[ubuntu/xenial-security] xrdp 0.6.1-2ubuntu0.3 (Accepted)

xrdp (0.6.1-2ubuntu0.3) xenial-security; urgency=medium * SECURITY REGRESSION: Fix conection problem (LP: #1811122). Date: 2019-01-17 12:18:28.177688+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/xrdp/0.6.1-2ubuntu0.3 Sorry, changesfile not available.-- Xenial

[ubuntu/xenial-security] xrdp 0.6.1-2ubuntu0.1 (Accepted)

to rfbEncryptBytes - debian/patches/CVE-2013-1430-6.patch: sesman, xrdp: const, spacing changes - CVE-2013-1430 Date: 2019-01-08 21:36:13.640106+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/xrdp/0.6.1-2ubuntu0.1 Sorry, changesfile not available.-- Xenial

[ubuntu/xenial-security] gpac 0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1 (Accepted)

checks on gf_text_get_utf8_line - CVE-2018-7752 - CVE-2018-13005 - CVE-2018-13006 - CVE-2018-20760 - CVE-2018-20761 - CVE-2018-20762 - CVE-2018-20763 - CVE-2018-1000100 Date: 2019-03-27 18:58:12.770959+00:00 Changed-By: Paulo Flabiano Smorigo https

[ubuntu/xenial-security] postgis 2.2.1+dfsg-2ubuntu0.1 (Accepted)

:19:54.412126+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/postgis/2.2.1+dfsg-2ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo

[ubuntu/xenial-security] sqlite3 3.11.0-1ubuntu1.1 (Accepted)

. (LP: #1814869) - d/p/0002-Better-error-message-text-when-the-schema-is-corrupt.patch: Better message and additional checks. - No CVE associated. Date: 2019-02-21 15:47:15.127180+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/sqlite3/3.11.0-1ubuntu1.1

[ubuntu/xenial-security] lighttpd 1.4.35-4ubuntu2.1 (Accepted)

lighttpd (1.4.35-4ubuntu2.1) xenial-security; urgency=medium * SECURITY UPDATE: Fix vulnerability in HTTPoxy. - debian/patches/CVE-2016-1000212.patch: Mitigation for HTTPoxy vulnerability. - CVE-2016-1000212 Date: 2019-01-31 17:18:19.590691+00:00 Changed-By: Paulo Flabiano

[ubuntu/xenial-security] znc 1.6.3-1ubuntu0.2 (Accepted)

code execution and privilege escalation. - CVE-2019-12816 Date: 2019-06-27 18:27:13.411464+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/znc/1.6.3-1ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com

[ubuntu/xenial-security] kde4libs 4:4.14.16-0ubuntu3.3 (Accepted)

execute code (LP: #1839432). - debian/patches/CVE-2019-14744.patch: remove support for $(...) in config keys with [$e] marker. - CVE-2019-14744 Date: 2019-08-15 22:31:14.485866+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/kde4libs/4:4.14.16-0ubuntu3.3

[ubuntu/xenial-security] ansible 2.0.0.2-2ubuntu1.2 (Accepted)

: Don't pass ssh_key_passphrase on command line. - CVE-2018-16837 Date: 2019-07-16 15:11:13.706260+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/ansible/2.0.0.2-2ubuntu1.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] ansible 2.0.0.2-2ubuntu1.3 (Accepted)

information disclosure in log and command line. - debian/patches/CVE-2018-16837.patch: user: Don't pass ssh_key_passphrase on command line. - CVE-2018-16837 Date: 2019-07-18 20:46:13.140447+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/ansible/2.0.0.2

[ubuntu/xenial-security] redmine 3.2.1-2ubuntu0.2 (Accepted)

-18890 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18890 - Redmine Defect #32374 Date: 2019-11-21 23:03:13.975465+00:00 Changed-By: Lucas Kanashiro Signed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/redmine/3.2.1-2ubuntu0.2 Sorry, changesfile not available

[ubuntu/xenial-security] mbedtls 2.2.1-2ubuntu0.3 (Accepted)

Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/mbedtls/2.2.1-2ubuntu0.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] kamailio 4.3.4-1.1ubuntu2.1 (Accepted)

kamailio (4.3.4-1.1ubuntu2.1) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2018-8828.patch: tmx: allocate space to store ending 0 for branch value - CVE-2018-8828 Date: 2020-01-15 18:46:14.528058+00:00 Changed-By: Paulo Flabiano Smorigo

[ubuntu/xenial-security] edk2 0~20160408.ffea0a2c-2ubuntu0.1 (Accepted)

:14.728851+00:00 Changed-By: dann frazier Signed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/edk2/0~20160408.ffea0a2c-2ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/xenial-security] sa-exim 4.2.1-14+deb8u1build0.16.04.1 (Accepted)

sa-exim (4.2.1-14+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-15 14:57:13.557803+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Magnus Holmgren https://launchpad.net/ubuntu/+source/sa-exim/4.2.1-14+deb8u1build0.16.04.1 Sorry, changesfile

[ubuntu/xenial-security] storebackup 3.2.1-1+deb8u1build0.16.04.1 (Accepted)

storebackup (3.2.1-1+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-15 15:30:12.781750+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Ryan Niebur https://launchpad.net/ubuntu/+source/storebackup/3.2.1-1+deb8u1build0.16.04.1 Sorry

[ubuntu/xenial-security] libemail-address-list-perl 0.05-1+deb9u1build0.16.04.1 (Accepted)

libemail-address-list-perl (0.05-1+deb9u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-15 17:18:11.436805+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/libemail-address-list-perl/0.05-1+deb9u1build0.16.04.1 Sorry

[ubuntu/xenial-security] libofx 1:0.9.10-1+deb8u2build0.16.04.1 (Accepted)

::startElement (Closes: #924350). Date: 2020-09-15 17:31:13.196922+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Sébastien Villemot https://launchpad.net/ubuntu/+source/libofx/1:0.9.10-1+deb8u2build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] luajit 2.0.4+dfsg-1+deb9u1build0.16.04.1 (Accepted)

luajit (2.0.4+dfsg-1+deb9u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-14 19:21:12.375403+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: gares https://launchpad.net/ubuntu/+source/luajit/2.0.4+dfsg-1+deb9u1build0.16.04.1 Sorry, changesfile

[ubuntu/xenial-security] ncmpc 0.24-1+deb8u1build0.16.04.1 (Accepted)

ncmpc (0.24-1+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-14 19:42:12.844026+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Sebastian Harl https://launchpad.net/ubuntu/+source/ncmpc/0.24-1+deb8u1build0.16.04.1 Sorry, changesfile

[ubuntu/xenial-security] pure-ftpd 1.0.36-3.2+deb8u1build0.16.04.1 (Accepted)

pure-ftpd (1.0.36-3.2+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-14 20:45:12.658663+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Stefan Hornburg (Racke) https://launchpad.net/ubuntu/+source/pure-ftpd/1.0.36-3.2+deb8u1build0.16.04.1

[ubuntu/xenial-security] apng2gif 1.5-3+deb8u1build0.16.04.1 (Accepted)

apng2gif (1.5-3+deb8u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-09-14 20:30:13.057149+00:00 Changed-By: Paulo Flabiano Smorigo Maintainer: Jari Aalto https://launchpad.net/ubuntu/+source/apng2gif/1.5-3+deb8u1build0.16.04.1 Sorry, changesfile

[ubuntu/xenial-security] newsbeuter 2.9-3ubuntu0.1 (Accepted)

the actual color commands in the docs to improve readablility. - debian/patches/201-german-l10n-revision.patch: Revised german translation. Date: 2020-10-05 19:48:21.251049+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/newsbeuter/2.9-3ubuntu0.1 Sorry

[ubuntu/xenial-security] italc 1:2.0.2+dfsg1-4ubuntu0.1 (Accepted)

ian/patches/libvncclient_CVE-2018-20024.patch: null pointer dereference in VNC client code that can result DoS. - CVE-2018-20024 Date: 2020-10-07 20:09:13.261726+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/italc/1:2.0.2+dfsg1-4ubuntu0.1 Sorry, changesf

[ubuntu/xenial-security] htmlunit 2.8-1ubuntu2.1 (Accepted)

: disable java access to avoid execution of arbitrary (java) code. - CVE-2020-5529 Date: 2020-10-09 20:13:14.303347+00:00 Changed-By: Eduardo Barretto Signed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/htmlunit/2.8-1ubuntu2.1 Sorry, changesfile not available.-- Xenial-changes

[ubuntu/xenial-security] docker.io 18.09.7-0ubuntu1~16.04.6 (Accepted)

docker.io (18.09.7-0ubuntu1~16.04.6) xenial-security; urgency=medium * SECURITY UPDATE: Sensitive information disclosure - debian/patches/CVE-2020-15157.patch: Improve fetch function. - CVE-2020-15157 Date: 2020-10-14 19:22:12.993172+00:00 Changed-By: Paulo Flabiano Smorigo https

[ubuntu/xenial-security] containerd 1.2.6-0ubuntu1~16.04.4 (Accepted)

Flabiano Smorigo https://launchpad.net/ubuntu/+source/containerd/1.2.6-0ubuntu1~16.04.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] gnuplot 4.6.6-3ubuntu0.1 (Accepted)

:17.282125+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/gnuplot/4.6.6-3ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial

[ubuntu/xenial-security] tika 1.5-4ubuntu0.1 (Accepted)

Flabiano Smorigo https://launchpad.net/ubuntu/+source/tika/1.5-4ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] miniupnpd 1.8.20140523-4.1+deb9u2build0.16.04.1 (Accepted)

not affected by CVE-2019-12111. (Closes: #930050). Date: 2020-09-22 14:39:13.288036+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/miniupnpd/1.8.20140523-4.1+deb9u2build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] libpgf 6.14.12-3.1ubuntu0.1 (Accepted)

-free in Decoder. - CVE-2015-6673 Date: 2020-09-26 01:44:13.006312+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/libpgf/6.14.12-3.1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings

[ubuntu/xenial-security] salt 2015.8.8+ds-1ubuntu0.1 (Accepted)

-11651_11652_1.patch: Checks and sanitization. - debian/patches/CVE-2020-11651_11652_2.patch: Adding in missing fixes. - CVE-2019-17361 - CVE-2020-11651 - CVE-2020-11652 Date: 2020-08-13 17:20:16.162366+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/salt

[ubuntu/xenial-security] coturn 4.5.0.3-1ubuntu0.4 (Accepted)

coturn (4.5.0.3-1ubuntu0.4) xenial-security; urgency=medium * SECURITY UPDATE: Unsafe loopback interface - debian/patches/CVE-2020-26262.patch: Add check if address is in 0.0.0.0/8 or ::/128. - CVE-2020-26262 Date: 2021-01-08 14:34:09.193206+00:00 Signed-By: Paulo Flabiano

[ubuntu/xenial-security] squirrelmail 2:1.4.23~svn20120406-2+deb8u3ubuntu0.16.04.2 (Accepted)

: 2020-12-09 20:46:15.601959+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/squirrelmail/2:1.4.23~svn20120406-2+deb8u3ubuntu0.16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-security] containerd 1.2.6-0ubuntu1~16.04.5 (Accepted)

-shim. - CVE-2020-15257 Date: 2020-11-26 19:35:19.113428+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/containerd/1.2.6-0ubuntu1~16.04.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings

[ubuntu/xenial-security] slirp 1:1.0.17-8ubuntu16.04.1 (Accepted)

() helpers - CVE-2020-7039 - CVE-2020-8608 Date: 2020-11-12 17:28:15.065248+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/slirp/1:1.0.17-8ubuntu16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify

[ubuntu/xenial-security] libytnef 1.5-9ubuntu0.1 (Accepted)

-6802 Date: 2020-10-29 23:35:14.131812+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/libytnef/1.5-9ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com

[ubuntu/xenial-security] flightgear 3.4.0-3ubuntu1.1 (Accepted)

Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/flightgear/3.4.0-3ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] netty-3.9 3.9.0.Final-1ubuntu0.1 (Accepted)

te: 2020-10-21 19:41:21.086524+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/netty-3.9/3.9.0.Final-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubun

[ubuntu/xenial-security] netqmail 1.06-6.2~deb10u1build0.16.04.1 (Accepted)

netqmail (1.06-6.2~deb10u1build0.16.04.1) xenial-security; urgency=medium * fake sync from Debian Date: 2020-11-05 13:36:14.373121+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/netqmail/1.06-6.2~deb10u1build0.16.04.1 Sorry, changesfile not available.-- Xenial

[ubuntu/xenial-security] ampache 3.6-rzb2779+dfsg-0ubuntu9.2 (Accepted)

- CVE-2019-12386 Date: 2021-01-14 16:03:09.733740+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/ampache/3.6-rzb2779+dfsg-0ubuntu9.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-security] minidlna 1.1.5+dfsg-2ubuntu0.1 (Accepted)

-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/minidlna/1.1.5+dfsg-2ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] junit4 4.12-4ubuntu1.1 (Accepted)

junit4 (4.12-4ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: Exposure of Sensitive Information - debian/patches/CVE-2020-15250.patch: fix local information disclosure vulnerability. - CVE-2020-15250 Date: 2021-02-10 15:53:09.265986+00:00 Changed-By: Paulo Flabiano

[ubuntu/xenial-security] libjackson-json-java 1.9.2-7ubuntu0.2 (Accepted)

Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/libjackson-json-java/1.9.2-7ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] containerd 1.2.6-0ubuntu1~16.04.6+esm1 (Accepted)

for shims and use path-based unix socket for containerd-shim. - CVE-2020-15257 Date: 2022-02-25 20:45:10.576240+00:00 Changed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/containerd/1.2.6-0ubuntu1~16.04.6+esm1 Sorry, changesfile not available.-- Xenial-changes mailing list