You can find it built here:
https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages
** Changed in: dino-im (Ubuntu Bionic)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https:/
I reviewed containerd 1.3.1-0ubuntu1 as checked into focal. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
containerd is a daemon that manages the complete container lifecycle of its
host system. Containerd controls runc.
- No CVE History:
- Build-Depends
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is availabl
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is availabl
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Your bug report is more likely to get attention if it is made in
English, since this is the language understood by the majority of Ubuntu
developers. Additionally, please only mark a bug as "security" if it
shows evid
I reviewed mysql-router 8.0.19-0ubuntu2 as checked into focal (when this review
started). This shouldn't be considered a full audit but rather a quick gauge of
maintainability.
mysql-router is a binary package from mysql-8.0 that is responsible for routing
connections from MySQL clients to MySQL s
This is the same as bug #1862364
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1862770
Title:
MySQL autopkgtest regressed in Focal release pocket
To manage notifications about this bug go to:
https
Public bug reported:
Just similar to bug #1859100 there is another test that just started
failing because of a date that expired.
See the snippet of build log below:
[ 51%] main.events_1w4 [ fail ]
Test ended at 2020-02-07 10:46:06
CURRENT_TEST: main.events
I reviewed runc 1.0.0~rc8+git20190923.3e425f80-0ubuntu1 as checked into focal.
This shouldn't be considered a full audit but rather a quick gauge of
maintainability.
runc, a lightweight universal container runtime, is a CLI tool for spawning and
running containers according to the Open Container I
Thanks, I will try to test or at least let the build running on xnox's
proposed mysql version.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1859100
Title:
mysql-server FTBFS (focal) because of buil
** Changed in: openjpeg2 (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/711061
Title:
[MIR] openjpeg2
To manage notific
I reviewed openjpeg2 2.3.1-1 as checked into focal. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
openjpeg2 is a library to encode and decode JPEG 2000 images. JPEG 2000 is an
image compression standard and coding system. OpenJPEG dates back from 2005
and h
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thank you for using Ubuntu and taking the time to report a bug. Your
report should contain, at a minimum, the following information so we can
better find the source of the bug and work to resolve it.
Submitting the bug about the proper source package is essential. For
help see https://wiki.ubuntu.
Actually marking it as Fixed Released.
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1856979
Title:
GIT 2.x vulnerabilities
To
Hi Srdjan,
Awesome, thanks! I will give it a try.
Yes, the analysis seems correct to me. So I encourage you to file a bug
on Trivy Github and let them verify what's going on. If possible, keep
us updated on the outcomes of your bug report.
I appreciate it!
Thanks,
Eduardo
--
You received this
Also, I am not aware of this Trivy tool, but could you give us more
information on what you are seeing?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1855768
Title:
Ubuntu-security CVE-2019-
Hi Srdjan,
Thanks for taking the time to report this issue and help making Ubuntu
better.
The USN you mentioned, applied the fix to the source package libidn2
(https://packages.ubuntu.com/source/bionic/libidn2)
You can see on the mentioned page that this source package generates multiple
binary
*** This bug is a duplicate of bug 1847520 ***
https://bugs.launchpad.net/bugs/1847520
** Also affects: tcpdump (Ubuntu)
Importance: Undecided
Status: New
** No longer affects: phpmyadmin (Ubuntu)
** This bug has been marked a duplicate of bug 1847520
33 Upstream CVEs patched
*
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
*** This bug is a duplicate of bug 1799215 ***
https://bugs.launchpad.net/bugs/1799215
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is availabl
@vanvugt, could you please take a look on this and assign it to the correct
package.
It might be a duplicate of another ticket.
Thanks!
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is su
** Also affects: cups (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1850032
Title:
scanbd prevents HP printers to work correctly with HPL
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is availabl
*** This bug is a duplicate of bug 1853545 ***
https://bugs.launchpad.net/bugs/1853545
** This bug has been marked a duplicate of bug 1853545
discover did not ask for a password on an update
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: openjpeg2 (Ubuntu)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/711061
Title:
[MIR] openjpeg2
To manage notific
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847701
Title:
Buffer Overflow Write when libntlm generates NTLM request
To manage
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847520
Title:
33 Upstream CVEs patched
To manage notifications about this bug go
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1847960
Title:
After returning from suspend the screen content (with all previously
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
I reviewed libhandy 0.0.10-1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
libhandy is a library full of GTK widgets for mobile phones. The aim of
libhandy is to help with developing UI for mobile devices using GTK/GNOME.
- No CVE His
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: systemd (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1814596
Title:
DynamicUser can create setuid binaries when assisted by another
process
** Changed in: jackd2 (Ubuntu)
Status: New => Confirmed
** Changed in: jackd2 (Debian)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1833479
Title:
libjack-ja
** Changed in: clamtk (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1838067
Title:
made Ubuntu very slow then crash
To manage notifications about t
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks Julian! The packages will be available in a few minutes in
security-proposed https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages?field.name_filter=redis&field.status_filter=published&field.series_filter=
If you could also test them would be great. I will be pushing
** Changed in: redis (Ubuntu)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1836496
Title:
CVE-2019-10192 CVE-2019-10193
To manage notifications about this
** Changed in: redis (Ubuntu)
Assignee: (unassigned) => Eduardo dos Santos Barretto (ebarretto)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1836496
Title:
CVE-2019-10192 CVE-2019-10193
** Changed in: lmdb (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1833745
Title:
[MIR] required new dependency of appst
I reviewed lmdb 0.9.23-0ubuntu1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
lmdb is a software library that provides a high-performance embedded
transactional database in the form a key-value store.
- No CVE History
- Build-Depends
Thanks Luca for all the help and contribution, the fix is released. Feel
free to contact us in case of new issues.
** Changed in: zeromq3 (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubun
I reviewed zope.component 4.3.0-1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
Zope is a free and open source web application server written in the
object-oriented programming language “Python”.
zope.component is a framework that prov
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: extplorer (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822013
Title:
extplorer package exposes /usr/ (and /etc/extplorer/) directory over
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1775776
Title:
GNU bc crashes on some inputs
To manage notifications about this bu
Setting mariadb-10.1 to 'Fix Released' as Bionic
(1:10.1.34-0ubuntu0.18.04.1) and newer releases already contain the
fixes for those CVEs.
** Changed in: mariadb-10.1 (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: gnome-screensaver (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1821957
Title:
Turning off a monitor unlocks the computer
To manage
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: pam-u2f (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1831713
Title:
Security update to libpam-u2f from Yubico
To manage notification
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: apache2 (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832163
Title:
Me acaban de dar BANNN SIN NINGUNA RAZON POR QUE ESTABA JUGANDO SKYW
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832163
Title:
Me acaban de dar BANNN SIN NINGUNA RAZON POR QUE ESTABA JUGANDO SKYWAR
Y DE
Thanks Otto for providing the update for 18.04.
We just released it and it should be available in the archive in some minutes.
We appreciate all the work you've done.
** Changed in: mariadb-10.1 (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you
On Mon, 2019-06-03 at 05:54 +, Christian Ehrhardt wrote:
> > - There are different versions of twitter-bootstrap in the archive,
> > after some
> > search we have that
>
> [...]
> > It is used in mailman-website where you can manage lists. It is
> > unclear to
> > me if the version
I reviewed twitter-bootstrap3 3.4.0+dfsg-4 as checked into eoan. This shouldn't
be considered a full audit but rather a quick gauge of maintainability.
twitter-bootstrap3 is an open source toolkit for developing with HTML, CSS, and
JS.
- There are different versions of twitter-bootstrap in the a
Hi Otto,
You based your update on version 1:10.1.38-0ubuntu0.18.04.1.
We currently have in the archive version 1:10.1.38-0ubuntu0.18.04.2.
Could you please rebase your changes with what is in the archive?
Thanks in advance!
--
You received this bug notification because you are a member of Ubu
I will be handling it for the security team, thanks Otto.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1825572
Title:
April 2019 Oracle CPU might also affect MariaDB
To manage notifications about
I reviewed python-aiosmtpd version 1.2-3 as checked into eoan as of this
writing.
This shouldn't be considered a full audit but rather a quick gauge of
maintainability.
python-aiosmtpd is an asyncio based SMTP server.
- Last commit from March
- No CVE history
- Build-depends:
- debhelper,
- dh
** Changed in: ffmpeg (Ubuntu Bionic)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1823786
Title:
[SRU] ffmpeg 3.4.6 for bionic
To manage notificati
anged in: ffmpeg (Ubuntu Bionic)
Assignee: (unassigned) => Eduardo dos Santos Barretto (ebarretto)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1823786
Title:
[SRU] ffmpeg 3.4.6 for
I reviewed python3-openid version 3.1.0-1 as checked into disco as of this
writing.
This shouldn't be considered a full audit but rather a quick gauge of
maintainability.
python3-openid is a set of python packages to support use of the OpenID
decentralized identity system in your application.
- N
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
** Changed in: ffmpeg (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1823786
Title:
[SRU] ffmpeg 3.4.6 for bionic
To manage notifications about this
** Information type changed from Private Security to Public Security
** Changed in: ubuntubudgie
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1821957
Title:
Turnin
** Changed in: unzip (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1824530
Title:
Heap Buffer Overflow in UzpPassword
To manage notifications about
*** This bug is a duplicate of bug 1806961 ***
https://bugs.launchpad.net/bugs/1806961
** This bug has been marked a duplicate of bug 1806961
Lock can be circumvented by switching tty when using lightdm
** Information type changed from Private Security to Public Security
--
You received
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug. I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privile
Thanks Etienne,
Updated version was released for trusty, xenial, bionic and cosmic.
Thanks again for the testing and for providing the debdiffs.
Any problems just let us know.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://
Hi Etienne,
Yes it helps, also any other usage cases that you can run will be much
appreciated.
Thanks,
Eduardo
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1819912
Title:
CVE-2019-9628 XML parse
Hi Etienne,
I would appreciate if you could run some tests with the binaries that
you can find below:
https://launchpad.net/~ubuntu-security-
proposed/+archive/ubuntu/ppa/+packages?field.name_filter=xmltooling&field.status_filter=published&field.series_filter=
Thanks
--
You received this bug n
Hi Etienne,
Thanks for taking the time to report this bug and helping to make Ubuntu
better.
I will be sponsoring it.
I will be back to you later today and I would appreciate if you could run some
tests on the built .debs.
Thanks again
--
You received this bug notification because you are a
** Changed in: xmltooling (Ubuntu Bionic)
Assignee: (unassigned) => Eduardo dos Santos Barretto (ebarretto)
** Changed in: xmltooling (Ubuntu Bionic)
Status: Confirmed => In Progress
** Also affects: xmltooling (Ubuntu Trusty)
Importance: Undecided
Status: New
*
1 - 100 of 192 matches
Mail list logo
