The update for this bug was included in an update to precise-security. I
tested that 2.0.1-0ubuntu17.1 contains the fix for this bug and that
2.0.1-0ubuntu17.1 passes QRT. Marking 'verification-done'.
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug
** Changed in: php5 (Ubuntu)
Status: Fix Released = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1099793
Title:
php 5.3.10 openssl_encrypt empty data
To manage
Public bug reported:
I tried to rebuild nova 2013.1~g2-0ubuntu2 in a schroot, and it fails. Here is
an excerpt from the build log:
Loading network driver 'nova.network.linux_net'
. Setting instance vm_state to ERROR
Starting instance...
Host field should not be set on the instance until
Override component to main
python-extras 0.0.3-0ubuntu2 in raring: universe/python - main
python-extras 0.0.3-0ubuntu2 in raring amd64: universe/python/optional - main
python-extras 0.0.3-0ubuntu2 in raring armhf: universe/python/optional - main
python-extras 0.0.3-0ubuntu2 in raring i386:
** Information type changed from Private to Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/1107121
Title:
nova-compute crashed with ConfigFilesNotFoundError in
Public bug reported:
Bah, I uploaded a no change rebuild of quantal's update to raring and it
FTBFS (I rebuilt it locally, but a bug in my tooling rebuilt it against
quantal and not raring, so the build succeeded).
** Affects: squid3 (Ubuntu)
Importance: High
Status: Triaged
**
** Changed in: squid3 (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
** Changed in: squid3 (Ubuntu)
Status: Triaged = In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https
r12473 addressed most of this, but configure tells me this:
...
checking if setresuid is implemented... no
...
So I also needed in src/tools.cc:
...
void
enter_suid(void)
** Changed in: squid3 (Ubuntu)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1117517
Title:
FTBFS on raring
To manage notifications
** Also affects: keystone (Ubuntu Precise)
Importance: Undecided
Status: New
** Changed in: keystone (Ubuntu)
Status: New = Invalid
** Changed in: keystone (Ubuntu Precise)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
--
You received this bug notification because
I am not seeing this:
$ dpkg -l|grep python-keystone
ii python-keystone 2012.1+stable~20120824-a16a0ab9-0ubuntu2.4
OpenStack identity service - Python library
$ grep max_param_size /usr/lib/python2.7/dist-packages/keystone/config.py
register_int('max_param_size', default=64)
Thanks for follow-up. :)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/1117815
Title:
python-keystone 2012.1+stable~20120824-a16a0ab9-0ubuntu2.4 improperly
pulled in patch from
Thanks for your work on this! debian/changelog has a version of
2012.1.4+stable-20121217-9f277e38-0ubuntu2 against precise-proposed, but
this version is not in the archive. Your patch should be against
2012.1.3+stable-20120827-4d2a4afe-0ubuntu1.1 (what is currently in
Just to make it easier, please add any extra CVEs for tomcat7 to this
bug and create a separate bug for tomcat6. I'll adjust the summary and
description.
As for CVE-2012-2733, there is no upstream fix that I am aware of, so
feel free to skip it (unless you find a patch for it-- if so, please let
Unsubscribing ubuntu-security-sponsors for now-- please resubscribe when
you resubmit. Thanks again for your work on this! :)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7 in Ubuntu.
https://bugs.launchpad.net/bugs/1115053
Patch looks good, builds fine and introduces no new compiler
warnings/errors. ACK. I've uploaded it, but a member of ubuntu-sru will
need to process is based on
https://wiki.ubuntu.com/StableReleaseUpdates.
Unsubscribing ubuntu-sponsors and subscribing ubuntu-sru.
** Changed in: nagios-plugins
Discussed this on IRC. A debdiff/merge request will be prepared against
precise-updates in the coming days. Unsubscribing ubuntu-sponsors for
now.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
** Changed in: nova (Ubuntu)
Status: Incomplete = Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/1119248
Title:
[SRU] nova does not set container_format when
Oh yes, you are of course right. I was thinking of CVE-2012-5568.
Reviewing oneiric now. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7 in Ubuntu.
https://bugs.launchpad.net/bugs/1115053
Title:
Multiple open
Thanks for your work on this! I have some comments though:
* the patches have DEP-3 comments (great!) but they point to a web page. I
think it would be much better to include that URL in the description, then use
an Origin stanza for the commits, and 'Bug: url to upstream bug'. If you are
** Patch added: add testsuite to oneiric packaging
https://bugs.launchpad.net/ubuntu/+source/tomcat7/+bug/1115053/+attachment/3530842/+files/tomcat7_7.0.21-1ubuntu0.1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7
** Patch added: add testsuite to precise packaging
https://bugs.launchpad.net/ubuntu/+source/tomcat7/+bug/1115053/+attachment/3530843/+files/tomcat7_7.0.26-1ubuntu1.2.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7
When you submit your new debdiffs, please include my testsuite additions
for future use (the testsuite is enabled in the build and shouldn't
change the build in any way-- it just adds a new target to make testing
easier). Thanks!
** Changed in: tomcat7 (Ubuntu Oneiric)
Status: Triaged = In
** Changed in: apparmor (Ubuntu Lucid)
Status: Incomplete = Invalid
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dhcp3 in Ubuntu.
https://bugs.launchpad.net/bugs/1045986
Title:
Ubuntu AppArmor policy is too lenient with
Thanks for reworking this. This is quite the patch set! :)
I can confirm that it run the testsuite with no added failures or errors.
Comparing the buildlogs also looks good. In reviewing these:
CVE-2011-3375.patch - ACK
CVE-2011-3376.patch - ACK
CVE-2012-0022.patch - ACK (had some whitespace
Unsubscribing ubuntu-security-sponsors for now. Please resubscribe after
commenting/resbumitting.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat7 in Ubuntu.
https://bugs.launchpad.net/bugs/1115053
Title:
Multiple open
** Changed in: lxc (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) = Seth Arnold (seth-arnold)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/509647
Title:
[MIR] lxc
To manage
Thanks for your debdiff for Ubuntu 12.04. I verified it against upstream
and it looks good. The build log looks fine and after several runs
through the testsuite, I've noted the intermittent tests in QRT (this
took a while and was a bit frustrating). Uploading to the security PPA
now. While
There was nothing added to the package regarding startup. The user
reports after using update-rc.d to manage when tomcat7 would start, when
upgrading, they are added back. Note that the update-rc.d manpage
states: Please note that this program was designed for use in
package maintainer
One could also adjust the scripts to stop. Again, from the man page:
A common system administration error is to delete the links with the
thought that this will disable the service, i.e., that this will
prevent the service from being started. However, if all links
There seems to be, yes. I see a test/ directory and references to junit.
In theory, should be able to update the packaging like we did with
tomcat7. You might want to discuss with with jamespage in #ubuntu-server
as ISTR he looked at the testsuite at one point (I'm not sure about that
though).
**
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
** Description changed:
Due to nothing depending on nova-conductor (see bug 1168757 for why),
- nova-conductor ended up in universe on raring. This somes from the nova
+ nova-conductor ended up in universe on raring. This comes from the nova
source and does not need a MIR review. Someone just
Public bug reported:
Due to nothing depending on nova-conductor (see bug 1168757 for why),
nova-conductor ended up in universe on raring. This comes from the nova
source and does not need a MIR review. Someone just needs to seed nova-
conductor to pull it into main.
** Affects: nova (Ubuntu)
Note, nova will need to be rebased for the security fix for bug
#1177830. I'm working on updates now.
Keystone will be getting another update for bug #1166670, but this is
already included in your proposed package, so a rebase doesn't
technically have to be done.
--
You received this bug
Note, nova will need to be rebased for the security fix for bug
#1177830. I'm working on updates now.
Keystone will also need to be rebased for the security fix for bug
#1166670. I'm working on updates now.
--
You received this bug notification because you are a member of Ubuntu
Server Team,
Thank you for reporting this bug to Ubuntu. hardy has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against hardy is being marked Won't Fix. Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.
Please feel free to report any other bugs
Thank you for reporting this bug to Ubuntu. oneiric has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against oneiric is being marked Won't Fix. Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.
Please feel free to report any other
Thank you for reporting this bug to Ubuntu. hardy has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against hardy is being marked Won't Fix. Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.
Please feel free to report any other bugs
Thank you for reporting this bug to Ubuntu. oneiric has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against oneiric is being marked Won't Fix. Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.
Please feel free to report any other
Thank you for reporting this bug to Ubuntu. hardy has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against hardy is being marked Won't Fix. Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.
Please feel free to report any other bugs
Thank you for reporting this bug to Ubuntu. oneiric has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against oneiric is being marked Won't Fix. Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.
Please feel free to report any other
Thank you for reporting this bug to Ubuntu. oneiric has reached EOL
(End of Life) and is no longer supported. As a result, this bug
against oneiric is being marked Won't Fix. Please see
https://wiki.ubuntu.com/Releases for currently supported Ubuntu
releases.
Please feel free to report any other
Thanks for the debdiff!
Since Marc just updated precise, I compared your patches to his and noticed a
few things:
* 0016-CVE-2012-3439.patch should be renamed 0013-CVE-2012-588x.patch since
CVE-2012-3439 was split out into CVE-2012-5885, CVE-2012-5886 and CVE-2012-5887
(as mentioned in the
** Also affects: tomcat6 (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: tomcat6 (Ubuntu Saucy)
Importance: Undecided
Status: In Progress
** Changed in: tomcat6 (Ubuntu Quantal)
Status: New = In Progress
** Changed in: tomcat6 (Ubuntu Saucy)
FYI, this passed QRT/scripts/test-tomcat6.py
** Changed in: tomcat6 (Ubuntu Quantal)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
https://bugs.launchpad.net/bugs/1166649
** Summary changed:
- Multiple open vulnerabilities in tomcat6 in quantal and raring
+ Multiple open vulnerabilities in tomcat6 in quantal
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
Public bug reported:
[Impact]
* the check-rpc and check-nfs commands are broken in nagios-plugins on 12.04
because the path to rpcinfo is not correct. Once the package is installed, you
must adjust /usr/lib/nagios/plugins/utils.pm to use the correct path, but this
is overwritten on upgrades
-plugins (Ubuntu Saucy)
Status: New = Fix Released
** Changed in: nagios-plugins (Ubuntu Precise)
Status: New = In Progress
** Changed in: nagios-plugins (Ubuntu Precise)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
** Description changed:
[Impact]
* the check-rpc
FYI, keystone 1:2013.1.1-0ubuntu2.1 hit raring in
http://www.ubuntu.com/usn/usn-1875-1/.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/1188788
Title:
Meta bug for tracking Openstack
** Package changed: iptables (Ubuntu) = nova (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/1091780
Title:
nova-network - iptables-restore v1.4.12: host/network `None' not
** Description changed:
[Impact]
* the check-rpc and check-nfs commands are broken in nagios-plugins on 12.04
because the path to rpcinfo is not correct. Once the package is installed, you
must adjust /usr/lib/nagios/plugins/utils.pm to use the correct path, but this
is overwritten on
To be more specific, the test case passes I am able to use check-nfs
within my nagios configuration.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nagios-plugins in Ubuntu.
https://bugs.launchpad.net/bugs/1189647
Title:
should use
The package in precise-proposed fixes the issue for me.
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nagios-plugins in Ubuntu.
** Changed in: ntp (Ubuntu)
Status: New = In Progress
** Changed in: ntp (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
** Tags removed: apparmour
** Tags added: apparmor
--
You received this bug notification because you are a member of Ubuntu
Server Team, which
I accidentally clicked 'Post comment' before I was ready
I think this provides an attack surface such that we would have to
support V8 with security updates. This very likely means full version
upgrades for mongodb to support new versions of V8 because V8 may change
so much (assuming that
Re: it must be demonstrated that libv8 does not process untrusted
javascript
libv8 is used to provide the scriptable shell in mongodb; access to the
shell is via the mongo client application.
We allowed V8 to be embedded in the Ubuntu SDK because the attack
surface was greatly reduced-- it won't
** Changed in: bacula (Ubuntu)
Status: New = Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bacula in Ubuntu.
https://bugs.launchpad.net/bugs/1197018
Title:
bacula-dir.conf does not use random password
To manage
Seth, Stephane says the bindings have been updated. Can you take another
look?
** Changed in: lxc (Ubuntu)
Assignee: MIR approval team (ubuntu-mir) = Seth Arnold (seth-arnold)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to lxc
** Tags added: apparmor
** Also affects: libvirt (Ubuntu)
Importance: Undecided
Status: New
** Changed in: libvirt (Ubuntu)
Status: New = Triaged
** Changed in: libvirt (Ubuntu)
Importance: Undecided = High
** Changed in: libvirt (Ubuntu)
Assignee: (unassigned) = Jamie
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/852885
Title:
PHP rfc1867_post_handler File Path Injection Vulnerability
To manage notifications about
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/852871
Title:
PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability
To manage
Thank you for using Ubuntu and reporting a bug. More information about
this issue can be found in http://people.canonical.com/~ubuntu-
security/cve/2010/CVE-2010-1864.html
** Changed in: php5 (Ubuntu)
Status: New = Fix Released
** Visibility changed to: Public
--
You received this bug
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/852868
Title:
php5 var_export() information leak
To manage notifications about this bug go to:
Thank you for using Ubuntu and reporting a bug. More information about
this issue can be found in http://people.canonical.com/~ubuntu-
security/cve/2010/CVE-2010-1862.html
** Visibility changed to: Public
** Changed in: php5 (Ubuntu)
Status: New = Fix Released
--
You received this bug
Thank you for using Ubuntu and reporting a bug. More information about
this issue can be found in http://people.canonical.com/~ubuntu-
security/cve/2010/CVE-2010-2190.html
** Visibility changed to: Public
** Changed in: php5 (Ubuntu)
Status: New = Fix Released
--
You received this bug
Thank you for using Ubuntu and reporting a bug. More information about
this issue can be found in http://people.canonical.com/~ubuntu-
security/cve/2010/CVE-2010-2191.html
** Visibility changed to: Public
** Changed in: php5 (Ubuntu)
Status: New = Fix Released
--
You received this bug
** Changed in: php5 (Ubuntu)
Status: New = Confirmed
** Changed in: php5 (Ubuntu)
Assignee: (unassigned) = Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
Thank you for using Ubuntu and reporting a bug. More information about
this issue can be found in http://people.canonical.com/~ubuntu-
security/cve/2010/CVE-2010-4699.html
** Visibility changed to: Public
** Changed in: php5 (Ubuntu)
Status: New = Fix Released
--
You received this bug
** Changed in: php5 (Ubuntu)
Status: New = Confirmed
** Changed in: php5 (Ubuntu)
Assignee: (unassigned) = Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
** Changed in: php5 (Ubuntu)
Status: New = Confirmed
** Changed in: php5 (Ubuntu)
Assignee: (unassigned) = Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
http://permalink.gmane.org/gmane.comp.security.oss.general/3109
** Visibility changed to: Public
** Changed in: php5 (Ubuntu)
Status: New = Confirmed
** Changed in: php5 (Ubuntu)
Assignee: (unassigned) = Steve Beattie (sbeattie)
--
You received this bug notification because you
** Changed in: php5 (Ubuntu)
Status: New = Confirmed
** Changed in: php5 (Ubuntu)
Assignee: (unassigned) = Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/852910
Title:
PHP Magic Quotes Fails to Protect mysqli_fetch_assoc
To manage notifications about this
Thank you for using Ubuntu and reporting a bug. More information about
this issue can be found in http://people.canonical.com/~ubuntu-
security/cve/2010/CVE-2010-2101.html
** Changed in: php5 (Ubuntu)
Status: New = Fix Released
** Visibility changed to: Public
--
You received this bug
Unsubscribing ubuntu-security-sponsors since Marc is handling this as
part of his update.
** Changed in: tomcat6 (Ubuntu Lucid)
Status: New = In Progress
** Changed in: tomcat6 (Ubuntu Lucid)
Assignee: (unassigned) = Marc Deslauriers (mdeslaur)
** Changed in: tomcat6 (Ubuntu
Unsubscribing ubuntu-security-sponsors since Steve is handling this as
part of his update.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/813115
Title:
CVE-2011-2202
To manage
Unsubscribing ubuntu-security-sponsors since Steve is handling this as
part of his update.
** Changed in: php5 (Ubuntu Lucid)
Status: Confirmed = In Progress
** Changed in: php5 (Ubuntu Lucid)
Assignee: (unassigned) = Steve Beattie (sbeattie)
** Changed in: php5 (Ubuntu Maverick)
** Changed in: libvirt (Ubuntu)
Status: Triaged = In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
** Changed in: libvirt (Ubuntu)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/832507
Title:
console.log grows indefinitely
To manage
This should be updated to 2.7.4 or to include the patch in
http://www.ubuntu.com/usn/usn-1217-1/.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/854899
Title:
[FFe] Update to
Public bug reported:
In performing the MIR audit for cobbler-enlist (bug #860492), I
discovred:
- PROBLEM: most xmlrpc_* calls are not doing any error checking, but should be
based on looking at code of xmlrpc-c.
- RECOMMENDATION: create utility function wrappers for the common xmlrpc-c
Public bug reported:
During the review of cobbler-enlist, it was noted that cobbler-enlist doesn't
use SSL. This should be documented as such:
- adjusting the already existing debconf questions/notes to include language
that the information is currently submitted in unencrypted form (and a way
...please feel free to promote and seed once bug #862567 is fixed.
should have read:
...please feel free to seed and promote source and binaries once bug
#862567 is fixed.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler-enlist
Marking as 'In Progress' since this is pending bug #862567.
** Changed in: cobbler-enlist (Ubuntu Oneiric)
Status: Confirmed = In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler-enlist in Ubuntu.
(Ubuntu Oneiric)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cobbler-enlist in Ubuntu.
https://bugs.launchpad.net/bugs/860492
Title:
[MIR] cobbler-enlist src, cobbler-enlist
Bug #862567 is fixed. Please feel free to seed in main.
** Summary changed:
- [MIR] cobbler-enlist src, cobbler-enlist-udeb bin
+ [MIR] cobbler-enlist source and binaries
** Changed in: cobbler-enlist (Ubuntu Oneiric)
Status: In Progress = Fix Committed
--
You received this bug
** This bug has been flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/863305
Title:
Image access control is available
To manage notifications about
This should be updated to 2.7.5 or to include the patches in
http://www.ubuntu.com/usn/usn-1223-1/.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/854899
Title:
[FFe] Update to
) = Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/865462
Title:
Upgrade to 0.25.4-2ubuntu6.3 introduces
http://projects.puppetlabs.com/issues/3922
I uploaded a new puppet for Lucid to the ubuntu-security-proposed ppa
(https://launchpad.net/~ubuntu-security-
proposed/+archive/ppa/+packages). Can someone affected by this bug
comment on if the updated packages fixes the issue?
You can fetch specific binaries at:
** Also affects: puppet (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: puppet (Ubuntu Oneiric)
Importance: High
Assignee: Jamie Strandboge (jdstrand)
Status: In Progress
** Changed in: puppet (Ubuntu Lucid)
Status: New = Fix Committed
I agree the default of nat is appropriate for desktops and I feel quite
strongly it should not change there. The default for servers is probably
better as non-nat (though this could be debated), as this bug suggests.
However having different behavior depending on the type of system it is
would
** Changed in: libvirt (Ubuntu)
Status: Incomplete = New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libvirt in Ubuntu.
https://bugs.launchpad.net/bugs/865515
Title:
virtual machines should not have nat on servers
To
Serge,
Not having looked at the file, just dropping a file into
/etc/bash_completion.d is totally fine and is an easy packaging change
without a huge Ubuntu delta. We should send upstream and to Debian, but
I don't think we need to block on it.
--
You received this bug notification because you
** Visibility changed to: Public
** Changed in: puppet (Ubuntu Hardy)
Status: Confirmed = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/861182
Title:
Remote
Marking bug as public, since the issue is public now. I have uploaded
untested hardy packages for this and the other CVE that affects hardy to
https://launchpad.net/~ubuntu-security-proposed/+archive/ppa/+packages.
These patches came from upstream and applied cleanly. Since this is in
universe,
Pocket copied puppet to hardy-proposed. Please test and give feedback
here. See https://wiki.ubuntu.com/Testing/EnableProposed for
documentation on how to enable and use -proposed. Thank you in advance!
** Tags removed: security-verification
** Tags added: verification-needed
** Description
To ubuntu-sru: if this passes the verification process, please also
pocket copy to security. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/861182
Title:
Remote directory
This is not an appropriate rule because it negates the property of guest
isolation. This should be handled dynamically by the security driver,
but it is not (which is the bug). This could be done in a couple of
ways. What are the contents of /var/log/libvirt/qemu/guest1.log after
the AppArmor
1 - 100 of 1702 matches
Mail list logo