libpam-opie (0.21-8build3.1) lucid-security; urgency=low
* No-change rebuild against opie security update
Date: Thu, 17 Jun 2010 13:37:00 -0400
Changed-By: Marc Deslauriers
Maintainer: Michael Stone
https://launchpad.net/ubuntu/lucid/+source/libpam-opie/0.21-8build3.1
Format: 1.8
Date: Thu, 1
fastjar (2:0.98-1ubuntu0.10.04.1) lucid-security; urgency=low
* SECURITY UPDATE: directory traversal vulnerabilities (LP: #540575)
- jartool.c (extract_jar): Fix up checks for traversal to parent
directories, disallow absolute paths, make the code slightly more
efficient. (patch
tiff (3.9.2-2ubuntu0.3) lucid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution and crashes via multiple
integer overflows. Backported upstream fixes:
- debian/patches/CVE-2010-1411.patch
- debian/patches/CVE-2010-2065.patch
- debian/patches/CVE-2010-2067.patch
opie (2.40~dfsg-0ubuntu1.10.04.1) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
off-by-one
- libopie/readrec.c: use strncpy so we don't overflow principal.
- http://security.freebsd.org/patches/SA-10:05/opie.patch
- CVE-2010-1938
python-cjson (1.0.5-2ubuntu0.10.04.1) lucid-security; urgency=low
[ Matt Giuca ]
* SECURITY UPDATE: Fixed potential buffer overflow error when encoding wide
unicode characters on UCS4 builds (LP: #585274)
- CVE-2010-1666
Date: Fri, 18 Jun 2010 13:07:12 -0500
Changed-By: Jamie Strandbo
cups (1.4.3-1ubuntu1.2) lucid-security; urgency=low
* SECURITY UPDATE: cross-site request forgery in admin interface
- debian/patches/CVE-2010-0540.dpatch: add unpredictable session token
to cgi-bin/cgi.h, cgi-bin/libcupscgi.exp, cgi-bin/template.c,
cgi-bin/var.c, templates/*.tmp
evolution-data-server (2.28.3.1-0ubuntu4) lucid-proposed; urgency=low
* remove debian/patches/92_git_return_formatted_address.patch:
create a lot of issues with names containing a ". " as the recipient
(LP: #595867)
Date: Mon, 21 Jun 2010 14:22:29 +0200
Changed-By: Didier Roche
Maintai
ubuntuone-client (1.2.2-0ubuntu2) lucid-proposed; urgency=low
* Rmmove fix-571548.patch and fix-567223.patch; included upstream now.
* Fix lintian E: python-binary-without-python-dep warnings
Date: Fri, 18 Jun 2010 08:58:20 -0400
Changed-By: Rodney Dawes
Maintainer: Ubuntu MOTU Developers
S
kpackagekit (0.5.4-0ubuntu4.2) lucid-proposed; urgency=low
* Add kubuntu_06_no_automatic_updates.diff, don't run automatic
install updates from KPackageKit settings. Apt already has its
own settings and ability to do this. Closes LP: #586497
Date: Fri, 18 Jun 2010 12:11:45 +0100
Chang