Public bug reported:
The current stable version of freeradius is the 2.2 series (2.2.4, of march
19th 2014).
Having at least a PPA for the recent stable version would be a good thing.
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: freeradius 2.1.12+dfsg-1.2ubuntu8
ProcVersionSignature:
Given that response rate limiting is considered (short of implementing BCP 38)
the recommended
mitigation against the rampant DNS Amplification Attacks it would be foolish to
strip Ubuntu LTS users of that tool!
See: https://www.us-cert.gov/ncas/alerts/TA13-088A
--
You received this bug
Not a bug.
smtpd_helo_restriction is a typo, it must be smtpd_helo_restriction*s* (with an
s at the end!)
Postfix emits a warning, since typo'ed parameters have no effect!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in
http://code.google.com/p/modwsgi/wiki/InstallationIssues#Python_Patch_Level_Mismatch
From what I've seen, the python packages in Ubuntu are built using
--enable-shared, so this is a non-issue.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
Public bug reported:
In the log I'm finding:
[Wed Jun 27 09:21:51 2012] [warn] mod_wsgi: Compiled for Python/2.7.2+.
[Wed Jun 27 09:21:51 2012] [warn] mod_wsgi: Runtime using Python/2.7.3.
[Wed Jun 27 09:21:51 2012] [notice] Apache/2.2.22 (Ubuntu) mod_fcgid/2.3.6
mod_ssl/2.2.22 OpenSSL/1.0.1
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mod-wsgi in Ubuntu.
https://bugs.launchpad.net/bugs/1018315
Title:
Compiled for Python/2.7.2+, Runtime using Python/2.7.3.
To manage notifications about this bug go to:
Public bug reported:
Postfix stable release 2.9. is available.
This release adds support to turn off the TLSv1.1 and TLSv1.2 protocols.
Introduced with OpenSSL version 1.0.1, these protocols are known to
cause inter-operability problems, for example with some hotmail
services.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/991754
Title:
Add support to turn off the TLSv1.1 and TLSv1.2 protocols
To manage notifications about this bug go to:
** Description changed:
- Postfix stable release 2.9. is available.
+ Postfix stable release 2.9.2 is available.
This release adds support to turn off the TLSv1.1 and TLSv1.2 protocols.
Introduced with OpenSSL version 1.0.1, these protocols are known to
cause inter-operability problems,
This is a real issue, since mail just stays in the queue, because the
other side drops dead.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/991754
Title:
Add support to turn off
This is not a wishlist bug:
a) Wietse doesn't release patch releases to Postfix unless necessary
b) https://wiki.ubuntu.com/Bugs/Importance
lists for severity medium:
A bug that has a moderate impact on a core application
postfix is a core application and this issue renders TLS
Public bug reported:
In my daemon.log I'm finding lots of those:
# fgrep -1 netsnmp_assert /var/log/daemon.log
Mar 25 22:10:51 search snmpd[1589]: Connection from UDP:
[10.32.32.167]:51129-[10.32.32.146]
Mar 25 22:11:15 search snmpd[1589]: netsnmp_assert 1 == new_val-high failed
int64.c:419
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-snmp in Ubuntu.
https://bugs.launchpad.net/bugs/966039
Title:
netsnmp_assert 1 == new_val-high failed int64.c:419
netsnmp_c64_check32_and_update()
To manage notifications about
Still there in precise:
~$ sudo postfix upgrade-configuration
Note: the following files or directories still exist but are no
longer part of Postfix:
/etc/postfix/postfix-files /etc/postfix/postfix-script
/etc/postfix/post-install
--
You received this bug notification
Still there in oneiric
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/760478
Title:
postfix upgrade-configuration reports extraneous files
To manage notifications about this bug
Note: ONLY a VDSL modem -- if you have a router, you don't need this.
But if you're using the routers as modem only (pppoE passthrough), you
absolutely need vlan!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to vlan in Ubuntu.
I just verified this again after a brand new Natty install:
$ sudo postfix upgrade-configuration
[sudo] password for hildeb:
Note: the following files or directories still exist but are no
longer part of Postfix:
/etc/postfix/postfix-files /etc/postfix/postfix-script
1. Yes
2. Run postfix upgrade-configuration
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/760478
Title:
postfix upgrade-configuration reports extraneous files
--
Public bug reported:
Binary package hint: postfix
root@www:/etc/postfix# postfix upgrade-configuration
Note: the following files or directories still exist but are no
longer part of Postfix:
/etc/postfix/postfix-files /etc/postfix/postfix-script
/etc/postfix/post-install
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/760478
Title:
postfix upgrade-configuration reports extraneous files
--
Ubuntu-server-bugs mailing list
Public bug reported:
Binary package hint: ipvsadm
# ipvsadm -n
Try `ipvsadm -h' or 'ipvsadm --help' for more information.
# ipvsadm --numeric
Try `ipvsadm -h' or 'ipvsadm --help' for more information.
Yet the help and man pages say it should work:
# ipvsadm --help |tail -1
--numeric
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ipvsadm in Ubuntu.
https://bugs.launchpad.net/bugs/758808
Title:
ipvsadm -n doesn't work
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or
* Colin Watson cjwat...@canonical.com:
On the upstream thread, I wondered if the MTU might be relevant. That
would certainly be one explanation for a bug that's apparently sensitive
to packet length.
I'm having this problem in the local LAN and via DSL (from home)
--
Ralf Hildebrandt
downgrading openssh-client from 1:5.8p1-1ubuntu1 to 1:5.5p1-4ubuntu5
makes the problem go away.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
https://bugs.launchpad.net/bugs/708493
Title:
cannot login anymore:
Repeated login attempts to the same machine yield different results:
$ ssh -vv r...@albatross.python.org
OpenSSH_5.8p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1:
* Colin Watson cjwat...@canonical.com:
FWIW the OpenSSH configure script indicates that ECC only needs OpenSSL
0.9.8g.
I think this GDB session is probably a red herring due to the way sshd
re-execs itself.
Yup.
So what is the problem here. I cannot see any obvious error.
--
Ralf
Sooo, I found this. All the failing systems have
ii libssl1.0.0 1.0.0c-2
SSL shared libraries
installed (I compiled Postfix against openssl-1.0.0, that's why it's
installed), yet their sshd is not linked against libssl1.0.0:
mail:~# ldd /usr/sbin/sshd
But I found that it also fails against a host withOUT openssl-1.0.0:
debug2: kex_parse_kexinit: none,z...@openssh.com
debug2: kex_parse_kexinit: none,z...@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2:
So I ran sshd on the target machine in a debugger:
# gdb /usr/sbin/sshd
GNU gdb (GDB) 7.0.1-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are free to change and redistribute it.
Public bug reported:
After todays update to
1:5.7p1-1ubuntu1
I cannot login to SOME (!) of my servers. Example of a server failing:
~$ ssh -v root@mail
OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/hildeb/.ssh/config
debug1: Reading
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
https://bugs.launchpad.net/bugs/708493
Title:
cannot login anymore: Read from socket failed: Connection reset by
peer
--
Ubuntu-server-bugs mailing list
$ ssh -vvv root@mail
OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/hildeb/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to mail
mail:~# /usr/sbin/sshd -p2 -ddd
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 639
debug2: parse_server_config: config /etc/ssh/sshd_config len 639
debug3: /etc/ssh/sshd_config:5 setting Port 22
debug3: /etc/ssh/sshd_config:9 setting
$ ssh -vvv root@netsight
OpenSSH_5.7p1 Debian-1ubuntu1, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /home/hildeb/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to netsight
** Changed in: openssh (Ubuntu)
Status: Incomplete = New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
https://bugs.launchpad.net/bugs/708493
Title:
cannot login anymore: Read from socket failed:
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: php5
ii php5-cli5.3.2-1ubuntu4.5
command-line interpreter for the php5 script
et al
are affected by http://bugs.php.net/53632
See
2.2.16-1ubuntu1 is not in lucid
--
client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
https://bugs.launchpad.net/bugs/589611
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs
Yes it does!
--
proxying SSL throws errors
https://bugs.launchpad.net/bugs/595855
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings
/bugreport.cgi?bug=583858
I can tell you that the error does NOT occur with a 64bit Ubuntu!
(we reinstalled a 64bit lucid from scratch and transferred the config: the
error was gone!)
The problematic 32bit machine is a vmware virtual machine.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung
* Stefan Fritsch s...@sfritsch.de:
This is a rather strange bug:
- It happens if I enable exactly two out of the three modules deflate,
reqtimeout, dump_io. But not with only one or all three of them.
- I have also tried replacing mod_ssl.so, mod_deflate.so, and the
openssl-libs with the
* Stefan Fritsch s...@sfritsch.de:
I suspect this is the same issue as bug #595855 and #595116: Headers are
getting truncated with https. So far, I have no idea about the reason.
If you have mod_reqtimeout and/or mod_deflate enabled, you can try if
disabling one or both of them makes any
This seems to be related to my bug
https://bugs.launchpad.net/bugs/589611
Are you also using DEFLATE?
--
ssl error reading the headers
https://bugs.launchpad.net/bugs/595116
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in
I found out the following:
* disabling https:// for the page mentioned above AND activating deflate:
working
* enabling https:// for the page mentioned above AND activating deflate: failing
* enabling https:// for the page mentioned above AND disabling deflate: working
So it's the combination
since the proxy module in use is mod_proxy_connect, this bug needs to be
assigned to apache2.2-bin instead!
** Package changed: mod-proxy-html (Ubuntu) = apache2 (Ubuntu)
--
proxying SSL throws errors
https://bugs.launchpad.net/bugs/595855
You received this bug notification because you are a
The page we're trying to proxy for is
https://www.charite.de/charite/kontakt/
This page is reachable from the internet as well (directly, though), so you can
check if that page ACTUALLY generates bad headers!
Pleas enote that for us this error ONLY happens, when the request is being
proxied by
Public bug reported:
During an upgrade, mysql-server-5.1 is stopped and started twice - why?
Is this really necessary?
From the upgrade process:
Die folgenden Pakete werden aktualisiert:
libmysqlclient16 mysql-client mysql-client-5.1 mysql-common mysql-server-5.1
mysql-server-core-5.1
6
** Attachment added: .etc.apparmor.d.usr.sbin.mysqld.txt
http://launchpadlibrarian.net/50476440/.etc.apparmor.d.usr.sbin.mysqld.txt
** Attachment added: Dependencies.txt
http://launchpadlibrarian.net/50476441/Dependencies.txt
** Attachment added: Logs.var.log.daemon.log.txt
\bMSI[E] !no-gzip !gzip-only-text/html
which were disabled BEFORE the upgrade.
It's quite odd. I could disable them now to see if the problem
reappears.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm
* Thierry Carrez thierry.car...@ubuntu.com:
Also could you trace the Browser(s) used on those failing requests, see
if we have a pattern there ?
I have no access to the clients.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus
Public bug reported:
Binary package hint: apache2
This is going to be a tough one.
We're seeing sporadic client sent HTTP/1.1 request without hostname (see
RFC2616 section 14.23) errors in our log:
[Fri Jun 04 11:26:43 2010] [error] [client 85.181.79.82] client sent HTTP/1.1
request without
* Before update: no occurences
* After update: Thousands of occurences
Hmm, and this with the same set of 18.000 users.
I already checked if it's one special type of client, but that is not
the case. I'm seeing this form IE, from Safari, from Windows, from Mac.
It's a regression of some kind.
The result:
[1754543.251421] type=1505 audit(1274733521.551:129):
operation=profile_replace pid=25980 name=/usr/bin/freshclam
[1765351.326452] type=1502 audit(1274744329.626:130): operation=exec
pid=24546 parent=24545 profile=/usr/bin/freshclam requested_mask=::x
denied_mask=::x fsuid=107
** Attachment added: Dependencies.txt
http://launchpadlibrarian.net/49028777/Dependencies.txt
--
freshclam won't execute /etc/clamav/onupdateexecute.d scripts
https://bugs.launchpad.net/bugs/585026
You received this bug notification because you are a member of Ubuntu
Server Team, which is
Public bug reported:
Binary package hint: clamav
my freshclam.conf uses:
OnUpdateExecute /bin/run-parts /etc/clamav/onupdateexecute.d
but the apparmour profile seems to disallow this:
[1427457.803239] type=1503 audit(1274406436.102:100): operation=exec
pid=25597 parent=25596
I'm having the same problem here with SquirrelMail. The update to lucid
buggerd the uploads.
--
Uploads greater than 64 kilobytes corrupted under PHP 5.3.2
https://bugs.launchpad.net/bugs/573591
You received this bug notification because you are a member of Ubuntu
Server Team, which is
I tried downgrading Apache2 to:
ii apache2 2.2.12-1ubuntu2.2 Apache
HTTP Server metapackage
ii apache2-mpm-worker 2.2.12-1ubuntu2.2 Apache
HTTP Server - high speed threaded mod
ii apache2-threaded-dev
I found the culprit!
I downgrade apache2 (see above), to no avail
I downgrade php5 and all module (a lot of work), to no avail
I downgraded libapache2-mod-fcgid from 1:2.3.4-2 to 1:2.2-1 and it would
work again!
--
Uploads greater than 64 kilobytes corrupted under PHP 5.3.2
** Bug watch added: Debian Bug tracker #569224
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569224
** Also affects: libapache2-mod-fcgid (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569224
Importance: Unknown
Status: Unknown
--
Uploads greater than 64
I installed the dbgsyms package and got this backtrace:
Apr 12 17:15:16 fatush php5-cgi: Reading symbols from
/usr/bin/php5-cgi...Reading symbols from /usr/lib/debug/usr/bin/php5-cgi...done.
Apr 12 17:15:16 fatush php5-cgi: done.
Apr 12 17:15:16 fatush php5-cgi: [Thread debugging using
I created a better backtrace (see attachment)
** Attachment added: backtrace with bt full etc.
http://launchpadlibrarian.net/43930034/backtrace.txt
--
crashes with SIGSEGV
https://bugs.launchpad.net/bugs/560603
You received this bug notification because you are a member of Ubuntu
Server
Public bug reported:
Binary package hint: php5
php5-cgi run from apache2 via fcgi crashes sporadically.
I can reproduce it in the upgrade process for gallery2.
I created this backtrace:
Apr 11 12:43:47 fatush php5-cgi: GNU gdb (GDB) 7.1-ubuntu
Apr 11 12:43:47 fatush php5-cgi: Copyright (C)
** Attachment added: Dependencies.txt
http://launchpadlibrarian.net/43770589/Dependencies.txt
** Attachment added: PHPConf.etc.php5.apache2.php.ini.txt
http://launchpadlibrarian.net/43770590/PHPConf.etc.php5.apache2.php.ini.txt
** Attachment added: PHPInstalledModules.txt
openvpn is started like this:
#!/bin/sh
cd `dirname $0`
/usr/sbin/openvpn --up ./client.sh up --down ./client.sh down --config
client.conf
Using absolute pathnames didn't change anything.
client.conf:
===
client
dev tun
proto udp
remote server.example.com 1194
resolv-retry infinite
nobind
RC10 introduces lots of new options so it might not be suitable at
that point in the release.
One might argue that including ANY RC version into a supposedly stable release
is a bad move...
(if rc at all, why not go for the latest?)
--
script failed: could not execute external program
Public bug reported:
I invoke openvpn with an up down script, which used to work undter hardy,
with intrepid I get:
...
Fri Oct 3 09:35:32 2008 OPTIONS IMPORT: timers and/or timeouts modified
Fri Oct 3 09:35:32 2008 OPTIONS IMPORT: --ifconfig/up options modified
Fri Oct 3 09:35:32 2008
65 matches
Mail list logo
