[Bug 497790] Re: squid should provide an apparmor profile
Per the suggestion from Mathias, I am working on a source branch and PPA. I have a round 1 of the code and associated packages that I need to do more testing on before proceeding. Subscribers that care can find the PPA at https://launchpad.net/~jcpunk/+archive/squid-fix-497790 I should get some good testing in this week. When I've tested more I will follow through with the merge proposal. -- squid should provide an apparmor profile https://bugs.launchpad.net/bugs/497790 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 497790] [NEW] squid should provide an apparmor profile
Public bug reported: Binary package hint: squid There is a sample squid apparmor profile at http://apparmor.opensuse.org/profiles/list. I have modified the sample profile to meet Ubuntu standards and updated the packaging scripts to install and active the profile. It has been tested on my production squid server using external auth for 2 months without problems. ** Affects: squid (Ubuntu) Importance: Undecided Status: New -- squid should provide an apparmor profile https://bugs.launchpad.net/bugs/497790 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 497790] Re: squid should provide an apparmor profile
** Attachment added: adds apparmor profile and installation http://launchpadlibrarian.net/36907869/squid_apparmor.patch -- squid should provide an apparmor profile https://bugs.launchpad.net/bugs/497790 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 127180] Re: Install squid in chroot by default
*** This bug is a duplicate of bug 497790 *** https://bugs.launchpad.net/bugs/497790 The Ubuntu side of this can be obsoleted by bug 497790 where I have attached a patch giving an apparmor profile to squid. Debian may wish to pursue this further to have a more flexible solution. ** This bug has been marked a duplicate of bug 497790 squid should provide an apparmor profile -- Install squid in chroot by default https://bugs.launchpad.net/bugs/127180 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to squid in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 423246] [NEW] slapd should have a ufw profile
Public bug reported: Binary package hint: slapd UFW has a location for applications to drop in their ports for easy access. I have attached a patch that, when applied to the build diff, will generate and deploy a ufw profile for slapd. ** Affects: openldap (Ubuntu) Importance: Undecided Status: New -- slapd should have a ufw profile https://bugs.launchpad.net/bugs/423246 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 423246] Re: slapd should have a ufw profile
** Attachment added: patch to create ufw profile http://launchpadlibrarian.net/31247590/slapd_ufw.patch -- slapd should have a ufw profile https://bugs.launchpad.net/bugs/423246 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 244925] Re: slapd reports wrong ssf using gnutls
I can confirm it is fixed in Intrepid. My Hardy box has a custom build in production so that may be a ways before testing can be done. -- slapd reports wrong ssf using gnutls https://bugs.launchpad.net/bugs/244925 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 244925] [NEW] slapd reports wrong ssf using gnutls
Public bug reported: Binary package hint: slapd More information in this thread : http://www.openldap.org/lists /openldap-software/200806/msg00065.html The ssf matching is broken on gnutls with openldap 2.4 (http://www.openldap.org/lists/openldap-devel/200802/msg00072.html). At the highest cypher the reported ssf is 32 which seems a stark contrast to the 256 that is reported by the same cypher at the same bit strength using openssl. The debian project has made its stance on linking to gnutls for openldap. Ubuntu is not so strict with the purity of the tree (some gpl code is linked to bsd code a few random places), is there any way the Ubuntu team could link this to openssl - or better yet ask Canonical to get a ruling from their lawyers as to the validity of the Debian project's choice on the matter? I am half tempted to check security on this as it breaks a large piece of the encryption enforcement, but since it breaks it in an obvious way and provides the user no false sense of security I will forgo it. ** Affects: openldap2.3 (Ubuntu) Importance: Undecided Status: New -- slapd reports wrong ssf using gnutls https://bugs.launchpad.net/bugs/244925 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 244925] Re: slapd reports wrong ssf using gnutls
** Attachment added: Patch to switch the configure.options to use openssl http://launchpadlibrarian.net/15762784/enable_openssl.diff -- slapd reports wrong ssf using gnutls https://bugs.launchpad.net/bugs/244925 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs