Security team development (ie specification work) is done as time allows. This page does not include security updates, audits, investigations, etc. This page only includes information on proactive development work as it pertains to the Ubuntu Release schedule. Blueprints that the security team is committed to completing in a development cycle have an 'Essential' priority.
All blueprints involving the security team:
BurnDown (for all blueprints)
- Entire cycle:
(Updated manually once Beta hits, currently not being updated for Natty)
We fixed 0 RC bugs, got 0 new ones.
Fixed last week:
Bugs which need better understanding/debugging
Planned changes for Beta 2
Deferred for SRU
Milestoned Bugs/Issues from other Teams
FTBFS due to multiarch changes. Archive rebuilt and fallout is being addressed. The build results show main is in quite good shape, but universe is still fairly scary.
https://launchpad.net/bugs/716703 (chromium-browser is not built PIE on ARM)
FIXED: https://launchpad.net/bugs/690873 (latest natty sudo upgrade prompts for conffile update and potentially removes %admin from /etc/sudoers)
FIXED: https://launchpad.net/bugs/714958 (gnome-screensaver should revoke auto-mount ability while locked)
DEFERRED: https://bugs.launchpad.net/ecryptfs/+bug/344878 (file name too long when creating new file (ecryptfs_lookup: lookup_one_len() returned [-36] on lower_dentry))
WON'T FIX https://launchpad.net/bugs/712662 (bash should not have /dev/net)
DEFERRED: https://launchpad.net/bugs/714908 (gnome-keyring should verify key permissions) -- deferred do to UI work
FIXED: https://launchpad.net/bugs/663294 (firefox is not built PIE in natty) (may try to workaround and build with gcc-4.4)
Other Natty-targeted bugs