Thanks for the heads up @ahasenack - I will prepare a fix and upload it
shortly.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2103663
Title:
set -x in apparmor.postinst
Fix uploaded in
https://launchpad.net/ubuntu/+source/apparmor/4.1.0~beta5-0ubuntu10
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2103663
Title:
set -x in apparmor.posti
Ah thank for noticing that John, it entirely slipped by me - so in that
case I don't think this is the appropriate fix - the AppArmor team has
worked hard to remove the busybox and other similar profiles that
allowed this bypass so I don't think we should do the same for os-
prober. Instead, since
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
This is seen in errors.ubuntu.com:
https://errors.ubuntu.com/problem/221009027abdbea786d6cc51847568a98d8c1f7d
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/2096327
Title:
Oooh nice use of non-capturing group - LGTM!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/2090887
Title:
apport hookutils.py only captures first word per line for KernLog
Thanks Bryce - no worries - but just wondering if you tested the patch?
Since when I was investigating this I noticed the following in the API
documentation for re.findall():
The result depends on the number of capturing groups in the pattern. If
there are no groups, return a list of strings match
And if we add the same snippet to source_apparmor.py so we can run it
directly then we also don't reproduce this:
root@sec-noble-amd64:/usr/share/apport/package-hooks# tail
source_apparmor.py -n6
if __name__ == '__main__':
report = {}
add_info(report, None)
for key in report:
However if I just run the code from the apparmor apport hook on that
system then it doesn't reproduce:
root@sec-noble-amd64:/usr/share/apport/package-hooks# python3
Python 3.12.3 (main, Sep 11 2024, 14:17:37) [GCC 13.2.0] on linux
Type "help", "copyright", "credits" or "license" for more informati
In a fresh noble LXD VM I can reproduce this:
apt install mysql-server apparmor
ubuntu-bug mysql-server
Then View the report and it has:
== KernLog =
apparmor
AppArmor
AppArmor
audit(
AppArmor
AppArmor
AppArmor
AppArmor
security
selinux
security
security
security
I think perhaps the best way forward here would be for Canonical to
assign a CVE for this issue if it looks like a real vulnerability and
then we can proceed with a fix. I will enquire internally.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, whic
** Changed in: openntpd (Ubuntu)
Status: Incomplete => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1727202
Title:
[17.10 regression] AppArmor ntp denial: F
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for the detailed analysis @pponnuvel - I have reverted this now
for pam in plucky in 1.5.3-7ubuntu4
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1957024
Title:
pam-mk
The risk of immediate regression is low since this is only used for new
user accounts - but since the change is to a conffile there is always a
bit more risk due to interactions with dpkg etc. But that would be a
discussion to have with the SRU team.
--
You received this bug notification because
@pponnuvel - I am in the middle of uploading this for plucky :)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1957024
Title:
pam-mkhomedir does not honor private home directo
It looks like you are using the snap version of konsole - which seems to
have strict confinement in place so its not surprising you are seeing
such issues.
I see there is a version with classic confinement in the candidate
channel - can you please try the following and see if it fixes the
issue:
This is not an issue in apparmor itself, so I am closing this bug as
invalid since it is an issue in the konsole snap in the snap store.
** Changed in: apparmor (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
I typod the magic LP bug reference in the changelog but this was upload
to oracular earlier and just moved into -proposed:
apparmor (4.1.0~beta1-0ubuntu3) oracular; urgency=medium
* Add patch from upstream to fix unintentional ABI break (LP :#2083435)
- d/p/u/fix-abi-break-record-for-aa-log-r
FWIW I don't think this proposed profile should be shipped upstream or
in Ubuntu for bitbake - it allows any file anywhere on the filesystem
under a path bitbake/bin/bitbake to use unprivileged user namespaces -
ie. if I was a malware author I would have my malware create a second
stage malware fil
** Changed in: snapd
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2056696
Title:
All Snaps are denied the ability to use DBus
Thanks for reporting this issue - but it is strange since this update
has been published since 2024-02-27 and this is the first such report of
any issues.
Also given this update has been available for nearly 2 months it is
surprising you are seeing errors from it so much later - I wonder if
instea
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is availabl
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Your bug report is more likely to get attention if it is made in
English, since this is the language understood by the majority of Ubuntu
developers. Additionally, please only mark a bug as "security" if it
shows evid
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Given this has been reverted in Debian, it should not be synced into
Ubuntu.
** Changed in: xz-utils (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xz-utils in Ubuntu.
https://bugs.la
Ok whilst I still can't see the /StatusNotifierItem object listed via
d-feet I can reproduce the denials when launching element-desktop so I
have added some additional changes to the aforementioned PR which
resolve these as well. With all the changes from that PR in place all of
these mentioned den
The subsequent error is:
Main script file /usr/lib/x86_64-linux-
gnu/calamares/modules/automirror/main.py for python job automirror
raised an exception.
Is there any way I can debug this further?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, wh
Ah although it seems I can reboot the VM at this point and whilst
Calamares appeared to run again again in the rebooted vm if I choose
Install Calamares closes and I see the installed kubuntu environment -
weird
Anyway I think I will be able to use this to debug the original issue
further - wi
Yes I hit that exact issue in Calamares but after fixing it I then hit
another similar crash in a different script in calamares - will see if I
can reproduce and provide you with details.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subs
So I installed kubuntu-desktop on an up-to-date noble VM and then after
logging into the kubuntu session I was able to reproduce the issue for
Notifications but I couldn't see anything owning the /StatusNotifierItem
dbus path.
For notifications I submitted
https://github.com/snapcore/snapd/pull/13
Public bug reported:
Latest upstream release
https://gitlab.com/apparmor/apparmor/-/releases/v4.0.0-beta3
Contains only bug fixes since 4.0.0-beta2 which is currently in noble-
proposed thus does not require a FFe.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
--
> Log: apparmor="DENIED" operation="dbus_method_call" bus="session"
path="/org/freedesktop/DBus" interface="org.freedesktop.DBus"
member="ListActivatableNames" mask="send" name="org.freedesktop.DBus"
pid=2950 label="snap.element-desktop.element-desktop"
peer_label="unconfined"
This is provided by
Uploaded to noble-proposed yesterday
https://launchpad.net/ubuntu/+source/apparmor/4.0.0~beta2-0ubuntu3
** Changed in: apparmor (Ubuntu)
Status: Triaged => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
As per
https://gitlab.freedesktop.org/fontconfig/fontconfig/-/issues/409#note_2298588
this can also be fixed by adding an additional rule to
/etc/fonts/conf.d/70-no-bitmaps.conf of the form:
false
** Bug watch added: gitlab.freedesktop.org/fontconfig/fontconfig/-/issues #409
https://gitlab.fre
Both deb8 tests already declares a Depends on python3-distutils - and we
can see that the current test runs all used the 3.11 based
python3-distutils - do we need a no-change-rebuild of python3-stdlib-
extensions so that it builds against python 3.12?
--
You received this bug notification because
** Also affects: ufw
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/2051540
Title:
ufw ftbfs with Python 3.12 as default
Status in
Actually I just got it working - no need to send PoC @kerneldude - I
made my own.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.net/bugs/2029464
Title:
A stack overflow in GNU Tar
St
So I managed to create a tar file with an extended attribute name of
length of ~ 36 bytes long (the largest I can do without exceeding
the existing check on maximum extended header lengths it seems) but this
is not able to trigger the vuln - so if you are able to share your PoC
that would be gr
@kerneldude - any chance you could share your poc (perhaps email it to
secur...@ubuntu.com rather than post it publicly here)? I have tried
creating one via the following but I hit the CLI args limit before I can
get an xattr key long enough:
touch bar
tar --pax-option SCHILY.xattr.user.$(python3
Excellent - thanks for letting us know. So since a CVE has already been
assigned then we won't assign an additional one. I'll add the details to
our CVE tracker.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
h
@kerneldude - do you know if MITRE ever assigned a CVE for this?
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.net/b
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
I am struggling to see the vulnerability here still - the path used in
this case is /tmp/ubuntu-drivers-common.config.55GJ8b appears to have a
randomly generated suffix and so couldn't have been guessed beforehand
nor preseeded with other contents by a local attacker - so the only way
then that I c
Adding a task against libseccomp until we know more about where the bug
lies.
** Also affects: libseccomp (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libseccomp in Ubun
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
As discussed with the wider security team, we have decided not to push
ahead with this change for mantic and instead will look to enable it
very early in the 24.04 devel cycle . Marking as invalid and
unsubscribing the release team.
** Changed in: apparmor (Ubuntu)
Status: New => Won't Fix
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Alex Murray (alexmurray)
** Changed in: apparmor (Ubuntu)
Importance: Undecided => High
** Changed in: apparmor (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member
Public bug reported:
Similar to
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2035315 the
proposed unprivileged user namespace restrictions feature of apparmor in
mantic breaks various third-party applications that use unprivileged
userns for sandboxing themselves.
These include:
- Bra
** Changed in: apparmor (Ubuntu)
Status: Incomplete => New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2036128
Title:
[FFe] enable unprivileged user namespace r
@vorlon - the FFe you approved was to upload a whole new release
apparmor-4.0.0~alpha2 with supporting infrastructure for this feature,
but crucially it did not enable it at that time (as we wanted more time
to add additional profiles for all the packages in the archive so that
when then feature ge
FYI I redid this change again on top of the fix from
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/2036302 and have
uploaded it to the aforementioned PPA (debdiff is almost identical,
except for the different context in debian/changelog)
** Patch added: "apparmor_4.0.0~alpha2-0ubuntu5.debdiff
As seen in
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2036302 it turns
out the lxc package already shipped a profile in
/etc/apparmor.d/usr.bin.lxc-create - so this profile itself needs to be
updated to add the userns permission and declare the new ABI in lxc in
mantic.
** Also affect
Uploaded in apparmor 4.0.0~alpha2-0ubuntu4 - currently waiting to build
etc -
https://launchpad.net/ubuntu/mantic/+queue?queue_state=3&queue_text=apparmor
** Changed in: apparmor (Ubuntu)
Status: Triaged => Fix Committed
--
You received this bug notification because you are a member of Ub
Apologies for this - I am working on an update now to resolve it.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/2036302
Title:
apparmor 4.0.0~alpha2-0ubuntu3 ships same file
@sil2100 - apologies, I think I wasn't clear - for the actual enablement
to take effect, this FFe does require the new kernel - BUT I added some
fallback logic to detect if the kernel doesn't support the required
feature so that the sysctl gets disabled in that case when the apparmor
service is sta
I have uploaded this new version to
https://launchpad.net/~alexmurray/+archive/ubuntu/lp2036128 and so it
should be built soon (from which the build log will be available).
Please let me know if any other information is required.
--
You received this bug notification because you are a member of U
apt log when installing new apparmor packages
** Description changed:
As per https://discourse.ubuntu.com/t/spec-unprivileged-user-namespace-
restrictions-via-apparmor-in-ubuntu-23-10/37626, unprivileged user
namespace restrictions for Ubuntu 23.10 are to be enabled by default via
a sysct
Proposed changes for FFe to enable the sysctl by default but add
fallback logic to disable it if the system doesn't provide all the
required features.
** Patch added: "apparmor_4.0.0~alpha2-0ubuntu4.debdiff"
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2036128/+attachment/5701125/+f
Public bug reported:
As per https://discourse.ubuntu.com/t/spec-unprivileged-user-namespace-
restrictions-via-apparmor-in-ubuntu-23-10/37626, unprivileged user
namespace restrictions for Ubuntu 23.10 are to be enabled by default via
a sysctl.d conf file in apparmor.
In https://bugs.launchpad.net/
)
Importance: High
Assignee: Alex Murray (alexmurray)
Status: Confirmed
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Alex Murray (alexmurray)
** Changed in: apparmor (Ubuntu)
Importance: Undecided => High
** Changed in: apparmor (Ubuntu)
Statu
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
lt;(aa-features-abi -x)
f17b0a97806d733b5b884d8a1c2fea37 /etc/apparmor.d/abi/4.0
f17b0a97806d733b5b884d8a1c2fea37 /dev/fd/63
** Affects: apparmor (Ubuntu)
Importance: Undecided
Assignee: Alex Murray (alexmurray)
Status: New
** Affects: apparmor (Ubuntu Mantic)
Impo
** Patch added: "bionic debdiff with corrected version number"
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2024637/+attachment/5682930/+files/apparmor_2.12-4ubuntu5.3.debdiff
** Patch removed: "debdiff for bionic"
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2024637/
It turns out there was already an upload of apparmor 2.12-4ubuntu5.2 to
bionic-proposed that got rejected
(https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1703821/comments/15),
so this update will instead need to skip this version number and use
2.12-4ubuntu5.3 instead.
--
You received th
Importance: Undecided => High
** Changed in: apparmor (Ubuntu Xenial)
Assignee: (unassigned) => Alex Murray (alexmurray)
** Changed in: apparmor (Ubuntu Bionic)
Assignee: (unassigned) => Alex Murray (alexmurray)
** Changed in: apparmor (Ubuntu Xenial)
Status: New => I
** Patch added: "debdiff for bionic"
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2024637/+attachment/5682828/+files/apparmor_2.12-4ubuntu5.2.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in U
A possible fix on the snapd side is being prepared in tandem in
https://github.com/snapcore/snapd/pull/12909
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2024637
Title:
** Also affects: snapd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2024637
Title:
apparmor.service tries to load s
** Also affects: apparmor (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: apparmor (Ubuntu Bionic)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to appar
Public bug reported:
As of snapd 2.60, when installed as a snap, snapd includes its own
vendored apparmor_parser and configuration. As such, it generates
profiles using newer apparmor features than the system installed
apparmor may support.
This is seen as a failure to load the apparmor.service a
This bug is fixed and the behaviour you are seeing is expected - ie. it
is expected that AppArmor prints a warning about forcing complain mode
for the usr.sbin.sssd profile and that it then also prints a warning
about caching being disabled for that due to it being in force complain
mode. This is e
These have now been uploaded to -proposed and are sitting in UNAPPROVED:
https://launchpad.net/ubuntu/jammy/+queue?queue_state=1&queue_text=apparmor
https://launchpad.net/ubuntu/focal/+queue?queue_state=1&queue_text=apparmor
** Changed in: apparmor (Ubuntu Focal)
Status: Confirmed => In Pr
This current bug looks like LP: #1991691
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1992930
Title:
chromium won't launch at menu when installed; lubuntu kinetic
Stat
*** This bug is a duplicate of bug 1991704 ***
https://bugs.launchpad.net/bugs/1991704
** This bug has been marked a duplicate of bug 1991704
Kinetic kernels 5.19.0-18/19-generic won't boot on Intel 11th/12th gen
--
You received this bug notification because you are a member of Ubuntu
Tou
*** This bug is a duplicate of bug 1991691 ***
https://bugs.launchpad.net/bugs/1991691
** This bug has been marked a duplicate of bug 1991691
cannot change mount namespace
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed t
Thanks I have updated the status of this CVE in the Ubuntu CVE tracker.
** Changed in: tar (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tar in Ubuntu.
https://bugs.launchpad.
** Description changed:
- Placeholder for preparation of AppArmor 3.1.1 for kinetic.
+ AppArmor 3.1.1 is the latest upstream version of the apparmor userspace
+ tooling.
+
+ This includes a large number of bug fixes since the 3.0.7 release which
+ is currently in kinetic, as well as various clean
** Attachment added: "apparmor-3.0.7-to-3.1.1-git-log.log"
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1989309/+attachment/5617640/+files/apparmor-3.0.7-to-3.1.1-git-log.log
** Description changed:
AppArmor 3.1.1 is the latest upstream version of the apparmor userspace
tooling
This sounds like a kernel regression.
The commit you link to is for SELinux, which is not enabled by default
in Ubuntu, so I doubt it is that specifically - instead I suspect this
is due to the following commit: https://git.launchpad.net/~ubuntu-
kernel/ubuntu/+source/linux/+git/kinetic/commit/?h=
Public bug reported:
Placeholder for preparation of AppArmor 3.1.1 for kinetic.
** Affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Summary changed:
- [FFe] apparmor 3.1.0 upstream release
+ [FFe] apparmor 3.1.1 upstream release
--
You received this bug notificati
> I do not intend to take further action to modify those packages. If it is a
> blocker for Ubuntu
> that they are fixed, then someone from Ubuntu will need to do that work.
Given the relationship between the packages has now changed - ie.
polkitd-pkla is not mutually exclusive from the javascri
** Changed in: gimp (Ubuntu)
Status: Fix Released => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gtk+2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/283115
Title:
Gimp: toolbox windows can't be minimized
Kinetic)
Importance: High
Status: Confirmed
** Changed in: apparmor (Ubuntu Kinetic)
Status: Confirmed => In Progress
** Changed in: apparmor (Ubuntu Jammy)
Status: New => In Progress
** Changed in: apparmor (Ubuntu Kinetic)
Assignee: (unassigned) => Al
FYI I have sent a MR to the upstream AppArmor project to remove this
dbus deny rule from the exo-open abstraction:
https://gitlab.com/apparmor/apparmor/-/merge_requests/884
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to appar
This looks like a duplicate of LP: #1959375
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to adduser in Ubuntu.
https://bugs.launchpad.net/bugs/1978042
Title:
adduser doesn't support extrausers for group management
Status i
>From what I can see of this postinst this looks to be a bug from adduser
in debian itself - and would appear to come from
https://salsa.debian.org/debian/adduser/-/blob/master/debian/postinst#L33
- ie. if the default value is unchanged then an /etc/adduser.conf.dpkg-
save is always generated when
@mardy I thought we had snapd.apparmor specifically to avoid this
scenario but I can't see that service mentioned at all in systemd-
analyze plot...
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://b
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thank you for taking the time to report this bug and helping to make
Ubuntu better. Unfortunately we can't fix it, because your description
didn't include enough information. You may find it helpful to read 'How
to report bugs effectively'
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html. We'd
I believe this is caused by debootstrap - it only uses packages from the
release pocket (and this is frozen from the time Ubuntu 20.04 LTS was
originally released). This is a known issue
https://askubuntu.com/questions/744684/latest-security-updates-with-
debootstrap but I am not sure if there is m
ges:
- Update autopkgtests to use syscalls from 5.16-rc1
-- Alex Murray Thu, 24 Feb 2022 09:53:35
+1030
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1971288/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Thank you for taking the time to report this bug and helping to make
Ubuntu better. Unfortunately we can't fix it, because your description
didn't include enough information. You may find it helpful to read 'How
to report bugs effectively'
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html. We'd
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Nice - thanks @sdeziel
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1452115
Title:
Python interpreter binary is not compiled as PIE
Status in Python:
New
Status in
Thanks @doko :)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1452115
Title:
Python interpreter binary is not compiled as PIE
Status in Python:
New
Status in python2
1 - 100 of 361 matches
Mail list logo