[ubuntu/xenial-updates] ruby-rack-cors 0.4.0-1+deb9u2build0.16.04.1 (Accepted)

ruby-rack-cors (0.4.0-1+deb9u2build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian ruby-rack-cors (0.4.0-1+deb9u2) stretch-security; urgency=high * Non-maintainer upload by the LTS team. * Fix CVE-2019-18978: This package allowed ../ directory traversal to access pri

[ubuntu/xenial-security] ruby-rack-cors 0.4.0-1+deb9u2build0.16.04.1 (Accepted)

ruby-rack-cors (0.4.0-1+deb9u2build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian ruby-rack-cors (0.4.0-1+deb9u2) stretch-security; urgency=high * Non-maintainer upload by the LTS team. * Fix CVE-2019-18978: This package allowed ../ directory traversal to access pri

[ubuntu/xenial-updates] python-pip 8.1.1-2ubuntu0.6 (Accepted)

python-pip (8.1.1-2ubuntu0.6) xenial-security; urgency=medium * No change rebuild to pull in security fixes for urllib3 Date: 2020-10-05 17:20:15.372721+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/python-pip/8.1.1-2ubuntu0.6 Sorry,

[ubuntu/xenial-security] python-pip 8.1.1-2ubuntu0.6 (Accepted)

python-pip (8.1.1-2ubuntu0.6) xenial-security; urgency=medium * No change rebuild to pull in security fixes for urllib3 Date: 2020-10-05 17:20:15.372721+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python-pip/8.1.1-2ubuntu0.6 Sorry, changesfile not available.-- Xeni

[ubuntu/xenial-updates] python-urllib3 1.13.1-2ubuntu0.16.04.4 (Accepted)

python-urllib3 (1.13.1-2ubuntu0.16.04.4) xenial-security; urgency=medium * SECURITY UPDATE: CRLF injection via method parameter - debian/patches/CVE-2020-26137.patch: raise ValueError if method contains control characters in urllib3/connection.py, test/with_dummyserver/test_conne

[ubuntu/xenial-updates] pyparsing 2.0.3+dfsg1-1ubuntu0.2 (Accepted)

pyparsing (2.0.3+dfsg1-1ubuntu0.2) xenial-security; urgency=medium * No change rebuild in the security pocket. Date: 2020-10-02 11:38:23.852113+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/pyparsing/2.0.3+dfsg1-1ubuntu0.2 Sorry, chan

[ubuntu/xenial-security] python-urllib3 1.13.1-2ubuntu0.16.04.4 (Accepted)

python-urllib3 (1.13.1-2ubuntu0.16.04.4) xenial-security; urgency=medium * SECURITY UPDATE: CRLF injection via method parameter - debian/patches/CVE-2020-26137.patch: raise ValueError if method contains control characters in urllib3/connection.py, test/with_dummyserver/test_conne

[ubuntu/xenial-security] pyparsing 2.0.3+dfsg1-1ubuntu0.2 (Accepted)

pyparsing (2.0.3+dfsg1-1ubuntu0.2) xenial-security; urgency=medium * No change rebuild in the security pocket. Date: 2020-10-02 11:38:23.852113+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/pyparsing/2.0.3+dfsg1-1ubuntu0.2 Sorry, changesfile not available.-- Xenial-c

[ubuntu/xenial-updates] brotli 1.0.3-1ubuntu1~16.04.2 (Accepted)

brotli (1.0.3-1ubuntu1~16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2020-8927.patch: fix potential overflow when input chunk is >2GiB in c/common/*, c/dec/*, c/enc/*, research/brotli_decoder.c, research/draw_histogram.cc,

[ubuntu/xenial-security] brotli 1.0.3-1ubuntu1~16.04.2 (Accepted)

brotli (1.0.3-1ubuntu1~16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2020-8927.patch: fix potential overflow when input chunk is >2GiB in c/common/*, c/dec/*, c/enc/*, research/brotli_decoder.c, research/draw_histogram.cc,