[Bug 1973031] Re: [MIR] libwpe
** Tags added: sec-1003 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973031 Title: [MIR] libwpe To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libwpe/+bug/1973031/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971738] Re: [MIR] ell
Hmm this thing seems to have its own TLS stack https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ell/tls.c as well as rc4 and rc2 implementations https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ell/cipher.c Does Intel have any guidance on this thing being certified FIPS / CC / STIG / etc? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971738 Title: [MIR] ell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ell/+bug/1971738/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973028] Re: gnome-remote-desktop user service is always running
Please use CVE-2022-1736 for the gnome-remote-desktop user service being enabled on Ubuntu. The Debian packaging, and derivatives of both Ubuntu and Debian, for gnome-remote-desktop are probably very similar. The Debian policy strongly encourages services to be running by default after installation[1]. Ubuntu, however, strongly discourages open ports by default[2]. So, while there may be identical code in the other distributions, this may or may not be considered a vulnerability by the other distributions, based on their own policies. Thanks [1]: https://www.debian.org/doc/debian-policy/ch-opersys.html#managing-the-links "The default behaviour is to enable autostarting your package’s daemon" [2]: https://wiki.ubuntu.com/Security/Features#ports "Default installations of Ubuntu must have no listening network services after initial install. Exceptions to this rule [enumerated exceptions elided]" ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1736 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973028 Title: gnome-remote-desktop user service is always running To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1973028/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973344] Re: Converting PKCS#8 into PKCS#1 fails with openssl 3.0
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973344 Title: Converting PKCS#8 into PKCS#1 fails with openssl 3.0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1973344/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1946359] Re: [MIR] vulkan-tools
** Tags added: sec-979 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1946359 Title: [MIR] vulkan-tools To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vulkan/+bug/1946359/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973054] Re: containerd regression for CVE-2022-23648 in latest version 1.5.9-0ubuntu1~20.04.1
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973054 Title: containerd regression for CVE-2022-23648 in latest version 1.5.9-0ubuntu1~20.04.1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/containerd/+bug/1973054/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972889] Re: Screen reader reads the data while computer is locked
Good job Loaf :3 ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972889 Title: Screen reader reads the data while computer is locked To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1972889/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972884] Re: Err:10 https://ppa.launchpadcontent.net/flatpak/stable/ubuntu jammy Release 404 Not Found [IP: 91.189.95.85 443]
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972884 Title: Err:10 https://ppa.launchpadcontent.net/flatpak/stable/ubuntu jammy Release 404 Not Found [IP: 91.189.95.85 443] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1972884/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971888] Re: Can not ssh to github.com or gitlab.com when upgrading to 22.04
Alvaro, thanks for reporting back! I'm glad it worked. I don't know the full details of which QoS settings changed in which releases, but this email suggests that there was active interest in changing which exact values were used: http://lists.mindrot.org/pipermail/openssh-unix- dev/2018-April/036788.html Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971888 Title: Can not ssh to github.com or gitlab.com when upgrading to 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1971888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972910] [NEW] error: too many arguments for command
Public bug reported: Hello, I'm very used to searching for software with: apt-cache search foo bar baz I was very surprised that snap does not support this: $ snap search jira launchpad error: too many arguments for command $ snap search "jira launchpad" NameVersion PublisherNotes Summary lp-to-jira 0.7 mclemenceau - Command Line interface to import content from Launchpad to JIRA Instead all the search terms must be given in the first argument. Can snap search be made to match the behaviour of apt-cache search? Thanks ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: snap (not installed) ProcVersionSignature: Ubuntu 5.4.0-107.121-generic 5.4.174 Uname: Linux 5.4.0-107-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu27.23 Architecture: amd64 CasperMD5CheckResult: skip Date: Tue May 10 22:19:11 2022 SourcePackage: snap UpgradeStatus: Upgraded to focal on 2020-01-24 (837 days ago) ** Affects: snapd (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal ** Package changed: snap (Ubuntu) => snapd (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972910 Title: error: too many arguments for command To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1972910/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971888] Re: Can not ssh to github.com or gitlab.com when upgrading to 22.04
Alvaro, I wonder if your network is dropping packets with unexpected IP QoS flags? Look for 'IPQoS' in ssh_config(5) to see the defaults and available choices. This would be influenced by ssh settings but still operate at TCP level. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971888 Title: Can not ssh to github.com or gitlab.com when upgrading to 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1971888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972709] Re: Pgbouncer installs full postgresql server just to get a service account
Are you sure pgbouncer is the package that is dragging in the postgresql server in your environment? On Focal, the postgresql server is in package postgresql-12 and apt-rdepends doesn't show this dependency: $ apt-rdepends --reverse postgresql-12 | grep pgbouncer Reading package lists... Done Building dependency tree Reading state information... Done $ apt-rdepends pgbouncer | grep postgresql-12 Reading package lists... Done Building dependency tree Reading state information... Done Thanks ** Changed in: pgbouncer (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1972709 Title: Pgbouncer installs full postgresql server just to get a service account To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pgbouncer/+bug/1972709/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972709] Re: Pgbouncer installs full postgresql server just to get a service account
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972709 Title: Pgbouncer installs full postgresql server just to get a service account To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pgbouncer/+bug/1972709/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972114]
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures ** Tags added: community-security ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972114 Title: Pressing Ctl Alt F7 allows me to bypass lock screen To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1972114/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972061] Re: no
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972061 Title: no To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1972061/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1608200] Re: please merge openssl from Debian
** Changed in: openssl (Ubuntu) Status: Incomplete => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1608200 Title: please merge openssl from Debian To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1608200/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972054] Re: installer crashed installing ubuntu20.04
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972054 Title: installer crashed installing ubuntu20.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1972054/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972027] Re: “Sub-process /usr/bin/dpkg returned an error code (1)” In Ubuntu
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972027 Title: “Sub-process /usr/bin/dpkg returned an error code (1)” In Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1972027/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971518] Re: Inadequate storage messages. Not enough space on usb drive to install Ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971518 Title: Inadequate storage messages. Not enough space on usb drive to install Ubuntu. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1971518/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971677] Re: package mysql-server-8.0 8.0.29-0ubuntu0.22.04.1 failed to install/upgrade: installed mysql-server-8.0 package post-installation script subprocess returned error exit status 1
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971677 Title: package mysql-server-8.0 8.0.29-0ubuntu0.22.04.1 failed to install/upgrade: installed mysql-server-8.0 package post-installation script subprocess returned error exit status 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mysql-8.0/+bug/1971677/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971419] Re: after upgrade to 22.04 lt2p ipsec vpn not working
I suggest looking through the OpenSSL notes in the Jammy Release Notes: https://discourse.ubuntu.com/t/jammy-jellyfish-release-notes/24668 The OpenSSL security defaults have been raised in this release and it's possible your VPN's configuration doesn't meet the minimum safety guidelines. Thanks ** Information type changed from Private Security to Public Security ** Changed in: xl2tpd (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971419 Title: after upgrade to 22.04 lt2p ipsec vpn not working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1971419/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971415] Re: Remote desktop is automatically enabled after login
*** This bug is a duplicate of bug 1969619 *** https://bugs.launchpad.net/bugs/1969619 Probably this is a duplicate, feel free to break the duplication if it isn't. Thanks ** This bug has been marked a duplicate of bug 1969619 RDP Sharing appears on by default in jammy ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971415 Title: Remote desktop is automatically enabled after login To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1971415/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971452] Re: Ubuntu 22.04 Ubuntu-Advantage-Tools won't install
Hello, are you still having problems with this? I'm sorry I lost track of it on Tuesday, but when I checked the archive mirrors then the permissions on this file looked fine to me. Thanks ** Information type changed from Private Security to Public Security ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971452 Title: Ubuntu 22.04 Ubuntu-Advantage-Tools won't install To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1971452/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971429] Re: gnome shell
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971429 Title: gnome shell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1971429/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971221] Re: firefox is flashing
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971221 Title: firefox is flashing To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1971221/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971192] Re: CVE-2022-0330
Hello Luís, we released a fix for this CVE for linux-azure-fde on 22 February 2022 in USN-5294-2: https://ubuntu.com/security/notices/USN-5294-2 The linux-azure-fde source package is actually just some scripts, and our kernel update tooling shows incorrect results on the webpage as a result. Hopefully we will fix the tooling to give good reports, but in the meantime I suggest tracking issues in this kernel via the USNs. Thanks ** Changed in: linux-azure-fde (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971192 Title: CVE-2022-0330 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-azure-fde/+bug/1971192/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971101] Re: package linux-image-5.13.0-40-generic 5.13.0-40.45~20.04.1 failed to install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with return code 1
Hello, note your filesystem is full: Filesystem 1K-blocks Used Available Use% Mounted on udev 9812920981292 0% /dev tmpfs 202808 1508201300 1% /run /dev/sda5 11167656 11000192 0 100% / That causes errors like this: cp: error writing '/var/tmp/mkinitramfs_jx7Z98//usr/bin/kmod': No space left on device cp: error writing '/var/tmp/mkinitramfs_jx7Z98//usr/lib/x86_64-linux-gnu/liblzma.so.5.2.4': No space left on device mkdir: cannot create directory ‘/var/tmp/mkinitramfs_jx7Z98/etc/modprobe.d’: No space left on device mkdir: cannot create directory ‘/var/tmp/mkinitramfs_jx7Z98/lib/modprobe.d’: No space left on device mkdir: cannot create directory ‘/var/tmp/mkinitramfs_jx7Z98//etc/modprobe.d’: No space left on device These errors are preventing your system update from finishing. Free up some space on the root filesystem, and then try: sudo apt install -f or sudo dpkg --configure -a The full screen issue may require talking with VirtualBox support. Thanks ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971101 Title: package linux-image-5.13.0-40-generic 5.13.0-40.45~20.04.1 failed to install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with return code 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1971101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971098] Re: package usrmerge 25ubuntu1.1 failed to install/upgrade: »installiertes usrmerge-Skript des Paketes post-installation«-Unterprozess gab den Fehlerwert 1 zurück
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971098 Title: package usrmerge 25ubuntu1.1 failed to install/upgrade: »installiertes usrmerge-Skript des Paketes post-installation«-Unterprozess gab den Fehlerwert 1 zurück To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/usrmerge/+bug/1971098/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971098] Re: package usrmerge 25ubuntu1.1 failed to install/upgrade: »installiertes usrmerge-Skript des Paketes post-installation«-Unterprozess gab den Fehlerwert 1 zurück
Hello, your bug has a few things: cp: reguläre Datei '/usr/opt/eset/esets/lib/libesets_pac.so' kann nicht angelegt werden: Datei oder Verzeichnis nicht gefunden This error message means something is broken with your antivirus program. I suggest contacting ESET about this. Give them a link to this bug report, it'll help their support staff understand what is going wrong. These messages suggest that you probably have a hardware problem: [ 316.377333] pcieport :00:1c.0: AER: Corrected error received: :00:1c.0 [ 316.377338] pcieport :00:1c.0: PCIe Bus Error: severity=Corrected, type=Data Link Layer, (Transmitter ID) [ 316.377339] pcieport :00:1c.0: device [8086:a33c] error status/mask=1000/2000 [ 316.377340] pcieport :00:1c.0:[12] Timeout They are repeated over and over in your logs. It looks very unhappy. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971098 Title: package usrmerge 25ubuntu1.1 failed to install/upgrade: »installiertes usrmerge-Skript des Paketes post-installation«-Unterprozess gab den Fehlerwert 1 zurück To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/usrmerge/+bug/1971098/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970751] Re: package grub-pc 2.04-1ubuntu26.15 failed to install/upgrade: installed grub-pc package post-installation script subprocess returned error exit status 10
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970751 Title: package grub-pc 2.04-1ubuntu26.15 failed to install/upgrade: installed grub-pc package post-installation script subprocess returned error exit status 10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1970751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970779] Re: Multiple vulnerabilities in Bionic, Focal and Impish
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970779 Title: Multiple vulnerabilities in Bionic, Focal and Impish To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpewebkit/+bug/1970779/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970748] Re: package slack (not installed) failed to install/upgrade: el subproceso instalado paquete slack script pre-removal devolvió el código de salida de error 2
This looks like a third-party package, not the 'slack' configuration management package. I suggest filing a bug report with whoever provided the slack-desktop package you're installing. Thanks ** Package changed: slack (Ubuntu) => ubuntu -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970748 Title: package slack (not installed) failed to install/upgrade: el subproceso instalado paquete slack script pre-removal devolvió el código de salida de error 2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1970748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970748] Re: package slack (not installed) failed to install/upgrade: el subproceso instalado paquete slack script pre-removal devolvió el código de salida de error 2
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970748 Title: package slack (not installed) failed to install/upgrade: el subproceso instalado paquete slack script pre-removal devolvió el código de salida de error 2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1970748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970674]
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures ** Tags added: community-security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970674 Title: New bug fix releases 3.4.10, 4.2.6 and 4.4.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1970674/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970593] Re: package firefox-locale-de 1:1snap1-0ubuntu2 failed to install/upgrade: Abhängigkeitsprobleme - verbleibt unkonfiguriert
Hello, this looks like the starting point of the problem: Start-Date: 2022-04-17 16:08:22 Commandline: apt-get purge firefox Purge: firefox-locale-de:amd64 (1:1snap1-0ubuntu2), firefox:amd64 (1:1snap1-0ubuntu2) End-Date: 2022-04-17 16:08:24 Start-Date: 2022-04-17 16:12:17 Commandline: apt-get install firefox firefox-locale-de Install: firefox-locale-de:amd64 (1:1snap1-0ubuntu2), firefox:amd64 (1:1snap1-0ubuntu2) Error: Sub-process /usr/bin/dpkg returned an error code (1) End-Date: 2022-04-17 16:12:19 I suggest trying: sudo apt purge firefox-locale-de firefox+ (The + at the end of firefox+ will ask apt to install firefox.) Thanks ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970593 Title: package firefox-locale-de 1:1snap1-0ubuntu2 failed to install/upgrade: Abhängigkeitsprobleme - verbleibt unkonfiguriert To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1970593/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970425] Re: clamtk can't quarantine or delete specific malware
Thanks for reporting it; this is surprisingly the best resolution I've ever seen for "this file trips a security scanner" I've ever seen. Nice. :) ** Information type changed from Private Security to Public Security ** Changed in: clamtk (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970425 Title: clamtk can't quarantine or delete specific malware To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clamtk/+bug/1970425/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970507]
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures ** Tags added: community-security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970507 Title: No security updates since release in all Ubuntu releases To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xen/+bug/1970507/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970294] Re: fwsnort --ipt-apply
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970294 Title: fwsnort --ipt-apply To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/fwsnort/+bug/1970294/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970260] Re: SECURITY: safe.directory backport doesn't check key name
Thanks, Ray ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970260 Title: SECURITY: safe.directory backport doesn't check key name To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/git/+bug/1970260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970158] Re: Login Password error
I'm sorry, this doesn't make enough sense for me to know where to re- assign this. I suggest giving a lot more details about what applications you're using, etc. Thanks ** Information type changed from Private Security to Public ** Package changed: linux (Ubuntu) => ubuntu -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970158 Title: Login Password error To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1970158/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970160] Re: Kubuntu iso Image GPT problem
This may be a hardware problem, or a mistake on how your drive is formatted. Hopefully someone else will know what questions to ask. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970160 Title: Kubuntu iso Image GPT problem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1970160/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970206] Re: Cursor goes missing in games
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970206 Title: Cursor goes missing in games To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1970206/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970228]
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures ** Tags added: community-security ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970228 Title: Version in Jammy is vulnerable to CVE-2021-28544 and CVE-2022-24070 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-cve-tracker/+bug/1970228/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 1971888] [NEW] Can not ssh to github.com or gitlab.com when upgrading to 22.04
On Thu, May 05, 2022 at 09:09:07PM -, Alvaro wrote: > acs@lsp-022:~$ ssh -vT g...@github.com > ... > debug1: connect to address 140.82.121.4 port 22: Connection timed out Note that "Connection timed out" is an error at the TCP level, that indicates that your computer wasn't able to establish a TCP session. ssh's algorithm choices aren't involved yet. Are you sure this machine can communicate with 140.82.121.4:22 at all? $ nc 140.82.112.4 22 SSH-2.0-babeld-78a8149e ^C Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971888 Title: Can not ssh to github.com or gitlab.com when upgrading to 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1971888/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971650] Re: wrong check for "server" in libssl3.postinst
Possibly related to https://bugs.launchpad.net/bugs/1832421 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971650 Title: wrong check for "server" in libssl3.postinst To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1971650/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971504] Re: Multiple vulnerabilities in Bionic, Focal, Impish, Jammy and Kinetic
Hello Luís, thanks; I just glanced at the debdiffs quickly, and noticed this one appears to missing the quilt series changes: +varnish (6.6.1-1ubuntu0.1) jammy-security; urgency=medium Please also report back how you've tested the patches. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971504 Title: Multiple vulnerabilities in Bionic, Focal, Impish, Jammy and Kinetic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/varnish/+bug/1971504/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970480] Re: please remove elog
Thanks Steve; I mentioned to the upstream maintainers that we would probably not remove it from supported releases, and they seemed okay with this. Thanks! ** Changed in: elog (Ubuntu) Status: Incomplete => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970480 Title: please remove elog To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/elog/+bug/1970480/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971214] [NEW] archive is missing dsc index
Public bug reported: Hello, I wanted to use apt-file -I dsc recently and found that Ubuntu's archive is missing the Contents-source files that the Debian repo has, compare: http://ftp.debian.org/debian/dists/bookworm/main/ vs http://archive.ubuntu.com/ubuntu/dists/kinetic The Contents-source.gz file is missing. Thanks ** Affects: ubuntu Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971214 Title: archive is missing dsc index To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1971214/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1963834] Re: openssl 3.0 - SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED]
Yes, managing the configurations for the huge variety of cryptography toolkits on a Linux system is definitely something of a chore. It would be nice to give people one command they could use to return to unsafe- but-compatible cryptography -- or enforce only modern cryptography. Our friends at Red Hat have prepared https://gitlab.com/redhat- crypto/fedora-crypto-policies -- while a version of this is packaged: https://launchpad.net/ubuntu/+source/crypto-policies -- I don't believe it actually works on Ubuntu: https://bugs.launchpad.net/ubuntu/+source/crypto-policies/+bug/1926664 Maybe someday. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1963834 Title: openssl 3.0 - SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1963834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970459] Re: import of ca-certificate in browser does not work
I switched this from ca-certificates to firefox and chromium-browser, since both browsers manage their own certificate lists and don't use the system-provided ca-certificates. (You manage that with different tools, see the first few lines of /etc/ca-certificates.conf for details.) Thanks ** Package changed: ca-certificates (Ubuntu) => firefox (Ubuntu) ** Also affects: chromium-browser (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970459 Title: import of ca-certificate in browser does not work To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1970459/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1970480] [NEW] please remove elog
Public bug reported: Hello, the upstream developers of elog have asked Debian and Ubuntu to remove elog from the repositories because the packages are unmaintained: https://bugs.debian.org/1010196 https://bugs.debian.org/1010197 https://ubuntu.com/security/cves?q==elog=== Thanks ** Affects: elog (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1970480 Title: please remove elog To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/elog/+bug/1970480/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969943] Re: System updates fail to complete.
Thank you for using Ubuntu and taking the time to report a bug. Your report should contain, at a minimum, the following information so we can better find the source of the bug and work to resolve it. Submitting the bug about the proper source package is essential. For help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally, in the report please include: 1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System -> About Ubuntu. 2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by checking in Synaptic. 3) What happened and what you expected to happen. The Ubuntu community has also created debugging procedures for a wide variety of packages at https://wiki.ubuntu.com/DebuggingProcedures . Following the debugging instructions for the affected package will make your bug report much more complete. Thanks! ** Information type changed from Private Security to Public ** Changed in: postfix (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969943 Title: System updates fail to complete. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1969943/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969938] Re: Ao tentar atualizar os programas pelo atualizador ele informa que não há conexão com a internet mesmo ela estando conectada
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969938 Title: Ao tentar atualizar os programas pelo atualizador ele informa que não há conexão com a internet mesmo ela estando conectada To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1969938/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969741] Re: package snort (not installed) failed to install/upgrade: installed snort package post-installation script subprocess returned error exit status 1
Hello Adil, looking through the terminal log it looks like you've selected an incorrect interface for snort to listen on; this is probably not a bug. Thanks ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969741 Title: package snort (not installed) failed to install/upgrade: installed snort package post-installation script subprocess returned error exit status 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snort/+bug/1969741/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969679]
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures ** Tags added: community-security ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969679 Title: Update monit from 5.31 to 5.32 for security Reasons in 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/monit/+bug/1969679/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969614] Re: package linux-image-5.13.0-40-generic (not installed) failed to install/upgrade: unable to open '/boot/vmlinuz-5.13.0-40-generic.dpkg-new': Operation not permitted
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969614 Title: package linux-image-5.13.0-40-generic (not installed) failed to install/upgrade: unable to open '/boot/vmlinuz-5.13.0-40-generic.dpkg- new': Operation not permitted To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-signed-hwe-5.13/+bug/1969614/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969593] Re: rules to prevent non-root users from rebooting not taken into account
** Also affects: systemd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969593 Title: rules to prevent non-root users from rebooting not taken into account To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1969593/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969593] Re: rules to prevent non-root users from rebooting not taken into account
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969593 Title: rules to prevent non-root users from rebooting not taken into account To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1969593/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968806] Re: Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2 pnscan version
The frog is definitely weird, but clamscan is almost certainly just reporting a tool that might be used by attackers. There's lots of those. Does it also report tcpdump? wireshark? ettercap? nc? telnet? nmap? socat? stunnel? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1968806 Title: Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2 pnscan version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pnscan/+bug/1968806/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968845] Re: Upgrade to 22.04 from 20.04 ends with dbus installation asking for a reboot
This may be a duplicate of https://launchpad.net/bugs/1969162 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968845 Title: Upgrade to 22.04 from 20.04 ends with dbus installation asking for a reboot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1968845/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969502] Re: package latex-cjk-common 4.8.4+git20170127-2 failed to install/upgrade: o subprocesso instalado, do pacote latex-cjk-common, o script post-installation retornou erro do status de saí
This looks like an emacs failure to me: Install emacsen-common for emacs emacsen-common: Handling install of emacsen flavor emacs emacs: error while loading shared libraries: libotf.so.0: cannot open shared object file: No such file or directory ERROR: install script from emacsen-common package failed [1mdpkg:[0m erro ao processar o pacote latex-cjk-common (--configure): o subprocesso instalado, do pacote latex-cjk-common, o script post-installation retornou erro do status de saída 1 ** Package changed: cjk (Ubuntu) => emacs (Ubuntu) ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969502 Title: package latex-cjk-common 4.8.4+git20170127-2 failed to install/upgrade: o subprocesso instalado, do pacote latex-cjk-common, o script post-installation retornou erro do status de saída 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/emacs/+bug/1969502/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969231] Re: Touch pad not working
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969231 Title: Touch pad not working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-signed-hwe-5.13/+bug/1969231/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969416] Re: league of legends crashed
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969416 Title: league of legends crashed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1969416/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969144] Re: /Dev/Sda1 (en resumen) fue lo que me encontré al encender mi ordenador seguido de varios numeros
** Package changed: ubuntu-docs (Ubuntu) => ubuntu ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969144 Title: /Dev/Sda1 (en resumen) fue lo que me encontré al encender mi ordenador seguido de varios numeros To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1969144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1969118] Re: Certificate viewer shows extra bytes for RSA keys
Hello Mikko, thanks for the report; I believe that's working as intended, those bytes are part of the DER encoding; there's an excellent answer at https://crypto.stackexchange.com/a/19982/1400 that describes the meanings of each of those bytes. Thanks ** Information type changed from Private Security to Public Security ** Changed in: gcr (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969118 Title: Certificate viewer shows extra bytes for RSA keys To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gcr/+bug/1969118/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968845] Re: Upgrade to 22.04 from 20.04 ends with dbus installation asking for a reboot
Here's the postinst I've got for that package. Maybe the reload_dbus_config() could use a --reply-timeout=5000 or something? Thanks $ cat /fst/trees/ubuntu/main/d/dbus/dbus_1.12.20-2ubuntu4/debian/dbus.postinst #!/bin/sh # Copyright © 2003 Colin Walters # Copyright © 2006 Sjoerd Simons set -e MESSAGEUSER=messagebus MESSAGEHOME=/var/run/dbus LAUNCHER=/usr/lib/dbus-1.0/dbus-daemon-launch-helper # This is what the init script would do, but it's simpler (and less # dependent on sysvinit vs. Upstart vs. etc.) if we do it directly. reload_dbus_config() { [ -S /var/run/dbus/system_bus_socket ] || return 0 dbus-send --print-reply --system --type=method_call \ --dest=org.freedesktop.DBus \ / org.freedesktop.DBus.ReloadConfig > /dev/null || true } if [ "$1" = triggered ]; then reload_dbus_config exit 0 fi if [ "$1" = configure ]; then adduser --system \ --quiet \ --home /nonexistent \ --no-create-home \ --disabled-password \ --group "$MESSAGEUSER" if ! dpkg-statoverride --list "$LAUNCHER" >/dev/null; then dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER" fi # This is idempotent, so it's OK to do every time. The system bus' init # script does this anyway, but you also have to do this before a session # bus will work, so we do this here for the benefit of people starting # a temporary session bus in a chroot dbus-uuidgen --ensure fi if [ "$1" = configure ] && [ -n "$2" ]; then # On upgrades, we only reload config, and don't restart (restarting the # system bus is not supported by upstream). The code added by # dh_installinit -r creates a start action, below. # Recommend a reboot if there is a dbus-daemon running in the same root # as us. Deliberately not using anything init-related here, to be # init-agnostic: if we get a false positive (at least one dbus-daemon # is running but it isn't the system bus) that isn't the end of the # world, because it's probably a session bus, so the user needs to # log out and back in anyway. # # Debian has /usr/bin/dbus-daemon, Ubuntu has /bin/dbus-daemon. # Look for both. if pidof -c /bin/dbus-daemon /usr/bin/dbus-daemon >/dev/null; then echo "A reboot is required to replace the running dbus-daemon." >&2 echo "Please reboot the system when convenient." >&2 # trigger an update notification that recommends a reboot # (used by unattended-upgrades etc.) touch /var/run/reboot-required || true if ! grep -Fqsx dbus /run/reboot-required.pkgs; then echo dbus >> /run/reboot-required.pkgs || true fi # same thing for the older update-notifier interface [ -x /usr/share/update-notifier/notify-reboot-required ] && \ /usr/share/update-notifier/notify-reboot-required || true fi # Clean up old compatibility symlinks that were used to upgrade from # Debian 8 to Debian 9. This can be dropped after Debian 10 is released. for bus in system session; do conf="/etc/dbus-1/${bus}.conf" exp_target="/usr/share/dbus-1/${bus}.conf" target="$(readlink -f "${conf}")" || continue if [ -h "${conf}" ] && [ "_${target}" = "_${exp_target}" ]; then rm -f "${conf}" fi done fi #DEBHELPER# # Do this after the debhelper-generated bits so that dpkg-maintscript-helper # will have finished moving configuration files around. We only need to do # this for upgrades, not new installations. if [ "$1" = configure ] && [ -n "$2" ]; then reload_dbus_config fi # We don't start dbus.service in postinst, so ensure dbus.socket is running if [ "$1" = configure ] && [ -d /run/systemd/system ]; then systemctl try-restart sockets.target || true fi -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968845 Title: Upgrade to 22.04 from 20.04 ends with dbus installation asking for a reboot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1968845/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968806] Re: Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2 pnscan version
Hello, my guess is clamav is helpfully pointing out that the program exists at all; I doubt it has any intelligence beyond looking for a few markers for pnscan within files named pnscan. Diagnosing load issues takes a bit of work; I suggest starting with https://www.brendangregg.com/blog/2015-12-03/linux-perf-60s-video.html to get a feeling of useful steps to take. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1968806 Title: Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2 pnscan version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pnscan/+bug/1968806/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968845] Re: Upgrade to 22.04 from 20.04 ends with dbus installation asking for a reboot
Yikes, does it actually *stop* at that point? That's .. not ideal. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968845 Title: Upgrade to 22.04 from 20.04 ends with dbus installation asking for a reboot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1968845/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968806] Re: Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2 pnscan version
** Information type changed from Private Security to Public Security ** Changed in: pnscan (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968806 Title: Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2 pnscan version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pnscan/+bug/1968806/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1964827] Re: zfs-linux upstream at 2.1.4, jammy has 2.1.2
** Information type changed from Public Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1964827 Title: zfs-linux upstream at 2.1.4, jammy has 2.1.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/1964827/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968334] Re: libssh2 upgrade
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968334 Title: libssh2 upgrade To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1968334/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968305] Re: sshd_config.d overrides not working
This reminds me of several previous bugs; this may or may not be a duplicate, and this may or may not be intentional behaviour. Hopefully these are are useful and save some debugging effort: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1922212 https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1876320 https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1873528 Especially 1873528 feels like most likely to be relevant, I suggesting reading that one first. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968305 Title: sshd_config.d overrides not working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1968305/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968047] Re: Ubuntu 22.04 Beta - Unable to compile ruby version 2.7.5, 3.0.3 and 3.3.3 problem with the openssl-dev package
Hopefully this is helpful for you: https://sources.debian.org/data/main/r/ruby3.0/3.0.3-1/debian/patches/Update- openssl-to-version-3.0.0.patch Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968047 Title: Ubuntu 22.04 Beta - Unable to compile ruby version 2.7.5, 3.0.3 and 3.3.3 problem with the openssl-dev package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1968047/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1948748] Re: [MIR] swtpm
I reviewed libtpms 0.9.0-0ubuntu4 as checked into jammy. This shouldn't be considered a full audit but rather a quick gauge of maintainability. I certainly didn't carefully review if libtpms is fit for use as a software TPM. It appears to have been programmed with care and dilligence and the upstream author responded very quickly to the issues I filed. - CVE History: - five CVEs; three need triage or fixing in jammy according to our database: CVE-2021-3446 CVE-2021-3623 CVE-2021-3746 - Build-Depends? - debhelper-compat (= 13), dh-exec, gawk, libssl-dev, libtool, pkg-config - pre/post inst/rm scripts? - none - init scripts? - none - systemd units? - none - dbus services? - none - setuid binaries? - none - binaries in PATH? - none - sudo fragments? - none - polkit files? - none - udev rules? - none - unit tests / autopkgtests? - it's got some, I didn't inspect them - cron jobs? - none - Build logs: - pretty clean, but this looked strange: [WARNING] Recoverable errors were encountered during 313 of these C/C++ compilation units. - Processes spawned? - none - Memory management? - extensive -- it looked good, but there sure is a lot of it - File IO? - some, looked good - Logging? - looked careful - Environment variable usage? - TPM_PATH to set the path for files - Use of privileged functions? - none - Use of cryptography / random number sources etc? - extensive; very intricate low-level details; it all seemed normal enough, but it's extremely niche. - rand() could be used as a fallback if the openssl random number generator fails. That's not ideal but unlikely to be an issue in usual practice. - Use of temp files? - none - Use of networking? - none - Use of WebKit? - none - Use of PolicyKit? - none - Any significant cppcheck results? - minor, NULL pointer dereference crash in corner case - Any significant Coverity results? - minor, some false positives, some reasonable findings; Stefan responded very quickly. - Any significant shellcheck results? - in test cases, I didn't check - Any significant bandit results? - none This is very complex code, we'll need upstream's help for anything beyond trivial issues. It was a pleasure to raise issues with Stefan, he approached the issues I filed quickly and eagerly. I expect it'll be easy to work with him in the future as necessary. Security team ACK for promoting libtpms to main. It'd be a favour to us to pop together one more upload before release if those CVEs actually still apply to our package. I didn't take many notes while reviewing that stayed on my computer; only the DES finding. That's a bit strange, but meh, how important is 3des in TPM-land these days? /src/tpm2/crypto/openssl/TpmToOsslDesSupport.c DES_set_key_unchecked() is apparently unsafe, should use the checked version instead https://github.com/stefanberger/libtpms/issues/304 https://github.com/stefanberger/libtpms/issues/310 https://github.com/stefanberger/libtpms/issues/311 https://github.com/stefanberger/libtpms/issues/313 ** Bug watch added: github.com/stefanberger/libtpms/issues #304 https://github.com/stefanberger/libtpms/issues/304 ** Bug watch added: github.com/stefanberger/libtpms/issues #310 https://github.com/stefanberger/libtpms/issues/310 ** Bug watch added: github.com/stefanberger/libtpms/issues #311 https://github.com/stefanberger/libtpms/issues/311 ** Bug watch added: github.com/stefanberger/libtpms/issues #313 https://github.com/stefanberger/libtpms/issues/313 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3446 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3623 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3746 ** Changed in: libtpms (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1948748 Title: [MIR] swtpm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/autogen/+bug/1948748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967450] Re: When switching from 175% fractional scaling back to integer scaling, only a quarter of the screen is used
But who would keep that resolution when it sure *looks* broken? I can understand the "it's not new and we don't know how to fix it" :) but probably users won't know that they'll be fine after a reboot. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967450 Title: When switching from 175% fractional scaling back to integer scaling, only a quarter of the screen is used To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1967450/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1966572] Re: Chromium Zero Day
B[], aha, you've received no Chromium updates since November 2021 because the author of that PPA hasn't provided any. apt-file will report what files are in the Ubuntu package whether or not you have it installed. It's very handy to see what files are in an Ubuntu package without installing it. dpkg -l will report what files are in the package that you've got installed. It's the better tool if you have installed third-party packages. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1966572 Title: Chromium Zero Day To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1966572/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1966572] Re: Chromium Zero Day
The 20.04 LTS chromium-browser deb package exists only to install the chromium snap and deliver a few files to the filesystem outside the snap packaging system: $ apt-file show chromium-browser chromium-browser: /usr/bin/chromium-browser chromium-browser: /usr/share/applications/chromium-browser.desktop chromium-browser: /usr/share/apport/package-hooks/chromium-browser.py chromium-browser: /usr/share/doc/chromium-browser/changelog.Debian.gz chromium-browser: /usr/share/doc/chromium-browser/copyright chromium-browser: /usr/share/icons/hicolor/128x128/apps/chromium-browser.png chromium-browser: /usr/share/icons/hicolor/22x22/apps/chromium-browser.png chromium-browser: /usr/share/icons/hicolor/24x24/apps/chromium-browser.png chromium-browser: /usr/share/icons/hicolor/256x256/apps/chromium-browser.png chromium-browser: /usr/share/icons/hicolor/48x48/apps/chromium-browser.png chromium-browser: /usr/share/icons/hicolor/64x64/apps/chromium-browser.png chromium-browser: /usr/share/lintian/overrides/chromium-browser chromium-browser: /usr/share/pixmaps/chromium-browser.png $ The deb package doesn't need to be updated for snapd to automatically install a chromium update when one is made available. Check snap info chromium on your system to see if you've received the update yet. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1966572 Title: Chromium Zero Day To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1966572/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1948748] Re: [MIR] swtpm
libtpms might need to pull in https://github.com/stefanberger/libtpms/commit/d78a4520ba3157087e1e438b519618f26d85fae3 -- I think without this fix, the following algorithms may not work right: #define ALG_KDF1_SP800_56A_VALUE0x0020 #define TPM_ALG_KDF1_SP800_56A (TPM_ALG_ID)(ALG_KDF1_SP800_56A_VALUE) #define ALG_KDF2_VALUE 0x0021 #define TPM_ALG_KDF2(TPM_ALG_ID)(ALG_KDF2_VALUE) #define ALG_KDF1_SP800_108_VALUE0x0022 #define TPM_ALG_KDF1_SP800_108 (TPM_ALG_ID)(ALG_KDF1_SP800_108_VALUE) #define ALG_ECC_VALUE 0x0023 #define TPM_ALG_ECC (TPM_ALG_ID)(ALG_ECC_VALUE) #define ALG_SYMCIPHER_VALUE 0x0025 #define TPM_ALG_SYMCIPHER (TPM_ALG_ID)(ALG_SYMCIPHER_VALUE) #define ALG_CAMELLIA_VALUE 0x0026 #define TPM_ALG_CAMELLIA(TPM_ALG_ID)(ALG_CAMELLIA_VALUE) #define ALG_SHA3_256_VALUE 0x0027 #define TPM_ALG_SHA3_256(TPM_ALG_ID)(ALG_SHA3_256_VALUE) #define ALG_SHA3_384_VALUE 0x0028 #define TPM_ALG_SHA3_384(TPM_ALG_ID)(ALG_SHA3_384_VALUE) #define ALG_SHA3_512_VALUE 0x0029 #define TPM_ALG_SHA3_512(TPM_ALG_ID)(ALG_SHA3_512_VALUE) #define ALG_CMAC_VALUE 0x003F #define TPM_ALG_CMAC(TPM_ALG_ID)(ALG_CMAC_VALUE) #define ALG_CTR_VALUE 0x0040 #define TPM_ALG_CTR (TPM_ALG_ID)(ALG_CTR_VALUE) #define ALG_OFB_VALUE 0x0041 #define TPM_ALG_OFB (TPM_ALG_ID)(ALG_OFB_VALUE) #define ALG_CBC_VALUE 0x0042 #define TPM_ALG_CBC (TPM_ALG_ID)(ALG_CBC_VALUE) #define ALG_CFB_VALUE 0x0043 #define TPM_ALG_CFB (TPM_ALG_ID)(ALG_CFB_VALUE) #define ALG_ECB_VALUE 0x0044 #define TPM_ALG_ECB (TPM_ALG_ID)(ALG_ECB_VALUE) Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1948748 Title: [MIR] swtpm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/autogen/+bug/1948748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1948748] Re: [MIR] swtpm
I reviewed swtpm 0.6.1-0ubuntu5 as checked into jammy. This shouldn't be considered a full audit but rather a quick gauge of maintainability. I especially didn't audit the fuse/cuse interface, nor suitability of the software tpm to replace a hardware tpm. And especially especially I didn't investigate whether cross-guests accesses are possible, intentional, allowed, disallowed, etc. swtpm is a software tpm 'device' intended to allow virtualized guests to use tpm services without access to a real tpm device. - CVE History: - two CVEs, very little information in our database on one; the other was typical C memory problems. There's probably more. - Build-Depends? - libtool, debhelper-compat (= 10), libtpms-dev, libfuse-dev, libglib2.0-dev, libjson-glib-dev, libgmp-dev, expect, libtasn1-dev, socat, python3-twisted, gnutls-dev, gnutls-bin, libssl-dev, net-tools, gawk, softhsm2, libseccomp-dev - uses *both* openssl and gnutls. Odd choice. - pre/post inst/rm scripts? - create swtpm user, group, /var/lib/swtpm-localca directory - not cleaned up in postrm - init scripts? - none - systemd units? - none - dbus services? - none - setuid binaries? - none - binaries in PATH? - swtpm, swtpm_bios, swtpm_cert, swtpm_ioctl, swtpm_setup - sudo fragments? - none - polkit files? - none - udev rules? - none - unit tests / autopkgtests? - some are run during the build; I didn't inspect them - cron jobs? - none - Build logs: - pretty clean - Processes spawned? - yes; seemed safe, except password / keys being passed to children in environment variables - Memory management? - well.. it's got a *lot* of crafty buffer management even among C programs. I'm sure there's more flaws in there. Some of these tools might be better done in a safer language like golang or rust. - File IO? - mostly looked good, under control of callers. I'm not a huge fan of tmpfiles made with template "XX", but that's not really a security concern, just annoying. - Logging? - logging looked good. - Environment variable usage? - Keys are passed to child processes with environment variables. This might be a problem. - Use of privileged functions? - Moderate amounts, no problems spotted - Use of cryptography / random number sources etc? - Extensive, I didn't carefully inspect. - Use of temp files? - safe, but perhaps annoying with "XX" templates. - Use of networking? - yes; unix domain sockets, tcp sockets, and I'm worried about the TLV content parsing. Bugs filed to ask for feedback. - Use of WebKit? - None - Use of PolicyKit? - None - Any significant cppcheck results? - one memory leak, probably only a few dozen bytes each time through - Any significant Coverity results? - potentially, thanks for the fix - Any significant shellcheck results? - none - Any significant bandit results? - none Security team ACK for promoting swtpm to main. I think a lot of this software would benefit from being written in an easier, safer, language; obviously portions of it are probably best done in C, but there's got to be more bugs in here. Here's some notes I took while reading it, in case they're helpful: swtpm_setup/swtpm_setup.c gl_LOGFILE -- TOCTTOU stat() vs fopen(), besides it's opened WAY earlier when logging errors? swtpm/swtpm_nvfile.c SWTPM_NVRAM_SetStateBlob -- data supplied on fd allows complete memory access https://github.com/stefanberger/swtpm/issues/678 integer wraparound in tlv functions src/swtpm/swtpm_nvfile.c SWTPM_NVRAM_PrependHeader() integer wraparound with length param? src/utils/swtpm_utils.c read_file_lines() accidentally quadratic memory allocation and pointer copying, in the number of lines of input file src/swtpm/cuse_tpm.c swtpm_cuse_main() opening a device file to find out if it exists is odd -- is it still the case that opening a tape device could wait indefinitely? stat() might work better. https://github.com/stefanberger/swtpm/issues/679 integer wraparound in tcp port parsing seccomp rules! yay samples/swtpm_localca.c create_localca_cert() -- passing a password via SWTPM_ROOTCA_PASSWORD environment variable leaks it to other processes on the system via /proc/pid/environ ** Changed in: swtpm (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) ** Bug watch added: github.com/stefanberger/swtpm/issues #678 https://github.com/stefanberger/swtpm/issues/678 ** Bug watch added: github.com/stefanberger/swtpm/issues #679 https://github.com/stefanberger/swtpm/issues/679 ** Changed in: swtpm (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1948748 Title: [MIR] swtpm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/autogen/+bug/1948748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com
[Bug 1953363] Re: [MIR] python-xmlschema, elementpath, importlib-resources
I'm not entirely sure when the actual real for real really deadline is, but if it's monday, probably not. Sorry. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953363 Title: [MIR] python-xmlschema, elementpath, importlib-resources To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/elementpath/+bug/1953363/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1965958] Re: list-oem-metapackages crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages'
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1965958 Title: list-oem-metapackages crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages' To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/1965958/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1965857] Re: software-properties-gtk crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages'
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1965857 Title: software-properties-gtk crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages' To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1965857/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1965661] Re: software-properties-gtk crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages'
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1965661 Title: software-properties-gtk crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages' To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1965661/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1948748] Re: [MIR] swtpm
Can an update for this issue be incorporated before a release? https://github.com/stefanberger/swtpm/security/advisories/GHSA-2qgm-8xf4-3hqw It's something Coverity spotted in our version, and I was very pleased to see that there's already an advisory for this :) saving me some effort. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1948748 Title: [MIR] swtpm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/autogen/+bug/1948748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1885990] Re: server: Match has no effect in include file (upstream 3122)
I can't speak for the SRU team, but it's entirely possible that if you prepare and test a debdiff, and show that this can be fixed, you could drive an SRU through to completion; see https://wiki.ubuntu.com/StableReleaseUpdates for more information. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1885990 Title: server: Match has no effect in include file (upstream 3122) To manage notifications about this bug go to: https://bugs.launchpad.net/openssh/+bug/1885990/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1964098] Re: [FFe] Versioned packages for Rust toolchain
I can really appreciate the appeal of a "do nothing today" solution but I'm worried about how much work, and unknown surprises, await us on our *first* update in the future. At some point, we'll have a security issue in a rust program that can only be solved in coordination with a toolchain update, and we'll need to learn what needs to be done, what parts need updating, etc, while under duress. Will our unfamiliarity with this process provide us with an insurmountable stumbling block in the future, one that risks our users or our reputation? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1964098 Title: [FFe] Versioned packages for Rust toolchain To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rustc/+bug/1964098/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1964642] Re: Packer virtualbox ssh can't connect to unattended Ubuntu 20.04.1/2/3/4 but can connect to Ubuntu 20.4
Yeah it seems unlikely to be ssh to me -- can you ping the machine? does virtualbox networking do interfaces that can ping? Does virtualbox offer a 'console view' that you can use to debug the system? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1964642 Title: Packer virtualbox ssh can't connect to unattended Ubuntu 20.04.1/2/3/4 but can connect to Ubuntu 20.4 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1964642/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1964561] Re: package libpam-runtime 1.3.1-5ubuntu4.3 failed to install/upgrade: installed libpam-runtime package post-installation script subprocess returned error exit status 255
Corruption was my first idea, too, but the Dependencies.txt didn't report debsums mismatches. Thanks for the explanations. ** Also affects: debconf (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1964561 Title: package libpam-runtime 1.3.1-5ubuntu4.3 failed to install/upgrade: installed libpam-runtime package post-installation script subprocess returned error exit status 255 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/debconf/+bug/1964561/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1957077] Re: SIGSEGV during processing of unicode string
** Changed in: unzip (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1957077 Title: SIGSEGV during processing of unicode string To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960953] Re: lockscreen is bypassed after screensaver segfault
** Changed in: mate-screensaver (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1960953 Title: lockscreen is bypassed after screensaver segfault To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mate-screensaver/+bug/1960953/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961457] Re: package linux-image-5.13.0-28-generic 5.13.0-28.31 failed to install/upgrade: triggers looping, abandoned
Hello, the tail end of the dpkg terminal log suggests mesa-amdgpu-vdpau- drivers might be to blame; I don't see that package on my local mirror, did this come from outside Ubuntu? If so, you may need to report the issue there. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961457 Title: package linux-image-5.13.0-28-generic 5.13.0-28.31 failed to install/upgrade: triggers looping, abandoned To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1961457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961457] Re: package linux-image-5.13.0-28-generic 5.13.0-28.31 failed to install/upgrade: triggers looping, abandoned
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961457 Title: package linux-image-5.13.0-28-generic 5.13.0-28.31 failed to install/upgrade: triggers looping, abandoned To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1961457/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961854] Re: Thunderbid saves accepted calendar events in different identity
Hello Bartłomiej, can you report this to the upstream developers? This will need their input to address. Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961854 Title: Thunderbid saves accepted calendar events in different identity To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1961854/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962041] Re: package linux-azure-tools-5.4.0-1070 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libcpupower.so.5.4.0-1070', which is also in package linux-azure-cvm-too
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public ** Also affects: linux-azure (Ubuntu) Importance: Undecided Status: New ** Also affects: linux-azure-cvm (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962041 Title: package linux-azure-tools-5.4.0-1070 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libcpupower.so.5.4.0-1070', which is also in package linux- azure-cvm-tools-5.4.0-1070 5.4.0-1070.73+cvm1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1962041/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962212] Re: package nvidia-dkms-470 470.103.01-0ubuntu0.20.04.1 failed to install/upgrade: installed nvidia-dkms-470 package post-installation script subprocess returned error exit status 10
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962212 Title: package nvidia-dkms-470 470.103.01-0ubuntu0.20.04.1 failed to install/upgrade: installed nvidia-dkms-470 package post-installation script subprocess returned error exit status 10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/+bug/1962212/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962358] Re: grub unable to instal
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962358 Title: grub unable to instal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub-installer/+bug/1962358/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962705] Re: package qmail 1.06-6.2~deb10u1build0.20.04.1 failed to install/upgrade: el subproceso instalado paquete qmail script post-installation devolvió el código de salida de error 1
Hello Alejandro, the error message from the package installation script is: --- The hostname -f command returned: amora-diarioas Your system needs to have a fully qualified domain name (fqdn) in order to install the var-qmail packages. Installation aborted --- You can probably fix this via the hostnamectl program. Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962705 Title: package qmail 1.06-6.2~deb10u1build0.20.04.1 failed to install/upgrade: el subproceso instalado paquete qmail script post- installation devolvió el código de salida de error 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/netqmail/+bug/1962705/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962705] Re: package qmail 1.06-6.2~deb10u1build0.20.04.1 failed to install/upgrade: el subproceso instalado paquete qmail script post-installation devolvió el código de salida de error 1
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find. ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962705 Title: package qmail 1.06-6.2~deb10u1build0.20.04.1 failed to install/upgrade: el subproceso instalado paquete qmail script post- installation devolvió el código de salida de error 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/netqmail/+bug/1962705/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962740] Re: Out-of-bounds read during processing 7zip archive
Hello Nils, have you reported this issue upstream yet? Has a bug or fix already been created? Thanks ** Changed in: p7zip (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962740 Title: Out-of-bounds read during processing 7zip archive To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/p7zip/+bug/1962740/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1963714] Re: Internal hard disk partition cannot be mounted manually
Hello Girish, there's some errors in your dmesg that make me think you may have hardware problems. It's not clear, but it's possible. Also, there's some packages in the Dependencies.txt marked with [origin: unknown] that might be worth investigating. Thanks ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1963714 Title: Internal hard disk partition cannot be mounted manually To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/udisks2/+bug/1963714/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs