following my request, OpenSSL just integrated a fix to avoid loading an
engine twice even if the configuration is parsed more than once:
https://github.com/openssl/openssl/commit/9b06ebb1edfddffea083ba36090af7eb7cad207b
Integrating this patch in the existing OpenSSL 1.1.1 package (or at
least
I am encountering the same issue. IMHO there needs to be a newer OpenSSL
release for 20.04 LTS included in the repos.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1951279
Bug 1918855 is fixed in focal and up, so if you still have crashes then
that was not your bug/fix.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1871959
Title:
Xorg crashed
Public bug reported:
[Impact]
* Engine crashes when loading the configuration more than once
* Upstream started to avoid loading engines twice by using dynamic ids
to track the loaded engines correctly
* OpenSSL 3 merge https://github.com/openssl/openssl/pull/17073 (bugfix
& testcase)
*
for 1.20.3-1ubuntu2 in focal:
I have verified the configuration file is only loaded once, and 1) and
2) but 3) I did not manage to do. I tried this before the SRU with like
setting min TLS to 1.3 and check it's respected, but that did nothing,
and I don't have a custom engine handy that I could
Thank you for working with OpenSSL upstream, explaining the issue at
hand, for everyone to eventually understand what is going on, and
finally coming up with a solution on the OpenSSL side of the APIs that
is accepted by upstream into development v3 branch and stable 1.1.1
branch.
I have started
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1944788
Title:
URI defined for connectivity check is
I think he meant to post this on
https://bugs.launchpad.net/ubuntu/+source/wireguard/+bug/1950317
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1892798
Title:
systemd
Marking python-gear as invalid in favor of
https://bugs.launchpad.net/ubuntu/+source/python-gear/+bug/1951952
** Changed in: python-gear (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
> Our kernel ships wireguard modules by default anyway, and one can
configure wireguard via networkd and soon via netplan. Which is our
default tooling to interact with the wireguard kernel module.
How should we generate the wireguard keys without `wg`? openssl? It's a
significant deviation from
If you look into the openvpn configuration file that Network Manager
creates for your connection in /etc/NetworkManager/system-connections,
could you please paste the [ipv4] and [ipv6] sections?
** No longer affects: ubuntu
** Changed in: network-manager (Ubuntu)
Status: New =>
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Marking as verification-done, I'm happy with the described test
procedure to fulfill 3) (arguably all of it :D)
** Tags removed: verification-needed verification-needed-focal
** Tags added: verification-done verification-done-focal
--
You received this bug notification because you are a member
The wget package that was tested and approved on our setup (using PKA
1.3 engine) is the one you declared above - 1.20.3-1ubuntu2. The tests
were basic functionality tests for wget, including debugging to verify
that the engine is loaded exactly once.
Same for curl (exactly the same procedure).
On Tue, Nov 23, 2021 at 1:40 PM Jason A. Donenfeld
<1892...@bugs.launchpad.net> wrote:
>
> I think he meant to post this on
> https://bugs.launchpad.net/ubuntu/+source/wireguard/+bug/1950317
>
That makes a lot more sense. Commented my opinion there about the need
for key generation tooling.
As per [1], the difference reported in the bug is seen due to a pair of
patches carried by Fedora/RH.
This seems to be a feature (not a fix), therefore, I am not sure if this
would be suitable for an SRU.
The patch proposed in [1] seems to be under review for a long time (and
parts of the patch
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
@ahasenack I feel a bit lost here. This bug report is about how one
should or shouldn't propagate DNS servers after establishing a wireguard
based connection.
This has nothing to do w.r.t. creating keys.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
> Reverting this upstream commit seems to fix the problem:
> https://github.com/systemd/systemd/commit/0299deab53d2a087727a5d04c1500c322c48b63e
lxd and systemd have what I can only describe euphemistically as a
horrible relationship. Instead of carrying another patch on systemd to
get it working
qtwebkit debdiff (jammy)
** Patch added: "qtwebkit debdiff (jammy)"
https://bugs.launchpad.net/ubuntu/+source/qtwebkit-opensource-src/+bug/1951470/+attachment/5542873/+files/debdiff-qtwebkit-lp1951470-jammy.patch
--
You received this bug notification because you are a member of Ubuntu
Touch
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: iptables (Ubuntu Impish)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
** Tags added: originate-from-1933628
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pulseaudio in Ubuntu.
https://bugs.launchpad.net/bugs/1951667
Title:
[SRU] pulseaudio: restore hdmi audio be active output after resume
** Changed in: iptables (Ubuntu Jammy)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/1949603
Title:
iptables-save -c shows incorrect
I'm open to putting a fix in Debian. I haven't come up with a solution
that I'm happy with and don't currently have a lot of time to work on
this.
I think Paride Legovini's "wall-of-text" post is on the right track, but
I would really prefer to avoid asking a question about this.
Anything in
** Merge proposal linked:
https://code.launchpad.net/~fheimes/ubuntu/+source/qtwebkit-opensource-src/+git/qtwebkit-opensource-src/+merge/412305
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to qtwebkit-opensource-src in
This is caused be mismatch between Kernel and iproute2 version. The kernel v5
offers ipset v7 which causes iproute to not be built with ematch ipset
functionality.
This has been fixed in iproute upstream in - its a one line fix -
Pulling this into iproute2 and rebuilding (After committing it)
** Description changed:
[Impact]
- * Engine crashes when loading the configuration more than once
+ * Engine crashes when loading the configuration more than once
- * Upstream started to avoid loading engines twice by using dynamic ids
+ * Upstream started to avoid loading engines
The attachment "qtwebkit debdiff (jammy)" seems to be a debdiff. The
ubuntu-sponsors team has been subscribed to the bug report so that they
can review and hopefully sponsor the debdiff. If the attachment isn't a
patch, please remove the "patch" flag from the attachment, remove the
"patch" tag,
Comment #30 was only a question, not a statement :)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1871959
Title:
Xorg crashed with SIGABRT in _iris_batch_flush from
Hello Timo, or anyone else affected,
Accepted xorg-server into focal-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/xorg-
server/2:1.20.13-1ubuntu1~20.04.1 in a few hours, and then in the
-proposed repository.
Please help us by testing this new
@Timo: I notice the libdrm backport drops the valgrind integration. I
know it's disabled in (at least) impish, but is there any particular
reason for it to be disabled in the focal backport?
It seems pretty unlikely that anyone would notice, but the diff required
to keep the valgrind annotations
33 matches
Mail list logo
