apport (2.20.1-0ubuntu2.20) xenial-security; urgency=medium
* SECURITY UPDATE: apport reads arbitrary files if ~/.config/apport/settings
is a symlink (LP: #1830862)
- apport/fileutils.py: drop permissions before reading user settings file.
- CVE-2019-11481
* SECURITY UPDATE:
whoopsie (0.2.52.5ubuntu0.3) xenial-security; urgency=medium
* SECURITY REGRESSION: segfault when sending crash report (LP: #1850608)
- lib/bson/bson.c: properly initialize value.
Date: 2019-10-30 13:44:14.722985+00:00
Changed-By: Marc Deslauriers
Maintainer: Evan
Signed-By: Ubuntu
file (1:5.25-2ubuntu1.3) xenial-security; urgency=medium
* SECURITY UPDATE: buffer overflow via CDF_VECTOR elements
- debian/patches/CVE-2019-18218.patch: limit the number of elements in
a vector in src/cdf.*.
- CVE-2019-18218
Date: 2019-10-30 12:09:18.444199+00:00
Changed-By:
file (1:5.25-2ubuntu1.3) xenial-security; urgency=medium
* SECURITY UPDATE: buffer overflow via CDF_VECTOR elements
- debian/patches/CVE-2019-18218.patch: limit the number of elements in
a vector in src/cdf.*.
- CVE-2019-18218
Date: 2019-10-30 12:09:18.444199+00:00
Changed-By:
whoopsie (0.2.52.5ubuntu0.3) xenial-security; urgency=medium
* SECURITY REGRESSION: segfault when sending crash report (LP: #1850608)
- lib/bson/bson.c: properly initialize value.
Date: 2019-10-30 13:44:14.722985+00:00
Changed-By: Marc Deslauriers
Maintainer: Evan
livecd-rootfs (2.408.56) xenial; urgency=medium
* Backport enabling of adding extra snaps to ubuntu-core images via the
EXTRA_SNAPS environment (LP: #1849491).
Date: Wed, 30 Oct 2019 17:28:57 +0100
Changed-By: Łukasz 'sil2100' Zemczak
Maintainer: Ubuntu Developers