[ubuntu/trusty-updates] miniupnpc 1.6-3ubuntu2.14.04.4 (Accepted)

[Ubuntu Archive Robot]

miniupnpc (1.6-3ubuntu2.14.04.4) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple overflows
- upnpreplyparse.c: properly initialize data structure for SOAP
  parsing.
- minixml.c: fix heap buffer overflow.
- CVE-2017-1000494

Date: 2018-01-31 19:00:48.160205+00:00
Changed-By: Marc Deslauriers 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/miniupnpc/1.6-3ubuntu2.14.04.4
Sorry, changesfile not available.-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] miniupnpc 1.6-3ubuntu2.14.04.4 (Accepted)

[Marc Deslauriers]

miniupnpc (1.6-3ubuntu2.14.04.4) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple overflows
- upnpreplyparse.c: properly initialize data structure for SOAP
  parsing.
- minixml.c: fix heap buffer overflow.
- CVE-2017-1000494

Date: 2018-01-31 19:00:48.160205+00:00
Changed-By: Marc Deslauriers 
https://launchpad.net/ubuntu/+source/miniupnpc/1.6-3ubuntu2.14.04.4
Sorry, changesfile not available.-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-updates] libvirt 1.2.2-0ubuntu13.1.25 (Accepted)

[Ubuntu Archive Robot]

libvirt (1.2.2-0ubuntu13.1.25) trusty-security; urgency=medium

  * SECURITY UPDATE: Add support for Spectre mitigations
- debian/patches/CVE-2017-5715-ibrs*.patch: add CPU features for
  indirect branch prediction protection and add new *-IBRS CPU models.
- debian/control: add Breaks to get updated qemu with new CPU models.
- CVE-2017-5715

Date: 2018-02-01 20:26:13.901840+00:00
Changed-By: Marc Deslauriers 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/libvirt/1.2.2-0ubuntu13.1.25
Sorry, changesfile not available.-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-updates] qemu 2.0.0+dfsg-2ubuntu1.38 (Accepted)

[Ubuntu Archive Robot]

qemu (2.0.0+dfsg-2ubuntu1.38) trusty-security; urgency=medium

  * SECURITY UPDATE: Add support for Spectre mitigations (LP: #1744882)
- debian/patches/CVE-2017-5715-1.patch: Lengthen X86CPUDefinition::
  model_id in target-i386/cpu.c.
- debian/patches/CVE-2017-5715-2.patch: Add support for SPEC_CTRL MSR
  in target-i386/cpu.h, target-i386/kvm.c, target-i386/machine.c.
- debian/patches/CVE-2017-5715-3pre1.patch: add FEAT_7_0_ECX and
  FEAT_7_0_EDX in target-i386/cpu.c, target-i386/cpu.h.
- debian/patches/CVE-2017-5715-3.patch: Add spec-ctrl CPUID bit in
  target-i386/cpu.c, target-i386/cpu.h.
- debian/patches/CVE-2017-5715-4.patch: Add FEAT_8000_0008_EBX CPUID
  feature word in target-i386/cpu.c, target-i386/cpu.h.
- debian/patches/CVE-2017-5715-5.patch: Add new -IBRS versions of Intel
  CPU models in target-i386/cpu.c.
- CVE-2017-5715

Date: 2018-02-01 20:00:24.946840+00:00
Changed-By: Marc Deslauriers 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.38
Sorry, changesfile not available.-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] libvirt 1.2.2-0ubuntu13.1.25 (Accepted)

[Marc Deslauriers]

libvirt (1.2.2-0ubuntu13.1.25) trusty-security; urgency=medium

  * SECURITY UPDATE: Add support for Spectre mitigations
- debian/patches/CVE-2017-5715-ibrs*.patch: add CPU features for
  indirect branch prediction protection and add new *-IBRS CPU models.
- debian/control: add Breaks to get updated qemu with new CPU models.
- CVE-2017-5715

libvirt (1.2.2-0ubuntu13.1.23) trusty; urgency=medium

  * d/libvirt-bin.init, d/libvirt-bin.upstart: fix waiting for the libvirt
socket (LP: #1571209)
- avoid timing out on slow systems (only stop when service is stopped)
- fix whitespace damage formerly added to d/libvirt-bin.init
- no more long sleep without announcing to log
- check socket and service status more often for lower latency on changes
- fix check if unix_sock_dir path is set in /etc/libvirt/libvirtd.conf
- fix the upstart service name that is checked

libvirt (1.2.2-0ubuntu13.1.22) trusty; urgency=medium

  * fix guest channel support (LP: #1393842).
- d/p/virt-aa-helper-add-trusty-guest-agent-rule.patch: add apparmor rule
  for channels within guest namespace.
- d/libvirt-bin.postinst: create channel directories if needed.

libvirt (1.2.2-0ubuntu13.1.21) trusty; urgency=medium

  * d/libvirt-bin.postinst: call apparmor_parser with options to
ignore the apparmor cache and rebuild it, otherwise old apparmor
rules are used and this might break upgrades (LP: #1707400)

libvirt (1.2.2-0ubuntu13.1.20) trusty; urgency=medium

  [ Rafael David Tinoco ]
  * d/p/reject-blockcommit-of-active-layer.patch:
Block commit code isn't ready for QEMU 2.0 and has to be blocked.
This avoids virsh to hang forever on blackcommit jobs.
(LP: #1317491)

libvirt (1.2.2-0ubuntu13.1.17) trusty; urgency=medium

  * d/p/fix-util-don-t-fail-if-no-portdata-is-found.patch: 
make ovs-vsctl not raise error if there's no portData available.
(LP: #1540537).

Date: 2018-02-01 20:26:13.901840+00:00
Changed-By: Marc Deslauriers 
https://launchpad.net/ubuntu/+source/libvirt/1.2.2-0ubuntu13.1.25
Sorry, changesfile not available.-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] qemu 2.0.0+dfsg-2ubuntu1.38 (Accepted)

[Marc Deslauriers]

qemu (2.0.0+dfsg-2ubuntu1.38) trusty-security; urgency=medium

  * SECURITY UPDATE: Add support for Spectre mitigations (LP: #1744882)
- debian/patches/CVE-2017-5715-1.patch: Lengthen X86CPUDefinition::
  model_id in target-i386/cpu.c.
- debian/patches/CVE-2017-5715-2.patch: Add support for SPEC_CTRL MSR
  in target-i386/cpu.h, target-i386/kvm.c, target-i386/machine.c.
- debian/patches/CVE-2017-5715-3pre1.patch: add FEAT_7_0_ECX and
  FEAT_7_0_EDX in target-i386/cpu.c, target-i386/cpu.h.
- debian/patches/CVE-2017-5715-3.patch: Add spec-ctrl CPUID bit in
  target-i386/cpu.c, target-i386/cpu.h.
- debian/patches/CVE-2017-5715-4.patch: Add FEAT_8000_0008_EBX CPUID
  feature word in target-i386/cpu.c, target-i386/cpu.h.
- debian/patches/CVE-2017-5715-5.patch: Add new -IBRS versions of Intel
  CPU models in target-i386/cpu.c.
- CVE-2017-5715

Date: 2018-02-01 20:00:24.946840+00:00
Changed-By: Marc Deslauriers 
https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.38
Sorry, changesfile not available.-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-updates] phpldapadmin 1.2.2-5ubuntu1.2 (Accepted)

[Ubuntu Archive Robot]

phpldapadmin (1.2.2-5ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Multiple Cross-Site Scripting vulnerabilities in
file htdocs/entry_chooser.php (LP: #1701731)
- debian/patches/fix-XSS-3.patch: sanitize user inputs in
  file htdocs/entry_chooser.php.
- CVE-2017-11107

Date: 2017-09-20 18:37:16.463306+00:00
Changed-By: Emily Ratliff 
Signed-By: Ubuntu Archive Robot 

https://launchpad.net/ubuntu/+source/phpldapadmin/1.2.2-5ubuntu1.2
Sorry, changesfile not available.-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-proposed] preseed 1.62ubuntu1.2 (Accepted)

[Hua Zhang]

preseed (1.62ubuntu1.2) trusty; urgency=medium

  * Fix for netcfg/hostname, if set, to take precedence. (LP: #1745531)
- Modify debian/network-preseed.postinst to make it more robust

Date: Thu, 25 Jan 2018 15:09:28 +0800
Changed-By: Hua Zhang 
Maintainer: Ubuntu Installer Team 
Signed-By: Eric Desrochers 
https://launchpad.net/ubuntu/+source/preseed/1.62ubuntu1.2
Format: 1.8
Date: Thu, 25 Jan 2018 15:09:28 +0800
Source: preseed
Binary: preseed-common network-preseed file-preseed initrd-preseed env-preseed
Architecture: source
Version: 1.62ubuntu1.2
Distribution: trusty
Urgency: medium
Maintainer: Ubuntu Installer Team 
Changed-By: Hua Zhang 
Description:
 env-preseed - debconf preseeding via environment variables (udeb)
 file-preseed - load debconf preseed file (udeb)
 initrd-preseed - load debconf preseed file from /preseed.cfg on the initrd 
(udeb)
 network-preseed - download debconf preseed file (udeb)
 preseed-common - common files for preseeding (udeb)
Launchpad-Bugs-Fixed: 1745531
Changes:
 preseed (1.62ubuntu1.2) trusty; urgency=medium
 .
   * Fix for netcfg/hostname, if set, to take precedence. (LP: #1745531)
 - Modify debian/network-preseed.postinst to make it more robust
Checksums-Sha1:
 5be44ae8ac582a4e810ee503c67d64e69174736d 1733 preseed_1.62ubuntu1.2.dsc
 931faf389ceb8346aefc11593dcd7b2752205118 74924 preseed_1.62ubuntu1.2.tar.xz
Checksums-Sha256:
 fdc7da0c7eab34e2d605f8e9a29fc57af6eae3fac64cc283a862b6ab2b2f63b2 1733 
preseed_1.62ubuntu1.2.dsc
 622fb756ce0116adc6e84f48f97e36751da14bf76c50d866b7326b61ddd54295 74924 
preseed_1.62ubuntu1.2.tar.xz
Files:
 227960bb2329b4bbd3cbabe6c1b6b74d 1733 debian-installer optional 
preseed_1.62ubuntu1.2.dsc
 d35aecdcb3a07f30a60024a8677d89d0 74924 debian-installer optional 
preseed_1.62ubuntu1.2.tar.xz
Original-Maintainer: Debian Install System Team 
-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-proposed] partman-partitioning 99ubuntu2 (Accepted)

[Eric Desrochers]

partman-partitioning (99ubuntu2) trusty; urgency=medium

  * Make get_real_device() both simpler and more generic.
(LP: #1733276) (Closes: #820818).

Date: Tue, 06 Feb 2018 12:08:28 -0500
Changed-By: Eric Desrochers 
Maintainer: Ubuntu Installer Team 
https://launchpad.net/ubuntu/+source/partman-partitioning/99ubuntu2
Format: 1.8
Date: Tue, 06 Feb 2018 12:08:28 -0500
Source: partman-partitioning
Binary: partman-partitioning
Architecture: source
Version: 99ubuntu2
Distribution: trusty
Urgency: medium
Maintainer: Ubuntu Installer Team 
Changed-By: Eric Desrochers 
Description:
 partman-partitioning - Partitioning operations for partman (udeb)
Closes: 820818
Launchpad-Bugs-Fixed: 1733276
Changes:
 partman-partitioning (99ubuntu2) trusty; urgency=medium
 .
   * Make get_real_device() both simpler and more generic.
 (LP: #1733276) (Closes: #820818).
Checksums-Sha1:
 0cc846e126fdc419af40aeef70ded2c21003b28c 1529 
partman-partitioning_99ubuntu2.dsc
 0871c131aea4fe27f7389547a78d86b260ad8ac1 190232 
partman-partitioning_99ubuntu2.tar.xz
Checksums-Sha256:
 252f1b8451d0a3b219576b5aeaef78a5a477989a7a793b4da9fb5e02cebfef06 1529 
partman-partitioning_99ubuntu2.dsc
 995e55b6c4dfe1046f50a6a352ce2c498709476c7af56ba9df41bbb3706620bc 190232 
partman-partitioning_99ubuntu2.tar.xz
Files:
 f53a47638fabd78ad0b46242367fa2dd 1529 debian-installer optional 
partman-partitioning_99ubuntu2.dsc
 49a2b976a825fece4f2735c1428f1e55 190232 debian-installer optional 
partman-partitioning_99ubuntu2.tar.xz
Original-Maintainer: Debian Install System Team 
-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes

[ubuntu/trusty-security] phpldapadmin 1.2.2-5ubuntu1.2 (Accepted)

[Marc Deslauriers]

phpldapadmin (1.2.2-5ubuntu1.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Multiple Cross-Site Scripting vulnerabilities in
file htdocs/entry_chooser.php (LP: #1701731)
- debian/patches/fix-XSS-3.patch: sanitize user inputs in
  file htdocs/entry_chooser.php.
- CVE-2017-11107

Date: 2017-09-20 18:37:16.463306+00:00
Changed-By: Emily Ratliff 
Signed-By: Marc Deslauriers 
https://launchpad.net/ubuntu/+source/phpldapadmin/1.2.2-5ubuntu1.2
Sorry, changesfile not available.-- 
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/trusty-changes