htmlunit (2.8-1ubuntu2.1) xenial-security; urgency=medium
* Fix FTBFS because of mime4j.
* Ignore the dependency on maven-assembly-plugin and maven-antrun-plugin.
* SECURITY UPDATE: Arbitrary code execution.
- d/p/0001-disable-java-access-to-avoid-execution-of-arbitrary-.patch:
htmlunit (2.8-1ubuntu2.1) xenial-security; urgency=medium
* Fix FTBFS because of mime4j.
* Ignore the dependency on maven-assembly-plugin and maven-antrun-plugin.
* SECURITY UPDATE: Arbitrary code execution.
- d/p/0001-disable-java-access-to-avoid-execution-of-arbitrary-.patch:
php7.0 (7.0.33-0ubuntu0.16.04.16) xenial-security; urgency=medium
* SECURITY UPDATE: Possibly forge cookie
- debian/patches/CVE-2020-7070.patch: do not decode cookie names anymore
in main/php_variables.c, tests/basic/022.phpt, tests/basic/023.phpt,
tests/basic/bug79699.phpt.
php7.0 (7.0.33-0ubuntu0.16.04.16) xenial-security; urgency=medium
* SECURITY UPDATE: Possibly forge cookie
- debian/patches/CVE-2020-7070.patch: do not decode cookie names anymore
in main/php_variables.c, tests/basic/022.phpt, tests/basic/023.phpt,
tests/basic/bug79699.phpt.
vim (2:7.4.1689-3ubuntu1.5) xenial-security; urgency=medium
* SECURITY UPDATE: incorrect group ownership of .swp file
- debian/patches/CVE-2017-17087.patch: use correct group in
src/fileio.c.
- CVE-2017-17087
* SECURITY UPDATE: rvim restricted mode circumvention
-
python2.7 (2.7.12-1ubuntu0~16.04.13) xenial-security; urgency=medium
* SECURITY UPDATE: CRLF injection
- debian/patches/CVE-2020-26116.patch: prevent header injection
in http methods in Lib/httplib.py, Lib/test/test_httlib.py.
- CVE-2020-26116
Date: 2020-10-05
python3.5 (3.5.2-2ubuntu0~16.04.12) xenial-security; urgency=medium
* SECURITY UPDATE: CRLF injection
- debian/patches/CVE-2020-26116.patch: prevent header injection
in http methods in Lib/httplib.py, Lib/test/test_httlib.py.
- CVE-2020-26116
*
vim (2:7.4.1689-3ubuntu1.5) xenial-security; urgency=medium
* SECURITY UPDATE: incorrect group ownership of .swp file
- debian/patches/CVE-2017-17087.patch: use correct group in
src/fileio.c.
- CVE-2017-17087
* SECURITY UPDATE: rvim restricted mode circumvention
-
python2.7 (2.7.12-1ubuntu0~16.04.13) xenial-security; urgency=medium
* SECURITY UPDATE: CRLF injection
- debian/patches/CVE-2020-26116.patch: prevent header injection
in http methods in Lib/httplib.py, Lib/test/test_httlib.py.
- CVE-2020-26116
Date: 2020-10-05
python3.5 (3.5.2-2ubuntu0~16.04.12) xenial-security; urgency=medium
* SECURITY UPDATE: CRLF injection
- debian/patches/CVE-2020-26116.patch: prevent header injection
in http methods in Lib/httplib.py, Lib/test/test_httlib.py.
- CVE-2020-26116
*
10 matches
Mail list logo