[ubuntu/xenial-security] strongswan 5.3.5-1ubuntu3.4 (Accepted)
strongswan (5.3.5-1ubuntu3.4) xenial-security; urgency=medium * SECURITY UPDATE: Fix RSA signature verification - debian/patches/CVE-2017-11185.patch: does some verifications in order to avoid null-point dereference in src/libstrongswan/gmp/gmp_rsa_public_key.c - CVE-2017-11185 Date: 2017-08-17 15:15:13.199699+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/strongswan/5.3.5-1ubuntu3.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] augeas 1.4.0-0ubuntu1.1 (Accepted)
augeas (1.4.0-0ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: crash/memory corruption - debian/patches/CVE-2017-7555.patch: correctly handle trailing whitespace in src/pathx.c and add test in tests/test-xpath.c. - CVE-2017-7555 Date: 2017-08-18 16:37:14.597453+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/augeas/1.4.0-0ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] cvs 2:1.12.13+real-15ubuntu0.1 (Accepted)
cvs (2:1.12.13+real-15ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: SSH command injection via -o - src/rsh-client.c: fix argument parsing - CVE-2017-12836 Date: 2017-08-17 19:14:13.380952+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Signed-By: Ubuntu Archive Robothttps://launchpad.net/ubuntu/+source/cvs/2:1.12.13+real-15ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] graphite2 1.3.10-0ubuntu0.16.04.1 (Accepted)
graphite2 (1.3.10-0ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Update to 1.3.10 to fix security issues - CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-, CVE-2017-7778 Date: 2017-08-18 13:53:20.282018+00:00 Changed-By: Marc Deslauriershttps://launchpad.net/ubuntu/+source/graphite2/1.3.10-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] cvs 2:1.12.13+real-15ubuntu0.1 (Accepted)
cvs (2:1.12.13+real-15ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: SSH command injection via -o - src/rsh-client.c: fix argument parsing - CVE-2017-12836 Date: 2017-08-17 19:14:13.380952+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/cvs/2:1.12.13+real-15ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] strongswan 5.3.5-1ubuntu3.4 (Accepted)
strongswan (5.3.5-1ubuntu3.4) xenial-security; urgency=medium * SECURITY UPDATE: Fix RSA signature verification - debian/patches/CVE-2017-11185.patch: does some verifications in order to avoid null-point dereference in src/libstrongswan/gmp/gmp_rsa_public_key.c - CVE-2017-11185 Date: 2017-08-17 15:15:13.199699+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Signed-By: Ubuntu Archive Robothttps://launchpad.net/ubuntu/+source/strongswan/5.3.5-1ubuntu3.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] graphite2 1.3.10-0ubuntu0.16.04.1 (Accepted)
graphite2 (1.3.10-0ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Update to 1.3.10 to fix security issues - CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-, CVE-2017-7778 Date: 2017-08-18 13:53:20.282018+00:00 Changed-By: Marc DeslauriersSigned-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/graphite2/1.3.10-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] augeas 1.4.0-0ubuntu1.1 (Accepted)
augeas (1.4.0-0ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: crash/memory corruption - debian/patches/CVE-2017-7555.patch: correctly handle trailing whitespace in src/pathx.c and add test in tests/test-xpath.c. - CVE-2017-7555 Date: 2017-08-18 16:37:14.597453+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Signed-By: Ubuntu Archive Robothttps://launchpad.net/ubuntu/+source/augeas/1.4.0-0ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] kcoreaddons 5.18.0-0ubuntu1.1 (Accepted)
kcoreaddons (5.18.0-0ubuntu1.1) xenial-security; urgency=high * SECURITY UPDATE: KMail - HTML injection in plain text viewer (LP: #1630700) - CVE-2016-7966 - CVE-2016-7966_1.patch - 1be727 from upstream - CVE-2016-7966_2.patch - 96e562 from upstream - CVE-2016-7966_3.patch - a06cef from upstream - CVE-2016-7966_4.patch - 5e13d2 from upstream Date: 2017-08-21 14:28:14.493685+00:00 Changed-By: Simon QuigleySigned-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/kcoreaddons/5.18.0-0ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] kcoreaddons 5.18.0-0ubuntu1.1 (Accepted)
kcoreaddons (5.18.0-0ubuntu1.1) xenial-security; urgency=high * SECURITY UPDATE: KMail - HTML injection in plain text viewer (LP: #1630700) - CVE-2016-7966 - CVE-2016-7966_1.patch - 1be727 from upstream - CVE-2016-7966_2.patch - 96e562 from upstream - CVE-2016-7966_3.patch - a06cef from upstream - CVE-2016-7966_4.patch - 5e13d2 from upstream Date: 2017-08-21 14:28:14.493685+00:00 Changed-By: Simon QuigleySigned-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/kcoreaddons/5.18.0-0ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes