Note that due to the 1ubuntu5 change I decided to start with a fresh
tarball:
https://github.com/OpenSCAP/openscap/releases/download/1.3.4/openscap-1.3.4.tar.gz
yaml-filter isn't tracked in Debian's src-git: it is a git submodule in
the upstream repo and it appears that Debian hasn't included it a
Hmmm maybe the changelog failing to was caused by the 1ubuntu5 update I
didn't see. I've redone the patchset off of 1ubuntu5.
I think I've fixed the missing Ubuntu entries, but note that the
existing Ubuntu 1ubuntu5 changelog drops a lot of older Debian entries.
--
You received this bug notifica
Rebase off of 1ubuntu5 presently in Impish.
** Patch added: "openscap-1.3.4.impish-to-impish-rev5.debdiff"
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1931618/+attachment/5512549/+files/openscap-1.3.4.impish-to-impish-rev5.debdiff
--
You received this bug notification because you
** Patch added: "Same as previous except over sid (rev5)"
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1931618/+attachment/5512550/+files/openscap-1.3.4.sid-to-impish-rev5.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
** Patch added: "rev4 rebase debdiff over impish (fixes changelog)"
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1931618/+attachment/5512232/+files/openscap-1.3.4.impish-to-impish-rev4.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is s
Sorry about the delay. The merge tool was not working for me:
dpkg-mergechangelogs ../../debian/openscap/debian/changelog
../../ubuntu-impish-original/openscap-1.2.17/debian/changelog
./debian/changelog.bak > debian/changelog
This was giving me a file with only the 1.2.17 changelog and no entries
Changelog updated.
** Patch added: "rev4 rebase debdiff over sid (updated changelog entry)"
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1931618/+attachment/5512231/+files/openscap-1.3.4.sid-to-impish-rev4.debdiff
--
You received this bug notification because you are a member of U
A few things to add to this discussion:
> I'd say at the moment bootloader passwords are unsupported as IIRC,
there are issues with keyboard not working correctly in a bunch of
places.
Yeah, I think this isn't meant as a true security _control_ (certainly
any matter of physical access yields many
** Summary changed:
- default permissions on bootloader configuration
+ default file permissions on bootloader configuration
** Description changed:
CIS guidance for all distributions suggest securing grub bootloader
- configuration for two purposes:
+ configuration file permissions for two pu
Public bug reported:
CIS guidance for all distributions suggest securing grub bootloader
configuration for two purposes:
1. In general, arbitrary users shouldn't have access to read grub configuration
in general,
2. In specific, when a grub bootloader password is configured, we'd still
prefer a
Thanks Sergio!
I've confirmed this fixed build does indeed solve the issue for me and I
was able to use it to successfully debug the failures I was seeing with
postfix+FIPS OpenSSL.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
http
** Patch added: "rev3 rebase debdiff over sid (same as previous; just different
base)"
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1931618/+attachment/5504910/+files/openscap-1.3.4.sid-to-impish-rev3.debdiff
--
You received this bug notification because you are a member of Ubuntu
Per discussion with Alex on MM, attached same rev3 debdiff just based
against sid instead of impish (making it more reviewable). No changes
were made and same .dsc file was used.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://
Thanks Alex for your comments! :-)
I've attached the impish-to-impish debdiff as rev3. This aligns closer
with the changelog format suggested by Seth but otherwise contains no
new deltas.
Should I also provide the sid-to-impish debdiff? A 15MiB impish-to-
impish debdiff seems much harder to revie
** Patch added: "rev3 rebase debdiff over impish (changes base, fixes
changelog)"
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1931618/+attachment/5504083/+files/openscap-1.3.4.impish-to-impish-rev3.debdiff
--
You received this bug notification because you are a member of Ubuntu
B
** Patch added: "rev2 rebase debdiff over sid -- contains missing changelog
entry"
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1931618/+attachment/5503888/+files/openscap-1.3.4.sid-to-impish-rev2.debdiff
--
You received this bug notification because you are a member of Ubuntu
Bug
** Patch added: "rev1 rebase debdiff over sid"
https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1931618/+attachment/5503887/+files/openscap-1.3.4.sid-to-impish-rev1.debdiff
** Description changed:
In the interest of long-term maintainability ahead of Ubuntu 22.04
release, the Secur
Public bug reported:
In the interest of long-term maintainability ahead of Ubuntu 22.04
release, the Security team would like to propose rebasing to upstream
OpenSCAP 1.3.4 release as has presently landed in Debian.
Upstream, OpenSCAP is a Red Hat maintained project. Version 1.2.x (as
currently p
Public bug reported:
I was looking to debug postfix on Bionic today due to a FIPS OpenSSL
issue, but failed. ~sergiodj on #ubuntu-devel came to the realization
that the debug symbols shipped in postfix-dbgsym (and likely the other
postfix-*-dbgsym packages) lacked DWARF information.
This means gd
The MIR text in comment #0 has been updated.
** Description changed:
- Hello, the Ubuntu Security Team would like the libopenscap8 binary
- package from openscap promoted to main. libopenscap8 is incorporated
- into the CVEscan snap: https://github.com/canonical/sec-
- cvescan/blob/master/snapcra
** Changed in: shadow (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1923262
Title:
backup /etc/passwd- file should be mode 0600
To manage not
I largely agree but I'd like to point out a little bit of nuance. Even
on modern (e.g., 20.04) systems using shadow by default, global
read/write access to /etc/passwd{,-} _can_ (in some scenarios) still
problematic. A system will still function fine even if /etc/passwd has
000 permissions (+/- som
This is a debdiff for Hirsute, applicable against 11ubuntu18 to add
CPE_NAME. I ended up quoting it to follow what Fedora does but from what
I (and ShellCheck) can tell from testing the resulting .deb with bash
and sh, it doesn't strictly need to be quoted.
Per discussion with Steve Beattie (~sbea
Just in case someone stumbles across this in the future. I believe the
realtek driver version (here, 4.3.8) doesn't work with newer kernel
versions. I found a much newer driver here:
https://github.com/morrownr/8812au
This is driver version v5.9.3.2 (Released Oct 2020) and works with my
card:
24 matches
Mail list logo
