[ubuntu/xenial-updates] ghostscript 9.18~dfsg~0-0ubuntu2.4 (Accepted)

2017-04-27 Thread Ubuntu Archive Robot
ghostscript (9.18~dfsg~0-0ubuntu2.4) xenial-security; urgency=medium * SECURITY UPDATE: invalid handling of parameters to .eqproc and .rsdparams allowed disabling -dSAFER and thus code execution - debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters -

[ubuntu/xenial-security] ghostscript 9.18~dfsg~0-0ubuntu2.4 (Accepted)

2017-04-27 Thread Steve Beattie
ghostscript (9.18~dfsg~0-0ubuntu2.4) xenial-security; urgency=medium * SECURITY UPDATE: invalid handling of parameters to .eqproc and .rsdparams allowed disabling -dSAFER and thus code execution - debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters -

[ubuntu/xenial-updates] weechat 1.4-2ubuntu0.1 (Accepted)

2017-04-27 Thread Ubuntu Archive Robot
weechat (1.4-2ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: remote buffer overflow crash by sending a filename via DCC to the IRC plugin (LP: #1686478) - debian/patches/03_fix_CVE-2017-8073.patch: Fix quote removal in irc_ctcp_dcc_filename_without_quotes function

[ubuntu/xenial-security] weechat 1.4-2ubuntu0.1 (Accepted)

2017-04-27 Thread Seth Arnold
weechat (1.4-2ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: remote buffer overflow crash by sending a filename via DCC to the IRC plugin (LP: #1686478) - debian/patches/03_fix_CVE-2017-8073.patch: Fix quote removal in irc_ctcp_dcc_filename_without_quotes function

[ubuntu/xenial-updates] software-properties 0.96.20.6 (Accepted)

2017-04-27 Thread Steve Langasek
software-properties (0.96.20.6) xenial; urgency=medium * Add knowledge of OpenStack releases Pike and Queens. (LP: #1670385) [ Scott Moser & Dimitri John Ledkov ] * When failing to retrieve a GPG key, raise an exception such that e.g. add-apt-repository can fail when it did not manage

[ubuntu/xenial-updates] libxslt 1.1.28-2.1ubuntu0.1 (Accepted)

2017-04-27 Thread Ubuntu Archive Robot
libxslt (1.1.28-2.1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: out-of-bounds heap memory access - debian/patches/0010-CVE-2016-1683.patch: special case namespace nodes in xsltNumberFormatGetMultipleLevel - CVE-2016-1683 * SECURITY UPDATE: integer overflow -

[ubuntu/xenial-security] libxslt 1.1.28-2.1ubuntu0.1 (Accepted)

2017-04-27 Thread Steve Beattie
libxslt (1.1.28-2.1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: out-of-bounds heap memory access - debian/patches/0010-CVE-2016-1683.patch: special case namespace nodes in xsltNumberFormatGetMultipleLevel - CVE-2016-1683 * SECURITY UPDATE: integer overflow -

[ubuntu/xenial-updates] systemd 229-4ubuntu17 (Accepted)

2017-04-27 Thread Brian Murray
systemd (229-4ubuntu17) xenial; urgency=medium * Make systemd-networkd-resolvconf-update.{service,path} run earlier to ensure DNS is configured prior to reaching network-online.target. (LP: #1649931) Date: 2017-02-15 12:11:10.547625+00:00 Changed-By: Ryan Harper

[ubuntu/xenial-updates] libglib-perl 3:1.320-2 (Accepted)

2017-04-27 Thread Steve Langasek
libglib-perl (3:1.320-2) unstable; urgency=medium * Upload to unstable. * New patch: Fix-typos-in-POD.patch. Date: 2016-01-02 22:14:47.92+00:00 Signed-By: Steve Langasek https://launchpad.net/ubuntu/+source/libglib-perl/3:1.320-2 Sorry, changesfile not

[ubuntu/xenial-updates] libcairo-perl 1.106-1build1 (Accepted)

2017-04-27 Thread Steve Langasek
libcairo-perl (1.106-1build1) xenial; urgency=medium * Rebuild for Perl 5.22.1. Date: 2015-12-18 10:54:11.880119+00:00 Changed-By: Colin Watson Signed-By: Steve Langasek https://launchpad.net/ubuntu/+source/libcairo-perl/1.106-1build1

[ubuntu/xenial-updates] libpango-perl 1.227-1 (Accepted)

2017-04-27 Thread Steve Langasek
libpango-perl (1.227-1) unstable; urgency=medium [ Salvatore Bonaccorso ] * debian/control: Use HTTPS transport protocol for Vcs-Git URI [ intrigeri ] * Import new upstream release. * Drop 0001-Ensure-word-separation-in-linker-arguments-with-pkg-.patch: merged upstream. Date:

[ubuntu/xenial-proposed] unattended-upgrades 0.90ubuntu0.5 (Accepted)

2017-04-27 Thread Louis Bouchard
unattended-upgrades (0.90ubuntu0.5) xenial; urgency=medium * Complete the solution for the unattended-upgrades.service unit not correctly working (LP: #1654600): - d/rules : Remove the override_dh_installinit. The stop option is no longer available so the command falls back to

[ubuntu/xenial-security] unattended-upgrades 0.90ubuntu0.1 (Accepted)

2017-04-27 Thread Adam Conrad
unattended-upgrades (0.90ubuntu0.1) xenial-proposed; urgency=medium * Modify data/50unattended-upgrades.Ubuntu such that the release pocket is an allowed origin so that security updates with a new dependency will be upgraded and the new dependency will be installed. (LP: #1624641)

[ubuntu/xenial-updates] nss 2:3.28.4-0ubuntu0.16.04.1 (Accepted)

2017-04-27 Thread Ubuntu Archive Robot
nss (2:3.28.4-0ubuntu0.16.04.1) xenial-security; urgency=medium * Updated to upstream 3.28.4 to fix security issues and get a new CA certificate bundle. * SECURITY UPDATE: DES and Triple DES ciphers birthday attack - CVE-2016-2183 * SECURITY UPDATE: out-of-bounds write in Base64

[ubuntu/xenial-security] nspr 2:4.13.1-0ubuntu0.16.04.1 (Accepted)

2017-04-27 Thread Marc Deslauriers
nspr (2:4.13.1-0ubuntu0.16.04.1) xenial-security; urgency=medium * Update to 4.13.1 to support nss security update. Date: 2017-04-26 15:08:16.622901+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/nspr/2:4.13.1-0ubuntu0.16.04.1 Sorry,

[ubuntu/xenial-updates] dpkg 1.18.4ubuntu1.2 (Accepted)

2017-04-27 Thread Brian Murray
dpkg (1.18.4ubuntu1.2) xenial; urgency=medium * Cherry-pick patch from git to limit preallocation to files over 16KiB, fixing installation performance regression (LP: #1663749) Date: 2017-04-10 10:40:14.669392+00:00 Changed-By: Adam Conrad Signed-By: Brian Murray

[ubuntu/xenial-updates] sane-backends 1.0.25+git20150528-1ubuntu2.16.04.1 (Accepted)

2017-04-27 Thread Brian Murray
sane-backends (1.0.25+git20150528-1ubuntu2.16.04.1) xenial; urgency=medium * control: add breaks/replaces between libsane and libsane-common to fix earlier packaging mistake. LP: #1564778 Date: 2017-03-29 19:09:11.072388+00:00 Changed-By: Rolf Leggewie

[ubuntu/xenial-updates] mysql-5.7 5.7.18-0ubuntu0.16.04.1 (Accepted)

2017-04-27 Thread Ubuntu Archive Robot
mysql-5.7 (5.7.18-0ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Update to 5.7.18 to fix security issues - CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3331, CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455, CVE-2017-3456, CVE-2017-3457,

[ubuntu/xenial-security] mysql-5.7 5.7.18-0ubuntu0.16.04.1 (Accepted)

2017-04-27 Thread Marc Deslauriers
mysql-5.7 (5.7.18-0ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Update to 5.7.18 to fix security issues - CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3331, CVE-2017-3450, CVE-2017-3453, CVE-2017-3454, CVE-2017-3455, CVE-2017-3456, CVE-2017-3457,