Public bug reported:
[Impact]
/usr/src/linux-headers-6.8.0-47-generic/scripts/insert-sys-cert fails to insert
a certificate into vmlinuz
[Test Case]
1. cp /boot/vmlinuz-6.8.0-47-generic ~/workdir/
2. cp /boot/System.map-6.8.0-47-generic ~/workdir/
3. cd ~/workdir
4. openssl req -x509 -newkey rs
Thank You
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1942489
Title:
no wired network option in ubuntu 20.10
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+sourc
Public bug reported:
I am new to Ubuntu. I have recently installed ubuntu 20.10. I get
wireles network but there is no option to connect to wired LAN network
connection.
** Affects: ubuntu
Importance: Undecided
Status: New
--
You received this bug notification because you are a me
apport information
** Attachment added: "acpidump.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494541/+files/acpidump.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "UdevDb.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494539/+files/UdevDb.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
ap
apport information
** Attachment added: "WifiSyslog.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494540/+files/WifiSyslog.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Ti
apport information
** Attachment added: "RfKill.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494538/+files/RfKill.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
ap
apport information
** Attachment added: "PulseList.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494537/+files/PulseList.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Titl
apport information
** Attachment added: "ProcModules.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494536/+files/ProcModules.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "ProcInterrupts.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494535/+files/ProcInterrupts.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/192
apport information
** Attachment added: "ProcEnviron.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494534/+files/ProcEnviron.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "ProcCpuinfoMinimal.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494533/+files/ProcCpuinfoMinimal.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/
apport information
** Attachment added: "ProcCpuinfo.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494532/+files/ProcCpuinfo.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
apport information
** Attachment added: "Lsusb-v.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494531/+files/Lsusb-v.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "Lsusb-t.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494530/+files/Lsusb-t.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "Lspci-vt.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494529/+files/Lspci-vt.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "Lspci.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494528/+files/Lspci.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apag
apport information
** Attachment added: "IwConfig.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494527/+files/IwConfig.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apport information
** Attachment added: "CRDA.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494525/+files/CRDA.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
Title:
apagad
apport information
** Attachment added: "CurrentDmesg.txt"
https://bugs.launchpad.net/bugs/1926395/+attachment/5494526/+files/CurrentDmesg.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1926395
roblemType: Bug
+ ApportVersion: 2.20.11-0ubuntu27.17
+ Architecture: amd64
+ AudioDevicesInUse:
+ USERPID ACCESS COMMAND
+ /dev/snd/controlC0: joy1439 F pulseaudio
+ CasperMD5CheckResult: skip
+ CurrentDesktop: ubuntu:GNOME
+ DistroRelease: Ubuntu 20.04
+ InstallationDate: In
Public bug reported:
uso mi noterbook y de repente se apaga, al intentar prenderla tarda unos
min. con la imagen negra despues un destello blanco y se repite 3 veces
luego aparece la imagen violeta se queda unos minutos y hay recien
aparece el usuario y demas al iniciar lo hace pero despues aparec
This second review will only document the areas that some difference was
found from the first review.
I reviewed pipewire 0.3.15-1 as checked into hirsute. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
- Build-Depends:
debhelper-compat (= 13), libasound2-d
** Changed in: pipewire (Ubuntu)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802533
Title:
[MIR] pipewire
To manage notifications about this bug go to:
http
This has been fixed in bionic. Already fixed in xenial.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1898078
Title:
FIPS OpenSSL crashes Python2.7 hashlib when using MD5
To manage notifications ab
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1731410
Title:
packag
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1683378
Title:
packag
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1690543
Title:
packag
Hi, Is this still an issue? Changing the status to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1570359
Title:
Is this still an issue? Changing to incomplete.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/153
Title:
Omnikey Cardreader no
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1366152
Title:
System crash
Fixed in subsequent release. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1700104
Title:
package pcscd 1.8.10-1ubun
This bug was not applicable to pcsc-lite package. Closing since no
activity and eol.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/11618
This was fixed in subsequent release. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1090238
Title:
pcscd hangs a
This is most likely fixed via pcscd starting from systemd in current
releases. Closing this since it has had no activity and has eol.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which i
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1004683
Title:
pcscd fails to
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/796893
Title:
Rutoken Magist
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/795540
Title:
package
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/790502
Title:
If OS ha
This bugreport has had no activity and has eol. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/776082
Title:
pcscd spams sy
This bug appears to have been fixed in an update. Closing.
** Changed in: pcsc-lite (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/336815
Title:
Aladdin e
** Description changed:
- The fix for #1835135 was not included into the python2.7 update. This
- bug has been opened to include it.
+ The fix for #1835135 was included into a python2.7 ver when python2.7
+ was updated, the fix was not included. It needs to be put pack into the
+ latest version pf
** Also affects: python2.7 (Ubuntu Groovy)
Importance: Undecided
Status: New
** Also affects: python2.7 (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: python2.7 (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: python2.7 (Ubuntu
Public bug reported:
The fix for #1835135 was not included into the python2.7 update. This
bug has been opened to include it.
** Affects: python2.7 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is su
pcsc-lite source package provides pcscd and libpcsclite1 and thus is
needed for smartcard deployment.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1892559
Title:
[MIR] ccid libpam-pkcs1 libpcsc-per
pcscd is required. When removed, I am not able to get any info from the
driver about the reader or the smartcard. pcscd loads the smartcard
driver and coordinates communications.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://
Hi Seth and Christian,
I did a smartcard setup and confirmed I did not have to use anything
from pcsc-tools. And pcsc-tools seem to depend on libpcsc-perl, so won't
need pcsc-perl either.
My "sudo apt install opensc" pulled in libccid, libpcslite1, opensc-
pkcs11 and pcscd binary packages. I only
Reassigning so that necessary work is done to get pipewire updated,
building and working in groovy.
** Changed in: pipewire (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subsc
Hi, security team is wanting to do a MIR audit on pipewire for groovy.
Unfortunately, the current pipewire source downloaded from groovy does
not appear to have been updated nor does it build.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ub
Verified this on both bionic and focal.
Testcase: (focal)
$ dpkg -l | grep libopenscap8
ii libopenscap8 1.2.16-2ubuntu3.1
amd64Set of libraries enabling integration of the SCAP line of standards
$ oscap oval eval --report cve-report.html com.ubu
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchp
** Description changed:
[Impact]
In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
ntpq uses crypto hashes to authenticate its requests. By default it uses
md5. However, when compiled with openssl it creates a lists of
acceptable hashes from openssl t
** Summary changed:
- [fips] Not fully initialized digest segfaulting some client applications
+ [fips] ntpq segfaults when attempting to use MD5 from FIPS-openssl library.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.
** Changed in: openssl (Ubuntu)
Assignee: (unassigned) => Joy Latten (j-latten)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfault
Additional testing for ntpq authentication to ensure MD5 still works for
ntpq in archive
NOTE: The shown testing is ntpq(with patch) + openssl from archive. To ensure
all still works.
Testing with ntpq + fips-openssl was also done successfully.
VM-A (ntp server)
1. Edit /etc/ntp.keys to inclu
Testing:
There are no autopkgtests for ntp pkg and we do not run "make check" in
the tests dir as part of the build. So, just in case it is applicable, I
ran make check on my local build to ensure everything passes.
** Attachment added: "Results of running make check in ../tests directory"
ht
** Description changed:
[Impact]
In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
- ntpq uses crypto hashes to authenticate its requests. By default it appears
to use an internal md5 implementation. However, when compiled with openssl it
creates a lists
** Description changed:
- In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
- segfault.
+ [Impact]
+ In FIPS mode on Bionic MD5 is semi-disabled causing some applications to
segfault.
+ ntpq uses crypto hashes to authenticate its requests. By default it appears
to use a
Build log:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/19570468
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting some c
debdiff for bionic
** Attachment added: "debdiff.bionic"
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1884265/+attachment/5391374/+files/debdiff.bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launch
I added return checks to ntpq code and this appears to solve the
problem. Is it ok to make this an SRU?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized dige
Also, this is only applicable in bionic. Neither xenial nor focal
experience this issue.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting
It seems 2 things are happening to generate this issue
1.fips-openssl in bionic has md5 and md5_sha1 in fips digest list with
explicit purpose of accommodating PRF use only in fips mode. But you
must pass the flag, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW to successfully use
them.
2. ntpq does not check re
Investigating.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting some client
applications
To manage notifications about this bug go to:
** Tags added: verification-done-eoan
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865504
Title:
hwclock reports incorrect status in audit message
To mana
Successful verification on amd64 for bionic
$ dpkg -l | grep util-linux
ii util-linux2.31.1-0.4ubuntu3.6
amd64miscellaneous system utilities
$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DI
Successful verification on amd64 for eaon
$ dpkg -l | grep util-linux
ii util-linux 2.34-0.1ubuntu2.4
amd64miscellaneous system utilities
Audit records found in /var/log/audit/audit.log,
type=USYS_CONFIG msg=audit(1584463433.533:68): pid=4
Mauricio,
Thank you so much for handling. Much appreciated. I took a quick look at the
above #15 and #16 and perhaps a retry may be beneficial... there were some
timeouts...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bu
** Also affects: util-linux (Ubuntu Eoan)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865504
Title:
hwclock reports incorrect status in audit message
** Also affects: util-linux (Ubuntu Bionic)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1865504
Title:
hwclock reports incorrect status in audit message
The debdiff for focal
** Attachment removed: "debdiff for focal"
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1865504/+attachment/5333544/+files/debdiff.focal
** Attachment added: "debdiff.focal"
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1865504/+attachment/53
Build log
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/18795481
** Bug watch added: Debian Bug tracker #953065
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953065
** Also affects: util-linux (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953065
Impo
** Attachment added: "debdiff for focal"
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1865504/+attachment/5333544/+files/debdiff.focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/186
** Description changed:
+ [IMPACT]
+ hwclock reports incrorect status in audit message
+
+ hwclock calls audit_log_user_message(3) to create an audit entry.
audit_log_user_message(3) result 1 is "success" and 0 is
"failed", hwclock use standard EXIT_{SUCCESS,FAILURE} macros with reverse
- sta
ak/util-linux/commit/189edf1fe501ea39b35911337eab1740888fae7a
** Affects: util-linux (Ubuntu)
Importance: High
Assignee: Joy Latten (j-latten)
Status: New
** Changed in: util-linux (Ubuntu)
Importance: Undecided => Medium
** Changed in: util-linux (Ubuntu)
Importance: Medium
I reviewed ndctl as checked into focal. This shouldn't be considered a
full audit but rather a quick gauge of maintainability.
ndctl is comprised of utilities and libraries for managing the libnvdimm
(non-volatile memory device) sub-system in the Linux kernel
- No CVEs readily found.
Gleaned t
** Changed in: ndctl (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1853506
Title:
[MIR] ndctl
To manage notifications
I reviewed pipewire 0.2.5-1 as checked into eoan. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
pipewire is a multimedia sharing and processing engine. It is comprised of a
server and userspace API to handle multimedia pipelines. The pipewire package
con
** Changed in: pipewire (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802533
Title:
[MIR] pipewire
To manage notifica
The 2.7 and 3.5 python packages in the security proposed PPA have been
successfully tested in a fips and non-fips xenial environment.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835135
Title:
FIP
** Changed in: gnome-remote-desktop (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802614
Title:
[MIR] gnome-remote-des
I would like to add an additional condition to the security team ACK.
The pipewire MIR must also be ACK'd.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802614
Title:
[MIR] gnome-remote-desktop
To
I reviewed gnome-remote-desktop 0.1.7-1 as checked into eoan. This
shouldn't be considered a full audit but rather a quick gauge of
maintainability.
gnome-remote-desktop is a remote desktop daemon for GNOME using VNC with
pipewire. It is suppose to work with both X and Wayland.
- No CVEs.
Also Ex
Upon looking at the source for both python2.7 and python3.5 in xenial,
neither checks the return value from EVP_DigestInit in
Modules/_hashopenssl.c file.
However, python3.6 (in bionic, cosmic and disco) does have the check.
So the check will need to be backported to python 2.7 and python 3.5 in
Like python3, python2 should check the return value of EVP_DigestInit.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835135
Title:
FIPS OpenSSL crashes Python2 hashlib
To manage notifications abou
The assessment is accurate.
FIPS 140-2 does not allow MD5 except for use in PRF.
Thus the OpenSSL_add_all_digests in fips openssl does not include MD5.
However, SSL_library_init() does include MD5 but only for use in calculating
the PRF. Notice in tls1_P_hash() in ssl/t1_enc.c
the flag, EVP_MD
Investigating
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1835135
Title:
FIPS OpenSSL crashes Python2 hashlib
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+sour
verification done on following:
xenial: openvpn-2.3.10-1ubuntu2.2
bionic: openvpn-2.4.4-2ubuntu1.2
cosmic: openvpn-2.4.6-1ubuntu2.1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openv
Verified using same test data allowing for interoperability testing
between the various releases and with fips for xenial and bionic.
** Tags removed: verification-needed-bionic verification-needed-cosmic
verification-needed-xenial
** Tags added: verification-done-bionic verification-done-cosmic
Successfully verified xenial, bionic, and cosmic.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
To manage notifications about this bug go t
Testing in progress...
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
To manage notifications about this bug go to:
https://bugs.launchpad.n
This bug has been reported:
1.Upstream Bug: https://community.openvpn.net/openvpn/ticket/725
2.Suse Bug report:
https://build.opensuse.org/package/view_file/network:vpn/openvpn/openvpn-fips140-2.3.2.patch
** Description changed:
[IMPACT]
+ openvpn segfaults when using fips-mode openssl becau
Applied fixes for above comments. After some team discussion, decided to
use sha256 for internal hash rather than sha1 in xenial as well.
Internal hash is never communicated externally. Performed additional
interoperability testing successfully using same test parameters as
previously.
cosmic(with
** Changed in: openvpn (Ubuntu Bionic)
Status: Incomplete => New
** Changed in: openvpn (Ubuntu Xenial)
Status: Incomplete => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
T
** Description changed:
[IMPACT]
openvpn when estabishing a tls connection will segfault when used with
Ubuntu's FIPS 140-2 libcrypto.so (openssl).
- openvpn tls connection does TLS PRF(pseudorandom function) to produce
securely generated pseudo random output that is used to generate keys
2 testcases using same parameters for prior testcases, except that
installed FIPS-mode libcrypto.so to test and ensure FIPS-mode
libcrypto.so honors the flag to allow MD5 in PRF and does not cause
openvpn to segfault because MD5 is missing.
** Attachment added: "testcase-data-fips"
https://bug
The xenial patch has additional code. In version 2.3.10, openvpn uses
MD5 for PRF and internally for configuration status verification. FIPS
140-2 permits MD5 for PRF, but not as a hash for internal verification.
Subsequent versions of openvpn (2.4) was changed upstream to not use
MD5, instead uses
** Attachment added: "debdiff.bionic"
https://bugs.launchpad.net/ubuntu/xenial/+source/openvpn/+bug/1807439/+attachment/5222054/+files/debdiff.bionic
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1
build log for xenial:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/15743720
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1807439
Title:
openvpn crashes when run with fips openssl
build log for bionic:
https://launchpad.net/~j-latten/+archive/ubuntu/joyppa/+build/15743676
** Also affects: openvpn (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: openvpn (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: openvpn (Ubuntu Xe
1 - 100 of 304 matches
Mail list logo
