) call in ExecStartPre to set the permission mode to 640 explicitly when rotating dmesg logs ** Patch added: "rsyslog_8.2001.0-1ubuntu2.debdiff"

[Touch-packages] [Bug 1884887] [NEW] rsyslogd dmesg unit leaves /var/log/dmesg* world readable

2020-06-24 Thread Steve Beattie
Public bug reported: [Impact] The rsyslog dmesg systemd unit /lib/systemd/system/dmesg.service in eoan, focal, and groovy create /var/log/dmesg* with the following permissions: -rw-r--r-- 1 root adm 45146 Jun 16 12:32 /var/log/dmesg Most other system logs in /var/log/ are only readable by

[Touch-packages] [Bug 1811861] Re: incorrect permissions on /var/log after debootstrap

2020-06-23 Thread Steve Beattie
Thanks for clarifying, closing. ** Changed in: rsyslog (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1811861 Title: incorrect

[Touch-packages] [Bug 1881942] Re: default configuration forwards sshd failures to port 7070

2020-06-23 Thread Steve Beattie
Hi John, I'm not sure what's happened here, but the default /etc/rsyslog.d/50-default.conf contains no such snippet (a pristine copy is also stored in /usr/share/rsyslog/50-default.conf) and is managed via ucf. The contents of a pristine version are attached. Either another package you have

[Touch-packages] [Bug 1878108] Re: new upstream release 2020a

2020-05-20 Thread Steve Beattie
Ubuntu Security team ack for binary copying these into the security pockets as well. Thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tzdata in Ubuntu. https://bugs.launchpad.net/bugs/1878108 Title: new upstream

[Touch-packages] [Bug 1865519] Re: apparmor depends on python3

2020-04-29 Thread Steve Beattie
An initial port of aa-status to C landed in https://gitlab.com/apparmor/apparmor/-/commit/8f9046b1b179190d0003ae1beacf460ee93c5090 and will e in the upcoming AppArmor 3 release. There is a follow up improvement in https://gitlab.com/apparmor/apparmor/-/merge_requests/487 that should also land. **

[Touch-packages] [Bug 1871538] Re: dbus timeout-ed during an upgrade, taking services down including gdm

2020-04-08 Thread Steve Beattie
Oh, and I have no crash files in /var/crash/. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to accountsservice in Ubuntu. https://bugs.launchpad.net/bugs/1871538 Title: dbus timeout-ed during an upgrade, taking services

[Touch-packages] [Bug 1871538] Re: dbus timeout-ed during an upgrade, taking services down including gdm

2020-04-08 Thread Steve Beattie
Hi, I had a similar crash this morning upgrading focal, after trying to get unattended-upgrades to stop spinning on missing focal-security apt list files. In this case, I don't use gnome-shell as my desktop environment, but it still tore down my entire desktop environment and caused gdm3 to

[Touch-packages] [Bug 1863356] [NEW] libtool and libtool-doc 2.4.6-12 both contain /usr/share/doc/libtool/AUTHORS causing upgrade failures

2020-02-14 Thread Steve Beattie
Public bug reported: Unpacking libtool-doc (2.4.6-12) over (2.4.6-11) ... dpkg: error processing archive /tmp/apt-dpkg-install-tTUGeR/289-libtool-doc_2.4.6-12_all.deb (--unpack): trying to overwrite '/usr/share/doc/libtool/AUTHORS', which is also in package libtool 2.4.6-12 dpkg-deb: error:

[Touch-packages] [Bug 1858972] Re: python-apt uses MD5 for validation

2020-01-31 Thread Steve Beattie
** Summary changed: - placeholder + python-apt uses MD5 for validation ** Description changed: - Placeholder bug. + Only MD5 is checked (most versions) +

[Touch-packages] [Bug 1858973] Re: python-apt downloads from untrusted sources where apt does not

2020-01-31 Thread Steve Beattie
** Summary changed: - placeholder + python-apt downloads from untrusted sources where apt does not ** Description changed: - Placeholder bug. + ptyhon-apt never checked whether the hashes it got were signed in the + first place. So, python-apt is happy to download files from unsigned +

[Touch-packages] [Bug 1850551] Re: Xorg freeze

2019-11-01 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1850823] Re: plz help mw

2019-11-01 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1843083] Re: tracker-store crashed with SIGSEGV

2019-09-06 Thread Steve Beattie
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tracker in Ubuntu. https://bugs.launchpad.net/bugs/1843083 Title: tracker-store crashed with SIGSEGV Status in

[Touch-packages] [Bug 1834192] Re: apparmor mult_mount regression test fails in eoan

2019-06-27 Thread Steve Beattie
Fix committed upstream: https://gitlab.com/apparmor/apparmor/commit/7c7a4bc5311d983f2c4316252b830c52a5a0930b and backported to apparmor-2.13. We can work around this in qa-regression-testing or fix with an apparmor upload. ** Changed in: apparmor (Ubuntu) Assignee: Steve Beattie (sbeattie

[Touch-packages] [Bug 1834192] Re: apparmor mult_mount regression test fails in eoan

2019-06-25 Thread Steve Beattie
The issue here is that in LP: #1817097 e2fsprogs was changed to use 4k blocks by default regardless of the created fs size. Changing the command to force a 1012 byte blocksize causes the mkfs.ext2 command to succeed: $ dd if=/dev/zero of=/tmp/image.ext3 bs=4096 count=20 20+0 records in 20+0

[Touch-packages] [Bug 1834192] Re: apparmor mult_mount regression test fails in eoan

2019-06-25 Thread Steve Beattie
** Changed in: apparmor (Ubuntu) Status: New => Confirmed ** Changed in: apparmor (Ubuntu) Assignee: (unassigned) => Steve Beattie (sbeattie) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in

[Touch-packages] [Bug 1833758] [NEW] lvm2: vgcfgbackup in postinst takes several minutes

2019-06-21 Thread Steve Beattie
Public bug reported: The postinst for lvm2 includes a call to vgcfgbackup; in the version included in eoan 2.03.02-2ubuntu4 (and 2.03.02-2ubuntu3 before it), this command takes several minutes to run when invoked in an schroot as happens when a building a package with sbuild that ends up pulling

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-06-12 Thread Steve Beattie
Lukasz, all these packages look fine from the Ubuntu Security Team's perspective. Thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1828171 Title: New toolchain

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-05-20 Thread Steve Beattie
** Changed in: binutils (Ubuntu) Assignee: (unassigned) => Steve Beattie (sbeattie) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1828171 Title: New toolch

[Touch-packages] [Bug 1828171] Re: New toolchain updates need to be rebuilt against -security only

2019-05-20 Thread Steve Beattie
Hi Łukasz, I'll take this for the security team. Thanks. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1828171 Title: New toolchain updates need to be rebuilt against

[Touch-packages] [Bug 1828846] Re: ecra

2019-05-15 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1801383] Re: the WifiSyslog apport hook (used in firefox/tb) includes SSID informations

2019-03-21 Thread Steve Beattie
The linux kernel apport hook is provided by apport directly, so needs to be fixed there: $ grep -i Wifi /usr/share/apport/package-hooks/source_linux.py apport.hookutils.attach_wifi(report) $ dpkg -S /usr/share/apport/package-hooks/source_linux.py apport:

[Touch-packages] [Bug 1803441] Re: BASH_CMDS is writable in restricted bash shells (fixed upstream, need to backport patch)

2019-03-21 Thread Steve Beattie
Hi Andrew, thanks for reporting this. Do you know if a CVE was assigned for this issue? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bash in Ubuntu. https://bugs.launchpad.net/bugs/1803441 Title: BASH_CMDS is writable

[Touch-packages] [Bug 1821052] Re: Unavailable connexion with mobile broadband DW5811e Snapdragon™ X7 LTE

2019-03-21 Thread Steve Beattie
** Information type changed from Public Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1821052 Title: Unavailable connexion with mobile

[Touch-packages] [Bug 1813390] Re: package initramfs-tools 0.103ubuntu4.11 failed to install/upgrade: подпроцесс установлен сценарий post-installation возвратил код ошибки 1 I cannot upgrade my 14.04

2019-02-01 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1813921] Re: The ubuntu doesn't work when there is a second monitor and the user locks the screen.

2019-01-31 Thread Steve Beattie
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1813921 Title: The ubuntu doesn't work when there is a second

[Touch-packages] [Bug 1803524] Re: package udev 237-3ubuntu10.6 failed to install/upgrade: installed udev package post-installation script subprocess returned error exit status 1

2018-11-16 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1803655] Re: screen flickering and appearing green colour at screen edges

2018-11-16 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1794169] Re: AWS ubuntu became unreachable after ssh login

2018-09-25 Thread Steve Beattie
Not sure whether the issue is a poor interaction with sd-pam and the kernel or strictly a kernel issue. Kernel timeout backtrace: Sep 21 03:00:33 mainframe01 kernel: [292411.276266] Not tainted 4.15.0-1021-aws #21-Ubuntu Sep 21 03:00:33 mainframe01 kernel: [292411.277931] "echo 0 >

[Touch-packages] [Bug 1385903] Re: imagemagick crashes with "stack smashing detected"

2018-08-17 Thread Steve Beattie
Hi, Thanks for preparing the debiff. However, this issue was addressed in the interim in USN 3706-1 http://www.ubuntu.com/usn/usn-3706-1 (libjpeg- turbo 1.3.0-0ubuntu2.1) for trusty. Thanks again. ** Changed in: libjpeg-turbo (Ubuntu Trusty) Status: Confirmed => Fix Released ** Changed

[Touch-packages] [Bug 1785531] Re: i dont know what to write here.

2018-08-10 Thread Steve Beattie
Looking at the dmesg log, it seems that the ubuntu image or device you're installing from is corrupt: [ 7412.559612] SQUASHFS error: zlib decompression failed, data probably corrupt [ 7412.559621] SQUASHFS error: squashfs_read_data failed to read block 0x3b6a61 ** Information type changed

[Touch-packages] [Bug 1785422] Re: package passwd 1:4.2-3.1ubuntu5 [modified: usr/sbin/chgpasswd usr/sbin/chpasswd usr/sbin/cppw usr/sbin/groupadd usr/sbin/groupdel usr/sbin/groupmod usr/sbin/grpck us

2018-08-10 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1772279] Re: 2018.05.21

2018-05-23 Thread Steve Beattie
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see

[Touch-packages] [Bug 1772640] Re: package python-pkg-resources 20.7.0-1 failed to install/upgrade: 설치한 post-installation 스크립트 하위 프로세스가 오류 1번을 리턴했습니다

2018-05-23 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1772640] Re: package python-pkg-resources 20.7.0-1 failed to install/upgrade: 설치한 post-installation 스크립트 하위 프로세스가 오류 1번을 리턴했습니다

2018-05-23 Thread Steve Beattie
Something looks to be missing a dependency on python-configparser, based on the failed import in the DpkgTerminalLog.txt. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python-setuptools in Ubuntu.

[Touch-packages] [Bug 1772920] Re: package libgconf-2-4:amd64 3.2.6-4ubuntu1 failed to install/upgrade: O pacote está num mau estado de inconsistência; deve reinstala-lo antes de tentar configura-lo.

2018-05-23 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross

[Touch-packages] [Bug 1733366] Re: apport crashed with FileNotFoundError in is_container_pid(): [Errno 2] No such file or directory: '/proc/11102/ns/pid'

2018-05-11 Thread Steve Beattie
I've uploaded the trusty apport package to the ubuntu-security-proposed ppa (https://launchpad.net/~ubuntu-security- proposed/+archive/ubuntu/ppa/) for testing, and will likely release this next week. Any feedback is appreciated. Thanks! -- You received this bug notification because you are a

[Touch-packages] [Bug 1769371] Re: package ca-certificates 20180409 failed to install/upgrade: installed ca-certificates package post-installation script subprocess returned error exit status 1

2018-05-07 Thread Steve Beattie
*** This bug is a duplicate of bug 1767864 *** https://bugs.launchpad.net/bugs/1767864 Specifically, your system is running an openssl from Ondřej Surý's php ppa, which needs to have the fix for LP: #1764848 backported to it. See https://github.com/oerdnj/deb.sury.org/issues/859. ** Bug

[Touch-packages] [Bug 1733366] Re: apport crashed with FileNotFoundError in is_container_pid(): [Errno 2] No such file or directory: '/proc/11102/ns/pid'

2018-05-04 Thread Steve Beattie
Thanks, Brian, reviewing now. ** Changed in: apport (Ubuntu Trusty) Assignee: Brian Murray (brian-murray) => Steve Beattie (sbeattie) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. ht

[Touch-packages] [Bug 1768601] Re: package ca-certificates 20180409 failed to install/upgrade: installed ca-certificates package post-installation script subprocess returned error exit status 1

2018-05-02 Thread Steve Beattie
*** This bug is a duplicate of bug 1767864 *** https://bugs.launchpad.net/bugs/1767864 Thank you for taking the time to report this bug and helping to make Ubuntu better. This particular bug has already been reported and is a duplicate of bug 1767864, so it is being marked as such. Please

  1   2   3   4   5   >