You can find it built here:
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages
** Changed in: dino-im (Ubuntu Bionic)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I reviewed containerd 1.3.1-0ubuntu1 as checked into focal. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
containerd is a daemon that manages the complete container lifecycle of its
host system. Containerd controls runc.
- No CVE History:
- Build-Depends
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Your bug report is more likely to get attention if it is made in
English, since this is the language understood by the majority of Ubuntu
developers. Additionally, please only mark a bug as "security" if it
shows
I reviewed mysql-router 8.0.19-0ubuntu2 as checked into focal (when this review
started). This shouldn't be considered a full audit but rather a quick gauge of
maintainability.
mysql-router is a binary package from mysql-8.0 that is responsible for routing
connections from MySQL clients to MySQL
This is the same as bug #1862364
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1862770
Title:
MySQL autopkgtest regressed in Focal release pocket
To manage notifications about this bug go to:
Public bug reported:
Just similar to bug #1859100 there is another test that just started
failing because of a date that expired.
See the snippet of build log below:
[ 51%] main.events_1w4 [ fail ]
Test ended at 2020-02-07 10:46:06
CURRENT_TEST:
I reviewed runc 1.0.0~rc8+git20190923.3e425f80-0ubuntu1 as checked into focal.
This shouldn't be considered a full audit but rather a quick gauge of
maintainability.
runc, a lightweight universal container runtime, is a CLI tool for spawning and
running containers according to the Open Container
Thanks, I will try to test or at least let the build running on xnox's
proposed mysql version.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1859100
Title:
mysql-server FTBFS (focal) because of
** Changed in: openjpeg2 (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/711061
Title:
[MIR] openjpeg2
To manage
I reviewed openjpeg2 2.3.1-1 as checked into focal. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
openjpeg2 is a library to encode and decode JPEG 2000 images. JPEG 2000 is an
image compression standard and coding system. OpenJPEG dates back from 2005
and
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see
Actually marking it as Fixed Released.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1856979
Title:
GIT 2.x vulnerabilities
Hi Srdjan,
Awesome, thanks! I will give it a try.
Yes, the analysis seems correct to me. So I encourage you to file a bug
on Trivy Github and let them verify what's going on. If possible, keep
us updated on the outcomes of your bug report.
I appreciate it!
Thanks,
Eduardo
--
You received this
Also, I am not aware of this Trivy tool, but could you give us more
information on what you are seeing?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1855768
Title:
Ubuntu-security
Hi Srdjan,
Thanks for taking the time to report this issue and help making Ubuntu
better.
The USN you mentioned, applied the fix to the source package libidn2
(https://packages.ubuntu.com/source/bionic/libidn2)
You can see on the mentioned page that this source package generates multiple
*** This bug is a duplicate of bug 1847520 ***
https://bugs.launchpad.net/bugs/1847520
** Also affects: tcpdump (Ubuntu)
Importance: Undecided
Status: New
** No longer affects: phpmyadmin (Ubuntu)
** This bug has been marked a duplicate of bug 1847520
33 Upstream CVEs patched
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
*** This bug is a duplicate of bug 1799215 ***
https://bugs.launchpad.net/bugs/1799215
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
@vanvugt, could you please take a look on this and assign it to the correct
package.
It might be a duplicate of another ticket.
Thanks!
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
** Also affects: cups (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1850032
Title:
scanbd prevents HP printers to work correctly with
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
*** This bug is a duplicate of bug 1853545 ***
https://bugs.launchpad.net/bugs/1853545
** This bug has been marked a duplicate of bug 1853545
discover did not ask for a password on an update
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: openjpeg2 (Ubuntu)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/711061
Title:
[MIR] openjpeg2
To manage
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847701
Title:
Buffer Overflow Write when libntlm generates NTLM request
To
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847520
Title:
33 Upstream CVEs patched
To manage notifications about this bug go
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847960
Title:
After returning from suspend the screen content (with all
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
I reviewed libhandy 0.0.10-1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
libhandy is a library full of GTK widgets for mobile phones. The aim of
libhandy is to help with developing UI for mobile devices using GTK/GNOME.
- No CVE
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: systemd (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1814596
Title:
DynamicUser can create setuid binaries when assisted by another
** Changed in: jackd2 (Ubuntu)
Status: New => Confirmed
** Changed in: jackd2 (Debian)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
** Changed in: clamtk (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1838067
Title:
made Ubuntu very slow then crash
To manage notifications about
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks Julian! The packages will be available in a few minutes in
security-proposed https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages?field.name_filter=redis_filter=published_filter=
If you could also test them would be great. I will be pushing them to
archive tomorrow
** Changed in: redis (Ubuntu)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1836496
Title:
CVE-2019-10192 CVE-2019-10193
To manage notifications about this
** Changed in: redis (Ubuntu)
Assignee: (unassigned) => Eduardo dos Santos Barretto (ebarretto)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1836496
Title:
CVE-2019-10192 CVE-2019-10
** Changed in: lmdb (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1833745
Title:
[MIR] required new dependency of
I reviewed lmdb 0.9.23-0ubuntu1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
lmdb is a software library that provides a high-performance embedded
transactional database in the form a key-value store.
- No CVE History
- Build-Depends
Thanks Luca for all the help and contribution, the fix is released. Feel
free to contact us in case of new issues.
** Changed in: zeromq3 (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
I reviewed zope.component 4.3.0-1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
Zope is a free and open source web application server written in the
object-oriented programming language “Python”.
zope.component is a framework that
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: extplorer (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822013
Title:
extplorer package exposes /usr/ (and /etc/extplorer/) directory over
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1775776
Title:
GNU bc crashes on some inputs
To manage notifications about this
Setting mariadb-10.1 to 'Fix Released' as Bionic
(1:10.1.34-0ubuntu0.18.04.1) and newer releases already contain the
fixes for those CVEs.
** Changed in: mariadb-10.1 (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: gnome-screensaver (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1821957
Title:
Turning off a monitor unlocks the computer
To manage
** Changed in: pam-u2f (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1831713
Title:
Security update to libpam-u2f from Yubico
To manage
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: apache2 (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832163
Title:
Me acaban de dar BANNN SIN NINGUNA RAZON POR QUE ESTABA JUGANDO
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832163
Title:
Me acaban de dar BANNN SIN NINGUNA RAZON POR QUE ESTABA JUGANDO SKYWAR
Y
Thanks Otto for providing the update for 18.04.
We just released it and it should be available in the archive in some minutes.
We appreciate all the work you've done.
** Changed in: mariadb-10.1 (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because
On Mon, 2019-06-03 at 05:54 +, Christian Ehrhardt wrote:
> > - There are different versions of twitter-bootstrap in the archive,
> > after some
> > search we have that
>
> [...]
> > It is used in mailman-website where you can manage lists. It is
> > unclear to
> > me if the
I reviewed twitter-bootstrap3 3.4.0+dfsg-4 as checked into eoan. This shouldn't
be considered a full audit but rather a quick gauge of maintainability.
twitter-bootstrap3 is an open source toolkit for developing with HTML, CSS, and
JS.
- There are different versions of twitter-bootstrap in the
Hi Otto,
You based your update on version 1:10.1.38-0ubuntu0.18.04.1.
We currently have in the archive version 1:10.1.38-0ubuntu0.18.04.2.
Could you please rebase your changes with what is in the archive?
Thanks in advance!
--
You received this bug notification because you are a member of
I will be handling it for the security team, thanks Otto.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1825572
Title:
April 2019 Oracle CPU might also affect MariaDB
To manage notifications about
I reviewed python-aiosmtpd version 1.2-3 as checked into eoan as of this
writing.
This shouldn't be considered a full audit but rather a quick gauge of
maintainability.
python-aiosmtpd is an asyncio based SMTP server.
- Last commit from March
- No CVE history
- Build-depends:
- debhelper,
-
** Changed in: ffmpeg (Ubuntu Bionic)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1823786
Title:
[SRU] ffmpeg 3.4.6 for bionic
To manage
)
Assignee: (unassigned) => Eduardo dos Santos Barretto (ebarretto)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1823786
Title:
[SRU] ffmpeg 3.4.6 for bionic
To manage notifications ab
I reviewed python3-openid version 3.1.0-1 as checked into disco as of this
writing.
This shouldn't be considered a full audit but rather a quick gauge of
maintainability.
python3-openid is a set of python packages to support use of the OpenID
decentralized identity system in your application.
-
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Changed in: ffmpeg (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1823786
Title:
[SRU] ffmpeg 3.4.6 for bionic
To manage notifications about this
** Information type changed from Private Security to Public Security
** Changed in: ubuntubudgie
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1821957
Title:
** Changed in: unzip (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1824530
Title:
Heap Buffer Overflow in UzpPassword
To manage notifications about
*** This bug is a duplicate of bug 1806961 ***
https://bugs.launchpad.net/bugs/1806961
** This bug has been marked a duplicate of bug 1806961
Lock can be circumvented by switching tty when using lightdm
** Information type changed from Private Security to Public Security
--
You received
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks Etienne,
Updated version was released for trusty, xenial, bionic and cosmic.
Thanks again for the testing and for providing the debdiffs.
Any problems just let us know.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Hi Etienne,
Yes it helps, also any other usage cases that you can run will be much
appreciated.
Thanks,
Eduardo
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1819912
Title:
CVE-2019-9628 XML
Hi Etienne,
I would appreciate if you could run some tests with the binaries that
you can find below:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages?field.name_filter=xmltooling_filter=published_filter=
Thanks
--
You received this bug notification because you
Hi Etienne,
Thanks for taking the time to report this bug and helping to make Ubuntu
better.
I will be sponsoring it.
I will be back to you later today and I would appreciate if you could run some
tests on the built .debs.
Thanks again
--
You received this bug notification because you are a
** Changed in: xmltooling (Ubuntu Bionic)
Assignee: (unassigned) => Eduardo dos Santos Barretto (ebarretto)
** Changed in: xmltooling (Ubuntu Bionic)
Status: Confirmed => In Progress
** Also affects: xmltooling (Ubuntu Trusty)
Importance: Undecided
Status: New
*
1 - 100 of 192 matches
Mail list logo