shim-signed (1.33.1~14.04.4) trusty; urgency=medium
* update-secureboot-policy: (LP: #1748983)
- Backport update-secureboot-policy changes to generate a MOK and guide
users through re-enabling validation and automatically signing DKMS
modules.
* debian/shim-signed.postinst:
dkms (2.2.0.3-1.1ubuntu5.14.04.10) trusty; urgency=medium
* debian/patches/shim_secureboot_support.patch:
- Move to signing just after module build to ensure it correctly applies
at kernel update times. (LP: #1772950)
- Generate a new MOK if there isn't one yet, and use that so
sendmail (8.14.4-4.1ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: Local users to access unintended high-numbered file
descriptors via a custom mail-delivery program.
- debian/patches/8.14/8.14.4/close_on_exec.patch: Properly set the
close-on-exec flag for file
sendmail (8.14.4-4.1ubuntu1.1) trusty-security; urgency=medium
* SECURITY UPDATE: Local users to access unintended high-numbered file
descriptors via a custom mail-delivery program.
- debian/patches/8.14/8.14.4/close_on_exec.patch: Properly set the
close-on-exec flag for file
iscsitarget (1.4.20.3+svn499-0ubuntu2.6) trusty; urgency=medium
* Fix ADT requirements to run daemon test only when isolation
level machine is available.
iscsitarget (1.4.20.3+svn499-0ubuntu2.5) trusty; urgency=medium
* Fix daemon dep8 test so it really tests for the running
daemon
dovecot (1:2.2.9-1ubuntu2.5) trusty-security; urgency=medium
* SECURITY UPDATE: incorrect client certificate validation
- debian/patches/CVE-2019-3814-1.patch: do not import empty certificate
username in src/auth/auth-request.c.
- debian/patches/CVE-2019-3814-2.patch: fail
dovecot (1:2.2.9-1ubuntu2.5) trusty-security; urgency=medium
* SECURITY UPDATE: incorrect client certificate validation
- debian/patches/CVE-2019-3814-1.patch: do not import empty certificate
username in src/auth/auth-request.c.
- debian/patches/CVE-2019-3814-2.patch: fail
