[ubuntu/xenial-security] containerd 1.2.6-0ubuntu1~16.04.6+esm1 (Accepted)
containerd (1.2.6-0ubuntu1~16.04.6+esm1) xenial-security; urgency=medium * SECURITY UPDATE: Insecure handling of image volumes - debian/patches/CVE-2022-23648.patch: Use fs.RootPath when mounting volumes. - debian/patches/update_cri_to_release_1_4.patch: Update CRI to 1.4. - CVE-2022-23648 containerd (1.2.6-0ubuntu1~16.04.6) xenial; urgency=medium * d/control: add a Breaks for docker.io lower than 18.09.7-0ubuntu1~16.04.7 (LP: #1870514). The previous versions stop the docker daemon when a containerd update is performed, this Breaks statement will make sure we have a newer version which has the appropriate fix. containerd (1.2.6-0ubuntu1~16.04.5) xenial-security; urgency=medium * SECURITY UPDATE: Elevation of privilege vulnerability - debian/patches/Add-runc.v2-multi-shim_partial2.patch: Add runc.v2 multi-shim (partially). - debian/patches/horten-the-unix-socket-path-for-shim.patch: horten the unix socket path for shim. - debian/patches/Include-extension-for-shim-binary-format-on-Windows.patch: Include extension for shim binary format. - debian/patches/CVE-2020-15257.patch: Use path based unix socket for shims and use path-based unix socket for containerd-shim. - CVE-2020-15257 Date: 2022-02-25 20:45:10.576240+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/containerd/1.2.6-0ubuntu1~16.04.6+esm1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libjackson-json-java 1.9.2-7ubuntu0.2 (Accepted)
libjackson-json-java (1.9.2-7ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: Improper input sanitization - debian/patches/CVE-2017-15095.patch: Fix deserialization. - debian/patches/CVE-2017-7525.patch: Backport all known security fixes from 2.x that were missing, related to public CVEs. - debian/patches/CVE-2019-10172_1.patch: Set Secure Processing flag on DocumentBuilderFactory. - d/p/CVE-2019-10172_2.patch: setExpandEntityReferences(false). - CVE-2017-7525 - CVE-2017-15095 - CVE-2019-10172 Date: 2021-02-18 16:36:09.453586+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/libjackson-json-java/1.9.2-7ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] junit4 4.12-4ubuntu1.1 (Accepted)
junit4 (4.12-4ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: Exposure of Sensitive Information - debian/patches/CVE-2020-15250.patch: fix local information disclosure vulnerability. - CVE-2020-15250 Date: 2021-02-10 15:53:09.265986+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/junit4/4.12-4ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] minidlna 1.1.5+dfsg-2ubuntu0.1 (Accepted)
minidlna (1.1.5+dfsg-2ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Insufficient input sanitization vulnerability - debian/patches/CVE-2020-12695.patch: upnphttp: Validate SUBSCRIBE callback URL. - debian/patches/CVE-2020-28926.patch: upnphttp: Disallow negative HTTP chunk lengths. - CVE-2020-12695 - CVE-2020-28926 * Other fixes: - debian/patches/15-use-newer-ip_multicast_if-api.patch: Use newer API for IP_MULTICAST_IF which allows one to specify interface by index, not by address. Date: 2021-02-02 20:06:09.223295+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/minidlna/1.1.5+dfsg-2ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ampache 3.6-rzb2779+dfsg-0ubuntu9.2 (Accepted)
ampache (3.6-rzb2779+dfsg-0ubuntu9.2) xenial-security; urgency=medium * SECURITY UPDATE: SQL Injection and XSS vulnerabilities - debian/patches/04_CVE-2019-12385_CVE-2019-12386.patch: Fix search engine and the LocalPlay "add instance" functionality. - CVE-2019-12385 - CVE-2019-12386 Date: 2021-01-14 16:03:09.733740+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/ampache/3.6-rzb2779+dfsg-0ubuntu9.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] coturn 4.5.0.3-1ubuntu0.4 (Accepted)
coturn (4.5.0.3-1ubuntu0.4) xenial-security; urgency=medium * SECURITY UPDATE: Unsafe loopback interface - debian/patches/CVE-2020-26262.patch: Add check if address is in 0.0.0.0/8 or ::/128. - CVE-2020-26262 Date: 2021-01-08 14:34:09.193206+00:00 Signed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/coturn/4.5.0.3-1ubuntu0.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] squirrelmail 2:1.4.23~svn20120406-2+deb8u3ubuntu0.16.04.2 (Accepted)
squirrelmail (2:1.4.23~svn20120406-2+deb8u3ubuntu0.16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: Cross-site scripting (XSS) vulnerability - debian/patches/CVE-2019-12970.patch: Fix XSS due to improper handling of RCDATA and RAWTEXT elements. - CVE-2019-12970 Date: 2020-12-09 20:46:15.601959+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/squirrelmail/2:1.4.23~svn20120406-2+deb8u3ubuntu0.16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] containerd 1.2.6-0ubuntu1~16.04.5 (Accepted)
containerd (1.2.6-0ubuntu1~16.04.5) xenial-security; urgency=medium * SECURITY UPDATE: Elevation of privilege vulnerability - debian/patches/Add-runc.v2-multi-shim_partial2.patch: Add runc.v2 multi-shim (partially). - debian/patches/horten-the-unix-socket-path-for-shim.patch: horten the unix socket path for shim. - debian/patches/Include-extension-for-shim-binary-format-on-Windows.patch: Include extension for shim binary format. - debian/patches/CVE-2020-15257.patch: Use path based unix socket for shims and use path-based unix socket for containerd-shim. - CVE-2020-15257 Date: 2020-11-26 19:35:19.113428+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/containerd/1.2.6-0ubuntu1~16.04.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] slirp 1:1.0.17-8ubuntu16.04.1 (Accepted)
slirp (1:1.0.17-8ubuntu16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Heap-based buffer overflows - debian/patches/014_CVE-2020-7039.patch: tcp_emu: Fix oob access - debian/patches/CVE-2020-8608.patch: tcp_emu: fix unsafe snprintf() usages and util: add slirp_fmt() helpers - CVE-2020-7039 - CVE-2020-8608 Date: 2020-11-12 17:28:15.065248+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/slirp/1:1.0.17-8ubuntu16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] netqmail 1.06-6.2~deb10u1build0.16.04.1 (Accepted)
netqmail (1.06-6.2~deb10u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-11-05 13:36:14.373121+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/netqmail/1.06-6.2~deb10u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libytnef 1.5-9ubuntu0.1 (Accepted)
libytnef (1.5-9ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Invalid memory access vulnerabilities - debian/patches/0001-Fixes-for-CVE-2017-6298-to-6306.patch: Fixes for CVE-2017-6298 to 6306. - d/p/0002-Fixes-for-CVE-2017-6800-CVE-2017-6801-and-CVE-2017-6.patch: Fixes for CVE-2017-6800; CVE-2017-6801 and CVE-2017-6802. - CVE-2017-6298 - CVE-2017-6299 - CVE-2017-6300 - CVE-2017-6301 - CVE-2017-6302 - CVE-2017-6303 - CVE-2017-6304 - CVE-2017-6305 - CVE-2017-6306 - CVE-2017-6800 - CVE-2017-6801 - CVE-2017-6802 Date: 2020-10-29 23:35:14.131812+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/libytnef/1.5-9ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] netty-3.9 3.9.0.Final-1ubuntu0.1 (Accepted)
netty-3.9 (3.9.0.Final-1ubuntu0.1) xenial-security; urgency=medium * Update debian/rules to fix FTBFS * SECURITY UPDATE: HTTP request smuggling - debian/patches/0004-CVE-2019-16869.patch: Correctly handle whitespaces in HTTP header names as defined by RFC7230#section-3.2.4. - debian/patches/0005-CVE-2019-20444.patch: Detect missing colon when parsing http headers with no value. - debian/patches/0006-CVE-2019-20445-1.patch: Verify we do not receive multiple content-length headers or a content-length and transfer-encoding: chunked header when using HTTP/1.1. - debian/patches/0007-CVE-2019-20445-2.patch: Remove "Content-Length" when decoding HTTP/1.1 message with both "Transfer-Encoding: chunked" and "Content-Length". - CVE-2019-16869 - CVE-2019-20444 - CVE-2019-20445 - CVE-2020-7238 Date: 2020-10-21 19:41:21.086524+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/netty-3.9/3.9.0.Final-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] flightgear 3.4.0-3ubuntu1.1 (Accepted)
flightgear (3.4.0-3ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: Improper Access Control - debian/patches/route-manager-secu-fix-280cd5.patch: don't allow the route manager to overwrite arbitrary files. - CVE-2016-9956 Date: 2020-10-15 12:44:13.583970+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/flightgear/3.4.0-3ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] docker.io 18.09.7-0ubuntu1~16.04.6 (Accepted)
docker.io (18.09.7-0ubuntu1~16.04.6) xenial-security; urgency=medium * SECURITY UPDATE: Sensitive information disclosure - debian/patches/CVE-2020-15157.patch: Improve fetch function. - CVE-2020-15157 Date: 2020-10-14 19:22:12.993172+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~16.04.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] containerd 1.2.6-0ubuntu1~16.04.4 (Accepted)
containerd (1.2.6-0ubuntu1~16.04.4) xenial-security; urgency=medium * SECURITY UPDATE: Sensitive information disclosure - debian/patches/CVE-2020-15157.patch: Improve fetch function and add tests for it. - CVE-2020-15157 Date: 2020-10-14 19:25:18.103270+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/containerd/1.2.6-0ubuntu1~16.04.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] htmlunit 2.8-1ubuntu2.1 (Accepted)
htmlunit (2.8-1ubuntu2.1) xenial-security; urgency=medium * Fix FTBFS because of mime4j. * Ignore the dependency on maven-assembly-plugin and maven-antrun-plugin. * SECURITY UPDATE: Arbitrary code execution. - d/p/0001-disable-java-access-to-avoid-execution-of-arbitrary-.patch: disable java access to avoid execution of arbitrary (java) code. - CVE-2020-5529 Date: 2020-10-09 20:13:14.303347+00:00 Changed-By: Eduardo Barretto Signed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/htmlunit/2.8-1ubuntu2.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] italc 1:2.0.2+dfsg1-4ubuntu0.1 (Accepted)
italc (1:2.0.2+dfsg1-4ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/libvncclient_CVE-2014-6051.patch: Fix integer overflow in MallocFrameBuffer(). - CVE-2014-6051 * SECURITY UPDATE: Memory leak - debian/patches/libvncclient_CVE-2014-6052.patch: Check for MallocFrameBuffer() return value. - debian/patches/libvncserver_CVE-2014-6053.patch: Check malloc() return value on client->server ClientCutText message. - debian/patches/libvncserver_CVE-2019-15681.patch: rfbserver: don't leak stack memory to the remote. - CVE-2014-6052 - CVE-2014-6053 - CVE-2019-15681 * SECURITY UPDATE: Division by zero - debian/patches/libvncserver_CVE-2014-6054.patch: Do not accept a scaling factor of zero. - CVE-2014-6054 * SECURITY UPDATE: Stack-based buffer overflow - debian/patches/libvncserver_CVE-2014-6055.patch: Fix multiple stack-based buffer overflows in file transfer feature. - CVE-2014-6055 * SECURITY UPDATE: Heap-based buffer overflow - debian/patches/libvncclient_CVE-2016-9941.patch: Fix heap overflows in the various rectangle fill functions. - debian/patches/libvncclient_CVE-2016-9942.patch: Fix heap overflow in the ultra.c decoder. - CVE-2016-9941 - CVE-2016-9942 * SECURITY UPDATE: Input sanitization - debian/patches/libvncserver_CVE-2018-7225.patch: Impose a limit of 1 MB so that the value fits into all of the types. - CVE-2018-7225 * SECURITY UPDATE: Heap out-of-bound write - debian/patches/libvnc_server+client_CVE-2018-15127-CVE-2018-20019.patch: fix three possible heap buffer overflows. - debian/patches/libvncclient_CVE-2018-20020.patch: heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution. - debian/patches/libvncclient_CVE-2018-20748-1.patch: LibVNCClient: ignore server-sent cut text longer than 1MB. - debian/patches/libvncclient_CVE-2018-20748-2.patch: LibVNCClient: ignore server-sent reason strings longer than. - debian/patches/libvncclient_CVE-2018-20748-3.patch: LibVNCClient: fail on server-sent desktop name lengths longer. - debian/patches/libvncclient_CVE-2018-20748-4.patch: LibVNCClient: remove now-useless cast. - debian/patches/libvncserver_CVE-2018-20749.patch: Error out in rfbProcessFileTransferReadBuffer if length can. - debian/patches/libvncserver_CVE-2018-20750.patch: Limit length to INT_MAX bytes in rfbProcessFileTransferReadBuffer(). - CVE-2018-15127 - CVE-2018-20019 - CVE-2018-20020 - CVE-2018-20748 - CVE-2018-20749 - CVE-2018-20750 * SECURITY UPDATE: Infinite loop - debian/patches/libvncclient_CVE-2018-20021.patch: Infinite loop vulnerability in VNC client code. - CVE-2018-20021 * SECURITY UPDATE: Improper Initialization - debian/patches/libvncclient_CVE-2018-20022.patch: Improper Initialization vulnerability in VNC client code. - debian/patches/libvncclient_CVE-2018-20023.patch: Improper Initialization vulnerability in VNC Repeater client. - CVE-2018-20022 - CVE-2018-20023 * SECURITY UPDATE: Null pointer dereference - debian/patches/libvncclient_CVE-2018-20024.patch: null pointer dereference in VNC client code that can result DoS. - CVE-2018-20024 Date: 2020-10-07 20:09:13.261726+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/italc/1:2.0.2+dfsg1-4ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] newsbeuter 2.9-3ubuntu0.1 (Accepted)
newsbeuter (2.9-3ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Remote code execution vulnerabilities - debian/patches/23-fix-RCE-on-bookmark.patch: Fix a RCE vulnerability on the bookmark command. - debian/patches/25-fix-RCE-in-podbeuter.patch: Work around shell code in podcast names. - CVE-2017-12904 - CVE-2017-14500 * SECURITY UPDATE: Other fixes - debian/patches/01-typos.patch: Fix a few typos - debian/patches/02-new-issue-tracker.patch: Change the docs to reference the new issue tracker. - debian/patches/04-cache-deletion-with-one-feed.patch: Fixes a bug that deleted the cache if there is one feed configured. - debian/patches/07-json-object-get.patch: Replace deprecated function calls. - debian/patches/08-feeds-marked-unread.patch: Fix a bug that marked posts unread. - debian/patches/09-config-parser-off-by-one.patch: Don't fail if 3 arguments are passed to highlight. - debian/patches/10-a2x-warnings.patch: Fix a2x warning when generating the manpages. - debian/patches/11-query-feed-tokenization.patch: Fix age filter for query feeds not being parsed properly. - debian/patches/12-highlight-article-priority.patch: Fix highlight-article not working with unread items. - debian/patches/13-dont-include-compilation-time.patch: Using __DATE__ or __TIME__ breaks reproducible builds. - debian/patches/14-handle-urls-files-lacking-eol.patch: Properly handle urls files that lack the EOL character at the end. - debian/patches/15-dont-skip-ignored.patch: Fix a bug that skipped items while checking against ignore rules. - debian/patches/16-fix-invalid-pointers.patch: Fix a use after free in the rss parser. - debian/patches/17-dont-ignore-self-closing-tags.patch: Don't ignore self closing HTML break elements. - debian/patches/18-ssl-verify.patch: Add a config option to control SSL verification. - debian/patches/19-clean-doc.patch: Clean the docs before compiling. - debian/patches/20-prevent-http-header-reset.patch: Fix authentication issues when using external APIs. - debian/patches/21-parse-h5-h6-html-headers.patch: Fix h5 and h6 html headers not being handled. - debian/patches/22-use-pkg-config-to-search-for-ncursesw.patch: Use pkg-config to search for ncursesw. - debian/patches/24-link-binaries-order.patch: Link binaries in the same order to avoid random reproducability failures. - debian/patches/101-macro-example.patch: Fix a mistake in an example macro. - debian/patches/102-color-config-example.patch: Use the actual color commands in the docs to improve readablility. - debian/patches/201-german-l10n-revision.patch: Revised german translation. Date: 2020-10-05 19:48:21.251049+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/newsbeuter/2.9-3ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libpgf 6.14.12-3.1ubuntu0.1 (Accepted)
libpgf (6.14.12-3.1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Use-after-free vulnerability - debian/patches/02-fix-CVE-2015-6673-upstream-147.patch: Fix user-after-free in PGFimage. - debian/patches/03-fix-CVE-2015-6673-upstream-148.patch: Fix user-after-free in Decoder. - CVE-2015-6673 Date: 2020-09-26 01:44:13.006312+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/libpgf/6.14.12-3.1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] tika 1.5-4ubuntu0.1 (Accepted)
tika (1.5-4ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Infinite Loop (DoS) vulnerability. - debian/patches/09-psdparser-cve.patch: Add xmp extraction from PSD files. - CVE-2020-1950 - CVE-2020-1951 Date: 2020-09-23 14:13:13.257481+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/tika/1.5-4ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] gnuplot 4.6.6-3ubuntu0.1 (Accepted)
gnuplot (4.6.6-3ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Heap-based buffer overflows - debian/patches/CVE-2018-19490-19491-19492.patch: various overflow cases found by fuzzing. - CVE-2018-19490 - CVE-2018-19491 - CVE-2018-19492 Date: 2020-09-22 18:52:17.282125+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/gnuplot/4.6.6-3ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] miniupnpd 1.8.20140523-4.1+deb9u2build0.16.04.1 (Accepted)
miniupnpd (1.8.20140523-4.1+deb9u2build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian miniupnpd (1.8.20140523-4.1+deb9u2) stretch; urgency=medium * Applied upstream patches for CVE-2019-12107, CVE-2019-12108, CVE-2019-12109, CVE-2019-12110. This version looks like not affected by CVE-2019-12111. (Closes: #930050). Date: 2020-09-22 14:39:13.288036+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/miniupnpd/1.8.20140523-4.1+deb9u2build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libofx 1:0.9.10-1+deb8u2build0.16.04.1 (Accepted)
libofx (1:0.9.10-1+deb8u2build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian libofx (1:0.9.10-1+deb8u2) jessie-security; urgency=medium * Non-maintainer upload by the LTS Security Team. * Fix CVE-2019-9656: NULL pointer dereference in the function OFXApplication::startElement (Closes: #924350). Date: 2020-09-15 17:31:13.196922+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Sébastien Villemot https://launchpad.net/ubuntu/+source/libofx/1:0.9.10-1+deb8u2build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libemail-address-list-perl 0.05-1+deb9u1build0.16.04.1 (Accepted)
libemail-address-list-perl (0.05-1+deb9u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-15 17:18:11.436805+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/libemail-address-list-perl/0.05-1+deb9u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] storebackup 3.2.1-1+deb8u1build0.16.04.1 (Accepted)
storebackup (3.2.1-1+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-15 15:30:12.781750+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Ryan Niebur https://launchpad.net/ubuntu/+source/storebackup/3.2.1-1+deb8u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] sa-exim 4.2.1-14+deb8u1build0.16.04.1 (Accepted)
sa-exim (4.2.1-14+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-15 14:57:13.557803+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Magnus Holmgren https://launchpad.net/ubuntu/+source/sa-exim/4.2.1-14+deb8u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] pure-ftpd 1.0.36-3.2+deb8u1build0.16.04.1 (Accepted)
pure-ftpd (1.0.36-3.2+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-14 20:45:12.658663+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Stefan Hornburg (Racke) https://launchpad.net/ubuntu/+source/pure-ftpd/1.0.36-3.2+deb8u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] apng2gif 1.5-3+deb8u1build0.16.04.1 (Accepted)
apng2gif (1.5-3+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-14 20:30:13.057149+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Jari Aalto https://launchpad.net/ubuntu/+source/apng2gif/1.5-3+deb8u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ncmpc 0.24-1+deb8u1build0.16.04.1 (Accepted)
ncmpc (0.24-1+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-14 19:42:12.844026+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Sebastian Harl https://launchpad.net/ubuntu/+source/ncmpc/0.24-1+deb8u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] luajit 2.0.4+dfsg-1+deb9u1build0.16.04.1 (Accepted)
luajit (2.0.4+dfsg-1+deb9u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-14 19:21:12.375403+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: gares https://launchpad.net/ubuntu/+source/luajit/2.0.4+dfsg-1+deb9u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] salt 2015.8.8+ds-1ubuntu0.1 (Accepted)
salt (2015.8.8+ds-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Command injection vulnerabilities in salt-api and salt-master caused by improper sanitized input. - debian/patches/CVE-2019-17361.patch: various netapi fixes and tests. - debian/patches/CVE-2020-11651_11652_1.patch: Checks and sanitization. - debian/patches/CVE-2020-11651_11652_2.patch: Adding in missing fixes. - CVE-2019-17361 - CVE-2020-11651 - CVE-2020-11652 Date: 2020-08-13 17:20:16.162366+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/salt/2015.8.8+ds-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] edk2 0~20160408.ffea0a2c-2ubuntu0.1 (Accepted)
edk2 (0~20160408.ffea0a2c-2ubuntu0.1) xenial; urgency=medium * Security fixes (LP: #1820764): - Fix buffer overflow in BlockIo service (CVE-2018-12180) - DNS: Check received packet size before using (CVE-2018-12178) - Fix stack overflow with corrupted BMP (CVE-2018-12181) * Fix numeric truncation in S3BootScript[Save]*() API. (CVE-2019-14563) * Fix use-after-free in PcdHiiOsRuntimeSupport. (CVE-2019-14586) * Clear memory before free to avoid potential password leak. (CVE-2019-14558) * Fix double-unmap in SdMmcCreateTrb(). This did not impact any of the images built from this package. (CVE-2019-14587) * Fix memory leak in ArpOnFrameRcvdDpc(). (CVE-2019-14559) * Fix issue that could allow an efi image with a blacklisted hash in the dbx to be loaded. (CVE-2019-14575) * Fix a memory leak in the ARP handler. (CVE-2019-14559) Date: 2020-04-16 15:15:14.728851+00:00 Changed-By: dann frazier Signed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/edk2/0~20160408.ffea0a2c-2ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] mbedtls 2.2.1-2ubuntu0.3 (Accepted)
mbedtls (2.2.1-2ubuntu0.3) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflows and sensitive information disclousures - debian/patches/CVE-2017-18187.patch: Prevent bounds check bypass through overflow in PSK identity. - debian/patches/CVE-2018-0487.patch: RSA: Fix buffer overflow in PSS signature verification. - debian/patches/CVE-2018-0488-1.patch: Fix heap corruption in ssl_decrypt_buf. - debian/patches/CVE-2018-0488-2.patch: Fix SSLv3 MAC computation. - debian/patches/CVE-2018-0497.patch: Fix Lucky13 attack protection when using HMAC-SHA-384. - debian/patches/CVE-2018-0498-1.patch: Fix Lucky13 cache attack on MD/SHA padding. - debian/patches/CVE-2018-0498-2.patch: Add counter-measure to cache-based Lucky 13. - debian/patches/CVE-2018-0498-3.patch: Avoid debug message that might leak length. - CVE-2017-18187 - CVE-2018-0487 - CVE-2018-0488 - CVE-2018-0497 - CVE-2018-0498 * SECURITY UPDATE: Update some certificates for the tests - debian/patches/regenerate-test-files.patch: Regenerate test files from recent version. Date: 2020-02-04 18:45:15.269294+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/mbedtls/2.2.1-2ubuntu0.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] kamailio 4.3.4-1.1ubuntu2.1 (Accepted)
kamailio (4.3.4-1.1ubuntu2.1) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2018-8828.patch: tmx: allocate space to store ending 0 for branch value - CVE-2018-8828 Date: 2020-01-15 18:46:14.528058+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/kamailio/4.3.4-1.1ubuntu2.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] redmine 3.2.1-2ubuntu0.2 (Accepted)
redmine (3.2.1-2ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: persistent XSS exists due to textile formatting - debian/patches/0020-Fix-CVE-2019-17427.patch: improve the way that html tags are identified to be escaped. (LP: #1853063) - CVE-2019-17427 - https://www.cvedetails.com/cve/CVE-2019-17427/ - Redmine Defect #31520 * SECURITY UPDATE: SQL injection vulnerability - debian/patches/0021-Fix-CVE-2019-18890.patch: use map instead of each because it casts the values to integer and return a new array. (LP: #1853063) - CVE-2019-18890 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18890 - Redmine Defect #32374 Date: 2019-11-21 23:03:13.975465+00:00 Changed-By: Lucas Kanashiro Signed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/redmine/3.2.1-2ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] kde4libs 4:4.14.16-0ubuntu3.3 (Accepted)
kde4libs (4:4.14.16-0ubuntu3.3) xenial-security; urgency=medium * SECURITY UPDATE: Directory traversal vulnerability. - debian/patches/CVE-2016-6232.patch: extraction location to be in subfolder. - CVE-2016-6232 * SECURITY UPDATE: malicious .desktop files (and others) would execute code (LP: #1839432). - debian/patches/CVE-2019-14744.patch: remove support for $(...) in config keys with [$e] marker. - CVE-2019-14744 Date: 2019-08-15 22:31:14.485866+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/kde4libs/4:4.14.16-0ubuntu3.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ansible 2.0.0.2-2ubuntu1.3 (Accepted)
ansible (2.0.0.2-2ubuntu1.3) xenial-security; urgency=medium * SECURITY REGRESSION: Fix indentation, missing dependencies, and calls. - debian/patches/CVE-2018-10875.patch: Fix indentation and dependency. - debian/patches/CVE-2018-16837.patch: Fix dependency. - debian/patches/CVE-2017-7481.patch: Fix function call. - CVE-2017-7481 - CVE-2018-10875 - CVE-2018-16837 ansible (2.0.0.2-2ubuntu1.2) xenial-security; urgency=medium * SECURITY UPDATE: Fix vulnerability where a local user could use symlinks to write arbitrary files or gain privileges. - debian/patches/CVE-2016-3096.patch: Do not use a predictable filenames in the LXC plugin. - CVE-2016-3096 * SECURITY UPDATE: Avoid unicode strings injection. - debian/patches/CVE-2017-7481.patch: Fixing security issue with lookup returns not tainting the jinja2 environment. - CVE-2017-7481 * SECURITY UPDATE: Fix a flaw in ansible.cfg where an attacker could point to a plugin or a module path under control and execute arbitrary code. - debian/patches/CVE-2018-10875.patch: Ignore ansible.cfg in world writable cwd. - CVE-2018-10875 * SECURITY UPDATE: Avoid information disclosure in log and command line. - debian/patches/CVE-2018-16837.patch: user: Don't pass ssh_key_passphrase on command line. - CVE-2018-16837 Date: 2019-07-18 20:46:13.140447+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/ansible/2.0.0.2-2ubuntu1.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ansible 2.0.0.2-2ubuntu1.2 (Accepted)
ansible (2.0.0.2-2ubuntu1.2) xenial-security; urgency=medium * SECURITY UPDATE: Fix vulnerability where a local user could use symlinks to write arbitrary files or gain privileges. - debian/patches/CVE-2016-3096.patch: Do not use a predictable filenames in the LXC plugin. - CVE-2016-3096 * SECURITY UPDATE: Avoid unicode strings injection. - debian/patches/CVE-2017-7481.patch: Fixing security issue with lookup returns not tainting the jinja2 environment. - CVE-2017-7481 * SECURITY UPDATE: Fix a flaw in ansible.cfg where an attacker could point to a plugin or a module path under control and execute arbitrary code. - debian/patches/CVE-2018-10875.patch: Ignore ansible.cfg in world writable cwd. - CVE-2018-10875 * SECURITY UPDATE: Avoid information disclosure in log and command line. - debian/patches/CVE-2018-16837.patch: user: Don't pass ssh_key_passphrase on command line. - CVE-2018-16837 Date: 2019-07-16 15:11:13.706260+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/ansible/2.0.0.2-2ubuntu1.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] znc 1.6.3-1ubuntu0.2 (Accepted)
znc (1.6.3-1ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: Fix vulnerability that allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name. - debian/patches/CVE-2019-12816.patch: Fix remote code execution and privilege escalation. - CVE-2019-12816 Date: 2019-06-27 18:27:13.411464+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/znc/1.6.3-1ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] gpac 0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1 (Accepted)
gpac (0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Fix multiple buffer overflow issues - debian/patches/CVE-2018-7752-CVE-2018-1000100.patch: fix buffer overflow in the gf_media_avc_read_sps - debian/patches/CVE-2018-13005-CVE-2018-13006.patch: fixed 2 possible heap overflows - debian/patches/CVE-2018-20760.patch: check error code on call to gf_utf8_wcstombs - debian/patches/CVE-2018-20761-CVE-2018-20762.patch: fix some overflows due to strcpy - debian/patches/CVE-2018-20763.patch: add some boundary checks on gf_text_get_utf8_line - CVE-2018-7752 - CVE-2018-13005 - CVE-2018-13006 - CVE-2018-20760 - CVE-2018-20761 - CVE-2018-20762 - CVE-2018-20763 - CVE-2018-1000100 Date: 2019-03-27 18:58:12.770959+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/gpac/0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] sqlite3 3.11.0-1ubuntu1.1 (Accepted)
sqlite3 (3.11.0-1ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: Avoid segmentation fault while using a corrupted file. - d/p/0001-Fix-a-parsing-issue-associated-with-a-corrupt-sqlite.patch: Check if parser is busy before using it and raise an error if positive. (LP: #1814869) - d/p/0002-Better-error-message-text-when-the-schema-is-corrupt.patch: Better message and additional checks. - No CVE associated. Date: 2019-02-21 15:47:15.127180+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/sqlite3/3.11.0-1ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] postgis 2.2.1+dfsg-2ubuntu0.1 (Accepted)
postgis (2.2.1+dfsg-2ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: An empty argument in a postgis function can cause a DoS in PostgreSQL. This fix avoid it. - debian/patches/CVE-2017-18359.patch: ST_AsX3D handle empty geometries. - CVE-2017-18359 Date: 2019-02-14 19:19:54.412126+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/postgis/2.2.1+dfsg-2ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] lighttpd 1.4.35-4ubuntu2.1 (Accepted)
lighttpd (1.4.35-4ubuntu2.1) xenial-security; urgency=medium * SECURITY UPDATE: Fix vulnerability in HTTPoxy. - debian/patches/CVE-2016-1000212.patch: Mitigation for HTTPoxy vulnerability. - CVE-2016-1000212 Date: 2019-01-31 17:18:19.590691+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/lighttpd/1.4.35-4ubuntu2.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] xrdp 0.6.1-2ubuntu0.3 (Accepted)
xrdp (0.6.1-2ubuntu0.3) xenial-security; urgency=medium * SECURITY REGRESSION: Fix conection problem (LP: #1811122). Date: 2019-01-17 12:18:28.177688+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/xrdp/0.6.1-2ubuntu0.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] xrdp 0.6.1-2ubuntu0.1 (Accepted)
xrdp (0.6.1-2ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Fixes a VNC security issue where the VNC password file is based on the user password. - debian/patches/CVE-2013-1430-1.patch: sesman: change vnc password file to guid - debian/patches/CVE-2013-1430-2.patch: sesman: work on guid / vnc password file - debian/patches/CVE-2013-1430-3.patch: xrdp,vnc: work on guid / vnc password file - debian/patches/CVE-2013-1430-4.patch: xrdp,vnc: password fixes - debian/patches/CVE-2013-1430-5.patch: vnc: add const and comments to rfbEncryptBytes - debian/patches/CVE-2013-1430-6.patch: sesman, xrdp: const, spacing changes - CVE-2013-1430 Date: 2019-01-08 21:36:13.640106+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/xrdp/0.6.1-2ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes