[ubuntu/xenial-updates] whoopsie 0.2.52.5ubuntu0.1 (Accepted)
whoopsie (0.2.52.5ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Integer overflow when handling large crash dumps (LP: #1830863) - src/whoopsie.c: Don't use signed integer types for lengths to ensure large crash dumps do not cause signed integer overflow - CVE-2019-11476 Date: 2019-07-05 07:42:38.503518+00:00 Changed-By: Alex Murray Maintainer: Evan Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/whoopsie/0.2.52.5ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] apport 2.20.1-0ubuntu2.19 (Accepted)
apport (2.20.1-0ubuntu2.19) xenial-security; urgency=medium * SECURITY UPDATE: TOCTOU issue allows local user to read arbitrary files (LP: #1830858) - apport/report.py: Avoid TOCTOU issue on users ignore file by dropping privileges and then opening the file both test for access and open the file in a single operation, instead of using access() before reading the file which could be abused by a symlink to cause Apport to read and embed an arbitrary file in the resulting crash dump. - CVE-2019-7307 Date: 2019-07-04 06:07:14.079469+00:00 Changed-By: Alex Murray Maintainer: Martin Pitt Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/apport/2.20.1-0ubuntu2.19 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] whoopsie 0.2.52.5ubuntu0.1 (Accepted)
whoopsie (0.2.52.5ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Integer overflow when handling large crash dumps (LP: #1830863) - src/whoopsie.c: Don't use signed integer types for lengths to ensure large crash dumps do not cause signed integer overflow - CVE-2019-11476 Date: 2019-07-05 07:42:38.503518+00:00 Changed-By: Alex Murray Maintainer: Evan https://launchpad.net/ubuntu/+source/whoopsie/0.2.52.5ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] apport 2.20.1-0ubuntu2.19 (Accepted)
apport (2.20.1-0ubuntu2.19) xenial-security; urgency=medium * SECURITY UPDATE: TOCTOU issue allows local user to read arbitrary files (LP: #1830858) - apport/report.py: Avoid TOCTOU issue on users ignore file by dropping privileges and then opening the file both test for access and open the file in a single operation, instead of using access() before reading the file which could be abused by a symlink to cause Apport to read and embed an arbitrary file in the resulting crash dump. - CVE-2019-7307 Date: 2019-07-04 06:07:14.079469+00:00 Changed-By: Alex Murray Maintainer: Martin Pitt https://launchpad.net/ubuntu/+source/apport/2.20.1-0ubuntu2.19 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] zeromq3 4.1.4-7ubuntu0.1 (Accepted)
zeromq3 (4.1.4-7ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Unauthenticated client can cause a stack overflow on any server that is supposed to be protected by encryption/authentication, leading to a DoS (crash) or possibly other impact. - debian/patches/CVE-2019-13132.patch: create buffers large enough to contain arbitrary metadata. - CVE-2019-13132 Date: 2019-07-08 16:09:15.911307+00:00 Changed-By: Eduardo dos Santos Barretto Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/zeromq3/4.1.4-7ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] zeromq3 4.1.4-7ubuntu0.1 (Accepted)
zeromq3 (4.1.4-7ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Unauthenticated client can cause a stack overflow on any server that is supposed to be protected by encryption/authentication, leading to a DoS (crash) or possibly other impact. - debian/patches/CVE-2019-13132.patch: create buffers large enough to contain arbitrary metadata. - CVE-2019-13132 Date: 2019-07-08 16:09:15.911307+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/zeromq3/4.1.4-7ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] glib2.0 2.48.2-0ubuntu4.3 (Accepted)
glib2.0 (2.48.2-0ubuntu4.3) xenial-security; urgency=medium * SECURITY UPDATE: Not properly restrict directory and file permissions - debian/patches/CVE-2019-13012.patch: changes the permissions when a directory is created, using 700 instead 777 in gio/gkeyfilesettingsbackend.c and changes test to run in a temp directory in gio/tests/gsettings.c. - CVE-2019-13012 Date: 2019-07-08 13:44:16.961906+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/glib2.0/2.48.2-0ubuntu4.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] glib2.0 2.48.2-0ubuntu4.3 (Accepted)
glib2.0 (2.48.2-0ubuntu4.3) xenial-security; urgency=medium * SECURITY UPDATE: Not properly restrict directory and file permissions - debian/patches/CVE-2019-13012.patch: changes the permissions when a directory is created, using 700 instead 777 in gio/gkeyfilesettingsbackend.c and changes test to run in a temp directory in gio/tests/gsettings.c. - CVE-2019-13012 Date: 2019-07-08 13:44:16.961906+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/glib2.0/2.48.2-0ubuntu4.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] aptdaemon 1.1.1+bzr982-0ubuntu14.1 (Accepted)
aptdaemon (1.1.1+bzr982-0ubuntu14.1) xenial; urgency=medium * Various locking fixes (LP: #1831981) - Implement frontend locking (incl. fixup from 0ubuntu24) - Adjust locking order to match APT - Use reverse order for unlocking * Test suite fixes: - Fix failing tests - Make failing tests fail the build again - debian/tests/control: Depend on gir1.2-vte-2.91, not gir1.2-vte-2.90 Date: Wed, 03 Jul 2019 12:39:38 +0200 Changed-By: Julian Andres Klode Maintainer: Ubuntu Developers https://launchpad.net/ubuntu/+source/aptdaemon/1.1.1+bzr982-0ubuntu14.1 Format: 1.8 Date: Wed, 03 Jul 2019 12:39:38 +0200 Source: aptdaemon Architecture: source Version: 1.1.1+bzr982-0ubuntu14.1 Distribution: xenial Urgency: medium Maintainer: Ubuntu Developers Changed-By: Julian Andres Klode Launchpad-Bugs-Fixed: 1831981 Changes: aptdaemon (1.1.1+bzr982-0ubuntu14.1) xenial; urgency=medium . * Various locking fixes (LP: #1831981) - Implement frontend locking (incl. fixup from 0ubuntu24) - Adjust locking order to match APT - Use reverse order for unlocking * Test suite fixes: - Fix failing tests - Make failing tests fail the build again - debian/tests/control: Depend on gir1.2-vte-2.91, not gir1.2-vte-2.90 Checksums-Sha1: cb6489db4eafe7bbc9b8caa3b7943949373163b6 3334 aptdaemon_1.1.1+bzr982-0ubuntu14.1.dsc b6006677d4af2b981e56ecd5cd2cedddedfe549e 30328 aptdaemon_1.1.1+bzr982-0ubuntu14.1.debian.tar.xz 6aa6df5c58f2f01e9f213a750776a5a638c943b9 17919 aptdaemon_1.1.1+bzr982-0ubuntu14.1_source.buildinfo Checksums-Sha256: afdfcaa283e3d89554c043d3b34ad26f3289b882941222580be2ab3b9b1d146c 3334 aptdaemon_1.1.1+bzr982-0ubuntu14.1.dsc b15eb879f385d56e55d49d600de5a6e325d0ab812c8103d06a7e8d91f145f486 30328 aptdaemon_1.1.1+bzr982-0ubuntu14.1.debian.tar.xz 4e0156ba7d890020c113b82689c1e0b044ef3989a38e0d1794ec7c1d1eca7686 17919 aptdaemon_1.1.1+bzr982-0ubuntu14.1_source.buildinfo Files: 553eb817f20b7518c690d0e4de564d0e 3334 admin extra aptdaemon_1.1.1+bzr982-0ubuntu14.1.dsc 9917e774e8e96ad503186db64b0b7467 30328 admin extra aptdaemon_1.1.1+bzr982-0ubuntu14.1.debian.tar.xz 7a1baa15691af2dcfce9c1b873cac9a1 17919 admin extra aptdaemon_1.1.1+bzr982-0ubuntu14.1_source.buildinfo Original-Maintainer: Julian Andres Klode -- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] lazr.restfulclient 0.13.4-5ubuntu2 (Accepted)
lazr.restfulclient (0.13.4-5ubuntu2) xenial; urgency=medium * Cherry-pick from upstream: - Fix handling of 304 responses with an empty body on Python 3 (LP: #1714960). Date: Mon, 08 Jul 2019 14:44:42 +0100 Changed-By: Andy Whitcroft Maintainer: Ubuntu Developers https://launchpad.net/ubuntu/+source/lazr.restfulclient/0.13.4-5ubuntu2 Format: 1.8 Date: Mon, 08 Jul 2019 14:44:42 +0100 Source: lazr.restfulclient Architecture: source Version: 0.13.4-5ubuntu2 Distribution: xenial Urgency: medium Maintainer: Ubuntu Developers Changed-By: Andy Whitcroft Launchpad-Bugs-Fixed: 1714960 Changes: lazr.restfulclient (0.13.4-5ubuntu2) xenial; urgency=medium . * Cherry-pick from upstream: - Fix handling of 304 responses with an empty body on Python 3 (LP: #1714960). Checksums-Sha1: 885612cc76a650062b4dccae7b4efc923e327a6b 2402 lazr.restfulclient_0.13.4-5ubuntu2.dsc 01df8dfc40d744c22ae6ea6f207d9cc0355f8f47 274824 lazr.restfulclient_0.13.4-5ubuntu2.debian.tar.xz eebf255f0e413ccff282a9360ff19798a3ce71fc 7337 lazr.restfulclient_0.13.4-5ubuntu2_source.buildinfo Checksums-Sha256: 34f6b3e867c1ad2d743154cb5ca2c829e6ac382bb223d08ffba677e0b2d0cc73 2402 lazr.restfulclient_0.13.4-5ubuntu2.dsc 05a852ccbd19425ad86cb450a2a42030feb70341d14f005ee872bd1a7622d234 274824 lazr.restfulclient_0.13.4-5ubuntu2.debian.tar.xz 4f597c20292ef62483cbbe156f638dede6581fc5c470bf146b3c91237c6e5a75 7337 lazr.restfulclient_0.13.4-5ubuntu2_source.buildinfo Files: 79ee3dcefb930b0cfcc9176486fa 2402 python optional lazr.restfulclient_0.13.4-5ubuntu2.dsc 5c8845d10a392cd11a008fb8c4103e43 274824 python optional lazr.restfulclient_0.13.4-5ubuntu2.debian.tar.xz 74bb3c398887c34a24ef8a918383664b 7337 python optional lazr.restfulclient_0.13.4-5ubuntu2_source.buildinfo Original-Maintainer: Stefano Rivera -- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] runc 1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4 (Accepted)
runc (1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4) xenial-security; urgency=medium * No change rebuild for the -security pocket Date: 2019-07-03 15:00:16.639855+00:00 Changed-By: Mike Salvatore Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/runc/1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] docker.io 18.09.7-0ubuntu1~16.04.4 (Accepted)
docker.io (18.09.7-0ubuntu1~16.04.4) xenial-security; urgency=medium * No change rebuild for the -security pocket Date: 2019-07-03 13:37:17.299495+00:00 Changed-By: Mike Salvatore Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~16.04.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] containerd 1.2.6-0ubuntu1~16.04.3 (Accepted)
containerd (1.2.6-0ubuntu1~16.04.3) xenial-security; urgency=medium * No change rebuild for the -security pocket Date: 2019-07-03 14:46:13.812076+00:00 Changed-By: Mike Salvatore Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/containerd/1.2.6-0ubuntu1~16.04.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] containerd 1.2.6-0ubuntu1~16.04.3 (Accepted)
containerd (1.2.6-0ubuntu1~16.04.3) xenial-security; urgency=medium * No change rebuild for the -security pocket Date: 2019-07-03 14:46:13.812076+00:00 Changed-By: Mike Salvatore https://launchpad.net/ubuntu/+source/containerd/1.2.6-0ubuntu1~16.04.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] docker.io 18.09.7-0ubuntu1~16.04.4 (Accepted)
docker.io (18.09.7-0ubuntu1~16.04.4) xenial-security; urgency=medium * No change rebuild for the -security pocket docker.io (18.09.7-0ubuntu1~16.04.1) xenial; urgency=medium * Backport to 16.04 (LP: #1834690). * Version dependency on containerd. * Revert "Let dh_systemd install .service file: replace .install file entry with symlink" * Build with golang-1.10-go package. * Relax the build dependency on debhelper. * Build depend on btrfs-tools, not libbtrfs-dev or btrfs-progs. * Re-add build-depends on dh-systemd docker.io (18.09.7-0ubuntu1) eoan; urgency=medium * Update to 18.09.7. (LP: #1834690) - Includes fix for CVE-2018-15664. docker.io (18.09.5-0ubuntu1) disco; urgency=medium * Update to 18.09.5. docker.io (18.09.3-0ubuntu1) disco; urgency=medium * Update to 18.09.3. - update d/upstream-version-commits - refresh d/patches/docker-prefix.patch to maintain dependence on docker-specific containerd daemon. - remove d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch, now included upstream. * Stop bundling containerd and runc and instead depend on the containerd package from the archive. docker.io (18.09.2-0ubuntu1) disco; urgency=medium * Update to 18.09.2, including fix for CVE-2019-5736. - Convert components/engine/git-bundles/CVE-2019-5736.bundle into d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch. - Hard code RUNC_COMMIT in d/rules for now. docker.io (18.09.1-0ubuntu2) disco; urgency=medium * Update "docker-prefix.patch" to also fix "docker.service" docker.io (18.09.1-0~ubuntu1) disco; urgency=medium [ Michael Hudson-Doyle ] * d/tests/docker-in-lxd: Increase timeout passed to lxd waitready. [ Tianon Gravi ] * Update to 18.09.1 upstream release [ Michael Hudson-Doyle ] * d/rules: Empty XDG_RUNTIME_DIR when smoke testing runc to avoid it doing silly things. * d/golang-github-docker-docker-dev.install: install some more go packages that other packages in the archive depend on. docker.io (18.06.1-0ubuntu2) disco; urgency=medium * Fix containerd/runc embedded commit values * Add "libsystemd-dev" to "Build-Depends" (LP: #1802979) Date: 2019-07-03 13:37:17.299495+00:00 Changed-By: Mike Salvatore https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~16.04.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] runc 1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4 (Accepted)
runc (1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4) xenial-security; urgency=medium * No change rebuild for the -security pocket runc (1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.3) xenial; urgency=medium * Correct build dependencies on s390x. * Fix build on powerc (need to check for binary-arch as well as binary target). runc (1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.2) xenial; urgency=medium * Build an empty package on powerpc that tells the user about itself on powerpc. runc (1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.1) xenial; urgency=medium * Backport to 16.04. (LP: #1824461) * Relax dependency on debhelper * Build using golang-1.10-go. * Work around dh_golang in Xenial not supporting DH_GOLANG_INSTALL_EXTRA runc (1.0.0~rc7+git20190403.029124da-0ubuntu1) disco; urgency=medium * New upstream version. * Fix dependencies of golang-github-opencontainers-runc-dev package. runc (1.0.0~rc6+git20190307.2b18fe1d-0ubuntu1) disco; urgency=medium * Update to https://github.com/opencontainers/runc/commit/2b18fe1d885ee5083ef9f0838fee39b62d653e30 - See also: https://github.com/containerd/containerd/blob/v1.2.5/RUNC.md https://github.com/containerd/containerd/blob/v1.2.5/vendor.conf#L23 * d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch: dropped, applied upstream. runc (1.0.0~rc6+git20181203.96ec2177-0ubuntu1) disco; urgency=medium * Add "basic-smoke" autopkgtest to verify basic functionality runc (1.0.0~rc6+git20181203.96ec2177-0~ubuntu2) disco; urgency=medium * d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch: Apply upstream fix for CVE-2019-5736. runc (1.0.0~rc6+git20181203.96ec2177-0~ubuntu1) disco; urgency=medium * Update to https://github.com/opencontainers/runc/commit/96ec2177ae841256168fcf76954f7177af9446eb - See also: https://github.com/containerd/containerd/blob/v1.2.2/RUNC.md https://github.com/containerd/containerd/blob/v1.2.2/vendor.conf#L23 runc (1.0.0~rc5+dfsg1-4) unstable; urgency=medium * New patch to disable Hugetlb tests. runc (1.0.0~rc5+dfsg1-3) unstable; urgency=medium * TAGS += ambient * New patch to fix FTBFS on mips* architectures. runc (1.0.0~rc5+dfsg1-2) unstable; urgency=medium * New patch to fix integer overflow on i686. * Build with "selinux" tag (Closes: #865993). Thanks, Laurent Bigonville. * Added myself to uploaders. runc (1.0.0~rc5+dfsg1-1) unstable; urgency=medium * Team upload. [ Arnaud Rebillout ] * Set minimum requirement for golang-gocapability-dev. And drop the alternative name golang-github-syndtr-gocapability-dev, this name never existed in the first place. [ Dmitry Smirnov ] * New upstream release * Testsuite: autopkgtest-pkg-go * Standards-Version: 4.1.4; Priority: optional * debhelper to version 11; compat to version 10. * Added "XS-Go-Import-Path". * (Build-)Depends: - golang-github-codegangsta-cli-dev - golang-github-coreos-pkg-dev - golang-golang-x-sys-dev - golang-logrus-dev + golang-github-containerd-console-dev + golang-github-pkg-errors-dev + golang-github-sirupsen-logrus-dev + golang-github-urfave-cli-dev runc (1.0.0~rc4+dfsg1-6) unstable; urgency=medium [ Michael Stapelberg ] * update debian/gitlab-ci.yml (using salsa.debian.org/go-team/ci/cmd/ci) [ Dmitry Smirnov ] * Removed myself from uploaders. [ Balint Reczey ] * Team upload * Stop using unix.SIGUNUSED which has been removed from golang.org/x/sys (Closes: #889704) runc (1.0.0~rc4+dfsg1-5) unstable; urgency=medium * Vcs-* urls: pkg-go-team -> go-team. runc (1.0.0~rc4+dfsg1-4) unstable; urgency=medium * Point vcs-* urls to packages subgroup. runc (1.0.0~rc4+dfsg1-3) unstable; urgency=medium * Change my email to @debian.org. * Move to salsa.debian.org. runc (1.0.0~rc4+dfsg1-2) unstable; urgency=medium * Mark runc breaking docker.io (<= 1.13.1~ds1-2) (Closes: #877146) runc (1.0.0~rc4+dfsg1-1) unstable; urgency=medium * Team Upload * Update watch file to match release candidates * Update Files-Excuded and d/control to match dependencies of rc4 * New upstream release candidate 1.0.0-rc4 * Drop obsoleted patches * Drop outdated README.source * Require at least final 1.0.0 release of golang-github-opencontainers-specs-dev (Closes: #858250) * Fix typo in golang-github-opencontainers-runc-dev package description (Closes: #873760) runc (1.0.0~rc2+git20170201.133.9df8b30-3) unstable; urgency=medium * Replace golang-go with golang-any in Build-Depends runc (1.0.0~rc2+git20170201.133.9df8b30-2) unstable; urgency=medium * Patch to make libcontainer ignore cgroup2 hierarchy. Patch pulled from https://github.com/opencontainers/runc/pull/1266. runc (1.0.0~rc2+git20170201.133.9df8b30-1) unstable; urgency=medium * New upstream snapshot for Docker 1.13.1. runc
[ubuntu/xenial-updates] libvirt 1.3.1-1ubuntu10.27 (Accepted)
libvirt (1.3.1-1ubuntu10.27) xenial-security; urgency=medium * SECURITY UPDATE: virDomainSaveImageGetXMLDesc does not check for read-only connection - debian/patches/CVE-2019-10161.patch: add check to src/libvirt-domain.c, src/qemu/qemu_driver.c, src/remote/remote_protocol.x. - CVE-2019-10161 * SECURITY UPDATE: virConnectGetDomainCapabilities does not check for read-only connection - debian/patches/CVE-2019-10167.patch: add check to src/libvirt-domain.c. - CVE-2019-10167 Date: 2019-07-02 14:34:13.455700+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/libvirt/1.3.1-1ubuntu10.27 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libvirt 1.3.1-1ubuntu10.27 (Accepted)
libvirt (1.3.1-1ubuntu10.27) xenial-security; urgency=medium * SECURITY UPDATE: virDomainSaveImageGetXMLDesc does not check for read-only connection - debian/patches/CVE-2019-10161.patch: add check to src/libvirt-domain.c, src/qemu/qemu_driver.c, src/remote/remote_protocol.x. - CVE-2019-10161 * SECURITY UPDATE: virConnectGetDomainCapabilities does not check for read-only connection - debian/patches/CVE-2019-10167.patch: add check to src/libvirt-domain.c. - CVE-2019-10167 Date: 2019-07-02 14:34:13.455700+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libvirt/1.3.1-1ubuntu10.27 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] friendly-recovery 0.2.31ubuntu2.1 (Accepted)
friendly-recovery (0.2.31ubuntu2.1) xenial; urgency=medium [ Steven Clarkson ] * lib/systemd/system-generators/friendly-recovery: Symlink default.target to earlydir instead of normaldir to be able to access recovery mode even if default target has been set via systemctl set-default (LP: #1821252). Date: 2019-06-25 13:24:10.888904+00:00 Changed-By: Ioanna Alifieraki Maintainer: Michael Vogt Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/friendly-recovery/0.2.31ubuntu2.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
