** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
Thanks for catching this! Is this perhaps a problem at a higher level?
(I.e. should security_task_free be called in a different way so that its
hooks (like yama_ptracer_del) do not need to use the _bh locking
mechanisms?
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
CVE states look okay to me. Thanks!
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/802464
Title:
linux:
Heru, thanks for getting involved in helping with Ubuntu. Please don't
change the statuses or assignments of this bug (or similar bugs), it is
used for the tracking of progress on Ubuntu kernel updates. If you want
to get involved, please see http://www.ubuntu.com/community/get-involved
--
You
@pitti no need -- it's not a security vulnerability. (because of the
compiler flags, this is just a crash, not an exploitable bug)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/657598
Title:
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
. apg is just used to generate a password, IIUC,
not to do the hashing.
** Changed in: accountsservice (Ubuntu)
Assignee: Kees Cook (kees) = Rodrigo Moya (rodrigo-moya)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https
Okay, after proving to myself that the system bus can't normally be
snooped, I'm satisfied not to block the MIR, but the file size limit
test (moving it into the GIO stream copy) should be fixed before
release.
+1
--
You received this bug notification because you are a member of Ubuntu
Bugs,
Oh, one more thing -- the crypted password system must use the system
crypt functions, not use an embedded method since the system may be
configured for different systems:
static gchar *
make_crypted (const gchar *plain)
{
...
/* SHA 256 */
g_string_append (salt, $6$);
This whole
Oh, and $6 is SHA512, not SHA256 -- that comment is wrong. :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/785680
Title:
[MIR] accountsservice
To manage notifications about this bug go to:
** Package changed: udisks (Debian) = linux-2.6 (Debian)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/726814
Title:
udisks-daemon uses a ton of CPU after inserting a SanDisk U3 Cruzer
Micro usb
There were a few things that gave me some pause in libtirpc, but I've
now convinced myself that they are okay. This code could probably use a
few more eyes on it, but it looks reasonable, and it does attempt to be
careful about lengths, etc. +1
** Changed in: libtirpc (Ubuntu Oneiric)
I encountered this only after reformatting the stick with ext4 (it
behaved fine prior to that). I would agree, it does seem to be some kind
of kernel (or udev) bug.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
-- Hideki Yamane henr...@debian.org Sat, 28 May 2011 21:24:48 +0900
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Kees Cook k...@outflux.net
iEYEARECAAYFAk4HWWIACgkQH/9LqRcGPm2yMgCcDvesTE04RSGPAB7yLm84smHs
xYQAoJtxBysxZJRB1ZS1YQRRt24LMb/Q
=ud7N
-END PGP SIGNATURE
+1. (Though 1:1.4.1-1 should be synced now)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/801886
Title:
Sync joystick 1:1.4-1 (main) from Debian unstable (main)
To manage notifications about this
CVE-2011-2493
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/801087
Title:
ext4: BUG_ON on null-pointer when mounting corrupted filesystem
To manage notifications about this bug go to:
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
Since this is the first release of linux-lts-backport-natty, it should
not land in -security (even though it has CVEs in it, since the delta
between it an lucid's kernel isn't entirely sane). Future uploads of
linux-lts-backport-natty with CVE fixes in it will go through -security
normally. In the
The commit for CVE-2011-2022 says 1011 instead of 2011. I have adjusted
our scripts to deal with this. Everything else checks out from what I
can see.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-2022
** Changed in: kernel-sru-workflow/security-signoff
Status: In
Thanks for taking the time to report this bug and helping to make Ubuntu
better. This is not a bug, but rather expected behavior:
https://wiki.ubuntu.com/SecurityTeam/Policies#Reasonable%20Physical%20Access
Please feel free to report any other bugs you may find.
** Visibility changed to:
I spent a little time tracking down:
Revert econet: fix CVE-2010-3848
but it looks like this was just part of the upstream realignment or something,
since the fix was reapplied right after it. Anyway, things look good.
** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-3848
The commits for CVE-2010-4076 and CVE-2010-4077 seems a bit confused.
This version seems to have half of them, so I'm ignoring those CVEs in
the changelog for the future publication. The rest looks fine.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4076
** CVE added:
CVE-2010-3848 got reverted and reapplied, so I'll ignore it for the
publication. Everything else looks fine.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3848
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received
Thanks, we'll get this fixed. :)
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0449641130f5
** Visibility changed to: Public
** Bug watch added: Linux Kernel Bug Tracker #32082
http://bugzilla.kernel.org/show_bug.cgi?id=32082
** Also affects: linux via
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
Agreed, please don't hold it back.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/788843
Title:
linux: 2.6.24-29.90 -proposed tracker
To manage notifications about this bug go to:
)
Assignee: Kees Cook (kees) = (unassigned)
** Changed in: xen (Ubuntu)
Status: New = In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/790854
Title:
[MIR] libxen-dev and libxenstore3.0
This uses /dev/random for seed generation among other things, so that's
certainly sufficient for decent generation. Should be fine. +1
** Changed in: apg (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) = (unassigned)
** Changed in: apg (Ubuntu)
Assignee: (unassigned) =
Seems like it will fail to handle usernames with -, ., or _ in the name?
Should compare this exclusion list against what adduser does. src/daemon.c:
re = g_regex_new ((?Pusername[0-9a-zA-Z]+)[
]+(?Pfrequency[0-9]+), 0, 0, error);
daemon_create_user_authorized_cb() lacks a -- in the
** Changed in: gmemusage (Ubuntu)
Status: Triaged = Incomplete
** Changed in: gmemusage (Ubuntu Natty)
Status: New = Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/370735
I've updated the debdiff with Chris's suggestions, and fixed up the
changelog to use LP-style bug numbering. Thanks for the work on this,
I'll get it uploaded shortly.
** Changed in: gmemusage (Ubuntu)
Status: Incomplete = Fix Committed
--
You received this bug notification because you
This looks like a regular bug to me. I don't think Perl will deal with
the %n in an unsafe way.
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
For the impatient, I've created a Firefox Extension that forces
middlemouse.contentLoadURL to true:
http://outflux.net/software/pkgs/thewolf/
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/548866
I've got this error more fully silenced in a later commit which should
be available soon.
** Changed in: pam (Ubuntu)
Assignee: (unassigned) = Kees Cook (kees)
** Changed in: pam (Ubuntu)
Status: Triaged = Fix Committed
** Changed in: pam (Ubuntu)
Importance: Medium = Low
This looks like a regular bug to me. I don't think Perl will deal with
the %n in an unsafe way.
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
AppArmor only restricts permissions, and does not add them. If the program
is started with the capability it needs, it should work as expected.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/794026
The commit-checker missed 5caf3ae4c4bed98bd6148021e6e934d94b5dea1d (due
to it accidentally claiming to be a backport of
linus:272b62c1f0f6f742046e45b50b6fec98860208a0 instead of
linus:b00916b189d13a615ff05c9242201135992fcda3), so CVE-2010-4655 was
not shown as pending in UCT, but was correct in
*** This bug is a duplicate of bug 375625 ***
https://bugs.launchpad.net/bugs/375625
** This bug has been marked a duplicate of bug 375625
screen freezes up, turns zombie
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: pymilter-milters (Ubuntu)
Status: Incomplete = Confirmed
** Changed in: pymilter-milters (Ubuntu)
Status: Confirmed = Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
The logs don't contain any path details for the following packages, so I
haven't been able to check them:
dbacl
amavis-ng
amavisd-new
kcmpureftpd
boxbackup
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
I wonder if there should maybe be an /etc/pam.d/dm-common that gdm, kdm,
and lightdm can all include instead of shipping the same thing multiple
times?
The upstart job file uses and and or. As I understand it, this can
lead to job hangs and is not supported by Upstart. See bug 447654.
I'm
** Also affects: apparmor (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Oneiric)
Importance: High
Status: Triaged
** Changed in: apparmor (Ubuntu Natty)
Status: New = Triaged
** Changed in: apparmor (Ubuntu Natty)
Importance:
Same issue here running 11.04.
Bus 002 Device 010: ID 148f:2570 Ralink Technology, Corp. RT2570
Wireless Adapter
[23265.079987] phy2 - rt2x00usb_vendor_request: Error - Vendor Request 0x07
failed for offset 0x04d4 with error -71.
[23265.080095] phy2 - rt2500usb_regbusy_read: Error - Indirect
** Visibility changed to: Public
** Changed in: mumble (Ubuntu)
Status: New = Confirmed
** Changed in: mumble (Ubuntu)
Importance: Undecided = Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Hi Tim, sorry I took so long with this. I've reproduced the original
crash (it just kills dosemu):
[ 167.120539] note: dosemu.bin[1623] exited with preempt_count 1
However, when running this with the test kernel, the entire system
hangs, so that's no good. :)
** Changed in: linux (Ubuntu
Incomplete fix for CVE-2011-0711.
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0711
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/788351
(Ubuntu)
Status: New = Incomplete
** Changed in: libauthen-ntlm-perl (Ubuntu)
Assignee: Kees Cook (kees) = (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/787495
Title:
[MIR
Net::HTTP looks fine. It is relatively straight forward. Internal test
suite is enabled, so +1.
** Changed in: libnet-http-perl (Ubuntu)
Status: Confirmed = In Progress
** Changed in: libnet-http-perl (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) = (unassigned)
--
You
Net::SSLeay is a long-standing Perl SSL wrapper. Nothing bad jumps out
at me in it. The internal testsuite is enabled in the build, and is
linked against the current 1.0.0d openssl. +1
** Changed in: libnet-ssleay-perl (Ubuntu)
Status: Confirmed = In Progress
** Changed in:
Right, it's just bindings, but right now browsers don't run Python
code. :) I'm fine with this all on principle, but I don't want to see JS
crossing from the browser to the desktop without a specific security
design. Since there isn't one yet, I'll just make an easy one up:
JavaScript must never
This should probably be something like remotely-served or Browser-
handled JavaScript should never be executed by the Desktop. Regardless,
without some more specific examples of bad situations, this statement
won't be complete.
--
You received this bug notification because you are a member of
Yikes, javascript hooked to the desktop. :) There's nothing immediately
wrong with the code, but I have to wonder about how security boundaries
are going to be enforced, if JS from the browser ever touches JS for the
desktop. I would prefer to see documentation similar to the same
origin policies
Thanks for the report! Since Ubuntu already uses FORTIFY[1], these are
already snprintf, and result in just an abort instead of an exploitable
overflow.
[1] https://wiki.ubuntu.com/CompilerFlags
** This bug is no longer flagged as a security vulnerability
** Changed in: foomatic-db-engine
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Summary changed:
- long apt: URL causes Software Center to open and freeze, potential exploit
+ long apt: URL causes Software Center to open and freeze, potential DoS
--
You received this bug
** Also affects: apparmor
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu)
Status: New = Confirmed
** Changed in: apparmor
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Thanks for the report! I've sent a patch to the mailing list and this
will likely get committed soon.
** Changed in: apparmor
Status: Confirmed = In Progress
** Changed in: apparmor (Ubuntu)
Status: Confirmed = In Progress
--
You received this bug notification because you are a
Hi, I have not, since it was not clear if multi-level wildcards were
convered by the spec.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/573256
Title:
SSL hostname matching does not allow subdomain
AAaargh. Who reimplements sprintf!? I am working on hardy and dapper
now. Will have this uploaded shortly. Thanks for double-checking and
getting the Lucid and Oneiric patches ready!
At least full ASLR (PIE[1]) is in place in Lucid and later, so
exploiting this is difficult, but not impossible.
** Changed in: exim4 (Ubuntu Oneiric)
Importance: Undecided = Medium
** Changed in: exim4 (Ubuntu Lucid)
Assignee: (unassigned) = Kees Cook (kees)
** Changed in: exim4 (Ubuntu Maverick)
Assignee: (unassigned) = Kees Cook (kees)
** Changed in: exim4 (Ubuntu Natty)
Assignee
Just as a note, due to Ubuntu's default compiler flags[1], this
vulnerability is only a denial-of-service and does not seem to result
in arbitrary code execution.
[1] https://wiki.ubuntu.com/CompilerFlags
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
AAaargh. Who reimplements sprintf!? I am working on hardy and dapper
now. Will have this uploaded shortly. Thanks for double-checking and
getting the Lucid and Oneiric patches ready!
At least full ASLR (PIE[1]) is in place in Lucid and later, so
exploiting this is difficult, but not impossible.
** Changed in: exim4 (Ubuntu Oneiric)
Importance: Undecided = Medium
** Changed in: exim4 (Ubuntu Lucid)
Assignee: (unassigned) = Kees Cook (kees)
** Changed in: exim4 (Ubuntu Maverick)
Assignee: (unassigned) = Kees Cook (kees)
** Changed in: exim4 (Ubuntu Natty)
Assignee
** Changed in: exim4 (Ubuntu)
Status: New = Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
https://bugs.launchpad.net/bugs/779391
Title:
CVE-2011-1764: format string vulnerability
--
** Changed in: exim4 (Ubuntu)
Status: New = Triaged
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/779391
Title:
CVE-2011-1764: format string vulnerability
--
ubuntu-bugs mailing list
Using inotifywait -mr /tmp I don't see these files being created.
Perhaps this only happens with Unity-2d?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/777011
Title:
gdk-pixbuf uses temporary
Public bug reported:
Binary package hint: terminator
If you open gnome-terminal, and run:
inotifywait -mr /tmp
You can watch files in /tmp. If you cause a terminator window to scroll
(ls -la /usr) you'll see many temp files being created and deleted. This
doesn't happen with gnome-terminal,
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/778872
Title:
vte use causes /tmp file writing during text scrolling
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
I take it back, this happens with gnome-terminal too.
** Package changed: terminator (Ubuntu) = vte (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/778872
Title:
vte use causes /tmp file
If we switch from dash to bash, we can use local fd redirection to avoid
the need for /tmp at all.
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu)
Status: New = Triaged
** Patch added: no-tmp.patch
Unfortunately not. :(
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/407459
Title:
Procmail opens $HOME/.procmailrc before dropping setuid permissions
--
ubuntu-bugs mailing list
Public bug reported:
Running the latest natty rc, I experienced a crash. Attached screenshot
indicates it is related to the wireless USB network adapter:
Bus 002 Device 003: ID 1737:0078 Linksys WUSB100 RangePlus Wireless USB Network
Adapter ver. 2
ProblemType: Bug
DistroRelease: Ubuntu 11.04
** Attachment added: Screenshot
https://bugs.launchpad.net/bugs/771958/+attachment/2091900/+files/IMG_20110427_195552.jpg
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/771958
Title:
Crash
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/87023
Title:
sudo option tty_tickets gives false sense of security due to reused
pts
*** This bug is a duplicate of bug 87023 ***
https://bugs.launchpad.net/bugs/87023
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/61059
This has already been solved by adding cautious-launcher to .desktop
files that have MimeType and Exec lines, in line with the Ubuntu
Executable Bit Policy: https://wiki.ubuntu.com/SecurityTeam/Policies
#Execute-Permission%20Bit%20Required
$ egrep '^(Exec|MimeType)='
** This bug is no longer flagged as a security vulnerability
** Changed in: mono (Ubuntu)
Importance: Medium = Wishlist
** Summary changed:
- mono has an executable stack
+ mono has an executable stack on 32bit
--
You received this bug notification because you are a member of Ubuntu
Bugs,
Public bug reported:
gnutls-cli -V --x509cafile /etc/ssl/certs/ca-certificates.crt -p 443
www.verisign.com
...
*** Verifying server certificate failed...
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: gnutls-bin 2.8.6-1ubuntu2
ProcVersionSignature: Ubuntu 2.6.38-8.42-generic 2.6.38.2
** Tags added: regression-release
** Changed in: gnutls26 (Ubuntu)
Assignee: (unassigned) = Canonical Foundations Team
(canonical-foundations)
** Also affects: gnutls26 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: gnutls26 (Ubuntu Maverick)
Importance:
Public bug reported:
http://samples.mplayerhq.hu/tta/sf_44khz_stereo_16bit.tta no longer
plays correctly in gstreamer (compare to mplayer).
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: gstreamer0.10-plugins-bad 0.10.21-1ubuntu11
ProcVersionSignature: Ubuntu 2.6.38-8.42-generic 2.6.38.2
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/772092
Title:
TTA format handling regressed
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
I recognize this can get in some people's way, which is why I've tried
to demonstrate how to adjust the local system to retain the more open
permissions.
I am not saying they're hidden from being looked up externally (just
fetching the kernel package's System.map file is easiest). But because
the
it, it will
change the permissions back to 0644 automatically?
Shipping a pair of files in /etc/kernel/postinst.d/ and
/etc/kernel/postrm.d/ to call dpkg-statoverride --add and --remove
respectively is likely the cleanest approach to handling this.
--
Kees Cook
Ubuntu Security Team
--
You
This mode change is by design. For local admins that what to relax
this restriction, you can use dpkg-statoverride:
sudo dpkg-statoverride --add root root 0644 /boot/vmlinux-$(uname -r)
--update
To have this automatically happen with each new kernel, create
/etc/kernel/postinst.d/statoverride:
Sorry, that should be vmlinuz not vmlinux in the above examples. :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/759725
Title:
The kernel is no longer readable by non-root users
--
ubuntu-bugs
Reproducer, on i386 kernel, with vm.mmap_min_addr=0, thanks to Bart
Oldeman:
Create a debug script file (e.g. debug.scr) in ~/.dosemu/drive_c, that
is, dosemu's c:\
---snip---
a
nop
nop
int 3
t
g
q
---snip---
Then run
dosemu debug debug.scr
This will get both int1 and int3 active.
Try it a
Confirmed to be fixed...
With 2.6.35-29.50-generic: $ dmesg | grep NX
[0.00] Notice: NX (Execute Disable) protection cannot be enabled in
hardware: non-PAE kernel!
...
With 2.6.35-29.51-generic: $ dmesg | grep NX
[0.00] Notice: NX (Execute Disable) protection cannot be enabled
['SUDO_USER'],'./thread-prctl','0','0'])
File /home/kees/qa-regression-testing/scripts/testlib.py, line 839, in
assertShellExitEquals
self.assertEquals(expected, rc, msg + result + report)
AssertionError: Got exit code 2, expected 0
Command: 'sudo', '-u', 'kees', './thread-prctl', '0', '0'
Output
() with O_CREAT, you need to include the file mode as
well.
--
Kees Cook
Ubuntu Security Team
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/669894
Title:
fcntl2.h:51: error: call
*** This bug is a duplicate of bug 659738 ***
https://bugs.launchpad.net/bugs/659738
** This bug has been marked a duplicate of bug 659738
Duplicate welcome message in motd
* You can subscribe to bug 659738 by following this link:
** Also affects: sysvinit (Ubuntu Lucid)
Importance: Undecided
Status: New
** Summary changed:
- Duplicate welcome message in motd after upgrade 10.0410.10
+ Duplicate welcome message in motd
** Changed in: sysvinit (Ubuntu Lucid)
Status: New = Triaged
** Changed in: sysvinit
This is fixed by upstream 6554287b1de0448f1e02e200d02b43914e997d15. Can
we include it in the next Lucid kernel update?
** Changed in: linux (Ubuntu)
Status: Expired = Confirmed
** Also affects: linux (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: linux
Public bug reported:
cyrus-sasl2-heimdal 2.1.23.dfsg1-5.1ubuntu1 is uninstallable with cyrus-
sasl2 2.1.23.dfsg1-5ubuntu3, and ftbfs due to heimdal changes, from what
I can see. I suspect the only way forward on this is to get cyrus-sasl2
2.1.23.dfsg1-6 (or, likely, newer) into natty which merges
Public bug reported:
cyrus-sasl2-heimdal 2.1.23.dfsg1-5.1ubuntu1 is uninstallable with cyrus-
sasl2 2.1.23.dfsg1-5ubuntu3, and ftbfs due to heimdal changes, from what
I can see. I suspect the only way forward on this is to get cyrus-sasl2
2.1.23.dfsg1-6 (or, likely, newer) into natty which merges
I've backported the changes from Debian into the cyrus-sasl2-heimdal
package, so no bump of cyrus-sasl2 itself should be needed.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/768707
Title:
801 - 900 of 8810 matches
Mail list logo