As far as I know, no one has made an effort to try to improve the
situation lately. There's some discussion at
https://lists.ubuntu.com/archives/apparmor/2024-February/013091.html
that may be enlightening, if not encouraging.
Thanks
--
You received this bug notification because you are a member
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/2049402
Title:
sshd doesn't properly disable KbdInterac
Scarlett, Simon and I had discussed preparing a small program that could
prepare a wrapper profile: given a path to an appimage, it could emit a
small profile to /etc/apparmor.d/ for the file, with the right
attachment path and then load the profile.
As I understand our new strategy, it would prob
I suggest talking with the virtualbox devs:
[4.040754] UBSAN: array-index-out-of-bounds in
/tmp/vbox.0/common/log/log.c:1791:41
It may or may not be related to your audio issues, but it can't be good.
Thanks
** Information type changed from Private Security to Public
--
You received this
Hello, thanks for the report; note that the fstab(5) and mount(8) man
pages both say "user", singular, not "users", plural. That's probably
why your mount command didn't work when run as a user.
I don't know about the gio or udisksctl tool errors, I'm unfamiliar with
their operation. Maybe they we
Hello, thanks for the bug report. I suggest taking your dmesg output
(from CurrentDmesg.txt) to the virtualbox developers, it looks very
unhappy.
Thanks
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch see
Hello Arunaav, I'm curious if you could double-check the testing
environment to make sure the user accounts are as you expected?
chmod 0600 /home/core/.ssh/authorized_keys
ssh -i .ssh/id_rsa onprem_shell@10.14.169.25
ssh -v user@10.14.169.25
debug1: identity file /root/.ssh/id_rsa type -1
There'
I'm adding the snapd package as it feels plausible that snapd could make
this task easier, too.
** Also affects: snapd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to appar
The 'm' permission shouldn't be a default; restricting what the CPU will
execute is a very useful security mitigation.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs
*** This bug is a duplicate of bug 2061851 ***
https://bugs.launchpad.net/bugs/2061851
** This bug has been marked a duplicate of bug 2061851
linux-gcp 6.8.0-1005.5 (+ others) Noble kernel regression with new apparmor
profiles/features
--
You received this bug notification because you ar
** Package changed: openssh (Ubuntu) => openssl (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/2063271
Title:
Illegal opcode in libssl
Status in openssl package
Public bug reported:
Hello, ubuntu-bug can't report bugs in packages provided by Ubuntu Pro.
For example, I have lynx installed, which has an update issued through
esm-apps:
$ dpkg -l lynx | grep ^ii
ii lynx 2.9.0dev.5-1ubuntu0.1~esm1 amd64classic
non-graphical (text-mode) web
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/2063536
Title:
flickering screen
Status in xorg package in Ubuntu:
The unfortunate thing with AppImage is that there's no easy default path
that can be confined as can be done for other systems. So you'll need to
construct an AppArmor profile for your applications following the
instructions at https://discourse.ubuntu.com/t/noble-numbat-release-
notes/39890#unpriv
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/1976484
Title:
never sound ubuntu 20.04 22.04 alsamixer 1.2
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is availabl
Thanks Marques, do you know if this affects Debian as well? I wonder if
they already saw this and fixed it, or if they don't yet know about it.
THanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ifupdown in Ubuntu.
https:
Hello Oscar, I didn't think systemd-nspawn would do architecture
emulation on its own.
Did you perhaps set up qemu-user-static yourself on systems where this
is working, but not set it up on the system where it is failing?
Or am I missing a new systemd-nspawn feature?
Thanks
** Changed in: open
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to qtbase-opensource-src in
Ubuntu.
https://bugs.launchpad.net/bugs/1981807
Title:
qt5-network openssl3 armhf
** Description changed:
[Impact]
* A buffer overwrite exists in gdk-pixbuf's thumbnailer.
* The GIF loader runs out of memory with specifically crafted files
with bad frame data (and images with its sizes) over the integer limit.
* After gdk-pixbuf-thum runs out of memory, ot
I'm a bit surprised ubuntu-bug shows a GUI when run under sudo at all. I
think I'd expect the usual X11 "no cookies" failure to connect.
Running X programs as another user is bound to be trouble. Perhaps
ubuntu-bug should quit immediately if it detects running via sudo, su,
etc things?
Thanks
--
** Changed in: tcp-wrappers (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tcp-wrappers in Ubuntu.
https://bugs.launchpad.net/bugs/1839598
Title:
tcp_wrappers does not whitelisting
** Information type changed from Private Security to Public Security
** Also affects: gnome-shell (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bu
Hello Josh, which GUI are you using to change dns or dhcp settings?
Thanks
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.l
Cool, thanks Josh
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1988010
Title:
systemd ignoring DHCP DNS servers and DNS servers set in Network
Manager GUI
Status in s
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1988588
Title:
Xeon E3-1200 v2/3rd Gen Core processor Graphics Cont
I have seen many people on IRC *very* upset after wasting a lot of time
trying to install updates that apt will not let them install. Fixing
this is critical to our reputation.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscri
On Mon, Sep 12, 2022 at 07:39:37AM -, Alkis Georgopoulos wrote:
> This change takes away the ability of the users to share some of their
> data WITHOUT involving the administrator.
Hello Alkis, do note that it is typical for users to own their own home
directory; if a user wishes to share, the
I'm having trouble seeing what the consequences are:
> the result is a permanently failed service
vs
> this is was a major annoyance on my m2 air after upgrading to noble
Was it it more than a red line in systemctl status output? Does it have
annoying logging behaviour or break some other servi
This change makes me uneasy:
- I see no terminal-aware filtering applied in the notify_start() ->
xvasprintf() -> writemsg() -> write() path. The remote server may not be
entirely untrusted but it's also not exactly trusted, either, especially
on the first use. There's a long and glorious history
Hello Pedro, thanks for the report; this was an explicit decision:
https://wiki.ubuntu.com/SecurityTeam/FAQ#UFW
Making firewall rules that are tight enough to stop threats yet open
enough for the computer to still be useful in a wide variety of
environments is very challenging. We've decided that
Bill, Lukas asked a question in comment #10 and set the bug to
'incomplete', hoping to get feedback from someone who could reproduce
the problem. If you can provide an answer, please do set the bug back to
'confirmed' when answering.
Thanks
--
You received this bug notification because you are a
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to avahi in Ubuntu.
https://bugs.launchpad.net/bugs/2002891
Title:
avahi_service_browser_new() failed: Invalid service
Hello Hadmut, my first inclination is that this isn't a security issue:
- services should use cryptographic verification of both peers, if this is
important
- network administrators can use port security settings on their equipment to
restrict which hosts can communicate in which fashions
If I'
** Changed in: isc-dhcp (Ubuntu)
Status: Expired => New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1916931
Title:
omshell returns inconsistent results or segfa
So far I've been arguing that apt should be more verbose about phasing,
and why these packages are held back. A friend has suggested that
instead apt should say *nothing*. I can see the appeal.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages,
Public bug reported:
Hello, the apt documentation on controlling apt phasing is in
apt_preferences(5). However, putting the records into a file in
/etc/apt/preferences.d leads to an error:
$ rg -l APT::Machine-ID -g '*.xml'
apt_2.2.2ubuntu1/doc/apt_preferences.5.xml
apt_2.3.10/doc/apt_preference
Public bug reported:
The apt-key(8) manpage includes:
apt-key(8) will last be available in Debian 11 and Ubuntu 22.04.
It appears that apt-key was shipped in Ubuntu 22.10 by accident.
apt-key is still in the 2.5.5 apt packaged for Lunar:
https://launchpad.net/ubuntu/lunar/amd64/apt/2.5.5
⏚ [sar
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/2006793
Title:
package linux-image-5.15.0-60-generic 5.1
Hello, my guess is your /boot filesystem is out of space. You might be
able to free up enough space by running:
sudo apt autoremove
If that doesn't make enough free space, you might want to ask for help
on https://askubuntu.com or #ubuntu on https://libera.chat
Thanks
--
You received this bug
Public bug reported:
Hello, a friend would like to remove all universe packages from their
system but I do not know an easy way to discover which installed
packages came from universe. I expected one of these two apt patterns to
work:
?archive(REGEX), ~AREGEX
Selects versions th
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
These look like the important errors:
update-initramfs: Generating /boot/initrd.img-5.15.0-60-generic
I: The initramfs will attempt to resume from /dev/dm-2
I: (/dev/mapper/vgubuntu-swap_1)
I: Set the RESUME variable to override this.
Error 24 : Write error : cannot write compressed block
E: mkin
Your logs suggest that your /usr/bin/dpkg has been corrupted. There is
no easy way to recover from this situation.
If you have another computer of the same architecture and running the
same release, you can copy the /usr/bin/dpkg file from one computer to
the other. If you don't have this, you can
Thank you for taking the time to report this bug and helping to make
Ubuntu better. Reviewing your dmesg attachment to this bug report it
seems that there may be a problem with your hardware. I'd recommend
performing a back up and then investigating the situation. Measures you
might take include
Hello, note the following lines from your dmesg:
[3.791052] ata3.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0
[3.791095] ata3.00: BMDMA stat 0x65
[3.791116] ata3.00: failed command: READ DMA
[3.791137] ata3.00: cmd c8/00:08:00:00:00/00:00:00:00:00/e0 tag 0 dma 4096
in
Awesome! Thanks, I thought 'section' would have been something like libs
vs oldlibs in Debian, so I didn't even try it. Sorry.
apt list '?installed?section(^universe/)' -- seems to work as I wanted.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded pa
Public bug reported:
Hello, it sounds like there's some significant performance regressions
in OpenSSL 3:
https://github.com/openssl/openssl/issues/20286#issuecomment-1438826816
Some we might be able to address with:
https://github.com/openssl/openssl/pull/18151
Some of the performance differen
Public bug reported:
Hello, I don't have an lxc manpage on my focal system:
$ man lxc
No manual entry for lxc
$ dpkg -l lxd | grep lxd ; snap info lxd | grep installed
un lxd (no description available)
installed: 5.11-ad0b61e (24483) 149MB -
It loo
Ah, thanks twice over. I've poked the old bug with a hope for a happier
answer today :) Unfortunately lxc manpage isn't exactly ideal:
$ lxc manpage lxc
Error: open
/var/lib/snapd/hostfs/home/sarnold/tmp/takehometests/lxc/lxc.alias.add.1: no
such file or directory
--
You received this bug noti
Ah but it's still plenty useful, Simon showed me I was holding the tool
the wrong way around. Having 300 manpages in a directory is a pretty
fantastic starting point. Thanks :)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to l
BlackMage, the publishing history page suggests the fix was published a
year earlier:
https://launchpad.net/ubuntu/+source/kdesu/5.92.0-0ubuntu1.1
What is the output of:
apt policy libkf5su-data
namei -l /etc/sudoers.d/kdesu-sudoers
Thanks
--
You received this bug notification because you are
** Package changed: isc-dhcp (Ubuntu) => apt (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/2035644
Title:
apt status not updated ubuntu 20 LTS
Status in apt package
Are you perhaps mixing Docker packages from one source with Docker
AppArmor profiles from another source?
AppArmor policy around signals is a bit more involved than around files:
- The sending process must have permission to send the signal to the recipient
- The receiving process must have permi
Nice find.
My guess is that the Debian maintainer forgot to include the pam.d
configuration file supplied by upstream when this new tool was included:
- https://github.com/shadow-maint/shadow/blob/master/etc/pam.d/groupmems
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663117
We could deci
usr-is-merged should probably be in main, it serves as an indicator that
the system is already using the usrmerge layout. From:
https://lists.debian.org/debian-ctte/2022/07/msg00019.html
The usrmerge package has been updated to pick up a few fixes from
Ubuntu, and most importantly to provide a new
There's over 2k instances of errors like this in the terminal log:
dpkg: 경고: files list file for package 'libctf0:amd64' missing; assuming
package has no files currently installed
This is not a happy installation. I recommend a fresh install when
convenient.
As for the prompt, the history log su
I'm uncomfortable with the idea of printing nothing when the routines
fail.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/2045250
Title:
pam_lastlog doesn't handle localtime_
Normally, intermediate certificates are supposed to be included by the
leaf certificate owners in their chain of certificates to their roots.
It is unusual for intermediate certificates to be included in the CA
bundle. GlobalSign has instructions for many applications on their
website: https://supp
Hey Andrey, thanks; I think they've almost got it right -- the Qualys
TLS compliance tool says the chain is in the wrong order so it might not
work everywhere, but certainly it'll work better than just Ubuntu adding
one intermediate:
https://www.ssllabs.com/ssltest/analyze.html?d=smsc.kz
Thanks
I wondered if it would look up LOCAL too but figured the reference in
the manual to pam_get_item(3) meant that it would special case this one
without any lookups. I should have looked at the source instead.
I like your idea of using two different files for local vs networked
services. (Though that
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2046633
Title:
Don't include 'nmcli -f all con'
Thanks Marco, I'll take pam-pkcs11 off our todo list. (This can be
reversed, of course. If it turns out to be necessary for something,
someone shout. :)
Thanks
** Changed in: pam-pkcs11 (Ubuntu)
Status: New => Invalid
** Changed in: pam-pkcs11 (Ubuntu)
Assignee: Ubuntu Security Team
Hello Dan and Matthew, thanks for working on this. I gave the debdiffs a
look, skimmed through openssl changes, and don't see any reason to not
do this. There *are* larger changes to that function in
https://github.com/openssl/openssl/commit/1e41dadfa7b9f792ed0f4714a3d3d36f070cf30e
-- but it's a fa
Matthew, thanks so much! sounds good to me.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1926254
Title:
x509 Certificate verification fails when
basicConstraints=CA:FA
Thanks for the strace, these looked like the 'important' parts:
sendto(3, {{len=56, type=AUDIT_SET, flags=NLM_F_REQUEST|NLM_F_ACK, seq=3,
pid=0},
"\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa2\xb8\x29\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"...},
56, 0, {sa_fa
On Tue, May 18, 2021 at 07:39:48PM -, Gunnar Hjalmarsson wrote:
> On 2021-05-16 22:23, Gunnar Hjalmarsson wrote:
> > As regards apparmor it's possible that no change is needed.
>
> Well, I simply tested with the Chromium snap. fcitx5 does not work in
> Chromium, while fcitx4 does. So something
Gunnar, indeed, it had much less in it than I expected; I don't know
much about the snap packaging for Chromium, but it looked to me like it
was trying to do bluetooth things and that's all that was denied.
I'm no fcitx expert but I didn't think it looked related.
Thanks
--
You received this bu
The usual way we determine if a package is in main or not is to check
the package lists; will the promotion step make the systemd-container
binary package visible to package lists or rmadison output?
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded pac
Great, thanks Ian.
** Package changed: ubuntu => openssh (Ubuntu)
** Changed in: openssh (Ubuntu)
Status: Incomplete => Invalid
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded pack
Hello Milan, I just tested an upgrade:
Unpacking isc-dhcp-server (4.4.1-2.1ubuntu5.20.04.2) over
(4.4.1-2.1ubuntu5) ...
and my /etc/default/isc-dhcp-server modifications had been left in
place.
The maintainer scripts will create a new one if the file cannot be read:
https://sources.debian.org/sr
** Summary changed:
- sudo apt install timeshift Reading package lists... Done Building dependency
treeReading state information... Done The following NEW packages will
be installed: timeshift 0 upgraded, 1 newly installed, 0 to remove and 0 not
upgraded. 1 not fully installed or remo
** Also affects: debconf (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1930301
Title:
package libpam0g:amd64 1.3.1-5ubunt
Hello Eric, thanks for doing the research on this issue.
Does the coredump look like this may be exploitable in some fashion?
Is the crash something that affects anything beyond the specific process
serving the client in question?
Thanks
--
You received this bug notification because you are a
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bluez in Ubuntu.
https://bugs.launchpad.net/bugs/1926548
Title:
The gatt protocol has out-of-bounds read t
Daniel, are you sure about that fixed-in-5.56 bug tag? I can't spot the
referenced commit in the tarballs 5.55, 5.56, 5.57, 5.58 from:
http://www.bluez.org/
nor in the github sources:
https://github.com/bluez/bluez/blob/master/src/gatt-database.c#L1054
nor the kernel.org sources:
https://git.kern
Wonderful, thanks Daniel!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bluez in Ubuntu.
https://bugs.launchpad.net/bugs/1926548
Title:
The gatt protocol has out-of-bounds read that leads to information
leakage
Status
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary file reads
Status in apport pa
On Wed, Jun 16, 2021 at 09:15:32PM -, Steve Langasek wrote:
> Disallowing leading numeric digits entirely would, unfortunately,
> disable a significant class of valid usernames in conflict with
> historical usage.
Admins are still able to hand-edit /etc/passwd, /etc/shadow, and mv
home directo
Heh, a comment in Jawn's debdiff:
* User/group names must match [a-z_][a-z0-9_-]*[$]
I found period also worked fine:
root@u20:~# useradd 0.0
root@u20:~# getent passwd 0.0
0.0:x:1001:1001::/home/0.0:/bin/sh
root@u20:~# userdel 0.0
root@u20:~# getent passwd 0.0
root@u20:~# exit
I know c
See also https://github.com/snapcrafters/discord/issues/23 -- there may
be some other advice buried in there on how to deal with the deluge
while also not giving discord permission to see all the processes you're
running.
Thanks
** Bug watch added: github.com/snapcrafters/discord/issues #23
ht
Ah, that explains that.
Would you mind adding tests for a few more usernames?
0root
0
00
0.0
0x0
0-0
0_0
0.o
0xo
0-o
0_o
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bu
I can't speak for the SRU team, but it's entirely possible that if you
prepare and test a debdiff, and show that this can be fixed, you could
drive an SRU through to completion; see
https://wiki.ubuntu.com/StableReleaseUpdates for more information.
Thanks
--
You received this bug notification be
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to software-properties in
Ubuntu.
https://bugs.launchpad.net/bugs/1965857
Title:
software-properties-gtk crashed with
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to software-properties in
Ubuntu.
https://bugs.launchpad.net/bugs/1965661
Title:
software-properties-gtk crashed with
Hopefully this is helpful for you:
https://sources.debian.org/data/main/r/ruby3.0/3.0.3-1/debian/patches/Update-
openssl-to-version-3.0.0.patch
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https:
This reminds me of several previous bugs; this may or may not be a
duplicate, and this may or may not be intentional behaviour. Hopefully
these are are useful and save some debugging effort:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1922212
https://bugs.launchpad.net/ubuntu/+source/op
Yikes, does it actually *stop* at that point? That's .. not ideal.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1968845
Title:
Upgrade to 22.04 from 20.04 ends with
Here's the postinst I've got for that package. Maybe the
reload_dbus_config() could use a --reply-timeout=5000 or something?
Thanks
$ cat /fst/trees/ubuntu/main/d/dbus/dbus_1.12.20-2ubuntu4/debian/dbus.postinst
#!/bin/sh
# Copyright © 2003 Colin Walters
# Copyright © 2006 Sjoerd Simons
set -e
Hello Mikko, thanks for the report; I believe that's working as
intended, those bytes are part of the DER encoding; there's an excellent
answer at https://crypto.stackexchange.com/a/19982/1400 that describes
the meanings of each of those bytes.
Thanks
** Information type changed from Private Secu
This may be a duplicate of https://launchpad.net/bugs/1969162
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dbus in Ubuntu.
https://bugs.launchpad.net/bugs/1968845
Title:
Upgrade to 22.04 from 20.04 ends with dbus install
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to policykit-1 in Ubuntu.
https://bugs.launchpad.net/bugs/1969593
Title:
rules to prevent non-root users from
** Also affects: systemd (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1969593
Title:
rules to prevent non-root users
I switched this from ca-certificates to firefox and chromium-browser,
since both browsers manage their own certificate lists and don't use the
system-provided ca-certificates. (You manage that with different tools,
see the first few lines of /etc/ca-certificates.conf for details.)
Thanks
** Packa
Yes, managing the configurations for the huge variety of cryptography
toolkits on a Linux system is definitely something of a chore. It would
be nice to give people one command they could use to return to unsafe-
but-compatible cryptography -- or enforce only modern cryptography.
Our friends at Re
Possibly related to https://bugs.launchpad.net/bugs/1832421
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1971650
Title:
wrong check for "server" in libssl3.postinst
Sta
On Thu, May 05, 2022 at 09:09:07PM -, Alvaro wrote:
> acs@lsp-022:~$ ssh -vT g...@github.com
> ...
> debug1: connect to address 140.82.121.4 port 22: Connection timed out
Note that "Connection timed out" is an error at the TCP level, that
indicates that your computer wasn't able to establish a
Hello, note your filesystem is full:
Filesystem 1K-blocks Used Available Use% Mounted on
udev 9812920981292 0% /dev
tmpfs 202808 1508201300 1% /run
/dev/sda5 11167656 11000192 0 100% /
That causes errors like this:
cp: error
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: openssl (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1608200
Title:
please merge openssl from Debian
S
1 - 100 of 1555 matches
Mail list logo
