[ubuntu/xenial-updates] snapd-glib 1.49-0ubuntu0.16.04.1 (Accepted)
snapd-glib (1.49-0ubuntu0.16.04.1) xenial; urgency=medium * debian/control: - Change snapd recommends to suggests (LP: #1856196) Date: 2019-12-13 02:49:11.134802+00:00 Changed-By: Robert Ancell Signed-By: Chris Halse Rogers https://launchpad.net/ubuntu/+source/snapd-glib/1.49-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] sdl-image1.2 1.2.12-5+deb9u1ubuntu0.16.04.1 (Accepted)
sdl-image1.2 (1.2.12-5+deb9u1ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Arbitrary code execution in the XCF image rendering - debian/patches/CVE-2018-3977.patch: Fix potential buffer overflow on corrupt or maliciously-crafted XCF file. - CVE-2018-3977 * SECURITY UPDATE: Buffer overflows in IMG_pcx.c - debian/patches/IMG_pcx-out-of-bounds.patch: fix multiple OOB issues in IMG_pcx.c - CVE-2019-5051 - CVE-2019-12217 - CVE-2019-12219 - CVE-2019-12220 - CVE-2019-12221 - CVE-2019-1 * SECURITY UPDATE: Integer overflow when loading a PCX file - debian/patches/CVE-2019-5052.patch: Fix invalid data read on bpl == -1. - CVE-2019-5052 * SECURITY UPDATE: Heap-based buffer over-read in Blit1to4() - debian/patches/CVE-2019-7635.patch: fix Heap-Buffer Overflow in Blit1to4(). - CVE-2019-7635 * SECURITY UPDATE: Heap buffer overflow in IMG_pcx.c - debian/patches/CVE-2019-12218.patch: fix heap buffer overflow issue in IMG_pcx.c - CVE-2019-12218 - CVE-2019-12216 * SECURITY UPDATE: Heap-based buffer over-read in BlitNtoN() - debian/patches/CVE-2019-13616.patch: validate image size when loading BMP files. - CVE-2019-13616 Date: 2020-01-14 13:22:07.870521+00:00 Changed-By: Eduardo dos Santos Barretto Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/sdl-image1.2/1.2.12-5+deb9u1ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] makedumpfile 1:1.6.3-2~16.04.2 (Accepted)
makedumpfile (1:1.6.3-2~16.04.2) xenial; urgency=medium * Let the kernel decide the crashkernel offset for ppc64el (LP: #1741860) * Reload kdump after memory/CPU hotplug. (LP: #1655280) * Use a different service for vmcore dump. (LP: #1811692) * Reload kdump when CPU is brought online. (LP: #1828596) * Add a reload command. (LP: #1828596) * kdump-config: implement try-reload (LP: #1828596) * udev: hotplug: use try-reload (LP: #1828596) * Use reset_devices as a cmdline parameter. (LP: #1800566) Date: Wed, 18 Dec 2019 16:06:16 -0300 Changed-By: Thadeu Lima de Souza Cascardo Maintainer: Louis Bouchard Signed-By: Dan Streetman https://launchpad.net/ubuntu/+source/makedumpfile/1:1.6.3-2~16.04.2 Format: 1.8 Date: Wed, 18 Dec 2019 16:06:16 -0300 Source: makedumpfile Architecture: source Version: 1:1.6.3-2~16.04.2 Distribution: xenial Urgency: medium Maintainer: Louis Bouchard Changed-By: Thadeu Lima de Souza Cascardo Launchpad-Bugs-Fixed: 1655280 1741860 1800566 1811692 1828596 Changes: makedumpfile (1:1.6.3-2~16.04.2) xenial; urgency=medium . * Let the kernel decide the crashkernel offset for ppc64el (LP: #1741860) * Reload kdump after memory/CPU hotplug. (LP: #1655280) * Use a different service for vmcore dump. (LP: #1811692) * Reload kdump when CPU is brought online. (LP: #1828596) * Add a reload command. (LP: #1828596) * kdump-config: implement try-reload (LP: #1828596) * udev: hotplug: use try-reload (LP: #1828596) * Use reset_devices as a cmdline parameter. (LP: #1800566) Checksums-Sha1: 945fcf6d9f246895f50373b6dc87dd52731f51ee 2337 makedumpfile_1.6.3-2~16.04.2.dsc bdaec600f6832a94b91b4c99a7a320dd59d1ba8c 35848 makedumpfile_1.6.3-2~16.04.2.debian.tar.xz d4c91af8f8e6f451c5e57e293f637e795dcbe071 6602 makedumpfile_1.6.3-2~16.04.2_source.buildinfo Checksums-Sha256: 697839fd18b4e163a6d2f7945ecdc53326656af8925e731a9e6b35c8815f95de 2337 makedumpfile_1.6.3-2~16.04.2.dsc c467d361e853ae653f51e992b3e35791bbcc41fff568bd587fb903907eed215a 35848 makedumpfile_1.6.3-2~16.04.2.debian.tar.xz ad6ad7dd902185dc357fb43f55f5b957a0924afde1d1a381bf5cac093cb19a69 6602 makedumpfile_1.6.3-2~16.04.2_source.buildinfo Files: 7b4c3c5b0fb0586a3a253742698a102b 2337 devel optional makedumpfile_1.6.3-2~16.04.2.dsc ae3775901a99c02fed4ae18c25a18fc8 35848 devel optional makedumpfile_1.6.3-2~16.04.2.debian.tar.xz 97dd2411bd30eab95289f11c91d4821e 6602 devel optional makedumpfile_1.6.3-2~16.04.2_source.buildinfo -- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] sdl-image1.2 1.2.12-5+deb9u1ubuntu0.16.04.1 (Accepted)
sdl-image1.2 (1.2.12-5+deb9u1ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Arbitrary code execution in the XCF image rendering - debian/patches/CVE-2018-3977.patch: Fix potential buffer overflow on corrupt or maliciously-crafted XCF file. - CVE-2018-3977 * SECURITY UPDATE: Buffer overflows in IMG_pcx.c - debian/patches/IMG_pcx-out-of-bounds.patch: fix multiple OOB issues in IMG_pcx.c - CVE-2019-5051 - CVE-2019-12217 - CVE-2019-12219 - CVE-2019-12220 - CVE-2019-12221 - CVE-2019-1 * SECURITY UPDATE: Integer overflow when loading a PCX file - debian/patches/CVE-2019-5052.patch: Fix invalid data read on bpl == -1. - CVE-2019-5052 * SECURITY UPDATE: Heap-based buffer over-read in Blit1to4() - debian/patches/CVE-2019-7635.patch: fix Heap-Buffer Overflow in Blit1to4(). - CVE-2019-7635 * SECURITY UPDATE: Heap buffer overflow in IMG_pcx.c - debian/patches/CVE-2019-12218.patch: fix heap buffer overflow issue in IMG_pcx.c - CVE-2019-12218 - CVE-2019-12216 * SECURITY UPDATE: Heap-based buffer over-read in BlitNtoN() - debian/patches/CVE-2019-13616.patch: validate image size when loading BMP files. - CVE-2019-13616 Date: 2020-01-14 13:22:07.870521+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/sdl-image1.2/1.2.12-5+deb9u1ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] libgcrypt20 1.6.5-2ubuntu0.6 (Accepted)
libgcrypt20 (1.6.5-2ubuntu0.6) xenial-security; urgency=medium * SECURITY UPDATE: ECDSA timing attack - debian/patches/CVE-2019-13627.patch: add mitigation against timing attack in cipher/ecc-ecdsa.c, mpi/ec.c. - CVE-2019-13627 Date: 2020-01-13 19:11:18.848010+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/libgcrypt20/1.6.5-2ubuntu0.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libgcrypt20 1.6.5-2ubuntu0.6 (Accepted)
libgcrypt20 (1.6.5-2ubuntu0.6) xenial-security; urgency=medium * SECURITY UPDATE: ECDSA timing attack - debian/patches/CVE-2019-13627.patch: add mitigation against timing attack in cipher/ecc-ecdsa.c, mpi/ec.c. - CVE-2019-13627 Date: 2020-01-13 19:11:18.848010+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libgcrypt20/1.6.5-2ubuntu0.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes