Monday Triage Report (2023-03-20)

Sergio Durigan Junior sergio.durigan at canonical.com
Tue Mar 21 02:50:36 UTC 2023 

Bug Triage
==========

ustriage found 27 bugs.  These are the noteworthy ones:

### https://pad.lv/1980466 | Confirmed | mysql-8.0 |
    mysql_secure_installation can not set root password and end… |

There's some additional information in the bug.  Lena is taking care of
it, so I didn't do anything.


### https://pad.lv/2004433 | Incomplete | sssd | freeipa-client:
    ipa-client-install doesn't modify /etc/nssw… |

Did some more investigation and left a comment reinforcing what Paride
and Timo already said.


### https://pad.lv/2007272 | Confirmed | heimdal | I have ubuntu 22.04
    on my system and have the following vul… |

The CVE seems to affect only 32-bit systems, so I left a comment asking
the user whether they are a 32-bit binary on amd64, which would be
unsupported AFAIK.


### https://pad.lv/2009858 | Confirmed | samba | User authentication is
    broken with 2:4.15.13+dfsg-0ubuntu0.… |

Marc seems to be on top of it so I didn't touch it (also, I have my
plate completely full), but it seems to be affecting more users and we
still can't reproduce the bug.  May be worth taking a closer look when
possible.


### https://pad.lv/2012028 | New | edk2 | secure boot: TPM version '2.0'
    is not supported |

Haven't tried to reproduce it here, but Andrea works as a Linux Kernel
Engineer at Canonical and Brian Murray is subscribed to the bug, so I
went ahead and subscribed ubuntu-server.  It's marked as a critical bug
and, if indeed valid, is definitely something we should be looking at.
I'll see if I can make time to reproduce it tomorrow; until then, I'm
leaving it as New.


### https://pad.lv/2012037 | New | sssd | Running `apt install
    sssd-tools` causes sssd to be uninstal… |

Incomplete.  Timo tried to help a bit, but unfortunately I can't
reproduce the problem so I left a message to the reporter.


### https://pad.lv/2012058 | New | bind9 | bind9 incorrectly logs
    starting maxtime timer debug message… |

One more for list of bind9 bugs that will be fixed by the MRE.
Subscribed the team & Lena to it.


### https://pad.lv/2012064 | New | unbound | unbound stops processing
    tcp (1.9.4-2ubuntu1.4 on focal) |

Incomplete, but the user seems to be knowleadgeable.  I asked a few
questions that might help in the investigation.


### https://pad.lv/2012119 | New | popt | imageinfo fails in Ubuntu
    23.04 with a no such file or dire… |

This is actually a bug in imageinfo; I left instructions on where the
bug is actually located, so fixing it should be trivial.  I reassigned
it to the proper package, but also subscribed ubuntu-server to it just
in case.


### https://pad.lv/2012140 | New | krb5 | The documented DEFCCNAME is
    not the actual credential cache… |

I found https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033164, which
is the Debian equivalent of this bug, and where Andreas interacted with
the reporter too.  It seems to me that our bug is a request for
clarification/documentation of this specific behaviour.  I believe this
should be done in Debian anyway, because it's not something specific to
Ubuntu.  Andreas, WDYT?


### https://pad.lv/2012154 | New | apache2 | threaded MPM on focal
    selects cgid instead of cgi but doesn… |

Report by Steve.  I could not reproduce it, so I left a message.



Bugs tagged "-needs-merge -needs-sync -needs-oci-update -needs-snap-update -needs-mre-backport -needs-ppa-backport" and subscribed "ubuntu-server" and not touched in 60 days

### https://pad.lv/2003003 | New | unixodbc | unixODBC crashes when ODBC
    trace is enabled |

Still waiting on the user to confirm whether the upstream issue that
Lucas pointed out is the one the user is reporting to us.  In order to
make things more "formal", I left a comment asking for more reproduction
steps and also marked the bug as Incomplete.



Bugs subscribed to ubuntu-server and not touched in 180 days

### https://pad.lv/1891643 | Triaged | amavisd-new | amavisd-new
    suggests missing packages |

Still no answer from Debian.  Didn't touch it.


Documentation Triage
====================

Nothing this time.

-- 
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0  EB2F 106D A1C8 C3CB BF14
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 873 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20230320/03be7d2c/attachment.sig>

More information about the ubuntu-server mailing list