** Changed in: pipewire (Ubuntu)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802533
Title:
[MIR] pipewire
To manage notifications about this bug go to:
http
This second review will only document the areas that some difference was
found from the first review.
I reviewed pipewire 0.3.15-1 as checked into hirsute. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
- Build-Depends:
debhelper-compat (= 13), libasound2-d
Hi Robie,
Yes, you are correct.
This SRU enables 2 things. First, it enables systemd probes/schema. The user
would have to have oval code that implements this schema/probe for it to be
used. So, several things are likely: 1. users did not implement code using this
schema since it was unavailab
Hi Robie,
I tested this SRU with the new package in proposed and verified.
$ dpkg -l | grep libopenscap8
ii libopenscap8 1.2.8-1ubuntu0.1
amd64Set of libraries enabling integration of the SCAP line of
standards
I ran a few rules in my ov
I agree with the above analysis.
There is something else I have noticed... the openscap community
consists of several components, one of them implements security-guides
(scap content (checklists) to pass to oscap). xenial did not ship any
security-guide component. However, bionic does. Bionic also
** Changed in: ndctl (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1853506
Title:
[MIR] ndctl
To manage notifications
I reviewed ndctl as checked into focal. This shouldn't be considered a
full audit but rather a quick gauge of maintainability.
ndctl is comprised of utilities and libraries for managing the libnvdimm
(non-volatile memory device) sub-system in the Linux kernel
- No CVEs readily found.
Gleaned t
ak/util-linux/commit/189edf1fe501ea39b35911337eab1740888fae7a
** Affects: util-linux (Ubuntu)
Importance: High
Assignee: Joy Latten (j-latten)
Status: New
** Changed in: util-linux (Ubuntu)
Importance: Undecided => Medium
** Changed in: util-linux (Ubuntu)
Importance: Medium
** Description changed:
+ [IMPACT]
+ hwclock reports incrorect status in audit message
+
+ hwclock calls audit_log_user_message(3) to create an audit entry.
audit_log_user_message(3) result 1 is "success" and 0 is
"failed", hwclock use standard EXIT_{SUCCESS,FAILURE} macros with reverse
- sta
** Attachment added: "debdiff for focal"
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1865504/+attachment/5333544/+files/debdiff.focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/186
Build log
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/18795481
** Bug watch added: Debian Bug tracker #953065
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953065
** Also affects: util-linux (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953065
Impo
The debdiff for focal
** Attachment removed: "debdiff for focal"
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1865504/+attachment/5333544/+files/debdiff.focal
** Attachment added: "debdiff.focal"
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1865504/+attachment/53
** Also affects: util-linux (Ubuntu Bionic)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865504
Title:
hwclock reports incorrect status in audit message
** Also affects: util-linux (Ubuntu Eoan)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865504
Title:
hwclock reports incorrect status in audit message
Testing in progress...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
To manage notifications about this bug go to:
https://bugs.launchpad.n
Verified using same test data allowing for interoperability testing
between the various releases and with fips for xenial and bionic.
** Tags removed: verification-needed-bionic verification-needed-cosmic
verification-needed-xenial
** Tags added: verification-done-bionic verification-done-cosmic
Successfully verified xenial, bionic, and cosmic.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
To manage notifications about this bug go t
verification done on following:
xenial: openvpn-2.3.10-1ubuntu2.2
bionic: openvpn-2.4.4-2ubuntu1.2
cosmic: openvpn-2.4.6-1ubuntu2.1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openv
** Changed in: pipewire (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802533
Title:
[MIR] pipewire
To manage notifica
I reviewed pipewire 0.2.5-1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
pipewire is a multimedia sharing and processing engine. It is comprised of a
server and userspace API to handle multimedia pipelines. The pipewire package
con
Applied fixes for above comments. After some team discussion, decided to
use sha256 for internal hash rather than sha1 in xenial as well.
Internal hash is never communicated externally. Performed additional
interoperability testing successfully using same test parameters as
previously.
cosmic(with
This bug has been reported:
1.Upstream Bug: https://community.openvpn.net/openvpn/ticket/725
2.Suse Bug report:
https://build.opensuse.org/package/view_file/network:vpn/openvpn/openvpn-fips140-2.3.2.patch
** Description changed:
[IMPACT]
+ openvpn segfaults when using fips-mode openssl becau
This bug appears to have been fixed in an update. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/336815
Title:
Aladdin e
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/776082
Title:
pcscd spams sy
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/795540
Title:
package
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/790502
Title:
If OS ha
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/796893
Title:
Rutoken Magist
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1004683
Title:
pcscd fails to
This is most likely fixed via pcscd starting from systemd in current
releases. Closing this since it has had no activity and has eol.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which i
This was fixed in subsequent release. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1090238
Title:
pcscd hangs a
This bug was not applicable to pcsc-lite package. Closing since no
activity and eol.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/11618
Fixed in subsequent release. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1700104
Title:
package pcscd 1.8.10-1ubun
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1366152
Title:
System crash
Is this still an issue? Changing to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/153
Title:
Omnikey Cardreader no
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1570359
Title:
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1683378
Title:
packag
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1690543
Title:
packag
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1731410
Title:
packag
This has been fixed in bionic. Already fixed in xenial.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1898078
Title:
FIPS OpenSSL crashes Python2.7 hashlib when using MD5
To manage notifications ab
Public bug reported:
The fix for #1835135 was not included into the python2.7 update. This
bug has been opened to include it.
** Affects: python2.7 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is su
** Also affects: python2.7 (Ubuntu Groovy)
Importance: Undecided
Status: New
** Also affects: python2.7 (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: python2.7 (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: python2.7 (Ubuntu
** Description changed:
- The fix for #1835135 was not included into the python2.7 update. This
- bug has been opened to include it.
+ The fix for #1835135 was included into a python2.7 ver when python2.7
+ was updated, the fix was not included. It needs to be put pack into the
+ latest version pf
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchp
Verified this on both bionic and focal.
Testcase: (focal)
$ dpkg -l | grep libopenscap8
ii libopenscap8 1.2.16-2ubuntu3.1
amd64Set of libraries enabling integration of the SCAP line of standards
$ oscap oval eval --report cve-report.html com.ubu
Hi, security team is wanting to do a MIR audit on pipewire for groovy.
Unfortunately, the current pipewire source downloaded from groovy does
not appear to have been updated nor does it build.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ub
Reassigning so that necessary work is done to get pipewire updated,
building and working in groovy.
** Changed in: pipewire (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subsc
Investigating.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting some client
applications
To manage notifications about this bug go to:
Also, this is only applicable in bionic. Neither xenial nor focal
experience this issue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting
It seems 2 things are happening to generate this issue
1.fips-openssl in bionic has md5 and md5_sha1 in fips digest list with
explicit purpose of accommodating PRF use only in fips mode. But you
must pass the flag, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW to successfully use
them.
2. ntpq does not check re
I added return checks to ntpq code and this appears to solve the
problem. Is it ok to make this an SRU?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized dige
debdiff for bionic
** Attachment added: "debdiff.bionic"
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1884265/+attachment/5391374/+files/debdiff.bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launch
Build log:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/19570468
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting some c
** Description changed:
- In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
- segfault.
+ [Impact]
+ In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
+ ntpq uses crypto hashes to authenticate its requests. By default it appears
to use a
** Description changed:
[Impact]
In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
- ntpq uses crypto hashes to authenticate its requests. By default it appears
to use an internal md5 implementation. However, when compiled with openssl it
creates a lists
Testing:
There are no autopkgtests for ntp pkg and we do not run "make check" in
the tests dir as part of the build. So, just in case it is applicable, I
ran make check on my local build to ensure everything passes.
** Attachment added: "Results of running make check in ../tests directory"
ht
Additional testing for ntpq authentication to ensure MD5 still works for
ntpq in archive
NOTE: The shown testing is ntpq(with patch) + openssl from archive. To ensure
all still works.
Testing with ntpq + fips-openssl was also done successfully.
VM-A (ntp server)
1. Edit /etc/ntp.keys to inclu
** Changed in: openssl (Ubuntu)
Assignee: (unassigned) => Joy Latten (j-latten)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfault
** Summary changed:
- [fips] Not fully initialized digest segfaulting some client applications
+ [fips] ntpq segfaults when attempting to use MD5 from FIPS-openssl library.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.
** Description changed:
[Impact]
In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
ntpq uses crypto hashes to authenticate its requests. By default it uses
md5. However, when compiled with openssl it creates a lists of
acceptable hashes from openssl t
Investigating
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835135
Title:
FIPS OpenSSL crashes Python2 hashlib
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+sour
Like python3, python2 should check the return value of EVP_DigestInit.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835135
Title:
FIPS OpenSSL crashes Python2 hashlib
To manage notifications abou
The assessment is accurate.
FIPS 140-2 does not allow MD5 except for use in PRF.
Thus the OpenSSL_add_all_digests in fips openssl does not include MD5.
However, SSL_library_init() does include MD5 but only for use in calculating
the PRF. Notice in tls1_P_hash() in ssl/t1_enc.c
the flag, EVP_MD
Upon looking at the source for both python2.7 and python3.5 in xenial,
neither checks the return value from EVP_DigestInit in
Modules/_hashopenssl.c file.
However, python3.6 (in bionic, cosmic and disco) does have the check.
So the check will need to be backported to python 2.7 and python 3.5 in
I reviewed gnome-remote-desktop 0.1.7-1 as checked into eoan. This
shouldn't be considered a full audit but rather a quick gauge of
maintainability.
gnome-remote-desktop is a remote desktop daemon for GNOME using VNC with
pipewire. It is suppose to work with both X and Wayland.
- No CVEs.
Also Ex
I would like to add an additional condition to the security team ACK.
The pipewire MIR must also be ACK'd.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802614
Title:
[MIR] gnome-remote-desktop
To
** Changed in: gnome-remote-desktop (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802614
Title:
[MIR] gnome-remote-des
The 2.7 and 3.5 python packages in the security proposed PPA have been
successfully tested in a fips and non-fips xenial environment.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835135
Title:
FIP
Public bug reported:
FIPS 140-2 does not permit MD5 except when used for pseudorandom
function (PRF). When openvpn requests MD5 operation to FIPS-mode-
openssl, since it is not allowed in general, fips-mode-openssl goes into
an error state.
openvpn needs to set a specific fips-mode-openssl flag t
** Description changed:
- FIPS 140-2 does not permit MD5 except when used for pseudorandom
- function (PRF). When openvpn requests MD5 operation to FIPS-mode-
- openssl, since it is not allowed in general, fips-mode-openssl goes into
- an error state.
+ [IMPACT]
+ openvpn when estabishing a tls co
build log for disco:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/15743680
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
T
debdiff.disco
** Attachment added: "debdiff for disco"
https://bugs.launchpad.net/ubuntu/disco/+source/openvpn/+bug/1807439/+attachment/5222035/+files/debdiff.disco
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.laun
testcase-data contains some of the data produces as a result of
interoperability testing. It is applicable to xenial, bionic and disco.
** Attachment added: "testcase-data"
https://bugs.launchpad.net/ubuntu/disco/+source/openvpn/+bug/1807439/+attachment/5222036/+files/testcase-data
--
You re
** Attachment removed: "debdiff for disco"
https://bugs.launchpad.net/ubuntu/disco/+source/openvpn/+bug/1807439/+attachment/5222035/+files/debdiff.disco
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bug
** Attachment added: "debdiff.disco"
https://bugs.launchpad.net/ubuntu/disco/+source/openvpn/+bug/1807439/+attachment/5222037/+files/debdiff.disco
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807
Hi Christian,
Hopefully the testcase-data file follows what you described. If not, let
me know and I can reorganize it for improved readability.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
build log for bionic:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/15743676
** Also affects: openvpn (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: openvpn (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: openvpn (Ubuntu Xe
build log for xenial:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/15743720
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
** Attachment added: "debdiff.bionic"
https://bugs.launchpad.net/ubuntu/xenial/+source/openvpn/+bug/1807439/+attachment/5222054/+files/debdiff.bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1
The xenial patch has additional code. In version 2.3.10, openvpn uses
MD5 for PRF and internally for configuration status verification. FIPS
140-2 permits MD5 for PRF, but not as a hash for internal verification.
Subsequent versions of openvpn (2.4) was changed upstream to not use
MD5, instead uses
2 testcases using same parameters for prior testcases, except that
installed FIPS-mode libcrypto.so to test and ensure FIPS-mode
libcrypto.so honors the flag to allow MD5 in PRF and does not cause
openvpn to segfault because MD5 is missing.
** Attachment added: "testcase-data-fips"
https://bug
** Description changed:
[IMPACT]
openvpn when estabishing a tls connection will segfault when used with
Ubuntu's FIPS 140-2 libcrypto.so (openssl).
- openvpn tls connection does TLS PRF(pseudorandom function) to produce
securely generated pseudo random output that is used to generate keys
** Changed in: openvpn (Ubuntu Bionic)
Status: Incomplete => New
** Changed in: openvpn (Ubuntu Xenial)
Status: Incomplete => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
T
build log:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/15137237
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1782031
Title:
[SRU][xenial] Enable SCE option and systemd probe in li
Testcases: The testcases included with the libopenscap8 source are
disabled. It appears they do not all compile or run correctly, thus
disabled. To test this I did the following:
1. oscap --v
Shows that SCE plugin has been enabled and also that the 2 systemd probes have
been enabled.
(See attachme
** Attachment added: "debdiff.xenial"
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1782031/+attachment/5167767/+files/debdiff.xenial
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1782031
*** This bug is a duplicate of bug 1782031 ***
https://bugs.launchpad.net/bugs/1782031
** This bug has been marked a duplicate of bug 1782031
[SRU][xenial] Enable SCE option and systemd probe in libopenscap8
--
You received this bug notification because you are a member of Ubuntu
Bugs, wh
*** This bug is a duplicate of bug 1782031 ***
https://bugs.launchpad.net/bugs/1782031
** This bug has been marked a duplicate of bug 1782031
[SRU][xenial] Enable SCE option and systemd probe in libopenscap8
--
You received this bug notification because you are a member of Ubuntu
Bugs, wh
libopenscap8 in bionic contains the changes requested in this SRU for
xenial. Thus bionic and cosmic do not require this change since already
done.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1782031
Public bug reported:
[Impact]
Canonical security certification team is automating Ubuntu specific
security hardening guides using Security Content Automation Protcol
(SCAP). SCAP requires Open Vulnerability and Assessment Language (xccdf
and xml) to implement SCAP content.
The openSCAP implement
This bug is to enable 2 options available in the libopenscap8 source. Both of
these options have been enabled in artful, bionic and cosmic. Both options have
also been enabled in Debian via the following Debian bugreports,
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853995
https://bug
I tested this on 1.0.2g-1ubuntu4.3 using the openssl_fips_test.c that
was attached. And all worked as expected and I received the expected
error message. Thus verifying this issue has been resolved in 1.0.2g-
1ubuntu4.3,
--
You received this bug notification because you are a member of Ubuntu
Bug
I tested version 1.0.2g-1ubuntu4.3 with the death.c program from the
upstream openssl bug ticket 4559 and confirmed this problem is now
resolved.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1594748
** Attachment removed: "debdiff of version 3.3 and 3.4~joyppa2"
https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/4966026/+files/debdiff.out
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.l
** Attachment added: "debdiff.artful"
https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/5006620/+files/debdiff.artful
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/17223
** Attachment added: "debdiff.zesty"
https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/5006619/+files/debdiff.zesty
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1722313
** Attachment added: "debdiff.xenial"
https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/5006617/+files/debdiff.xenial
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/17223
Build logs and test runs can be found in PPA at,
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+packages
Please note, the versioning of the packages are incorrect in PPA, my
apologies. I did them correctly in the debdiff for each release that I
have attached.
Comment #3 just contains the
** Changed in: util-linux (Ubuntu)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1722313
Title:
[SRU][xenial] Enable auditing in util-linux.
To manage notification
** Attachment added: "debdiff.bionic"
https://bugs.launchpad.net/debian/+source/util-linux/+bug/1722313/+attachment/5006681/+files/debdiff.bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/17223
I have also submitted a patch against recent debian version of this
package to Debian. Just in case, I also noted in the debian bug thread
the following:
- util-linux package is Priority: required and the libaudit1 package is
Priority: optional.
Possibly this is no longer a problem in reference t
1 - 100 of 210 matches
Mail list logo
