Security team development (ie specification work) is done as time allows. This page does not include security updates, audits, investigations, etc. This page only includes information on proactive development work as it pertains to the Ubuntu Release schedule. Blueprints that the security team is committed to completing in a development cycle have an 'Essential' priority.




All blueprints involving the security team:

Status (for all blueprints)

Weekly summary

(Updated manually once Beta hits, currently not being updated for Oneiric)

We fixed 0 RC bugs, got 0 new ones.

Milestoned Bugs

Fixed last week:

  • None

Triaged problems:

  • None

Bugs which need better understanding/debugging

  • None

Planned changes for RC 1

  • Upload new NSS for updated root certificates (with corresponding SRUs)

Deferred for SRU

  • LP: #851986 - use of Ux in ubuntu-* abstractions and profiles is too lenient and should be improved

  • LP: #864992 - "Show Containing Folder" button failed to execute err (evince)

Deferred to next release

  • LP: #344878 file name too long when creating new file (ecryptfs_lookup: lookup_one_len() returned [-36] on lower_dentry)

Milestoned Bugs/Issues from other Teams

  • LP: #848456 - Switch User Account does not require password entry

  • LP: #863305 - Image access control is available (nova)

  • DONE: LP: #772082 - certificate chain validation failure (gnutls26)

  • DONE: LP: #792075 - oneiric live-cd does not work with qemu-kvm

  • DONE: LP: #834079 - files written as root to user-controlled folders

  • DONE: LP: #835996 - lightdm.log should not be user readable

  • DONE: LP: #836521 - User can access mail client if "Add Event" is selected from Date/Time menu in Unity-Greeter

  • DONE: LP: #844274 - creating a guest session does not lock the users session

  • DONE: LP: #849027 - lightdm does not provide an equivalent to the gdm guest session AppArmor profile

  • DONE: LP: #745836 - encrypted swap corrupts application stack/heap [was: soffice.bin SIGSEGV cppu::throwException()]

Other Oneiric-targeted bugs

  • None


SecurityTeam/ReleaseStatus/Oneiric (last edited 2011-10-03 13:18:11 by jdstrand)