.
Date: 2019-09-30 13:09:13.433451+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/python-clamav/0.4.1-8ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https
verification step.
- CVE-2019-9854
Date: 2019-09-23 11:51:15.036847+00:00
Changed-By: Marcus Tomlinson
Signed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial10
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes
ibus (1.5.11-1ubuntu2.3) xenial-security; urgency=medium
* SECURITY UPDATE: ibus regression in Qt applications (LP: #1844853)
- debian/patches/CVE-2019-14822.patch: disabled pending further
investigation.
Date: 2019-09-23 11:49:20.132704+00:00
Changed-By: Marc Deslauriers
https
: fix FIPS mode environments where MD5
isn't available in Modules/_hashopenssl.c. (LP: #1835135)
Date: 2019-08-22 18:35:14.257342+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/python2.7/2.7.12-1ubuntu0~16.04.8
Sorry, changesfile not available.--
Xenial-changes
/test_urlparse.py,
Lib/urllib/parse.py.
- CVE-2019-10160
* debian/patches/issue9146.diff: fix FIPS mode environments where MD5
isn't available in Modules/_hashopenssl.c. (LP: #1835135)
Date: 2019-08-20 19:35:15.641411+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu
t location
check
- debian/patches/CVE-2019-9850_1_2.diff: ensure that all URLs leaving
scriptURI2StorageUri() are percent-encoded.
- CVE-2019-9852
Date: 2019-08-15 12:33:13.297907+00:00
Changed-By: Marcus Tomlinson
Signed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/lib
- debian/patches/CVE-2019-9516.patch: reject zero length headers with
PROTOCOL_ERROR in src/http/v2/ngx_http_v2.c.
- CVE-2019-9516
Date: 2019-08-14 19:35:16.907476+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/nginx/1.10.3-0ubuntu0.16.04.4
Sorry, changesfile
potential memory
exhaustion in django.utils.encoding.uri_to_iri() in
django/utils/encoding.py, tests/utils_tests/test_encoding.py.
- CVE-2019-14235
Date: 2019-07-26 13:03:22.572988+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/python-django/1.8.7
_not_ include the changes from
(1.9.3-2ubuntu1.2) in xenial-proposed.
Date: 2019-07-26 15:43:13.478423+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/subversion/1.9.3-2ubuntu1.3
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes
:13.397162+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/openldap/2.4.42+dfsg-2ubuntu3.6
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
exim4 (4.86.2-2ubuntu2.4) xenial-security; urgency=medium
* SECURITY UPDATE: code execution via ${sort }
- debian/patches/CVE-2019-13917.patch: avoid re-expansion in ${sort }
in src/expand.c.
- CVE-2019-13917
Date: 2019-07-19 15:16:41.312220+00:00
Changed-By: Marc Deslauriers
at the
end boundary when looking an element in a parent in
src/EbmlElement.cpp.
- CVE-2019-13615
Date: 2019-07-24 18:09:13.562467+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/libebml/1.3.3-1ubuntu0.1
Sorry, changesfile not available.--
Xenial-changes mailing list
pinba-engine-mysql (1.1.0-1ubuntu1.13) xenial-security; urgency=medium
* Rebuild against mysql 5.7.27.
Date: 2019-07-23 17:00:16.773271+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/pinba-engine-mysql/1.1.0-1ubuntu1.13
Sorry, changesfile not available.--
Xenial
, CVE-2019-2797, CVE-2019-2805,
CVE-2019-2819
Date: 2019-07-23 12:14:45.665468+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.27-0ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify
- debian/patches/CVE-2019-12529.patch: replace uudecode with libnettle
base64 decoder in lib/Makefile.*, src/auth/basic/Config.cc,
include/uudecode.h, lib/uudecode.c.
- CVE-2019-12529
Date: 2019-07-17 15:09:31.977522+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source
dor (LP: #1822839)
[ Rene Engelhard ]
* debian/patches/java.vendor-Debian.diff: make jvmfwk recognize "Debian"
as java.vendor as that's what is set in openjdk 11 >= 11.0.3+4-2
- see #926009 (closes: #926318) (LP: #1822839)
Date: 2019-07-16 23:42:16.733737+00:00
Ch
.patch: more thorough input checking
in nss/lib/cryptohi/seckey.c, nss/lib/freebl/dh.c,
nss/lib/freebl/ec.c, nss/lib/util/quickder.c.
- CVE-2019-11729
Date: 2019-07-12 12:57:13.868666+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/nss/2:3.28.4
, not squid3. Get rid of the multiple distro
logic since these tests will be only run on xenial.
* d/t/control: drop uneeded dependency on python-unit.
* d/t/squid: use a shorter shutdown timeout for the tests, so they
run faster
Date: 2019-07-11 18:47:19.452715+00:00
Changed-By: Marc Deslauriers
2019-07-12 19:18:13.833007+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/bash/4.3-14ubuntu1.4
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
: only accept EXTERNAL
authentication in daemon/gvfsdaemon.c.
- CVE-2019-12795
Date: 2019-07-05 13:59:18.858044+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/gvfs/1.28.2-1ubuntu1~16.04.3
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial
.
- CVE-2019-10161
* SECURITY UPDATE: virConnectGetDomainCapabilities does not check for
read-only connection
- debian/patches/CVE-2019-10167.patch: add check to
src/libvirt-domain.c.
- CVE-2019-10167
Date: 2019-07-02 14:34:13.455700+00:00
Changed-By: Marc Deslauriers
https
UPDATE: buffer over-read in JPXStream::init
- debian/patches/CVE-2019-12293.patch: fail gracefully if not all
components have the same WxH in poppler/JPEG2000Stream.cc.
- CVE-2019-12293
Date: 2019-06-26 17:55:51.598133+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu
policykit-desktop-privileges (0.20ubuntu16.04.1) xenial-security; urgency=medium
* Don't allow usb-creator to overwrite devices without authentication.
(LP: #1832337)
Date: 2019-06-19 12:49:18.107352+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/policykit-desktop
usb-creator (0.3.2ubuntu16.04.1) xenial-security; urgency=medium
* Unmount device during image operation so a single policykit prompt can
be displayed to the user. (LP: #1832337)
Date: 2019-06-19 12:49:19.644472+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/usb
,
neutron/tests/unit/agent/linux/test_iptables_firewall.py.
- CVE-2019-9735
Date: 2019-05-31 20:08:13.122963+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/neutron/2:8.4.0-0ubuntu7.4
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes
/rgw/rgw_rest_swift.cc,
src/common/config_opts.h.
- debian/patches/CVE-2018-16846.patch: fix issues with 'enforce bounds'
patch in src/rgw/rgw_op.cc, src/rgw/rgw_op.h, src/rgw/rgw_rest.cc.
- CVE-2018-16846
Date: 2019-06-01 20:40:12.623224+00:00
Changed-By: Marc Deslauriers
https
-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/imagemagick/8:6.8.9.9-7ubuntu5.14
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
-to-timeout.patch:
- Backport fix proposed by Simon McVittie upstream to workaround bug
LP: #1591411.
Date: 2019-06-10 19:41:12.626700+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/dbus/1.10.6-1ubuntu3.4
Sorry, changesfile not available.--
Xenial-changes mailing list
sudo (1.8.16-0ubuntu1.7) xenial-security; urgency=medium
* debian/patches/terminate-with-commands-signal.patch: re-enable patch
that got dropped by mistake in previous upload. (LP: #1832257)
Date: 2019-06-10 22:50:13.014260+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu
, CVE-2017-17457, CVE-2018-13139,
CVE-2018-19432, CVE-2018-19661, CVE-2018-19662, CVE-2018-19758,
CVE-2019-3832
Date: 2019-06-07 19:22:12.151425+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/libsndfile/1.0.25-10ubuntu0.16.04.2
Sorry, changesfile not available
over-read
- debian/patches/CVE-2019-7665.patch: check NT_PLATFORM core notes
contain a zero terminated string in libdwfl/linux-core-attach.c,
libebl/eblcorenote.c, libebl/libebl.h, src/readelf.c.
- CVE-2019-7665
Date: 2019-06-07 17:29:13.405688+00:00
Changed-By: Marc Deslauriers
:16.418776+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/jinja2/2.8-1ubuntu0.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
:13.867827+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.5
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/qtbase-opensource-src/5.5.1+dfsg-16ubuntu7.6
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
* use_normal_priority_for_openssl_sslv23.diff by Andreas Metzler:
OpenSSL wrapper: SSLv23_*_method translates to NORMAL GnuTLS priority,
which includes TLS1.2 support. (LP: #1709193)
Date: 2019-05-29 13:54:13.311868+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/gnutls28
keepalived (1:1.2.24-1ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: heap-based overflow in HTTP status codes parsing
- debian/patches/CVE-2018-19115.patch: refactor parsing in lib/html.c.
- CVE-2018-19115
Date: 2019-02-14 16:28:12.282321+00:00
Changed-By: Marc
+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.21
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
curl (7.47.0-1ubuntu2.13) xenial-security; urgency=medium
* SECURITY UPDATE: TFTP receive buffer overflow
- debian/patches/CVE-2019-5346.patch: use the current blksize in
lib/tftp.c.
- CVE-2019-5346
Date: 2019-05-16 18:05:13.952710+00:00
Changed-By: Marc Deslauriers
https
target
characters in urllib3/util/url.py, test/test_util.py.
- debian/patches/CVE-2019-11236-3.patch: don't use embedded python-six
in urllib3/util/url.py.
- CVE-2019-11236
Date: 2019-05-14 13:14:14.921079+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source
overflow in LibRaw::raw2image()
- debian/patches/CVE-2018-20365.patch: zero filters in dcraw/dcraw.c,
internal/dcraw_common.cpp.
- CVE-2018-20365
Date: 2019-05-17 18:57:12.824394+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/libraw/0.17.1-1ubuntu0.5
Sorry
-from-ch.patch
Date: 2019-05-16 13:28:14.319734+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/qemu/1:2.5+dfsg-5ubuntu10.39
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https
-14 19:26:51.728875+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/libvirt/1.3.1-1ubuntu10.26
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo
-05-08 16:57:13.987272+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.20
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman
9.5/static/release-9-5-16.html
Date: 2019-05-10 11:25:13.290987+00:00
Changed-By: Christian Ehrhardt
Signed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/postgresql-9.5/9.5.17-0ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.
15:31:12.950265+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/cups-filters/1.8.3-2ubuntu3.5
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial
, Resource/Init/pdf_main.ps,
Resource/Init/pdf_ops.ps, Resource/Init/pdf_sec.ps.
- debian/patches/CVE-2019-3839-2.patch: fix lib/pdf2dsc.ps to use
documented Ghostscript pdf procedures in lib/pdf2dsc.ps.
- CVE-2019-3839
Date: 2019-05-07 17:29:13.294334+00:00
Changed-By: Marc
handling
in src/eap_peer/eap_pwd.c.
- CVE-2019-11555
Date: 2019-05-01 14:57:14.842590+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.5
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings
/avoid_sign_extension_tty_nr.patch: hardening to
ensure sign extension doesn't occur when parsing /proc/self/stat
[ Marc Deslauriers ]
* SECURITY UPDATE: sudo noexec bypass
- debian/patches/CVE-2016-7076-*.patch: wrap wordexp, add seccomp
filter.
- CVE-2016-7076
sudo (1.8.16-0ubuntu1.5) xenial; urgency
pinba-engine-mysql (1.1.0-1ubuntu1.12) xenial-security; urgency=medium
* Rebuild against mysql 5.7.26.
Date: 2019-04-26 11:48:13.202480+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/pinba-engine-mysql/1.1.0-1ubuntu1.12
Sorry, changesfile not available.--
Xenial
-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/gst-plugins-base0.10/0.10.36-2ubuntu0.2
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.8.3-1ubuntu0.3
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
version:
- debian/patches/fix-mysqldump-test-dates
* debian/control: added pkg-config to Build-Depends.
Date: 2019-04-26 02:07:11.930682+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.26-0ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial
/named/interfacemgr.h,
bin/named/interfacemgr.c.
- CVE-2018-5743
Date: 2019-04-24 20:46:30.970236+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-8ubuntu1.14
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes
- debian/patches/CVE-2019-11035-1.patch: add checks to ext/exif/exif.c.
- debian/patches/CVE-2019-11035-2.patch: add casts to ext/exif/exif.c.
- debian/patches/CVE-2019-11035-3.patch: fix typo in ext/exif/exif.c.
- CVE-2019-11035
Date: 2019-04-18 18:23:13.057664+00:00
Changed-By: Marc
; urgency=high
* Properly restart corosync and pacemaker together (LP: #1740892)
- d/pacemaker.preinst: flag corosync to restart pacemaker on
upgrade.
Date: 2019-04-18 13:49:12.460699+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/pacemaker/1.1.14-2ubuntu1.6
Sorry
() fallback
- debian/patches/CVE-2016-10743.patch: Use only os_get_random() for PIN
generation.
- CVE-2016-10743
Date: 2019-04-09 15:30:12.771852+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.4
Sorry, changesfile not available.--
Xenial-changes
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/clamav/0.100.3+dfsg-0ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
-2019-3880
Date: 2019-04-01 16:40:32.005878+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.19
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https
CVE-2019-0220
apache2 (2.4.18-2ubuntu3.9) xenial; urgency=medium
* debian/patches/includeoptional-ignore-non-existent.patch: silently
ignore a not existent file path with IncludeOptional . Closes LP:
#1766186.
Date: 2019-04-03 17:49:12.561749+00:00
Changed-By: Marc Deslauriers
ht
TERNET_TESTS=y.
Date: 2019-03-07 15:05:18.047879+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/busybox/1:1.22.0-15ubuntu1.4
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lis
/polkitunixprocess.c,
src/polkitbackend/polkitbackendinteractiveauthority.c.
- CVE-2019-6133
Date: 2019-03-27 14:37:14.729246+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/policykit-1/0.105-14.1ubuntu0.5
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial
: 2019-03-29 13:00:19.040602+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/dovecot/1:2.2.22-1ubuntu2.10
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman
* d/p/ubuntu/lp1807743-linux-user-timerfd.patch: fix define for
timerfd_create system call (LP: #1807743)
Date: 2019-03-22 23:44:28.575403+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/qemu/1:2.5+dfsg-5ubuntu10.36
Sorry, changesfile not available.--
Xenial-changes
:18.736699+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.8
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial
size in gdk-pixbuf/io-bmp.c.
- CVE-2017-12447
gdk-pixbuf (2.32.2-1ubuntu1.5) xenial; urgency=medium
* Convert triggers to noawait (LP: #1780996)
Date: 2019-03-20 17:08:12.774570+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/gdk-pixbuf/2.32.2-1ubuntu1.6
Sorry
-03-13 17:20:29.890948+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/file/1:5.25-2ubuntu1.2
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial
-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/libvirt/1.3.1-1ubuntu10.25
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
walinuxagent (2.2.32-0ubuntu1~16.04.2) xenial-security; urgency=medium
* debian/patches/CVE-2019-0804.patch:
- Cherry-pick fixes from upstream for handling swap file.
Date: 2019-03-11 18:33:38.395988+00:00
Changed-By: Łukasz Zemczak
Signed-By: Marc Deslauriers
https://launchpad.net
warning in
libtiff/tif_dir.c.
- CVE-2018-19210
* SECURITY UPDATE: memory leak in TIFFFdOpen
- debian/patches/CVE-2019-6128.patch: properly handle errors in
tools/pal2rgb.c.
- CVE-2019-6128
Date: 2019-03-11 19:06:15.034781+00:00
Changed-By: Marc Deslauriers
https
Date: 2019-03-05 18:07:13.158033+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.2
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com
and in previous
changelog.
Date: 2019-03-04 14:01:21.407141+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/openssh/1:7.2p2-4ubuntu2.8
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https
- debian/patches/CVE-2019-6978.patch: properly handle failure in
src/gd_gif_out.c, src/gd_jpeg.c, src/gd_wbmp.c, add test to
tests/jpeg/CMakeLists.txt, tests/jpeg/jpeg_ptr_double_free.c.
- CVE-2019-6978
Date: 2019-02-27 20:14:15.345833+00:00
Changed-By: Marc Deslauriers
https
:12.648418+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.15
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
/lib/smime/cmsenvdata.c,
nss/lib/smime/cmsmessage.c, nss/lib/smime/cmsudf.c.
- debian/patches/CVE-2018-18508-2.patch: add null checks in
nss/lib/smime/cmsmessage.c.
- CVE-2018-18508
Date: 2019-02-19 13:41:30.084523+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu
:12.286871+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/gnome-keyring/3.18.3-0ubuntu2.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial
style.
- debian/patches/CVE-2019-3824-4.patch: use talloc_zero.
- debian/patches/CVE-2019-3824-5.patch: check tree operation.
- debian/patches/CVE-2019-3824-6.patch: fix end of data check.
- CVE-2019-3824
Date: 2019-02-25 13:53:12.991967+00:00
Changed-By: Marc Deslauriers
https
color space in
cups/gdevcups.c.
Date: 2019-02-25 15:34:13.207510+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.7
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings
) if the zones are writable
- debian/patches/CVE-2019-6465.patch: handle zone transfers marked in
the zone table as a DLZ zone bin/named/xfrout.c.
- CVE-2019-6465
Date: 2019-02-20 10:58:27.960486+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3
update.
Date: 2019-02-20 13:37:13.703335+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.5
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https
: 2019-02-12 15:25:13.256358+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.8
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/openssh/1:7.2p2-4ubuntu2.7
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
ian/libreoffice-common.triggers.in: switch to -noawait trigger
(LP: #1780996)
Date: 2019-02-04 19:08:11.946093+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial6
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-chan
overflow in
strtol in lib/smtp.c.
- CVE-2019-3823
Date: 2019-01-29 19:04:40.127955+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/curl/7.47.0-1ubuntu2.12
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify
=medium
* debian/*.triggers: change triggers to -noawait variety: there is no need
for awaited triggers for the restarting of dovecot. (LP: #1780996)
Date: 2019-01-28 14:43:12.649929+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/dovecot/1:2.2.22-1ubuntu2.9
Sorry
-6307, CVE-2018-15126, CVE-2018-15127, CVE-2018-20019,
CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-20023,
CVE-2018-20024, CVE-2018-20748, CVE-2018-20749, CVE-2018-20750
Date: 2019-01-30 19:37:16.754670+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source
upstream.
openvswitch (2.5.2-0ubuntu0.16.04.3) xenial; urgency=medium
* d/openvswitch-switch.postinst: Do not modify
/etc/default/openvswitch-switch as this file is now managed
as a configuration file by dpkg (LP: #1723480).
Date: 2018-10-04 17:18:13.586313+00:00
Changed-By: Marc Deslauriers
spice (0.12.6-4ubuntu0.4) xenial-security; urgency=medium
* SECURITY UPDATE: off-by-one error in memslot_get_virt
- debian/patches/CVE-2019-3813.patch: fix checks in
server/red_memslots.c.
- CVE-2019-3813
Date: 2019-01-24 17:02:12.447862+00:00
Changed-By: Marc Deslauriers
https
pinba-engine-mysql (1.1.0-1ubuntu1.11) xenial-security; urgency=medium
* Rebuild against mysql 5.7.25.
Date: 2019-01-22 20:13:23.662886+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/pinba-engine-mysql/1.1.0-1ubuntu1.11
Sorry, changesfile not available.--
Xenial
, CVE-2019-2529, CVE-2019-2531,
CVE-2019-2532, CVE-2019-2534, CVE-2019-2537
* debian/patches/fix-mysqldump-test-dates: bump mysqldump test date from
2018 to 2020 to fix failing test.
Date: 2019-01-22 17:04:17.110915+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source
, Resource/Init/pdf_ops.ps,
psi/int.mak, psi/interp.c, psi/istack.c, psi/istack.h.
- CVE-2019-6116
Date: 2019-01-16 16:52:12.997162+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.4
Sorry, changesfile not available.--
Xenial
/apt/periodic/, if it does not exist, so that
we don't receive a Traceback when trying to write a stampfile there.
(LP: #1639977)
Date: 2019-01-18 19:57:13.211311+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/unattended-upgrades/0.90ubuntu0.10
Sorry, changesfile
-2018-1000888
Date: 2019-01-11 18:53:12.345727+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/php-pear/1:1.10.1+submodules+notgz-6ubuntu0.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe
-08 20:58:13.607190+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.7
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo
in nss/gtests/freebl_gtest/mpi_unittest.cc,
nss/lib/freebl/mpi/mpi.c, nss/lib/freebl/mpi/mpi.h.
- CVE-2018-12404
Date: 2019-01-07 15:29:12.582501+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.4
Sorry, changesfile not available.--
Xenial
cups (2.1.3-4ubuntu0.6) xenial-security; urgency=medium
* SECURITY UPDATE: predictable session cookies
- debian/patches/CVE-2018-4700.patch: use better seed in cgi-bin/var.c.
- CVE-2018-4700
Date: 2018-11-19 12:34:12.365172+00:00
Changed-By: Marc Deslauriers
https://launchpad.net
.
Date: 2018-12-06 16:56:25.943879+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.3
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https
/dsa_ossl.c.
- debian/patches/CVE-2018-0734-3.patch: add a constant time flag in
crypto/dsa/dsa_ossl.c.
- CVE-2018-0734
Date: 2018-12-04 19:55:42.266176+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.14
Sorry, changesfile not available
overflow
- debian/patches/fixes/CVE-2018-18314.patch: fix extended charclass in
pod/perldiag.pod, pod/perlrecharclass.pod, regcomp.c,
t/re/reg_mesg.t, t/re/regex_sets.t.
- CVE-2018-18314
Date: 2018-11-20 14:30:15.989733+00:00
Changed-By: Marc Deslauriers
https://launchpad.net
.patch: add missing break in
src/packet.c.
- debian/patches/CVE-2018-10933-regression3.patch: set correct state
after sending GSSAPI_RESPONSE in src/gssapi.c.
Date: 2018-11-27 16:23:21.281941+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/libssh/0.6.3
/0218*.patch
- debian/patches/lp1800062.patch
* debian/symbols.common: updated for new version.
ghostscript (9.25~dfsg+1-0ubuntu0.16.04.3) xenial; urgency=medium
* Fix dependency for libgs9-common (LP: #1802958)
Date: 2018-11-28 15:04:26.730910+00:00
Changed-By: Marc Deslauriers
https
201 - 300 of 746 matches
Mail list logo
