[ubuntu/xenial-proposed] xorg-hwe-16.04 1:7.7+13ubuntu4~16.04.2 (Accepted)

2017-02-01 Thread Timo Aaltonen 
xorg-hwe-16.04 (1:7.7+13ubuntu4~16.04.2) xenial; urgency=medium

  * control: Drop xorg-driver-video alt recommends to allow easier
install of the hwe stack.

Date: Wed, 01 Feb 2017 10:13:15 +0200
Changed-By: Timo Aaltonen 
Maintainer: Ubuntu X-SWAT 
Signed-By: Timo Aaltonen 
https://launchpad.net/ubuntu/+source/xorg-hwe-16.04/1:7.7+13ubuntu4~16.04.2
Format: 1.8
Date: Wed, 01 Feb 2017 10:13:15 +0200
Source: xorg-hwe-16.04
Binary: xserver-xorg-hwe-16.04 xserver-xorg-video-all-hwe-16.04 
xserver-xorg-input-all-hwe-16.04
Architecture: source
Version: 1:7.7+13ubuntu4~16.04.2
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu X-SWAT 
Changed-By: Timo Aaltonen 
Description:
 xserver-xorg-hwe-16.04 - X.Org X server
 xserver-xorg-input-all-hwe-16.04 - X.Org X server -- input driver metapackage
 xserver-xorg-video-all-hwe-16.04 - X.Org X server -- output driver metapackage
Changes:
 xorg-hwe-16.04 (1:7.7+13ubuntu4~16.04.2) xenial; urgency=medium
 .
   * control: Drop xorg-driver-video alt recommends to allow easier
 install of the hwe stack.
Checksums-Sha1:
 663b6794972a16dc9fec3cb8fab6137867a82ffa 1969 
xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.dsc
 7a7f42564548713bd4ad397d3dd9fafa85225783 294268 
xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.tar.gz
Checksums-Sha256:
 b46c033e5af74e127089550da504f2d15ef4799f9c24e0d3ab9c88786f55d42b 1969 
xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.dsc
 5e9ce4a68b128cc5459e2bd00db6bab35a9024a3fadf43c87d69b32e069e2103 294268 
xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.tar.gz
Files:
 bf5dd93193476b4fecb130487bfc19c7 1969 x11 optional 
xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.dsc
 1c1089926aa17c7e5e5a8fe6bb165e5c 294268 x11 optional 
xorg-hwe-16.04_7.7+13ubuntu4~16.04.2.tar.gz
Original-Maintainer: Debian X Strike Force 
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-proposed] console-setup 1.108ubuntu15.3 (Accepted)

2017-02-01 Thread Dimitri John Ledkov 
console-setup (1.108ubuntu15.3) xenial; urgency=medium

  * debian/console-setup-linux.setvtrgb.service: add condition to only
execute when /dev/tty0 exists. This is the same condition as used by
getty@.service unit to prevent attempting setting up VT when none are
present. This is a common case on serial only architectures and
virtual machines. Resolves degraded boots on s390x/ppc64el. LP:
#1660598

Date: Tue, 31 Jan 2017 11:47:04 +
Changed-By: Dimitri John Ledkov 
Maintainer: Ubuntu Installer Team 
https://launchpad.net/ubuntu/+source/console-setup/1.108ubuntu15.3
Format: 1.8
Date: Tue, 31 Jan 2017 11:47:04 +
Source: console-setup
Binary: keyboard-configuration console-setup console-setup-mini 
console-setup-linux bdf2psf console-setup-udeb console-setup-amiga-ekmap 
console-setup-ataritt-ekmap console-setup-macintoshold-ekmap 
console-setup-pc-ekmap console-setup-sun4-ekmap console-setup-sun5-ekmap 
console-setup-pc-ekbd console-setup-linux-fonts-udeb 
console-setup-freebsd-fonts-udeb console-setup-linux-charmaps-udeb 
console-setup-freebsd-charmaps-udeb
Architecture: source
Version: 1.108ubuntu15.3
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu Installer Team 
Changed-By: Dimitri John Ledkov 
Description:
 bdf2psf- font converter to generate console fonts from BDF source fonts
 console-setup - console font and keymap setup program
 console-setup-amiga-ekmap - encoded Linux keyboard layouts for Amiga keyboards 
(udeb)
 console-setup-ataritt-ekmap - encoded Linux keyboard layouts for Atari TT 
keyboards (udeb)
 console-setup-freebsd-charmaps-udeb - FreeBSD 8-bit charmaps for 
console-setup-udeb (udeb)
 console-setup-freebsd-fonts-udeb - FreeBSD console fonts for Debian Installer 
(udeb)
 console-setup-linux - Linux specific part of console-setup
 console-setup-linux-charmaps-udeb - Linux 8-bit charmaps for 
console-setup-udeb (udeb)
 console-setup-linux-fonts-udeb - Linux console fonts for Debian Installer 
(udeb)
 console-setup-macintoshold-ekmap - encoded Linux keyboard layouts for 
old-style Macintosh keyboards (udeb)
 console-setup-mini - console font and keymap setup program - reduced version 
for Linux
 console-setup-pc-ekbd - encoded FreeBSD keyboard layouts for PC keyboards 
(udeb)
 console-setup-pc-ekmap - encoded Linux keyboard layouts for PC keyboards (udeb)
 console-setup-sun4-ekmap - encoded Linux keyboard layouts for Sun4 keyboards 
(udeb)
 console-setup-sun5-ekmap - encoded Linux keyboard layouts for Sun5 keyboards 
(udeb)
 console-setup-udeb - Configure the keyboard (udeb)
 keyboard-configuration - system-wide keyboard preferences
Launchpad-Bugs-Fixed: 1660598
Changes:
 console-setup (1.108ubuntu15.3) xenial; urgency=medium
 .
   * debian/console-setup-linux.setvtrgb.service: add condition to only
 execute when /dev/tty0 exists. This is the same condition as used by
 getty@.service unit to prevent attempting setting up VT when none are
 present. This is a common case on serial only architectures and
 virtual machines. Resolves degraded boots on s390x/ppc64el. LP:
 #1660598
Checksums-Sha1:
 2e3bafd285166043fa5ecf1871b3fe5777820752 3094 console-setup_1.108ubuntu15.3.dsc
 cf15ac17648a8b32c1ae0b0c775a8e5ee8f59cae 1806932 
console-setup_1.108ubuntu15.3.tar.xz
Checksums-Sha256:
 ce37f02fb9bd7a5a4b834409c377ea1475e40e543fc18e430a793b34b672f157 3094 
console-setup_1.108ubuntu15.3.dsc
 9df1880e31bde121278a578f2cdf16e6afef2477839dc36f2add49a04d855b8c 1806932 
console-setup_1.108ubuntu15.3.tar.xz
Files:
 e3cafb09e318a1d1e77125df2fc87ce8 3094 utils optional 
console-setup_1.108ubuntu15.3.dsc
 dc05b0477642c05f87ae72b32ab422e7 1806932 utils optional 
console-setup_1.108ubuntu15.3.tar.xz
Original-Maintainer: Debian Install System Team 
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] gnutls28 3.4.10-4ubuntu1.2 (Accepted)

2017-02-01 Thread Marc Deslauriers 
gnutls28 (3.4.10-4ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: OCSP validation issue
- debian/patches/CVE-2016-7444.patch: correctly verify the serial
  length in lib/x509/ocsp.c.
- CVE-2016-7444
  * SECURITY UPDATE: denial of service via warning alerts
- debian/patches/CVE-2016-8610.patch: set a maximum number of warning
  messages in lib/gnutls_int.h, lib/gnutls_handshake.c,
  lib/gnutls_state.c.
- CVE-2016-8610
  * SECURITY UPDATE: double-free when reading proxy language
- debian/patches/CVE-2017-5334.patch: fix double-free in
  lib/x509/x509_ext.c.
- CVE-2017-5334
  * SECURITY UPDATE: out of memory error in stream reading functions
- debian/patches/CVE-2017-5335.patch: add error checking to
  lib/opencdk/read-packet.c.
- CVE-2017-5335
  * SECURITY UPDATE: stack overflow in cdk_pk_get_keyid
- debian/patches/CVE-2017-5336.patch: check return code in
  lib/opencdk/pubkey.c.
- CVE-2017-5336
  * SECURITY UPDATE: heap read overflow when reading streams
- debian/patches/CVE-2017-5337.patch: add more precise checks to
  lib/opencdk/read-packet.c.
- CVE-2017-5337
  * debian/patches/fix_expired_certs.patch: use datefudge to fix test with
expired certs.

Date: 2017-01-26 19:18:21.817877+00:00
Changed-By: Marc Deslauriers 
https://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] ntfs-3g 1:2015.3.14AR.1-1ubuntu0.1 (Accepted)

2017-02-01 Thread Tyler Hicks 
ntfs-3g (1:2015.3.14AR.1-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Improper environment scrubbing prior to executing
modprobe could allow a local attacker to load arbitrary kernel modules
- debian/patches/0002-CVE-2017-0358.patch: Execute modprobe with an empty
  environment. Based on patch from upstream.
- CVE-2017-0358

Date: 2017-01-28 16:52:14.582891+00:00
Changed-By: Tyler Hicks 
https://launchpad.net/ubuntu/+source/ntfs-3g/1:2015.3.14AR.1-1ubuntu0.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-updates] ntfs-3g 1:2015.3.14AR.1-1ubuntu0.1 (Accepted)

2017-02-01 Thread Ubuntu Archive Robot 
ntfs-3g (1:2015.3.14AR.1-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Improper environment scrubbing prior to executing
modprobe could allow a local attacker to load arbitrary kernel modules
- debian/patches/0002-CVE-2017-0358.patch: Execute modprobe with an empty
  environment. Based on patch from upstream.
- CVE-2017-0358

Date: 2017-01-28 16:52:14.582891+00:00
Changed-By: Tyler Hicks 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/ntfs-3g/1:2015.3.14AR.1-1ubuntu0.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-updates] gnutls28 3.4.10-4ubuntu1.2 (Accepted)

2017-02-01 Thread Ubuntu Archive Robot 
gnutls28 (3.4.10-4ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: OCSP validation issue
- debian/patches/CVE-2016-7444.patch: correctly verify the serial
  length in lib/x509/ocsp.c.
- CVE-2016-7444
  * SECURITY UPDATE: denial of service via warning alerts
- debian/patches/CVE-2016-8610.patch: set a maximum number of warning
  messages in lib/gnutls_int.h, lib/gnutls_handshake.c,
  lib/gnutls_state.c.
- CVE-2016-8610
  * SECURITY UPDATE: double-free when reading proxy language
- debian/patches/CVE-2017-5334.patch: fix double-free in
  lib/x509/x509_ext.c.
- CVE-2017-5334
  * SECURITY UPDATE: out of memory error in stream reading functions
- debian/patches/CVE-2017-5335.patch: add error checking to
  lib/opencdk/read-packet.c.
- CVE-2017-5335
  * SECURITY UPDATE: stack overflow in cdk_pk_get_keyid
- debian/patches/CVE-2017-5336.patch: check return code in
  lib/opencdk/pubkey.c.
- CVE-2017-5336
  * SECURITY UPDATE: heap read overflow when reading streams
- debian/patches/CVE-2017-5337.patch: add more precise checks to
  lib/opencdk/read-packet.c.
- CVE-2017-5337
  * debian/patches/fix_expired_certs.patch: use datefudge to fix test with
expired certs.

Date: 2017-01-26 19:18:21.817877+00:00
Changed-By: Marc Deslauriers 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-proposed] snapd 2.22.1 (Accepted)

2017-02-01 Thread Michael Vogt 
snapd (2.22.1) xenial; urgency=medium

  * New upstream release, LP: #1659522
- cherry pick fix for snapctl auth.json handling

snapd (2.22) xenial; urgency=medium

  * New upstream release, LP: #1659522
- many: make ubuntu-core-launcher mostly go
- interfaces/builtin: add account-control interface
- interfaces/builtin: add missing syscalls to core-support needed
  for systemctl
- interfaces/builtin: rework core-support to only allow full access
  to systemctl
- debian/tests: drop stale autopkgtest dependencies.
- tests: make the debugging of c-unit-tests more useful
- store: retry auth-related requests
- tests: integration test for system reload
- snap: be more helpful in the `snap install `
  error message
- tests: set SNAPPY_USE_STAGING_STORE in su call
- tests: use test snap
- spread: set SNAPD_DEBUG=1 in the core snap as well
- tests: add extra debugging to security-setuid-root test
- cmd,snap,wrappers: systemd reload command support
- interfaces: builtin: mir: Allow recv and send
- overlord/ifacestate: use ParseConnRef
- overlord/snapstate,overlord/ifacestate: add automatic ubuntu-core
  -> core transition
- debian: remove aliases as well in snapd.postrm
- many: change interfaces.ParseID to return value
- interfaces/opengl: allow access to the nvidia abstract socket
- overlord, daemon: flag failures feature fancy forms.
- many: add --classic support to try and revert, and make missing
  these things a little harder
- interfaces: allow reading non-PCI-attached usb devices via raw-usb
- many: rename snap-alter-ns to snap-update-ns
- interfaces/builtin: add core-support
- store: increase the retry.LimitTime()
- debian: move the packaging out into package/$id-$version_id
- overlord/stapstate: don't use unkeyed fields
- many: add stub implementation of snap-alter-ns
- asserts: improve error message when key is not valid at the given
  time
- snapstate, ifacestate: add snapstate.CheckChangeConflict() to
  ifacestate.{Connect,Disconnect}
- debian: remove trusty specific bits
- docs: Add a note about building snapd.
- interfaces: miscellaneous updates for default and network-control
- daemon: bubble out store.ErrSnapNotFound in the findOne codepath
- store: add retry logging into download as well
- snap: show price in `snap info`
- cmd: add fault injection support code
- interfaces: network-manager: allow rw access to /etc/netplan
- debian: move systemd files out of ./debian and into ./data/systemd
- asserts: implement SuggestFormat to help avoid specifying the
  wrong format iteration for an assertion
- many: detect potentially insecure use of snap-confine
- interfaces: allow querying added security backends
- cmd: ensure that all .c files have a -test.c file
- asserts: don't use 'context' for the path of attributes, want to
  reuse the concept for something else
- interfaces: abbreviate ConnRef construction
- tests: ensure systemd override directory is available before using
  it
- cmd: more build system cleanups and a small fix
- tests: increase retries for service up
- cmd: move seccomp cleanup function to seccomp-support
- many: auto-connect plugs and slots symmetrically
- overlord: use a ticker for the pruning
- interfaces/builtin: add uhid interface
- cmd/snap-confine: add shutdown helper
- tests: fix path used when debugging
- cmd: switch to non-recursive make
- overlord/ifacestate: setup security of snaps affected by auto-
  connection
- spread: refresh apt cache before first install
- overlord: allow max 500 changes in "ready" state to avoid growing
  changes for 24h
- snap: add {Plug,Slot}Info.SecurityTags
- cmd: move snap-discard-ns to dedicated directory
- tests: skip i18n test when no "snappy.mo" file is available
- interfaces,overlord/ifacestate: small refactor around reference
  methods
- tests: remove the snapd dirs last (should fix random test errors)
- interfaces: mm: permissions for protocol proxies
- interfaces/builtin: add evolution interfaces
- many: extract the logging http client and user-agent handling for
  use in devicestate
- interfaces: unity8-download-manager is the chosen name for this
  interface.
- tests: add "quiet" wrapper function that only prints output on
  failure
- tests: fix failing snapd-reexec test
- docs: simplify HACKING.md that snapd itself supports setting up
  the sockets
- overlord: flag required-snaps from model as required and prevent
  removing them
- spread: exclude .o and .a files
- tests: parameterize remote store
- cmd: fix hardcoded paths to rst2man and support rst2man.py
- tests: improve debug output when reexec is used
- tests: disable ipv6 before unpacking delta
-

[ubuntu/xenial-updates] iucode-tool 1.5.1-1ubuntu0.1 (Accepted)

2017-02-01 Thread Ubuntu Archive Robot 
iucode-tool (1.5.1-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow on -tr loader
- debian/patches/CVE-2017-0357.patch: check al in intel_microcode.c.
- CVE-2017-0357

Date: 2017-01-25 19:16:13.932432+00:00
Changed-By: Marc Deslauriers 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/iucode-tool/1.5.1-1ubuntu0.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-updates] libxpm 1:3.5.11-1ubuntu0.16.04.1 (Accepted)

2017-02-01 Thread Ubuntu Archive Robot 
libxpm (1:3.5.11-1ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: OOB write when handling malicious XPM files
- debian/patches/CVE-2016-10164.patch: add bounds checks to
  src/CrDatFrI.c.
- CVE-2016-10164

Date: 2017-01-25 21:03:14.423946+00:00
Changed-By: Marc Deslauriers 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/libxpm/1:3.5.11-1ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] iucode-tool 1.5.1-1ubuntu0.1 (Accepted)

2017-02-01 Thread Marc Deslauriers 
iucode-tool (1.5.1-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow on -tr loader
- debian/patches/CVE-2017-0357.patch: check al in intel_microcode.c.
- CVE-2017-0357

Date: 2017-01-25 19:16:13.932432+00:00
Changed-By: Marc Deslauriers 
https://launchpad.net/ubuntu/+source/iucode-tool/1.5.1-1ubuntu0.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] libxpm 1:3.5.11-1ubuntu0.16.04.1 (Accepted)

2017-02-01 Thread Marc Deslauriers 
libxpm (1:3.5.11-1ubuntu0.16.04.1) xenial-security; urgency=medium

  * SECURITY UPDATE: OOB write when handling malicious XPM files
- debian/patches/CVE-2016-10164.patch: add bounds checks to
  src/CrDatFrI.c.
- CVE-2016-10164

Date: 2017-01-25 21:03:14.423946+00:00
Changed-By: Marc Deslauriers 
https://launchpad.net/ubuntu/+source/libxpm/1:3.5.11-1ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-updates] curtin 0.1.0~bzr437-0ubuntu1~16.04.1 (Accepted)

2017-02-01 Thread Robie Basak 
curtin (0.1.0~bzr437-0ubuntu1~16.04.1) xenial-proposed; urgency=medium

  * debian/new-upstream-snapshot: change to not use bzr merge-upstream.
  * New upstream snapshot.
- pep8: fix pep8 errors found with 'make pep8' on zesty.
- Workaround failures caused by gpg2 daemons left running in chroot.
  (LP: #1645680)
- Install u-boot-tools when running on a system with u-boot. (LP: #1640519)
- block: fix partition kname for raid devices  (LP: #1641661)
- Fix up tox errors that slipped in and new pycodestyle 2.1.0 complaints.
- vmtests: adjust vmtest image sync metadata filenames
- vmtests: Add centos support
- Disable WilyTestRaid5Bcache vmtest
- tools/xkvm: fix --netdev=
- bytes2human: fix for values larger than 32 bit int on 32 bit python2.

Date: 2017-01-18 18:11:11.032354+00:00
Changed-By: Scott Moser 
Signed-By: Robie Basak 
https://launchpad.net/ubuntu/+source/curtin/0.1.0~bzr437-0ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes