[ubuntu/xenial-updates] python-apt 1.1.0~beta1ubuntu0.16.04.8 (Accepted)

2020-01-22 Thread Ubuntu Archive Robot
python-apt (1.1.0~beta1ubuntu0.16.04.8) xenial-security; urgency=medium * SECURITY REGRESSION: crash with ubuntu-release-upgrader (LP: #1860606) - apt/cache.py: make allow_unauthenticated argument to fetch_archives() optional. Date: 2020-01-22 22:22:13.688492+00:00 Changed-By: Marc

[ubuntu/xenial-security] python-apt 1.1.0~beta1ubuntu0.16.04.8 (Accepted)

2020-01-22 Thread Marc Deslauriers
python-apt (1.1.0~beta1ubuntu0.16.04.8) xenial-security; urgency=medium * SECURITY REGRESSION: crash with ubuntu-release-upgrader (LP: #1860606) - apt/cache.py: make allow_unauthenticated argument to fetch_archives() optional. Date: 2020-01-22 22:22:13.688492+00:00 Changed-By: Marc

[ubuntu/xenial-updates] graphicsmagick 1.3.23-1ubuntu0.5 (Accepted)

2020-01-22 Thread Ubuntu Archive Robot
graphicsmagick (1.3.23-1ubuntu0.5) xenial-security; urgency=medium * SECURITY UPDATE: DoS in ReadWPGImage() - debian/patches/CVE-2017-16545.patch: Assure that colormapped image is a PseudoClass type with valid colormapped indexes. - CVE-2017-16545 * SECURITY UPDATE: DoS

[ubuntu/xenial-security] graphicsmagick 1.3.23-1ubuntu0.5 (Accepted)

2020-01-22 Thread Eduardo dos Santos Barretto
graphicsmagick (1.3.23-1ubuntu0.5) xenial-security; urgency=medium * SECURITY UPDATE: DoS in ReadWPGImage() - debian/patches/CVE-2017-16545.patch: Assure that colormapped image is a PseudoClass type with valid colormapped indexes. - CVE-2017-16545 * SECURITY UPDATE: DoS

[ubuntu/xenial-updates] python-apt 1.1.0~beta1ubuntu0.16.04.7 (Accepted)

2020-01-22 Thread Ubuntu Archive Robot
python-apt (1.1.0~beta1ubuntu0.16.04.7) xenial-security; urgency=medium * SECURITY UPDATE: Check that repository is trusted before downloading files from it (LP: #1858973) - apt/cache.py: Add checks to fetch_archives() and commit() - apt/package.py: Add checks to fetch_binary() and

[ubuntu/xenial-updates] aptdaemon 1.1.1+bzr982-0ubuntu14.2 (Accepted)

2020-01-22 Thread Ubuntu Archive Robot
aptdaemon (1.1.1+bzr982-0ubuntu14.2) xenial-security; urgency=medium * Fix compatibility with python-apt security update (LP: #1858973) Date: 2020-01-16 13:45:20.513502+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot

[ubuntu/xenial-security] python-apt 1.1.0~beta1ubuntu0.16.04.7 (Accepted)

2020-01-22 Thread Marc Deslauriers
python-apt (1.1.0~beta1ubuntu0.16.04.7) xenial-security; urgency=medium * SECURITY UPDATE: Check that repository is trusted before downloading files from it (LP: #1858973) - apt/cache.py: Add checks to fetch_archives() and commit() - apt/package.py: Add checks to fetch_binary() and

[ubuntu/xenial-security] aptdaemon 1.1.1+bzr982-0ubuntu14.2 (Accepted)

2020-01-22 Thread Marc Deslauriers
aptdaemon (1.1.1+bzr982-0ubuntu14.2) xenial-security; urgency=medium * Fix compatibility with python-apt security update (LP: #1858973) Date: 2020-01-16 13:45:20.513502+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/aptdaemon/1.1.1+bzr982-0ubuntu14.2 Sorry,

[ubuntu/xenial-updates] zlib 1:1.2.8.dfsg-2ubuntu4.3 (Accepted)

2020-01-22 Thread Ubuntu Archive Robot
zlib (1:1.2.8.dfsg-2ubuntu4.3) xenial-security; urgency=medium * SECURITY UPDATE: improper pointer arithmetic might allow context-dependent attackers to have unspecified impact - debian/patches/CVE-2016-9840.patch: remove offset pointer optimization in inftrees.c -

[ubuntu/xenial-security] zlib 1:1.2.8.dfsg-2ubuntu4.3 (Accepted)

2020-01-22 Thread Avital Ostromich
zlib (1:1.2.8.dfsg-2ubuntu4.3) xenial-security; urgency=medium * SECURITY UPDATE: improper pointer arithmetic might allow context-dependent attackers to have unspecified impact - debian/patches/CVE-2016-9840.patch: remove offset pointer optimization in inftrees.c -