[ubuntu/xenial-proposed] unattended-upgrades 1.1ubuntu1.18.04.7~16.04.5 (Accepted)
unattended-upgrades (1.1ubuntu1.18.04.7~16.04.5) xenial; urgency=medium * Fix non-minimal upgrades (LP: #1853861) - Mark packages for performing non-minimal upgrades - Clear cache after checking upgrades against the blacklist again. This fixes the issue when the dirty cache caused all packages to be upgraded in the first "minimal" step. Thanks to Paul Wise - Leave the cache clean when returning from calculate_upgradable_pkgs() When collecting upgradable packages the upgradable ones stayed in the cache and they were upgraded together even when unattended-upgrades was configured to perform upgrades in minimal steps. Thanks to Paul Wise - Clear cache after downloading packages Date: Mon, 25 Nov 2019 16:23:06 +0100 Changed-By: Balint Reczey Maintainer: Ubuntu Developers https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.7~16.04.5 Format: 1.8 Date: Mon, 25 Nov 2019 16:23:06 +0100 Source: unattended-upgrades Binary: unattended-upgrades Architecture: source Version: 1.1ubuntu1.18.04.7~16.04.5 Distribution: xenial Urgency: medium Maintainer: Ubuntu Developers Changed-By: Balint Reczey Description: unattended-upgrades - automatic installation of security upgrades Launchpad-Bugs-Fixed: 1853861 Changes: unattended-upgrades (1.1ubuntu1.18.04.7~16.04.5) xenial; urgency=medium . * Fix non-minimal upgrades (LP: #1853861) - Mark packages for performing non-minimal upgrades - Clear cache after checking upgrades against the blacklist again. This fixes the issue when the dirty cache caused all packages to be upgraded in the first "minimal" step. Thanks to Paul Wise - Leave the cache clean when returning from calculate_upgradable_pkgs() When collecting upgradable packages the upgradable ones stayed in the cache and they were upgraded together even when unattended-upgrades was configured to perform upgrades in minimal steps. Thanks to Paul Wise - Clear cache after downloading packages Checksums-Sha1: 60dd2284102e9b6a74ca6c75301514b1de56ca00 2084 unattended-upgrades_1.1ubuntu1.18.04.7~16.04.5.dsc 8679270fb6ce22b727e20fdbe4dd3991ace18e35 108628 unattended-upgrades_1.1ubuntu1.18.04.7~16.04.5.tar.xz 1622d11a81156eacf8ef4ad30c7bf4275ba57306 8565 unattended-upgrades_1.1ubuntu1.18.04.7~16.04.5_source.buildinfo Checksums-Sha256: 3d1ec86545d2d87e8cc4402690efb48c03b76efaf14d00a106a29f4fb96b5162 2084 unattended-upgrades_1.1ubuntu1.18.04.7~16.04.5.dsc 3045e6757768add7cb105b1156010f5677c38ede772d9bd385cf067e6988dd10 108628 unattended-upgrades_1.1ubuntu1.18.04.7~16.04.5.tar.xz f73dc04db342a0b11b39340d0264b9397f0b50f65d7e0e99ef838f6739c37765 8565 unattended-upgrades_1.1ubuntu1.18.04.7~16.04.5_source.buildinfo Files: 1dfad67bd2a4ba025c1481b8647f7aa1 2084 admin optional unattended-upgrades_1.1ubuntu1.18.04.7~16.04.5.dsc c6313923a728b905bb2c414e13bd56f2 108628 admin optional unattended-upgrades_1.1ubuntu1.18.04.7~16.04.5.tar.xz 5e099205a310a699be0c8a81c1af5c47 8565 admin optional unattended-upgrades_1.1ubuntu1.18.04.7~16.04.5_source.buildinfo Original-Maintainer: Michael Vogt -- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] debootstrap 1.0.78+nmu1ubuntu1.10 (Accepted)
debootstrap (1.0.78+nmu1ubuntu1.10) xenial; urgency=medium * Add (Ubuntu) focal as a symlink to gutsy. (LP: #1848716) Date: 2019-10-18 13:39:11.039997+00:00 Changed-By: Łukasz Zemczak Signed-By: Brian Murray https://launchpad.net/ubuntu/+source/debootstrap/1.0.78+nmu1ubuntu1.10 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] wslu 2.3.2-0ubuntu2~16.04.1 (Accepted)
wslu (2.3.2-0ubuntu2~16.04.1) xenial; urgency=medium * Detect X and PulseAudio in WSL2, too (LP: #1853343) * debian/wsl-integration.sh: Use type instead of which for faster execution. Also skip all detection steps when pactl and xvinfo are not installed. Date: Mon, 25 Nov 2019 12:44:05 +0100 Changed-By: Balint Reczey https://launchpad.net/ubuntu/+source/wslu/2.3.2-0ubuntu2~16.04.1 Format: 1.8 Date: Mon, 25 Nov 2019 12:44:05 +0100 Source: wslu Binary: wslu Architecture: source Version: 2.3.2-0ubuntu2~16.04.1 Distribution: xenial Urgency: medium Maintainer: Balint Reczey Changed-By: Balint Reczey Description: wslu - collection of utilities for the Windows 10 Linux Subsystem Launchpad-Bugs-Fixed: 1853343 Changes: wslu (2.3.2-0ubuntu2~16.04.1) xenial; urgency=medium . * Detect X and PulseAudio in WSL2, too (LP: #1853343) * debian/wsl-integration.sh: Use type instead of which for faster execution. Also skip all detection steps when pactl and xvinfo are not installed. Checksums-Sha1: f7f15ab5fedd30d43297cf19215f88a184c89212 1949 wslu_2.3.2-0ubuntu2~16.04.1.dsc 94c0237500847fef3e48d78c742362b7431871ad 13212 wslu_2.3.2-0ubuntu2~16.04.1.debian.tar.xz 14be408a0f5ff00e73ceea2da374eccb3cc451d3 10746 wslu_2.3.2-0ubuntu2~16.04.1_source.buildinfo Checksums-Sha256: 8c32580f8ca4948a3b17fa9ed566faa9b43c37ba9ad360d18fda7530ef6413a3 1949 wslu_2.3.2-0ubuntu2~16.04.1.dsc e25f4d4cabc94800854d644b40a6045ae4a72e41fe0ba38711fde1e82a0303dc 13212 wslu_2.3.2-0ubuntu2~16.04.1.debian.tar.xz b73991f8793d6aaac0e453aac271989f1aafde7c40eb4ac3bf4bfe416feaae28 10746 wslu_2.3.2-0ubuntu2~16.04.1_source.buildinfo Files: 0cf04cd1831d97976ebbfacb9d13705b 1949 admin optional wslu_2.3.2-0ubuntu2~16.04.1.dsc 7afa4ac412dcfc482fe0fcd4f107c2a1 13212 admin optional wslu_2.3.2-0ubuntu2~16.04.1.debian.tar.xz e6e52cb3625cdac9ccad1336d0776079 10746 admin optional wslu_2.3.2-0ubuntu2~16.04.1_source.buildinfo -- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] redmine 3.2.1-2ubuntu0.2 (Accepted)
redmine (3.2.1-2ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: persistent XSS exists due to textile formatting - debian/patches/0020-Fix-CVE-2019-17427.patch: improve the way that html tags are identified to be escaped. (LP: #1853063) - CVE-2019-17427 - https://www.cvedetails.com/cve/CVE-2019-17427/ - Redmine Defect #31520 * SECURITY UPDATE: SQL injection vulnerability - debian/patches/0021-Fix-CVE-2019-18890.patch: use map instead of each because it casts the values to integer and return a new array. (LP: #1853063) - CVE-2019-18890 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18890 - Redmine Defect #32374 Date: 2019-11-21 23:03:13.975465+00:00 Changed-By: Lucas Kanashiro Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/redmine/3.2.1-2ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] redmine 3.2.1-2ubuntu0.2 (Accepted)
redmine (3.2.1-2ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: persistent XSS exists due to textile formatting - debian/patches/0020-Fix-CVE-2019-17427.patch: improve the way that html tags are identified to be escaped. (LP: #1853063) - CVE-2019-17427 - https://www.cvedetails.com/cve/CVE-2019-17427/ - Redmine Defect #31520 * SECURITY UPDATE: SQL injection vulnerability - debian/patches/0021-Fix-CVE-2019-18890.patch: use map instead of each because it casts the values to integer and return a new array. (LP: #1853063) - CVE-2019-18890 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18890 - Redmine Defect #32374 Date: 2019-11-21 23:03:13.975465+00:00 Changed-By: Lucas Kanashiro Signed-By: Paulo Flabiano Smorigo https://launchpad.net/ubuntu/+source/redmine/3.2.1-2ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] libvpx 1.5.0-2ubuntu1.1 (Accepted)
libvpx (1.5.0-2ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: image width alignment issue - debian/patches/CVE-2017-13194-1.patch: fix image width alignment in vpx/src/vpx_image.c. - debian/patches/CVE-2017-13194-2.patch: fix alignment without external allocation in vpx/src/vpx_image.c. - CVE-2017-13194 * SECURITY UPDATE: double free in ParseContentEncodingEntry - debian/patches/CVE-2019-2126.patch: set compression_entries_ to NULL in third_party/libwebm/mkvparser/mkvparser.cc. - CVE-2019-2126 * SECURITY UPDATE: out of bounds read - debian/patches/CVE-2019-9232.patch: use unsigned char in vp8/decoder/dboolhuff.h, vpx_dsp/bitreader.h. - CVE-2019-9232 * SECURITY UPDATE: out of bounds read - debian/patches/CVE-2019-9325.patch: fix size in vp9/vp9_dx_iface.c, vpx_dsp/bitreader_buffer.c, test/decode_api_test.cc. - CVE-2019-9325 * SECURITY UPDATE: memory disclosure issue - debian/patches/CVE-2019-9433.patch: fix use-after-free in vp8/common/postproc.c. - CVE-2019-9433 Date: 2019-11-19 17:41:13.245861+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/libvpx/1.5.0-2ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libvpx 1.5.0-2ubuntu1.1 (Accepted)
libvpx (1.5.0-2ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: image width alignment issue - debian/patches/CVE-2017-13194-1.patch: fix image width alignment in vpx/src/vpx_image.c. - debian/patches/CVE-2017-13194-2.patch: fix alignment without external allocation in vpx/src/vpx_image.c. - CVE-2017-13194 * SECURITY UPDATE: double free in ParseContentEncodingEntry - debian/patches/CVE-2019-2126.patch: set compression_entries_ to NULL in third_party/libwebm/mkvparser/mkvparser.cc. - CVE-2019-2126 * SECURITY UPDATE: out of bounds read - debian/patches/CVE-2019-9232.patch: use unsigned char in vp8/decoder/dboolhuff.h, vpx_dsp/bitreader.h. - CVE-2019-9232 * SECURITY UPDATE: out of bounds read - debian/patches/CVE-2019-9325.patch: fix size in vp9/vp9_dx_iface.c, vpx_dsp/bitreader_buffer.c, test/decode_api_test.cc. - CVE-2019-9325 * SECURITY UPDATE: memory disclosure issue - debian/patches/CVE-2019-9433.patch: fix use-after-free in vp8/common/postproc.c. - CVE-2019-9433 Date: 2019-11-19 17:41:13.245861+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/libvpx/1.5.0-2ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] update-manager 1:16.04.17 (Accepted)
update-manager (1:16.04.17) xenial; urgency=medium * Correctly detect the usage of a username in changelog URIs. (LP: #1849004) Date: 2019-11-12 23:35:09.702731+00:00 Changed-By: Brian Murray Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/update-manager/1:16.04.17 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes