[ubuntu/xenial-security] graphicsmagick 1.3.23-1ubuntu0.6 (Accepted)
Date: 2020-02-04 17:55:15.020890+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/graphicsmagick/1.3.23-1ubuntu0.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] graphicsmagick 1.3.23-1ubuntu0.6 (Accepted)
graphicsmagick (1.3.23-1ubuntu0.6) xenial-security; urgency=medium * SECURITY UPDATE: Heap-based buffer over-read in ReadNewsProfile() - debian/patches/CVE-2017-17912.patch: ReadNewsProfile() was allowing reading heap data beyond the allocated size. - CVE-2017-17912 * SECURITY UPDATE: Stack-based buffer over-read in WriteWEBPImage() - debian/patches/CVE-2017-17913-1.patch: Add some assertions to verify that the image pointer provided by libwebp is valid. - debian/patches/CVE-2017-17913-2.patch: Fix stack overflow with libwebp 0.5.0+ by disabling progress indication. - CVE-2017-17913 * SECURITY UPDATE: Heap-based buffer over-read in ReadMNGImage() - debian/patches/CVE-2017-17915.patch: Check range limit before accessing byte to avoid minor heap read overflow. - CVE-2017-17915 * SECURITY UPDATE: Allocation failure in ReadOnePNGImage() - debian/patches/CVE-2017-18219.patch: check MemoryResource before attempting to allocate ping_pixels array. - CVE-2017-18219 * SECURITY UPDATE: Allocation failure in ReadTIFFImage() - debian/patches/CVE-2017-18229.patch: Rationalize scanline, strip, and tile memory allocation requests based on file size. - CVE-2017-18229 * SECURITY UPDATE: Null pointer dereference in ReadCINEONImage() - debian/patches/CVE-2017-18230.patch: Validate scandata allocation. - CVE-2017-18230 * SECURITY UPDATE: Null pointer dereference in ReadEnhMetaFile() - debian/patches/CVE-2017-18231.patch: Verify pBits memory allocation. - CVE-2017-18231 Date: 2020-02-04 17:55:15.020890+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/graphicsmagick/1.3.23-1ubuntu0.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] openjdk-8 8u242-b08-0ubuntu3~16.04 (Accepted)
openjdk-8 (8u242-b08-0ubuntu3~16.04) xenial-security; urgency=medium * Backport from Focal. openjdk-8 (8u242-b08-0ubuntu3) focal; urgency=medium * Sync packages with 8u242-b08: * OpenJDK 8u242-b08 build (release). - S8226352, CVE-2020-2590: Improve Kerberos interop capabilities - S8228548, CVE-2020-2593: Normalize normalization for all - S8224909, CVE-2020-2583: Unlink Set of LinkedHashSets - S8229951, CVE-2020-2601: Better Ticket Granting Services - S8231422, CVE-2020-2604: Better serial filter handling - S8231795, CVE-2020-2659: Enhance datagram socket support - S8234037, CVE-2020-2654: Improve Object Identifier Processing - S8037550: Update RFC references in javadoc to RFC 5280 - S8039438: Some tests depend on internal API sun.misc.IOUtils - S8044500: Add kinit options and krb5.conf flags that allow users to obtain renewable tickets and specify ticket lifetimes - S8058290: JAAS Krb5LoginModule has suspect ticket-renewal logic, relies on clockskew grace - S8080835: Add blocking bulk read to sun.misc.IOUtils - S8138978: Examine usages of sun.misc.IOUtils - S8139206: Add InputStream readNBytes(int len) - S8183591: Incorrect behavior when reading DER value with Integer.MAX_VALUE length - S8186576: KerberosTicket does not properly handle renewable tickets at the end of their lifetime - S8186831: Kerberos ignores PA-DATA with a non-null s2kparams - S8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test - S8193832: Performance of InputStream.readAllBytes() could be improved - S8196956: (ch) More channels cleanup - S8201627: Kerberos sequence number issues - S8215032: Support Kerberos cross-realm referrals (RFC 6806) - S8225261: Better method resolutions - S8225279: Better XRender interpolation - S8226719: Kerberos login to Windows 2000 failed with "Inappropriate type of checksum in message" - S8227061: KDC.java test behaves incorrectly when AS-REQ contains a PAData not PA-ENC-TS-ENC - S8227381: GSS login fails with PREAUTH_FAILED - S8227437: S4U2proxy cannot continue because server's TGT cannot be found - S8227758: More valid PKIX processing - S8227816: More Colorful ICC profiles - S8230279: Improve Pack200 file reading - S8230318: Better trust store usage - S8230967: Improve Registry support of clients - S8231129: More glyph images - S8231139: Improved keystore support - S8232381: add result NULL-checking to freetypeScaler.c - S8232419: Improve Registry registration - S8233944: Make KerberosPrincipal.KRB_NT_ENTERPRISE field package private - S8235909: File.exists throws AccessControlException for invalid paths when a SecurityManager is installed - S8236983: [TESTBUG] Remove pointless catch block in test/jdk/sun/security/util/DerValue/BadValue.java - S8236984: Add compatibility wrapper for IOUtils.readFully * Use the hotspot arch list to select between hotspot and zero as the default VM for autopkgtests. This fixes s390x (zero based) autopkgtest support. openjdk-8 (8u242-b04-1) unstable; urgency=medium * Update to 8u242-b04 (early access build). openjdk-8 (8u232-b09-1) unstable; urgency=high * Update to 8u222-b09 (release build). * Security fixes: - S8167646: Better invalid FilePermission. - S8213429, CVE-2019-2933: Windows file handling redux. - S8218573, CVE-2019-2945: Better socket support. - S8218877: Help transform transformers. - S8220186: Improve use of font temporary files. - S8220302, CVE-2019-2949: Better Kerberos ccache handling. - S8221497: Optional Panes in Swing. - S8221858, CVE-2019-2958: Build Better Processes. - S8222684, CVE-2019-2964: Better support for patterns. - S8222690, CVE-2019-2962: Better Glyph Images. - S8223163: Better pattern recognition. - S8223505, CVE-2019-2973: Better pattern compilation. - S8223518, CVE-2019-2975: Unexpected exception in jjs. - S8223892, CVE-2019-2978: Improved handling of jar files. - S8224025: Fix for JDK-8220302 is not complete. - S8224532, CVE-2019-2981: Better Path supports. - S8224915, CVE-2019-2983: Better serial attributes. - S8225286, CVE-2019-2987: Better rendering of native glyphs. - S8225292, CVE-2019-2988: Better Graphics2D drawing. - S8225298, CVE-2019-2989: Improve TLS connection support. - S8225597, CVE-2019-2992: Enhance font glyph mapping. - S8226765, CVE-2019-2999: Commentary on Javadoc comments. - S8227129: Better ligature for subtables. - S8227601: Better collection of references. - S8228825, CVE-2019-2894: Enhance ECDSA operations. Date: 2020-01-18 03:13:15.003352+00:00 Changed-By: Tiago Stürmer Daitx Signed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/openjdk-8/8u242-b08-0ubuntu3~16.04 Sorry, changesfile not available.-- Xenial-
[ubuntu/xenial-security] graphicsmagick 1.3.23-1ubuntu0.5 (Accepted)
graphicsmagick (1.3.23-1ubuntu0.5) xenial-security; urgency=medium * SECURITY UPDATE: DoS in ReadWPGImage() - debian/patches/CVE-2017-16545.patch: Assure that colormapped image is a PseudoClass type with valid colormapped indexes. - CVE-2017-16545 * SECURITY UPDATE: DoS (negative strncpy) in DrawImage() - debian/patches/CVE-2017-16547.patch: Fix pointer computation which leads to large strncpy size request and bad array index. - CVE-2017-16547 * SECURITY UPDATE: Heap-based buffer overflow in coders/wpg.c - debian/patches/CVE-2017-16669-1.patch: Do not call SyncImagePixels() when something fails. - debian/patches/CVE-2017-16669-2.patch: Wrong row count checking. - debian/patches/CVE-2017-16669-3.patch: Detect pending use of null indexes pointer due to programming error and report it. - debian/patches/CVE-2017-16669-4.patch: Fix crash which image fails to produce expected PseudoClass indexes. - debian/patches/CVE-2017-16669-5.patch: Check for InsertRow() return value. - debian/patches/CVE-2017-16669-6.patch: Check InsertRow() return value for all calls. - CVE-2017-16669 * SECURITY UPDATE: Heap-based buffer overflow in WritePNMImage() - debian/patches/CVE-2017-17498.patch: Fix buffer overflow when writing gray+alpha 1-bit/sample. - CVE-2017-17498 * SECURITY UPDATE: Heap-based buffer over-read in ReadRGBImage() - debian/patches/CVE-2017-17500.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17500 * SECURITY UPDATE: Heap-based buffer over-read in WriteOnePNGImage() - debian/patches/CVE-2017-17501.patch: Fix heap read overrun while testing pixels for opacity. - CVE-2017-17501 * SECURITY UPDATE: Heap-based buffer over-read in ReadCMYKImage() - debian/patches/CVE-2017-17502.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17502 * SECURITY UPDATE: Heap-based buffer over-read in ReadGRAYImage() - debian/patches/CVE-2017-17503.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17503 * SECURITY UPDATE: Heap-based buffer over-read in ReadOneJNGImage() - debian/patches/CVE-2017-17782.patch: Fix wrong offset into oFFs chunk which caused heap read overflow. - CVE-2017-17782 * SECURITY UPDATE: Buffer over-read in ReadPALMImage() - debian/patches/CVE-2017-17783.patch: Fix heap buffer overflow in Q8 build while initializing color palette. - CVE-2017-17783 Date: 2020-01-22 16:40:19.357787+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/graphicsmagick/1.3.23-1ubuntu0.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] sdl-image1.2 1.2.12-5+deb9u1ubuntu0.16.04.1 (Accepted)
sdl-image1.2 (1.2.12-5+deb9u1ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Arbitrary code execution in the XCF image rendering - debian/patches/CVE-2018-3977.patch: Fix potential buffer overflow on corrupt or maliciously-crafted XCF file. - CVE-2018-3977 * SECURITY UPDATE: Buffer overflows in IMG_pcx.c - debian/patches/IMG_pcx-out-of-bounds.patch: fix multiple OOB issues in IMG_pcx.c - CVE-2019-5051 - CVE-2019-12217 - CVE-2019-12219 - CVE-2019-12220 - CVE-2019-12221 - CVE-2019-1 * SECURITY UPDATE: Integer overflow when loading a PCX file - debian/patches/CVE-2019-5052.patch: Fix invalid data read on bpl == -1. - CVE-2019-5052 * SECURITY UPDATE: Heap-based buffer over-read in Blit1to4() - debian/patches/CVE-2019-7635.patch: fix Heap-Buffer Overflow in Blit1to4(). - CVE-2019-7635 * SECURITY UPDATE: Heap buffer overflow in IMG_pcx.c - debian/patches/CVE-2019-12218.patch: fix heap buffer overflow issue in IMG_pcx.c - CVE-2019-12218 - CVE-2019-12216 * SECURITY UPDATE: Heap-based buffer over-read in BlitNtoN() - debian/patches/CVE-2019-13616.patch: validate image size when loading BMP files. - CVE-2019-13616 Date: 2020-01-14 13:22:07.870521+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/sdl-image1.2/1.2.12-5+deb9u1ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] graphicsmagick 1.3.23-1ubuntu0.4 (Accepted)
graphicsmagick (1.3.23-1ubuntu0.4) xenial-security; urgency=medium * SECURITY UPDATE: DoS (memory consumption) on ReadSUNImage() - debian/patches/CVE-2017-14165.patch: Verify that file header data length, and file length are sufficient for claimed image dimensions. - CVE-2017-14165 * SECURITY UPDATE: Heap-based buffer over-read in DrawImage() - debian/patches/CVE-2017-14314.patch: Fix heap out of bounds read in DrawDashPolygon(). - CVE-2017-14314 * SECURITY UPDATE: Null pointer dereference in ReadPNMImage() - debian/patches/CVE-2017-14504.patch: Require that XV 332 format have 256 colors. - CVE-2017-14504 * SECURITY UPDATE: DoS (crash) assertion failure in magick/pixel_cache.c - debian/patches/CVE-2017-14649.patch: Validate JNG data properly. - CVE-2017-14649 * SECURITY UPDATE: Heap-based buffer over-read in ReadRLEImage() - debian/patches/CVE-2017-14733.patch: Fully rationalize Ncolors when Alpha flag is present. - CVE-2017-14733 * SECURITY UPDATE: Null pointer dereference in ReadDCMImage() - debian/patches/CVE-2017-14994.patch: DCM_ReadNonNativeImages() can produce image list with no frames, resulting in null image pointer. - CVE-2017-14994 * SECURITY UPDATE: Integer underflow in ReadPICTImage() - debian/patches/CVE-2017-14997.patch: Avoid unsigned underflow leading to astonishingly large allocation request. - CVE-2017-14997 * SECURITY UPDATE: Resource leak in ReadGIFImage() - debian/patches/CVE-2017-15277.patch: Assure that global colormap is fully initialized. - CVE-2017-15277 * SECURITY UPDATE: Null pointer dereference in ReadOneJNGImage() - debian/patches/CVE-2017-15930-1.patch: Fix possible use of NULL pointer when transferring JPEG scanlines. - debian/patches/CVE-2017-15930-2.patch: Add more checks for use of null PixelPacket pointer. - debian/patches/CVE-2017-15930-3.patch: Reject JNG files with unreasonable dimensions given the file size. - debian/patches/CVE-2017-15930-4.patch: Ensure that reasonable exception gets reported on read failure. - CVE-2017-15930 * SECURITY UPDATE: Heap-based buffer overflow in DescribeImage() - debian/patches/CVE-2017-16352.patch: Fix possible heap write overflow while describing visual image directory. - CVE-2017-16352 * SECURITY UPDATE: Memory information disclosure in DescribeImage() - debian/patches/CVE-2017-16353.patch: Fix weaknesses while describing the IPTC profile. - CVE-2017-16353 Date: 2020-01-08 15:20:39.828370+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/graphicsmagick/1.3.23-1ubuntu0.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] graphicsmagick 1.3.23-1ubuntu0.3 (Accepted)
graphicsmagick (1.3.23-1ubuntu0.3) xenial-security; urgency=medium * SECURITY UPDATE: Null pointer dereference in WriteMAPImage() - debian/patches/CVE-2017-11638_CVE-2017-11642.patch: Fix null pointer dereference or SEGV if input is not colormapped. - CVE-2017-11638 - CVE-2017-11642 * SECURITY UPDATE: Memory leak in PersistCache() - debian/patches/CVE-2017-11641.patch: Fix memory leak while writing Magick Persistent Cache format. - CVE-2017-11641 * SECURITY UPDATE: Heap overflow in WriteCMYKImage() - debian/patches/CVE-2017-11643.patch: Fixed heap overflow with multiple frames with varying widths. - CVE-2017-11643 * SECURITY UPDATE: Invalid memory read in SetImageColorCallBack() - debian/patches/CVE-2017-12935.patch: Reject MNG with too-large dimensions (over 65535). - CVE-2017-12935 * SECURITY UPDATE: Use-after-free in ReadWMFImage() - debian/patches/CVE-2017-12936.patch: Eliminate use of already freed heap data in error reporting path. - CVE-2017-12936 * SECURITY UPDATE: Heap-based buffer over-read in ReadSUNImage() - debian/patches/CVE-2017-12937.patch: Fix heap read overflow while indexing colormap in bilevel decoder. - CVE-2017-12937 * SECURITY UPDATE: Heap-based buffer overflow vulnerability - debian/patches/CVE-2017-13063_CVE-2017-13064_CVE-2017-13065.patch: Fix buffer-overflow and inconsistent behavior in GetStyleTokens(). - CVE-2017-13063 - CVE-2017-13064 - CVE-2017-13065 * SECURITY UPDATE: Heap-based buffer over-read in SFWScan - debian/patches/CVE-2017-13134.patch: Fix heap buffer overflow in SFWScan(). - CVE-2017-13134 * SECURITY UPDATE: Invalid free in MagickFree() - debian/patches/CVE-2017-13737.patch: NumberOfObjectsInArray() must round down, rather than up. - CVE-2017-13737 * SECURITY UPDATE: DoS in ReadJNXImage() - debian/patches/CVE-2017-13775.patch: Fix DOS issues. - CVE-2017-13775 * SECURITY UPDATE: DoS in ReadXBMImage() - debian/patches/CVE-2017-13776_CVE-2017-13777.patch: Fix DOS issues. - CVE-2017-13776 - CVE-2017-13777 Date: 2019-12-16 14:52:14.979278+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/graphicsmagick/1.3.23-1ubuntu0.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] librabbitmq 0.7.1-1ubuntu0.2 (Accepted)
librabbitmq (0.7.1-1ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2019-18609.patch: check frame_size is >= INT32_MAX in librabbitmq/amqp_connection.c. - CVE-2019-18609 Date: 2019-12-10 17:49:15.398964+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/librabbitmq/0.7.1-1ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] graphicsmagick 1.3.23-1ubuntu0.2 (Accepted)
graphicsmagick (1.3.23-1ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: Allocation failure vulnerability - debian/patches/CVE-2017-13147.patch: deal with too-large MNG chunks in coders/png.c - CVE-2017-13147 * SECURITY UPDATE: Allocation failure vulnerability - debian/patches/CVE-2017-14042.patch: PNM for binary formats, verify sufficient backing file data before memory request. - CVE-2017-14042 * SECURITY UPDATE: DoS (out-of-bounds read and crash) via a small samples per pixel value in a CMYKA TIFF file. - debian/patches/CVE-2017-6335.patch: Fix out of bounds access when reading CMYKA tiff which claims wrong samples/pixel. - CVE-2017-6335 * SECURITY UPDATE: Buffer overflow while processing an RGB TIFF picture with metadata. - debian/patches/CVE-2017-10794.patch: Use a generalized method to enforce that buffer overflow can not happen while importing pixels. - CVE-2017-10794 * SECURITY UPDATE: DoS (out-of-memory) when processing a DPX image with metadata. - debian/patches/CVE-2017-10799.patch: Estimate minimum required file sized based on header, and reject files with insufficient data. - CVE-2017-10799 * SECURITY UPDATE: DoS (crash) while reading a JNG file via a zero-length color_image data structure. - debian/patches/CVE-2017-11102.patch: Stop crash due to zero-length color_image while reading a JNG. - CVE-2017-11102 * SECURITY UPDATE: DoS (resource consumption) via a crafted JPEG file. - debian/patches/CVE-2017-11140.patch: Defer creating pixel cache until first scanline. - CVE-2017-11140 * SECURITY UPDATE: Use-after-free via a crafted MNG file. - debian/patches/CVE-2017-11403-1.patch: Fix out-of-order CloseBlob() and DestroyImageList() that caused a use-after-free crash. - debian/patches/CVE-2017-11403-2.patch: Improve fix of use-after-free. - CVE-2017-11403 * SECURITY UPDATE: Heap overflow when processing multiple frames that have non-identical widths. - debian/patches/CVE-2017-11636.patch: Fixed heap overflow with multiple frames with varying widths. - CVE-2017-11636 * SECURITY UPDATE: NULL pointer deference in the WritePCLImage() function. - debian/patches/CVE-2017-11637.patch: Fix null pointer dereference in writing monochrome images. - CVE-2017-11637 Date: 2019-12-02 17:10:16.441687+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/graphicsmagick/1.3.23-1ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ruby-nokogiri 1.6.7.2-3ubuntu0.1 (Accepted)
ruby-nokogiri (1.6.7.2-3ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Command injection vulnerability. - debian/patches/CVE-2019-5477.patch: prefer File.open to Kernel.open. - CVE-2019-5477 Date: 2019-11-04 19:58:16.927948+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/ruby-nokogiri/1.6.7.2-3ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] uw-imap 8:2007f~dfsg-4+deb8u1build0.16.04.1 (Accepted)
uw-imap (8:2007f~dfsg-4+deb8u1build0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Sync from Debian. - Fixes CVE-2018-19518. Date: 2019-10-21 18:04:14.503259+00:00 Changed-By: Eduardo dos Santos Barretto Maintainer: Magnus Holmgren https://launchpad.net/ubuntu/+source/uw-imap/8:2007f~dfsg-4+deb8u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ruby-rack 1.6.4-3ubuntu0.1 (Accepted)
ruby-rack (1.6.4-3ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Crafted requests can impact the data returned by the scheme method on Rack::Request leading to an XSS attack. - debian/patches/CVE-2018-16471.patch: whitelist http/https schemes. - CVE-2018-16471 Date: 2019-08-07 15:17:14.116578+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/ruby-rack/1.6.4-3ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] sox 14.4.1-5+deb8u4ubuntu0.1 (Accepted)
sox (14.4.1-5+deb8u4ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Merge from Debian - Fixes: - CVE-2019-8354 - CVE-2019-8356 - CVE-2019-8357 - Fixes overwritten by Debian: - CVE-2017-11332 - CVE-2017-11358 - CVE-2017-11359 - CVE-2017-15370 - CVE-2017-15371 - CVE-2017-15372 - CVE-2017-15642 - CVE-2017-18189 - Ignored Debian's "override_dh_strip" in debian/rules as this change was made by mistake sox (14.4.1-5+deb8u4) jessie-security; urgency=medium * Non-maintainer upload by the LTS Team. * CVE-2019-8354, CVE-2019-8355: buffer overflow in valloc functions. * CVE-2019-8356: stack-based buffer overflow in bitrv2(). * CVE-2019-8357: NULL pointer dereference in lsx_make_lpf(). sox (14.4.1-5+deb8u3) jessie-security; urgency=high * Non-maintainer upload by the LTS Team. * CVE-2017-15371: reachable assertion in sox_append_comment() (formats.c) (Closes: #878809). * CVE-2017-11359: divide-by-zero error wavwritehdr function (wav.c) (Closes: #870328). * CVE-2017-11332: divide-by-zero error in startread function (wav.c). * CVE-2017-11358: invalid memory read in read_samples function (hcom.c). sox (14.4.1-5+deb8u2) jessie-security; urgency=high * Non-maintainer upload by the LTS Team. * CVE-2017-15370: heap-based buffer overflow in the ImaExpandS function of ima_rw.c (Closes: #878810). * CVE-2017-15372: stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c (Closes: #878808). * CVE-2017-18189: null pointer dereference caused by corrupt header specifying zero channels, sending read_channels() into an infinite loop (Closes: #881121). * CVE-2017-15642: use-after-free in output_message, triggered by crafted aiff file (Closes: #882144). sox (14.4.1-5+deb8u1) jessie-security; urgency=medium * Non-maintainer upload. * Add patches for CVE-2014-8145 to series file and really apply fixes. Thanks to Mike Salvatore for spotting the issue. (Closes: #773720) Date: 2019-07-30 17:01:14.288185+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/sox/14.4.1-5+deb8u4ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] tmpreaper 1.6.13+nmu1+deb9u1build0.16.04.1 (Accepted)
tmpreaper (1.6.13+nmu1+deb9u1build0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Sync from Debian - fixes CVE-2019-3461. Date: 2019-07-29 14:21:13.887960+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/tmpreaper/1.6.13+nmu1+deb9u1build0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] redis 2:3.0.6-1ubuntu0.4 (Accepted)
redis (2:3.0.6-1ubuntu0.4) xenial-security; urgency=medium * SECURITY UPDATE: heap buffer overflows in Hyperloglog (Closes: #1836496) - debian/patches/CVE-2019-10192.patch: Fix hyperloglog corruption - CVE-2019-10192 Date: 2019-07-15 19:37:13.379498+00:00 Changed-By: Julian Andres Klode Signed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/redis/2:3.0.6-1ubuntu0.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] zeromq3 4.1.4-7ubuntu0.1 (Accepted)
zeromq3 (4.1.4-7ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Unauthenticated client can cause a stack overflow on any server that is supposed to be protected by encryption/authentication, leading to a DoS (crash) or possibly other impact. - debian/patches/CVE-2019-13132.patch: create buffers large enough to contain arbitrary metadata. - CVE-2019-13132 Date: 2019-07-08 16:09:15.911307+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/zeromq3/4.1.4-7ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] mosquitto 1.4.8-1ubuntu0.16.04.7 (Accepted)
mosquitto (1.4.8-1ubuntu0.16.04.7) xenial-security; urgency=medium * SECURITY UPDATE: DoS (client disconnect) via invalid UTF-8 strings - debian/patches/add-validate-utf8.patch: Add validate UTF-8 - debian/patches/CVE-2017-7653.patch: Add UTF-8 tests, plus some validation fixes - CVE-2017-7653 * SECURITY UPDATE: Memory leak in the Mosquitto Broker allows unauthenticated clients to send crafted CONNECT packets which could cause DoS - debian/patches/CVE-2017-7654.patch: Fix memory leak that could be caused by a malicious CONNECT packet - CVE-2017-7654 Date: 2019-06-19 19:08:13.166199+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/mosquitto/1.4.8-1ubuntu0.16.04.7 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] apparmor 2.10.95-0ubuntu2.11 (Accepted)
apparmor (2.10.95-0ubuntu2.11) xenial-security; urgency=medium * Make dnsmasq profile and Python utility changes necessary to continue working correctly after the Linux kernel change to address CVE-2019-11190. Without these changes, some profile transitions may be unintentionally denied. (LP: #1830802) - 0001-dnsmasq-allow-libvirt_leaseshelper-m-permission-on-i.patch - 0001-handle_children-automatically-add-m-permissions-on-i.patch Date: 2019-05-28 22:07:37.328480+00:00 Changed-By: Tyler Hicks Signed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/apparmor/2.10.95-0ubuntu2.11 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] xmltooling 1.5.6-2ubuntu0.3 (Accepted)
xmltooling (1.5.6-2ubuntu0.3) xenial-security; urgency=high * SECURITY UPDATE: uncaught exception on malformed XML declaration Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and propagates an unexpected exception type. This generally manifests as a crash in the calling code, which in the Service Provider software's case is usually the shibd daemon process, but can be Apache in some cases. Note that the crash occurs prior to evaluation of a message's authenticity, so can be exploited by an untrusted attacker. - debian/patches/CVE-2019-9628.patch - CVE-2019-9628 - https://shibboleth.net/community/advisories/secadv_20190311.txt - LP: #1819912 Date: 2019-03-21 17:38:17.608912+00:00 Changed-By: Etienne Dysli Metref Signed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/xmltooling/1.5.6-2ubuntu0.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] xml-security-c 1.7.3-1ubuntu0.1 (Accepted)
xml-security-c (1.7.3-1ubuntu0.1) xenial-security; urgency=medium * debian/patches/99-xsecsafebuffer.patch: Fix undefined behavior in XSECSafeBuffer that affect ECDSA signature generation. This fix was introduced in serie 2.x, but it was not backported to serie 1.7.x. Date: 2019-03-11 12:30:36.369912+00:00 Changed-By: Alejandro Claro Signed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/xml-security-c/1.7.3-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] faad2 2.8.0~cvs20150510-1ubuntu0.1 (Accepted)
faad2 (2.8.0~cvs20150510-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Various issues were discovered in faad2 that can cause DoS (large loop and CPU consumption) via a crafted mp4 file. - debian/patches/CVE-2017-92xx.patch: Fix multiple vulnerabilities. - CVE-2017-9218 - CVE-2017-9219 - CVE-2017-9220 - CVE-2017-9221 - CVE-2017-9222 - CVE-2017-9223 - CVE-2017-9253 - CVE-2017-9254 - CVE-2017-9255 - CVE-2017-9256 - CVE-2017-9257 Date: 2019-02-26 17:07:21.505412+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/faad2/2.8.0~cvs20150510-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] coturn 4.5.0.3-1ubuntu0.2 (Accepted)
coturn (4.5.0.3-1ubuntu0.2) xenial-security; urgency=medium * Disable autotests on armhf for now as tests segfault (when tried multiple times). Date: 2019-02-14 19:11:33.030643+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/coturn/4.5.0.3-1ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] mosquitto 1.4.8-1ubuntu0.16.04.6 (Accepted)
mosquitto (1.4.8-1ubuntu0.16.04.6) xenial-security; urgency=medium * Fix regression in update for CVE-2018-12546. Date: 2019-02-13 20:23:12.640360+00:00 Changed-By: Roger Light Signed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/mosquitto/1.4.8-1ubuntu0.16.04.6 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] mosquitto 1.4.8-1ubuntu0.16.04.5 (Accepted)
mosquitto (1.4.8-1ubuntu0.16.04.5) xenial-security; urgency=medium * SECURITY UPDATE: If Mosquitto is configured to use a password file for authentication, any malformed data in the password file will be treated as valid. This typically means that the malformed data becomes a username and no password. If this occurs, clients can circumvent authentication and get access to the broker by using the malformed username. In particular, a blank line will be treated as a valid empty username. Other security measures are unaffected. Users who have only used the mosquitto_passwd utility to create and modify their password files are unaffected by this vulnerability. - debian/patches/mosquitto-1.4.x-cve-2018-12551.patch: this fix introduces more stringent parsing tests on the password file data. - CVE-2018-12551 * SECURITY UPDATE: If an ACL file is empty, or has only blank lines or comments, then mosquitto treats the ACL file as not being defined, which means that no topic access is denied. Although denying access to all topics is not a useful configuration, this behaviour is unexpected and could lead to access being incorrectly granted in some circumstances. - debian/patches/mosquitto-1.4.x-cve-2018-12550.patch: this fix ensures that if an ACL file is defined but no rules are defined, then access will be denied. - CVE-2018-12550 * SECURITY UPDATE: If a client publishes a retained message to a topic that they have access to, and then their access to that topic is revoked, the retained message will still be delivered to future subscribers. This behaviour may be undesirable in some applications, so a configuration option `check_retain_source` has been introduced to enforce checking of the retained message source on publish. - debian/patches/mosquitto-1.4.8-cve-2018-12546.patch: this patch stores the originator of the retained message, so security checking can be carried out before re-publishing. The complexity of the patch is due to the need to save this information across broker restarts. - CVE-2018-12546 Date: 2019-02-11 13:17:12.946390+00:00 Changed-By: Roger Light Signed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/mosquitto/1.4.8-1ubuntu0.16.04.5 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] jetty 6.1.26-5ubuntu0.1 (Accepted)
jetty (6.1.26-5ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Possible Timing Attack. - debian/patches/CVE-2017-9735.patch: A timing channel in Password.java. - CVE-2017-9735 Date: 2019-01-30 18:13:22.250855+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/jetty/6.1.26-5ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] virtualbox 5.1.38-dfsg-0ubuntu1.16.04.2 (Accepted)
virtualbox (5.1.38-dfsg-0ubuntu1.16.04.2) xenial-security; urgency=medium * debian/patches/fix-for-guest-to-host-escape-vulnerability.patch: - Apply patch for guest-to-host escape vulnerability (LP: #1809156) - CVE-2018-3294 Date: 2019-01-21 16:19:12.758679+00:00 Changed-By: Martin Konrad Signed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/virtualbox/5.1.38-dfsg-0ubuntu1.16.04.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] krb5 1.13.2+dfsg-5ubuntu2.1 (Accepted)
krb5 (1.13.2+dfsg-5ubuntu2.1) xenial-security; urgency=medium * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted request to modify a principal - debian/patches/CVE-2016-3119.patch: Fix LDAP null dereference on empty arg - CVE-2016-3119 * SECURITY UPDATE: DoS (NULL pointer dereference) via an S4U2Self request - debian/patches/CVE-2016-3120.patch: Fix S4U2Self KDC crash when anon is restricted - CVE-2016-3120 * SECURITY UPDATE: KDC assertion failure - debian/patches/CVE-2017-11368-1.patch: Prevent KDC unset status assertion failures - debian/patches/CVE-2017-11368-2.patch: Simplify KDC status assignment - CVE-2017-11368 * SECURITY UPDATE: Double free vulnerability - debian/patches/CVE-2017-11462.patch: Preserve GSS context on init/accept failure - CVE-2017-11462 * SECURITY UPDATE: Authenticated kadmin with permission to add principals to an LDAP Kerberos can DoS or bypass DN container check. - debian/patches/CVE-2018-5729-CVE-2018-5730.patch: Fix flaws in LDAP DN checking - CVE-2018-5729 - CVE-2018-5730 Date: 2019-01-14 14:23:16.443521+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/krb5/1.13.2+dfsg-5ubuntu2.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] chrony 2.1.1-1ubuntu0.1 (Accepted)
chrony (2.1.1-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key". - debian/patches/CVE-2016-1567.patch: restrict authentication of server/peer to specified key. - CVE-2016-1567 Date: 2018-12-06 16:49:12.043844+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/chrony/2.1.1-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] mercurial 3.7.3-1ubuntu1.2 (Accepted)
mercurial (3.7.3-1ubuntu1.2) xenial-security; urgency=medium * SECURITY UPDATE: Refresh CVE-2018-13347-extras.patch as it was missing part of the fix. Also updated CVE-2018-13346.patch and CVE-2018-13348.patch to correctly reflect the correct lines. Date: 2018-11-27 15:36:13.490587+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/mercurial/3.7.3-1ubuntu1.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] tor 0.2.9.14-1ubuntu1~16.04.3 (Accepted)
tor (0.2.9.14-1ubuntu1~16.04.3) xenial-security; urgency=medium * SECURITY UPDATE: Remote crash attack against directory authorities. - debian/patches/CVE-2018-0490.patch: Correctly handle NULL returns from parse_protocol_list when voting. - CVE-2018-0490 Date: 2018-11-22 18:58:12.857577+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/tor/0.2.9.14-1ubuntu1~16.04.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] mercurial 3.7.3-1ubuntu1.1 (Accepted)
mercurial (3.7.3-1ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: The convert extension might allow attackers to execute arbitrary code via a crafted git repository name. - debian/patches/CVE-2016-3105.patch: Pass absolute paths to git. - CVE-2016-3105 * SECURITY UPDATE: hg server --stdio allows remote authenticated users to launch the Python debugger and execute arbitrary code. - debian/patches/CVE-2017-9462.patch: Protect against malicious hg serve --stdio invocations. - CVE-2017-9462 * SECURITY UPDATE: A specially malformed repository can cause GIT subrepositories to run arbitrary code. - debian/patches/CVE-2017-17458_part1.patch: add test-audit-subrepo.t testcase. - debian/patches/CVE-2017-17458_part2.patch: disallow symlink traversal across subrepo mount point. - CVE-2017-17458 * SECURITY UPDATE: Missing symlink check could be abused to write to files outside the repository. - debian/patches/CVE-2017-1000115.patch: Fix symlink traversal. - CVE-2017-1000115 * SECURITY UPDATE: Possible shell-injection attack from not adequately sanitizing hostnames passed to ssh. - debian/patches/CVE-2017-1000116.patch: Sanitize hostnames passed to ssh. - CVE-2017-1000116 * SECURITY UPDATE: Integer underflow and overflow. - debian/patches/CVE-2018-13347.patch: Protect against underflow. - debian/patches/CVE-2018-13347-extras.patch: Protect against overflow. - CVE-2018-13347 * SECURITY UPDATE: Able to start fragment past of the end of original data. - debian/patches/CVE-2018-13346.patch: Ensure fragment start is not past then end of orig. - CVE-2018-13346 * SECURITY UPDATE: Data mishandling in certain situations. - debian/patches/CVE-2018-13348.patch: Be more careful about parsing binary patch data. - CVE-2018-13348 * SECURITY UPDATE: Vulnerability in Protocol server can result in unauthorized data access. - debian/patches/CVE-2018-1000132.patch: Always perform permissions checks on protocol commands. - CVE-2018-1000132 Date: 2018-11-22 17:57:12.046749+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/mercurial/3.7.3-1ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] graphicsmagick 1.3.23-1ubuntu0.1 (Accepted)
graphicsmagick (1.3.23-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: DoS (crash) via a crafted SVG file. - debian/patches/CVE-2016-2317_part1.patch: Fix heap buffer overflow - debian/patches/CVE-2016-2317_part2.patch: Fix stack buffer overflow - debian/patches/CVE-2016-2317_part3.patch: Fix segmentation violation - CVE-2016-2317 * SECURITY UPDATE: DoS (NULL pointer dereference) via a crafted SVG file. - debian/patches/CVE-2016-2318.patch: Make SVG path and other primitive parsing more robust - CVE-2016-2318 * SECURITY UPDATE: Arbitrary code execution via shell metacharacters in a crafted image file. - debian/patches/CVE-2016-3714.patch: Remove delegates support for reading gnuplot files. - CVE-2016-3714 * SECURITY UPDATE: Remote attackers are able to delete arbitrary files via a crafted image. - debian/patches/CVE-2016-3715.patch: remove undocumented "TMP" magic prefix. - CVE-2016-3715 * SECURITY UPDATE: Remote attackers can move arbitrary files via a crafted image. - debian/patches/CVE-2016-3716_part1.patch: Ignore the file extension on MSL files. - debian/patches/CVE-2016-3716_part2.patch: Do not auto-detect MVG format based on file extension. - CVE-2016-3716 * SECURITY UPDATE: Remote attackers can read arbitrary files via a crafted image. - debian/patches/CVE-2016-3717.patch: fix in delegates.mgk.in - CVE-2016-3717 * SECURITY UPDATE: Remote attackers can conduct server-side request forgery (SSRF) attacks via a crafted image. - debian/patches/CVE-2016-3718.patch: fix in render.c - CVE-2016-3718 * SECURITY UPDATE: Remote attackers can execute arbitrary files via a pipe character at the start of a filename. - debian/patches/CVE-2016-5118.patch: remove support for reading input from a shell command or writing output to a shell command - CVE-2016-5118 * SECURITY UPDATE: Remote attackers can execute arbitrary commands via unspecified vectors. - debian/patches/CVE-2016-5239.patch: remove delegates support for Gnuplot and varios other file types. - CVE-2016-5239 * SECURITY UPDATE: Remote attackers to cause a DoS (infinite loop) by converting a circularly defined SVG file. - debian/patches/CVE-2016-5240.patch: endless loop problem caused by negative stroke-dasharray arguments - CVE-2016-5240 * SECURITY UPDATE: Remote attackers to cause DoS (arithmetic exception and application crash) via a crafted svg file. - debian/patches/CVE-2016-5241.patch: Fix divide-by-zero problem if fill or stroke pattern image has zero columns or rows - CVE-2016-5241 * SECURITY UPDATE: Buffer overflow in MVG and SVG rendering code. - debian/patches/CVE-2016-7446.patch: fix in svg.c - CVE-2016-7446 * SECURITY UPDATE: Heap buffer overflow in the EscapeParenthesis. - debian/patches/CVE-2016-7447.patch: re-wrote the implementation of EscapeParenthesis() in annotate.c - CVE-2016-7447 * SECURITY UPDATE: DoS (CPU consumption or large memory allocations) via vectors involving the header information and the file size. - debian/patches/CVE-2016-7448_part1.patch: fix in rle.c - debian/patches/CVE-2016-7448_part2.patch: fix in rle.c - CVE-2016-7448 * SECURITY UPDATE: DoS (out-of-bounds heap read) via a file containing an "unterminated" string. - debian/patches/CVE-2016-7449.patch: fix a heap buffer read overrun if buffer not null terminated - CVE-2016-7449 * SECURITY UPDATE: Integer underflow in the parse8BIM function. - debian/patches/CVE-2016-7800.patch: fix unsigned underflow. - CVE-2016-7800 * SECURITY UPDATE: Heap buffer overflow and DoS in the WPG format reader. - debian/patches/CVE-2016-7996_CVE-2016-7997.patch: fix in wpg.c - CVE-2016-7996 - CVE-2016-7997 * SECURITY UPDATE: DoS (out-of-bounds read) via a crafted SCT header. - debian/patches/CVE-2016-8682.patch: Fix stack-buffer read overflow while reading SCT file header. - CVE-2016-8682 * SECURITY UPDATE: Memory allocation failure and a "file truncation error for corrupt file" via a crafted PCX image. - debian/patches/CVE-2016-8683.patch: check that filesize is reasonable given header. - CVE-2016-8683 * SECURITY UPDATE: Memory allocation failure and a "file truncation error for corrupt file" via a crafted SGI image. - debian/patches/CVE-2016-8684.patch: Check that filesize is reasonable given header. - CVE-2016-8684 * SECURITY UPDATE: DoS (crash) via a large dimensions in a jpeg image. - debian/patches/CVE-2016-9830.patch: enforce spec requirement that the dimensions of the JPEG embedded in a JDAT chunk must match the JHDR dimensions. - CVE-2016-9830 Date: 2018-11-01 21:15:15.029983+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.
[ubuntu/xenial-security] tomcat7 7.0.68-1ubuntu0.4 (Accepted)
tomcat7 (7.0.68-1ubuntu0.4) xenial-security; urgency=medium * SECURITY REGRESSION: security manager startup issue (LP: #170) - debian/patches/0009-Use-java.security.policy-file-in-catalina.sh.patch: update to new /var/lib/tomcat7/policy location. - debian/tomcat7.postrm.in: remove policy directory. Date: 2018-10-30 15:00:21.735159+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/tomcat7/7.0.68-1ubuntu0.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] tomcat7 7.0.68-1ubuntu0.3 (Accepted)
tomcat7 (7.0.68-1ubuntu0.3) xenial-security; urgency=medium * SECURITY UPDATE: Timing attack can determine valid user names. - debian/patches/CVE-2016-0762.patch: fix in the Realm implementation. - CVE-2016-0762 * SECURITY UPDATE: privilege escalation via insecure init script - debian/tomcat7.init: don't follow symlinks when handling the catalina.out file. - CVE-2016-1240 * SECURITY UPDATE: SecurityManager bypass via a utility method. - debian/patches/CVE-2016-5018.patch: remove unnecessary code in java/org/apache/jasper/compiler/JspRuntimeContext.java, java/org/apache/jasper/runtime/JspRuntimeLibrary.java, java/org/apache/jasper/security/SecurityClassLoad.java. - debian/patches/CVE-2016-5018-part2.patch: fix a regression when using Jasper with SecurityManager enabled. - CVE-2016-5018 * SECURITY UPDATE: system properties read SecurityManager bypass - debian/patches/CVE-2016-6794.patch: extend SecurityManager protection to the system property replacement feature of the digester in java/org/apache/catalina/loader/WebappClassLoader.java, java/org/apache/tomcat/util/digester/Digester.java, java/org/apache/tomcat/util/security/PermissionCheck.java. - CVE-2016-6794 * SECURITY UPDATE: SecurityManager bypass via JSP Servlet configuration parameters. - debian/patches/CVE-2016-6796.patch: ignore some JSP options when running under a SecurityManager in conf/web.xml, java/org/apache/jasper/EmbeddedServletOptions.java, java/org/apache/jasper/resources/LocalStrings.properties, java/org/apache/jasper/servlet/JspServlet.java, webapps/docs/jasper-howto.xml. - CVE-2016-6796 * SECURITY UPDATE: web application global JNDI resource access - debian/patches/CVE-2016-6797.patch: ensure that the global resource is only visible via the ResourceLinkFactory when it is meant to be in java/org/apache/catalina/core/NamingContextListener.java, java/org/apache/naming/factory/ResourceLinkFactory.java, test/org/apache/naming/TestNamingContext.java. - CVE-2016-6797 * SECURITY UPDATE: HTTP response injection via invalid characters - debian/patches/CVE-2016-6816.patch: add additional checks for valid characters in java/org/apache/coyote/http11/AbstractInputBuffer.java, java/org/apache/coyote/http11/AbstractNioInputBuffer.java, java/org/apache/coyote/http11/InternalAprInputBuffer.java, java/org/apache/coyote/http11/InternalInputBuffer.java, java/org/apache/coyote/http11/LocalStrings.properties, java/org/apache/tomcat/util/http/parser/HttpParser.java. - CVE-2016-6816 * SECURITY UPDATE: remote code execution via JmxRemoteLifecycleListener - debian/patches/CVE-2016-8735.patch: explicitly configure allowed credential types in java/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java. - CVE-2016-8735 * SECURITY UPDATE: information leakage between requests - debian/patches/CVE-2016-8745.patch: properly handle cache when unable to complete sendfile request in java/org/apache/tomcat/util/net/NioEndpoint.java. - CVE-2016-8745 * SECURITY UPDATE: privilege escalation during package upgrade - debian/rules, debian/tomcat7.postinst: properly set permissions on /etc/tomcat7/Catalina/localhost. - CVE-2016-9774 * SECURITY UPDATE: privilege escalation during package removal - debian/tomcat7.postrm.in: don't reset permissions before removing user. - CVE-2016-9775 * debian/tomcat7.init: further hardening. Date: 2018-10-24 19:24:15.823240+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/tomcat7/7.0.68-1ubuntu0.3 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] monit 1:5.16-2ubuntu0.2 (Accepted)
monit (1:5.16-2ubuntu0.2) xenial-security; urgency=medium * SECURITY REGRESSION: Fix regression introduced while backporting CVE-2016-7067. - debian/patches/Fix-regression-backporting-CVE-2016-7067.patch: fix in src/control.c Date: 2018-09-28 15:37:24.948464+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/monit/1:5.16-2ubuntu0.2 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] opencv 2.4.9.1+dfsg-1.5ubuntu1.1 (Accepted)
opencv (2.4.9.1+dfsg-1.5ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: Out-of-bounds read/write errors and buffer overflows in different functions. - debian/patches/CVE-2017-several.patch: fix in bitstrm.cpp, bitstrm.hpp, grfmt_bmp.cpp, grfmt_pxm.cpp, loadsave.cpp, test_grfmt.cpp and gpu_test.cpp. - CVE-2016-1516 - CVE-2016-1517 - CVE-2017-12597 - CVE-2017-12598 - CVE-2017-12599 - CVE-2017-12600 - CVE-2017-12601 - CVE-2017-12602 - CVE-2017-12603 - CVE-2017-12604 - CVE-2017-12605 - CVE-2017-12606 - CVE-2017-12862 - CVE-2017-12863 - CVE-2017-12864 * SECURITY UPDATE: Out of bound write cause segmentation fault - debian/patches/CVE-2017-14136.patch: fix in grfmt_bmp.cpp, grfmt_exr.cpp, grfmt_jpeg.cpp, grfmt_jpeg2000.cpp, grfmt_sunras.cpp, utils.cpp and utils.hpp. - CVE-2017-14136 * SECURITY UPDATE: Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp - debian/patches/CVE-2017-17760.patch: fix in grfmt_pxm.cpp. - CVE-2017-17760 * SECURITY UPDATE: Integer overflow may lead to remote execution or denial of service - debian/patches/CVE-2017-1000450.patch: fix in grfmt_bmp.cpp. - CVE-2017-1000450 * SECURITY UPDATE: A heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u when parsing a crafted image file - debian/patches/CVE-2018-5268.patch: fix in grfmt_jpeg2000.cpp. - CVE-2018-5268 * SECURITY UPDATE: an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast. - debian/patches/CVE-2018-5269.patch: add overflow checks. - CVE-2018-5269 Date: 2018-09-13 15:45:15.448711+00:00 Changed-By: Eduardo dos Santos Barretto Maintainer: Kubuntu Members https://launchpad.net/ubuntu/+source/opencv/2.4.9.1+dfsg-1.5ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] mpg123 1.22.4-1ubuntu0.1 (Accepted)
mpg123 (1.22.4-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Memory overread - debian/patches/CVE-2016-1000247.patch: fix DoS with crafted ID3v2 tags. - CVE-2016-1000247 * SECURITY UPDATE: Memory overread - debian/patches/CVE-2017-10683.patch: fix in id3.c - CVE-2017-10683 Date: 2018-09-06 16:24:17.671149+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/mpg123/1.22.4-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] mosquitto 1.4.8-1ubuntu0.16.04.4 (Accepted)
mosquitto (1.4.8-1ubuntu0.16.04.4) xenial-security; urgency=medium * SECURITY UPDATE: in case all sockets/file descriptors are exhausted, then opening the configuration file will fail. - debian/patches/mosquitto-1.4.x_cve-2017-7652.patch: this is a fix to avoid default config values after reloading configuration by SIGHUP signal. - CVE-2017-7652 Date: 2018-09-06 14:41:19.684483+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/mosquitto/1.4.8-1ubuntu0.16.04.4 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] openjpeg2 2.1.2-1.1+deb9u2build0.1 (Accepted)
openjpeg2 (2.1.2-1.1+deb9u2build0.1) xenial-security; urgency=medium * SECURITY UPDATE: sync from Debian stretch-security - Ubuntu changes were applied upstream, so dropping. openjpeg2 (2.1.2-1.1+deb9u2) stretch-security; urgency=medium * Fix whitespace/indent mess * CVE-2017-14039: CVE-2017-14039.patch * CVE-2017-14040: 2cd30c2b06ce332dede81cccad8b334cde997281.patch * CVE-2017-14041: e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch * CVE-2017-14151: afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch * CVE-2017-14152: dcac91b8c72f743bda7dbfa9032356bc8110098a.patch openjpeg2 (2.1.2-1.1+deb9u1) stretch-security; urgency=medium * CVE-2016-9118: c22cbd8bdf8ff2ae372f94391a4be2d322b36b41.patch * CVE-2016-5152: 3fbe71369019df0b47c7a2be4fab8c05768f2f32.patch * CVE-2016-1628: 11445eddad7e7fa5b273d1c83c91011c44e5d586.patch * CVE-2016-10504: 397f62c0a838e15d667ef50e27d5d011d2c79c04.patch openjpeg2 (2.1.2-1.1) unstable; urgency=medium * Non-maintainer upload. * Add CVE-2016-9572_CVE-2016-9573.patch patch. CVE-2016-9572: NULL pointer dereference in input decoding CVE-2016-9573: Heap out-of-bounds read due to insufficient check in imagetopnm(). (Closes: #851422) openjpeg2 (2.1.2-1) unstable; urgency=medium * New upstream. Closes: #839120 * Fix CVE-2016-7163. Closes: #837604 * Fix CVE-2016-7445. Closes: #838690 * Remove patches applied upstream: openjpeg2 (2.1.1-1) unstable; urgency=medium * New upstream. Closes: #829734 + d/watch points toward github now + Fix man page typos. Closes: #772889, #784377 + Raise priority to optional. Closes: #822577 + Fix multiple CVEs: Closes: #800453, #800149, #818399 * Fix pc file. Closes: #787383 * Remove reference to contrib. Closes: #820190 * Bump Std-Vers to 3.9.8, no changes needed Date: 2018-08-31 18:50:24.019443+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/openjpeg2/2.1.2-1.1+deb9u2build0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] hdf5 1.8.16+docs-4ubuntu1.1 (Accepted)
hdf5 (1.8.16+docs-4ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: Heap-based buffer overflow, potentially leading to arbitrary code execution. - debian/patches/CVE-2016-4330.patch: fix in src/H5Odtype.c - debian/patches/CVE-2016-4331-1.patch: fix in src/H5Znbit.c - debian/patches/CVE-2016-4331-2.patch: fix in src/H5Znbit.c - debian/patches/CVE-2016-4332.patch: fix in src/H5Ocache.c and src/H5Opkg.h - debian/patches/CVE-2016-4333.patch: fix in src/H5Odtype.c - CVE-2016-4330 - CVE-2016-4331 - CVE-2016-4332 - CVE-2016-4333 Date: 2018-08-28 18:24:13.180179+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/hdf5/1.8.16+docs-4ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] ffmpeg 7:2.8.15-0ubuntu0.16.04.1 (Accepted)
ffmpeg (7:2.8.15-0ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: New upstream bugfix release. - Fixes CVE-2018-7557, CVE-2018-12458 and CVE-2018-13302. Date: 2018-08-23 14:30:13.159120+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/ffmpeg/7:2.8.15-0ubuntu0.16.04.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] monit 1:5.16-2ubuntu0.1 (Accepted)
monit (1:5.16-2ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: CSRF vulnerability - debian/patches/CVE-2016-7067.patch: The following http services are no longer implemented for GET method and require CSRF protected POST: _doaction, _viewlog - CVE-2016-7067 Date: 2018-08-10 18:46:32.297863+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/monit/1:5.16-2ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libtomcrypt 1.17-7ubuntu0.1 (Accepted)
libtomcrypt (1.17-7ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Fix possible bleichenbacher signature attack. - debian/patches/CVE-2016-6129.patch: fix in src/pk/rsa/rsa_verify_hash.c - CVE-2016-6129 * SECURITY UPDATE: Memory side-channel attack on ECDSA signatures. - debian/patches/CVE-2018-12437.patch: fix in src/pk/ecc/ecc_sign_hash.c - CVE-2018-12437 Date: 2018-08-06 18:16:20.430797+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/libtomcrypt/1.17-7ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] jansson 2.7-3ubuntu0.1 (Accepted)
jansson (2.7-3ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Stack exhaustion parsing a JSON file - debian/patches/CVE-2016-4425.patch: Fix in src/load.c and src/jansson_config.h.in - CVE-2016-4425 Date: 2018-08-01 15:17:28.191606+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/jansson/2.7-3ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] capnproto 0.5.3-2ubuntu1.1 (Accepted)
capnproto (0.5.3-2ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: Prevent compiler from eliding bound checks. - debian/patches/CVE-2017-7892.patch: fix in src/capnp/arena.h - CVE-2017-7892 Date: 2018-07-31 12:58:13.405841+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/capnproto/0.5.3-2ubuntu1.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes
[ubuntu/xenial-security] libonig 5.9.6-1ubuntu0.1 (Accepted)
libonig (5.9.6-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Fix multiple invalid pointer dereference, out-of-bounds write memory corruption and stack buffer overflow. - debian/patches/CVE-2017-9224-and-CVE-2017-9226-to-9229.patch: fixes in regexec.c and regparse.c - CVE-2017-9224 - CVE-2017-9226 - CVE-2017-9227 - CVE-2017-9228 - CVE-2017-9229 Date: 2018-07-27 18:43:20.448509+00:00 Changed-By: Eduardo dos Santos Barretto https://launchpad.net/ubuntu/+source/libonig/5.9.6-1ubuntu0.1 Sorry, changesfile not available.-- Xenial-changes mailing list Xenial-changes@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/xenial-changes