expat (2.1.0-7ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: unanticipated internal calls to srand
- debian/patches/CVE-2012-6702-1.patch: remove srand, use more entropy
in lib/xmlparse.c.
- debian/patches/CVE-2012-6702-2.patch: use a prime that fits 32bits on
dnsmasq (2.75-1ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted CNAME (LP: #1581181)
- src/cache.c: fix crash when empty address from DNS overlays A record
from hosts.
- 41a8d9e99be9f2cc8b02051dd322cb45e0faac87
- CVE-2015-8899
dnsmasq (2.75-1ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted CNAME (LP: #1581181)
- src/cache.c: fix crash when empty address from DNS overlays A record
from hosts.
- 41a8d9e99be9f2cc8b02051dd322cb45e0faac87
- CVE-2015-8899
wget (1.17.1-1ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: http to ftp redirect spoofed filenames
- debian/patches/CVE-2016-4971.patch: understand --trust-server-names
on a HTTP->FTP redirect in src/ftp.*, src/retr.c.
- CVE-2016-4971
Date: 2016-06-14
haproxy (1.6.3-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: denial of service via reqdeny
- debian/patches/CVE-2016-5360.patch: use temporary variable to store
status in include/types/proto_http.h, src/proto_http.c.
- CVE-2016-5360
Date: 2016-06-14
wget (1.17.1-1ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: http to ftp redirect spoofed filenames
- debian/patches/CVE-2016-4971.patch: understand --trust-server-names
on a HTTP->FTP redirect in src/ftp.*, src/retr.c.
- CVE-2016-4971
Date: 2016-06-14
command-not-found (0.3ubuntu16.04.2) xenial; urgency=medium
* Update data for xenial, and add s390x database (LP: #1593592)
* ./update-from-web.sh: Pull from xenial data instead of devel.
* debian/rules: rm UnifiedDataExtractor/scan.data-old on clean.
* command-not-found: Define full path
expat (2.1.0-7ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: unanticipated internal calls to srand
- debian/patches/CVE-2012-6702-1.patch: remove srand, use more entropy
in lib/xmlparse.c.
- debian/patches/CVE-2012-6702-2.patch: use a prime that fits 32bits on
haproxy (1.6.3-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: denial of service via reqdeny
- debian/patches/CVE-2016-5360.patch: use temporary variable to store
status in include/types/proto_http.h, src/proto_http.c.
- CVE-2016-5360
Date: 2016-06-14
installation-guide (20160121ubuntu2.1) xenial; urgency=medium
* Documentation updates for xenial, tracked via LP: #1590062:
- Backport updates from yakkety that also apply to xenial:
- what-is-ubuntu.xml: long-overdue language updates. Don't call Ubuntu
a "desktop operating
fwupd (0.7.0-0ubuntu4.2) xenial-proposed; urgency=medium
* Fix USB audio devices not working properly (LP: #1574079)
Date: 2016-06-09 02:36:10.340734+00:00
Changed-By: Mario Limonciello
Signed-By: Martin Pitt
libvirt (1.3.1-1ubuntu10.1) xenial; urgency=medium
* Cherry pick patches from upstream to enable detection and automatic
usage of host-supported GIC versions. (LP: #1566564)
Date: 2016-06-03 20:44:11.393278+00:00
Changed-By: dann frazier
Signed-By: Martin Pitt
qemu (1:2.5+dfsg-5ubuntu10.2) xenial; urgency=medium
* Cherrypick upstream patches to support the query-gic-version QMP command
(LP: #1566564)
Date: 2016-06-03 20:35:11.068514+00:00
Changed-By: dann frazier
Signed-By: Martin Pitt
cacti (0.8.8f+ds1-4ubuntu4.16.04.1) xenial; urgency=medium
* Update make_cacti_sql_mode-strict_compatible.patch to also drop
ONLY_FULL_GROUP_BY (LP: #1588813)
Date: 2016-06-09 18:02:10.750319+00:00
Changed-By: Paul Gevers
Signed-By: Martin Pitt
initramfs-tools (0.122ubuntu8.1) xenial; urgency=medium
* hook-functions: include ehci-msm in auto_add_modules_list
(LP: #1588946)
Date: 2016-06-06 20:41:13.07+00:00
Changed-By: dann frazier
Signed-By: Martin Pitt
apt-setup (1:0.104ubuntu4.1) xenial; urgency=medium
* generators/50mirror.ubuntu: universe incorrectly mentions some software
being unfree, which is not true. Remove that mention from the notice we
write to sources.list. Patch from Dan Watkins. (LP: #1590358)
Date: 2016-06-08
file-roller (3.16.5-0ubuntu1.1) xenial; urgency=medium
* debian/control:
- Suggest squashfs-tools
* debian/patches/squashfs.patch:
- Support squashfs (i.e. .snap) files (LP: #1585867)
Date: 2016-06-03 02:37:10.828731+00:00
Changed-By: Robert Ancell
shared-mime-info (1.5-2ubuntu0.1) xenial; urgency=medium
* debian/patches/squashfs.patch:
* debian/patches/snap.patch:
- Recognise squashfs/snap files (LP: #1585867)
Date: 2016-06-03 02:12:12.629063+00:00
Changed-By: Robert Ancell
Maintainer: Sebastian Dröge
18 matches
Mail list logo