My current branch for this is here:
https://github.com/kees/linux/commits/seccomp_filter
but it's against upstream, not precise.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/887780
Title:
Oh, wait, I forgot about the work I already did. :P So, I did rebase it to
precise already, but back in October, so it needs re-rebasing, and amending to
add the right SAUCE headers:
https://github.com/kees/linux/commits/ubuntu-precise
--
You received this bug notification because you are a
The problem is that parted treats local files (as used by vmbuilder)
differently from actual disk files, and changes the sector size
accordingly (without an option to change it). As a result, the partition
start locations are too small for grub2 to install. I had originally
reproduced this by
The problem is that parted treats local files (as used by vmbuilder)
differently from actual disk files, and changes the sector size
accordingly (without an option to change it). As a result, the partition
start locations are too small for grub2 to install. I had originally
reproduced this by
This still needs fixing, unfortunately. env is called without a fully
qualified path, which means a malicious PATH can still cause problems.
(Again, only in the case of having pam_motd added to non-default pam
service configs that are local setuid applications.)
** Also affects: pam (Ubuntu
** Also affects: libdvdread (Ubuntu)
Importance: Undecided
Status: New
** Changed in: libdvdread
Status: New = Confirmed
** Changed in: libdvdread (Ubuntu)
Status: New = Triaged
** Also affects: libdvdread (Ubuntu Oneiric)
Importance: Undecided
Status: Triaged
The cross compiler should produce the same results as the native compiler.
Since hardening is enabled there, it should be enabled in the
cross-compiler too.
This looks like a specific problem with the glibc build. IIRC, fortify was
explicitly disabled for glibc builds in Ubuntu. doko would know
I feel like it's a pretty straight forward thing to test. Either gdb has
sensible output or it doesn't for this patch. :) That said, I was hoping to
see the Maverick SRU finished first so that the even more invasive Lucid
patch would then have the Maverick SRU to stand on for supporting evidence
I won't be able to test until the weekend, unfortunately. But then, yes.
:)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/833891
Title:
lvscan often times out during boot
To manage notifications
udev doesn't do anything with the RUN exit code, so I suspect that'll be fine.
Note that daemonizing needs to
be written still. Did detecting PVs not work?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
On Fri, Sep 23, 2011 at 11:23:33PM -, Serge Hallyn wrote:
Does that make any sense? It might mess up the use off watershed
though.
watershed is there to keep multiple invocations of effectively the same
event in check. For example, each time a pv appears, we attempt to activate
all VGs.
On Thu, Sep 22, 2011 at 04:57:13AM -, Martin Pitt wrote:
This is quite an intrusive patch, maverick's gdb is not totally broken,
and maverick certainly isn't a very active development platform any
more. Given the regression potential and that this is not a serious
issue for users, I have
If anyone can't wait for updates, removing the keyring URI from /usr/bin
/apt-key should disable the fetch:
#ARCHIVE_KEYRING_URI=http://archive.ubuntu.com/ubuntu/project/ubuntu-archive-keyring.gpg
ARCHIVE_KEYRING_URI=
--
You received this bug notification because you are a member of Ubuntu
** Changed in: gdb (Ubuntu Maverick)
Status: Confirmed = Fix Committed
** Changed in: gdb (Ubuntu Lucid)
Status: Confirmed = In Progress
** Changed in: gdb (Ubuntu Maverick)
Assignee: (unassigned) = Kees Cook (kees)
** Changed in: gdb (Ubuntu Lucid)
Assignee: (unassigned
*** This bug is a duplicate of bug 680588 ***
https://bugs.launchpad.net/bugs/680588
** Also affects: gdb (Ubuntu Lucid)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
*** This bug is a duplicate of bug 680588 ***
https://bugs.launchpad.net/bugs/680588
** This bug has been marked a duplicate of bug 680588
gcore produces core file without backtrace capability
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
** Changed in: gdb (Ubuntu Lucid)
Importance: Undecided = Low
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/680588
Title:
gcore produces core file without backtrace capability
To manage
** Also affects: gdb (Ubuntu Lucid)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/680588
Title:
gcore produces core file without backtrace capability
To
** Changed in: ubuntu-qa-tools (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/852188
Title:
Please remove ubuntu-qa-tools from the archive
To manage
Hm, it would be nice to know what was changed in the package to fix it.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/838975
Title:
weird pthread/fork race/deadlock
To manage notifications about
Can you include a full dump of /proc/partitions, /proc/mdstat, vgs
output, and lvs output?
(and FWIW, I have a full LVM-on-md setup and have never encountered
this.)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
This is a step in the right direction (regex arg filtering is better
than filename-glob filtering), but I think this probably needs to have
even more logic built in. For example, running ip ... $interface ...
might need logic to have the wrapper look up the interface and decide if
it is actually a
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
This is a step in the right direction (regex arg filtering is better
than filename-glob filtering), but I think this probably needs to have
even more logic built in. For example, running ip ... $interface ...
might need logic to have the wrapper look up the interface and decide if
it is actually a
Looks good, thanks!
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/838041
Title:
linux-mvl-dove:
Looks good, thanks!
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/848246
Title:
linux: 2.6.38-11.50
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: Fix Committed = Fix Released
** Description changed:
The skb_gro_header_slow function in include/linux/netdevice.h in the
Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is
enabled, resets certain fields in
** Changed in: linux-ec2 (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: New = Fix Released
** Changed in: linux-mvl-dove (Ubuntu Maverick)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Lucid)
Status: New =
** Changed in: linux-ec2 (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-lts-backport-natty (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Maverick)
** Changed in: linux-ec2 (Ubuntu Lucid)
Status: New = Invalid
** Changed in: linux-lts-backport-natty (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: New = Invalid
** Changed in: linux-mvl-dove (Ubuntu Maverick)
Status:
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/838421
Title:
CVE-2011-2213
To manage notifications about
** Changed in: linux-ec2 (Ubuntu Lucid)
Status: In Progress = Fix Committed
** Changed in: linux-lts-backport-natty (Ubuntu Lucid)
Status: In Progress = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: In Progress = Fix Committed
** Changed in:
** Description changed:
Dan Kaminsky pointed out that using partial MD4 and using that to
generate a sequence number, of which only 24-bits are truly unguessable,
seriously undermine the goals of random sequence number generation.
+
+ Break-Fix: - bc0b96b54a21246e377122d54569eef71cec535f
+
** Changed in: linux-lts-backport-natty (Ubuntu Lucid)
Status: In Progress = Fix Committed
** Changed in: linux-lts-backport-maverick (Ubuntu Lucid)
Status: In Progress = Fix Committed
** Description changed:
The befs_follow_link function in fs/befs/linuxvfs.c in the Linux
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/834121
Title:
CVE-2011-2918
To manage notifications about
** Changed in: linux-ti-omap4 (Ubuntu Maverick)
Status: Fix Committed = Fix Released
** Changed in: linux-fsl-imx51 (Ubuntu Lucid)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: linux-ti-omap4 (Ubuntu Maverick)
Status: Fix Committed = Fix Released
** Changed in: linux-fsl-imx51 (Ubuntu Lucid)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: linux-ti-omap4 (Ubuntu Maverick)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/791918
Title:
CVE-2011-1746
To manage notifications about
** Changed in: linux-ti-omap4 (Ubuntu Maverick)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/768448
Title:
CVE-2011-0712
To manage notifications about
** Changed in: librsvg (Ubuntu)
Status: Triaged = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/825497
Title:
eog crashed with SIGSEGV in rsvg_filter_primitive_render()
To
Quick notes:
* should use /run instead of /var/run
* while it's nice to have the sudoers split, the sudoers fragment is wildly
permissive (chown as root is trivial to exploit). I would recommend specific
helper scripts that validate the logic of the requested dangerous commands (see
the
Quick notes:
* should use /run instead of /var/run
* while it's nice to have the sudoers split, the sudoers fragment is wildly
permissive (chown as root is trivial to exploit). I would recommend specific
helper scripts that validate the logic of the requested dangerous commands (see
the
** Visibility changed to: Public
** Changed in: librsvg (Ubuntu)
Assignee: Kees Cook (kees) = (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/825497
Title:
eog crashed with SIGSEGV
Thanks for the bug report and helping to make Ubuntu better!
You can look at /proc/$pid/maps too instead of going through gdb. What
you're seeing is the fact that the pidgin maintainer has not chosen to
build pidgin as a PIE binary. This is required for the text segment
(main program area) to be
It's different from the debian bug (that was already fixed). I think the
problem is the renaming of /usr/include/asm to /usr/include/asm-generic.
Not sure what's causing it, but h2ph can be used to build each missing
.ph file as a work-around.
** Changed in: perl (Ubuntu)
Status: New =
I tweaked colin's state machine patch slightly, see attached.
** Attachment added: debian-changes-0.05-1ubuntu1
https://bugs.launchpad.net/ubuntu/+source/libdevel-bt-perl/+bug/842640/+attachment/2369383/+files/debian-changes-0.05-1ubuntu1
** Changed in: libdevel-bt-perl (Ubuntu)
*** This bug is a security vulnerability ***
Public security bug reported:
The cifs_close function in fs/cifs/file.c in the Linux kernel before
2.6.39 allows local users to cause a denial of service (NULL pointer
dereference and BUG) or possibly have unspecified other impact by
setting the
CVE-2011-1771
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
*** This bug is a security vulnerability ***
Public security bug reported:
Red Hat Enterprise Virtualization (RHEV) Hypervisor allows remote
attackers to cause a denial of service via unspecified vectors that
cause the napi_reuse_skb function to be used on VLAN packets, which
triggers (1) a
CVE-2011-1576
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
*** This bug is a security vulnerability ***
Public security bug reported:
The is_gpt_valid function in fs/partitions/efi.c in the Linux kernel
before 2.6.39 does not check the size of an Extensible Firmware
Interface (EFI) GUID Partition Table (GPT) entry, which allows
physically proximate
CVE-2011-1776
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
*** This bug is a security vulnerability ***
Public security bug reported:
Multiple buffer overflows in the si4713_write_econtrol_string function
in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4
on the N900 platform might allow local users to cause a denial of
service or
CVE-2011-2700
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
*** This bug is a security vulnerability ***
Public security bug reported:
The key_replace_session_keyring function in security/keys/process_keys.c
in the Linux kernel before 2.6.39.1 does not initialize a certain
structure member, which allows local users to cause a denial of service
(NULL
CVE-2011-2184
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
** Changed in: linux (Ubuntu Oneiric)
Status: New = Fix Committed
** Changed in: linux-ti-omap4 (Ubuntu Oneiric)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: linux-ec2 (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Maverick)
Status: New = Fix Committed
** Changed in: linux (Ubuntu Lucid)
Status: New =
*** This bug is a security vulnerability ***
Public security bug reported:
The skb_gro_header_slow function in include/linux/netdevice.h in the
Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is
enabled, resets certain fields in incorrect situations, which allows
remote
CVE-2011-2723
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
Looks good, thanks!
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/838037
Title:
linux-ti-omap4:
Looks good, thanks!
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/837803
Title:
linux-mvl-dove:
Looks good, thanks!
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/837802
Title:
linux-fsl-imx51:
Looks good, thanks!
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/838043
Title:
I'm fine with going ahead -- I think this regression test has some
timing flaws. Since it only ever shows select in the failure output, I
believe this to be viewing the non-setuid process kernel stack, which is
fine. Since it doesn't fail on some runs, that's a good sign that things
are okay.
Thanks again for the report! Since the package referred to in this bug
is in universe or multiverse, it is community maintained. If you are
able, I suggest posting a debdiff for this issue. When a debdiff is
available, members of the security team will review it and publish the
package. See the
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
Looks good, thanks!
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/837449
Title:
linux: 2.6.35-30.59
Gcc seems to be generating a 4-byte wide strlen scanner during -O3 which
is tripping up valgrind. I'm not sure if this should be considered a gcc
bug or a valgrind bug:
-O1:
4005a2: b8 00 00 00 00 mov$0x0,%eax
4005a7: 48 c7 c1 ff ff ff ffmov
** Changed in: kernel-sru-workflow/security-signoff
Status: Confirmed = In Progress
** Changed in: kernel-sru-workflow/security-signoff
Assignee: Canonical Security Team (canonical-security) = Kees Cook (kees)
--
You received this bug notification because you are a member of Ubuntu
Looks good, thanks.
** Changed in: kernel-sru-workflow/security-signoff
Status: In Progress = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/836914
Title:
linux: 2.6.32-34.76
** Description changed:
cifs: singedness issue in CIFSFindNext()
+
+ Break-Fix: - c32dfffaf59f73bbcf4472141b851a4dc5db2bf0
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/834135
Title:
** Description changed:
- The Linux kernel contains a vulnerability in the driver for Be file
- systems that may lead to a kernel oops via a corrupted Be file system.
+ The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel
+ before 3.1-rc3 does not validate the length attribute
*** This bug is a security vulnerability ***
Public security bug reported:
Integer underflow in the l2cap_config_req function in
net/bluetooth/l2cap_core.c in the Linux kernel before 3.0 allows remote
attackers to cause a denial of service (heap memory corruption) or
possibly have unspecified
CVE-2011-2497
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
*** This bug is a security vulnerability ***
Public security bug reported:
The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux
kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which
allows local users to cause a denial of service (kernel infinite loop)
via
CVE-2011-2213
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
** Also affects: firefox (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: thunderbird (Ubuntu Lucid)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Public bug reported:
This is bug 717358 again, present in Oneiric now.
** Affects: gtk+2.0 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Also affects: gtk+2.0 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Changed in: gtk+2.0 (Ubuntu Oneiric)
Milestone: None = ubuntu-11.10-beta-2
** Changed in: gtk+2.0 (Ubuntu Oneiric)
Status: New = Confirmed
--
You received this bug notification because you are a
I'd like to defer this until the LTS.
** Changed in: ganglia (Ubuntu)
Assignee: Kees Cook (kees) = (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/801615
Title:
[MIR] ganglia
On the condition that python-carrot is removed before the LTS, +1 on
both.
** Changed in: python-carrot (Ubuntu)
Status: Incomplete = In Progress
** Changed in: kombu (Ubuntu)
Status: Incomplete = In Progress
--
You received this bug notification because you are a member of
** Changed in: linux-ec2 (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-lts-backport-natty (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: New = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Maverick)
** Changed in: linux-lts-backport-maverick (Ubuntu Lucid)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/827685
Title:
CVE-2011-2699
To manage
Public bug reported:
I have network manager configured to not manage any interfaces, yet it
wipes out /etc/resolv.conf anyway.
Current work-around: sudo chattr +i /etc/resolv.conf
ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: network-manager 0.9.0-0ubuntu1
ProcVersionSignature: Ubuntu
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/834912
Title:
network-manager wipes /etc/resolv.conf even when not managing any
interfaces
To manage notifications about this bug go to:
** Changed in: linux-ec2 (Ubuntu Lucid)
Status: In Progress = Fix Committed
** Changed in: linux-lts-backport-natty (Ubuntu Lucid)
Status: In Progress = Fix Committed
** Changed in: linux-mvl-dove (Ubuntu Lucid)
Status: In Progress = Fix Committed
** Changed in:
*** This bug is a security vulnerability ***
Public security bug reported:
The Linux kernel contains a vulnerability in the driver for Be file
systems that may lead to a kernel oops via a corrupted Be file system.
** Affects: linux (Ubuntu)
Importance: Low
Status: New
** Affects:
CVE-2011-2928
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
*** This bug is a security vulnerability ***
Public security bug reported:
Under certain circumstances software event overflows go wrong and
deadlock. Avoid trying to delete a timer from the timer callback.
Break-Fix: - a8b0ca17b80e92faab46ee7179ba9e99ccb61233
** Affects: linux (Ubuntu)
CVE-2011-2918
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
*** This bug is a security vulnerability ***
Public security bug reported:
Dan Kaminsky pointed out that using partial MD4 and using that to
generate a sequence number, of which only 24-bits are truly unguessable,
seriously undermine the goals of random sequence number generation.
** Affects:
CVE-2011-3188
** Also affects: linux (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-fsl-imx51 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: linux-lts-backport-maverick (Ubuntu Oneiric)
Importance: Undecided
Status:
301 - 400 of 8586 matches
Mail list logo