[ubuntu/xenial-security] strongswan 5.3.5-1ubuntu3.4 (Accepted)

strongswan (5.3.5-1ubuntu3.4) xenial-security; urgency=medium * SECURITY UPDATE: Fix RSA signature verification - debian/patches/CVE-2017-11185.patch: does some verifications in order to avoid null-point dereference in src/libstrongswan/gmp/gmp_rsa_public_key.c -

[ubuntu/xenial-security] augeas 1.4.0-0ubuntu1.1 (Accepted)

augeas (1.4.0-0ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: crash/memory corruption - debian/patches/CVE-2017-7555.patch: correctly handle trailing whitespace in src/pathx.c and add test in tests/test-xpath.c. - CVE-2017-7555 Date: 2017-08-18

[ubuntu/xenial-updates] cvs 2:1.12.13+real-15ubuntu0.1 (Accepted)

cvs (2:1.12.13+real-15ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: SSH command injection via -o - src/rsh-client.c: fix argument parsing - CVE-2017-12836 Date: 2017-08-17 19:14:13.380952+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa) Signed-By:

[ubuntu/xenial-security] graphite2 1.3.10-0ubuntu0.16.04.1 (Accepted)

graphite2 (1.3.10-0ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Update to 1.3.10 to fix security issues - CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-, CVE-2017-7778 Date: 2017-08-18

[ubuntu/xenial-security] cvs 2:1.12.13+real-15ubuntu0.1 (Accepted)

cvs (2:1.12.13+real-15ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: SSH command injection via -o - src/rsh-client.c: fix argument parsing - CVE-2017-12836 Date: 2017-08-17 19:14:13.380952+00:00 Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)

[ubuntu/xenial-updates] strongswan 5.3.5-1ubuntu3.4 (Accepted)

strongswan (5.3.5-1ubuntu3.4) xenial-security; urgency=medium * SECURITY UPDATE: Fix RSA signature verification - debian/patches/CVE-2017-11185.patch: does some verifications in order to avoid null-point dereference in src/libstrongswan/gmp/gmp_rsa_public_key.c -

[ubuntu/xenial-updates] graphite2 1.3.10-0ubuntu0.16.04.1 (Accepted)

graphite2 (1.3.10-0ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Update to 1.3.10 to fix security issues - CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-, CVE-2017-7778 Date: 2017-08-18

[ubuntu/xenial-updates] augeas 1.4.0-0ubuntu1.1 (Accepted)

augeas (1.4.0-0ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: crash/memory corruption - debian/patches/CVE-2017-7555.patch: correctly handle trailing whitespace in src/pathx.c and add test in tests/test-xpath.c. - CVE-2017-7555 Date: 2017-08-18

[ubuntu/xenial-security] kcoreaddons 5.18.0-0ubuntu1.1 (Accepted)

kcoreaddons (5.18.0-0ubuntu1.1) xenial-security; urgency=high * SECURITY UPDATE: KMail - HTML injection in plain text viewer (LP: #1630700) - CVE-2016-7966 - CVE-2016-7966_1.patch - 1be727 from upstream - CVE-2016-7966_2.patch - 96e562 from upstream - CVE-2016-7966_3.patch -

[ubuntu/xenial-updates] kcoreaddons 5.18.0-0ubuntu1.1 (Accepted)

kcoreaddons (5.18.0-0ubuntu1.1) xenial-security; urgency=high * SECURITY UPDATE: KMail - HTML injection in plain text viewer (LP: #1630700) - CVE-2016-7966 - CVE-2016-7966_1.patch - 1be727 from upstream - CVE-2016-7966_2.patch - 96e562 from upstream - CVE-2016-7966_3.patch -