snapd (2.31.1~14.04) trusty; urgency=medium
* New upstream release, LP: #1745217
- tests: multiple autopkgtest related fixes for 18.04
- overlord/snapstate: use spread in the default refresh schedule
- timeutil: fix scheduling on nth weekday of the month
- interfaces:
cups (1.7.2-0ubuntu1.9) trusty-security; urgency=medium
* SECURITY UPDATE: Incorrect whitelist permits DNS rebinding attacks
- debian/patches/CVE-2017-18190.patch: Don't treat "localhost.localdomain"
as an allowed replacement for localhost, since it isn't
- CVE-2017-18190
Date:
libvirt (1.2.2-0ubuntu13.1.26) trusty-security; urgency=medium
* SECURITY UPDATE: resource exhaustion resulting in DoS
- debian/patches/CVE-2018-5748.patch: avoid DoS reading from
QEMU monitor in src/qemu/qemu_monitor.c.
- CVE-2018-5748
* SECURITY UPDATE: Bypass authentication
cups (1.7.2-0ubuntu1.9) trusty-security; urgency=medium
* SECURITY UPDATE: Incorrect whitelist permits DNS rebinding attacks
- debian/patches/CVE-2017-18190.patch: Don't treat "localhost.localdomain"
as an allowed replacement for localhost, since it isn't
- CVE-2017-18190
cups
chromium-browser (64.0.3282.167-0ubuntu0.14.04.1) trusty; urgency=medium
* Upstream release: 64.0.3282.167
- CVE-2018-6056: Incorrect derived class instantiation in V8.
Date: 2018-02-14 11:28:11.920745+00:00
Changed-By: Olivier Tilloy
Signed-By: Ubuntu
qemu (2.0.0+dfsg-2ubuntu1.39) trusty-security; urgency=medium
* SECURITY UPDATE: DoS via guest ram block area
- debian/patches/CVE-2017-11334-1.patch: use qemu_ram_ptr_length to
access guest ram in exec.c.
- debian/patches/CVE-2017-11334-2.patch: add lock parameter to
libvirt (1.2.2-0ubuntu13.1.26) trusty-security; urgency=medium
* SECURITY UPDATE: resource exhaustion resulting in DoS
- debian/patches/CVE-2018-5748.patch: avoid DoS reading from
QEMU monitor in src/qemu/qemu_monitor.c.
- CVE-2018-5748
* SECURITY UPDATE: Bypass authentication
qemu (2.0.0+dfsg-2ubuntu1.39) trusty-security; urgency=medium
* SECURITY UPDATE: DoS via guest ram block area
- debian/patches/CVE-2017-11334-1.patch: use qemu_ram_ptr_length to
access guest ram in exec.c.
- debian/patches/CVE-2017-11334-2.patch: add lock parameter to
chromium-browser (64.0.3282.167-0ubuntu0.14.04.1) trusty; urgency=medium
* Upstream release: 64.0.3282.167
- CVE-2018-6056: Incorrect derived class instantiation in V8.
Date: 2018-02-14 11:28:11.920745+00:00
Changed-By: Olivier Tilloy
Signed-By: Chris Coulson
walinuxagent (2.2.21+really2.2.20-0ubuntu1~14.04.1) trusty; urgency=medium
* Backport bionic version to trusty.
* Revert to an older upstream release: 2.2.20 (LP: #1749589).
- Rename upstream tarball to 2.2.21+really2.2.20 to end up with a
temporarily higher version number than
10 matches
Mail list logo