[ubuntu/xenial-updates] python-pysaml2 3.0.0-3ubuntu1.16.04.3 (Accepted)
python-pysaml2 (3.0.0-3ubuntu1.16.04.3) xenial-security; urgency=medium * SECURITY UPDATE: Any password can be used if optimizations are enabled - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due to optimizations in src/saml2/authn.py. - CVE-2017-1000433 * Adding fix for test 41 response - debian/patches/fix-test-41-response.patch Date: 2018-01-05 17:42:27.752551+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Signed-By: Ubuntu Archive Robothttps://launchpad.net/ubuntu/+source/python-pysaml2/3.0.0-3ubuntu1.16.04.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-meta-azure 4.13.0.1004.5 (Accepted)
linux-meta-azure (4.13.0.1004.5) xenial; urgency=medium * Bump ABI 4.13.0-1004 linux-meta-azure (4.13.0.1003.4) xenial; urgency=medium * Bump ABI 4.13.0-1003 Date: 2018-01-07 17:47:16.155105+00:00 Changed-By: Marcelo CerriSigned-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-meta-azure/4.13.0.1004.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-azure 4.13.0-1004.6 (Accepted)
linux-azure (4.13.0-1004.6) xenial; urgency=low * linux-azure: 4.13.0-1004.6 -proposed tracker (LP: #1741747) [ Ubuntu: 4.13.0-24.28 ] * linux: 4.13.0-24.28 -proposed tracker (LP: #1741745) * CVE-2017-5754 - x86/cpu, x86/pti: Do not enable PTI on AMD processors linux-azure (4.13.0-1003.5) xenial; urgency=low * linux-azure: 4.13.0-1003.5 -proposed tracker (LP: #1741557) * CVE-2017-5754 - [Config] azure: updateconfigs to enable PTI [ Ubuntu: 4.13.0-23.27 ] * linux: 4.13.0-23.27 -proposed tracker (LP: #1741556) * CVE-2017-5754 - x86/mm: Add the 'nopcid' boot option to turn off PCID - x86/mm: Enable CR4.PCIDE on supported systems - x86/mm: Document how CR4.PCIDE restore works - x86/entry/64: Refactor IRQ stacks and make them NMI-safe - x86/entry/64: Initialize the top of the IRQ stack before switching stacks - x86/entry/64: Add unwind hint annotations - xen/x86: Remove SME feature in PV guests - x86/xen/64: Rearrange the SYSCALL entries - irq: Make the irqentry text section unconditional - x86/xen/64: Fix the reported SS and CS in SYSCALL - x86/paravirt/xen: Remove xen_patch() - x86/traps: Simplify pagefault tracing logic - x86/idt: Unify gate_struct handling for 32/64-bit kernels - x86/asm: Replace access to desc_struct:a/b fields - x86/xen: Get rid of paravirt op adjust_exception_frame - x86/paravirt: Remove no longer used paravirt functions - x86/entry: Fix idtentry unwind hint - x86/mm/64: Initialize CR4.PCIDE early - objtool: Add ORC unwind table generation - objtool, x86: Add facility for asm code to provide unwind hints - x86/unwind: Add the ORC unwinder - x86/kconfig: Consolidate unwinders into multiple choice selection - objtool: Upgrade libelf-devel warning to error for CONFIG_ORC_UNWINDER - x86/ldt/64: Refresh DS and ES when modify_ldt changes an entry - x86/mm: Give each mm TLB flush generation a unique ID - x86/mm: Track the TLB's tlb_gen and update the flushing algorithm - x86/mm: Rework lazy TLB mode and TLB freshness tracking - x86/mm: Implement PCID based optimization: try to preserve old TLB entries using PCID - x86/mm: Factor out CR3-building code - x86/mm/64: Stop using CR3.PCID == 0 in ASID-aware code - x86/mm: Flush more aggressively in lazy TLB mode - Revert "x86/mm: Stop calling leave_mm() in idle code" - kprobes/x86: Set up frame pointer in kprobe trampoline - x86/tracing: Introduce a static key for exception tracing - x86/boot: Add early cmdline parsing for options with arguments - mm, x86/mm: Fix performance regression in get_user_pages_fast() - x86/asm: Remove unnecessary \n\t in front of CC_SET() from asm templates - objtool: Don't report end of section error after an empty unwind hint - x86/head: Remove confusing comment - x86/head: Remove unused 'bad_address' code - x86/head: Fix head ELF function annotations - x86/boot: Annotate verify_cpu() as a callable function - x86/xen: Fix xen head ELF annotations - x86/xen: Add unwind hint annotations - x86/head: Add unwind hint annotations - ACPI / APEI: adjust a local variable type in ghes_ioremap_pfn_irq() - x86/unwinder: Make CONFIG_UNWINDER_ORC=y the default in the 64-bit defconfig - x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints - x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*' - x86/unwind: Make CONFIG_UNWINDER_ORC=y the default in kconfig for 64-bit - bitops: Add clear/set_bit32() to linux/bitops.h - x86/cpuid: Add generic table for CPUID dependencies - x86/fpu: Parse clearcpuid= as early XSAVE argument - x86/fpu: Make XSAVE check the base CPUID features before enabling - x86/fpu: Remove the explicit clearing of XSAVE dependent features - x86/platform/UV: Convert timers to use timer_setup() - objtool: Print top level commands on incorrect usage - x86/cpuid: Prevent out of bound access in do_clear_cpu_cap() - x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() - mm/sparsemem: Allocate mem_section at runtime for CONFIG_SPARSEMEM_EXTREME=y - x86/kasan: Use the same shadow offset for 4- and 5-level paging - x86/xen: Provide pre-built page tables only for CONFIG_XEN_PV=y and CONFIG_XEN_PVH=y - x86/xen: Drop 5-level paging support code from the XEN_PV code - ACPI / APEI: remove the unused dead-code for SEA/NMI notification type - x86/asm: Don't use the confusing '.ifeq' directive - x86/build: Beautify build log of syscall headers - x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' - x86/cpufeatures: Enable new SSE/AVX/AVX512 CPU features - x86/mm: Relocate page fault error codes to traps.h - x86/boot: Relocate definition of the initial state of CR0 - ptrace,x86: Make user_64bit_mode() available to
[ubuntu/xenial-security] python-pysaml2 3.0.0-3ubuntu1.16.04.3 (Accepted)
python-pysaml2 (3.0.0-3ubuntu1.16.04.3) xenial-security; urgency=medium * SECURITY UPDATE: Any password can be used if optimizations are enabled - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due to optimizations in src/saml2/authn.py. - CVE-2017-1000433 * Adding fix for test 41 response - debian/patches/fix-test-41-response.patch Date: 2018-01-05 17:42:27.752551+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/python-pysaml2/3.0.0-3ubuntu1.16.04.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] tomcat8 8.0.32-1ubuntu1.5 (Accepted)
tomcat8 (8.0.32-1ubuntu1.5) xenial-security; urgency=medium * SECURITY UPDATE: loss of pipeline requests - debian/patches/CVE-2017-5647.patch: improve sendfile handling when requests are pipelined in java/org/apache/coyote/AbstractProtocol.java, java/org/apache/coyote/http11/Http11AprProcessor.java, java/org/apache/coyote/http11/Http11Nio2Processor.java, java/org/apache/coyote/http11/Http11NioProcessor.java, java/org/apache/tomcat/util/net/AprEndpoint.java, java/org/apache/tomcat/util/net/Nio2Endpoint.java, java/org/apache/tomcat/util/net/NioEndpoint.java, java/org/apache/tomcat/util/net/SendfileKeepAliveState.java. - CVE-2017-5647 * SECURITY UPDATE: incorrect facade object use - debian/patches/CVE-2017-5648.patch: ensure request and response facades are used when firing application listeners in java/org/apache/catalina/authenticator/FormAuthenticator.java, java/org/apache/catalina/core/StandardHostValve.java. - CVE-2017-5648 * SECURITY UPDATE: unexpected and undesirable results for static error pages - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/servlets/WebdavServlet.java. - CVE-2017-5664 * SECURITY UPDATE: client and server side cache poisoning in CORS filter - debian/patches/CVE-2017-7674.patch: set Vary header in response in java/org/apache/catalina/filters/CorsFilter.java. - CVE-2017-7674 Date: 2017-09-28 13:54:18.666311+00:00 Changed-By: Marc DeslauriersSigned-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/tomcat8/8.0.32-1ubuntu1.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] awstats 7.4+dfsg-1ubuntu0.2 (Accepted)
awstats (7.4+dfsg-1ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: code execution via path traversal flaws - debian/patches/CVE-2017-1000501-1.patch: sanitize values in wwwroot/cgi-bin/awstats.pl. - debian/patches/CVE-2017-1000501-2.patch: sanitize more values in wwwroot/cgi-bin/awstats.pl. - CVE-2017-1000501 Date: 2018-01-05 16:01:17.442459+00:00 Changed-By: Marc DeslauriersSigned-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/awstats/7.4+dfsg-1ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] tomcat8 8.0.32-1ubuntu1.5 (Accepted)
tomcat8 (8.0.32-1ubuntu1.5) xenial-security; urgency=medium * SECURITY UPDATE: loss of pipeline requests - debian/patches/CVE-2017-5647.patch: improve sendfile handling when requests are pipelined in java/org/apache/coyote/AbstractProtocol.java, java/org/apache/coyote/http11/Http11AprProcessor.java, java/org/apache/coyote/http11/Http11Nio2Processor.java, java/org/apache/coyote/http11/Http11NioProcessor.java, java/org/apache/tomcat/util/net/AprEndpoint.java, java/org/apache/tomcat/util/net/Nio2Endpoint.java, java/org/apache/tomcat/util/net/NioEndpoint.java, java/org/apache/tomcat/util/net/SendfileKeepAliveState.java. - CVE-2017-5647 * SECURITY UPDATE: incorrect facade object use - debian/patches/CVE-2017-5648.patch: ensure request and response facades are used when firing application listeners in java/org/apache/catalina/authenticator/FormAuthenticator.java, java/org/apache/catalina/core/StandardHostValve.java. - CVE-2017-5648 * SECURITY UPDATE: unexpected and undesirable results for static error pages - debian/patches/CVE-2017-5664.patch: use a more reliable mechanism in java/org/apache/catalina/servlets/DefaultServlet.java, java/org/apache/catalina/servlets/WebdavServlet.java. - CVE-2017-5664 * SECURITY UPDATE: client and server side cache poisoning in CORS filter - debian/patches/CVE-2017-7674.patch: set Vary header in response in java/org/apache/catalina/filters/CorsFilter.java. - CVE-2017-7674 tomcat8 (8.0.32-1ubuntu1.4) xenial; urgency=medium * Fix an upgrade error when JAVA_OPTS in /etc/default/tomcat8 contains the '%' character (LP: #1666570). Date: 2017-09-28 13:54:18.666311+00:00 Changed-By: Marc Deslauriershttps://launchpad.net/ubuntu/+source/tomcat8/8.0.32-1ubuntu1.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] awstats 7.4+dfsg-1ubuntu0.2 (Accepted)
awstats (7.4+dfsg-1ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: code execution via path traversal flaws - debian/patches/CVE-2017-1000501-1.patch: sanitize values in wwwroot/cgi-bin/awstats.pl. - debian/patches/CVE-2017-1000501-2.patch: sanitize more values in wwwroot/cgi-bin/awstats.pl. - CVE-2017-1000501 Date: 2018-01-05 16:01:17.442459+00:00 Changed-By: Marc Deslauriershttps://launchpad.net/ubuntu/+source/awstats/7.4+dfsg-1ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-signed-hwe-edge 4.13.0-24.28~16.04.1 (Accepted)
linux-signed-hwe-edge (4.13.0-24.28~16.04.1) xenial; urgency=medium * Master version: 4.13.0-24.28~16.04.1 linux-signed-hwe-edge (4.13.0-23.27~16.04.1) xenial; urgency=medium * Master version: 4.13.0-23.27~16.04.1 linux-signed-hwe-edge (4.13.0-23.26~16.04.1) xenial; urgency=medium * Master version: 4.13.0-23.26~16.04.1 Date: 2018-01-07 14:59:51.789720+00:00 Changed-By: Kleber Sacilotto de SouzaSigned-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-signed-hwe-edge/4.13.0-24.28~16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-hwe-edge_4.13.0-24.28~16.04.1_amd64.tar.gz - (Accepted)
linux-hwe-edge (4.13.0-24.28~16.04.1) xenial; urgency=low * linux-hwe-edge: 4.13.0-24.28~16.04.1 -proposed tracker (LP: #1741749) * linux: 4.13.0-24.28 -proposed tracker (LP: #1741745) * CVE-2017-5754 - x86/cpu, x86/pti: Do not enable PTI on AMD processors Date: Sun, 07 Jan 2018 15:34:55 +0100 Changed-By: Kleber Sacilotto de SouzaMaintainer: Launchpad Build Daemon Format: 1.8 Date: Sun, 07 Jan 2018 15:34:55 +0100 Source: linux-hwe-edge Binary: linux-source-4.13.0 linux-headers-4.13.0-24 linux-hwe-edge-tools-4.13.0-24 linux-hwe-edge-cloud-tools-4.13.0-24 linux-image-4.13.0-24-generic linux-image-extra-4.13.0-24-generic linux-headers-4.13.0-24-generic linux-image-4.13.0-24-generic-dbgsym linux-tools-4.13.0-24-generic linux-cloud-tools-4.13.0-24-generic linux-hwe-edge-udebs-generic linux-image-4.13.0-24-generic-lpae linux-image-extra-4.13.0-24-generic-lpae linux-headers-4.13.0-24-generic-lpae linux-image-4.13.0-24-generic-lpae-dbgsym linux-tools-4.13.0-24-generic-lpae linux-cloud-tools-4.13.0-24-generic-lpae linux-hwe-edge-udebs-generic-lpae linux-image-4.13.0-24-lowlatency linux-image-extra-4.13.0-24-lowlatency linux-headers-4.13.0-24-lowlatency linux-image-4.13.0-24-lowlatency-dbgsym linux-tools-4.13.0-24-lowlatency linux-cloud-tools-4.13.0-24-lowlatency linux-hwe-edge-udebs-lowlatency kernel-image-4.13.0-24-generic-di fat-modules-4.13.0-24-generic-di fb-modules-4.13.0-24-generic-di firewire-core-modules-4.13.0-24-generic-di floppy-modules-4.13.0-24-generic-di fs-core-modules-4.13.0-24-generic-di fs-secondary-modules-4.13.0-24-generic-di input-modules-4.13.0-24-generic-di irda-modules-4.13.0-24-generic-di md-modules-4.13.0-24-generic-di nic-modules-4.13.0-24-generic-di nic-pcmcia-modules-4.13.0-24-generic-di nic-usb-modules-4.13.0-24-generic-di nic-shared-modules-4.13.0-24-generic-di parport-modules-4.13.0-24-generic-di pata-modules-4.13.0-24-generic-di pcmcia-modules-4.13.0-24-generic-di pcmcia-storage-modules-4.13.0-24-generic-di plip-modules-4.13.0-24-generic-di ppp-modules-4.13.0-24-generic-di sata-modules-4.13.0-24-generic-di scsi-modules-4.13.0-24-generic-di serial-modules-4.13.0-24-generic-di storage-core-modules-4.13.0-24-generic-di usb-modules-4.13.0-24-generic-di nfs-modules-4.13.0-24-generic-di block-modules-4.13.0-24-generic-di message-modules-4.13.0-24-generic-di crypto-modules-4.13.0-24-generic-di virtio-modules-4.13.0-24-generic-di mouse-modules-4.13.0-24-generic-di vlan-modules-4.13.0-24-generic-di ipmi-modules-4.13.0-24-generic-di multipath-modules-4.13.0-24-generic-di Architecture: amd64 all amd64_translations Version: 4.13.0-24.28~16.04.1 Distribution: xenial Urgency: low Maintainer: Launchpad Build Daemon Changed-By: Kleber Sacilotto de Souza Description: block-modules-4.13.0-24-generic-di - Block storage devices (udeb) crypto-modules-4.13.0-24-generic-di - crypto modules (udeb) fat-modules-4.13.0-24-generic-di - FAT filesystem support (udeb) fb-modules-4.13.0-24-generic-di - Framebuffer modules (udeb) firewire-core-modules-4.13.0-24-generic-di - Firewire (IEEE-1394) Support (udeb) floppy-modules-4.13.0-24-generic-di - Floppy driver support (udeb) fs-core-modules-4.13.0-24-generic-di - Base filesystem modules (udeb) fs-secondary-modules-4.13.0-24-generic-di - Extra filesystem modules (udeb) input-modules-4.13.0-24-generic-di - Support for various input methods (udeb) ipmi-modules-4.13.0-24-generic-di - ipmi modules (udeb) irda-modules-4.13.0-24-generic-di - Support for Infrared protocols (udeb) kernel-image-4.13.0-24-generic-di - kernel image and system map (udeb) linux-cloud-tools-4.13.0-24-generic - Linux kernel version specific cloud tools for version 4.13.0-24 linux-cloud-tools-4.13.0-24-generic-lpae - Linux kernel version specific cloud tools for version 4.13.0-24 linux-cloud-tools-4.13.0-24-lowlatency - Linux kernel version specific cloud tools for version 4.13.0-24 linux-headers-4.13.0-24 - Header files related to Linux kernel version 4.13.0 linux-headers-4.13.0-24-generic - Linux kernel headers for version 4.13.0 on 64 bit x86 SMP linux-headers-4.13.0-24-generic-lpae - Linux kernel headers for version 4.13.0 on 64 bit x86 SMP linux-headers-4.13.0-24-lowlatency - Linux kernel headers for version 4.13.0 on 64 bit x86 SMP linux-hwe-edge-cloud-tools-4.13.0-24 - Linux kernel version specific cloud tools for version 4.13.0-24 linux-hwe-edge-tools-4.13.0-24 - Linux kernel version specific tools for version 4.13.0-24 linux-hwe-edge-udebs-generic - Metapackage depending on kernel udebs (udeb) linux-hwe-edge-udebs-generic-lpae - Metapackage depending on kernel udebs (udeb) linux-hwe-edge-udebs-lowlatency - Metapackage depending on kernel udebs (udeb) linux-image-4.13.0-24-generic - Linux kernel image for version 4.13.0 on 64 bit x86 SMP linux-image-4.13.0-24-generic-dbgsym - Linux kernel
[ubuntu/xenial-proposed] linux-meta-hwe-edge 4.13.0.24.30 (Accepted)
linux-meta-hwe-edge (4.13.0.24.30) xenial; urgency=medium * Bump ABI 4.13.0-24 linux-meta-hwe-edge (4.13.0.23.29) xenial; urgency=medium * Bump ABI 4.13.0-23 Date: 2018-01-07 14:59:49.508467+00:00 Changed-By: Kleber Sacilotto de SouzaSigned-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/linux-meta-hwe-edge/4.13.0.24.30 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-hwe-edge 4.13.0-24.28~16.04.1 (Accepted)
linux-hwe-edge (4.13.0-24.28~16.04.1) xenial; urgency=low * linux-hwe-edge: 4.13.0-24.28~16.04.1 -proposed tracker (LP: #1741749) * linux: 4.13.0-24.28 -proposed tracker (LP: #1741745) * CVE-2017-5754 - x86/cpu, x86/pti: Do not enable PTI on AMD processors linux (4.13.0-23.27) artful; urgency=low * linux: 4.13.0-23.27 -proposed tracker (LP: #1741556) [ Kleber Sacilotto de Souza ] * CVE-2017-5754 - x86/mm: Add the 'nopcid' boot option to turn off PCID - x86/mm: Enable CR4.PCIDE on supported systems - x86/mm: Document how CR4.PCIDE restore works - x86/entry/64: Refactor IRQ stacks and make them NMI-safe - x86/entry/64: Initialize the top of the IRQ stack before switching stacks - x86/entry/64: Add unwind hint annotations - xen/x86: Remove SME feature in PV guests - x86/xen/64: Rearrange the SYSCALL entries - irq: Make the irqentry text section unconditional - x86/xen/64: Fix the reported SS and CS in SYSCALL - x86/paravirt/xen: Remove xen_patch() - x86/traps: Simplify pagefault tracing logic - x86/idt: Unify gate_struct handling for 32/64-bit kernels - x86/asm: Replace access to desc_struct:a/b fields - x86/xen: Get rid of paravirt op adjust_exception_frame - x86/paravirt: Remove no longer used paravirt functions - x86/entry: Fix idtentry unwind hint - x86/mm/64: Initialize CR4.PCIDE early - objtool: Add ORC unwind table generation - objtool, x86: Add facility for asm code to provide unwind hints - x86/unwind: Add the ORC unwinder - x86/kconfig: Consolidate unwinders into multiple choice selection - objtool: Upgrade libelf-devel warning to error for CONFIG_ORC_UNWINDER - x86/ldt/64: Refresh DS and ES when modify_ldt changes an entry - x86/mm: Give each mm TLB flush generation a unique ID - x86/mm: Track the TLB's tlb_gen and update the flushing algorithm - x86/mm: Rework lazy TLB mode and TLB freshness tracking - x86/mm: Implement PCID based optimization: try to preserve old TLB entries using PCID - x86/mm: Factor out CR3-building code - x86/mm/64: Stop using CR3.PCID == 0 in ASID-aware code - x86/mm: Flush more aggressively in lazy TLB mode - Revert "x86/mm: Stop calling leave_mm() in idle code" - kprobes/x86: Set up frame pointer in kprobe trampoline - x86/tracing: Introduce a static key for exception tracing - x86/boot: Add early cmdline parsing for options with arguments - mm, x86/mm: Fix performance regression in get_user_pages_fast() - x86/asm: Remove unnecessary \n\t in front of CC_SET() from asm templates - objtool: Don't report end of section error after an empty unwind hint - x86/head: Remove confusing comment - x86/head: Remove unused 'bad_address' code - x86/head: Fix head ELF function annotations - x86/boot: Annotate verify_cpu() as a callable function - x86/xen: Fix xen head ELF annotations - x86/xen: Add unwind hint annotations - x86/head: Add unwind hint annotations - ACPI / APEI: adjust a local variable type in ghes_ioremap_pfn_irq() - x86/unwinder: Make CONFIG_UNWINDER_ORC=y the default in the 64-bit defconfig - x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints - x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*' - x86/unwind: Make CONFIG_UNWINDER_ORC=y the default in kconfig for 64-bit - bitops: Add clear/set_bit32() to linux/bitops.h - x86/cpuid: Add generic table for CPUID dependencies - x86/fpu: Parse clearcpuid= as early XSAVE argument - x86/fpu: Make XSAVE check the base CPUID features before enabling - x86/fpu: Remove the explicit clearing of XSAVE dependent features - x86/platform/UV: Convert timers to use timer_setup() - objtool: Print top level commands on incorrect usage - x86/cpuid: Prevent out of bound access in do_clear_cpu_cap() - x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() - mm/sparsemem: Allocate mem_section at runtime for CONFIG_SPARSEMEM_EXTREME=y - x86/kasan: Use the same shadow offset for 4- and 5-level paging - x86/xen: Provide pre-built page tables only for CONFIG_XEN_PV=y and CONFIG_XEN_PVH=y - x86/xen: Drop 5-level paging support code from the XEN_PV code - ACPI / APEI: remove the unused dead-code for SEA/NMI notification type - x86/asm: Don't use the confusing '.ifeq' directive - x86/build: Beautify build log of syscall headers - x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' - x86/cpufeatures: Enable new SSE/AVX/AVX512 CPU features - x86/mm: Relocate page fault error codes to traps.h - x86/boot: Relocate definition of the initial state of CR0 - ptrace,x86: Make user_64bit_mode() available to 32-bit builds - x86/entry/64: Remove the restore_c_regs_and_iret label - x86/entry/64: Split the IRET-to-user and IRET-to-kernel paths
[ubuntu/xenial-updates] poppler 0.41.0-0ubuntu1.6 (Accepted)
poppler (0.41.0-0ubuntu1.6) xenial-security; urgency=medium * SECURITY UPDATE: fails to validate boundaries in TextPool::addWord leading to overflow - debian/patches/CVE-2017-1000456.patch: fix crash in fuzzed file in poppler/TextOutputDev.cc. - CVE-2017-1000456 * SECURITY UPDATE: has a heap-based buffer over-read vulnerability - debian/patches/CVE-2017-14976.patch: fix crash in broken files in fofi/FoFiType1C.cc. - CVE-2017-14976 Date: 2018-01-04 19:46:14.641594+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Signed-By: Ubuntu Archive Robothttps://launchpad.net/ubuntu/+source/poppler/0.41.0-0ubuntu1.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes