php5 (5.2.10.dfsg.1-2ubuntu6.10) karmic-security; urgency=low
* debian/patches/php5-pear-CVE-2011-1144-regression.patch: fix
mkdir parenthesis issue and PEAR::raiseErro typo (LP: #774452)
Date: Mon, 02 May 2011 09:21:27 -0700
Changed-By: Steve Beattie sbeat...@ubuntu.com
Maintainer: Ubuntu
php5 (5.2.10.dfsg.1-2ubuntu6.9) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary files removal via cronjob
- debian/php5-common.php5.cron.d: take greater care when removing
session files.
-
rsync (3.0.6-1ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via malformed data
- debian/patches/security-CVE-2011-1097.diff: introduce and use
FLAG_OWNED_BY_US in flist.c, generator.c, log.c, rsync.*.
-
pcsc-lite (1.5.3-1ubuntu1.2) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via long attribute value
- src/atrhandler.c: verify against maximum attribute size.
-
http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html
-
openslp-dfsg (1.2.1-7.5ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via circular reference
- common/slp_message.c: detect circular reference. Patch thanks to SUSE.
- CVE-2010-3609
Date: Tue, 05 Apr 2011 15:02:25 -0400
Changed-By: Marc Deslauriers
dhcp3 (3.1.2-1ubuntu7.3) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via crafted hostname
- Patch for CVE-2011-0997 was getting reverted during the build
because of special quilt handling in debian/rules for the ldap
patches.
-
ia32-libs (2.7ubuntu17.1) karmic-security; urgency=low
* SECURITY UPDATE: Refresh packages to pull in security fixes,
including:
- lcms: buffer overflow, CVE-2009-0793 (LP: #700198)
- openssl: multiple issues, including CVE-2009-3555, CVE-2009-3245,
and CVE-2010-2939
-
krb5 (1.7dfsg~beta3-1ubuntu0.13) karmic-security; urgency=low
* SECURITY UPDATE: kadmind denial of service from freeing of uninitialized
pointer.
- src/kadmin/server/{network,schpw}.c: fix, thanks to upstream.
- CVE-2011-0285
- MITKRB5-SA-2011-004
Date: Mon, 18 Apr 2011
policykit-1 (0.94-1ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: avoid /proc race conditions when checking privileges
for pkexec.
- 10_fix_proc_race.patch
- CVE-2011-1485
Date: Tue, 19 Apr 2011 13:06:21 -0700
Changed-By: Kees Cook k...@ubuntu.com
Maintainer: Ubuntu
postfix (2.6.5-3ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE: man-in-the-middle via plaintext command injection
- src/smtp/smtp_proto.c, src/smtpd/smtpd.c: discard the contents of the
stream buffer so there is no pending plaintext.
- Origin: backported from
kdenetwork (4:4.3.2-0ubuntu4.5) karmic-security; urgency=low
* SECURITY UPDATE: fix directory traversal in kget
- debian/patches/kubuntu_06_CVE-2010-1000b.diff: more input validation due
to incomplete fix for CVE-2010-1000
- CVE-2011-
- LP: #757526
Date: Fri, 15 Apr 2011
flashplugin-nonfree (10.2.159.1ubuntu0.9.10.1) karmic-security; urgency=low
* SECURITY UPDATE: New upstream release 10.2.159.1
- debian/config, debian/postinst: Updated sha256sums and path.
- CVE-2011-0611
Date: Sat, 16 Apr 2011 07:38:40 -0400
Changed-By: Marc Deslauriers
gimp (2.6.7-1ubuntu1.2) karmic-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
malformed plugin configuration files
- debian/patches/06_security_CVE-2010-454x.patch: fix format strings in
plug-ins/{common/sphere-designer,gfig/gfig-style,
kde4libs (4:4.3.2-0ubuntu7.3) karmic-security; urgency=low
* SECURITY UPDATE: fix XSS vulnerability in Konqueror's error pages
- debian/patches/security_03_CVE-2011-1168.diff: upstream patch
- CVE-2011-1168
- LP: #743669
* SECURITY UPDATE: fix certificate verification for
ffmpeg-extra (4:0.5+svn20090706-2ubuntu3.1) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via crafted flic file
- debian/patches/CVE-2010-3429.patch: add checks to
libavcodec/flicvideo.c.
- CVE-2010-3429
* SECURITY UPDATE: arbitrary code execution via
dhcp3 (3.1.2-1ubuntu7.2) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via crafted hostname
- debian/patches/CVE-2011-0997.dpatch: filter strings in
client/dhclient.c, common/options.c.
- CVE-2011-0997
Date: Mon, 11 Apr 2011 08:58:41 -0400
Changed-By:
x11-xserver-utils (7.4+2ubuntu3.1) karmic-security; urgency=low
* SECURITY UPDATE: root escalation via rogue hostname (LP: #752315)
- xrdb: Create shell-escape-safe cpp options in the non-pathetic-cpp
case.
-
tiff (3.8.2-13ubuntu0.6) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via crafted
THUNDER_2BITDELTAS data
- debian/patches/CVE-2011-1167.patch: validate bitspersample and
make sure npixels is sane in libtiff/tif_thunder.c.
- CVE-2011-1167
Date:
ffmpeg (4:0.5+svn20090706-2ubuntu2.3) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via crafted flic file
- debian/patches/CVE-2010-3429.patch: add checks to
libavcodec/flicvideo.c.
- CVE-2010-3429
* SECURITY UPDATE: arbitrary code execution via
openldap (2.4.18-0ubuntu1.2) karmic-security; urgency=low
* SECURITY UPDATE: fix successful anonymous bind via chain overlay when
using forwarded authentication failures
- debian/patches/CVE-2011-1024
- CVE-2011-1024
* SECURITY UPDATE: verify password when authenticating to rootdn
gdm (2.28.1-0ubuntu2.3) karmic-security; urgency=low
* SECURITY UPDATE: race condition allowing privilege escalation
- debian/patches/27_CVE-2011-0727.patch: fix
daemon/gdm-session-worker.c to copy files as session user rather
than root followed by a subsequent chown.
-
libvirt (0.7.0-1ubuntu13.3) karmic-security; urgency=low
* SECURITY UPDATE: debian/patches/9902-CVE-2011-1146.patch: Add missing
checks for read only connections.
- CVE-2011-1146
Date: Tue, 15 Mar 2011 16:23:44 -0500
Changed-By: Jamie Strandboge ja...@ubuntu.com
Maintainer: Ubuntu
tomcat6 (6.0.20-2ubuntu2.4) karmic-security; urgency=low
* SECURITY UPDATE: directory traversal via incorrect ServetContext
attribute (LP: #717396)
- debian/patches/0012-CVE-2010-3718.patch: mark as read only in
java/org/apache/catalina/core/StandardContext.java.
-
subversion (1.6.5dfsg-1ubuntu1.2) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via request containing lock token
- debian/patches/CVE-2011-0715.patch: correctly handle locks being
passed when authn isn't enabled in subversion/mod_dav_svn/repos.c,
quagga (0.99.13-1ubuntu0.2) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via malformed extended communities
- debian/patches/99_quagga-extcom.dpatch: ignore malformed extended
communities in bgpd/bgp_attr.c.
- CVE-2010-1674
* SECURITY UPDATE: denial of
vsftpd (2.2.0-1ubuntu2.1) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via crafted glob expressions
- debian/patches/11-CVE-2011-0762.patch: limit number of iterations in
access.c, defs.h, ls.*.
- CVE-2011-0762
Date: Fri, 25 Mar 2011 14:52:24 -0400
loggerhead (1.17-0ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: Cross-site scripting vulnerabilities by crafted branch
contents. (LP: #740142)
- debian/patches/bug-740142.diff: improve escaping of filenames.
- CVE-2011-0728
Date: Thu, 24 Mar 2011 14:01:44 +1100
flashplugin-nonfree (10.2.153.1ubuntu0.9.10.1) karmic-security; urgency=low
* SECURITY UPDATE: New upstream release 10.2.153.1
- debian/config, debian/postinst: Updated sha256sums and path.
- CVE-2011-0609
* debian/postinst: make wget use the proxy defined for apt and decrease
tiff (3.8.2-13ubuntu0.5) karmic-security; urgency=low
* debian/patches/CVE-2011-0192.patch: update for regression in
processing of certain CCITTFAX4 files (LP: #731540).
- http://bugzilla.maptools.org/show_bug.cgi?id=2297
Date: Mon, 14 Mar 2011 10:53:22 -0700
Changed-By: Kees Cook
dtc (0.29.17-1+lenny1build0.9.10.1) karmic-security; urgency=low
* fake sync from Debian
dtc (0.29.17-1+lenny1) lenny-security; urgency=low
* Fixes: CVE-2011-0434: SQL injection in bw_per_month.php graph
* Fixes: CVE-2011-0435: Bandwidth information disclosure in bw_per_month.php
tiff (3.8.2-13ubuntu0.4) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via invalid ReferenceBlackWhite
values
- debian/patches/CVE-2010-2595.patch: validate values in
libtiff/tif_color.c.
- CVE-2010-2595
* SECURITY UPDATE: denial of service via
avahi (0.6.25-1ubuntu5.3) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via NULL packet
- debian/patches/CVE-2011-1002.patch: still read corrupt packets from
sockets in avahi-core/socket.c.
- CVE-2011-1002
Date: Fri, 04 Mar 2011 14:13:34 -0500
Changed-By: Marc
pango1.0 (1.26.0-1ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via crafted font file
- debian/patches/20_CVE-2010-0421.patch: initialize memory and properly
calculate size in pango/opentype/hb-ot-layout.cc.
- CVE-2010-0421
* SECURITY UPDATE:
clamav (0.95.3+dfsg-1ubuntu0.09.10.4) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via double free in vba processing
- libclamav/vba_extract.c: set buf to NULL when it gets freed.
-
samba (2:3.4.0-3ubuntu5.8) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via missing range checks on file
descriptors
- debian/patches/security-CVE-2011-0719.patch: validate miscellaneous
file descriptors.
- CVE-2011-0719
Date: Wed, 23 Feb 2011 16:21:11
logwatch (7.3.6.cvs20090906-1ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: privileged code execution via badly named logfiles
- scripts/logwatch.pl: encapsulate logfiles in 's and ensure logfile
names don't contain '.
-
openjdk-6 (6b20-1.9.7-0ubuntu1~9.10.1) karmic-security; urgency=low
* IcedTea6 1.9.7 release.
- SECURITY UPDATE:
+ S4421494, CVE-2010-4476: infinite loop while parsing double literal.
+ S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption
+ S6907662,
sun-java6 (6.24-1build0.9.10.1) karmic-security; urgency=low
* Fake sync from Debian (LP: #716689)
* Removed debian/source dir reverting back to 1.0 packaging format as
3.0 (quilt) isn't available prior to Lucid
Date: Mon, 21 Feb 2011 15:42:33 -0500
Changed-By: Brian Thomason
mailman (1:2.1.12-2ubuntu0.2) karmic-security; urgency=low
* SECURITY UPDATE: Cross-Site Scripting vulnerability in confirm.py
- debian/patches/80_CVE-2011-0707.patch: properly clean strings in
Mailman/Cgi/confirm.py.
- CVE-2011-0707
* SECURITY UPDATE: Cross-Site Scripting
cgiirc (0.5.9-3squeeze1build0.9.10.1) karmic-security; urgency=low
* fake sync from Debian
cgiirc (0.5.9-3squeeze1) stable-security; urgency=high
* Non-maintainer upload by The Security Team.
* Fixed XSS flaw in handling clients who have Javascript disabled.
[CVE-2011-0050]
Date:
spamass-milter (0.3.1-8+lenny2build0.9.10.1) karmic-security; urgency=low
* fake sync from Debian
spamass-milter (0.3.1-8+lenny2) stable-security; urgency=low
* Fix zombies which were happening with previous patch to fix -x due to
lack of a proper call to waitpid(). (closes: #575019)
python-django (1.1.1-1ubuntu1.2) karmic-security; urgency=low
* SECURITY UPDATE: flaw in CSRF handling (LP: #719031)
- debian/patches/24_CVE-2011-0696.diff: apply full CSRF validation to all
requests, regardless of apparent AJAX origin. This is technically
telepathy-gabble (0.8.7-1ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: don't process google:jingleinfo updates from contacts
- debian/patches/security-ignore-google-jingleinfo-from-contacts.patch:
don't accept jingleinfo except from self or server
- CVE-2011-
shadow (1:4.1.4.1-1ubuntu2.2) karmic-security; urgency=low
* SECURITY UPDATE: could inject NIS groups memberships into /etc/passwd.
- debian/patches/900_locale_env_sanity: actually set locale environment
variables correctly.
- debian/patches/901_reject_newline: reject newlines in
qemu-kvm (0.11.0-0ubuntu6.4) karmic-security; urgency=low
* SECURITY UPDATE: Setting VNC password to empty string silently
disables all authentication (LP: #697197)
- debian/patches/697197-fix-vnc-password-semantics.patch: Reverses the
change introduced in Qemu by git commit
krb5 (1.7dfsg~beta3-1ubuntu0.9) karmic-security; urgency=low
* SECURITY UPDATE: kpropd denial of service via invalid network input
- src/slave/kpropd.c: don't return on kpropd child exit; applied
inline.
- CVE-2010-4022
- MITKRB5-SA-2011-001
* SECURITY UPDATE: kdc denial of
italc (1:1.0.9.1-0ubuntu16.1) karmic-security; urgency=low
* SECURITY UPDATE: private keys potentially reused from liveCD.
- debian/italc-client.postinst: re-generate the private and public
keys when they match one of the Edubuntu Live DVD ones (LP: #714864)
- CVE-2011-0724
Date:
flashplugin-nonfree (10.2.152.27ubuntu0.9.10.1) karmic-security; urgency=low
* SECURITY UPDATE: New upstream release 10.2.152.27
- debian/config, debian/postinst: Updated sha256sums and path.
- CVE-2011-0558
- CVE-2011-0559
- CVE-2011-0560
- CVE-2011-0561
- CVE-2011-0571
openoffice.org (1:3.1.1-5ubuntu1.3) karmic-security; urgency=low
* SECURITY UPDATE: multiple OpenOffice.org vulnerabilities.
- ooo-build/patches/dev300/SA40775.diff: buffer overflow fixes from
upstream, patch thanks to Rene Engelhard (CVE-2010-2935, CVE-2010-2936).
-
subversion (1.6.5dfsg-1ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: restriction bypass via named repo as a rule scope
- debian/patches/CVE-2010-3315.patch: use repo_basename in
subversion/mod_dav_svn/authz.c.
- CVE-2010-3315
* SECURITY UPDATE: denial of service via
openjdk-6b18 (6b18-1.8.5-0ubuntu1~9.10.1) karmic-security; urgency=low
* IcedTea6 1.8.5 release.
- CVE-2011-0025: IcedTea jarfile signature verification bypass.
Date: Thu, 27 Jan 2011 11:00:24 -0800
Changed-By: Steve Beattie sbeat...@ubuntu.com
Maintainer: OpenJDK Team
openjdk-6 (6b20-1.9.5-0ubuntu1~9.10.1) karmic-security; urgency=low
* IcedTea6 1.9.5 release.
- CVE-2011-0025: IcedTea jarfile signature verification bypass.
Date: Thu, 27 Jan 2011 11:56:02 -0800
Changed-By: Steve Beattie sbeat...@ubuntu.com
Maintainer: OpenJDK Team
openjdk-6b18 (6b18-1.8.4-0ubuntu1~9.10.1) karmic-security; urgency=low
* IcedTea6 1.8.4 release.
- Fix CVE-2010-4351: IcedTea JNLP SecurityManager bypass.
Date: Fri, 07 Jan 2011 11:40:12 +0100
Changed-By: Matthias Klose d...@ubuntu.com
Maintainer: OpenJDK Team open...@lists.launchpad.net
openjdk-6 (6b20-1.9.4-0ubuntu1~9.10.1) karmic-security; urgency=low
* IcedTea6 1.9.4 release.
- CVE-2010-4351: IcedTea JNLP SecurityManager bypass.
Date: Thu, 06 Jan 2011 23:39:28 +0100
Changed-By: Matthias Klose d...@ubuntu.com
Maintainer: OpenJDK Team open...@lists.launchpad.net
hplip (3.9.8-1ubuntu2.1) karmic-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via long SNMP response
- debian/patches/CVE-2010-4267.dpatch: validate dLen in io/hpmud/pml.c.
- CVE-2010-4267
Date: Mon, 24 Jan 2011 11:26:42 -0500
tomcat6 (6.0.20-2ubuntu2.3) karmic-security; urgency=low
* SECURITY UPDATE: cross-site scripting in Manager application
- debian/patches/0011-CVE-2010-4172.patch: add proper escaping to
java/org/apache/catalina/manager/JspHelper.java,
awstats (6.9~dfsg-1ubuntu3.9.10.1) karmic-security; urgency=low
* SECURITY UPDATE: directory traversal via crafted LoadPlugin directory
- debian/patches/3000_CVE-2010-4369.patch: properly sanitize plugin
name in wwwroot/cgi-bin/awstats.pl.
- CVE-2010-4369
Date: Tue, 11 Jan 2011
mumble (1.1.8-3ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE: /etc/mumble-server.ini is world readable. (LP: #704674)
- debian/mumble-server.postinst: Set permissions of mumble-server.ini to
0640 and the owner to root:mumble-server.
Date: Thu, 20 Jan 2011 13:02:46 +0100
xpdf (3.02-1.4ubuntu2.9.10.2) karmic-security; urgency=low
* SECURITY UPDATE: Gfx::getPos function allows context-dependent attackers to
cause a denial of service (crash) via unknown vectors that trigger an
uninitialized pointer dereference.
- cve-2010-3702.dpatch: Patch provided by
sudo (1.7.0-1ubuntu2.6) karmic-security; urgency=low
* SECURITY UPDATE: privilege escalation via -g when using group Runas_List
- pwutil.c, sudo.h: add user_in_group(), backported from upstream commits
48ca8c2eddf8, 72df368a8a0e and 6ebc55d4716b. This is intended to be used
only
dbus (1.2.16-0ubuntu9.1) karmic-security; urgency=low
* SECURITY UPDATE: fix DoS with too deeply nested messages
- debian/patches/99-CVE-2010-4352.patch: Limit nesting to 64 for dynamic
message variants. Backported from upstream.
- CVE-2010-4352
- LP: #688992
*
php5 (5.2.10.dfsg.1-2ubuntu6.7) karmic-security; urgency=low
* debian/patches/php5-CVE-2010-3436-regression.patch: update
main/fopen_wrappers.c to include fix for open_basedir restriction
regression (LP: #701896)
Date: Wed, 12 Jan 2011 07:51:41 -0800
Changed-By: Steve Beattie
eglibc (2.10.1-0ubuntu19) karmic-security; urgency=low
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/any/dst-expansion-fix.diff: refresh with new
proposed solution, avoiding iconv issues.
- any/cvs-check-setuid-on-audit.diff: upstream fix
lcms (1.18.dfsg-1ubuntu1.1) karmic-security; urgency=low
* debian/patches/CVE-2009-0793.dpatch: SECURITY UPDATE: (LP: #700198)
- Fix DoS via a crafted image that triggers execution of incorrect
code for transformations of monochrome profiles.
- CVE-2009-0073
Date: Sat, 08 Jan
libapache2-mod-fcgid (1:2.2-1ubuntu0.9.10.1) karmic-security; urgency=low
* SECURITY UPDATE: possible stack buffer overwrite (LP: #698060)
- fcgid_bucket.c: patch from upstream
- CVE-2010-3872
Date: Thu, 06 Jan 2011 12:57:47 +0100
Changed-By: Felix Geyer debfx-...@fobos.de
Maintainer:
dpkg (1.15.4ubuntu2.3) karmic-security; urgency=low
* SECURITY UPDATE: relative directory and symlink following in source pkgs.
- scripts/Dpkg/Source/Archive.pm, scripts/Dpkg/Source/Patch.pm,
scripts/Dpkg/Source/Package/V2.pm: applied fixes from Raphael Hertzog,
thanks to
apparmor (2.3.1+1403-0ubuntu27.4) karmic-security; urgency=low
* Fix for apparmor_parser not generating correct policy when mixing exec
transitions with and without unconfined fallback transitions.
- parser/immunix.h, parser/libapparmor_re/regexp.y: adjust dfa match flag
table
python-django (1.1.1-1ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: information leak in admin interface
- debian/patches/21_security_admin_infoleak.diff: validate querystring
lookup arguments either specify only fields on the model being viewed,
or cross relations
evince (2.28.1-0ubuntu1.3) karmic-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via multiple dvi backend
overflows
- debian/patches/91_CVE-2010-264x.patch: add bounds checking in
backend/dvi/mdvi-lib/{afmparse,dviread,pk,tfmfile,vf}.c.
- CVE-2010-2640
-
git-core (1:1.6.3.3-2ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE: gitweb cross-site scripting vulnerability
- debian/diff/0034-gitweb-Introduce-esc_attr...diff:
from upstream: gitweb: do not parrot filenames or other arguments
given in a request without proper
camlimages (1:3.0.1-3ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE: Add a patch to fix integer overflows in tiffread.c
- Patch taken from Debian
- CVE-2009-3296
Date: Thu, 16 Dec 2010 17:00:40 -0600
Changed-By: Jamie Strandboge ja...@ubuntu.com
Maintainer: Ubuntu MOTU
advi (1.6.0-14ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE: Rebuild and tighten build-depends against camlimages to
get fixes for integer overflows. Based on Debian update.
- CVE-2009-2295
- CVE-2009-3296
Date: Thu, 16 Dec 2010 17:06:53 -0600
Changed-By: Jamie
krb5 (1.7dfsg~beta3-1ubuntu0.7) karmic-security; urgency=low
* SECURITY UPDATE: message forgery and privilege escalation via
unacceptable checksums
- src/lib/crypto/krb/dk/derive.c, src/lib/crypto/krb/keyed_checksum_types.c,
src/lib/gssapi/krb5/util_crypt.c,
quagga (0.99.13-1ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via malformed Outbound Route Filtering (ORF) record
- debian/patches/91_CVE-2010-2948.dpatch: improve bounds checking in
bgpd/bgp_packet.c.
-
openssl (0.9.8g-16ubuntu3.5) karmic-security; urgency=low
* SECURITY UPDATE: ciphersuite downgrade vulnerability
- ssl/s3_clnt.c, ssl/s3_srvr.c: disable workaround for Netscape
cipher suite bug
- http://openssl.org/news/secadv_20101202.txt
- CVE-2010-4180
Date: Fri, 03 Dec
bind9 (1:9.6.1.dfsg.P1-3ubuntu0.4) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via ncache entry and a rrsig for the
same type
- lib/dns/rbtdb.c: properly mark existing RRSIG records as stale.
- bin/tests/system/resolver/*: added tests.
- CVE-2010-3613
*
openjdk-6 (6b18-1.8.3-0ubuntu1~9.10.1) karmic-security; urgency=low
* Rebuilt for karmic
Date: Mon, 22 Nov 2010 14:46:28 -0500
Changed-By: Marc Deslauriers marc.deslauri...@ubuntu.com
Maintainer: OpenJDK Team open...@lists.launchpad.net
linux-ec2 (2.6.31-307.22) karmic-security; urgency=low
[ Upstream Kernel Changes ]
* Rebased to 2.6.31-22.69
[ Ubuntu: 2.6.31-22.69 ]
* SAUCE: AF_ECONET prevent kernel stack overflow
- CVE-2010-3848
* SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges
-
linux (2.6.31-22.69) karmic-security; urgency=low
[ Leann Ogasawara ]
* SAUCE: AF_ECONET prevent kernel stack overflow
- CVE-2010-3848
* SAUCE: AF_ECONET SIOCSIFADDR ioctl does not check privileges
- CVE-2010-3850
* SAUCE: AF_ECONET saddr-cookie prevent NULL pointer dereference
php-htmlpurifier (3.3.0-1ubuntu0.1) karmic-security; urgency=low
* SECURITY UPDATE (LP: #582576).
* A vulnerability has been reported in HTML Purifier, which can be
exploited by malicious people to conduct cross-site scripting
attacks.
* CVE-2010-2479
Date: Wed, 24 Nov 2010
apr-util (1.3.9+dfsg-1ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via memory leak in
apr_brigade_split_line function.
- debian/patches/016_CVE-2010-1623.dpatch: properly destroy bucket in
buckets/apr_brigade.c.
- CVE-2010-1623
Date: Thu, 18
apache2 (2.2.12-1ubuntu2.4) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via request that lacks a path in
mod_dav.
- debian/patches/906_CVE-2010-1452.dpatch: fix path handling in
modules/dav/main/util.c.
- CVE-2010-1452
Date: Thu, 18 Nov 2010 14:02:43
flashplugin-nonfree (10.1.102.65ubuntu0.9.10.1) karmic-security; urgency=low
* REGRESSION FIX: New upstream release 10.1.102.65 that fixes a
regression with a previous security update.
- debian/config, debian/postinst: Updated sha256sums and path
Date: Thu, 18 Nov 2010 08:34:43 -0500
mysql-dfsg-5.1 (5.1.37-1ubuntu5.5) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via UPGRADE DATA DIRECTORY NAME
command
- debian/patches/60_CVE-2010-2008.dpatch: correctly filter prefixes
and paths in sql/table.cc, sql/sql_table.cc, sql/mysql_priv.h.
Add
libxml2 (2.7.5.dfsg-1ubuntu1.2) karmic-security; urgency=low
* SECURITY UPDATE: fix invalid memory read by fixing the semantic of XPath
axis for namespace/attribute context nodes
-
http://git.gnome.org/browse/libxml2/patch/?id=91d19754d46acd4a639a8b9e31f50f31c78f8c9c
-
pidgin (1:2.6.2-1ubuntu7.3) karmic-security; urgency=low
* SECURITY UPDATE: denial of service via custom emoticon
- debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
libpurple/protocols/msn/slp.c.
- CVE-2010-1624
* SECURITY UPDATE: denial of service via base64
freetype (2.3.9-5ubuntu0.4) karmic-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via libXft overflow.
- debian/patches/CVE-2010-3311.patch: correctly validate position in
src/base/ftstream.c.
- CVE-2010-3311
* SECURITY
cups (1.4.1-5ubuntu2.7) karmic-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
invalid free
- debian/patches/CVE-2010-2941.dpatch: skip over and reserve unused
tags in cups/ipp.{c,h}.
- CVE-2010-2941
Date: Tue, 02 Nov 2010 11:10:37
flashplugin-nonfree (10.1.102.64ubuntu0.9.10.1) karmic-security; urgency=low
* SECURITY UPDATE: New upstream release 10.1.102.64 (LP: #667887)
- debian/config, debian/postinst: Updated sha256sums and path
- CVE-2010-3654
Date: Thu, 04 Nov 2010 14:52:46 -0400
Changed-By: Marc
eglibc (2.10.1-0ubuntu18) karmic-security; urgency=low
* SECURITY UPDATE: root escalation via LD_AUDIT DST expansion.
- debian/patches/any/dst-expansion-fix.diff: upstream fixes.
- CVE-2010-3847
- debian/patches/any/disable-ld_audit.diff: turn off LD_AUDIT
for setuid binaries.
libvirt (0.7.0-1ubuntu13.2) karmic-security; urgency=low
* SECURITY UPDATE: force qemu-img backing stores creation to have a defined
disk format.
- debian/patches/CVE-2010-2239: explicitly set the user defined backing
store format when creating a new image
- CVE-2010-2239
*
poppler (0.12.0-0ubuntu2.3) karmic-security; urgency=low
* SECURITY UPDATE: possible arbitrary code execution via malformed PDF
- debian/patches/13_security_CVE-2010-3702.patch: properly initialize
parser in poppler/Gfx.cc.
- CVE-2010-3702
* SECURITY UPDATE: possible arbitrary
linux-ec2 (2.6.31-307.21) karmic-security; urgency=low
[ John Johansen ]
* Rebased to 2.6.31-22.67
[ Ubuntu: 2.6.31-22.67 ]
* Local privilege escalation vulnerability in RDS sockets
- CVE-2010-3904
* v4l: disable dangerous buggy compat function
- CVE-2010-2963
* mm: Do not
linux (2.6.31-22.67) karmic-security; urgency=low
[ Upstream Kernel Changes ]
* Local privilege escalation vulnerability in RDS sockets
- CVE-2010-3904
* v4l: disable dangerous buggy compat function
- CVE-2010-2963
* mm: Do not assume ENOMEM when looking at a split stack vma
postgresql-8.4 (8.4.5-0ubuntu9.10) karmic-security; urgency=low
* New upstream security/bug fix update: (LP: #655293)
- Use a separate interpreter for each calling SQL userid in PL/Perl
and PL/Tcl.
This change prevents security problems that can be caused by
subverting
openssl (0.9.8g-16ubuntu3.3) karmic-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
unchecked bn_wexpand return values. (LP: #655884)
- crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c,
engines/e_ubsec.c: check return values.
lvm2 (2.02.39-0ubuntu11.1) karmic-security; urgency=low
* SECURITY UPDATE: unprivileged logical volume manipulation with clvmd
- debian/patches/CVE-2010-2526.patch: revert to using a pathname-based
socket in order to enforce correct permissions.
- CVE-2010-2526
Date: Thu, 23 Sep
mistelix (0.30-0ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: insecure LD_LIBRARY_PATH redefinition (LP: #651054)
- Add debian/patches/insecure-library-loading.patch
- Patch based on work by Siegfried-Angel Gevatter Pujals
- CVE-2010-3365
Date: Mon, 04 Oct 2010
xpdf (3.02-1.4ubuntu2.9.10.1) karmic-security; urgency=low
[ Nicolas Valcárcel Scerpella ]
* SECURITY UPDATE: Integer overflow in SplashBitmap::SplashBitmap which might
allow remote
attackers to execute arbitrary code or an application crash via a crafted
PDF document.
-
smbind (0.4.7-3+lenny1build0.9.10.1) karmic-security; urgency=low
* fake sync from Debian
smbind (0.4.7-3+lenny1) stable-security; urgency=high
* Fix sql injection in src/include.php
Date: Fri, 01 Oct 2010 17:42:47 -0700
Changed-By: Kees Cook k...@ubuntu.com
Maintainer: Giuseppe Iuculano
1 - 100 of 1897 matches
Mail list logo