Triage for Monday

Bryce Harrington bryce.harrington at canonical.com
Mon Jul 20 21:51:13 UTC 2020 

Heavy bug day, most in action by staff.  Ones of note:

* pwmconfig generate wrong config when multiple fans are on same pwm
  - https://bugs.launchpad.net/lmsensors/+bug/1887586
  - User forwarded bug, I added a link to it in LP

* Unbound crash with chroot
  - https://bugs.launchpad.net/ubuntu/+source/unbound/+bug/1885907
  - Fix landed in Debian, we'll get it automatically by sync when they
    release.
  - Asked for steps to reproduce, if this issue is worth SRU.
  - Already in server-next

* CURLFile POST missing Content-Length header
  - https://bugs.launchpad.net/ubuntu/+source/php7.4/+bug/1887826
  - Added server-next; this will be addressed by my php7.4 merge once it
    lands, but will also need SRU'd.

* ClamAV needs updated to [to 0.102.4] reflect [3 CVE] security fixes
  - https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1888160
  - Guessing the security team would handle this; I've subbed them
  - Also tagged server-next so we can follow up

* mysql 8.0.19-0ubuntu5 autopkgtest regressed in release pocket
  - https://bugs.launchpad.net/ubuntu/+source/mysql-8.0/+bug/1887979
  - Was marked as update-excuse due to propose-migration issue
  - Tagged server-team-discuss

* TLS is not enabled for memcached>=1.5.13
  - https://bugs.launchpad.net/ubuntu/+source/memcached/+bug/1887943
  - Feature request for 20.04, but seems reasonable request for security
  - Tagged server-team-discuss

* "Mutex file:${APACHE_LOCK_DIR} default" should be disabled by default
  on Linux because it leads to errors
  - https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1565744
  - After checking with Robie, although I can't reproduce the issue the
    fix is straightforward enough so I'll go ahead and post this for SRU
    and let others who are seeing this in production handle the
    validation.

* CURLFile POST missing Content-Length header
  - https://bugs.launchpad.net/ubuntu/+source/php7.4/+bug/1887826
  - Christian subscribed this to me, since it's fixed with my php 7.4
    merge for groovy.  After that, I can investigate SRU'ing to focal.
  - Requested steps to reproduce the issue, guessing a php call for
    curl'ing off certain 3rd party web servers would do it.
  - Added focal task as Incomplete, since it needs steps to repro.

More information about the ubuntu-server mailing list