[ubuntu/trusty-updates] proftpd-dfsg 1.3.5~rc3-2.1ubuntu2.1 (Accepted)

2016-12-07 Thread Ubuntu Archive Robot
proftpd-dfsg (1.3.5~rc3-2.1ubuntu2.1) trusty-security; urgency=low * SECURITY UPDATE: The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands. (LP: #1462311) - debian/patches/CVE-2015-3306.patch:

[ubuntu/trusty-updates] mariadb-5.5 5.5.53-1ubuntu0.14.04.1 (Accepted)

2016-12-07 Thread Ubuntu Archive Robot
mariadb-5.5 (5.5.53-1ubuntu0.14.04.1) trusty-security; urgency=low * SECURITY UPDATE: New upstream release 5.5.53. Includes fixes for the following security vulnerabilities (LP: #1638125): - CVE-2016-7440 - CVE-2016-5584 * Update previous changelog entries to contain new CVE

[ubuntu/trusty-security] mariadb-5.5 5.5.53-1ubuntu0.14.04.1 (Accepted)

2016-12-07 Thread Tyler Hicks
mariadb-5.5 (5.5.53-1ubuntu0.14.04.1) trusty-security; urgency=low * SECURITY UPDATE: New upstream release 5.5.53. Includes fixes for the following security vulnerabilities (LP: #1638125): - CVE-2016-7440 - CVE-2016-5584 * Update previous changelog entries to contain new CVE

[ubuntu/trusty-security] proftpd-dfsg 1.3.5~rc3-2.1ubuntu2.1 (Accepted)

2016-12-07 Thread Tyler Hicks
proftpd-dfsg (1.3.5~rc3-2.1ubuntu2.1) trusty-security; urgency=low * SECURITY UPDATE: The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands. (LP: #1462311) - debian/patches/CVE-2015-3306.patch:

[ubuntu/trusty-updates] libav 6:9.20-0ubuntu0.14.04.1 (Accepted)

2016-12-07 Thread Ubuntu Archive Robot
libav (6:9.20-0ubuntu0.14.04.1) trusty-security; urgency=medium * SECURITY UPDATE: Updated to 9.20 to fix various crashes with invalid-free, corrupted double-linked list or out-of-bounds read (LP: #1643467) - No CVE number Date: 2016-12-07 21:07:16.310648+00:00 Changed-By: Marc

[ubuntu/trusty-updates] openjdk-6 6b40-1.13.12-0ubuntu0.14.04.3 (Accepted)

2016-12-07 Thread Ubuntu Archive Robot
openjdk-6 (6b40-1.13.12-0ubuntu0.14.04.3) trusty-security; urgency=medium * Backported security fixes from 8u111: - CVE-2016-5582, S8160591: Improve internal array handling. - CVE-2016-5573, S8159519: Reformat JDWP messages. - CVE-2016-5597, S8160838: Better HTTP service. -

[ubuntu/trusty-security] libav 6:9.20-0ubuntu0.14.04.1 (Accepted)

2016-12-07 Thread Marc Deslauriers
libav (6:9.20-0ubuntu0.14.04.1) trusty-security; urgency=medium * SECURITY UPDATE: Updated to 9.20 to fix various crashes with invalid-free, corrupted double-linked list or out-of-bounds read (LP: #1643467) - No CVE number Date: 2016-12-07 21:07:16.310648+00:00 Changed-By: Marc

[ubuntu/trusty-security] openjdk-6 6b40-1.13.12-0ubuntu0.14.04.3 (Accepted)

2016-12-07 Thread Steve Beattie
openjdk-6 (6b40-1.13.12-0ubuntu0.14.04.3) trusty-security; urgency=medium * Backported security fixes from 8u111: - CVE-2016-5582, S8160591: Improve internal array handling. - CVE-2016-5573, S8159519: Reformat JDWP messages. - CVE-2016-5597, S8160838: Better HTTP service. -

[ubuntu/trusty-updates] ghostscript 9.10~dfsg-0ubuntu10.6 (Accepted)

2016-12-07 Thread Ubuntu Archive Robot
ghostscript (9.10~dfsg-0ubuntu10.6) trusty-security; urgency=medium * SECURITY UPDATE: Fix regression introduced by fix for CVE-2013-5653 (LP: #1647276) - debian/patches/CVE-2013-5653-regression.patch Date: 2016-12-07 16:24:13.923948+00:00 Changed-By: Emily Ratliff

[ubuntu/trusty-security] ghostscript 9.10~dfsg-0ubuntu10.6 (Accepted)

2016-12-07 Thread Emily Ratliff
ghostscript (9.10~dfsg-0ubuntu10.6) trusty-security; urgency=medium * SECURITY UPDATE: Fix regression introduced by fix for CVE-2013-5653 (LP: #1647276) - debian/patches/CVE-2013-5653-regression.patch Date: 2016-12-07 16:24:13.923948+00:00 Changed-By: Emily Ratliff

[ubuntu/trusty-proposed] initramfs-tools 0.103ubuntu4.5 (Accepted)

2016-12-07 Thread Brian Murray
initramfs-tools (0.103ubuntu4.5) trusty; urgency=medium [ Timo Aaltonen ] * hooks/framebuffer: Copy kernel/ubuntu/i915 backport driver too. (LP: #1500751) Date: Wed, 07 Dec 2016 01:27:28 -0800 Changed-By: Brian Murray Maintainer: Ubuntu Kernel Team

[ubuntu/trusty-updates] cloud-init 0.7.5-0ubuntu1.21 (Accepted)

2016-12-07 Thread Chris J Arges
cloud-init (0.7.5-0ubuntu1.21) trusty; urgency=medium * Microsoft Azure: - Install udev rules to create /dev/disk/cloud entries for Azure ephemeral disk. - debian/patches/lp-1603222-fix-ephemeral-disk-fstab.patch: - Use /dev/disk/cloud entries for ephemeral disk (LP:

[ubuntu/trusty-updates] python-django 1.6.11-0ubuntu1 (Accepted)

2016-12-07 Thread Chris J Arges
python-django (1.6.11-0ubuntu1) trusty; urgency=medium * Update to final upstream 1.6 microrelease (LP: #1644346) * Drop patches included upstream: - debian/patches/07_translation_encoding_fix.diff, ticket21869.diff, CVE-2014-0472.patch, CVE-2014-0473.patch, CVE-2014-0474.patch,

[ubuntu/trusty-proposed] dbus 1.6.18-0ubuntu4.5 (Accepted)

2016-12-07 Thread Tyler Hicks
dbus (1.6.18-0ubuntu4.5) trusty; urgency=medium * debian/patches/unrequested-reply-mediation.patch: Don't let unrequested reply messages through and don't audit them. Unrequested reply messages are error or method_return messages that are sent from D-Bus connection A to D-Bus

[ubuntu/trusty-proposed] tzdata 2016j-0ubuntu0.14.04 (Accepted)

2016-12-07 Thread Adam Conrad
tzdata (2016j-0ubuntu0.14.04) trusty; urgency=medium * New upstream release, updating Saratov, Tongatapu, Cyprus, and Casey. Date: Wed, 07 Dec 2016 03:03:42 -0700 Changed-By: Adam Conrad Maintainer: Ubuntu Developers

[ubuntu/trusty-updates] ubuntu-release-upgrader 1:0.220.9 (Accepted)

2016-12-07 Thread Brian Murray
ubuntu-release-upgrader (1:0.220.9) trusty-proposed; urgency=medium * No change rebuild so the dist-upgrader tarball will be signed with the new method. (LP: #1645906) Date: 2016-11-30 18:10:11.072800+00:00 Changed-By: Brian Murray