[Bug 1973031] Re: [MIR] libwpe

2022-05-18 Thread Seth Arnold
** Tags added: sec-1003

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1973031

Title:
  [MIR] libwpe

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libwpe/+bug/1973031/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971738] Re: [MIR] ell

2022-05-17 Thread Seth Arnold
Hmm this thing seems to have its own TLS stack
https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ell/tls.c

as well as rc4 and rc2 implementations
https://git.kernel.org/pub/scm/libs/ell/ell.git/tree/ell/cipher.c

Does Intel have any guidance on this thing being certified FIPS / CC /
STIG / etc?

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971738

Title:
  [MIR] ell

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ell/+bug/1971738/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1973028] Re: gnome-remote-desktop user service is always running

2022-05-16 Thread Seth Arnold
Please use CVE-2022-1736 for the gnome-remote-desktop user service being
enabled on Ubuntu.

The Debian packaging, and derivatives of both Ubuntu and Debian, for
gnome-remote-desktop are probably very similar. The Debian policy
strongly encourages services to be running by default after
installation[1]. Ubuntu, however, strongly discourages open ports by
default[2].

So, while there may be identical code in the other distributions, this
may or may not be considered a vulnerability by the other distributions,
based on their own policies.

Thanks

[1]: https://www.debian.org/doc/debian-policy/ch-opersys.html#managing-the-links
 "The default behaviour is to enable autostarting your package’s daemon"

[2]: https://wiki.ubuntu.com/Security/Features#ports
 "Default installations of Ubuntu must have no listening network services 
after initial install. Exceptions to this rule [enumerated exceptions elided]"

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-1736

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1973028

Title:
  gnome-remote-desktop user service is always running

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1973028/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1973344] Re: Converting PKCS#8 into PKCS#1 fails with openssl 3.0

2022-05-13 Thread Seth Arnold
** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1973344

Title:
  Converting PKCS#8 into PKCS#1 fails with openssl 3.0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1973344/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1946359] Re: [MIR] vulkan-tools

2022-05-11 Thread Seth Arnold
** Tags added: sec-979

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946359

Title:
  [MIR] vulkan-tools

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vulkan/+bug/1946359/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1973054] Re: containerd regression for CVE-2022-23648 in latest version 1.5.9-0ubuntu1~20.04.1

2022-05-11 Thread Seth Arnold
** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1973054

Title:
  containerd regression for CVE-2022-23648 in latest version
  1.5.9-0ubuntu1~20.04.1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/containerd/+bug/1973054/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972889] Re: Screen reader reads the data while computer is locked

2022-05-10 Thread Seth Arnold
Good job Loaf :3

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972889

Title:
  Screen reader reads the data while computer is locked

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1972889/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972884] Re: Err:10 https://ppa.launchpadcontent.net/flatpak/stable/ubuntu jammy Release 404 Not Found [IP: 91.189.95.85 443]

2022-05-10 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972884

Title:
  Err:10 https://ppa.launchpadcontent.net/flatpak/stable/ubuntu jammy
  Release   404  Not Found [IP: 91.189.95.85 443]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1972884/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971888] Re: Can not ssh to github.com or gitlab.com when upgrading to 22.04

2022-05-10 Thread Seth Arnold
Alvaro, thanks for reporting back! I'm glad it worked.

I don't know the full details of which QoS settings changed in which
releases, but this email suggests that there was active interest in
changing which exact values were used:
http://lists.mindrot.org/pipermail/openssh-unix-
dev/2018-April/036788.html

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971888

Title:
  Can not ssh to github.com or gitlab.com when upgrading to 22.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1971888/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972910] [NEW] error: too many arguments for command

2022-05-10 Thread Seth Arnold
Public bug reported:

Hello, I'm very used to searching for software with:

apt-cache search foo bar baz

I was very surprised that snap does not support this:

$ snap search jira launchpad
error: too many arguments for command
$ snap search "jira launchpad"
NameVersion  PublisherNotes  Summary
lp-to-jira  0.7  mclemenceau  -  Command Line interface to import 
content from Launchpad to JIRA


Instead all the search terms must be given in the first argument.

Can snap search be made to match the behaviour of apt-cache search?

Thanks

ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: snap (not installed)
ProcVersionSignature: Ubuntu 5.4.0-107.121-generic 5.4.174
Uname: Linux 5.4.0-107-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
ApportVersion: 2.20.11-0ubuntu27.23
Architecture: amd64
CasperMD5CheckResult: skip
Date: Tue May 10 22:19:11 2022
SourcePackage: snap
UpgradeStatus: Upgraded to focal on 2020-01-24 (837 days ago)

** Affects: snapd (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug focal

** Package changed: snap (Ubuntu) => snapd (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972910

Title:
  error: too many arguments for command

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1972910/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971888] Re: Can not ssh to github.com or gitlab.com when upgrading to 22.04

2022-05-09 Thread Seth Arnold
Alvaro, I wonder if your network is dropping packets with unexpected IP
QoS flags? Look for 'IPQoS' in ssh_config(5) to see the defaults and
available choices. This would be influenced by ssh settings but still
operate at TCP level.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971888

Title:
  Can not ssh to github.com or gitlab.com when upgrading to 22.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1971888/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972709] Re: Pgbouncer installs full postgresql server just to get a service account

2022-05-09 Thread Seth Arnold
Are you sure pgbouncer is the package that is dragging in the postgresql
server in your environment? On Focal, the postgresql server is in
package postgresql-12 and apt-rdepends doesn't show this dependency:

$ apt-rdepends --reverse postgresql-12 | grep pgbouncer
Reading package lists... Done
Building dependency tree   
Reading state information... Done
$ apt-rdepends pgbouncer | grep postgresql-12
Reading package lists... Done
Building dependency tree   
Reading state information... Done

Thanks

** Changed in: pgbouncer (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1972709

Title:
  Pgbouncer installs full postgresql server just to get a service
  account

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pgbouncer/+bug/1972709/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972709] Re: Pgbouncer installs full postgresql server just to get a service account

2022-05-09 Thread Seth Arnold
** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972709

Title:
  Pgbouncer installs full postgresql server just to get a service
  account

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pgbouncer/+bug/1972709/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972114]

2022-05-09 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

** Tags added: community-security

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972114

Title:
  Pressing Ctl Alt F7 allows me to bypass lock screen

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1972114/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972061] Re: no

2022-05-09 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972061

Title:
  no

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1972061/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1608200] Re: please merge openssl from Debian

2022-05-09 Thread Seth Arnold
** Changed in: openssl (Ubuntu)
   Status: Incomplete => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1608200

Title:
  please merge openssl from Debian

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1608200/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972054] Re: installer crashed installing ubuntu20.04

2022-05-09 Thread Seth Arnold
** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972054

Title:
  installer crashed installing ubuntu20.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1972054/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972027] Re: “Sub-process /usr/bin/dpkg returned an error code (1)” In Ubuntu

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972027

Title:
  “Sub-process /usr/bin/dpkg returned an error code (1)” In Ubuntu

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1972027/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971518] Re: Inadequate storage messages. Not enough space on usb drive to install Ubuntu.

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971518

Title:
  Inadequate storage messages. Not enough space on usb drive to install
  Ubuntu.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1971518/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971677] Re: package mysql-server-8.0 8.0.29-0ubuntu0.22.04.1 failed to install/upgrade: installed mysql-server-8.0 package post-installation script subprocess returned error exit status 1

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971677

Title:
  package mysql-server-8.0 8.0.29-0ubuntu0.22.04.1 failed to
  install/upgrade: installed mysql-server-8.0 package post-installation
  script subprocess returned error exit status 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mysql-8.0/+bug/1971677/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971419] Re: after upgrade to 22.04 lt2p ipsec vpn not working

2022-05-06 Thread Seth Arnold
I suggest looking through the OpenSSL notes in the Jammy Release Notes:
https://discourse.ubuntu.com/t/jammy-jellyfish-release-notes/24668

The OpenSSL security defaults have been raised in this release and it's
possible your VPN's configuration doesn't meet the minimum safety
guidelines.

Thanks

** Information type changed from Private Security to Public Security

** Changed in: xl2tpd (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971419

Title:
  after upgrade to 22.04 lt2p ipsec vpn not working

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xl2tpd/+bug/1971419/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971415] Re: Remote desktop is automatically enabled after login

2022-05-06 Thread Seth Arnold
*** This bug is a duplicate of bug 1969619 ***
https://bugs.launchpad.net/bugs/1969619

Probably this is a duplicate, feel free to break the duplication if it
isn't. Thanks

** This bug has been marked a duplicate of bug 1969619
   RDP Sharing appears on by default in jammy

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971415

Title:
  Remote desktop is automatically enabled after login

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1971415/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971452] Re: Ubuntu 22.04 Ubuntu-Advantage-Tools won't install

2022-05-06 Thread Seth Arnold
Hello, are you still having problems with this? I'm sorry I lost track
of it on Tuesday, but when I checked the archive mirrors then the
permissions on this file looked fine to me.

Thanks

** Information type changed from Private Security to Public Security

** Changed in: ubuntu-advantage-tools (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971452

Title:
  Ubuntu 22.04 Ubuntu-Advantage-Tools won't install

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1971452/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971429] Re: gnome shell

2022-05-06 Thread Seth Arnold
** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971429

Title:
  gnome shell

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1971429/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971221] Re: firefox is flashing

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971221

Title:
  firefox  is flashing

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1971221/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971192] Re: CVE-2022-0330

2022-05-06 Thread Seth Arnold
Hello Luís, we released a fix for this CVE for linux-azure-fde on 22
February 2022 in USN-5294-2:
https://ubuntu.com/security/notices/USN-5294-2

The linux-azure-fde source package is actually just some scripts, and
our kernel update tooling shows incorrect results on the webpage as a
result. Hopefully we will fix the tooling to give good reports, but in
the meantime I suggest tracking issues in this kernel via the USNs.

Thanks

** Changed in: linux-azure-fde (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971192

Title:
  CVE-2022-0330

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure-fde/+bug/1971192/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971101] Re: package linux-image-5.13.0-40-generic 5.13.0-40.45~20.04.1 failed to install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with return code 1

2022-05-06 Thread Seth Arnold
Hello, note your filesystem is full:

Filesystem 1K-blocks Used Available Use% Mounted on
udev  9812920981292   0% /dev
tmpfs 202808 1508201300   1% /run
/dev/sda5   11167656 11000192 0 100% /

That causes errors like this:

cp: error writing '/var/tmp/mkinitramfs_jx7Z98//usr/bin/kmod': No space left on 
device
cp: error writing 
'/var/tmp/mkinitramfs_jx7Z98//usr/lib/x86_64-linux-gnu/liblzma.so.5.2.4': No 
space left on device
mkdir: cannot create directory ‘/var/tmp/mkinitramfs_jx7Z98/etc/modprobe.d’: No 
space left on device
mkdir: cannot create directory ‘/var/tmp/mkinitramfs_jx7Z98/lib/modprobe.d’: No 
space left on device
mkdir: cannot create directory ‘/var/tmp/mkinitramfs_jx7Z98//etc/modprobe.d’: 
No space left on device

These errors are preventing your system update from finishing.

Free up some space on the root filesystem, and then try:

sudo apt install -f
or
sudo dpkg --configure -a

The full screen issue may require talking with VirtualBox support.

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971101

Title:
  package linux-image-5.13.0-40-generic 5.13.0-40.45~20.04.1 failed to
  install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools
  exited with return code 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1971101/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971098] Re: package usrmerge 25ubuntu1.1 failed to install/upgrade: »installiertes usrmerge-Skript des Paketes post-installation«-Unterprozess gab den Fehlerwert 1 zurück

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971098

Title:
  package usrmerge 25ubuntu1.1 failed to install/upgrade: »installiertes
  usrmerge-Skript des Paketes post-installation«-Unterprozess gab den
  Fehlerwert 1 zurück

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/usrmerge/+bug/1971098/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971098] Re: package usrmerge 25ubuntu1.1 failed to install/upgrade: »installiertes usrmerge-Skript des Paketes post-installation«-Unterprozess gab den Fehlerwert 1 zurück

2022-05-06 Thread Seth Arnold
Hello, your bug has a few things:

cp: reguläre Datei '/usr/opt/eset/esets/lib/libesets_pac.so' kann nicht
angelegt werden: Datei oder Verzeichnis nicht gefunden

This error message means something is broken with your antivirus
program. I suggest contacting ESET about this. Give them a link to this
bug report, it'll help their support staff understand what is going
wrong.

These messages suggest that you probably have a hardware problem:

[  316.377333] pcieport :00:1c.0: AER: Corrected error received: 
:00:1c.0
[  316.377338] pcieport :00:1c.0: PCIe Bus Error: severity=Corrected, 
type=Data Link Layer, (Transmitter ID)
[  316.377339] pcieport :00:1c.0:   device [8086:a33c] error 
status/mask=1000/2000
[  316.377340] pcieport :00:1c.0:[12] Timeout

They are repeated over and over in your logs. It looks very unhappy.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971098

Title:
  package usrmerge 25ubuntu1.1 failed to install/upgrade: »installiertes
  usrmerge-Skript des Paketes post-installation«-Unterprozess gab den
  Fehlerwert 1 zurück

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/usrmerge/+bug/1971098/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970751] Re: package grub-pc 2.04-1ubuntu26.15 failed to install/upgrade: installed grub-pc package post-installation script subprocess returned error exit status 10

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970751

Title:
  package grub-pc 2.04-1ubuntu26.15 failed to install/upgrade: installed
  grub-pc package post-installation script subprocess returned error
  exit status 10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1970751/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970779] Re: Multiple vulnerabilities in Bionic, Focal and Impish

2022-05-06 Thread Seth Arnold
** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970779

Title:
  Multiple vulnerabilities in Bionic, Focal and Impish

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wpewebkit/+bug/1970779/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970748] Re: package slack (not installed) failed to install/upgrade: el subproceso instalado paquete slack script pre-removal devolvió el código de salida de error 2

2022-05-06 Thread Seth Arnold
This looks like a third-party package, not the 'slack' configuration
management package. I suggest filing a bug report with whoever provided
the slack-desktop package you're installing.

Thanks

** Package changed: slack (Ubuntu) => ubuntu

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970748

Title:
  package slack (not installed) failed to install/upgrade: el subproceso
  instalado paquete slack script pre-removal devolvió el código de
  salida de error 2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1970748/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970748] Re: package slack (not installed) failed to install/upgrade: el subproceso instalado paquete slack script pre-removal devolvió el código de salida de error 2

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970748

Title:
  package slack (not installed) failed to install/upgrade: el subproceso
  instalado paquete slack script pre-removal devolvió el código de
  salida de error 2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1970748/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970674]

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

** Tags added: community-security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970674

Title:
  New bug fix releases 3.4.10, 4.2.6 and 4.4.2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1970674/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970593] Re: package firefox-locale-de 1:1snap1-0ubuntu2 failed to install/upgrade: Abhängigkeitsprobleme - verbleibt unkonfiguriert

2022-05-06 Thread Seth Arnold
Hello, this looks like the starting point of the problem:

Start-Date: 2022-04-17  16:08:22
Commandline: apt-get purge firefox
Purge: firefox-locale-de:amd64 (1:1snap1-0ubuntu2), firefox:amd64 
(1:1snap1-0ubuntu2)
End-Date: 2022-04-17  16:08:24

Start-Date: 2022-04-17  16:12:17
Commandline: apt-get install firefox firefox-locale-de
Install: firefox-locale-de:amd64 (1:1snap1-0ubuntu2), firefox:amd64 
(1:1snap1-0ubuntu2)
Error: Sub-process /usr/bin/dpkg returned an error code (1)
End-Date: 2022-04-17  16:12:19


I suggest trying:

sudo apt purge firefox-locale-de firefox+

(The + at the end of firefox+ will ask apt to install firefox.)

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970593

Title:
  package firefox-locale-de 1:1snap1-0ubuntu2 failed to install/upgrade:
  Abhängigkeitsprobleme - verbleibt unkonfiguriert

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1970593/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970425] Re: clamtk can't quarantine or delete specific malware

2022-05-06 Thread Seth Arnold
Thanks for reporting it; this is surprisingly the best resolution I've
ever seen for "this file trips a security scanner" I've ever seen. Nice.
:)

** Information type changed from Private Security to Public Security

** Changed in: clamtk (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970425

Title:
  clamtk can't quarantine or delete specific malware

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/clamtk/+bug/1970425/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970507]

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

** Tags added: community-security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970507

Title:
  No security updates since release in all Ubuntu releases

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xen/+bug/1970507/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970294] Re: fwsnort --ipt-apply

2022-05-06 Thread Seth Arnold
** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970294

Title:
  fwsnort --ipt-apply

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/fwsnort/+bug/1970294/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970260] Re: SECURITY: safe.directory backport doesn't check key name

2022-05-06 Thread Seth Arnold
Thanks, Ray

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970260

Title:
  SECURITY: safe.directory backport doesn't check key name

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/git/+bug/1970260/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970158] Re: Login Password error

2022-05-06 Thread Seth Arnold
I'm sorry, this doesn't make enough sense for me to know where to re-
assign this. I suggest giving a lot more details about what applications
you're using, etc.

Thanks

** Information type changed from Private Security to Public

** Package changed: linux (Ubuntu) => ubuntu

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970158

Title:
  Login Password error

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1970158/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970160] Re: Kubuntu iso Image GPT problem

2022-05-06 Thread Seth Arnold
This may be a hardware problem, or a mistake on how your drive is
formatted. Hopefully someone else will know what questions to ask.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970160

Title:
  Kubuntu iso Image GPT problem

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1970160/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970206] Re: Cursor goes missing in games

2022-05-06 Thread Seth Arnold
** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970206

Title:
  Cursor goes missing in games

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1970206/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970228]

2022-05-06 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

** Tags added: community-security

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970228

Title:
  Version in Jammy is vulnerable to CVE-2021-28544 and CVE-2022-24070

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-cve-tracker/+bug/1970228/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: [Bug 1971888] [NEW] Can not ssh to github.com or gitlab.com when upgrading to 22.04

2022-05-05 Thread Seth Arnold
On Thu, May 05, 2022 at 09:09:07PM -, Alvaro wrote:
> acs@lsp-022:~$ ssh -vT g...@github.com
> ...
> debug1: connect to address 140.82.121.4 port 22: Connection timed out

Note that "Connection timed out" is an error at the TCP level, that
indicates that your computer wasn't able to establish a TCP session. ssh's
algorithm choices aren't involved yet.

Are you sure this machine can communicate with 140.82.121.4:22 at all?

$ nc 140.82.112.4 22
SSH-2.0-babeld-78a8149e
^C

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971888

Title:
  Can not ssh to github.com or gitlab.com when upgrading to 22.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1971888/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971650] Re: wrong check for "server" in libssl3.postinst

2022-05-05 Thread Seth Arnold
Possibly related to https://bugs.launchpad.net/bugs/1832421

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971650

Title:
  wrong check for "server" in libssl3.postinst

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1971650/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971504] Re: Multiple vulnerabilities in Bionic, Focal, Impish, Jammy and Kinetic

2022-05-04 Thread Seth Arnold
Hello Luís, thanks; I just glanced at the debdiffs quickly, and noticed
this one appears to missing the quilt series changes:

+varnish (6.6.1-1ubuntu0.1) jammy-security; urgency=medium

Please also report back how you've tested the patches.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971504

Title:
  Multiple vulnerabilities in Bionic, Focal, Impish, Jammy and Kinetic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/varnish/+bug/1971504/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970480] Re: please remove elog

2022-05-03 Thread Seth Arnold
Thanks Steve; I mentioned to the upstream maintainers that we would
probably not remove it from supported releases, and they seemed okay
with this. Thanks!

** Changed in: elog (Ubuntu)
   Status: Incomplete => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970480

Title:
  please remove elog

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/elog/+bug/1970480/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971214] [NEW] archive is missing dsc index

2022-05-02 Thread Seth Arnold
Public bug reported:

Hello, I wanted to use apt-file -I dsc recently and found that Ubuntu's
archive is missing the Contents-source files that the Debian repo has,
compare:

http://ftp.debian.org/debian/dists/bookworm/main/
vs
http://archive.ubuntu.com/ubuntu/dists/kinetic

The Contents-source.gz file is missing.

Thanks

** Affects: ubuntu
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971214

Title:
  archive is missing dsc index

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1971214/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1963834] Re: openssl 3.0 - SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED]

2022-04-26 Thread Seth Arnold
Yes, managing the configurations for the huge variety of cryptography
toolkits on a Linux system is definitely something of a chore. It would
be nice to give people one command they could use to return to unsafe-
but-compatible cryptography -- or enforce only modern cryptography.

Our friends at Red Hat have prepared https://gitlab.com/redhat-
crypto/fedora-crypto-policies -- while a version of this is packaged:
https://launchpad.net/ubuntu/+source/crypto-policies -- I don't believe
it actually works on Ubuntu:
https://bugs.launchpad.net/ubuntu/+source/crypto-policies/+bug/1926664

Maybe someday.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1963834

Title:
  openssl 3.0 - SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1963834/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970459] Re: import of ca-certificate in browser does not work

2022-04-26 Thread Seth Arnold
I switched this from ca-certificates to firefox and chromium-browser,
since both browsers manage their own certificate lists and don't use the
system-provided ca-certificates. (You manage that with different tools,
see the first few lines of /etc/ca-certificates.conf for details.)

Thanks

** Package changed: ca-certificates (Ubuntu) => firefox (Ubuntu)

** Also affects: chromium-browser (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970459

Title:
  import of ca-certificate in browser does not work

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1970459/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970480] [NEW] please remove elog

2022-04-26 Thread Seth Arnold
Public bug reported:

Hello, the upstream developers of elog have asked Debian and Ubuntu to
remove elog from the repositories because the packages are unmaintained:

https://bugs.debian.org/1010196
https://bugs.debian.org/1010197
https://ubuntu.com/security/cves?q==elog===


Thanks

** Affects: elog (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970480

Title:
  please remove elog

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/elog/+bug/1970480/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969943] Re: System updates fail to complete.

2022-04-22 Thread Seth Arnold
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.

Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.com/Bugs/FindRightPackage . Additionally,
in the report please include:

1) The release of Ubuntu you are using, via 'cat /etc/lsb-release' or System -> 
About Ubuntu.
2) The version of the package you are using, via 'dpkg -l PKGNAME | cat' or by 
checking in Synaptic.
3) What happened and what you expected to happen.

The Ubuntu community has also created debugging procedures for a wide
variety of packages at https://wiki.ubuntu.com/DebuggingProcedures .
Following the debugging instructions for the affected package will make
your bug report much more complete. Thanks!


** Information type changed from Private Security to Public

** Changed in: postfix (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969943

Title:
  System updates fail to complete.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1969943/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969938] Re: Ao tentar atualizar os programas pelo atualizador ele informa que não há conexão com a internet mesmo ela estando conectada

2022-04-22 Thread Seth Arnold
** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969938

Title:
  Ao tentar atualizar os programas pelo atualizador ele informa que não
  há conexão com a internet mesmo ela estando conectada

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1969938/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969741] Re: package snort (not installed) failed to install/upgrade: installed snort package post-installation script subprocess returned error exit status 1

2022-04-21 Thread Seth Arnold
Hello Adil, looking through the terminal log it looks like you've
selected an incorrect interface for snort to listen on; this is probably
not a bug.

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969741

Title:
  package snort (not installed) failed to install/upgrade: installed
  snort package post-installation script subprocess returned error exit
  status 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snort/+bug/1969741/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969679]

2022-04-20 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

** Tags added: community-security

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969679

Title:
  Update monit from 5.31 to 5.32 for security Reasons in 22.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/monit/+bug/1969679/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969614] Re: package linux-image-5.13.0-40-generic (not installed) failed to install/upgrade: unable to open '/boot/vmlinuz-5.13.0-40-generic.dpkg-new': Operation not permitted

2022-04-20 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969614

Title:
  package linux-image-5.13.0-40-generic (not installed) failed to
  install/upgrade: unable to open '/boot/vmlinuz-5.13.0-40-generic.dpkg-
  new': Operation not permitted

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-signed-hwe-5.13/+bug/1969614/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969593] Re: rules to prevent non-root users from rebooting not taken into account

2022-04-20 Thread Seth Arnold
** Also affects: systemd (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969593

Title:
  rules to prevent non-root users from rebooting not taken into account

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1969593/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969593] Re: rules to prevent non-root users from rebooting not taken into account

2022-04-20 Thread Seth Arnold
** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969593

Title:
  rules to prevent non-root users from rebooting not taken into account

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1969593/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968806] Re: Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2 pnscan version

2022-04-19 Thread Seth Arnold
The frog is definitely weird, but clamscan is almost certainly just
reporting a tool that might be used by attackers. There's lots of those.
Does it also report tcpdump? wireshark? ettercap? nc? telnet? nmap?
socat? stunnel?

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1968806

Title:
  Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2
  pnscan version

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pnscan/+bug/1968806/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968845] Re: Upgrade to 22.04 from 20.04 ends with dbus installation asking for a reboot

2022-04-19 Thread Seth Arnold
This may be a duplicate of https://launchpad.net/bugs/1969162

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968845

Title:
  Upgrade to 22.04 from 20.04 ends with dbus installation asking for a
  reboot

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1968845/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969502] Re: package latex-cjk-common 4.8.4+git20170127-2 failed to install/upgrade: o subprocesso instalado, do pacote latex-cjk-common, o script post-installation retornou erro do status de saí

2022-04-19 Thread Seth Arnold
This looks like an emacs failure to me:

Install emacsen-common for emacs
emacsen-common: Handling install of emacsen flavor emacs
emacs: error while loading shared libraries: libotf.so.0: cannot open shared 
object file: No such file or directory
ERROR: install script from emacsen-common package failed
dpkg: erro ao processar o pacote latex-cjk-common (--configure):
 o subprocesso instalado, do pacote latex-cjk-common, o script 
post-installation retornou erro do status de saída 1


** Package changed: cjk (Ubuntu) => emacs (Ubuntu)

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969502

Title:
  package latex-cjk-common 4.8.4+git20170127-2 failed to
  install/upgrade: o subprocesso instalado, do pacote latex-cjk-common,
  o script post-installation retornou erro do status de saída 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/emacs/+bug/1969502/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969231] Re: Touch pad not working

2022-04-19 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969231

Title:
  Touch pad not working

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-signed-hwe-5.13/+bug/1969231/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969416] Re: league of legends crashed

2022-04-19 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969416

Title:
  league of legends crashed

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1969416/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969144] Re: /Dev/Sda1 (en resumen) fue lo que me encontré al encender mi ordenador seguido de varios numeros

2022-04-19 Thread Seth Arnold
** Package changed: ubuntu-docs (Ubuntu) => ubuntu

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969144

Title:
  /Dev/Sda1 (en resumen) fue lo que me encontré al encender mi ordenador
  seguido de varios numeros

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1969144/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969118] Re: Certificate viewer shows extra bytes for RSA keys

2022-04-19 Thread Seth Arnold
Hello Mikko, thanks for the report; I believe that's working as
intended, those bytes are part of the DER encoding; there's an excellent
answer at https://crypto.stackexchange.com/a/19982/1400 that describes
the meanings of each of those bytes.

Thanks

** Information type changed from Private Security to Public Security

** Changed in: gcr (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969118

Title:
  Certificate viewer shows extra bytes for RSA keys

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gcr/+bug/1969118/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968845] Re: Upgrade to 22.04 from 20.04 ends with dbus installation asking for a reboot

2022-04-19 Thread Seth Arnold
Here's the postinst I've got for that package. Maybe the
reload_dbus_config() could use a --reply-timeout=5000 or something?

Thanks

$ cat /fst/trees/ubuntu/main/d/dbus/dbus_1.12.20-2ubuntu4/debian/dbus.postinst 
#!/bin/sh
# Copyright © 2003 Colin Walters 
# Copyright © 2006 Sjoerd Simons 

set -e

MESSAGEUSER=messagebus
MESSAGEHOME=/var/run/dbus
LAUNCHER=/usr/lib/dbus-1.0/dbus-daemon-launch-helper

# This is what the init script would do, but it's simpler (and less
# dependent on sysvinit vs. Upstart vs. etc.) if we do it directly.
reload_dbus_config() {
[ -S /var/run/dbus/system_bus_socket ] || return 0

dbus-send --print-reply --system --type=method_call \
--dest=org.freedesktop.DBus \
/ org.freedesktop.DBus.ReloadConfig > /dev/null || true
}

if [ "$1" = triggered ]; then
reload_dbus_config
exit 0
fi

if [ "$1" = configure ]; then
adduser --system \
--quiet \
--home /nonexistent \
--no-create-home \
--disabled-password \
--group "$MESSAGEUSER"

if ! dpkg-statoverride --list "$LAUNCHER" >/dev/null; then
dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER"
fi

# This is idempotent, so it's OK to do every time. The system bus' init
# script does this anyway, but you also have to do this before a session
# bus will work, so we do this here for the benefit of people starting
# a temporary session bus in a chroot
dbus-uuidgen --ensure
fi

if [ "$1" = configure ] && [ -n "$2" ]; then
# On upgrades, we only reload config, and don't restart (restarting the
# system bus is not supported by upstream). The code added by
# dh_installinit -r creates a start action, below.

# Recommend a reboot if there is a dbus-daemon running in the same root
# as us. Deliberately not using anything init-related here, to be
# init-agnostic: if we get a false positive (at least one dbus-daemon
# is running but it isn't the system bus) that isn't the end of the
# world, because it's probably a session bus, so the user needs to
# log out and back in anyway.
#
# Debian has /usr/bin/dbus-daemon, Ubuntu has /bin/dbus-daemon.
# Look for both.
if pidof -c /bin/dbus-daemon /usr/bin/dbus-daemon >/dev/null; then
echo "A reboot is required to replace the running dbus-daemon." >&2
echo "Please reboot the system when convenient." >&2

# trigger an update notification that recommends a reboot
# (used by unattended-upgrades etc.)
touch /var/run/reboot-required || true

if ! grep -Fqsx dbus /run/reboot-required.pkgs; then
echo dbus >> /run/reboot-required.pkgs || true
fi

# same thing for the older update-notifier interface
[ -x /usr/share/update-notifier/notify-reboot-required ] && \
/usr/share/update-notifier/notify-reboot-required || true
fi

# Clean up old compatibility symlinks that were used to upgrade from
# Debian 8 to Debian 9. This can be dropped after Debian 10 is released.
for bus in system session; do
conf="/etc/dbus-1/${bus}.conf"
exp_target="/usr/share/dbus-1/${bus}.conf"
target="$(readlink -f "${conf}")" || continue

if [ -h "${conf}" ] && [ "_${target}" = "_${exp_target}" ]; then
rm -f "${conf}"
fi
done
fi

#DEBHELPER#

# Do this after the debhelper-generated bits so that dpkg-maintscript-helper
# will have finished moving configuration files around. We only need to do
# this for upgrades, not new installations.
if [ "$1" = configure ] && [ -n "$2" ]; then
reload_dbus_config
fi

# We don't start dbus.service in postinst, so ensure dbus.socket is running
if [ "$1" = configure ] && [ -d /run/systemd/system ]; then
systemctl try-restart sockets.target || true
fi

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968845

Title:
  Upgrade to 22.04 from 20.04 ends with dbus installation asking for a
  reboot

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1968845/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968806] Re: Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2 pnscan version

2022-04-19 Thread Seth Arnold
Hello, my guess is clamav is helpfully pointing out that the program
exists at all; I doubt it has any intelligence beyond looking for a few
markers for pnscan within files named pnscan.

Diagnosing load issues takes a bit of work; I suggest starting with
https://www.brendangregg.com/blog/2015-12-03/linux-perf-60s-video.html
to get a feeling of useful steps to take.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1968806

Title:
  Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2
  pnscan version

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pnscan/+bug/1968806/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968845] Re: Upgrade to 22.04 from 20.04 ends with dbus installation asking for a reboot

2022-04-19 Thread Seth Arnold
Yikes, does it actually *stop* at that point? That's .. not ideal.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968845

Title:
  Upgrade to 22.04 from 20.04 ends with dbus installation asking for a
  reboot

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1968845/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968806] Re: Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2 pnscan version

2022-04-19 Thread Seth Arnold
** Information type changed from Private Security to Public Security

** Changed in: pnscan (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968806

Title:
  Clamscan reports Unix.Tool.Pnscan-8031486-0 in 1.12+git20180612-2
  pnscan version

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pnscan/+bug/1968806/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1964827] Re: zfs-linux upstream at 2.1.4, jammy has 2.1.2

2022-04-19 Thread Seth Arnold
** Information type changed from Public Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964827

Title:
  zfs-linux upstream at 2.1.4, jammy has 2.1.2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/1964827/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968334] Re: libssh2 upgrade

2022-04-19 Thread Seth Arnold
** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968334

Title:
  libssh2 upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libssh2/+bug/1968334/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968305] Re: sshd_config.d overrides not working

2022-04-08 Thread Seth Arnold
This reminds me of several previous bugs; this may or may not be a
duplicate, and this may or may not be intentional behaviour. Hopefully
these are are useful and save some debugging effort:

https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1922212
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1876320
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1873528

Especially 1873528 feels like most likely to be relevant, I suggesting
reading that one first.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968305

Title:
  sshd_config.d overrides not working

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1968305/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968047] Re: Ubuntu 22.04 Beta - Unable to compile ruby version 2.7.5, 3.0.3 and 3.3.3 problem with the openssl-dev package

2022-04-06 Thread Seth Arnold
Hopefully this is helpful for you:

https://sources.debian.org/data/main/r/ruby3.0/3.0.3-1/debian/patches/Update-
openssl-to-version-3.0.0.patch

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968047

Title:
  Ubuntu 22.04 Beta - Unable to compile ruby version 2.7.5, 3.0.3 and
  3.3.3  problem with the openssl-dev package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1968047/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1948748] Re: [MIR] swtpm

2022-03-31 Thread Seth Arnold
I reviewed libtpms 0.9.0-0ubuntu4 as checked into jammy.  This shouldn't
be considered a full audit but rather a quick gauge of maintainability. I
certainly didn't carefully review if libtpms is fit for use as a software
TPM. It appears to have been programmed with care and dilligence and
the upstream author responded very quickly to the issues I filed.

- CVE History:
  - five CVEs; three need triage or fixing in jammy according to
our database: CVE-2021-3446 CVE-2021-3623 CVE-2021-3746
- Build-Depends?
  -  debhelper-compat (= 13), dh-exec, gawk, libssl-dev, libtool, pkg-config
- pre/post inst/rm scripts?
  - none
- init scripts?
  - none
- systemd units?
  - none
- dbus services?
  - none
- setuid binaries?
  - none
- binaries in PATH?
  - none
- sudo fragments?
  - none
- polkit files?
  - none
- udev rules?
  - none
- unit tests / autopkgtests?
  - it's got some, I didn't inspect them
- cron jobs?
  - none
- Build logs:
  - pretty clean, but this looked strange:
[WARNING] Recoverable errors were encountered during 313 of these C/C++ 
compilation units.

- Processes spawned?
  - none
- Memory management?
  - extensive -- it looked good, but there sure is a lot of it
- File IO?
  - some, looked good
- Logging?
  - looked careful
- Environment variable usage?
  - TPM_PATH to set the path for files
- Use of privileged functions?
  - none
- Use of cryptography / random number sources etc?
  - extensive; very intricate low-level details; it all seemed normal
enough, but it's extremely niche.
  - rand() could be used as a fallback if the openssl random number
generator fails. That's not ideal but unlikely to be an issue in
usual practice.
- Use of temp files?
  - none
- Use of networking?
  - none
- Use of WebKit?
  - none
- Use of PolicyKit?
  - none

- Any significant cppcheck results?
  - minor, NULL pointer dereference crash in corner case
- Any significant Coverity results?
  - minor, some false positives, some reasonable findings; Stefan
responded very quickly.
- Any significant shellcheck results?
  - in test cases, I didn't check
- Any significant bandit results?
  - none

This is very complex code, we'll need upstream's help for anything beyond
trivial issues. It was a pleasure to raise issues with Stefan, he
approached the issues I filed quickly and eagerly. I expect it'll be easy
to work with him in the future as necessary.

Security team ACK for promoting libtpms to main. It'd be a favour to us to
pop together one more upload before release if those CVEs actually still
apply to our package.

I didn't take many notes while reviewing that stayed on my computer; only
the DES finding. That's a bit strange, but meh, how important is 3des in
TPM-land these days?

/src/tpm2/crypto/openssl/TpmToOsslDesSupport.c DES_set_key_unchecked() is
apparently unsafe, should use the checked version instead

https://github.com/stefanberger/libtpms/issues/304
https://github.com/stefanberger/libtpms/issues/310
https://github.com/stefanberger/libtpms/issues/311
https://github.com/stefanberger/libtpms/issues/313


** Bug watch added: github.com/stefanberger/libtpms/issues #304
   https://github.com/stefanberger/libtpms/issues/304

** Bug watch added: github.com/stefanberger/libtpms/issues #310
   https://github.com/stefanberger/libtpms/issues/310

** Bug watch added: github.com/stefanberger/libtpms/issues #311
   https://github.com/stefanberger/libtpms/issues/311

** Bug watch added: github.com/stefanberger/libtpms/issues #313
   https://github.com/stefanberger/libtpms/issues/313

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3446

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3623

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3746

** Changed in: libtpms (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1948748

Title:
  [MIR] swtpm

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/autogen/+bug/1948748/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1967450] Re: When switching from 175% fractional scaling back to integer scaling, only a quarter of the screen is used

2022-03-31 Thread Seth Arnold
But who would keep that resolution when it sure *looks* broken? I can
understand the "it's not new and we don't know how to fix it" :) but
probably users won't know that they'll be fine after a reboot.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1967450

Title:
  When switching from 175% fractional scaling back to integer scaling,
  only a quarter of the screen is used

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1967450/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1966572] Re: Chromium Zero Day

2022-03-31 Thread Seth Arnold
B[], aha, you've received no Chromium updates since November 2021
because the author of that PPA hasn't provided any.

apt-file will report what files are in the Ubuntu package whether or not
you have it installed. It's very handy to see what files are in an
Ubuntu package without installing it.

dpkg -l will report what files are in the package that you've got
installed. It's the better tool if you have installed third-party
packages.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1966572

Title:
  Chromium Zero Day

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1966572/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1966572] Re: Chromium Zero Day

2022-03-30 Thread Seth Arnold
The 20.04 LTS chromium-browser deb package exists only to install the
chromium snap and deliver a few files to the filesystem outside the snap
packaging system:

$ apt-file show chromium-browser
chromium-browser: /usr/bin/chromium-browser
chromium-browser: /usr/share/applications/chromium-browser.desktop
chromium-browser: /usr/share/apport/package-hooks/chromium-browser.py
chromium-browser: /usr/share/doc/chromium-browser/changelog.Debian.gz
chromium-browser: /usr/share/doc/chromium-browser/copyright
chromium-browser: /usr/share/icons/hicolor/128x128/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/22x22/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/24x24/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/256x256/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/48x48/apps/chromium-browser.png
chromium-browser: /usr/share/icons/hicolor/64x64/apps/chromium-browser.png
chromium-browser: /usr/share/lintian/overrides/chromium-browser
chromium-browser: /usr/share/pixmaps/chromium-browser.png
$ 

The deb package doesn't need to be updated for snapd to automatically
install a chromium update when one is made available.

Check snap info chromium on your system to see if you've received the
update yet.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1966572

Title:
  Chromium Zero Day

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1966572/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1948748] Re: [MIR] swtpm

2022-03-29 Thread Seth Arnold
libtpms might need to pull in
https://github.com/stefanberger/libtpms/commit/d78a4520ba3157087e1e438b519618f26d85fae3
-- I think without this fix, the following algorithms may not work
right:

#define ALG_KDF1_SP800_56A_VALUE0x0020
#define TPM_ALG_KDF1_SP800_56A  (TPM_ALG_ID)(ALG_KDF1_SP800_56A_VALUE)
#define ALG_KDF2_VALUE  0x0021
#define TPM_ALG_KDF2(TPM_ALG_ID)(ALG_KDF2_VALUE)
#define ALG_KDF1_SP800_108_VALUE0x0022
#define TPM_ALG_KDF1_SP800_108  (TPM_ALG_ID)(ALG_KDF1_SP800_108_VALUE)
#define ALG_ECC_VALUE   0x0023
#define TPM_ALG_ECC (TPM_ALG_ID)(ALG_ECC_VALUE)
#define ALG_SYMCIPHER_VALUE 0x0025
#define TPM_ALG_SYMCIPHER   (TPM_ALG_ID)(ALG_SYMCIPHER_VALUE)
#define ALG_CAMELLIA_VALUE  0x0026
#define TPM_ALG_CAMELLIA(TPM_ALG_ID)(ALG_CAMELLIA_VALUE)
#define ALG_SHA3_256_VALUE  0x0027
#define TPM_ALG_SHA3_256(TPM_ALG_ID)(ALG_SHA3_256_VALUE)
#define ALG_SHA3_384_VALUE  0x0028
#define TPM_ALG_SHA3_384(TPM_ALG_ID)(ALG_SHA3_384_VALUE)
#define ALG_SHA3_512_VALUE  0x0029
#define TPM_ALG_SHA3_512(TPM_ALG_ID)(ALG_SHA3_512_VALUE)
#define ALG_CMAC_VALUE  0x003F
#define TPM_ALG_CMAC(TPM_ALG_ID)(ALG_CMAC_VALUE)
#define ALG_CTR_VALUE   0x0040
#define TPM_ALG_CTR (TPM_ALG_ID)(ALG_CTR_VALUE)
#define ALG_OFB_VALUE   0x0041
#define TPM_ALG_OFB (TPM_ALG_ID)(ALG_OFB_VALUE)
#define ALG_CBC_VALUE   0x0042
#define TPM_ALG_CBC (TPM_ALG_ID)(ALG_CBC_VALUE)
#define ALG_CFB_VALUE   0x0043
#define TPM_ALG_CFB (TPM_ALG_ID)(ALG_CFB_VALUE)
#define ALG_ECB_VALUE   0x0044
#define TPM_ALG_ECB (TPM_ALG_ID)(ALG_ECB_VALUE)

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1948748

Title:
  [MIR] swtpm

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/autogen/+bug/1948748/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1948748] Re: [MIR] swtpm

2022-03-25 Thread Seth Arnold
I reviewed swtpm 0.6.1-0ubuntu5 as checked into jammy.  This shouldn't be
considered a full audit but rather a quick gauge of maintainability. I
especially didn't audit the fuse/cuse interface, nor suitability of the
software tpm to replace a hardware tpm.

And especially especially I didn't investigate whether cross-guests
accesses are possible, intentional, allowed, disallowed, etc.

swtpm is a software tpm 'device' intended to allow virtualized guests to
use tpm services without access to a real tpm device.

- CVE History:
  - two CVEs, very little information in our database on one; the other
was typical C memory problems. There's probably more.
- Build-Depends?
  - libtool, debhelper-compat (= 10), libtpms-dev, libfuse-dev,
libglib2.0-dev, libjson-glib-dev, libgmp-dev, expect, libtasn1-dev,
socat, python3-twisted, gnutls-dev, gnutls-bin, libssl-dev, net-tools,
gawk, softhsm2, libseccomp-dev
  - uses *both* openssl and gnutls. Odd choice.
- pre/post inst/rm scripts?
  - create swtpm user, group, /var/lib/swtpm-localca directory
  - not cleaned up in postrm
- init scripts?
  - none
- systemd units?
  - none
- dbus services?
  - none
- setuid binaries?
  - none
- binaries in PATH?
  - swtpm, swtpm_bios, swtpm_cert, swtpm_ioctl, swtpm_setup
- sudo fragments?
  - none
- polkit files?
  - none
- udev rules?
  - none
- unit tests / autopkgtests?
  - some are run during the build; I didn't inspect them
- cron jobs?
  - none
- Build logs:
  - pretty clean

- Processes spawned?
  - yes; seemed safe, except password / keys being passed to children in
environment variables
- Memory management?
  - well.. it's got a *lot* of crafty buffer management even among C
programs. I'm sure there's more flaws in there. Some of these tools
might be better done in a safer language like golang or rust.
- File IO?
  - mostly looked good, under control of callers. I'm not a huge fan of
tmpfiles made with template "XX", but that's not really a security
concern, just annoying.
- Logging?
  - logging looked good.
- Environment variable usage?
  - Keys are passed to child processes with environment variables. This
might be a problem.
- Use of privileged functions?
  - Moderate amounts, no problems spotted
- Use of cryptography / random number sources etc?
  - Extensive, I didn't carefully inspect.
- Use of temp files?
  - safe, but perhaps annoying with "XX" templates.
- Use of networking?
  - yes; unix domain sockets, tcp sockets, and I'm worried about the TLV
content parsing. Bugs filed to ask for feedback.
- Use of WebKit?
  - None
- Use of PolicyKit?
  - None

- Any significant cppcheck results?
  - one memory leak, probably only a few dozen bytes each time through
- Any significant Coverity results?
  - potentially, thanks for the fix
- Any significant shellcheck results?
  - none
- Any significant bandit results?
  - none

Security team ACK for promoting swtpm to main.

I think a lot of this software would benefit from being written in an
easier, safer, language; obviously portions of it are probably best done
in C, but there's got to be more bugs in here.

Here's some notes I took while reading it, in case they're helpful:

swtpm_setup/swtpm_setup.c gl_LOGFILE -- TOCTTOU stat() vs fopen(), besides it's
opened WAY earlier when logging errors?

swtpm/swtpm_nvfile.c SWTPM_NVRAM_SetStateBlob -- data supplied on fd
allows complete memory access

https://github.com/stefanberger/swtpm/issues/678
integer wraparound in tlv functions

src/swtpm/swtpm_nvfile.c SWTPM_NVRAM_PrependHeader() integer wraparound
with length param?

src/utils/swtpm_utils.c read_file_lines() accidentally quadratic memory
allocation and pointer copying, in the number of lines of input file

src/swtpm/cuse_tpm.c swtpm_cuse_main() opening a device file to find out
if it exists is odd -- is it still the case that opening a tape device
could wait indefinitely? stat() might work better.

https://github.com/stefanberger/swtpm/issues/679
integer wraparound in tcp port parsing

seccomp rules! yay

samples/swtpm_localca.c create_localca_cert() -- passing a password via
SWTPM_ROOTCA_PASSWORD environment variable leaks it to other processes
on the system via /proc/pid/environ



** Changed in: swtpm (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

** Bug watch added: github.com/stefanberger/swtpm/issues #678
   https://github.com/stefanberger/swtpm/issues/678

** Bug watch added: github.com/stefanberger/swtpm/issues #679
   https://github.com/stefanberger/swtpm/issues/679

** Changed in: swtpm (Ubuntu)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1948748

Title:
  [MIR] swtpm

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/autogen/+bug/1948748/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com

[Bug 1953363] Re: [MIR] python-xmlschema, elementpath, importlib-resources

2022-03-25 Thread Seth Arnold
I'm not entirely sure when the actual real for real really deadline is,
but if it's monday, probably not.

Sorry.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1953363

Title:
  [MIR] python-xmlschema, elementpath, importlib-resources

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/elementpath/+bug/1953363/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965958] Re: list-oem-metapackages crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages'

2022-03-22 Thread Seth Arnold
** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965958

Title:
  list-oem-metapackages crashed with AttributeError in
  packages_for_modalias(): 'Cache' object has no attribute 'packages'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/1965958/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965857] Re: software-properties-gtk crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages'

2022-03-22 Thread Seth Arnold
** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965857

Title:
  software-properties-gtk crashed with AttributeError in
  packages_for_modalias(): 'Cache' object has no attribute 'packages'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1965857/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965661] Re: software-properties-gtk crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages'

2022-03-22 Thread Seth Arnold
** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965661

Title:
  software-properties-gtk crashed with AttributeError in
  packages_for_modalias(): 'Cache' object has no attribute 'packages'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1965661/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1948748] Re: [MIR] swtpm

2022-03-18 Thread Seth Arnold
Can an update for this issue be incorporated before a release?

https://github.com/stefanberger/swtpm/security/advisories/GHSA-2qgm-8xf4-3hqw

It's something Coverity spotted in our version, and I was very pleased
to see that there's already an advisory for this :) saving me some
effort.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1948748

Title:
  [MIR] swtpm

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/autogen/+bug/1948748/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1885990] Re: server: Match has no effect in include file (upstream 3122)

2022-03-16 Thread Seth Arnold
I can't speak for the SRU team, but it's entirely possible that if you
prepare and test a debdiff, and show that this can be fixed, you could
drive an SRU through to completion; see
https://wiki.ubuntu.com/StableReleaseUpdates for more information.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1885990

Title:
  server: Match has no effect in include file (upstream 3122)

To manage notifications about this bug go to:
https://bugs.launchpad.net/openssh/+bug/1885990/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1964098] Re: [FFe] Versioned packages for Rust toolchain

2022-03-14 Thread Seth Arnold
I can really appreciate the appeal of a "do nothing today" solution but
I'm worried about how much work, and unknown surprises, await us on our
*first* update in the future.

At some point, we'll have a security issue in a rust program that can
only be solved in coordination with a toolchain update, and we'll need
to learn what needs to be done, what parts need updating, etc, while
under duress.

Will our unfamiliarity with this process provide us with an
insurmountable stumbling block in the future, one that risks our users
or our reputation?

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964098

Title:
  [FFe] Versioned packages for Rust toolchain

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rustc/+bug/1964098/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1964642] Re: Packer virtualbox ssh can't connect to unattended Ubuntu 20.04.1/2/3/4 but can connect to Ubuntu 20.4

2022-03-14 Thread Seth Arnold
Yeah it seems unlikely to be ssh to me -- can you ping the machine? does
virtualbox networking do interfaces that can ping? Does virtualbox offer
a 'console view' that you can use to debug the system?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964642

Title:
  Packer virtualbox ssh can't connect to unattended Ubuntu 20.04.1/2/3/4
  but can connect to Ubuntu 20.4

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1964642/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1964561] Re: package libpam-runtime 1.3.1-5ubuntu4.3 failed to install/upgrade: installed libpam-runtime package post-installation script subprocess returned error exit status 255

2022-03-11 Thread Seth Arnold
Corruption was my first idea, too, but the Dependencies.txt didn't
report debsums mismatches. Thanks for the explanations.

** Also affects: debconf (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964561

Title:
  package libpam-runtime 1.3.1-5ubuntu4.3 failed to install/upgrade:
  installed libpam-runtime package post-installation script subprocess
  returned error exit status 255

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/debconf/+bug/1964561/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1957077] Re: SIGSEGV during processing of unicode string

2022-03-11 Thread Seth Arnold
** Changed in: unzip (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1957077

Title:
  SIGSEGV during processing of unicode string

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1960953] Re: lockscreen is bypassed after screensaver segfault

2022-03-11 Thread Seth Arnold
** Changed in: mate-screensaver (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1960953

Title:
  lockscreen is bypassed after screensaver segfault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mate-screensaver/+bug/1960953/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1961457] Re: package linux-image-5.13.0-28-generic 5.13.0-28.31 failed to install/upgrade: triggers looping, abandoned

2022-03-11 Thread Seth Arnold
Hello, the tail end of the dpkg terminal log suggests mesa-amdgpu-vdpau-
drivers might be to blame; I don't see that package on my local mirror,
did this come from outside Ubuntu? If so, you may need to report the
issue there.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961457

Title:
  package linux-image-5.13.0-28-generic 5.13.0-28.31 failed to
  install/upgrade: triggers looping, abandoned

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1961457/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1961457] Re: package linux-image-5.13.0-28-generic 5.13.0-28.31 failed to install/upgrade: triggers looping, abandoned

2022-03-11 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961457

Title:
  package linux-image-5.13.0-28-generic 5.13.0-28.31 failed to
  install/upgrade: triggers looping, abandoned

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1961457/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1961854] Re: Thunderbid saves accepted calendar events in different identity

2022-03-11 Thread Seth Arnold
Hello Bartłomiej, can you report this to the upstream developers? This
will need their input to address.

Thanks

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961854

Title:
  Thunderbid saves accepted calendar events in different identity

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1961854/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1962041] Re: package linux-azure-tools-5.4.0-1070 (not installed) failed to install/upgrade: trying to overwrite '/usr/lib/libcpupower.so.5.4.0-1070', which is also in package linux-azure-cvm-too

2022-03-11 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

** Also affects: linux-azure (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: linux-azure-cvm (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962041

Title:
  package linux-azure-tools-5.4.0-1070 (not installed) failed to
  install/upgrade: trying to overwrite
  '/usr/lib/libcpupower.so.5.4.0-1070', which is also in package linux-
  azure-cvm-tools-5.4.0-1070 5.4.0-1070.73+cvm1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1962041/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1962212] Re: package nvidia-dkms-470 470.103.01-0ubuntu0.20.04.1 failed to install/upgrade: installed nvidia-dkms-470 package post-installation script subprocess returned error exit status 10

2022-03-11 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962212

Title:
  package nvidia-dkms-470 470.103.01-0ubuntu0.20.04.1 failed to
  install/upgrade: installed nvidia-dkms-470 package post-installation
  script subprocess returned error exit status 10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/+bug/1962212/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1962358] Re: grub unable to instal

2022-03-11 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962358

Title:
  grub unable to instal

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub-installer/+bug/1962358/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1962705] Re: package qmail 1.06-6.2~deb10u1build0.20.04.1 failed to install/upgrade: el subproceso instalado paquete qmail script post-installation devolvió el código de salida de error 1

2022-03-11 Thread Seth Arnold
Hello Alejandro, the error message from the package installation script
is:

---

The hostname -f command returned: amora-diarioas

Your system needs to have a fully qualified domain name (fqdn) in
order to install the var-qmail packages.

Installation aborted

---

You can probably fix this via the hostnamectl program.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962705

Title:
  package qmail 1.06-6.2~deb10u1build0.20.04.1 failed to
  install/upgrade: el subproceso instalado paquete qmail script post-
  installation devolvió el código de salida de error 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/netqmail/+bug/1962705/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1962705] Re: package qmail 1.06-6.2~deb10u1build0.20.04.1 failed to install/upgrade: el subproceso instalado paquete qmail script post-installation devolvió el código de salida de error 1

2022-03-11 Thread Seth Arnold
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962705

Title:
  package qmail 1.06-6.2~deb10u1build0.20.04.1 failed to
  install/upgrade: el subproceso instalado paquete qmail script post-
  installation devolvió el código de salida de error 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/netqmail/+bug/1962705/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1962740] Re: Out-of-bounds read during processing 7zip archive

2022-03-11 Thread Seth Arnold
Hello Nils, have you reported this issue upstream yet? Has a bug or fix
already been created?

Thanks

** Changed in: p7zip (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1962740

Title:
  Out-of-bounds read during processing 7zip archive

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/p7zip/+bug/1962740/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1963714] Re: Internal hard disk partition cannot be mounted manually

2022-03-11 Thread Seth Arnold
Hello Girish, there's some errors in your dmesg that make me think you
may have hardware problems. It's not clear, but it's possible. Also,
there's some packages in the Dependencies.txt marked with [origin:
unknown] that might be worth investigating.

Thanks

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1963714

Title:
  Internal hard disk partition cannot be mounted manually

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/udisks2/+bug/1963714/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

  1   2   3   4   5   6   7   8   9   10   >