e the upstream patch I attached above
but otherwise, those who care can always setup the root.hints
themselves.
Regards,
Simon
1: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818292 (proposing a patch)
2: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818291
--
You received this bug notific
Under systemd, if the ListenAddress is on an interface that is manually
brought up, the ifup script doesn't help. In that situation, the invoke-
rc.d reload/restart fails because the initial startup of sshd wasn't
successful.
--
You received this bug notification because you are a member of Ubunt
This also concerns the Ubuntu Cloud Archive (Kilo version)
** Also affects: cloud-archive
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to neutron-lbaas in Ubuntu.
https://bugs.launchpad.net/b
e the upstream patch I attached above
but otherwise, those who care can always setup the root.hints
themselves.
Regards,
Simon
1: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818292 (proposing a patch)
2: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818291
** Bug watch added: Debian Bug tr
Public bug reported:
libvirt is supposed to be able to create ZFS pool but I'm unable make
use of it:
1) Create some free space to be used as the backing device
lvcreate -n libvirt-pool -L 8G vg0
2) Import a pool definition
virsh pool-define-as --type zfs --name zfspool --source-name libvirt-po
I believe the seccomp whitelist is provided by qemu itself, not libvirt.
** Also affects: qemu (Ubuntu)
Importance: Undecided
Status: New
** Changed in: libvirt (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Server Team,
Public bug reported:
Steps to reproduce:
1) set "seccomp_sandbox = 1" in /etc/libvirt/qemu.conf
2) restart libvirt-bin
3) create a guest using the attached .xml file
4) start the guest
Current behavior: the guest will remain in the "paused" state and fail
to start because of this:
audit: type=1
Any chance to get this backported to the Ubuntu Cloud Archive (Kilo
version) for trusty?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to neutron-lbaas in Ubuntu.
https://bugs.launchpad.net/bugs/1460228
Title:
neutron-lbaas-agent pack
On 2016-03-12 01:49 PM, Nish Aravamudan wrote:
> On 12.03.2016 [14:53:00 -], Simon Déziel wrote:
>> @nacc, your test build works really well, thanks for providing it.
>
> Thank you for testing so quickly!
I was keeping an eye on Unbound because this new version will allow
@nacc, your test build works really well, thanks for providing it.
Before this officially lands in Xenial, I believe it would be a good
idea to include the new L-root IPv6 address [1] that is already
operational.
This change is in upstream's SVN but not yet in Debian. March 23rd being
really clos
@nacc, if you have a test build available let me know.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to unbound in Ubuntu.
https://bugs.launchpad.net/bugs/1556308
Title:
Please merge unbound 1.58-1 from Debian unstable
To manage noti
Thank you Colin for 7.2p1-1, I really appreciate it!
** Changed in: openssh (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1553378
Title:
Trusty and later have the correct wording so marking as fix released.
** Changed in: openssh (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.ne
Public bug reported:
Since I moved from Trusty to Xenial, my sftp backup script stopped
working. After a bit of investigation it seems to be exactly
https://bugzilla.mindrot.org/show_bug.cgi?id=2528. Fortunately it was
fixed in OpenSSH 7.2.
I know 7.2 is pretty recent and not yet in Debian but I
plugin-farp may need
> apparmor config change
> Date: Thu, 28 Jan 2016 20:26:48 +
> From: Steven Bishop
> To: Bug 1514794 <1514...@bugs.launchpad.net>
>
>
> Hi Simon,
>
>
> Thanks for your email.
>
> Had a quick look back at the details.
>
Ruslan, upstream mentions that lowering the amount of socket used for
RADIUS a possible workaround:
https://wiki.strongswan.org/issues/757#note-7
Also, you might want to give a try to Ubuntu Xenial that ships
Strongswan 5.3.5 which has the fix included.
--
You received this bug notification beca
The crash signature looks a lot like this one:
https://wiki.strongswan.org/issues/757
** Changed in: strongswan (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to strongswan in Ubuntu.
https
u fully control the 2 sides of the connections (with
your load tester setup).
This means that those access to /dev/tty are quite probably not the
result of an attack of some kind. They are more likely the result of
normal operations carried by charon. As such, I feel the proper fix
would be to up
On 2016-02-25 10:50 AM, ruslan_ka wrote:
> The server serves only incoming VPN requests, it is for mobile road-
> warriors. And the error does not occur right after starting a
> strongswan or bringing tunnels up. So it makes no sense to run it with
> auto=add or not.
I somehow assumed it was an i
If you re-enable the Apparmor profile and set your connection to not
auto start (use "auto=add") when do you get the access denial on
/dev/tty? Is it after restarting the strongswan service or when you call
"ipsec up $conn"?
Lastly, would you mind providing an obfuscated version of your
ipsec.secr
@caramba696, smartcard should be improved in Xenial so you might want to
re-test.
The Apparmor profile allows charon to access /run/pcscd/pcscd.comm and
also include other rules related to smartcards.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is
@ruslan_ka, after disabling the Apparmor profiles, did you receive a
prompt for a user/password or something when starting Strongswan?
** Changed in: strongswan (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Server Team, which i
With a recent kernel, libvirt can manage the MAC table [*] of the bridge
so maybe this is something that can be done by LXC/LXD as well?
*: see the "bridge" section of
https://libvirt.org/formatnetwork.html#elementsConnect
--
You received this bug notification because you are a member of Ubuntu
Fixed upstream by 1.5.0. Marking as fix released now that Xenial has
1.5.7.
** Changed in: unbound (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to unbound in Ubuntu.
https://bugs.la
Fixed confirmed with version 9.10.3.dfsg.P2-3ubuntu3. Thanks for the
quick turnaround.
** Changed in: bind9 (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://
Public bug reported:
In Xenial -proposed, bind9-host 9.10.3.dfsg.P2-3~ubuntu1 depends on
bind9. It wasn't the case with version 9.9.5.dfsg-12.1ubuntu1 and I
believe the old behavior is better.
Here is the apt history.log:
Start-Date: 2016-02-17 16:08:47
Commandline: apt-get --assume-yes dist-u
Public bug reported:
With libvirt-bin 1.3.1, starting a QEMU guest results in those AA
denials:
Feb 17 12:06:23 simon-laptop kernel: [15734.513696] audit: type=1400
audit(1455728783.639:73): apparmor="DENIED" operation="open"
profile="/usr/lib/libvirt/virt-aa-helper&
On 2016-02-16 09:46 AM, mrq1 wrote:
> it looks like strongswan is faking a nat situation if the kernel-libipsec
> is used
This is by design as kernel-libipsec requires ESPinUDP.
As Tobias (Strongswan upstream) said, it's best to not have this on by
default.
> btw: did you get this audit entries
On 2016-02-14 09:00 AM, Simon Deziel wrote:
> On 2016-02-13 10:03 PM, Ryan Harper wrote:
>> On Sat, Feb 13, 2016 at 7:51 PM, Simon Déziel <1535...@bugs.launchpad.net>
>>> libipsec support is very cool (thanks for enabling it!) as it should
>>> allow running a IPsec
There have been various upstream ipv6 related fixes in the debian/ubuntu
changelogs,, imported from upstream and otherwise.
Is this bug still present in debian stretch and ubuntu xenial with newer autofs
packages ? I'd suggest testing ubuntu-xenial in particular as the next LTS
release (underp
On 2016-02-13 10:03 PM, Ryan Harper wrote:
> On Sat, Feb 13, 2016 at 7:51 PM, Simon Déziel <1535...@bugs.launchpad.net>
> wrote:
>
>> On 2016-02-13 05:09 PM, Ryan Harper wrote:
>>> On Sat, Feb 13, 2016 at 12:27 PM, mrq1 wrote:
>>>
>>>> gre
gs.debian.org/cgi-bin/bugreport.cgi?bug=803787
The reporter was looking for NTRU (enabled in your PPA build IIRC) and
BLISS. That said, I'm sure the reporter would welcome having another
AEAD cipher available because they are well regarded [3] in terms of
security.
Thanks,
Simon
1: https://wiki.str
On 2016-02-13 12:39 PM, Ryan Harper wrote:
> The extra-plugins package need some more privs for the charon binary
> in the apparmor profile.
Ryan, please take a look at [1] for refreshed AA profiles that could
address many more LP bugs (all mentioned in debian/changelog). Thanks.
Regards,
** Attachment removed: "Refreshed logcheck rules"
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1535951/+attachment/4558391/+files/strongswan.logcheck
** Attachment added: "Refreshed logcheck rules"
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1535951/+attachment/4
It works, thanks Martin.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1454725
Title:
openvpn no longer called with "--script-security 2"
To manage notifications about this bug go to
Thanks for the feedback Nicolas.
This is likely going to bite many users upgrading. It's fairly common to
push DNS resolvers from the VPN server. For those to be usable on the
client side, "script-security 2" is needed otherwise the up/down script
update-resolv-conf won't be called.
Since Ubuntu
** Changed in: openvpn (Ubuntu)
Status: Incomplete => Confirmed
** Summary changed:
- openvpn does not use OPTARGS from /etc/default/openvpn
+ openvpn no longer called with "--script-security 2"
--
You received this bug notification because you are a member of Ubuntu
Server Team, which i
I just check on 14.04 and 16.04 and the init script automatically adds
"--script-security 2" unless the VPN config contains a script-security
directive.
Problem is that since the switch to systemd, the init script is no
longer used and the daemon is used like this:
$ systemctl cat openvpn@.serv
Thanks Martin. I didn't know we could use fix released until the
official release was made.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1511524
Title:
OpenVPN PAM authentication bro
The man page says :
--plugin module-pathname [init-string]
Load plug-in module from the file module-pathname, passing init-string
as an argument to
the module initialization function.
So given the proper path it should work.
On Trusty, the following works well:
plugin /usr/li
This was fixed in Debian in openvpn 2.3.10-1. This has already made it
into Xenial 16.04.
** Bug watch added: Debian Bug tracker #795313
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795313
** Also affects: openvpn (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795313
I
Nicolas, the journal log shows that the VPN server hostname was not
resolvable and eventually when it finally connected, it failed after
calling a --up script. Could you provide this --up script and maybe the
sanitized configuration of your VPN client?
** Changed in: openvpn (Ubuntu)
Status
The easy-rsa component now ship as a separated package in Trusty. The
released version contains the fix.
** Changed in: openvpn (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openv
@Sinix, your modification to the init script are probably at fault since
they are not doing proper checking/error handling and the script is
configured to abort on the first error (!/bin/sh -e).
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscri
** Changed in: openvpn (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/1165841
Title:
package openvpn 2.2.1-8ubuntu1.1 failed to install/
You have installed some third party startup/init script named "fruhod"
that is broken. You will need to correct or remove it.
** Changed in: openvpn (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to
** Attachment removed: "Refreshed logcheck rules"
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1535951/+attachment/4558011/+files/strongswan.logcheck
** Attachment added: "Refreshed logcheck rules"
https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/1535951/+attachment/4
The attached logcheck rules should cover all the normal logs generated
by Strongswan using the stock default config. If Debian integrates this
ruleset, bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787156
could be closed.
** Bug watch added: Debian Bug tracker #787156
http://bugs.debian
The "ngx-conf" command was added to 1.9.1-1. Marking as fix released
since Wily shipped with 1.9.3-1ubuntu1.
** Changed in: nginx (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in
Works well, thank you!
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1534340
Title:
openssh server 6.6 does n
@Steven, is this still an issue? The diff you showed includes "# network
all," but this is not in the released version of charon's profile. Maybe
you had a locally modified profile when you ran into the issue?
Since the charon's profile in Trusty allows all networking, I don't
think that adding "n
With Strongswan 5.1.2-0ubuntu8 on Ubuntu Xenial, things have improved
slightly. systemd will notice if one runs "ipsec stop". Previously,
upstart was unable to figure it out and would re-spawn the service.
One problem remains with systemd: If you "ipsec start" while the systemd
service is not runn
Somehow, this problem was caused by my override.conf file:
[Service]
# change status update interval from 10 to 600 seconds
ExecStart=
ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status
600 --cd /etc/openvpn --config /etc/openvpn/%i.conf --writepid
/run/openvpn/%i.p
No matter if I Ctrl-C or not, the start job always times out after 90
seconds killing the VPN connection.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/1536568
Title:
please merge
This upgrade caused a regression. When manually starting a VPN with
"systemctl start openvpn@foo", the VPN foo connects fine but the call to
systemctl never returns. I need to Ctrl-C it to get back at the console.
This was working well with 2.3.8-1ubuntu1.
--
You received this bug notification b
*** This bug is a duplicate of bug 1535951 ***
https://bugs.launchpad.net/bugs/1535951
Marking this bug as a duplicate of LP: #1535951 since Strongswan 5.3.5
should land in Xenial thus addressing the issues mentioned here.
** This bug has been marked a duplicate of bug 1535951
Please merge
@Joe, as mentioned by Robie, the ESP packets are generated by your
kernel using the key information provided and negociated by Strongswan.
There can be many reasons for the remote node to not reply to your ESP
packets. Most of the time, IPsec issues boil down to configuration/setup
problems.
Assum
Natty has long been out of support. Derek, are you still seeing this
crash?
** Changed in: strongswan (Ubuntu)
Status: Triaged => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to strongswan in Ubuntu.
https://bugs.laun
This is upstream bug https://wiki.strongswan.org/issues/453 which was
fixed with the 5.2.2 release.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to strongswan in Ubuntu.
https://bugs.launchpad.net/bugs/1448870
Title:
Certificate poli
Public bug reported:
With QEMU 2.5, I noticed this error when starting a VM:
apparmor="DENIED" operation="open" profile="libvirt-a856b198-b559-44c2
-af9d-9a6205993213" name="/sys/module/vhost/parameters/max_mem_regions"
pid=13646 comm="qemu-system-x86" requested_mask="r" denied_mask="r"
fsuid=114
** Patch added: "qemu-kvm-init-fix-comparison.patch"
https://bugs.launchpad.net/bugs/1531191/+attachment/4544985/+files/qemu-kvm-init-fix-comparison.patch
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to qemu in Ubuntu.
https://bugs.
on't see any.
Regards,
Simon
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to qemu in Ubuntu.
https://bugs.launchpad.net/bugs/1531191
Title:
qemu-kvm-init script called with undefined $KVM_HUGEPAGES
To manage notifications about t
If at all possible, aiming for 1.5.7 into Xenial would be very
appreciated. This version comes with qname minimisation support which is
a good thing for privacy and performance.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to unbound in
It turned out that I was missing "askpass" in my VPN config. This was
not required before but now is.
With this new option in place, things work well and the password prompt
is broadcast to all the consoles thanks to systemd-ask-password-wall.
Since I don't wanted the "wall" like behaviour, I cha
Public bug reported:
$ grep qemu-kvm /var/log/syslog
Jan 5 10:23:24 simon-laptop qemu-kvm[497]: * Configuring kvm qemu-kvm
Jan 5 10:23:24 simon-laptop qemu-kvm[497]: /usr/share/qemu/init/qemu-kvm-init:
82: [: Illegal number:
Jan 5 10:23:24 simon-laptop qemu-kvm[497]: ...done.
Line 82 of /usr
Adding the following to the [Unit] section of dnsmasq.service fixes the
problem:
After=network-online.target
Wants=network-online.target
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dnsmasq in Ubuntu.
https://bugs.launchpad.net/bu
Public bug reported:
My dnsmasq instance uses "interface=br-vz0" and the interface br-vz0 is
managed manually in /etc/network/interfaces.
During boot, dnsmasq is started before br-vz0 is created and this causes
dnsmasq to exit:
Jan 5 08:56:16 simon-laptop dnsmasq[1008]: dnsmas
Public bug reported:
My VPN configuration references a RSA private key that is password
locked. When I manually start the VPN connection, the systemd wrapper
doesn't properly prompt for the password:
$ sudo systemctl start openvpn@cameleon
Broadcast message from root@simon-laptop (Sun 20
is the any update on this fix?
i can monitor simfs in 12.04 perfectly fine, but not in 14.04 :(
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-snmp in Ubuntu.
https://bugs.launchpad.net/bugs/1403730
Title:
Add support for OpenV
Sounds good to me.
On Sun, Dec 20, 2015 at 7:05 AM Hans Joachim Desserud <
1523...@bugs.launchpad.net> wrote:
> >I was actually referring to boto version 3 in addition to Python
> version 3.
>
> Oh, I wasn't aware of that.
>
> >Regardless, I have learned that it has recently been added to Debian
>
I was actually referring to boto version 3 in addition to Python version 3.
Regardless, I have learned that it has recently been added to Debian
unstable
https://packages.debian.org/sid/main/python3-boto3
On Sunday, December 20, 2015, Hans Joachim Desserud <
1523...@bugs.launchpad.net> wrote:
>
Public bug reported:
Steps to reproduce:
1) Set "seccomp_sandbox = 1" in /etc/libvirt/qemu.conf
2) stop libvirt-bin; start libvirt-bin
3) Define a VM using SDL graphic. Example XML extract:
4) xhost +SI:localgroup:kvm
5) Start the VM
Expected behavior: should display a usab
volker, it's in 4.3.0-4.13:
http://changelogs.ubuntu.com/changelogs/pool/main/l/linux/linux_4.3.0-4.13/changelog
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to strongswan in Ubuntu.
https://bugs.launchpad.net/bugs/1523133
Title:
str
Public bug reported:
URL: https://github.com/boto/boto3
License: Apache
Notes: boto3 is now stable and the recommended boto major version.
Would it be possible to have python-boto3 and python3-boto3 packages?
** Affects: python-boto (Ubuntu)
Importance: Undecided
Status: New
--
Y
The problem is with the kernel itself and a fix was committed upstream:
https://www.spinics.net/lists/stable/msg110748.html
** Changed in: strongswan (Ubuntu)
Status: New => Invalid
** Also affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu)
Marking as verified on Trusty since I was able to do more testing.
** Tags added: verification-done-trusty
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1273462
Title:
Users can mist
I've been using the -proposed package on 15 Trusty machines since it was
published. Again, I never was able to reproduce the original problem but
I saw no regression either.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report
Eric, I've been running the proposed version on many systems and haven't
found any regression. Do you think this would be ready to move on to
-updates now?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.lau
Hi Richard, were you able to test the proposed package? Thanks
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to seabios in Ubuntu.
https://bugs.launchpad.net/bugs/1404396
Title:
[regression] vgabios -> seabios breaks (my) 16-bit appli
I couldn't find any regression in my testing but since it wasn't that
extensive, I'm not marking it a verified just yet.
I really like the behavior improvement. Now, a regular user has a convenient
way to check service statuses:
/etc/init.d/acpid status
Instead of the obtuse old way:
env -
Sorry folks, but as part of the bug clean up ahead of 16.04 LTS I'm
marking this as invalid because it affects an Ubuntu release which is
now unsupported. If you can still recreate this bug in a supported
release please do open a new bug and we can triage it for consideration
in the 16.04 LTS devel
ere.
>
> For upstream report, Simon (the upstream dnsmasq developer and Debian
> maintainer) already answered here, Simon would you like me to file a
> debian bug as well? It's easy to work around this issue, so we can even
> close it with won't fix if you prefer.
>
&g
ossible to override things in /etc/default/dnsmasq.
A better solution might be to extend the IGNORE_RESOLVCONF setting in
/etc/default/dnsmasq so that it inhibits adding 127.0.0.1 to resolvconf,
as well as stopping dnsmasq from using the resolvconf output as upstream.
Simon.
On 30/09/15 07
something like
dnsmasq: failed to create listening socket for 192.168.151.1
So I'm confused how you're getting the message with an IP address, but
for the 0.0.0.0 wildcard address.
Cheers,
Simon
On 02/10/15 17:24, Karl-Philipp Richter wrote:
> Public bug reported:
>
> The e
Public bug reported:
Some older versions of OpenSSH had a patch allowing the daemon to change
Apparmor hats to apply different containment profiles to different code
paths (AUTHENTICATED, EXEC, PRIVSEP, etc).
This feature would need to be ported to recent OpenSSH versions and sent
upstream for in
Affects me too after upgrading to 15.04.
When installing the packages, apt-get dist-upgrade terminated with an error
processing mysql-server.
I repeatead dist-upgrade, it installed mysql-server and another sql-related
package I don't remember flawlessly.
The 'report this' window popped up when lo
Eric, I don't know if that's a good test case but on my patched Trusty
box:
root@xeon:~# uname -a
Linux xeon 3.13.0-63-generic #103-Ubuntu SMP Fri Aug 14 21:42:59 UTC 2015
x86_64 x86_64 x86_64 GNU/Linux
root@xeon:~# sysctl net.core.wmem_max=4650
net.core.wmem_max = 4700
root@xeon:~# sys
Err, I meant I couldn't reproduce the issue with and without the patch.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1481388
Title:
NTP : Use-after-free in routing socket code after
I tried to reproduce the problem by lowering {r,w}mem_max on Precise and
Trusty's *unpatched* version to no avail. On the up side, I couldn't
find any regression with the update version.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to t
Indeed, the gemrc way is much cleaner. Thanks
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ruby1.9.1 in Ubuntu.
https://bugs.launchpad.net/bugs/1467716
Title:
"gem install" fetches packages from unencrypted HTTP URL
To manage not
The version in trusty-proposed works fine, thanks a lot!
** Tags removed: verification-needed
** Tags added: verification-done
** Tags removed: verification-done
** Tags added: verification-done-trusty
--
You received this bug notification because you are a member of Ubuntu
Server Team, which i
Thomas, would you consider a SRU to Trusty now? If yes, I could work on
providing a debdiff if you'd like. Thanks in advance
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nginx in Ubuntu.
https://bugs.launchpad.net/bugs/1315426
Title
With new kernels coming to Trusty with new point releases, the drbd-
utils (8.9.X) should be SRU'ed to Trusty, IMHO. Thanks in advance
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to drbd8 in Ubuntu.
https://bugs.launchpad.net/bugs/1375
OpenVPN 2.3.7 made it into Wily
** Changed in: openvpn (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/1385851
Title:
OpenVPN only
Piotr, Xen 4.4.2 made it into trusty-proposed
(https://bugs.launchpad.net/bugs/147) so maybe you'd like to give it
a try?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to xen in Ubuntu.
https://bugs.launchpad.net/bugs/1484682
Title:
Seems like there was some confusion here. CVE-2013-7106 affected Icinga
only but CVE-2013-7108 affects both Icinga and Nagios3.
CVE-2013-7108 is still unpatched for Nagios3
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-7106
** Also affects: nagios3 (Ubuntu)
Importance:
** Also affects: nagios3 (Ubuntu)
Importance: Undecided
Status: New
** No longer affects: nagios3 (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nagios3 in Ubuntu.
https://bugs.launchpad.net/bugs/1279825
Title:
C
Thomas, now that the fix made it to Wily, would there be any chance to
get this to Trusty via an SRU? Thanks in advance
** Changed in: nginx (Ubuntu Wily)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscri
This was fixed upstream according to the changelog.
http://www.openssh.com/txt/release-6.9:
* ssh(1), sshd(8): cap DH-GEX group size at 4Kbits for Cisco
implementations as some would fail when attempting to use group
sizes >4K; bz#2209
HTH,
Simon
** Bug watch added: OpenSSH Porta
The Trusty proposed version (1.4.22-1ubuntu4.14.04.2) works well,
thanks!
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/
1 - 100 of 497 matches
Mail list logo
