[ubuntu/xenial-updates] openvswitch 2.5.4-0ubuntu0.16.04.1 (Accepted)

[Chris Halse Rogers]

openvswitch (2.5.4-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream point release (LP: #1726927):
- d/p/CVE-2017-9265.patch: Drop, included upstream.

Date: 2017-10-30 10:40:13.453486+00:00
Changed-By: James Page 
Signed-By: Chris Halse Rogers 
https://launchpad.net/ubuntu/+source/openvswitch/2.5.4-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-updates] kbuild 1:0.1.9998svn2814+dfsg-2~ubuntu16.04.1 (Accepted)

[Chris Halse Rogers]

kbuild (1:0.1.9998svn2814+dfsg-2~ubuntu16.04.1) xenial; urgency=medium

  * SRU to xenial, to make virtualbox 5.1 build correctly
  * New upstream version 5.1.32-dfsg
LP: #1746316 -> security patches for spectre and meltdown
LP: #1736116 -> freeze with kernel >= 4.13

Date: 2018-03-01 10:37:10.891138+00:00
Changed-By: LocutusOfBorg 
Signed-By: Chris Halse Rogers 
https://launchpad.net/ubuntu/+source/kbuild/1:0.1.9998svn2814+dfsg-2~ubuntu16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-proposed] livecd-rootfs 2.408.28 (Accepted)

[Daniel Watkins]

livecd-rootfs (2.408.28) xenial; urgency=medium

  * ubuntu-cpc: When performing a minimized build, don't generate artifacts
that won't boot with the linux-kvm kernel (LP: #1757223).

Date: Tue, 20 Mar 2018 12:42:25 -0400
Changed-By: Daniel Watkins 
Maintainer: Ubuntu Developers 
Signed-By: Steve Langasek 
https://launchpad.net/ubuntu/+source/livecd-rootfs/2.408.28
Format: 1.8
Date: Tue, 20 Mar 2018 12:42:25 -0400
Source: livecd-rootfs
Binary: livecd-rootfs
Architecture: source
Version: 2.408.28
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu Developers 
Changed-By: Daniel Watkins 
Description:
 livecd-rootfs - construction script for the livecd rootfs
Launchpad-Bugs-Fixed: 1757223
Changes:
 livecd-rootfs (2.408.28) xenial; urgency=medium
 .
   * ubuntu-cpc: When performing a minimized build, don't generate artifacts
 that won't boot with the linux-kvm kernel (LP: #1757223).
Checksums-Sha1:
 a98d0e3fe5bceb15695d8cdd555ea942e288bcf7 1542 livecd-rootfs_2.408.28.dsc
 3113db7a3ddec0a8701a15822b07ce3a97d08f0c 90540 livecd-rootfs_2.408.28.tar.xz
 d474434b4d75b7097815d0f80bdde24ab049b5c9 6268 
livecd-rootfs_2.408.28_source.buildinfo
Checksums-Sha256:
 ac981a811c78d687e518a46c70398143494d3f46d64e9e7f7957fb2fd573d467 1542 
livecd-rootfs_2.408.28.dsc
 b409b0f961d06237234b84496c9d5c4baf53f27f865172a5d8a96df268f2f014 90540 
livecd-rootfs_2.408.28.tar.xz
 541d6126fa61b831b20435c57210f4641114403994a16d4e649d1ea1d887cdbd 6268 
livecd-rootfs_2.408.28_source.buildinfo
Files:
 65c5e5840b1fb1d20cbc4ceef535bfb2 1542 devel optional livecd-rootfs_2.408.28.dsc
 76c41d4900ccec94acfcd3ec51ab883f 90540 devel optional 
livecd-rootfs_2.408.28.tar.xz
 48d5f42317a3db62dcfc091c5c523b00 6268 devel optional 
livecd-rootfs_2.408.28_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-updates] atril 1.12.2-1ubuntu0.2 (Accepted)

[Ubuntu Archive Robot]

atril (1.12.2-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Command injection with cbt files (LP: #1735418).
- fix-CVE-2017-183.patch
- CVE-2017-183

Date: 2018-03-19 04:45:12.849557+00:00
Changed-By: Simon Quigley 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/atril/1.12.2-1ubuntu0.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-updates] tiff 4.0.6-1ubuntu0.3 (Accepted)

[Ubuntu Archive Robot]

tiff (4.0.6-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS in tif_read.c
- debian/patches/CVE-2016-10266.patch: fix uint32 overflow in
  libtiff/tif_read.c, libtiff/tiffiop.h.
- CVE-2016-10266
  * SECURITY UPDATE: DoS in tif_ojpeg.c
- debian/patches/CVE-2016-10267.patch: make OJPEGDecode() early exit in
  case of failure in libtiff/tif_ojpeg.c.
- CVE-2016-10267
  * SECURITY UPDATE: DoS in tif_unix.c
- debian/patches/CVE-2016-10268.patch: avoid uint32 underflow in
  cpDecodedStrips in tools/tiffcp.c.
- CVE-2016-10268
  * SECURITY UPDATE: DoS in tif_unix.c
- debian/patches/CVE-2016-10269.patch: fix heap-based buffer overflow
  in libtiff/tif_luv.c, libtiff/tif_pixarlog.c.
- CVE-2016-10269
  * SECURITY UPDATE: DoS in TIFFWriteDirectoryTagCheckedRational
- debian/patches/CVE-2016-10371.patch: replace assertion by runtime
  check in libtiff/tif_dirwrite.c, tools/tiffcrop.c.
- CVE-2016-10371
  * SECURITY UPDATE: DoS in putagreytile function
- debian/patches/CVE-2017-7592.patch: add explicit uint32 cast in
  libtiff/tif_getimage.c.
- CVE-2017-7592
  * SECURITY UPDATE: information disclosure in tif_read.c
- debian/patches/CVE-2017-7593.patch: use _TIFFcalloc() to zero in
  libtiff/tif_read.c, libtiff/tif_unix.c, libtiff/tif_vms.c,
  libtiff/tif_win32.c, libtiff/tiffio.h.
- CVE-2017-7593
  * SECURITY UPDATE: DoS in OJPEGReadHeaderInfoSecTablesDcTable
- debian/patches/CVE-2017-7594-1.patch: fix leak in
  libtiff/tif_ojpeg.c.
- debian/patches/CVE-2017-7594-2.patch: fix another leak in
  libtiff/tif_ojpeg.c.
- CVE-2017-7594
  * SECURITY UPDATE: DoS in JPEGSetupEncode
- debian/patches/CVE-2017-7595.patch: avoid integer division by zero in
  libtiff/tif_jpeg.c.
- CVE-2017-7595
  * SECURITY UPDATE: DoS via undefined behaviour
- debian/patches/CVE-2017-7596_7597_7599_7600.patch: avoir undefined
  behaviour in libtiff/tif_dir.c, libtiff/tif_dirread.c,
  libtiff/tif_dirwrite.c.
- CVE-2017-7596
- CVE-2017-7597
- CVE-2017-7599
- CVE-2017-7600
  * SECURITY UPDATE: DoS via divide-by-zero
- debian/patches/CVE-2017-7598.patch: avoid division by floating point
  0 in libtiff/tif_dirread.c.
- CVE-2017-7598
  * SECURITY UPDATE: DoS via undefined behaviour
- debian/patches/CVE-2017-7601.patch: validate BitsPerSample in
  libtiff/tif_jpeg.c.
- CVE-2017-7601
  * SECURITY UPDATE: signed integer overflow
- debian/patches/CVE-2017-7602.patch: avoid potential undefined
  behaviour in libtiff/tif_read.c.
- CVE-2017-7602
  * SECURITY UPDATE: DoS via memory leak
- debian/patches/CVE-2017-9403_9815.patch: fix memory leak in
  libtiff/tif_dirread.c, tools/tiff2ps.c.
- CVE-2017-9403
- CVE-2017-9815
  * SECURITY UPDATE: DoS via memory leak
- debian/patches/CVE-2017-9404.patch: fix potential memory leak in
  libtiff/tif_ojpeg.c.
- CVE-2017-9404
  * SECURITY UPDATE: DoS via memory leak
- debian/patches/CVE-2017-9936.patch: fix memory leak in
  libtiff/tif_jbig.c.
- CVE-2017-9936
  * SECURITY UPDATE: DoS via assertion
- debian/patches/CVE-2017-10688.patch: replace assertion in
  libtiff/tif_dirwrite.c.
- CVE-2017-10688
  * SECURITY UPDATE: heap overflow in tiff2pdf.c
- debian/patches/CVE-2017-11335.patch: prevent heap buffer overflow
  write in tools/tiff2pdf.c.
- CVE-2017-11335
  * SECURITY UPDATE: DoS in TIFFReadDirEntryArray
- debian/patches/CVE-2017-12944.patch: add protection against excessive
  memory allocation attempts in libtiff/tif_dirread.c.
- CVE-2017-12944
  * SECURITY UPDATE: DoS via assertion
- debian/patches/CVE-2017-13726.patch: replace assertion in
  libtiff/tif_dirwrite.c.
- CVE-2017-13726
  * SECURITY UPDATE: DoS via assertion
- debian/patches/CVE-2017-13727.patch: replace assertion in
  libtiff/tif_dirwrite.c.
- CVE-2017-13727
  * SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2017-18013.patch: fix null pointer dereference in
  libtiff/tif_print.c.
- CVE-2017-18013
  * SECURITY UPDATE: DoS via resource consumption
- debian/patches/CVE-2018-5784.patch: fix infinite loop in
  contrib/addtiffo/tif_overview.c, tools/tiff2pdf.c, tools/tiffcrop.c.
- CVE-2018-5784

Date: 2018-03-20 16:40:13.916633+00:00
Changed-By: Marc Deslauriers 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/tiff/4.0.6-1ubuntu0.3
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-updates] paramiko 1.16.0-1ubuntu0.1 (Accepted)

[Ubuntu Archive Robot]

paramiko (1.16.0-1ubuntu0.1) xenial-security; urgency=medium

  [Steve Beattie]
  * SECURITY UPDATE: customized clients can skip auth
- 0004-Fixes-CVE-2018-7750-1175.patch: send message failure if not
  authenticated and message type is a service request
- 0002-Allow-overriding-test-client-connect-kwargs-in-Trans.patch,
  0003-Initial-tests-proving-CVE-2018-7750-1175.patch:
  add testcases plus prereq
- CVE-2018-7750

  [ Fabien Tassin ]
  * SECURITY UPDATE: weak diffie-hellman-group1-sha1 kex always preferred (LP: 
#1728607)
- 
0010-git-c1233679c44-change-order-of-preferred-kex-and-hmac-algorithms.patch
- 
0011-git-b395444062e-Reorder-cipher-and-key-preferences-to-make-more-sense.patch
Backport of the upstream changes from 2.3.1, matching the OpenSSH 7
deprecation of diffie-hellman-group1-sha1 
(http://www.openssh.com/legacy.html).
This patch doesn't remove the support of diffie-hellman-group1-sha1 but
makes it the least preferred kex for backward compatibility

Date: 2018-03-17 05:17:12.246838+00:00
Changed-By: Steve Beattie 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/paramiko/1.16.0-1ubuntu0.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] atril 1.12.2-1ubuntu0.2 (Accepted)

[Steve Beattie]

atril (1.12.2-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Command injection with cbt files (LP: #1735418).
- fix-CVE-2017-183.patch
- CVE-2017-183

Date: 2018-03-19 04:45:12.849557+00:00
Changed-By: Simon Quigley 
Signed-By: Steve Beattie 
https://launchpad.net/ubuntu/+source/atril/1.12.2-1ubuntu0.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] paramiko 1.16.0-1ubuntu0.1 (Accepted)

[Steve Beattie]

paramiko (1.16.0-1ubuntu0.1) xenial-security; urgency=medium

  [Steve Beattie]
  * SECURITY UPDATE: customized clients can skip auth
- 0004-Fixes-CVE-2018-7750-1175.patch: send message failure if not
  authenticated and message type is a service request
- 0002-Allow-overriding-test-client-connect-kwargs-in-Trans.patch,
  0003-Initial-tests-proving-CVE-2018-7750-1175.patch:
  add testcases plus prereq
- CVE-2018-7750

  [ Fabien Tassin ]
  * SECURITY UPDATE: weak diffie-hellman-group1-sha1 kex always preferred (LP: 
#1728607)
- 
0010-git-c1233679c44-change-order-of-preferred-kex-and-hmac-algorithms.patch
- 
0011-git-b395444062e-Reorder-cipher-and-key-preferences-to-make-more-sense.patch
Backport of the upstream changes from 2.3.1, matching the OpenSSH 7
deprecation of diffie-hellman-group1-sha1 
(http://www.openssh.com/legacy.html).
This patch doesn't remove the support of diffie-hellman-group1-sha1 but
makes it the least preferred kex for backward compatibility

Date: 2018-03-17 05:17:12.246838+00:00
Changed-By: Steve Beattie 
https://launchpad.net/ubuntu/+source/paramiko/1.16.0-1ubuntu0.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] tiff 4.0.6-1ubuntu0.3 (Accepted)

[Marc Deslauriers]

tiff (4.0.6-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS in tif_read.c
- debian/patches/CVE-2016-10266.patch: fix uint32 overflow in
  libtiff/tif_read.c, libtiff/tiffiop.h.
- CVE-2016-10266
  * SECURITY UPDATE: DoS in tif_ojpeg.c
- debian/patches/CVE-2016-10267.patch: make OJPEGDecode() early exit in
  case of failure in libtiff/tif_ojpeg.c.
- CVE-2016-10267
  * SECURITY UPDATE: DoS in tif_unix.c
- debian/patches/CVE-2016-10268.patch: avoid uint32 underflow in
  cpDecodedStrips in tools/tiffcp.c.
- CVE-2016-10268
  * SECURITY UPDATE: DoS in tif_unix.c
- debian/patches/CVE-2016-10269.patch: fix heap-based buffer overflow
  in libtiff/tif_luv.c, libtiff/tif_pixarlog.c.
- CVE-2016-10269
  * SECURITY UPDATE: DoS in TIFFWriteDirectoryTagCheckedRational
- debian/patches/CVE-2016-10371.patch: replace assertion by runtime
  check in libtiff/tif_dirwrite.c, tools/tiffcrop.c.
- CVE-2016-10371
  * SECURITY UPDATE: DoS in putagreytile function
- debian/patches/CVE-2017-7592.patch: add explicit uint32 cast in
  libtiff/tif_getimage.c.
- CVE-2017-7592
  * SECURITY UPDATE: information disclosure in tif_read.c
- debian/patches/CVE-2017-7593.patch: use _TIFFcalloc() to zero in
  libtiff/tif_read.c, libtiff/tif_unix.c, libtiff/tif_vms.c,
  libtiff/tif_win32.c, libtiff/tiffio.h.
- CVE-2017-7593
  * SECURITY UPDATE: DoS in OJPEGReadHeaderInfoSecTablesDcTable
- debian/patches/CVE-2017-7594-1.patch: fix leak in
  libtiff/tif_ojpeg.c.
- debian/patches/CVE-2017-7594-2.patch: fix another leak in
  libtiff/tif_ojpeg.c.
- CVE-2017-7594
  * SECURITY UPDATE: DoS in JPEGSetupEncode
- debian/patches/CVE-2017-7595.patch: avoid integer division by zero in
  libtiff/tif_jpeg.c.
- CVE-2017-7595
  * SECURITY UPDATE: DoS via undefined behaviour
- debian/patches/CVE-2017-7596_7597_7599_7600.patch: avoir undefined
  behaviour in libtiff/tif_dir.c, libtiff/tif_dirread.c,
  libtiff/tif_dirwrite.c.
- CVE-2017-7596
- CVE-2017-7597
- CVE-2017-7599
- CVE-2017-7600
  * SECURITY UPDATE: DoS via divide-by-zero
- debian/patches/CVE-2017-7598.patch: avoid division by floating point
  0 in libtiff/tif_dirread.c.
- CVE-2017-7598
  * SECURITY UPDATE: DoS via undefined behaviour
- debian/patches/CVE-2017-7601.patch: validate BitsPerSample in
  libtiff/tif_jpeg.c.
- CVE-2017-7601
  * SECURITY UPDATE: signed integer overflow
- debian/patches/CVE-2017-7602.patch: avoid potential undefined
  behaviour in libtiff/tif_read.c.
- CVE-2017-7602
  * SECURITY UPDATE: DoS via memory leak
- debian/patches/CVE-2017-9403_9815.patch: fix memory leak in
  libtiff/tif_dirread.c, tools/tiff2ps.c.
- CVE-2017-9403
- CVE-2017-9815
  * SECURITY UPDATE: DoS via memory leak
- debian/patches/CVE-2017-9404.patch: fix potential memory leak in
  libtiff/tif_ojpeg.c.
- CVE-2017-9404
  * SECURITY UPDATE: DoS via memory leak
- debian/patches/CVE-2017-9936.patch: fix memory leak in
  libtiff/tif_jbig.c.
- CVE-2017-9936
  * SECURITY UPDATE: DoS via assertion
- debian/patches/CVE-2017-10688.patch: replace assertion in
  libtiff/tif_dirwrite.c.
- CVE-2017-10688
  * SECURITY UPDATE: heap overflow in tiff2pdf.c
- debian/patches/CVE-2017-11335.patch: prevent heap buffer overflow
  write in tools/tiff2pdf.c.
- CVE-2017-11335
  * SECURITY UPDATE: DoS in TIFFReadDirEntryArray
- debian/patches/CVE-2017-12944.patch: add protection against excessive
  memory allocation attempts in libtiff/tif_dirread.c.
- CVE-2017-12944
  * SECURITY UPDATE: DoS via assertion
- debian/patches/CVE-2017-13726.patch: replace assertion in
  libtiff/tif_dirwrite.c.
- CVE-2017-13726
  * SECURITY UPDATE: DoS via assertion
- debian/patches/CVE-2017-13727.patch: replace assertion in
  libtiff/tif_dirwrite.c.
- CVE-2017-13727
  * SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2017-18013.patch: fix null pointer dereference in
  libtiff/tif_print.c.
- CVE-2017-18013
  * SECURITY UPDATE: DoS via resource consumption
- debian/patches/CVE-2018-5784.patch: fix infinite loop in
  contrib/addtiffo/tif_overview.c, tools/tiff2pdf.c, tools/tiffcrop.c.
- CVE-2018-5784

Date: 2018-03-20 16:40:13.916633+00:00
Changed-By: Marc Deslauriers 
https://launchpad.net/ubuntu/+source/tiff/4.0.6-1ubuntu0.3
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes