[ubuntu/trusty-security] libgd2 2.1.0-3ubuntu0.7 (Accepted)

, tests/gif/uninitialized_memory_read.c, tests/gif/unitialized_memory_read.gif. - CVE-2017-7890 Date: 2017-08-11 16:56:13.961185+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libgd2/2.1.0-3ubuntu0.7 Sorry, changesfile not available

[ubuntu/trusty-security] apport 2.14.1-0ubuntu3.25 (Accepted)

in every report. (LP: #1673557) * data/general/ubuntu-gnome.py: The GNOME3 PPAs are no longer supported for 14.04 or 16.04 so set an UnreportableReason in those reports. (LP: #1689093) Date: 2017-07-17 22:24:13.087723+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa

[ubuntu/trusty-security] shotwell 0.18.0-0ubuntu4.5 (Accepted)

-publishing-extras/YandexPublishing.vala, plugins/shotwell-publishing/PicasaPublishing.vala, plugins/shotwell-publishing/YouTubePublishing.vala. - CVE-2017-124 Date: 2017-08-04 16:51:19.880633+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Maintainer: Ubuntu

[ubuntu/trusty-security] gdk-pixbuf 2.30.7-0ubuntu1.7 (Accepted)

to cause DoS - debian/patches/CVE-2017-6311.patch: return an error when ICO didn't load in gdk-pixbuf/io-ico. - CVE-2017-6311 Date: 2017-09-14 15:19:13.609698+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.30.7-0ubuntu1.7

[ubuntu/trusty-security] emacs24 24.3+1-2ubuntu1.1 (Accepted)

:07:16.196469+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/emacs24/24.3+1-2ubuntu1.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com

[ubuntu/trusty-security] poppler 0.24.5-2ubuntu4.7 (Accepted)

- debian/patches/CVE-2017-9776.patch: fix malformed documents in poppler/JBIG2Stream.cc. - CVE-2017-9776 Date: 2017-10-05 14:28:02.168649+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.7 Sorry, changesfile

[ubuntu/trusty-security] ruby1.9.1 1.9.3.484-2ubuntu1.5 (Accepted)

patch extracted from debian Wheezy. - CVE-2017-14064 Date: 2017-10-03 19:48:17.058847+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby1.9.1/1.9.3.484-2ubuntu1.5 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty

[ubuntu/trusty-security] libgd2 2.1.0-3ubuntu0.8 (Accepted)

, tests/png/bug00381_1.c, tests/png/bug00381_2.c. - CVE-2017-6362 Date: 2017-09-05 01:06:13.552879+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libgd2/2.1.0-3ubuntu0.8 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty

[ubuntu/trusty-security] poppler 0.24.5-2ubuntu4.6 (Accepted)

16:12:15.702372+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.6 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/trusty-security] libplist 1.10-1ubuntu0.1 (Accepted)

S. Barbosa) https://launchpad.net/ubuntu/+source/libplist/1.10-1ubuntu0.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] strongswan 5.1.2-0ubuntu2.7 (Accepted)

-11185 Date: 2017-08-17 18:07:15.530830+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/strongswan/5.1.2-0ubuntu2.7 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/trusty-security] augeas 1.2.0-0ubuntu1.3 (Accepted)

:13.282697+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/augeas/1.2.0-0ubuntu1.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman

[ubuntu/trusty-security] cvs 2:1.12.13+real-12ubuntu0.1 (Accepted)

cvs (2:1.12.13+real-12ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: SSH command injection via -o - src/rsh-client.c: fix argument parsing - CVE-2017-12836 Date: 2017-08-17 17:34:23.684187+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https

[ubuntu/trusty-security] ghostscript 9.10~dfsg-0ubuntu10.10 (Accepted)

methods in base/gsalloc.c. - CVE-2017-9835 Date: 2017-08-24 20:34:13.191373+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ghostscript/9.10~dfsg-0ubuntu10.10 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes

[ubuntu/trusty-security] texlive-base 2013.20140215-1ubuntu0.1 (Accepted)

:14.427899+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/texlive-base/2013.20140215-1ubuntu0.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/trusty-security] liblouis 2.5.3-2ubuntu1.1 (Accepted)

Date: 2017-08-31 16:03:17.269895+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/liblouis/2.5.3-2ubuntu1.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/trusty-security] fontforge 20120731.b-5ubuntu0.1 (Accepted)

/CVE-2017-11577.patch: fix out of bounds read in fontforge/parsettf.c - CVE-2017-11577 Date: 2017-08-30 15:18:13.994430+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/fontforge/20120731.b-5ubuntu0.1 Sorry, changesfile not available

[ubuntu/trusty-security] python2.7 2.7.6-8ubuntu0.4 (Accepted)

:22.187769+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/python2.7/2.7.6-8ubuntu0.4 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman

[ubuntu/trusty-security] python3.4 3.4.3-1ubuntu1~14.04.6 (Accepted)

:16.887995+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/python3.4/3.4.3-1ubuntu1~14.04.6 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/trusty-security] libxml2 2.9.1+dfsg1-3ubuntu4.12 (Accepted)

Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libxml2/2.9.1+dfsg1-3ubuntu4.12 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo

[ubuntu/trusty-security] perl 5.18.2-2ubuntu1.3 (Accepted)

buffer overflow in S_regatom - debian/patches/CVE-2017-12837.patch: fix issue in regcomp.c - CVE-2017-12837 Date: 2017-11-10 12:21:21.703708+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/perl/5.18.2-2ubuntu1.3 Sorry, changesfile

[ubuntu/trusty-security] db5.3 5.3.28-3ubuntu3.1 (Accepted)

db5.3 (5.3.28-3ubuntu3.1) trusty-security; urgency=medium * SECURITY UPDATE: Berkeley DB reads DB_CONFIG from cwd - debian/patches/CVE-2017-10140.patch in src/env/env_open.c. - CVE-2017-10140 Date: 2017-11-21 17:31:16.299860+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S

[ubuntu/trusty-security] liblouis 2.5.3-2ubuntu1.2 (Accepted)

+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/liblouis/2.5.3-2ubuntu1.2 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman

[ubuntu/trusty-security] rsync 3.1.0-2ubuntu0.3 (Accepted)

...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/rsync/3.1.0-2ubuntu0.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] libxml2 2.9.1+dfsg1-3ubuntu4.11 (Accepted)

libxml2 (2.9.1+dfsg1-3ubuntu4.11) trusty-security; urgency=medium * SECURITY UPDATE: infinite recursion in parameter entities - CVE-2017-16932 Date: 2017-12-04 20:02:28.396119+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libxml2

[ubuntu/trusty-security] poppler 0.24.5-2ubuntu4.8 (Accepted)

-26 17:03:17.481197+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.8 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/trusty-security] python-werkzeug 0.9.4+dfsg-1.1ubuntu2.1 (Accepted)

Date: 2017-10-24 20:38:41.561820+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/python-werkzeug/0.9.4+dfsg-1.1ubuntu2.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings

[ubuntu/trusty-security] wget 1.15-1ubuntu1.14.04.4 (Accepted)

(Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/wget/1.15-1ubuntu1.14.04.4 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] php-ssh2 0.12-1ubuntu0.1 (Accepted)

-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/php-ssh2/0.12-1ubuntu0.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty

[ubuntu/trusty-security] poppler 0.24.5-2ubuntu4.11 (Accepted)

-10768.patch: draw for malformed docs in poppler/Annot.c. - CVE-2018-10768 Date: 2018-05-15 15:06:29.400421+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/poppler/0.24.5-2ubuntu4.11 Sorry, changesfile not available.-- Trusty-changes

[ubuntu/trusty-security] python-rsa 3.1.2-1ubuntu0.1 (Accepted)

-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/python-rsa/3.1.2-1ubuntu0.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] xdg-utils 1.1.0~rc1-2ubuntu7.2 (Accepted)

xdg-utils (1.1.0~rc1-2ubuntu7.2) trusty-security; urgency=medium * SECURITY UPDATE: Argument-injection attack - debian/patches/CVE-2017-18266.patch: fix in xdg-open. - CVE-2017-18266 Date: 2018-05-18 17:34:38.133707+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa

[ubuntu/trusty-security] supervisor 3.0b2-1ubuntu0.1 (Accepted)

-11610 Date: 2018-05-17 19:33:17.544853+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/supervisor/3.0b2-1ubuntu0.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/trusty-security] spice 0.12.4-0nocelt2ubuntu1.6 (Accepted)

.patch: avoid integer overflow in spice-common/python_modules/demarshal.py, spice-common/python_modules/marshal.py. - CVE-2017-12194 Date: 2018-05-22 19:17:12.913391+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/spice/0.12.4

[ubuntu/trusty-security] ruby2.0 2.0.0.484-1ubuntu2.10 (Accepted)

- debian/patches/CVE-2018-8777*.patch: fix in lib/webrick/httpresponse.rb, lib/webrick/httpservlet/filehandler.rb, - CVE-2018-8777 Date: 2018-06-12 17:27:13.490593+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby2.0/2.0.0.484

[ubuntu/trusty-security] ruby1.9.1 1.9.3.484-2ubuntu1.12 (Accepted)

S. Barbosa) https://launchpad.net/ubuntu/+source/ruby1.9.1/1.9.3.484-2ubuntu1.12 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] perl 5.18.2-2ubuntu1.6 (Accepted)

...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/perl/5.18.2-2ubuntu1.6 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] batik 1.7.ubuntu-8ubuntu2.14.04.3 (Accepted)

Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/batik/1.7.ubuntu-8ubuntu2.14.04.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman

[ubuntu/trusty-security] libytnef 1.5-6ubuntu0.2 (Accepted)

:28.439371+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libytnef/1.5-6ubuntu0.2 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com

[ubuntu/trusty-security] liblouis 2.5.3-2ubuntu1.3 (Accepted)

- debian/patches/CVE-2018-11577.patch: fix in liblouis/compileTranslationTable.c. - CVE-2018-11577 Date: 2018-06-04 16:28:13.041927+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/liblouis/2.5.3-2ubuntu1.3 Sorry, changesfile

[ubuntu/trusty-security] liblouis 2.5.3-2ubuntu1.4 (Accepted)

:14.103895+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/liblouis/2.5.3-2ubuntu1.4 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman

[ubuntu/trusty-security] libclamunrar 0.99-0ubuntu0.14.04.2 (Accepted)

as suggested by the package maintainer. Date: 2018-05-02 15:01:36.821570+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libclamunrar/0.99-0ubuntu0.14.04.2 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes

[ubuntu/trusty-security] ghostscript 9.10~dfsg-0ubuntu10.12 (Accepted)

: Denial of service - debian/patches/CVE-2018-10194.patch: avoid infinite number in devices/vector/gdevpdts.c. - CVE-2018-10194 Date: 2018-04-23 19:13:12.345939+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ghostscript/9.10~dfsg

[ubuntu/trusty-security] icu 52.1-3ubuntu0.7 (Accepted)

...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/icu/52.1-3ubuntu0.7 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] mariadb-5.5 5.5.58-1ubuntu0.14.04.1 (Accepted)

to contain new CVE identifiers * Includes upstream MDEV-13819 server crash fix (LP: #1735876) Date: 2018-01-09 17:36:18.555050+00:00 Signed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/mariadb-5.5/5.5.58-1ubuntu0.14.04.1 Sorry, changesfile not available

[ubuntu/trusty-security] ruby1.9.1 1.9.3.484-2ubuntu1.7 (Accepted)

Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby1.9.1/1.9.3.484-2ubuntu1.7 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman

[ubuntu/trusty-security] ruby1.9.1 1.9.3.484-2ubuntu1.6 (Accepted)

...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby1.9.1/1.9.3.484-2ubuntu1.6 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] ruby2.0 2.0.0.484-1ubuntu2.5 (Accepted)

Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby2.0/2.0.0.484-1ubuntu2.5 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo

[ubuntu/trusty-security] poppler 0.24.5-2ubuntu4.9 (Accepted)

UPDATE: has a heap-based buffer over-read vulnerability - debian/patches/CVE-2017-14976.patch: fix crash in broken files in fofi/FoFiType1C.cc. - CVE-2017-14976 Date: 2018-01-04 19:23:14.650976+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net

[ubuntu/trusty-security] gdk-pixbuf 2.30.7-0ubuntu1.8 (Accepted)

-2017-6313 * SECURITY UPDATE: DoS (infinite loop) - debian/patches/CVE-2017-6314.patch: avoid overflow buffer size computation in gdk-pixbuf/io-tiff.c. - CVE-2017-6314 Date: 2018-01-12 12:42:20.296050+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https

[ubuntu/trusty-security] transmission 2.82-1.1ubuntu3.2 (Accepted)

-server.c, libtransmission/rpc-server.h, libtransmission/session.c, libtransmission/transmission.h, libtransmission/web.c. - CVE-2018-5702 Date: 2018-01-16 15:02:13.650924+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/transmission

[ubuntu/trusty-security] rsync 3.1.0-2ubuntu0.4 (Accepted)

-2017-16548 * SECURITY UPDATE: Allows remote attacker to bypass argument - debian/patches/CVE-2018-5764.patch: Ignore --protect-args when already sent by client in options.c. - CVE-2018-5764 Date: 2018-01-18 20:25:12.832596+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S

[ubuntu/trusty-security] libtasn1-6 3.4-3ubuntu0.6 (Accepted)

...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libtasn1-6/3.4-3ubuntu0.6 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] dovecot 1:2.2.9-1ubuntu2.3 (Accepted)

(Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/dovecot/1:2.2.9-1ubuntu2.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] curl 7.35.0-1ubuntu2.14 (Accepted)

/test317, tests/data/test318. - CVE-2018-107 Date: 2018-01-30 13:20:18.098257+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/curl/7.35.0-1ubuntu2.14 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes

[ubuntu/trusty-security] wavpack 4.70.0-1ubuntu0.1 (Accepted)

wavpack (4.70.0-1ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: Denial of service via crafted WV file - debian/patches/CVE-2016-10169.patch: fix in words.c. - CVE-2016-10169 Date: 2018-02-12 14:11:13.018224+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa

[ubuntu/trusty-security] libvorbis 1.3.2-1.3ubuntu1.1 (Accepted)

: don't allow for more than 256 channels in lib/info.c. - CVE-2017-14633 Date: 2018-02-13 17:07:12.592029+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libvorbis/1.3.2-1.3ubuntu1.1 Sorry, changesfile not available.-- Trusty-changes

[ubuntu/trusty-security] postgresql-9.3 9.3.21-0ubuntu0.14.04 (Accepted)

://www.postgresql.org/docs/9.3/static/release-9-3-21.html Date: 2018-02-08 15:24:14.215737+00:00 Changed-By: ChristianEhrhardt <christian.ehrha...@canonical.com> Signed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/postgresql-9.3/9.3.21-0ubuntu0.14.04 Sorry, chang

[ubuntu/trusty-security] mailman 1:2.1.16-2ubuntu0.5 (Accepted)

a misspelling in Tagger.py that breaks Lists with topics enabled (LP: #1251495) Date: 2018-02-08 14:22:13.583844+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/mailman/1:2.1.16-2ubuntu0.5 Sorry, changesfile not available.-- Trusty-changes mailing

[ubuntu/trusty-security] clamav 0.100.1+dfsg-1ubuntu0.14.04.3 (Accepted)

. - CVE-2018-14682 Date: 2018-08-01 17:13:18.411390+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.14.04.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify

[ubuntu/trusty-security] libxml2 2.9.1+dfsg1-3ubuntu4.13 (Accepted)

Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libxml2/2.9.1+dfsg1-3ubuntu4.13 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo

[ubuntu/trusty-security] libxcursor 1:1.1.14-1ubuntu0.14.04.2 (Accepted)

libxcursor (1:1.1.14-1ubuntu0.14.04.2) trusty-security; urgency=medium * SECURITY UPDATE: Denial of service - debian/patches/CVE-2015-9262.patch: fix in src/library.c. - CVE-2015-9262 Date: 2018-08-02 15:10:13.293767+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa

[ubuntu/trusty-security] lftp 4.4.13-1ubuntu0.1 (Accepted)

lftp (4.4.13-1ubuntu0.1) trusty-security; urgency=medium * SECURITY UPDATE: Incorrectly sanitize remote file names - debian/patches/CVE-2018-10196.patch: fix in src/MirrorJob.cc. - CVE-2018-10196 Date: 2018-08-03 16:55:12.663190+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S

[ubuntu/trusty-security] libarchive 3.1.2-7ubuntu2.6 (Accepted)

-14503 Date: 2018-08-08 18:30:40.245481+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libarchive/3.1.2-7ubuntu2.6 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/trusty-security] wpa 2.1-0ubuntu1.6 (Accepted)

wpa (2.1-0ubuntu1.6) trusty-security; urgency=medium * SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2018-14526.patch: fix in src/rsn_supp/wpa.c. - CVE-2018-14526 Date: 2018-08-09 18:48:19.808839+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa

[ubuntu/trusty-security] spice 0.12.4-0nocelt2ubuntu1.7 (Accepted)

...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/spice/0.12.4-0nocelt2ubuntu1.7 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] libgd2 2.1.0-3ubuntu0.10 (Accepted)

. - CVE-2018-5711 Date: 2018-08-23 18:54:15.590368+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libgd2/2.1.0-3ubuntu0.10 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings

[ubuntu/trusty-security] poppler 0.24.5-2ubuntu4.12 (Accepted)

poppler (0.24.5-2ubuntu4.12) trusty-security; urgency=medium * SECURITY UPDATE: Out of bounds read - debian/patches/CVE-2018-13988.patch: fix in poppler/Parser.cc. - CVE-2018-13988 Date: 2018-08-28 13:24:13.206193+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https

[ubuntu/trusty-security] mutt 1.5.21-6.4ubuntu2.2 (Accepted)

* SECURITY UPDATE: Unsafe character interactions - debian/patches/ubuntu/mutt-CVE-2018-14362.patch: fix in pop.c. - CVE-2018-14362 Date: 2018-07-19 12:58:12.829595+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/mutt/1.5.21

[ubuntu/trusty-security] libx11 2:1.6.2-1ubuntu2.1 (Accepted)

, src/GetFPath.c, src/ListExt.c. - CVE-2018-14599 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2018-14600.patch: fix in src/GetFPath. - CVE-2018-14600 Date: 2018-08-30 15:22:12.228305+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https

[ubuntu/trusty-security] libtirpc 0.2.2-5ubuntu2.1 (Accepted)

, src/rpcb_prot.c, src/rpcb_st_xdr.c, src/xdr.c. - CVE-2017-8779 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2018-14622.patch: fix in src/svc_c.c. - CVE-2018-14622 Date: 2018-09-04 16:25:12.899019+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https

[ubuntu/trusty-security] transfig 1:3.2.5.e-1ubuntu1.1 (Accepted)

(Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/transfig/1:3.2.5.e-1ubuntu1.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] libpng 1.2.50-1ubuntu2.14.04.3 (Accepted)

libpng (1.2.50-1ubuntu2.14.04.3) trusty-security; urgency=medium * SECURITY UPDATE: Null pointer dereference - debian/patches/CVE-2016-10087.patch: fix in png.c. - CVE-2016-10087 Date: 2018-07-10 20:13:12.958365+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https

[ubuntu/trusty-security] libarchive-zip-perl 1.30-7ubuntu0.1 (Accepted)

Date: 2018-07-03 16:00:16.868323+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libarchive-zip-perl/1.30-7ubuntu0.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/trusty-security] exiv2 0.23-1ubuntu2.1 (Accepted)

overflow - debian/patches/CVE-2018-12265*.patch - CVE-2018-12265 Date: 2018-06-29 16:10:13.836149+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/exiv2/0.23-1ubuntu2.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty

[ubuntu/trusty-security] libsoup2.4 2.44.2-1ubuntu2.3 (Accepted)

(Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libsoup2.4/2.44.2-1ubuntu2.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] gimp 2.8.10-0ubuntu1.2 (Accepted)

overflow in read_channel_data - debian/patches/CVE-2017-17789.patch: fix in plug-ins/common/file-psp.c. - CVE-2017-17789 Date: 2018-01-18 17:48:13.233910+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/gimp/2.8.10-0ubuntu1.2 Sorry

[ubuntu/trusty-security] zsh 5.0.2-3ubuntu6.1 (Accepted)

...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/zsh/5.0.2-3ubuntu6.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] mariadb-5.5 5.5.59-1ubuntu0.14.04.1 (Accepted)

* Update metadata and point VCS-* links to the new source repository Date: 2018-03-06 11:25:28.656040+00:00 Signed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/mariadb-5.5/5.5.59-1ubuntu0.14.04.1 Sorry, changesfile not available.-- Trusty-changes

[ubuntu/trusty-security] squirrelmail 2:1.4.23~svn20120406-2+deb8u2build0.14.04.1 (Accepted)

) Directory traversal flaw in Deliver.class.php can allow a remote attacker to retrieve or delete arbitrary files. (Closes: #893202) Date: 2018-04-10 12:24:21.058305+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Maintainer: Jeroen van Wolffelaar <jer...@wolffelaar.nl>

[ubuntu/trusty-security] patch 2.7.1-4ubuntu2.4 (Accepted)

:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/patch/2.7.1-4ubuntu2.4 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo

[ubuntu/trusty-security] ruby2.0 2.0.0.484-1ubuntu2.6 (Accepted)

...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby2.0/2.0.0.484-1ubuntu2.6 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] ruby1.9.1 1.9.3.484-2ubuntu1.8 (Accepted)

-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby1.9.1/1.9.3.484-2ubuntu1.8 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo

[ubuntu/trusty-security] ruby2.0 2.0.0.484-1ubuntu2.8 (Accepted)

ruby2.0 (2.0.0.484-1ubuntu2.8) trusty-security; urgency=medium * SECURITY REGRESSION: The fix for CVE-2018-174 was incomplete and will be addressed in a future update. Date: 2018-04-13 14:22:13.483880+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https

[ubuntu/trusty-security] ruby1.9.1 1.9.3.484-2ubuntu1.10 (Accepted)

ruby1.9.1 (1.9.3.484-2ubuntu1.10) trusty-security; urgency=medium * SECURITY REGRESSION: The fix for CVE-2018-174 was incomplete and will be addressed in a future update. Date: 2018-04-13 13:54:11.589881+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https

[ubuntu/trusty-security] ruby2.0 2.0.0.484-1ubuntu2.9 (Accepted)

/patches/CVE-2018-8780.patch: fix in dir.c, test/ruby/test_dir.rb. - CVE-2018-8780 Date: 2018-04-16 15:02:14.714105+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby2.0/2.0.0.484-1ubuntu2.9 Sorry, changesfile not available.-- Trusty

[ubuntu/trusty-security] ruby1.9.1 1.9.3.484-2ubuntu1.11 (Accepted)

- debian/patches/CVE-2018-8780.patch: fix in dir.c, test/ruby/test_dir.rb. - CVE-2018-8780 Date: 2018-04-16 14:48:13.428561+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby1.9.1/1.9.3.484-2ubuntu1.11 Sorry, changesfile not available

[ubuntu/trusty-security] openssl 1.0.1f-1ubuntu2.25 (Accepted)

: 2018-04-18 18:19:13.616796+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/openssl/1.0.1f-1ubuntu2.25 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/trusty-security] zsh 5.0.2-3ubuntu6.2 (Accepted)

/patches/CVE-2018-1083.patch: check bounds on PATH_MAX buffer in Src/Zle/compctl.c. - CVE-2018-1083 Date: 2018-03-26 17:37:28.051441+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/zsh/5.0.2-3ubuntu6.2 Sorry, changesfile not available

[ubuntu/trusty-security] twisted 13.2.0-1ubuntu1.2 (Accepted)

:13.567401+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/twisted/13.2.0-1ubuntu1.2 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com

[ubuntu/trusty-security] postgresql-9.3 9.3.22-0ubuntu0.14.04 (Accepted)

14:50:52.362065+00:00 Changed-By: ChristianEhrhardt <christian.ehrha...@canonical.com> Signed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/postgresql-9.3/9.3.22-0ubuntu0.14.04 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-c

[ubuntu/trusty-security] irssi 0.8.15-5ubuntu3.5 (Accepted)

/mainwindows.c. - CVE-2018-7052 Date: 2018-02-28 20:07:12.949910+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/irssi/0.8.15-5ubuntu3.5 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify

[ubuntu/trusty-security] libxkbcommon 0.4.1-0ubuntu1.1 (Accepted)

: 2018-10-04 19:17:14.628199+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/libxkbcommon/0.4.1-0ubuntu1.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/trusty-security] python-urllib3 1.7.1-1ubuntu4.1 (Accepted)

python-urllib3 (1.7.1-1ubuntu4.1) trusty-security; urgency=medium * No change rebuild in -security pocket. Date: 2018-10-10 19:13:12.854482+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/python-urllib3/1.7.1-1ubuntu4.1 Sorry, changesfile

[ubuntu/trusty-security] wheel 0.24.0-1~ubuntu1.1 (Accepted)

wheel (0.24.0-1~ubuntu1.1) trusty-security; urgency=medium * No change rebuild in -security pocket. Date: 2018-10-10 17:03:15.673466+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/wheel/0.24.0-1~ubuntu1.1 Sorry, changesfile not available

[ubuntu/trusty-security] six 1.5.2-1ubuntu1.1 (Accepted)

six (1.5.2-1ubuntu1.1) trusty-security; urgency=medium * No change rebuild in -security pocket. Date: 2018-10-10 18:01:02.287441+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/six/1.5.2-1ubuntu1.1 Sorry, changesfile not available

[ubuntu/trusty-security] requests 2.2.1-1ubuntu0.4 (Accepted)

, update python3.4 for trusty. LP: #1433324. * Build a -whl package (setuptools is needed to build the wheel package). Date: 2018-10-11 12:56:12.756915+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/requests/2.2.1-1ubuntu0.4 Sorry, changesfile

[ubuntu/trusty-security] moin 1.9.7-1ubuntu2.2 (Accepted)

moin (1.9.7-1ubuntu2.2) trusty-security; urgency=medium * SECURITY UPDATE: XSS in GUI editor - debian/patches/CVE-2017-5934.patch: fix in MoinMoin/action/fckdialog.py. - CVE-2017-5934 Date: 2018-10-15 18:04:17.441497+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa

[ubuntu/trusty-security] audiofile 0.3.6-2ubuntu0.14.04.3 (Accepted)

-2018-17095.patch: fix in libaudiofile/modules/SimpleModule.cpp. - CVE-2018-17095 Date: 2018-10-24 11:14:12.811534+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/audiofile/0.3.6-2ubuntu0.14.04.3 Sorry, changesfile not available

[ubuntu/trusty-security] ruby1.9.1 1.9.3.484-2ubuntu1.13 (Accepted)

...@canonical.com (Leonidas S. Barbosa) https://launchpad.net/ubuntu/+source/ruby1.9.1/1.9.3.484-2ubuntu1.13 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes

  1   2   >