Branches for Hardy

Name Status Last Modified Last Commit
lp:~qtjambi-community/ubuntu/hardy/qtjambi-snapshot/debian Development 2015-06-02 17:16:24 UTC 2015-06-02
263. maint/bzr_push.sh Auto copy, commit a...

Author: Darryl L. Miles
Revision Date: 2015-06-02 17:16:24 UTC

maint/bzr_push.sh Auto copy, commit and push for: control.snapshot (ubuntu/hardy)

lp:ubuntu/hardy-security/clamav bug Mature 2013-05-04 06:57:22 UTC 2013-05-04
56. [ Seth Arnold ] * SECURITY UPDATE: Up...

Author: Scott Kitterman
Revision Date: 2013-05-02 22:49:13 UTC

[ Seth Arnold ]
* SECURITY UPDATE: Updated to 0.97.8 to fix multiple security issues.
  - CVE-2013-2020 and CVE-2013-2021

[ Scott Kitterman ]
* Merge from Debian unstable (LP: #1172981). Remaining changes:
  - Drop build-dep on electric-fence (in Universe)
  - Add apparmor profiles for clamd and freshclam along with maintainer
    script changes
* Changes to adapt to Hardy:
  - Build without llvm support on lpia to fix FTBFS (not a regression as
    llvm has never built on hardy lpia)
  - Drop -T -W from apparmor_parser calls in clamav-daemon and freshclam
    postinsts since it is not supported in Hardy's apparmor
  - Drop deny rule in freshclam apparmor profile since deny is not
    supported in Hardy's apparmor
  - Drop dh_lintian from debian/rules and adjust version of debhelper
    build-dep
  - Drop build-dep and libclamav-dev depends on non-existent libtommath-dev
  - Changed Section to 'utils' for clamav-dbg package
  - Ignore test suite errors on hppa
  - Build-depend on libltdl3-dev instead of libltdl-dev
  - Drop hardening flags changes
  - Drop unneeded versioning on lsb-base (clamav ships it's own status
    function)

lp:ubuntu/hardy-updates/clamav bug Mature 2013-05-02 22:49:13 UTC 2013-05-02
56. [ Seth Arnold ] * SECURITY UPDATE: Up...

Author: Scott Kitterman
Revision Date: 2013-05-02 22:49:13 UTC

[ Seth Arnold ]
* SECURITY UPDATE: Updated to 0.97.8 to fix multiple security issues.
  - CVE-2013-2020 and CVE-2013-2021

[ Scott Kitterman ]
* Merge from Debian unstable (LP: #1172981). Remaining changes:
  - Drop build-dep on electric-fence (in Universe)
  - Add apparmor profiles for clamd and freshclam along with maintainer
    script changes
* Changes to adapt to Hardy:
  - Build without llvm support on lpia to fix FTBFS (not a regression as
    llvm has never built on hardy lpia)
  - Drop -T -W from apparmor_parser calls in clamav-daemon and freshclam
    postinsts since it is not supported in Hardy's apparmor
  - Drop deny rule in freshclam apparmor profile since deny is not
    supported in Hardy's apparmor
  - Drop dh_lintian from debian/rules and adjust version of debhelper
    build-dep
  - Drop build-dep and libclamav-dev depends on non-existent libtommath-dev
  - Changed Section to 'utils' for clamav-dbg package
  - Ignore test suite errors on hppa
  - Build-depend on libltdl3-dev instead of libltdl-dev
  - Drop hardening flags changes
  - Drop unneeded versioning on lsb-base (clamav ships it's own status
    function)

lp:ubuntu/hardy-security/curl Mature 2013-04-11 14:11:37 UTC 2013-04-11
31. * SECURITY UPDATE: Incorrect cookie d...

Author: Seth Arnold
Revision Date: 2013-04-11 14:11:37 UTC

* SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
  - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
    when sending cookies. Patch from YAMADA Yasuharu.
  - http://curl.haxx.se/curl-tailmatch.patch
  - CVE-2013-1944

lp:ubuntu/hardy-updates/curl Mature 2013-04-11 14:11:37 UTC 2013-04-11
31. * SECURITY UPDATE: Incorrect cookie d...

Author: Seth Arnold
Revision Date: 2013-04-11 14:11:37 UTC

* SECURITY UPDATE: Incorrect cookie domain handling in tailmatch()
  - debian/patches/curl-tailmatch.patch: enforce strict subdomain match
    when sending cookies. Patch from YAMADA Yasuharu.
  - http://curl.haxx.se/curl-tailmatch.patch
  - CVE-2013-1944

lp:ubuntu/hardy-security/libxslt Development 2013-03-28 13:11:19 UTC 2013-03-28
19. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-03-28 13:11:19 UTC

* SECURITY UPDATE: denial of service via malformed stylesheet
  - libxslt/functions.c, libxslt/keys.c: check for empty values
    tests/*: add tests
  - dc11b6b379a882418093ecc8adf11f6166682e8d
  - 6c99c519d97e5fcbec7a9537d190efb442e4e833
  - CVE-2012-6139

lp:ubuntu/hardy-updates/libxslt Development 2013-03-28 13:11:19 UTC 2013-03-28
19. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-03-28 13:11:19 UTC

* SECURITY UPDATE: denial of service via malformed stylesheet
  - libxslt/functions.c, libxslt/keys.c: check for empty values
    tests/*: add tests
  - dc11b6b379a882418093ecc8adf11f6166682e8d
  - 6c99c519d97e5fcbec7a9537d190efb442e4e833
  - CVE-2012-6139

lp:ubuntu/hardy-security/poppler bug Mature 2013-03-27 14:17:55 UTC 2013-03-27
53. * SECURITY UPDATE: invalid memory acc...

Author: Marc Deslauriers
Revision Date: 2013-03-27 14:17:55 UTC

* SECURITY UPDATE: invalid memory access issues
  - debian/patches/110_security_CVE-2013-1788.patch: add checks in
    poppler/Function.cc, poppler/Stream.cc, splash/Splash.cc.
  - CVE-2013-1788
* SECURITY UPDATE: uninitialized memory read
  - debian/patches/111_security_CVE-2013-1790.patch: properly handle
    refLine in poppler/Stream.cc.
  - CVE-2013-1790

lp:ubuntu/hardy-updates/poppler Mature 2013-03-27 14:17:55 UTC 2013-03-27
53. * SECURITY UPDATE: invalid memory acc...

Author: Marc Deslauriers
Revision Date: 2013-03-27 14:17:55 UTC

* SECURITY UPDATE: invalid memory access issues
  - debian/patches/110_security_CVE-2013-1788.patch: add checks in
    poppler/Function.cc, poppler/Stream.cc, splash/Splash.cc.
  - CVE-2013-1788
* SECURITY UPDATE: uninitialized memory read
  - debian/patches/111_security_CVE-2013-1790.patch: properly handle
    refLine in poppler/Stream.cc.
  - CVE-2013-1790

lp:ubuntu/hardy-security/libxml2 Development 2013-03-26 10:31:51 UTC 2013-03-26
36. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-03-26 10:31:51 UTC

* SECURITY UPDATE: denial of service via entity expansion
  - include/libxml/parser.h, parser.c, parserInternals.c: limit number of
    entity expansions, thanks to Daniel Veillard.
  - http://git.gnome.org/browse/libxml2/commit/?id=23f05e0c33987d6605387b300c4be5da2120a7ab
  - CVE-2013-0338

lp:ubuntu/hardy-updates/libxml2 Development 2013-03-26 10:31:51 UTC 2013-03-26
36. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-03-26 10:31:51 UTC

* SECURITY UPDATE: denial of service via entity expansion
  - include/libxml/parser.h, parser.c, parserInternals.c: limit number of
    entity expansions, thanks to Daniel Veillard.
  - http://git.gnome.org/browse/libxml2/commit/?id=23f05e0c33987d6605387b300c4be5da2120a7ab
  - CVE-2013-0338

lp:ubuntu/hardy-security/php5 bug Development 2013-03-11 07:55:03 UTC 2013-03-11
48. * SECURITY UPDATE: arbitrary file dis...

Author: Marc Deslauriers
Revision Date: 2013-03-11 07:55:03 UTC

* SECURITY UPDATE: arbitrary file disclosure via XML External Entity
  - debian/patches/CVE-2013-1643.patch: disable the entity loader in
    ext/libxml/libxml.c, ext/libxml/php_libxml.h, ext/soap/php_xml.c.
  - CVE-2013-1643

lp:ubuntu/hardy-updates/php5 bug Development 2013-03-11 07:55:03 UTC 2013-03-11
48. * SECURITY UPDATE: arbitrary file dis...

Author: Marc Deslauriers
Revision Date: 2013-03-11 07:55:03 UTC

* SECURITY UPDATE: arbitrary file disclosure via XML External Entity
  - debian/patches/CVE-2013-1643.patch: disable the entity loader in
    ext/libxml/libxml.c, ext/libxml/php_libxml.h, ext/soap/php_xml.c.
  - CVE-2013-1643

lp:ubuntu/hardy-security/apache2-mpm-itk bug Mature 2013-03-08 15:23:53 UTC 2013-03-08
30. No-change rebuild to handle updated a...

Author: Marc Deslauriers
Revision Date: 2013-03-08 15:23:53 UTC

No-change rebuild to handle updated apache source.

lp:ubuntu/hardy-updates/apache2-mpm-itk Mature 2013-03-08 15:23:53 UTC 2013-03-08
30. No-change rebuild to handle updated a...

Author: Marc Deslauriers
Revision Date: 2013-03-08 15:23:53 UTC

No-change rebuild to handle updated apache source.

lp:ubuntu/hardy-security/sudo Development 2013-02-27 14:28:45 UTC 2013-02-27
28. * SECURITY UPDATE: authentication byp...

Author: Marc Deslauriers
Revision Date: 2013-02-27 14:28:45 UTC

* SECURITY UPDATE: authentication bypass via clock set to epoch
  - debian/patches/CVE-2013-1775.patch: ignore time stamp file if it is
    set to epoch in check.c.
  - backported from ddf399e3e306ca238f6f1cda8153889b15bba12e
  - CVE-2013-1775

lp:ubuntu/hardy-updates/sudo Development 2013-02-27 14:28:45 UTC 2013-02-27
28. * SECURITY UPDATE: authentication byp...

Author: Marc Deslauriers
Revision Date: 2013-02-27 14:28:45 UTC

* SECURITY UPDATE: authentication bypass via clock set to epoch
  - debian/patches/CVE-2013-1775.patch: ignore time stamp file if it is
    set to epoch in check.c.
  - backported from ddf399e3e306ca238f6f1cda8153889b15bba12e
  - CVE-2013-1775

lp:ubuntu/hardy-security/gnutls13 bug Mature 2013-02-25 13:50:40 UTC 2013-02-25
19. * SECURITY UPDATE: "Lucky Thirteen" t...

Author: Marc Deslauriers
Revision Date: 2013-02-25 13:50:40 UTC

* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
  - debian/patches/91_CVE-2013-1619.diff: avoid timing attacks in
    lib/gnutls_cipher.c, lib/gnutls_hash_int.h.
  - CVE-2013-1619

lp:ubuntu/hardy-updates/gnutls13 Mature 2013-02-25 13:50:40 UTC 2013-02-25
19. * SECURITY UPDATE: "Lucky Thirteen" t...

Author: Marc Deslauriers
Revision Date: 2013-02-25 13:50:40 UTC

* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
  - debian/patches/91_CVE-2013-1619.diff: avoid timing attacks in
    lib/gnutls_cipher.c, lib/gnutls_hash_int.h.
  - CVE-2013-1619

lp:ubuntu/hardy-security/openssl bug Mature 2013-02-18 15:49:05 UTC 2013-02-18
37. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-02-18 15:49:05 UTC

* SECURITY UPDATE: denial of service via invalid OCSP key
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=66e8211c0b1347970096e04b18aa52567c325200
  - CVE-2013-0166
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=270881316664396326c461ec7a124aec2c6cc081
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=35a65e814beb899fa1c69a7673a8956c6059dce7
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a33e6702a0db1b9f4648d247b8b28a5c0e42ca13
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2928cb4c82d6516d9e65ede4901a5957d8c39c32
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b3a959a337b8083bc855623f24cebaf43a477350
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=be88529753897c29c677d1becb321f0072c0659c
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=99f5093347c65eecbd05f0668aea94b32fcf20d7
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=24b28060975c01b749391778d13ec2ea1323a1aa
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=924b11742296c13816a9f301e76fea023003920c
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=c23a7458209e773ffcd42bdcfa5cf2564df86bd7
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1909df070fb5c5b87246a2de19c17588deba5818
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=33ccde59a1ece0f68cc4b64e930001ab230725b1
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5f9345a2f0b592457fc4a619ac98ea59ffd394ba
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=40e0de03955e218f45a7979cb46fba193f4e7fc2
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1213e6c3c2d7abeeb886d911a3c6c06c5da2e3a4
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca3b81c8580a609edac1f13a3f62d4348d66c3a8
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6351adecb4726476def5f5ad904a7d2e63480d53
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fb092ef4fca897344daf7189526f5f26be6487ce
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=59b1129e0a50fdf7e4e58d7c355783a7bfc1f44c
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4ea7019165db53b92b4284461c5c88bfe7c6e57d
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=76c61a5d1adb92388f39e585e4af860a20feb9bb
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ff58eaa4b645a38f3a226cf566d969fffa64ef94
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5864fd2061f43dc8f89b5755f19bd2a35dec636c
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fbe621d08f2026926c91c1c5f386b27605e39a43
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a8655eb21a7f9a313db18daa6ccaed928fb6027c
  - CVE-2013-0169

lp:ubuntu/hardy-updates/openssl bug Mature 2013-02-18 15:49:05 UTC 2013-02-18
37. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-02-18 15:49:05 UTC

* SECURITY UPDATE: denial of service via invalid OCSP key
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=66e8211c0b1347970096e04b18aa52567c325200
  - CVE-2013-0166
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=270881316664396326c461ec7a124aec2c6cc081
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=35a65e814beb899fa1c69a7673a8956c6059dce7
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a33e6702a0db1b9f4648d247b8b28a5c0e42ca13
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2928cb4c82d6516d9e65ede4901a5957d8c39c32
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b3a959a337b8083bc855623f24cebaf43a477350
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=be88529753897c29c677d1becb321f0072c0659c
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=99f5093347c65eecbd05f0668aea94b32fcf20d7
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=24b28060975c01b749391778d13ec2ea1323a1aa
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=924b11742296c13816a9f301e76fea023003920c
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=c23a7458209e773ffcd42bdcfa5cf2564df86bd7
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1909df070fb5c5b87246a2de19c17588deba5818
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=33ccde59a1ece0f68cc4b64e930001ab230725b1
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5f9345a2f0b592457fc4a619ac98ea59ffd394ba
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=40e0de03955e218f45a7979cb46fba193f4e7fc2
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1213e6c3c2d7abeeb886d911a3c6c06c5da2e3a4
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca3b81c8580a609edac1f13a3f62d4348d66c3a8
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=6351adecb4726476def5f5ad904a7d2e63480d53
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fb092ef4fca897344daf7189526f5f26be6487ce
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=59b1129e0a50fdf7e4e58d7c355783a7bfc1f44c
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4ea7019165db53b92b4284461c5c88bfe7c6e57d
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=76c61a5d1adb92388f39e585e4af860a20feb9bb
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ff58eaa4b645a38f3a226cf566d969fffa64ef94
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=5864fd2061f43dc8f89b5755f19bd2a35dec636c
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=fbe621d08f2026926c91c1c5f386b27605e39a43
  - http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a8655eb21a7f9a313db18daa6ccaed928fb6027c
  - CVE-2013-0169

lp:ubuntu/hardy-security/freetype bug Mature 2013-01-11 15:18:51 UTC 2013-01-11
24. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-01-11 15:18:51 UTC

* SECURITY UPDATE: denial of service and possible code execution via NULL
  pointer dereference
  - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
    of allocation error in src/bdf/bdflib.c.
  - CVE-2012-5668
* SECURITY UPDATE: denial of service and possible code execution via heap
  buffer over-read in BDF parsing
  - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
    in src/bdf/bdflib.c.
  - CVE-2012-5669

lp:ubuntu/hardy-updates/freetype Mature 2013-01-11 15:18:51 UTC 2013-01-11
24. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-01-11 15:18:51 UTC

* SECURITY UPDATE: denial of service and possible code execution via NULL
  pointer dereference
  - debian/patches-freetype/CVE-2012-5668.patch: reset props_size in case
    of allocation error in src/bdf/bdflib.c.
  - CVE-2012-5668
* SECURITY UPDATE: denial of service and possible code execution via heap
  buffer over-read in BDF parsing
  - debian/patches-freetype/CVE-2012-5669.patch: use correct array size
    in src/bdf/bdflib.c.
  - CVE-2012-5669

lp:ubuntu/hardy-security/gnupg Mature 2013-01-08 10:57:13 UTC 2013-01-08
22. * SECURITY UPDATE: keyring corruption...

Author: Marc Deslauriers
Revision Date: 2013-01-08 10:57:13 UTC

* SECURITY UPDATE: keyring corruption via malformed key import
  - debian/patches/CVE-2012-6085.dpatch: validate PKTTYPE in g10/import.c.
  - CVE-2012-6085

lp:ubuntu/hardy-updates/gnupg Mature 2013-01-08 10:57:13 UTC 2013-01-08
22. * SECURITY UPDATE: keyring corruption...

Author: Marc Deslauriers
Revision Date: 2013-01-08 10:57:13 UTC

* SECURITY UPDATE: keyring corruption via malformed key import
  - debian/patches/CVE-2012-6085.dpatch: validate PKTTYPE in g10/import.c.
  - CVE-2012-6085

lp:ubuntu/hardy-security/glibc bug Mature 2012-12-17 14:15:48 UTC 2012-12-17
95. debian/patches/any/strtod_overflow_bu...

Author: Marc Deslauriers
Revision Date: 2012-12-15 09:39:36 UTC

debian/patches/any/strtod_overflow_bug7066.patch: Fix array
overflow in floating point parser triggered by applying patch for
CVE-2012-3480 (LP: #1090740)

lp:ubuntu/hardy-updates/glibc Mature 2012-12-15 09:39:36 UTC 2012-12-15
95. debian/patches/any/strtod_overflow_bu...

Author: Marc Deslauriers
Revision Date: 2012-12-15 09:39:36 UTC

debian/patches/any/strtod_overflow_bug7066.patch: Fix array
overflow in floating point parser triggered by applying patch for
CVE-2012-3480 (LP: #1090740)

lp:ubuntu/hardy-security/tiff bug Development 2012-12-03 22:14:50 UTC 2012-12-03
24. * SECURITY UPDATE: denial of service ...

Author: Seth Arnold
Revision Date: 2012-12-03 22:14:50 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  PAGENUMBER, HALFTONEHINTS, YCBCRSUBSAMPLING, and DOTRANGE tags.
  - debian/patches/z_CVE-2012-5581.patch: remove special cases of tags,
    improve DOTRANGE tag case
  - CVE-2012-5581

lp:ubuntu/hardy-updates/tiff Development 2012-12-03 22:14:50 UTC 2012-12-03
24. * SECURITY UPDATE: denial of service ...

Author: Seth Arnold
Revision Date: 2012-12-03 22:14:50 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  PAGENUMBER, HALFTONEHINTS, YCBCRSUBSAMPLING, and DOTRANGE tags.
  - debian/patches/z_CVE-2012-5581.patch: remove special cases of tags,
    improve DOTRANGE tag case
  - CVE-2012-5581

lp:ubuntu/hardy-security/python2.4 Mature 2012-10-15 16:57:31 UTC 2012-10-15
49. * SECURITY UPDATE: optionally disallo...

Author: Jamie Strandboge
Revision Date: 2012-10-15 16:57:31 UTC

* SECURITY UPDATE: optionally disallow setting sys.path when setting
  sys.argv
  - debian/patches/CVE-2008-5983.dpatch: add new C API function,
    PySys_SetArgvEx
  - CVE-2008-5983
* SECURITY UPDATE: fix integer overflows in audioop module
  - debian/patches/CVE-2010-1634.dpatch: Fix incorrect and UB-inducing
    overflow checks
  - CVE-2010-1634
* SECURITY UPDATE: fix DoS in audioop module
  - debian/patches/CVE-2010-2089.dpatch: ensure that the input string length
    is a multiple of the frame size
  - CVE-2010-2089
* SECURITY UPDATE: Fix CGIHTTPServer information disclosure.
  - debian/patches/CVE-2011-1015.dpatch: Relative paths are now collapsed
    within the url properly before looking in cgi_directories.
  - CVE-2011-1015
* SECURITY UPDATE: update urllib and urllib2 for invalid redirections
  - debian/patches/CVE-2011-1521.dpatch: only process Location headers for
    http, https, and ftp
  - http://bugs.python.org/issue11662
  - CVE-2011-1521
* SECURITY UPDATE: fix XSS in SimpleHTTPServer
  - debian/patches/CVE-2011-4940.dpatch: add a charset parameter to the
    Content-type
  - CVE-2011-4940
* SECURE UPDATE: http://bugs.python.org/issue13512
  - debian/patches/CVE-2011-4944.dpatch: create ~/.pypirc securely
  - CVE-2011-4944
* SECURITY UPDATE: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon
  malformed POST request
  - debian/patches/CVE-2012-0845.dpatch: break if don't receive EOF in
    Lib/SimpleXMLRPCServer.py
  - CVE-2012-0845
* SECURITY UPDATE: Denial of service via hash collisions
  - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Add random salt value
    to hash inputs in lib/xmlparse.c
  - CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
  - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Properly reallocate
    memory in lib/xmlparse.c
  - CVE-2012-1148
* SECURITY UPDATE: fix DoS in smtpd.py
  - debian/patches/CVE-2010-3493.dpatch: adds proper error handling on
    accept() when smtpd accepts new incoming connections
  - http://bugs.python.org/issue9129
  - CVE-2010-3493
* debian/patches/testsuite-linux3.dpatch: adjust testsuite for linux3

lp:ubuntu/hardy-updates/python2.4 Mature 2012-10-15 16:57:31 UTC 2012-10-15
49. * SECURITY UPDATE: optionally disallo...

Author: Jamie Strandboge
Revision Date: 2012-10-15 16:57:31 UTC

* SECURITY UPDATE: optionally disallow setting sys.path when setting
  sys.argv
  - debian/patches/CVE-2008-5983.dpatch: add new C API function,
    PySys_SetArgvEx
  - CVE-2008-5983
* SECURITY UPDATE: fix integer overflows in audioop module
  - debian/patches/CVE-2010-1634.dpatch: Fix incorrect and UB-inducing
    overflow checks
  - CVE-2010-1634
* SECURITY UPDATE: fix DoS in audioop module
  - debian/patches/CVE-2010-2089.dpatch: ensure that the input string length
    is a multiple of the frame size
  - CVE-2010-2089
* SECURITY UPDATE: Fix CGIHTTPServer information disclosure.
  - debian/patches/CVE-2011-1015.dpatch: Relative paths are now collapsed
    within the url properly before looking in cgi_directories.
  - CVE-2011-1015
* SECURITY UPDATE: update urllib and urllib2 for invalid redirections
  - debian/patches/CVE-2011-1521.dpatch: only process Location headers for
    http, https, and ftp
  - http://bugs.python.org/issue11662
  - CVE-2011-1521
* SECURITY UPDATE: fix XSS in SimpleHTTPServer
  - debian/patches/CVE-2011-4940.dpatch: add a charset parameter to the
    Content-type
  - CVE-2011-4940
* SECURE UPDATE: http://bugs.python.org/issue13512
  - debian/patches/CVE-2011-4944.dpatch: create ~/.pypirc securely
  - CVE-2011-4944
* SECURITY UPDATE: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon
  malformed POST request
  - debian/patches/CVE-2012-0845.dpatch: break if don't receive EOF in
    Lib/SimpleXMLRPCServer.py
  - CVE-2012-0845
* SECURITY UPDATE: Denial of service via hash collisions
  - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Add random salt value
    to hash inputs in lib/xmlparse.c
  - CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
  - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Properly reallocate
    memory in lib/xmlparse.c
  - CVE-2012-1148
* SECURITY UPDATE: fix DoS in smtpd.py
  - debian/patches/CVE-2010-3493.dpatch: adds proper error handling on
    accept() when smtpd accepts new incoming connections
  - http://bugs.python.org/issue9129
  - CVE-2010-3493
* debian/patches/testsuite-linux3.dpatch: adjust testsuite for linux3

lp:ubuntu/hardy-security/python2.5 Mature 2012-10-12 09:03:09 UTC 2012-10-12
52. * SECURITY UPDATE: optionally disallo...

Author: Jamie Strandboge
Revision Date: 2012-10-12 09:03:09 UTC

* SECURITY UPDATE: optionally disallow setting sys.path when setting
  sys.argv
  - debian/patches/CVE-2008-5983.dpatch: add new C API function,
    PySys_SetArgvEx
  - CVE-2008-5983
* SECURITY UPDATE: fix integer overflows in audioop module
  - debian/patches/CVE-2010-1634.dpatch: Fix incorrect and UB-inducing
    overflow checks
  - CVE-2010-1634
* SECURITY UPDATE: fix DoS in audioop module
  - debian/patches/CVE-2010-2089.dpatch: ensure that the input string length
    is a multiple of the frame size
  - CVE-2010-2089
* SECURITY UPDATE: Fix CGIHTTPServer information disclosure.
  - debian/patches/CVE-2011-1015.dpatch: Relative paths are now collapsed
    within the url properly before looking in cgi_directories.
  - CVE-2011-1015
* SECURITY UPDATE: update urllib and urllib2 for invalid redirections
  - debian/patches/CVE-2011-1521.dpatch: only process Location headers for
    http, https, and ftp
  - http://bugs.python.org/issue11662
  - CVE-2011-1521
* SECURITY UPDATE: fix XSS in SimpleHTTPServer
  - debian/patches/CVE-2011-4940.dpatch: add a charset parameter to the
    Content-type
  - CVE-2011-4940
* SECURE UPDATE: http://bugs.python.org/issue13512
  - debian/patches/CVE-2011-4944.dpatch: create ~/.pypirc securely
  - CVE-2011-4944
* SECURITY UPDATE: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon
  malformed POST request
  - debian/patches/CVE-2012-0845.dpatch: break if don't receive EOF in
    Lib/SimpleXMLRPCServer.py
  - CVE-2012-0845
* SECURITY UPDATE: Denial of service via hash collisions
  - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Add random salt value
    to hash inputs in lib/xmlparse.c
  - CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
  - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Properly reallocate
    memory in lib/xmlparse.c
  - CVE-2012-1148
* SECURITY UPDATE: fix DoS in smtpd.py
  - debian/patches/CVE-2010-3493.dpatch: adds proper error handling on
    accept() when smtpd accepts new incoming connections
  - http://bugs.python.org/issue9129
  - CVE-2010-3493

lp:ubuntu/hardy-updates/python2.5 Mature 2012-10-12 09:03:09 UTC 2012-10-12
52. * SECURITY UPDATE: optionally disallo...

Author: Jamie Strandboge
Revision Date: 2012-10-12 09:03:09 UTC

* SECURITY UPDATE: optionally disallow setting sys.path when setting
  sys.argv
  - debian/patches/CVE-2008-5983.dpatch: add new C API function,
    PySys_SetArgvEx
  - CVE-2008-5983
* SECURITY UPDATE: fix integer overflows in audioop module
  - debian/patches/CVE-2010-1634.dpatch: Fix incorrect and UB-inducing
    overflow checks
  - CVE-2010-1634
* SECURITY UPDATE: fix DoS in audioop module
  - debian/patches/CVE-2010-2089.dpatch: ensure that the input string length
    is a multiple of the frame size
  - CVE-2010-2089
* SECURITY UPDATE: Fix CGIHTTPServer information disclosure.
  - debian/patches/CVE-2011-1015.dpatch: Relative paths are now collapsed
    within the url properly before looking in cgi_directories.
  - CVE-2011-1015
* SECURITY UPDATE: update urllib and urllib2 for invalid redirections
  - debian/patches/CVE-2011-1521.dpatch: only process Location headers for
    http, https, and ftp
  - http://bugs.python.org/issue11662
  - CVE-2011-1521
* SECURITY UPDATE: fix XSS in SimpleHTTPServer
  - debian/patches/CVE-2011-4940.dpatch: add a charset parameter to the
    Content-type
  - CVE-2011-4940
* SECURE UPDATE: http://bugs.python.org/issue13512
  - debian/patches/CVE-2011-4944.dpatch: create ~/.pypirc securely
  - CVE-2011-4944
* SECURITY UPDATE: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon
  malformed POST request
  - debian/patches/CVE-2012-0845.dpatch: break if don't receive EOF in
    Lib/SimpleXMLRPCServer.py
  - CVE-2012-0845
* SECURITY UPDATE: Denial of service via hash collisions
  - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Add random salt value
    to hash inputs in lib/xmlparse.c
  - CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
  - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Properly reallocate
    memory in lib/xmlparse.c
  - CVE-2012-1148
* SECURITY UPDATE: fix DoS in smtpd.py
  - debian/patches/CVE-2010-3493.dpatch: adds proper error handling on
    accept() when smtpd accepts new incoming connections
  - http://bugs.python.org/issue9129
  - CVE-2010-3493

lp:ubuntu/hardy-backports/clamav bug Mature 2012-10-11 23:22:56 UTC 2012-10-11
24. * Source backport update for latest c...

Author: Scott Kitterman
Revision Date: 2012-10-08 18:11:31 UTC

* Source backport update for latest clamav release for hardy(LP: #1064096)
  - Build without llvm support on lpia to fix FTBFS (not a regression as
    llvm has never built on hardy lpia)
  - Drop -T -W from apparmor_parser calls in clamav-daemon and freshclam
    postinsts since it is not supported in Hardy's apparmor
  - Drop deny rule in freshclam apparmor profile since deny is not
    supported in Hardy's apparmor
  - Drop dh_lintian from debian/rules and adjust version of debhelper
    build-dep
  - Drop build-dep and libclamav-dev depends on non-existent libtommath-dev
  - Changed Section to 'utils' for clamav-dbg package
  - Ignore test suite errors on hppa
  - Build-depend on libltdl3-dev instead of libltdl-dev
  - Drop hardening flags changes
  - Drop unneeded versioning on lsb-base (clamav ships it's own status
    function)

lp:ubuntu/hardy-security/bind9 Mature 2012-10-05 09:47:25 UTC 2012-10-05
38. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-10-05 09:47:25 UTC

* SECURITY UPDATE: denial of service via specific combinations of RDATA
  - bin/named/query.c: fix logic
  - Patch backported from 9.8.3-P4
  - CVE-2012-5166

lp:ubuntu/hardy-updates/bind9 bug Mature 2012-10-05 09:47:25 UTC 2012-10-05
39. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-10-05 09:47:25 UTC

* SECURITY UPDATE: denial of service via specific combinations of RDATA
  - bin/named/query.c: fix logic
  - Patch backported from 9.8.3-P4
  - CVE-2012-5166

lp:ubuntu/hardy-security/dbus bug Mature 2012-10-04 12:20:26 UTC 2012-10-04
58. * REGRESSION FIX: some applications l...

Author: Marc Deslauriers
Revision Date: 2012-10-03 12:59:30 UTC

* REGRESSION FIX: some applications launched with the activation helper
  may need DBUS_STARTER_ADDRESS. (LP: #1058343)
  - debian/patches/87-CVE-2012-3524-regression-fix.patch: hardcode the
    starter address to the default system bus address.

lp:ubuntu/hardy-updates/dbus bug Mature 2012-10-03 12:59:30 UTC 2012-10-03
58. * REGRESSION FIX: some applications l...

Author: Marc Deslauriers
Revision Date: 2012-10-03 12:59:30 UTC

* REGRESSION FIX: some applications launched with the activation helper
  may need DBUS_STARTER_ADDRESS. (LP: #1058343)
  - debian/patches/87-CVE-2012-3524-regression-fix.patch: hardcode the
    starter address to the default system bus address.

lp:ubuntu/hardy-security/ghostscript bug Mature 2012-09-21 08:58:24 UTC 2012-09-21
28. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-09-21 08:58:24 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  icclib overflow
  - debian/patches/CVE-2012-4405.dpatch: validate input channels in
    icclib/icc.c.
  - CVE-2012-4405

lp:ubuntu/hardy-updates/ghostscript Mature 2012-09-21 08:58:24 UTC 2012-09-21
28. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-09-21 08:58:24 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  icclib overflow
  - debian/patches/CVE-2012-4405.dpatch: validate input channels in
    icclib/icc.c.
  - CVE-2012-4405

lp:ubuntu/hardy-updates/libapache2-mod-rpaf Mature 2012-08-29 20:03:24 UTC 2012-08-29
3. fake sync from Debian

Author: Steve Beattie
Revision Date: 2012-08-22 16:17:50 UTC

fake sync from Debian

lp:ubuntu/hardy-security/libapache2-mod-rpaf Mature 2012-08-29 19:43:51 UTC 2012-08-29
3. fake sync from Debian

Author: Steve Beattie
Revision Date: 2012-08-22 16:17:50 UTC

fake sync from Debian

lp:ubuntu/hardy-updates/libgc Mature 2012-08-28 22:19:21 UTC 2012-08-28
10. * SECURITY UPDATE: multiple integer o...

Author: Steve Beattie
Revision Date: 2012-08-01 23:39:09 UTC

* SECURITY UPDATE: multiple integer overflows
  - debian/patches/CVE-2012-2673.patch: check for integer overflow in
    internal malloc and calloc routines.
  - CVE-2012-2673

lp:ubuntu/hardy-security/libgc Mature 2012-08-28 21:21:30 UTC 2012-08-28
10. * SECURITY UPDATE: multiple integer o...

Author: Steve Beattie
Revision Date: 2012-08-01 23:39:09 UTC

* SECURITY UPDATE: multiple integer overflows
  - debian/patches/CVE-2012-2673.patch: check for integer overflow in
    internal malloc and calloc routines.
  - CVE-2012-2673

lp:ubuntu/hardy-security/jabberd2 Mature 2012-08-23 08:22:01 UTC 2012-08-23
14. * SECURITY UPDATE: Fixed possibility ...

Author: Jamie Strandboge
Revision Date: 2012-08-23 08:22:01 UTC

* SECURITY UPDATE: Fixed possibility of Unsolicited Dialback Attacks
  - debian/patches/CVE-2012-3525.dpatch: check Verify Response and
    Authorization Response in s2s sessions
  - CVE-2012-3525

lp:ubuntu/hardy-updates/jabberd2 Mature 2012-08-23 08:22:01 UTC 2012-08-23
14. * SECURITY UPDATE: Fixed possibility ...

Author: Jamie Strandboge
Revision Date: 2012-08-23 08:22:01 UTC

* SECURITY UPDATE: Fixed possibility of Unsolicited Dialback Attacks
  - debian/patches/CVE-2012-3525.dpatch: check Verify Response and
    Authorization Response in s2s sessions
  - CVE-2012-3525

lp:ubuntu/hardy-proposed/gnupg Mature 2012-08-21 17:05:47 UTC 2012-08-21
21. debian/patches/long-keyids.dpatch: Us...

Author: Marc Deslauriers
Revision Date: 2012-08-14 08:43:58 UTC

debian/patches/long-keyids.dpatch: Use the longest key ID available
when requesting a key from a key server.

lp:ubuntu/hardy-proposed/gnupg2 Mature 2012-08-21 16:59:43 UTC 2012-08-21
21. * keyserver/gpgkeys_hkp.c: Use the lo...

Author: Marc Deslauriers
Revision Date: 2012-08-14 14:32:25 UTC

* keyserver/gpgkeys_hkp.c: Use the longest key ID available when
  requesting a key from a key server.
  - http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3005b0a6f43e53bed2f9b6fba7ad1205bdb29bc5

lp:ubuntu/hardy-proposed/tzdata bug Mature 2012-08-15 21:00:51 UTC 2012-08-15
70. * New upstream release 2012e: - Fix...

Author: Adam Conrad
Revision Date: 2012-08-14 15:43:23 UTC

* New upstream release 2012e:
  - Fixes timezone data for Port-au-Prince, Haiti (LP: #1031836)
* Update debian/copyright and debian/watch for new upstream.

lp:ubuntu/hardy-updates/tzdata Mature 2012-08-14 15:43:23 UTC 2012-08-14
70. * New upstream release 2012e: - Fix...

Author: Adam Conrad
Revision Date: 2012-08-14 15:43:23 UTC

* New upstream release 2012e:
  - Fixes timezone data for Port-au-Prince, Haiti (LP: #1031836)
* Update debian/copyright and debian/watch for new upstream.

lp:ubuntu/hardy-security/gnupg2 Mature 2012-08-14 14:32:25 UTC 2012-08-14
21. * keyserver/gpgkeys_hkp.c: Use the lo...

Author: Marc Deslauriers
Revision Date: 2012-08-14 14:32:25 UTC

* keyserver/gpgkeys_hkp.c: Use the longest key ID available when
  requesting a key from a key server.
  - http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3005b0a6f43e53bed2f9b6fba7ad1205bdb29bc5

lp:ubuntu/hardy-updates/gnupg2 Mature 2012-08-14 14:32:25 UTC 2012-08-14
21. * keyserver/gpgkeys_hkp.c: Use the lo...

Author: Marc Deslauriers
Revision Date: 2012-08-14 14:32:25 UTC

* keyserver/gpgkeys_hkp.c: Use the longest key ID available when
  requesting a key from a key server.
  - http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3005b0a6f43e53bed2f9b6fba7ad1205bdb29bc5

lp:ubuntu/hardy-security/expat Mature 2012-08-09 12:05:43 UTC 2012-08-09
10. * SECURITY UPDATE: Denial of service ...

Author: Tyler Hicks
Revision Date: 2012-08-09 12:05:43 UTC

* SECURITY UPDATE: Denial of service via hash collisions
  - lib/xmlparse.c: Add random salt value to hash inputs
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/expat.h?r1=1.80&r2=1.81
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.167&r2=1.168
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.168&r2=1.169
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.169&r2=1.170
  - CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
  - lib/xmlparse.c: Properly reallocate memory
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166&r2=1.167
  - CVE-2012-1148

lp:ubuntu/hardy-updates/expat Mature 2012-08-09 12:05:43 UTC 2012-08-09
10. * SECURITY UPDATE: Denial of service ...

Author: Tyler Hicks
Revision Date: 2012-08-09 12:05:43 UTC

* SECURITY UPDATE: Denial of service via hash collisions
  - lib/xmlparse.c: Add random salt value to hash inputs
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/expat.h?r1=1.80&r2=1.81
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.167&r2=1.168
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.168&r2=1.169
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.169&r2=1.170
  - CVE-2012-0876
* SECURITY UPDATE: Denial of service via memory leak
  - lib/xmlparse.c: Properly reallocate memory
  - http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.166&r2=1.167
  - CVE-2012-1148

lp:ubuntu/hardy-security/libexif bug Mature 2012-07-23 18:52:01 UTC 2012-07-23
7. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-07-19 14:46:59 UTC

* SECURITY UPDATE: denial of service and possible info disclosure via
  corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213)
  - debian/patches/CVE-2012-2812.dpatch: fix reading tags that aren't
    NUL-terminated in libexif/exif-entry.c.
  - CVE-2012-2812
* SECURITY UPDATE: denial of service and possible info disclosure via
  UTF-16 tag (LP: #1024213)
  - debian/patches/CVE-2012-2813.dpatch: don't read past the end of a
    tag when converting from UTF-16 in libexif/exif-entry.c.
  - CVE-2012-2813
* SECURITY UPDATE: denial of service and possible code execution via
  crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2814.dpatch: fix buffer overflows in
    libexif/exif-entry.c.
  - CVE-2012-2814
* SECURITY UPDATE: denial of service and possible info disclosure via
  crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2836.dpatch: fix buffer overflows in
    libexif/exif-data.c
  - CVE-2012-2836
* SECURITY UPDATE: denial of service via crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2837.dpatch: fix some possible
    division-by-zeros in libexif/olympus/mnote-olympus-entry.c.
  - CVE-2012-2837
* SECURITY UPDATE: denial of service and possible code execution via
  crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2840.dpatch: fix off-by-one in
    libexif/exif-utils.c.
  - CVE-2012-2840
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect buffer size (LP: #1024213)
  - debian/patches/CVE-2012-2841.dpatch: validate buffer length in
    libexif/exif-entry.c.
  - CVE-2012-2841

lp:ubuntu/hardy-updates/silo Mature 2012-07-20 13:48:15 UTC 2012-07-20
17. Don't run siloconfig from the postins...

Author: Adam Conrad
Revision Date: 2012-07-12 19:30:46 UTC

Don't run siloconfig from the postinst if we're running in a
launchpad-style buildd chroot, fixing d-i FTBFS (LP: #431106)

lp:ubuntu/hardy-updates/libexif bug Development 2012-07-19 14:46:59 UTC 2012-07-19
7. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-07-19 14:46:59 UTC

* SECURITY UPDATE: denial of service and possible info disclosure via
  corrupted EXIF_TAG_COPYRIGHT tag (LP: #1024213)
  - debian/patches/CVE-2012-2812.dpatch: fix reading tags that aren't
    NUL-terminated in libexif/exif-entry.c.
  - CVE-2012-2812
* SECURITY UPDATE: denial of service and possible info disclosure via
  UTF-16 tag (LP: #1024213)
  - debian/patches/CVE-2012-2813.dpatch: don't read past the end of a
    tag when converting from UTF-16 in libexif/exif-entry.c.
  - CVE-2012-2813
* SECURITY UPDATE: denial of service and possible code execution via
  crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2814.dpatch: fix buffer overflows in
    libexif/exif-entry.c.
  - CVE-2012-2814
* SECURITY UPDATE: denial of service and possible info disclosure via
  crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2836.dpatch: fix buffer overflows in
    libexif/exif-data.c
  - CVE-2012-2836
* SECURITY UPDATE: denial of service via crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2837.dpatch: fix some possible
    division-by-zeros in libexif/olympus/mnote-olympus-entry.c.
  - CVE-2012-2837
* SECURITY UPDATE: denial of service and possible code execution via
  crafted tags (LP: #1024213)
  - debian/patches/CVE-2012-2840.dpatch: fix off-by-one in
    libexif/exif-utils.c.
  - CVE-2012-2840
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect buffer size (LP: #1024213)
  - debian/patches/CVE-2012-2841.dpatch: validate buffer length in
    libexif/exif-entry.c.
  - CVE-2012-2841

lp:ubuntu/hardy-proposed/silo bug Mature 2012-07-13 02:43:57 UTC 2012-07-13
17. Don't run siloconfig from the postins...

Author: Adam Conrad
Revision Date: 2012-07-12 19:30:46 UTC

Don't run siloconfig from the postinst if we're running in a
launchpad-style buildd chroot, fixing d-i FTBFS (LP: #431106)

lp:ubuntu/hardy-updates/apport Mature 2012-07-06 05:22:18 UTC 2012-07-06
109. * etc/cron.daily/apport: Only attempt...

Author: Jamie Strandboge
Revision Date: 2009-04-29 08:32:35 UTC

* etc/cron.daily/apport: Only attempt to remove files and symlinks, do not
  descend into subdirectories of /var/crash/. Doing so might be exploited by
  a race condition between find traversing a huge directory tree, changing
  an existing subdir into a symlink to e. g. /etc/, and finally getting that
  piped to rm. Patch based on work from Martin Pitt. Thanks to Stephane
  Chazelas for discovering this!
  - LP: #357024
  - CVE-2009-1295

lp:ubuntu/hardy-proposed/apport Mature 2012-07-06 05:22:12 UTC 2012-07-06
110. * debian/control: Update Vcs-Bzr: for...

Author: Martin Pitt
Revision Date: 2008-05-17 13:01:24 UTC

* debian/control: Update Vcs-Bzr: for the hardy branch.
* apport/packaging.py: Introduce a new function enabled() which reports
  whether Apport should create crash reports. Signal crashes are controlled
  by /proc/sys/kernel/core_pattern, but we need that to control whether
  reports for Python, package, or kernel crashes are generated.
* backends/packaging-apt-dpkg.py: Provide implementation for
  PackageInfo.enabled() for Debian/Ubuntu by evaluating /etc/default/apport.
  Add various test cases for different configuration files and absent files.
* apport_python_hook.py: Do not create reports if Apport is disabled (in
  /etc/default/apport). (LP: #222260)

lp:ubuntu/hardy-security/apport bug Mature 2012-07-06 05:22:05 UTC 2012-07-06
109. * etc/cron.daily/apport: Only attempt...

Author: Jamie Strandboge
Revision Date: 2009-04-29 08:32:35 UTC

* etc/cron.daily/apport: Only attempt to remove files and symlinks, do not
  descend into subdirectories of /var/crash/. Doing so might be exploited by
  a race condition between find traversing a huge directory tree, changing
  an existing subdir into a symlink to e. g. /etc/, and finally getting that
  piped to rm. Patch based on work from Martin Pitt. Thanks to Stephane
  Chazelas for discovering this!
  - LP: #357024
  - CVE-2009-1295

lp:ubuntu/hardy/apport Mature 2012-07-06 05:22:00 UTC 2012-07-06
108. [ Martin Pitt ] * apport-{gtk,qt,cli}...

Author: Martin Pitt
Revision Date: 2008-04-16 12:24:32 UTC

[ Martin Pitt ]
* apport-{gtk,qt,cli}: Fix handling of file references added by package
  hooks. (LP: #205163)
* backends/packaging_rpm.py: Fix dependency resolution of uname(*) in the
  RPM backend. Thanks to Patryk Zawadzki! (LP: #213018)
* backends/packaging_rpm.py: Fix RPM platform parsing, thanks to Patryk
  Zawadzki! (LP: #213015)
* po/de.po: Fix typo (missing space).
* debian/apport.default: Disable Apport for the final Hardy release, since
  it is less useful in stable releases, and drains a lot of CPU and I/O
  power on crashes. Disabling it here instead of in update-notifier/adept is
  more discoverable and more centralized.

[ Daniel Hahler ]
* bin/apport-retrace: catch the same exceptions from Report.load() like
  ui.load_report() does (LP: #211899)
* Fix uncaught exceptions in apport itself (LP: #215929):
  - apport/REThread.py: check if "sys" exists in the except block of
    REThread.run()
  - apport_python_hook.py: check if "sys" exists in the finally block of
    apport_excepthook
* cli/apport-cli: Fix UnboundLocalError in ui_present_crash, which rendered
  apport-cli useless (for reporting crashes) (LP: #216151)

lp:ubuntu/hardy/mason Mature 2012-07-05 03:02:01 UTC 2012-07-05
6. * Added dutch debconf template transl...

Author: Thomas Scheffczyk
Revision Date: 2007-11-02 10:53:00 UTC

* Added dutch debconf template translation. (Thanks to cobaco (aka Bart Cornelis))
  (closes: #448932)
* Removed national encoding in changelog of 1.0.0-7
* Changed property 'Build-Depends-Indep' to 'Build-Depends' in the rules file

lp:ubuntu/hardy/roxen-fonts-iso8859-1 Mature 2012-07-05 02:58:00 UTC 2012-07-05
5. Remove debian/watch file - upstream s...

Author: Turbo Fredriksson
Revision Date: 2007-11-22 06:45:00 UTC

Remove debian/watch file - upstream source no longer availible.
Closes: #450363

lp:ubuntu/hardy/roxen-fonts-iso8859-2 Mature 2012-07-05 02:52:22 UTC 2012-07-05
6. Remove debian/watch file - upstream s...

Author: Turbo Fredriksson
Revision Date: 2007-11-22 06:53:39 UTC

Remove debian/watch file - upstream source no longer availible.
Closes: #450332

lp:ubuntu/hardy/opustex Mature 2012-07-05 02:28:39 UTC 2012-07-05
3. * Non-maintainer upload. * The PK fil...

Author: Benjamin Bayart
Revision Date: 2006-10-08 16:12:44 UTC

* Non-maintainer upload.
* The PK files have to be removed on remove, not on purge. The
  only point in keeping those during a remove would be for an
  upgrade, where they were already removed. (Closes: Bug#391199)

lp:ubuntu/hardy-proposed/linux-restricted-modules-2.6.24 bug Mature 2012-07-04 14:12:12 UTC 2012-07-04
47. Bump upload number, for reupload to c...

Author: Luis Henriques
Revision Date: 2012-07-04 14:12:12 UTC

Bump upload number, for reupload to c-k-t PPA with fixed source package
(previous version had its source package wrongly created, with missing
.o files required for build, due to stock -I option passed to
dpkg-buildpackage)

lp:ubuntu/hardy-security/linux-restricted-modules-2.6.24 bug Mature 2012-07-04 14:12:12 UTC 2012-07-04
47. Bump upload number, for reupload to c...

Author: Luis Henriques
Revision Date: 2012-07-04 14:12:12 UTC

Bump upload number, for reupload to c-k-t PPA with fixed source package
(previous version had its source package wrongly created, with missing
.o files required for build, due to stock -I option passed to
dpkg-buildpackage)

lp:ubuntu/hardy-updates/linux-restricted-modules-2.6.24 Mature 2012-07-04 14:12:12 UTC 2012-07-04
47. Bump upload number, for reupload to c...

Author: Luis Henriques
Revision Date: 2012-07-04 14:12:12 UTC

Bump upload number, for reupload to c-k-t PPA with fixed source package
(previous version had its source package wrongly created, with missing
.o files required for build, due to stock -I option passed to
dpkg-buildpackage)

lp:ubuntu/hardy-proposed/linux-backports-modules-2.6.24 bug Mature 2012-07-02 16:49:08 UTC 2012-07-02
25. Bump ABI to -32

Author: Luis Henriques
Revision Date: 2012-07-02 16:49:08 UTC

Bump ABI to -32

lp:ubuntu/hardy-security/linux-backports-modules-2.6.24 bug Mature 2012-07-02 16:49:08 UTC 2012-07-02
25. Bump ABI to -32

Author: Luis Henriques
Revision Date: 2012-07-02 16:49:08 UTC

Bump ABI to -32

lp:ubuntu/hardy-updates/linux-backports-modules-2.6.24 Mature 2012-07-02 16:49:08 UTC 2012-07-02
25. Bump ABI to -32

Author: Luis Henriques
Revision Date: 2012-07-02 16:49:08 UTC

Bump ABI to -32

lp:ubuntu/hardy-proposed/linux-ubuntu-modules-2.6.24 bug Mature 2012-07-02 16:45:20 UTC 2012-07-02
36. Bump ABI to -32

Author: Luis Henriques
Revision Date: 2012-07-02 16:45:20 UTC

Bump ABI to -32

lp:ubuntu/hardy-updates/linux-ubuntu-modules-2.6.24 Mature 2012-07-02 16:45:20 UTC 2012-07-02
36. Bump ABI to -32

Author: Luis Henriques
Revision Date: 2012-07-02 16:45:20 UTC

Bump ABI to -32

lp:ubuntu/hardy-security/linux-ubuntu-modules-2.6.24 bug Development 2012-07-02 16:45:20 UTC 2012-07-02
36. Bump ABI to -32

Author: Luis Henriques
Revision Date: 2012-07-02 16:45:20 UTC

Bump ABI to -32

lp:ubuntu/hardy-proposed/linux-meta Development 2012-07-02 14:53:22 UTC 2012-07-02
101. ABI bump to -32 by proposed update

Author: Luis Henriques
Revision Date: 2012-07-02 14:53:22 UTC

ABI bump to -32 by proposed update

lp:ubuntu/hardy-security/linux-meta Development 2012-07-02 14:53:22 UTC 2012-07-02
101. ABI bump to -32 by proposed update

Author: Luis Henriques
Revision Date: 2012-07-02 14:53:22 UTC

ABI bump to -32 by proposed update

lp:ubuntu/hardy-updates/linux-meta Development 2012-07-02 14:53:22 UTC 2012-07-02
101. ABI bump to -32 by proposed update

Author: Luis Henriques
Revision Date: 2012-07-02 14:53:22 UTC

ABI bump to -32 by proposed update

lp:ubuntu/hardy-updates/nagios-plugins Mature 2012-06-29 10:57:36 UTC 2012-06-29
27. Fix bugs and flaws in best offset ser...

Author: Marc Gariépy
Revision Date: 2012-06-05 13:08:34 UTC

Fix bugs and flaws in best offset server selection of check_ntp_time
(LP: #1010110)

lp:~svn/ubuntu/hardy/serf/ppa Development 2012-06-27 23:46:15 UTC 2012-06-27
16. Hack around old libtool not creating ...

Author: Max Bowsher
Revision Date: 2012-06-27 23:45:32 UTC

Hack around old libtool not creating parent directories in a separate
object tree build environment.

lp:ubuntu/hardy-proposed/nagios-plugins bug Mature 2012-06-22 00:12:08 UTC 2012-06-22
27. Fix bugs and flaws in best offset ser...

Author: Marc Gariépy
Revision Date: 2012-06-05 13:08:34 UTC

Fix bugs and flaws in best offset server selection of check_ntp_time
(LP: #1010110)

lp:ubuntu/hardy-security/apt bug Mature 2012-06-15 21:40:24 UTC 2012-06-15
81. * SECURITY UPDATE: Disable apt-key ne...

Author: Jamie Strandboge
Revision Date: 2012-06-15 07:48:24 UTC

* SECURITY UPDATE: Disable apt-key net-update for now, as validation
  code is still insecure
  - cmdline/apt-key: exit 1 immediately in net_update()
  - CVE-2012-0954
  - LP: #1013639

lp:ubuntu/hardy-updates/apt Mature 2012-06-15 07:48:24 UTC 2012-06-15
81. * SECURITY UPDATE: Disable apt-key ne...

Author: Jamie Strandboge
Revision Date: 2012-06-15 07:48:24 UTC

* SECURITY UPDATE: Disable apt-key net-update for now, as validation
  code is still insecure
  - cmdline/apt-key: exit 1 immediately in net_update()
  - CVE-2012-0954
  - LP: #1013639

lp:ubuntu/hardy-security/xen-3.2 Mature 2012-06-12 15:44:41 UTC 2012-06-12
12. * x86-64: detect processors subject t...

Author: Stefan Bader
Revision Date: 2012-06-06 17:53:59 UTC

* x86-64: detect processors subject to AMD erratum #121 and refuse to boot
  CVE-2006-0744
* x86_64: Do not execute sysret with a non-canonical return address
  CVE-2012-0218
* x86-64: fix #GP generation in assembly code
  CVE-2012-0217

lp:ubuntu/hardy-security/mysql-dfsg-5.0 bug Mature 2012-06-11 21:25:23 UTC 2012-06-11
44. * SECURITY UPDATE: authentication byp...

Author: Marc Deslauriers
Revision Date: 2012-06-11 09:04:56 UTC

* SECURITY UPDATE: authentication bypass (LP: #1011371)
  - debian/patches/90_CVE-2012-2122.patch: fix improper type conversion
    in sql/password.c.
  - CVE-2012-2122
* debian/mysql-server.preinst: Removed to prevent service from remaining
  stopped after getting updated. The upgrade logic is still present in
  mysql-common.preinst. (LP: #988325)

lp:ubuntu/hardy-updates/mysql-dfsg-5.0 Mature 2012-06-11 09:04:56 UTC 2012-06-11
44. * SECURITY UPDATE: authentication byp...

Author: Marc Deslauriers
Revision Date: 2012-06-11 09:04:56 UTC

* SECURITY UPDATE: authentication bypass (LP: #1011371)
  - debian/patches/90_CVE-2012-2122.patch: fix improper type conversion
    in sql/password.c.
  - CVE-2012-2122
* debian/mysql-server.preinst: Removed to prevent service from remaining
  stopped after getting updated. The upgrade logic is still present in
  mysql-common.preinst. (LP: #988325)

lp:ubuntu/hardy-updates/pastebinit Mature 2012-06-08 11:48:21 UTC 2012-06-08
6. Cherry-pick new pastebin.com.conf fil...

Author: Stéphane Graber
Revision Date: 2012-05-30 10:33:50 UTC

Cherry-pick new pastebin.com.conf file from pastebinit 1.3.1 and
convert it to the equivalent old-style in code config, also port
another reLink handling from current pastebinit so that regexp matching
works in 0.9.
This switches to the new pastebin.com API (now mandatory) (LP: #996242)

lp:ubuntu/hardy-updates/xen-3.2 bug Mature 2012-06-06 17:53:59 UTC 2012-06-06
12. * x86-64: detect processors subject t...

Author: Stefan Bader
Revision Date: 2012-06-06 17:53:59 UTC

* x86-64: detect processors subject to AMD erratum #121 and refuse to boot
  CVE-2006-0744
* x86_64: Do not execute sysret with a non-canonical return address
  CVE-2012-0218
* x86-64: fix #GP generation in assembly code
  CVE-2012-0217

lp:ubuntu/hardy-proposed/pastebinit bug Mature 2012-06-01 01:15:22 UTC 2012-06-01
6. Cherry-pick new pastebin.com.conf fil...

Author: Stéphane Graber
Revision Date: 2012-05-30 10:33:50 UTC

Cherry-pick new pastebin.com.conf file from pastebinit 1.3.1 and
convert it to the equivalent old-style in code config, also port
another reLink handling from current pastebinit so that regexp matching
works in 0.9.
This switches to the new pastebin.com API (now mandatory) (LP: #996242)

lp:ubuntu/hardy-proposed/gnutls13 bug Mature 2012-05-31 13:48:18 UTC 2012-05-31
19. Apply upstream patch to fix validatio...

Author: Thorsten Glaser
Revision Date: 2012-05-31 13:48:18 UTC

Apply upstream patch to fix validation of certificates when more than
one with the same short hash exists in the CA bundle (LP: #1003841).

lp:ubuntu/hardy-security/net-snmp Development 2012-05-22 16:55:38 UTC 2012-05-22
19. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-05-22 16:55:38 UTC

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/55_CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

lp:ubuntu/hardy-updates/net-snmp Development 2012-05-22 16:55:38 UTC 2012-05-22
19. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-05-22 16:55:38 UTC

* SECURITY UPDATE: denial of service via SNMP GET with non-existent
  extension table entry
  - debian/patches/55_CVE-2012-2141.patch: validate line_idx in
    agent/mibgroup/agent/extend.c.
  - CVE-2012-2141

lp:ubuntu/hardy-security/backuppc Mature 2012-05-17 08:14:14 UTC 2012-05-17
17. * SECURITY UPDATE: XSS in CGI/Restore...

Author: Jamie Strandboge
Revision Date: 2012-05-17 08:14:14 UTC

* SECURITY UPDATE: XSS in CGI/RestoreFile.pm
  - lib/BackupPC/CGI/RestoreFile.pm: update to escape share and backup
    number
  - CVE-2011-5081

lp:ubuntu/hardy-updates/backuppc Mature 2012-05-17 08:14:14 UTC 2012-05-17
17. * SECURITY UPDATE: XSS in CGI/Restore...

Author: Jamie Strandboge
Revision Date: 2012-05-17 08:14:14 UTC

* SECURITY UPDATE: XSS in CGI/RestoreFile.pm
  - lib/BackupPC/CGI/RestoreFile.pm: update to escape share and backup
    number
  - CVE-2011-5081

lp:ubuntu/hardy-updates/libtasn1-3 Mature 2012-05-05 20:05:00 UTC 2012-05-05
9. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-04-24 15:09:05 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  certain large length values.
  - debian/patches/CVE-2012-1569.patch: return an error when the decoded
    length value plus @len would exceed @der_len in lib/decoding.c.
  - CVE-2012-1569

lp:ubuntu/hardy-security/libtasn1-3 Mature 2012-05-05 20:04:55 UTC 2012-05-05
9. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-04-24 15:09:05 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  certain large length values.
  - debian/patches/CVE-2012-1569.patch: return an error when the decoded
    length value plus @len would exceed @der_len in lib/decoding.c.
  - CVE-2012-1569

lp:ubuntu/hardy-proposed/nagios-nrpe bug Mature 2012-05-05 15:52:17 UTC 2012-05-05
7. [4dc53fb] Use retry argument for star...

Author: Stéphane Graber
Revision Date: 2012-05-03 10:19:29 UTC

[4dc53fb] Use retry argument for start-stop-daemon when stopping nrpe,
this fixes cases where restarting nagios-nrpe fails to respawn it.
(LP: #896388)

lp:ubuntu/hardy-updates/nagios-nrpe Mature 2012-05-03 10:19:29 UTC 2012-05-03
7. [4dc53fb] Use retry argument for star...

Author: Stéphane Graber
Revision Date: 2012-05-03 10:19:29 UTC

[4dc53fb] Use retry argument for start-stop-daemon when stopping nrpe,
this fixes cases where restarting nagios-nrpe fails to respawn it.
(LP: #896388)

lp:ubuntu/hardy-updates/update-manager bug Mature 2012-04-24 10:19:33 UTC 2012-04-24
146. * REGRESSION FIX: - DistUpgrade/Dis...

Author: Marc Deslauriers
Revision Date: 2012-02-16 08:30:21 UTC

* REGRESSION FIX:
  - DistUpgrade/DistUpgradeViewKDE.py: fix regression caused by improper
    return value handling. (LP: #933225)

lp:ubuntu/hardy-security/update-manager Mature 2012-04-24 10:18:56 UTC 2012-04-24
146. * REGRESSION FIX: - DistUpgrade/Dis...

Author: Marc Deslauriers
Revision Date: 2012-02-16 08:30:21 UTC

* REGRESSION FIX:
  - DistUpgrade/DistUpgradeViewKDE.py: fix regression caused by improper
    return value handling. (LP: #933225)

1100 of 18862 results