[ubuntu/xenial-security] firefox 88.0+build2-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (88.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (88.0+build2)

  [ Olivier Tilloy ]
  * Re-enable and update debian/patches/unity-menubar.patch
  * On armhf, override the UA string used by an autopkgtest to prevent Google
from serving mobile content, which would break the test's expectations
(LP: #1923090)
- debian/tests/search-engines

  [ Rico Tzschichholz ]
  * Update cbindgen to 0.19.0
- debian/build/create-tarball.py
  * Use clang 12 if available
- debian/control{,.in}
- debian/build/rules.mk
  * Update patches
- debian/patches/rust-drop-dll-checksums.patch
- debian/patches/python3-remove-fstrings.patch
- debian/patches/python3-remove-variable-annotations.patch
  * Pass NASM only on supported archs
- debian/config/mozconfig.in

Date: 2021-04-16 13:46:14.366335+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/88.0+build2-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 90.0.4430.72-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (90.0.4430.72-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 90.0.4430.72
- CVE-2021-21201: Use after free in permissions.
- CVE-2021-21202: Use after free in extensions.
- CVE-2021-21203: Use after free in Blink.
- CVE-2021-21204: Use after free in Blink.
- CVE-2021-21205: Insufficient policy enforcement in navigation.
- CVE-2021-21221: Insufficient validation of untrusted input in Mojo.
- CVE-2021-21207: Use after free in IndexedDB.
- CVE-2021-21208: Insufficient data validation in QR scanner.
- CVE-2021-21209: Inappropriate implementation in storage.
- CVE-2021-21210: Inappropriate implementation in Network.
- CVE-2021-21211: Inappropriate implementation in Navigation.
- CVE-2021-21212: Incorrect security UI in Network Config UI.
- CVE-2021-21213: Use after free in WebMIDI.
- CVE-2021-21214: Use after free in Network API.
- CVE-2021-21215: Inappropriate implementation in Autofill.
- CVE-2021-21216: Inappropriate implementation in Autofill.
- CVE-2021-21217: Uninitialized Use in PDFium.
- CVE-2021-21218: Uninitialized Use in PDFium.
- CVE-2021-21219: Uninitialized Use in PDFium.
  * debian/patches/blink-animation-old-clang-compatibility.patch: added
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/define__libc_malloc.patch: refreshed
  * debian/patches/disable-sse2: removed, no longer needed
  * debian/patches/evdev-undefined-switch.patch: added
  * debian/patches/fix-c++17ism.patch: refreshed
  * debian/patches/gtk-symbols-conditional.patch: refreshed
  * debian/patches/import-missing-fcntl-defines.patch: updated
  * debian/patches/libaom-armhf-build-cpudetect.patch: added
  * debian/patches/revert-getrandom.patch: refreshed
  * debian/patches/revert-sequence-checker-capability-name.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed
  * debian/patches/wayland-scanner-add-missing-include.patch: refreshed
  * debian/patches/widevine-enable-version-string.patch: refreshed
  * debian/patches/widevine-other-locations: refreshed

chromium-browser (89.0.4389.128-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 89.0.4389.128
- CVE-2021-21206: Use after free in Blink.
- CVE-2021-21220: Insufficient validation of untrusted input in V8 for
  x86_64.

chromium-browser (89.0.4389.114-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 89.0.4389.114
- CVE-2021-21194: Use after free in screen capture.
- CVE-2021-21195: Use after free in V8.
- CVE-2021-21196: Heap buffer overflow in TabStrip.
- CVE-2021-21197: Heap buffer overflow in TabStrip.
- CVE-2021-21198: Out of bounds read in IPC.
- CVE-2021-21199: Use Use after free in Aura.

Date: 2021-04-15 10:29:09.260570+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/90.0.4430.72-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 87.0+build3-0ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

firefox (87.0+build3-0ubuntu0.16.04.2) xenial; urgency=medium

  * Fix FTBFS on ppc64el
- debian/patches/libpixman-disable-vmx.patch

firefox (87.0+build3-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (87.0+build3)

  [ Olivier Tilloy ]
  * Re-enable and update debian/patches/unity-menubar.patch

  [ Rico Tzschichholz ]
  * Update cbindgen to 0.18.0
- debian/build/create-tarball.py
  * Add Silesian language pack
- update debian/config/locales.all
- update debian/config/locales.shipped
- update debian/control
  * Drop upstreamed patches
- debian/patches/s390x-fix-hidden-symbol.patch
  * Update patches
- debian/patches/armhf-reduce-linker-memory-use.patch
- debian/patches/build-with-libstdc++-7.patch
- debian/patches/python3-remove-fstrings.patch

Date: 2021-03-23 05:57:08.309904+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/87.0+build3-0ubuntu0.16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 89.0.4389.90-0ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

chromium-browser (89.0.4389.90-0ubuntu0.16.04.2) xenial; urgency=medium

  * debian/control: add an explicit runtime dependency on libx11-xcb1
(LP: #1919146)

chromium-browser (89.0.4389.90-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 89.0.4389.90
- CVE-2021-21191: Use after free in WebRTC.
- CVE-2021-21192: Heap buffer overflow in tab groups.
- CVE-2021-21193: Use after free in Blink.

Date: 2021-03-18 14:29:14.794242+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/89.0.4389.90-0ubuntu0.16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 86.0.1+build1-0ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

firefox (86.0.1+build1-0ubuntu0.16.04.2) xenial; urgency=medium

  * Fix the URL used to download get-pip.py
- debian/tests/virtualenv-wrapper

firefox (86.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (86.0.1+build1)

Date: 2021-03-11 16:49:08.913649+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/86.0.1+build1-0ubuntu0.16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 89.0.4389.82-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

-*: remove (long gone) use_vulcanize build flag

chromium-browser (88.0.4324.96-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 88.0.4324.96
- CVE-2021-21117: Insufficient policy enforcement in Cryptohome.
- CVE-2021-21118: Insufficient data validation in V8.
- CVE-2021-21119: Use after free in Media.
- CVE-2021-21120: Use after free in WebSQL.
- CVE-2021-21121: Use after free in Omnibox.
- CVE-2021-21122: Use after free in Blink.
- CVE-2021-21123: Insufficient data validation in File System API.
- CVE-2021-21124: Potential user after free in Speech Recognizer.
- CVE-2021-21125: Insufficient policy enforcement in File System API.
- CVE-2020-16044: Use after free in WebRTC.
- CVE-2021-21126: Insufficient policy enforcement in extensions.
- CVE-2021-21127: Insufficient policy enforcement in extensions.
- CVE-2021-21128: Heap buffer overflow in Blink.
- CVE-2021-21129: Insufficient policy enforcement in File System API.
- CVE-2021-21130: Insufficient policy enforcement in File System API.
- CVE-2021-21131: Insufficient policy enforcement in File System API.
- CVE-2021-21132: Inappropriate implementation in DevTools.
- CVE-2021-21133: Insufficient policy enforcement in Downloads.
- CVE-2021-21134: Incorrect security UI in Page Info.
- CVE-2021-21135: Inappropriate implementation in Performance API.
- CVE-2021-21136: Insufficient policy enforcement in WebView.
- CVE-2021-21137: Inappropriate implementation in DevTools.
- CVE-2021-21138: Use after free in DevTools.
- CVE-2021-21139: Inappropriate implementation in iframe sandbox.
- CVE-2021-21140: Uninitialized Use in USB.
- CVE-2021-21141: Insufficient policy enforcement in File System API.
  * debian/control: do not suggest installing adobe-flashplugin (Flash is EOL)
  * debian/rules:
- build with use_allocator_shim=false to replace the default-allocator patch
- remove is_desktop_linux build flag
- build with use_vaapi=false to prevent the default on amd64 and i386 (since
  https://chromium.googlesource.com/chromium/src/+/7bc2776), because this
  requires a version of libva newer than what is available in xenial
  * debian/apport/chromium-browser.py: update the list of related packages
  * debian/chromium-browser.sh.in: do not try to detect Flash plugin
  * debian/patches/add-missing-minigbm-dep.patch: refreshed
  * debian/patches/closure-compiler-java-no-client-vm.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/default-allocator: removed, no longer needed
  * debian/patches/fix-c++17ism.patch: refreshed
  * debian/patches/fix-ptrace-header-include.patch: refreshed
  * debian/patches/no-dirmd.patch: added
  * debian/patches/revert-newer-xcb-requirement.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/stl-util-old-clang-compatibility.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed
  * debian/patches/widevine-enable-version-string.patch: refreshed
  * debian/patches/widevine-other-locations: refreshed
  * debian/known_gn_gen_args-*: remove is_desktop_linux build flag

chromium-browser (87.0.4280.141-0ubuntu0.16.04.2) xenial; urgency=medium

  * debian/patches/wayland-scanner-add-missing-include.patch: added

chromium-browser (87.0.4280.141-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 87.0.4280.141
- CVE-2021-21106: Use after free in autofill.
- CVE-2021-21107: Use after free in drag and drop.
- CVE-2021-21108: Use after free in media.
- CVE-2021-21109: Use after free in payments.
- CVE-2021-21110: Use after free in safe browsing.
- CVE-2021-2: Insufficient policy enforcement in WebUI.
- CVE-2021-21112: Use after free in Blink.
- CVE-2021-21113: Heap buffer overflow in Skia.
- CVE-2020-16043: Insufficient data validation in networking.
- CVE-2021-21114: Use after free in audio.
- CVE-2020-15995: Out of bounds write in V8.
- CVE-2021-21115: Use after free in safe browsing.
- CVE-2021-21116: Heap buffer overflow in audio.

chromium-browser (87.0.4280.88-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 87.0.4280.88

Date: 2021-03-07 05:53:12.908759+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/89.0.4389.82-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 86.0+build3-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (86.0+build3-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (86.0+build3)

firefox (86.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (86.0+build2)

  [ Olivier Tilloy ]
  * Reduce the LTO level (to "thin") on armhf to work around OOM failures on
Launchpad builders
- debian/build/rules.mk
- debian/patches/armhf-rustc-thin-lto.patch
  * Update test expectations
- debian/tests/html5test
  * Remove upstream patch
- debian/patches/upstream-fix-startup-hang.patch

  [ Rico Tzschichholz ]
  * Vendor dump_syms v0.0.7 and its dependencies in the source tarball
- debian/build/create-tarball.py
- debian/build/rules.mk
- debian/config/mozconfig.in
- debian/config/tarball.conf
  * Build-dep on libssl-dev as dump_syms dependency
- debian/control{,.in}
  * Update cbindgen to 0.17.0
- debian/build/create-tarball.py
  * Update patches
- debian/patches/armhf-do-not-build-qcms-with-neon.patch
- debian/patches/python3-remove-fstrings.patch
- debian/patches/unity-menubar.patch

Date: 2021-02-22 18:43:09.418461+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/86.0+build3-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 85.0.1+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (85.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (85.0.1+build1)

firefox (85.0+build1-0ubuntu0.16.04.3) xenial; urgency=medium

  * Ensure the version of pip used in the virtualenv wrapper is compatible
with Python 3.5 (pip 21.0 dropped support for it, see
https://github.com/pypa/pip/pull/9189) (LP: #1914450)
- debian/tests/control
- debian/tests/virtualenv-wrapper

firefox (85.0+build1-0ubuntu0.16.04.2) xenial; urgency=medium

  * Cherry-pick an upstream commit to address a startup hang (LP: #1914147)
- debian/patches/upstream-fix-startup-hang.patch

Date: 2021-02-05 11:55:09.303023+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/85.0.1+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] rustc 1.47.0+dfsg1+llvm-1ubuntu1~16.04.1 (Accepted)

[Chris Coulson]

 Fix patch for line numbers on little-endian arches.

rustc (1.44.1+dfsg1-2) unstable; urgency=medium

  * Ignore tests that assume little-endian on big-endian arches.
See upstream #74829 for details.

rustc (1.44.1+dfsg1-1) unstable; urgency=medium

  * Upload to unstable.
  * Backport a typenum fix for i386.
  * Work around upstream #74786 involving debuginfo maps.

rustc (1.44.1+dfsg1-1~exp1) experimental; urgency=medium

  * New upstream release.

rustc (1.43.0+dfsg1+llvm-1~exp1ubuntu3) UNRELEASED; urgency=medium

  * Relax rustc version constraint in Build-Depends to see if 1.41 can
build 1.43 on riscv64.

rustc (1.43.0+dfsg1+llvm-1~exp1ubuntu2) groovy; urgency=medium

  * Fix mismerge preventing tests from running.
  * Backport patch fixing miscompliation and subsequent crash on s390x
(adapted from https://src.fedoraproject.org/rpms/llvm/pull-request/49):
- add 
debian/patches/0001-InstCombine-Fix-big-endian-miscompile-of-bitcast-zex.patch
- update debian/patches/series

Date: 2020-12-10 07:37:14.859381+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/rustc/1.47.0+dfsg1+llvm-1ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] cargo 0.47.0-1~exp1ubuntu1~16.04.1 (Accepted)

[Chris Coulson]

cargo (0.47.0-1~exp1ubuntu1~16.04.1) xenial; urgency=medium

  * Backport to Xenial. (LP: #1901571)
  * Drop ssh_key_from_memory from the git2 default features, as that results
in the libgit2 build depending on a version of libssh2 that is too recent
- add debian/patches/git2-no-ssh_key_from_memory.patch
- update debian/patches/series
  * Do not use the http2 feature of the curl crate, and warn rather than fail
on errors caused by a too-old curl.
- add debian/patches/ignore-libcurl-errors.patch
- update debian/patches/series
  * Relax debhelper requirement.

cargo (0.47.0-1~exp1ubuntu1) hirsute; urgency=medium

  * Merge from Debian experimental (LP: #1901571): Remaining changes:
- Don't use the bootstrap.py script for bootstrapping as it no longer
  works.
  - remove debian/bootstrap.py
  - update debian/make_orig_multi.sh
- Embed libgit2 1.0.0 which is not yet in Debian or Ubuntu.
  - add debian/libgit2
  - add debian/patches/use-system-libhttp-parser.patch
  - update debian/control
  - update debian/copyright
  - update debiab/patches/series
  - update debian/README.source
  - update debian/rules
  * d/patches/0001-relax-deprecated-diagnostic-message-check.patch:
backport fix for tests that fail with rustc 1.47 from upstream.
  * d/patches/skip-filters_target-i386.patch: skip a test that fails on
i386 for silly reasons.

cargo (0.47.0-1~exp1) experimental; urgency=medium

  * New upstream release.

Date: 2020-12-11 06:31:14.808820+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/cargo/0.47.0-1~exp1ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 85.0+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (85.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (85.0+build1)

  [ Olivier Tilloy ]
  * Re-enable and update debian/patches/unity-menubar.patch
  * Update test expectation (https://bugzilla.mozilla.org/1680596)
- debian/tests/html5test
  * Partially rewrite an autopkgtest to make it more robust
- debian/tests/search-engines
  * Remove patches that are no longer needed
- debian/patches/fix-make-package-tests-without-webrtc.patch
- debian/patches/ppc-no-static-sizes.patch

  [ Rico Tzschichholz ]
  * Bump build-dep on rustc >= 1.47.0 and cargo >= 0.47
- debian/control{,.in}
  * Make cargo 0.47 aka 1.46.0 sufficient
- debian/patches/relax-cargo-dep.patch
  * Update cbindgen to 0.16.0
- debian/build/create-tarball.py
  * Reduce the rust debuginfo level unconditionally on all architectures,
given that builds started failing reliably on amd64 with rustc 1.47
- update
  debian/patches/reduce-rust-debuginfo-on-selected-architectures.patch and
  rename it to debian/patches/reduce-rust-debuginfo.patch
  * Update patches
- debian/patches/python3-remove-fstrings.patch

Date: 2021-01-18 20:53:10.091885+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/85.0+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 84.0.2+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (84.0.2+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (84.0.2+build1)

Date: 2021-01-06 12:34:08.811486+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/84.0.2+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20201231.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20201231.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * Handle Flash Player EOL by providing an empty package
- Remove debian/10-flash, debian/adobe-flashplugin.install.in,
  debian/adobe-flashplugin.postinst, debian/adobe-flashplugin.prerm,
  debian/adobe-flash-properties-gtk.install.in, debian/dirs.
- Remove debhelper overrides from debian/rules.
- Remove Adobe license from debian/copyright.
- Remove unneeded dependencies from debian/control
- Update package descriptions in debian/control
- Add debian/adobe-flashplugin.maintscript to handle conffile cleanup

Date: Tue, 05 Jan 2021 13:15:46 +
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20201231.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 05 Jan 2021 13:15:46 +
Source: adobe-flashplugin
Architecture: source
Version: 1:20201231.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20201231.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * Handle Flash Player EOL by providing an empty package
 - Remove debian/10-flash, debian/adobe-flashplugin.install.in,
   debian/adobe-flashplugin.postinst, debian/adobe-flashplugin.prerm,
   debian/adobe-flash-properties-gtk.install.in, debian/dirs.
 - Remove debhelper overrides from debian/rules.
 - Remove Adobe license from debian/copyright.
 - Remove unneeded dependencies from debian/control
 - Update package descriptions in debian/control
 - Add debian/adobe-flashplugin.maintscript to handle conffile cleanup
Checksums-Sha1:
 950c50721a6db651e43e3a92ca65a2db97a6c819 1736 
adobe-flashplugin_20201231.1-0ubuntu0.16.04.1.dsc
 c23b9f3e0dbe58eb7f5e568af6ec6c2eb8c1abb0 6350 
adobe-flashplugin_20201231.1-0ubuntu0.16.04.1.diff.gz
 18a9f3c512a3eeea62561da63b18d0ef68c01dcc 6885 
adobe-flashplugin_20201231.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 57b9916678063c87f3b786ea0c30e22a8a8a5d619cbd38b242cf0e9058f45956 1736 
adobe-flashplugin_20201231.1-0ubuntu0.16.04.1.dsc
 9956e90e666d6a5dc3230b227426697f1ca7021f0bab25e81686f07def3b3abf 6350 
adobe-flashplugin_20201231.1-0ubuntu0.16.04.1.diff.gz
 0e8b9f69a007f72c97ee909981b34354f8c35c81d963a90c0fdf9a24734b3b92 6885 
adobe-flashplugin_20201231.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 74b03b7ebdcb071577dbc2326b65db6d 1736 partner/web optional 
adobe-flashplugin_20201231.1-0ubuntu0.16.04.1.dsc
 477f47df4a9da9219fe0365b41b10d50 6350 partner/web optional 
adobe-flashplugin_20201231.1-0ubuntu0.16.04.1.diff.gz
 0313aa03db39e828cb42fcfab5c29c76 6885 partner/web optional 
adobe-flashplugin_20201231.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.465ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.465ubuntu0.16.04.2) xenial-security; urgency=medium

  * Handle Flash Player EOL by removing the plugin.
- Remove debian/clean, debian/flashplugin-installer.config,
  debian/flashplugin-installer.dirs, debian/flashplugin-installer.install,
  debian/flashplugin-installer.templates, debian/po,
  debian/post-download-hook and debian/post-download-script.in.
- Remove debhelper overrides from debian/rules.
- Remove unneeded dependencies from debian/control
- Update package descriptions in debian/control
- Remove local file installation from debian/flashplugin-installer.postinst.

Date: 2021-01-05 14:29:18.997635+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.465ubuntu0.16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 84.0.1+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (84.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (84.0.1+build1)

Date: 2020-12-22 15:18:09.710366+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/84.0.1+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 84.0+build3-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (84.0+build3-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (84.0+build3)

firefox (84.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (84.0+build2)

firefox (84.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (84.0+build1)

  [ Olivier Tilloy ]
  * Update the apparmor profile to permit shared memory access for IPC under
Wayland (LP: #1894006)
- debian/usr.bin.firefox.apparmor.14.10
  * Update patches
- debian/patches/unity-menubar.patch

  [ Rico Tzschichholz ]
  * Update patches
- debian/patches/armhf-do-not-build-qcms-with-neon.patch
- debian/patches/armhf-reduce-linker-memory-use.patch
- debian/patches/build-with-libstdc++-7.patch
- debian/patches/lower-python3-requirement.patch
- debian/patches/python3-remove-fstrings.patch
- debian/patches/python3-remove-variable-annotations.patch
- debian/patches/reduce-rust-debuginfo-on-selected-architectures.patch
- debian/patches/silence-gtk-style-assertions.patchs
- debian/patches/support-coinstallable-trunk-build.patch
- debian/patches/ubuntu-ua-string-changes.patch
- debian/patches/use-system-icupkg.patch
  * Exclude more files from the generated source tarball
- debian/config/tarball.conf

Date: 2020-12-14 08:51:15.613311+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/84.0+build3-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.465ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.465ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.465)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-12-08 13:00:24.654251+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.465ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20201208.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20201208.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.465)

Date: Tue, 08 Dec 2020 09:03:27 +
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20201208.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 08 Dec 2020 09:03:27 +
Source: adobe-flashplugin
Architecture: source
Version: 1:20201208.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20201208.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.465)
Checksums-Sha1:
 2594e84d0f53caad866cb0309bff6781e7ebc370 2063 
adobe-flashplugin_20201208.1-0ubuntu0.16.04.1.dsc
 d11b537258381b48394eea329cf8704a2dfe74d4 8265 
adobe-flashplugin_20201208.1-0ubuntu0.16.04.1.diff.gz
 2015eb6cc8b19c5b57ee481b1449fcb4ec3105e5 12552 
adobe-flashplugin_20201208.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 1688be8826eba33f78f9503e75fe419bb972ae982942e672bbffbe15b0611ec5 2063 
adobe-flashplugin_20201208.1-0ubuntu0.16.04.1.dsc
 ca46a8797c34d4b4126877505e9ae400477900a195add48b1858a655c32b8860 8265 
adobe-flashplugin_20201208.1-0ubuntu0.16.04.1.diff.gz
 ad6a13278b0fd814e939f19b970ec5fbbefb6b5c3fd7b620f14250f3da5c54e0 12552 
adobe-flashplugin_20201208.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 b4d2e60d3618396d2f566c5eb8caed66 2063 partner/web optional 
adobe-flashplugin_20201208.1-0ubuntu0.16.04.1.dsc
 6cb287a096731c6ac4504fe6d7061e3f 8265 partner/web optional 
adobe-flashplugin_20201208.1-0ubuntu0.16.04.1.diff.gz
 5b52c64645b49827fb3e622bb4d156c4 12552 partner/web optional 
adobe-flashplugin_20201208.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 87.0.4280.66-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (87.0.4280.66-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 87.0.4280.66
- CVE-2020-16018: Use after free in payments.
- CVE-2020-16019: Inappropriate implementation in filesystem.
- CVE-2020-16020: Inappropriate implementation in cryptohome.
- CVE-2020-16021: Race in ImageBurner.
- CVE-2020-16022: Insufficient policy enforcement in networking.
- CVE-2020-16015: Insufficient data validation in WASM.
- CVE-2020-16014: Use after free in PPAPI.
- CVE-2020-16023: Use after free in WebCodecs.
- CVE-2020-16024: Heap buffer overflow in UI.
- CVE-2020-16025: Heap buffer overflow in clipboard.
- CVE-2020-16026: Use after free in WebRTC.
- CVE-2020-16027: Insufficient policy enforcement in developer tools.
- CVE-2020-16028: Heap buffer overflow in WebRTC.
- CVE-2020-16029: Inappropriate implementation in PDFium.
- CVE-2020-16030: Insufficient data validation in Blink.
- CVE-2019-8075: Insufficient data validation in Flash.
- CVE-2020-16031: Incorrect security UI in tab preview.
- CVE-2020-16032: Incorrect security UI in sharing.
- CVE-2020-16033: Incorrect security UI in WebUSB.
- CVE-2020-16034: Inappropriate implementation in WebRTC.
- CVE-2020-16035: Insufficient data validation in cros-disks.
- CVE-2020-16012: Side-channel information leakage in graphics.
- CVE-2020-16036: Inappropriate implementation in cookies.
  * debian/rules: set chrome_pgo_phase build flag to 0 to disable PGO, because
the upstream profile data is not compatible with the version of clang used
to build chromium
  * debian/patches/default-allocator: refreshed
  * debian/patches/fix-different-language-linkage-error.patch: removed, no
longer needed
  * debian/patches/fix-ptrace-header-include.patch: refreshed
  * debian/patches/gtk-symbols-conditional.patch: updated
  * debian/patches/revert-getrandom.patch: added
  * debian/patches/revert-newer-xcb-requirement.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/stl-util-old-clang-compatibility.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/use-clang-versioned.patch: refreshed

Date: 2020-11-17 22:25:13.546792+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/87.0.4280.66-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 83.0+build2-0ubuntu0.16.04.3 (Accepted)

[Chris Coulson]

firefox (83.0+build2-0ubuntu0.16.04.3) xenial; urgency=medium

  * Silence more GTK style-related assertions
- debian/patches/silence-gtk-style-assertions.patch

firefox (83.0+build2-0ubuntu0.16.04.2) xenial; urgency=medium

  * Fix FTBFS on arm*
- add sandbox-update-arm-syscall-numbers.patch

firefox (83.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release (83.0+build2)

  [ Olivier Tilloy ]
  * Fix FTBFS on armhf
- update debian/patches/fix-armhf-webrtc-build.patch
- add debian/patches/armhf-do-not-build-qcms-with-neon.patch
  * Fix an autopkgtest that started failing reliably
- debian/tests/search-engines
  * Update patches
- debian/patches/python3-remove-fstrings.patch

  [ Rico Tzschichholz ]
  * Update patches
- debian/patches/support-coinstallable-trunk-build.patch
- debian/patches/webrtc-fix-compiler-flags-for-armhf.patch

Date: 2020-11-18 09:17:18.595028+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/83.0+build2-0ubuntu0.16.04.3
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 86.0.4240.198-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (86.0.4240.198-0ubuntu0.16.04.1) xenial; urgency=medium

  * Stable channel update: 86.0.4240.198
- CVE-2020-16013: Inappropriate implementation in V8.
- CVE-2020-16017: Use after free in site isolation.

chromium-browser (86.0.4240.193-0ubuntu0.16.04.1) xenial; urgency=medium

  * Stable channel update: 86.0.4240.193

chromium-browser (86.0.4240.183-0ubuntu0.16.04.1) xenial; urgency=medium

  * Stable channel update: 86.0.4240.183
- CVE-2020-16005: Insufficient policy enforcement in ANGLE.
- CVE-2020-16006: Inappropriate implementation in V8.
- CVE-2020-16007: Insufficient data validation in installer.
- CVE-2020-16008: Stack buffer overflow in WebRTC.
- CVE-2020-16009: Inappropriate implementation in V8.
- CVE-2020-16011: Heap buffer overflow in UI on Windows.

chromium-browser (86.0.4240.111-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 86.0.4240.111
- CVE-2020-16000: Inappropriate implementation in Blink.
- CVE-2020-16001: Use after free in media.
- CVE-2020-16002: Use after free in PDFium.
- CVE-2020-15999: Heap buffer overflow in Freetype.
- CVE-2020-16003: Use after free in printing.

Date: 2020-11-12 06:24:15.611992+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/86.0.4240.198-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.453ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.453ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.453)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-11-10 16:41:19.487151+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.453ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20201110.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20201110.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.453)

Date: Tue, 10 Nov 2020 16:20:08 +
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20201110.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 10 Nov 2020 16:20:08 +
Source: adobe-flashplugin
Architecture: source
Version: 1:20201110.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20201110.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.453)
Checksums-Sha1:
 0f7640beced7a0ff0fa65b21e3d1b488fbf1e65f 2063 
adobe-flashplugin_20201110.1-0ubuntu0.16.04.1.dsc
 540cbeeac3ecc6b6e5738db9f369f1342e350834 8232 
adobe-flashplugin_20201110.1-0ubuntu0.16.04.1.diff.gz
 61693b080de31e346b745f04934b75f116926d7f 12544 
adobe-flashplugin_20201110.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 3b329b83b8b3a4abf12d649f759ae994cb07fbcbca697f89e965fdc0e362b507 2063 
adobe-flashplugin_20201110.1-0ubuntu0.16.04.1.dsc
 60a7f9d92e1cebbe6a45e75120b0878d677e32bc9a5415d17372cb30d3c7dc45 8232 
adobe-flashplugin_20201110.1-0ubuntu0.16.04.1.diff.gz
 a6f2964d7bb5ef50bf847df8018eee6062885588956df1d28efcd7d8ff9268c0 12544 
adobe-flashplugin_20201110.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 f1982f57d69040583c0afae9d76a1b1d 2063 partner/web optional 
adobe-flashplugin_20201110.1-0ubuntu0.16.04.1.dsc
 608c514f691249ae9e5a7709a32bfbe5 8232 partner/web optional 
adobe-flashplugin_20201110.1-0ubuntu0.16.04.1.diff.gz
 c4715b724bf58bde6ddd551fe3b00083 12544 partner/web optional 
adobe-flashplugin_20201110.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 82.0.3+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (82.0.3+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (82.0.3+build1)

Date: 2020-11-09 14:31:14.132455+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/82.0.3+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 82.0.2+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (82.0.2+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (82.0.2+build1)

firefox (82.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (82.0.1+build1)

Date: 2020-10-28 14:16:21.772507+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/82.0.2+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 82.0+build2-0ubuntu0.16.04.5 (Accepted)

[Chris Coulson]

firefox (82.0+build2-0ubuntu0.16.04.5) xenial; urgency=medium

  * Silence more GTK style-related assertions
- debian/patches/silence-gtk-style-assertions.patch

firefox (82.0+build2-0ubuntu0.16.04.4) xenial; urgency=medium

  * Silence more GTK style-related assertions
- debian/patches/silence-gtk-style-assertions.patch

firefox (82.0+build2-0ubuntu0.16.04.3) xenial; urgency=medium

  * Fix a FTBFS with the patch that silences GTK style-related assertions
- debian/patches/silence-gtk-style-assertions.patch

firefox (82.0+build2-0ubuntu0.16.04.2) xenial; urgency=medium

  * Silence GTK style-related assertions
- debian/patches/silence-gtk-style-assertions.patch

firefox (82.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (82.0+build2)

  [ Rico Tzschichholz ]
  * Update cbindgen to 0.15.0
- debian/build/create-tarball.py
  * Update patches
- debian/patches/ppc-no-static-sizes.patch
- debian/patches/lower-python3-requirement.patch
- debian/patches/unity-menubar.patch

Date: 2020-10-23 17:23:15.141485+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/82.0+build2-0ubuntu0.16.04.5
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.445ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.445ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.445)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-10-15 16:37:22.482794+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.445ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20201013.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20201013.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.445)

Date: Thu, 15 Oct 2020 16:56:23 +0100
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20201013.1-0ubuntu0.16.04.1
Format: 1.8
Date: Thu, 15 Oct 2020 16:56:23 +0100
Source: adobe-flashplugin
Architecture: source
Version: 1:20201013.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20201013.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.445)
Checksums-Sha1:
 8f600722c31df3aac96285518dab186c88cf7c34 2063 
adobe-flashplugin_20201013.1-0ubuntu0.16.04.1.dsc
 8bd15fd636c1c0eb812a4ef17b256a678e765b7f 8216 
adobe-flashplugin_20201013.1-0ubuntu0.16.04.1.diff.gz
 0b120bd88307ff1438f236fe2eaee648651a1d4f 12509 
adobe-flashplugin_20201013.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 f88f82b74da681c29ed609f57650ad60bab4cb064deaad715217bcf037c0e7a6 2063 
adobe-flashplugin_20201013.1-0ubuntu0.16.04.1.dsc
 9b9ceb61b69384b3c69d9aae448227468e6d364bfe1bcc9e7c0defefc1871655 8216 
adobe-flashplugin_20201013.1-0ubuntu0.16.04.1.diff.gz
 a6c25d90f52358e066fd7477abc92715f60307c72dc2e633e2acb5375f5daf17 12509 
adobe-flashplugin_20201013.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 c5b7b58b75a145baa9449f84eb63f657 2063 partner/web optional 
adobe-flashplugin_20201013.1-0ubuntu0.16.04.1.dsc
 51244d23c8948fc8950fa65d5a01173e 8216 partner/web optional 
adobe-flashplugin_20201013.1-0ubuntu0.16.04.1.diff.gz
 2e43d88b72c10bba1b238bf28a42ea9f 12509 partner/web optional 
adobe-flashplugin_20201013.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 81.0.2+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (81.0.2+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (81.0.2+build1)

firefox (81.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (81.0.1+build1)

Date: 2020-10-13 17:40:16.854675+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/81.0.2+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 86.0.4240.75-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (86.0.4240.75-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 86.0.4240.75
- CVE-2020-15967: Use after free in payments.
- CVE-2020-15968: Use after free in Blink.
- CVE-2020-15969: Use after free in WebRTC.
- CVE-2020-15970: Use after free in NFC.
- CVE-2020-15971: Use after free in printing.
- CVE-2020-15972: Use after free in audio.
- CVE-2020-15990: Use after free in autofill.
- CVE-2020-15991: Use after free in password manager.
- CVE-2020-15973: Insufficient policy enforcement in extensions.
- CVE-2020-15974: Integer overflow in Blink.
- CVE-2020-15975: Integer overflow in SwiftShader.
- CVE-2020-15976: Use after free in WebXR.
- CVE-2020-6557: Inappropriate implementation in networking.
- CVE-2020-15977: Insufficient data validation in dialogs.
- CVE-2020-15978: Insufficient data validation in navigation.
- CVE-2020-15979: Inappropriate implementation in V8.
- CVE-2020-15980: Insufficient policy enforcement in Intents.
- CVE-2020-15981: Out of bounds read in audio.
- CVE-2020-15982: Side-channel information leakage in cache.
- CVE-2020-15983: Insufficient data validation in webUI.
- CVE-2020-15984: Insufficient policy enforcement in Omnibox.
- CVE-2020-15985: Inappropriate implementation in Blink.
- CVE-2020-15986: Integer overflow in media.
- CVE-2020-15987: Use after free in WebRTC.
- CVE-2020-15992: Insufficient policy enforcement in networking.
- CVE-2020-15988: Insufficient policy enforcement in downloads.
- CVE-2020-15989: Uninitialized Use in PDFium.
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/default-allocator: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-c++17ism.patch: added
  * debian/patches/fix-different-language-linkage-error.patch: added
  * debian/patches/gtk-symbols-conditional.patch: refreshed
  * debian/patches/import-missing-fcntl-defines.patch: added
  * debian/patches/node-use-system-wide.patch: refreshed
  * debian/patches/revert-newer-xcb-requirement.patch: added
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/stl-util-old-clang-compatibility.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: updated
  * debian/patches/upstream-fix-crash-in-MediaSerializer-base-Location.patch:
removed, no longer needed
  * debian/patches/widevine-enable-version-string.patch: refreshed
  * debian/patches/widevine-other-locations: refreshed

Date: 2020-10-07 20:21:13.165568+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/86.0.4240.75-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 85.0.4183.121-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (85.0.4183.121-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 85.0.4183.121
- CVE-2020-15960: Heap buffer overflow in storage.
- CVE-2020-15961: Insufficient policy enforcement in extensions.
- CVE-2020-15962: Insufficient policy enforcement in serial.
- CVE-2020-15963: Insufficient policy enforcement in extensions.
- CVE-2020-15965: Type Confusion in V8.
- CVE-2020-15966: Insufficient policy enforcement in extensions.
- CVE-2020-15964: Insufficient data validation in media.

chromium-browser (85.0.4183.102-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 85.0.4183.102
- CVE-2020-6573: Use after free in video.
- CVE-2020-6574: Insufficient policy enforcement in installer.
- CVE-2020-6575: Race in Mojo.
- CVE-2020-6576: Use after free in offscreen canvas.
- CVE-2020-15959: Insufficient policy enforcement in networking.

Date: 2020-09-21 20:16:14.854779+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/85.0.4183.121-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 81.0+build2-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (81.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (81.0+build2)

firefox (81.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (81.0+build1)

  [ Olivier Tilloy ]
  * Re-enable and update debian/patches/unity-menubar.patch
  * Fix more build failures with Python 3.5
- debian/patches/python3-remove-fstrings.patch
- debian/patches/python3-remove-pep487.patch
- debian/patches/python3-remove-variable-annotations.patch
  * Add allow-stderr to all tests, because pip started emitting deprecation
warnings for Python 3.5 on stderr
- debian/tests/control
  * Remove upstreamed patch
- debian/patches/fix-flash-plugin-symbol-lookup-error.patch

  [ Rico Tzschichholz ]
  * Use clang 11 if available and drop 9
- debian/control{,.in}
- debian/build/rules.mk
  * Drop obsolete AppArmor profile and conditionals
- debian/rules
- debian/usr.bin.firefox.apparmor.13.10
  * Drop armel arch references
- debian/build/rules.mk
- debian/config/mozconfig.in
  * Export MACH_USE_SYSTEM_PYTHON=1
- debian/build/rules.mk
  * Update patches
- debian/patches/fix-armhf-webrtc-build.patch
- debian/patches/support-coinstallable-trunk-build.patch
- debian/patches/ubuntu-ua-string-changes.patch
  * Update cbindgen to 0.14.4
- debian/build/create-tarball.py

Date: 2020-09-17 08:35:17.025234+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/81.0+build2-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20200714.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20200714.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.403)

Date: Tue, 14 Jul 2020 16:47:35 +0100
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20200714.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 14 Jul 2020 16:47:35 +0100
Source: adobe-flashplugin
Architecture: source
Version: 1:20200714.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20200714.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.403)
Checksums-Sha1:
 9c6d880740cdb580f0887d0af2792ed20a80b22e 2063 
adobe-flashplugin_20200714.1-0ubuntu0.16.04.1.dsc
 2ea015392e70bb4cf6f0c4b1e56ed1ae0af98386 8178 
adobe-flashplugin_20200714.1-0ubuntu0.16.04.1.diff.gz
 8f219694cf9ac54436c65b9233224401b7e5549e 12182 
adobe-flashplugin_20200714.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 1688eada411ed06021cc7c79ffcd01d9f49e4db94a3f11265afe4af1143c6d0a 2063 
adobe-flashplugin_20200714.1-0ubuntu0.16.04.1.dsc
 e66455d3fe1f44361255ef780de9ddc85293d0a1dc75fd0c4361e25e2d550f91 8178 
adobe-flashplugin_20200714.1-0ubuntu0.16.04.1.diff.gz
 29299c4fe53548df5ca8713894ee7537b3335efd7d47e17f27ef5e00059417b9 12182 
adobe-flashplugin_20200714.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 857b7dca332a38bf4b0e47e2174a023e 2063 partner/web optional 
adobe-flashplugin_20200714.1-0ubuntu0.16.04.1.dsc
 9147425327d9d84d76419a531f527e1d 8178 partner/web optional 
adobe-flashplugin_20200714.1-0ubuntu0.16.04.1.diff.gz
 76a2203a5b1c1c5a7680e67175d18ff6 12182 partner/web optional 
adobe-flashplugin_20200714.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 85.0.4183.83-0ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

chromium-browser (85.0.4183.83-0ubuntu0.16.04.2) xenial; urgency=medium

  * debian/rules: install libEGL.so and libGLESv2.so, needed for
hardware-accelerated rendering

chromium-browser (85.0.4183.83-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 85.0.4183.83
- CVE-2020-6558: Insufficient policy enforcement in iOS.
- CVE-2020-6559: Use after free in presentation API.
- CVE-2020-6560: Insufficient policy enforcement in autofill.
- CVE-2020-6561: Inappropriate implementation in Content Security Policy.
- CVE-2020-6562: Insufficient policy enforcement in Blink.
- CVE-2020-6563: Insufficient policy enforcement in intent handling.
- CVE-2020-6564: Incorrect security UI in permissions.
- CVE-2020-6565: Incorrect security UI in Omnibox.
- CVE-2020-6566: Insufficient policy enforcement in media.
- CVE-2020-6567: Insufficient validation of untrusted input in command line 
handling.
- CVE-2020-6568: Insufficient policy enforcement in intent handling.
- CVE-2020-6569: Integer overflow in WebUSB.
- CVE-2020-6570: Side-channel information leakage in WebRTC.
- CVE-2020-6571: Incorrect security UI in Omnibox.
  * debian/control:
- remove build dependencies on python-xcbgen and xcb-proto (no longer
  needed since https://chromium.googlesource.com/chromium/src/+/a8e4195d)
- remove build dependency on libdrm-dev and libgbm-dev (use the third party
  copies instead)
  * debian/rules: build with use_system_libdrm=false and
use_system_minigbm=false as chromium now requires versions of these
libraries that are newer than what is found in xenial-security
  * debian/patches/add-missing-minigbm-dep.patch: added
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/define-libdrm-missing-identifiers.patch: removed, no longer
needed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-build-with-older-xcb-proto.patch: removed, no longer
needed
  * debian/patches/relax-ninja-version-requirement.patch: updated
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/stl-util-old-clang-compatibility.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/use-old-mesa.patch: removed, no longer needed
  * debian/patches/widevine-other-locations: refreshed
  * debian/tests/html5test: update test expectations for the removal of the
application cache
(see https://www.chromestatus.com/feature/6192449487634432)

chromium-browser (84.0.4147.135-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 84.0.4147.135
- CVE-2020-6542: Use after free in ANGLE.
- CVE-2020-6543: Use after free in task scheduling.
- CVE-2020-6544: Use after free in media.
- CVE-2020-6545: Use after free in audio.
- CVE-2020-6546: Inappropriate implementation in installer.
- CVE-2020-6547: Incorrect security UI in media.
- CVE-2020-6548: Heap buffer overflow in Skia.
- CVE-2020-6549: Use after free in media.
- CVE-2020-6550: Use after free in IndexedDB.
- CVE-2020-6551: Use after free in WebXR.
- CVE-2020-6552: Use after free in Blink.
- CVE-2020-6553: Use after free in offline mode.
- CVE-2020-6554: Use after free in extensions.
- CVE-2020-6555: Out of bounds read in WebGL.
- CVE-2020-6556: Heap buffer overflow in SwiftShader.

Date: 2020-08-31 13:18:14.080568+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/85.0.4183.83-0ubuntu0.16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 80.0.1+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (80.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (80.0.1+build1)

firefox (80.0+build2-0ubuntu0.16.04.2) xenial; urgency=medium

  * Fix Flash plugin symbol lookup error (LP: #1893021)
- debian/patches/fix-flash-plugin-symbol-lookup-error.patch

Date: 2020-09-01 20:16:19.799957+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/80.0.1+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 80.0+build2-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (80.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (80.0+build2)

  [ Olivier Tilloy ]
  * Re-enable and update debian/patches/unity-menubar.patch
  * Fix build failure with Python 3.5
- debian/patches/python3-remove-variable-annotations.patch

  [ Rico Tzschichholz ]
  * Update patches
- debian/patches/armhf-reduce-linker-memory-use.patch
- debian/patches/rust-drop-dll-checksums.patch
  * Drop obsolete patches
- debian/patches/revert-1fce91651f43.patch
  * Drop custom icupkg command in favour of upstream buildsys handling
- debian/build/rules.mk
- debian/patches/use-system-icupkg.patch

Date: 2020-08-23 21:19:13.964654+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/80.0+build2-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.414ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.414ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.414)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-08-11 15:32:22.258967+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.414ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20200811.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20200811.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.414)

Date: Tue, 11 Aug 2020 16:15:02 +0100
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20200811.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 11 Aug 2020 16:15:02 +0100
Source: adobe-flashplugin
Architecture: source
Version: 1:20200811.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20200811.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.414)
Checksums-Sha1:
 fa375aef2b7716576d834b6107680c397f3f9413 2066 
adobe-flashplugin_20200811.1-0ubuntu0.16.04.1.dsc
 68e6d753f77426d58a08c8150b006ff089c1bf07 13200 
adobe-flashplugin_20200811.1-0ubuntu0.16.04.1.diff.gz
 a837aa09e27fecadf184d908483a4d569000d08b 12258 
adobe-flashplugin_20200811.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 8b454d15ad054b1c9d1e0b49e33b427d6f0ba66e2c744f6bc5c31b97047dc1ab 2066 
adobe-flashplugin_20200811.1-0ubuntu0.16.04.1.dsc
 f090e2188d3a231d2bfc84567ef84877f785bfc45a93a07b26d731b6bf87e026 13200 
adobe-flashplugin_20200811.1-0ubuntu0.16.04.1.diff.gz
 b07cee73eeb9b3e3cb61e35f36dc76138aa53738e11d211983d68e60612a3625 12258 
adobe-flashplugin_20200811.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 a2f5d7d2f530d3aafcf12da7f2148cf3 2066 partner/web optional 
adobe-flashplugin_20200811.1-0ubuntu0.16.04.1.dsc
 c27378c17798f9dd0d231cf011ad92e5 13200 partner/web optional 
adobe-flashplugin_20200811.1-0ubuntu0.16.04.1.diff.gz
 a0d47b61b61f650e4095fb1a6903ed29 12258 partner/web optional 
adobe-flashplugin_20200811.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 84.0.4147.105-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

.
- CVE-2020-6477: Inappropriate implementation in installer.
- CVE-2020-6478: Inappropriate implementation in full screen.
- CVE-2020-6479: Inappropriate implementation in sharing.
- CVE-2020-6480: Insufficient policy enforcement in enterprise.
- CVE-2020-6481: Insufficient policy enforcement in URL formatting.
- CVE-2020-6482: Insufficient policy enforcement in developer tools.
- CVE-2020-6483: Insufficient policy enforcement in payments.
- CVE-2020-6484: Insufficient data validation in ChromeDriver.
- CVE-2020-6485: Insufficient data validation in media router.
- CVE-2020-6486: Insufficient policy enforcement in navigations.
- CVE-2020-6487: Insufficient policy enforcement in downloads.
- CVE-2020-6488: Insufficient policy enforcement in downloads.
- CVE-2020-6489: Inappropriate implementation in developer tools.
- CVE-2020-6490: Insufficient data validation in loader.
- CVE-2020-6491: Incorrect security UI in site information.
  * debian/control: add build dependency on python-pkg-resources (needed for
jinja2, since https://chromium.googlesource.com/chromium/src/+/312b6bf)
  * debian/rules: copy missing source file for gn build
  * debian/patches/chromium_useragent.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/enable-chromecast-by-default.patch: refreshed
  * debian/patches/gtk-symbols-conditional.patch: added
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/stl-util-old-clang-compatibility.patch: added
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/upstream-fix-build-atk-226.patch: removed, no longer needed
  * debian/patches/use-clang-versioned.patch: refreshed
  * debian/patches/use-old-mesa.patch: refreshed

Date: 2020-07-29 14:38:24.161811+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/84.0.4147.105-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-updates] grub2_2.02~beta2-36ubuntu3.26_arm64.tar.gz - (Accepted)

[Chris Coulson]

grub2 (2.02~beta2-36ubuntu3.26) xenial; urgency=medium

  [ Chris Coulson ]
  * SECURITY UPDATE: Heap buffer overflow when encountering commands that
cannot be tokenized to less than 8192 characters.
- 0082-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch: Make
  fatal lexer errors actually be fatal
- CVE-2020-10713
  * SECURITY UPDATE: Multiple integer overflow bugs that could result in
heap buffer allocations that were too small and subsequent heap buffer
overflows when handling certain filesystems, font files or PNG images.
- 0083-safemath-Add-some-arithmetic-primitives-that-check-f.patch: Add
  arithmetic primitives that allow for overflows to be detected
- 0084-calloc-Make-sure-we-always-have-an-overflow-checking.patch:
  Make sure that there is always an overflow checking implementation
  of calloc() available
- 0085-calloc-Use-calloc-at-most-places.patch: Use calloc where
  appropriate
- 0086-malloc-Use-overflow-checking-primitives-where-we-do-.patch: Use
  overflow-safe arithmetic primitives when performing allocations
  based on the results of operations that might overflow
- 0094-hfsplus-fix-two-more-overflows.patch: Fix integer overflows in
  hfsplus
- 0095-lvm-fix-two-more-potential-data-dependent-alloc-over.patch: Fix
  more potential integer overflows in lvm
- CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
  * SECURITY UPDATE: Use-after-free when executing a command that causes
a currently executing function to be redefined.
- 0092-script-Remove-unused-fields-from-grub_script_functio.patch:
  Remove unused fields from grub_script_function
- 0093-script-Avoid-a-use-after-free-when-redefining-a-func.patch:
  Avoid a use-after-free when redefining a function during execution
- CVE-2020-15706
  * SECURITY UPDATE: Integer overflows that could result in heap buffer
allocations that were too small and subsequent heap buffer overflows
during initrd loading.
- 0105-linux-Fix-integer-overflows-in-initrd-size-handling.patch: Fix
  integer overflows in initrd size handling
- 0106-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch: Fix
  integer overflows in linuxefi grub_cmd_initrd
- CVE-2020-15707
  * Various fixes as a result of code review and static analysis:
- 0087-iso9660-Don-t-leak-memory-on-realloc-failures.patch: Fix a
 memory leak on realloc failures when processing symbolic links
- 0088-font-Do-not-load-more-than-one-NAME-section.patch: Fix a
  memory leak when processing font files with more than one NAME
  section
- 0089-gfxmenu-Fix-double-free-in-load_image.patch: Zero self->bitmap
  after it is freed in order to avoid a potential double free later on
- 0090-lzma-Make-sure-we-don-t-dereference-past-array.patch: Fix an
  out-of-bounds read in LzmaEncode
- 0091-tftp-Do-not-use-priority-queue.patch: Refactor tftp to not use
  priority queues and fix a double free
- 0096-efi-fix-some-malformed-device-path-arithmetic-errors.patch: Fix
  various arithmetic errors with malformed device paths
- 0098-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch: Fix
  a NULL deref in the chainloader command introduced by a previous
  patch
- 0100-chainloader-Avoid-a-double-free-when-validation-fail.patch:
  Avoid a double free in the chainloader command when validation fails
- 0101-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch:
  Protect grub_relocator_alloc_chunk_addr input arguments against
  integer overflow / underflow
- 0102-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch:
  Protect grub_relocator_alloc_chunk_align max_addr argument against
  integer underflow
- 0103-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch: Fix
  grub_relocator_alloc_chunk_align top memory allocation
- 0104-linux-loader-avoid-overflow-on-initrd-size-calculati.patch:
  Avoid overflow on initrd size calculation
  * debian/patches/linuxefi_disable_sb_fallback.patch: Disallow unsigned
kernels if UEFI Secure Boot is enabled.  If UEFI Secure Boot is enabled
and kernel signature verification fails, do not boot the kernel. Patch
from Linn Crosetto. (LP: #1401532)
  * ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch:
- Make the linux command in EFI grub always try EFI handover

  [ Dimitri John Ledkov ]
  * SECURITY UPDATE: Grub does not enforce kernel signature validation
when the shim protocol isn't present.
- 0097-linuxefi-fail-kernel-validation-without-shim-protoco.patch:
  Fail kernel validation if the shim protocol isn't available
- CVE-2020-15705

Date: Mon, 20 Jul 2020 21:28:33 +0100
Changed-By: Chris Coulson 
Maintainer: Launchpad Build Daemon 

Format: 1.8
Date: Mon, 20 Jul 2020 21:28:33 +0100
Source: grub2
Binary: grub2 grub-linuxbios grub-efi grub-common grub2-common g

[ubuntu/xenial-updates] grub2_2.02~beta2-36ubuntu3.26_amd64.tar.gz - (Accepted)

[Chris Coulson]

grub2 (2.02~beta2-36ubuntu3.26) xenial; urgency=medium

  [ Chris Coulson ]
  * SECURITY UPDATE: Heap buffer overflow when encountering commands that
cannot be tokenized to less than 8192 characters.
- 0082-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch: Make
  fatal lexer errors actually be fatal
- CVE-2020-10713
  * SECURITY UPDATE: Multiple integer overflow bugs that could result in
heap buffer allocations that were too small and subsequent heap buffer
overflows when handling certain filesystems, font files or PNG images.
- 0083-safemath-Add-some-arithmetic-primitives-that-check-f.patch: Add
  arithmetic primitives that allow for overflows to be detected
- 0084-calloc-Make-sure-we-always-have-an-overflow-checking.patch:
  Make sure that there is always an overflow checking implementation
  of calloc() available
- 0085-calloc-Use-calloc-at-most-places.patch: Use calloc where
  appropriate
- 0086-malloc-Use-overflow-checking-primitives-where-we-do-.patch: Use
  overflow-safe arithmetic primitives when performing allocations
  based on the results of operations that might overflow
- 0094-hfsplus-fix-two-more-overflows.patch: Fix integer overflows in
  hfsplus
- 0095-lvm-fix-two-more-potential-data-dependent-alloc-over.patch: Fix
  more potential integer overflows in lvm
- CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
  * SECURITY UPDATE: Use-after-free when executing a command that causes
a currently executing function to be redefined.
- 0092-script-Remove-unused-fields-from-grub_script_functio.patch:
  Remove unused fields from grub_script_function
- 0093-script-Avoid-a-use-after-free-when-redefining-a-func.patch:
  Avoid a use-after-free when redefining a function during execution
- CVE-2020-15706
  * SECURITY UPDATE: Integer overflows that could result in heap buffer
allocations that were too small and subsequent heap buffer overflows
during initrd loading.
- 0105-linux-Fix-integer-overflows-in-initrd-size-handling.patch: Fix
  integer overflows in initrd size handling
- 0106-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch: Fix
  integer overflows in linuxefi grub_cmd_initrd
- CVE-2020-15707
  * Various fixes as a result of code review and static analysis:
- 0087-iso9660-Don-t-leak-memory-on-realloc-failures.patch: Fix a
 memory leak on realloc failures when processing symbolic links
- 0088-font-Do-not-load-more-than-one-NAME-section.patch: Fix a
  memory leak when processing font files with more than one NAME
  section
- 0089-gfxmenu-Fix-double-free-in-load_image.patch: Zero self->bitmap
  after it is freed in order to avoid a potential double free later on
- 0090-lzma-Make-sure-we-don-t-dereference-past-array.patch: Fix an
  out-of-bounds read in LzmaEncode
- 0091-tftp-Do-not-use-priority-queue.patch: Refactor tftp to not use
  priority queues and fix a double free
- 0096-efi-fix-some-malformed-device-path-arithmetic-errors.patch: Fix
  various arithmetic errors with malformed device paths
- 0098-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch: Fix
  a NULL deref in the chainloader command introduced by a previous
  patch
- 0100-chainloader-Avoid-a-double-free-when-validation-fail.patch:
  Avoid a double free in the chainloader command when validation fails
- 0101-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch:
  Protect grub_relocator_alloc_chunk_addr input arguments against
  integer overflow / underflow
- 0102-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch:
  Protect grub_relocator_alloc_chunk_align max_addr argument against
  integer underflow
- 0103-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch: Fix
  grub_relocator_alloc_chunk_align top memory allocation
- 0104-linux-loader-avoid-overflow-on-initrd-size-calculati.patch:
  Avoid overflow on initrd size calculation
  * debian/patches/linuxefi_disable_sb_fallback.patch: Disallow unsigned
kernels if UEFI Secure Boot is enabled.  If UEFI Secure Boot is enabled
and kernel signature verification fails, do not boot the kernel. Patch
from Linn Crosetto. (LP: #1401532)
  * ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch:
- Make the linux command in EFI grub always try EFI handover

  [ Dimitri John Ledkov ]
  * SECURITY UPDATE: Grub does not enforce kernel signature validation
when the shim protocol isn't present.
- 0097-linuxefi-fail-kernel-validation-without-shim-protoco.patch:
  Fail kernel validation if the shim protocol isn't available
- CVE-2020-15705

Date: Mon, 20 Jul 2020 21:28:33 +0100
Changed-By: Chris Coulson 
Maintainer: Launchpad Build Daemon 

Format: 1.8
Date: Mon, 20 Jul 2020 21:28:33 +0100
Source: grub2
Binary: grub2 grub-linuxbios grub-efi grub-common grub2-common g

[ubuntu/xenial-proposed] grub2_2.02~beta2-36ubuntu3.26_amd64.tar.gz - (Accepted)

[Chris Coulson]

grub2 (2.02~beta2-36ubuntu3.26) xenial; urgency=medium

  [ Chris Coulson ]
  * SECURITY UPDATE: Heap buffer overflow when encountering commands that
cannot be tokenized to less than 8192 characters.
- 0082-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch: Make
  fatal lexer errors actually be fatal
- CVE-2020-10713
  * SECURITY UPDATE: Multiple integer overflow bugs that could result in
heap buffer allocations that were too small and subsequent heap buffer
overflows when handling certain filesystems, font files or PNG images.
- 0083-safemath-Add-some-arithmetic-primitives-that-check-f.patch: Add
  arithmetic primitives that allow for overflows to be detected
- 0084-calloc-Make-sure-we-always-have-an-overflow-checking.patch:
  Make sure that there is always an overflow checking implementation
  of calloc() available
- 0085-calloc-Use-calloc-at-most-places.patch: Use calloc where
  appropriate
- 0086-malloc-Use-overflow-checking-primitives-where-we-do-.patch: Use
  overflow-safe arithmetic primitives when performing allocations
  based on the results of operations that might overflow
- 0094-hfsplus-fix-two-more-overflows.patch: Fix integer overflows in
  hfsplus
- 0095-lvm-fix-two-more-potential-data-dependent-alloc-over.patch: Fix
  more potential integer overflows in lvm
- CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
  * SECURITY UPDATE: Use-after-free when executing a command that causes
a currently executing function to be redefined.
- 0092-script-Remove-unused-fields-from-grub_script_functio.patch:
  Remove unused fields from grub_script_function
- 0093-script-Avoid-a-use-after-free-when-redefining-a-func.patch:
  Avoid a use-after-free when redefining a function during execution
- CVE-2020-15706
  * SECURITY UPDATE: Integer overflows that could result in heap buffer
allocations that were too small and subsequent heap buffer overflows
during initrd loading.
- 0105-linux-Fix-integer-overflows-in-initrd-size-handling.patch: Fix
  integer overflows in initrd size handling
- 0106-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch: Fix
  integer overflows in linuxefi grub_cmd_initrd
- CVE-2020-15707
  * Various fixes as a result of code review and static analysis:
- 0087-iso9660-Don-t-leak-memory-on-realloc-failures.patch: Fix a
 memory leak on realloc failures when processing symbolic links
- 0088-font-Do-not-load-more-than-one-NAME-section.patch: Fix a
  memory leak when processing font files with more than one NAME
  section
- 0089-gfxmenu-Fix-double-free-in-load_image.patch: Zero self->bitmap
  after it is freed in order to avoid a potential double free later on
- 0090-lzma-Make-sure-we-don-t-dereference-past-array.patch: Fix an
  out-of-bounds read in LzmaEncode
- 0091-tftp-Do-not-use-priority-queue.patch: Refactor tftp to not use
  priority queues and fix a double free
- 0096-efi-fix-some-malformed-device-path-arithmetic-errors.patch: Fix
  various arithmetic errors with malformed device paths
- 0098-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch: Fix
  a NULL deref in the chainloader command introduced by a previous
  patch
- 0100-chainloader-Avoid-a-double-free-when-validation-fail.patch:
  Avoid a double free in the chainloader command when validation fails
- 0101-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch:
  Protect grub_relocator_alloc_chunk_addr input arguments against
  integer overflow / underflow
- 0102-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch:
  Protect grub_relocator_alloc_chunk_align max_addr argument against
  integer underflow
- 0103-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch: Fix
  grub_relocator_alloc_chunk_align top memory allocation
- 0104-linux-loader-avoid-overflow-on-initrd-size-calculati.patch:
  Avoid overflow on initrd size calculation
  * debian/patches/linuxefi_disable_sb_fallback.patch: Disallow unsigned
kernels if UEFI Secure Boot is enabled.  If UEFI Secure Boot is enabled
and kernel signature verification fails, do not boot the kernel. Patch
from Linn Crosetto. (LP: #1401532)
  * ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch:
- Make the linux command in EFI grub always try EFI handover

  [ Dimitri John Ledkov ]
  * SECURITY UPDATE: Grub does not enforce kernel signature validation
when the shim protocol isn't present.
- 0097-linuxefi-fail-kernel-validation-without-shim-protoco.patch:
  Fail kernel validation if the shim protocol isn't available
- CVE-2020-15705

Date: Mon, 20 Jul 2020 21:28:33 +0100
Changed-By: Chris Coulson 
Maintainer: Launchpad Build Daemon 

Format: 1.8
Date: Mon, 20 Jul 2020 21:28:33 +0100
Source: grub2
Binary: grub2 grub-linuxbios grub-efi grub-common grub2-common g

[ubuntu/xenial-proposed] grub2_2.02~beta2-36ubuntu3.26_arm64.tar.gz - (Accepted)

[Chris Coulson]

grub2 (2.02~beta2-36ubuntu3.26) xenial; urgency=medium

  [ Chris Coulson ]
  * SECURITY UPDATE: Heap buffer overflow when encountering commands that
cannot be tokenized to less than 8192 characters.
- 0082-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch: Make
  fatal lexer errors actually be fatal
- CVE-2020-10713
  * SECURITY UPDATE: Multiple integer overflow bugs that could result in
heap buffer allocations that were too small and subsequent heap buffer
overflows when handling certain filesystems, font files or PNG images.
- 0083-safemath-Add-some-arithmetic-primitives-that-check-f.patch: Add
  arithmetic primitives that allow for overflows to be detected
- 0084-calloc-Make-sure-we-always-have-an-overflow-checking.patch:
  Make sure that there is always an overflow checking implementation
  of calloc() available
- 0085-calloc-Use-calloc-at-most-places.patch: Use calloc where
  appropriate
- 0086-malloc-Use-overflow-checking-primitives-where-we-do-.patch: Use
  overflow-safe arithmetic primitives when performing allocations
  based on the results of operations that might overflow
- 0094-hfsplus-fix-two-more-overflows.patch: Fix integer overflows in
  hfsplus
- 0095-lvm-fix-two-more-potential-data-dependent-alloc-over.patch: Fix
  more potential integer overflows in lvm
- CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
  * SECURITY UPDATE: Use-after-free when executing a command that causes
a currently executing function to be redefined.
- 0092-script-Remove-unused-fields-from-grub_script_functio.patch:
  Remove unused fields from grub_script_function
- 0093-script-Avoid-a-use-after-free-when-redefining-a-func.patch:
  Avoid a use-after-free when redefining a function during execution
- CVE-2020-15706
  * SECURITY UPDATE: Integer overflows that could result in heap buffer
allocations that were too small and subsequent heap buffer overflows
during initrd loading.
- 0105-linux-Fix-integer-overflows-in-initrd-size-handling.patch: Fix
  integer overflows in initrd size handling
- 0106-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch: Fix
  integer overflows in linuxefi grub_cmd_initrd
- CVE-2020-15707
  * Various fixes as a result of code review and static analysis:
- 0087-iso9660-Don-t-leak-memory-on-realloc-failures.patch: Fix a
 memory leak on realloc failures when processing symbolic links
- 0088-font-Do-not-load-more-than-one-NAME-section.patch: Fix a
  memory leak when processing font files with more than one NAME
  section
- 0089-gfxmenu-Fix-double-free-in-load_image.patch: Zero self->bitmap
  after it is freed in order to avoid a potential double free later on
- 0090-lzma-Make-sure-we-don-t-dereference-past-array.patch: Fix an
  out-of-bounds read in LzmaEncode
- 0091-tftp-Do-not-use-priority-queue.patch: Refactor tftp to not use
  priority queues and fix a double free
- 0096-efi-fix-some-malformed-device-path-arithmetic-errors.patch: Fix
  various arithmetic errors with malformed device paths
- 0098-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch: Fix
  a NULL deref in the chainloader command introduced by a previous
  patch
- 0100-chainloader-Avoid-a-double-free-when-validation-fail.patch:
  Avoid a double free in the chainloader command when validation fails
- 0101-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch:
  Protect grub_relocator_alloc_chunk_addr input arguments against
  integer overflow / underflow
- 0102-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch:
  Protect grub_relocator_alloc_chunk_align max_addr argument against
  integer underflow
- 0103-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch: Fix
  grub_relocator_alloc_chunk_align top memory allocation
- 0104-linux-loader-avoid-overflow-on-initrd-size-calculati.patch:
  Avoid overflow on initrd size calculation
  * debian/patches/linuxefi_disable_sb_fallback.patch: Disallow unsigned
kernels if UEFI Secure Boot is enabled.  If UEFI Secure Boot is enabled
and kernel signature verification fails, do not boot the kernel. Patch
from Linn Crosetto. (LP: #1401532)
  * ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch:
- Make the linux command in EFI grub always try EFI handover

  [ Dimitri John Ledkov ]
  * SECURITY UPDATE: Grub does not enforce kernel signature validation
when the shim protocol isn't present.
- 0097-linuxefi-fail-kernel-validation-without-shim-protoco.patch:
  Fail kernel validation if the shim protocol isn't available
- CVE-2020-15705

Date: Mon, 20 Jul 2020 21:28:33 +0100
Changed-By: Chris Coulson 
Maintainer: Launchpad Build Daemon 

Format: 1.8
Date: Mon, 20 Jul 2020 21:28:33 +0100
Source: grub2
Binary: grub2 grub-linuxbios grub-efi grub-common grub2-common g

[ubuntu/xenial-security] firefox 79.0+build1-0ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

firefox (79.0+build1-0ubuntu0.16.04.2) xenial; urgency=medium

  * Fix new autopkgtest's shebang so that it works in the virtualenv wrapper
- debian/tests/search-engines

firefox (79.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (79.0+build1)

  [ Olivier Tilloy ]
  * Remove obsolete search plugins and related patches and default settings.
These were added to upstream's Ubuntu distribution configuration
(https://bugzilla.mozilla.org/show_bug.cgi?id=1651330).
- debian/install-distribution-searchplugins.py
- debian/searchplugins/*.xml
- debian/config/searchplugins.conf
- debian/patches/no-region-overrides-for-google-search.patch
- debian/patches/partially-revert-google-search-update.patch
  * Update packaging scripts accordingly
- debian/distribution.ini
- debian/firefox.{dirs,install,links}.in
- debian/rules
  * Add a new autopkgtest that verifies that search engine customizations are
applied
- debian/tests/control
- debian/tests/search-engines

  [ Rico Tzschichholz ]
  * Lower requirement to python >= 3.5
- debian/patches/lower-python3-requirement.patch
  * Update patches
- debian/patches/fix-armhf-webrtc-build.patch
- debian/patches/unity-menubar.patch
  * Bump build-dep on rustc >= 1.43.0 and cargo >= 0.44
- debian/control{,.in}
  * Drop unnecessary patch to cleanup old distributions (LP: #1885903)
- debian/patches/cleanup-old-distribution-search-engines.patch

Date: 2020-07-27 16:06:17.177187+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/79.0+build1-0ubuntu0.16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] rustc 1.43.0+dfsg1+llvm-1~exp1ubuntu2~16.04.1 (Accepted)

[Chris Coulson]

) experimental; urgency=medium

  [ Fabian Grünbichler ]
  * Team upload.
  * New upstream release.

rustc (1.41.1+dfsg1-1) unstable; urgency=medium

  * Upload to unstable.

rustc (1.41.1+dfsg1-1~exp1) experimental; urgency=medium

  [ Ximin Luo ]
  * More python 2 -> 3 fixes.
  * Enable the wasm32-wasi target for code that needs a "real" libstd.
  * Don't strip static rlibs. This sometimes breaks wasm, and more generally
the stripped debuginfo is actually totally lost rather than being moved
into the -dbgsym packages. Shared libraries are unaffected and work.
  * Allow 180 failing tests on riscv64, none were actually run last time.

  [ Fabian Grünbichler ]
  * New upstream release.

rustc (1.41.0+dfsg1+llvm-0ubuntu2) focal; urgency=medium

  * Add riscv64 support:
- Add more rustc patches from Debian.
- Apply relevant llvm-toolchain-9 patches to the embedded llvm.
- debian/patches/riscv64-vendor-cc.diff: Update one last rustc lp64 ABI
  reference to lp64d.
- Avoid the LDFLAGS -latomic hacks from llvm-toolchain-9:
  - debian/patches/riscv64-atomic-fixes.patch: Fix libatomic detection for
riscv64.
  - debian/patches/dsymutil-atomic.patch: Link dsymutil with -latomic.

rustc (1.41.0+dfsg1+llvm-0ubuntu1) focal; urgency=medium

  * New upstream version (LP: #1856851)
  * Cherry-pick several commits from
https://salsa.debian.org/rust-team/rust/-/merge_requests/4,
thanks Fabian Grünbichler:
- convert orig Cargo.lock to v1 format
- d/patches: update for 1.41.0 import
- Update Files-Excluded for new upstream version 1.41.0
- d/update-version.sh: fix python3 compat
- drop patches which were applied upstream
- rebase and update patches
- don't attempt to install llvm codegen so
- update d/copyright
- update changelog and versions
  - (adjusted somewhat by me)

Date: 2020-06-24 01:05:17.881400+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/rustc/1.43.0+dfsg1+llvm-1~exp1ubuntu2~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] cargo 0.44.1-0ubuntu1~16.04.1 (Accepted)

[Chris Coulson]

cargo (0.44.1-0ubuntu1~16.04.1) xenial; urgency=medium

  * Backport to Xenial. (LP: #1876942)
  * Drop ssh_key_from_memory from the git2 default features, as that results
in the libgit2 build depending on a version of libssh2 that is too recent
- add debian/patches/git2-no-ssh_key_from_memory.patch
- update debian/patches/series
  * Do not use the http2 feature of the curl crate, and warn rather than fail
on errors caused by a too-old curl.
- add debian/patches/ignore-libcurl-errors.patch
- update debian/patches/series
  * Relax debhelper requirement.

cargo (0.44.1-0ubuntu1) groovy; urgency=medium

  * New upstream version. (LP: #1876942)
  * Update scripts/debian-cargo-vendor to invoke python3 and cope with V2
format Cargo.lock files.
  * Refresh patches.
  * Embed libgit2 1.0.0 which is not yet in Debian or Ubuntu.
- add debian/libgit2
- add debian/patches/use-system-libhttp-parser.patch
- update debian/control
- update debian/copyright
- update debiab/patches/series
- update debian/README.source
- update debian/rules

cargo (0.43.1-3ubuntu1) groovy; urgency=medium

  * Merge from Debian unstable (LP: #1876942): Remaining changes:
- Don't use the bootstrap.py script for bootstrapping as it no longer
  works.
  - remove debian/bootstrap.py
  - update debian/make_orig_multi.sh

cargo (0.43.1-3) unstable; urgency=medium

  * Reupload, actually include the fix described in the previous entry.

cargo (0.43.1-2) unstable; urgency=medium

  * cargo-debian-wrapper: don't install /usr/.crates2.json. (Closes: #958301)

cargo (0.43.1-1) unstable; urgency=medium

  [ Fabian Grünbichler ]
  * New upstream release.

cargo (0.42.0-0ubuntu2) groovy; urgency=medium

  * Cherry-pick commit from Debian to remove /usr/.crates2.json (LP: #1868517)

cargo (0.42.0-0ubuntu1) focal; urgency=medium

  * New upstream version. (LP: #1864174)
  * d/scripts/debian-cargo-vendor: use python3 not python.
  * d/patches/2002_disable-net-tests.patch: delete, tests no longer run
as part of build.
  * Refresh other patches.
  * d/patches/0001-Fix-tests-with-url-crate-update.patch: backport test
fix from upstream.
  * d/patches/0002-Fix-doc_target-test-which-no-longer-works-on-stable-.patch:
backport another test fix from upstream.

Date: 2020-06-24 19:54:13.466620+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/cargo/0.44.1-0ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.403ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.403ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.403)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-07-14 15:56:20.755321+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.403ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 78.0.2+build2-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (78.0.2+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (78.0.2+build2)

Date: 2020-07-10 13:27:19.300947+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/78.0.2+build2-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] thunderbird 1:68.10.0+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

thunderbird (1:68.10.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (68.10.0build1)

thunderbird (1:68.9.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (68.9.0build1)

thunderbird (1:68.8.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (68.8.1build1)

Date: 2020-07-01 14:08:22.977152+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/thunderbird/1:68.10.0+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 78.0.1+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (78.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (78.0.1+build1)

  * Undo the previous revert as the value for the search configuration setting
has been reverted upstream (https://bugzilla.mozilla.org/1649558)
- debian/vendor-firefox.js

firefox (78.0+build2-0ubuntu0.16.04.3) xenial; urgency=medium

  * Temporarily revert the switch to the modern search configuration in Firefox
78.0 until the search plugins have been updated (LP: #1885743)
- debian/vendor-firefox.js

firefox (78.0+build2-0ubuntu0.16.04.2) xenial; urgency=medium

  * Do not build with --enable-stdcxx-compat (not needed since we're statically
linking against libstdc++ from gcc-mozilla) (LP: #1885159)
- debian/config/mozconfig.in
  * Update patch to really statically link against libstdc++ from gcc-mozilla
- debian/patches/build-with-libstdc++-7.patch
  * Drop obsolete patches
- debian/patches/drop-check-glibc-symbols.patch
- debian/patches/drop-libstdcxx-check.patch

firefox (78.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (78.0+build2)

  [ Olivier Tilloy ]
  * Re-enable and update debian/patches/unity-menubar.patch
  * Update test expectation
- debian/tests/html5test

  [ Rico Tzschichholz ]
  * Handle ja-JP-mac locale
- update debian/config/locales.shipped
- update debian/config/searchplugins.conf
  * Drop obsolete patches
- debian/patches/ppc-drop-register.patch
  * Remove obsolete conf-flags
- debian/config/mozconfig.in
  * Update patches
- debian/patches/partially-revert-google-search-update.patch
- debian/patches/ubuntu-ua-string-changes.patch
- debian/patches/support-coinstallable-trunk-build.patch
  * Bump build-dep on nodejs-mozilla >= 10.21
- debian/control{,.in}
  * Drop python 2 build-dep
- debian/control{,.in}
  * Build required icudt67b.dat on s390x with /usr/sbin/icupkg
- debian/build/rules.mk
- debian/control{,.in}
  * Update cbindgen to 0.14.3
- debian/build/create-tarball.py

Date: 2020-07-01 08:28:14.940892+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/78.0.1+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] nodejs-mozilla 12.18.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

nodejs-mozilla (12.18.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release: 12.18.1

Date: 2020-06-25 16:28:15.059947+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/nodejs-mozilla/12.18.1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.387ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.387ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.387)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-06-09 13:34:19.090952+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.387ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20200609.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20200609.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.387)

Date: Tue, 09 Jun 2020 10:21:50 +0100
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20200609.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 09 Jun 2020 10:21:50 +0100
Source: adobe-flashplugin
Architecture: source
Version: 1:20200609.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20200609.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.387)
Checksums-Sha1:
 1c30185d758b9e970a8fdcee745850a90cc955ba 2063 
adobe-flashplugin_20200609.1-0ubuntu0.16.04.1.dsc
 e8aa5315c09a5aacbd44ee59f7c6079dd1f43a7c 8157 
adobe-flashplugin_20200609.1-0ubuntu0.16.04.1.diff.gz
 3e86238c0260551eadd32d8e2905211021afe605 12083 
adobe-flashplugin_20200609.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 f7d8a4e7775b95769b7d2f109ef4d28691b2ca6727252d09531616c5c1e5ecb8 2063 
adobe-flashplugin_20200609.1-0ubuntu0.16.04.1.dsc
 9df2f55ea73e76f397532b088ed8c78c67cd9d8a6958cf52beeef3ff4ae0caed 8157 
adobe-flashplugin_20200609.1-0ubuntu0.16.04.1.diff.gz
 243cc9a15bb371eb5391c27600ed9da6049f469e351d5f316756a389e3d8d644 12083 
adobe-flashplugin_20200609.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 aea037bdd3b5bc8b0d3a832b325bf1f3 2063 partner/web optional 
adobe-flashplugin_20200609.1-0ubuntu0.16.04.1.dsc
 06bac951132e2a484eeb4942e95e325f 8157 partner/web optional 
adobe-flashplugin_20200609.1-0ubuntu0.16.04.1.diff.gz
 40e07e874992b9f0b083ec7ea2638b33 12083 partner/web optional 
adobe-flashplugin_20200609.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 77.0.1+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (77.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (77.0.1+build1)

  * Minor fixes to the script that creates the source tarball for regressions
that were introduced by the port to Python 3
- debian/build/create-tarball.py

firefox (77.0+build3-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (77.0+build3)

firefox (77.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (77.0+build2)

firefox (77.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (77.0+build1)

  [ Olivier Tilloy ]
  * Update apparmor profile to allow lsb_release to run with more recent
versions of Python 3 (LP: #1861408)
- debian/usr.bin.firefox.apparmor.14.10
  * Re-enable and update debian/patches/unity-menubar.patch

  [ Rico Tzschichholz ]
  * Update cbindgen to 0.14.2
- debian/build/create-tarball.py
  * Update patches
- debian/patches/partially-revert-google-search-update.patch
- debian/patches/rust-drop-dll-checksums.patch
  * Drop obsolete patches
- debian/patches/add-missing-include-functional.patch

Date: 2020-06-03 15:18:31.753020+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/77.0.1+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] thunderbird 1:68.8.0+build2-0ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

thunderbird (1:68.8.0+build2-0ubuntu0.16.04.2) xenial; urgency=medium

  [ Dariusz Gadomski ]
  * Disable reading /proc/sys/crypto/fips_enabled if FIPS is not enabled on
build (LP: #1878155)

thunderbird (1:68.8.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (68.8.0build2)

  * Replace unique icon symlink by copies of all available sizes to the hicolor
theme to please the AppStream metadata generator (LP: #1639863)

Date: 2020-05-13 12:57:15.800622+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/thunderbird/1:68.8.0+build2-0ubuntu0.16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] json-c 0.11-4ubuntu2.2 (Accepted)

[Chris Coulson]

json-c (0.11-4ubuntu2.2) xenial-security; urgency=medium

  * Revert the security fixes and rebuild the old version (LP: #1878723)

json-c (0.11-4ubuntu2.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Integer overflows
- debian/patches/CVE-2020-12762-*.patch: fix a series of
  integer overflows adding checks in linkhash.c, printbuf.c.
- CVE-2020-12762

Date: 2020-05-15 11:27:15.783952+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/json-c/0.11-4ubuntu2.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.371ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.371ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.371)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-05-12 16:43:26.904770+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.371ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20200512.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20200512.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.371)

Date: Mon, 11 May 2020 22:35:44 +0100
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20200512.1-0ubuntu0.16.04.1
Format: 1.8
Date: Mon, 11 May 2020 22:35:44 +0100
Source: adobe-flashplugin
Architecture: source
Version: 1:20200512.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20200512.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.371)
Checksums-Sha1:
 88a4117ed5934edcc7088f7a6afae4c8e4275c06 2063 
adobe-flashplugin_20200512.1-0ubuntu0.16.04.1.dsc
 ac28d314ba2abb12c87d9ab48b73a09e576c0ec3 8131 
adobe-flashplugin_20200512.1-0ubuntu0.16.04.1.diff.gz
 e1cfc5857cd5c73dc9a4f9b5cf542d1b68cc9373 12071 
adobe-flashplugin_20200512.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 7defab82926eabc8b1ea18d2e0063bdbab14aba8dbd0e58d9ef8c9d60b893f3a 2063 
adobe-flashplugin_20200512.1-0ubuntu0.16.04.1.dsc
 6a47ec4ffe2eb3f5417d4ca8f2f8add588abc24e6455cca8a8b18c62b668763e 8131 
adobe-flashplugin_20200512.1-0ubuntu0.16.04.1.diff.gz
 d694565befc365a8793983903500bfb56db0b6c99064aecb3c1276772c0ec196 12071 
adobe-flashplugin_20200512.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 d63f1f44ebcf8338196cec7468dd43ea 2063 partner/web optional 
adobe-flashplugin_20200512.1-0ubuntu0.16.04.1.dsc
 84ab52f71268d6440fda1d884ccdc0c2 8131 partner/web optional 
adobe-flashplugin_20200512.1-0ubuntu0.16.04.1.diff.gz
 65f062e6ee403d314afda263464ed7de 12071 partner/web optional 
adobe-flashplugin_20200512.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 76.0.1+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (76.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (76.0.1+build1)

  * Ensure building with -g1 on armhf (and other 32bits architectures) to work
around memory exhaustion problems on Launchpad builders, and remove an old
workaround for a gcc bug (firefox is now built with clang)
- debian/config/mozconfig.in
  * Update existing patch to reduce the debuginfo level when compiling rust
code on s390x too, given how frequently launchpad builders run out of memory
- debian/patches/reduce-rust-debuginfo-on-selected-architectures.patch

Date: 2020-05-08 14:16:18.852557+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/76.0.1+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 81.0.4044.138-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (81.0.4044.138-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 81.0.4044.138
- CVE-2020-6831: Stack buffer overflow in SCTP.
- CVE-2020-6464: Type Confusion in Blink.

chromium-browser (81.0.4044.129-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 81.0.4044.129
- CVE-2020-6462: Use after free in task scheduling.
- CVE-2020-6461: Use after free in storage.

Date: 2020-05-06 07:33:26.999487+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/81.0.4044.138-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 76.0+build2-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (76.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (76.0+build2)

firefox (76.0+build1-0ubuntu0.16.04.2) xenial; urgency=medium

  * Replace hardcoded occurrence of "firefox" with $(MOZ_PKG_NAME)
- debian/build/rules.mk
  * Fix the extraction of langpack names on xenial
- debian/build/xpi-id.py

firefox (76.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (76.0+build1)

  [ Olivier Tilloy ]
  * Port packaging to python3
  * Update patch to fix build on xenial:
- debian/patches/build-with-libstdc++-7.patch
  * Update debian/patches/unity-menubar.patch
  * Fail early in the source tarball creation process if some required external
dependencies are missing
- debian/build/create-tarball.py
  * Ignore comment nodes in menu definitions (the same fix was applied in
thunderbird to fix a crash when using the enigmail extension in conjunction
with the global menu, see LP: #1846882)
  * Replace hicolor icon symlinks by copies to please the AppStream metadata
generator (LP: #1639863)

  [ Rico Tzschichholz ]
  * Update cbindgen to 0.14.1
- debian/build/create-tarball.py
  * Update patches
- debian/patches/ubuntu-ua-string-changes.patch
- debian/patches/cleanup-old-distribution-search-engines.patch
  * Drop obsolete patches
- debian/patches/bug1622013-vpx-mmx.diff
- debian/patches/mark-distribution-search-engines-as-read-only.patch
- debian/patches/s390x-authenticator.patch
  * Separately installed browser/blocklist.xml was removed
- debian/firefox.install.in

  [ Simon Déziel ]
  * Use preferred syntax for declaring apparmor profile
- debian/usr.bin.firefox.apparmor.14.10

Date: 2020-04-30 11:59:17.432516+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/76.0+build2-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 81.0.4044.122-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (81.0.4044.122-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 81.0.4044.122
- CVE-2020-6459: Use after free in payments.
- CVE-2020-6460: Insufficient data validation in URL formatting.
- CVE-2020-6458: Out of bounds read and write in PDFium.

chromium-browser (81.0.4044.113-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 81.0.4044.113
- CVE-2020-6457: Use after free in speech recognizer.

chromium-browser (81.0.4044.92-0ubuntu0.16.04.6) xenial; urgency=medium

  * debian/patches/use-old-mesa.patch: added

chromium-browser (81.0.4044.92-0ubuntu0.16.04.5) xenial; urgency=medium

  * debian/patches/define-libdrm-missing-identifier.patch: renamed to
debian/patches/define-libdrm-missing-identifiers.patch and updated

chromium-browser (81.0.4044.92-0ubuntu0.16.04.4) xenial; urgency=medium

  * debian/patches/define-libdrm-missing-identifier.patch: updated

chromium-browser (81.0.4044.92-0ubuntu0.16.04.3) xenial; urgency=medium

  * debian/patches/define-libdrm-missing-identifier.patch: updated

chromium-browser (81.0.4044.92-0ubuntu0.16.04.2) xenial; urgency=medium

  * debian/patches/define-libdrm-missing-identifier.patch: added

chromium-browser (81.0.4044.92-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 81.0.4044.92
- CVE-2020-6454: Use after free in extensions.
- CVE-2020-6423: Use after free in audio.
- CVE-2020-6455: Out of bounds read in WebSQL.
- CVE-2020-6430: Type Confusion in V8.
- CVE-2020-6456: Insufficient validation of untrusted input in clipboard.
- CVE-2020-6431: Insufficient policy enforcement in full screen.
- CVE-2020-6432: Insufficient policy enforcement in navigations.
- CVE-2020-6433: Insufficient policy enforcement in extensions.
- CVE-2020-6434: Use after free in devtools.
- CVE-2020-6435: Insufficient policy enforcement in extensions.
- CVE-2020-6436: Use after free in window management.
- CVE-2020-6437: Inappropriate implementation in WebView.
- CVE-2020-6438: Insufficient policy enforcement in extensions.
- CVE-2020-6439: Insufficient policy enforcement in navigations.
- CVE-2020-6440: Inappropriate implementation in extensions.
- CVE-2020-6441: Insufficient policy enforcement in omnibox.
- CVE-2020-6442: Inappropriate implementation in cache.
- CVE-2020-6443: Insufficient data validation in developer tools.
- CVE-2020-6444: Uninitialized Use in WebRTC.
- CVE-2020-6445: Insufficient policy enforcement in trusted types.
- CVE-2020-6446: Insufficient policy enforcement in trusted types.
- CVE-2020-6447: Inappropriate implementation in developer tools.
- CVE-2020-6448: Use after free in V8.
  * debian/control:
- add libgbm-dev as a build dependency, required since
  https://chromium.googlesource.com/chromium/src/+/ff8d22e
- build-depend on clang-8 and llvm-8, which are now in xenial-updates
- build-depend on gcc-mozilla 7, to build gn with C++ 17 support
  * debian/rules: build gn with clang 8, and statically link against
gcc-mozilla's libstdc++
  * debian/patches/chromium_useragent.patch: refreshed
  * debian/patches/closure-compiler-java-no-client-vm.patch: refreshed
  * debian/patches/constexpr-errors-with-old-clang.patch: removed, no longer
needed
  * debian/patches/define__libc_malloc.patch: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-extra-arflags.patch: removed, no longer needed
  * debian/patches/gn-experimental-string_view.patch: removed, no longer needed
  * debian/patches/gn-no-last-commit-position.patch: refreshed
  * debian/patches/no-new-ninja-flag.patch: refreshed
  * debian/patches/relax-ninja-version-requirement.patch: refreshed
  * debian/patches/search-credit.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: updated
  * debian/patches/upstream-fix-build-atk-226.patch: added
  * debian/patches/use-clang-versioned.patch: updated

Date: 2020-04-22 17:40:15.801366+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/81.0.4044.122-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] enigmail 2:2.1.6+ds1-1~ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

enigmail (2:2.1.6+ds1-1~ubuntu0.16.04.1) xenial; urgency=medium

  * Backport to xenial
- relax build dependency on debhelper
- relax runtime dependency on gnupg

enigmail (2:2.1.6+ds1-1) unstable; urgency=medium

  * new upstream release
  * drop patches already applied upstream
  * include more patches from upstream

enigmail (2:2.1.5+ds1-1) unstable; urgency=medium

  * new upstream release
  * drop patches already upstreamed
  * drop workaround for util/Preprocessor.py, since it is not used any longer
  * refresh patches
  * import bugfixes from upstream
  * fix parallel build
  * drop unnecessary debian/source/include-binaries
  * drop shlibs:Depends, since enigmail is now arch: all
  * standards-version: bump to 4.5.0 (no changes needed)

enigmail (2:2.1.3+ds1-4) unstable; urgency=medium

  * convert to python3
  * convert unit tests to python3 as well
  * wrap-and-sort -ast

enigmail (2:2.1.3+ds1-3) unstable; urgency=medium

  * d/tests: permit stderr on tbird-sqlite

enigmail (2:2.1.3+ds1-2) unstable; urgency=medium

  * Address autopkgtest failures (Closes: #944216)

enigmail (2:2.1.3+ds1-1) unstable; urgency=medium

  * new upstream version (closes: #933832)
  * prepare to exclude more pieces of OpenPGP.js from upstream
  * upstream renamed the openpgp.worker javascript file
  * standards-version: bump to 4.4.1 (no changes needed)
  * drop mozilla-devscripts due to lack of install.rdf
  * strip out config.guess and config.sub when importing orig tarballs
  * refresh patches
  * strip even more OpenPGP.js when building
  * build in build-tb/ instead of build/
  * d/copyright: drop unnecessary stanzas
  * enigmail 2.1.3 needs thunderbird 68
  * d/run-tests: adapt to enigmail 2.1 test practices
  * use thunderbird --headless and rely on main.js to identify jsunit test
  * Avoid testing dependency on X11 for sqlite
  * ensure that we see some output when testing.
  * JSUnit is provided globally if jsunit 0.2.2 is installed
  * make unit test run without xvfb
  * always use system config.{guess,sub}
  * whittle down errors in the test suite

enigmail (2:2.0.12+ds1-1) unstable; urgency=medium

  * new upstream release
  * refresh patches, dropping those already upstream
  * Standards-Version: bump to 4.4.0 (no changes needed)
  * move to debhelper 12

enigmail (2:2.0.11+ds1-2) unstable; urgency=medium

  * minimize legacy-display protected headers for encrypted mails

enigmail (2:2.0.11+ds1-1) unstable; urgency=medium

  * new upstream release
  * refresh patches
  * use the older import-show with --dry-run instead of show-only

enigmail (2:2.0.10+ds1-1) unstable; urgency=medium

  * new upstream release
  * refresh patches, dropping those already upstream
  * cherry-pick .da locale bugfix from upstream
  * standards-version: bump to 4.3.0 (no changes needed)
  * note correct permissive licensing for appstream metadata

enigmail (2:2.0.9+ds1-2) unstable; urgency=medium

  * avoid spoofed HTTP authentication prompts during WKD

enigmail (2:2.0.9+ds1-1) unstable; urgency=medium

  * new upstream release
  * refresh patches (majority adopted upstream already)

enigmail (2:2.0.8-5) unstable; urgency=medium

  * avoid auto-update mechanisms during autopkgtest
  * more cleanup fixes for enigmail test suite
  * avoid touching the GnuPG keyring when parsing unknown keys.

enigmail (2:2.0.8-4) unstable; urgency=medium

  * disable telemetry during autopkgtest
  * add times.json to the autopkgtest default profile.
  * Drop enigmail plugin from autopkgtest jsunit/sqlite test
  * create simple profile during sqlite autopkgtest

enigmail (2:2.0.8-3) unstable; urgency=medium

  * Avoid stderr on sqlite test during autopkgtest.

enigmail (2:2.0.8-2) unstable; urgency=medium

  * refresh patches
  * fix minimal key generation (pushed upstream, not yet released)
  * drop "Fix test in streams-test.js" (TB 52 → 60 changes result?)
  * Test autocrypt-style key minimization (pushed upstream, not yet
released)
  * drop "correct keyserverUris" change (maybe also TB 52 → 60)
  * import minor bugfixes from upstream
  * prepare subprocesses to handle multiple file descriptors
  * complete transition from OpenPGP.js to GnuPG (Closes: #908510)
  * Standards-Version: bump to 4.2.1 (no changes needed)

enigmail (2:2.0.8-1) unstable; urgency=medium

  * New upstream version (closes: 907786)

Date: 2020-04-16 14:29:17.070479+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/enigmail/2:2.1.6+ds1-1~ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] thunderbird 1:68.7.0+build1-0ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

thunderbird (1:68.7.0+build1-0ubuntu0.16.04.2) xenial; urgency=medium

  * Ignore comment nodes in menu definitions, thus preventing a crash when
using the enigmail extension in conjuction with the global menu
(LP: #1846882)
- debian/patches/unity-menubar.patch

thunderbird (1:68.7.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (68.7.0build1)

  * Fail early in the source tarball creation process if some required external
dependencies are missing
- debian/build/create-tarball.py

thunderbird (1:68.5.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (68.5.0build1)

  * Use the upstream Build ID, to ensure it is the same across Ubuntu releases
for a given thunderbird version (LP: #1851936)
- debian/build/create-tarball.py
- debian/build/rules.mk
- debian/config/mozconfig.in

thunderbird (1:68.4.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (68.4.1build1)

  * Vendor cbindgen and its dependencies in the source tarball, because it's
not available in Debian/Ubuntu yet
- update debian/build/create-tarball.py
- update debian/build/rules.mk
- update debian/config/mozconfig.in
- update debian/config/tarball.conf
  * Bump build dependency on rustc >= 1.34.0 and cargo >= 0.35
- update debian/control{,.in}
  * Add a build dependency on Node.js 8.11
- update debian/control{,.in}
  * Add a build dependency on nasm 2.13.02
- update debian/control{,.in}
  * Update exclusion patterns to remove outdated entries and to trim down the
final size of the source tarball
- update debian/config/tarball.conf
  * Do not install obsolete extension
- update debian/thunderbird.install.in
  * Update patches
- update debian/patches/reduce-rust-debuginfo-on-32bit-architectures.patch
- update debian/patches/rust-drop-dll-checksums.patch
- update debian/patches/support-coinstallable-trunk-build.patch
- update debian/patches/unity-menubar.patch
  * Remove obsolete patches
- remove debian/patches/dont-treat-tilde-as-special.patch
- remove debian/patches/fix-missing-docs-error.patch
- remove debian/patches/skia-big-endian.patch
  * Stop building and remove thunderbird-globalmenu (LP: #1834866)
  * Fix build on armhf by disabling unaligned FP accesses emulation
- add debian/patches/armhf-disable-unaligned-fp-access-emulation.patch
  * Reduce the memory used by the linking process on armhf, to work around
build failures on launchpad
- add debian/patches/armhf-reduce-linker-memory-use.patch
  * Update shipped locales (adding cak, ka, uz)
- update debian/config/locales.{all,shipped}
- update debian/control
  * Build with clang
- update debian/config/mozconfig.in
- update debian/control{,.in}
- add debian/patches/armhf-clang-no-integrated-as-for-neon.patch
- add debian/patches/ppc64el-workaround-bug-131.patch
- add debian/patches/s390x-fix-hidden-symbol.patch
  * Ensure that external dictionaries are still loaded (LP: #1847247)
- debian/thunderbird.sh.in
  * Export MOZ_SOURCE_REPO and MOZ_SOURCE_CHANGESET during the configure step
as this is now mandatory for the build system to determine and expose the
comm repository and revision used to generate the source tarball
(see https://bugzilla.mozilla.org/show_bug.cgi?id=1507754)
- debian/build/create-tarball.py
- debian/build/rules.mk
  * Fix the repacking of lightning with all locales (the artifact was renamed
to lightning.xpi, see https://bugzilla.mozilla.org/show_bug.cgi?id=1588659)
- debian/build/rules.mk
  * Fix creating the source tarball with recent versions of cargo
- debian/build/create-tarball.py

thunderbird (1:60.9.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (60.9.1build1) (LP: #1850651)

Date: 2020-04-17 20:12:14.192124+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/thunderbird/1:68.7.0+build1-0ubuntu0.16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.363ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.363ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.363)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-04-14 17:04:55.835443+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.363ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20200414.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20200414.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.363)

Date: Tue, 14 Apr 2020 17:44:46 +0100
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20200414.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 14 Apr 2020 17:44:46 +0100
Source: adobe-flashplugin
Architecture: source
Version: 1:20200414.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20200414.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.363)
Checksums-Sha1:
 89c1961ff9ec910e304112e08462d12120737003 2062 
adobe-flashplugin_20200414.1-0ubuntu0.16.04.1.dsc
 2caaae13424a59bc572ec37dff7919e0fa693926 8111 
adobe-flashplugin_20200414.1-0ubuntu0.16.04.1.diff.gz
 3ebccc7f61a18af34b77ad58b1a964da405dccd2 11743 
adobe-flashplugin_20200414.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 2dfe663ef93289eaf7dfaa861cad53055d9250ce699c80282b953bb4a4cae68d 2062 
adobe-flashplugin_20200414.1-0ubuntu0.16.04.1.dsc
 6f1e2d24b460bf1fce2650ed3429906d832c48cbca5c38b967f596442f9d1197 8111 
adobe-flashplugin_20200414.1-0ubuntu0.16.04.1.diff.gz
 2551a916a1830bd070a8a85dde787e00d45e71845b3b07182274d6cceeb098dd 11743 
adobe-flashplugin_20200414.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 80feaa3a40129705dbcda33ecb29fcdd 2062 partner/web optional 
adobe-flashplugin_20200414.1-0ubuntu0.16.04.1.dsc
 f0d1056fc751c840da77dd8dfd6af3ff 8111 partner/web optional 
adobe-flashplugin_20200414.1-0ubuntu0.16.04.1.diff.gz
 42567c08ed03dfc94c659293be5f86d3 11743 partner/web optional 
adobe-flashplugin_20200414.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] nasm-mozilla 2.14.02-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

nasm-mozilla (2.14.02-0ubuntu0.16.04.1) xenial; urgency=medium

  * Backport nasm 2.14 to xenial for building Firefox

nasm (2.14.02-1) unstable; urgency=medium

  * New upstream release
  * d/control: Update standards version to 4.4.0
  * debian: Increase debhelper to 12

nasm (2.14-1) unstable; urgency=medium

  * d/patches: Rebase patches for 2.14
  * d/control: Upgrade standards-version to 4.2.1

nasm (2.13.03-2) unstable; urgency=medium

  * d/gbp.conf: Add git buildpackage config file
  * d/patches: Fix lintian spelling warning (attachement)
  * d/control: Update Standards-Version to 4.2.0
  * d/patches: Cherry-pick gcc-8 fixes from upstream. (Closes: #897817)

nasm (2.13.03-1) unstable; urgency=low

  * New upstream release
  * Remove trailing whitespace from changelog
  * Remove doc-base for lintian doc-base-file-references-missing-file.
Closes: #890234.
  * d/control: Add Vcs-Git and Vcs-Browser
  * d/control: Update to compat/debhelper 11
  * d/control: Update to Standards-Version 4.1.4
  * d/watch: Use https for www.nasm.us (fixes debian-watch-uses-insecure-uri)

nasm (2.13.02-0.1) unstable; urgency=medium

  * Non-maintainer upload.
  * New upstream version.
- Addresses CVE-2017-14228. Closes: #874731.
- Addresses CVE-2017-1 CVE-2017-10686. Closes: #867988.
  * Bump standards version.

Date: 2020-04-01 13:10:16.776500+00:00
Changed-By: Rico Tzschichholz 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/nasm-mozilla/2.14.02-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] nodejs-mozilla 12.16.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

nodejs-mozilla (12.16.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream release: 12.16.1

Date: 2020-04-01 13:04:14.681555+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/nodejs-mozilla/12.16.1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] cargo 0.42.0-0ubuntu1~16.04.1 (Accepted)

[Chris Coulson]

cargo (0.42.0-0ubuntu1~16.04.1) xenial; urgency=medium

  * Backport to Xenial. (LP: #1856851)
  * Embed libgit2 0.28.3 to avoid a dependency on a version which is newer
than that found in disco
- add debian/libgit2
- add debian/patches/libgit2-0.28-compat.patch
- add debian/patches/use-system-libhttp-parser.patch
- update debian/control
- update debian/copyright
- update debiab/patches/series
- update debian/README.source
- update debian/rules
  * Drop ssh_key_from_memory from the git2 default features, as that results
in the libgit2 build depending on a version of libssh2 that is too recent
- add debian/patches/git2-no-ssh_key_from_memory.patch
- update debian/patches/series
  * Do not use the http2 feature of the curl crate, and warn rather than fail
on errors caused by a too-old curl.
- add debian/patches/ignore-libcurl-errors.patch
- update debian/patches/series

cargo (0.42.0-0ubuntu1) focal; urgency=medium

  * New upstream version. (LP: #1864174)
  * d/scripts/debian-cargo-vendor: use python3 not python.
  * d/patches/2002_disable-net-tests.patch: delete, tests no longer run
as part of build.
  * Refresh other patches.
  * d/patches/0001-Fix-tests-with-url-crate-update.patch: backport test
fix from upstream.
  * d/patches/0002-Fix-doc_target-test-which-no-longer-works-on-stable-.patch:
backport another test fix from upstream.

cargo (0.41.0-0ubuntu1) focal; urgency=medium

  * "Merge" from Salsa merge request updating to 0.41.0
https://salsa.debian.org/rust-team/cargo/-/merge_requests/3.
Remaining changes:
- Don't use the bootstrap.py script for bootstrapping as it no longer
  works.
  - remove debian/bootstrap.py
  - update debian/make_orig_multi.sh
  * Dropped change, libstd bug fixed:
- Disable test tool_paths::custom_runner which fails every now and again
  because of a libstd bug (https://github.com/rust-lang/rust/issues/55242)
  - add debian/patches/disable-tool_paths-custom_runner.patch
  - update debian/patches/series
  * Dropped change, equivalent change now in Debian:
- Disable fetch tests on non x86/x86-64 architectures, as those hit an
  unreachable!() in test code. Disable the Debian patch that disables these
  tests on every architecture
  - add debian/patches/disable-fetch-tests-on-non-x86.patch
  - update debian/patches/series
  * Dropped change, test no longer run by upstream build:
   - Disable the large_conflict_cache test on non-x86
 - add debian/patches/disable-large_conflict_cache-test-on-non-x86.patch
 - update debian/patches/series
  * Disable filter_platform test on !x86 as it hits an unreachable!
- add debian/patches/disable-filter_platform-test-on-non-x86.patch
- update debian/patches/series

cargo (0.40.0-3ubuntu2) focal; urgency=medium

  * No-change rebuild with fixed binutils on arm64.

cargo (0.40.0-3ubuntu1) focal; urgency=low

  * Merge from Debian unstable.  Remaining changes:
- Disable fetch tests on non x86/x86-64 architectures, as those hit an
  unreachable!() in test code. Disable the Debian patch that disables
  these tests on every architecture
  - add debian/patches/disable-fetch-tests-on-non-x86.patch
- Don't use the bootstrap.py script for bootstrapping as it no longer
  works.
  - remove debian/bootstrap.py
  - update debian/make_orig_multi.sh
- Disable the large_conflict_cache test on non-x86
  - add debian/patches/disable-large_conflict_cache-test-on-non-x86.patch
  - update debian/patches/series
- Disable test tool_paths::custom_runner which fails every now and again
  because of a libstd bug (https://github.com/rust-lang/rust/issues/55242)
  - add debian/patches/disable-tool_paths-custom_runner.patch
  - update debian/patches/series
  * Dropped changes, included in Debian:
- d/patches/0001-Don-t-fail-if-we-can-t-acquire-readonly-lock.patch,
  d/patches/1001_vendor_serde_atomic-compat.patch: remove, applied
  upstream
- d/patches/2001_more_portable_rustflags.patch: Delete, applied
  upstream.
  * Dropped changes, included upstream:
- Cherry pick fixes to tests for compatibility with toml 0.5.3.
  * Drop bundled libgit2, as Ubuntu now has 0.28.3 which meets the minimum
requirements.
  * Bump the versioned build-dependency on libgit2-dev.
  * debian/patches/disable-fetch-tests-on-non-x86.patch: update.

Date: 2020-03-03 10:28:14.192236+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/cargo/0.42.0-0ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] rustc 1.41.0+dfsg1+llvm-0ubuntu1~16.04.1 (Accepted)

[Chris Coulson]

rustc (1.41.0+dfsg1+llvm-0ubuntu1~16.04.1) xenial; urgency=medium

  * Backport to Xenial. (LP: #1856851)
  * Relax the gdb build requirement
- update debian/control
  * Relax the dependency on xz-utils by commenting out some unused code
- add debian/patches/d-relax-xz-utils-dependency.patch
- update debian/patches/series
  * Disable multithreaded compressor in rust-installer
- adds debian/patches/d-rust-installer-no-threaded-compressor.patch
- updates debian/patches/series
  * Build with clang on armhf to avoid crashes in stage1 compiler
- updates debian/control
- updates debian/rules

rustc (1.41.0+dfsg1+llvm-0ubuntu1) focal; urgency=medium

  * New upstream version (LP: #1856851)
  * Cherry-pick several commits from
https://salsa.debian.org/rust-team/rust/-/merge_requests/4,
thanks Fabian Grünbichler:
- convert orig Cargo.lock to v1 format
- d/patches: update for 1.41.0 import
- Update Files-Excluded for new upstream version 1.41.0
- d/update-version.sh: fix python3 compat
- drop patches which were applied upstream
- rebase and update patches
- don't attempt to install llvm codegen so
- update d/copyright
- update changelog and versions
  - (adjusted somewhat by me)

rustc (1.40.0+dfsg1+llvm-5ubuntu1) focal; urgency=medium

  * Merge from Debian unstable (LP #1856851). Remaining changes:
- Use the bundled llvm to avoid having to do llvm updates in order to
  deliver rust updates
  - update debian/config.toml.in
  - update debian/control
  - update debian/copyright
  - update debian/rules
- Build-Depend on libc6-dbg on armhf, to workaround a crash in ld.so
  during some debuginfo tests
  - update debian/control
- Add a hack to ensure the stage0 compiler is extracted to the correct
  location
  - update debian/make_orig-stage0_tarball.sh
- Scrub -g from CFLAGS and CXXFLAGS in order to let rustbuild control
  whether LLVM is compiled with debug symbols
  - update debian/rules
- On i386, only build debuginfo for libstd
  - update debian/rules
- Ignore all test failures on every architecture
  - update debian/rules
- Version the Build-Conflict on gdb-minimal as gdb now Provides it
  - update debian/control
- Adjust the rustc Breaks/Replaces libstd-rust-dev version to fix an
  upgrade issue
  - update debian/control
- Adjust debian/watch to include +llvm in upstream version.
  - update debian/watch
- Add Build-Depends-Indep: libssl-dev
  * Dropped change, now fixed in Debian:
- Run build scripts with Python 3.

rustc (1.40.0+dfsg1-5) unstable; urgency=medium

  * More python 2 -> 3 fixes.
  * Allow 24 failing tests on riscv64.
  * Reenable debuginfo for rustc, not just libstd.
  * Reenable backtraces during tests.

rustc (1.40.0+dfsg1-4) unstable; urgency=medium

  * Experimental riscv64 support.

rustc (1.40.0+dfsg1-3) unstable; urgency=medium

  * Work around upstream #59264 again. :/

rustc (1.40.0+dfsg1-2) unstable; urgency=medium

  * Fix more internal build scripts so they use python3.
  * Don't add -L/usr/lib/llvm when cross-compiling. (Closes: #941783)

rustc (1.40.0+dfsg1-1) unstable; urgency=medium

  * Upload to unstable.
  * Ignore new test failing on arm that also fails in previous versions.

rustc (1.40.0+dfsg1-1~exp1) experimental; urgency=medium

  * New upstream release.

rustc (1.39.0+dfsg1+llvm-3ubuntu1) focal; urgency=medium

  * Merge from Debian unstable (LP #1856851). Remaining changes:
- Use the bundled llvm to avoid having to do llvm updates in order to
  deliver rust updates
  - update debian/config.toml.in
  - update debian/control
  - update debian/copyright
  - update debian/rules
- Build-Depend on libc6-dbg on armhf, to workaround a crash in ld.so
  during some debuginfo tests
  - update debian/control
- Add a hack to ensure the stage0 compiler is extracted to the correct
  location
  - update debian/make_orig-stage0_tarball.sh
- Scrub -g from CFLAGS and CXXFLAGS in order to let rustbuild control
  whether LLVM is compiled with debug symbols
  - update debian/rules
- On i386, only build debuginfo for libstd
  - update debian/rules
- Ignore all test failures on every architecture
  - update debian/rules
- Version the Build-Conflict on gdb-minimal as gdb now Provides it
  - update debian/control
- Adjust the rustc Breaks/Replaces libstd-rust-dev version to fix an
  upgrade issue
  - update debian/control
- Adjust debian/watch to include +llvm in upstream version.
  - update debian/watch
- Add Build-Depends-Indep: libssl-dev
  * Run build scripts with Python 3.

Date: 2020-03-03 04:04:16.103918+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/rustc/1.41.0+dfsg1+llvm-0ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-chan

[ubuntu/xenial-security] firefox 75.0+build3-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (75.0+build3-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (75.0+build3)

firefox (75.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (75.0+build2)

firefox (75.0+build1-0ubuntu0.16.04.2) xenial; urgency=medium

  * Fix a build failure on ppc64el and s390x caused by a missing #include:
- debian/patches/add-missing-include-functional.patch

firefox (75.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (75.0+build1)

  [ Rico Tzschichholz ]
  * Bump build-dep on nasm-mozilla >= 2.14.02
- debian/control{,.in}
  * Bump build-dep on nodejs-mozilla >= 10.19
- debian/control{,.in}
  * Bump build-dep on rustc >= 1.41.0 and cargo >= 0.42
- debian/control{,.in}
  * Use clang 10 if available
- debian/control{,.in}
- debian/build/rules.mk
  * Update cbindgen to 0.13.2
- debian/build/create-tarball.py
  * Don't check for sufficient libstdcxx, it is known that is isn't
- debian/patches/drop-libstdcxx-check.patch
  * Fix i386 build
- debian/patches/bug1622013-vpx-mmx.diff

Date: 2020-04-03 21:09:21.938854+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/75.0+build3-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 80.0.3987.163-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (80.0.3987.163-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 80.0.3987.163

chromium-browser (80.0.3987.162-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 80.0.3987.162
- CVE-2020-6450: Use after free in WebAudio.
- CVE-2020-6451: Use after free in WebAudio.
- CVE-2020-6452: Heap buffer overflow in media.

Date: 2020-04-04 14:40:15.095190+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/80.0.3987.163-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 74.0.1+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (74.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (74.0.1+build1)

Date: 2020-04-03 21:20:52.964448+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/74.0.1+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 80.0.3987.149-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (80.0.3987.149-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 80.0.3987.149
- CVE-2019-20503: Out of bounds read in usersctplib.
- CVE-2020-6383: Type confusion in V8.
- CVE-2020-6384: Use after free in WebAudio.
- CVE-2020-6386: Use after free in speech.
- CVE-2020-6407: Out of bounds memory access in streams.
- CVE-2020-6418: Type confusion in V8.
- CVE-2020-6420: Insufficient policy enforcement in media.
- CVE-2020-6422: Use after free in WebGL.
- CVE-2020-6424: Use after free in media.
- CVE-2020-6425: Insufficient policy enforcement in extensions.
- CVE-2020-6426: Inappropriate implementation in V8.
- CVE-2020-6427: Use after free in audio.
- CVE-2020-6428: Use after free in audio.
- CVE-2020-6429: Use after free in audio.
- CVE-2020-6449: Use after free in audio.

Date: 2020-03-18 21:18:14.963277+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/80.0.3987.149-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20200311.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20200311.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.344)

Date: Tue, 10 Mar 2020 22:52:26 +
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20200311.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 10 Mar 2020 22:52:26 +
Source: adobe-flashplugin
Architecture: source
Version: 1:20200311.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20200311.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.344)
Checksums-Sha1:
 2e75a66937bd23070dd388f415da8c4400bd4c2e 2062 
adobe-flashplugin_20200311.1-0ubuntu0.16.04.1.dsc
 d4731f1fc2692a53e94307e331c37e1d10582575 8093 
adobe-flashplugin_20200311.1-0ubuntu0.16.04.1.diff.gz
 5f7e5f17c9973f1ea0c417c698887efe6aa014ca 11426 
adobe-flashplugin_20200311.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 71c6a334a1873db0ab05827324ef935fc5e0e0d9acb7c574b9b9db6bc5cd3f8b 2062 
adobe-flashplugin_20200311.1-0ubuntu0.16.04.1.dsc
 504cdcd0a445791cdc8fd148ece4faea590f66d88d5fe27403537695923d07c9 8093 
adobe-flashplugin_20200311.1-0ubuntu0.16.04.1.diff.gz
 3d1db13ee2866186bf8cf09a102cc0d0e7a79fa8c30a3152bb371901a971c60c 11426 
adobe-flashplugin_20200311.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 445ca637f47b2ec30242cd19a8a3bab1 2062 partner/web optional 
adobe-flashplugin_20200311.1-0ubuntu0.16.04.1.dsc
 c72eb4bf2f8e9437fd89acc09a7cee35 8093 partner/web optional 
adobe-flashplugin_20200311.1-0ubuntu0.16.04.1.diff.gz
 bfa0437ba44619cf3f810d894165e911 11426 partner/web optional 
adobe-flashplugin_20200311.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.344ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.344ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.344)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-03-11 14:48:21.084578+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.344ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 74.0+build3-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (74.0+build3-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (74.0+build3)

firefox (74.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (74.0+build2)

  * Allow sideloading langpacks (LP: #1866059)
- debian/build/rules.mk
- debian/config/mozconfig.in

firefox (74.0+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (74.0+build1)

  [ Olivier Tilloy ]
  * Re-enable and update debian/patches/unity-menubar.patch

  [ Rico Tzschichholz ]
  * Update cbindgen to 0.13.1
- debian/build/create-tarball.py
  * Update patches
- debian/patches/partially-revert-google-search-update.patch
- debian/patches/ubuntu-ua-string-changes.patch
  * Drop obsolete patches
- debian/patches/drop-some-file-integrity-checks.patch
  * Fix build failure on s390x
- debian/patches/s390x-authenticator.patch

Date: 2020-03-09 16:27:15.806970+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/74.0+build3-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 73.0.1+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (73.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (73.0.1+build1)

  [ Olivier Tilloy ]
  * Use a higher resolution icon for DuckDuckGo (LP: #1796397)
- debian/searchplugins/ddg.xml
  * Re-enable and update debian/patches/unity-menubar.patch
  * Revert the addition of --reduce-memory-overheads to the linker arguments
on armhf, as it doesn't improve the memory exhaustion situation on
Launchpad builders
- debian/patches/armhf-reduce-linker-memory-use.patch
  * Add a build dependency on gcc-mozilla 7 and statically link against
libstdc++ 7
- debian/control{,.in}
- debian/patches/build-with-libstdc++-7.patch

  [ Rico Tzschichholz ]
  * Update cbindgen to 0.13.0
- debian/build/create-tarball.py
  * Drop browser/chrome.manifest which is not available or required anymore
- debian/firefox.install.in
  * Bump build-dep on rustc >= 1.39.0 and cargo >= 0.40
- debian/control{,.in}
  * Update patches
- debian/patches/support-coinstallable-trunk-build.patch
- debian/patches/ubuntu-ua-string-changes.patch
  * Fix build with C++17 on ppc platforms
- debian/patches/ppc-drop-register.patch

Date: 2020-02-25 20:38:15.112201+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/73.0.1+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] llvm-toolchain-8 1:8-3~ubuntu16.04.1 (Accepted)

[Chris Coulson]

llvm-toolchain-8 (1:8-3~ubuntu16.04.1) xenial; urgency=medium

  * Backport to xenial for firefox miscompilation issues (LP: #1850529)
  * Disable ocaml because of missing dependencies on xenial
  * Drop s390x from BINUTILS_GOLD_ARCHS

Date: 2019-12-09 22:40:14.095553+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/llvm-toolchain-8/1:8-3~ubuntu16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] gcc-mozilla 7.5.0-4ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

gcc-mozilla (7.5.0-4ubuntu0.16.04.1) xenial; urgency=medium

  * Backport GCC 7.5 to xenial for building Firefox (LP: #1856861)
- install the toolchain to /usr/lib/gcc-mozilla
- disable NVPTX offload (requires nvptx-tools which isn't in xenial)
- disable Ada support
- disable Go support
- disable Fortran support

gcc-7 (7.5.0-4ubuntu1) focal; urgency=medium

  * Merge with Debian; remaining changes:
- Build from upstream sources.

gcc-7 (7.5.0-4) unstable; urgency=medium

  * Fix buffer overflow in the gcc-search-prefixed-as-ld patch.
Addresses: #946792.
  * Dump the config.log for the configure step when it fails.
  * On architectures where libgcc_s.so is a symlink, replace the symlink with
a simple linker script.
  * libgcc-dev: Don't ship a libgcc_so.1 symlink in gcclibdir.
Addresses: #950525.
  * Bump standards version.

gcc-7 (7.5.0-3ubuntu1) focal; urgency=medium

  * Rebuild for isl soname change.

gcc-7 (7.5.0-3) unstable; urgency=medium

  * Rebuild for isl soname change.

gcc-7 (7.5.0-2ubuntu1) focal; urgency=medium

  * Merge with Debian; remaining changes:
- Build from upstream sources.

gcc-7 (7.5.0-2) unstable; urgency=medium

  * Stop building -dbg packages, keep building the libstc++6-7-dbg package
containing just the libstdc++ debug build.

gcc-7 (7.5.0-1ubuntu1) focal; urgency=medium

  * Merge with Debian; remaining changes:
- Build from upstream sources.

gcc-7 (7.5.0-1) unstable; urgency=medium

  * GCC 7.5.0 release.
  * Refresh patches.

gcc-7 (7.4.0-15ubuntu1) focal; urgency=medium

  * Merge with Debian; remaining changes:
- Build from upstream sources.

gcc-7 (7.4.0-15) unstable; urgency=medium

  * GCC 7.5.0 release candidate 1.
  * Update to SVN 20191105 (r277823) from the gcc-7-branch.
- Fix PR target/91275 (PPC), PR libstdc++/92143, PR target/88167 (ARM),
  PR debug/91887, PR tree-optimization/91812, PR tree-optimization/92131,
  PR target/86040 (AVR), PR rtl-optimization/89721, PR target/89400 (ARM),
  PR target/88630 (SH), PR ada/91995, PR fortran/86248, PR fortran/69455.

gcc-7 (7.4.0-14ubuntu2) eoan; urgency=medium

  * Update to SVN 20191008 (r276439) from the gcc-7-branch.
- Fix PR target/91275 (PPC).

gcc-7 (7.4.0-14ubuntu1) eoan; urgency=medium

  * Merge with Debian; remaining changes:
- Build from upstream sources.

gcc-7 (7.4.0-14) unstable; urgency=medium

  * Update to SVN 20191002 (r276439) from the gcc-7-branch.
- Fix PR fortran/91557, PR target/86712 (SH), PR target/88562 (SH),
  PR target/82920 (Darwin), PR target/82920 (x86), PR target/80672 (SH),
  PR target/85993 (SH), PR rtl-optimization/88751, PR fortran/91557.
  * Bump standards version.

gcc-7 (7.4.0-13) unstable; urgency=medium

  * Update to SVN 20190912 (r275684) from the gcc-7-branch.
- Fix PR rtl-optimization/89795, PR fortran/91686.
  * Upload without binary packages after the accidential gcc-7-source
removal from the archive.

gcc-7 (7.4.0-12ubuntu2) eoan; urgency=medium

  * Re-sync with the real 7.4.0-12 upload.

gcc-7 (7.4.0-12ubuntu1) eoan; urgency=medium

  * Merge with Debian; remaining changes:
- Build from upstream sources.

gcc-7 (7.4.0-12) unstable; urgency=medium

  * Update to SVN 20190919 (r275519) from the gcc-7-branch.
- Fix PR libgomp/90585, PR target/90811, PR middle-end/89002, PR c/90474,
  PR sanitizer/90954, PR c++/90108, PR c/89933, PR c/89734,
  PR tree-optimization/90637, PR tree-optimization/90930,
  PR middle-end/90194, PR middle-end/90213, PR tree-optimization/90071,
  PR middle-end/89677, PR target/91481 (PPC), PR target/91150 (x86),
  PR middle-end/78884, PR rtl-optimization/90756, PR c/90760,
  PR middle-end/90139, PR target/90811 (nvptx), PR fortran/90329,
  PR fortran/90329, PR target/90187 (x86), PR tree-optimization/90208,
  PR rtl-optimization/90082, PR tree-optimization/90090,
  PR tree-optimization/89998. PR c/89872, PR middle-end/89621,
  PR target/89752, PR rtl-optimization/89768, PR target/89752,
  PR target/89726 (x86), PR debug/89704, PR rtl-optimization/89679,
  PR tree-optimization/89703, PR middle-end/88588, PR middle-end/89663,
  PR c/88568, PR target/89587 (PPC), PR middle-end/89590, PR c/89520,
  PR middle-end/89412, PR middle-end/89091, PR middle-end/88074,
  PR middle-end/89415, PR middle-end/88074, PR target/89361 (S390),
  PR tree-optimization/89278, PR other/89342, PR rtl-optimization/89354,
  PR tree-optimization/89314, PR middle-end/89303, PR middle-end/89281,
  PR middle-end/89246, PR target/88861, PR rtl-optimization/89234,
  PR target/89188, PR rtl-optimization/89195, PR target/89186,
  PR middle-end/87887, PR tree-optimization/88107, PR c++/66676,
  PR ipa/89104, PR middle-end/89002, PR target/87214 (x86),
  PR rtl-optimization/49429, PR target/49454, PR rtl-optimization/86334,
  PR target/88906, PR rtl-optimization/88870, PR c/88568, PR 

[ubuntu/xenial-security] rustc 1.39.0+dfsg1+llvm-3ubuntu1~16.04.1 (Accepted)

[Chris Coulson]

rustc (1.39.0+dfsg1+llvm-3ubuntu1~16.04.1) xenial; urgency=medium

  * Backport to Xenial. (LP: #1856851)
  * Relax the gdb build requirement
- update debian/control
  * Relax the dependency on xz-utils by commenting out some unused code
- add debian/patches/d-relax-xz-utils-dependency.patch
- update debian/patches/series
  * Disable multithreaded compressor in rust-installer
- adds debian/patches/d-rust-installer-no-threaded-compressor.patch
- updates debian/patches/series
  * Build with clang on armhf to avoid crashes in stage1 compiler
- updates debian/control
- updates debian/rules

rustc (1.39.0+dfsg1+llvm-3ubuntu1) focal; urgency=medium

  * Merge from Debian unstable (LP #1856851). Remaining changes:
- Use the bundled llvm to avoid having to do llvm updates in order to
  deliver rust updates
  - update debian/config.toml.in
  - update debian/control
  - update debian/copyright
  - update debian/rules
- Build-Depend on libc6-dbg on armhf, to workaround a crash in ld.so
  during some debuginfo tests
  - update debian/control
- Add a hack to ensure the stage0 compiler is extracted to the correct
  location
  - update debian/make_orig-stage0_tarball.sh
- Scrub -g from CFLAGS and CXXFLAGS in order to let rustbuild control
  whether LLVM is compiled with debug symbols
  - update debian/rules
- On i386, only build debuginfo for libstd
  - update debian/rules
- Ignore all test failures on every architecture
  - update debian/rules
- Version the Build-Conflict on gdb-minimal as gdb now Provides it
  - update debian/control
- Adjust the rustc Breaks/Replaces libstd-rust-dev version to fix an
  upgrade issue
  - update debian/control
- Adjust debian/watch to include +llvm in upstream version.
  - update debian/watch
- Add Build-Depends-Indep: libssl-dev
  * Run build scripts with Python 3.

rustc (1.39.0+dfsg1-3) unstable; urgency=medium

  * Fix mips patch involving mxgot for new RUSTFLAGS behaviour.

rustc (1.39.0+dfsg1-2) unstable; urgency=medium

  * Include reproducibility patch for compiler-builtins.
  * Use python3 instead of python to run rustbuild. (Closes: #938422)
  * Expand d-ignore-error-detail-diff.patch for unfixed upstream #53081.

rustc (1.39.0+dfsg1-1) unstable; urgency=medium

  * New upstream release.

rustc (1.38.0+dfsg1-2) unstable; urgency=medium

  * Fix building with rustc 1.38.0
  * Fix building with cargo 0.40.0

rustc (1.38.0+dfsg1-1) unstable; urgency=medium

  * New upstream release.

rustc (1.38.0+dfsg0.2+llvm-0ubuntu2) focal; urgency=medium

  * d/patches/d-fix-1.38-self-bootstrap.patch: backport patch from upstream
to allow warnings to not fail the build, which allows rustc 1.38 to be
bootstrapped with itself.
- adds d/patches/d-fix-1.38-self-bootstrap.patch
- updates d/patches/series
- updates debian/config.toml.in

rustc (1.38.0+dfsg0.2+llvm-0ubuntu1) focal; urgency=medium

  * New upstream release.
  * Add Build-Depends-Indep: libssl-dev
  * Update Files-Excluded for new upstream version 1.38.0
  * d/patches/d-0004-mdbook-2-1-compat.patch: Removed.
  * Refresh other patches.

rustc (1.37.0+dfsg1+llvm-1ubuntu1) eoan; urgency=medium

  * Merge from Debian unstable (LP #1843765). Remaning changes:
- Use the bundled llvm to avoid having to do llvm updates in order to
  deliver rust updates
  - update debian/config.toml.in
  - update debian/control
  - update debian/copyright
  - update debian/rules
- Build-Depend on libc6-dbg on armhf, to workaround a crash in ld.so
  during some debuginfo tests
  - update debian/control
- Add a hack to ensure the stage0 compiler is extracted to the correct
  location
  - update debian/make_orig-stage0_tarball.sh
- Scrub -g from CFLAGS and CXXFLAGS in order to let rustbuild control
  whether LLVM is compiled with debug symbols
  - update debian/rules
- On i386, only build debuginfo for libstd
  - update debian/rules
- Ignore all test failures on every architecture
  - update debian/rules
- Version the Build-Conflict on gdb-minimal as gdb now Provides it
  - update debian/control
- Adjust the rustc Breaks/Replaces libstd-rust-dev version to fix an
  upgrade issue
  - update debian/control
- Adjust debian/watch to include +llvm in upstream version.
  - update debian/watch
  * Revert "Support cross-compiling to wasm32" as it breaks with the
bundled snapshot of LLVM 9.
- delete debian/libstd-rust-dev-wasm32-cross.lintian-overrides
- delete debian/rustc.links
- update debian/config.toml.in
- update debian/control
- update debian/rules

Date: 2020-01-23 19:00:18.526986+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/rustc/1.39.0+dfsg1+llvm-3ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-chang

[ubuntu/xenial-security] commonmark-bkrs 0.5.4+ds-1~ubuntu16.04.2 (Accepted)

[Chris Coulson]

commonmark-bkrs (0.5.4+ds-1~ubuntu16.04.2) xenial; urgency=medium

  * Backport to xenial to enable backporting llvm-toolchain-8
  * Relax build dependency on debhelper to allow building on xenial

Date: 2019-12-09 21:44:14.532755+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/commonmark-bkrs/0.5.4+ds-1~ubuntu16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] recommonmark 0.4.0+ds-2~ubuntu16.04.1 (Accepted)

[Chris Coulson]

recommonmark (0.4.0+ds-2~ubuntu16.04.1) xenial; urgency=medium

  * Backport to xenial to enable backporting llvm-toolchain-8

Date: 2019-12-09 21:37:17.074472+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/recommonmark/0.4.0+ds-2~ubuntu16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] cargo 0.40.0-3ubuntu1~16.04.1 (Accepted)

[Chris Coulson]

cargo (0.40.0-3ubuntu1~16.04.1) xenial; urgency=medium

  * Backport to Xenial. (LP: #1856851)
  * Embed libgit2 0.28.3 to avoid a dependency on a version which is newer
than that found in disco
- add debian/libgit2
- add debian/patches/libgit2-0.28-compat.patch
- add debian/patches/use-system-libhttp-parser.patch
- update debian/control
- update debian/copyright
- update debiab/patches/series
- update debian/README.source
- update debian/rules
  * Drop ssh_key_from_memory from the git2 default features, as that results
in the libgit2 build depending on a version of libssh2 that is too recent
- add debian/patches/git2-no-ssh_key_from_memory.patch
- update debian/patches/series
  * Do not use the http2 feature of the curl crate, and warn rather than fail
on errors caused by a too-old curl.
- add debian/patches/ignore-libcurl-errors.patch
- update debian/patches/series

cargo (0.40.0-3ubuntu1) focal; urgency=low

  * Merge from Debian unstable.  Remaining changes:
- Disable fetch tests on non x86/x86-64 architectures, as those hit an
  unreachable!() in test code. Disable the Debian patch that disables
  these tests on every architecture
  - add debian/patches/disable-fetch-tests-on-non-x86.patch
- Don't use the bootstrap.py script for bootstrapping as it no longer
  works.
  - remove debian/bootstrap.py
  - update debian/make_orig_multi.sh
- Disable the large_conflict_cache test on non-x86
  - add debian/patches/disable-large_conflict_cache-test-on-non-x86.patch
  - update debian/patches/series
- Disable test tool_paths::custom_runner which fails every now and again
  because of a libstd bug (https://github.com/rust-lang/rust/issues/55242)
  - add debian/patches/disable-tool_paths-custom_runner.patch
  - update debian/patches/series
  * Dropped changes, included in Debian:
- d/patches/0001-Don-t-fail-if-we-can-t-acquire-readonly-lock.patch,
  d/patches/1001_vendor_serde_atomic-compat.patch: remove, applied
  upstream
- d/patches/2001_more_portable_rustflags.patch: Delete, applied
  upstream.
  * Dropped changes, included upstream:
- Cherry pick fixes to tests for compatibility with toml 0.5.3.
  * Drop bundled libgit2, as Ubuntu now has 0.28.3 which meets the minimum
requirements.
  * Bump the versioned build-dependency on libgit2-dev.
  * debian/patches/disable-fetch-tests-on-non-x86.patch: update.

cargo (0.40.0-3) unstable; urgency=medium

  * debian cargo wrapper: drop DEB_CARGO_PACKAGE in favour of the more
standardised DESTDIR.
  * Experimental riscv64 support.

cargo (0.40.0-2) unstable; urgency=medium

  * Restore patch for pkg-config crate to auto-detect Debian cross-compiling.
  * Add patch for backtrace-sys to auto-detect Debian cross-compiling.

cargo (0.40.0-1) unstable; urgency=medium

  [ Sylvestre Ledru ]
  * Ship the zsh completion (Closes: #941437)

  [ Ximin Luo ]
  * New upstream release.

cargo (0.39.0+really0.39.0-0ubuntu1) focal; urgency=medium

  * Restore Cargo 0.39 now that the rustc update is done.

cargo (0.39.0+really0.38.0-0ubuntu1) focal; urgency=medium

  * Re-upload Cargo 0.38 as Cargo 0.39 blocks the bootstrap of rustc 1.38.

cargo (0.39.0-0ubuntu1) focal; urgency=medium

  * New upstream release.
  * d/patches/2001_more_portable_rustflags.patch: Delete, applied
upstream.
  * Refresh other patches.

cargo (0.38.0-0ubuntu1) focal; urgency=medium

  * New upstream release.
  * d/patches/0001-Don-t-fail-if-we-can-t-acquire-readonly-lock.patch,
d/patches/1001_vendor_serde_atomic-compat.patch: remove, applied
upstream
  * Refresh other patches.
  * Embed libgit2 at the commit bundled by libgit2 0.8.2 (e3adc99), as
it depends on a newer version than that found in Ubuntu today, with
some binary test-only files removed.
- add debian/libgit2
- update debian/control
- update debian/copyright
- update debian/rules
- update debian/README.source
  * Hack the libgit2-sys build process to link the bundled libgit2
against the system's libhttp_parser.
- add debian/patches/use-system-libhttp-parser.patch
- update debian/patches/series
  * Cherry pick fixes to tests for compatibility with toml 0.5.3.

Date: 2020-01-23 00:11:14.457424+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/cargo/0.40.0-3ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 80.0.3987.87-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (80.0.3987.87-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 80.0.3987.87
- CVE-2020-6381: Integer overflow in JavaScript.
- CVE-2020-6382: Type Confusion in JavaScript.
- CVE-2019-18197: Multiple vulnerabilities in XML.
- CVE-2019-19926: Inappropriate implementation in SQLite.
- CVE-2020-6385: Insufficient policy enforcement in storage.
- CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite.
- CVE-2020-6387: Out of bounds write in WebRTC.
- CVE-2020-6388: Out of bounds memory access in WebAudio.
- CVE-2020-6389: Out of bounds write in WebRTC.
- CVE-2020-6390: Out of bounds memory access in streams.
- CVE-2020-6391: Insufficient validation of untrusted input in Blink.
- CVE-2020-6392: Insufficient policy enforcement in extensions.
- CVE-2020-6393: Insufficient policy enforcement in Blink.
- CVE-2020-6394: Insufficient policy enforcement in Blink.
- CVE-2020-6395: Out of bounds read in JavaScript.
- CVE-2020-6396: Inappropriate implementation in Skia.
- CVE-2020-6397: Incorrect security UI in sharing.
- CVE-2020-6398: Uninitialized use in PDFium.
- CVE-2020-6399: Insufficient policy enforcement in AppCache.
- CVE-2020-6400: Inappropriate implementation in CORS.
- CVE-2020-6401: Insufficient validation of untrusted input in Omnibox.
- CVE-2020-6402: Insufficient policy enforcement in downloads.
- CVE-2020-6403: Incorrect security UI in Omnibox.
- CVE-2020-6404: Inappropriate implementation in Blink.
- CVE-2020-6405: Out of bounds read in SQLite.
- CVE-2020-6406: Use after free in audio.
- CVE-2019-19923: Out of bounds memory access in SQLite.
- CVE-2020-6408: Insufficient policy enforcement in CORS.
- CVE-2020-6409: Inappropriate implementation in Omnibox.
- CVE-2020-6410: Insufficient policy enforcement in navigation.
- CVE-2020-6411: Insufficient validation of untrusted input in Omnibox.
- CVE-2020-6412: Insufficient validation of untrusted input in Omnibox.
- CVE-2020-6413: Inappropriate implementation in Blink.
- CVE-2020-6414: Insufficient policy enforcement in Safe Browsing.
- CVE-2020-6415: Inappropriate implementation in JavaScript.
- CVE-2020-6416: Insufficient data validation in streams.
- CVE-2020-6417: Inappropriate implementation in installer.
  * debian/control: add nodejs-mozilla as a build dependency
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-extra-arflags.patch: refreshed
  * debian/patches/node-use-system-wide.patch: added
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/widevine-enable-version-string.patch: refreshed
  * debian/tests/html5test: update test expectations for the removal
of the Web Components V0 APIs
(see https://www.chromestatus.com/feature/5144752345317376)

Date: 2020-02-05 14:51:14.898893+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/80.0.3987.87-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.330ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.330ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.330)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-02-11 16:38:44.110581+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.330ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20200211.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20200211.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.330)

Date: Tue, 11 Feb 2020 15:27:41 +
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20200211.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 11 Feb 2020 15:27:41 +
Source: adobe-flashplugin
Architecture: source
Version: 1:20200211.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20200211.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.330)
Checksums-Sha1:
 ea7b8c72c437bd9509f64a4acad95de6ae49 2062 
adobe-flashplugin_20200211.1-0ubuntu0.16.04.1.dsc
 b1129df15ea1be665a61240152c4a02c302c3808 8075 
adobe-flashplugin_20200211.1-0ubuntu0.16.04.1.diff.gz
 09206e94b267dafd2430e99d871dadcea32f637a 11853 
adobe-flashplugin_20200211.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 bc5a9806dbee1bd87756094b308127b77655293cce872e71938d1eb4dbc9435a 2062 
adobe-flashplugin_20200211.1-0ubuntu0.16.04.1.dsc
 3b557887f97feac67897ae1a5250595f5a6f0036cd62681fc0f5d1781be3f271 8075 
adobe-flashplugin_20200211.1-0ubuntu0.16.04.1.diff.gz
 bc23af693b5604a1082b7c1395cb2d69a80c4b1c46024c0b4e7500d45afae7da 11853 
adobe-flashplugin_20200211.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 c647c38fa99d66c86621cc04de661339 2062 partner/web optional 
adobe-flashplugin_20200211.1-0ubuntu0.16.04.1.dsc
 5cdfb5f74a1e27bdde06cc6009a88797 8075 partner/web optional 
adobe-flashplugin_20200211.1-0ubuntu0.16.04.1.diff.gz
 b76b7766dbd3ba0657c21931bb027e2d 11853 partner/web optional 
adobe-flashplugin_20200211.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 79.0.3945.130-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (79.0.3945.130-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 79.0.3945.130
- CVE-2020-6378: Use-after-free in speech recognizer.
- CVE-2020-6379: Use-after-free in speech recognizer.
- CVE-2020-6380: Extension message verification error.
  * debian/control: remove libgnome-keyring-dev build dependency (LP: #1828192)
  * debian/rules: build with use_gnome_keyring=false
  * debian/known_gn_gen_args-*: change use_gnome_keyring build flag to false

chromium-browser (79.0.3945.117-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 79.0.3945.117
- CVE-2019-13767: Use after free in media picker.
- CVE-2020-6377: Use after free in audio.

Date: 2020-01-27 16:57:13.650857+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/79.0.3945.130-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 72.0.2+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (72.0.2+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (72.0.2+build1)

  * Fix creating the source tarball with recent versions of cargo
- debian/build/create-tarball.py
  * Fix an exception in the apport hook (LP: #1856707)
- debian/apport/source_firefox.py.in
  * Pass --reduce-memory-overheads to the linker on armhf in an attempt to
work around memory exhaustion on Launchpad builders
- debian/patches/armhf-reduce-linker-memory-use.patch

Date: 2020-01-20 10:19:24.621027+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/72.0.2+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.314ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.314ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.314)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2020-01-14 15:41:18.210094+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.314ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] rustc 1.37.0+dfsg1+llvm-1ubuntu1~16.04.1 (Accepted)

[Chris Coulson]

rustc (1.37.0+dfsg1+llvm-1ubuntu1~16.04.1) xenial; urgency=medium

  * Backport to Xenial.
  * Relax the gdb build requirement
- update debian/control
  * Relax the dependency on xz-utils by commenting out some unused code
- add debian/patches/d-relax-xz-utils-dependency.patch
- update debian/patches/series

rustc (1.37.0+dfsg1+llvm-1ubuntu1) eoan; urgency=medium

  * Merge from Debian unstable (LP #1843765). Remaning changes:
- Use the bundled llvm to avoid having to do llvm updates in order to
  deliver rust updates
  - update debian/config.toml.in
  - update debian/control
  - update debian/copyright
  - update debian/rules
- Build-Depend on libc6-dbg on armhf, to workaround a crash in ld.so
  during some debuginfo tests
  - update debian/control
- Add a hack to ensure the stage0 compiler is extracted to the correct
  location
  - update debian/make_orig-stage0_tarball.sh
- Scrub -g from CFLAGS and CXXFLAGS in order to let rustbuild control
  whether LLVM is compiled with debug symbols
  - update debian/rules
- On i386, only build debuginfo for libstd
  - update debian/rules
- Ignore all test failures on every architecture
  - update debian/rules
- Version the Build-Conflict on gdb-minimal as gdb now Provides it
  - update debian/control
- Adjust the rustc Breaks/Replaces libstd-rust-dev version to fix an
  upgrade issue
  - update debian/control
- Adjust debian/watch to include +llvm in upstream version.
  - update debian/watch
  * Revert "Support cross-compiling to wasm32" as it breaks with the
bundled snapshot of LLVM 9.
- delete debian/libstd-rust-dev-wasm32-cross.lintian-overrides
- delete debian/rustc.links
- update debian/config.toml.in
- update debian/control
- update debian/rules

rustc (1.37.0+dfsg1-1) unstable; urgency=medium

  * Upload to unstable.
  * Fix a typo in debian/rules regex causing FTBFS on some arches.

rustc (1.37.0+dfsg1-1~exp2) experimental; urgency=medium

  * Support cross-compiling to wasm32. (Closes: #903110)
To do that, install the libstd-rust-dev-wasm32-cross package and give
--target wasm32-unknown-unknown.
  * Drop dependency on system compiler-rt, these new versions of rustc
actually don't need it at all.

rustc (1.37.0+dfsg1-1~exp1) experimental; urgency=medium

  * New upstream release.
  * Use system compiler-rt.

rustc (1.36.0+dfsg1+llvm-2ubuntu1) eoan; urgency=medium

  * Merge from Debian unstable. Remaning changes:
- Use the bundled llvm to avoid having to do llvm updates in order to
  deliver rust updates
  - update debian/config.toml.in
  - update debian/control
  - update debian/copyright
  - update debian/rules
- Build-Depend on libc6-dbg on armhf, to workaround a crash in ld.so
  during some debuginfo tests
  - update debian/control
- Add a hack to ensure the stage0 compiler is extracted to the correct
  location
  - update debian/make_orig-stage0_tarball.sh
- Scrub -g from CFLAGS and CXXFLAGS in order to let rustbuild control
  whether LLVM is compiled with debug symbols
  - update debian/rules
- On i386, only build debuginfo for libstd
  - update debian/rules
- Ignore all test failures on every architecture
  - update debian/rules
- Version the Build-Conflict on gdb-minimal as gdb now Provides it
  - update debian/control
- Adjust the rustc Breaks/Replaces libstd-rust-dev version to fix an
  upgrade issue
  - update debian/control
- Adjust debian/watch to include +llvm in upstream version.
  - update debian/watch

Date: 2019-10-25 09:22:15.151842+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/rustc/1.37.0+dfsg1+llvm-1ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] cargo 0.38.0-0ubuntu1~16.04.1 (Accepted)

[Chris Coulson]

cargo (0.38.0-0ubuntu1~16.04.1) xenial; urgency=medium

  * Backport to Xenial.
  * Drop ssh_key_from_memory from the git2 default features, as that results
in the libgit2 build depending on a version of libssh2 that is too recent
- add debian/patches/git2-no-ssh_key_from_memory.patch
- update debian/patches/series
  * Do not use the http2 feature of the curl crate, and warn rather than fail
on errors caused by a too-old curl.
- add debian/patches/ignore-libcurl-errors.patch
- update debian/patches/series

cargo (0.38.0-0ubuntu1) focal; urgency=medium

  * New upstream release.
  * d/patches/0001-Don-t-fail-if-we-can-t-acquire-readonly-lock.patch,
d/patches/1001_vendor_serde_atomic-compat.patch: remove, applied
upstream
  * Refresh other patches.
  * Embed libgit2 at the commit bundled by libgit2 0.8.2 (e3adc99), as
it depends on a newer version than that found in Ubuntu today, with
some binary test-only files removed.
- add debian/libgit2
- update debian/control
- update debian/copyright
- update debian/rules
- update debian/README.source
  * Hack the libgit2-sys build process to link the bundled libgit2
against the system's libhttp_parser.
- add debian/patches/use-system-libhttp-parser.patch
- update debian/patches/series
  * Cherry pick fixes to tests for compatibility with toml 0.5.3.

cargo (0.37.0-3ubuntu2) eoan; urgency=medium

  * Backport fix causing build failures when $HOME was not writable.
- add debian/patches/0001-Don-t-fail-if-we-can-t-acquire-readonly-lock.patch
- update debian/patches/series

cargo (0.37.0-3ubuntu1) eoan; urgency=medium

  * Merge from Debian unstable. Remaining changes:
- Don't use the bootstrap.py script for bootstrapping as it no longer
  works.
  - remove debian/bootstrap.py
  - update debian/make_orig_multi.sh
- Disable fetch tests on non x86/x86-64 architectures, as those hit an
  unreachable!() in test code. Disable the Debian patch that disables these
  tests on every architecture
  - add debian/patches/disable-fetch-tests-on-non-x86.patch
  - update debian/patches/series
- Disable test tool_paths::custom_runner which fails every now and again
  because of a libstd bug (https://github.com/rust-lang/rust/issues/55242)
  - add debian/patches/disable-tool_paths-custom_runner.patch
  - update debian/patches/series
   - Disable the large_conflict_cache test on non-x86
 - add debian/patches/disable-large_conflict_cache-test-on-non-x86.patch
 - update debian/patches/series

Date: 2019-10-25 09:18:15.316114+00:00
Changed-By: Michael Hudson-Doyle 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/cargo/0.38.0-0ubuntu1~16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 72.0.1+build1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (72.0.1+build1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (72.0.1+build1)

firefox (72.0+build4-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (72.0+build4)

  [ Olivier Tilloy ]
  * Update debian/patches/unity-menubar.patch
  * Use the upstream Build ID, to ensure it is the same across Ubuntu releases
for a given firefox version (LP: #1851936)
- debian/build/create-tarball.py
- debian/build/rules.mk
- debian/config/mozconfig.in

  [ Rico Tzschichholz ]
  * Exclude autoconf files from integrity check
- debian/patches/drop-some-file-integrity-checks.patch
  * Bump build-dep on clang >= 8 (LP: #1850529)
- debian/control{,.in}
- debian/build/rules.mk
  * Update cbindgen to 0.12.1
- debian/build/create-tarball.py
  * Use ac_add_options to define specific compiler and tool versions
(https://bugzilla.mozilla.org/show_bug.cgi?id=1603860)
- debian/config/mozconfig.in

Date: 2020-01-08 09:48:30.554352+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/72.0.1+build1-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 79.0.3945.79-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (79.0.3945.79-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 79.0.3945.79
- CVE-2019-13725: Use after free in Bluetooth.
- CVE-2019-13726: Heap buffer overflow in password manager.
- CVE-2019-13727: Insufficient policy enforcement in WebSockets.
- CVE-2019-13728: Out of bounds write in V8.
- CVE-2019-13729: Use after free in WebSockets.
- CVE-2019-13730: Type Confusion in V8.
- CVE-2019-13732: Use after free in WebAudio.
- CVE-2019-13734: Out of bounds write in SQLite.
- CVE-2019-13735: Out of bounds write in V8.
- CVE-2019-13764: Type Confusion in V8.
- CVE-2019-13736: Integer overflow in PDFium.
- CVE-2019-13737: Insufficient policy enforcement in autocomplete.
- CVE-2019-13738: Insufficient policy enforcement in navigation.
- CVE-2019-13739: Incorrect security UI in Omnibox.
- CVE-2019-13740: Incorrect security UI in sharing.
- CVE-2019-13741: Insufficient validation of untrusted input in Blink.
- CVE-2019-13742: Incorrect security UI in Omnibox.
- CVE-2019-13743: Incorrect security UI in external protocol handling.
- CVE-2019-13744: Insufficient policy enforcement in cookies.
- CVE-2019-13745: Insufficient policy enforcement in audio.
- CVE-2019-13746: Insufficient policy enforcement in Omnibox.
- CVE-2019-13747: Uninitialized Use in rendering.
- CVE-2019-13748: Insufficient policy enforcement in developer tools.
- CVE-2019-13749: Incorrect security UI in Omnibox.
- CVE-2019-13750: Insufficient data validation in SQLite.
- CVE-2019-13751: Uninitialized Use in SQLite.
- CVE-2019-13752: Out of bounds read in SQLite.
- CVE-2019-13753: Out of bounds read in SQLite.
- CVE-2019-13754: Insufficient policy enforcement in extensions.
- CVE-2019-13755: Insufficient policy enforcement in extensions.
- CVE-2019-13756: Incorrect security UI in printing.
- CVE-2019-13757: Incorrect security UI in Omnibox.
- CVE-2019-13758: Insufficient policy enforcement in navigation.
- CVE-2019-13759: Incorrect security UI in interstitials.
- CVE-2019-13761: Incorrect security UI in Omnibox.
- CVE-2019-13762: Insufficient policy enforcement in downloads.
- CVE-2019-13763: Insufficient policy enforcement in payments.
  * debian/patches/chromium_useragent.patch: refreshed
  * debian/patches/configuration-directory.patch: refreshed
  * debian/patches/default-allocator: refreshed
  * debian/patches/disable-sse2: refreshed
  * debian/patches/fix-extra-arflags.patch: refreshed
  * debian/patches/gn-experimental-string_view.patch: added
  * debian/patches/relax-ninja-version-requirement.patch: refreshed
  * debian/patches/set-rpath-on-chromium-executables.patch: refreshed
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed
  * debian/patches/title-bar-default-system.patch-v35: refreshed
  * debian/patches/touch-v35: refreshed
  * debian/patches/widevine-enable-version-string.patch: updated
  * debian/patches/widevine-other-locations: updated

Date: 2019-12-11 06:56:14.728141+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/79.0.3945.79-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] firefox 71.0+build5-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

firefox (71.0+build5-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (71.0+build5)

  * Update test expectation
- debian/tests/html5test
  * Fix build failures on armhf and s390x with clang 8
- debian/patches/armhf-clang-no-integrated-as-for-neon.patch
- debian/patches/s390x-fix-hidden-symbol.patch
  * Temporarily hardcode MOZ_BUILD_DATE to ensure the build ID is strictly less
than the one for the bionic build already in bionic-updates (LP: #1851936)

firefox (71.0+build2-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream stable release (71.0+build2)

  [ Rico Tzschichholz ]
  * Update cbindgen to 0.10.0
- debian/build/create-tarball.py
  * Bump build-dep on rustc >= 1.37.0 and cargo >= 0.38
- debian/control{,.in}
  * Add explicit build-dep on libclang-*-dev
- debian/control{,.in}
  * Update patches
- debian/patches/partially-revert-google-search-update.patch
  * Skip Tagalog (tl) and Triqui (trs) localizations
- debian/config/locales.blacklist
  * Include ca-valencia
- update debian/config/locales.shipped

  [ Sabri Ünal, Selim Sumlu ]
  * Fix Turkish translation for the new-private-window action (LP: #1852818)
- debian/firefox.desktop.in

Date: 2019-12-11 21:04:13.915898+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/firefox/71.0+build5-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] flashplugin-nonfree 32.0.0.303ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

flashplugin-nonfree (32.0.0.303ubuntu0.16.04.2) xenial-security; urgency=medium

  * New upstream release (32.0.0.303)
- debian/flashplugin-installer.{config,postinst},
  debian/post-download-hook: Updated version and sha256sum

Date: 2019-12-10 19:39:18.679629+00:00
Changed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/flashplugin-nonfree/32.0.0.303ubuntu0.16.04.2
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20191210.1-0ubuntu0.16.04.2 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20191210.1-0ubuntu0.16.04.2) xenial; urgency=medium

  * New upstream releases (32.0.0.303)

Date: Tue, 10 Dec 2019 14:37:58 +
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20191210.1-0ubuntu0.16.04.2
Format: 1.8
Date: Tue, 10 Dec 2019 14:37:58 +
Source: adobe-flashplugin
Architecture: source
Version: 1:20191210.1-0ubuntu0.16.04.2
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20191210.1-0ubuntu0.16.04.2) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.303)
Checksums-Sha1:
 6726f7e6575b02a3f693e5d8eb19f7e70f05d526 2062 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.2.dsc
 47052556056e559f58dd6faa60ede23367f53329 8023 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.2.diff.gz
 ca99b4f4eda24779c942bc9a1541228460c9b35d 11976 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.2_source.buildinfo
Checksums-Sha256:
 097113be45acfb89faf094540a53d4a4e2d12cded6c90799c8814237ebbd9a5c 2062 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.2.dsc
 3dcba7f5a8d448483c954f7f3dc2c24a281579f7504e9c3e5d65dbb755daab5c 8023 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.2.diff.gz
 44dc4b5efb269314dd32b392ec5e722f9915974ce5108d0f18afff4af6bac9c5 11976 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.2_source.buildinfo
Files:
 7f84d6cbd082782cfcf1fe0f307888c5 2062 partner/web optional 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.2.dsc
 12e5329484fe4d42502d2e4784bc384d 8023 partner/web optional 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.2.diff.gz
 e2c269bd7c647078bc158e90a8be8149 11976 partner/web optional 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.2_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20191210.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20191210.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.303)

Date: Tue, 10 Dec 2019 14:37:58 +
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20191210.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 10 Dec 2019 14:37:58 +
Source: adobe-flashplugin
Architecture: source
Version: 1:20191210.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20191210.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.303)
Checksums-Sha1:
 7cae8fcb7791c459cd787fd532e81e968bb67932 2041 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.1.dsc
 5e2f77f0298ca173ea64c43a4b3880859779a83f 8025 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.1.diff.gz
 fd85cf363130fd94941203208355c00985ed 9697 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 65713ee91083f3c3b4ab7fc844461518a18a7c5c00db00245d9a2a5817d73b9e 2041 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.1.dsc
 f3be6f871507d0766148f8c3f05484644387cd5da934d2f7c7640a17cb3e63c6 8025 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.1.diff.gz
 c11ffcb58763b02ce8eb8993808c8240cdfe3fd9e56e3530e1315be348022211 9697 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 e1c55ea28200b6d1d958fe2a5147ead6 2041 partner/web optional 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.1.dsc
 9d76f5c7d8bec9f07e7f77fc428c50ee 8025 partner/web optional 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.1.diff.gz
 bcae499f2686eb6016481bbad989ffbc 9697 partner/web optional 
adobe-flashplugin_20191210.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/partner/xenial-proposed] adobe-flashplugin 1:20191113.1-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

adobe-flashplugin (1:20191113.1-0ubuntu0.16.04.1) xenial; urgency=medium

  * New upstream releases (32.0.0.293)

Date: Tue, 12 Nov 2019 23:06:09 +
Changed-By: Chris Coulson 
Maintainer: DL-Flash Player Ubuntu 
https://launchpad.net/ubuntu/+source/adobe-flashplugin/1:20191113.1-0ubuntu0.16.04.1
Format: 1.8
Date: Tue, 12 Nov 2019 23:06:09 +
Source: adobe-flashplugin
Architecture: source
Version: 1:20191113.1-0ubuntu0.16.04.1
Distribution: xenial
Urgency: medium
Maintainer: DL-Flash Player Ubuntu 
Changed-By: Chris Coulson 
Changes:
 adobe-flashplugin (1:20191113.1-0ubuntu0.16.04.1) xenial; urgency=medium
 .
   * New upstream releases (32.0.0.293)
Checksums-Sha1:
 4850cab406196dd6ed8995d716d5576bb664bca0 2059 
adobe-flashplugin_20191113.1-0ubuntu0.16.04.1.dsc
 884c2ea04d7a1f98d1019ab1d24bf01f503077fd 8080 
adobe-flashplugin_20191113.1-0ubuntu0.16.04.1.diff.gz
 0ca9da77419f6850d859e2ec19884f2014451728 9672 
adobe-flashplugin_20191113.1-0ubuntu0.16.04.1_source.buildinfo
Checksums-Sha256:
 727ad2cd549365ab2fe3f7cf16eeedc9ca7128c8824fcea3d0e4f23070afea9a 2059 
adobe-flashplugin_20191113.1-0ubuntu0.16.04.1.dsc
 ba3b5a550a225eece3b4abe42516e027e84b57524a24251a1ebf82d93815fd58 8080 
adobe-flashplugin_20191113.1-0ubuntu0.16.04.1.diff.gz
 82d80568ab66369c8d34bfccba349c4ba167e587b8e38b8cc9ac28eece9ab8f1 9672 
adobe-flashplugin_20191113.1-0ubuntu0.16.04.1_source.buildinfo
Files:
 d23bbd5c31091bae1508628a050ece93 2059 partner/web optional 
adobe-flashplugin_20191113.1-0ubuntu0.16.04.1.dsc
 12d063eec7719bce3b0201b827e93f45 8080 partner/web optional 
adobe-flashplugin_20191113.1-0ubuntu0.16.04.1.diff.gz
 3b1e43fd399f559a7ef3ba6c1f178e9b 9672 partner/web optional 
adobe-flashplugin_20191113.1-0ubuntu0.16.04.1_source.buildinfo
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] chromium-browser 78.0.3904.108-0ubuntu0.16.04.1 (Accepted)

[Chris Coulson]

chromium-browser (78.0.3904.108-0ubuntu0.16.04.1) xenial; urgency=medium

  * Upstream release: 78.0.3904.108 (LP: #1853149)
- CVE-2019-13723: Use-after-free in Bluetooth.
- CVE-2019-13724: Out-of-bounds access in Bluetooth.
  * debian/patches/suppress-newer-clang-warning-flags.patch: refreshed

Date: 2019-11-19 15:31:14.512880+00:00
Changed-By: Olivier Tilloy 
Signed-By: Chris Coulson 
https://launchpad.net/ubuntu/+source/chromium-browser/78.0.3904.108-0ubuntu0.16.04.1
Sorry, changesfile not available.-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes