[ubuntu/xenial-updates] snapcraft 2.41 (Accepted)

2018-04-19 Thread Brian Murray
snapcraft (2.41) xenial; urgency=medium [ Sergio Schvezov ] * package: ensure all relevant files are in for sdist (#2060) * errors: enable sending tracebacks to sentry (#1961) * errors: improve the UX for sending error data (#2024) * errors: remove stack data when sending to sentry

[ubuntu/xenial-proposed] ifupdown 0.8.10ubuntu1.3 (Accepted)

2018-04-19 Thread Dan Streetman
ifupdown (0.8.10ubuntu1.3) xenial; urgency=medium [ Wido den Hollander ] * Wait properly for Link-Local Address to go through DAD. (LP: #1447715) Date: Tue, 17 Apr 2018 17:29:54 -0400 Changed-By: Dan Streetman Maintainer: Ubuntu Developers

[ubuntu/xenial-updates] openssl 1.0.2g-1ubuntu4.12 (Accepted)

2018-04-19 Thread Ubuntu Archive Robot
openssl (1.0.2g-1ubuntu4.12) xenial-security; urgency=medium * SECURITY UPDATE: Cache timing side channel - debian/patches/CVE-2018-0737.patch: ensure BN_mod_inverse and BN_mod_exp_mont get called with BN_FLG_CONSTTIME flag set in crypto/rsa/rsa_gen.c. - CVE-2018-0737 Date:

[ubuntu/xenial-proposed] snapd 2.32.5 (Accepted)

2018-04-19 Thread Michael Vogt
snapd (2.32.5) xenial; urgency=medium * New upstream release, LP: #1765090 - many: add "stop-mode: sig{term,hup,usr[12]}{,-all}" instead of conflating that with refresh-mode - overlord/snapstate: poll for up to 10s if a snap is unexpectedly not mounted in doMountSnap -

[ubuntu/xenial-security] openssl 1.0.2g-1ubuntu4.12 (Accepted)

2018-04-19 Thread Leonidas S. Barbosa
openssl (1.0.2g-1ubuntu4.12) xenial-security; urgency=medium * SECURITY UPDATE: Cache timing side channel - debian/patches/CVE-2018-0737.patch: ensure BN_mod_inverse and BN_mod_exp_mont get called with BN_FLG_CONSTTIME flag set in crypto/rsa/rsa_gen.c. - CVE-2018-0737 Date:

[ubuntu/xenial-updates] apache2 2.4.18-2ubuntu3.8 (Accepted)

2018-04-19 Thread Ubuntu Archive Robot
apache2 (2.4.18-2ubuntu3.8) xenial-security; urgency=medium * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig - debian/patches/CVE-2017-15710.patch: fix language long names detection as short name in modules/aaa/mod_authnz_ldap.c. - CVE-2017-15710 * SECURITY

[ubuntu/xenial-security] apache2 2.4.18-2ubuntu3.8 (Accepted)

2018-04-19 Thread Marc Deslauriers
apache2 (2.4.18-2ubuntu3.8) xenial-security; urgency=medium * SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig - debian/patches/CVE-2017-15710.patch: fix language long names detection as short name in modules/aaa/mod_authnz_ldap.c. - CVE-2017-15710 * SECURITY

[ubuntu/xenial-updates] apache2 2.4.18-2ubuntu3.7 (Accepted)

2018-04-19 Thread Ɓukasz Zemczak
apache2 (2.4.18-2ubuntu3.7) xenial; urgency=medium * Avoid crashes, hangs and loops by fixing mod_ldap locking: (LP: #1752683) - added debian/patches/util_ldap_cache_lock_fix.patch Date: 2018-04-04 01:41:09.387070+00:00 Changed-By: Rafael David Tinoco