[Desktop-packages] [Bug 2084702] [NEW] firefox takes fifteen to two hundred seconds to join google meeet

Public bug reported: Hello, Firefox lately usually takes around 15 to 30 seconds to join Google Meet sessions, though I've had some take three minutes or so to join. During this time I get a message "Still trying to get in" from Google Meet, and a spinner. My phone serves as a camera, and it doesn

[Desktop-packages] [Bug 2083603] Re: x11vnc server icon at top bar not working, not clickable

This seems unlikely to be the kernel. If you're running something other than gnome, maybe pick whatever your desktop environment is? ** Package changed: linux (Ubuntu) => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed

[Desktop-packages] [Bug 2074104] Re: package sgml-base 1.31 failed to install/upgrade: paleidikliai vykdomi ciklu, palikta

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privile

[Desktop-packages] [Bug 2062667] Re: Fails on (and should be removed from) raspi desktop

I'm having trouble seeing what the consequences are: > the result is a permanently failed service vs > this is was a major annoyance on my m2 air after upgrading to noble Was it it more than a red line in systemctl status output? Does it have annoying logging behaviour or break some other servi

[Desktop-packages] [Bug 2041751] Re: RM: Remove dangerously insecure MPPE PPTP from Ubuntu

Hey James, thanks for maintaining pptpd for so many years. I know I'm cranky when old software I use is removed just because it's no longer in fashion. But we do try to move people to safer protocols and safer programs over time. -- You received this bug notification because you are a member of D

[Desktop-packages] [Bug 2063536] Re: flickering screen

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/2063536 Title: flickering screen Status in xorg package in Ubuntu: New Bug

[Desktop-packages] [Bug 2061249] Re: remmina crashed with SIGABRT in freerdp_settings_get_bool()

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to remmina in Ubuntu. https://bugs.launchpad.net/bugs/2061249 Title: remmina crashed with SIGABRT in freerdp_settings_get_bool()

[Desktop-packages] [Bug 2060389] Re: Lock screen doesn't prevent media keys from working

Hello Jussi, thanks for the report. I believe this is an intentional design choice -- if someone cannot stop music gently they may do so violently. Thanks ** Changed in: gnome-shell (Ubuntu) Status: New => Won't Fix -- You received this bug notification because you are a member of Deskto

[Desktop-packages] [Bug 2058688] Re: gnome-shell crashed with SIGABRT

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privile

[Desktop-packages] [Bug 2019951] Re: [MIR] libmysofa

** Changed in: libmysofa (Ubuntu) Status: New => Won't Fix ** Changed in: libmysofa (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libmysofa in Ubuntu

[Desktop-packages] [Bug 2055521] Re: Xorg freeze

Hello, thanks for the bug report. I suggest taking your dmesg output (from CurrentDmesg.txt) to the virtualbox developers, it looks very unhappy. Thanks ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages

[Desktop-packages] [Bug 2055135] Re: [CREF-XX, Conexant SN6140, Black Headphone Out, Left] No sound at all

I suggest talking with the virtualbox devs: [4.040754] UBSAN: array-index-out-of-bounds in /tmp/vbox.0/common/log/log.c:1791:41 It may or may not be related to your audio issues, but it can't be good. Thanks ** Information type changed from Private Security to Public -- You received this

[Desktop-packages] [Bug 2046844] Re: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP

Scarlett, Simon and I had discussed preparing a small program that could prepare a wrapper profile: given a path to an appimage, it could emit a small profile to /etc/apparmor.d/ for the file, with the right attachment path and then load the profile. As I understand our new strategy, it would prob

[Desktop-packages] [Bug 2052832] Re: Desktop lock-screen is bypassed after switching to virtual tty on console

** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/2052832 Title: Desktop lock-screen is bypassed after switching

[Desktop-packages] [Bug 2049625] Re: CVE-2024-0519: Out of bounds memory access in V8

** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to chromium-browser in Ubuntu. https://bugs.launchpad.net/bugs/2049625 Title: CVE-2024-0519: Out of bounds memory access

[Desktop-packages] [Bug 2041751] Re: RM: Remove dangerously insecure MPPE PPTP from Ubuntu

Robie, good idea, I've added a note about pptpd and bcrelay being removed, with a link back here: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2041751 Thanks -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager-pptp i

[Desktop-packages] [Bug 2041751] Re: RM: Remove dangerously insecure MPPE PPTP from Ubuntu

Microsoft has implemented an IPSec stack: https://learn.microsoft.com/en-us/windows/win32/fwp/ipsec- configuration#how-to-use-wfp-to-configure-ipsec-policies "The Microsoft implementation of IPsec uses Windows Filtering Platform to setup IPsec policies." This page is a bit thin on which applicati

[Desktop-packages] [Bug 2046633] Re: Don't include 'nmcli -f all con' output in bug report (for privacy)

** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/2046633 Title: Don't include 'nmcli -f all con' output in b

[Desktop-packages] [Bug 2032852] Re: package libreoffice-common 1:6.0.7-0ubuntu0.18.04.13 failed to install/upgrade: conflicting packages - not installing libreoffice-common

I'm concerned about this patch: A versioned Conflicts entry is not something that someone adds lightly -- probably an abstraction file or policy language feature was added in that version of AppArmor, and policy compilation will fail if that version isn't installed before the newer versions of the

[Desktop-packages] [Bug 1897369] Re: apparmor: Allow cups-browsed to change nice value (CAP_SYS_NICE)

@reliable-robin-22 this specific message is almost certainly unrelated to whatever problem you're facing. There's millions of people using Ubuntu and surely several of them print from time to time. (I may only print once a year, but it does work for me. :) You should open a new bug report and popu

[Desktop-packages] [Bug 2027626] [NEW] Firefox url bar doesn't work as expected if I type http:// or https:// before a host

Public bug reported: Hello; I hit Control+L to focus the URL bar, then typed: http://www.debian.org/ This loads a Google search page for http. I tried again with: https://www.debian.org/ This loaded a Google search page for https. Typing just: www.debian.org leads to the expected Debian websi

[Desktop-packages] [Bug 2024582] Re: Suspicious large shared memory When Connecting to a Windows System

It's completely normal for programs to use shared memory segments. That's why they're there! :) rkhunter reports them because they're persistent like the filesystem but not really visible, unlike the filesystem. You have to know to look for them. rkhunter is a tool for you to use as part of your i

[Desktop-packages] [Bug 2021484] Re: Editing a VPN ask to introduce credentials but if you cancel can be accessed anyway

** Changed in: ubuntu-settings (Ubuntu) Status: Incomplete => New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-settings in Ubuntu. https://bugs.launchpad.net/bugs/2021484 Title: Editing a VPN ask to introduce credentia

[Desktop-packages] [Bug 2021484] Re: Editing a VPN ask to introduce credentials but if you cancel can be accessed anyway

Hello Cristobal, can you make changes from that interface? Or is it read-only? Thanks ** Information type changed from Private Security to Public Security ** Changed in: ubuntu-settings (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of

[Desktop-packages] [Bug 1993019] Re: UnboundLocalError: local variable 'version' referenced before assignment

Alberto, it looks like nobody verified https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics- drivers-515/+bug/1988836 You can find the bugs that need verification or that failed verification on https://ubuntu-archive-team.ubuntu.com/pending-sru.html Thanks -- You received this bug notifica

[Desktop-packages] [Bug 2019474] Re: package firefox 1:1snap1-0ubuntu2 failed to install/upgrade: le sous-processus nouveau firefox paquet pre-installation script a renvoyé un état de sortie d'erreur

Here's the relevant bit from the dpkg logs: Préparation du dépaquetage de .../firefox_1%3a1snap1-0ubuntu2_amd64.deb ... => Installing the firefox snap ==> Checking connectivity with the snap store ==> Installing the firefox snap erreur : snap "firefox" has "install-snap" change in progress dpk

[Desktop-packages] [Bug 2019940] Re: Directly manipulating NetworkManager keyfiles

jammy, lunary, and mantic: for distro in jammy lunar mantic ; do for component in main universe multiverse restricted ; do for-archive /srv/mirror/ubuntu/dists/$distro/$component/source/Sources.gz /srv/mirror/ubuntu/ ~/bin/for-archive-tools/unpack-search '/system- connections' ; done ; done | tee

[Desktop-packages] [Bug 2019734] Re: Gnome+Wayland Ubuntu 22.04 freezes. All USB devices disconnect on ASUS Prime Z790-A Wifi

ignore me -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to xwayland in Ubuntu. https://bugs.launchpad.net/bugs/2019734 Title: Gnome+Wayland Ubuntu 22.04 freezes. All USB devices disconnect on ASUS Prime Z790-A Wifi Status in xwayland

[Desktop-packages] [Bug 2015423] Re: Correct password not accepted.

** Information type changed from Private Security to Public Security ** Package changed: gnome-screensaver (Ubuntu) => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-screensaver in Ubuntu. https://bugs.launchp

Re: [Desktop-packages] [Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking

On Mon, Apr 03, 2023 at 06:57:36AM -, Ralf Dünkelmann wrote: > the bug (https://bugs.launchpad.net/bugs/2013453), that nem000 created > was marked as a duplicate of this one. This is the case for most of the > related bugs listed here. So it seems that this here is the issue to go > ahead with?

[Desktop-packages] [Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking

nem000 I'm sure I've seen this bug fixed a dozen times in the last fifteen years or something. It's just a popular bug to re-implement. Please file a bug with 'ubuntu-bug gnome-shell' if you're using Gnome; replace 'gnome-shell' with whatever screenlocker you're using if you're on a different envir

[Desktop-packages] [Bug 2012672] Re: [lunar] Screen content is shown shortly when resuming from sleep

** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/2012672 Title: [lunar] Screen content is shown shortly when res

[Desktop-packages] [Bug 2002061] Re: package texlive-latex-extra 2022.20220722-2 failed to install/upgrade: 该软件包现在的状态极为不妥； 建议您在卸载它之前再重新安装一次

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to texlive-extra in Ubuntu. https://bugs.launchpad.net/bugs/2002061 Title: package texlive-latex-extra 2022.20220722-2 failed to i

[Desktop-packages] [Bug 2000670] Re: package libfreerdp-server2-2:amd64 2.6.1+dfsg1-3ubuntu2.3 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before a

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to freerdp2 in Ubuntu. https://bugs.launchpad.net/bugs/2000670 Title: package libfreerdp-server2-2:amd64 2.6.1+dfsg1-3ubuntu2.3 fa

[Desktop-packages] [Bug 1993732] Re: Sound

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1993732 Title: Sound Status in alsa-driver package in Ubuntu: New Bu

[Desktop-packages] [Bug 1993019] [NEW] UnboundLocalError: local variable 'version' referenced before assignment

Public bug reported: Hello, we received a drive-by complaint about the ubuntu-drivers autoinstall tool: < Fhazal> hye i have problem with ubuntu 22.04 nvidia auto install command < Fhazal> this error appear when i try to auto install recommended driver < Fhazal> https://pastebin.com/ydZVFT24 The

[Desktop-packages] [Bug 1988588] Re: Xeon E3-1200 v2/3rd Gen Core processor Graphics Controller Drivers missing

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1988588 Title: Xeon E3-1200 v2/3rd Gen Core processor Graphics Controller Drive

[Desktop-packages] [Bug 1987981] Re: nautilus crashed with SIGSEGV in g_str_hash()

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to nautilus in Ubuntu. https://bugs.launchpad.net/bugs/1987981 Title: nautilus crashed with SIGSEGV in g_str_hash() Status in nau

[Desktop-packages] [Bug 1988016] Re: package firefox 104.0+build3-0ubuntu0.20.04.1 failed to install/upgrade: end of file on stdin at conffile prompt

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privile

[Desktop-packages] [Bug 1987911] Re: package firefox 104.0+build3-0ubuntu0.20.04.1 failed to install/upgrade: new firefox package pre-installation script subprocess returned error exit status 1

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1987911 Title: package firefox 104.0+build3-0ubuntu0.20.04.1 failed to ins

[Desktop-packages] [Bug 1987228] Re: Bug display when turning to hibernation

** Information type changed from Private Security to Public Security ** Also affects: gnome-shell (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad

[Desktop-packages] [Bug 1983778] Re: Major security issue in Ubuntu Desktop default config - Removable Media

** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-control-center in Ubuntu. https://bugs.launchpad.net/bugs/1983778 Title: Major security issue in Ubuntu Desktop

[Desktop-packages] [Bug 1985987] Re: package firefox 103.0+build1-0ubuntu0.20.04.1 failed to install/upgrade: o subprocesso do pacote firefox, novo script pre-installation retornou erro do status de s

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1985987 Title: package firefox 103.0+build1-0ubuntu0.20.04.1 failed to ins

[Desktop-packages] [Bug 1983748] Re: package firefox 103.0+build1-0ubuntu0.20.04.1 failed to install/upgrade: »neues firefox-Skript des Paketes pre-installation«-Unterprozess gab den Fehlerwert 1 zurü

Guten tag, mein Deutsch ist sehr slecht, aber ich hoffe gut genug.. Ich glaube, sie mussen: sudo snap install firefox wenn dass schoen ist: sudo dpkg --configure -a sudo apt install -f Bitte schreiben sie schon wieder, falls es nicht genug. Danke ** Information type changed from Private Secu

[Desktop-packages] [Bug 1982898] Re: CVE-2021-46829: Buffer overwrite in io-gif-animation.c composite_frame() in gdk-pixbuf

** Description changed: [Impact]  * A buffer overwrite exists in gdk-pixbuf's thumbnailer.  * The GIF loader runs out of memory with specifically crafted files with bad frame data (and images with its sizes) over the integer limit.  * After gdk-pixbuf-thum runs out of memory, ot

[Desktop-packages] [Bug 1982030] Re: POSIX is broken

Hello, please note, the bash(1) manpage describes when the ~/.profile is read: When bash is invoked as an interactive login shell, or as a non-interactive shell with the --login option, it first reads and executes commands from the file /etc/profile, if that file exists

[Desktop-packages] [Bug 1961458] Re: chown of script directory and contents

Brian, sorry, the bug is open now. Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1961458 Title: chown of sc

[Desktop-packages] [Bug 1976484] Re: never sound ubuntu 20.04 22.04 alsamixer 1.2.6 card sof-hda-dsp

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1976484 Title: never sound ubuntu 20.04 22.04 alsamixer 1.2.6 card sof-

[Desktop-packages] [Bug 1973028] Re: gnome-remote-desktop user service is always running

Please use CVE-2022-1736 for the gnome-remote-desktop user service being enabled on Ubuntu. The Debian packaging, and derivatives of both Ubuntu and Debian, for gnome-remote-desktop are probably very similar. The Debian policy strongly encourages services to be running by default after installatio

[Desktop-packages] [Bug 1972889] Re: Screen reader reads the data while computer is locked

Good job Loaf :3 ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1972889 Title: Screen reader reads the data w

[Desktop-packages] [Bug 1972114]

Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is availabl

[Desktop-packages] [Bug 1971415] Re: Remote desktop is automatically enabled after login

*** This bug is a duplicate of bug 1969619 *** https://bugs.launchpad.net/bugs/1969619 Probably this is a duplicate, feel free to break the duplication if it isn't. Thanks ** This bug has been marked a duplicate of bug 1969619 RDP Sharing appears on by default in jammy ** Information type

[Desktop-packages] [Bug 1971429] Re: gnome shell

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1971429 Title: gnome shell Status in gnome-shell package in Ubuntu: N

[Desktop-packages] [Bug 1971221] Re: firefox is flashing

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privile

[Desktop-packages] [Bug 1970593] Re: package firefox-locale-de 1:1snap1-0ubuntu2 failed to install/upgrade: Abhängigkeitsprobleme - verbleibt unkonfiguriert

Hello, this looks like the starting point of the problem: Start-Date: 2022-04-17 16:08:22 Commandline: apt-get purge firefox Purge: firefox-locale-de:amd64 (1:1snap1-0ubuntu2), firefox:amd64 (1:1snap1-0ubuntu2) End-Date: 2022-04-17 16:08:24 Start-Date: 2022-04-17 16:12:17 Commandline: apt-get

[Desktop-packages] [Bug 1970206] Re: Cursor goes missing in games

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1970206 Title: Cursor goes missing in games Status in gnome-shell packa

[Desktop-packages] [Bug 1970459] Re: import of ca-certificate in browser does not work

I switched this from ca-certificates to firefox and chromium-browser, since both browsers manage their own certificate lists and don't use the system-provided ca-certificates. (You manage that with different tools, see the first few lines of /etc/ca-certificates.conf for details.) Thanks ** Packa

[Desktop-packages] [Bug 1969593] Re: rules to prevent non-root users from rebooting not taken into account

** Also affects: systemd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to policykit-1 in Ubuntu. https://bugs.launchpad.net/bugs/1969593 Title: rules to prevent non-root users from re

[Desktop-packages] [Bug 1969593] Re: rules to prevent non-root users from rebooting not taken into account

** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to policykit-1 in Ubuntu. https://bugs.launchpad.net/bugs/1969593 Title: rules to prevent non-root users from rebooting n

[Desktop-packages] [Bug 1969118] Re: Certificate viewer shows extra bytes for RSA keys

Hello Mikko, thanks for the report; I believe that's working as intended, those bytes are part of the DER encoding; there's an excellent answer at https://crypto.stackexchange.com/a/19982/1400 that describes the meanings of each of those bytes. Thanks ** Information type changed from Private Secu

[Desktop-packages] [Bug 1967450] Re: When switching from 175% fractional scaling back to integer scaling, only a quarter of the screen is used

But who would keep that resolution when it sure *looks* broken? I can understand the "it's not new and we don't know how to fix it" :) but probably users won't know that they'll be fine after a reboot. Thanks -- You received this bug notification because you are a member of Desktop Packages, whi

[Desktop-packages] [Bug 1966572] Re: Chromium Zero Day

B[], aha, you've received no Chromium updates since November 2021 because the author of that PPA hasn't provided any. apt-file will report what files are in the Ubuntu package whether or not you have it installed. It's very handy to see what files are in an Ubuntu package without installing it. d

[Desktop-packages] [Bug 1966572] Re: Chromium Zero Day

The 20.04 LTS chromium-browser deb package exists only to install the chromium snap and deliver a few files to the filesystem outside the snap packaging system: $ apt-file show chromium-browser chromium-browser: /usr/bin/chromium-browser chromium-browser: /usr/share/applications/chromium-browser.d

[Desktop-packages] [Bug 1961854] Re: Thunderbid saves accepted calendar events in different identity

Hello Bartłomiej, can you report this to the upstream developers? This will need their input to address. Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunder

[Desktop-packages] [Bug 1963714] Re: Internal hard disk partition cannot be mounted manually

Hello Girish, there's some errors in your dmesg that make me think you may have hardware problems. It's not clear, but it's possible. Also, there's some packages in the Dependencies.txt marked with [origin: unknown] that might be worth investigating. Thanks ** Information type changed from Privat

[Desktop-packages] [Bug 1963861] Re: Can't tell what application will be launched with custom schemes

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privile

[Desktop-packages] [Bug 1964118] Re: package nvidia-utils-510 (not installed) failed to install/upgrade: trying to overwrite '/usr/bin/nvidia-bug-report.sh', which is also in package nvidia-340 340.10

** Also affects: nvidia-graphics-drivers-340 (Ubuntu) Importance: Undecided Status: New ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to nvidia-graphics-drivers-340 in

[Desktop-packages] [Bug 1963861] Re: Can't tell what application will be launched with custom schemes

** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1963861 Title: Can't tell what application will be launched with cu

[Desktop-packages] [Bug 1963751] Re: focal security update 2.34.6-0ubuntu0.20.04.1 cannot be automatically installed due to new dependency

Hello Steve, thanks for the report; can you run a manual: sudo apt update && sudo apt upgrade and report back the apt output, which will give a better idea of what exactly is holding back the upgrade? Thanks ** Changed in: webkit2gtk (Ubuntu) Status: New => Incomplete -- You receiv

[Desktop-packages] [Bug 1963751] Re: focal security update 2.34.6-0ubuntu0.20.04.1 cannot be automatically installed due to new dependency

** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to webkit2gtk in Ubuntu. https://bugs.launchpad.net/bugs/1963751 Title: focal security update 2.34.6-0ubuntu0.20.04.1 can

[Desktop-packages] [Bug 1936907] Re: [MIR] ADSys

I reviewed adsys 0.8 as checked into jammy. This shouldn't be considered a full audit but rather a quick gauge of maintainability. As usual with golang code, there's vastly more code in the package than we've authored, and it's not feasible to review the entirety. adsys allows network administrat

[Desktop-packages] [Bug 1961459] Re: adsys pam issues

Heh, so Dmitry might actually remove the other 'free' calls in the error paths :) -- and he spotted that the strdup() calls are unchecked: https://github.com/linux-pam/linux-pam/issues/444 It might be worth mirroring whatever he decides to do. Thanks ** Bug watch added: github.com/linux-pam/lin

[Desktop-packages] [Bug 1961459] Re: adsys pam issues

Oh yes, the waitpid() stuff.. if it works in testing, leaving it alone is probably fine then. Thanks. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys pam issues Sta

[Desktop-packages] [Bug 1961459] Re: adsys pam issues

Hah so I've got another bug to report then? :) Thanks! ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys p

[Desktop-packages] [Bug 1957716] Re: Update for CVE-2021-43860 and second github advisory

** Also affects: flatpak (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: flatpak (Ubuntu Impish) Importance: Undecided Status: New ** Also affects: flatpak (Ubuntu Bionic) Importance: Undecided Status: New -- You received this bug notification bec

[Desktop-packages] [Bug 1853977] Re: nvidia-340 dpkg: error: version '-' has bad syntax: revision number is empty

Hello Alberto, any chance for a fix for this issue? Users are still finding this issue. In #ubuntu, 25 December 2021: Sat 25 00:12:58 < sem> if you're curious this is the dryrun: https://pastebin.ubuntu.com/p/N7kP5Z4mRj/ Sat 25 00:15:32 < Bashing-om> sem: I do want to know - looking ^ , Sat 25 00

[Desktop-packages] [Bug 1955081] Re: Right-click on terminal causing no demand to enter user's password

(At least I think gnome-shell is the current place to put the screenlocker bugs, please let me know if it's not.) See also LP: #49579 Thanks ** Information type changed from Private Security to Public Security ** Package changed: ubuntu => gnome-shell (Ubuntu) -- You received this bug notific

[Desktop-packages] [Bug 1952548] Re: package libgdk-pixbuf2.0-0:i386 2.40.0+dfsg-3ubuntu0.2 failed to install/upgrade: el paquete está en un estado muy malo e inconsistente - debe reinstalarlo antes

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privile

[Desktop-packages] [Bug 1853977] Re: nvidia-340 dpkg: error: version '-' has bad syntax: revision number is empty

Users are still finding this issue. In #ubuntu, 3 November 2021: https://justpaste.it/97emx Thanks ** Also affects: nvidia-graphics-drivers-340 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is sub

[Desktop-packages] [Bug 1948339] Re: Logon screen can be bypassed using various shortcuts

Your daughter does good work :) Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1948339 Title: Logon scree

[Desktop-packages] [Bug 1947857] Re: ubuntu-drivers devices

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privile

[Desktop-packages] [Bug 1947642] [NEW] ipv6 enabled despite 'disabled' setting?

Public bug reported: Hello, Periodically our OpenVPN sessions fail in such a way that automated tooling that talks to Launchpad will take minutes before timing out. See https://portal.admin.canonical.com/132804 for details. We've found that manually disabling ipv6 helps, eg: sudo sysctl -w net

[Desktop-packages] [Bug 1892559] Re: [MIR] ccid opensc pcsc-lite

Now that the security team has some new hires, we're looking at reviving this series of tasks. Looking through the bug I have come up with the following outstanding items: - Add a .symbols file to opensc - try to add vsmartcard-vpicc + vsmartcard-vpcd autopkgtests - a formal list of 'supported car

[Desktop-packages] [Bug 1943480] [NEW] flatpak installation permission requirements different from ubuntu software

*** This bug is a security vulnerability *** Public security bug reported: https://lists.ubuntu.com/archives/technical-board/2021-June/002560.html The flatpak tools in Ubuntu have different rules for installing packages than we use in our software center or snap tools: https://bugs.launchpad.net

[Desktop-packages] [Bug 1942542] Re: gedit causes loss of extended attributes (xattrs)

Nice find Alex; can you please report this to upstream gedit, and report back the bug url here so we can link them together? Thanks ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is s

[Desktop-packages] [Bug 1532508] Re: Screen contents revealed briefly on resume, before even unlocking

omid, this bug report covers too many unrelated packages to be useful at this point. If you're still seeing desktop contents during resume with a currently supported version of Ubuntu, please file a new bug report with details on the specific packages you're using and steps to reproduce the issue.

[Desktop-packages] [Bug 1941945] Re: nvidia-340 340.108-0ubuntu5.20.04.2: nvidia-340 kernel module failed to build

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to nvidia-graphics-drivers-340 in Ubuntu. https://bugs.launchpad.net/bugs/1941945 Title: nvidia-340 340.108-0ubuntu5.20.04.2: nvid

[Desktop-packages] [Bug 1892454] Re: [MIR] libostree-1-1

I reviewed ostree 2020.8-2 as checked into hirsute. This shouldn't be considered a full audit but rather a quick gauge of maintainability. I didn't make any effort to find which portion of the sources correspond with the exact binary package that is under discussion. ostree is a tool to manage gi

[Desktop-packages] [Bug 1812456] Re: [MIR] libflatpak0

I reviewed flatpak 1.10.2-1ubuntu1 as checked into hirsute. This shouldn't be considered a full audit but rather a quick gauge of maintainability. flatpak is an application packaging and sandbox tool. - CVE History: we have six cves in our database, they appear to have been handled well, qui

[Desktop-packages] [Bug 1812456] Re: [MIR] libflatpak0

There's something from the polkit rules that worries me. I don't think we want the rules to be this open. Could someone more conversant with polkit rules give them a read and report back if this is something we really want? Something that specifically worried me: - Normal users need adm

[Desktop-packages] [Bug 1886092] Re: libreoffice doesn't list gpg private key for a digital signature due to apparmor

Marcelo, you can see which versions of libreoffice are packaged in which Ubuntu releases via the libreoffice source package page on launchpad https://launchpad.net/ubuntu/+source/libreoffice There's a link at the bottom of that page to help you explore versions that might be published in PPAs. Th

Re: [Desktop-packages] [apparmor] [Bug 1928360] Re: Switch to Fcitx 5 for Chinese

On Sat, Jun 05, 2021 at 01:27:19AM -, Gunnar Hjalmarsson wrote: > It means that it explicitly looks for the fcitx 5 gtk im module, while > Chromium only has access to the fcitx 4 one. Oh! Excellent debugging to find the root cause. Thanks -- You received this bug notification because you ar

[Desktop-packages] [Bug 1930579] Re: package libvdpau1 1.3-1ubuntu2 failed to install/upgrade: intentando sobreescribir el compartido `/etc/vdpau_wrapper.cfg', que es distinto de otras instancias del

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libvdpau in Ubuntu. https://bugs.launchpad.net/bugs/1930579 Title: package libvdpau1 1.3-1ubuntu2 failed to install/upgrade: in

[Desktop-packages] [Bug 1930528] Re: Mozilla Firefox Multiple Vulnerabilities

Hello, Firefox was updated in: https://ubuntu.com/security/notices/USN-4978-1 Thanks ** Information type changed from Private Security to Public Security ** Changed in: firefox (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Deskto

[Desktop-packages] [Bug 1928360] Re: Switch to Fcitx 5 for Chinese

Gunnar, indeed, it had much less in it than I expected; I don't know much about the snap packaging for Chromium, but it looked to me like it was trying to do bluetooth things and that's all that was denied. I'm no fcitx expert but I didn't think it looked related. Thanks -- You received this bu

Re: [Desktop-packages] [apparmor] [Bug 1928360] Re: Switch to Fcitx 5 for Chinese

On Tue, May 18, 2021 at 07:39:48PM -, Gunnar Hjalmarsson wrote: > On 2021-05-16 22:23, Gunnar Hjalmarsson wrote: > > As regards apparmor it's possible that no change is needed. > > Well, I simply tested with the Chromium snap. fcitx5 does not work in > Chromium, while fcitx4 does. So something

[Desktop-packages] [Bug 1892559] Re: [MIR] ccid libpam-pkcs1 libpcsc-perl opensc pcsc-tools pcsc-lite

Thanks Marco, I'll take pam-pkcs11 off our todo list. (This can be reversed, of course. If it turns out to be necessary for something, someone shout. :) Thanks ** Changed in: pam-pkcs11 (Ubuntu) Status: New => Invalid ** Changed in: pam-pkcs11 (Ubuntu) Assignee: Ubuntu Security Team

[Desktop-packages] [Bug 1923273] Re: libcaca buffer-overflow

** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libcaca in Ubuntu. https://bugs.launchpad.net/bugs/1923273 Title: libcaca buffer-overflow Status in libcaca package i

[Desktop-packages] [Bug 1921552] Re: xscreensavers

Thank you for taking the time to report this bug and helping to make Ubuntu better. Reviewing your dmesg attachment to this bug report it seems that there may be a problem with your hardware. I'd recommend performing a back up and then investigating the situation. Measures you might take include

[Desktop-packages] [Bug 1916256] Re: NVIDIA Driver not working

** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1916256 Title: NVIDIA Driver not working Status in xorg package in Ubuntu: N

  1   2   3   4   5   6   7   8   9   10   >