[ubuntu/trusty-proposed] linux_3.13.0-32.56_amd64.tar.gz - (Accepted)
linux (3.13.0-32.56) trusty; urgency=low [ Luis Henriques ] * Merged back Ubuntu-3.13.0-30.55 security release * Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)" - LP: #1337339 * Release Tracking Bug - LP: #1338524 [ Upstream Kernel Changes ] * ptrace,x86: force IRET path after a ptrace_stop() - LP: #1337339 - CVE-2014-4699 * hpsa: add new Smart Array PCI IDs (May 2014) - LP: #1337516 Date: Mon, 07 Jul 2014 11:38:37 +0100 Changed-By: Luis Henriques Maintainer: Ubuntu/amd64 Build Daemon Format: 1.8 Date: Mon, 07 Jul 2014 11:38:37 +0100 Source: linux Binary: linux-source-3.13.0 linux-doc linux-headers-3.13.0-32 linux-libc-dev linux-tools-common linux-tools-3.13.0-32 linux-cloud-tools-common linux-cloud-tools-3.13.0-32 linux-image-3.13.0-32-generic linux-image-extra-3.13.0-32-generic linux-headers-3.13.0-32-generic linux-image-3.13.0-32-generic-dbgsym linux-tools-3.13.0-32-generic linux-cloud-tools-3.13.0-32-generic linux-udebs-generic linux-image-3.13.0-32-generic-lpae linux-image-extra-3.13.0-32-generic-lpae linux-headers-3.13.0-32-generic-lpae linux-image-3.13.0-32-generic-lpae-dbgsym linux-tools-3.13.0-32-generic-lpae linux-cloud-tools-3.13.0-32-generic-lpae linux-udebs-generic-lpae linux-image-3.13.0-32-lowlatency linux-image-extra-3.13.0-32-lowlatency linux-headers-3.13.0-32-lowlatency linux-image-3.13.0-32-lowlatency-dbgsym linux-tools-3.13.0-32-lowlatency linux-cloud-tools-3.13.0-32-lowlatency linux-udebs-lowlatency linux-image-3.13.0-32-powerpc-e500 linux-image-extra-3.13.0-32-powerpc-e500 linux-headers-3.13.0-32-powerpc-e500 linux-image-3.13.0-32-powerpc-e500-dbgsym linux-tools-3.13.0-32-powerpc-e500 linux-cloud-tools-3.13.0-32-powerpc-e500 linux-udebs-powerpc-e500 linux-image-3.13.0-32-powerpc-e500mc linux-image-extra-3.13.0-32-powerpc-e500mc linux-headers-3.13.0-32-powerpc-e500mc linux-image-3.13.0-32-powerpc-e500mc-dbgsym linux-tools-3.13.0-32-powerpc-e500mc linux-cloud-tools-3.13.0-32-powerpc-e500mc linux-udebs-powerpc-e500mc linux-image-3.13.0-32-powerpc-smp linux-image-extra-3.13.0-32-powerpc-smp linux-headers-3.13.0-32-powerpc-smp linux-image-3.13.0-32-powerpc-smp-dbgsym linux-tools-3.13.0-32-powerpc-smp linux-cloud-tools-3.13.0-32-powerpc-smp linux-udebs-powerpc-smp linux-image-3.13.0-32-powerpc64-emb linux-image-extra-3.13.0-32-powerpc64-emb linux-headers-3.13.0-32-powerpc64-emb linux-image-3.13.0-32-powerpc64-emb-dbgsym linux-tools-3.13.0-32-powerpc64-emb linux-cloud-tools-3.13.0-32-powerpc64-emb linux-udebs-powerpc64-emb linux-image-3.13.0-32-powerpc64-smp linux-image-extra-3.13.0-32-powerpc64-smp linux-headers-3.13.0-32-powerpc64-smp linux-image-3.13.0-32-powerpc64-smp-dbgsym linux-tools-3.13.0-32-powerpc64-smp linux-cloud-tools-3.13.0-32-powerpc64-smp linux-udebs-powerpc64-smp kernel-image-3.13.0-32-generic-di nic-modules-3.13.0-32-generic-di nic-shared-modules-3.13.0-32-generic-di serial-modules-3.13.0-32-generic-di ppp-modules-3.13.0-32-generic-di pata-modules-3.13.0-32-generic-di firewire-core-modules-3.13.0-32-generic-di scsi-modules-3.13.0-32-generic-di plip-modules-3.13.0-32-generic-di floppy-modules-3.13.0-32-generic-di fat-modules-3.13.0-32-generic-di nfs-modules-3.13.0-32-generic-di md-modules-3.13.0-32-generic-di multipath-modules-3.13.0-32-generic-di usb-modules-3.13.0-32-generic-di pcmcia-storage-modules-3.13.0-32-generic-di fb-modules-3.13.0-32-generic-di input-modules-3.13.0-32-generic-di mouse-modules-3.13.0-32-generic-di irda-modules-3.13.0-32-generic-di parport-modules-3.13.0-32-generic-di nic-pcmcia-modules-3.13.0-32-generic-di pcmcia-modules-3.13.0-32-generic-di nic-usb-modules-3.13.0-32-generic-di sata-modules-3.13.0-32-generic-di crypto-modules-3.13.0-32-generic-di squashfs-modules-3.13.0-32-generic-di speakup-modules-3.13.0-32-generic-di virtio-modules-3.13.0-32-generic-di fs-core-modules-3.13.0-32-generic-di fs-secondary-modules-3.13.0-32-generic-di storage-core-modules-3.13.0-32-generic-di block-modules-3.13.0-32-generic-di message-modules-3.13.0-32-generic-di vlan-modules-3.13.0-32-generic-di ipmi-modules-3.13.0-32-generic-di Architecture: amd64 amd64_translations Version: 3.13.0-32.56 Distribution: trusty Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Luis Henriques Description: block-modules-3.13.0-32-generic-di - Block storage devices (udeb) crypto-modules-3.13.0-32-generic-di - crypto modules (udeb) fat-modules-3.13.0-32-generic-di - FAT filesystem support (udeb) fb-modules-3.13.0-32-generic-di - Framebuffer modules (udeb) firewire-core-modules-3.13.0-32-generic-di - Firewire (IEEE-1394) Support (udeb) floppy-modules-3.13.0-32-generic-di - Floppy driver support (udeb) fs-core-modules-3.13.0-32-generic-di - Base filesystem modules (udeb) fs-secondary-modules-3.13.0-32-generic-di - Extra filesystem modules (udeb) input-modules-3.13.0-32-generic-di - Support for various input methods (udeb) ipmi-modules-3.13.0-32-generic
[ubuntu/trusty-proposed] linux 3.13.0-32.56 (Accepted)
linux (3.13.0-32.56) trusty; urgency=low [ Luis Henriques ] * Merged back Ubuntu-3.13.0-30.55 security release * Revert "x86_64,ptrace: Enforce RIP <= TASK_SIZE_MAX (CVE-2014-4699)" - LP: #1337339 * Release Tracking Bug - LP: #1338524 [ Upstream Kernel Changes ] * ptrace,x86: force IRET path after a ptrace_stop() - LP: #1337339 - CVE-2014-4699 * hpsa: add new Smart Array PCI IDs (May 2014) - LP: #1337516 Date: 2014-07-07 11:30:12.567150+00:00 Changed-By: Luis Henriques Signed-By: Chris J Arges https://launchpad.net/ubuntu/trusty/+source/linux/3.13.0-32.56 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] linux-meta 3.13.0.32.38 (Accepted)
linux-meta (3.13.0.32.38) trusty; urgency=medium * linux ABI 3.13.0-32 Date: 2014-07-07 11:31:12.774436+00:00 Changed-By: Luis Henriques Signed-By: Chris J Arges https://launchpad.net/ubuntu/trusty/+source/linux-meta/3.13.0.32.38 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] linux-signed 3.13.0-32.56 (Accepted)
linux-signed (3.13.0-32.56) trusty; urgency=medium * Version 3.13.0-32.56 Date: 2014-07-07 11:31:18.253488+00:00 Changed-By: Luis Henriques Signed-By: Chris J Arges https://launchpad.net/ubuntu/trusty/+source/linux-signed/3.13.0-32.56 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-security] xen 4.4.0-0ubuntu5.1 (Accepted)
xen (4.4.0-0ubuntu5.1) trusty-security; urgency=low * Applying Xen Security Advisories: - CVE-2014-2599 / XSA-89 * x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access() - CVE-2014-3125 / XSA-91 * xen/arm: Correctly save/restore CNTKCTL_EL1 - CVE-2014-3124 / XSA-92 * x86/HVM: restrict HVMOP_set_mem_type - CVE-2014-2915 / XSA-93 * xen/arm: Inject an undefined instruction when the coproc/sysreg is not handled * xen/arm: Don't let the guest access the coprocessors registers * xen/arm: Upgrade DCISW into DCCISW * xen/arm: Trap cache and TCM lockdown registers * xen/arm: Don't expose implementation defined registers (Cp15 c15) to the guest * xen/arm: Don't let guess access to Debug and Performance Monitor registers - CVE-2014-2986 / XSA-94 * xen/arm: vgic: Check rank in GICD_ICFGR* emulation before locking - CVE-2014-3714, CVE-2014-3715, CVE-2014-3716, CVE-2014-3717 / XSA-95 * tools: arm: remove code to check for a DTB appended to the kernel - CVE-2014-3967,CVE-2014-3968 / XSA-96 * x86/HVM: eliminate vulnerabilities from hvm_inject_msi() - CVE-2014-3969 / XSA-98 * xen: arm: check permissions when copying to/from guest virtual addresses * xen: arm: ensure we hold a reference to guest pages while we copy to/from them - CVE-2014-4021 / XSA-100 * AMD IOMMU: don't free page table prematurely * page-alloc: scrub pages used by hypervisor upon freeing - CVE-2014-4022 / XSA-101 * xen: arm: initialise the grant_table_gpfn array on allocation Date: 2014-07-09 11:59:23.859223+00:00 Changed-By: Stefan Bader Signed-By: Marc Deslauriers https://launchpad.net/ubuntu/trusty/+source/xen/4.4.0-0ubuntu5.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] xen 4.4.0-0ubuntu5.1 (Accepted)
xen (4.4.0-0ubuntu5.1) trusty-security; urgency=low * Applying Xen Security Advisories: - CVE-2014-2599 / XSA-89 * x86: enforce preemption in HVM_set_mem_access / p2m_set_mem_access() - CVE-2014-3125 / XSA-91 * xen/arm: Correctly save/restore CNTKCTL_EL1 - CVE-2014-3124 / XSA-92 * x86/HVM: restrict HVMOP_set_mem_type - CVE-2014-2915 / XSA-93 * xen/arm: Inject an undefined instruction when the coproc/sysreg is not handled * xen/arm: Don't let the guest access the coprocessors registers * xen/arm: Upgrade DCISW into DCCISW * xen/arm: Trap cache and TCM lockdown registers * xen/arm: Don't expose implementation defined registers (Cp15 c15) to the guest * xen/arm: Don't let guess access to Debug and Performance Monitor registers - CVE-2014-2986 / XSA-94 * xen/arm: vgic: Check rank in GICD_ICFGR* emulation before locking - CVE-2014-3714, CVE-2014-3715, CVE-2014-3716, CVE-2014-3717 / XSA-95 * tools: arm: remove code to check for a DTB appended to the kernel - CVE-2014-3967,CVE-2014-3968 / XSA-96 * x86/HVM: eliminate vulnerabilities from hvm_inject_msi() - CVE-2014-3969 / XSA-98 * xen: arm: check permissions when copying to/from guest virtual addresses * xen: arm: ensure we hold a reference to guest pages while we copy to/from them - CVE-2014-4021 / XSA-100 * AMD IOMMU: don't free page table prematurely * page-alloc: scrub pages used by hypervisor upon freeing - CVE-2014-4022 / XSA-101 * xen: arm: initialise the grant_table_gpfn array on allocation Date: 2014-07-09 11:59:23.859223+00:00 Changed-By: Stefan Bader Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/trusty/+source/xen/4.4.0-0ubuntu5.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-security] php5 5.5.9+dfsg-1ubuntu4.3 (Accepted)
php5 (5.5.9+dfsg-1ubuntu4.3) trusty-security; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in FileInfo mconvert - debian/patches/CVE-2014-3478.patch: properly handle truncated pascal string size in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-3478 * SECURITY UPDATE: denial of service in FileInfo cdf_check_stream_offset - debian/patches/CVE-2014-3479.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3479 * SECURITY UPDATE: denial of service in FileInfo cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-3487.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3487 * SECURITY UPDATE: denial of service and possible code execution via unserialize() SPL type confusion - debian/patches/CVE-2014-3515.patch: properly check types in ext/spl/spl_array.c, ext/spl/spl_observer.c, added test to ext/spl/tests/SplObjectStorage_unserialize_bad.phpt. - CVE-2014-3515 * SECURITY UPDATE: denial of service via SPL Iterators use-after-free - debian/patches/CVE-2014-4670.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug67538.phpt. - CVE-2014-4670 * SECURITY UPDATE: denial of service via ArrayIterator use-after-free - debian/patches/CVE-2014-4698.patch: don't allow modifying ArrayObject during sorting in ext/spl/spl_array.c, added test to ext/spl/tests/bug67539.phpt. - CVE-2014-4698 * SECURITY UPDATE: information leak via phpinfo (LP: #1338170) - debian/patches/CVE-2014-4721.patch: fix type confusion in ext/standard/info.c, added test to ext/standard/tests/general_functions/bug67498.phpt. - CVE-2014-4721 Date: 2014-07-07 16:23:13.819648+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/trusty/+source/php5/5.5.9+dfsg-1ubuntu4.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] php5 5.5.9+dfsg-1ubuntu4.3 (Accepted)
php5 (5.5.9+dfsg-1ubuntu4.3) trusty-security; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in FileInfo mconvert - debian/patches/CVE-2014-3478.patch: properly handle truncated pascal string size in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-3478 * SECURITY UPDATE: denial of service in FileInfo cdf_check_stream_offset - debian/patches/CVE-2014-3479.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3479 * SECURITY UPDATE: denial of service in FileInfo cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-3487.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3487 * SECURITY UPDATE: denial of service and possible code execution via unserialize() SPL type confusion - debian/patches/CVE-2014-3515.patch: properly check types in ext/spl/spl_array.c, ext/spl/spl_observer.c, added test to ext/spl/tests/SplObjectStorage_unserialize_bad.phpt. - CVE-2014-3515 * SECURITY UPDATE: denial of service via SPL Iterators use-after-free - debian/patches/CVE-2014-4670.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug67538.phpt. - CVE-2014-4670 * SECURITY UPDATE: denial of service via ArrayIterator use-after-free - debian/patches/CVE-2014-4698.patch: don't allow modifying ArrayObject during sorting in ext/spl/spl_array.c, added test to ext/spl/tests/bug67539.phpt. - CVE-2014-4698 * SECURITY UPDATE: information leak via phpinfo (LP: #1338170) - debian/patches/CVE-2014-4721.patch: fix type confusion in ext/standard/info.c, added test to ext/standard/tests/general_functions/bug67498.phpt. - CVE-2014-4721 Date: 2014-07-07 16:23:13.819648+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/trusty/+source/php5/5.5.9+dfsg-1ubuntu4.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] adobe-flashplugin 11.2.202.394-0trusty1 (Accepted)
adobe-flashplugin (11.2.202.394-0trusty1) trusty; urgency=medium * New upstream release v11.2.202.394 Date: Wed, 09 Jul 2014 18:01:32 +0100 Changed-By: Chris Coulson Maintainer: DL-Flash Player Ubuntu https://launchpad.net/ubuntu/trusty/+source/adobe-flashplugin/11.2.202.394-0trusty1 Format: 1.8 Date: Wed, 09 Jul 2014 18:01:32 +0100 Source: adobe-flashplugin Binary: adobe-flashplugin adobe-flash-properties-gtk adobe-flash-properties-kde Architecture: source Version: 11.2.202.394-0trusty1 Distribution: trusty Urgency: medium Maintainer: DL-Flash Player Ubuntu Changed-By: Chris Coulson Description: adobe-flash-properties-gtk - GTK+ control panel for Adobe Flash Player plugin version 11 adobe-flash-properties-kde - KDE control panel Adobe Flash Player plugin version 11 adobe-flashplugin - Adobe Flash Player plugin version 11 Changes: adobe-flashplugin (11.2.202.394-0trusty1) trusty; urgency=medium . * New upstream release v11.2.202.394 Checksums-Sha1: 12921ec4ad34c283facbfc2f35f83521175b7323 1933 adobe-flashplugin_11.2.202.394-0trusty1.dsc d1401a0ecd50c77dff0edb4ac489e9e305e08b0a 14138926 adobe-flashplugin_11.2.202.394.orig.tar.gz 002e33242b51395db9e4a1465c0b9e1228ced185 5864 adobe-flashplugin_11.2.202.394-0trusty1.diff.gz Checksums-Sha256: e5017792110e8b72fc3c153fc52e843ff32c7a52f1caca0eb3ff4346e149b371 1933 adobe-flashplugin_11.2.202.394-0trusty1.dsc ef303269105545222b852805333b0a50a0053e4f4dd71fcabc945cb088a97a68 14138926 adobe-flashplugin_11.2.202.394.orig.tar.gz 1d45eb8d0f26dcb3aaa7502764a3943d8c4b66b6cc6c0be0ad70ff5270f52b5a 5864 adobe-flashplugin_11.2.202.394-0trusty1.diff.gz Files: 70c7a92f4d83038d060ff9ea302b24ff 1933 partner/web optional adobe-flashplugin_11.2.202.394-0trusty1.dsc 5e45a44b67be270eb85a5541852d1b35 14138926 partner/web optional adobe-flashplugin_11.2.202.394.orig.tar.gz ab665e7ab71974ceba9e324d088c4980 5864 partner/web optional adobe-flashplugin_11.2.202.394-0trusty1.diff.gz -- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-security] flashplugin-nonfree 11.2.202.394ubuntu0.14.04.1 (Accepted)
flashplugin-nonfree (11.2.202.394ubuntu0.14.04.1) trusty-security;
urgency=medium
* New upstream release 11.2.202.394
- debian/flashplugin-installer.{config,postinst},
debian/post-download-hook: Updated version and sha256sum
Date: 2014-07-09 17:23:11.953184+00:00
Changed-By: Chris Coulson
https://launchpad.net/ubuntu/trusty/+source/flashplugin-nonfree/11.2.202.394ubuntu0.14.04.1
Sorry, changesfile not available.--
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] flashplugin-nonfree 11.2.202.394ubuntu0.14.04.1 (Accepted)
flashplugin-nonfree (11.2.202.394ubuntu0.14.04.1) trusty-security;
urgency=medium
* New upstream release 11.2.202.394
- debian/flashplugin-installer.{config,postinst},
debian/post-download-hook: Updated version and sha256sum
Date: 2014-07-09 17:23:11.953184+00:00
Changed-By: Chris Coulson
Signed-By: Ubuntu Archive Robot
https://launchpad.net/ubuntu/trusty/+source/flashplugin-nonfree/11.2.202.394ubuntu0.14.04.1
Sorry, changesfile not available.--
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
