gst-plugins-good0.10 (0.10.31-3+nmu4ubuntu2.16.04.1) xenial-security;
urgency=medium
* SECURITY UPDATE: code execution via out-of-bounds write in flx decoder
- debian/patches/flxdec-bounds1.patch: add bounds checking to
gst/flx/gstflxdec.c.
- debian/patches/flxdec-bounds2.patch:
gst-plugins-base1.0 (1.8.2-1ubuntu0.2) xenial-security; urgency=medium
* No change rebuild in security pocket.
Date: 2016-11-22 15:33:25.037982+00:00
Changed-By: Marc Deslauriers
Signed-By: Ubuntu Archive Robot
gst-plugins-good1.0 (1.8.2-1ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: code execution via out-of-bounds write in flx decoder
- debian/patches/flxdec-bounds1.patch: add bounds checking to
gst/flx/gstflxdec.c.
- debian/patches/flxdec-bounds2.patch: fix compiler
gst-plugins-base1.0 (1.8.2-1ubuntu0.2) xenial-security; urgency=medium
* No change rebuild in security pocket.
Date: 2016-11-22 15:33:25.037982+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.8.2-1ubuntu0.2
Sorry,
python2.7 (2.7.12-1ubuntu0~16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: use of HTTP_PROXY flag supplied by attacker in CGI
scripts (aka HTTPOXY attack)
- debian/patches/CVE-2016-1000110.patch: if running as CGI
script, forget HTTP_PROXY in Lib/urllib.py, add test to
gst-plugins-good1.0 (1.8.2-1ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: code execution via out-of-bounds write in flx decoder
- debian/patches/flxdec-bounds1.patch: add bounds checking to
gst/flx/gstflxdec.c.
- debian/patches/flxdec-bounds2.patch: fix compiler
gst-plugins-good0.10 (0.10.31-3+nmu4ubuntu2.16.04.1) xenial-security;
urgency=medium
* SECURITY UPDATE: code execution via out-of-bounds write in flx decoder
- debian/patches/flxdec-bounds1.patch: add bounds checking to
gst/flx/gstflxdec.c.
- debian/patches/flxdec-bounds2.patch:
python2.7 (2.7.12-1ubuntu0~16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: use of HTTP_PROXY flag supplied by attacker in CGI
scripts (aka HTTPOXY attack)
- debian/patches/CVE-2016-1000110.patch: if running as CGI
script, forget HTTP_PROXY in Lib/urllib.py, add test to