[ubuntu/xenial-updates] htmlunit 2.8-1ubuntu2.1 (Accepted)

2020-10-14 Thread Ubuntu Archive Robot
htmlunit (2.8-1ubuntu2.1) xenial-security; urgency=medium * Fix FTBFS because of mime4j. * Ignore the dependency on maven-assembly-plugin and maven-antrun-plugin. * SECURITY UPDATE: Arbitrary code execution. - d/p/0001-disable-java-access-to-avoid-execution-of-arbitrary-.patch:

[ubuntu/xenial-security] htmlunit 2.8-1ubuntu2.1 (Accepted)

2020-10-14 Thread Paulo Flabiano Smorigo
htmlunit (2.8-1ubuntu2.1) xenial-security; urgency=medium * Fix FTBFS because of mime4j. * Ignore the dependency on maven-assembly-plugin and maven-antrun-plugin. * SECURITY UPDATE: Arbitrary code execution. - d/p/0001-disable-java-access-to-avoid-execution-of-arbitrary-.patch:

[ubuntu/xenial-updates] php7.0 7.0.33-0ubuntu0.16.04.16 (Accepted)

2020-10-14 Thread Ubuntu Archive Robot
php7.0 (7.0.33-0ubuntu0.16.04.16) xenial-security; urgency=medium * SECURITY UPDATE: Possibly forge cookie - debian/patches/CVE-2020-7070.patch: do not decode cookie names anymore in main/php_variables.c, tests/basic/022.phpt, tests/basic/023.phpt, tests/basic/bug79699.phpt.

[ubuntu/xenial-security] php7.0 7.0.33-0ubuntu0.16.04.16 (Accepted)

2020-10-14 Thread Leonidas S. Barbosa
php7.0 (7.0.33-0ubuntu0.16.04.16) xenial-security; urgency=medium * SECURITY UPDATE: Possibly forge cookie - debian/patches/CVE-2020-7070.patch: do not decode cookie names anymore in main/php_variables.c, tests/basic/022.phpt, tests/basic/023.phpt, tests/basic/bug79699.phpt.

[ubuntu/xenial-updates] vim 2:7.4.1689-3ubuntu1.5 (Accepted)

2020-10-14 Thread Ubuntu Archive Robot
vim (2:7.4.1689-3ubuntu1.5) xenial-security; urgency=medium * SECURITY UPDATE: incorrect group ownership of .swp file - debian/patches/CVE-2017-17087.patch: use correct group in src/fileio.c. - CVE-2017-17087 * SECURITY UPDATE: rvim restricted mode circumvention -

[ubuntu/xenial-updates] python2.7 2.7.12-1ubuntu0~16.04.13 (Accepted)

2020-10-14 Thread Ubuntu Archive Robot
python2.7 (2.7.12-1ubuntu0~16.04.13) xenial-security; urgency=medium * SECURITY UPDATE: CRLF injection - debian/patches/CVE-2020-26116.patch: prevent header injection in http methods in Lib/httplib.py, Lib/test/test_httlib.py. - CVE-2020-26116 Date: 2020-10-05

[ubuntu/xenial-updates] python3.5 3.5.2-2ubuntu0~16.04.12 (Accepted)

2020-10-14 Thread Ubuntu Archive Robot
python3.5 (3.5.2-2ubuntu0~16.04.12) xenial-security; urgency=medium * SECURITY UPDATE: CRLF injection - debian/patches/CVE-2020-26116.patch: prevent header injection in http methods in Lib/httplib.py, Lib/test/test_httlib.py. - CVE-2020-26116 *

[ubuntu/xenial-security] vim 2:7.4.1689-3ubuntu1.5 (Accepted)

2020-10-14 Thread Marc Deslauriers
vim (2:7.4.1689-3ubuntu1.5) xenial-security; urgency=medium * SECURITY UPDATE: incorrect group ownership of .swp file - debian/patches/CVE-2017-17087.patch: use correct group in src/fileio.c. - CVE-2017-17087 * SECURITY UPDATE: rvim restricted mode circumvention -

[ubuntu/xenial-security] python2.7 2.7.12-1ubuntu0~16.04.13 (Accepted)

2020-10-14 Thread Leonidas S. Barbosa
python2.7 (2.7.12-1ubuntu0~16.04.13) xenial-security; urgency=medium * SECURITY UPDATE: CRLF injection - debian/patches/CVE-2020-26116.patch: prevent header injection in http methods in Lib/httplib.py, Lib/test/test_httlib.py. - CVE-2020-26116 Date: 2020-10-05

[ubuntu/xenial-security] python3.5 3.5.2-2ubuntu0~16.04.12 (Accepted)

2020-10-14 Thread Leonidas S. Barbosa
python3.5 (3.5.2-2ubuntu0~16.04.12) xenial-security; urgency=medium * SECURITY UPDATE: CRLF injection - debian/patches/CVE-2020-26116.patch: prevent header injection in http methods in Lib/httplib.py, Lib/test/test_httlib.py. - CVE-2020-26116 *