[ubuntu/trusty-updates] sqlite3 3.8.2-1ubuntu2.2 (Accepted)

sqlite3 (3.8.2-1ubuntu2.2) trusty-security; urgency=medium * SECURITY UPDATE: Avoid segmentation fault while using a corrupted file. - d/p/0001-Fix-a-parsing-issue-associated-with-a-corrupt-sqlite.patch: Check if parser is busy before using it and raise an error if positive.

[ubuntu/trusty-security] sqlite3 3.8.2-1ubuntu2.2 (Accepted)

sqlite3 (3.8.2-1ubuntu2.2) trusty-security; urgency=medium * SECURITY UPDATE: Avoid segmentation fault while using a corrupted file. - d/p/0001-Fix-a-parsing-issue-associated-with-a-corrupt-sqlite.patch: Check if parser is busy before using it and raise an error if positive.

[ubuntu/trusty-updates] postgis 2.1.2+dfsg-2ubuntu0.2 (Accepted)

postgis (2.1.2+dfsg-2ubuntu0.2) trusty-security; urgency=medium * SECURITY UPDATE: An empty argument in a postgis function can cause a DoS in PostgreSQL. This fix avoid it. - debian/patches/CVE-2017-18359.patch: ST_AsX3D handle empty geometries. - CVE-2017-18359 Date: 2019-02-14

[ubuntu/trusty-security] postgis 2.1.2+dfsg-2ubuntu0.2 (Accepted)

postgis (2.1.2+dfsg-2ubuntu0.2) trusty-security; urgency=medium * SECURITY UPDATE: An empty argument in a postgis function can cause a DoS in PostgreSQL. This fix avoid it. - debian/patches/CVE-2017-18359.patch: ST_AsX3D handle empty geometries. - CVE-2017-18359 Date: 2019-02-14

[ubuntu/trusty-updates] backuppc 3.3.0-1ubuntu1.1 (Accepted)

backuppc (3.3.0-1ubuntu1.1) trusty; urgency=medium * d/rules, d/p/smb-compat-fix.patch: cope with changes in newer smbclient. Thanks to Maksym Schipka (LP: #1576187) * d/t/{control,smb-backup}: simple smb-based DEP8 test (LP: #1677755) Date: 2018-10-24 13:23:12.702356+00:00 Changed-By:

[ubuntu/trusty-updates] thunderbird 1:60.5.1+build2-0ubuntu0.14.04.1 (Accepted)

thunderbird (1:60.5.1+build2-0ubuntu0.14.04.1) trusty; urgency=medium * New upstream stable release (60.5.1build2) * Refresh patches: - debian/patches/drop-check-glibc-symbols.patch - debian/patches/unity-menubar.patch Date: 2019-02-19 15:14:18.256017+00:00 Changed-By: Olivier

[ubuntu/trusty-updates] firefox 65.0.1+build2-0ubuntu0.14.04.1 (Accepted)

firefox (65.0.1+build2-0ubuntu0.14.04.1) trusty; urgency=medium * New upstream stable release (65.0.1build2) Date: 2019-02-15 00:10:12.337690+00:00 Changed-By: Olivier Tilloy Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/firefox/65.0.1+build2-0ubuntu0.14.04.1 Sorry,

[ubuntu/trusty-updates] ldb 1:1.1.24-0ubuntu0.14.04.2 (Accepted)

ldb (1:1.1.24-0ubuntu0.14.04.2) trusty-security; urgency=medium * SECURITY UPDATE: Out of bound read in ldb_wildcard_compare - debian/patches/CVE-2019-3824-1.patch: fix length. - debian/patches/CVE-2019-3824-2.patch: add extra comments. - debian/patches/CVE-2019-3824-3.patch:

[ubuntu/trusty-security] firefox 65.0.1+build2-0ubuntu0.14.04.1 (Accepted)

firefox (65.0.1+build2-0ubuntu0.14.04.1) trusty; urgency=medium * New upstream stable release (65.0.1build2) Date: 2019-02-15 00:10:12.337690+00:00 Changed-By: Olivier Tilloy Signed-By: Chris Coulson https://launchpad.net/ubuntu/+source/firefox/65.0.1+build2-0ubuntu0.14.04.1 Sorry,

[ubuntu/trusty-security] thunderbird 1:60.5.1+build2-0ubuntu0.14.04.1 (Accepted)

thunderbird (1:60.5.1+build2-0ubuntu0.14.04.1) trusty; urgency=medium * New upstream stable release (60.5.1build2) * Refresh patches: - debian/patches/drop-check-glibc-symbols.patch - debian/patches/unity-menubar.patch Date: 2019-02-19 15:14:18.256017+00:00 Changed-By: Olivier

[ubuntu/trusty-updates] ghostscript 9.26~dfsg+0-0ubuntu0.14.04.7 (Accepted)

ghostscript (9.26~dfsg+0-0ubuntu0.14.04.7) trusty-security; urgency=medium * SECURITY REGRESSION: High RIP_MAX_CACHE makes cups output device fail, second fix attempt. (LP: #1815339) - debian/patches/lp1815339.patch: re-enable. - debian/patches/lp1815339-2.patch: properly map RGBW

[ubuntu/trusty-updates] gnome-keyring 3.10.1-1ubuntu4.4 (Accepted)

gnome-keyring (3.10.1-1ubuntu4.4) trusty-security; urgency=medium * SECURITY UPDATE: credentials exposed in memory (LP: #1772919) - debian/patches/CVE-2018-20781.patch: destroy the password in pam_sm_open_session in pam/gkr-pam-module.c. - CVE-2018-20781 Date: 2019-02-14

[ubuntu/trusty-security] ldb 1:1.1.24-0ubuntu0.14.04.2 (Accepted)

ldb (1:1.1.24-0ubuntu0.14.04.2) trusty-security; urgency=medium * SECURITY UPDATE: Out of bound read in ldb_wildcard_compare - debian/patches/CVE-2019-3824-1.patch: fix length. - debian/patches/CVE-2019-3824-2.patch: add extra comments. - debian/patches/CVE-2019-3824-3.patch:

[ubuntu/trusty-security] ghostscript 9.26~dfsg+0-0ubuntu0.14.04.7 (Accepted)

ghostscript (9.26~dfsg+0-0ubuntu0.14.04.7) trusty-security; urgency=medium * SECURITY REGRESSION: High RIP_MAX_CACHE makes cups output device fail, second fix attempt. (LP: #1815339) - debian/patches/lp1815339.patch: re-enable. - debian/patches/lp1815339-2.patch: properly map RGBW

[ubuntu/trusty-security] gnome-keyring 3.10.1-1ubuntu4.4 (Accepted)

gnome-keyring (3.10.1-1ubuntu4.4) trusty-security; urgency=medium * SECURITY UPDATE: credentials exposed in memory (LP: #1772919) - debian/patches/CVE-2018-20781.patch: destroy the password in pam_sm_open_session in pam/gkr-pam-module.c. - CVE-2018-20781 Date: 2019-02-14