[Bug 2062118] Re: autopkgtests fail on s390x (segfault)
** Tags added: rls-oo-incoming -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062118 Title: autopkgtests fail on s390x (segfault) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2062118/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062119] Re: autopkgtests fail on ppc64el
** Tags added: rls-oo-incoming -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062119 Title: autopkgtests fail on ppc64el To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libtracefs/+bug/2062119/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062018] Re: [FFe] gnutls28: merge 3.8.5-2 and backport RSAES-PKCS1-v1_5 fix
** Changed in: gnutls28 (Ubuntu) Status: Triaged => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062018 Title: [FFe] gnutls28: merge 3.8.5-2 and backport RSAES-PKCS1-v1_5 fix To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/2062018/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062167] Re: [FFe] openssl: post-3.0.13 changes from git
** Changed in: openssl (Ubuntu) Status: Triaged => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062167 Title: [FFe] openssl: post-3.0.13 changes from git To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2062167/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062167] Re: [FFe] openssl: post-3.0.13 changes from git
Note that there is a CVE fix in there too. It's low-severity because it's only unbounded memory growth but it's quite easy to trigger and I think that anyone who has a webserver with TLS 1.3 will want it patched. Therefore there should be an upload of this at least. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062167 Title: [FFe] openssl: post-3.0.13 changes from git To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2062167/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062167] [NEW] [FFe] openssl: post-3.0.13 changes from git
Public bug reported: I would like to have the most recent openssl version possible in Noble. For that I am requesting to upload all the commits in the openssl-3.0 branch that follow 3.0.13 which is already in the archive. I would like to include 3.0.14 afterwards if feasible. Having the most recent commits of the 3.0 branch will make that easier. I went through all commits since 3.0.13 at the end of January. I skipped a few which touch files that are not in the 3.0.13 release tarball (github CI stuff mostly) and edited one that touched such a file. There are only fixes. This is not surprising considering we are past the 13th patch release for openssl 3.0, and almost 3 years after 3.0 was released. Changes are most usually backports which is a good thing as it means they are also tested in the other branches, including through 3.3, for which the .0 release was published a few days ago after weeks in beta/RC. There are a few behaviour tweaks, and that is why I want to get as close as possible to what 3.0.14 will be. The bigger one is ad6cbe4b7f57a783a66a7ae883ea0d35ef5f82b6: Revert "Improved detection of engine-provided private "classic" keys", which also states "The workaround has caused more problems than it solved." As I said, I went through all commits. All look safe to me. The question really boils down to whether we will include these fixes in Noble now or if we won't: there is only a very very small chance that any given change is SRU'ed afterwards. ** Affects: openssl (Ubuntu) Importance: High Status: Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062167 Title: [FFe] openssl: post-3.0.13 changes from git To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2062167/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062018] [NEW] [FFe] gnutls28: merge 3.8.5-2 and backport RSAES-PKCS1-v1_5 fix
Public bug reported: Please allow the merge and upload of https://code.launchpad.net/~adrien-n/ubuntu/+source/gnutls28/+git/gnutls28/+merge/464535 . I made the commit message there quite complete so I'm basically copying that here. In a few words, this is meant to include as many fixes as possible (potentially including security ones) since they probably would linger on afterwards. There is also a change regarding PKCS#1 v1.5 which has been deprecated but seemingly kept the same status in gnutls; this adds the recommended replacement and makes it possible to disable the deprecated format in configuration. This is the kind of things we want for LTS releases. Moreover, there are no changes that we want to avoid. There are changes we don't care (much) about (tests, static builds, ...), but no changes we want to avoid. Below is a copy of the commit message of the MR. This is a late update to gnutls in order to include the most recent security fixes, even if they are low-severity. It merges 3.8.5-2 from Debian and includes a better fix for the issue that prompted the upload of -2 (wrong default configuration if no config file is present). There are fixes except one potential performance improvement. Some of the fixes are about catching up with current standards. I went through all commits, there are many varied changes. I'm skipping updates to tests or changes that are not relevant to Ubuntu. Basic fixes: - ktls detection (possibly a regression in noble) - memleak in gnutls-serv - segfault in _gnutls13_recv_end_of_early_data - potential segfault in _gnutls13_recv_finished - missing argument when using the _gnutls_debug_log macro - wrong test in lib/mpi.c Misc changes that are still somewhat notable: - nettle: plumb RIPEMD160, because GCR (commit says "GnuTLS", I think it's a typo) still uses it to display a fingerprint for openpgp keys - x509: support PBES1-DES-SHA1, in order to parse legacy PKCS#8 files in GCR (the gnome library) The one performance improvement (that I didn't benchmark): "Make compression libraries dynamically loadable" (it's from January, not April). Finally, a fix to adapt gnutls to current standards: support RSA-OAEP and make it possible to disable RSAES-PKCS1-v1_5. I think it is important this gets into Noble due to the long support period. Moreover, it can come in handy in the future to be able to disable algorithms when flaws are discovered. https://www.rfc-editor.org/rfc/rfc8017#section-7 : > RSAES-OAEP is REQUIRED to be supported for new applications; RSAES- PKCS1-v1_5 is included only for compatibility with existing applications. ** Affects: gnutls28 (Ubuntu) Importance: High Status: Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062018 Title: [FFe] gnutls28: merge 3.8.5-2 and backport RSAES-PKCS1-v1_5 fix To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/2062018/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051925] Re: [MIR] promote libtracefs as a trace-cmd dependency
Matching MR is up: https://code.launchpad.net/~adrien-n/ubuntu/+source/libtracefs/+git/libtracefs/+merge/464434 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051925 Title: [MIR] promote libtracefs as a trace-cmd dependency To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libtracefs/+bug/2051925/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055309] Re: No test suite run at built time nor as autopkgtest
** Changed in: libtracefs (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055309 Title: No test suite run at built time nor as autopkgtest To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libtracefs/+bug/2055309/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051925] Re: [MIR] promote libtracefs as a trace-cmd dependency
I just got test results on amd64 and arm64. https://autopkgtest.ubuntu.com/results/autopkgtest-noble-adrien-n-noble- libtracefs-mir/noble/amd64/libt/libtracefs/20240416_142558_e8175@/log.gz https://autopkgtest.ubuntu.com/results/autopkgtest-noble-adrien-n-noble- libtracefs-mir/noble/arm64/libt/libtracefs/20240416_142825_fe233@/log.gz As you see, it's not valgrind-clean but I don't think that matters as that's probably stuff that won't grow as usage grows and libtracefs is not meant to be used for long period of times at once. i386 and armhf fail due to uninstallable dependencies due to issues not related to this MIR AFAICT; I don't think these platforms matter for libtracefs. ppc64el failure: https://autopkgtest.ubuntu.com/results/autopkgtest- noble-adrien-n-noble-libtracefs- mir/noble/ppc64el/libt/libtracefs/20240416_140308_3a076@/log.gz s390x failure: https://autopkgtest.ubuntu.com/results/autopkgtest-noble- adrien-n-noble-libtracefs- mir/noble/s390x/libt/libtracefs/20240416_140252_c405a@/log.gz -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051925 Title: [MIR] promote libtracefs as a trace-cmd dependency To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libtracefs/+bug/2051925/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051925] Re: [MIR] promote libtracefs as a trace-cmd dependency
Still working on it. I'm only cleaning up the changes but I've been having issues with the autopkgtest infrastructure since the beginning of the week (if I trigger tests within "too" quickly, the testbed setup fails). Status is: - amd64 and arm64 pass, - ppc64el fails with 2, 3, or 4 failures, - s390x fails early with a segfault - not sure about i386 and armhf which I considered as second-class here. A number of tests are skipped because they are basically performance tests and therefore easily fail in CI. I need to investigate if the ppc64el failures fall into this. The s390x issue might be related to endianness but imitating the endianness patch in libtraceevent didn't yield success and I didn't have much time to devote to that on top of the rest. It doesn't seem reasonable to spend much more time in a row on this at the moment. We can work on better ppc64el and s390x over time. Is that OK for that MIR? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051925 Title: [MIR] promote libtracefs as a trace-cmd dependency To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libtracefs/+bug/2051925/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051925] Re: [MIR] promote libtracefs as a trace-cmd dependency
I'm working on this and mostly finishing the changes. I think all comments in Christian's messages are addressed. Tests work. Valgrind tests are used and not too slow. Tests and build must run in VMs and not containers. I have published the changes in a PPA ( https://launchpad.net/~adrien-n/+archive/ubuntu/noble-libtracefs- mir ) but publication seems to be taking a while (there is no change between the two published version besides correcting the version number). I'll run this through autopkgtest once I can, i.e. when it's published (my local noble images get stuck somewhere unrelated, no idea why). Waiting on builders and testers now... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051925 Title: [MIR] promote libtracefs as a trace-cmd dependency To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libtracefs/+bug/2051925/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055309] Re: No test suite run at built time nor as autopkgtest
** Changed in: libtracefs (Ubuntu) Assignee: (unassigned) => Adrien Nader (adrien-n) ** Changed in: libtracefs (Ubuntu) Status: New => In Progress ** Changed in: libtracefs (Ubuntu) Milestone: None => ubuntu-24.04 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055309 Title: No test suite run at built time nor as autopkgtest To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libtracefs/+bug/2055309/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055309] Re: No test suite run at built time nor as autopkgtest
I carried this forward. In a Noble LXD container, the test setup doesn't work. In a Noble LXD VM, three tests fail: tracefs_iterate_snapshot_events, , and uprobes. The first and second tests fail because they try to sched_setaffinity() across 8 cores which the VM host has but the VM itself has only one core exposed and this API returns EINVAL. I'll have a very quick look to see if the CPU detection logic can be changed. Otherwise we won't ever be able to rely on these tests. The third also fails on my Mantic machine. I cannot create the directory mentioned by Paul anywhere it seems. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055309 Title: No test suite run at built time nor as autopkgtest To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libtracefs/+bug/2055309/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2009544] Re: OpenSSL 3 performance regression
I'm going to target this to 24.10 as it's the first time it will be possible to "solve" it. As far as I understand, there will probably be performance loss with 3.3 compared to 1.1 but it's going to be a long tail rather than a few big changes which have been included in 3.1, 3.2 and 3.3. Btw, Antoine, are you able to test with 3.3 beta? I'd like to know where we'll stand and if we should take additional steps. I'm also not opposed to performance backports for 22.04 but I must make it clear that these take time to author, test and validate, and also require calendar time (at which point the next release might very well be out). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2009544 Title: OpenSSL 3 performance regression To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2009544/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2009544] Re: OpenSSL 3 performance regression
** Also affects: openssl (Ubuntu Noble) Importance: Undecided Status: Confirmed ** Also affects: openssl (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: openssl (Ubuntu Mantic) Importance: Undecided Status: New ** Changed in: openssl (Ubuntu Mantic) Status: New => Won't Fix ** Changed in: openssl (Ubuntu Jammy) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2009544 Title: OpenSSL 3 performance regression To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2009544/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2009544] Re: OpenSSL 3 performance regression
Due to openssl's release schedule, 24.04 Noble Numbat will still use 3.0. It will be 3.0.13 unless a 3.0.14 is released very soon. After Noble Numbat is released, I will work on openssl 3.3 for the subsequent Ubuntu release. It is not yet released but will be soon so I might start with beta/RC. The openssl release schedule dictates that there will be another openssl LTS release by the time Ubuntu's next release (26.04) enters development. Unfortunately there is little way around this due to openssl's own schedule and the need to have very long support. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2009544 Title: OpenSSL 3 performance regression To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2009544/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059417] Re: Sync xz-utils 5.6.1-1 (main) from Debian unstable (main)
** Description changed: + NOTE: THIS IS AN ATTEMPT AT INCLUDING A BACKDOOR. THIS IS LEFT FOR + HISTORICAL PURPOSES ONLY AND MUST NOT BE DONE. + + Please sync xz-utils 5.6.1-1 (main) from Debian unstable (main) Hello! I am one of the upstream maintainers for XZ Utils. Version 5.6.1 was recently released and uploaded to Debian as a bugfix only release. Notably, this fixes a bug that causes Valgrind to issue a warning on any application dynamically linked with liblzma. This includes a lot of important applications. This could break build scripts and test pipelines that expect specific output from Valgrind in order to pass. Additionally, this fixes a small typo for the man pages translations for Brazilian Portuguese, German, French, Korean, Romanian, and Ukrainian, and removes the need for patches applied for version 5.6.0-0.2. The other bugfixes in this release have no impact on Ubuntu. They involve building with CMake or when building on a system without Landlock system calls defined (these are defined in Ubuntu). Changelog entries since current noble version 5.6.0-0.2: xz-utils (5.6.1-1) unstable; urgency=medium * Non-maintainer upload. * Import 5.6.1 (Closes: #1067708). * Takeover maintenance of the package. -- Sebastian Andrzej Siewior Wed, 27 Mar 2024 22:53:21 +0100 - Excerpt from the NEWS entry from upstream: 5.6.1 (2024-03-09) - * liblzma: Fixed two bugs relating to GNU indirect function (IFUNC) - with GCC. The more serious bug caused a program linked with - liblzma to crash on start up if the flag -fprofile-generate was - used to build liblzma. The second bug caused liblzma to falsely - report an invalid write to Valgrind when loading liblzma. + * liblzma: Fixed two bugs relating to GNU indirect function (IFUNC) + with GCC. The more serious bug caused a program linked with + liblzma to crash on start up if the flag -fprofile-generate was + used to build liblzma. The second bug caused liblzma to falsely + report an invalid write to Valgrind when loading liblzma. - * xz: Changed the messages for thread reduction due to memory - constraints to only appear under the highest verbosity level. + * xz: Changed the messages for thread reduction due to memory + constraints to only appear under the highest verbosity level. - * Build: + * Build: - - Fixed a build issue when the header file - was present on the system but the Landlock system calls were - not defined in . + - Fixed a build issue when the header file + was present on the system but the Landlock system calls were + not defined in . - - The CMake build now warns and disables NLS if both gettext - tools and pre-created .gmo files are missing. Previously, - this caused the CMake build to fail. + - The CMake build now warns and disables NLS if both gettext + tools and pre-created .gmo files are missing. Previously, + this caused the CMake build to fail. - * Minor improvements to man pages. + * Minor improvements to man pages. - * Minor improvements to tests. + * Minor improvements to tests. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059417 Title: Sync xz-utils 5.6.1-1 (main) from Debian unstable (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xz-utils/+bug/2059417/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055422] Re: Please sync xz-utils 5.6.0-0.2 from Debian experimental
I had forgotten about this bug. Thanks for bringing this up and let me close this. ** Changed in: xz-utils (Ubuntu) Status: New => Invalid ** Description changed: + NOTE: THE VERSION MENTIONED HERE HAS BEEN BACKDOORED. + I am keeping the text below unchanged due to its possible historical relevance. + + == + Xz-utils 5.6.0 was released last Friday. It features a much faster decompression code on all platforms but on x86_64 in particular, it is 60% faster in my testing. It also aligns better current practices of enabling multi-threading by default (always with a default memory limit of 25% of the system physical memory). Sebastian Andrzej Siewior has uploaded it to experimental and after a few fixes for integration (due to extra output on stderr in particular), has uploaded xz-utils 5.6.0-0.2. I expect tests to pass now considering they almost all succeeded with the first upload. I am aware of tweaks to other packages too but I'm not sure they will actually be needed with this new upload and since they relate to pristine-tar and/or dpkg, I think it's probably better to be sure first due to the ongoing migrations. Thanks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055422 Title: Please sync xz-utils 5.6.0-0.2 from Debian experimental To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xz-utils/+bug/2055422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059417] Re: Sync xz-utils 5.6.1-1 (main) from Debian unstable (main)
I'll dive deeper into this. The timing collides with the t64 transition so that makes me curious. Moreover, Debian reverted to 5.4.5 so the situation where we're on 5.6.0 doesn't match Debian either. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059417 Title: Sync xz-utils 5.6.1-1 (main) from Debian unstable (main) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xz-utils/+bug/2059417/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059287] [NEW] Test failures in noble-proposed (all-proposed)
Public bug reported: Autopkgtests for request-tracker4 (and 5 it seems) fail on all arches and due to the recent changes around test environments and the use of all-proposed, it's difficult to identify which package change is responsible. I actually see some passes on amd64 and arm64 but due to the environment issues that existed when the tests ran, I can't conclude much from them. Moreover, they weren't running with all-proposed like they would now. I also didn't see triggers related to gpg which could have been useful hints even with unreliable environment considering the errors. Please badtest request-tracker4 and request-tracker5. The typical errors are https://objectstorage.prodstack5.canonical.com/swift/v1/AUTH_0f9aae918d5b4744bf7b827671c86842/autopkgtest- noble/noble/arm64/r/request-tracker4/20240326_183841_3725f@/log.gz 2470s t/security/CVE-2012-4735-incoming-encryption-header.t .. 2470s # GnuPG --homedir /tmp/WbcjpQjcFA 2470s ok 1 - created a ticket 2470s ok 2 - loaded ticket 2470s ok 3 - Found the right attachment 2470s ok 4 - Incoming encryption header is removed 2470s ok 5 - Incoming signature header is removed 2470s ok 6 - created a ticket 2470s not ok 7 2470s 2470s # Failed test at t/security/CVE-2012-4735-incoming-encryption-header.t line 60. 2470s # found warning: gpg: keybox '/tmp/WbcjpQjcFA/pubring.kbx' created 2470s # found warning: Failure during GnuPG data: No data has been found. The reason is 'Invalid packet found' 2470s # found warning: Failure during GnuPG data: No data has been found. The reason is 'No armored data' 2470s # found warning: Failure during GnuPG gpg-exit: Failed to gpg-exit 2470s # expected to find warning: (?^:(?:keyring|keybox) .* created) 2470s # expected to find warning: (?^:Failure during GnuPG data: No data has been found\. The reason is 'Invalid packet found') 2470s # expected to find warning: (?^:Failure during GnuPG data: No data has been found\. The reason is 'No armored data') 2470s ok 8 - loaded ticket 2470s ok 9 - Found the right attachment 2470s ok 10 - Incoming encryption header is removed 2470s ok 11 - Incoming signature header is removed 2470s ok 12 - no warnings 2470s 1..12 2470s # Some tests failed or we bailed out, tmp directory '/tmp/autopkgtest.z5x7lQ/autopkgtest_tmp/smokeFWUfP9/t/tmp/security-CVE-2012-4735-incoming-encryption-header.t-kZdETulR' is not cleaned or https://objectstorage.prodstack5.canonical.com/swift/v1/AUTH_0f9aae918d5b4744bf7b827671c86842/autopkgtest- noble/noble/ppc64el/r/request-tracker4/20240323_184121_31e59@/log.gz 727s # encryption only, bad recipient 727s not ok 43 727s 727s # Failed test at t/mail/crypt-gnupg.t line 180. 727s # didn't find a warning 727s # expected to find warning: (?^:No public key|public key not found) 727s not ok 44 - no way to encrypt without keys of recipients 727s 727s # Failed test 'no way to encrypt without keys of recipients' 727s # at t/mail/crypt-gnupg.t line 182. 1569s ok 71 - RT's mail includes this instance's name 1569s not ok 72 1569s 1569s # Failed test at t/web/crypt-gnupg.t line 382. 1569s # didn't find a warning 1569s # expected to find warning: (?^:nokey\@example.com: skipped: (?:No public key|public key not found)) 1569s # expected to find warning: (?^:Recipient 'nokey\@example.com' is unusable) 1569s ok 73 - created ticket for owner-without-pubkey 1569s ok 74 - created ticket for owner-with-pubkey 1569s not ok 75 1569s 1569s # Failed test at t/web/crypt-gnupg.t line 404. 1569s # didn't find a warning 1569s # expected to find warning: (?^:nokey\@example.com: skipped: (?:No public key|public key not found)) 1569s # expected to find warning: (?^:Recipient 'nokey\@example.com' is unusable) ** Affects: request-tracker4 (Ubuntu) Importance: Undecided Status: New ** Affects: request-tracker5 (Ubuntu) Importance: Undecided Status: New ** Tags: time-t ** Also affects: request-tracker5 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059287 Title: Test failures in noble-proposed (all-proposed) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/request-tracker4/+bug/2059287/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058940] Re: pyxplot: Please RM due to FTBFS
This is currently blocking texlive-bin, fftw3, python3-defaults, readline, ghostscript; all on armhf only. I think the previous build (before a no-change rebuild against cfitsio) was passing on other arches. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058940 Title: pyxplot: Please RM due to FTBFS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pyxplot/+bug/2058940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058947] [NEW] eso-midas: Please RM due to FTBFS
Public bug reported: eso-midas fails to build from source on all architectures at the moment, and the issue is reproducible locally. The failure looks like: # of pixels used = 843920 from 1,1 to 880,959 (in pixels) FITS file newVIMOS.fits will have 4 extensions *** buffer overflow detected ***: terminated Aborted (core dumped) The binary package is only a Recommends for astro-frameworks and a Depends for eso-midas-testdata which comes from this source package too. This is currently blocking readline and motif through armhf only because the previous build (before a no-change rebuild against libxt6t64 allowed the tests to pass I guess). ** Affects: eso-midas (Ubuntu) Importance: Undecided Status: New ** Tags: update-excuse -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058947 Title: eso-midas: Please RM due to FTBFS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/eso-midas/+bug/2058947/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058940] [NEW] pyxplot: Please RM due to FTBFS
Public bug reported: pyxplot fails to build from source on all architectures at the moment, and the issue is reproducible locally. The failure looks like: python3 makeFigureEps.py ../bin/pyxplot # Best fit parameters were: # - a1 = -1.2602846 a3 = -0.38489961 a5 = -0.18646569 *** buffer overflow detected ***: terminated Aborted (core dumped) Working on example ... [...] Traceback (most recent call last): File "/<>/doc/makeFigureEps.py", line 42, in if (status): raise RuntimeError("pyxplot failed") RuntimeError: pyxplot failed As far as I know it's only Recommend'ed by debian-science's science- nanoscale-physics and science-viewing. ** Affects: pyxplot (Ubuntu) Importance: Undecided Status: New ** Tags: update-excuse -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058940 Title: pyxplot: Please RM due to FTBFS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pyxplot/+bug/2058940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056593] Re: [FFE] FIPS compatibility patches
** Changed in: openssl (Ubuntu) Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056593 Title: [FFE] FIPS compatibility patches To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2056593/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058017] Re: openssl is not LTO-safe
** Changed in: openssl (Ubuntu) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058017 Title: openssl is not LTO-safe To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2058017/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058017] Re: openssl is not LTO-safe
** Description changed: tl;dr: since it's too much work to make openssl LTO-safe, upstream doesn't see it as a goal and doesn't test it, and there are probably no performance gains to LTO for this package. Openssl is an old project and the codebase wasn't written with aliasing rules in mind. There are several reports of issues related to LTO. The openssl technical commitee says "currently we're not going to fix all the strict aliasing and other LTO problems" and "Fixes raised in pull requests will be considered."; in other words: if you find a violation, we'll merge your fixes but we're not going to dedicate time to fixing them ourselves. We don't have specific reports on launchpad at the moment but there has been at least one issue experienced by the FIPS: the compiler decided a 0-filled array could be removed and proceeded to do so. In addition to that, compilers are only pushing this further and further. Issues are impossible to predict and even security updates could trigger issues. Gentoo prevents usage of LTO for openssl and has some links related to this at https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/openssl/openssl-3.2.1-r1.ebuild#n131 : - https://github.com/llvm/llvm-project/issues/55255 - https://github.com/openssl/openssl/issues/12247 - https://github.com/openssl/openssl/issues/18225 - https://github.com/openssl/openssl/issues/18663 - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 Gentoo also prevents usage of -fstrict-aliasing and always set -fno- strict-aliasing. I don't plan to do the same at least at the moment and for Noble since I don't have time to investigate more changes. Performance shouldn't be impacted much if at all: - crypto algorithms are implemented in ASM (funnily, using C implementations can trigger issues because these got miscompiled) - the rest of the openssl codebase probably doesn't benefit from LTO because source files match codepaths quite well - at the moment, openssl performance for servers is bad due to algorithmic/architectural issues, not micro-optimizations and these wouldn't be noticed - if LTO-compliance was doable and thought to be useful by upstream, they would have certainly pushed that forward, especially in the wake of openssl 3.0's performance issues. Code size increases by a few percents except for libcrypto which gets 17% larger. The corresponding .deb file increases by 2.6% only. I ran "openssl speed" with a long benchmark time in order to get good results (there is a variation of several percents with the default - times). I then scripted a diff which output is shown below (hopefully it - will display fine...); entries within 2% are not displayed. Also note + times). I then scripted a diff which output is shown below; "." + means the difference is within 2% which is the vast majority. Also note that some important ciphers are not present due to how openssl speed works; small aes-*-cbc are negatively impacted, up to -10% but that would -50% if you compared between "software" and "hardware" implementations, the results would be reversed at anything but the smallest data sizes, and the fact that you want to use hardware implementations as much as possible means that you also want to avoid places where LTO could have an effect. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes md5 . . . . .. sha1 . . . . .. rmd160. . . . .. sha256+2.3% . . . .. sha512. . . . .. hmac(md5) . . . . .. des-ede3 . . . . .. aes-128-cbc -10.0% . . . .. aes-192-cbc -7.6% . . . .. aes-256-cbc -5.2% . . . .. camellia-128-cbc . . . . .. camellia-192-cbc . . . . .. camellia-256-cbc . . . . .. ghash . . +21.2% -27.3% +30.5% +39.3% rand -2.8% -2.9% -2.9% -2.8% .. sign verify sign/s verify/s rsa 512 bits0.31s 0.02s -2.7%. rsa 1024bits. 0.05s .. rsa 2048bits+2.4%
[Bug 2058017] Re: openssl is not LTO-safe
** Description changed: tl;dr: since it's too much work to make openssl LTO-safe, upstream doesn't see it as a goal and doesn't test it, and there are probably no performance gains to LTO for this package. Openssl is an old project and the codebase wasn't written with aliasing rules in mind. There are several reports of issues related to LTO. The openssl technical commitee says "currently we're not going to fix all the strict aliasing and other LTO problems" and "Fixes raised in pull requests will be considered."; in other words: if you find a violation, we'll merge your fixes but we're not going to dedicate time to fixing them ourselves. We don't have specific reports on launchpad at the moment but there has been at least one issue experienced by the FIPS: the compiler decided a 0-filled array could be removed and proceeded to do so. In addition to that, compilers are only pushing this further and further. Issues are impossible to predict and even security updates could trigger issues. Gentoo prevents usage of LTO for openssl and has some links related to this at https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/openssl/openssl-3.2.1-r1.ebuild#n131 : - https://github.com/llvm/llvm-project/issues/55255 - https://github.com/openssl/openssl/issues/12247 - https://github.com/openssl/openssl/issues/18225 - https://github.com/openssl/openssl/issues/18663 - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 Gentoo also prevents usage of -fstrict-aliasing and always set -fno- strict-aliasing. I don't plan to do the same at least at the moment and for Noble since I don't have time to investigate more changes. Performance shouldn't be impacted much if at all: - crypto algorithms are implemented in ASM (funnily, using C implementations can trigger issues because these got miscompiled) - the rest of the openssl codebase probably doesn't benefit from LTO because source files match codepaths quite well - at the moment, openssl performance for servers is bad due to algorithmic/architectural issues, not micro-optimizations and these wouldn't be noticed - if LTO-compliance was doable and thought to be useful by upstream, they would have certainly pushed that forward, especially in the wake of openssl 3.0's performance issues. Code size increases by a few percents except for libcrypto which gets 17% larger. The corresponding .deb file increases by 2.6% only. - I will add results of "openssl speed" soon (in a few hours). + I ran "openssl speed" with a long benchmark time in order to get good + results (there is a variation of several percents with the default + times). I then scripted a diff which output is shown below (hopefully it + will display fine...); entries within 2% are not displayed. Also note + that some important ciphers are not present due to how openssl speed + works; small aes-*-cbc are negatively impacted, up to -10% but that + would -50% if you compared between "software" and "hardware" + implementations, the results would be reversed at anything but the + smallest data sizes, and the fact that you want to use hardware + implementations as much as possible means that you also want to avoid + places where LTO could have an effect. + + type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes + md5 + sha1 + rmd160 + sha256+2.3% + sha512 + hmac(md5) + des-ede3 + aes-128-cbc -10.0% + aes-192-cbc -7.6% + aes-256-cbc -5.2% + camellia-128-cbc + camellia-192-cbc + camellia-256-cbc + ghash +21.2% -27.3% +30.5% +39.3% + rand -2.8% -2.9% -2.9% -2.8% + sign verify sign/s verify/s + rsa 512 bits0.31s 0.02s -2.7% + rsa 1024bits0.05s + rsa 2048bits+2.4% 0.15s -2.3% + rsa 3072bits0.32s + rsa 4096bits + rsa 7680bits30.2 + rsa 15360 bits5.9 + sign verify sign/s verify/s + dsa 512 bits+4.8% 0.24s -3.9% + dsa 1024bits+2.5% -3.3% +2.4% + dsa 2048bits+2.0% + sign verify sign/s verify/s + 160 bitsecdsa (secp160r1)+100.0%+100.0% -2.2% + 192 bitsecdsa (nistp192) 0.0002s0.0002s -3.6% -3.3% + 224 bitsecdsa (nistp224) 0.s0.0001s + 256 bitsecdsa (nistp256) 0.s0.0001s + 384 bitsecdsa (nistp384) +14.3% 0.0006s -3.2% + 521 bitsecdsa (nistp521) 0.0002s0.0005s + 163 bitsecdsa (nistk163) 0.0002s0.0003s -3.2%
[Bug 2056593] Re: [FFE] FIPS compatibility patches
** Description changed: We have an open MR with a handful of FIPS compatibilty changes we wore hoping to get into 24.04. The main purpose of the changes is to detect whether the kernel is running in FIPS mode and adjust the behavior of the library accordingly by loading the correct provider backend and using defaults that are FIPS compliant (no md5, DES etc) instead trying to use non-compliant code paths and crashing. The proposed patches were taken from the OpenSSL version shipped in the FIPS archive at esm.ubuntu.com for 22.04. Having them in the regular archive will reduce the maintenance work significantly. None of the changes should have any impact on running OpenSSL in regular (non-fips) mode. Below is a detailed list of the changes: - d/p/fips/crypto-Add-kernel-FIPS-mode-detection.patch: - This adds a new internal API to determine whether the kernel has been booted - in FIPS mode. This can be overridden with the OPENSSL_FORCE_FIPS_MODE - environment variable. OPENSSL_FIPS_MODE_SWITCH_PATH can be used to specify an - alternative path for the fips_enabled file and is used in tests. - The FIPS_MODULE switch can be used to enable build of the the FIPS provider - module specific parts which are not needed in the OpenSSL library itself. + This adds a new internal API to determine whether the kernel has been booted + in FIPS mode. This can be overridden with the OPENSSL_FORCE_FIPS_MODE + environment variable. OPENSSL_FIPS_MODE_SWITCH_PATH can be used to specify an + alternative path for the fips_enabled file and is used in tests. + The FIPS_MODULE switch can be used to enable build of the the FIPS provider + module specific parts which are not needed in the OpenSSL library itself. - d/p/fips/crypto-Automatically-use-the-FIPS-provider-when-the-kerne.patch: - This automatically configures all library contexts to use the FIPS provider when - the kernel is booted in FIPS mode by: - - Setting "fips=yes" as the default property for algorithm fetches - - Loading and activating the FIPS provider as the fallback provider. + This automatically configures all library contexts to use the FIPS provider when + the kernel is booted in FIPS mode by: + - Setting "fips=yes" as the default property for algorithm fetches + - Loading and activating the FIPS provider as the fallback provider. - If applications load providers via a configuration either because the default - configuration is modified or they override the default configuration, this - disables loading of the fallback providers. In this case, the configuration - must load the FIPS provider when FIPS mode is enabled, else algorithm fetches - will fail + If applications load providers via a configuration either because the default + configuration is modified or they override the default configuration, this + disables loading of the fallback providers. In this case, the configuration + must load the FIPS provider when FIPS mode is enabled, else algorithm fetches + will fail - Applications can choose to use non-FIPS approved algorithms by specifying the - "-fips" or "fips=no" property for algorithm fetches and loading the default - provider. + Applications can choose to use non-FIPS approved algorithms by specifying the + "-fips" or "fips=no" property for algorithm fetches and loading the default + provider. - d/p/fips/apps-speed-Omit-unavailable-algorithms-in-FIPS-mode.patch: - Omit unavailable algorithms in FIPS mode + Omit unavailable algorithms in FIPS mode - d/p/fips/apps-pass-propquery-arg-to-the-libctx-DRBG-fetches.patch - The -propquery argument might be used to define a preference for which provider - an algorithm is fetched from. Set the query properties for the library context - DRBG fetches as well so that they are fetched with the same properties. + The -propquery argument might be used to define a preference for which provider + an algorithm is fetched from. Set the query properties for the library context + DRBG fetches as well so that they are fetched with the same properties. - d/p/fips/test-Ensure-encoding-runs-with-the-correct-context-during.patch: - This test uses 2 library contexts - one context for creating initial test keys, - and then another context (or the default context) for running tests. There is an - issue that during the encoding tests, the OSSL_ENCODER_CTX is created from the - created EVP_PKEYs, which are associated with the library context used to create - the keys. This means that encoding tests run with the wrong library context, - which always uses the default provider. + This test uses 2 library contexts - one context for creating initial test keys, + and then another context (or the default context) for running tests. There is an + issue that during the encoding tests, the OSSL_ENCODER_CTX is created from the + created EVP_PKEYs, which are
[Bug 2058017] Re: openssl is not LTO-safe
** Changed in: openssl (Ubuntu) Milestone: None => ubuntu-24.04 ** Changed in: openssl (Ubuntu) Assignee: (unassigned) => Adrien Nader (adrien-n) ** Changed in: openssl (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058017 Title: openssl is not LTO-safe To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2058017/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056593] Re: [FFE] FIPS compatibility patches
I did some additional tests too in a noble container. With/without the env var to set the file location, including with the file missing, with/without the env var to force FIPS mode, and using values 0, 1, 42, -42, a. By the way, note that access to these environment variables uses secure_getenv(). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056593 Title: [FFE] FIPS compatibility patches To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2056593/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058017] Re: openssl is not LTO-safe
** Summary changed: - [FFe] openssl is not LTO-safe + openssl is not LTO-safe -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058017 Title: openssl is not LTO-safe To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2058017/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058017] Re: [FFe] openssl is not LTO-safe
** Description changed: tl;dr: since it's too much work to make openssl LTO-safe, upstream doesn't see it as a goal and doesn't test it, and there are probably no performance gains to LTO for this package. Openssl is an old project and the codebase wasn't written with aliasing rules in mind. There are several reports of issues related to LTO. The openssl technical commitee says "currently we're not going to fix all the strict aliasing and other LTO problems" and "Fixes raised in pull requests will be considered."; in other words: if you find a violation, we'll merge your fixes but we're not going to dedicate time to fixing them ourselves. - We don't have specific reports on launchpad at the moment but but we - cannot rule out that we're already experiencing miscompilations and - compilers are only pushing this further and further. This is impossible - to know in advance and even security updates could trigger issues. + We don't have specific reports on launchpad at the moment but there has + been at least one issue experienced by the FIPS: the compiler decided a + 0-filled array could be removed and proceeded to do so. In addition to + that, compilers are only pushing this further and further. Issues are + impossible to predict and even security updates could trigger issues. Gentoo prevents usage of LTO for openssl and has some links related to this at https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/openssl/openssl-3.2.1-r1.ebuild#n131 : - https://github.com/llvm/llvm-project/issues/55255 - https://github.com/openssl/openssl/issues/12247 - https://github.com/openssl/openssl/issues/18225 - https://github.com/openssl/openssl/issues/18663 - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 Gentoo also prevents usage of -fstrict-aliasing and always set -fno- strict-aliasing. I don't plan to do the same at least at the moment and for Noble since I don't have time to investigate more changes. Performance shouldn't be impacted much if at all: - - crypto algorithms are implemented in ASM (funnily, using C implementations can trigger issues because these can get miscompiled) + - crypto algorithms are implemented in ASM (funnily, using C implementations can trigger issues because these got miscompiled) - the rest of the openssl codebase probably doesn't benefit from LTO because source files match codepaths quite well - at the moment, openssl performance for servers is bad due to algorithmic/architectural issues, not micro-optimizations and these wouldn't be noticed - if LTO-compliance was doable and thought to be useful by upstream, they would have certainly pushed that forward, especially in the wake of openssl 3.0's performance issues. Code size increases by a few percents except for libcrypto which gets 17% larger. The corresponding .deb file increases by 2.6% only. + + I will add results of "openssl speed" soon (in a few hours). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058017 Title: openssl is not LTO-safe To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2058017/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058017] Re: [FFe] openssl is not LTO-safe
** Summary changed: - openssl is not LTO-safe + [FFe] openssl is not LTO-safe -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058017 Title: [FFe] openssl is not LTO-safe To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2058017/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058017] [NEW] openssl is not LTO-safe
Public bug reported: tl;dr: since it's too much work to make openssl LTO-safe, upstream doesn't see it as a goal and doesn't test it, and there are probably no performance gains to LTO for this package. Openssl is an old project and the codebase wasn't written with aliasing rules in mind. There are several reports of issues related to LTO. The openssl technical commitee says "currently we're not going to fix all the strict aliasing and other LTO problems" and "Fixes raised in pull requests will be considered."; in other words: if you find a violation, we'll merge your fixes but we're not going to dedicate time to fixing them ourselves. We don't have specific reports on launchpad at the moment but but we cannot rule out that we're already experiencing miscompilations and compilers are only pushing this further and further. This is impossible to know in advance and even security updates could trigger issues. Gentoo prevents usage of LTO for openssl and has some links related to this at https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/openssl/openssl-3.2.1-r1.ebuild#n131 : - https://github.com/llvm/llvm-project/issues/55255 - https://github.com/openssl/openssl/issues/12247 - https://github.com/openssl/openssl/issues/18225 - https://github.com/openssl/openssl/issues/18663 - https://github.com/openssl/openssl/issues/18663#issuecomment-1181478057 Gentoo also prevents usage of -fstrict-aliasing and always set -fno- strict-aliasing. I don't plan to do the same at least at the moment and for Noble since I don't have time to investigate more changes. Performance shouldn't be impacted much if at all: - crypto algorithms are implemented in ASM (funnily, using C implementations can trigger issues because these can get miscompiled) - the rest of the openssl codebase probably doesn't benefit from LTO because source files match codepaths quite well - at the moment, openssl performance for servers is bad due to algorithmic/architectural issues, not micro-optimizations and these wouldn't be noticed - if LTO-compliance was doable and thought to be useful by upstream, they would have certainly pushed that forward, especially in the wake of openssl 3.0's performance issues. Code size increases by a few percents except for libcrypto which gets 17% larger. The corresponding .deb file increases by 2.6% only. ** Affects: openssl (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058017 Title: openssl is not LTO-safe To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2058017/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2030784] Re: Backport Intel's AVX512 patches on openssl 3.0
Thanks a lot for looking at this. The issue seems fixed on my machine. There are currently several changes being prepared for openssl and I think I'd rather batch them considering the state of the CI queue but this will definitely go into Noble. Thanks again. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2030784 Title: Backport Intel's AVX512 patches on openssl 3.0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2030784/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056739] Re: apparmor="DENIED" operation="open" class="file" profile="virt-aa-helper" name="/etc/gnutls/config"
Hey, I think everything in the gnutls/ directory should be allowed: there can be profiles with arbitrary names (or at least alnum I guess) which define priority/configuration strings that can be used by gnutls applications. I'm not aware of anything else that typically goes there but I haven't checked. I'll have another look today. More generally, there can be the same issue for openssl which has its own abstraction file but isn't included by default AFAIU. A similar issue could apply to ssl_certs since some apps/libraries ship their own cert bundle and could function despite not having access to the system store (I'm looking at you python). I don't know what would be a typical behavior here but I'm pretty sure that the whole range of possible behavior exists in the wild. I'm wondering if I understood the current rules fine because based on my understanding, I would have expected warnings for these too. A noteworthy change is https://bugs.launchpad.net/ubuntu/+source/nss/+bug/2016303 : it would access to /etc/nss . I don't know if NSS silently ignores inaccessible system-wide configuration or not. You might want to include it already. I think all these libraries should probably fail on EPERM. Probably 0 change upstreams accept such a change if it's needed however. :P -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056739 Title: apparmor="DENIED" operation="open" class="file" profile="virt-aa- helper" name="/etc/gnutls/config" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2056739/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055304] Re: openssl 3.0.2 backport IgnoreUnexpectedEOF ssl config option from 3.2
There are several reasons a program can skip loading the openssl configuration unfortunately: env vars pointing to another file, apparmor preventing loading, library initilization skipping it, ... Is the program that ignores the openssl configuration file in the Ubuntu archive? Or public? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055304 Title: openssl 3.0.2 backport IgnoreUnexpectedEOF ssl config option from 3.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2055304/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055304] Re: openssl 3.0.2 backport IgnoreUnexpectedEOF ssl config option from 3.2
Thanks for continued investigation. A reproducer would be valuable as it would allow me to verify independently the patch is effective, within the limits of the understanding of the situation of course and that can be especially time-consuming when not having access to the remote server. :/ A reproducer here can be along the lines of install ubuntu foo to get nginx bar, configure nginx with TLS and baz and use a given curl command. Right now it's difficult to say if you're missing something since I can't test by myself and compare. A reproducer is also going to be a required proof in practice for the change to be done in any past release. Timeline-wise, either this change gets into 24.04 which is entering Feature Freeze today, or it will wait for the development cycle of 24.10 when openssl is updated to >= 3.2 (probably 3.3). Then only will it be possible to also backport this to 22.04 which I guess is the release you are interested in. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055304 Title: openssl 3.0.2 backport IgnoreUnexpectedEOF ssl config option from 3.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2055304/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055422] Re: Please sync xz-utils 5.6.0-0.2 from Debian experimental
Graham pointed out that the upload was actually to unstable and therefore autosync'ed already! I'm going to keep the bug open until it migrates due to the possibility of some testsuite failures. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055422 Title: Please sync xz-utils 5.6.0-0.2 from Debian experimental To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xz-utils/+bug/2055422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055422] [NEW] Please sync xz-utils 5.6.0-0.2 from Debian experimental
Public bug reported: Xz-utils 5.6.0 was released last Friday. It features a much faster decompression code on all platforms but on x86_64 in particular, it is 60% faster in my testing. It also aligns better current practices of enabling multi-threading by default (always with a default memory limit of 25% of the system physical memory). Sebastian Andrzej Siewior has uploaded it to experimental and after a few fixes for integration (due to extra output on stderr in particular), has uploaded xz-utils 5.6.0-0.2. I expect tests to pass now considering they almost all succeeded with the first upload. I am aware of tweaks to other packages too but I'm not sure they will actually be needed with this new upload and since they relate to pristine-tar and/or dpkg, I think it's probably better to be sure first due to the ongoing migrations. Thanks. ** Affects: xz-utils (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055422 Title: Please sync xz-utils 5.6.0-0.2 from Debian experimental To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xz-utils/+bug/2055422/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055304] Re: openssl 3.0.2 backport IgnoreUnexpectedEOF ssl config option from 3.2
Thanks for the report. I am reluctant to backport this as I'm not sure it makes a lot of sense system-wide. Curl upstream didn't seem happy with enabling this work-around even in 2021. It seems the reason to integrate this would be to be able to ignore this despite curl not ignoring it nor offering a way to ignore it. I also don't like that it's the kind of configuration that will linger on systems for years, if not decades. For the distribution, this also means that once the patch is in, it needs to be supported for 15 years. On the other hand, it will get in after 24.04/Noble is released since upstream merged it... Still, I can't make a compelling case in favor of this patch. This is especially troublesome since a change to released versions needs exactly that. Which servers are you experiencing this issue with? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055304 Title: openssl 3.0.2 backport IgnoreUnexpectedEOF ssl config option from 3.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2055304/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 795355] Re: Intermittent SSL connection faults when using TLSv1
** Changed in: openssl (Ubuntu) Status: Incomplete => Won't Fix ** Changed in: apache (Ubuntu) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to a duplicate bug report (857636). https://bugs.launchpad.net/bugs/795355 Title: Intermittent SSL connection faults when using TLSv1 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/795355/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 400766] Re: ubuntu 9.04 installation problem
Old bug... I think the error comes from base-passwd függőségek: libc6 (>= 2.8); ám: libc6 rendszeren lévő verziója 2.8~20080505-0ubuntu9 which translates to base-passwd függőségek: libc6 (>= 2.8); ám: libc6 rendszeren lévő verziója 2.8~20080505-0ubuntu9 And then bash pre-depends on libc6 >= 2.8 and then many errors. Definitely not a libgcrypt20 issue and I don't think I can track this down without spending too much time on it for little return after 14 years. ** Changed in: libgcrypt20 (Ubuntu) Status: New => Won't Fix ** Changed in: libgcrypt20 (Ubuntu) Status: Won't Fix => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/400766 Title: ubuntu 9.04 installation problem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libgcrypt20/+bug/400766/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 396818] Re: openssl s_client behaves strangely without CAPath
I'm not seeing that behaviour on a 23.04 system and I expect it to be the same since 22.04 at least. As such I'm going to mark this as Fix Released. ** Changed in: openssl (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/396818 Title: openssl s_client behaves strangely without CAPath To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/396818/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 795355] Re: Intermittent SSL connection faults when using TLSv1
** Changed in: openssl (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to a duplicate bug report (857636). https://bugs.launchpad.net/bugs/795355 Title: Intermittent SSL connection faults when using TLSv1 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/795355/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1963669] [NEW] [pull-lp-source] not overriding default configurations
Public bug reported: My Ubuntu version: 20.04.3 LTS Package version: 0.188 According to the manpages, "pull-lp-source" script should parse environment variables or devscripts file to override package-wide variables. However, this is not working for me. For instance, when I set the environment variables to: export PULL_LP_SOURCE_MIRROR="https://de.mirrors.clouvider.net/ubuntu; export UBUNTUTOOLS_UBUNTU_MIRROR="https://de.mirrors.clouvider.net/ubuntu; export PULL_PKG_UBUNTU_MIRROR="https://de.mirrors.clouvider.net/ubuntu; export UBUNTUTOOLS_MIRROR_FALLBACK=no the script does not try to fetch the package from the mirror I have specified, and falls back to the default mirror even though I have specified it not to: $ ubuntu-dev-tools-0.188/pull-lp-source -v --download-only dash pullpkg options: {'login': False, 'verbose': 1, 'download_only': True, 'mirror': None, 'no_conf': False, 'no_verify_signature': False, 'status': [], 'arch': 'amd64', 'pull': 'source', 'distro': 'ubuntu', 'security': False, 'upload_queue': False, 'package': 'dash', 'release': None, 'version': None, 'ppa': None} Found dash 0.5.11+git20210903+057cd650a4ed-3 in jammy Downloading dash_0.5.11+git20210903+057cd650a4ed-3.dsc from ports.ubuntu.com (0.002 MiB) [=>]100% Public key not found, could not verify signature Downloading dash_0.5.11+git20210903+057cd650a4ed.orig.tar.xz from ports.ubuntu.com (0.127 MiB) [=>]100% Downloading dash_0.5.11+git20210903+057cd650a4ed-3.debian.tar.xz from ports.ubuntu.com (0.041 MiB) [=>]100% --download-only specified, not extracting ** Affects: ubuntu-dev-tools (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1963669 Title: [pull-lp-source] not overriding default configurations To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-dev-tools/+bug/1963669/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1848921] Re: iwlwifi firmware crashes intel 9260ac [8086:2526] subsystem [8086:0010]
@You-Sheng Yang Is this bug a duplicate/related to these? https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1855637 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1858077 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1848921 Title: iwlwifi firmware crashes intel 9260ac [8086:2526] subsystem [8086:0010] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1848921/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1848921] Re: iwlwifi firmware crashes intel 9260ac [8086:2526] subsystem [8086:0010]
I have a Lenovo Yoga S730 (marketed as Lenovo ideapad 730s in the US, mine is European) with the 9260 card and I can confirm that the same issue affects me. The wifi works fine in Windows 10. The only way I've managed to resolve the issue is by adding 11n_disable=1, but this caps my speed to 54mb which is too much of a compromise. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1848921 Title: iwlwifi firmware crashes intel 9260ac [8086:2526] subsystem [8086:0010] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1848921/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1839798] Re: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 failed to install/upgrade: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 cannot be configured because libdrm-radeon1:amd64 i
.. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1839798 Title: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 failed to install/upgrade: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 cannot be configured because libdrm-radeon1:amd64 is at a different version (2.4.91-2) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libdrm/+bug/1839798/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1839798] [NEW] package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 failed to install/upgrade: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 cannot be configured because libdrm-radeon1:amd64
Public bug reported: .. ProblemType: Package DistroRelease: Ubuntu 18.04 Package: libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 Uname: Linux 4.15.0-20-generic x86_64 NonfreeKernelModules: wl ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 CompositorRunning: None Date: Mon Aug 12 06:32:03 2019 Dependencies: gcc-8-base 8.3.0-6ubuntu1~18.04.1 libc6 2.27-3ubuntu1 libdrm-common 2.4.97-1ubuntu1~18.04.1 libdrm2 2.4.97-1ubuntu1~18.04.1 libgcc1 1:8.3.0-6ubuntu1~18.04.1 DistUpgraded: Fresh install DistroCodename: bionic DistroVariant: ubuntu DkmsStatus: bcmwl, 6.30.223.271+bdcom, 4.15.0-20-generic, x86_64: installed bcmwl, 6.30.223.271+bdcom, 4.15.0-55-generic, x86_64: installed nvidia, 390.116, 4.15.0-20-generic, x86_64: installed DuplicateSignature: package:libdrm-radeon1:i386:2.4.97-1ubuntu1~18.04.1 Setting up libffi6:i386 (3.2.1-8) ... dpkg: error processing package libdrm-radeon1:amd64 (--configure): package libdrm-radeon1:amd64 2.4.91-2 cannot be configured because libdrm-radeon1:i386 is at a different version (2.4.97-1ubuntu1~18.04.1) ErrorMessage: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 cannot be configured because libdrm-radeon1:amd64 is at a different version (2.4.91-2) GraphicsCard: Intel Corporation 2nd Generation Core Processor Family Integrated Graphics Controller [8086:0116] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Dell 2nd Generation Core Processor Family Integrated Graphics Controller [1028:04ca] NVIDIA Corporation GF108M [GeForce GT 525M] [10de:0df5] (rev a1) (prog-if 00 [VGA controller]) Subsystem: Dell GF108M [GeForce GT 525M] [1028:04ca] InstallationDate: Installed on 2019-08-11 (0 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) MachineType: Dell Inc. Inspiron N5110 PackageArchitecture: i386 ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-20-generic root=UUID=9f2d3a5c-c2dc-43fd-948a-a62c676212f0 ro quiet splash vt.handoff=1 Python3Details: /usr/bin/python3.6, Python 3.6.8, python3-minimal, 3.6.5-3 PythonDetails: N/A RelatedPackageVersions: dpkg 1.19.0.5ubuntu2 apt 1.6.1 SourcePackage: libdrm Title: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 failed to install/upgrade: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 cannot be configured because libdrm-radeon1:amd64 is at a different version (2.4.91-2) UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 07/18/2011 dmi.bios.vendor: Dell Inc. dmi.bios.version: A07 dmi.board.name: 0FXK2Y dmi.board.vendor: Dell Inc. dmi.board.version: A07 dmi.chassis.type: 8 dmi.chassis.vendor: Dell Inc. dmi.chassis.version: Not Specified dmi.modalias: dmi:bvnDellInc.:bvrA07:bd07/18/2011:svnDellInc.:pnInspironN5110:pvrNotSpecified:rvnDellInc.:rn0FXK2Y:rvrA07:cvnDellInc.:ct8:cvrNotSpecified: dmi.product.name: Inspiron N5110 dmi.product.version: Not Specified dmi.sys.vendor: Dell Inc. version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.97-1ubuntu1~18.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 19.0.2-1ubuntu1.1~18.04.2 version.libgl1-mesa-glx: libgl1-mesa-glx 19.0.2-1ubuntu1.1~18.04.2 version.xserver-xorg-core: xserver-xorg-core 2:1.19.6-1ubuntu4 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:18.0.1-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20171229-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.15-2 ** Affects: libdrm (Ubuntu) Importance: Undecided Status: New ** Tags: apport-package bionic i386 ubuntu -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1839798 Title: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 failed to install/upgrade: package libdrm-radeon1:i386 2.4.97-1ubuntu1~18.04.1 cannot be configured because libdrm-radeon1:amd64 is at a different version (2.4.91-2) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libdrm/+bug/1839798/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1579712] Re: Refresh hangs indefinitely, appstreamcli using 100% CPU
I had the same problem in a fresh copy of Ubuntu 16.04 running as a VMWare Guest. I followed the instructions as #24. Everything works now. Thanks a lot for the instructions. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1579712 Title: Refresh hangs indefinitely, appstreamcli using 100% CPU To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/appstream/+bug/1579712/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1265192] Re: Install/reinstall wipes out all/other partitions
sto caricando ubuntukylin 14.10.posso continuare? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1265192 Title: Install/reinstall wipes out all/other partitions To manage notifications about this bug go to: https://bugs.launchpad.net/elementaryos/+bug/1265192/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1265192] Re: Install/reinstall wipes out all/other partitions
corrego,sto salvando file,sono in download. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1265192 Title: Install/reinstall wipes out all/other partitions To manage notifications about this bug go to: https://bugs.launchpad.net/elementaryos/+bug/1265192/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 945603] Re: lxkeymap crashed with IndexError in finish_initializing(): list index out of range
** Changed in: lxkeymap Status: Fix Committed = Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/945603 Title: lxkeymap crashed with IndexError in finish_initializing(): list index out of range To manage notifications about this bug go to: https://bugs.launchpad.net/lxkeymap/+bug/945603/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 53887] Re: [patch] Command completion should be enhanced
Whats the status of this? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/53887 Title: [patch] Command completion should be enhanced To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/53887/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1105645] [NEW] /etc/bash.d
Public bug reported: Hello, two-line summary: I propose to create a /etc/bash.d/ directory for files that need to be read when starting a non-login shell. longer version: Files in /etc/profile.d/ are sourced for _login shells_ (in other words: whenever /etc/profile is read). That works fine for setting environment variables (which are exported to child processes, including shells), but breaks for things like bash completion because those aren't inherited to non-login shells. If you don't know the difference: su - $USER # will give you a login shell bash # will give you a non-login shell If you open a normal (non-login) shell, the files in /etc/profile.d/ are _not_ read. This means that various bash completions are not available. I propose to create a /etc/bash.d/ directory for files that need to be read when starting a non-login shell. This adds the advantage of having a *.d directory where you can just drop in a file and it is used. I never used a different shell, therefore I have no idea if we'll need a /etc/tcsh.d/, /etc/ash.d/, /etc/zsh.d/, ... directory - feedback on this (and of course on the /etc/bash.d/ proposal) is welcome ;-) ** Affects: bash (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1105645 Title: /etc/bash.d To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1105645/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 390508] Re: notifyOSD ignores the expire timeout parameter
I also like to appeal this decision. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/390508 Title: notifyOSD ignores the expire timeout parameter To manage notifications about this bug go to: https://bugs.launchpad.net/hundredpapercuts/+bug/390508/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 296800] Re: [needs-packaging] Netactview
Still interested... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/296800 Title: [needs-packaging] Netactview To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/296800/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1039420] Re: NTP security vulnerability because not using authentication by default
NTP has public and private keys. http://doc.ntp.org/4.1.0/genkeys.htm Just like SSL, gpg, etc. Of course ntp.ubuntu.com and other server owners keep their private key secure. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security vulnerability because not using authentication by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1039420/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1039420] Re: NTP security vulnerability because not using authentication by default
NTP has public and private keys. http://doc.ntp.org/4.1.0/genkeys.htm Just like SSL, gpg, etc. Of course ntp.ubuntu.com and other server owners keep their private key secure. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security vulnerability because not using authentication by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1039420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1039420] Re: NTP security vulnerability because not using authentication by default
I have some ideas ideas... There is already ntp.ubuntu.com, can you add authentication? Ubuntu has importance. Can you officially ask the NTP pool if they could add authentication? Can you publicly the problem somewhere? A blog post? I am sure some NTP server volunteers would like to add authentication, if you can provide clear instructions for them. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security vulnerability because not using authentication by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1039420/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1039420] Re: NTP security vulnerability because not using authentication by default
I have some ideas ideas... There is already ntp.ubuntu.com, can you add authentication? Ubuntu has importance. Can you officially ask the NTP pool if they could add authentication? Can you publicly the problem somewhere? A blog post? I am sure some NTP server volunteers would like to add authentication, if you can provide clear instructions for them. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security vulnerability because not using authentication by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1039420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1039420] [NEW] NTP security vulnerability because not using authentication by default
*** This bug is a security vulnerability *** Public security bug reported: Ubuntu implements so much security one way or another. So much defenses against network level man in the middle or malicious proxies or wifi hotspots. Cryptographic verification generally works well but there is one big drawback: it requires correct date/time. NTP in Ubuntu does not use any authentication by default, although it is supported by NTP. I conclude, that almost no one is using authenticated NTP, because there are no instructions in a forum or blog how to enable NTP authentication. Therefore almost everyone uses standard configuration and is at risk. An adversary can tamper with the unauthenticated NTP replies and put the users time several years back, especially, but not limited, if the bios battery or hardware clock is defect. That issue becomes more relevant with new devices like RP, which do not even have a hardware clock. Putting the clock several years back allows an adversary to use already revoked, broken, expired certificates; replay old, broken, outdated, known vulnerable updates etc. ** Affects: ntp (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security vulnerability because not using authentication by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1039420/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1039420] Re: NTP security vulnerability because not using authentication by default
No need to keep this private. Has been publicly discussed but without proper bug report and the discussion felt into oblivion. http://ubuntu.5.n6.nabble.com/authenticated-NTP-td4486136.html -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security vulnerability because not using authentication by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1039420/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1039420] [NEW] NTP security vulnerability because not using authentication by default
*** This bug is a security vulnerability *** Public security bug reported: Ubuntu implements so much security one way or another. So much defenses against network level man in the middle or malicious proxies or wifi hotspots. Cryptographic verification generally works well but there is one big drawback: it requires correct date/time. NTP in Ubuntu does not use any authentication by default, although it is supported by NTP. I conclude, that almost no one is using authenticated NTP, because there are no instructions in a forum or blog how to enable NTP authentication. Therefore almost everyone uses standard configuration and is at risk. An adversary can tamper with the unauthenticated NTP replies and put the users time several years back, especially, but not limited, if the bios battery or hardware clock is defect. That issue becomes more relevant with new devices like RP, which do not even have a hardware clock. Putting the clock several years back allows an adversary to use already revoked, broken, expired certificates; replay old, broken, outdated, known vulnerable updates etc. ** Affects: ntp (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security vulnerability because not using authentication by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1039420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1039420] Re: NTP security vulnerability because not using authentication by default
No need to keep this private. Has been publicly discussed but without proper bug report and the discussion felt into oblivion. http://ubuntu.5.n6.nabble.com/authenticated-NTP-td4486136.html -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039420 Title: NTP security vulnerability because not using authentication by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1039420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 997212] Re: Openbox crashing X.org, running GTK 3.4 applications.
https://bugzilla.icculus.org/show_bug.cgi?id=5460 says it's fixed upstream. Any updates here? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/997212 Title: Openbox crashing X.org, running GTK 3.4 applications. To manage notifications about this bug go to: https://bugs.launchpad.net/openbox/+bug/997212/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1036482] [NEW] [needs-packaging] Tor Browser
Public bug reported: Tor Browser is an anonymity, security and privacy oriented browser based on Mozilla Firefox from torproject.org. https://www.torproject.org/ Tor is the last serious anonymity network. Tor is the only option for non-criminals to speak freely and anonymously. All other networks are so weak, that researchers don't even talk about the others anymore. http://freehaven.net/anonbib/#2012 Tor Button + Mozilla Firefox is deprecated and recommend against. https://blog.torproject.org/blog/toggle-or-not-toggle-end-torbutton Configuring Mozilla Firefox to use Tor as socks proxy is even more deprecated and recommend against.(browser fingerprinting, https://www.torproject.org/torbutton/torbutton-faq.html.en#oldtorbutton There is only Tor in Ubuntu repository. Tor Browser is missing. Please package! Downloading the bundle from torproject.org is bad. It happened that torproject.org was targeted using a compromised SSL certificate authority. 1. visit torproject.org 2. download 3. import gpg key 4. download signature 5. verify signature... Very bad. Please add to packages, apt-get install torbrowser is much better! URL: https://www.torproject.org/ License: 100% Open Source ** Affects: ubuntu Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1036482 Title: [needs-packaging] Tor Browser To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1036482/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1024735] [NEW] preseed does not work without any network card
Public bug reported: Version: Ubuntu Server 12.04 CD Test 1: d-i netcfg/enable boolean false Test 2: d-i netcfg/enable boolean false d-i netcfg/dhcp_options select \Do not configure the network at this time\ Test 3: d-i netcfg/enable boolean false d-i netcfg/dhcp_options select \Do not configure the network at this time\ d-i netcfg/no_interfaces boolean true Test 4: d-i netcfg/no_interfaces boolean true Error message always: [!!] Configure the network Installation step failed The failing step is: Configure the network ** Affects: preseed (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1024735 Title: preseed does not work without any network card To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/preseed/+bug/1024735/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 786545] [NEW] gwiber is not showing any information
Public bug reported: Binary package hint: gwibber I added a facebook account and a twitter account but no information are dispplayed inside gwibber. Any help will be appreciated. Regards ** Affects: gwibber (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/786545 Title: gwiber is not showing any information -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 183685] Re: compiz.real crashed with SIGSEGV
unsuscribe On Mon, Oct 20, 2008 at 5:22 PM, fabio.oberto [EMAIL PROTECTED]wrote: unsuscribe Paquito ha scritto: unsubscribe On Mon, Oct 20, 2008 at 10:47 AM, befamao [EMAIL PROTECTED] wrote: unsubscribe 2008/10/20 BUGabundo [EMAIL PROTECTED] I've reported the unsubscribe bug against malone. feel free to comment/subscribe there: https://bugs.launchpad.net/malone/+bug/286269 -- compiz.real crashed with SIGSEGV https://bugs.launchpad.net/bugs/183685 You received this bug notification because you are a direct subscriber of the bug. Status in Collection of plugins from OpenCompositing for Compiz: Fix Released Status in compiz-fusion-plugins-main source package in Ubuntu: Fix Released Bug description: Binary package hint: compiz it just crashed for some unknown reason. ProblemType: Crash Architecture: amd64 Date: Wed Jan 16 22:19:09 2008 DistroRelease: Ubuntu 8.04 ExecutablePath: /usr/bin/compiz.real NonfreeKernelModules: nvidia Package: compiz-core 1:0.6.99+git20080102-0ubuntu4 PackageArchitecture: amd64 ProcCmdline: /usr/bin/compiz.real --ignore-desktop-hints --replace --loose-binding --sm-client-id default0 ccp ProcCwd: /home/hardaway ProcEnviron: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games LANG=C SHELL=/bin/bash Signal: 11 SourcePackage: compiz StacktraceTop: ?? () from /usr/lib/compiz/libworkarounds.so ?? () from /usr/lib/compiz/libworkarounds.so ?? () from /usr/lib/compiz/libezoom.so ?? () from /usr/lib/compiz/libvpswitch.so ?? () from /usr/lib/compiz/libfade.so Title: compiz.real crashed with SIGSEGV Uname: Linux ubuntu 2.6.24-4-generic #1 SMP Mon Jan 14 18:19:11 UTC 2008 x86_64 GNU/Linux UserGroups: adm admin audio cdrom dialout dip floppy lpadmin netdev plugdev scanner video -- compiz.real crashed with SIGSEGV https://bugs.launchpad.net/bugs/183685 You received this bug notification because you are a direct subscriber of the bug. Status in Collection of plugins from OpenCompositing for Compiz: Fix Released Status in compiz-fusion-plugins-main source package in Ubuntu: Fix Released Bug description: Binary package hint: compiz it just crashed for some unknown reason. ProblemType: Crash Architecture: amd64 Date: Wed Jan 16 22:19:09 2008 DistroRelease: Ubuntu 8.04 ExecutablePath: /usr/bin/compiz.real NonfreeKernelModules: nvidia Package: compiz-core 1:0.6.99+git20080102-0ubuntu4 PackageArchitecture: amd64 ProcCmdline: /usr/bin/compiz.real --ignore-desktop-hints --replace --loose-binding --sm-client-id default0 ccp ProcCwd: /home/hardaway ProcEnviron: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games LANG=C SHELL=/bin/bash Signal: 11 SourcePackage: compiz StacktraceTop: ?? () from /usr/lib/compiz/libworkarounds.so ?? () from /usr/lib/compiz/libworkarounds.so ?? () from /usr/lib/compiz/libezoom.so ?? () from /usr/lib/compiz/libvpswitch.so ?? () from /usr/lib/compiz/libfade.so Title: compiz.real crashed with SIGSEGV Uname: Linux ubuntu 2.6.24-4-generic #1 SMP Mon Jan 14 18:19:11 UTC 2008 x86_64 GNU/Linux UserGroups: adm admin audio cdrom dialout dip floppy lpadmin netdev plugdev scanner video -- compiz.real crashed with SIGSEGV https://bugs.launchpad.net/bugs/183685 You received this bug notification because you are a direct subscriber of the bug. -- compiz.real crashed with SIGSEGV https://bugs.launchpad.net/bugs/183685 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 227618] Re: open office is very slow as hang
yes still i tride another linux like freespir it ok the problim on ubuntu On 6/6/08, Chris Cheney [EMAIL PROTECTED] wrote: Do you still have this problem with openoffice.org 1:2.4.1~rc2-1ubuntu1 in hardy-proposed? If so can you include the file that is showing the problem? Thanks, Chris Cheney ** Changed in: openoffice.org (Ubuntu) Status: New = Incomplete -- open office is very slow as hang https://bugs.launchpad.net/bugs/227618 You received this bug notification because you are a direct subscriber of the bug. ** Attachment added: unnamed http://launchpadlibrarian.net/15088325/unnamed ** Attachment added: FULL DASD NEW.ods http://launchpadlibrarian.net/15088326/FULL%20DASD%20NEW.ods -- open office is very slow as hang https://bugs.launchpad.net/bugs/227618 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 227618] Re: open office is very slow as hang
slow scroll in OPEN OFFICE CALC and it hang. I have a table of 9 column 450 rows full with data it is vary slow to scroll in it put whin i convaret the same table to .xls and i open it on M$office it was fine. My file size 49KB 150KB .xls -- open office is very slow as hang https://bugs.launchpad.net/bugs/227618 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs