I just read about the backdoor on xz-utils from CVE-2024-3094 (not yet
synced to Launchpad CVE, I can't use the Link to CVE feature) and I
wanted to know more about Ubuntu's status.
Please avoid syncing any vulnerable version.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-3094
Doing this "right" requires kernel patch (attached).
This will work on 2024 model JZR.
A similar version will work on 2023 if you add the right subsystem ids[1] to
the patch.
You can also work around this by creating /etc/modprobe.d/alsa-base.conf
and adding
options snd-hda-intel model=1043:1c
[Expired for net-tools (Ubuntu) because there has been no activity for
60 days.]
** Changed in: net-tools (Ubuntu)
Status: Incomplete => Expired
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to net-tools in Ubuntu.
http
This bug was fixed in the package netplan.io - 1.0-2
---
netplan.io (1.0-2) unstable; urgency=medium
[ Lukas Märdian ]
* Versioned dep on meson >= 1.3.0 for python.limited_api (Closes: #1066889)
* d/control: downgrade python3-rich to Recommends.
[ Danilo Egea Gondolfo ]
* d
Nevermind, that turned out to be a red herring, using the latest linux
release candidate along with some bleeding edge versions of packages
solves both the audio and the microphone!
https://github.com/thesofproject/linux/issues/4879
** Bug watch added: github.com/thesofproject/linux/issues #4879
Important context from https://lists.debian.org/debian-security-
announce/2024/msg00057.html :
Andres Freund discovered that the upstream source tarballs for xz-utils,
the XZ-format compression utilities, are compromised and inject
malicious code, at build time, into the resulting liblzma5 l
** Description changed:
+ SRU Team; the packages for focal-proposed and jammy-proposed are
+ intended as security updates prepared by the Ubuntu Security team (and
+ have built in a ppa with only the security pockets enabled). However,
+ because the fix makes mount rules in apparmor policy be trea
Public bug reported:
Test Case
-
- Open the Software & Updates tab
- Switch to the Other Software tab
There is an entry for
## Ubuntu distribution repository
##
## The following settings can be adjusted to configure which packages to use
from Ubuntu.
etc.
What I Expected
--
Public bug reported:
Test Case
-
- Add a PPA
- Open the Software & Updates tab
- Switch to the Other Software tab
- Select the PPA line and click Remove
- After Authentication, nothing happens.
No error is emitted to the command line. The repo line still shows. The
repo is still in /etc/a
FYI This is now in the jammy and focal upload queues to go to -proposed.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1597017
Title:
mount rules grant excessive permiss
Yes this bug no longer happens, confirmed on two machines. But there are
other issues with many hundreds of packages being released so please log
new bugs as you find them.
** No longer affects: ubuntu-meta (Ubuntu)
** Package changed: network-manager (Ubuntu) => ubuntu
** Changed in: ubuntu
This bug was fixed in the package unity-lens-files -
7.1.0+17.10.20170605-0ubuntu4
---
unity-lens-files (7.1.0+17.10.20170605-0ubuntu4) noble; urgency=medium
* Fix outdated test case code. (LP: #2051343)
-- Aaron Rainbolt Fri, 29 Mar 2024 00:43:56
+
** Changed in: unity-len
** Changed in: gobject-introspection (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gobject-introspection in
Ubuntu.
https://bugs.launchpad.net/bugs/2056753
Title:
pygo
The "sudo dhcpcd" command worked to get my network back. I had to do
another update/upgrade cycle before network-manager would re-install.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs
This bug only affects KUbunu, not other Ubuntu distributions.
Users of KDE are very proactive and found a workaround to this bug, but
shamelessly, it's in every version and update as long as KUbuntu 22.10, so
nobody managing this distribution is aware of it or just don't want to waste
his time o
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: signon-ui (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to signon-ui in Ubuntu.
https://bugs.launchp
This bug was fixed in the package unity-scope-home -
6.8.2+19.04.20190412-0ubuntu4
---
unity-scope-home (6.8.2+19.04.20190412-0ubuntu4) noble; urgency=medium
* Fix problems with values being non-public when they should have been.
(LP: #2051343)
-- Aaron Rainbolt Fri, 29 Mar
This bug was fixed in the package unity-lens-applications -
7.1.0+16.10.20160927-0ubuntu7
---
unity-lens-applications (7.1.0+16.10.20160927-0ubuntu7) noble; urgency=medium
* Fix multiple Vala errors leading to build failure. (LP: #2051343)
-- Aaron Rainbolt Fri, 29 Mar 2024 00:2
This bug was fixed in the package unity-lens-music -
6.9.1+16.04-0ubuntu5
---
unity-lens-music (6.9.1+16.04-0ubuntu5) noble; urgency=medium
* Fix Vala incompatibilities. (LP: #2051343)
-- Aaron Rainbolt Fri, 29 Mar 2024 00:56:25
+
** Changed in: unity-lens-music (Ubuntu)
To get my network connectivity restored I had to run:
sudo dhcpcd
The repository have been fixed so I was able to install network-manager
back again:
sudo apt install network-manager
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which i
@coeur-noir:
Are you installing firefox to /opt/ as recommended or using it local in
your user account?
as for bwarp, maybe it is known to be problematic. It is allowed to run and to
create a user namespace but it is denied all capabilities within the namespace.
Can you run
sudo dmesg | grep
After run below commands, network-manager is gone
sudo apt -y update --fix-missing
sudo apt -y full-upgrade
sudo apt -y dist-upgrade
sudo apt -y --purge autoremove
sudo apt -y autoclean
To fix this, have to installed these deb files manually
libndp0_1.8-1fakesync1_amd64.d
I see a basically identical message (and dmesg apparmor output) with
"lxc profile edit default":
unshare: write failed /proc/self/uid_map: Operation not permitted
And the dmesg entry:
[ 194.625507] audit: type=1400 audit(1711709095.424:293):
apparmor="DENIED" operation="capable" class="cap"
I'll dive deeper into this. The timing collides with the t64 transition
so that makes me curious. Moreover, Debian reverted to 5.4.5 so the
situation where we're on 5.6.0 doesn't match Debian either.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, w
** Also affects: unity-api (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unity-scope-home in
Ubuntu.
https://bugs.launchpad.net/bugs/2051343
Title:
unity: FTBFS in Nobl
Given this has been reverted in Debian, it should not be synced into
Ubuntu.
** Changed in: xz-utils (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xz-utils in Ubuntu.
https://bugs.la
26 matches
Mail list logo
