cargo (0.36.0-0ubuntu1~16.04.1) xenial; urgency=medium
* Backport to xenial
* Embed libgit2 0.27.0 to avoid a dependency on a version which is newer
than that found in bionic
- add debian/libgit2
- add debian/patches/do-not-use-system-libgit2.patch
- update debian/control
rustc (1.35.0+dfsg0.1+llvm-0ubuntu1~16.04.1) xenial; urgency=medium
* Backport to Xenial.
* Relax the gdb build requirement
- update debian/control
* Relax the dependency on xz-utils by commenting out some unused code
- add debian/patches/d-relax-xz-utils-dependency.patch
-
squid3 (3.5.12-1ubuntu7.7) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via SNMP memory leak
- debian/patches/CVE-2018-19132.patch: fix leak in src/snmp_core.cc.
- CVE-2018-19132
* SECURITY UPDATE: XSS issues in cachemgr.cgi
- debian/patches/CVE-2019-13345.patch:
squid3 (3.5.12-1ubuntu7.7) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via SNMP memory leak
- debian/patches/CVE-2018-19132.patch: fix leak in src/snmp_core.cc.
- CVE-2018-19132
* SECURITY UPDATE: XSS issues in cachemgr.cgi
- debian/patches/CVE-2019-13345.patch:
exiv2 (0.25-2.1ubuntu16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2018-19107-19108-*.patch: add port of enforce()
in src/enforce.hpp, use safe:add for preventing overflows in
PSD files and enforce length of image resource
bash (4.3-14ubuntu1.4) xenial-security; urgency=medium
* SECURITY UPDATE: rbash restriction bypass (LP: #1803441)
- debian/patches/CVE-2019-9924.patch: if the shell is restricted,
reject attempts to add pathnames containing slashes to the hash table
in variables.c.
-
wslu (2.0.0-0ubuntu2~16.04.1) xenial; urgency=medium
* Set DISPLAY=:0 when an X11 server is running (LP: #1836552)
* Use PulseAudio if it is running on Windows (LP: #1836552)
* Set up sound, too, when starting GUI programs via Windows desktop shortcuts
(LP: #1836552)
Date: Mon, 15 Jul
exiv2 (0.25-2.1ubuntu16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2018-19107-19108-*.patch: add port of enforce()
in src/enforce.hpp, use safe:add for preventing overflows in
PSD files and enforce length of image resource
flightcrew (0.7.2+dfsg-6ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference (DoS) when processing crafted
EPUB file
- debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed
opf items in GetRelativePathToNcx()
-
zipios++ (0.1.5.9+cvs.2007.04.28-5.2ubuntu0.16.04.1) xenial-security;
urgency=medium
* SECURITY UPDATE: Infinite loop leading to DoS and resource consumption
- debian/patches/04_CVE-2019-13453.dpatch: Prevent infinite loop by checking
for EOF
- CVE-2019-13453
Date: 2019-07-11
zipios++ (0.1.5.9+cvs.2007.04.28-5.2ubuntu0.16.04.1) xenial-security;
urgency=medium
* SECURITY UPDATE: Infinite loop leading to DoS and resource consumption
- debian/patches/04_CVE-2019-13453.dpatch: Prevent infinite loop by checking
for EOF
- CVE-2019-13453
Date: 2019-07-11
flightcrew (0.7.2+dfsg-6ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference (DoS) when processing crafted
EPUB file
- debian/patches/CVE-2019-13032-1.patch: prevent segfault from malformed
opf items in GetRelativePathToNcx()
-
aptdaemon (1.1.1+bzr982-0ubuntu14.1) xenial; urgency=medium
* Various locking fixes (LP: #1831981)
- Implement frontend locking (incl. fixup from 0ubuntu24)
- Adjust locking order to match APT
- Use reverse order for unlocking
* Test suite fixes:
- Fix failing tests
- Make
lazr.restfulclient (0.13.4-5ubuntu2) xenial; urgency=medium
* Cherry-pick from upstream:
- Fix handling of 304 responses with an empty body on Python 3
(LP: #1714960).
Date: 2019-07-08 13:55:09.888676+00:00
Changed-By: Andy Whitcroft
Signed-By: Łukasz Zemczak
14 matches
Mail list logo
