** Tags removed: apparmor
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/999324
Title:
Server guide gives wrong examples for bind9 (was: DDNS dynamic file
creation permission
** Also affects: apache2 (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: modsecurity-apache (Ubuntu Precise)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
** Also affects: krb5 (Ubuntu Precise)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/988520
Title:
After failed auth, subsequent auths in
David, sorry, my question regarding maas-provision was directed at Dave
Walker.
Dave Walker, does maas utilize the power_system method?
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-2395
--
You received this bug notification because you are a member of Ubuntu
Server
This was fixed in 12.04 several weeks ago in
http://www.ubuntu.com/usn/usn-1438-1/
** Changed in: nova (Ubuntu Precise)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
Richard, this should be safe, but can you file a new bug using 'ubuntu-
bug clamav-daemon' and give steps to reproduce?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in Ubuntu.
https://bugs.launchpad.net/bugs/645956
Title:
Quantal was never updated so I will upload those changes.
** Changed in: squid3 (Ubuntu)
Status: Fix Committed = In Progress
** Changed in: squid3 (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
I have verified that Clint's changes work-- eg I adjusted
/var/lib/dpkg/info/tcpdump.postrm to have (ie, what dh_apparmor would add when
tcpdump is built with new apparmor):
if [ $1 = purge ] ! [ -e /etc/apparmor.d/usr.sbin.tcpdump ]; then
and then I did:
$ sudo apt-get remove tcpdump #
in: squid3 (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
** Changed in: squid (Ubuntu)
Status: Triaged = Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net
MIR Review for libfcgi-perl:
* builds with only main enabled with no compiler warnings or errors
* it has a small test script that is used in the build
* no Ubuntu delta
* has a watch file
* the package is up to date
* the package is lintian clean
* debian/rules is clean
* as mentioned, no bugs in
As for libcgi-fast-perl, the only thing it ships is
/usr/share/perl/5.14.2/CGI/Fast.pm and this file has nothing in it to
prevent it from being supported. ACK.
** Changed in: perl (Ubuntu)
Status: New = Fix Committed
--
You received this bug notification because you are a member of
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a regular (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross
Thank you for using Ubuntu and reporting a bug. The 'null' lines are
used when the profile is in complain mode. The apparmor log message
states that the access was allowed, so I am not sure why it would be
getting in the way.
Can you provide exact steps on how to reproduce this?
--
You received
Marking the dovecot task Invalid for now-- the apparmor profile is not
shipped by default or enabled by dovecot and if there is a problem, it
is with apparmor.
** Changed in: dovecot (Ubuntu)
Status: Confirmed = Invalid
** Changed in: apparmor (Ubuntu)
Status: Confirmed =
Also, can you perform the following after seeing the error condition?
$ apport-collect 997269
This will provide logs and system information needed for diagnosing the
problem.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dovecot in
Thanks for the extra information. Can you also attach the output of:
$ sudo aa-status
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dovecot in Ubuntu.
https://bugs.launchpad.net/bugs/997269
Title:
dovecot imap broken by apparmor
)
Status: Confirmed = Fix Committed
** Changed in: tomcat7 (Ubuntu)
Status: Confirmed = Fix Committed
** Changed in: tomcat7 (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
** Changed in: jakarta-taglibs-standard (Ubuntu)
Assignee: Jamie Strandboge (jdstrand
Public bug reported:
As a condition of tomcat7 being promoted to main (bug #1009579) in
Quantal, tomcat6 should be demoted.
** Affects: tomcat6 (Ubuntu)
Importance: High
Assignee: James Page (james-page)
Status: Triaged
** Tags: rls-q-incoming
--
You received this bug
I have promoted tomcat7 and jakarta-taglibs-standard to main.
** Changed in: jakarta-taglibs-standard (Ubuntu)
Status: Fix Committed = Fix Released
** Changed in: tomcat7 (Ubuntu)
Status: Fix Committed = Fix Released
--
You received this bug notification because you are a member
Security review:
After performing a shallow, high-level code audit:
- There is one python script and no dbus services, setuid capabilities, fscaps
or cron jobs. But there are security relevant items to note:
- Ubuntu patches wagent to add an upstart job via '--setup' that runs the agent
as a
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
Looks like someone already did this. After verifying the reverse
depends, marking Fix Released.
** Changed in: tomcat6 (Ubuntu)
Status: New = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to tomcat6 in Ubuntu.
** Changed in: python-pytyrant (Ubuntu)
Status: New = In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to celery in Ubuntu.
https://bugs.launchpad.net/bugs/1020267
Title:
[MIR] celery, pyparsing, python-cl,
Public bug reported:
Summary says it all. python-pytyrant currently uses 'any' but doesn't
have any compiled code, so should use 'all' instead. Would be great if
this and the dh_python2 delta could be pushed to Debian.
** Affects: python-pytyrant (Ubuntu)
Importance: Undecided
)
Status: In Progress = Fix Committed
** Changed in: python-pytyrant (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to celery in Ubuntu.
https://bugs.launchpad.net/bugs/1020267
Override component to main
python-pytyrant 1.1.17-1ubuntu1 in quantal: universe/python - main
python-pytyrant 1.1.17-1ubuntu1 in quantal amd64: universe/python/optional -
main
python-pytyrant 1.1.17-1ubuntu1 in quantal armel: universe/python/optional -
main
python-pytyrant 1.1.17-1ubuntu1 in
Closing the ceph task. It is in main already and the radosgw package
will stay in universe.
** Changed in: ceph (Ubuntu)
Status: New = Invalid
** Changed in: libfcgi (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) = Jamie Strandboge
(jdstrand)
** Changed in: libfcgi
Public bug reported:
python-tx-tftp doesn't have any compiled code and should use
Architecture: all.
** Affects: python-tx-tftp (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
in: python-tx-tftp (Ubuntu)
Status: New = Fix Committed
** Changed in: python-tx-tftp (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to python-tx-tftp in Ubuntu.
https
Override component to main
python-tx-tftp 0.1~bzr31-0ubuntu3 in quantal: universe/python - main
python-txtftp 0.1~bzr31-0ubuntu3 in quantal amd64: universe/python/optional -
main
python-txtftp 0.1~bzr31-0ubuntu3 in quantal armel: universe/python/optional -
main
python-txtftp 0.1~bzr31-0ubuntu3
I noticed that the package is using Architecture: any. This should be
fixed. See bug #1028645.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to python-tx-tftp in Ubuntu.
https://bugs.launchpad.net/bugs/1024086
Title:
[MIR]
** Changed in: openvswitch (Ubuntu)
Status: New = In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvswitch in Ubuntu.
https://bugs.launchpad.net/bugs/914160
Title:
[MIR] openvswitch
To manage notifications
I just hit this trying to install keystone on Ubuntu 12.10.
** Also affects: keystone (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to keystone in Ubuntu.
This commit seems to fix the issue.
** Changed in: keystone (Ubuntu)
Status: New = Triaged
** Changed in: keystone (Ubuntu)
Importance: Undecided = High
** Tags added: rls-q-incoming
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
Note that I just modified the files directly within /usr/share, and I
adjusted *both* keystone and nova, so I'm guessing the upstream commit
may also need to be applied to keystone?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
Public bug reported:
After installing horizon and navigating to the home page, I get an internal
server error and see in apache's error.log:
[Mon Jul 30 15:06:42 2012] [error] [client 192.168.122.1] mod_wsgi (pid=3598):
Exception occurred processing WSGI script
This also affects horizon.
** Also affects: horizon (Ubuntu)
Importance: Undecided
Status: New
** Changed in: horizon (Ubuntu)
Status: New = Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to keystone in Ubuntu.
The fix works on horizon, but then it has other problems.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/1017765
Title:
jsonutils.py is incompatible with anyjson from 3.3.2
Public bug reported:
After working around bug #1030911 by moving /usr/bin/glance aside, then using
dpkg -i --force-overwrites to install python-glanceclient and then putting
glance back, I ran into bug #1017765. After applying the patch in bug #1017765
into /usr directly like I did with nova
** Also affects: nova (Ubuntu)
Importance: Undecided
Status: New
** Changed in: nova (Ubuntu)
Status: New = Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
** Description changed:
After working around bug #1030911 by moving /usr/bin/glance aside, then using
dpkg -i --force-overwrites to install python-glanceclient and then putting
glance back, I ran into bug #1017765. After applying the patch in bug #1017765
into /usr directly like I did with
This looks to be https://answers.launchpad.net/horizon/+question/203091
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to horizon in Ubuntu.
https://bugs.launchpad.net/bugs/1030928
Title:
ImportError: No module named compressor
To
Workaround seems to be (but this is obviously outside of package management):
$ pip install django_compressor
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to horizon in Ubuntu.
https://bugs.launchpad.net/bugs/1030928
Title:
That works but there is more that is going to have to be done to use the
compressor module as there are a lot of other errors in error.log.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to horizon in Ubuntu.
Public bug reported:
On 12.10, if I create credentials and reboot they are gone.
Test case:
$ keystone ec2-credentials-create
+---+--+
| Property | Value |
+---+--+
| access |
adam_g figured out it was because of this setting in
/etc/keystone/keystone.conf:
[ec2]
driver = keystone.contrib.ec2.backends.kvs.Ec2
This should be set to:
[ec2]
driver = keystone.contrib.ec2.backends.sql.Ec2
** Changed in: keystone (Ubuntu)
Status: New = Triaged
--
You received this
Public bug reported:
On a fresh 12.10 install and openstack installation following
https://wiki.ubuntu.com/SecurityTeam/TestingOpenStack x509-create-cert
fails.
$ nova x509-create-cert ~/openstack-certs/pk.pem ~/openstack-certs/cert.pem
ERROR: The server has either erred or is incapable of
My permissions seem to be set up correctly:
$ sudo rabbitmqctl list_permissions -p nova
Listing permissions in vhost nova ...
nova.* .* .*
...done.
** Description changed:
- On 12.10 following https://wiki.ubuntu.com/SecurityTeam/TestingOpenStack
- x509-create-cert fails.
+ On a
$ sudo rabbitmqctl list_queues -p nova
Listing queues ...
compute.openstack-quantal-amd64 0
scheduler 0
network 0
network_fanout_05f0d6549c2844e19f07c231f586da79 0
network.openstack-quantal-amd64 0
scheduler_fanout_6574c56f6f784928ba11af4a082c992a 0
compute 0
** Description changed:
On a fresh 12.10 install and openstack installation following
https://wiki.ubuntu.com/SecurityTeam/TestingOpenStack x509-create-cert
fails.
$ nova x509-create-cert ~/openstack-certs/pk.pem ~/openstack-certs/cert.pem
ERROR: The server has either erred or is
Public bug reported:
On a new 12.10 install following
https://wiki.ubuntu.com/SecurityTeam/TestingOpenStack, if I set
'libvirt_type=qemu', restart nova and then try to start an instance, I can see
in /var/log/nova/nova-compute.log that it is defaulting to 'kvm' and not
'qemu'. I then end up
** Description changed:
On a new 12.10 install following
https://wiki.ubuntu.com/SecurityTeam/TestingOpenStack, if I set
'libvirt_type=qemu', restart nova and then try to start an instance, I can see
in /var/log/nova/nova-compute.log that it is defaulting to 'kvm' and not
'qemu'. I then end
So Daviey tells me that 'libvirt_type=qemu' doesn't necessarily mean
--disable-kvm. I think there is a bug in how even if I reload my host's
kvm_intel with nested=0 that openstack does not fallback to qemu
-disable-kvm, but that is probably not a priority. The bigger issue is
that a precise host
The kernel bug is bug #1031090.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/1031063
Title:
libvirt_type=qemu is not honored
To manage notifications about this bug go to:
** Summary changed:
- libvirt_type=qemu is not honored
+ domain type is always 'kvm', even when kvm is not available
** Description changed:
On a new 12.10 install following
https://wiki.ubuntu.com/SecurityTeam/TestingOpenStack, if I set
'libvirt_type=qemu', restart nova and then try to
This may actually be a libvirt bug. Looking at the nova-compute.log, I adjust
the uuid and name and have the following xml in /tmp/foo.xml:
domain type=kvm
uuid3474184f-57c1-49d1-be61-8fe4ccb34682/uuid
namefoo/name
memory524288/memory
vcpu1/vcpu
os
typehvm/type
boot dev=hd/
Adding a libvirt task as I don't know if this is a regression there or
if nova needs to be updated to accommodate the change.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/1031063
** Summary changed:
- domain type is always 'kvm', even when kvm is not available
+ internal error no supported architecture for os type 'hvm'
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
No it was not. Somehow I had it installed in my 12.04 install even
though it has no reverse dependencies in precise either. I've updated
the instructions for our setup. Feel free to close this bug.
** Changed in: nova (Ubuntu)
Status: New = Invalid
--
You received this bug notification
MIR review:
* Builds fine with only main
* Has an extensive testsuite with 991 successful tests and 3 skipped
* uses dh_python2, not a desktop package
* There is an Ubuntu delta: drops the dkms package and kernel_3.5_support.patch
* ubuntu-server is subscribed to the bugs
* No debian/watch
Security review:
The package does not have a CVE history. No dbus servies, setuid or fscaps
usage. No use of sudo and no cron jobs. There is a logrotate configuration.
Inspecting the packaging:
* initscripts/upstart jobs:
/etc/default/openvswitch-controller
/etc/init.d/openvswitch-ipsec
: Jamie Strandboge (jdstrand) = Chuck Short (zulcss)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvswitch in Ubuntu.
https://bugs.launchpad.net/bugs/914160
Title:
[MIR] openvswitch
To manage notifications about this bug go
Based on my previous assessment and that 'make check' cannot be run on
the buildd, ACK.
** Changed in: netcf (Ubuntu Quantal)
Status: In Progress = Fix Committed
** Changed in: netcf (Ubuntu Quantal)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
--
You received this bug
This FTBFS since python-babel is not in main.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cinder in Ubuntu.
https://bugs.launchpad.net/bugs/1031359
Title:
[MIR] cinder
To manage notifications about this bug go to:
in: libfcgi (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) = James Page (james-page)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libfcgi in Ubuntu.
https://bugs.launchpad.net/bugs/1017978
Title:
[MIR] libfcgi, ceph (radosgw
MIR review:
* Builds fine
* Has a testsuite, but it is disabled in the build. Since there were several
nova-volume tests in nova, this is a regression over 12.04.
* python2, but it is a server application, so that is ok
* cinder is not in Debian
* ubuntu-server is subscribed to its bugs
*
cinder-rootwrap, the packaging does
not set it up by default.
** Changed in: cinder (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) = Chuck Short (zulcss)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cinder in Ubuntu.
https
Conditional ACK provided the following are met:
* test suite is enabled
* Bugs 1030192, 1022641 and 1030197 are fixed
* warnings during package build are cleaned up
* use cinder-rootwrap by default
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
Public bug reported:
$ sudo apt-get install python-cinder
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
cinder-api cinder-common cinder-scheduler cinder-volume
The following packages will be
The changes introduced bug #1036240.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cinder in Ubuntu.
https://bugs.launchpad.net/bugs/1031359
Title:
[MIR] cinder
To manage notifications about this bug go to:
A reluctant ACK to libfcgi.
** Changed in: libfcgi (Ubuntu)
Status: New = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libfcgi in Ubuntu.
https://bugs.launchpad.net/bugs/1017978
Title:
[MIR] libfcgi, ceph
Regarding radosgw, did they rewrite it? The lack of defensive
programming coupled with processing network traffic and the large amount
of code made me very uneasy, so much so I made it a condition of the MIR
to compile with --without-radosgw.
--
You received this bug notification because you are
Override component to main
python-warlock 0.1.0-0ubuntu1 in quantal: universe/python - main
python-warlock 0.1.0-0ubuntu1 in quantal amd64: universe/python/optional - main
python-warlock 0.1.0-0ubuntu1 in quantal armel: universe/python/optional - main
python-warlock 0.1.0-0ubuntu1 in quantal
Override component to main
google-perftools 2.0-3ubuntu1 in quantal: universe/misc - main
google-perftools 2.0-3ubuntu1 in quantal amd64: universe/devel/optional - main
google-perftools 2.0-3ubuntu1 in quantal armel: universe/devel/optional - main
google-perftools 2.0-3ubuntu1 in quantal armhf:
Override component to main
libunwind 1.0.1-2ubuntu2 in quantal: universe/libs - main
libunwind-setjmp0 1.0.1-2ubuntu2 in quantal amd64: universe/libs/optional -
main
libunwind-setjmp0 1.0.1-2ubuntu2 in quantal armel: universe/libs/optional -
main
libunwind-setjmp0 1.0.1-2ubuntu2 in quantal
Override component to main
python-cliff 1.1.2-0ubuntu2 in quantal: universe/python - main
python-cliff 1.1.2-0ubuntu2 in quantal amd64: universe/python/optional - main
python-cliff 1.1.2-0ubuntu2 in quantal armel: universe/python/optional - main
python-cliff 1.1.2-0ubuntu2 in quantal armhf:
Override component to main
python-django-compressor 1.1.2-0ubuntu4 in quantal: universe/python - main
python-compressor 1.1.2-0ubuntu4 in quantal amd64: universe/python/optional -
main
python-compressor 1.1.2-0ubuntu4 in quantal armel: universe/python/optional -
main
python-compressor
Override component to main
raphael 2.1.0-0ubuntu3 in quantal: universe/web - main
libjs-raphael 2.1.0-0ubuntu3 in quantal amd64: universe/web/optional - main
libjs-raphael 2.1.0-0ubuntu3 in quantal armel: universe/web/optional - main
libjs-raphael 2.1.0-0ubuntu3 in quantal armhf:
Override component to main
celery 2.5.3-1ubuntu1 in quantal: universe/python - main
python-celery 2.5.3-1ubuntu1 in quantal amd64: universe/python/optional - main
python-celery 2.5.3-1ubuntu1 in quantal armel: universe/python/optional - main
python-celery 2.5.3-1ubuntu1 in quantal armhf:
Override component to main
python-django-appconf 0.5-0ubuntu2 in quantal: universe/python - main
python-appconf 0.5-0ubuntu2 in quantal amd64: universe/python/extra - main
python-appconf 0.5-0ubuntu2 in quantal armel: universe/python/extra - main
python-appconf 0.5-0ubuntu2 in quantal armhf:
I don't think the changes were applied in bug #1036240. I don't see it
in the bzr tree or
http://launchpadlibrarian.net/112887645/cinder_2012.2~f3~20120809.102-0ubuntu2_2012.2~f3-0ubuntu1.diff.gz
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/1036817
Title:
package postfix
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in Ubuntu.
https://bugs.launchpad.net/bugs/1036101
Title:
package postfix
Thank you for submitting a patch and helping to make Ubuntu better. The
patch currently lacks DEP-3 comments, so its origins cannot be verified.
If you wrote this patch yourself, please submit it upstream and to
Debian, adding the URL to this bug. If this patch is already fixed
upstream, please
I just verified that 1.4.2+git20120612-9ubuntu2 has PIE and BIND_NOW
enabled. Chuck filed a bug for apparmor, which satisfies this MIR. While
not a condition of this MIR, IMHO it would be good to coordinate with
Ben to see if what is happening for wheezy is good for 12.10.
ACK
** Changed in:
Public bug reported:
On 12.10 asterisk is not compiled with PIE or BIND_NOW. I didn't investigate,
but this looks like in 12.04 this was dropped in favor of Debian's packaging:
* Changes dropped from Ubuntu delta as no longer applicable:
...
- debian/control: Build-depend on
** Also affects: asterisk (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: asterisk (Ubuntu Quantal)
Importance: High
Status: Triaged
** Changed in: asterisk (Ubuntu Precise)
Status: New = Triaged
** Description changed:
On 12.10 asterisk is not
Public bug reported:
On 12.10, while many compiler options are enabled, PIE is disabled:
$ hardening-check saslpasswd2
saslpasswd2:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only
Public bug reported:
This bug is against squid3 for now, but this may be a bug in the build
hardening options.
3.1.19-1ubuntu3 reinstated compiler hardening options such that PIE and
BIND_NOW are in effect. This can be seen with 'hardening-check':
$ mkdir /tmp/squid3-old
$ cd /tmp/squid3-old
$
** Attachment added: squid3_3.1.19-1ubuntu3_to_3.1.19-1ubuntu3.12.04.debdiff
https://bugs.launchpad.net/bugs/1039593/+attachment/3270455/+files/squid3_3.1.19-1ubuntu3_to_3.1.19-1ubuntu3.12.04.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which
Public bug reported:
12.10's inetd lost PIE and BIND_NOW. See hardening-check output:
/tmp/built-binaries-hIcP6Y/openbsd-inetd/usr/sbin/inetd:
Position Independent Executable: no, normal executable!
Immediate binding: no, not found!
This is a regression over 12.04.
** Affects: openbsd-inetd
Uhh, I tested the wrong binary due to schroot setup. Sorry for the
noise.
** Changed in: squid3 (Ubuntu)
Status: New = Invalid
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
Public bug reported:
I was upgrading a 12.04 VM and encountered the following error on
upgrade:
Setting up keystone (2012.1+stable~20120608-aff45d6-0ubuntu1) ...
Traceback (most recent call last):
File /usr/bin/keystone-manage, line 28, in module
cli.main(argv=sys.argv,
This still isn't working. All I am trying to do is this:
$ sudo apt-get install cinder*
and it is dying because of cinder-common (2012.2~f3-0ubuntu2).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cinder in Ubuntu.
Ok, ubuntu3 solves the installation issues. I have verified that cinder
is using the root wrapper by default. One last question,
/etc/cinder/rootwrap.conf has the following:
[DEFAULT]
# List of directories to load filter definitions from (separated by ',').
# These directories MUST all be only
ACK. Feel free to seed or pull in as dependency of something in main.
** Changed in: cinder (Ubuntu)
Status: In Progress = Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cinder in Ubuntu.
So, Ubuntu 12.04 LTS should be fixed between:
http://www.ubuntu.com/usn/usn-1497-1/ (CVE-2012-3361)
http://www.ubuntu.com/usn/usn-1545-1/ (CVE-2012-3447)
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3447
--
You received this bug notification because you are a member of
Ubuntu 12.04 LTS was fixed in http://www.ubuntu.com/usn/usn-1545-1/
** Changed in: nova (Ubuntu Precise)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
Ubuntu 12.04 was fixed in http://www.ubuntu.com/usn/usn-1501-1.
** Changed in: nova (Ubuntu Precise)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
301 - 400 of 1702 matches
Mail list logo
