in src/openvpn/proxy.c.
- No CVE number
Date: 2017-06-22 15:18:13.989450+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/openvpn/2.3.10-1ubuntu2.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubun
in
coregrind/m_demangle/cplus-dem.c, add XDUPVEC to
coregrind/m_demangle/vg_libciface.h.
- CVE-2016-6131
Date: 2017-06-07 20:23:15.256146+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/valgrind/1:3.11.0-1ubuntu4.2
/ssl_gtest/ssl_gather_unittest.cc,
nss/gtests/ssl_gtest/ssl_gtest.gyp, nss/gtests/ssl_gtest/manifest.mn,
nss/gtests/ssl_gtest/ssl_v2_client_hello_unittest.cc.
- CVE-2017-7502
Date: 2017-06-16 13:18:14.224637+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
overflows
* debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
LD_HWCAP_MASK for AT_SECURE=1 programs
Date: 2017-06-16 19:21:13.761522+00:00
Changed-By: Steve Beattie <sbeat...@ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpa
eat...@ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/exim4/4.86.2-2ubuntu2.2
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mail
, CVE-2017-5975, CVE-2017-5976, CVE-2017-5978,
CVE-2017-5979, CVE-2017-5980, CVE-2017-5981
Date: 2017-06-13 14:41:17.670605+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/zziplib/0.13.62-3ubuntu0.16.04.1
Sorry, chang
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/libmwaw/0.3.7-1ubuntu2.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/
libosip2 (4.1.0-2+deb8u1build0.16.04.1) xenial-security; urgency=medium
* fake sync from Debian
libosip2 (4.1.0-2+deb8u1) jessie-security; urgency=medium
* CVE-2016-10324 CVE-2016-10325 CVE-2016-10326 CVE-2017-7853
Date: 2017-06-14 15:51:16.196856+00:00
Changed-By: Marc Deslauriers
libosip2 (4.1.0-2build0.16.04.1) xenial-security; urgency=medium
* fake sync from Debian
Date: 2017-06-14 14:02:28.190315+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Maintainer: Debian VoIP Team <pkg-voip-maintain...@lists.alioth.debian.org>
https://launchpa
- debian/patches/CVE-2017-9469.patch: Fix oob read of one byte in
src/irc/dcc/dcc-get.c, src/irc/dcc/dcc-resume.c.
- CVE-2017-9469
Date: 2017-06-08 19:45:16.499742+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/irssi/0.8.19-1ubu
13:37:20.521113+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/nagios3/3.5.1.dfsg-2.1ubuntu1.3
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://list
libnl3 (3.2.27-1ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: integer-overflow in nlmsg_reserve()
- debian/patches/CVE-2017-0553.patch: check len in lib/msg.c.
- CVE-2017-0553
Date: 2017-06-02 13:58:14.389104+00:00
Changed-By: Marc Deslauriers <marc.desla
Date: 2017-06-05 20:58:16.265846+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/lintian/2.5.43ubuntu0.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
libtasn1-6 (4.7-3ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: buffer overflow via specially crafted assignments file
- debian/patches/CVE-2017-6891.patch: add checks to lib/parser_aux.c.
- CVE-2017-6891
Date: 2017-06-01 17:50:29.590882+00:00
Changed-By: Marc
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/openldap/2.4.42+dfsg-2ubuntu3.2
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/m
location.
- Thanks to John Cupitt and Even Rouault
Date: 2017-05-29 12:21:17.322967+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/tiff/4.0.6-1ubuntu0.2
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-c
-new-youtube.patch:
- Backport from 2.16.2 to fix the new (May 2017 opt-in) YouTube
Date: 2017-05-26 10:56:13.494626+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.3-0ubuntu0.16.04.1
Sorry, changesfile not ava
-2017-8356, CVE-2017-8357, CVE-2017-8765,
CVE-2017-8830, CVE-2017-9098, CVE-2017-9141, CVE-2017-9142,
CVE-2017-9143, CVE-2017-9144
Date: 2017-05-26 13:33:23.018156+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/imagemagick/8:6
-24 20:15:14.289365+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/strongswan/5.3.5-1ubuntu3.3
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
in simpleUPnPcommand2
- debian/patches/More_accurate_checking_*.patch: perform better
checking while writing buffer in miniupnpc.c.
- No CVE number
Date: 2017-05-19 15:43:14.373871+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/min
14:00:37.082174+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/jbig2dec/0.12+20150918-1ubuntu0.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
-05-20 17:30:14.345542+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.7
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsub
,
CVE-2016-8692, CVE-2016-8693, CVE-2016-8882, CVE-2016-9560,
CVE-2016-9591, CVE-2016-10249, CVE-2016-10251
Date: 2017-05-18 15:11:13.668803+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/jasper/1.900.1-debian1-2.4ubuntu1.1
:25.708711+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/bash/4.3-14ubuntu1.2
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/m
git (1:2.7.4-0ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: git shell restriction bypass
- debian/patches/CVE-2017-8386.patch: disallow repo names beginning
with dash in shell.c.
- CVE-2017-8386
Date: 2017-05-12 15:19:59.981263+00:00
Changed-By: Marc Deslauriers
this issue.
- CVE-2017-8422
Date: 2017-05-15 12:02:25.818085+00:00
Changed-By: Rik Mills <rik.mill...@gmail.com>
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/kde4libs/4:4.14.16-0ubuntu3.2
Sorry, changesfile not available.--
Xenial-cha
ing NULL pointer check in VMFUNC emulation
* CVE-2016-10013 / XSA-204
- x86: Mishandling of SYSCALL singlestep during emulation
Date: 2017-05-12 11:57:33.983289+00:00
Changed-By: Stefan Bader <stefan.ba...@canonical.com>
Signed-By: Marc Deslauriers <marc.deslauri...@canonica
null pointer dereference
- debian/patches/CVE-2015-8272.patch: ignore requests without playpath
in rtmpsrv.c.
- CVE-2015-8272
Date: 2017-05-05 13:54:19.503807+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/rtmpdump/2.4+20
in t1_builder_close_contour
- debian/patches-freetype/CVE-2017-8287.patch: add a check to
src/psaux/psobjs.c.
- CVE-2017-8287
Date: 2017-05-04 17:03:22.225536+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/freetype/2.6.1-0.1ubu
configuration directive,
"HttpProtocolOptions Unsafe" can be used to re-enable some of the less
strict parsing restrictions, at the expense of security.
Date: 2017-05-05 21:02:40.238212+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu
, source/test/intltest/utxttest.h.
- CVE-2017-7867
- CVE-2017-7868
Date: 2017-05-02 13:42:26.986023+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/icu/55.1-7ubuntu0.2
Sorry, changesfile not available.--
Xenial-changes mailing list
in tools::Polygon::Insert function
- debian/patches/CVE-2017-7870.patch: check if ImplSplit succeeded in
tools/inc/poly.h, tools/source/generic/poly.cxx.
- CVE-2017-7870
Date: 2017-04-28 14:46:14.076465+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
nspr (2:4.13.1-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Update to 4.13.1 to support nss security update.
Date: 2017-04-26 15:08:16.622901+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/nspr/2:4.13.1-0ubuntu0.16.04.1
://bugs.mysql.com/bug.php?id=83340
* d/lintian-overrides: Updated line numbers
Date: 2017-04-27 00:00:33.418485+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.18-0ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-c
:2.5+dfsg-5ubuntu10.7) xenial; urgency=medium
[ Rafael David Tinoco ]
* Fixed wrong migration blocker when vhost is used (LP: #1626972)
- d/p/vhost_migration-blocker-only-if-shared-log-is-used.patch
Date: 2017-04-05 14:58:25.077978+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonica
for new version.
Date: 2017-04-08 01:27:13.459849+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/webkit2gtk/2.16.1-0ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify se
-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.5
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/li
/cmd.c.
- CVE-2014-1878
* SECURITY UPDATE: symlink attack on log file
- debian/patches/CVE-2016-9566.patch: safely handle log file in
base/logging.c.
- CVE-2016-9566
Date: 2017-03-31 20:06:13.426678+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
/CVE-2017-2619/bug12172.patch: handle non-existant
files and wildcards in source3/modules/vfs_shadow_copy2.c.
Date: 2017-03-28 15:04:13.936156+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.6
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.8.3-1ubuntu0.4
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/m
; urgency=medium
* New upstream bugfix release.
Date: 2017-03-24 13:41:24.877755+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.8.3-1ubuntu0.2
Sorry, changesfile not available.--
Xenial-changes mailing list
.
- CVE-2017-5844
* debian/patches/docs_ftbfs.patch: fix FTBFS.
Date: 2017-03-24 13:43:17.272582+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/gst-plugins-base0.10/0.10.36-2ubuntu0.1
Sorry, changesfile not available.--
Xenial-c
/qtdemux.c.
- CVE-2017-5840
Date: 2017-03-24 13:48:13.896161+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Maintainer: Ubuntu Desktop <ubuntu-desk...@lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/gst-plugins-good0.10/0.10.31-3+nmu4ubuntu2.16.04.3
Sorry,
:48:45.064900+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.5
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
-By: Jeremy Bicha <jer...@bicha.net>
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/audiofile/0.3.6-2ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or
freetype (2.6.1-0.1ubuntu2.1) xenial-security; urgency=medium
* SECURITY UPDATE: DoS and possible code execution via missing glyph name
- debian/patches/CVE-2016-10244.patch: add check to src/type1/t1load.c.
- CVE-2016-10244
Date: 2017-03-16 18:04:13.970868+00:00
Changed-By: Marc
)
Date: 2017-03-15 14:58:28.406219+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/libxml2/2.9.3+dfsg1-1ubuntu0.2
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsub
is based on!
- CVE-2017-6498, CVE-2017-6499, CVE-2017-6500
Date: 2017-03-14 15:06:22.490501+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/imagemagick/8:6.8.9.9-7ubuntu5.6
Sorry, changesfile not available.--
Xenial-changes mailin
pidgin (1:2.10.12-0ubuntu5.2) xenial-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds write when stripping xml
- debian/patches/CVE-2017-2640.patch: improve entity processing in
libpurple/util.c.
- CVE-2017-2640
Date: 2017-03-13 19:43:14.421542+00:00
Changed-By: Marc
-9190.patch: add size check to
libImaging/Storage.c, add test to Tests/images/negative_size.ppm,
Tests/test_file_ppm.py.
- CVE-2016-9190
Date: 2017-03-10 14:03:24.257962+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/
/patches/CVE-2016-0494.patch
- debian/patches/CVE-2016-6293.patch
- debian/patches/CVE-2016-7415.patch
- CVE-2015-4844
- CVE-2016-0494
- CVE-2016-6293
- CVE-2016-7415
Date: 2017-03-10 17:47:14.709511+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
* SECURITY UPDATE: denial of service via invalid compressed file size
- debian/patches/CVE-2017-5601.patch: add check to
libarchive/archive_read_support_format_lha.c.
- CVE-2017-5601
Date: 2017-03-09 16:42:32.714236+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
is based on!
- CVE-2016-8707, CVE-2016-10062, CVE-2016-10144, CVE-2016-10145,
CVE-2016-10146, CVE-2017-5506, CVE-2017-5507, CVE-2017-5508,
CVE-2017-5510, CVE-2017-5511
Date: 2017-03-02 21:23:19.274636+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
network-manager (1.2.2-0ubuntu0.16.04.4) xenial-security; urgency=medium
* No change rebuild in the -security pocket.
Date: 2017-03-06 18:04:41.216645+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/network-manager/1.2.2-0ubuntu0.1
munin (2.0.25-2ubuntu0.16.04.3) xenial-security; urgency=medium
* SECURITY REGRESSION: log spamming issue (LP: #1669764)
- debian/patches/CVE-2017-6188-3.patch: use looks_like_number in
master/_bin/munin-cgi-graph.in.
Date: 2017-03-03 12:45:21.059822+00:00
Changed-By: Marc
and Amit Klein for reporting this issue, Albert Astals Cid for fixing
this issue.
- No CVE number.
- fixes (LP: #1668871)
Date: 2017-03-02 17:45:14.500331+00:00
Changed-By: vishnunaini <vis...@vishnunaini.com>
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.c
and Amit Klein for reporting this issue, Albert Astals Cid for fixing
this issue.
- No CVE number.
- fixes (LP: #1668871)
Date: 2017-03-02 17:53:13.85+00:00
Changed-By: vishnunaini <vis...@vishnunaini.com>
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.c
in
master/_bin/munin-cgi-graph.in.
- CVE-2017-6188
Date: 2017-03-02 12:49:17.552929+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/munin/2.0.25-2ubuntu0.16.04.2
Sorry, changesfile not available.--
Xenial-changes mailing list
-2016-9622, CVE-2016-9623, CVE-2016-9624,
CVE-2016-9625, CVE-2016-9626, CVE-2016-9627, CVE-2016-9628,
CVE-2016-9629, CVE-2016-9630, CVE-2016-9631, CVE-2016-9632,
CVE-2016-9633
Date: 2017-03-01 19:24:14.426959+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
/bug73800.phpt, ext/mysqli/tests/bug74021.phpt.
Date: 2017-03-02 12:19:13.320843+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/php7.0/7.0.15-0ubuntu0.16.04.4
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-c
to "net.hadess.SensorProxy" in net.hadess.SensorProxy.conf
[ Marc Deslauriers ]
* debian/control: added udev to Build-Depends.
Date: 2017-02-28 13:03:13.550925+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/iio-sensor-proxy/1.1-1ubuntu1
So
:28:29.236094+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/tiff/4.0.6-1ubuntu0.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubun
6-7418.patch: fix out-of-bounds read in
ext/wddx/wddx.c, added test to ext/wddx/tests/bug73065.phpt.
+ CVE-2016-7418
[ Fixed in 7.0.11 ]
Date: 2017-02-23 13:57:21.947572+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+s
imagemagick (8:6.8.9.9-7ubuntu5.4) xenial-security; urgency=medium
* SECURITY REGRESSION: text coder issue (LP: #1589580)
- debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
fix logic in coders/txt.c.
Date: 2017-02-22 18:25:28.721297+00:00
Changed-By: Marc
: 2017-02-21 15:48:16.621075+00:00
Changed-By: LocutusOfBorg <costamagnagianfra...@yahoo.it>
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/tcpdump/4.9.0-1ubuntu1~ubuntu16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing
-9578-1.patch: limit size in server/reds.c.
- debian/patches/CVE-2016-9578-2.patch: limit caps in server/reds.c.
- CVE-2016-9578
Date: 2017-02-15 19:27:19.179806+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/spice/0.12.6-4ubu
:52:14.724464+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/gtk-vnc/0.5.3-1.3ubuntu2.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
,
bin/tests/system/dname/ns1/root.db, bin/tests/system/dname/tests.sh.
- No CVE number
Date: 2017-02-15 16:46:44.156316+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-8ubuntu1.5
Sorry, changesfile not ava
webkit2gtk (2.14.5-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to 2.14.5 to fix multiple security issues.
Date: 2017-02-15 12:50:23.064630+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/webkit2gtk/2.14.5-0ubuntu0.1
, rsa.c, testsuite/rsa-test.c.
- CVE-2016-6489
Date: 2017-02-03 14:25:05.980168+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/nettle/3.2-1ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-c
:25.474213+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/squid3/3.5.12-1ubuntu7.3
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/m
webkit2gtk (2.14.3-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to 2.14.3 to fix multiple security issues.
Date: 2017-02-03 12:22:16.775606+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/webkit2gtk/2.14.3-0ubuntu0.1
iucode-tool (1.5.1-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow on -tr loader
- debian/patches/CVE-2017-0357.patch: check al in intel_microcode.c.
- CVE-2017-0357
Date: 2017-01-25 19:16:13.932432+00:00
Changed-By: Marc Deslauriers <marc.desla
libxpm (1:3.5.11-1ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: OOB write when handling malicious XPM files
- debian/patches/CVE-2016-10164.patch: add bounds checks to
src/CrDatFrI.c.
- CVE-2016-10164
Date: 2017-01-25 21:03:14.423946+00:00
Changed-By: Marc
/fix_expired_certs.patch: use datefudge to fix test with
expired certs.
Date: 2017-01-26 19:18:21.817877+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.2
Sorry, changesfile not available.--
Xenial-changes mailin
carry bug in
bn_sqr8x_internal in crypto/bn/asm/x86_64-mont5.pl.
- CVE-2017-3732
Date: 2017-01-30 16:00:18.440188+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/openssl/1.0.2g-1ubuntu4.6
Sorry, changesfile not available.--
-3265
- CVE-2017-3258
- CVE-2017-3257
- CVE-2017-3244
- CVE-2017-3243
- CVE-2017-3238
- CVE-2016-6664
Date: 2017-01-24 18:44:37.433619+00:00
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/mariadb-10.0/10.0.29-0ubuntu0.1
from upstream
0.9.38-LTS branch (commit ad97545)
- CVE-2017-5180
Date: 2017-01-23 20:58:23.093163+00:00
Changed-By: Reiner Herrmann <rei...@reiner-h.de>
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/firejail/0.9.38-1ubu
: privilege escalation during package removal
- debian/tomcat8.postrm.in: don't reset permissions before removing
user.
- CVE-2016-9775
* debian/tomcat8.init: further hardening.
Date: 2017-01-18 13:32:09.679525+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
/patches/CVE-2016-10109-2.patch: check for a valid hContext
handles in src/winscard_svc.c.
- CVE-2016-10109
Date: 2017-01-06 15:41:13.693101+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/pcsc-lite/1.8.14-1ubuntu1.16.04.1
pinba-engine-mysql (1.1.0-1ubuntu1.5) xenial-security; urgency=medium
* Rebuild against mysql 5.7.17.
Date: 2017-01-19 00:01:29.314601+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/pinba-engine-mysql/1.1.0-1ubuntu1.5
Sorry, chang
date in test.
* debian/control: replace python with libjson-perl in mysql-testsuite-5.7
Depends.
* debian/mysql-testsuite-5.7.install: add test_udf_services.so.
Date: 2017-01-18 21:21:12.857760+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/
<stefan.ba...@canonical.com>
Signed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/xen/4.6.0-1ubuntu4.3
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://list
ns2/example.db,
bin/tests/system/dname/tests.sh.
- No CVE number
bind9 (1:9.10.3.dfsg.P4-8ubuntu1.3) xenial; urgency=medium
* Add RemainAfterExit to bind9-resolvconf unit configuration file
(LP: #1536181).
Date: 2017-01-09 15:17:13.778911+00:00
Changed-By: Marc Deslauriers <marc.de
in Ultra type tile decoder
- debian/patches/CVE-2016-9942.patch: use _safe variant in
libvncclient/ultra.c.
- CVE-2016-9942
Date: 2017-01-06 13:30:23.182650+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/libvncserver/0.9.1
epiphany-browser (3.18.5-0ubuntu1.1) xenial-security; urgency=medium
* debian/patches/new_webkit_abi.patch: fix compatibility with newer
WebKitGTK+.
* debian/control*: bump libwebkit2gtk-4.0-dev to (>= 2.13.2).
Date: 2017-01-10 14:52:17.610553+00:00
Changed-By: Marc Deslauri
-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/webkit2gtk/2.14.2-0ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/
exim4 (4.86.2-2ubuntu2.1) xenial-security; urgency=medium
* SECURITY UPDATE: DKIM information leakage
- debian/patches/CVE-2016-9963.patch: fix information leakage in
src/dkim.c, src/transports/smtp.c.
- CVE-2016-9963
Date: 2017-01-05 14:45:26.802035+00:00
Changed-By: Marc
python-bottle (0.12.7-1+deb8u1build0.16.04.1) xenial-security; urgency=medium
* fake sync from Debian
Date: 2017-01-05 12:43:14.497932+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Maintainer: David Paleino <da...@debian.org>
https://launchpad.net/ubuntu/+s
compatible.
* debian/patches/*.patch: refreshed for new version.
* debian/rules: When building with -O3, build with -Wno-error=maybe-
uninitialized to fix FTBFS on ppc64el and powerpc.
Date: 2016-12-05 13:04:22.172113+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
:15.035908+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/game-music-emu/0.6.0-3ubuntu0.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
-5180
Date: 2016-10-06 14:35:14.763260+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/c-ares/1.10.0-3ubuntu0.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsub
is based on!
- CVE-2016-7799, CVE-2016-7906, CVE-2016-8677, CVE-2016-8862,
CVE-2016-9556
* debian/patches/0070-Fix-PixelColor-off-by-one-on-i386.patch: add back
changes from 8:6.8.9.9-7ubuntu1 lost during the previous update.
Date: 2016-11-29 17:50:14.416643+00:00
Changed-By: Marc
/primitives/test_hkdf.py.
- CVE-2016-9243
Date: 2016-11-17 15:47:14.840328+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/python-cryptography/1.2.3-1ubuntu0.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-c
based on
GstByteReader/Writer in gst/flx/flx_color.c, gst/flx/flx_fmt.h,
gst/flx/gstflxdec.c, gst/flx/gstflxdec.h.
- No CVE number
Date: 2016-11-25 14:33:15.609343+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/gst-p
:59:30.792749+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/moin/1.9.8-1ubuntu1.16.04.1
Sorry, changesfile not available.--
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
: fix compiler warnings in
gst/flx/gstflxdec.c.
- No CVE number
* debian/patches/docs_ftbfs.patch: fix FTBFS.
Date: 2016-11-22 17:08:13.421759+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Maintainer: Ubuntu Desktop <ubuntu-desk...@lists.ubuntu.c
warnings in
gst/flx/gstflxdec.c.
- No CVE number
Date: 2016-11-22 16:22:17.941166+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.8.2-1ubuntu0.2
Sorry, changesfile not available.--
Xenial-changes mailin
gst-plugins-base1.0 (1.8.2-1ubuntu0.2) xenial-security; urgency=medium
* No change rebuild in security pocket.
Date: 2016-11-22 15:33:25.037982+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.8.2-1ubuntu0.2
tar (1.28-2.1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: extract pathname bypass
- debian/patches/CVE-2016-6321.patch: skip members whose names contain
".." in src/extract.c.
- CVE-2016-6321
Date: 2016-11-17 16:26:39.585121+00:00
Changed-By: Marc D
501 - 600 of 746 matches
Mail list logo