** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libcgroup in Ubuntu.
https://bugs.launchpad.net/bugs/1093661
Title:
cgrulesengd fails to start
To manage notifications
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
*** This bug is a security vulnerability ***
Public security bug reported:
Currently, the entropy pool is seeded by /etc/init.d/urandom. This
should be done earlier in the boot process by an upstart job, and should
be done before the ssh daemon is started.
Although the ssh keys are generated on
)
Importance: Medium
Assignee: Marc Deslauriers (mdeslaur)
Status: In Progress
** Affects: mysql-dfsg-5.1 (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: mysql-5.1 (Ubuntu Lucid)
Importance: Undecided
Status: Invalid
** Affects: mysql-5.5 (Ubuntu
Introduced in 5.3.9 by:
http://git.php.net/?p=php-
src.git;a=commitdiff;h=095cbc48a8f0090f3b0abc6155f2b61943c9eafb
Fixed in 5.3.14 by:
http://git.php.net/?p=php-
src.git;a=commitdiff;h=270a406ac94b5fc5cc9ef59fc61e3b4b95648a3e
--
You received this bug notification because you are a member of
CVE requested:
http://www.openwall.com/lists/oss-security/2013/01/18/5
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1099793
Title:
php 5.3.10 openssl_encrypt empty data
To manage
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-6113
** Also affects: php5 (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: php5 (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: php5 (Ubuntu Raring)
Importance:
** Changed in: php5 (Ubuntu Raring)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1099793
Title:
php 5.3.10 openssl_encrypt empty data
To
** Changed in: php5 (Ubuntu Precise)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1099793
Title:
php 5.3.10 openssl_encrypt
This is likely fixed with the qemu version in raring. Unsubscribing
ubuntu-sponsors.
** Also affects: qemu (Ubuntu)
Importance: Undecided
Status: New
** Also affects: qemu (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: qemu-kvm (Ubuntu Quantal)
Debdiff looks good. ACK. Uploaded to precise-proposed.
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1061244
Title:
Fix net rpc share allowedusers to work with 2008r2
To
Blueprint changed by Marc Deslauriers:
Work items changed:
Work items:
[serge-hallyn] Have virbr0 not be set to autostart if it's network is in use:
DONE
[stefan-bader-canonical] watch for libxl patches for xen 4.2: TODO
- [mdeslaur] make sure OVMF support in virt-manager is sufficient
tomcat7 in oneiric is vulnerable to the following CVEs:
CVE-2011-3375
CVE-2011-3376
CVE-2011-4858
CVE-2012-0022
CVE-2012-2733
CVE-2012-3546
CVE-2012-4431
CVE-2012-4534
CVE-2012-5568
CVE-2012-5885
CVE-2012-5886
CVE-2012-5887
See the CVE tracker for more information:
Unsubscribing ubuntu-security-sponsors for now, please re-subscribe when
a new debdiff is available. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7 in Ubuntu.
https://bugs.launchpad.net/bugs/1115053
Title:
Parameter
I was waiting for 2.66 to come out.
Simon, is a 2.66 release planned soon?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dnsmasq in Ubuntu.
https://bugs.launchpad.net/bugs/1126488
Title:
libvirt instance of dnsmasq in raring
This is the actual bug:
https://bugzilla.redhat.com/show_bug.cgi?id=904940
** Bug watch added: Red Hat Bugzilla #904940
https://bugzilla.redhat.com/show_bug.cgi?id=904940
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dnsmasq in
I've successfully run the QRT test script on the versions in precise-
proposed and quantal-proposed.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/1117761
Title:
SRU Tracking Bug
** Information type changed from Public Security to Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in Ubuntu.
https://bugs.launchpad.net/bugs/1121526
Title:
False positives on trojans (Trojan.Agent-132354)
To manage
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
https://bugs.launchpad.net/bugs/1129029
Title:
ACL not respected if an attachment file name contains the €
Thanks for the updated debdiff. Unfortunately, I am also getting the
following additional test suite failure:
output/build/logs/TEST-org.apache.catalina.core.TestAsyncContextImpl.BIO.txt:
Tests run: 32, Failures: 1, Errors: 0, Time elapsed: 75.853 sec
This definitely needs to be tracked down
Unsubscribing ubuntu-security-sponsors for now. Please resubscribe after
a precise debdiff has been attached. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7 in Ubuntu.
https://bugs.launchpad.net/bugs/1115053
Title:
*** This bug is a security vulnerability ***
Public security bug reported:
This is the tracking bug for the 0.97.7 security update.
** Affects: clamav (Ubuntu)
Importance: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: Fix Released
** Affects: clamav (Ubuntu Lucid
)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: clamav (Ubuntu Oneiric)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: clamav (Ubuntu Precise)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: clamav (Ubuntu Quantal
This is fixed now: http://www.ubuntu.com/usn/usn-1783-1/
** Project changed: bind = bind9 (Ubuntu)
** Changed in: bind9 (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1167394
Title:
segfaults with php-fpm and current php5-memcached
To manage
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Also affects: tomcat7 (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: tomcat7 (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: tomcat7 (Ubuntu Raring)
Importance: Undecided
Status: New
** Also affects: tomcat7 (Ubuntu
Looks like packages.ubuntu.com is out of date:
https://launchpad.net/ubuntu/+source/tomcat7/7.0.40-2
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7 in Ubuntu.
https://bugs.launchpad.net/bugs/1178645
Title:
tomcat7 needs
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Also affects: openvpn (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: openvpn (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: openvpn (Ubuntu Saucy)
Importance: Undecided
Status: New
** Also affects: openvpn (Ubuntu
Thanks for the merge request.
We rate this security vulnerability as being low priority, which means
we will not publish a security update for it unless another more
important issue turns up in openvpn, at which point we will bundle both
updates together.
I am unsubscribing
For the maas SRU to precise in 1109283, these dependencies need to be
promoted to main. This has an impact on security maintenance for
precise. Since this removes the cobbler code copy from the maas package
in precise, I am ok with the tradeoff.
ACK from the security team for promoting the
We are tracking this issue here:
http://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2013-1862
Since this issue has been rated as having a low priority, we will not
be releasing a security update until more important issues are found, at
which point the security update will bundle them.
We currently have openssl packages in -proposed which disable ssl
compression by default.
Please test them, and comment in bug #1187195 if they resolve your
issue.
Thanks.
** Information type changed from Private Security to Public Security
** Changed in: postfix (Ubuntu)
Status: New =
The parent process never drops privileges, only the child process which
is handling a connection drops privileges. You need to look at the
privileges of the child during a connection.
I am closing this bug. If you can demonstrate that the child process
isn't dropping privileges, please feel free
Thanks, we've fixed the date at the top of the file.
That file is the authoritative list of packages supported by the
security team, and contains the list the packages we deemed able to
support for 5 years instead of the base 3 years.
The puppet version in Lucid is ancient, is no longer
I'll also investigate if we can get the puppet version from Precise into
lucid-backports.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1192367
Title:
No security release provided
As commented in the merge request, since upstream fixed this in a
different way, I don't think we should be carrying a distro patch just
to get some more debugging information.
NACK.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
On 13-06-20 01:58 PM, Alex Vandiver wrote:
On Wed, 2013-06-19 at 11:55 +, Marc Deslauriers wrote:
That file is the authoritative list of packages supported by the
security team, and contains the list the packages we deemed able to
support for 5 years instead of the base 3 years
Since there is no actionable item, I am marking this bug as Won't fix.
Thanks.
** Information type changed from Public Security to Public
** Changed in: puppet (Ubuntu)
Status: New = Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
** Information type changed from Private Security to Public Security
** Changed in: apache2 (Ubuntu)
Status: New = Confirmed
** Changed in: apache2 (Ubuntu)
Importance: Undecided = Wishlist
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
Subscribing ubuntu-security-sponsors for the hardy tomcat5.5 update.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
CVE-2011-3190 Apache Tomcat Authentication bypass
Thanks for the branches. Tomcat6 updates have already been prepared by
the security team, and are currently being tested.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/843701
Title:
Added tomcat5.5 task and re-subscribed ubuntu-security-sponsors since
there's a tomcat5.5 branch linked here for sponsoring.
** Also affects: tomcat5.5 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: tomcat5.5 (Ubuntu Lucid)
Status: New = Invalid
** Changed in:
Looks like a libvirt issue, reassigning.
** Package changed: virt-manager (Ubuntu) = libvirt (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in Ubuntu.
https://bugs.launchpad.net/bugs/868753
Title:
qemu+ssh
** Changed in: elinks (Ubuntu)
Assignee: 杨敏 (mandy9337) = (unassigned)
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to elinks in Ubuntu.
https://bugs.launchpad.net/bugs/769354
Title:
elinks
** Also affects: php5 (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: php5 (Ubuntu Lucid)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
** Also affects: php5 (Ubuntu Hardy)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/852865
Title:
strrchr() functions information leak
To
1.4.6 is now in Precise. I'm closing this bug.
** Changed in: munin (Ubuntu)
Status: Triaged = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to munin in Ubuntu.
https://bugs.launchpad.net/bugs/840386
Title:
This looks like it only affects Natty...
** Changed in: puppet (Ubuntu Lucid)
Status: New = Invalid
** Changed in: puppet (Ubuntu Maverick)
Status: New = Invalid
** Changed in: puppet (Ubuntu Oneiric)
Status: New = Invalid
** Changed in: puppet (Ubuntu Precise)
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Package changed: ubuntu = php5 (Ubuntu)
** Summary changed:
- ubuntu 11.10 apache session
+ php
** Visibility changed to: Public
** Visibility changed to: Public
** Changed in: openldap (Ubuntu)
Status: New = Confirmed
** Changed in: openldap (Ubuntu)
Importance: Undecided = Medium
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
This is fixed already, see:
http://www.ubuntu.com/usn/usn-1126-1/
** Visibility changed to: Public
** Visibility changed to: Public
** Changed in: php5 (Ubuntu)
Status: New = Invalid
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed
Synced:
[ubuntu/precise] puppet 2.7.6-1 (Accepted)
** Changed in: puppet (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/882507
This has been published now:
http://www.ubuntu.com/usn/usn-1264-1/
** Visibility changed to: Public
** Changed in: bind9 (Ubuntu)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/900553
Title:
Any user can manage the keystone database via keystone-manage
You can download the previous version from this page:
For i386:
https://launchpad.net/~ubuntu-security/+archive/ppa/+build/2844451
For amd64:
https://launchpad.net/~ubuntu-security/+archive/ppa/+build/289
Please indicate if downgrading has worked for you.
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-4858
** Also affects: tomcat6 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: tomcat6 (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: tomcat6 (Ubuntu Oneiric)
** Also affects: php5 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: php5 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: php5 (Ubuntu Maverick)
Importance: Undecided
Status: New
** Also affects: php5 (Ubuntu Hardy)
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see
Thanks for the debdiffs. Sorry for the delay in reviewing them.
ACK for maverick, natty and oneiric. They are being built now and will
be released in a few hours.
NACK for lucid. There seems to be a line missing in the CVE-2011-3205
patch. Could you please check, and attach a fixed debdiff?
Maverick-Oneiric have been released now, and will appear in mirrors in
the next few hours.
** Changed in: squid3 (Ubuntu Maverick)
Status: Fix Committed = Fix Released
** Changed in: squid3 (Ubuntu Natty)
Status: Fix Committed = Fix Released
** Changed in: squid3 (Ubuntu Oneiric)
Only affects lucid.
** Changed in: squid3 (Ubuntu Maverick)
Status: New = Invalid
** Changed in: squid3 (Ubuntu Natty)
Status: New = Invalid
** Changed in: squid3 (Ubuntu Oneiric)
Status: New = Invalid
--
You received this bug notification because you are a member of
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/915941
Title:
overlayfs does not honor lxc-related permissions
To manage
This is CVE-2012-0055
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-0055
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/915941
Title:
overlayfs does not honor
debdiff looks good. ACK. I'm building the package now and will release
it today.
Thanks!
** Changed in: squid3 (Ubuntu Lucid)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
*** This bug is a duplicate of bug 909828 ***
https://bugs.launchpad.net/bugs/909828
** This bug has been marked a duplicate of bug 909828
Tomcat needs update to prevent hash function DoS attack
--
You received this bug notification because you are a member of Ubuntu
Server Team, which
There are now updated tomcat6 packages that fix this issue, and
CVE-2012-0022 in -proposed. Since the patch is quite intrusive, they
will stay in -proposed until they get some testing.
If you would like to help, please enable -proposed, test the updates,
and post your results here.
Thanks.
**
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
** Changed in: libcgroup (Ubuntu)
Status: New = Confirmed
** Changed in: libcgroup (Ubuntu)
Importance: Undecided = Medium
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libcgroup in Ubuntu.
** Also affects: linux (Ubuntu Precise)
Importance: Undecided
Status: Confirmed
** Also affects: lxc (Ubuntu Precise)
Importance: High
Status: Confirmed
** Changed in: linux (Ubuntu Precise)
Milestone: None = ubuntu-12.04-beta-1
** Tags added: rls-p-tracking
--
You
SRU team: This is a security update. If the packages have the required
testing to publish, please let the security team know so we can publish
the USN and push it to -security also. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed
: New = Confirmed
** Changed in: apache2 (Ubuntu Precise)
Status: Incomplete = Fix Released
** Changed in: apache2 (Ubuntu Precise)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
** Changed in: apache2 (Ubuntu Hardy)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur
Thanks for the debdiff.
Seems to me removing all the permission setting in the postinst is the
wrong way to fix this. How are those permissions going to get setup?
How about doing something like this instead?
test -f $en/resource.cfg setperm root nagios 0640 $en/resource.cfg
NACK on the
Ah! that makes sense. Thanks for the new information.
ACK on the debdiff. The only change I will do before uploading is
changing the version to 3.2.3-3ubuntu1 since we now have a Ubuntu delta.
** Changed in: nagios3 (Ubuntu)
Status: Confirmed = Fix Committed
--
You received this bug
-5.1 (Ubuntu Lucid)
Importance: Undecided
Status: Invalid
** Affects: mysql-dfsg-5.1 (Ubuntu Lucid)
Importance: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: Confirmed
** Affects: mysql-5.1 (Ubuntu Maverick)
Importance: Undecided
Assignee: Marc
** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
Status: New = Confirmed
** Changed in: mysql-dfsg-5.0 (Ubuntu Hardy)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: mysql-dfsg-5.0 (Ubuntu Lucid)
Status: New = Invalid
** Changed in: mysql-dfsg-5.0 (Ubuntu Maverick
** Changed in: mysql-dfsg-5.1 (Ubuntu)
Status: In Progress = Fix Released
** Changed in: mysql-dfsg-5.0 (Ubuntu)
Status: In Progress = Fix Released
** Changed in: mysql-5.1 (Ubuntu)
Status: In Progress = Fix Released
--
You received this bug notification because you are a
Ubuntu backports security fixes into stable releases. The php version in
Lucid gets all security fixes. Here are the latest ones:
http://www.ubuntu.com/usn/usn-1358-1/
See our FAQ:
https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions
** Visibility changed to: Public
** Changed in: php5 (Ubuntu)
Chris,
A couple of comments on your debdiff:
1- Could you change the version to 5.0.5-0ubuntu6.1
2- Could you add some tags to your patch to explain it's provenance (See
http://dep.debian.net/deps/dep3/)
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Server
: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: Confirmed
** Affects: mysql-5.1 (Ubuntu Maverick)
Importance: Undecided
Assignee: Marc Deslauriers (mdeslaur)
Status: Confirmed
** Affects: mysql-5.5 (Ubuntu Maverick)
Importance: Undecided
Status
This is how the smb protocol browsing is designed to function.
If you don't want your workstation to act as a master browser, you need
to turn off the options in smb.conf. Maybe something like this?
[global]
domain master = no
local master = no
preferred master = no
os level = 0
** Visibility
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler in Ubuntu.
https://bugs.launchpad.net/bugs/974460
Title:
cobbler-ubuntu-import does not check gpg signatures
To manage notifications about
CVE requested: http://www.openwall.com/lists/oss-security/2012/04/10/8
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler in Ubuntu.
https://bugs.launchpad.net/bugs/974460
Title:
cobbler-ubuntu-import does not check gpg
This is CVE-2012-2092
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-2092
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler in Ubuntu.
https://bugs.launchpad.net/bugs/974460
Title:
cobbler-ubuntu-import
ACK on the debdiff, uploaded to Precise.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/978708
Title:
[Precise] puppet is vulnerable to CVE-2012-1906 and CVE-2012-1986
through
*** This bug is a duplicate of bug 978458 ***
https://bugs.launchpad.net/bugs/978458
** This bug has been marked a duplicate of bug 978458
CVE-2012-1182: root credential remote code execution
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
** Changed in: mysql-dfsg-5.0 (Ubuntu)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-dfsg-5.0 in Ubuntu.
https://bugs.launchpad.net/bugs/988325
Title:
mysql-server
Four-octet AS Number Capability
- CVE-2012-0249
- CVE-2012-0250
- CVE-2012-0255
** Affects: quagga (Ubuntu)
Importance: Medium
Status: Fix Released
** Affects: quagga (Ubuntu Lucid)
Importance: Medium
Assignee: Marc Deslauriers (mdeslaur)
Status
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
1 - 100 of 12536 matches
Mail list logo