[ubuntu/trusty-updates] ghostscript 9.10~dfsg-0ubuntu10.7 (Accepted)

ghostscript (9.10~dfsg-0ubuntu10.7) trusty-security; urgency=medium * SECURITY UPDATE: invalid handling of parameters to .eqproc and .rsdparams allowed disabling -dSAFER and thus code execution - debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters - debian/patches/CVE-2017

[ubuntu/trusty-security] ghostscript 9.10~dfsg-0ubuntu10.7 (Accepted)

ghostscript (9.10~dfsg-0ubuntu10.7) trusty-security; urgency=medium * SECURITY UPDATE: invalid handling of parameters to .eqproc and .rsdparams allowed disabling -dSAFER and thus code execution - debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters - debian/patches/CVE-2017

[ubuntu/trusty-updates] weechat 0.4.2-3ubuntu0.1 (Accepted)

weechat (0.4.2-3ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: remote buffer overflow crash by sending a filename via DCC to the IRC plugin (LP: #1686478) - debian/patches/03_fix_CVE-2017-8073.patch: Fix quote removal in irc_ctcp_dcc_filename_without_quotes function

[ubuntu/trusty-security] weechat 0.4.2-3ubuntu0.1 (Accepted)

weechat (0.4.2-3ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: remote buffer overflow crash by sending a filename via DCC to the IRC plugin (LP: #1686478) - debian/patches/03_fix_CVE-2017-8073.patch: Fix quote removal in irc_ctcp_dcc_filename_without_quotes function

[ubuntu/trusty-updates] libxslt 1.1.28-2ubuntu0.1 (Accepted)

libxslt (1.1.28-2ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: type-confusion leading to denial of service - debian/patches/0009-CVE-2015-7955.patch: check that the parent node is an element before dereferencing its namespace - CVE-2015-7955 * SECURITY UPDATE: out

[ubuntu/trusty-security] libxslt 1.1.28-2ubuntu0.1 (Accepted)

libxslt (1.1.28-2ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: type-confusion leading to denial of service - debian/patches/0009-CVE-2015-7955.patch: check that the parent node is an element before dereferencing its namespace - CVE-2015-7955 * SECURITY UPDATE: out

[ubuntu/trusty-updates] libgtk2-perl 2:1.249-2 (Accepted)

libgtk2-perl (2:1.249-2) unstable; urgency=medium [ intrigeri ] * Add debian/upstream/metadata [ gregor herrmann ] * Add patch to fix test failure caused by newer gdk-pixbuf. Thanks to Colin Watson for the patch. (Closes: #739809) * Update years of packaging copyright. Date: 2014-0

[ubuntu/trusty-updates] libpango-perl 1.224-2 (Accepted)

libpango-perl (1.224-2) unstable; urgency=low [ Alessandro Ghedini ] * Remove myself from Uploaders [ intrigeri ] * Upload to unstable. Date: 2013-08-09 04:16:08.880197+00:00 Signed-By: Steve Langasek https://launchpad.net/ubuntu/+source/libpango-perl/1.224-2 Sorry, changesfile not avai

[ubuntu/trusty-updates] libcairo-perl 1.104-1 (Accepted)

libcairo-perl (1.104-1) unstable; urgency=low * New upstream release. Date: 2013-10-01 22:14:20.722016+00:00 Signed-By: Steve Langasek https://launchpad.net/ubuntu/+source/libcairo-perl/1.104-1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Mod

[ubuntu/trusty-updates] libglib-perl 3:1.304-1 (Accepted)

libglib-perl (3:1.304-1) unstable; urgency=medium * New upstream release. * Declare compliance with Standards-Version 3.9.5. * Add a Lintian override for debian-watch-may-check-gpg-signature. Upstream does not provide detached signatures, but they sign Git tags, and we (well, at leas

[ubuntu/trusty-updates] nss 2:3.28.4-0ubuntu0.14.04.1 (Accepted)

nss (2:3.28.4-0ubuntu0.14.04.1) trusty-security; urgency=medium * Updated to upstream 3.28.4 to fix security issues and get a new CA certificate bundle. * SECURITY UPDATE: DES and Triple DES ciphers birthday attack - CVE-2016-2183 * SECURITY UPDATE: out-of-bounds write in Base64 deco

[ubuntu/trusty-updates] nspr 2:4.13.1-0ubuntu0.14.04.1 (Accepted)

nspr (2:4.13.1-0ubuntu0.14.04.1) trusty-security; urgency=medium * Update to 4.13.1 to support nss security update. Date: 2017-04-26 15:09:13.796147+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/nspr/2:4.13.1-0ubuntu0.14.04.1 Sorry, c

[ubuntu/trusty-security] nss 2:3.28.4-0ubuntu0.14.04.1 (Accepted)

nss (2:3.28.4-0ubuntu0.14.04.1) trusty-security; urgency=medium * Updated to upstream 3.28.4 to fix security issues and get a new CA certificate bundle. * SECURITY UPDATE: DES and Triple DES ciphers birthday attack - CVE-2016-2183 * SECURITY UPDATE: out-of-bounds write in Base64 deco

[ubuntu/trusty-security] nspr 2:4.13.1-0ubuntu0.14.04.1 (Accepted)

nspr (2:4.13.1-0ubuntu0.14.04.1) trusty-security; urgency=medium * Update to 4.13.1 to support nss security update. Date: 2017-04-26 15:09:13.796147+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/nspr/2:4.13.1-0ubuntu0.14.04.1 Sorry, changesfile not available.-- Trust

[ubuntu/trusty-updates] graphviz 2.36.0-0ubuntu3.2 (Accepted)

graphviz (2.36.0-0ubuntu3.2) trusty; urgency=medium * Add missing dependency from libgraphviz-dev to libgvc6-plugins-gtk (LP: #1398028) * Install missing GDK plugin in libgvc6-plugin-gtk Date: 2017-04-19 15:18:10.609057+00:00 Changed-By: Jeremy Bicha Signed-By: Brian Murray https://laun

[ubuntu/trusty-updates] mysql-5.5 5.5.55-0ubuntu0.14.04.1 (Accepted)

mysql-5.5 (5.5.55-0ubuntu0.14.04.1) trusty-security; urgency=medium * SECURITY UPDATE: Update to 5.5.55 to fix security issues - CVE-2017-3302 - CVE-2017-3305 - CVE-2017-3308 - CVE-2017-3309 - CVE-2017-3329 - CVE-2017-3453 - CVE-2017-3456 - CVE-2017-3461 - CVE

[ubuntu/trusty-security] mysql-5.5 5.5.55-0ubuntu0.14.04.1 (Accepted)

mysql-5.5 (5.5.55-0ubuntu0.14.04.1) trusty-security; urgency=medium * SECURITY UPDATE: Update to 5.5.55 to fix security issues - CVE-2017-3302 - CVE-2017-3305 - CVE-2017-3308 - CVE-2017-3309 - CVE-2017-3329 - CVE-2017-3453 - CVE-2017-3456 - CVE-2017-3461 - CVE