[Bug 1784796] Re: apt update fails - 'std::runtime_error' what(): random_device::__x86_rdrand(void)

Any recommendation how to update if you can't update due to this bug? "apt update" will always fail, so no matter if it's a kernel or apt update I need, I won't get it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 1784796] Re: apt update fails - 'std::runtime_error' what(): random_device::__x86_rdrand(void)

Hi, can someone with the permission please re-open? I'm seeing this on a relatively recent system (18.04, updates have been successfully done lately), so it's definitely not fixed since august last year. -- You received this bug notification because you are a member of Ubuntu Bugs, which is

[Bug 1752831] Re: memcached should disable UDP by default

This got CVE-2018-1000115 assigned. ** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2018-1000115 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1752831 Title: memcached should disable

[Bug 1752831] [NEW] memcached should disable UDP by default

Public bug reported: Memcached is currently involved in some massive ddos attacks, see e.g.: https://blog.cloudflare.com/memcrashed-major-amplification-attacks-from-port-11211/ The UDP protocol of memcached can be abused for very effective DDoS amplification attacks and should therefore be

[Bug 1619240] [NEW] www.ubuntu.com does not support HTTS, https://ubuntu.com forwards to http

Public bug reported: The main Ubuntu webpage does not support HTTPS. I think this is a severe security risk, as software distribution security is an increasing issue. Currently trying to access www.ubuntu.com over https gives an error and trying ubuntu.com with https forwards to the http version

[Bug 1510163] Re: Poodle TLS1.0 issue in Trusty (and Precise)

Took me a bit longer, but blogpost is now public and explains the issue in detail including its history and first incomplete fix: https://blog.hboeck.de/archives/877-A-little-POODLE-left-in-GnuTLS-old-versions.html -- You received this bug notification because you are a member of Ubuntu Bugs,

[Bug 1448629] [NEW] tlsdate default settings set time to random value

Public bug reported: tlsdate sets the time based on a TLS timestamp from a TLS server. The tlsdate tool comes preconfigured with the server www.ptb.de. However that server now randomizes the timestamp, possibly causing lots of trouble. A possibility to fix this would be to use www.google.com. As

[Bug 1448637] [NEW] tlsdate restart does not work / can't kill processes

Public bug reported: On trusty, when I do /etc/init.d/tlsdate restart it will start a new instance of tlsdated. However it will not end the existing instance, hence resulting in two instances of tlsdated running (which is certainly not good and will probably cause trouble). I even can't kill

[Bug 1039420] Re: NTP security vulnerability because not using authentication by default

Has Ubuntu considered using tlsdate instead of ntp? I think it's the only working secure solution right now. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security

[Bug 1039420] Re: NTP security vulnerability because not using authentication by default

Has Ubuntu considered using tlsdate instead of ntp? I think it's the only working secure solution right now. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security vulnerability

[Bug 195848] Re: vpnc with Hybrid-Auth enabled?

Stepped over this one recently, there's a fine working gnutls-version of vpnc available in upstreams svn, though no release. I'd suggest Ubuntu makes a package of vpnc from the svn snapshot (Gentoo does so), development seems quite inactive so probably no release soon. -- vpnc with Hybrid-Auth

Re: [Bug 488709] Re: Please remove hard coded jabber file proxy

It takes some two hours to sync to all the mirrors. It's now been two days and it's only in lucid, not in karmic. -- Please remove hard coded jabber file proxy https://bugs.launchpad.net/bugs/488709 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed

[Bug 488709] Re: Please remove hard coded jabber file proxy

Can you please push this to karmic? As I said above, this causes several connections per minute on our servers and eating our ressources, it's been nearly a month since my report, I don't want to wait for that till the release of lucid. urgency=low makes me feel you don't care much. -- Please

Re: [Bug 488709] Re: Please remove hard coded jabber file proxy

Am Montag 21 Dezember 2009 schrieben Sie: Hanno Böck [2009-12-21 16:39 -]: Can you please push this to karmic? Already done, see above comments. I don't know if I'm getting something wrong here, but I just tried downloading the latest telepathy-gabble package from packages.ubuntu.com

[Bug 403408] Re: Grub 2 problem, error: no such device

Ubuntu-devs, can you please put a HIGH priority on this one and NOT release any more kernel or grub updates till this is fixed? I just got the problem on someones machine where I've worked around it recently. The new kernel update regeerated the grub config and the problem was back again. --

[Bug 488709] [NEW] Please remove hard coded jabber file proxy

Public bug reported: Binary package hint: telepathy-gabble Hi, our jabber file proxy (proxy.schokokeks.org) was part of telepathy- gabble source without our knowledge. Due to a serious bug within telepathy (#487313) this causes several connections per minute to our server. We were never asked