** Branch linked: lp:~kees/openssh/report-publickey
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/501956
Title:
OpenSSH does not log failed attempts when key authentication is used
** Description changed:
Binary package hint: php5
Code that worked great on another server causes segfaults on a freshly
installed Gutsy 64-bit server
ProblemType: Crash
Architecture: amd64
Date: Tue Dec 18 18:08:58 2007
DistroRelease: Ubuntu 7.10
ExecutablePath: /usr/bin/php
** Description changed:
Binary package hint: openvpn
I was booting up my ubuntu 10.04 system.
ProblemType: Crash
DistroRelease: Ubuntu 10.04
Package: openvpn 2.1.0-1ubuntu1
ProcVersionSignature: Ubuntu 2.6.32-17.26-generic 2.6.32.10+drm33.1
Uname: Linux 2.6.32-17-generic x86_64
** Changed in: rng-tools (Ubuntu)
Assignee: (unassigned) => Kees Cook (kees)
--
rngd doesn't start automatically
https://bugs.launchpad.net/bugs/544545
You received this bug notification because you are a member of Ubuntu
Server Team, which is a direct subscriber.
--
Ubuntu-ser
** Changed in: rng-tools (Ubuntu)
Status: Confirmed => Triaged
--
rngd doesn't start automatically
https://bugs.launchpad.net/bugs/544545
You received this bug notification because you are a member of Ubuntu
Server Team, which is a direct subscriber.
--
Ubuntu-server-bugs mailing list
Ub
Public bug reported:
mysql is starting before apparmor, so it must load the apparmor profile
on its own. On a fresh Lucid install with mysql, aa-status will report:
1 processes are unconfined but have a profile defined.
/usr/sbin/mysqld (1346)
** Affects: mysql-dfsg-5.1 (Ubuntu)
Importa
The following should fix it...
** Patch added: "mysql-dfsg-5.1_5.1.41-3ubuntu12.1.debdiff"
http://launchpadlibrarian.net/47035494/mysql-dfsg-5.1_5.1.41-3ubuntu12.1.debdiff
--
upstart script does not load AppArmor profile
https://bugs.launchpad.net/bugs/573206
You received this bug notificati
** Package changed: apparmor (Ubuntu Lucid) => php5 (Ubuntu Lucid)
** Changed in: php5 (Ubuntu Lucid)
Status: New => Confirmed
** Changed in: php5 (Ubuntu Lucid)
Importance: Undecided => Medium
** Changed in: php5 (Ubuntu Maverick)
Status: New => Confirmed
** Changed in: php5 (
I can confirm that the sess_* files have moved back to /var/lib/php5.
Thanks!
--
[SRU] php5 session.save_path moved to /tmp
https://bugs.launchpad.net/bugs/573222
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
Ubuntu-
Hi! Thanks for the report. It looks like this wasn't triaged correctly
when we first looked at it. We'll get this fixed and published. Thanks
for the patches and for testing it.
** Also affects: net-snmp (Ubuntu Karmic)
Importance: Undecided
Status: New
** Also affects: net-snmp (U
Ah-ha, I see the problem now. This vulnerability was introduced after
all the versions of net-snmp that were in the archive at the time the
CVE was published. At some point Debian packaged the 5.4.x series from
a point that did not include the fix, which is why only Lucid and later
have the probl
** Changed in: net-snmp (Ubuntu Lucid)
Status: Fix Committed => Fix Released
--
CVE-2008-6123: not fixed in latest security releases
https://bugs.launchpad.net/bugs/331410
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-snmp in
https://lists.ubuntu.com/archives/ubuntu-security-
announce/2010-June/001098.html
--
CVE-2008-6123: not fixed in latest security releases
https://bugs.launchpad.net/bugs/331410
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to net-snmp in ub
** Changed in: apparmor (Ubuntu)
Importance: Undecided => Medium
** Changed in: mysql-dfsg-5.1 (Ubuntu)
Importance: Undecided => Medium
** Changed in: apparmor (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
mysql configuration should be adjusted to help prevent aga
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
chkutmp assert failure: *** stack smashing detected ***: ./chkutmp terminated
https://bugs.launchpad.net/bugs/623144
You received this bug notification because you are a member of Ubuntu
Server Team,
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel
module failed to build
https://bugs.launchpad.net/bugs/625214
You received this bug notification because you are a mem
Public bug reported:
When I reboot my router, ssh does not start.
Feb 15 22:51:32 router init: ssh main process (897) terminated with status 255
Feb 15 22:51:32 router init: ssh main process ended, respawning
Feb 15 22:51:32 router init: ssh main process (915) terminated with status 255
Feb 15 22
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
https://bugs.launchpad.net/bugs/719833
Title:
ssh upstart job fails to actually bring up ssh
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
The backtrace shows that this is from the pgsql PAM module. A quick
check of the code shows that it is assuming that h_addr is always an
IPv4 when it may not be, resulting in a potential overflow of the buffer
it creates to hold an IP address.
** Package changed: openssh (Ubuntu) => pam-pgsql (Ubu
** Changed in: postfix (Ubuntu)
Status: New => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to postfix in ubuntu.
https://bugs.launchpad.net/bugs/723312
Title:
package postfix 2.8.0-1~build1 failed to install/upg
I have no wireless on my system, and I just saw this in a VM I started.
** Changed in: linux (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to qemu-kvm in ubuntu.
https://bugs.launchpad.net/bugs/6
ted
** Changed in: ntp (Ubuntu)
Assignee: (unassigned) => Kees Cook (kees)
** Changed in: ntp (Ubuntu)
Importance: Low => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in ubuntu.
https://bugs.launchpad.net/bu
Public bug reported:
Binary package hint: autofs5
When autofs starts, the network may not be up yet. "started net-device-
up IFACE!=lo" does not handle multi-homed machines, bridging, etc.
autofs needs to wait until all configured networking has finished coming
up before starting.
ProblemType: B
** Tags added: regression-release
** Also affects: autofs5 (Ubuntu Natty)
Importance: Undecided
Status: New
** Changed in: autofs5 (Ubuntu Natty)
Assignee: (unassigned) => Canonical Server Team (canonical-server)
** Changed in: autofs5 (Ubuntu Natty)
Milestone: None => ubuntu-
This appears to be a behavioral change to the shutdown(2) function. The
socket gets only partially shut down. It's like "close()" was called
instead of "shutdown()" which is supposed to kill the socket everywhere.
** Summary changed:
- amavis force-reload crashes amavis
+ shutdown(2) behavior cha
model name : Intel(R) Core(TM)2 Quad CPUQ6600 @ 2.40GHz
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to qemu-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/694029
Title:
[natty] kvm guests become unstable after a while
--
** Changed in: openvpn (Ubuntu)
Assignee: iamn fouda (eman-abu-fouda) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openvpn in Ubuntu.
https://bugs.launchpad.net/bugs/230197
Title:
network-manage
Public bug reported:
cyrus-sasl2-heimdal 2.1.23.dfsg1-5.1ubuntu1 is uninstallable with cyrus-
sasl2 2.1.23.dfsg1-5ubuntu3, and ftbfs due to heimdal changes, from what
I can see. I suspect the only way forward on this is to get cyrus-sasl2
2.1.23.dfsg1-6 (or, likely, newer) into natty which merges
** Changed in: exim4 (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in Ubuntu.
https://bugs.launchpad.net/bugs/779391
Title:
CVE-2011-1764: format string vulnerability
--
Ubuntu-server-
Just as a note, due to Ubuntu's default compiler flags[1], this
vulnerability is "only" a denial-of-service and does not seem to result
in arbitrary code execution.
[1] https://wiki.ubuntu.com/CompilerFlags
--
You received this bug notification because you are a member of Ubuntu
Server Team, whi
AAaargh. Who reimplements sprintf!? I am working on hardy and dapper
now. Will have this uploaded shortly. Thanks for double-checking and
getting the Lucid and Oneiric patches ready!
At least full ASLR (PIE[1]) is in place in Lucid and later, so
exploiting this is difficult, but not impossible.
[
ortance: Undecided => Medium
** Changed in: exim4 (Ubuntu Oneiric)
Importance: Undecided => Medium
** Changed in: exim4 (Ubuntu Lucid)
Assignee: (unassigned) => Kees Cook (kees)
** Changed in: exim4 (Ubuntu Maverick)
Assignee: (unassigned) => Kees Cook (kees)
** C
This looks like a regular bug to me. I don't think Perl will deal with
the %n in an unsafe way.
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.
If filesystem paths have been relocated, please use
/etc/apparmor.d/tunables/alias to handle replacements.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in Ubuntu.
https://bugs.launchpad.net/bugs/810270
Title:
AppArmor profil
Public bug reported:
vsftpd has only a partially hardened build. Debian fixed this, and the
solution is trivial.
** Affects: vsftpd (Ubuntu)
Importance: Undecided
Status: New
** Affects: vsftpd (Ubuntu Precise)
Importance: Undecided
Status: New
** Tags: patch
** Al
** Patch added: "vsftpd_2.3.5-1ubuntu2.debdiff"
https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/966707/+attachment/2951684/+files/vsftpd_2.3.5-1ubuntu2.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to vsftpd in Ubuntu.
** Changed in: vsftpd (Ubuntu Precise)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to vsftpd in Ubuntu.
https://bugs.launchpad.net/bugs/966707
Title:
not built with all hardening features
To manag
ty)
Importance: Undecided
Assignee: Kees Cook (kees)
Status: New
** Also affects: openssh (Ubuntu Trusty)
Importance: Undecided
Status: New
** Changed in: openssh (Ubuntu)
Status: New => Fix Released
** Changed in: openssh (Ubuntu Trusty)
Assignee
** Patch added: "openssh_6.6p1-2ubuntu2.5.debdiff"
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1534340/+attachment/4550125/+files/openssh_6.6p1-2ubuntu2.5.debdiff
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in
** Changed in: openssh (Ubuntu Trusty)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1534340
Title:
openssh server 6.6 does not report max auth fa
This is needed for trusty too, it seems.
** Also affects: squid3 (Ubuntu Trusty)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1416039
Title
Today I learned that Apache raises its rlimit for open files to 8192 by
default. This is controlled by APACHE_ULIMIT_MAX_FILES.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libfcgi in Ubuntu.
https://bugs.launchpad.net/bugs/1418778
Public bug reported:
type=1400 audit(1403024365.999:20455): apparmor="DENIED" operation="link" prof
ile="/usr/sbin/named" name="/var/lib/bind/db-GFtoRz38" pid=32341 comm="named"
requested_mask="l" denied_mask="l" fsuid=105 ouid=105
target="/var/lib/bind/db.MYDOMAIN"
Seems to break slaved domain updates. (i.e. my server is secondary for a
master server, and when they make changes the AXFR seems to throw this
into the kernel logs.)
Since the /var/cache line has "l" already, it seems like just a simple
fix; I didn't investigate the true origin.
--
You received
I can confirm that the firefox CVE-2009-3555 warnings go away once these
packages are installed on Lucid. Additionally, I tested that sasl and
dovecot still work as expected. Awesome. :)
--
CVE-2009-3555 tracking bug
https://bugs.launchpad.net/bugs/616759
You received this bug notification becaus
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Tags added: jaunty
--
package nagios3-common 3.0.6-2ubuntu1.1 failed to install/upgrade: subprocess
post-installation script returned error exit status 1
https://bugs.launchpad.net/bugs/644009
You
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Tags added: karmic
--
package mysql-server-5.0 (not installed) failed to install/upgrade: subprocess
new pre-installation script returned error exit status 1
https://bugs.launchpad.net/bugs/647600
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: php5
It seems that PHP is not correctly using libxml2's xmlwriter routines,
and allows passing in invalid utf-8 strings which are then misparsed by
libxml2, allowing memory contents to leak into the r
** Attachment added: "xmlwriter.php"
https://bugs.edge.launchpad.net/ubuntu/+source/php5/+bug/655442/+attachment/1674325/+files/xmlwriter.php
** Changed in: php5 (Ubuntu)
Status: New => Confirmed
** Changed in: php5 (Ubuntu)
Importance: Undecided => Low
** Summary changed:
- memo
Appears broken all the way back through Hardy. Dapper behaves correctly.
** Bug watch added: bugs.php.net/ #52998
http://bugs.php.net/bug.php?id=52998
** Also affects: php via
http://bugs.php.net/bug.php?id=52998
Importance: Unknown
Status: Unknown
--
memory content leak when us
I've also reported this to libxml2, in case it should be fixed there instead.
https://bugzilla.gnome.org/show_bug.cgi?id=631551
** Bug watch added: GNOME Bug Tracker #631551
https://bugzilla.gnome.org/show_bug.cgi?id=631551
--
memory content leak when using invalid utf-8 with XMLWriter::write
** Package changed: php5 (Ubuntu) => libxml2 (Ubuntu)
** Also affects: libxml2 via
https://bugzilla.gnome.org/show_bug.cgi?id=631551
Importance: Unknown
Status: Unknown
--
memory content leak when using invalid utf-8 with XMLWriter::writeAttribute
https://bugs.launchpad.net/bugs/655
es: #588536
-- Sam Hartman Thu, 05 Aug 2010 12:15:50 -0400
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Kees Cook
iQIcBAEBCgAGBQJM1JULAAoJEIly9N/cbcAmGMsP/RaoAMd60/WBWDkBJJnSjsu2
GgvQkeZPfYtXhV68dAZRMTsVAtQOz2+LC2EvFcY8NO+h
Based on the comments in bug #506985, I think this delta should have
been dropped in maverick (it was only to support pre-lucid upgrades).
After looking at the package diffs, this is the only real difference
between Ubuntu and Debian now, so I think this bug should be changed
from a merge to a sync
** Changed in: php5 (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/611316
Title:
Segmentation fault in php5-sybase
--
Ubuntu-serv
Thanks, this looks good. I'll upload shortly.
** Changed in: xinetd (Ubuntu)
Status: In Progress => Fix Committed
** Changed in: xinetd (Ubuntu)
Assignee: (unassigned) => Scott Moser (smoser)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which
** Changed in: eucalyptus (Ubuntu Maverick)
Status: New => Invalid
** Changed in: openjdk-6 (Ubuntu Maverick)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to eucalyptus in ubuntu.
http
** Changed in: tftp-hpa (Ubuntu)
Status: New => Fix Committed
** Changed in: tftp-hpa (Ubuntu)
Assignee: (unassigned) => Kees Cook (kees)
** Changed in: tftp-hpa (Ubuntu)
Importance: Undecided => Medium
** Changed in: netkit-tftp (Ubuntu)
Status: New => Confir
** Changed in: netkit-tftp (Ubuntu Natty)
Status: Confirmed => Fix Committed
** Changed in: netkit-tftp (Ubuntu Natty)
Assignee: (unassigned) => Kees Cook (kees)
** Changed in: netkit-tftp (Ubuntu Natty)
Importance: Undecided => Medium
--
You received this bug not
Public bug reported:
Binary package hint: clamav
# apt-cache policy clamav-daemon
clamav-daemon:
Installed: 0.96.3+dfsg-2ubuntu1.0.10.04.2
Candidate: 0.96.3+dfsg-2ubuntu1.0.10.04.2
Since the security update of clamav, the daemon takes multiple minutes
to load its virus database, and is causi
I can confirm as well, the long load times are gone and I'm able to scan
incoming email again. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in ubuntu.
https://bugs.launchpad.net/bugs/691414
Title:
clamav taking extr
** Visibility changed to: Public
** Changed in: mysql-5.1 (Ubuntu)
Status: New => Confirmed
** Changed in: mysql-5.1 (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-5.1 in ubunt
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to clamav in ubuntu.
https://bugs.launchpad.net/bugs/706917
Title:
ClamAV misses "SafeBrowsin
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
https://bugs.launchpad.net/bugs/713002
Title:
Impossible to disable IPv
This looks pretty good. Can you change
71_exiq_grep_error_on_messages_without_size.patch to use the upstream
fix (from that report), drop the "From" (this should have been Author:
with Daniel van Eeden) and add an Origin: line, and finally mention the
debian bug # in the changelog? Thanks!
** Ch
This looks good; I'll upload it to -proposed now. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-dfsg-5.1 in ubuntu.
https://bugs.launchpad.net/bugs/576949
Title:
[lucid] LOAD DATA INFILE fails in replication, simple p
This has been uploaded to -proposed. Once it has built, please test and
give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed
for documentation on how to enable and use -proposed. Thank you in
advance!
** Changed in: mysql-dfsg-5.1 (Ubuntu Lucid)
Status: Confirmed => Fix Co
Thanks! I've uploaded this merge now.
** Changed in: exim4 (Ubuntu)
Status: Incomplete => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to exim4 in ubuntu.
https://bugs.launchpad.net/bugs/713855
Title:
Merge exim
This has been uploaded to -proposed. Once it has built, please test and
give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed
for documentation on how to enable and use -proposed. Thank you in
advance!
** Also affects: munin (Ubuntu Maverick)
Importance: Undecided
Status
** Changed in: libvirt (Ubuntu Natty)
Importance: High => Undecided
** Changed in: libvirt (Ubuntu Natty)
Assignee: Serge Hallyn (serge-hallyn) => (unassigned)
** Changed in: qemu-kvm (Ubuntu Maverick)
Milestone: maverick-updates => None
** Changed in: libvirt (Ubuntu Lucid)
S
Thanks for preparing the debdiffs! It looks like karmic is vulnerable
too, so we'll need that as well. I'll update the debdiffs to use proper
DEP-3 and fix up the formatting of the changelogs a bit ("CVE-" vs "CVE:
"), and get these building.
** Also affects: libvirt (Ubuntu Karmic)
Importance:
** Changed in: qemu-kvm (Ubuntu Maverick)
Assignee: Ubuntu Security Team (ubuntu-security) => Kees Cook (kees)
** Changed in: qemu-kvm (Ubuntu Lucid)
Assignee: Ubuntu Security Team (ubuntu-security) => Kees Cook (kees)
** Changed in: qemu-kvm (Ubuntu Karmic)
Importance: Und
This looks fine to me. +1
** Changed in: ipxe (Ubuntu)
Status: New => In Progress
** Changed in: ipxe (Ubuntu)
Assignee: Kees Cook (kees) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug
Packages with gnulib in their source:
main:
augeas
binfmt-support
eglibc
findutils
gdb
glib2.0
groff
grub2
hello
hello-debhelper
liblouis
libpipeline
libtasn1-3
libvirt
man-db
mlocate
texinfo
universe/multiverse:
amanda
eiskaltdcpp
freedink
genparse
hivex
instantbird
libdc0
libdrizzle
liblouisx
Quick notes:
* should use /run instead of /var/run
* while it's nice to have the sudoers split, the sudoers fragment is wildly
permissive ("chown" as root is trivial to exploit). I would recommend specific
helper scripts that validate the logic of the requested dangerous commands (see
the simi
This is a step in the right direction (regex arg filtering is better
than filename-glob filtering), but I think this probably needs to have
even more logic built in. For example, running "ip ... $interface ..."
might need logic to have the wrapper look up the interface and decide if
it is actually
The problem is that parted treats local files (as used by vmbuilder)
differently from "actual" disk files, and changes the sector size
accordingly (without an option to change it). As a result, the partition
start locations are too small for grub2 to install. I had originally
reproduced this by usi
Hm, I don't agree. I think the problem is in libparted/arch/linux.c
init_file():
dev->bios_geom.sectors = 32;
vs _device_probe_geometry() which defaults to what the LBA reports or:
dev->bios_geom.sectors = 63;
So, when vmbuilder uses parted to build the disk, parted treats the d
Public bug reported:
The final report of SSH key fingerprints does not include ECDSA:
$ ec2-get-console-output --region us-west-2 i-107ee921
...
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is
What's the best way to add a known_hosts entry from these fingerprints?
Maybe the -e option should be used instead of -l ?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cloud-init in Ubuntu.
https://bugs.launchpad.net/bugs/892554
Tit
ted string.
Right, I don't meant to ditch the fingerprint report, but instead, allow
one to skip the ssh-keyscan step, and just pull the .pub file directly out
of the console output. i.e. _add_ it to the console output.
--
Kees Cook
--
You received this bug notification because you are
Note that likewise-open will need to include a file like
/etc/apparmor.d/tunables/home.d/likewise-open
that contains:
@{HOMEDIRS}+=/home/likewise-open/*/
This is being removed from the AppArmor default now that home.d/ exists,
and default installs don't need this path (which is presently causing
The issue is a trade-off between three classes of people, I think:
- People that have systems where root can SSH in (which consists of):
- Those that want to SSH in as root
- Those that are surprised they can SSH in as root
- Those that don't care
http://cheezburger.com/View.aspx?aid=309419
** Attachment added: "Diagram"
http://launchpadlibrarian.net/38195645/129085743814232954.png
** Changed in: openssh (Ubuntu)
Status: Incomplete => Confirmed
--
OpenSSH server sshd_config PermitRootLogin -> NO
https://bugs.launchpad.net/bugs/510732
You received this bug notification be
"authoritative resources"? I'm inferring that you think my use of a
simple diagram tool to help illustrate this bug is somehow
inappropriate? And yes, I know what layered security is. :)
Please understand that the PermitRootLogin config default is not a new
issue. I'm trying to make sure every
Public bug reported:
Logins fail for new users (autodetection is always failing):
Jan 26 21:20:22 sec-lucid-amd64 dovecot: IMAP(tardvrnm): mail_location not set
and autodetection failed: Mail storage autodetection failed with
home=/home/tardvrnm
Jan 26 21:20:22 sec-lucid-amd64 dovecot: IMAP(tar
Ah-ha, yes, it's a tiny helper that has no arrays to protect in any
functions. I've blacklisted that ELF for now.
** Changed in: ntp (Ubuntu)
Status: New => Fix Released
--
/usr/bin/timeadj doesn't appear to have stack protection
https://bugs.launchpad.net/bugs/516862
You received this b
*** This bug is a duplicate of bug 512096 ***
https://bugs.launchpad.net/bugs/512096
** Tags added: karmic
--
package qemu-kvm 0.11.0-0ubuntu6.3 failed to install/upgrade: subprocess
installed pre-removal script returned error exit status 2
https://bugs.launchpad.net/bugs/518774
You receive
** Also affects: mysql-dfsg-5.1 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: mysql-dfsg-5.1 (Ubuntu)
Status: New => Triaged
** Changed in: mysql-cluster-7.0 (Ubuntu)
Status: Triaged => Fix Released
** Changed in: mysql-dfsg-5.1 (Ubuntu)
Assignee: (unassi
** Also affects: mysql-cluster-7.0 (Ubuntu Lucid)
Importance: Critical
Status: Fix Released
** Also affects: mysql-dfsg-5.1 (Ubuntu Lucid)
Importance: Critical
Assignee: Chuck Short (zulcss)
Status: Triaged
--
breaks all builds requiring libmysqlclient-dev
https://bugs.l
This is sensible. If too much detection stuff like this ends up in
update-notifier, I suspect we can just create a new package called "cpu-
checker", which is the bzr tree I've current got the check-bios-nx code
and test suite in.
On another note, I would like to see kvm-ok improved somehow so th
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Package changed: postfix (Ubuntu) => dpkg (Ubuntu)
** Tags added: karmic
** Package changed: dpkg (Ubuntu) => postfix (Ubuntu)
--
package postfix 2.6.5-3 failed to install/upgrade: alamprotsess in
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
** Tags added: karmic
--
package clamav-freshclam 0.95.3+dfsg-1ubuntu0.09.10 failed to install/upgrade:
subprocess installed post-installation script returned error exit status 100
https://bugs.launch
Please see https://help.ubuntu.com/community/KVM/Networking for a
discussion of the issue. (Basically, it is unsafe to ship it this way
as it gives any local user the ability to disrupt networking.)
** Changed in: qemu-kvm (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassig
@Chris Yup, I understand how capabilities work. I'm actively working on
getting fscaps functioning with Debian/Ubuntu packaging (see
https://wiki.ubuntu.com/Security/FilesystemCapabilties). (You seemed to
miss me changing "ep" to "ei" in the wiki -- I've added the old
instructions back and clarif
Public bug reported:
Binary package hint: qemu-kvm
The ARM emulation in qemu does not appear to correctly simulate non-
executable memory for the CPUs that support it (ARMv7, maybe v6, and
above).
** Affects: qemu-kvm (Ubuntu)
Importance: Undecided
Status: New
--
NX memory not si
** Also affects: libnss-ldap (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: libnss-ldap (Ubuntu Intrepid)
Importance: Undecided
Status: New
** Also affects: libnss-ldap (Ubuntu Jaunty)
Importance: Undecided
Status: New
** Also affects: libnss-ldap
+1, sorry I missed this bug for so long.
** Changed in: eucalyptus (Ubuntu Lucid)
Assignee: Dustin Kirkland (kirkland) => (unassigned)
--
Disallowed command //usr/share/eucalyptus/populate_arp.pl
https://bugs.launchpad.net/bugs/461829
You received this bug notification because you are a mem
It would help to understand if the problem is with eglibc, sudo, or
libnss-ldap.
** Package changed: glibc (Ubuntu) => eglibc (Ubuntu)
** Also affects: libnss-ldap (Ubuntu)
Importance: Undecided
Status: New
** Also affects: eglibc (Ubuntu Lucid)
Importance: Undecided
Status:
Public bug reported:
parted uses a fixed sector count of "32" when writing partitions to a
non-block device. (See init_file() via linux_new() in
libparted/arch/linux.c) As a result, the track size of disks created
with vmbuilder is 32 sectors, not the generally expected 63 sectors
(used with LBA
1 - 100 of 284 matches
Mail list logo
