[ubuntu/trusty-security] openssh 1:6.6p1-2ubuntu2.12 (Accepted)

openssh (1:6.6p1-2ubuntu2.12) trusty-security; urgency=medium * SECURITY UPDATE: access restrictions bypass in scp - debian/patches/CVE-2018-20685.patch: disallow empty filenames or ones that refer to the current directory in scp.c. - CVE-2018-20685 * SECURITY UPDATE: scp client

[ubuntu/trusty-updates] openssh 1:6.6p1-2ubuntu2.12 (Accepted)

openssh (1:6.6p1-2ubuntu2.12) trusty-security; urgency=medium * SECURITY UPDATE: access restrictions bypass in scp - debian/patches/CVE-2018-20685.patch: disallow empty filenames or ones that refer to the current directory in scp.c. - CVE-2018-20685 * SECURITY UPDATE: scp client

[ubuntu/trusty-updates] landscape-client 14.12-0ubuntu6.14.04.4 (Accepted)

landscape-client (14.12-0ubuntu6.14.04.4) trusty; urgency=medium * debian/patches/nutanix-kvm.patch: Update vm_info.py to include Nutanix hypervisor. (LP: #1788219) * Fixes for release-upgrade (LP: #1699179). - debian/patches/1699179-release-upgrade-check.diff: Check if ubuntu-

[ubuntu/trusty-security] mariadb-5.5 5.5.63-1ubuntu0.14.04.1 (Accepted)

mariadb-5.5 (5.5.63-1ubuntu0.14.04.1) trusty-security; urgency=high * SECURITY UPDATE: New upstream release 5.5.63. Includes fixes for the following security vulnerabilities (LP: #1814258): - CVE-2019-2529 * Previous release 5.5.62 included fixes for the following security

[ubuntu/trusty-security] rssh 2.3.4-4+deb8u2build0.14.04.1 (Accepted)

rssh (2.3.4-4+deb8u2build0.14.04.1) trusty-security; urgency=medium * fake sync from Debian rssh (2.3.4-4+deb8u2) jessie-security; urgency=high * Non-maintainer upload by the LTS team. * Backport security fixes prepared by Debian's maintainer of rssh (rra). * Also reject rsync --daemon

[ubuntu/trusty-updates] mariadb-5.5 5.5.63-1ubuntu0.14.04.1 (Accepted)

mariadb-5.5 (5.5.63-1ubuntu0.14.04.1) trusty-security; urgency=high * SECURITY UPDATE: New upstream release 5.5.63. Includes fixes for the following security vulnerabilities (LP: #1814258): - CVE-2019-2529 * Previous release 5.5.62 included fixes for the following security

[ubuntu/trusty-updates] rssh 2.3.4-4+deb8u2build0.14.04.1 (Accepted)

rssh (2.3.4-4+deb8u2build0.14.04.1) trusty-security; urgency=medium * fake sync from Debian rssh (2.3.4-4+deb8u2) jessie-security; urgency=high * Non-maintainer upload by the LTS team. * Backport security fixes prepared by Debian's maintainer of rssh (rra). * Also reject rsync --daemon

[ubuntu/trusty-updates] libarchive 3.1.2-7ubuntu2.8 (Accepted)

libarchive (3.1.2-7ubuntu2.8) trusty-security; urgency=medium * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-119.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-119 * SECURITY UPDATE: Denial of service -

[ubuntu/trusty-security] libarchive 3.1.2-7ubuntu2.8 (Accepted)

libarchive (3.1.2-7ubuntu2.8) trusty-security; urgency=medium * SECURITY UPDATE: Denial of service - debian/patches/CVE-2019-119.patch: fix in libarchive/archive_read_support_format_7zip.c. - CVE-2019-119 * SECURITY UPDATE: Denial of service -