[ubuntu/xenial-proposed] xorg-hwe-16.04 1:7.7+13ubuntu4~16.04.2 (Accepted)
xorg-hwe-16.04 (1:7.7+13ubuntu4~16.04.2) xenial; urgency=medium * control: Drop xorg-driver-video alt recommends to allow easier install of the hwe stack. Date: Wed, 01 Feb 2017 10:13:15 +0200 Changed-By: Timo AaltonenMaintainer: Ubuntu X-SWAT Signed-By: Timo Aaltonen https://launchpad.net/ubuntu/+source/xorg-hwe-16.04/1:7.7+13ubuntu4~16.04.2 Format: 1.8 Date: Wed, 01 Feb 2017 10:13:15 +0200 Source: xorg-hwe-16.04 Binary: xserver-xorg-hwe-16.04 xserver-xorg-video-all-hwe-16.04 xserver-xorg-input-all-hwe-16.04 Architecture: source Version: 1:7.7+13ubuntu4~16.04.2 Distribution: xenial Urgency: medium Maintainer: Ubuntu X-SWAT Changed-By: Timo Aaltonen Description: xserver-xorg-hwe-16.04 - X.Org X server xserver-xorg-input-all-hwe-16.04 - X.Org X server -- input driver metapackage xserver-xorg-video-all-hwe-16.04 - X.Org X server -- output driver metapackage Changes: xorg-hwe-16.04 (1:7.7+13ubuntu4~16.04.2) xenial; urgency=medium . * control: Drop xorg-driver-video alt recommends to allow easier install of the hwe stack. Checksums-Sha1: 663b6794972a16dc9fec3cb8fab6137867a82ffa 1969 xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.dsc 7a7f42564548713bd4ad397d3dd9fafa85225783 294268 xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.tar.gz Checksums-Sha256: b46c033e5af74e127089550da504f2d15ef4799f9c24e0d3ab9c88786f55d42b 1969 xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.dsc 5e9ce4a68b128cc5459e2bd00db6bab35a9024a3fadf43c87d69b32e069e2103 294268 xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.tar.gz Files: bf5dd93193476b4fecb130487bfc19c7 1969 x11 optional xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.dsc 1c1089926aa17c7e5e5a8fe6bb165e5c 294268 x11 optional xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.tar.gz Original-Maintainer: Debian X Strike Force -- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] console-setup 1.108ubuntu15.3 (Accepted)
console-setup (1.108ubuntu15.3) xenial; urgency=medium * debian/console-setup-linux.setvtrgb.service: add condition to only execute when /dev/tty0 exists. This is the same condition as used by getty@.service unit to prevent attempting setting up VT when none are present. This is a common case on serial only architectures and virtual machines. Resolves degraded boots on s390x/ppc64el. LP: #1660598 Date: Tue, 31 Jan 2017 11:47:04 + Changed-By: Dimitri John LedkovMaintainer: Ubuntu Installer Team https://launchpad.net/ubuntu/+source/console-setup/1.108ubuntu15.3 Format: 1.8 Date: Tue, 31 Jan 2017 11:47:04 + Source: console-setup Binary: keyboard-configuration console-setup console-setup-mini console-setup-linux bdf2psf console-setup-udeb console-setup-amiga-ekmap console-setup-ataritt-ekmap console-setup-macintoshold-ekmap console-setup-pc-ekmap console-setup-sun4-ekmap console-setup-sun5-ekmap console-setup-pc-ekbd console-setup-linux-fonts-udeb console-setup-freebsd-fonts-udeb console-setup-linux-charmaps-udeb console-setup-freebsd-charmaps-udeb Architecture: source Version: 1.108ubuntu15.3 Distribution: xenial Urgency: medium Maintainer: Ubuntu Installer Team Changed-By: Dimitri John Ledkov Description: bdf2psf- font converter to generate console fonts from BDF source fonts console-setup - console font and keymap setup program console-setup-amiga-ekmap - encoded Linux keyboard layouts for Amiga keyboards (udeb) console-setup-ataritt-ekmap - encoded Linux keyboard layouts for Atari TT keyboards (udeb) console-setup-freebsd-charmaps-udeb - FreeBSD 8-bit charmaps for console-setup-udeb (udeb) console-setup-freebsd-fonts-udeb - FreeBSD console fonts for Debian Installer (udeb) console-setup-linux - Linux specific part of console-setup console-setup-linux-charmaps-udeb - Linux 8-bit charmaps for console-setup-udeb (udeb) console-setup-linux-fonts-udeb - Linux console fonts for Debian Installer (udeb) console-setup-macintoshold-ekmap - encoded Linux keyboard layouts for old-style Macintosh keyboards (udeb) console-setup-mini - console font and keymap setup program - reduced version for Linux console-setup-pc-ekbd - encoded FreeBSD keyboard layouts for PC keyboards (udeb) console-setup-pc-ekmap - encoded Linux keyboard layouts for PC keyboards (udeb) console-setup-sun4-ekmap - encoded Linux keyboard layouts for Sun4 keyboards (udeb) console-setup-sun5-ekmap - encoded Linux keyboard layouts for Sun5 keyboards (udeb) console-setup-udeb - Configure the keyboard (udeb) keyboard-configuration - system-wide keyboard preferences Launchpad-Bugs-Fixed: 1660598 Changes: console-setup (1.108ubuntu15.3) xenial; urgency=medium . * debian/console-setup-linux.setvtrgb.service: add condition to only execute when /dev/tty0 exists. This is the same condition as used by getty@.service unit to prevent attempting setting up VT when none are present. This is a common case on serial only architectures and virtual machines. Resolves degraded boots on s390x/ppc64el. LP: #1660598 Checksums-Sha1: 2e3bafd285166043fa5ecf1871b3fe5777820752 3094 console-setup_1.108ubuntu15.3.dsc cf15ac17648a8b32c1ae0b0c775a8e5ee8f59cae 1806932 console-setup_1.108ubuntu15.3.tar.xz Checksums-Sha256: ce37f02fb9bd7a5a4b834409c377ea1475e40e543fc18e430a793b34b672f157 3094 console-setup_1.108ubuntu15.3.dsc 9df1880e31bde121278a578f2cdf16e6afef2477839dc36f2add49a04d855b8c 1806932 console-setup_1.108ubuntu15.3.tar.xz Files: e3cafb09e318a1d1e77125df2fc87ce8 3094 utils optional console-setup_1.108ubuntu15.3.dsc dc05b0477642c05f87ae72b32ab422e7 1806932 utils optional console-setup_1.108ubuntu15.3.tar.xz Original-Maintainer: Debian Install System Team -- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] gnutls28 3.4.10-4ubuntu1.2 (Accepted)
gnutls28 (3.4.10-4ubuntu1.2) xenial-security; urgency=medium * SECURITY UPDATE: OCSP validation issue - debian/patches/CVE-2016-7444.patch: correctly verify the serial length in lib/x509/ocsp.c. - CVE-2016-7444 * SECURITY UPDATE: denial of service via warning alerts - debian/patches/CVE-2016-8610.patch: set a maximum number of warning messages in lib/gnutls_int.h, lib/gnutls_handshake.c, lib/gnutls_state.c. - CVE-2016-8610 * SECURITY UPDATE: double-free when reading proxy language - debian/patches/CVE-2017-5334.patch: fix double-free in lib/x509/x509_ext.c. - CVE-2017-5334 * SECURITY UPDATE: out of memory error in stream reading functions - debian/patches/CVE-2017-5335.patch: add error checking to lib/opencdk/read-packet.c. - CVE-2017-5335 * SECURITY UPDATE: stack overflow in cdk_pk_get_keyid - debian/patches/CVE-2017-5336.patch: check return code in lib/opencdk/pubkey.c. - CVE-2017-5336 * SECURITY UPDATE: heap read overflow when reading streams - debian/patches/CVE-2017-5337.patch: add more precise checks to lib/opencdk/read-packet.c. - CVE-2017-5337 * debian/patches/fix_expired_certs.patch: use datefudge to fix test with expired certs. Date: 2017-01-26 19:18:21.817877+00:00 Changed-By: Marc Deslauriershttps://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ntfs-3g 1:2015.3.14AR.1-1ubuntu0.1 (Accepted)
ntfs-3g (1:2015.3.14AR.1-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Improper environment scrubbing prior to executing modprobe could allow a local attacker to load arbitrary kernel modules - debian/patches/0002-CVE-2017-0358.patch: Execute modprobe with an empty environment. Based on patch from upstream. - CVE-2017-0358 Date: 2017-01-28 16:52:14.582891+00:00 Changed-By: Tyler Hickshttps://launchpad.net/ubuntu/+source/ntfs-3g/1:2015.3.14AR.1-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] ntfs-3g 1:2015.3.14AR.1-1ubuntu0.1 (Accepted)
ntfs-3g (1:2015.3.14AR.1-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Improper environment scrubbing prior to executing modprobe could allow a local attacker to load arbitrary kernel modules - debian/patches/0002-CVE-2017-0358.patch: Execute modprobe with an empty environment. Based on patch from upstream. - CVE-2017-0358 Date: 2017-01-28 16:52:14.582891+00:00 Changed-By: Tyler HicksSigned-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/ntfs-3g/1:2015.3.14AR.1-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] gnutls28 3.4.10-4ubuntu1.2 (Accepted)
gnutls28 (3.4.10-4ubuntu1.2) xenial-security; urgency=medium * SECURITY UPDATE: OCSP validation issue - debian/patches/CVE-2016-7444.patch: correctly verify the serial length in lib/x509/ocsp.c. - CVE-2016-7444 * SECURITY UPDATE: denial of service via warning alerts - debian/patches/CVE-2016-8610.patch: set a maximum number of warning messages in lib/gnutls_int.h, lib/gnutls_handshake.c, lib/gnutls_state.c. - CVE-2016-8610 * SECURITY UPDATE: double-free when reading proxy language - debian/patches/CVE-2017-5334.patch: fix double-free in lib/x509/x509_ext.c. - CVE-2017-5334 * SECURITY UPDATE: out of memory error in stream reading functions - debian/patches/CVE-2017-5335.patch: add error checking to lib/opencdk/read-packet.c. - CVE-2017-5335 * SECURITY UPDATE: stack overflow in cdk_pk_get_keyid - debian/patches/CVE-2017-5336.patch: check return code in lib/opencdk/pubkey.c. - CVE-2017-5336 * SECURITY UPDATE: heap read overflow when reading streams - debian/patches/CVE-2017-5337.patch: add more precise checks to lib/opencdk/read-packet.c. - CVE-2017-5337 * debian/patches/fix_expired_certs.patch: use datefudge to fix test with expired certs. Date: 2017-01-26 19:18:21.817877+00:00 Changed-By: Marc DeslauriersSigned-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] snapd 2.22.1 (Accepted)
snapd (2.22.1) xenial; urgency=medium * New upstream release, LP: #1659522 - cherry pick fix for snapctl auth.json handling snapd (2.22) xenial; urgency=medium * New upstream release, LP: #1659522 - many: make ubuntu-core-launcher mostly go - interfaces/builtin: add account-control interface - interfaces/builtin: add missing syscalls to core-support needed for systemctl - interfaces/builtin: rework core-support to only allow full access to systemctl - debian/tests: drop stale autopkgtest dependencies. - tests: make the debugging of c-unit-tests more useful - store: retry auth-related requests - tests: integration test for system reload - snap: be more helpful in the `snap install ` error message - tests: set SNAPPY_USE_STAGING_STORE in su call - tests: use test snap - spread: set SNAPD_DEBUG=1 in the core snap as well - tests: add extra debugging to security-setuid-root test - cmd,snap,wrappers: systemd reload command support - interfaces: builtin: mir: Allow recv and send - overlord/ifacestate: use ParseConnRef - overlord/snapstate,overlord/ifacestate: add automatic ubuntu-core -> core transition - debian: remove aliases as well in snapd.postrm - many: change interfaces.ParseID to return value - interfaces/opengl: allow access to the nvidia abstract socket - overlord, daemon: flag failures feature fancy forms. - many: add --classic support to try and revert, and make missing these things a little harder - interfaces: allow reading non-PCI-attached usb devices via raw-usb - many: rename snap-alter-ns to snap-update-ns - interfaces/builtin: add core-support - store: increase the retry.LimitTime() - debian: move the packaging out into package/$id-$version_id - overlord/stapstate: don't use unkeyed fields - many: add stub implementation of snap-alter-ns - asserts: improve error message when key is not valid at the given time - snapstate, ifacestate: add snapstate.CheckChangeConflict() to ifacestate.{Connect,Disconnect} - debian: remove trusty specific bits - docs: Add a note about building snapd. - interfaces: miscellaneous updates for default and network-control - daemon: bubble out store.ErrSnapNotFound in the findOne codepath - store: add retry logging into download as well - snap: show price in `snap info` - cmd: add fault injection support code - interfaces: network-manager: allow rw access to /etc/netplan - debian: move systemd files out of ./debian and into ./data/systemd - asserts: implement SuggestFormat to help avoid specifying the wrong format iteration for an assertion - many: detect potentially insecure use of snap-confine - interfaces: allow querying added security backends - cmd: ensure that all .c files have a -test.c file - asserts: don't use 'context' for the path of attributes, want to reuse the concept for something else - interfaces: abbreviate ConnRef construction - tests: ensure systemd override directory is available before using it - cmd: more build system cleanups and a small fix - tests: increase retries for service up - cmd: move seccomp cleanup function to seccomp-support - many: auto-connect plugs and slots symmetrically - overlord: use a ticker for the pruning - interfaces/builtin: add uhid interface - cmd/snap-confine: add shutdown helper - tests: fix path used when debugging - cmd: switch to non-recursive make - overlord/ifacestate: setup security of snaps affected by auto- connection - spread: refresh apt cache before first install - overlord: allow max 500 changes in "ready" state to avoid growing changes for 24h - snap: add {Plug,Slot}Info.SecurityTags - cmd: move snap-discard-ns to dedicated directory - tests: skip i18n test when no "snappy.mo" file is available - interfaces,overlord/ifacestate: small refactor around reference methods - tests: remove the snapd dirs last (should fix random test errors) - interfaces: mm: permissions for protocol proxies - interfaces/builtin: add evolution interfaces - many: extract the logging http client and user-agent handling for use in devicestate - interfaces: unity8-download-manager is the chosen name for this interface. - tests: add "quiet" wrapper function that only prints output on failure - tests: fix failing snapd-reexec test - docs: simplify HACKING.md that snapd itself supports setting up the sockets - overlord: flag required-snaps from model as required and prevent removing them - spread: exclude .o and .a files - tests: parameterize remote store - cmd: fix hardcoded paths to rst2man and support rst2man.py - tests: improve debug output when reexec is used - tests: disable ipv6 before unpacking delta -
[ubuntu/xenial-updates] iucode-tool 1.5.1-1ubuntu0.1 (Accepted)
iucode-tool (1.5.1-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: heap buffer overflow on -tr loader - debian/patches/CVE-2017-0357.patch: check al in intel_microcode.c. - CVE-2017-0357 Date: 2017-01-25 19:16:13.932432+00:00 Changed-By: Marc DeslauriersSigned-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/iucode-tool/1.5.1-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] libxpm 1:3.5.11-1ubuntu0.16.04.1 (Accepted)
libxpm (1:3.5.11-1ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: OOB write when handling malicious XPM files - debian/patches/CVE-2016-10164.patch: add bounds checks to src/CrDatFrI.c. - CVE-2016-10164 Date: 2017-01-25 21:03:14.423946+00:00 Changed-By: Marc DeslauriersSigned-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/libxpm/1:3.5.11-1ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] iucode-tool 1.5.1-1ubuntu0.1 (Accepted)
iucode-tool (1.5.1-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: heap buffer overflow on -tr loader - debian/patches/CVE-2017-0357.patch: check al in intel_microcode.c. - CVE-2017-0357 Date: 2017-01-25 19:16:13.932432+00:00 Changed-By: Marc Deslauriershttps://launchpad.net/ubuntu/+source/iucode-tool/1.5.1-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libxpm 1:3.5.11-1ubuntu0.16.04.1 (Accepted)
libxpm (1:3.5.11-1ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: OOB write when handling malicious XPM files - debian/patches/CVE-2016-10164.patch: add bounds checks to src/CrDatFrI.c. - CVE-2016-10164 Date: 2017-01-25 21:03:14.423946+00:00 Changed-By: Marc Deslauriershttps://launchpad.net/ubuntu/+source/libxpm/1:3.5.11-1ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] curtin 0.1.0~bzr437-0ubuntu1~16.04.1 (Accepted)
curtin (0.1.0~bzr437-0ubuntu1~16.04.1) xenial-proposed; urgency=medium * debian/new-upstream-snapshot: change to not use bzr merge-upstream. * New upstream snapshot. - pep8: fix pep8 errors found with 'make pep8' on zesty. - Workaround failures caused by gpg2 daemons left running in chroot. (LP: #1645680) - Install u-boot-tools when running on a system with u-boot. (LP: #1640519) - block: fix partition kname for raid devices (LP: #1641661) - Fix up tox errors that slipped in and new pycodestyle 2.1.0 complaints. - vmtests: adjust vmtest image sync metadata filenames - vmtests: Add centos support - Disable WilyTestRaid5Bcache vmtest - tools/xkvm: fix --netdev= - bytes2human: fix for values larger than 32 bit int on 32 bit python2. Date: 2017-01-18 18:11:11.032354+00:00 Changed-By: Scott MoserSigned-By: Robie Basak https://launchpad.net/ubuntu/+source/curtin/0.1.0~bzr437-0ubuntu1~16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes