proftpd-dfsg (1.3.5~rc3-2.1ubuntu2.1) trusty-security; urgency=low
* SECURITY UPDATE: The mod_copy module in ProFTPD 1.3.5 allows remote
attackers to read and write to arbitrary files via the site cpfr and
site cpto commands. (LP: #1462311)
- debian/patches/CVE-2015-3306.patch:
mariadb-5.5 (5.5.53-1ubuntu0.14.04.1) trusty-security; urgency=low
* SECURITY UPDATE: New upstream release 5.5.53. Includes fixes for the
following security vulnerabilities (LP: #1638125):
- CVE-2016-7440
- CVE-2016-5584
* Update previous changelog entries to contain new CVE
mariadb-5.5 (5.5.53-1ubuntu0.14.04.1) trusty-security; urgency=low
* SECURITY UPDATE: New upstream release 5.5.53. Includes fixes for the
following security vulnerabilities (LP: #1638125):
- CVE-2016-7440
- CVE-2016-5584
* Update previous changelog entries to contain new CVE
proftpd-dfsg (1.3.5~rc3-2.1ubuntu2.1) trusty-security; urgency=low
* SECURITY UPDATE: The mod_copy module in ProFTPD 1.3.5 allows remote
attackers to read and write to arbitrary files via the site cpfr and
site cpto commands. (LP: #1462311)
- debian/patches/CVE-2015-3306.patch:
libav (6:9.20-0ubuntu0.14.04.1) trusty-security; urgency=medium
* SECURITY UPDATE: Updated to 9.20 to fix various crashes with
invalid-free, corrupted double-linked list or out-of-bounds read
(LP: #1643467)
- No CVE number
Date: 2016-12-07 21:07:16.310648+00:00
Changed-By: Marc
openjdk-6 (6b40-1.13.12-0ubuntu0.14.04.3) trusty-security; urgency=medium
* Backported security fixes from 8u111:
- CVE-2016-5582, S8160591: Improve internal array handling.
- CVE-2016-5573, S8159519: Reformat JDWP messages.
- CVE-2016-5597, S8160838: Better HTTP service.
-
libav (6:9.20-0ubuntu0.14.04.1) trusty-security; urgency=medium
* SECURITY UPDATE: Updated to 9.20 to fix various crashes with
invalid-free, corrupted double-linked list or out-of-bounds read
(LP: #1643467)
- No CVE number
Date: 2016-12-07 21:07:16.310648+00:00
Changed-By: Marc
openjdk-6 (6b40-1.13.12-0ubuntu0.14.04.3) trusty-security; urgency=medium
* Backported security fixes from 8u111:
- CVE-2016-5582, S8160591: Improve internal array handling.
- CVE-2016-5573, S8159519: Reformat JDWP messages.
- CVE-2016-5597, S8160838: Better HTTP service.
-
ghostscript (9.10~dfsg-0ubuntu10.6) trusty-security; urgency=medium
* SECURITY UPDATE: Fix regression introduced by fix for CVE-2013-5653
(LP: #1647276)
- debian/patches/CVE-2013-5653-regression.patch
Date: 2016-12-07 16:24:13.923948+00:00
Changed-By: Emily Ratliff
ghostscript (9.10~dfsg-0ubuntu10.6) trusty-security; urgency=medium
* SECURITY UPDATE: Fix regression introduced by fix for CVE-2013-5653
(LP: #1647276)
- debian/patches/CVE-2013-5653-regression.patch
Date: 2016-12-07 16:24:13.923948+00:00
Changed-By: Emily Ratliff
initramfs-tools (0.103ubuntu4.5) trusty; urgency=medium
[ Timo Aaltonen ]
* hooks/framebuffer: Copy kernel/ubuntu/i915 backport driver too.
(LP: #1500751)
Date: Wed, 07 Dec 2016 01:27:28 -0800
Changed-By: Brian Murray
Maintainer: Ubuntu Kernel Team
cloud-init (0.7.5-0ubuntu1.21) trusty; urgency=medium
* Microsoft Azure:
- Install udev rules to create /dev/disk/cloud entries for Azure ephemeral
disk.
- debian/patches/lp-1603222-fix-ephemeral-disk-fstab.patch:
- Use /dev/disk/cloud entries for ephemeral disk (LP:
python-django (1.6.11-0ubuntu1) trusty; urgency=medium
* Update to final upstream 1.6 microrelease (LP: #1644346)
* Drop patches included upstream:
- debian/patches/07_translation_encoding_fix.diff, ticket21869.diff,
CVE-2014-0472.patch, CVE-2014-0473.patch, CVE-2014-0474.patch,
dbus (1.6.18-0ubuntu4.5) trusty; urgency=medium
* debian/patches/unrequested-reply-mediation.patch: Don't let unrequested
reply messages through and don't audit them. Unrequested reply messages
are error or method_return messages that are sent from D-Bus connection A
to D-Bus
tzdata (2016j-0ubuntu0.14.04) trusty; urgency=medium
* New upstream release, updating Saratov, Tongatapu, Cyprus, and Casey.
Date: Wed, 07 Dec 2016 03:03:42 -0700
Changed-By: Adam Conrad
Maintainer: Ubuntu Developers
ubuntu-release-upgrader (1:0.220.9) trusty-proposed; urgency=medium
* No change rebuild so the dist-upgrader tarball will be signed with the new
method. (LP: #1645906)
Date: 2016-11-30 18:10:11.072800+00:00
Changed-By: Brian Murray
16 matches
Mail list logo