Ubuntu
subiquity package

  1. Bug #1878115
  2. Activity log

Activity log for bug #1878115

Date Who What changed Old value New value Message
2020-05-12 00:09:46 Seth Arnold bug added bug
2020-05-12 00:10:12 Seth Arnold bug task added subiquity (Ubuntu)
2020-05-12 00:12:07 Seth Arnold bug added subscriber Michael Hudson-Doyle
2020-05-12 00:20:44 Seth Arnold information type Private Security Public Security
2020-05-12 00:29:11 Launchpad Janitor curtin (Ubuntu): status New Confirmed
2020-05-12 00:29:11 Launchpad Janitor subiquity (Ubuntu): status New Confirmed
2020-05-12 00:54:11 Michael Hudson-Doyle subiquity (Ubuntu): status Confirmed Triaged
2020-05-12 00:54:15 Michael Hudson-Doyle subiquity (Ubuntu): importance Undecided Critical
2020-05-12 08:11:32 Michael Hudson-Doyle bug added subscriber Dimitri John Ledkov
2020-05-12 08:12:08 Michael Hudson-Doyle bug added subscriber Ryan Harper
2020-05-12 09:01:51 Tom Reynolds bug added subscriber Tom Reynolds
2020-05-12 11:53:17 Alex Murray cve linked 2020-11932
2020-05-12 11:55:47 Dimitri John Ledkov curtin (Ubuntu): status Confirmed Invalid
2020-05-12 11:59:45 Dimitri John Ledkov description The server installer, perhaps other installers, will log LUKS passwords used on the system via: - installer/subiquity-curtin-install.conf - {volume: disk-sda, key: ... - curtin/install.log get_path_to_storage_volume for volume dm_crypt-0({'volume': 'disk-sda', 'key': ... get_path_to_storage_volume for volume dm_crypt-0({'volume': 'disk-sda', 'key': ... - syslog May 11 22:27:25 ubuntu-server curtin_log.2310[2592]: merged config: {'sources': {'ubuntu00': 'cp:///media/filesystem'}, 'stages': ['early', 'partitioning', 'extract', 'curthooks', 'hook', 'late'], 'extract_commands': {'builtin': ['curtin', 'extract']}, 'hook_commands': {'builtin': ['curtin', 'hook']}, 'partitioning_commands': {'builtin': ['curtin', 'block-meta', 'simple']}, 'curthooks_commands': {'builtin': ['curtin', 'curthooks'], '000-configure-run': ['/snap/bin/subiquity.subiquity-configure-run'], '001-configure-apt': ['/snap/bin/subiquity.subiquity-configure-apt', '/snap/subiquity/1866/usr/bin/python3', 'true']}, 'late_commands': {'builtin': []}, 'network_commands': {'builtin': ['curtin', 'net-meta', 'auto']}, 'apply_net_commands': {'builtin': []}, 'install': {'log_file': '/var/log/curtin/install.log', 'error_tarfile': '/var/log/curtin/curtin-error-logs.tar', 'save_install_config': '/var/log/installer/curtin-install-cfg.yaml', 'save_install_log': '/var/log/installer/curtin-install.log', 'target': '/target', 'unmount': 'disabled'}, 'apt': {'preserve_sources_list': False, 'primary': [{'arches': ['amd64', 'i386'], 'uri': 'http://se.archive.ubuntu.com/ubuntu'}, {'arches': ['default'], 'uri': 'http://ports.ubuntu.com/ubuntu-ports'}]}, 'debconf_selections': {'subiquity': ''}, 'grub': {'probe_additional_os': True, 'terminal': 'unmodified'}, 'kernel': {'package': 'linux-generic'}, 'pollinate': {'user_agent': {'subiquity': '20.05.1_1866'}}, 'reporting': {'subiquity': {'identifier': 'curtin_event.2310', 'type': 'journald'}}, 'storage': {'config': [{'ptable': 'gpt', 'serial': 'XXX', 'wwn': 'XXX', 'path': '/dev/nvme0n1', 'wipe': 'superblock', 'preserve': False, 'name': '', 'grub_device': False, 'type': 'disk', 'id': 'disk-nvme0n1'}, {'serial': 'XXX', 'wwn': 'XXX', 'path': '/dev/sda', 'wipe': 'superblock', 'preserve': False, 'name': '', 'grub_device': False, 'type': 'disk', 'id': 'disk-sda'}, {'device': 'disk-nvme0n1', 'size': 536870912, 'wipe': 'superblock', 'flag': 'boot', 'number': 1, 'preserve': False, 'grub_device': True, 'type': 'partition', 'id': 'partition-0'}, {'fstype': 'fat32', 'volume': 'partition-0', 'preserve': False, 'type': 'format', 'id': 'format-0'}, {'device': 'disk-nvme0n1', 'size': 127496355840, 'wipe': 'superblock', 'flag': '', 'number': 2, 'preserve': False, 'type': 'partition', 'id': 'partition-1'}, {'fstype': 'btrfs', 'volume': 'partition-1', 'preserve': False, 'type': 'format', 'id': 'format-1'}, {'device': 'format-1', 'path': '/', 'type': 'mount', 'id': 'mount-1'}, {'volume': 'disk-sda', 'key': ... We shouldn't be logging this passphrase to disk, even inside the encrypted portion, because it's too easy for the password to leak, as it has here. Thanks Fix published in latest amd64 stable 20.05.2 1874 - arm64 stable 20.05.2 1875 - ppc64el stable 20.05.2 1876 - s390x stable 20.05.2 1873 - Images respin pending -- The server installer, perhaps other installers, will log LUKS passwords used on the system via: - installer/subiquity-curtin-install.conf  - {volume: disk-sda, key: ... - curtin/install.log get_path_to_storage_volume for volume dm_crypt-0({'volume': 'disk-sda', 'key': ...         get_path_to_storage_volume for volume dm_crypt-0({'volume': 'disk-sda', 'key': ... - syslog May 11 22:27:25 ubuntu-server curtin_log.2310[2592]: merged config: {'sources': {'ubuntu00': 'cp:///media/filesystem'}, 'stages': ['early', 'partitioning', 'extract', 'curthooks', 'hook', 'late'], 'extract_commands': {'builtin': ['curtin', 'extract']}, 'hook_commands': {'builtin': ['curtin', 'hook']}, 'partitioning_commands': {'builtin': ['curtin', 'block-meta', 'simple']}, 'curthooks_commands': {'builtin': ['curtin', 'curthooks'], '000-configure-run': ['/snap/bin/subiquity.subiquity-configure-run'], '001-configure-apt': ['/snap/bin/subiquity.subiquity-configure-apt', '/snap/subiquity/1866/usr/bin/python3', 'true']}, 'late_commands': {'builtin': []}, 'network_commands': {'builtin': ['curtin', 'net-meta', 'auto']}, 'apply_net_commands': {'builtin': []}, 'install': {'log_file': '/var/log/curtin/install.log', 'error_tarfile': '/var/log/curtin/curtin-error-logs.tar', 'save_install_config': '/var/log/installer/curtin-install-cfg.yaml', 'save_install_log': '/var/log/installer/curtin-install.log', 'target': '/target', 'unmount': 'disabled'}, 'apt': {'preserve_sources_list': False, 'primary': [{'arches': ['amd64', 'i386'], 'uri': 'http://se.archive.ubuntu.com/ubuntu'}, {'arches': ['default'], 'uri': 'http://ports.ubuntu.com/ubuntu-ports'}]}, 'debconf_selections': {'subiquity': ''}, 'grub': {'probe_additional_os': True, 'terminal': 'unmodified'}, 'kernel': {'package': 'linux-generic'}, 'pollinate': {'user_agent': {'subiquity': '20.05.1_1866'}}, 'reporting': {'subiquity': {'identifier': 'curtin_event.2310', 'type': 'journald'}}, 'storage': {'config': [{'ptable': 'gpt', 'serial': 'XXX', 'wwn': 'XXX', 'path': '/dev/nvme0n1', 'wipe': 'superblock', 'preserve': False, 'name': '', 'grub_device': False, 'type': 'disk', 'id': 'disk-nvme0n1'}, {'serial': 'XXX', 'wwn': 'XXX', 'path': '/dev/sda', 'wipe': 'superblock', 'preserve': False, 'name': '', 'grub_device': False, 'type': 'disk', 'id': 'disk-sda'}, {'device': 'disk-nvme0n1', 'size': 536870912, 'wipe': 'superblock', 'flag': 'boot', 'number': 1, 'preserve': False, 'grub_device': True, 'type': 'partition', 'id': 'partition-0'}, {'fstype': 'fat32', 'volume': 'partition-0', 'preserve': False, 'type': 'format', 'id': 'format-0'}, {'device': 'disk-nvme0n1', 'size': 127496355840, 'wipe': 'superblock', 'flag': '', 'number': 2, 'preserve': False, 'type': 'partition', 'id': 'partition-1'}, {'fstype': 'btrfs', 'volume': 'partition-1', 'preserve': False, 'type': 'format', 'id': 'format-1'}, {'device': 'format-1', 'path': '/', 'type': 'mount', 'id': 'mount-1'}, {'volume': 'disk-sda', 'key': ... We shouldn't be logging this passphrase to disk, even inside the encrypted portion, because it's too easy for the password to leak, as it has here. Thanks
2020-05-12 11:59:49 Dimitri John Ledkov subiquity (Ubuntu): status Triaged Fix Committed
2020-05-12 13:44:55 Dimitri John Ledkov subiquity (Ubuntu): status Fix Committed Fix Released
2020-05-13 09:36:43 Markus Ueberall bug added subscriber Markus Ueberall
2020-05-13 14:05:25 Jonas Jelten bug added subscriber Jonas Jelten
2020-05-14 22:09:47 Bjoern Voigt bug added subscriber Bjoern Voigt
2020-05-15 10:15:27 Andeas Hauser bug added subscriber Andeas Hauser
2020-06-03 15:46:40 ABCMoNa bug added subscriber ABCMoNa