Thanks, Kazza. That certainly helped. I also had a word with Marc and we
reached to the conclusion that Stretch isn't affected with this
backporting problem.
Thanks, again! \o/
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Hello Utkarsh,
I've just quickly run through the steps in the original bug report
against a recent Debian Stretch docker image and as not able to
reproduce it.
Image tested:
$ docker images | grep stretch
debianstretch d74a4ce6ed8b 11 days ago 101MB
If you are concerned, I
Hi Kazza, Marc,
I was wondering if you can repro the same bug in Debian Stretch? Do you
have the capacity to test that as well, please? :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1934501
Here's the debconf bug report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1934501
Title:
CVE-2018-15473 patch introduce user enumeration
This isn't specific to the openssh update. Debian packages use tools
such as debconf that need to write to /tmp to function correctly.
** Bug watch added: Debian Bug tracker #223683
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223683
--
You received this bug notification because you are
Hi. I believe my Ubuntu systems just received this patch and I believe it
failed to install:
Can't exec "/tmp/openssh-server.config.neW0Pf": Permission denied at
/usr/share/perl/5.26/IPC/Open3.pm line 178.
open2: exec of /tmp/openssh-server.config.neW0Pf configure 1:7.6p1-4ubuntu0.3
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1934501
Title:
CVE-2018-15473 patch introduce user enumeration vulnerability
To