ghostscript (9.18~dfsg~0-0ubuntu2.4) xenial-security; urgency=medium
* SECURITY UPDATE: invalid handling of parameters to .eqproc and
.rsdparams allowed disabling -dSAFER and thus code execution
- debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters
-
ghostscript (9.18~dfsg~0-0ubuntu2.4) xenial-security; urgency=medium
* SECURITY UPDATE: invalid handling of parameters to .eqproc and
.rsdparams allowed disabling -dSAFER and thus code execution
- debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters
-
weechat (1.4-2ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: remote buffer overflow crash by sending a filename
via DCC to the IRC plugin (LP: #1686478)
- debian/patches/03_fix_CVE-2017-8073.patch: Fix quote removal in
irc_ctcp_dcc_filename_without_quotes function
weechat (1.4-2ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: remote buffer overflow crash by sending a filename
via DCC to the IRC plugin (LP: #1686478)
- debian/patches/03_fix_CVE-2017-8073.patch: Fix quote removal in
irc_ctcp_dcc_filename_without_quotes function
software-properties (0.96.20.6) xenial; urgency=medium
* Add knowledge of OpenStack releases Pike and Queens. (LP: #1670385)
[ Scott Moser & Dimitri John Ledkov ]
* When failing to retrieve a GPG key, raise an exception such that
e.g. add-apt-repository can fail when it did not manage
libxslt (1.1.28-2.1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: out-of-bounds heap memory access
- debian/patches/0010-CVE-2016-1683.patch: special case namespace
nodes in xsltNumberFormatGetMultipleLevel
- CVE-2016-1683
* SECURITY UPDATE: integer overflow
-
libxslt (1.1.28-2.1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: out-of-bounds heap memory access
- debian/patches/0010-CVE-2016-1683.patch: special case namespace
nodes in xsltNumberFormatGetMultipleLevel
- CVE-2016-1683
* SECURITY UPDATE: integer overflow
-
systemd (229-4ubuntu17) xenial; urgency=medium
* Make systemd-networkd-resolvconf-update.{service,path} run earlier
to ensure DNS is configured prior to reaching network-online.target.
(LP: #1649931)
Date: 2017-02-15 12:11:10.547625+00:00
Changed-By: Ryan Harper
libglib-perl (3:1.320-2) unstable; urgency=medium
* Upload to unstable.
* New patch: Fix-typos-in-POD.patch.
Date: 2016-01-02 22:14:47.92+00:00
Signed-By: Steve Langasek
https://launchpad.net/ubuntu/+source/libglib-perl/3:1.320-2
Sorry, changesfile not
libcairo-perl (1.106-1build1) xenial; urgency=medium
* Rebuild for Perl 5.22.1.
Date: 2015-12-18 10:54:11.880119+00:00
Changed-By: Colin Watson
Signed-By: Steve Langasek
https://launchpad.net/ubuntu/+source/libcairo-perl/1.106-1build1
libpango-perl (1.227-1) unstable; urgency=medium
[ Salvatore Bonaccorso ]
* debian/control: Use HTTPS transport protocol for Vcs-Git URI
[ intrigeri ]
* Import new upstream release.
* Drop 0001-Ensure-word-separation-in-linker-arguments-with-pkg-.patch:
merged upstream.
Date:
unattended-upgrades (0.90ubuntu0.5) xenial; urgency=medium
* Complete the solution for the unattended-upgrades.service unit not
correctly working (LP: #1654600):
- d/rules : Remove the override_dh_installinit. The stop option is no longer
available so the command falls back to
unattended-upgrades (0.90ubuntu0.1) xenial-proposed; urgency=medium
* Modify data/50unattended-upgrades.Ubuntu such that the release pocket is
an allowed origin so that security updates with a new dependency will be
upgraded and the new dependency will be installed. (LP: #1624641)
nss (2:3.28.4-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Updated to upstream 3.28.4 to fix security issues and get a new CA
certificate bundle.
* SECURITY UPDATE: DES and Triple DES ciphers birthday attack
- CVE-2016-2183
* SECURITY UPDATE: out-of-bounds write in Base64
nspr (2:4.13.1-0ubuntu0.16.04.1) xenial-security; urgency=medium
* Update to 4.13.1 to support nss security update.
Date: 2017-04-26 15:08:16.622901+00:00
Changed-By: Marc Deslauriers
https://launchpad.net/ubuntu/+source/nspr/2:4.13.1-0ubuntu0.16.04.1
Sorry,
dpkg (1.18.4ubuntu1.2) xenial; urgency=medium
* Cherry-pick patch from git to limit preallocation to files over
16KiB, fixing installation performance regression (LP: #1663749)
Date: 2017-04-10 10:40:14.669392+00:00
Changed-By: Adam Conrad
Signed-By: Brian Murray
sane-backends (1.0.25+git20150528-1ubuntu2.16.04.1) xenial; urgency=medium
* control: add breaks/replaces between libsane and libsane-common to
fix earlier packaging mistake. LP: #1564778
Date: 2017-03-29 19:09:11.072388+00:00
Changed-By: Rolf Leggewie
mysql-5.7 (5.7.18-0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: Update to 5.7.18 to fix security issues
- CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3331,
CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455,
CVE-2017-3456, CVE-2017-3457,
mysql-5.7 (5.7.18-0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: Update to 5.7.18 to fix security issues
- CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3331,
CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455,
CVE-2017-3456, CVE-2017-3457,
19 matches
Mail list logo