[ubuntu/xenial-updates] glib2.0 2.48.2-0ubuntu4.7 (Accepted)
glib2.0 (2.48.2-0ubuntu4.7) xenial-security; urgency=medium * SECURITY UPDATE: g_byte_array_new_take length truncation - debian/patches/CVE-2021-2721x/CVE-2021-27218.patch: do not accept too large byte arrays in glib/garray.c, glib/gbytes.c, glib/tests/bytes.c. - CVE-2021-27218 * SECURITY UPDATE: integer overflow in g_bytes_new - debian/patches/CVE-2021-2721x/CVE-2021-27219*.patch: add internal g_memdup2() function and use it instead of g_memdup() in a bunch of places. - CVE-2021-27219 Date: 2021-03-03 14:44:09.448568+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/glib2.0/2.48.2-0ubuntu4.7 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] golang-1.10 1.10.4-2ubuntu1~16.04.2 (Accepted)
golang-1.10 (1.10.4-2ubuntu1~16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: XSS (LP: #1914372) - debian/patches/CVE-2020-24553.patch: Add Content-Type detection in net/http/cgi and net/http/fcgi. - CVE-2020-24553 Date: 2021-02-26 22:26:09.208808+00:00 Changed-By: Dariusz Gadomski Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/golang-1.10/1.10.4-2ubuntu1~16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] glib2.0 2.48.2-0ubuntu4.7 (Accepted)
glib2.0 (2.48.2-0ubuntu4.7) xenial-security; urgency=medium * SECURITY UPDATE: g_byte_array_new_take length truncation - debian/patches/CVE-2021-2721x/CVE-2021-27218.patch: do not accept too large byte arrays in glib/garray.c, glib/gbytes.c, glib/tests/bytes.c. - CVE-2021-27218 * SECURITY UPDATE: integer overflow in g_bytes_new - debian/patches/CVE-2021-2721x/CVE-2021-27219*.patch: add internal g_memdup2() function and use it instead of g_memdup() in a bunch of places. - CVE-2021-27219 Date: 2021-03-03 14:44:09.448568+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/glib2.0/2.48.2-0ubuntu4.7 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] golang-1.10 1.10.4-2ubuntu1~16.04.2 (Accepted)
golang-1.10 (1.10.4-2ubuntu1~16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: XSS (LP: #1914372) - debian/patches/CVE-2020-24553.patch: Add Content-Type detection in net/http/cgi and net/http/fcgi. - CVE-2020-24553 Date: 2021-02-26 22:26:09.208808+00:00 Changed-By: Dariusz Gadomski Signed-By: Avital Ostromich https://launchpad.net/ubuntu/+source/golang-1.10/1.10.4-2ubuntu1~16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes