Thank you for using Ubuntu and taking the time to report a bug. This was
fixed in http://www.ubuntu.com/usn/usn-612-7.
** Visibility changed to: Public
** Changed in: openssh (Ubuntu)
Sourcepackagename: None = openssh
Status: New = Fix Released
--
ssh-vulnkey needs to be backported to
** Visibility changed to: Public
--
[php5][CVE-2007-2727] - same initialization vector might allow context-depented
attacker to decrypt data easily
https://bugs.launchpad.net/bugs/236867
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
** Visibility changed to: Public
--
[php5][CVE-2007-2748] substr_count function allows context-dependent attackers
to obtain sensitive information vi unspecified vectors
https://bugs.launchpad.net/bugs/236869
You received this bug notification because you are a member of Ubuntu
Server Team,
** Visibility changed to: Public
--
no postinst script
https://bugs.launchpad.net/bugs/239668
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-dfsg-5.0 in ubuntu.
--
Ubuntu-server-bugs mailing list
http://www.ubuntu.com/usn/usn-617-1
** Changed in: samba (Ubuntu Dapper)
Status: Fix Committed = Fix Released
--
[CVE-2008-1105] Samba: boundary failure when parsing SMB responses
https://bugs.launchpad.net/bugs/235912
You received this bug notification because you are a member of Ubuntu
** Changed in: nagios3 (Ubuntu Feisty)
Status: New = Invalid
** Changed in: nagios3 (Ubuntu Gutsy)
Status: New = Invalid
** Changed in: nagios3 (Ubuntu Hardy)
Status: New = Invalid
** Changed in: nagios2 (Ubuntu)
Status: New = Invalid
** Changed in: nagios2 (Ubuntu
Marking confirmed. The -security package I mentioned will be in the main
archive soon, so hardy to hardy-security upgrades can be tested.
** Changed in: nagios2 (Ubuntu)
Status: Incomplete = Confirmed
--
package nagios2-common 2.9-1 failed to upgrade:
I think I may have reproduced this on hardy while preparing a security
update. Steps to reproduce on hardy:
1. apt-get remove --purge nagios2 nagios2-common nagios3-doc
2. apt-get install nagios2 (from hardy release)
3. apt-get -u upgrade to 2.11-1ubuntu1.1 (will provide an apt-repository soon)
Thanks Thierry for your patch! I have incorporated this into the
-security update and it will hit the archives soon.
** Changed in: nagios2 (Ubuntu)
Status: Confirmed = Fix Committed
--
package nagios2-common 2.9-1 failed to upgrade:
https://bugs.launchpad.net/bugs/220208
You received
** Changed in: nagios2 (Ubuntu Hardy)
Status: In Progress = Fix Committed
--
XSS issues in Nagios CGI (CVE-2007-5803)
https://bugs.launchpad.net/bugs/238516
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nagios2 in ubuntu.
--
in: samba (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: New = Incomplete
--
Playing from Samba SMB shared folder now is not possible (it could be done
until last upgrade).
https://bugs.launchpad.net/bugs/241448
You received this bug notification because you
After talking with Chuck Short, it sounds like changes to libsmbclient
in hardy-proposed (3.0.28a-1ubuntu4.3) may fix this.
Please note, the security update for samba is based on 3.0.28a-
1ubuntu4.1 from -updates for Hardy, so people who were only using 3.0
.28a-1ubuntu4 then got the 4.1 changes
I still cannot reproduce this as I can access the files with totem-
gstreamer via nautilus and location without errors. Deon, can you attach
your smb.conf file?
Deon, do you have any Dapper, Feisty or Gutsy clients that you can test.
If they also behave differently than before the update, then
Fish R. Cynic, can you please post your smb.conf file for your hardy or
gutsy server.
--
Playing from Samba SMB shared folder now is not possible (it could be done
until last upgrade).
https://bugs.launchpad.net/bugs/241448
You received this bug notification because you are a member of Ubuntu
It is nice that people have confirmed this, but I need the smb.conf file
for the server as I cannot reproduce it locally.
--
Playing from Samba SMB shared folder now is not possible (it could be done
until last upgrade).
https://bugs.launchpad.net/bugs/241448
You received this bug notification
Thank you for the smb.conf files. However, I am still not able to
reproduce this. Based on one of the attached smb.conf files, I have
taken a stock smb.conf file, and added the following on a Gutsy server:
[bug241448]
path = /tmp
available = yes
browsable = yes
public = yes
writable = yes
Gutsy
This is what I did:
Gutsy server:
* created the above share
* restarted samba
Gutsy client:
* used nautilus to access the share, without mounting
* copied a flash video to the share through nautilus
* tried to play video through nautilus by double clicking on it (worked)
* tried to play the
I have now tried with Hardy server and clients and Feisty server. Tried
with and without guest access. Tried via 'totem smb://...', using
File/Location within totem and accessing through samba without mounting
(and with for that matter). Tried on real hardware and kvm. All work
fine.
I need
Confirming as several people have had the problem, though I haven't been
able to reproduce it. Per Sebastien Bacher, removing the patch for
CVE-2008-1105 fixes the problem. This is highly dependent on the client
and server interaction with certain files. This is upstream bug
** Changed in: samba (Ubuntu)
Status: Triaged = In Progress
--
Playing from Samba SMB shared folder now is not possible (it could be done
until last upgrade).
https://bugs.launchpad.net/bugs/241448
You received this bug notification because you are a member of Ubuntu
Server Team, which
** Changed in: samba (Ubuntu Dapper)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: New = Fix Committed
** Changed in: samba (Ubuntu Feisty)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: New = Fix Committed
** Changed in: samba (Ubuntu Gutsy
http://www.ubuntu.com/usn/usn-617-2
** Changed in: samba (Ubuntu Dapper)
Status: Fix Committed = Fix Released
--
Playing from Samba SMB shared folder now is not possible (it could be done
until last upgrade).
https://bugs.launchpad.net/bugs/241448
You received this bug notification
** Changed in: dnsmasq (Ubuntu)
Status: Confirmed = In Progress
--
Dnsmasq crashes when renewing non-existent lease
https://bugs.launchpad.net/bugs/47438
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dnsmasq in ubuntu.
--
Setting back to New as this is a usability bug. Users may not realize
they have to restart their session for this to work.
** Changed in: samba (Ubuntu)
Status: Invalid = New
--
sharing a folder reports permission issues in Hardy Heron (32 bit)
https://bugs.launchpad.net/bugs/245493
You
** Changed in: ssl-cert (Ubuntu)
Sourcepackagename: openssh = ssl-cert
Importance: Undecided = Wishlist
Status: New = Confirmed
--
Poor use of language in openssh-client key update dialog
https://bugs.launchpad.net/bugs/230929
You received this bug notification because you are a member
Moving to samba as the original reporter said that reinstalling nautilus
fixed it for him, but winbind is still not working correctly.
** Changed in: samba (Ubuntu)
Sourcepackagename: nautilus = samba
--
Samba shares don't always work with winbind installed (8.04)
As it turns out, winbind 1.0-rc2-1 was added to -updates as a
StableReleaseUpdate, and it added a dependency on winbind for ntlm_auth,
which may be why it was pulled in inadvertently.
Please submit your smb.conf file, logs and exact steps on how to
recreate the bug.
--
Samba shares never work
** Changed in: dnsmasq (Ubuntu Hardy)
Status: New = In Progress
--
dnsmasq might be vulnerable to recent DNS spoofing issue
https://bugs.launchpad.net/bugs/247598
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dnsmasq in ubuntu.
** Changed in: openldap (Ubuntu)
Status: New = Confirmed
--
slapd gssapi failure - apparmor profile doesn't support kerberos gssapi
https://bugs.launchpad.net/bugs/229252
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in
http://www.ubuntu.com/usn/usn-628-1
** Changed in: php5 (Ubuntu Dapper)
Status: Fix Committed = Fix Released
--
Please roll out security fixes from PHP 5.2.6
https://bugs.launchpad.net/bugs/227464
You received this bug notification because you are a member of Ubuntu
Server Team, which is
http://www.ubuntu.com/usn/usn-628-1
** Changed in: php5 (Ubuntu Hardy)
Status: Triaged = Fix Released
--
php5 5.2.4 and lower vulnerable to several CVEs
https://bugs.launchpad.net/bugs/228095
You received this bug notification because you are a member of Ubuntu
Server Team, which is
Confirmed i386 only. Regression starts with 5.2.4-2ubuntu5 on hardy.
--
PHP5-CLI doesn't print floats properly
https://bugs.launchpad.net/bugs/251625
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
Ubuntu-server-bugs
8.04 LTS is only affected version.
** Changed in: php5 (Ubuntu Hardy)
Status: New = Confirmed
** Changed in: php5 (Ubuntu)
Status: Confirmed = Invalid
** Changed in: php5 (Ubuntu Hardy)
Importance: Undecided = High
--
PHP5-CLI doesn't print floats properly
** Changed in: openldap2.3 (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
--
slapd needs apparmor changes for cn=config
https://bugs.launchpad.net/bugs/243525
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap2.3
** Visibility changed to: Public
--
Please include 9.4.2-P2 patches in Hardy server
https://bugs.launchpad.net/bugs/252675
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
--
Ubuntu-server-bugs mailing list
Attached debdiff is (perhaps obviously) for Hardy SRU.
--
slapd gssapi failure - apparmor profile doesn't support kerberos gssapi
https://bugs.launchpad.net/bugs/229252
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
** Changed in: openldap2.3 (Ubuntu)
Status: Triaged = In Progress
--
slapd needs apparmor changes for cn=config
https://bugs.launchpad.net/bugs/243525
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap2.3 in ubuntu.
--
)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: Confirmed = In Progress
** Attachment added: openldap2.3_2.4.9-0ubuntu0.8.04.1.debdiff
http://launchpadlibrarian.net/16410093/openldap2.3_2.4.9-0ubuntu0.8.04.1.debdiff
--
slapd gssapi failure - apparmor profile doesn't support
The attached debdiff simply adds 'rw' access to /etc/ldap/slapd.d, and
cnconfig importing was tested to work properly. Patch is for Hardy SRU.
Also included in the debdiff is a fix for bug #229252.
** Attachment added: openldap2.3_2.4.9-0ubuntu0.8.04.1.debdiff
Testing consisted of updating the qa-regression-testing scripts to test
for cnconfig imports, and the above debdiff passes this test with an
apparmor enforcing profile.
--
slapd needs apparmor changes for cn=config
https://bugs.launchpad.net/bugs/243525
You received this bug notification because
Public bug reported:
Binary package hint: nut
I have a Tripplite OmniSmart 1400 UPS configured with:
[tripplite1]
driver = genericups
upstype = 5
port = /dev/ttyS0
desc = Tripplite UPS
and my console is filled with:
Broadcast Message from [EMAIL PROTECTED]
openldap is the name of the source package in the development release,
and the slapd profile has been fixed in that release. We will also apply
for a StableReleaseUpdate for Ubuntu 8.04 LTS.
--
slapd gssapi failure - apparmor profile doesn't support kerberos gssapi
Actually, it looks like this goes back even further-- I was using nut
1.4.3-2 recompiled on Sarge (I have in my notes that about needing to
downgrade to 1.4.3 over the version in Sarge, but don't have the reason
why), and that seemed to work fine.
--
nut with Tripplite UPS fills logs and console
I have been using the above configuration with this UPS for literally
years. This was a Sarge box recently moved to Hardy (reinstall) and it
was only after upgrading to hardy that I had this problem. I did try
the 'tripplite' and 'tripplitesu' drivers, but they did not work.
--
nut with
Public bug reported:
Binary package hint: apache2
When accessing 'index.html' via content negotation (eg
http://www.example.com/) timefmt is ignored when XBitHack is on. THis
is upstream bug
https://issues.apache.org/bugzilla/show_bug.cgi?id=39369.
** Affects: apache2
Importance: Unknown
*** This bug is a duplicate of bug 256621 ***
https://bugs.launchpad.net/bugs/256621
** Visibility changed to: Public
--
Arbitrary code execution in 2.1 prior to 2.1-rc9
https://bugs.launchpad.net/bugs/256563
You received this bug notification because you are a member of Ubuntu
Server Team,
mysql-server installation works fine here via synaptic and apt-get. No
action has been taken because the requested information has not been
provided. Please view the 'How to Triage' section of
https://wiki.ubuntu.com/DebuggingApparmor and provide the necessary
information.
--
package
Package integration for ufw was discussed in UDS Prague, and you can
read about ufw's application integration in
https://wiki.ubuntu.com/UbuntuFirewall. The basic idea is this:
1. a package declares profiles to ufw by putting them in a file in
/etc/ufw/applications.d (*). There should only be a
well, /etc/firewall.d is being used somewhere else, so I'll need to
think about this more.
--
Please add UFW profile integration with postfix
https://bugs.launchpad.net/bugs/261698
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix
** Changed in: openssh (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
--
Add UFW profile integration with OpenSSH
https://bugs.launchpad.net/bugs/261884
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu
Updated for use with ufw's dpkg triggers. Thanks Nicolas!
** Changed in: dovecot (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: Confirmed = Fix Released
--
Please add UFW profile integration with dovecot
https://bugs.launchpad.net/bugs/261689
You received
for the dpkg triggers.
Thanks Nicolas for your work on this!
** Changed in: postfix (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: Incomplete = Triaged
--
Please add UFW profile integration with postfix
https://bugs.launchpad.net/bugs/261698
You received this bug
** Changed in: bind9 (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: Confirmed = Triaged
--
Please add UFW profile integration with Bind9
https://bugs.launchpad.net/bugs/261699
You received this bug notification because you are a member of Ubuntu
Server Team
Uploaded new version that uses dpkg triggers. Thanks for your work
Didier!
** Changed in: apache2 (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: Confirmed = Fix Committed
--
Add UFW profile integration with apache2
https://bugs.launchpad.net/bugs/261198
You
Uploaded updated package that takes advantage of dpkg triggers. Thanks
Nicolas!
** Changed in: postfix (Ubuntu)
Status: Triaged = Fix Committed
--
Please add UFW profile integration with postfix
https://bugs.launchpad.net/bugs/261698
You received this bug notification because you are a
Updated debdiff to take advantage of ufw dpkg triggers. Thanks Nicolas!
** Changed in: bind9 (Ubuntu)
Status: Triaged = Fix Committed
--
Please add UFW profile integration with Bind9
https://bugs.launchpad.net/bugs/261699
You received this bug notification because you are a member of
Updated to take advantage of ufw dpkg triggers. Also, the profile
'title' used the openssh-client text, not openssh-server so I fixed that
too.
--
Add UFW profile integration with OpenSSH
https://bugs.launchpad.net/bugs/261884
You received this bug notification because you are a member of Ubuntu
** Visibility changed to: Public
--
package postfix 2.5.1-2ubuntu1.1 failed to install/upgrade: subprocess
post-installation script returned error exit status 1
https://bugs.launchpad.net/bugs/263178
You received this bug notification because you are a member of Ubuntu
Server Team, which is
** Visibility changed to: Public
** This bug is no longer flagged as a security issue
--
bug of samba
https://bugs.launchpad.net/bugs/267671
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in ubuntu.
--
Ubuntu-server-bugs mailing
openvpn-vulnkey and openssl-vulnkey are two separate programs that test
different things. openssl-vulnkey checks openssl certificates, et al
whereas openvpn-vulnkey checks *only* the shared key as generated with
'openvpn --genkey --secret'. They are not interchangeable.
--
openvpn-vulnkey
** Changed in: net-snmp (Ubuntu)
Status: Confirmed = In Progress
--
[CVE-2008-2292] Buffer overflow in __snprint_value() in snmp_get
https://bugs.launchpad.net/bugs/241892
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-snmp in
Thanks for the patch! Can you please detail the testing you've done (eg
build, test suite, PoC, QA regression, and/or testing the patched code
path for no regressions)? I am going to mark the bug Incomplete for now,
please mark back to 'In Progress' when ready. Thanks again!
** Changed in:
** Changed in: dnsmasq (Ubuntu Dapper)
Status: New = In Progress
--
Dnsmasq crashes when renewing non-existent lease
https://bugs.launchpad.net/bugs/47438
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dnsmasq in ubuntu.
--
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3214
--
Dnsmasq crashes when renewing non-existent lease
https://bugs.launchpad.net/bugs/47438
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dnsmasq in ubuntu.
--
dnsmasq (2.25-1ubuntu0.1) dapper-security; urgency=low
* SECURITY UPDATE: crash when renewing a lease from clients that think
they are on another network can be used as a denial of service attack.
* src/rfc2131.c: backport of the dnsmasq 2.26 fix (Fixes LP: #47438)
* References
Public bug reported:
Binary package hint: bind9
This update is an upstream microversion update that fixes bugs #252675. ISC
has described this update as:
This is the SECOND security patch for BIND 9.4.2, addressing performance and
stability issues in BIND 9.4.2-P1. Key features are as
$ diffstat ./bind9_9.4.2.dfsg.P2-2.debdiff
CHANGES| 46
COPYRIGHT |4
bin/dig/dighost.c | 14
bin/named/client.c |4
bin/named/config.c |7
bin/named/controlconf.c| 10
This does affect Ubuntu 8.04 (Hardy), and will be part of a larger
security update.
--
Sync with upstream 5.0.51-10 for CVE-2008-2079
https://bugs.launchpad.net/bugs/254129
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-dfsg-5.0 in
Thank you for using Ubuntu and taking the time to report a bug. You said
that the file has mode 644. This is write access to the owner and read
access to everyone. Apache did the right thing by returning 200 and
serving the file. Clearly, an attacker/script tried to access the file
with
** Changed in: libnss-ldap (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
--
ldap not working with Gutsy
https://bugs.launchpad.net/bugs/156562
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in ubuntu
** Changed in: php5 (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
--
libapache2-mod-php5 should provide LAMP test page
https://bugs.launchpad.net/bugs/135624
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5
Marking as won't fix since the fix would be too disruptive at this time
and few people will run into this problem now.
** Changed in: openvpn (Ubuntu)
Status: Triaged = Won't Fix
--
Knocks out openvpn tunnels before both ends have keys regenerated
https://bugs.launchpad.net/bugs/232493
** Changed in: linux-source-2.6.22 (Ubuntu)
Assignee: Jamie Strandboge (jdstrand) = (unassigned)
--
Hammering via ssh crashes Ubuntu Server
https://bugs.launchpad.net/bugs/201736
You received this bug notification because you are a member of Ubuntu
Server Team, which is a direct subscriber
** This bug is no longer flagged as a security issue
--
[shares-admin] NFS/SMB not restarted once shares are added - require manual
restart
https://bugs.launchpad.net/bugs/33068
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in
Sorry for the delay. I wasn't sure it was nut after all and did various
tests. I tried 1.4.3-2 compiled on hardy and still got the warnings, and
then today the ups died. I think this bug can safely be closed.
--
nut with Tripplite UPS fills logs and console with on battery and on line
power
Marking Invalid for now. If I have problems after replacing the
batteries, I'll reopen. Thanks!
** Changed in: nut (Ubuntu)
Status: New = Invalid
--
nut with Tripplite UPS fills logs and console with on battery and on line
power messages
https://bugs.launchpad.net/bugs/253999
You
Today I noticed that libdns35 ended up in universe:
Get:1 http://archive.ubuntu.com hardy-proposed/main libisc35 1:9.4.2.dfsg.P2-2
[139kB]
Get:2 http://archive.ubuntu.com hardy-proposed/main bind9 1:9.4.2.dfsg.P2-2
[283kB]
Get:3 http://archive.ubuntu.com hardy-proposed/main libisccc30
** Visibility changed to: Public
** This bug is no longer flagged as a security issue
--
upgrade process hangs
https://bugs.launchpad.net/bugs/286290
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in ubuntu.
--
I've been running 1:9.4.2.dfsg.P2-2 for several days on low volume
servers and everything works fine. sigchase also now works.
--
dig compiled without -DDIG_SIGCHASE!
https://bugs.launchpad.net/bugs/257682
You received this bug notification because you are a member of Ubuntu
Server Team, which
*** This bug is a duplicate of bug 244411 ***
https://bugs.launchpad.net/bugs/244411
Thierry, while I haven't recently tried to reproduce this, I was able to
get test-samba.py from the qa-regression-testing scripts to fail with
winbind installed. Please see bug #244411 for more information.
debdiff fixing this bug and bug #277370
** Attachment added: bind9_9.5.0.dfsg.P2-1ubuntu3.debdiff
http://launchpadlibrarian.net/19077019/bind9_9.5.0.dfsg.P2-1ubuntu3.debdiff
** Changed in: bind9 (Ubuntu)
Status: New = In Progress
--
named bind9 apparmor profile error
I also added:
capability sys_resource,
since this version of bind9 complains without it.
--
named bind9 apparmor profile error
https://bugs.launchpad.net/bugs/289060
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
--
I looked at this a bit, and the math seems to be wrong in this line:
#define SIZEOF_NTPCM(m) (12+ntohs(m.count)+((m.count)?4-(ntohs(m.count)%4):0))
In ntp_request we have (where MAX_CM_SIZE is defined as 468):
req.count=htons(MAX_CM_SIZE);
Which makes req.count = 54273. Later, we have:
Public bug reported:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
affects ubuntu/bind9
status confirmed
importance wishlist
subscribe ubuntu-archive
Please sync bind9 1:9.5.0.dfsg.P2-4 (main) from Debian unstable (main).
Explanation of the Ubuntu delta and why it can be dropped:
The PIE
Thank you for using Ubuntu and taking the time to report a bug. Can you
try the updated version that was fixed in
http://www.ubuntu.com/usn/USN-680-1?
** Changed in: samba (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: New = Incomplete
--
Samba 3.2.3 has
Mark,
Based on your last comment, it seems that this should be marked 'Fix
Released'. Can you confirm?
--
Samba 3.2.3 has a memory leak that vanishes by upgrading to 3.2.5
https://bugs.launchpad.net/bugs/302969
You received this bug notification because you are a member of Ubuntu
Server Team,
** Visibility changed to: Public
--
OpenSSH does not log failed authentication attempts when PublicKey method is
used
https://bugs.launchpad.net/bugs/304598
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
--
I cannot reproduce this on Intrepid or Jaunty. Is connection sharing
enabled?
** Visibility changed to: Public
--
openssh sshd authorized_keys wrong command= (statefull value?)
https://bugs.launchpad.net/bugs/302252
You received this bug notification because you are a member of Ubuntu
Server
I have finally been able to reproduce this with ldapsearch.
After performing:
$ sudo apt-get install ca-certificates ldap-utils
I tried to do on unpatched hardy:
$ LDAPTLS_CACERT=/etc/ssl/certs/ca-certificates.crt ldapsearch -ZZ -H
ldaps://Ian's public ldap server:636/ -d 1
...
** Changed in: openldap (Ubuntu Intrepid)
Status: New = Confirmed
--
gnutls regression: failure in certificate chain validation
https://bugs.launchpad.net/bugs/305264
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in
The ldap issue has been reported in Debian bug http://bugs.debian.org
/cgi-bin/bugreport.cgi?bug=509593.
Ian, would you mind adding your ldap server URL to the bug? This way
other developers can test against it. If not, I mentioned in the Debian
report that I would give the URL to the maintainer
I compiled 2.6.3 on Jaunty and it also gives the same error.
--
gnutls regression: failure in certificate chain validation
https://bugs.launchpad.net/bugs/305264
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
--
For clarity: Dapper, Gutsy, Hardy and Intrepid have the same patch as
Jaunty (and Sid), which is the same as upstream 2.6.3.
--
gnutls regression: failure in certificate chain validation
https://bugs.launchpad.net/bugs/305264
You received this bug notification because you are a member of Ubuntu
Thank you for using Ubuntu and taking the time to report a bug.
** Changed in: openssl (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: New = Fix Committed
** Changed in: ntp (Ubuntu)
Assignee: (unassigned) = Jamie Strandboge (jdstrand)
Status: New
OpenSSL issue is fixed in http://www.ubuntu.com/usn/usn-704-1.
** Changed in: openssl (Ubuntu)
Status: Fix Committed = Fix Released
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
openssl (0.9.8g-14ubuntu2) jaunty; urgency=low
* SECURITY UPDATE: clients treat malformed signatures as good when verifying
server DSA and ECDSA certificates
- update apps/speed.c, apps/spkac.c, apps/verify.c, apps/x509.c,
ssl/s2_clnt.c, ssl/s2_srvr.c, ssl/s3_clnt.c, s3_srvr.c,
ntp (1:4.2.4p4+dfsg-7ubuntu3) jaunty; urgency=low
* SECURITY UPDATE: clients treat malformed signatures as good when verifying
server DSA and ECDSA certificates.
- debian/patches/CVE-2009-0021.patch: update ntpd/ntp_crypto.c to properly
check the return code of EVP_VerifyFinal()
NTP issue is fixed in http://www.ubuntu.com/usn/usn-705-1.
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
--
Ubuntu-server-bugs
** Changed in: ntp (Ubuntu)
Importance: High = Medium
** Changed in: bind9 (Ubuntu)
Importance: High = Medium
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
Server Team, which is
Bind9 is fixed in http://www.ubuntu.com/usn/usn-706-1.
--
OpenSSL signature verification API misuses
https://bugs.launchpad.net/bugs/314776
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.
--
Ubuntu-server-bugs mailing
601 - 700 of 1702 matches
Mail list logo
