[Bug 849745] Re: software-center crashed with DBusException in call_blocking(): org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not sen

Same crash on 12.04 alpha 1 (i386) when trying to install the Google Chrome .deb file downloaded from http://www.google.com/chrome. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/849745 Title: softwa

[Bug 468778] Re: MD5 checksum mismatch for the DVD image metalink files

** Changed in: ubuntu Status: Invalid => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/468778 Title: MD5 checksum mismatch for the DVD image metalink files To manage notifications about

[Bug 468778] Re: MD5 checksum mismatch for the DVD image metalink files

This occurs again for Ubuntu 11.10 and possibly previous versions (I only tested 11.10). The GPG signature is OK, but all MD5 hashes don't match the corresponding .metalink files. Problematic files attached. All were downloaded from the http://cdimage.ubuntu.com/releases/11.10/release/ directory.

[Bug 617272] Re: gnochm package has missing dependancy python-gtkhtml2

This affects Ubuntu 10.04 Lucid. Confirming. ** Changed in: gnochm (Ubuntu) Status: New => Confirmed -- gnochm package has missing dependancy python-gtkhtml2 https://bugs.launchpad.net/bugs/617272 You received this bug notification because you are a member of Ubuntu Bugs, which is subscri

[Bug 626276] [NEW] Treat partner repository properly in vrms

Public bug reported: Binary package hint: vrms 1. Enable the Canonical partner repository. 2. Install some non-free packages from the partner repository such as skype or adoble-flashplugin. 3. Run vrms. vrms doesn't list any non-free packages from the partner repo, although it should. This bug

[Bug 482751] Re: "MD5 Collisions Inc." (expried) fake SSL certificate is installed as standard

As previously said, this is a security feature. If the current date on your computer is set to September 2, 2004 or before, a man-in-the-middle attacker who can control your network connection would be able to spoof any SSL site on the Internet using the MD5 Collisions Inc. certificate. This featur

[Bug 613025] Re: Alacarte creates extra copies of existing desktop entries when viewing them

** Bug watch added: GNOME Bug Tracker #564347 https://bugzilla.gnome.org/show_bug.cgi?id=564347 ** Also affects: alacarte via https://bugzilla.gnome.org/show_bug.cgi?id=564347 Importance: Unknown Status: Unknown -- Alacarte creates extra copies of existing desktop entries when vi

[Bug 613025] Re: Alacarte creates extra copies of existing desktop entries when viewing them

** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/52996792/Dependencies.txt -- Alacarte creates extra copies of existing desktop entries when viewing them https://bugs.launchpad.net/bugs/613025 You received this bug notification because you are a member of Ubuntu Bugs, whi

[Bug 613025] [NEW] Alacarte creates extra copies of existing desktop entries when viewing them

Public bug reported: Binary package hint: alacarte Steps to reproduce: 1. Run alacarte by choosing System ▸ Preferences ▸ Main Menu. 2. Choose Applications ▸ Accessories in the Menus list on the left. 3. Choose Calculator and press Properties to find out how to run it from the command line. 4.

[Bug 612185] Re: Apport leaks the secret name of the Firefox profile directory

** Also affects: apport (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- Apport leaks the secret name of the Firefox profile directory https://bugs.launchpad.net/bugs/612185 You received this bug notification because you are a member of Ubuntu Bugs, which

[Bug 612182] Re: Clicking the scroll bar scrolls more than one page

** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/52804136/Dependencies.txt ** Attachment added: "ExtensionSummary.txt" http://launchpadlibrarian.net/52804137/ExtensionSummary.txt ** Attachment added: "profile_default_pluginreg.dat.txt" http://launchpadlibrarian.net/

[Bug 612182] [NEW] Clicking the scroll bar scrolls more than one page

Public bug reported: Binary package hint: firefox Open a long page in Firefox. Click anywhere in the bottom part of the page scroll bar (but not on the arrow button). Firefox scrolls down by different amounts at different times. Sometimes it is only one page, but usually it is two or more. The s

[Bug 426791] Re: Acer Aspire One AO751h screen unknown

Copied some tags from the duplicates of this bug. ** Tags added: lucid ** Tags added: resolution -- Acer Aspire One AO751h screen unknown https://bugs.launchpad.net/bugs/426791 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu

[Bug 426791] Re: Acer Aspire One AO751h screen unknown

Stuart Bishop wrote in bug 566433: This hardware was certified for 9.10 (http://webapps.ubuntu.com/certification/hardware/200910-4251/) so this is a regression. ** Tags added: regression-release -- Acer Aspire One AO751h screen unknown https://bugs.launchpad.net/bugs/426791 You received this b

[Bug 448502] Re: There isnt a 1366 x 768 resolution option

*** This bug is a duplicate of bug 426791 *** https://bugs.launchpad.net/bugs/426791 Thank you for reporting this bug! To keep the discussion in one place, I will mark it as a duplicate of a previous report of this problem. Please feel free to file any further bugs you encounter. ** This bug

[Bug 566433] Re: Acer Aspire One 751h incorrect screen resolution

*** This bug is a duplicate of bug 426791 *** https://bugs.launchpad.net/bugs/426791 Thank you for reporting this bug! To keep the discussion in one place, I will mark it as a duplicate of a previous report of this problem. Please feel free to file any further bugs you encounter. ** This bug

[Bug 575607] Re: Can`t use native screen resolution with "poulsbo" Intel GMA500 chipset

*** This bug is a duplicate of bug 426791 *** https://bugs.launchpad.net/bugs/426791 ** This bug is no longer a duplicate of bug 448502 There isnt a 1366 x 768 resolution option ** This bug has been marked a duplicate of bug 426791 Acer Aspire One AO751h screen unknown -- Can`t use nat

[Bug 578701] Re: gnome-panel/clock-applet doesn't upgrade clock time

Thanks for reporting this bug! I experience a similar problem with my clock. I wonder if my issue is the same as yours. Could you please provide more information about your problem? When you move your mouse or press a key on the keyboard, does the clock unfreeze and start going again? Is the clo

[Bug 468782] Re: acpi-cpufreq / time offset

I experience a very similar issue using Ubuntu 10.04 final running the default desktop kernel on Asus Eee PC 1101HA (single-core 32-bit Atom Z520 CPU with HyperThreading enabled). Did you find out anything interesting about this problem? Did you try to report it elsewhere? ** Changed in: ubuntu

[Bug 426791] Re: Acer Aspire One AO751h screen unknown

See also: Bug 553898 — same problem with Acer Aspire One ZA3 running Lucid. See the comments for other laptop models. Bug 566433 — Acer Aspire One 751h, Lucid. This confirms that this bug affects Lucid. Bug 414029 — Asus EEE 1101HA. -- Acer Aspire One AO751h screen unknown https://bugs.launchp

[Bug 414029] Re: Asus EEE 1101ha 11" netbook wrong resolution (should be 1366x768)

Lucid final is also affected. -- Asus EEE 1101ha 11" netbook wrong resolution (should be 1366x768) https://bugs.launchpad.net/bugs/414029 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubun

[Bug 426791] Re: Acer Aspire One AO751h screen unknown

Bryce, this bug does affect Lucid. Do you need anything else in addition to an Xorg.0.log and apport-collect data? I'll post those when I get a chance. -- Acer Aspire One AO751h screen unknown https://bugs.launchpad.net/bugs/426791 You received this bug notification because you are a member of Ub

[Bug 553898] Re: Acer Aspire One ZA3 Ubuntu 10.04 Beta1 does not recognise the monitor (unknown), only a resolution of 1025x768 os available with a refresh rate of 0Hz, options are unable to be alter

** Changed in: ubuntu Assignee: (unassigned) => Ubuntu Laptop Team (ubuntu-laptop) -- Acer Aspire One ZA3 Ubuntu 10.04 Beta1 does not recognise the monitor (unknown), only a resolution of 1025x768 os available with a refresh rate of 0Hz, options are unable to be altered https://bugs.launch

[Bug 426791] Re: Acer Aspire One AO751h screen unknown

This bug affects many people. Let's keep it open. Also, there are some duplicates: bug 448502 and bug 575607. I'll wait to make sure that noone is going to close this bug again and will merge them into this report. ** Changed in: xorg-server (Ubuntu) Status: Invalid => Confirmed -- Acer A

[Bug 575607] Re: Can`t use native screen resolution with "poulsbo" Intel GMA500 chipset

*** This bug is a duplicate of bug 448502 *** https://bugs.launchpad.net/bugs/448502 Thanks for reporting this bug! I'm experiencing this problem in Lucid as well. I'm marking this bug as a duplicate of a previously reported bug about Acer AO751h under Karmic to keep the discussion in one plac

[Bug 552775] Re: SSL connection information window popping up incorrectly

** Description changed: Binary package hint: firefox Steps to reproduce: 1. Open an https website in Firefox (I used Launchpad). 2. Click the blue (or green in case of an EV site) button to the left of the address bar (it contains the favicon and the domain name of the site, launch

[Bug 459424] Re: [karmic] Microphone not working on a Asus 1101HA

This looks very similar to bug 471699. Perhaps they are duplicates. -- [karmic] Microphone not working on a Asus 1101HA https://bugs.launchpad.net/bugs/459424 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list u

[Bug 577796] Re: Filling disk with data leads to [sda] Unhandled error code. [sda] Result hostbyte=DID_OK driverbyte=DRIVER_TIMEOUT

It looks like this is most likely to occur under heavy CPU load. -- Filling disk with data leads to [sda] Unhandled error code. [sda] Result hostbyte=DID_OK driverbyte=DRIVER_TIMEOUT https://bugs.launchpad.net/bugs/577796 You received this bug notification because you are a member of Ubuntu Bugs

[Bug 577796] Re: Filling disk with data leads to [sda] Unhandled error code. [sda] Result hostbyte=DID_OK driverbyte=DRIVER_TIMEOUT

** Attachment added: "Output of uname -a" http://launchpadlibrarian.net/48118894/uname-a ** Bug watch added: Linux Kernel Bug Tracker #15945 http://bugzilla.kernel.org/show_bug.cgi?id=15945 ** Also affects: linux via http://bugzilla.kernel.org/show_bug.cgi?id=15945 Importance: Unknow

[Bug 577796] Re: Filling disk with data leads to [sda] Unhandled error code. [sda] Result hostbyte=DID_OK driverbyte=DRIVER_TIMEOUT

** Attachment added: "Output of hdparm -I /dev/sda" http://launchpadlibrarian.net/48118872/hdparm-I -- Filling disk with data leads to [sda] Unhandled error code. [sda] Result hostbyte=DID_OK driverbyte=DRIVER_TIMEOUT https://bugs.launchpad.net/bugs/577796 You received this bug notification

[Bug 577796] Re: Filling disk with data leads to [sda] Unhandled error code. [sda] Result hostbyte=DID_OK driverbyte=DRIVER_TIMEOUT

** Attachment added: "Output of smartctl -a /dev/sda" http://launchpadlibrarian.net/48118821/smartctl-a -- Filling disk with data leads to [sda] Unhandled error code. [sda] Result hostbyte=DID_OK driverbyte=DRIVER_TIMEOUT https://bugs.launchpad.net/bugs/577796 You received this bug notificat

[Bug 577796] [NEW] Filling disk with data leads to [sda] Unhandled error code. [sda] Result hostbyte=DID_OK driverbyte=DRIVER_TIMEOUT

Public bug reported: I'm running things like badblocks -w that fill the whole hard disk with data and then attempt to read it. Once in a while errors like this occur: May 9 01:13:53 ubuntu kernel: [29838.149173] sd 0:0:0:0: [sda] Unhandled error code May 9 01:13:53 ubuntu kernel: [29838.149193

[Bug 575745] Re: Too many kernels after upgrades

** Changed in: ubuntu Status: New => Confirmed -- Too many kernels after upgrades https://bugs.launchpad.net/bugs/575745 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com htt

[Bug 575627] [NEW] Broken link: Switching from Windows

Public bug reported: Binary package hint: ubuntu-docs Open the Ubuntu 10.04 documentation homepage at https://help.ubuntu.com/10.04/. The link 'Switching from Windows' points to https://help.ubuntu.com/10.04/switching/index.html, which is 404 Not Found. ** Affects: ubuntu-docs (Ubuntu) Imp

[Bug 575625] [NEW] Broken link: Advanced Topic s → GNU Info Pages

Public bug reported: Binary package hint: ubuntu-docs Open the Advanced Topics section at https://help.ubuntu.com/10.04/advanced-topics/C/index.html. The 'GNU Info Pages' points to http://manpages.ubuntu.com/ (the same location as the previous link, 'Terminal Commands References (man pages)').

[Bug 575623] [NEW] Advanced Topics → Abo ut Users and Groups links to a local file

Public bug reported: Binary package hint: ubuntu-docs Open the Advanced Topics section at https://help.ubuntu.com/10.04/advanced-topics/C/index.html. The 'About Users and Groups' link points to a local file, file:///usr/share/doc/base-passwd/users-and-groups.html. There are several reasons why

[Bug 574950] Re: do-release-upgrade crashed on live DVD: No module named progress.text

** Attachment added: "_usr_bin_do-release-upgrade.0.crash" http://launchpadlibrarian.net/47757239/_usr_bin_do-release-upgrade.0.crash -- do-release-upgrade crashed on live DVD: No module named progress.text https://bugs.launchpad.net/bugs/574950 You received this bug notification because you

[Bug 574950] [NEW] do-release-upgrade crashed on live DVD: No module named progress.text

Public bug reported: Binary package hint: update-manager-core I booted Ubuntu Lucid 10.04 final from a live i386 DVD while the laptop was on battery power. Soon after the boot finished and the panels appeared, I noticed a crash icon in the notification area. I didn't perform any actions that coul

[Bug 573611] [NEW] Missing Lucid (10.04) documentation on help.ubuntu.com

Public bug reported: Binary package hint: ubuntu-docs The official documentation website does not offer any documentation for Ubuntu 10.04 Lucid. I expected it to become available there once the final release is out. ** Affects: ubuntu-docs (Ubuntu) Importance: Un

[Bug 568121] Re: security.ubuntu.com lines in sources.list get overwritten with the mirror chosen by the user

This is the updated version of /etc/apt/sources.list at the end of step 4. ** Attachment added: "Updated sources.list" http://launchpadlibrarian.net/44987382/updated-sources.list ** Description changed: It is best to keep the security.ubuntu.com lines at the end of your /etc/apt/sources.l

[Bug 568121] Re: security.ubuntu.com lines in sources.list get overwritten with the mirror chosen by the user

** Attachment added: "Default sources.list" http://launchpadlibrarian.net/44987311/default-sources.list ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/44985385/Dependencies.txt -- security.ubuntu.com lines in sources.list get overwritten with the mirror chosen by t

[Bug 568121] [NEW] security.ubuntu.com lines in sources.list get overwritten with the mirror chosen by the user

Public bug reported: It is best to keep the security.ubuntu.com lines at the end of your /etc/apt/sources.list when you use a mirror to make sure you get timely security updates even if your mirror breaks. [1] [1] http://www.outflux.net/blog/archives/2008/08/20/ubuntu-security- repository-structu

[Bug 524281] Re: Tens of wakes per second in "[kernel scheduler] Load balancing tick"

I observe this problem on a single-core Intel Atom Z520 CPU with HyperThreading enabled using Ubuntu 10.04 Lucid beta 2. Based on that and on comment #8 here, I edited the bug summary to remove the CPU- specific part. ** Summary changed: - Tens of wakes per second in "[kernel scheduler] Load bala

[Bug 563916] Re: [details.so] No prompt for [S]kip or [M]anual recovery on server boot

** Also affects: plymouth Importance: Undecided Status: New ** Changed in: plymouth Status: New => Invalid ** Project changed: plymouth => ubuntu-release-notes ** Changed in: ubuntu-release-notes Status: Invalid => New -- [details.so] No prompt for [S]kip or [M]anual re

[Bug 276760] Re: Subversion doesn't work with googlecode repository

Is this still an issue for you? Which client version is required by Google Code Hosting? Which version do you use now? ** Changed in: subversion (Ubuntu) Status: New => Incomplete -- Subversion doesn't work with googlecode repository https://bugs.launchpad.net/bugs/276760 You received th

[Bug 103074] Re: Missing policy for CA certificates

Philipp, this didn't make it into Lucid, did it? -- Missing policy for CA certificates https://bugs.launchpad.net/bugs/103074 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https

[Bug 564753] [NEW] Update the list of Mozilla certificates (remove the RSA Security 1024 V3 root certificate)

Public bug reported: Binary package hint: ca-certificates Mozilla recently removed the RSA Security 1024 V3 root from their list of trusted root certificates [1, 2]. This is a request to sync the mozilla directory in ca-certificates to the current list by Mozilla. [1] https://blog.mozilla.com/

[Bug 468778] Re: MD5 checksum mismatch for the 9.10 (Karmic) i386 DVD image metalink file

I can reproduce this for Ubuntu 10.04 beta 2 live DVD. Files downloaded from: http://cdimage.ubuntu.com/releases/10.04/beta-2/MD5SUMS-metalink http://cdimage.ubuntu.com/releases/10.04/beta-2/ubuntu-10.04-beta2-dvd-i386.metalink http://cdimage.ubuntu.com/releases/10.04/beta-2/ubuntu-10.04-beta2-dvd-

[Bug 373245] Re: karmic: wakeups : hrtimer_start_range_ns (tick_sched_timer)

I added the powertop package to this bug by mistake. Sorry for that. ** Also affects: powertop (Ubuntu) Importance: Undecided Status: New ** Changed in: powertop (Ubuntu) Status: New => Invalid -- karmic: wakeups : hrtimer_start_range_ns (tick_sched_timer) https://bugs.launc

[Bug 373245] Re: karmic: wakeups : hrtimer_start_range_ns (tick_sched_timer)

** Also affects: linux via http://bugzilla.kernel.org/show_bug.cgi?id=14424 Importance: Unknown Status: Unknown -- karmic: wakeups : hrtimer_start_range_ns (tick_sched_timer) https://bugs.launchpad.net/bugs/373245 You received this bug notification because you are a member of Ubun

[Bug 552775] Re: SSL connection information window popping up incorrectly

** Attachment added: "Screenshot that demonstrates the problem" http://launchpadlibrarian.net/42705552/Firefox%20wrong%20z-order.png ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/42703740/Dependencies.txt ** Attachment added: "ExtensionSummary.txt" http://launchp

[Bug 552775] [NEW] SSL connection information window popping up incorrectly

Public bug reported: Binary package hint: firefox Steps to reproduce: 1. Open an https website in Firefox (I used Launchpad). 2. Click the blue (or green in case of an EV site) button to the left of the address bar (it contains the favicon and the domain name of the site, launchpad.net in my c

[Bug 468778] Re: MD5 checksum mismatch for the 9.10 (Karmic) i386 DVD image metalink file

I do not understand. Are you saying that there must be bug in the stock /usr/bin/md5sum in Ubuntu 8.04, which I used? I don't have neither Windows nor Cygwin, and there seems to be no md5summer package for Ubuntu. Were you verifying the checksum for the ubuntu-9.10-dvd-i386.metalink file or perhap

[Bug 468778] Re: MD5 checksum mismatch for the 9.10 (Karmic) i386 DVD image metalink file

** Attachment added: "ubuntu-9.10-dvd-i386.metalink" http://launchpadlibrarian.net/34873088/ubuntu-9.10-dvd-i386.metalink -- MD5 checksum mismatch for the 9.10 (Karmic) i386 DVD image metalink file https://bugs.launchpad.net/bugs/468778 You received this bug notification because you are a mem

[Bug 468778] [NEW] MD5 checksum mismatch for the 9.10 (Karmic) i386 DVD image metalink file

Public bug reported: I've downloaded three files from http://cdimage.ubuntu.com/releases/9.10/release/ : ubuntu-9.10-dvd-i386.metalink, MD5SUMS-metalink and MD5SUMS- metalink.gpg. I have verified the signature for MD5SUMS-metalink in the .gpg file. But the MD5 hash for the ubuntu-9.10-dvd-i386.met

[Bug 339834] [NEW] CVE-2009-0653: OpenSSL does not verify the Basic Constraints for an intermediate CA-signed certificate

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: openssl CVE-2009-0653 description from the NVD: "OpenSSL, probably 0.9.6, does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the c

[Bug 319880] Re: transmission crashed while quitting with SIGSEGV in g_closure_invoke()

Thanks for reopening this bug. The explanation makes sense to me. Could you please clarify what kind of testing do you expect to be performed on Jaunty? I know of no way to trigger this crash again even on my Hardy. Let's assume that I have installed Jaunty and the new version of Transmission does

[Bug 319880] Re: transmission crashed while quitting with SIGSEGV in g_closure_invoke()

Hew, I don't understand your decision. We've got an unreproducible crash here that has debug information attached. Is it Ubuntu policy to ignore such bugs? Is that policy documented? Can the debug information help? I imagine someone knowledgeable enough could use the backtrace to find the specific

[Bug 133310] Re: Duplicate Cdrom entries in Software Sources

Unfortunately I cannot install Jaunty to test that. I am not a tester and I use only LTS releases. -- Duplicate Cdrom entries in Software Sources https://bugs.launchpad.net/bugs/133310 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. --

[Bug 319880] Re: transmission crashed while quitting with SIGSEGV in g_closure_invoke()

I do not know. I cannot reproduce the problem. -- transmission crashed while quitting with SIGSEGV in g_closure_invoke() https://bugs.launchpad.net/bugs/319880 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list

[Bug 329716] Re: file-roller crashed with SIGSEGV in g_main_context_dispatch()

** Attachment added: "CoreDump.gz" http://launchpadlibrarian.net/22648583/CoreDump.gz ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/22648584/Dependencies.txt ** Attachment added: "Disassembly.txt" http://launchpadlibrarian.net/22648585/Disassembly.txt ** Attachm

[Bug 325261] Re: Gstreamer good plugins vulnerabilities

Adding CVE references: CVE-2009-0386, CVE-2009-0387, CVE-2009-0397, CVE-2009-0398 -- Gstreamer good plugins vulnerabilities https://bugs.launchpad.net/bugs/325261 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing li

[Bug 325261] [NEW] Gstreamer good plugins vulnerabilities

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: gstreamer0.10-plugins-good CVE-2009-0386 "Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.

[Bug 324353] Re: gksu crashed with SIGSEGV in gdk_draw_pixbuf()

** Attachment added: "CoreDump.gz" http://launchpadlibrarian.net/21902802/CoreDump.gz ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/21902803/Dependencies.txt ** Attachment added: "Disassembly.txt" http://launchpadlibrarian.net/21902804/Disassembly.txt ** Attachm

[Bug 324258] [NEW] [CVE-2008-5907] libpng: png_check_keyword() in pngwutil.c might allow overwriting arbitrary memory location

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: libpng12-0 Description from the NVD: "The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arb

[Bug 324249] [NEW] [CVE-2009-0265] BIND 9 not properly checking the return value from OpenSSL EVP_VerifyFinal()

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: bind9 CVE-2009-0265 description: "Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote atta

[Bug 321460] Re: alacarte crashed with SIGSEGV in g_closure_invoke()

I failed to reproduce this crash on my Hardy, so there's little point in testing it on Intrepid. -- alacarte crashed with SIGSEGV in g_closure_invoke() https://bugs.launchpad.net/bugs/321460 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu.

[Bug 322196] Re: Untrusted search path vulnerability in Python and multiple other programs

According to these links (provided by Jan Lieskovsky in the thread referenced above), Python 2.6 is affected as well. http://www.openwall.com/lists/oss-security/2009/01/28/5 https://bugzilla.redhat.com/show_bug.cgi?id=482814#c1 ** Description changed: - Binary package hint: python2.5 - - There'

[Bug 322196] Re: Untrusted search path vulnerability in Python and multiple other programs

Adding CVE references: CVE-2008-5983, CVE-2008-5984, CVE-2008-5985, CVE-2008-5986, CVE-2008-5987, CVE-2009-0314, CVE-2009-0315, CVE-2009-0316, CVE-2009-0317, CVE-2009-0318 ** Also affects: python2.4 (Ubuntu) Importance: Undecided Status: New ** Also affects: dia (Ubuntu) Importance

[Bug 322196] [NEW] Untrusted search path vulnerability in Python and multiple other programs

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: python2.5 There's an interesting bug (or feature?) in Python 2.5 and earlier that affects multiple applications using Python. The bug allows local or user-assisted remote arbitrary code execution. Her

[Bug 321460] Re: alacarte crashed with SIGSEGV in g_closure_invoke()

** Attachment added: "CoreDump.gz" http://launchpadlibrarian.net/21645113/CoreDump.gz ** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/21645115/Dependencies.txt ** Attachment added: "Disassembly.txt" http://launchpadlibrarian.net/21645116/Disassembly.txt ** Attachm

[Bug 321460] [NEW] alacarte crashed with SIGSEGV in g_closure_invoke()

Public bug reported: Binary package hint: alacarte Here is a description of what happened. I'm using Ubuntu 8.04.2. I recently installed the Konqueror browser (package konqueror) that depends on a good number of KDE packages. When I looked at the Applications menu, there were lots of new KDE-rel

[Bug 238977] Re: [CVE-2008-1806, -1807, -1808] Multiple vulnerabilities in FreeType2

*** This bug is a duplicate of bug 251369 *** https://bugs.launchpad.net/bugs/251369 This was fixed for Hardy and earlier releases back in September 2008: http://www.ubuntu.com/usn/usn-643-1. -- [CVE-2008-1806, -1807, -1808] Multiple vulnerabilities in FreeType2 https://bugs.launchpad.net/bu

[Bug 314776] [NEW] OpenSSL signature verification API misuses

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: openssl Please see the details in the oCERT advisory #2008-016: http://www.ocert.org/advisories/ocert-2008-016.html "Several functions inside the OpenSSL library incorrectly check the result after ca

[Bug 128932] Re: Google Suggest drop-down list too narrow in Firefox

In Firefox 3.0 this bug is alleviated by the feature that allows you to change the width of the search field manually. However, there is no reason why you should expand the search field manually every time you enter a query that triggers long suggestions, and then revert its size to leave room for

[Bug 275560] Re: Gnome Screensaver should optionally disable audio input and output

** Bug watch added: GNOME Bug Tracker #554438 http://bugzilla.gnome.org/show_bug.cgi?id=554438 ** Also affects: gnome-screensaver via http://bugzilla.gnome.org/show_bug.cgi?id=554438 Importance: Unknown Status: Unknown ** Description changed: Binary package hint: gnome-screensa

[Bug 275560] [NEW] Gnome Screensaver should optionally disable audio input and output

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: gnome-screensaver This is an enhancement request related to a low-risk security vulnerability. Nothing serious but still would be nice to have this implemented. Currently you can password-protect you

[Bug 247445] Re: Package managers vulnerable to replay and endless data attacks

** Bug watch added: Debian Bug tracker #491374 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491374 ** Also affects: debian via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=491374 Importance: Unknown Status: Unknown -- Package managers vulnerable to replay and endless data

[Bug 258180] [NEW] [CVE-2008-3276] Linux kernel dccp_setsockopt_change() integer overflow

*** This bug is a security vulnerability *** Public security bug reported: Eugene Teo of Red Hat Security Response Team wrote: "An integer overflow flaw was found in the Linux kernel dccp_setsockopt_change() function. The vulnerability exists due to a lack of sanitisation performed on a user-con

[Bug 258172] [NEW] mktemp-generated filenames insufficiently random when too short

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: mktemp mktemp produces filenames that are partly not random, possibly allowing to mount a local attack. Please see the discussion in Debian bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=49519

[Bug 258162] [NEW] Postfix local privilege escalation via hardlinked symlinks

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: postfix Wietse Venema posted an advisory about this to Bugtraq. Excerpt: "Sebastian Krahmer of SuSE has found a privilege escalation problem. On some systems an attacker can hardlink a root-owned sym

[Bug 257949] [NEW] [CVE-2008-2420] stunnel incorrect OCSP validation vulnerability

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: stunnel4 CVE-2008-2420 description: "The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access

[Bug 127960] Re: Unresponsive script dialog usability problems

I can reproduce this in Firefox 3.0.1 from Hardy (package version 3.0.1+build1+nobinonly-0ubuntu0.8.04.3) with the above test case. ** Also affects: firefox-3.0 (Ubuntu) Importance: Undecided Status: New ** Attachment added: "Firefox 3.0.1 screenshot" http://launchpadlibrarian.net/16

[Bug 253787] Re: [CVE-2008-2931] Local privilege escalation in Linux (do_change_type() in fs/namespace.c)

On Mon, Aug 11, 2008 at 21:38, Leann Ogasawara wrote: > > [...] Also, you had correctly > opened this against the 2.6.20 kernel source. It's only for bugs > against 2.6.24 or later that they will target the "linux" package. If so, please update the wiki page at

[Bug 256621] Re: [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration

** Also affects: openvpn (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493488 Importance: Unknown Status: Unknown -- [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration https://bugs.launchpad.net/bugs/256621 You received

[Bug 256632] Re: [CVE-2008-3272, -3496, -3534, -3535] Multiple vulnerabilities in the Linux kernel

Adding CVE references: CVE-2008-3272, CVE-2008-3496, CVE-2008-3534, CVE-2008-3535 ** Also affects: linux-source-2.6.15 (Ubuntu) Importance: Undecided Status: New -- [CVE-2008-3272, -3496, -3534, -3535] Multiple vulnerabilities in the Linux kernel https://bugs.launchpad.net/bugs/256632

[Bug 256632] [NEW] [CVE-2008-3272, -3496, -3534, -3535] Multiple vulnerabilities in the Linux kernel

*** This bug is a security vulnerability *** Public security bug reported: CVE-2008-3272 preliminary description: "The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is

[Bug 253787] Re: [CVE-2008-2931] Local privilege escalation in Linux (do_change_type() in fs/namespace.c)

Changed affected package from linux-source-2.6.20 to linux as per . ** Also affects: linux (Ubuntu) Importance: Undecided Status: New ** Changed in: linux-source-2.6.20 (Ubuntu) Status: New => Invalid -- [CVE-20

[Bug 256624] Re: [CVE-2008-3444] Firefox 3.0.1 crash via a crafted but well-formed web page

Adding CVE reference: CVE-2008-3444 ** Bug watch added: Mozilla Bugzilla #448564 https://bugzilla.mozilla.org/show_bug.cgi?id=448564 ** Also affects: firefox via https://bugzilla.mozilla.org/show_bug.cgi?id=448564 Importance: Unknown Status: Unknown -- [CVE-2008-3444] Firefox 3.

[Bug 256624] [NEW] [CVE-2008-3444] Firefox 3.0.1 crash via a crafted but well-formed web page

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: firefox-3.0 CVE-2008-3444 description: "The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application cr

[Bug 256617] Re: [CVE-2008-3546] PATH buffer overflow in diff_addremove(), diff_change functions() in git leading to arbitrary code execution

Adding CVE reference: CVE-2008-3546 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-3546 ** Summary changed: - [CVE-2008-3546] PATH buffer overflow in diff_addremove(), diff_change functions() in git leading to arbitrary code execution + [CVE-2008-3546] PATH buffer overflo

[Bug 256621] Re: [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration

Adding CVE reference: CVE-2008-3459 -- [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration https://bugs.launchpad.net/bugs/256621 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-

[Bug 256621] [NEW] [CVE-2008-3459] OpenVPN vulnerability allows arbitrary command execution via crafted configuration

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: openvpn CVE-2008-3459 description: "Unspecified vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8, when running on non-Windows systems, allows remote servers to execute arbitrary commands via craft

[Bug 256617] [NEW] [CVE-2008-3546] PATH buffer overflow in diff_addremove(), diff_change functions() in git leading to arbitrary code execution

*** This bug is a security vulnerability *** Public security bug reported: Binary package hint: git-core CVE-2008-3546 description: "Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a

[Bug 251304] Re: Pidgin XMPP TLS/SSL Man in the Middle attack

On Fri, Aug 8, 2008 at 02:11, Steven M. Christey wrote: > > On Tue, 5 Aug 2008, Josh Bressers wrote: > >> http://developer.pidgin.im/ticket/6500 >> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434 > > Use CVE-2008-3532, to be updated later. > > - Steve ** CVE added: http://www.cve.mitre.o

[Bug 251304] Re: Pidgin XMPP TLS/SSL Man in the Middle attack

** Bug watch added: Debian Bug tracker #492434 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434 ** Also affects: pidgin (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434 Importance: Unknown Status: Unknown -- Pidgin XMPP TLS/SSL Man in the Middle attack

[Bug 253804] Re: Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more

** Description changed: - There's an proof-of-concept exploit published on July 8, 2008 at + There's an alleged proof-of-concept exploit published on July 8, 2008 at http://www.milw0rm.com/exploits/6029 that says: "Malicious SVG file DoS The following applications were tested in their

[Bug 253804] Re: Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more

** Description changed: - There's an exploit published on July 8, 2008 at + There's an proof-of-concept exploit published on July 8, 2008 at http://www.milw0rm.com/exploits/6029 that says: "Malicious SVG file DoS The following applications were tested in their latest revisions: Firef

Re: [Bug 253804] Re: Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more

On Fri, Aug 1, 2008 at 05:01, Kees Cook wrote: > I cannot reproduce this on any of the linked packages. Have you seen > actual crashes? No, I didn't test it at all because I've got only one machine and it's in production use right now. I will post an update if I can reproduce it. I've also posted

[Bug 253804] [NEW] Possible SVG vulnerability affecting Firefox, evince, eog, Gimp and more

*** This bug is a security vulnerability *** Public security bug reported: There's an exploit published on July 8, 2008 at http://www.milw0rm.com/exploits/6029 that says: "Malicious SVG file DoS The following applications were tested in their latest revisions: Firefox's "browse for file, previe

  1   2   3   4   >