[ubuntu/xenial-updates] docker.io 18.09.7-0ubuntu1~16.04.7 (Accepted)
docker.io (18.09.7-0ubuntu1~16.04.7) xenial; urgency=medium * d/p/do_not_bind_docker_to_containerd.patch: Update docker.io to not stop when containerd is upgraded, by using Wants= rather than BindTo=. (LP: #1870514) * d/rules: Fix docker.io to not restart its service during package upgrades, to prevent service downtime from automatic updates via unattended-upgrade. (LP: #1906364) Date: 2020-12-10 21:53:09.661343+00:00 Changed-By: Bryce Harrington Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~16.04.7 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] containerd 1.2.6-0ubuntu1~16.04.6 (Accepted)
containerd (1.2.6-0ubuntu1~16.04.6) xenial; urgency=medium * d/control: add a Breaks for docker.io lower than 18.09.7-0ubuntu1~16.04.7 (LP: #1870514). The previous versions stop the docker daemon when a containerd update is performed, this Breaks statement will make sure we have a newer version which has the appropriate fix. containerd (1.2.6-0ubuntu1~16.04.5) xenial-security; urgency=medium * SECURITY UPDATE: Elevation of privilege vulnerability - debian/patches/Add-runc.v2-multi-shim_partial2.patch: Add runc.v2 multi-shim (partially). - debian/patches/horten-the-unix-socket-path-for-shim.patch: horten the unix socket path for shim. - debian/patches/Include-extension-for-shim-binary-format-on-Windows.patch: Include extension for shim binary format. - debian/patches/CVE-2020-15257.patch: Use path based unix socket for shims and use path-based unix socket for containerd-shim. - CVE-2020-15257 Date: 2020-12-14 13:35:10.056173+00:00 Signed-By: Łukasz Zemczak https://launchpad.net/ubuntu/+source/containerd/1.2.6-0ubuntu1~16.04.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-kvm 4.4.0-1086.95 (Accepted)
linux-kvm (4.4.0-1086.95) xenial; urgency=medium
* xenial/linux-kvm: 4.4.0-1086.95 -proposed tracker (LP: #1910085)
[ Ubuntu: 4.4.0-199.231 ]
* xenial/linux: 4.4.0-199.231 -proposed tracker (LP: #1910093)
* Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
- Input: i8042 - add ByteSpeed touchpad to noloop table
* stack trace in kernel (LP: #1903596)
- net: napi: remove useless stack trace
* CVE-2020-2
- powerpc/rtas: Restrict RTAS requests from userspace
- [Config]: Set CONFIG_PPC_RTAS_FILTER
* Xenial update: v4.4.247 upstream stable release (LP: #1906703)
- btrfs: tree-checker: Enhance chunk checker to validate chunk profile
- btrfs: inode: Verify inode mode to avoid NULL pointer dereference
- HID: cypress: Support Varmilo Keyboards' media hotkeys
- Input: i8042 - allow insmod to succeed on devices without an i8042
controller
- HID: hid-sensor-hub: Fix issue with devices with no report ID
- x86/xen: don't unbind uninitialized lock_kicker_irq
- proc: don't allow async path resolution of /proc/self components
- dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
- scsi: libiscsi: Fix NOP race condition
- scsi: target: iscsi: Fix cmd abort fabric stop race
- scsi: ufs: Fix race between shutdown and runtime resume flow
- bnxt_en: fix error return code in bnxt_init_board()
- video: hyperv_fb: Fix the cache type when mapping the VRAM
- bnxt_en: Release PCI regions when DMA mask setup fails during probe.
- IB/mthca: fix return value of error branch in mthca_init_cq()
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers
- efivarfs: revert "fix memory leak in efivarfs_create()"
- perf probe: Fix to die_entrypc() returns error correctly
- USB: core: Change %pK for __user pointers to %px
- x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb
- USB: core: add endpoint-blacklist quirk
- USB: core: Fix regression in Hercules audio card
- btrfs: fix lockdep splat when reading qgroup config on mount
- Linux 4.4.247
* Xenial update: v4.4.246 upstream stable release (LP: #1906700)
- ah6: fix error return code in ah6_input()
- atm: nicstar: Unmap DMA on send error
- net: b44: fix error return code in b44_init_one()
- net: bridge: add missing counters to ndo_get_stats64 callback
- netlabel: fix our progress tracking in netlbl_unlabel_staticlist()
- netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist()
- net/mlx4_core: Fix init_hca fields offset
- net: x25: Increase refcnt of "struct x25_neigh" in x25_rx_call_request
- qlcnic: fix error return code in qlcnic_83xx_restart_hw()
- sctp: change to hold/put transport for proto_unreach_timer
- net: usb: qmi_wwan: Set DTR quirk for MR400
- net: Have netpoll bring-up DSA management interface
- pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq
- arm64: psci: Avoid printing in cpu_psci_cpu_die()
- MIPS: Fix BUILD_ROLLBACK_PROLOGUE for microMIPS
- Input: adxl34x - clean up a data type in adxl34x_probe()
- arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy
- ARM: dts: imx50-evk: Fix the chip select 1 IOMUX
- perf lock: Don't free "lock_seq_stat" if read_count isn't zero
- can: dev: can_restart(): post buffer from the right context
- can: peak_usb: fix potential integer overflow on shift of a int
- can: m_can: m_can_handle_state_change(): fix state change
- MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu
- regulator: ti-abb: Fix array out of bound read access on the first
transition
- libfs: fix error cast of negative value in simple_attr_write()
- ALSA: ctl: fix error path at adding user-defined element set
- ALSA: mixart: Fix mutex deadlock
- tty: serial: imx: keep console clocks always on
- efivarfs: fix memory leak in efivarfs_create()
- ext4: fix bogus warning in ext4_update_dx_flag()
- xtensa: disable preemption around cache alias management calls
- mac80211: minstrel: remove deferred sampling code
- mac80211: minstrel: fix tx status processing corner case
- mac80211: allow driver to prevent two stations w/ same address
- mac80211: free sta in sta_info_insert_finish() on errors
- s390/cpum_sf.c: fix file permission for cpum_sfb_size
- x86/microcode/intel: Check patch signature before saving microcode for
early
loading
- Linux 4.4.246
* Xenial update: v4.4.245 upstream stable release (LP: #1906698)
- i2c: imx: Fix external abort on interrupt in exit paths
- xfs: catch inode allocation state mismatch corruption
- xfs: validate cached inodes are free when allocated
- powerpc/8xx: Always fault when _PAGE_ACCESSED is not set
- Input: sunkbd - avoid use-after-free in teardown paths
- mac80211: always wind down STA state
- KVM: x86: clflushopt should be treated as a no-op by emula
[ubuntu/xenial-proposed] linux-meta-kvm 4.4.0.1086.84 (Accepted)
linux-meta-kvm (4.4.0.1086.84) xenial; urgency=medium * Bump ABI 4.4.0-1086 Date: 2021-01-06 18:31:41.555068+00:00 Changed-By: Kelsey Skunberg Signed-By: Andy Whitcroft https://launchpad.net/ubuntu/+source/linux-meta-kvm/4.4.0.1086.84 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-raspi2 4.4.0-1144.154 (Accepted)
linux-raspi2 (4.4.0-1144.154) xenial; urgency=medium
* xenial/linux-raspi2: 4.4.0-1144.154 -proposed tracker (LP: #1910087)
[ Ubuntu: 4.4.0-199.231 ]
* xenial/linux: 4.4.0-199.231 -proposed tracker (LP: #1910093)
* Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
- Input: i8042 - add ByteSpeed touchpad to noloop table
* stack trace in kernel (LP: #1903596)
- net: napi: remove useless stack trace
* CVE-2020-2
- powerpc/rtas: Restrict RTAS requests from userspace
- [Config]: Set CONFIG_PPC_RTAS_FILTER
* Xenial update: v4.4.247 upstream stable release (LP: #1906703)
- btrfs: tree-checker: Enhance chunk checker to validate chunk profile
- btrfs: inode: Verify inode mode to avoid NULL pointer dereference
- HID: cypress: Support Varmilo Keyboards' media hotkeys
- Input: i8042 - allow insmod to succeed on devices without an i8042
controller
- HID: hid-sensor-hub: Fix issue with devices with no report ID
- x86/xen: don't unbind uninitialized lock_kicker_irq
- proc: don't allow async path resolution of /proc/self components
- dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
- scsi: libiscsi: Fix NOP race condition
- scsi: target: iscsi: Fix cmd abort fabric stop race
- scsi: ufs: Fix race between shutdown and runtime resume flow
- bnxt_en: fix error return code in bnxt_init_board()
- video: hyperv_fb: Fix the cache type when mapping the VRAM
- bnxt_en: Release PCI regions when DMA mask setup fails during probe.
- IB/mthca: fix return value of error branch in mthca_init_cq()
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers
- efivarfs: revert "fix memory leak in efivarfs_create()"
- perf probe: Fix to die_entrypc() returns error correctly
- USB: core: Change %pK for __user pointers to %px
- x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb
- USB: core: add endpoint-blacklist quirk
- USB: core: Fix regression in Hercules audio card
- btrfs: fix lockdep splat when reading qgroup config on mount
- Linux 4.4.247
* Xenial update: v4.4.246 upstream stable release (LP: #1906700)
- ah6: fix error return code in ah6_input()
- atm: nicstar: Unmap DMA on send error
- net: b44: fix error return code in b44_init_one()
- net: bridge: add missing counters to ndo_get_stats64 callback
- netlabel: fix our progress tracking in netlbl_unlabel_staticlist()
- netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist()
- net/mlx4_core: Fix init_hca fields offset
- net: x25: Increase refcnt of "struct x25_neigh" in x25_rx_call_request
- qlcnic: fix error return code in qlcnic_83xx_restart_hw()
- sctp: change to hold/put transport for proto_unreach_timer
- net: usb: qmi_wwan: Set DTR quirk for MR400
- net: Have netpoll bring-up DSA management interface
- pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq
- arm64: psci: Avoid printing in cpu_psci_cpu_die()
- MIPS: Fix BUILD_ROLLBACK_PROLOGUE for microMIPS
- Input: adxl34x - clean up a data type in adxl34x_probe()
- arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy
- ARM: dts: imx50-evk: Fix the chip select 1 IOMUX
- perf lock: Don't free "lock_seq_stat" if read_count isn't zero
- can: dev: can_restart(): post buffer from the right context
- can: peak_usb: fix potential integer overflow on shift of a int
- can: m_can: m_can_handle_state_change(): fix state change
- MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu
- regulator: ti-abb: Fix array out of bound read access on the first
transition
- libfs: fix error cast of negative value in simple_attr_write()
- ALSA: ctl: fix error path at adding user-defined element set
- ALSA: mixart: Fix mutex deadlock
- tty: serial: imx: keep console clocks always on
- efivarfs: fix memory leak in efivarfs_create()
- ext4: fix bogus warning in ext4_update_dx_flag()
- xtensa: disable preemption around cache alias management calls
- mac80211: minstrel: remove deferred sampling code
- mac80211: minstrel: fix tx status processing corner case
- mac80211: allow driver to prevent two stations w/ same address
- mac80211: free sta in sta_info_insert_finish() on errors
- s390/cpum_sf.c: fix file permission for cpum_sfb_size
- x86/microcode/intel: Check patch signature before saving microcode for
early
loading
- Linux 4.4.246
* Xenial update: v4.4.245 upstream stable release (LP: #1906698)
- i2c: imx: Fix external abort on interrupt in exit paths
- xfs: catch inode allocation state mismatch corruption
- xfs: validate cached inodes are free when allocated
- powerpc/8xx: Always fault when _PAGE_ACCESSED is not set
- Input: sunkbd - avoid use-after-free in teardown paths
- mac80211: always wind down STA state
- KVM: x86: clflushopt should be treated as a no-op
[ubuntu/xenial-proposed] linux-meta-raspi2 4.4.0.1144.144 (Accepted)
linux-meta-raspi2 (4.4.0.1144.144) xenial; urgency=medium * Bump ABI 4.4.0-1144 Date: 2021-01-06 12:05:47.509557+00:00 Changed-By: Kleber Sacilotto de Souza Signed-By: Andy Whitcroft https://launchpad.net/ubuntu/+source/linux-meta-raspi2/4.4.0.1144.144 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-proposed] linux-snapdragon 4.4.0-1148.158 (Accepted)
linux-snapdragon (4.4.0-1148.158) xenial; urgency=medium
* xenial/linux-snapdragon: 4.4.0-1148.158 -proposed tracker (LP: #1910089)
[ Ubuntu: 4.4.0-199.231 ]
* xenial/linux: 4.4.0-199.231 -proposed tracker (LP: #1910093)
* Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
- Input: i8042 - add ByteSpeed touchpad to noloop table
* stack trace in kernel (LP: #1903596)
- net: napi: remove useless stack trace
* CVE-2020-2
- powerpc/rtas: Restrict RTAS requests from userspace
- [Config]: Set CONFIG_PPC_RTAS_FILTER
* Xenial update: v4.4.247 upstream stable release (LP: #1906703)
- btrfs: tree-checker: Enhance chunk checker to validate chunk profile
- btrfs: inode: Verify inode mode to avoid NULL pointer dereference
- HID: cypress: Support Varmilo Keyboards' media hotkeys
- Input: i8042 - allow insmod to succeed on devices without an i8042
controller
- HID: hid-sensor-hub: Fix issue with devices with no report ID
- x86/xen: don't unbind uninitialized lock_kicker_irq
- proc: don't allow async path resolution of /proc/self components
- dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
- scsi: libiscsi: Fix NOP race condition
- scsi: target: iscsi: Fix cmd abort fabric stop race
- scsi: ufs: Fix race between shutdown and runtime resume flow
- bnxt_en: fix error return code in bnxt_init_board()
- video: hyperv_fb: Fix the cache type when mapping the VRAM
- bnxt_en: Release PCI regions when DMA mask setup fails during probe.
- IB/mthca: fix return value of error branch in mthca_init_cq()
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers
- efivarfs: revert "fix memory leak in efivarfs_create()"
- perf probe: Fix to die_entrypc() returns error correctly
- USB: core: Change %pK for __user pointers to %px
- x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb
- USB: core: add endpoint-blacklist quirk
- USB: core: Fix regression in Hercules audio card
- btrfs: fix lockdep splat when reading qgroup config on mount
- Linux 4.4.247
* Xenial update: v4.4.246 upstream stable release (LP: #1906700)
- ah6: fix error return code in ah6_input()
- atm: nicstar: Unmap DMA on send error
- net: b44: fix error return code in b44_init_one()
- net: bridge: add missing counters to ndo_get_stats64 callback
- netlabel: fix our progress tracking in netlbl_unlabel_staticlist()
- netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist()
- net/mlx4_core: Fix init_hca fields offset
- net: x25: Increase refcnt of "struct x25_neigh" in x25_rx_call_request
- qlcnic: fix error return code in qlcnic_83xx_restart_hw()
- sctp: change to hold/put transport for proto_unreach_timer
- net: usb: qmi_wwan: Set DTR quirk for MR400
- net: Have netpoll bring-up DSA management interface
- pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq
- arm64: psci: Avoid printing in cpu_psci_cpu_die()
- MIPS: Fix BUILD_ROLLBACK_PROLOGUE for microMIPS
- Input: adxl34x - clean up a data type in adxl34x_probe()
- arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy
- ARM: dts: imx50-evk: Fix the chip select 1 IOMUX
- perf lock: Don't free "lock_seq_stat" if read_count isn't zero
- can: dev: can_restart(): post buffer from the right context
- can: peak_usb: fix potential integer overflow on shift of a int
- can: m_can: m_can_handle_state_change(): fix state change
- MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu
- regulator: ti-abb: Fix array out of bound read access on the first
transition
- libfs: fix error cast of negative value in simple_attr_write()
- ALSA: ctl: fix error path at adding user-defined element set
- ALSA: mixart: Fix mutex deadlock
- tty: serial: imx: keep console clocks always on
- efivarfs: fix memory leak in efivarfs_create()
- ext4: fix bogus warning in ext4_update_dx_flag()
- xtensa: disable preemption around cache alias management calls
- mac80211: minstrel: remove deferred sampling code
- mac80211: minstrel: fix tx status processing corner case
- mac80211: allow driver to prevent two stations w/ same address
- mac80211: free sta in sta_info_insert_finish() on errors
- s390/cpum_sf.c: fix file permission for cpum_sfb_size
- x86/microcode/intel: Check patch signature before saving microcode for
early
loading
- Linux 4.4.246
* Xenial update: v4.4.245 upstream stable release (LP: #1906698)
- i2c: imx: Fix external abort on interrupt in exit paths
- xfs: catch inode allocation state mismatch corruption
- xfs: validate cached inodes are free when allocated
- powerpc/8xx: Always fault when _PAGE_ACCESSED is not set
- Input: sunkbd - avoid use-after-free in teardown paths
- mac80211: always wind down STA state
- KVM: x86: clflushopt should be treated as
[ubuntu/xenial-proposed] linux-meta-snapdragon 4.4.0.1148.140 (Accepted)
linux-meta-snapdragon (4.4.0.1148.140) xenial; urgency=medium * Bump ABI 4.4.0-1148 Date: 2021-01-06 20:41:41.819202+00:00 Changed-By: Kelsey Skunberg Signed-By: Andy Whitcroft https://launchpad.net/ubuntu/+source/linux-meta-snapdragon/4.4.0.1148.140 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] edk2 0~20160408.ffea0a2c-2ubuntu0.2 (Accepted)
edk2 (0~20160408.ffea0a2c-2ubuntu0.2) xenial-security; urgency=medium * Fix integer overflow in DxeImageVerificationHandler. (CVE-2019-14562) * CryptoPkg/BaseCryptLib: fix NULL dereference. (CVE-2019-14584) Date: 2021-01-06 13:19:11.626820+00:00 Changed-By: dann frazier Signed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/edk2/0~20160408.ffea0a2c-2ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ghostscript 9.26~dfsg+0-0ubuntu0.16.04.14 (Accepted)
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.14) xenial-security; urgency=medium * SECURITY UPDATE: integer overflow in opj_t1_encode_cblks - debian/patches/CVE-2018-5727.patch: fix UBSAN signed integer overflow in openjpeg/src/lib/openjp2/t1.c. - CVE-2018-5727 * SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-6851.patch: reject images whose coordinates are beyond INT_MAX in openjpeg/src/lib/openjp2/j2k.c. - CVE-2020-6851 * SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-8112.patch: avoid integer overflow in openjpeg/src/lib/openjp2/tcd.c. - CVE-2020-8112 * SECURITY UPDATE: heap-buffer-overflow - debian/patches/CVE-2020-27814-1.patch: grow buffer size in openjpeg/src/lib/openjp2/tcd.c. - debian/patches/CVE-2020-27814-2.patch: grow it again - debian/patches/CVE-2020-27814-3.patch: and some more - debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!! - CVE-2020-27814 * SECURITY UPDATE: global-buffer-overflow - debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on irreversible conversion when too many decomposition levels are specified in openjpeg/src/lib/openjp2/dwt.c. - CVE-2020-27824 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27841.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c, openjpeg/src/lib/openjp2/pi.h, openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27841 * SECURITY UPDATE: null pointer dereference - debian/patches/CVE-2020-27842.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27842 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27843.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27843 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27845.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c. - CVE-2020-27845 Date: 2021-01-06 19:16:12.891322+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.14 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] edk2 0~20160408.ffea0a2c-2ubuntu0.2 (Accepted)
edk2 (0~20160408.ffea0a2c-2ubuntu0.2) xenial-security; urgency=medium * Fix integer overflow in DxeImageVerificationHandler. (CVE-2019-14562) * CryptoPkg/BaseCryptLib: fix NULL dereference. (CVE-2019-14584) Date: 2021-01-06 13:19:11.626820+00:00 Changed-By: dann frazier Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/edk2/0~20160408.ffea0a2c-2ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] ghostscript 9.26~dfsg+0-0ubuntu0.16.04.14 (Accepted)
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.14) xenial-security; urgency=medium * SECURITY UPDATE: integer overflow in opj_t1_encode_cblks - debian/patches/CVE-2018-5727.patch: fix UBSAN signed integer overflow in openjpeg/src/lib/openjp2/t1.c. - CVE-2018-5727 * SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-6851.patch: reject images whose coordinates are beyond INT_MAX in openjpeg/src/lib/openjp2/j2k.c. - CVE-2020-6851 * SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-8112.patch: avoid integer overflow in openjpeg/src/lib/openjp2/tcd.c. - CVE-2020-8112 * SECURITY UPDATE: heap-buffer-overflow - debian/patches/CVE-2020-27814-1.patch: grow buffer size in openjpeg/src/lib/openjp2/tcd.c. - debian/patches/CVE-2020-27814-2.patch: grow it again - debian/patches/CVE-2020-27814-3.patch: and some more - debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!! - CVE-2020-27814 * SECURITY UPDATE: global-buffer-overflow - debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on irreversible conversion when too many decomposition levels are specified in openjpeg/src/lib/openjp2/dwt.c. - CVE-2020-27824 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27841.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c, openjpeg/src/lib/openjp2/pi.h, openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27841 * SECURITY UPDATE: null pointer dereference - debian/patches/CVE-2020-27842.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27842 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27843.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27843 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27845.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c. - CVE-2020-27845 Date: 2021-01-06 19:16:12.891322+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.14 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] firefox 84.0.2+build1-0ubuntu0.16.04.1 (Accepted)
firefox (84.0.2+build1-0ubuntu0.16.04.1) xenial; urgency=medium * New upstream release (84.0.2+build1) Date: 2021-01-06 12:34:08.811486+00:00 Changed-By: Olivier Tilloy Signed-By: Chris Coulson https://launchpad.net/ubuntu/+source/firefox/84.0.2+build1-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] tzdata 2020f-0ubuntu0.16.04 (Accepted)
tzdata (2020f-0ubuntu0.16.04) xenial; urgency=medium * New upstream version (LP: #1909698), affecting the following timestamp: - Volgograd switches to Moscow time on 2020-12-27 at 02:00. Date: 2021-01-06 18:18:09.209516+00:00 Changed-By: Brian Murray Signed-By: Steve Langasek https://launchpad.net/ubuntu/+source/tzdata/2020f-0ubuntu0.16.04 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] tzdata 2020f-0ubuntu0.16.04 (Accepted)
tzdata (2020f-0ubuntu0.16.04) xenial; urgency=medium * New upstream version (LP: #1909698), affecting the following timestamp: - Volgograd switches to Moscow time on 2020-12-27 at 02:00. Date: 2021-01-06 18:18:09.209516+00:00 Changed-By: Brian Murray Signed-By: Steve Langasek https://launchpad.net/ubuntu/+source/tzdata/2020f-0ubuntu0.16.04 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-updates] firefox 84.0.2+build1-0ubuntu0.16.04.1 (Accepted)
firefox (84.0.2+build1-0ubuntu0.16.04.1) xenial; urgency=medium * New upstream release (84.0.2+build1) Date: 2021-01-06 12:34:08.811486+00:00 Changed-By: Olivier Tilloy Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/firefox/84.0.2+build1-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
