mutt (1.5.24-1ubuntu0.6) xenial-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-3181-1.patch: Fix memory leak parsing group
addresses without a display name
in rfc822.c.
- debian/patches/CVE-2021-3181-2.patch: Don't allocate a group terminat
mutt (1.5.24-1ubuntu0.6) xenial-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2021-3181-1.patch: Fix memory leak parsing group
addresses without a display name
in rfc822.c.
- debian/patches/CVE-2021-3181-2.patch: Don't allocate a group terminat
google-compute-engine-oslogin (20210122.00-0ubuntu1~16.04.0) xenial;
urgency=medium
* Backport to Xenial with the following remaining changes:
- Revert to using dh-systemd because Xenial does not have the debhelper
version making dh-systemd obsolete
- Revert to compat mode 9 requi
pound (2.6-6.1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Request smuggling
- debian/patches/0009-CVE-2016-10711-CVE-2018-21245.patch: avoid
request smuggling in http.c.
- CVE-2016-10711
- CVE-2018-21245
Date: 2021-01-21 13:26:11.273882+00:00
Changed-By: leo.
pound (2.6-6.1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Request smuggling
- debian/patches/0009-CVE-2016-10711-CVE-2018-21245.patch: avoid
request smuggling in http.c.
- CVE-2016-10711
- CVE-2018-21245
Date: 2021-01-21 13:26:11.273882+00:00
Changed-By: leo.
golang-1.13 (1.13.8-1ubuntu1~16.04.2) xenial; urgency=medium
* Don't declare Breaks: on dh-golang (<< 1.43~) in golang-go
Packages using this golang version should work around the incompatibility
in debian/rules by setting GOCACHE to an absolute path:
export GOCACHE := ${CURDIR}/_bu
google-cloud-sdk (324.0.0-0ubuntu1~16.04.1) xenial; urgency=medium
* New upstream release
* debian/control: drop the python3-google-compute-engine dependency. The
package is no longer available with new gce-compute-image-packages
version. Also, it seems that the current SDK code doesn'