I don't think that's enough since it also gets pulled in by ubuntu-
desktop and ubuntu-desktop-minimal as recommends. It would also be nice
if we found a solution that fixes the issue on existing installations
since upgrades from mantic to noble will trigger the bug.
--
You received this bug
It looks like this change did indeed cause issues for non-qualcomm
hardware, see https://bugs.launchpad.net/ubuntu/+source/ubuntu-
meta/+bug/206266
We should definitely check if we can restrict the service to supported
qualcomm devices only. Currently it causes systemd errors and a
noticeable
Looking at the diff between mantic and noble I think the regression was
cause by a change to pd-mapper.service.in for
https://bugs.launchpad.net/ubuntu/+source/qrtr/+bug/2054296
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Can confirm that this is was a major annoyance on my m2 air after
upgrading to noble. it seems like this worked better in previous
releases. Looking at my logs it seems like it was already installed on
mantic but didn't cause startup problems. I think it gets pulled in by
being in Recommends for
The reason for the crash is that ntp uses an outdated OpenSSL API to use MD5
despite it normally being blocked in FIPS mode. This particular API has been
deprecated with OpenSSL 3 which we ship in Jammy.
This could be mitigated by switching to a newer OpenSSL API, but ntp also seems
to be on
Public bug reported:
Since I upgraded to Noble the lxd vga console doesn't work anymore. I am
using the lxd latest/stable snap (5.20-f3dd836). When trying to attach a
vga console to an lxd vm I get:
unshare: write failed /proc/self/uid_map: Operation not permitted
It seems to be related to
Adding a few more details as requested by Adrien.
I used lxd to run the autopkgtest, in particular:
# Build lxd image
/usr/bin/autopkgtest-build-lxd ubuntu-daily:noble
# Run
autopkgtest -s --apt-pocket=proposed ./openssl_3.0.13-1ubuntu2.dsc -- lxd
autopkgtest/ubuntu/noble/amd64
It is
As promised, here are some more details on how I tested:
- been running autopkgtest locally and made sure they pass (log attached)
- installed it on my local development machine to see if anything breaks
- tested the upgrade in a lxd container, made sure openssl speed works and does
the right
** Attachment added: "apt install log from fresh noble lxd container"
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2056593/+attachment/5754146/+files/openssl_3.0.13-1ubuntu2_install.log
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Public bug reported:
We have an open MR with a handful of FIPS compatibilty changes we wore hoping
to get into 24.04. The main purpose of the changes is to detect whether the
kernel is running in FIPS mode and adjust the behavior of the library
accordingly by loading the correct provider backend
** Patch removed: "rpki-jammy.diff"
https://bugs.launchpad.net/ubuntu/+source/rpki-client/+bug/2056201/+attachment/5753356/+files/rpki-jammy.diff
** Patch removed: "rpki-jammy.diff"
Right, new diff attached.
** Patch added: "rpki-jammy.diff"
https://bugs.launchpad.net/ubuntu/+source/rpki-client/+bug/2056201/+attachment/5753368/+files/rpki-jammy.diff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Thanks! Documented both changes and made them clean reverts since that's
easier. New diff attached and pushed to git.
** Patch added: "rpki-jammy.diff"
https://bugs.launchpad.net/ubuntu/+source/rpki-client/+bug/2056201/+attachment/5753356/+files/rpki-jammy.diff
--
You received this bug
test build is available at
https://launchpad.net/~tobhe/+archive/ubuntu/testing/+packages
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056201
Title:
[BPO] rpki-client/9.0-1 from noble
To manage
** Patch removed: "rpki-jammy.diff"
https://bugs.launchpad.net/ubuntu/+source/rpki-client/+bug/2056201/+attachment/5752928/+files/rpki-jammy.diff
** Patch added: "rpki-jammy.diff"
https://bugs.launchpad.net/ubuntu/+source/rpki-client/+bug/2056201/+attachment/5752932/+files/rpki-jammy.diff
jammy backport patch is attached or available via git at
https://code.launchpad.net/~tobhe/ubuntu/+source/rpki-client/+git/rpki-
client/+ref/ubuntu/jammy-backport
** Patch added: "rpki-jammy.diff"
Public bug reported:
[Impact]
rpki-client implements the RPKI standard which is still actively developed and
moving fast.
Running a two year old release at this stage doesn't make a whole lot of sense
so it would be great
if we could make a version with newer features available for Ubuntu LTS
> does this change the ABI in any way that anything would care about or
notice?
I don't think it does, but you have a point. It might be a little safer
not to touch the function signature. Here's an updated fix.
** Patch added: "Autodetect FIPS kernel focal 2"
> have mysql detect a fips environment and auto-adjust?
This seems to be the best solution in terms of UX. I think auto-
switching to SSL + fips mode is always better than failing with a
cryptic OpenSSL error from a user's point of view.
The attached fix makes both client and server detect if
It looks like this is indeed an exim issue that was fixed in a recent
update. exim bug report can be found at:
https://bugs.exim.org/show_bug.cgi?id=2886
** Bug watch added: bugs.exim.org/ #2886
http://bugs.exim.org/show_bug.cgi?id=2886
** Changed in: exim4 (Ubuntu)
Importance: Undecided
I have forwarded this bug to upstream at
https://gitlab.com/gnutls/gnutls/-/issues/1374
** Bug watch added: gitlab.com/gnutls/gnutls/-/issues #1374
https://gitlab.com/gnutls/gnutls/-/issues/1374
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
** Changed in: mysql-8.0 (Ubuntu)
Assignee: Henry Coggill (henrycoggill) => Tobias Heider (tobhe)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971788
Title:
Failure to enable SSL
You are right, 3.7.3-4 from jammy already contains the fix. I am
suspecting that the fix might be the cause of your segfault since this
was the last change in this part of the code and it seems to be a
regression introduced in jammy.
It looks like this bug hasn't been reported upstream yet. so we
** Changed in: exim4 (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1974214
Title:
Segfaults on verify callout, in _gnutls_trust_list_get_issuer
To manage
Thanks for taking your time to report this issue and help making Ubuntu
better.
It looks like this crash might be related to the upstream bug at
https://gitlab.com/gnutls/gnutls/-/issues/1277
** Bug watch added: gitlab.com/gnutls/gnutls/-/issues #1277
** Package changed: ubuntu => linux (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1974162
Title:
Crashing rtl8192cu on Ubuntu 22.04 LTS (5.15.0-30-generic) with Edimax
EW-7612UAn V2
** Changed in: network-manager (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1973642
Title:
[REGRESSION] Unable to connect to EAP-TLS networks
To manage
I don't know much about dropbear but from your explanation it does
indeed sound like this is an upstream OpenSSH bug that should be
reported at https://bugzilla.mindrot.org/.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: gcc-12 (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1972043
Title:
Please add -ftrivial-auto-var-init=zero to default build flags
To
** Changed in: openssl (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971992
Title:
openssl rmd160 digest broken
To manage notifications about this
Hey Jan, thanks for the report. This has been discussed upstream at
https://github.com/openssl/openssl/issues/16994.
OpenSSL 3 has deprecated RIPEMD160 and thus moved them to the legacy provider
according to the official openssl migration guide at
** Changed in: openssl (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971992
Title:
openssl rmd160 digest broken
To manage notifications about this bug go
I have tested all three packages and they seem to work as intended. The
updated packages also log the correct ssh fingerprint. Below is the log
output of all versions as well as ssh-keygen -l for comparison.
bionic with version 0.10.3-1ubuntu0.1
sec-bionic-amd64 sudo[11266]: pam_ssh_agent_auth:
one more for bionic
** Patch added: "pam-ssh-agent-auth_0.10.3-1ubuntu0.1.debdiff"
https://bugs.launchpad.net/ubuntu/bionic/+source/pam-ssh-agent-auth/+bug/1964486/+attachment/5571259/+files/pam-ssh-agent-auth_0.10.3-1ubuntu0.1.debdiff
--
You received this bug notification because you are a
** Patch added: "pam-ssh-agent-auth_0.10.3-3ubuntu1.21.10.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/pam-ssh-agent-auth/+bug/1964486/+attachment/5570440/+files/pam-ssh-agent-auth_0.10.3-3ubuntu1.21.10.1.debdiff
--
You received this bug notification because you are a member of
Here is a new debdiff for focal with improvements proposed by @mdeslaur
** Patch added: "pam-ssh-agent-auth_0.10.3-3ubuntu1.20.04.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/pam-ssh-agent-auth/+bug/1964486/+attachment/5570439/+files/pam-ssh-agent-auth_0.10.3-3ubuntu1.20.04.1.debdiff
hey @ddstreet the security certs team would prefer a fix via SRU rather
than the FIPS PPA as the changes present a general improvement by
getting rid of the deprecated MD5 fingerprints and making them
compatible with what `ssk-keygen -l` outputs
--
You received this bug notification because you
I ported and tested the fix for impish and focal, see attached debdiff.
** Patch added: "Fix for impish and focal"
https://bugs.launchpad.net/ubuntu/+source/pam-ssh-agent-auth/+bug/1964486/+attachment/5570087/+files/pam-ssh-agent-auth_0.10.3-3ubuntu2.debdiff
--
You received this bug
> We should file a bug there with the patch.
>
> In addition, it looks like OpenSSH uses a "SHA256:" prefix and base64
> encodes the fingerprint. We should probably update the patch to do the
> same.
I updated the patch to also change the encoding and filed an upstream PR at
** Changed in: pam-ssh-agent-auth (Ubuntu Jammy)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964486
Title:
crash when in FIPS mode
To manage
Fixed in jammy with
https://launchpad.net/ubuntu/+source/pam-ssh-agent-auth/0.10.3-3.1ubuntu1
As not using md5 is an improvement for everyone (ssh defaults to sha256
fingerprints since at least bionic) we think getting the fix in via SRU makes
more sense than a FIPS-specific package.
--
You
** Changed in: pam-ssh-agent-auth (Ubuntu Jammy)
Status: Fix Released => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1964486
Title:
crash when in FIPS mode
To manage
42 matches
Mail list logo