[ubuntu/xenial-security] squid3 3.5.12-1ubuntu7.12 (Accepted)

2020-08-03 Thread Marc Deslauriers
for the backports this update is based on. Date: 2020-07-30 12:06:13.537825+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/squid3/3.5.12-1ubuntu7.12 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-security] librsvg 2.40.13-3ubuntu0.2 (Accepted)

2020-07-29 Thread Marc Deslauriers
:19.472021+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/librsvg/2.40.13-3ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] pinba-engine-mysql 1.1.0-1ubuntu1.17 (Accepted)

2020-07-28 Thread Marc Deslauriers
pinba-engine-mysql (1.1.0-1ubuntu1.17) xenial-security; urgency=medium * Rebuild against mysql 5.7.31. Date: 2020-07-28 14:57:13.696229+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/pinba-engine-mysql/1.1.0-1ubuntu1.17 Sorry, changesfile not available.-- Xenial

[ubuntu/xenial-security] mysql-5.7 5.7.31-0ubuntu0.16.04.1 (Accepted)

2020-07-28 Thread Marc Deslauriers
Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.31-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] librsvg 2.40.13-3ubuntu0.1 (Accepted)

2020-07-27 Thread Marc Deslauriers
-*.patch: multiple upstream commits. - debian/librsvg2-2.symbols: added new symbol. - CVE-2019-20446 Date: 2020-07-23 17:48:35.344426+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/librsvg/2.40.13-3ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes

[ubuntu/xenial-security] clamav 0.102.4+dfsg-0ubuntu0.16.04.1 (Accepted)

2020-07-27 Thread Marc Deslauriers
15:15:14.378002+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman

[ubuntu/xenial-security] pillow 3.1.2-0ubuntu1.4 (Accepted)

2020-07-22 Thread Marc Deslauriers
-2020-10994-1.patch: fix for OOB Read in src/libImaging/Jpeg2KDecode.c. - debian/patches/CVE-2020-10994-2.patch: fix typo in src/libImaging/Jpeg2KDecode.c. - CVE-2020-10994 Date: 2020-07-07 18:23:22.552860+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source

[ubuntu/xenial-security] evolution-data-server 3.18.5-1ubuntu1.3 (Accepted)

2020-07-22 Thread Marc Deslauriers
Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/evolution-data-server/3.18.5-1ubuntu1.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] openexr 2.2.0-10ubuntu2.3 (Accepted)

2020-07-06 Thread Marc Deslauriers
, IlmImf/ImfMultiPartOutputFile.cpp. - CVE-2020-15306 Date: 2020-07-01 18:40:17.743010+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/openexr/2.2.0-10ubuntu2.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings

[ubuntu/xenial-security] nss 2:3.28.4-0ubuntu0.16.04.12 (Accepted)

2020-07-06 Thread Marc Deslauriers
, nss/lib/freebl/mpi/mplogic.c. - CVE-2020-12402 Date: 2020-06-22 18:52:13.551579+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.12 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings

[ubuntu/xenial-security] glibc 2.23-0ubuntu11.2 (Accepted)

2020-07-06 Thread Marc Deslauriers
branch. (LP: #1663280) Date: 2020-06-05 14:36:40.747823+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/glibc/2.23-0ubuntu11.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/xenial-security] nfs-utils 1:1.2.8-9ubuntu12.3 (Accepted)

2020-06-22 Thread Marc Deslauriers
. - debian/nfs-common.postinst: don't make /var/lib/nfs owned by statd. - CVE-2019-3689 Date: 2020-06-09 12:53:23.067192+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/nfs-utils/1:1.2.8-9ubuntu12.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial

[ubuntu/xenial-security] dbus 1.10.6-1ubuntu3.6 (Accepted)

2020-06-16 Thread Marc Deslauriers
-timeout-restarts.patch - d/p/DBusMainLoop-ensure-all-required-timeouts-are-restar.patch Date: 2020-06-11 20:02:13.746113+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/dbus/1.10.6-1ubuntu3.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] nss 2:3.28.4-0ubuntu0.16.04.11 (Accepted)

2020-06-16 Thread Marc Deslauriers
:15.284810+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.11 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] sqlite3 3.11.0-1ubuntu1.5 (Accepted)

2020-06-10 Thread Marc Deslauriers
- debian/patches/CVE-2020-13632.patch: fix issue in ext/fts3/fts3_snippet.c, test/fts3matchinfo2.test. - CVE-2020-13632 Date: 2020-06-09 11:23:14.057246+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/sqlite3/3.11.0-1ubuntu1.5 Sorry, changesfile not available.-- Xeni

[ubuntu/xenial-security] freerdp 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4 (Accepted)

2020-06-04 Thread Marc Deslauriers
-2020-11048, CVE-2020-11049, CVE-2020-11058, CVE-2020-11521, CVE-2020-11522, CVE-2020-11523, CVE-2020-11525, CVE-2020-11526, CVE-2020-13396, CVE-2020-13397, CVE-2020-13398 Date: 2020-06-03 15:50:15.816986+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source

[ubuntu/xenial-security] python-django 1.8.7-1ubuntu5.13 (Accepted)

2020-06-03 Thread Marc Deslauriers
/widgets.py. - CVE-2020-13596 Date: 2020-05-29 12:36:21.019179+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.13 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-security] ca-certificates 20190110~16.04.1 (Accepted)

2020-06-01 Thread Marc Deslauriers
) xenial; urgency=medium * Add ca-certificates udeb package (LP: #1807023) Date: 2020-06-01 12:40:14.873545+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/ca-certificates/20190110~16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] openssl 1.0.2g-1ubuntu4.16 (Accepted)

2020-05-28 Thread Marc Deslauriers
oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey in crypto/cms/cms_env.c, crypto/cms/cms_lcl.h, crypto/cms/cms_smime.c, crypto/pkcs7/pk7_doit.c. - CVE-2019-1563 Date: 2020-05-27 20:12:44.535188+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/openssl

[ubuntu/xenial-security] qemu 1:2.5+dfsg-5ubuntu10.44 (Accepted)

2020-05-21 Thread Marc Deslauriers
-20382 * SECURITY UPDATE: use-after-free in ip_reass() - debian/patches/ubuntu/CVE-2020-1983.patch: fix buffer handling in slirp/ip_input.c. - CVE-2020-1983 Date: 2020-05-14 18:06:18.493220+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/qemu/1:2.5+dfsg

[ubuntu/xenial-security] clamav 0.102.3+dfsg-0ubuntu0.16.04.1 (Accepted)

2020-05-21 Thread Marc Deslauriers
:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] bind9 1:9.10.3.dfsg.P4-8ubuntu1.16 (Accepted)

2020-05-19 Thread Marc Deslauriers
: #1797926) Date: 2020-05-15 13:32:19.115221+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-8ubuntu1.16 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/xenial-security] json-c 0.11-4ubuntu2.5 (Accepted)

2020-05-15 Thread Marc Deslauriers
json-c (0.11-4ubuntu2.5) xenial-security; urgency=medium * Don't call telinit from the postinst when running on upstart systems if upgrading from 0.11-4ubuntu2.1. Date: 2020-05-15 16:39:14.580144+00:00 Changed-By: Chris Coulson Signed-By: Marc Deslauriers https://launchpad.net/ubuntu

[ubuntu/xenial-security] file 1:5.25-2ubuntu1.4 (Accepted)

2020-05-13 Thread Marc Deslauriers
file (1:5.25-2ubuntu1.4) xenial-security; urgency=medium * SECURITY REGRESSION: truncated interpreter name (LP: #1835596) - debian/patches/CVE-2019-8905_8907.patch: updated to use correct length in src/readelf.c. Date: 2020-05-12 14:05:47.208615+00:00 Changed-By: Marc Deslauriers

[ubuntu/xenial-security] squid3 3.5.12-1ubuntu7.11 (Accepted)

2020-05-13 Thread Marc Deslauriers
UPDATE: Digest Authentication nonce replay issue - debian/patches/CVE-2020-11945.patch: fix auth digest refcount integer overflow in src/auth/digest/Config.cc. - CVE-2020-11945 Date: 2020-05-07 19:00:18.231653+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/squid3

[ubuntu/xenial-security] openldap 2.4.42+dfsg-2ubuntu3.8 (Accepted)

2020-05-06 Thread Marc Deslauriers
) xenial; urgency=medium * d/p/rwm-do-not-free-original-filter.patch: Fix slapd segfault (LP: #1838370) Date: 2020-05-03 16:27:15.249607+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/openldap/2.4.42+dfsg-2ubuntu3.8 Sorry, changesfile not available.-- Xenial-changes mailing

[ubuntu/xenial-security] linux-firmware 1.157.23 (Accepted)

2020-05-06 Thread Marc Deslauriers
) - linux-firmware: Update firmware file for Intel Bluetooth,9560 Date: 2020-04-28 12:50:17.754313+00:00 Changed-By: Juerg Haefliger Signed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/linux-firmware/1.157.23 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] mysql-5.7 5.7.30-0ubuntu0.16.04.1 (Accepted)

2020-05-04 Thread Marc Deslauriers
, no longer needed * Use bundled libedit, as new version no longer builds with one in Xenial - debian/control: remove libedit-dev Build-Depends. - debian/rules: remove -DWITH_EDITLINE=system. Date: 2020-04-30 14:20:16.221366+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source

[ubuntu/xenial-security] pinba-engine-mysql 1.1.0-1ubuntu1.16 (Accepted)

2020-05-04 Thread Marc Deslauriers
pinba-engine-mysql (1.1.0-1ubuntu1.16) xenial-security; urgency=medium * Rebuild against mysql 5.7.30. Date: 2020-04-30 17:15:22.859043+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/pinba-engine-mysql/1.1.0-1ubuntu1.16 Sorry, changesfile not available.-- Xenial

[ubuntu/xenial-security] samba 2:4.3.11+dfsg-0ubuntu0.16.04.27 (Accepted)

2020-04-29 Thread Marc Deslauriers
.patch: move option to appropriate location in lib/param/loadparm.c. - debian/patches/CVE-2020-10704-7.patch: add new options to param_table in lib/param/param_table.c. Date: 2020-04-29 12:30:15.242466+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/samba/2

[ubuntu/xenial-security] samba 2:4.3.11+dfsg-0ubuntu0.16.04.26 (Accepted)

2020-04-28 Thread Marc Deslauriers
request lengths in lib/util/asn1.c, lib/util/asn1.h, libcli/ldap/ldap_message.c. - CVE-2020-10704 Date: 2020-04-23 13:26:15.964379+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.26 Sorry, changesfile not available.-- Xenial-changes

[ubuntu/xenial-security] cups 2.1.3-4ubuntu0.11 (Accepted)

2020-04-27 Thread Marc Deslauriers
- debian/patches/CVE-2020-3898.patch: properly handle invalid resolution names in cups/ppd.c, ppdc/ppdc-source.cxx. - CVE-2020-3898 Date: 2020-04-24 18:50:15.685994+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/cups/2.1.3-4ubuntu0.11 Sorry, changesfile

[ubuntu/xenial-security] openexr 2.2.0-10ubuntu2.2 (Accepted)

2020-04-27 Thread Marc Deslauriers
-2020-11761 - CVE-2020-11762 - CVE-2020-11763 - CVE-2020-11764 - CVE-2020-11765 Date: 2020-04-24 13:12:17.901019+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/openexr/2.2.0-10ubuntu2.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial

[ubuntu/xenial-security] git 1:2.7.4-0ubuntu1.9 (Accepted)

2020-04-21 Thread Marc Deslauriers
t/t7416-submodule-dash-url.sh. - debian/patches/CVE-2020-11008-9.patch: reject URL with empty host in .gitmodules in fsck.c, t/t7416-submodule-dash-url.sh. - CVE-2020-11008 Date: 2020-04-20 20:09:18.591313+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/g

[ubuntu/xenial-security] git 1:2.7.4-0ubuntu1.8 (Accepted)

2020-04-14 Thread Marc Deslauriers
with embedded newlines in fsck.c, t/t7416-submodule-dash-url.sh. - CVE-2020-5260 Date: 2020-04-10 17:45:15.329126+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/git/1:2.7.4-0ubuntu1.8 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] libiberty 20160215-1ubuntu0.3 (Accepted)

2020-04-08 Thread Marc Deslauriers
-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libiberty/20160215-1ubuntu0.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] bluez 5.37-0ubuntu5.3 (Accepted)

2020-03-30 Thread Marc Deslauriers
in profiles/input/hog.c. - debian/patches/CVE-2020-0556-4.patch: add LEAutoSecurity setting to input.conf in profiles/input/device.h, profiles/input/hog.c, profiles/input/input.conf, profiles/input/manager.c. - CVE-2020-0556 Date: 2020-03-30 17:10:51.010196+00:00 Changed-By: Marc

[ubuntu/xenial-security] twisted 16.0.0-1ubuntu0.4 (Accepted)

2020-03-19 Thread Marc Deslauriers
. - CVE-2020-10108 - CVE-2020-10109 Date: 2020-03-19 12:31:15.747520+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/twisted/16.0.0-1ubuntu0.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-security] sqlite3 3.11.0-1ubuntu1.4 (Accepted)

2020-03-10 Thread Marc Deslauriers
, test/with3.test. - debian/patches/CVE-2019-20218.patch: do not attempt to unwind the WITH stack in the Parse object following an error in src/select.c, test/altertab3.test. - CVE-2019-20218 Date: 2020-03-03 15:28:31.413149+00:00 Changed-By: Marc Deslauriers https://launchpad.net

[ubuntu/xenial-security] python-django 1.8.7-1ubuntu5.12 (Accepted)

2020-03-04 Thread Marc Deslauriers
/models/aggregates.py, tests/gis_tests/distapp/tests.py, tests/gis_tests/geoapp/tests.py. - CVE-2020-9402 Date: 2020-02-28 19:43:24.330366+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.12 Sorry, changesfile not available.-- Xenial

[ubuntu/xenial-security] libpam-radius-auth 1.3.17-0ubuntu4.1 (Accepted)

2020-02-24 Thread Marc Deslauriers
-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libpam-radius-auth/1.3.17-0ubuntu4.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] squid3 3.5.12-1ubuntu7.10 (Accepted)

2020-02-20 Thread Marc Deslauriers
-2020-8517 Date: 2020-02-19 19:23:15.762451+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/squid3/3.5.12-1ubuntu7.10 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com

[ubuntu/xenial-security] ppp 2.4.7-1+2ubuntu1.16.04.2 (Accepted)

2020-02-20 Thread Marc Deslauriers
ppp (2.4.7-1+2ubuntu1.16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: rhostname buffer overflow - debian/patches/CVE-2020-8597.patch: fix bounds check in EAP code in pppd/eap.c. - CVE-2020-8597 Date: 2020-02-11 15:38:15.982636+00:00 Changed-By: Marc Deslauriers https

[ubuntu/xenial-security] qemu 1:2.5+dfsg-5ubuntu10.43 (Accepted)

2020-02-18 Thread Marc Deslauriers
snprintf() usages in slirp/tcp_subr.c. - CVE-2020-8608 Date: 2020-02-14 15:15:24.189182+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/qemu/1:2.5+dfsg-5ubuntu10.43 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify

[ubuntu/xenial-security] clamav 0.102.2+dfsg-0ubuntu0.16.04.1 (Accepted)

2020-02-18 Thread Marc Deslauriers
. clamav (0.102.1+dfsg-0ubuntu0.16.04.3) xenial; urgency=medium * d/clamav-daemon.config.in: Correct error from ScanOnAccess option removal so that setting LogFile options via DebConf works again (Closes: #950296) (LP: #1860217) Date: 2020-02-11 14:45:30.008772+00:00 Changed-By: Marc

[ubuntu/xenial-security] qtbase-opensource-src 5.5.1+dfsg-16ubuntu7.7 (Accepted)

2020-02-10 Thread Marc Deslauriers
loads plugins from the CWD - debian/patches/CVE-2020-0569.patch: do not load plugin from the $PWD in src/corelib/plugin/qpluginloader.cpp. - CVE-2020-0569 Date: 2020-02-09 18:47:15.279014+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/qtbase-opensource-src

[ubuntu/xenial-security] python-reportlab 3.3.0-1ubuntu0.1 (Accepted)

2020-02-06 Thread Marc Deslauriers
Date: 2020-01-28 14:33:15.518264+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python-reportlab/3.3.0-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com

[ubuntu/xenial-security] systemd 229-4ubuntu21.27 (Accepted)

2020-02-05 Thread Marc Deslauriers
-is-active.patch - Backport upstream PR#7997 to fix alias service reports inactive while aliased is active (LP: #1828892) Date: 2020-02-05 13:46:02.736063+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/systemd/229-4ubuntu21.27 Sorry, changesfile not available

[ubuntu/xenial-security] spamassassin 3.4.2-0ubuntu0.16.04.3 (Accepted)

2020-02-04 Thread Marc Deslauriers
logic in lib/Mail/SpamAssassin/Conf.pm, lib/Mail/SpamAssassin/Constants.pm. - CVE-2020-1930 - CVE-2020-1931 * Thanks to Debian for the patches. Date: 2020-02-04 13:30:55.934070+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/spamassassin/3.4.2

[ubuntu/xenial-security] sudo 1.8.16-0ubuntu1.9 (Accepted)

2020-02-03 Thread Marc Deslauriers
sudo (1.8.16-0ubuntu1.9) xenial-security; urgency=medium * SECURITY UPDATE: buffer overflow in sudo when pwfeedback is enabled - debian/patches/CVE-2019-18634.patch: fix overflow in src/tgetpass.c. - CVE-2019-18634 Date: 2020-01-31 18:34:23.349151+00:00 Changed-By: Marc Deslauriers

[ubuntu/xenial-security] tcpdump 4.9.3-0ubuntu0.16.04.1 (Accepted)

2020-01-27 Thread Marc Deslauriers
, CVE-2018-16300, CVE-2018-16451, CVE-2018-16452, CVE-2018-19519, CVE-2019-1010220, CVE-2019-15166, CVE-2019-15167 Date: 2020-01-24 13:58:14.313314+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/tcpdump/4.9.3-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial

[ubuntu/xenial-security] tomcat8 8.0.32-1ubuntu1.11 (Accepted)

2020-01-27 Thread Marc Deslauriers
/apache/catalina/authenticator/FormAuthenticator.java. - CVE-2019-17563 Date: 2020-01-24 18:43:14.062219+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/tomcat8/8.0.32-1ubuntu1.11 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] pinba-engine-mysql 1.1.0-1ubuntu1.15 (Accepted)

2020-01-27 Thread Marc Deslauriers
pinba-engine-mysql (1.1.0-1ubuntu1.15) xenial-security; urgency=medium * Rebuild against mysql 5.7.29. Date: 2020-01-21 22:07:14.253401+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/pinba-engine-mysql/1.1.0-1ubuntu1.15 Sorry, changesfile not available.-- Xenial

[ubuntu/xenial-security] mysql-5.7 5.7.29-0ubuntu0.16.04.1 (Accepted)

2020-01-27 Thread Marc Deslauriers
:15.374423+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.29-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial

[ubuntu/xenial-security] gnutls28 3.4.10-4ubuntu1.7 (Accepted)

2020-01-23 Thread Marc Deslauriers
. - debian/patches/allow_sha1_priority_string.patch: introduce the %VERIFY_ALLOW_SIGN_WITH_SHA1 priority string option. Date: 2020-01-23 15:16:22.176389+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.7 Sorry, changesfile not available

[ubuntu/xenial-security] python-apt 1.1.0~beta1ubuntu0.16.04.8 (Accepted)

2020-01-22 Thread Marc Deslauriers
python-apt (1.1.0~beta1ubuntu0.16.04.8) xenial-security; urgency=medium * SECURITY REGRESSION: crash with ubuntu-release-upgrader (LP: #1860606) - apt/cache.py: make allow_unauthenticated argument to fetch_archives() optional. Date: 2020-01-22 22:22:13.688492+00:00 Changed-By: Marc

[ubuntu/xenial-security] python-apt 1.1.0~beta1ubuntu0.16.04.7 (Accepted)

2020-01-22 Thread Marc Deslauriers
ssions: - Adjustments to test suite and CI to fix CI regressions - Automatic mirror list update Date: 2020-01-16 15:25:21.578157+00:00 Changed-By: Julian Andres Klode Signed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python-apt/1.1.0~beta1ubuntu0.16.04.7 Sorry, changesfile not ava

[ubuntu/xenial-security] aptdaemon 1.1.1+bzr982-0ubuntu14.2 (Accepted)

2020-01-22 Thread Marc Deslauriers
aptdaemon (1.1.1+bzr982-0ubuntu14.2) xenial-security; urgency=medium * Fix compatibility with python-apt security update (LP: #1858973) Date: 2020-01-16 13:45:20.513502+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/aptdaemon/1.1.1+bzr982-0ubuntu14.2 Sorry

[ubuntu/xenial-security] samba 2:4.3.11+dfsg-0ubuntu0.16.04.25 (Accepted)

2020-01-21 Thread Marc Deslauriers
-14907-2.patch: do not print the failed to convert string into the logs. - CVE-2019-14907 Date: 2020-01-17 15:42:19.226723+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.25 Sorry, changesfile not available.-- Xenial-changes mailing

[ubuntu/xenial-security] libgcrypt20 1.6.5-2ubuntu0.6 (Accepted)

2020-01-14 Thread Marc Deslauriers
-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libgcrypt20/1.6.5-2ubuntu0.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] spamassassin 3.4.2-0ubuntu0.16.04.2 (Accepted)

2020-01-13 Thread Marc Deslauriers
: limit checked mime parts. - CVE-2019-12420 * Thanks to Debian for the patches. Date: 2020-01-10 17:45:14.063225+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/spamassassin/3.4.2-0ubuntu0.16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial

[ubuntu/xenial-security] nginx 1.10.3-0ubuntu0.16.04.5 (Accepted)

2020-01-13 Thread Marc Deslauriers
Date: 2020-01-10 20:48:14.720548+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/nginx/1.10.3-0ubuntu0.16.04.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com

[ubuntu/xenial-security] gnutls28 3.4.10-4ubuntu1.6 (Accepted)

2020-01-09 Thread Marc Deslauriers
.symbols: added new symbol. Date: 2020-01-08 21:29:13.500525+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/xenial-security] clamav 0.102.1+dfsg-0ubuntu0.16.04.2 (Accepted)

2020-01-08 Thread Marc Deslauriers
: bumped CL_FLEVEL to 112. Date: 2020-01-07 16:41:15.552735+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/clamav/0.102.1+dfsg-0ubuntu0.16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-security] git 1:2.7.4-0ubuntu1.7 (Accepted)

2019-12-10 Thread Marc Deslauriers
, CVE-2019-1387, CVE-2019-19604 Date: 2019-12-09 15:10:43.006257+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/git/1:2.7.4-0ubuntu1.7 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-security] libssh 0.6.3-4.3ubuntu0.5 (Accepted)

2019-12-10 Thread Marc Deslauriers
.patch: quote location to be used on shell in src/scp.c. - CVE-2019-14889 Date: 2019-12-10 16:22:39.154275+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libssh/0.6.3-4.3ubuntu0.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] samba 2:4.3.11+dfsg-0ubuntu0.16.04.24 (Accepted)

2019-12-10 Thread Marc Deslauriers
/patches/CVE-2019-14870-3.patch: heimdal: enforce delegation_not_allowed in S4U2Self. - debian/patches/CVE-2019-14870-4.patch: mit-kdc: enforce delegation_not_allowed flag. - CVE-2019-14870 Date: 2019-11-29 18:43:13.553810+00:00 Changed-By: Marc Deslauriers https://launchpad.net

[ubuntu/xenial-security] squid3 3.5.12-1ubuntu7.9 (Accepted)

2019-12-04 Thread Marc Deslauriers
with BWS after field-name in src/HttpHeader.cc, src/HttpHeader.h. - CVE-2019-18678 - CVE-2019-18679 Date: 2019-11-20 13:43:30.907135+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/squid3/3.5.12-1ubuntu7.9 Sorry, changesfile not available.-- Xenial-changes

[ubuntu/xenial-security] python-psutil 3.4.2-1ubuntu0.1 (Accepted)

2019-11-28 Thread Marc Deslauriers
instead of Py_DECREF in psutil/_psutil_posix.c. - CVE-2019-18874 Date: 2019-11-22 16:00:21.609661+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python-psutil/3.4.2-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] nss 2:3.28.4-0ubuntu0.16.04.8 (Accepted)

2019-11-27 Thread Marc Deslauriers
the changes from 2:3.28.4-0ubuntu0.16.04.7 in xenial-proposed. Date: 2019-11-27 15:47:20.448912+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/nss/2:3.28.4-0ubuntu0.16.04.8 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify

[ubuntu/xenial-security] libvpx 1.5.0-2ubuntu1.1 (Accepted)

2019-11-25 Thread Marc Deslauriers
/decode_api_test.cc. - CVE-2019-9325 * SECURITY UPDATE: memory disclosure issue - debian/patches/CVE-2019-9433.patch: fix use-after-free in vp8/common/postproc.c. - CVE-2019-9433 Date: 2019-11-19 17:41:13.245861+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libvpx

[ubuntu/xenial-security] djvulibre 3.5.27.1-5ubuntu0.1 (Accepted)

2019-11-21 Thread Marc Deslauriers
::filter_fv - debian/patches/CVE-2019-18804.patch: add extra checks to libdjvu/IW44EncodeCodec.cpp, tools/ddjvu.cpp. - CVE-2019-18804 Date: 2019-11-20 16:29:21.382058+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/djvulibre/3.5.27.1-5ubuntu0.1 Sorry, changesfile

[ubuntu/xenial-security] python-ecdsa 0.13-2ubuntu0.16.04.1 (Accepted)

2019-11-18 Thread Marc Deslauriers
:13.639831+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python-ecdsa/0.13-2ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] mysql-5.7 5.7.28-0ubuntu0.16.04.2 (Accepted)

2019-11-18 Thread Marc Deslauriers
AppArmor rules (LP: #1658233). Date: 2019-11-15 13:59:14.091492+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.28-0ubuntu0.16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-security] pinba-engine-mysql 1.1.0-1ubuntu1.14 (Accepted)

2019-11-18 Thread Marc Deslauriers
pinba-engine-mysql (1.1.0-1ubuntu1.14) xenial-security; urgency=medium * Rebuild against mysql 5.7.28. Date: 2019-11-12 18:01:14.623962+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/pinba-engine-mysql/1.1.0-1ubuntu1.14 Sorry, changesfile not available.-- Xenial

[ubuntu/xenial-security] postgresql-common 173ubuntu0.3 (Accepted)

2019-11-14 Thread Marc Deslauriers
; urgency=medium * Convert triggers to noawait (LP: #1780996) Date: 2019-11-13 16:02:19.528450+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/postgresql-common/173ubuntu0.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify

[ubuntu/xenial-security] ghostscript 9.26~dfsg+0-0ubuntu0.16.04.12 (Accepted)

2019-11-14 Thread Marc Deslauriers
-11-06 16:47:15.990248+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.12 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com

[ubuntu/xenial-security] imagemagick 8:6.8.9.9-7ubuntu5.15 (Accepted)

2019-11-14 Thread Marc Deslauriers
-15140, CVE-2019-16708, CVE-2019-16709, CVE-2019-16710, CVE-2019-16711, CVE-2019-16713 * debian/patches/300-disable-ghostscript-formats.patch: also disable PS2 and PS3 content per VU#332928 recommendations. Date: 2019-11-12 12:28:27.000780+00:00 Changed-By: Marc Deslauriers https

[ubuntu/xenial-security] whoopsie 0.2.52.5ubuntu0.3 (Accepted)

2019-10-30 Thread Marc Deslauriers
whoopsie (0.2.52.5ubuntu0.3) xenial-security; urgency=medium * SECURITY REGRESSION: segfault when sending crash report (LP: #1850608) - lib/bson/bson.c: properly initialize value. Date: 2019-10-30 13:44:14.722985+00:00 Changed-By: Marc Deslauriers Maintainer: Evan https://launchpad.net

[ubuntu/xenial-security] file 1:5.25-2ubuntu1.3 (Accepted)

2019-10-30 Thread Marc Deslauriers
-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/file/1:5.25-2ubuntu1.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] samba 2:4.3.11+dfsg-0ubuntu0.16.04.23 (Accepted)

2019-10-29 Thread Marc Deslauriers
- debian/patches/CVE-2019-14847-3.patch: correct behaviour of ranged_results when combined with dirsync in source4/dsdb/samdb/ldb_modules/dirsync.c, source4/dsdb/samdb/ldb_modules/ranged_results.c. - CVE-2019-14847 Date: 2019-10-21 15:12:42.876140+00:00 Changed-By: Marc D

[ubuntu/xenial-security] php7.0 7.0.33-0ubuntu0.16.04.7 (Accepted)

2019-10-28 Thread Marc Deslauriers
php7.0 (7.0.33-0ubuntu0.16.04.7) xenial-security; urgency=medium * SECURITY UPDATE: RCE via env_path_info underflow - debian/patches/CVE-2019-11043.patch: add check in sapi/fpm/fpm/fpm_main.c. - CVE-2019-11043 Date: 2019-10-24 19:35:15.012385+00:00 Changed-By: Marc Deslauriers

[ubuntu/xenial-security] tiff 4.0.6-1ubuntu0.7 (Accepted)

2019-10-17 Thread Marc Deslauriers
in libtiff/tif_getimage.c. - CVE-2019-17546 Date: 2019-10-16 15:17:16.365075+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/tiff/4.0.6-1ubuntu0.7 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-proposed] openscap 1.2.8-1ubuntu0.2 (Accepted)

2019-10-16 Thread Marc Deslauriers
openscap (1.2.8-1ubuntu0.2) xenial; urgency=medium * debian/patches/010-install-cpe-oval.patch: properly install CPE OVAL files. (LP: #1845216) Date: Fri, 04 Oct 2019 10:26:11 -0400 Changed-By: Marc Deslauriers Maintainer: Ubuntu Developers https://launchpad.net/ubuntu/+source/openscap

[ubuntu/xenial-security] libsdl1.2 1.2.15+dfsg1-3ubuntu0.1 (Accepted)

2019-10-15 Thread Marc Deslauriers
-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638, CVE-2019-13616. Date: 2019-10-15 15:17:20.145607+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libsdl1.2/1.2.15+dfsg1-3ubuntu0.1 Sorry

[ubuntu/xenial-security] python2.7 2.7.12-1ubuntu0~16.04.9 (Accepted)

2019-10-09 Thread Marc Deslauriers
/test/test_docxmlrpc.py. Date: 2019-10-08 15:51:14.299319+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python2.7/2.7.12-1ubuntu0~16.04.9 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe

[ubuntu/xenial-security] python3.5 3.5.2-2ubuntu0~16.04.9 (Accepted)

2019-10-09 Thread Marc Deslauriers
/patches/avoid_test_docxmlrpc_race.patch: avoid race in test_docxmlrpc server setup in Lib/test/test_docxmlrpc.py. Date: 2019-10-08 14:13:16.517763+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python3.5/3.5.2-2ubuntu0~16.04.9 Sorry, changesfile not available

[ubuntu/xenial-security] openexr 2.2.0-10ubuntu2.1 (Accepted)

2019-10-07 Thread Marc Deslauriers
- CVE-2018-18444 Date: 2019-10-03 15:40:16.084657+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/openexr/2.2.0-10ubuntu2.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/xenial-security] havp 0.92a-4ubuntu0.16.04.1 (Accepted)

2019-10-02 Thread Marc Deslauriers
:06:14.632818+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/havp/0.92a-4ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial

[ubuntu/xenial-security] dansguardian 2.10.1.1-5.1ubuntu0.16.04.2 (Accepted)

2019-10-02 Thread Marc Deslauriers
11:37:13.593092+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/dansguardian/2.10.1.1-5.1ubuntu0.16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman

[ubuntu/xenial-security] c-icap-modules 1:0.4.2-1ubuntu0.1 (Accepted)

2019-10-02 Thread Marc Deslauriers
12:49:21.003618+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/c-icap-modules/1:0.4.2-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo

[ubuntu/xenial-security] libclamunrar 0.101.2-1~ubuntu0.16.04.1 (Accepted)

2019-10-02 Thread Marc Deslauriers
:13.964884+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libclamunrar/0.101.2-1~ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo

[ubuntu/xenial-security] clamav 0.101.4+dfsg-0ubuntu0.16.04.1 (Accepted)

2019-10-02 Thread Marc Deslauriers
with --with autoreconf. - CVE-2019-12625 - CVE-2019-12900 Date: 2019-09-26 18:42:25.453549+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/clamav/0.101.4+dfsg-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com

[ubuntu/xenial-security] python-clamav 0.4.1-8ubuntu0.16.04.1 (Accepted)

2019-10-02 Thread Marc Deslauriers
. Date: 2019-09-30 13:09:13.433451+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python-clamav/0.4.1-8ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https

[ubuntu/xenial-security] libreoffice 1:5.1.6~rc2-0ubuntu1~xenial10 (Accepted)

2019-09-24 Thread Marc Deslauriers
verification step. - CVE-2019-9854 Date: 2019-09-23 11:51:15.036847+00:00 Changed-By: Marcus Tomlinson Signed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial10 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes

[ubuntu/xenial-security] ibus 1.5.11-1ubuntu2.3 (Accepted)

2019-09-23 Thread Marc Deslauriers
ibus (1.5.11-1ubuntu2.3) xenial-security; urgency=medium * SECURITY UPDATE: ibus regression in Qt applications (LP: #1844853) - debian/patches/CVE-2019-14822.patch: disabled pending further investigation. Date: 2019-09-23 11:49:20.132704+00:00 Changed-By: Marc Deslauriers https

[ubuntu/xenial-security] python2.7 2.7.12-1ubuntu0~16.04.8 (Accepted)

2019-09-09 Thread Marc Deslauriers
: fix FIPS mode environments where MD5 isn't available in Modules/_hashopenssl.c. (LP: #1835135) Date: 2019-08-22 18:35:14.257342+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/python2.7/2.7.12-1ubuntu0~16.04.8 Sorry, changesfile not available.-- Xenial-changes

[ubuntu/xenial-security] python3.5 3.5.2-2ubuntu0~16.04.8 (Accepted)

2019-09-09 Thread Marc Deslauriers
/test_urlparse.py, Lib/urllib/parse.py. - CVE-2019-10160 * debian/patches/issue9146.diff: fix FIPS mode environments where MD5 isn't available in Modules/_hashopenssl.c. (LP: #1835135) Date: 2019-08-20 19:35:15.641411+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu

[ubuntu/xenial-security] libreoffice 1:5.1.6~rc2-0ubuntu1~xenial9 (Accepted)

2019-08-19 Thread Marc Deslauriers
t location check - debian/patches/CVE-2019-9850_1_2.diff: ensure that all URLs leaving scriptURI2StorageUri() are percent-encoded. - CVE-2019-9852 Date: 2019-08-15 12:33:13.297907+00:00 Changed-By: Marcus Tomlinson Signed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/lib

[ubuntu/xenial-security] nginx 1.10.3-0ubuntu0.16.04.4 (Accepted)

2019-08-15 Thread Marc Deslauriers
- debian/patches/CVE-2019-9516.patch: reject zero length headers with PROTOCOL_ERROR in src/http/v2/ngx_http_v2.c. - CVE-2019-9516 Date: 2019-08-14 19:35:16.907476+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/nginx/1.10.3-0ubuntu0.16.04.4 Sorry, changesfile

  1   2   3   4   5   6   7   >