[ubuntu/quantal-security] apache2 2.2.22-6ubuntu2.2 (Accepted)
apache2 (2.2.22-6ubuntu2.2) quantal-security; urgency=low
* SECURITY UPDATE: multiple cross-site scripting issues
- debian/patches/CVE-2012-3499_4558.patch: properly escape html in
modules/generators/{mod_info.c,mod_status.c},
modules/ldap/util_ldap_cache_mgr.c, modules/mappers/mod_imagemap.c,
modules/proxy/{mod_proxy_balancer.c,mod_proxy_ftp.c}.
- CVE-2012-3499
- CVE-2012-4558
* SECURITY UPDATE: symlink attack in apache2ctl script
- debian/apache2ctl: introduce and use a safer mkdir_chown() function.
- Thanks to Stefan Fritsch for the fix.
- CVE-2013-1048
Date: 2013-03-08 15:45:12.219912+00:00
Changed-By: Marc Deslauriers marc.deslauri...@canonical.com
https://launchpad.net/ubuntu/quantal/+source/apache2/2.2.22-6ubuntu2.2
Sorry, changesfile not available.--
Quantal-changes mailing list
Quantal-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-updates] apache2 2.2.22-6ubuntu2.2 (Accepted)
apache2 (2.2.22-6ubuntu2.2) quantal-security; urgency=low
* SECURITY UPDATE: multiple cross-site scripting issues
- debian/patches/CVE-2012-3499_4558.patch: properly escape html in
modules/generators/{mod_info.c,mod_status.c},
modules/ldap/util_ldap_cache_mgr.c, modules/mappers/mod_imagemap.c,
modules/proxy/{mod_proxy_balancer.c,mod_proxy_ftp.c}.
- CVE-2012-3499
- CVE-2012-4558
* SECURITY UPDATE: symlink attack in apache2ctl script
- debian/apache2ctl: introduce and use a safer mkdir_chown() function.
- Thanks to Stefan Fritsch for the fix.
- CVE-2013-1048
Date: 2013-03-08 15:45:12.219912+00:00
Changed-By: Marc Deslauriers marc.deslauri...@canonical.com
Signed-By: Ubuntu Archive Robot
cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk
https://launchpad.net/ubuntu/quantal/+source/apache2/2.2.22-6ubuntu2.2
Sorry, changesfile not available.--
Quantal-changes mailing list
Quantal-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-security] pam-xdg-support 0.2-0ubuntu1.1 (Accepted)
pam-xdg-support (0.2-0ubuntu1.1) quantal-security; urgency=low * SECURITY UPDATE: code execution via unsafe PATH (LP: #1155337) - debian/patches/CVE-2013-1052.patch: use absolute path when calling rm to prevent unsafe PATH when using with sudo. - CVE-2013-1052 Date: 2013-03-15 18:40:11.832370+00:00 Changed-By: Marc Deslauriers marc.deslauri...@canonical.com Maintainer: Steve Langasek steve.langa...@canonical.com https://launchpad.net/ubuntu/quantal/+source/pam-xdg-support/0.2-0ubuntu1.1 Sorry, changesfile not available.-- Quantal-changes mailing list Quantal-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-security] linux-signed 3.5.0-26.42 (Accepted)
linux-signed (3.5.0-26.42) quantal; urgency=low * Version 3.5.0-26.42 linux-signed (3.5.0-26.40) precise; urgency=low * Version 3.5.0-26.40 Date: 2013-03-11 19:00:09.780498+00:00 Changed-By: Andy Whitcroft a...@canonical.com Signed-By: Adam Conrad adcon...@0c3.net https://launchpad.net/ubuntu/quantal/+source/linux-signed/3.5.0-26.42 Sorry, changesfile not available.-- Quantal-changes mailing list Quantal-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-updates] pam-xdg-support 0.2-0ubuntu1.1 (Accepted)
pam-xdg-support (0.2-0ubuntu1.1) quantal-security; urgency=low * SECURITY UPDATE: code execution via unsafe PATH (LP: #1155337) - debian/patches/CVE-2013-1052.patch: use absolute path when calling rm to prevent unsafe PATH when using with sudo. - CVE-2013-1052 Date: 2013-03-15 18:40:11.832370+00:00 Changed-By: Marc Deslauriers marc.deslauri...@canonical.com Maintainer: Steve Langasek steve.langa...@canonical.com Signed-By: Ubuntu Archive Robot cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk https://launchpad.net/ubuntu/quantal/+source/pam-xdg-support/0.2-0ubuntu1.1 Sorry, changesfile not available.-- Quantal-changes mailing list Quantal-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-updates] linux-signed 3.5.0-26.42 (Accepted)
linux-signed (3.5.0-26.42) quantal; urgency=low * Version 3.5.0-26.42 linux-signed (3.5.0-26.40) precise; urgency=low * Version 3.5.0-26.40 Date: 2013-03-11 19:00:09.780498+00:00 Changed-By: Andy Whitcroft a...@canonical.com Signed-By: Adam Conrad adcon...@0c3.net https://launchpad.net/ubuntu/quantal/+source/linux-signed/3.5.0-26.42 Sorry, changesfile not available.-- Quantal-changes mailing list Quantal-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-security] linux-meta 3.5.0.26.32 (Accepted)
linux-meta (3.5.0.26.32) quantal-proposed; urgency=low [ Brad Figg ] * Bump ABI Date: 2013-02-26 20:00:16.916228+00:00 Changed-By: Brad Figg brad.f...@canonical.com Signed-By: Adam Conrad adcon...@0c3.net https://launchpad.net/ubuntu/quantal/+source/linux-meta/3.5.0.26.32 Sorry, changesfile not available.-- Quantal-changes mailing list Quantal-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-updates] linux-backports-modules-3.5.0 3.5.0-26.12 (Accepted)
linux-backports-modules-3.5.0 (3.5.0-26.12) quantal-proposed; urgency=low [ Brad Figg ] * Bump ABI for Quantal 3.5.0-26.40 Date: 2013-02-26 19:51:04.792130+00:00 Changed-By: Brad Figg brad.f...@canonical.com Signed-By: Adam Conrad adcon...@0c3.net https://launchpad.net/ubuntu/quantal/+source/linux-backports-modules-3.5.0/3.5.0-26.12 Sorry, changesfile not available.-- Quantal-changes mailing list Quantal-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-updates] linux 3.5.0-26.42 (Accepted)
linux (3.5.0-26.42) quantal-proposed; urgency=low
[Steve Conklin]
* Release Tracking Bug
- LP: #1152715
[ Andy Whitcroft ]
* ubuntu: overlayfs -- fix missmerge of vfs_open changes
- LP: #1122094, #1147678
linux (3.5.0-26.40) quantal-proposed; urgency=low
[Brad Figg]
* Release Tracking Bug
- LP: #1133429
[ Andy Whitcroft ]
* ubuntu: overlayfs -- fix missmerge of vfs_open changes
- LP: #1122094
[ Ian Campbell ]
* SAUCE: xen/netback: shutdown the ring if it contains garbage.
- LP: #1117325
- CVE-2013-0216
* SAUCE: netback: correct netbk_tx_err to handle wrap around.
- LP: #1117325
- CVE-2013-0216
* SAUCE: xen/netback: don't leak pages on failure in
xen_netbk_tx_check_gop.
- LP: #1117331
- CVE-2013-0217
* SAUCE: xen/netback: free already allocated memory on failure in
xen_netbk_get_requests
- LP: #1117331
- CVE-2013-0217
[ Jan Beulich ]
* SAUCE: xen-pciback: rate limit error messages from
xen_pcibk_enable_msi{, x}()
- LP: #1117336
- CVE-2013-0231
[ Tim Gardner ]
* [Config] CONFIG_SATA_AHCI=m
- LP: #1056563
* SAUCE: rt2x00: rt2x00pci_regbusy_read() - only print register access
failure once
- LP: #1128840
[ Upstream Kernel Changes ]
* Revert USB: Handle warm reset failure on empty port.
- LP: #1131944
* xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS
guests.
- LP: #1102374
- CVE-2013-0190
* virtio-blk: Don't free ida when disk is in use
- LP: #1119885
* ioat: Fix DMA memory sync direction correct flag
- LP: #1119885
* PCI: pciehp: Use per-slot workqueues to avoid deadlock
- LP: #1119885
* PCI/AER: pci_get_domain_bus_and_slot() call missing required
pci_dev_put()
- LP: #1119885
* xen/grant-table: correctly initialize grant table version 1
- LP: #1119885
* serial:ifx6x60:Delete SPI timer when shut down port
- LP: #1119885
* tty: 8250_dw: Fix inverted arguments to serial_out in IRQ handler
- LP: #1119885
* drm/i915: Invalidate the relocation presumed_offsets along the slow
path
- LP: #1119885
* ARM: 7627/1: Predicate preempt logic on PREEMP_COUNT not PREEMPT alone
- LP: #1119885
* staging: vt6656: Fix inconsistent structure packing
- LP: #1119885
* 8250/16?50: Add support for Broadcom TruManage redirected serial port
- LP: #1119885
* KVM: PPC: Emulate dcbf
- LP: #1119885
* staging: wlan-ng: Fix clamping of returned SSID length
- LP: #1119885
* USB: option: blacklist network interface on ONDA MT8205 4G LTE
- LP: #1119885
* USB: option: add TP-LINK HSUPA Modem MA180
- LP: #1119885
* ALSA: hda - Fix mute led for another HP machine
- LP: #1096789, #1119885
* usb: dwc3: gadget: fix ep-maxburst for ep0
- LP: #1119885
* ACPI / cpuidle: Fix NULL pointer issues when cpuidle is disabled
- LP: #1119885
* ACPI / processor: Get power info before updating the C-states
- LP: #1119885
* ARM: DMA: Fix struct page iterator in dma_cache_maint() to work with
sparsemem
- LP: #1119885
* evm: checking if removexattr is not a NULL
- LP: #1119885
* ALSA: hda - Add Conexant CX20755/20756/20757 codec IDs
- LP: #1119885
* ftrace: Be first to run code modification on modules
- LP: #1119885
* i2c: mxs: Fix type of error code
- LP: #1119885
* USB: UHCI: fix IRQ race during initialization
- LP: #1119885
* async: fix __lowest_in_progress()
- LP: #1119885
* fs/cifs/cifs_dfs_ref.c: fix potential memory leakage
- LP: #1119885
* ARM: at91: rm9200: remake the BGA as default version
- LP: #1119885
* Bluetooth: Fix sending HCI commands after reset
- LP: #1119885
* Bluetooth: Fix incorrect strncpy() in hidp_setup_hid()
- LP: #1119885
* ath9k_htc: Fix memory leak
- LP: #1119885
* ath9k: do not link receive buffers during flush
- LP: #1119885
* ath9k: add a better fix for the rx tasklet vs rx flush race
- LP: #1119885
* ath9k: fix rx flush handling
- LP: #1119885
* brcmsmac: increase timer reference count for new timers only
- LP: #1119885
* ath9k: remove sc-rx.rxbuflock to fix a deadlock
- LP: #1119885
* ath9k: disable the tasklet before taking the PCU lock
- LP: #1119885
* ASoC: wm2200: correct mixer values and text
- LP: #1119885
* mac80211: fix FT roaming
- LP: #1119885
* mac80211: synchronize scan off/on-channel and PS states
- LP: #1119885
* efi, x86: Pass a proper identity mapping in efi_call_phys_prelog
- LP: #1119885
* iwlegacy: fix IBSS cleanup
- LP: #1119885
* ath9k_hw: fix calibration issues on chainmask that don't include chain
0
- LP: #1119885
* ath9k_hw: fix chain swap setting when setting rx chainmask to 5
- LP: #1119885
* mwifiex: fix typo in PCIe adapter NULL check
- LP: #1119885
* drm/i915: Disable AsyncFlip performance optimisations
- LP: #1119885
* drm/i915: GFX_MODE Flush TLB
[ubuntu/quantal-updates] linux-meta 3.5.0.26.32 (Accepted)
linux-meta (3.5.0.26.32) quantal-proposed; urgency=low [ Brad Figg ] * Bump ABI Date: 2013-02-26 20:00:16.916228+00:00 Changed-By: Brad Figg brad.f...@canonical.com Signed-By: Adam Conrad adcon...@0c3.net https://launchpad.net/ubuntu/quantal/+source/linux-meta/3.5.0.26.32 Sorry, changesfile not available.-- Quantal-changes mailing list Quantal-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-security] linux-backports-modules-3.5.0 3.5.0-26.12 (Accepted)
linux-backports-modules-3.5.0 (3.5.0-26.12) quantal-proposed; urgency=low [ Brad Figg ] * Bump ABI for Quantal 3.5.0-26.40 Date: 2013-02-26 19:51:04.792130+00:00 Changed-By: Brad Figg brad.f...@canonical.com Signed-By: Adam Conrad adcon...@0c3.net https://launchpad.net/ubuntu/quantal/+source/linux-backports-modules-3.5.0/3.5.0-26.12 Sorry, changesfile not available.-- Quantal-changes mailing list Quantal-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/quantal-changes
[ubuntu/quantal-security] linux 3.5.0-26.42 (Accepted)
linux (3.5.0-26.42) quantal-proposed; urgency=low
[Steve Conklin]
* Release Tracking Bug
- LP: #1152715
[ Andy Whitcroft ]
* ubuntu: overlayfs -- fix missmerge of vfs_open changes
- LP: #1122094, #1147678
linux (3.5.0-26.40) quantal-proposed; urgency=low
[Brad Figg]
* Release Tracking Bug
- LP: #1133429
[ Andy Whitcroft ]
* ubuntu: overlayfs -- fix missmerge of vfs_open changes
- LP: #1122094
[ Ian Campbell ]
* SAUCE: xen/netback: shutdown the ring if it contains garbage.
- LP: #1117325
- CVE-2013-0216
* SAUCE: netback: correct netbk_tx_err to handle wrap around.
- LP: #1117325
- CVE-2013-0216
* SAUCE: xen/netback: don't leak pages on failure in
xen_netbk_tx_check_gop.
- LP: #1117331
- CVE-2013-0217
* SAUCE: xen/netback: free already allocated memory on failure in
xen_netbk_get_requests
- LP: #1117331
- CVE-2013-0217
[ Jan Beulich ]
* SAUCE: xen-pciback: rate limit error messages from
xen_pcibk_enable_msi{, x}()
- LP: #1117336
- CVE-2013-0231
[ Tim Gardner ]
* [Config] CONFIG_SATA_AHCI=m
- LP: #1056563
* SAUCE: rt2x00: rt2x00pci_regbusy_read() - only print register access
failure once
- LP: #1128840
[ Upstream Kernel Changes ]
* Revert USB: Handle warm reset failure on empty port.
- LP: #1131944
* xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS
guests.
- LP: #1102374
- CVE-2013-0190
* virtio-blk: Don't free ida when disk is in use
- LP: #1119885
* ioat: Fix DMA memory sync direction correct flag
- LP: #1119885
* PCI: pciehp: Use per-slot workqueues to avoid deadlock
- LP: #1119885
* PCI/AER: pci_get_domain_bus_and_slot() call missing required
pci_dev_put()
- LP: #1119885
* xen/grant-table: correctly initialize grant table version 1
- LP: #1119885
* serial:ifx6x60:Delete SPI timer when shut down port
- LP: #1119885
* tty: 8250_dw: Fix inverted arguments to serial_out in IRQ handler
- LP: #1119885
* drm/i915: Invalidate the relocation presumed_offsets along the slow
path
- LP: #1119885
* ARM: 7627/1: Predicate preempt logic on PREEMP_COUNT not PREEMPT alone
- LP: #1119885
* staging: vt6656: Fix inconsistent structure packing
- LP: #1119885
* 8250/16?50: Add support for Broadcom TruManage redirected serial port
- LP: #1119885
* KVM: PPC: Emulate dcbf
- LP: #1119885
* staging: wlan-ng: Fix clamping of returned SSID length
- LP: #1119885
* USB: option: blacklist network interface on ONDA MT8205 4G LTE
- LP: #1119885
* USB: option: add TP-LINK HSUPA Modem MA180
- LP: #1119885
* ALSA: hda - Fix mute led for another HP machine
- LP: #1096789, #1119885
* usb: dwc3: gadget: fix ep-maxburst for ep0
- LP: #1119885
* ACPI / cpuidle: Fix NULL pointer issues when cpuidle is disabled
- LP: #1119885
* ACPI / processor: Get power info before updating the C-states
- LP: #1119885
* ARM: DMA: Fix struct page iterator in dma_cache_maint() to work with
sparsemem
- LP: #1119885
* evm: checking if removexattr is not a NULL
- LP: #1119885
* ALSA: hda - Add Conexant CX20755/20756/20757 codec IDs
- LP: #1119885
* ftrace: Be first to run code modification on modules
- LP: #1119885
* i2c: mxs: Fix type of error code
- LP: #1119885
* USB: UHCI: fix IRQ race during initialization
- LP: #1119885
* async: fix __lowest_in_progress()
- LP: #1119885
* fs/cifs/cifs_dfs_ref.c: fix potential memory leakage
- LP: #1119885
* ARM: at91: rm9200: remake the BGA as default version
- LP: #1119885
* Bluetooth: Fix sending HCI commands after reset
- LP: #1119885
* Bluetooth: Fix incorrect strncpy() in hidp_setup_hid()
- LP: #1119885
* ath9k_htc: Fix memory leak
- LP: #1119885
* ath9k: do not link receive buffers during flush
- LP: #1119885
* ath9k: add a better fix for the rx tasklet vs rx flush race
- LP: #1119885
* ath9k: fix rx flush handling
- LP: #1119885
* brcmsmac: increase timer reference count for new timers only
- LP: #1119885
* ath9k: remove sc-rx.rxbuflock to fix a deadlock
- LP: #1119885
* ath9k: disable the tasklet before taking the PCU lock
- LP: #1119885
* ASoC: wm2200: correct mixer values and text
- LP: #1119885
* mac80211: fix FT roaming
- LP: #1119885
* mac80211: synchronize scan off/on-channel and PS states
- LP: #1119885
* efi, x86: Pass a proper identity mapping in efi_call_phys_prelog
- LP: #1119885
* iwlegacy: fix IBSS cleanup
- LP: #1119885
* ath9k_hw: fix calibration issues on chainmask that don't include chain
0
- LP: #1119885
* ath9k_hw: fix chain swap setting when setting rx chainmask to 5
- LP: #1119885
* mwifiex: fix typo in PCIe adapter NULL check
- LP: #1119885
* drm/i915: Disable AsyncFlip performance optimisations
- LP: #1119885
* drm/i915: GFX_MODE Flush TLB
