[Bug 1972740] Re: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option

2022-05-18 Thread Steve Beattie
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-30594

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972740

Title:
  Unprivileged users may use PTRACE_SEIZE to set
  PTRACE_O_SUSPEND_SECCOMP option

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1972740/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972043] Re: Please add -ftrivial-auto-var-init=zero to default build flags

2022-05-16 Thread Steve Beattie
** Tags added: sec-994

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972043

Title:
  Please add -ftrivial-auto-var-init=zero to default build flags

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1972043/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1892559] Re: [MIR] ccid opensc pcsc-lite

2022-05-11 Thread Steve Beattie
** Tags added: sec-407

** Tags added: sec-408 sec-409

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1892559

Title:
  [MIR] ccid opensc pcsc-lite

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ccid/+bug/1892559/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965115] Re: [MIR] nullboot

2022-05-11 Thread Steve Beattie
** Tags added: sec-976

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965115

Title:
  [MIR] nullboot

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nullboot/+bug/1965115/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971895] Re: Warning messages from stat printed on installation with no user crontabs

2022-05-10 Thread Steve Beattie
** Also affects: cron (Ubuntu Bionic)
   Importance: Undecided
   Status: New

** Also affects: cron (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Changed in: cron (Ubuntu Xenial)
   Status: New => Triaged

** Changed in: cron (Ubuntu Bionic)
   Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971895

Title:
  Warning messages from stat printed on installation with no user
  crontabs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cron/+bug/1971895/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1949186] Re: Missing Linux Kernel mitigations for 'SSB - Speculative Store Bypass' hardware vulnerabilities

2022-05-10 Thread Steve Beattie
** Changed in: linux-aws (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1949186

Title:
  Missing Linux Kernel mitigations for 'SSB - Speculative Store Bypass'
  hardware vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1949186/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950644] Re: ubuntu_ltp_syscalls / finit_module02 fails on v4.15 and other kernels

2022-05-10 Thread Steve Beattie
Hi, is this still on the kernel team's radar to address in trusty and in
the various linux-azure kernels?

Thanks!

** Changed in: linux-oem-5.14 (Ubuntu Trusty)
   Status: New => Invalid

** Changed in: linux-oem-5.13 (Ubuntu Trusty)
   Status: New => Invalid

** Changed in: linux-oem-5.10 (Ubuntu Trusty)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950644

Title:
  ubuntu_ltp_syscalls / finit_module02 fails on v4.15 and other kernels

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1950644/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1951927] Re: Array overflow in au_procfs_plm_write

2022-05-10 Thread Steve Beattie
Thanks, making this public.

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951927

Title:
  Array overflow in au_procfs_plm_write

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1951927/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1961528] Re: Security: Arbitrary shell command injection through PDF import or unpaper preprocessing

2022-05-10 Thread Steve Beattie
** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961528

Title:
  Security: Arbitrary shell command injection through PDF import or
  unpaper preprocessing

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ocrfeeder/+bug/1961528/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1967626] Re: 22.04 beta Network Manager still sets wrong IPv6 routing

2022-05-10 Thread Steve Beattie
Given that this issue is public in the freedesktop gitlab instance, I'm
making this issue public here as well.

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1967626

Title:
  22.04 beta Network Manager still sets wrong IPv6 routing

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1967626/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1961854] Re: Thunderbid saves accepted calendar events in different identity

2022-05-10 Thread Steve Beattie
Hi Bartłomiej, was this issue reported to mozilla? Do you have a bug
report there?

Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1961854

Title:
  Thunderbid saves accepted calendar events in different identity

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1961854/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970012] Re: package yaru-theme-gnome-shell 21.10.2 failed to install/upgrade: el subproceso nuevo paquete yaru-theme-gnome-shell script pre-installation devolvió el código de salida de error 1

2022-05-10 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970012

Title:
  package yaru-theme-gnome-shell 21.10.2 failed to install/upgrade: el
  subproceso nuevo paquete yaru-theme-gnome-shell script pre-
  installation devolvió el código de salida de error 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/yaru-theme/+bug/1970012/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1971415] Re: Remote desktop is automatically enabled after login

2022-05-10 Thread Steve Beattie
Jeremy, is there any progress on this?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1971415

Title:
  Remote desktop is automatically enabled after login

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1971415/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1972812] Re: The operating system does not ask for a password after unlocking the screen.

2022-05-10 Thread Steve Beattie
** Package changed: ubuntu => gnome-shell (Ubuntu)

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972812

Title:
  The operating system does not ask for a password after unlocking the
  screen.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1972812/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1214787] Re: busybox crashed with signal 7

2022-05-05 Thread Steve Beattie
** Information type changed from Private to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1214787

Title:
  busybox crashed with signal 7

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/busybox/+bug/1214787/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1970267] [NEW] Unable to save macaroons in MozillaCookieJar() under python3.10

2022-04-25 Thread Steve Beattie
Public bug reported:

Upstream bug report: https://github.com/go-macaroon-bakery/py-macaroon-
bakery/issues/88

See above for details, but the essential bug is that doing something
like the following:

client = httpbakery.Client(cookies=MozillaCookieJar(".cooklefile"))

if os.path.exists(client.cookies.filename):
client.cookies.load(ignore_discard=True)

response = client.request("POST", url=url, json=payload)
client.cookies.save(ignore_discard=True)

stated throwing a traceback under python3.10:

  [ELIDED]
File "/usr/lib/python3.10/http/cookiejar.py", line 2120, in save
  if cookie.has_nonstandard_attr(HTTPONLY_ATTR):
File "/usr/lib/python3.10/http/cookiejar.py", line 805, in 
has_nonstandard_attr
  return name in self._rest
  TypeError: argument of type 'NoneType' is not iterable

because py-macaroon-bakery creates a http.cookiejar.Cookie() object with
the rest field set to None, causing the writing out of a cookie file to
fail.

** Affects: py-macaroon-bakery (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1970267

Title:
  Unable to save macaroons in MozillaCookieJar() under python3.10

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/py-macaroon-bakery/+bug/1970267/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1969619] Re: RDP Sharing appears on by default in jammy

2022-04-21 Thread Steve Beattie
Hi, yes, from the Ubuntu Security team's perspective, this should go to
the security pocket.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1969619

Title:
  RDP Sharing appears on by default in jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/gnome-control-center/+bug/1969619/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1926321] Re: [MIR] telegraf

2022-04-14 Thread Steve Beattie
** Tags added: sec-753

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926321

Title:
  [MIR] telegraf

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/telegraf/+bug/1926321/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1956617] Re: [MIR] protobuf-c

2022-04-14 Thread Steve Beattie
** Tags added: sec-754

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1956617

Title:
  [MIR] protobuf-c

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/protobuf-c/+bug/1956617/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1746629] Re: [MIR] libbluray

2022-04-14 Thread Steve Beattie
** Tags added: sec-751

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1746629

Title:
  [MIR] libbluray

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libbluray/+bug/1746629/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1808537] Re: [bionic] ffmpeg update to 3.4.5

2022-04-12 Thread Steve Beattie
** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1808537

Title:
  [bionic] ffmpeg update to 3.4.5

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ffmpeg/+bug/1808537/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1964710] Re: XSS vulnerability in row_create

2022-04-12 Thread Steve Beattie
This was fixed in Jammy (Ubuntu 22.04 LTS pre-release) in phpliteadmin
1.9.8.2-2, closing that task.

** Changed in: phpliteadmin (Ubuntu Jammy)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964710

Title:
  XSS vulnerability in row_create

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/phpliteadmin/+bug/1964710/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968725] Re: baloo_file crashed with SIGSEGV in start_thread()

2022-04-12 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Attachment removed: "CoreDump.gz"
   
https://bugs.launchpad.net/ubuntu/+source/baloo-kf5/+bug/1968725/+attachment/5579957/+files/CoreDump.gz

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968725

Title:
  baloo_file crashed with SIGSEGV in start_thread()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/baloo-kf5/+bug/1968725/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2022-04-12 Thread Steve Beattie
All work for this report has been completed, I believe the linux and
linux-meta tasks can be closed out as well.

** Changed in: linux (Ubuntu)
   Status: Triaged => Fix Released

** Changed in: linux-meta (Ubuntu)
   Status: Triaged => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/acpi-call/+bug/1914279/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1949186] Re: Missing Linux Kernel mitigations for 'SSB - Speculative Store Bypass' hardware vulnerabilities

2022-04-12 Thread Steve Beattie
Hi Ammar, apologies for the delayed followup, what is the version of the
kernel that you are seeing this with? I.E. what is the output of running
the command 'cat /proc/version_signature' where this is showing up?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1949186

Title:
  Missing Linux Kernel mitigations for 'SSB - Speculative Store Bypass'
  hardware vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1949186/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950940] Re: Integer underflow in the vrend_decode_set_shader_images() on virglrenderer

2022-04-12 Thread Steve Beattie
** CVE removed: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0135

** CVE removed: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0175

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950940

Title:
  Integer underflow in the vrend_decode_set_shader_images() on
  virglrenderer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/virglrenderer/+bug/1950940/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950939] Re: OOB write in the vrend_renderer_transfer_write_iov on virglrenderer

2022-04-12 Thread Steve Beattie
This was fixed in https://ubuntu.com/security/notices/USN-5309-1 for
focal and newer; it is unfixed in bionic where virglrenderer is
community maintained.

(Edited to fix USN URL.)

** Also affects: virglrenderer (Ubuntu Focal)
   Importance: Undecided
   Status: New

** Also affects: virglrenderer (Ubuntu Bionic)
   Importance: Undecided
   Status: New

** Also affects: virglrenderer (Ubuntu Impish)
   Importance: Undecided
   Status: New

** Changed in: virglrenderer (Ubuntu)
   Status: New => Fix Released

** Changed in: virglrenderer (Ubuntu Bionic)
   Status: New => Confirmed

** Changed in: virglrenderer (Ubuntu Bionic)
   Status: Confirmed => Triaged

** Changed in: virglrenderer (Ubuntu Focal)
   Status: New => Fix Released

** Changed in: virglrenderer (Ubuntu Impish)
   Status: New => Fix Released

** Information type changed from Private Security to Public Security

** Tags added: community-security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950939

Title:
  OOB write in the vrend_renderer_transfer_write_iov on virglrenderer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/virglrenderer/+bug/1950939/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950784] Re: information leak from host to guest in the virglrenderer

2022-04-12 Thread Steve Beattie
This was fixed in https://ubuntu.com/security/notices/USN-5309-1 for
focal and newer; it is unfixed in bionic where virglrenderer is
community maintained.

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0175

** Also affects: virglrenderer (Ubuntu Focal)
   Importance: Undecided
   Status: New

** Also affects: virglrenderer (Ubuntu Impish)
   Importance: Undecided
   Status: New

** Also affects: virglrenderer (Ubuntu Bionic)
   Importance: Undecided
   Status: New

** Changed in: virglrenderer (Ubuntu Bionic)
   Status: New => Triaged

** Changed in: virglrenderer (Ubuntu)
   Status: New => Fix Released

** Changed in: virglrenderer (Ubuntu Focal)
   Status: New => Fix Released

** Changed in: virglrenderer (Ubuntu Impish)
   Status: New => Fix Released

** Information type changed from Private Security to Public Security

** Tags added: community-security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950784

Title:
  information leak from host to guest in the virglrenderer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/virglrenderer/+bug/1950784/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950940] Re: Integer underflow in the vrend_decode_set_shader_images() on virglrenderer

2022-04-12 Thread Steve Beattie
Issue 251 is not open upstream, but it looks like this was addressed in
https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/2aed5d419722a0d9fbd17be9c7a1147e22b681de
along with a couple of other security fixes in
https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654
. It does not look like these fixes have landed in a release yet
upstream.

Hoever, the other two issues (249, 250) did get CVEs assigned for them,
CVE-2022-0175 and CVE-2022-0135 respectively.

Jun Yao, was a CVE ever assigned for this issue?

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0135

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0175

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950940

Title:
  Integer underflow in the vrend_decode_set_shader_images() on
  virglrenderer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/virglrenderer/+bug/1950940/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1954832] Re: sctp: account for stream padding for reconf chunk

2022-04-12 Thread Steve Beattie
This has been fixed in all affected Ubuntu kernels, closing.

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-0322

** Information type changed from Private Security to Public Security

** Changed in: linux (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1954832

Title:
  sctp: account for stream padding for reconf chunk

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1954832/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1964427] Re: [Security] CVE-2022-0847 lib/iov_iter: initialize "flags" in new pipe_buffer

2022-04-11 Thread Steve Beattie
This was fixed in affected kernels in
https://ubuntu.com/security/notices/USN-5317-1 and
https://ubuntu.com/security/notices/USN-5362-1

** Package changed: ubuntu => linux (Ubuntu)

** Changed in: linux (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964427

Title:
  [Security] CVE-2022-0847 lib/iov_iter: initialize "flags" in new
  pipe_buffer

To manage notifications about this bug go to:
https://bugs.launchpad.net/intel/+bug/1964427/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1966352] Re: list-oem-metapackages crashed with AttributeError in packages_for_modalias(): 'Cache' object has no attribute 'packages'

2022-04-11 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1966352

Title:
  list-oem-metapackages crashed with AttributeError in
  packages_for_modalias(): 'Cache' object has no attribute 'packages'

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/1966352/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968043] Re: Open CVE-2021-4048 with critical severity

2022-04-11 Thread Steve Beattie
This is fixed in jammy (Ubuntu 22.04 LTS pre-release) but not in focal
or bionic.

** Also affects: lapack (Ubuntu Impish)
   Importance: Undecided
   Status: New

** Also affects: lapack (Ubuntu Bionic)
   Importance: Undecided
   Status: New

** Also affects: lapack (Ubuntu Focal)
   Importance: Undecided
   Status: New

** Changed in: lapack (Ubuntu)
   Status: Confirmed => Fix Released

** Changed in: lapack (Ubuntu Bionic)
   Status: New => Confirmed

** Changed in: lapack (Ubuntu Focal)
   Status: New => Confirmed

** Changed in: lapack (Ubuntu Impish)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968043

Title:
  Open CVE-2021-4048 with critical severity

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lapack/+bug/1968043/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968043] Re: Open CVE-2021-4048 with critical severity

2022-04-11 Thread Steve Beattie
** Changed in: lapack (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968043

Title:
  Open CVE-2021-4048 with critical severity

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lapack/+bug/1968043/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1967631] Re: Ubuntu 22.04 / snap-store installing outdated software and misses security updates

2022-04-11 Thread Steve Beattie
As an aside, the wireguard-dkms package is not necessary to install
(unless one is running an older non Ubuntu kernel that does not have the
wireguard module available) as the wireguard kernel module has been
enabled and backported to all Ubuntu kernels going back to the 4.4
kernel in Ubuntu 16.04 ESM.

Marking public and closing. Thanks!

** Information type changed from Private Security to Public Security

** Changed in: snapd (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1967631

Title:
  Ubuntu 22.04 / snap-store installing outdated software and misses
  security updates

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1967631/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1968626] Re: kioslave5 crashed with SIGSEGV in QString::endsWith()

2022-04-11 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Attachment removed: "CoreDump.gz"
   
https://bugs.launchpad.net/ubuntu/+source/kio/+bug/1968626/+attachment/5579490/+files/CoreDump.gz

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968626

Title:
  kioslave5 crashed with SIGSEGV in QString::endsWith()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/kio/+bug/1968626/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950321] Re: [MIR] glusterfs

2022-04-08 Thread Steve Beattie
I reviewed glusterfs 10.1-1 as checked into jammy. This
shouldn't be considered a full audit but rather a quick gauge
of maintainability.

GlusterFS is a clustered network file-system.

- CVE History: 27 CVEs, though the most recent are from
  2018. Issue resolution looks okay. One or two of the later
  CVEs were incomplete fixes for earlier issues.
- Build-Depends on openssl, libtirpc, libxml2, rdma libs.
- Several pre/post inst/rm scripts, dedicated to managing the
  systemd services, adding/removing a dedicated gluster user,
  ensuring an initial config file is created, and dealing with
  compiled python files. Most are generated by debhelper tools
  and look okay.
- No init scripts.
- The glusterfs-server package includes to systemd units, to
  manage the primary GlusterFS daemon and the gluster events
  notifier service. The GlusterFS daemon does depend on rpcbind
  services being enabled/started.

  (The upstream source includes a couple more systemd unit
  files that are not included in any of the binary packages.)
- No dbus services.
- No setuid binaries; however, see Andreas' discussion on the
  fusermount-glusterfs binary. In general, the security team
  would STRONGLY prefer to not have another setuid binary,
  especially for what upstream considers a non-standard use
  case and for one that is a modified version of an existing
  binary that has had its own history of security problems.
- There are several binaries in PATH, mostly as one would
  expect (the service daemon itself, mount utilities, the
  events daemon, and some other specialized utilities.
- No sudo fragments.
- No polkit files.
- No udev rules.
- Tests:
  - it has one basic autopkgtest, a smoke test that creates
and writes to a mountpoint.
  - As Andreas noted, there is an unused semblance of
unittest infrastructure. There is a wholly unused tests/
subdirectory. It's great that upstream gates on tests
passing, but does nothing for us for testing updates/patches
we might apply. That's not great.
- No cron jobs.
- As noted, build logs contain some warnings, some of
  them somewhat concerning highlighting where string copy
  operations are performed with a bounds limiter based on the
  length of the source of the copy rather than the size of the
  target. Cursory looks indicate that they may not be an issue,
  and there has been some effort to fix these sorts of things
  in the upstream github.

  There's a couple of warnings about not checking the result
  of calls to setreuid() in contrib/fuse-lib/mount-common.c:59
  which just emphasizes again that it would be best to not
  make the fusermount-glusterfs setuid.

  Nothing concerning in the lintian warnings, though that the
  warning of a lack of symbols tracking in the libraries has
  been silenced is not a great look. (The upstream libraries
  export a defined set of symbols, but don't make use of symbol
  versioning, either.)

- Processes are spawned in a few locations, but look to be
  handled safely (outside of testcases).
- Lots of fiddly memory management happening, memcpys,
  strcpys, etc.
- File IO is okay.
- Logging is complex but okay.
- Minimal use of environment variables, mostly for
  geo-replication, and is okay.
- Privileged function use oustide of fuse is okay.
- RPC can use tls via libssl, looks okay.
- Use of temp files looks to be safe, though TMPDIR is not
  honored.
- As one would expect, significant Use of networking; in
  general looks okay.
- No use of WebKit.
- No use of PolicyKit.

- No significant cppcheck issues that were not likely false
  positives.
- Coverity reported around 500 issues, but spot checking a few,
  they appeared to be false positives or things like failing to
  deallocate memory in a command line tool. Upstream appears
  to be making fixes based on the public Coverity scanner,
  so that's good.
- shellcheck found some issues, including in
  xlators/mount/fuse/utils/mount.glusterfs.in which gets
  installed as /sbin/mount.glusterfs. Not a direct security
  concern and there is at least some effort to address
  shellcheck issues upstream.
- No significant bandit results.

Close to 500 TODO/FIXME type comments which is not a great sign.

I investigated the lintian override for the fortify hardening
check, and it does appear to be a false positive that is being
silenced, and thus okay.

In talking with Andreas, I understand the difficulty with trying
to get the upstream tests (in particular those driven by the
run-tests.sh script) working, but I think it still would be
something that would give us far more confidence when performing
updates, security or otherwise. It would also be good to clarify
explicitly why (debian) symbol versioning is not done, or get
it in place. Neither are blockers for acceptance.

Overall, there seems to be a marked improvement focusing on
quality versus the last time this package was submitted for
an MIR.

Security team ACK for promoting glusterfs to main.

-- 
You received this bug 

Re: [Bug 1957932] Re: [MIR] rustc, cargo, dh-cargo

2022-04-04 Thread Steve Beattie
On Mon, Apr 04, 2022 at 09:31:39AM -, Simon Chopin wrote:
> We also have a provisional ACK from the security team (I'll keep working
> on surfacing the vendored deps data in a better way than Cargo.lock!).
> 
> The seed changes are in a MP at
> https://code.launchpad.net/~schopin/ubuntu-seeds/+git/ubuntu-
> seeds/+merge/416688
> 
> @paelzer could you confirm that we can move ahead, and perhaps review
> the seed change?

From the Ubuntu Security Team's perspective, ACK for moving ahead.

Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1957932

Title:
  [MIR] rustc, cargo, dh-cargo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cargo/+bug/1957932/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1961117] Re: Vulnerability in glibc - CVE-2022-23219

2022-03-28 Thread Steve Beattie
This issue was addressed in Ubuntu in
https://ubuntu.com/security/notices/USN-5310-1 and
https://ubuntu.com/security/notices/USN-5310-2 and the under development
jammy/Ubuntu 22.04 LTS already has glibc 2.35 incorporated.

Please also note that Ubuntu has been building with stack-protector
enabled since 2006, and thus the issue was limited to a denial of
service.

Thanks.

** Changed in: glibc (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1961117

Title:
  Vulnerability in glibc - CVE-2022-23219

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1961117/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1887187] Re: [MIR] nftables

2022-03-23 Thread Steve Beattie
python distutils deprecation has been filed as a bug upstream at
https://bugzilla.netfilter.org/show_bug.cgi?id=1594

For the security review, while I did do some review while preparing the
MIR request, I supsect it is preferable for the submitter to not also be
the one to do the security review. Alex gracefully agreed to perform it,
as seen above.

Yes, we would like to land this for 22.04 LTS, if possible.

Thanks!

** Bug watch added: bugzilla.netfilter.org/ #1594
   http://bugzilla.netfilter.org/show_bug.cgi?id=1594

** Changed in: nftables (Ubuntu)
Milestone: None => ubuntu-22.04-beta

** Changed in: nftables (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1887187

Title:
  [MIR] nftables

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965464] Re: add debian symbols tracking for libnftables1 package

2022-03-23 Thread Steve Beattie
Yes, that's correct, both commits are needed. The debdiff/merge request
look good to me, please go ahead and upload them to jammy so we can have
proper symbol versioning on the ibrary itself there. Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965464

Title:
  add debian symbols tracking for libnftables1 package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1965464/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1966017] Re: enable upstream python testsuite in autopkgtests

2022-03-23 Thread Steve Beattie
(If this were a build time testsuite, our log comparison process would
pick up changes. We could *maybe* do something akin to how we try to
detect new failing tests in openjdk in qrt's notes_testing/openjdk/
where we maybe compare our current adt runs of nftables against a prior
run, and look for differences.)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1966017

Title:
  enable upstream python testsuite in autopkgtests

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1966017/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1966017] Re: enable upstream python testsuite in autopkgtests

2022-03-23 Thread Steve Beattie
So this looks okay, there are unfortunately a bunch of errors in the
tests with v1.0.2 against a 5.15 kernel because the 'egress' hook
support was only added in 5.16
(https://git.kernel.org/linus/42df6e1d221dddc0f2acf2be37e68d553ad65f96).
This results in the following output in a jammy VM:

  96 test files, 69 files passed, 1889 unit tests, 
  717 error, 0 warning

I'd like to suggest one additional change, adding a `-f` option to the
nft-test.py invocation in debian/tests/internaltest-py.sh . From the
README in test/py/ that tells the testsuite to carry on testing
additional families in case of error. With that change in place, I get
the following total results, again in a jammy VM with a 5.15 kernel:

  96 test files, 69 files passed, 1889 unit tests,
  5776 total executed, 719 error, 0 warning

I have not run this in adt, but running the tests manually doesn't
return an error value on exit(), even with 700+ errors, so I'm not sure
how the adt test will detect a regression that causes more test cases to
error.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1966017

Title:
  enable upstream python testsuite in autopkgtests

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1966017/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1887187] Re: [MIR] nftables

2022-03-17 Thread Steve Beattie
For the required todos:

1) yes, the Ubuntu Security team is willing to maintain the embedded
code copies.

2) debian symbols tracking:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1965464

For the recommended todos, we will try to make progress on those.

Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1887187

Title:
  [MIR] nftables

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965464] Re: add debian symbols tracking for libnftables1 package

2022-03-17 Thread Steve Beattie
Submitted patch to Debian: https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=1007888

** Bug watch added: Debian Bug tracker #1007888
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007888

** Also affects: nftables (Debian) via
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007888
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965464

Title:
  add debian symbols tracking for libnftables1 package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1965464/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965464] Re: add debian symbols tracking for libnftables1 package

2022-03-17 Thread Steve Beattie
Debdiff to fix in ubuntu attached

** Patch added: "nftables_1.0.2-1ubuntu1.debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1965464/+attachment/5570243/+files/nftables_1.0.2-1ubuntu1.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965464

Title:
  add debian symbols tracking for libnftables1 package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1965464/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965464] Re: add debian symbols tracking for libnftables1 package

2022-03-17 Thread Steve Beattie
I attemped to fix it with the following patch:

Index: b/src/Makefile.am
===
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -91,7 +91,7 @@ libparser_la_CFLAGS = ${AM_CFLAGS} \
 
 libnftables_la_LIBADD = ${LIBMNL_LIBS} ${LIBNFTNL_LIBS} libparser.la
 libnftables_la_LDFLAGS = -version-info ${libnftables_LIBVERSION} \
---version-script=$(srcdir)/libnftables.map
+-Wl,--version-script=$(srcdir)/libnftables.map
 
 if BUILD_MINIGMP
 noinst_LTLIBRARIES += libminigmp.la

however, that FTBFS due to LTO being used in the build; examining the
generated library does show the appropriate versions on the symbols:

/build/nftables-r9ytiF/nftables-1.0.2/src$ nm -D --with-symbol-versions 
--defined-only .libs/libnftables.so
 A LIBNFTABLES_1
 A LIBNFTABLES_2
 A LIBNFTABLES_3
0005ad10 T nft_ctx_add_include_path@@LIBNFTABLES_1
0005abe0 T nft_ctx_add_var@@LIBNFTABLES_2
0005b150 T nft_ctx_buffer_error@@LIBNFTABLES_1
0005b050 T nft_ctx_buffer_output@@LIBNFTABLES_1
0005ad90 T nft_ctx_clear_include_paths@@LIBNFTABLES_1
0005acb0 T nft_ctx_clear_vars@@LIBNFTABLES_2
0005b2e0 T nft_ctx_free@@LIBNFTABLES_1
0005b590 T nft_ctx_get_dry_run@@LIBNFTABLES_1
0005b2a0 T nft_ctx_get_error_buffer@@LIBNFTABLES_1
0005b270 T nft_ctx_get_output_buffer@@LIBNFTABLES_1
0005add0 T nft_ctx_new@@LIBNFTABLES_1
0005b5d0 T nft_ctx_output_get_debug@@LIBNFTABLES_1
0005b5b0 T nft_ctx_output_get_flags@@LIBNFTABLES_1
0005b5e0 T nft_ctx_output_set_debug@@LIBNFTABLES_1
0005b5c0 T nft_ctx_output_set_flags@@LIBNFTABLES_1
0005b5a0 T nft_ctx_set_dry_run@@LIBNFTABLES_1
0005b550 T nft_ctx_set_error@@LIBNFTABLES_1
0005b510 T nft_ctx_set_output@@LIBNFTABLES_1
0005b200 T nft_ctx_unbuffer_error@@LIBNFTABLES_1
0005b0f0 T nft_ctx_unbuffer_output@@LIBNFTABLES_1
0005b5f0 T nft_run_cmd_from_buffer@@LIBNFTABLES_1
0005b940 T nft_run_cmd_from_filename@@LIBNFTABLES_1

My concern is if this gets fixed, will this cause us to need to do a SO
version bump?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965464

Title:
  add debian symbols tracking for libnftables1 package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1965464/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965464] Re: add debian symbols tracking for libnftables1 package

2022-03-17 Thread Steve Beattie
One concern with this is that the upstream symbol versioning is broken;
generating the debian symbols file looks like so:

libnftables.so.1 libnftables1 #MINVER#
 nft_ctx_add_include_path@Base 0.9.2
 nft_ctx_add_var@Base 1.0.0
 nft_ctx_buffer_error@Base 0.9.2
 nft_ctx_buffer_output@Base 0.9.2
 nft_ctx_clear_include_paths@Base 0.9.2
 nft_ctx_clear_vars@Base 1.0.0
 nft_ctx_free@Base 0.9.2
 nft_ctx_get_dry_run@Base 0.9.2
 nft_ctx_get_error_buffer@Base 0.9.2
 nft_ctx_get_optimize@Base 1.0.2
 nft_ctx_get_output_buffer@Base 0.9.2
 nft_ctx_new@Base 0.9.2
 nft_ctx_output_get_debug@Base 0.9.2
 nft_ctx_output_get_flags@Base 0.9.2
 nft_ctx_output_set_debug@Base 0.9.2
 nft_ctx_output_set_flags@Base 0.9.2
 nft_ctx_set_dry_run@Base 0.9.2
 nft_ctx_set_error@Base 0.9.2
 nft_ctx_set_optimize@Base 1.0.2
 nft_ctx_set_output@Base 0.9.2
 nft_ctx_unbuffer_error@Base 0.9.2
 nft_ctx_unbuffer_output@Base 0.9.2
 nft_run_cmd_from_buffer@Base 0.9.2
 nft_run_cmd_from_filename@Base 0.9.2

@Base is used because of:
$ nm -D --with-symbol-versions --defined-only 
/usr/lib/x86_64-linux-gnu/libnftables.so.1.1.0  
0005ad10 T nft_ctx_add_include_path
0005abe0 T nft_ctx_add_var
0005b150 T nft_ctx_buffer_error
0005b050 T nft_ctx_buffer_output
0005ad90 T nft_ctx_clear_include_paths
0005acb0 T nft_ctx_clear_vars
0005b2e0 T nft_ctx_free
0005b590 T nft_ctx_get_dry_run
0005b2a0 T nft_ctx_get_error_buffer
0005b5b0 T nft_ctx_get_optimize
0005b270 T nft_ctx_get_output_buffer
0005add0 T nft_ctx_new
0005b5f0 T nft_ctx_output_get_debug
0005b5d0 T nft_ctx_output_get_flags
0005b600 T nft_ctx_output_set_debug
0005b5e0 T nft_ctx_output_set_flags
0005b5a0 T nft_ctx_set_dry_run
0005b550 T nft_ctx_set_error
0005b5c0 T nft_ctx_set_optimize
0005b510 T nft_ctx_set_output
0005b200 T nft_ctx_unbuffer_error
0005b0f0 T nft_ctx_unbuffer_output
0005b610 T nft_run_cmd_from_buffer
0005b960 T nft_run_cmd_from_filename

This despite the symbol map in the upstream project:
https://git.netfilter.org/nftables/tree/src/libnftables.map

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965464

Title:
  add debian symbols tracking for libnftables1 package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1965464/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1965464] [NEW] add debian symbols tracking for libnftables1 package

2022-03-17 Thread Steve Beattie
Public bug reported:

As part of the MIR for nftables, the addition of symbols tracking in the
debian packaging for nftables is a requirement.

** Affects: nftables (Ubuntu)
 Importance: High
 Assignee: Steve Beattie (sbeattie)
 Status: Confirmed

** Changed in: nftables (Ubuntu)
   Status: New => Confirmed

** Changed in: nftables (Ubuntu)
   Importance: Undecided => High

** Changed in: nftables (Ubuntu)
 Assignee: (unassigned) => Steve Beattie (sbeattie)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1965464

Title:
  add debian symbols tracking for libnftables1 package

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1965464/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Re: [Bug 1957932] Re: [MIR] rustc, cargo

2022-03-15 Thread Steve Beattie
On Tue, Mar 15, 2022 at 05:14:00PM -, Simon Chopin wrote:
> Before even starting to address the various points further, I must ask
> whether they're showstopper for the *rustc* MIR.

> I ask because some of the concerns raised here are irrelevant for rustc
> itself. For instance, the X-Cargo-Built-Using is not only not used by
> the rustc packaging at all, it would also not be used by Rust packages
> entering main since, under the proposed amended rules, those packages
> would first vendor all their dependencies.

Ah, I had missed this piece from the conversation on the github
MR. That places more emphasis on making sure Cargo.lock at a minimum
is included. Long term, it would be ideal to have these in package
metadata as X-Embedded-Copies or whatever, but ultimately that's
a feature that would be generally useful across the distro and in
Debian, not just in the Rust portions of it.

For X-Cargo-Built-Using vs Built-Using in dh-cargo, the Security team
can compensate one way or the other, we just need to know that, no,
Built-Using not going to land in jammy. With the intent to fully vendor
things in main, it's less important (from our team's perspective)
that this gets resolved one way or the other, but I note that we are
not the only ones with an opinion here.

One other consideration is that organizations and governments are
pushing really strongly for Software Bills of Materials (SBOMs) so
the more proactive we are about collecting needed information in a
structured, easily consumable way, the more straightforward it will
be to satisfy those requirements.

> We intend to implement all tooling changes that are required for a
> wider Rust ecosystem support in main, but this starts with having the
> compiler!

The reason I ask about ecosystem supportability here is because this
is likely the sole point where it's even in bounds for an MIR security
audit. The 'dh-cargo' package as a "build-time only" tool means there
is no requirement for it to go into main, and thus will likely never
receive an MIR. When it comes time to review cargo, the argument will
then be "Of what use is having rustc in main without cargo?" Individual
applications or libraries will have reviews focused on themselves.

The reality is we accepted Go-lang into main with a hypothetical plan
to support its ecosystem security-wise, but has been difficult to
turn into something real. My concern is that we're about to do the
same for Rust, despite our broad general approval of the language.

[There are also other constraints within Canonical that cause me
to be thinking about the supportability of the ecosystem as a whole
beyond what gets integrated into main, but you are correct that they
are out of bounds for an MIR.]

Anyhow. I have concerns about supporting this ecosystem, but the
provisional ACK is already there.

Thanks.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1957932

Title:
  [MIR] rustc, cargo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cargo/+bug/1957932/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1957932] Re: [MIR] rustc, cargo

2022-03-15 Thread Steve Beattie
On Fri, Mar 11, 2022 at 10:17:47AM -, Simon Chopin wrote:
> @sbeattie there's some context on those various fields in
> https://github.com/cpaelzer/ubuntu-mir/pull/3

Thanks for this.

> Basically X-Cargo-Built-Using should be folded into Built-Using.

I agree with this, but is there a plan to land this in jammy?
If not, our tooling needs to compensate.

> There has been no talk of automating detection of packages that ought
> to have those fields, but that does sound like a good idea.

I think something needs to be in place, or there runs the risk of things
needing to pick up updates that don't get them applied.

> However, in the case of rustc and any future main package built using
> Rust, there are going to be vendored dependencies that are not packaged
> at all. It doesn't seem like a good idea to me to document those in the
> same fields as the dependencies that are separately packaged but
> statically linked, which is why I proposed shipping the Cargo.lock file.
> 
> If you'd prefer, we could instead ship it in another field, maybe
> X-Vendored-Sources (as mentioned before, Built-Using seems out of scope
> for that).

It would be great if we could get this information as a field in the
Packages info (modulo concerns about size explosion as the set of
packaged rust software expands). I agree that it is not appropriate
for Built-Using; X-Vendored-Sources sounds great (if only we could
get this incorporated across more language ecosystems!). It would
probably be beneficial to have both the field in the packages metadata
list as well as the Cargo.lock file, to be able to identify which
crate versions were incorporated in superseded versions, if need be.

> For instance, using this small Python snippet, I get this for
> the Cargo.lock file shipped in rustc (Jammy):
> 
> $ zcat Cargo.lock.gz | python3 -c "import toml; import sys; print(',
> '.join(f\"{p['name']}/{p['version']}\" for p in
> toml.load(sys.stdin)['package'] if 'source' in p))"

Thanks for this, lots to chew on here. Quite a few rust crates have
at least two versions of themselves in the list, which based on reading,
seems to be normal in the ecosystem, but then leads to issues like:

  crossbeam-utils/0.7.2
  crossbeam-utils/0.8.5

while the latter was patched to address CVE-2022-23639 in the current
jammy packaging, the former (in vendor/crossbeam-utils-0.7.2) was not.
While upstream crossbeam-utils yanked all of the 0.8.x versions < 0.8.7,
but there doesn't appear to be a fixed version of 0.7.x from upstream.
That's somewhat concerning about the ecosystem as a whole.

> The 'if source in p' statement filters out crates that are internal to
> rustc. Surprinsingly, the remaining rustc-* crates are separately
> packaged forks of existing crates.

That is also less than ideal.

> Would the security team feel more comfortable with this?

Yes, I think so.

Thanks!


** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-23639

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1957932

Title:
  [MIR] rustc, cargo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cargo/+bug/1957932/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1957932] Re: [MIR] rustc, cargo

2022-03-10 Thread Steve Beattie
> 'Built-Using' vs 'X-Cargo-Built-Using' dh-cargo behavior

So there is no plan to change this in dh-cargo? The tool the security
team has that queries Built-Using can be modified to use the alternate
field, if necessary, but we need to know if that's what we need to do.
Are the tools that help with library transitions in Ubuntu going to cope
with this?

> non-users of dh-cargo not emitting 'X-Cargo-Built-Using'

Is there a plan to deal with this? Some sort of britney / autopkgtest
check that could be added to flag these as needing to be addressed?
Otherewise, this makes it more difficult to discern what might need to
be rebuilt given an update to a given rust library.

I do appreciate the Cargo.lock packaging, that is helpful, though it
means neediing to unpack binary debs to gain access to them, rather than
merely accessing archive metadata for 'Built-Using' or 'X-Cargo-Built-
Using'.

Thanks.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1957932

Title:
  [MIR] rustc, cargo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cargo/+bug/1957932/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1960864] Re: [MIR] plocate

2022-03-07 Thread Steve Beattie
I reviewed plocate 1.1.15-1ubuntu2 as checked into jammy.  This shouldn't be
considered a full audit but rather a quick gauge of maintainability.

plocate is a locate implementation based on posting lists and io_uring,
intended as a drop-in replacement for mlocate.

- No CVE History.
- Build-Depends on liburing and libzstd
- The pre/post inst/rm scripts adds a plocate group, sets up
  alternatives to place it as the locate, and sets up the systemd timer.
  Things are cleaned up in the pre/post-rm scripts.
- No init scripts.
- One systemd timer and service to run updatedb
- No dbus services
- No setuid binaries, plocate binary is setgid.
- binaries in PATH: plocate, plocate-build, and updatedb.plocate
- No sudo fragments
- No polkit files
- No udev rules
- test
  - no unit or other build-time tests
  - autopkgtests: a basic test plus a more complex test that tests
visibility across differing users.
- One cron job that exits immediately because systemd timers are available.
- No build warnings or errors, lintian with one minor warning:
  command-with-path-in-maintainer-script

- No processes spawned.
- Memory management is okay, generally uses C++ style
  allocations / deallocations.
- File IO is mostly performed on static names or parsed out of
  /proc/self/mountinfo. The exception is the db argument to plocate;
  however, if alternate db files are passed, a child process that drops
  privilege is forked to search the passed db file.
- Logging is mostly done by perror, and is done safely.
- Environment variable usage is okay.
- Privileged functions (setgid) are used to drop privs and are okay
  (returned errors are checked for).
- No use of cryptography / random number sources.
- Sole use of temp files in database-builder is okay, uses O_TMPFILE if
  available.
- No use of networking.
- No use of WebKit.
- No use of PolicyKit.

- No significant cppcheck results.
- No significant Coverity results, a couple of issues that could possibly
  warrant further investigation. Recommend upstream project make use of
  the public https://scan.coverity.com service.

Code generally feels modern and readable.

Security team ACK for promoting plocate to main.


** Changed in: plocate (Ubuntu Jammy)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1960864

Title:
  [MIR] plocate

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/plocate/+bug/1960864/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950321] Re: [MIR] glusterfs

2022-02-24 Thread Steve Beattie
I'm working on the Security review of GlusterFS, which I have not quite
completed, but to offer a comment on fusermount-glusterfs binary, the
Security team would strongly prefer to not have another setuid binary
for this; the original setuid fusermount has had its own security
history and we would not like to see a forked version that has unknown
tracking of vulnerabilities, especially for something that upstream
considers to be a non-standard usage.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950321

Title:
  [MIR] glusterfs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1950321/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950321] Re: [MIR] glusterfs

2022-02-23 Thread Steve Beattie
** Changed in: glusterfs (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => Steve Beattie 
(sbeattie)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950321

Title:
  [MIR] glusterfs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/1950321/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1957932] Re: [MIR] rustc, cargo

2022-02-23 Thread Steve Beattie
I reviewed rustc 1.57.0+dfsg1+llvm-0ubuntu2 as checked into jammy
(but also peeked briefly at 1.58.1+dfsg1~ubuntu1-0ubuntu1~ppa5
in Simon's ppa). This shouldn't be considered a full audit but
rather a quick gauge of maintainability, and this is a bit more
streamlined review than normal due to the nature of Rust.

Rust is a programming language and runtime environment that is
intended to be a modern systems language. In general, the Ubuntu
Security team views more widespread usage of Rust as a positive
thing; the primary drawback being, like Go before it, the choice
to static link everything makes security updates more challenging
for both the deliverer and users on limited bandwidth.

The Built-Using: mechanism at least gives us a chance to determine
what needs to be rebuilt when a rust library has a security
vulnerability that needs addressing. In order to get Built-Using:
applied to Rust applications in jammy, does this mean that every
Rust application needs at a minimum a no-change rebuild before
jammy is released? If so, is there a plan for that?

I'd like to ask what is the support expectation and commitment
from the Foundations team for the rust toolchain and the separated
out LLVM:

 - Is the expectation that version bumps of rust, possibly along
   with version bumps of LLVM necessary, will be brought back to
   22.04 LTS?

 - If so, does the source package need a versioned name, as done
   for other toolchains?

 - As more thing depend on rust either wholly or partially
   (e.g. the ongoing work on the Linux kernel), is there an
   expectation this will change for 24.04 LTS?

For CVE history, there are 21 CVEs in the security team's tracker
that affect Rust, 20 in the standard library. (There is also a
very recent additional issue that affects the vendored copy of
rust-crossbeam in the rustc source package.) Generally, upstream
looks responsive to security issues.

Given all the above, the Ubuntu Security provisionally acks rustc
for main, assuming the questions above can be answered.

** Changed in: rustc (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1957932

Title:
  [MIR] rustc, cargo

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cargo/+bug/1957932/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950317] Re: [MIR] Wireguard

2022-02-22 Thread Steve Beattie
Andreas wrote:
> If you happen to have a kernel installed that has the virtual provides
> for wireguard-modules, then dkms won't be pulled in.

Oh nice, I missed that, thanks for pointing it out. That definitely
covers my complaint there.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950317

Title:
  [MIR] Wireguard

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wireguard/+bug/1950317/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950317] Re: [MIR] Wireguard

2022-02-18 Thread Steve Beattie
One other non-security opinionated comment: having the wireguard meta
package pull in the dkms package will likely cause people to install
them unnecessarily. While many people will read the documentation first
and realize they only need to install wireguard-tools, it's likely
others will hear that WireGuard is supported in Ubuntu and assume `apt
install wireguard` will do the right thing.


** Changed in: wireguard (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950317

Title:
  [MIR] Wireguard

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wireguard/+bug/1950317/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1950317] Re: [MIR] Wireguard

2022-02-18 Thread Steve Beattie
I reviewed wireguard 1.0.20210914-1ubuntu2 as checked into jammy.
This shouldn't be considered a full audit but rather a quick
gauge of maintainability.

wireguard is the user space component of the WireGuard VPN, an
in-kernel vpn. The tools provided are for querying and configuring
the state of the kernel portion of WireGuard.

- No directly applicable CVEs.
- No significant Build-Depends.
- pre/post inst/rm scripts deal with the wq-quick systemd unit
- The wg-quick systemd unit in not enabled by default; it is a
  templated oneshot service to make automatic connections on boot.
- No dbus services
- No setuid binaries
- wg and wg-quick are the binaries in added in PATH
- No sudo fragments.
- No polkit files.
- No udev rules.
- tests:
  - No unit tests, a couple of build time tests of key generation
  - Some autopkgtests to test basic functionality, no real
negative tests
  - it is good to see built-in fuzzing support.
- No cron jobs.
- Build logs are clean

- Processes spawned:
  - there are lots of wrapped calls to popen(); fortunately they
are confined to contributed or android tools only, and not
included in the wg binary.
- Memory management is performed okay.
- File IO is okay, primarily used from the command line to read
  and write keys and read configuration. Attempts to protect
  against writing world accessible keys.
- Logging is done through perror(), strerror(), and gai_strerror(),
  and is okay.
- Environment variable use is limited.
- No use of privileged functions on Linux
- Use of cryptography / random number sources:
  - uses getrandom()
  - curve25519 implementations are embedded code copies,
implementations are good.
- No use of temp files in C code, wg-quick uses a static name
  for writing out a config file before moving it into place.
- networking for the userspace component looks to be limited to
  resolving ip addresses and talking via netlink to configure
  and query the kernel code, and looks okay.
- No use of WebKit.
- No use of PolicyKit.

- No cppcheck warnings.
- No Coverity results that weren't false positives.
- shellcheck on wg-quick was mostly clean:
  - line 338 uses the variable $i as a loop index in multiple nested
loops; it appears to work correctly, but is mildly confusing
to read.
  - quoting issues that are likely false positives

The wg-quick shell script feels like it is at that point of
complexity where it might be worth re-implementing in a less
error prone programming language than bash.

The /usr/share/docs/wireguard-tools/examples directory contains
all of the stuff in contrib/ which is of varying quality, but
doesn't really provide any example configurations.

Security team ACK for promoting wireguard to main.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1950317

Title:
  [MIR] Wireguard

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wireguard/+bug/1950317/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1958293] Re: [MIR]: libyang2

2022-02-17 Thread Steve Beattie
I reviewed libyang2 2.0.112-6ubuntu2 as checked into jammy.
This shouldn't be considered a full audit but rather a quick gauge
of maintainability. The libyang2 source package is a rename of the
libyang based on the upstream 2.0 version which included a new parser;
the libyang source package has not yet been removed from the archive.

libyang2 is a library for processing IETF YANG data modeling schemas,
used primarily for expressing netowrk configuration for networking
equipment.

- CVE History:
  - Roughly fifteen or so CVEs affecting libyang. Upstream is generally
responsive of reports.
- Build-Depends
  - libpcre2 (ok)
- No pre/post inst/rm scripts
- No init scripts.
- No systemd units.
- No dbus services.
- No setuid binaries.
- Two binaries in PATH, used primarly for schema validation and
  development
- No sudo fragments.
- No polkit files.
- No udev rules.
- tests:
  - significant unit tests run during the build
  - very limited autopkgtests, that only exercise the cli tools
- No cron jobs.
- Build logs:
  - more build time tests on the cli tools could be run if the shunit2
package was installed
  - build logs mostly clean, some possible uninitialized value warnings
(from -Wmaybe-uninitialized)
  - lintian warnings are fine

- No processes spawned.
- Memory management is generally okay, some error checking macros are
  present to assist with allocation errors.
- File IO is okay.
- Logging has complex infrastructure, but okay
- Environment variable usage is okay. Alternate plugin and extension
  directories can be specified via env vars, but it's hard to see how
  this can be abused.
- Uses ioctl in the cli tools for querying window size.
- No obvious use of cryptography / random number sources.
- Lint tool uses a known temp file name when recompiled with debugging
  macros enabled (disabled by default)
- No obvious use of networking, parses ip addrs in config files
- No use of WebKit.
- No use of PolicyKit.

- ccpcheck reported a large number of memory leaks plus a few double
  frees, but these look to be likely false positives.
- Coverity flagged a few issues outside of the tests that also mostly
  look to be false positives.

Overall code looks fine, if macro heavy, which seems to confuse static 
analyzers. Upstream is responsive to issues.

Security team ACK for promoting libyang2 to main.


** Changed in: libyang2 (Ubuntu)
 Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1958293

Title:
  [MIR]: libyang2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libyang2/+bug/1958293/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1887187] Re: [MIR] nftables

2022-02-15 Thread Steve Beattie
** Changed in: nftables (Ubuntu)
 Assignee: Seth Arnold (seth-arnold) => (unassigned)

** Changed in: nftables (Ubuntu)
   Status: Confirmed => New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1887187

Title:
  [MIR] nftables

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1887187] Re: [MIR] nftables

2022-02-15 Thread Steve Beattie
** Description changed:

- 
  [Availability]
  
  * The package is already in universe and has been supported
  by Ubuntu kernels since at least Ubuntu 18.04 LTS. It
  builds and is supported on all Ubuntu architectures.
  
  [Rationale]
  
  * nftables is the future CLI and backend for firewalling
  which should be available on Ubuntu by default, and is
  the preferred tool by the upstream kernel community.
  
  * iptables will be switching to nftables backend, but
  iptables availability and usage will probably continue for
  forseeable future.  It is expected that newer software will
  be adopting nftables directly, rather than via iptables
  compat tools.
  
  [Security]
  
  * There is no history of of vulnerabilities in the nftables
  user space tools (CVE-2015-1573 is in the kernel portion
  of nftables).
  
  * The nftables binary package contains the binary
  `/usr/bin/nft` which is neither setuid nor setgid. This
  binary is the utility that interacts with and configures
  the nftables subsystem in the Linux kernel.
  
  * The package also includes a oneshot systemd service
  used during boot to load the nftables configuration in
  /etc/nftables.conf. As packaged in Debian, this service
  is disabled by default.
  
  * It interacts with and configures the network filtering
  as performed by the Linux kernel.
  
  [Quality Assurance - function/usage]
  
  * The package works as installed; it does require enabling
  the systemd oneshot service to automatically reload defined
  rules on boot.
  
  [Quality assurance - maintenance]
  
  LP bugs: https://bugs.launchpad.net/ubuntu/+source/nftables/+bugs
  Debian: 
https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no=nftables
  Upstream: 
https://bugzilla.netfilter.org/buglist.cgi?bug_status=__open__=_redirect=1=Importance=nftables_format=specific
  
  * Ubuntu and Debian bugs are reasonably under
  control. Upstream has a larger set of bugs that are
  mostly about parsing errors (flex/yacc are complex) and
  documentation or feature requests.
  
  [Quality Assurance - testing]
  
  * Tests are not run at build time; there are many tests
  run during autopkgtests across all architectures, but the
  more extensive ones have been marked as flaky. Example
  autopkgtest log:
  
https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/n/nftables/20220117_122101_70524@/log.gz
  
  [Quality Assurance - packaging]
  
  * A debian/watch file is present and works. Lintian reports
  nothing substantial, just minor standards version lag as
  well as debian/control missing the Rules-Requires-Root:
  field (silent-on-rules-requiring-root).  It does not depend
  on obsolete or about to be demoted packages. There are no
  debconf settings or questions.
  
  [UI Standards]
  
  * It is primarily a command line system tool that is
  sysadmin facing, that does not contain translations.
  
  [Dependencies]
  
  * Documentation tools used during the build are in
  universe; all runtime dependencies are in main. It uses
  libjannson for JSON handling, not sure if there's a
  preferred JSON library in main.
  
  [Standards compliance]
  
  * This package correctly follows FHS and Debian Policy
  
  [Maintenance/Owner]
  
- * The ubuntu-security team is not yet but will be
- subscribed to bugs for nftables. There are no static
- builds. There are some very minor embedded code copies that
- are either disabled at build time (system gmp is used over
- embedded mini-gmp) or are fairly small (David Woodhouse's
- rbtree). It is relatively mature software with active
- upstream commits (http://git.netfilter.org/nftables/log/)
- as well as reasonably active maintenance in Debian.
+ * The ubuntu-security team is subscribed to bugs for
+ nftables. There are no static builds. There are some very
+ minor embedded code copies that are either disabled at 
+ build time (system gmp is used over embedded mini-gmp)
+ or are fairly small (David Woodhouse's rbtree). It is
+ relatively mature software with active upstream commits
+ (http://git.netfilter.org/nftables/log/) as well as
+ reasonably active maintenance in Debian.
  
  [Background information]
  
  * The package description explains the package
  well. The upstream project is part of the
  larger netfilter project, and is documented at
  https://netfilter.org/projects/nftables/index.html

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1887187

Title:
  [MIR] nftables

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1887187] Re: [MIR] nftables

2022-02-15 Thread Steve Beattie
** Description changed:

  
  [Availability]
  
- * The package is already in universe and has been supported by Ubuntu
- kernels since at least Ubuntu 18.04 LTS. It builds and is supported
- on all Ubuntu architectures.
+ * The package is already in universe and has been supported
+ by Ubuntu kernels since at least Ubuntu 18.04 LTS. It
+ builds and is supported on all Ubuntu architectures.
  
  [Rationale]
  
- * nftables is the future CLI and backend for firewalling which should
- be available on Ubuntu by default, and is the preferred tool by the
- upstream kernel community.
+ * nftables is the future CLI and backend for firewalling
+ which should be available on Ubuntu by default, and is
+ the preferred tool by the upstream kernel community.
  
- * iptables will be switching to nftables backened, but iptables
- availability and usage will probably continue for forseeable future.
- It is expected that newer software will be adopting nftables directly,
- rather than via iptables compat tools.
+ * iptables will be switching to nftables backend, but
+ iptables availability and usage will probably continue for
+ forseeable future.  It is expected that newer software will
+ be adopting nftables directly, rather than via iptables
+ compat tools.
  
  [Security]
  
- * There is no history of of vulnerabilities in the nftables user
- space tools (CVE-2015-1573 is in the kernel portion of nftables).
+ * There is no history of of vulnerabilities in the nftables
+ user space tools (CVE-2015-1573 is in the kernel portion
+ of nftables).
  
- * The nftables binary package contains the binary `/usr/bin/nft` which
- is neither setuid nor setgid. This binary is the utility that interacts
- with and configures the nftables subsystem in the Linux kernel.
+ * The nftables binary package contains the binary
+ `/usr/bin/nft` which is neither setuid nor setgid. This
+ binary is the utility that interacts with and configures
+ the nftables subsystem in the Linux kernel.
  
- * The package also includes a oneshot systemd service used during
- boot to load the nftables configuration in /etc/nftables.conf. As
- packaged in Debian, this service is disabled by default.
+ * The package also includes a oneshot systemd service
+ used during boot to load the nftables configuration in
+ /etc/nftables.conf. As packaged in Debian, this service
+ is disabled by default.
  
- * It interacts with and configures the network filtering as performed
- by the Linux kernel.
+ * It interacts with and configures the network filtering
+ as performed by the Linux kernel.
  
  [Quality Assurance - function/usage]
  
- * The package works as installed; it does require enabling the systemd
- oneshot service to automatically reload defined rules on boot.
+ * The package works as installed; it does require enabling
+ the systemd oneshot service to automatically reload defined
+ rules on boot.
  
  [Quality assurance - maintenance]
  
  LP bugs: https://bugs.launchpad.net/ubuntu/+source/nftables/+bugs
  Debian: 
https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no=nftables
  Upstream: 
https://bugzilla.netfilter.org/buglist.cgi?bug_status=__open__=_redirect=1=Importance=nftables_format=specific
  
- * Ubuntu and Debian bugs are reasonably under control. Upstream has
- a larger set of bugs that are mostly about parsing errors (flex/yacc
- are complex) and documentation or feature requests.
+ * Ubuntu and Debian bugs are reasonably under
+ control. Upstream has a larger set of bugs that are
+ mostly about parsing errors (flex/yacc are complex) and
+ documentation or feature requests.
  
  [Quality Assurance - testing]
  
- * Tests are not run at build time; there are many tests run during
- autopkgtests across all architectures, but the more extensive ones
- have been marked as flaky. Example autopkgtest log:
+ * Tests are not run at build time; there are many tests
+ run during autopkgtests across all architectures, but the
+ more extensive ones have been marked as flaky. Example
+ autopkgtest log:
  
https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/n/nftables/20220117_122101_70524@/log.gz
  
  [Quality Assurance - packaging]
  
  * A debian/watch file is present and works. Lintian reports
  nothing substantial, just minor standards version lag as
- well as debian/control missing the Rules-Requires-Root: field
- (silent-on-rules-requiring-root).  It does not depend on obsolete
- or about to be demoted packages. There are no debconf settings or
- questions.
+ well as debian/control missing the Rules-Requires-Root:
+ field (silent-on-rules-requiring-root).  It does not depend
+ on obsolete or about to be demoted packages. There are no
+ debconf settings or questions.
  
  [UI Standards]
  
- * It is primarily a command line system tool that is sysadmin facing,
- that does not contain translations.
+ * It is primarily a command line system tool that is
+ sysadmin facing, that does not contain translations.
  
  [Dependencies]
  
- 

[Bug 1887187] Re: [MIR] nftables

2022-02-15 Thread Steve Beattie
** Description changed:

+ 
  [Availability]
  
- * The package is present in universe and is built for all architectures.
+ * The package is already in universe and has been supported by Ubuntu
+ kernels since at least Ubuntu 18.04 LTS. It builds and is supported
+ on all Ubuntu architectures.
  
  [Rationale]
  
- * nftables is the future CLI and backend for firewalling which should be
- avalable on Ubuntu by default.
+ * nftables is the future CLI and backend for firewalling which should
+ be available on Ubuntu by default, and is the preferred tool by the
+ upstream kernel community.
  
  * iptables will be switching to nftables backened, but iptables
- availability and usage will probably continue for forseeable future. It
- is epxected that newer software will be adopting nftables directly,
+ availability and usage will probably continue for forseeable future.
+ It is expected that newer software will be adopting nftables directly,
  rather than via iptables compat tools.
+ 
+ [Security]
+ 
+ * There is no history of of vulnerabilities in the nftables user
+ space tools (CVE-2015-1573 is in the kernel portion of nftables).
+ 
+ * The nftables binary package contains the binary `/usr/bin/nft` which
+ is neither setuid nor setgid. This binary is the utility that interacts
+ with and configures the nftables subsystem in the Linux kernel.
+ 
+ * The package also includes a oneshot systemd service used during
+ boot to load the nftables configuration in /etc/nftables.conf. As
+ packaged in Debian, this service is disabled by default.
+ 
+ * It interacts with and configures the network filtering as performed
+ by the Linux kernel.
+ 
+ [Quality Assurance - function/usage]
+ 
+ * The package works as installed; it does require enabling the systemd
+ oneshot service to automatically reload defined rules on boot.
+ 
+ [Quality assurance - maintenance]
+ 
+ LP bugs: https://bugs.launchpad.net/ubuntu/+source/nftables/+bugs
+ Debian: 
https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no=nftables
+ Upstream: 
https://bugzilla.netfilter.org/buglist.cgi?bug_status=__open__=_redirect=1=Importance=nftables_format=specific
+ 
+ * Ubuntu and Debian bugs are reasonably under control. Upstream has
+ a larger set of bugs that are mostly about parsing errors (flex/yacc
+ are complex) and documentation or feature requests.
+ 
+ [Quality Assurance - testing]
+ 
+ * Tests are not run at build time; there are many tests run during
+ autopkgtests across all architectures, but the more extensive ones
+ have been marked as flaky. Example autopkgtest log:
+ 
https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/n/nftables/20220117_122101_70524@/log.gz
+ 
+ [Quality Assurance - packaging]
+ 
+ * A debian/watch file is present and works. Lintian reports
+ nothing substantial, just minor standards version lag as
+ well as debian/control missing the Rules-Requires-Root: field
+ (silent-on-rules-requiring-root).  It does not depend on obsolete
+ or about to be demoted packages. There are no debconf settings or
+ questions.
+ 
+ [UI Standards]
+ 
+ * It is primarily a command line system tool that is sysadmin facing,
+ that does not contain translations.
+ 
+ [Dependencies]
+ 
+ * Documentation tools used during the build are in universe; all
+ runtime dependencies are in main. It uses libjannson for JSON handling,
+ not sure if there's a preferred JSON library in main.
+ 
+ [Standards compliance]
+ 
+ * This package correctly follows FHS and Debian Policy
+ 
+ [Maintenance/Owner]
+ 
+ * The ubuntu-security team is not yet but will be subscribed to
+ bugs for nftables. There are no static builds. There are some very
+ minor embedded code copies that are either disabled at build time
+ (system gmp is used over embedded mini-gmp) or are fairly small
+ (David Woodhouse's rbtree). It is relatively mature software with
+ active upstream commits (http://git.netfilter.org/nftables/log/)
+ as well as reasonably active maintenance in Debian.
+ 
+ [Background information]
+ 
+ * The package description explains the package well. The upstream
+ project is part of the larger netfilter project, and is documented
+ at https://netfilter.org/projects/nftables/index.html .

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1887187

Title:
  [MIR] nftables

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1887187/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1888076] Re: nftables can't be statefull

2022-02-15 Thread Steve Beattie
Also, given that nftables is configuring netfilter in the kernel, it
would probably be helpful to identify which kernel version you saw this
with.

Thanks.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1888076

Title:
  nftables can't be statefull

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1888076/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1888076] Re: nftables can't be statefull

2022-02-15 Thread Steve Beattie
Hi Elrik,

Thanks for reporting your issue to Ubuntu, and apologies for the delayed
response. Can you say explicitly what behavior you're expecting to have
work that does not? I.E. are ssh connections to the host unsuccessful or
are other outbound operations failing?

Some useful diagnostics to see what's happening would be to install the
conntrack package and then run:

  $ sudo conntrack -L -o id,extended

to see what connections it's tracking. Additionally, it would probably
be useful to add a log rule at the end of the input chain to see what's
failing; something like:

  log prefix "[nftables] input denied: " flags all counter drop

and then looking at dmesg output, journalctl output, or
/var/log/kern.log can tell you what is getting blocked.

It should be noted that Ubuntu 20.04 uses systemd-resolved as its DNS
resolver and depending on whether you've adjusted your DNS settings,
with the nftables configuration above, likely the problem you're seeing
is that connections to the resolver listening on the loopback interface
(ip addr 127.0.0.53) are being blocked; in my testing, this showed up
looking like:

  [nftables] input denied: IN=lo OUT= 
MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:
00 SRC=127.0.0.1 DST=127.0.0.53 LEN=86 TOS=0x00 PREC=0x00 TTL=64 ID=11108 DF 
PROTO=UDP SPT=45001 DPT=53 LEN=66

Given that, adding a rule like:

  udp dport 53 ip saddr 127.0.0.1 accept

on the input chain caused outbound initiated network traffic to work.

Is this what you were seeing or is there some other behavior you were
expecting that did not work?

Thanks.

** Changed in: nftables (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1888076

Title:
  nftables can't be statefull

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nftables/+bug/1888076/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1951837] Re: new kernel 5.4.0-90-generic contain error with snat in vrf

2022-02-14 Thread Steve Beattie
Hi,

Thanks for reporting this issue. If the behavior fails due to a kernel
update, it's unlikely to be a problem in the user space nftables tool.

Looking for suspicious commits between 5.4.0-84.94 and 5.4.0-90.101,
https://git.launchpad.net/~ubuntu-
kernel/ubuntu/+source/linux/+git/focal/commit/?id=318d87fed75ab207f5913ae5c6abf4f781c507f1
looks supicious and landed in 5.4.0-89.100.

However, that commit was reverted in https://git.launchpad.net/~ubuntu-
kernel/ubuntu/+source/linux/+git/focal/commit/?id=cb3a632a2da90d23629b59c8da26460af0bc455a
, which landed in 5.4.0-97.110, published to focal at
https://launchpad.net/ubuntu/+source/linux/5.4.0-97.110 on February 7,
2022.

Are you still seeing this issue?

** Changed in: nftables (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951837

Title:
  new kernel 5.4.0-90-generic contain error with snat in vrf

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1951837/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1955352] Re: Vulnerable to information disclosure through various actions

2022-01-27 Thread Steve Beattie
Hey Kunal, thanks again for preparing these debdiffs. After reviewing
them, I've gone ahead and uploaded the packages to the ubuntu-security-
proposed ppa at https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages to build and run through
autopkgtests; any feedback or additional testing you or anyone can give
would be greatly appreciated.

Thanks again.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1955352

Title:
  Vulnerable to information disclosure through various actions

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mediawiki/+bug/1955352/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1955352] Re: Vulnerable to information disclosure through various actions

2022-01-26 Thread Steve Beattie
Hi Kunal,

Thanks for preparing these updates, I'm looking at them now. Apologies
that they didn't get picked up earlier.

** Changed in: mediawiki (Ubuntu Bionic)
 Assignee: (unassigned) => Steve Beattie (sbeattie)

** Changed in: mediawiki (Ubuntu Focal)
 Assignee: (unassigned) => Steve Beattie (sbeattie)

** Changed in: mediawiki (Ubuntu Impish)
 Assignee: (unassigned) => Steve Beattie (sbeattie)

** Changed in: mediawiki (Ubuntu Bionic)
   Status: New => In Progress

** Changed in: mediawiki (Ubuntu Focal)
   Status: New => In Progress

** Changed in: mediawiki (Ubuntu Impish)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1955352

Title:
  Vulnerable to information disclosure through various actions

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mediawiki/+bug/1955352/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1951837] Re: new kernel 5.4.0-90-generic contain error with snat in vrf

2022-01-18 Thread Steve Beattie
** Also affects: linux (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1951837

Title:
  new kernel 5.4.0-90-generic contain error with snat in vrf

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1951837/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1958089] Re: Acer laptop screen goes black after a few hours of work

2022-01-17 Thread Steve Beattie
** Information type changed from Public Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1958089

Title:
  Acer laptop screen goes black after a few hours of work

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1958089/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1956585] Re: OOB write on BPF_RINGBUF

2022-01-11 Thread Steve Beattie
This was assigned CVE-2021-4204.

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-4204

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1956585

Title:
  OOB write on BPF_RINGBUF

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1956585] Re: OOB write on BPF_RINGBUF

2022-01-10 Thread Steve Beattie
** Description changed:

  tr3e wang discovered that an OOB write existed in the eBPF subsystem in
  the Linux kernel on BPF_RINGBUF.
  
  Mitigation commit: https://git.launchpad.net/~ubuntu-
  
kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83
  
  Mitigation:
  
  Disable unprivileged ebpf with:
  
-   $ sudo sysctl kernel.unprivileged_bpf_disabled=1
+   $ sudo sysctl kernel.unprivileged_bpf_disabled=1
+ 
+ Unprivileged ebpf is disabled by default in Ubuntu 21.10 and newer. See
+ https://www.kernel.org/doc/html/latest/admin-
+ guide/sysctl/kernel.html#unprivileged-bpf-disabled for details on the
+ configuration setting.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1956585

Title:
  OOB write on BPF_RINGBUF

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1956585] Re: OOB write on BPF_RINGBUF

2022-01-10 Thread Steve Beattie
** Description changed:

  tr3e wang discovered that an OOB write existed in the eBPF subsystem in
  the Linux kernel on BPF_RINGBUF.
  
  Mitigation commit: https://git.launchpad.net/~ubuntu-
  
kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83
+ 
+ Mitigation:
+ 
+ Disable unprivileged ebpf with:
+ 
+   $ sudo sysctl kernel.unprivileged_bpf_disabled=1

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1956585

Title:
  OOB write on BPF_RINGBUF

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1956585] Re: OOB write on BPF_RINGBUF

2022-01-10 Thread Steve Beattie
** Information type changed from Private Security to Public Security

** Description changed:

- Placeholder bug.
+ tr3e wang discovered that an OOB write existed in the eBPF subsystem in
+ the Linux kernel on BPF_RINGBUF.
+ 
+ Mitigation commit: https://git.launchpad.net/~ubuntu-
+ 
kernel/ubuntu/+source/linux/+git/impish/commit/?id=53fb7741ff9d546174dbb585957b4f8b6afbdb83

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1956585

Title:
  OOB write on BPF_RINGBUF

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1956585/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1916767] Re: firejail version in Ubuntu 20.04 LTS is vulnerable to CVE-2021-26910

2021-11-06 Thread Steve Beattie
Hi, thanks for preparing this and apologies that it got overlooked. I've
uploaded it to the security-proposed ppa https://launchpad.net/~ubuntu-
security-proposed/+archive/ubuntu/ppa/ where it has passed autopkgtests.
Any additional testing before it gets released to focal-security would
be appreciated!

Just to confirm my understanding is correct, disabling the overlayfs
confinement is disabling it as an option, and is not essential to
firejail's effectiveness, correct?

** Changed in: firejail (Ubuntu)
   Status: Confirmed => In Progress

** Changed in: firejail (Ubuntu)
 Assignee: (unassigned) => Steve Beattie (sbeattie)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1916767

Title:
  firejail version in Ubuntu 20.04 LTS is vulnerable to CVE-2021-26910

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firejail/+bug/1916767/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1948698] Re: Update tzdata to version 2021e

2021-10-26 Thread Steve Beattie
Okay from the Ubuntu Security team for these tzdata updates to land in
security pockets. Thanks!

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1948698

Title:
  Update tzdata to version 2021e

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/1948698/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1945527] Re: Update tzdata to version 2021a-2

2021-10-21 Thread Steve Beattie
This was fixed for xenial/esm with tzdata 2021a-2ubuntu0.16.04+esm1 and
for trusty/esm with tzdata 2021a-2ubuntu0.14.04+esm1. Thanks Brian, for
preparing these updates!

** Changed in: tzdata (Ubuntu Xenial)
   Status: New => Fix Released

** Also affects: tzdata (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Changed in: tzdata (Ubuntu Trusty)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1945527

Title:
  Update tzdata to version 2021a-2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/1945527/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1755447] Re: issue 32185: SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2021-10-20 Thread Steve Beattie
I am not aware of a security impact from this issue, so if it is to be
addressed in xenial ESM, it would eed to go through a support request.
closing the xenial tasks as Won't Fix.

** Changed in: python2.7 (Ubuntu Xenial)
   Status: New => Won't Fix

** Changed in: python3.5 (Ubuntu Xenial)
   Status: New => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1755447

Title:
  issue 32185: SSLContext.wrap_socket sends SNI Extension when
  server_hostname is IP

To manage notifications about this bug go to:
https://bugs.launchpad.net/python/+bug/1755447/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1755447] Re: issue 32185: SSLContext.wrap_socket sends SNI Extension when server_hostname is IP

2021-10-20 Thread Steve Beattie
For python2.7, this was fixed in
https://github.com/python/cpython/commit/a5c9112300ecd492ed6cc9759dc8028766401f61
which landed in 2.7.15, so has been fixed in bionic-updates and newer.

** Changed in: python2.7 (Ubuntu Bionic)
   Status: New => Fix Released

** Changed in: python2.7 (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1755447

Title:
  issue 32185: SSLContext.wrap_socket sends SNI Extension when
  server_hostname is IP

To manage notifications about this bug go to:
https://bugs.launchpad.net/python/+bug/1755447/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1911465] Re: autopkgtest fails on Xenial

2021-10-10 Thread Steve Beattie
In actuality, the bug describing the autopkgtest failure for docker.io
in xenial is bug 1855481. The fix for this in xenial was incorporated
into the docker.io 18.09.7-0ubuntu1~16.04.9+esm1 ESM update.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1911465

Title:
  autopkgtest fails on Xenial

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1911465/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1946137] Re: distro-info-data update needed for 14.04/16.04 ESM being extended to five years

2021-10-06 Thread Steve Beattie
This was fixed in all releases (including trusty and xenial ESM) except
impish, leaving that task open.

** Changed in: distro-info-data (Ubuntu)
   Status: Fix Released => Triaged

** Also affects: distro-info-data (Ubuntu Xenial)
   Importance: Undecided
   Status: New

** Also affects: distro-info-data (Ubuntu Focal)
   Importance: Undecided
   Status: New

** Also affects: distro-info-data (Ubuntu Trusty)
   Importance: Undecided
   Status: New

** Also affects: distro-info-data (Ubuntu Bionic)
   Importance: Undecided
   Status: New

** Also affects: distro-info-data (Ubuntu Hirsute)
   Importance: Undecided
   Status: New

** Changed in: distro-info-data (Ubuntu Trusty)
   Status: New => Fix Released

** Changed in: distro-info-data (Ubuntu Xenial)
   Status: New => Fix Released

** Changed in: distro-info-data (Ubuntu Bionic)
   Status: New => Fix Released

** Changed in: distro-info-data (Ubuntu Focal)
   Status: New => Fix Released

** Changed in: distro-info-data (Ubuntu Hirsute)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946137

Title:
  distro-info-data update needed for 14.04/16.04 ESM being extended to
  five years

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/distro-info-data/+bug/1946137/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1946137] [NEW] distro-info-data update needed for 14.04/16.04 ESM being extended to five years

2021-10-05 Thread Steve Beattie
Public bug reported:

It was recently announced the the 14.04 and 16.04 ESM releases would be
receive a total of five years ESM support status each, and the distro-
info-data for ubuntu should be updated to reflect that:

  $ dpkg -l distro-info-data | grep ^ii
  ii  distro-info-data 0.51 all  information about the 
distributions' releases (data files)
  $ grep -E '(Trusty|Xenial)' /usr/share/distro-info/ubuntu.csv
  14.04 LTS,Trusty 
Tahr,trusty,2013-10-17,2014-04-17,2019-04-25,2019-04-25,2022-04-25
  16.04 LTS,Xenial 
Xerus,xenial,2015-10-22,2016-04-21,2021-04-21,2021-04-21,2024-04-23

The last entries should be updated to 2024 and 2026 respectively, to match the 
information at 
https://ubuntu.com/security/esm

** Affects: distro-info-data (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946137

Title:
  distro-info-data update needed for 14.04/16.04 ESM being extended to
  five years

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/distro-info-data/+bug/1946137/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1352007] Re: avconv crashed with SIGSEGV in paint_mouse_pointer()

2021-09-30 Thread Steve Beattie
** Information type changed from Private to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1352007

Title:
  avconv crashed with SIGSEGV in paint_mouse_pointer()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/1352007/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1368481] Re: avconv assert failure: avconv: /build/buildd/libav-11~beta1/libavcodec/put_bits.h:139: put_bits: Assertion `n <= 31 && value < (1U << n)' failed.

2021-09-30 Thread Steve Beattie
** Information type changed from Private to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1368481

Title:
  avconv assert failure: avconv:
  /build/buildd/libav-11~beta1/libavcodec/put_bits.h:139: put_bits:
  Assertion `n <= 31 && value < (1U << n)' failed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/bombono/+bug/1368481/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 980943] Re: ffmpeg crashed with SIGSEGV in __libc_start_main()

2021-09-30 Thread Steve Beattie
** Attachment removed: "CoreDump.gz"
   
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980943/+attachment/3059934/+files/CoreDump.gz

** Information type changed from Private to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/980943

Title:
  ffmpeg crashed with SIGSEGV in __libc_start_main()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libav/+bug/980943/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1928648] Re: expiring trust anchor compatibility issue

2021-09-30 Thread Steve Beattie
Ack from the Ubuntu Security team for both gnutls28 3.5.18-1ubuntu1.5
and 3.4.10-4ubuntu1.9 to go to bionic-security and xenial-security
respectively.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1928648

Title:
  expiring trust anchor compatibility issue

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1928648/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1943960] Re: s390x BPF JIT vulnerabilities

2021-09-22 Thread Steve Beattie
** Description changed:

  [Impact]
  s390 BPF JIT vulnerabilities allow the eBPF verifier to be bypassed, leading 
to possible local privilege escalation.
  
  [Mitigation]
  Disable unprivileged eBPF.
  sysctl -w kernel.unprivileged_bpf_disabled=1
  
  [Potential regression]
  BPF programs might execute incorrectly, affecting seccomp, socket filters, 
tracing and other BPF users.
+ 
+ Commits to address this are upstream in Linus' tree; they are:
+ 
+   1511df6f5e9e ("s390/bpf: Fix branch shortening during codegen pass")
+   6e61dc9da0b7 ("s390/bpf: Fix 64-bit subtraction of the -0x8000 
constant")
+   db7bee653859 ("s390/bpf: Fix optimizing out zero-extensions")
+ 
+ and have been applied to the 5.14, 5.4 , 4.19, and 4.4 stable branches.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1943960

Title:
  s390x BPF JIT vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1943960/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1943960] Re: s390x BPF JIT vulnerabilities

2021-09-22 Thread Steve Beattie
Commits to address this are upstream in Linus' tree; they are:

  1511df6f5e9e ("s390/bpf: Fix branch shortening during codegen pass")
  6e61dc9da0b7 ("s390/bpf: Fix 64-bit subtraction of the -0x8000 constant")
  db7bee653859 ("s390/bpf: Fix optimizing out zero-extensions")

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1943960

Title:
  s390x BPF JIT vulnerabilities

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1943960/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1929105] Re: CVE-2021-3326: The iconv app in glibc when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion & aborts

2021-09-17 Thread Steve Beattie
** Bug watch added: Sourceware.org Bugzilla #27256
   https://sourceware.org/bugzilla/show_bug.cgi?id=27256

** Also affects: glibc via
   https://sourceware.org/bugzilla/show_bug.cgi?id=27256
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1929105

Title:
  CVE-2021-3326: The iconv app in glibc when processing invalid input
  sequences in the ISO-2022-JP-3 encoding, fails an assertion  & aborts

To manage notifications about this bug go to:
https://bugs.launchpad.net/glibc/+bug/1929105/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1863299] Re: linux-aws fails to late load microcode, works with generic

2021-09-14 Thread Steve Beattie
Is this worth addressing in the cloud kernels or should we stick to
early microcode loads only?

** Changed in: linux-aws (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1863299

Title:
  linux-aws fails to late load microcode, works with generic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1863299/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1939946] Re: bug

2021-09-14 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1939946

Title:
  bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1939946/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1942673] Re: glibc AddressSanitizer:DEADLYSIGNAL

2021-09-14 Thread Steve Beattie
** Information type changed from Private Security to Public Security

** Package changed: glibc (Ubuntu) => pcre2 (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942673

Title:
  glibc AddressSanitizer:DEADLYSIGNAL

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pcre2/+bug/1942673/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1942661] Re: package libitm1:amd64 10.3.0-1ubuntu1~20.04 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration

2021-09-14 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942661

Title:
  package libitm1:amd64 10.3.0-1ubuntu1~20.04 failed to install/upgrade:
  package is in a very bad inconsistent state; you should  reinstall it
  before attempting configuration

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gcc-10/+bug/1942661/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1942714] Re: package grub-pc 2.02-2ubuntu8.23 failed to install/upgrade: installed grub-pc package post-installation script subprocess returned error exit status 128

2021-09-14 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942714

Title:
  package grub-pc 2.02-2ubuntu8.23 failed to install/upgrade: installed
  grub-pc package post-installation script subprocess returned error
  exit status 128

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1942714/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1942914] Re: latte-dock crashed with SIGABRT in qt_message_fatal()

2021-09-14 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942914

Title:
  latte-dock crashed with SIGABRT in qt_message_fatal()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/latte-dock/+bug/1942914/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1942927]

2021-09-14 Thread Steve Beattie
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is available, members of the security team will review it and
publish the package. See the following link for more information:
https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

** Tags added: community-security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942927

Title:
  claws-mail package outdated (security risk)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/claws-mail/+bug/1942927/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1942927] Re: claws-mail package outdated (security risk)

2021-09-14 Thread Steve Beattie
Looks like https://git.claws-
mail.org/?p=claws.git;a=commit;h=ac286a71ed78429e16c612161251b9ea90ccd431
is the upstream commit to address the issue.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942927

Title:
  claws-mail package outdated (security risk)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/claws-mail/+bug/1942927/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1942923] Re: CVE-2021-38604: sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference

2021-09-14 Thread Steve Beattie
** Changed in: glibc (Ubuntu)
   Status: New => Confirmed

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942923

Title:
  CVE-2021-38604: sysdeps/unix/sysv/linux/mq_notify.c mishandles certain
  NOTIFY_REMOVED data, leading to a NULL pointer dereference

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1942923/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1942927] Re: claws-mail package outdated (security risk)

2021-09-14 Thread Steve Beattie
** Also affects: sylpheed (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942927

Title:
  claws-mail package outdated (security risk)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/claws-mail/+bug/1942927/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

  1   2   3   4   5   6   7   8   9   10   >