[ubuntu/trusty-updates] proftpd-dfsg 1.3.5~rc3-2.1ubuntu2.1 (Accepted)
proftpd-dfsg (1.3.5~rc3-2.1ubuntu2.1) trusty-security; urgency=low * SECURITY UPDATE: The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands. (LP: #1462311) - debian/patches/CVE-2015-3306.patch: adjust contrib/mod_copy.c to check authentication status. Based on upstream patch. - CVE-2015-3306 Date: 2016-12-08 01:15:35.166425+00:00 Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/proftpd-dfsg/1.3.5~rc3-2.1ubuntu2.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] mariadb-5.5 5.5.53-1ubuntu0.14.04.1 (Accepted)
mariadb-5.5 (5.5.53-1ubuntu0.14.04.1) trusty-security; urgency=low * SECURITY UPDATE: New upstream release 5.5.53. Includes fixes for the following security vulnerabilities (LP: #1638125): - CVE-2016-7440 - CVE-2016-5584 * Update previous changelog entries to contain new CVE identifiers Date: 2016-11-03 23:01:25.604615+00:00 Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/mariadb-5.5/5.5.53-1ubuntu0.14.04.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-security] mariadb-5.5 5.5.53-1ubuntu0.14.04.1 (Accepted)
mariadb-5.5 (5.5.53-1ubuntu0.14.04.1) trusty-security; urgency=low * SECURITY UPDATE: New upstream release 5.5.53. Includes fixes for the following security vulnerabilities (LP: #1638125): - CVE-2016-7440 - CVE-2016-5584 * Update previous changelog entries to contain new CVE identifiers Date: 2016-11-03 23:01:25.604615+00:00 Signed-By: Tyler Hicks https://launchpad.net/ubuntu/+source/mariadb-5.5/5.5.53-1ubuntu0.14.04.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-security] proftpd-dfsg 1.3.5~rc3-2.1ubuntu2.1 (Accepted)
proftpd-dfsg (1.3.5~rc3-2.1ubuntu2.1) trusty-security; urgency=low * SECURITY UPDATE: The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands. (LP: #1462311) - debian/patches/CVE-2015-3306.patch: adjust contrib/mod_copy.c to check authentication status. Based on upstream patch. - CVE-2015-3306 Date: 2016-12-08 01:15:35.166425+00:00 Signed-By: Tyler Hicks https://launchpad.net/ubuntu/+source/proftpd-dfsg/1.3.5~rc3-2.1ubuntu2.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] libav 6:9.20-0ubuntu0.14.04.1 (Accepted)
libav (6:9.20-0ubuntu0.14.04.1) trusty-security; urgency=medium * SECURITY UPDATE: Updated to 9.20 to fix various crashes with invalid-free, corrupted double-linked list or out-of-bounds read (LP: #1643467) - No CVE number Date: 2016-12-07 21:07:16.310648+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/libav/6:9.20-0ubuntu0.14.04.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] openjdk-6 6b40-1.13.12-0ubuntu0.14.04.3 (Accepted)
openjdk-6 (6b40-1.13.12-0ubuntu0.14.04.3) trusty-security; urgency=medium * Backported security fixes from 8u111: - CVE-2016-5582, S8160591: Improve internal array handling. - CVE-2016-5573, S8159519: Reformat JDWP messages. - CVE-2016-5597, S8160838: Better HTTP service. - CVE-2016-5554, S8157739: Classloader Consistency Checking. - CVE-2016-5542, S8155973: Tighten jar checks. Date: 2016-12-01 14:29:18.165831+00:00 Changed-By: Tiago Stürmer Daitx Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/openjdk-6/6b40-1.13.12-0ubuntu0.14.04.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-security] libav 6:9.20-0ubuntu0.14.04.1 (Accepted)
libav (6:9.20-0ubuntu0.14.04.1) trusty-security; urgency=medium * SECURITY UPDATE: Updated to 9.20 to fix various crashes with invalid-free, corrupted double-linked list or out-of-bounds read (LP: #1643467) - No CVE number Date: 2016-12-07 21:07:16.310648+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libav/6:9.20-0ubuntu0.14.04.1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-security] openjdk-6 6b40-1.13.12-0ubuntu0.14.04.3 (Accepted)
openjdk-6 (6b40-1.13.12-0ubuntu0.14.04.3) trusty-security; urgency=medium * Backported security fixes from 8u111: - CVE-2016-5582, S8160591: Improve internal array handling. - CVE-2016-5573, S8159519: Reformat JDWP messages. - CVE-2016-5597, S8160838: Better HTTP service. - CVE-2016-5554, S8157739: Classloader Consistency Checking. - CVE-2016-5542, S8155973: Tighten jar checks. Date: 2016-12-01 14:29:18.165831+00:00 Changed-By: Tiago Stürmer Daitx Signed-By: Steve Beattie https://launchpad.net/ubuntu/+source/openjdk-6/6b40-1.13.12-0ubuntu0.14.04.3 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] ghostscript 9.10~dfsg-0ubuntu10.6 (Accepted)
ghostscript (9.10~dfsg-0ubuntu10.6) trusty-security; urgency=medium * SECURITY UPDATE: Fix regression introduced by fix for CVE-2013-5653 (LP: #1647276) - debian/patches/CVE-2013-5653-regression.patch Date: 2016-12-07 16:24:13.923948+00:00 Changed-By: Emily Ratliff Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/ghostscript/9.10~dfsg-0ubuntu10.6 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-security] ghostscript 9.10~dfsg-0ubuntu10.6 (Accepted)
ghostscript (9.10~dfsg-0ubuntu10.6) trusty-security; urgency=medium * SECURITY UPDATE: Fix regression introduced by fix for CVE-2013-5653 (LP: #1647276) - debian/patches/CVE-2013-5653-regression.patch Date: 2016-12-07 16:24:13.923948+00:00 Changed-By: Emily Ratliff https://launchpad.net/ubuntu/+source/ghostscript/9.10~dfsg-0ubuntu10.6 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] linux-firmware 1.127.23 (Accepted)
linux-firmware (1.127.23) trusty; urgency=medium * Trigger update-initramfs following linux-firmware install (LP: #1646197) - UBUNTU: Add postinst script to update initrds * Add i915/skl_guc_ver6.bin to linux-firmware in Trusty (LP: #1642709) - linux-firmware/i915: Major GuC release for Skylake - ver 6.1 Date: Thu, 01 Dec 2016 15:36:41 -0600 Changed-By: Seth Forshee Maintainer: Ubuntu Kernel Team https://launchpad.net/ubuntu/+source/linux-firmware/1.127.23 Format: 1.8 Date: Thu, 01 Dec 2016 15:36:41 -0600 Source: linux-firmware Binary: linux-firmware nic-firmware scsi-firmware Architecture: source Version: 1.127.23 Distribution: trusty Urgency: medium Maintainer: Ubuntu Kernel Team Changed-By: Seth Forshee Description: linux-firmware - Firmware for Linux kernel drivers nic-firmware - Firmware for NICs (udeb) scsi-firmware - Firmware for SCSI controllers (udeb) Launchpad-Bugs-Fixed: 1642709 1646197 Changes: linux-firmware (1.127.23) trusty; urgency=medium . * Trigger update-initramfs following linux-firmware install (LP: #1646197) - UBUNTU: Add postinst script to update initrds . * Add i915/skl_guc_ver6.bin to linux-firmware in Trusty (LP: #1642709) - linux-firmware/i915: Major GuC release for Skylake - ver 6.1 Checksums-Sha1: bf87b39bfc022642d5d46d6c235e62a8557d5448 1655 linux-firmware_1.127.23.dsc 6cfae77d1299d8c8e91de1d4d71a339046119e06 64104505 linux-firmware_1.127.23.tar.gz Checksums-Sha256: 6244e2771698e89a4aed94f4836c0b284773971b0211baf8ea85c3699326720f 1655 linux-firmware_1.127.23.dsc e5f64758e5c59c63c5eb7547b3221a1aae3fa7de1d42abba2dfa091841cceae4 64104505 linux-firmware_1.127.23.tar.gz Files: 24371df34d0a89a95be1c15c986a8870 1655 misc optional linux-firmware_1.127.23.dsc 6fb111628d5f594455911a58969ce74a 64104505 misc optional linux-firmware_1.127.23.tar.gz -- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] initramfs-tools 0.103ubuntu4.5 (Accepted)
initramfs-tools (0.103ubuntu4.5) trusty; urgency=medium [ Timo Aaltonen ] * hooks/framebuffer: Copy kernel/ubuntu/i915 backport driver too. (LP: #1500751) Date: Wed, 07 Dec 2016 01:27:28 -0800 Changed-By: Brian Murray Maintainer: Ubuntu Kernel Team https://launchpad.net/ubuntu/+source/initramfs-tools/0.103ubuntu4.5 Format: 1.8 Date: Wed, 07 Dec 2016 01:27:28 -0800 Source: initramfs-tools Binary: initramfs-tools initramfs-tools-bin Architecture: source Version: 0.103ubuntu4.5 Distribution: trusty Urgency: medium Maintainer: Ubuntu Kernel Team Changed-By: Brian Murray Description: initramfs-tools - tools for generating an initramfs initramfs-tools-bin - binaries used by initramfs-tools Launchpad-Bugs-Fixed: 1500751 Changes: initramfs-tools (0.103ubuntu4.5) trusty; urgency=medium . [ Timo Aaltonen ] * hooks/framebuffer: Copy kernel/ubuntu/i915 backport driver too. (LP: #1500751) Checksums-Sha1: 94bcda892dbc619dd23d0982864201adea92e5ba 1218 initramfs-tools_0.103ubuntu4.5.dsc a7ea935ea40eedac9a3d85105ed7f840e3802e69 94288 initramfs-tools_0.103ubuntu4.5.tar.xz Checksums-Sha256: b056074138656ae9843434dfcad8c9a7e41439c31dd0a802632b7e2adde29bb0 1218 initramfs-tools_0.103ubuntu4.5.dsc 49ccf8306345dbab1e0f0b5577b0b47aa0c1338059b111938cd7fd5c54a97f76 94288 initramfs-tools_0.103ubuntu4.5.tar.xz Files: e48fbbe07e79db6fb067d118d3d88ee2 1218 utils optional initramfs-tools_0.103ubuntu4.5.dsc b5d2b1806767f6fa688438bbfd053d21 94288 utils optional initramfs-tools_0.103ubuntu4.5.tar.xz Original-Maintainer: Debian kernel team -- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] cloud-init 0.7.5-0ubuntu1.21 (Accepted)
cloud-init (0.7.5-0ubuntu1.21) trusty; urgency=medium * Microsoft Azure: - Install udev rules to create /dev/disk/cloud entries for Azure ephemeral disk. - debian/patches/lp-1603222-fix-ephemeral-disk-fstab.patch: - Use /dev/disk/cloud entries for ephemeral disk (LP: #1603222) Date: 2016-11-25 10:51:11.116702+00:00 Changed-By: Dan Watkins Maintainer: Scott Moser Signed-By: Chris J Arges https://launchpad.net/ubuntu/+source/cloud-init/0.7.5-0ubuntu1.21 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] python-django 1.6.11-0ubuntu1 (Accepted)
python-django (1.6.11-0ubuntu1) trusty; urgency=medium * Update to final upstream 1.6 microrelease (LP: #1644346) * Drop patches included upstream: - debian/patches/07_translation_encoding_fix.diff, ticket21869.diff, CVE-2014-0472.patch, CVE-2014-0473.patch, CVE-2014-0474.patch, CVE-2014-0472-regression.patch, drop_fix_ie_for_vary_1_6.diff, is_safe_url_1_6.diff, CVE-2014-0480.patch, CVE-2014-0481.patch, CVE-2014-0482.patch, CVE-2014-0483.patch, CVE-2014-0483-bug23329.patch, CVE-2014-0483-bug23431.patch, CVE-2015-0219.patch, CVE-2015-0220.patch, CVE-2015-0221.patch, CVE-2015-0222.patch, CVE-2015-2316.patch, and CVE-2015-2317.patch Date: 2016-11-23 19:43:09.461060+00:00 Changed-By: Scott Kitterman Signed-By: Chris J Arges https://launchpad.net/ubuntu/+source/python-django/1.6.11-0ubuntu1 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] dbus 1.6.18-0ubuntu4.5 (Accepted)
dbus (1.6.18-0ubuntu4.5) trusty; urgency=medium * debian/patches/unrequested-reply-mediation.patch: Don't let unrequested reply messages through and don't audit them. Unrequested reply messages are error or method_return messages that are sent from D-Bus connection A to D-Bus connection B that do not correspond to any message ever sent by D-Bus connection B. They should be quietly dropped as there's no use for them outside of malicious activity. Patch based on upstream patches. (LP: #1641243) Date: Wed, 30 Nov 2016 21:44:48 + Changed-By: Tyler Hicks Maintainer: Ubuntu Developers https://launchpad.net/ubuntu/+source/dbus/1.6.18-0ubuntu4.5 Format: 1.8 Date: Wed, 30 Nov 2016 21:44:48 + Source: dbus Binary: dbus dbus-x11 libdbus-1-3 dbus-1-doc libdbus-1-dev dbus-1-dbg Architecture: source Version: 1.6.18-0ubuntu4.5 Distribution: trusty Urgency: medium Maintainer: Ubuntu Developers Changed-By: Tyler Hicks Description: dbus - simple interprocess messaging system (daemon and utilities) dbus-1-dbg - simple interprocess messaging system (debug symbols) dbus-1-doc - simple interprocess messaging system (documentation) dbus-x11 - simple interprocess messaging system (X11 deps) libdbus-1-3 - simple interprocess messaging system (library) libdbus-1-dev - simple interprocess messaging system (development headers) Launchpad-Bugs-Fixed: 1641243 Changes: dbus (1.6.18-0ubuntu4.5) trusty; urgency=medium . * debian/patches/unrequested-reply-mediation.patch: Don't let unrequested reply messages through and don't audit them. Unrequested reply messages are error or method_return messages that are sent from D-Bus connection A to D-Bus connection B that do not correspond to any message ever sent by D-Bus connection B. They should be quietly dropped as there's no use for them outside of malicious activity. Patch based on upstream patches. (LP: #1641243) Checksums-Sha1: a216699f13a2ae401a24e7f67d5f60757bfd30c4 2671 dbus_1.6.18-0ubuntu4.5.dsc c42b94bf2fd6c3790c46a296bdb60e90f61099b4 85290 dbus_1.6.18-0ubuntu4.5.debian.tar.gz Checksums-Sha256: df376491c0c47b9a4a87c5164a5687db3913dd542164dac9bbb6966a91a9b79e 2671 dbus_1.6.18-0ubuntu4.5.dsc d23474258a67b0a678e02259c85caa97d61d1730463295fb5b055b369ed2bf60 85290 dbus_1.6.18-0ubuntu4.5.debian.tar.gz Files: ad2072b98185b15a499b418a450ccbd7 2671 admin optional dbus_1.6.18-0ubuntu4.5.dsc 041f7ff964a50ea4f60451b2bbec977a 85290 admin optional dbus_1.6.18-0ubuntu4.5.debian.tar.gz Original-Maintainer: Utopia Maintenance Team -- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-proposed] tzdata 2016j-0ubuntu0.14.04 (Accepted)
tzdata (2016j-0ubuntu0.14.04) trusty; urgency=medium * New upstream release, updating Saratov, Tongatapu, Cyprus, and Casey. Date: Wed, 07 Dec 2016 03:03:42 -0700 Changed-By: Adam Conrad Maintainer: Ubuntu Developers https://launchpad.net/ubuntu/+source/tzdata/2016j-0ubuntu0.14.04 Format: 1.8 Date: Wed, 07 Dec 2016 03:03:42 -0700 Source: tzdata Binary: tzdata tzdata-java Architecture: source Version: 2016j-0ubuntu0.14.04 Distribution: trusty Urgency: medium Maintainer: Ubuntu Developers Changed-By: Adam Conrad Description: tzdata - time zone and daylight-saving time data tzdata-java - time zone and daylight-saving time data for use by java runtimes Changes: tzdata (2016j-0ubuntu0.14.04) trusty; urgency=medium . * New upstream release, updating Saratov, Tongatapu, Cyprus, and Casey. Checksums-Sha1: b6dea4900909ee7527a5bab8a229e82a8da46f45 2048 tzdata_2016j-0ubuntu0.14.04.dsc 804de038973c1ffb887117e27b5dbedce8fff541 321185 tzdata_2016j.orig.tar.gz 496da7040fed08561ce5967e707d67f8ca589d75 100436 tzdata_2016j-0ubuntu0.14.04.debian.tar.xz Checksums-Sha256: baec60d2dc81bef9a522b00ee9679c15a1d93b32fc6c5367203654b46bfebbd5 2048 tzdata_2016j-0ubuntu0.14.04.dsc f5ee4e0f115f6c2faee1c4b16193a97338cbd1b503f2cea6c5a768c82ff39dc8 321185 tzdata_2016j.orig.tar.gz a4a236571039dcd942e49e86d632908663eabc7a0e5bcdf81ee39aec9746d508 100436 tzdata_2016j-0ubuntu0.14.04.debian.tar.xz Files: 634032a40eef4127e057bac7dba38b3e 2048 libs required tzdata_2016j-0ubuntu0.14.04.dsc db361d005ac8b30a2d18c5ca38d3e8ab 321185 libs required tzdata_2016j.orig.tar.gz 6fae35f1b7df2b2de04eefc312682e43 100436 libs required tzdata_2016j-0ubuntu0.14.04.debian.tar.xz Original-Maintainer: GNU Libc Maintainers -- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes
[ubuntu/trusty-updates] ubuntu-release-upgrader 1:0.220.9 (Accepted)
ubuntu-release-upgrader (1:0.220.9) trusty-proposed; urgency=medium * No change rebuild so the dist-upgrader tarball will be signed with the new method. (LP: #1645906) Date: 2016-11-30 18:10:11.072800+00:00 Changed-By: Brian Murray https://launchpad.net/ubuntu/+source/ubuntu-release-upgrader/1:0.220.9 Sorry, changesfile not available.-- Trusty-changes mailing list Trusty-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/trusty-changes