USN-6106-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-6106-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6106-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-6106-1

Published

2023-05-24T14:33:25Z

Modified

2026-02-10T04:43:08Z

Summary

calamares-settings-ubuntu vulnerability

Details

It was discovered that calamares-settings-ubuntu allowed creating the first user with a blank password, contrary to expectations.

References

Affected packages

Ubuntu:22.04:LTS / calamares-settings-ubuntu

Package

Name: calamares-settings-ubuntu
Purl: pkg:deb/ubuntu/calamares-settings-ubuntu@1:22.04.4.3?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:22.04.4.3

Affected versions

1:21.*

1:21.10.2

1:22.*

1:22.04.1

1:22.04.2

1:22.04.3

1:22.04.4

1:22.04.4.1

1:22.04.4.2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "1:22.04.4.3",
            "binary_name": "calamares-settings-lubuntu"
        },
        {
            "binary_version": "1:22.04.4.3",
            "binary_name": "calamares-settings-ubuntu-common"
        },
        {
            "binary_version": "1:22.04.4.3",
            "binary_name": "calamares-settings-ubuntustudio"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6106-1.json"

cves_map

{
    "cves": [],
    "ecosystem": "Ubuntu:22.04:LTS"
}