Thank You
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942489
Title:
no wired network option in ubuntu 20.10
To manage notifications about this bug go to:
Public bug reported:
I am new to Ubuntu. I have recently installed ubuntu 20.10. I get
wireles network but there is no option to connect to wired LAN network
connection.
** Affects: ubuntu
Importance: Undecided
Status: New
--
You received this bug notification because you are a
apport information
** Attachment added: "acpidump.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494541/+files/acpidump.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "UdevDb.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494539/+files/UdevDb.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "WifiSyslog.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494540/+files/WifiSyslog.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "RfKill.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494538/+files/RfKill.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "PulseList.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494537/+files/PulseList.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "ProcModules.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494536/+files/ProcModules.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "ProcInterrupts.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494535/+files/ProcInterrupts.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
apport information
** Attachment added: "ProcEnviron.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494534/+files/ProcEnviron.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "ProcCpuinfoMinimal.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494533/+files/ProcCpuinfoMinimal.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
apport information
** Attachment added: "ProcCpuinfo.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494532/+files/ProcCpuinfo.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "Lsusb-v.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494531/+files/Lsusb-v.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "Lsusb-t.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494530/+files/Lsusb-t.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "Lspci-vt.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494529/+files/Lspci-vt.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "Lspci.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494528/+files/Lspci.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "IwConfig.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494527/+files/IwConfig.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "CRDA.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494525/+files/CRDA.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "CurrentDmesg.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494526/+files/CurrentDmesg.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
roblemType: Bug
+ ApportVersion: 2.20.11-0ubuntu27.17
+ Architecture: amd64
+ AudioDevicesInUse:
+ USERPID ACCESS COMMAND
+ /dev/snd/controlC0: joy1439 F pulseaudio
+ CasperMD5CheckResult: skip
+ CurrentDesktop: ubuntu:GNOME
+ DistroRelease: Ubuntu 20.04
+ InstallationDate:
Public bug reported:
uso mi noterbook y de repente se apaga, al intentar prenderla tarda unos
min. con la imagen negra despues un destello blanco y se repite 3 veces
luego aparece la imagen violeta se queda unos minutos y hay recien
aparece el usuario y demas al iniciar lo hace pero despues
This second review will only document the areas that some difference was
found from the first review.
I reviewed pipewire 0.3.15-1 as checked into hirsute. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
- Build-Depends:
debhelper-compat (= 13),
** Changed in: pipewire (Ubuntu)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802533
Title:
[MIR] pipewire
To manage notifications about this bug go to:
This has been fixed in bionic. Already fixed in xenial.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1898078
Title:
FIPS OpenSSL crashes Python2.7 hashlib when using MD5
To manage notifications
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1731410
Title:
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1683378
Title:
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1690543
Title:
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1570359
Title:
Is this still an issue? Changing to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/153
Title:
Omnikey Cardreader
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1366152
Title:
System crash
Fixed in subsequent release. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1700104
Title:
package pcscd
This bug was not applicable to pcsc-lite package. Closing since no
activity and eol.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
This was fixed in subsequent release. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1090238
Title:
pcscd hangs
This is most likely fixed via pcscd starting from systemd in current
releases. Closing this since it has had no activity and has eol.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1004683
Title:
pcscd fails to
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/796893
Title:
Rutoken
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/795540
Title:
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/790502
Title:
If OS
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/776082
Title:
pcscd spams
This bug appears to have been fixed in an update. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/336815
Title:
Aladdin
** Description changed:
- The fix for #1835135 was not included into the python2.7 update. This
- bug has been opened to include it.
+ The fix for #1835135 was included into a python2.7 ver when python2.7
+ was updated, the fix was not included. It needs to be put pack into the
+ latest version
** Also affects: python2.7 (Ubuntu Groovy)
Importance: Undecided
Status: New
** Also affects: python2.7 (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: python2.7 (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: python2.7 (Ubuntu
Public bug reported:
The fix for #1835135 was not included into the python2.7 update. This
bug has been opened to include it.
** Affects: python2.7 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
pcsc-lite source package provides pcscd and libpcsclite1 and thus is
needed for smartcard deployment.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1892559
Title:
[MIR] ccid libpam-pkcs1
pcscd is required. When removed, I am not able to get any info from the
driver about the reader or the smartcard. pcscd loads the smartcard
driver and coordinates communications.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Hi Seth and Christian,
I did a smartcard setup and confirmed I did not have to use anything
from pcsc-tools. And pcsc-tools seem to depend on libpcsc-perl, so won't
need pcsc-perl either.
My "sudo apt install opensc" pulled in libccid, libpcslite1, opensc-
pkcs11 and pcscd binary packages. I
Reassigning so that necessary work is done to get pipewire updated,
building and working in groovy.
** Changed in: pipewire (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Hi, security team is wanting to do a MIR audit on pipewire for groovy.
Unfortunately, the current pipewire source downloaded from groovy does
not appear to have been updated nor does it build.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Verified this on both bionic and focal.
Testcase: (focal)
$ dpkg -l | grep libopenscap8
ii libopenscap8 1.2.16-2ubuntu3.1
amd64Set of libraries enabling integration of the SCAP line of standards
$ oscap oval eval --report cve-report.html
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
[Impact]
In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
ntpq uses crypto hashes to authenticate its requests. By default it uses
md5. However, when compiled with openssl it creates a lists of
acceptable hashes from openssl
** Summary changed:
- [fips] Not fully initialized digest segfaulting some client applications
+ [fips] ntpq segfaults when attempting to use MD5 from FIPS-openssl library.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: openssl (Ubuntu)
Assignee: (unassigned) => Joy Latten (j-latten)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfault
Additional testing for ntpq authentication to ensure MD5 still works for
ntpq in archive
NOTE: The shown testing is ntpq(with patch) + openssl from archive. To ensure
all still works.
Testing with ntpq + fips-openssl was also done successfully.
VM-A (ntp server)
1. Edit /etc/ntp.keys to
Testing:
There are no autopkgtests for ntp pkg and we do not run "make check" in
the tests dir as part of the build. So, just in case it is applicable, I
ran make check on my local build to ensure everything passes.
** Attachment added: "Results of running make check in ../tests directory"
** Description changed:
[Impact]
In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
- ntpq uses crypto hashes to authenticate its requests. By default it appears
to use an internal md5 implementation. However, when compiled with openssl it
creates a lists
** Description changed:
- In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
- segfault.
+ [Impact]
+ In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
+ ntpq uses crypto hashes to authenticate its requests. By default it appears
to use
Build log:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/19570468
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting some
debdiff for bionic
** Attachment added: "debdiff.bionic"
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1884265/+attachment/5391374/+files/debdiff.bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I added return checks to ntpq code and this appears to solve the
problem. Is it ok to make this an SRU?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized
Also, this is only applicable in bionic. Neither xenial nor focal
experience this issue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting
It seems 2 things are happening to generate this issue
1.fips-openssl in bionic has md5 and md5_sha1 in fips digest list with
explicit purpose of accommodating PRF use only in fips mode. But you
must pass the flag, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW to successfully use
them.
2. ntpq does not check
Investigating.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting some client
applications
To manage notifications about this bug go to:
** Tags added: verification-done-eoan
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865504
Title:
hwclock reports incorrect status in audit message
To
Successful verification on amd64 for bionic
$ dpkg -l | grep util-linux
ii util-linux2.31.1-0.4ubuntu3.6
amd64miscellaneous system utilities
$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
Successful verification on amd64 for eaon
$ dpkg -l | grep util-linux
ii util-linux 2.34-0.1ubuntu2.4
amd64miscellaneous system utilities
Audit records found in /var/log/audit/audit.log,
type=USYS_CONFIG msg=audit(1584463433.533:68):
Mauricio,
Thank you so much for handling. Much appreciated. I took a quick look at the
above #15 and #16 and perhaps a retry may be beneficial... there were some
timeouts...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Also affects: util-linux (Ubuntu Eoan)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865504
Title:
hwclock reports incorrect status in audit message
** Also affects: util-linux (Ubuntu Bionic)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865504
Title:
hwclock reports incorrect status in audit
The debdiff for focal
** Attachment removed: "debdiff for focal"
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1865504/+attachment/5333544/+files/debdiff.focal
** Attachment added: "debdiff.focal"
Build log
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/18795481
** Bug watch added: Debian Bug tracker #953065
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953065
** Also affects: util-linux (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953065
** Attachment added: "debdiff for focal"
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1865504/+attachment/5333544/+files/debdiff.focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
+ [IMPACT]
+ hwclock reports incrorect status in audit message
+
+ hwclock calls audit_log_user_message(3) to create an audit entry.
audit_log_user_message(3) result 1 is "success" and 0 is
"failed", hwclock use standard EXIT_{SUCCESS,FAILURE} macros with reverse
-
ak/util-linux/commit/189edf1fe501ea39b35911337eab1740888fae7a
** Affects: util-linux (Ubuntu)
Importance: High
Assignee: Joy Latten (j-latten)
Status: New
** Changed in: util-linux (Ubuntu)
Importance: Undecided => Medium
** Changed in: util-linux (Ubuntu)
Importance: Med
I reviewed ndctl as checked into focal. This shouldn't be considered a
full audit but rather a quick gauge of maintainability.
ndctl is comprised of utilities and libraries for managing the libnvdimm
(non-volatile memory device) sub-system in the Linux kernel
- No CVEs readily found.
Gleaned
** Changed in: ndctl (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1853506
Title:
[MIR] ndctl
To manage notifications
I reviewed pipewire 0.2.5-1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
pipewire is a multimedia sharing and processing engine. It is comprised of a
server and userspace API to handle multimedia pipelines. The pipewire package
** Changed in: pipewire (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802533
Title:
[MIR] pipewire
To manage
The 2.7 and 3.5 python packages in the security proposed PPA have been
successfully tested in a fips and non-fips xenial environment.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835135
Title:
** Changed in: gnome-remote-desktop (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802614
Title:
[MIR]
I would like to add an additional condition to the security team ACK.
The pipewire MIR must also be ACK'd.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802614
Title:
[MIR] gnome-remote-desktop
I reviewed gnome-remote-desktop 0.1.7-1 as checked into eoan. This
shouldn't be considered a full audit but rather a quick gauge of
maintainability.
gnome-remote-desktop is a remote desktop daemon for GNOME using VNC with
pipewire. It is suppose to work with both X and Wayland.
- No CVEs.
Also
Upon looking at the source for both python2.7 and python3.5 in xenial,
neither checks the return value from EVP_DigestInit in
Modules/_hashopenssl.c file.
However, python3.6 (in bionic, cosmic and disco) does have the check.
So the check will need to be backported to python 2.7 and python 3.5 in
Like python3, python2 should check the return value of EVP_DigestInit.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835135
Title:
FIPS OpenSSL crashes Python2 hashlib
To manage notifications
The assessment is accurate.
FIPS 140-2 does not allow MD5 except for use in PRF.
Thus the OpenSSL_add_all_digests in fips openssl does not include MD5.
However, SSL_library_init() does include MD5 but only for use in calculating
the PRF. Notice in tls1_P_hash() in ssl/t1_enc.c
the flag,
Investigating
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835135
Title:
FIPS OpenSSL crashes Python2 hashlib
To manage notifications about this bug go to:
verification done on following:
xenial: openvpn-2.3.10-1ubuntu2.2
bionic: openvpn-2.4.4-2ubuntu1.2
cosmic: openvpn-2.4.6-1ubuntu2.1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
Verified using same test data allowing for interoperability testing
between the various releases and with fips for xenial and bionic.
** Tags removed: verification-needed-bionic verification-needed-cosmic
verification-needed-xenial
** Tags added: verification-done-bionic verification-done-cosmic
Successfully verified xenial, bionic, and cosmic.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
To manage notifications about this bug go
Testing in progress...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
To manage notifications about this bug go to:
This bug has been reported:
1.Upstream Bug: https://community.openvpn.net/openvpn/ticket/725
2.Suse Bug report:
https://build.opensuse.org/package/view_file/network:vpn/openvpn/openvpn-fips140-2.3.2.patch
** Description changed:
[IMPACT]
+ openvpn segfaults when using fips-mode openssl
Applied fixes for above comments. After some team discussion, decided to
use sha256 for internal hash rather than sha1 in xenial as well.
Internal hash is never communicated externally. Performed additional
interoperability testing successfully using same test parameters as
previously.
** Changed in: openvpn (Ubuntu Bionic)
Status: Incomplete => New
** Changed in: openvpn (Ubuntu Xenial)
Status: Incomplete => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
** Description changed:
[IMPACT]
openvpn when estabishing a tls connection will segfault when used with
Ubuntu's FIPS 140-2 libcrypto.so (openssl).
- openvpn tls connection does TLS PRF(pseudorandom function) to produce
securely generated pseudo random output that is used to generate
2 testcases using same parameters for prior testcases, except that
installed FIPS-mode libcrypto.so to test and ensure FIPS-mode
libcrypto.so honors the flag to allow MD5 in PRF and does not cause
openvpn to segfault because MD5 is missing.
** Attachment added: "testcase-data-fips"
The xenial patch has additional code. In version 2.3.10, openvpn uses
MD5 for PRF and internally for configuration status verification. FIPS
140-2 permits MD5 for PRF, but not as a hash for internal verification.
Subsequent versions of openvpn (2.4) was changed upstream to not use
MD5, instead
** Attachment added: "debdiff.bionic"
https://bugs.launchpad.net/ubuntu/xenial/+source/openvpn/+bug/1807439/+attachment/5222054/+files/debdiff.bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
build log for xenial:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/15743720
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
build log for bionic:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/15743676
** Also affects: openvpn (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: openvpn (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: openvpn (Ubuntu
Hi Christian,
Hopefully the testcase-data file follows what you described. If not, let
me know and I can reorganize it for improved readability.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
1 - 100 of 314 matches
Mail list logo
