Bazaar branches for Hardy

Name Status Last Modified Last Commit
lp:ubuntu/hardy-proposed/virtualbox-ose-modules bug Mature 2012-04-22 04:45:21 UTC 2012-04-22
36. * Rebuild for 2.6.24-31 (LP: #875058)...

Author: Daniel Hahler
Revision Date: 2012-03-27 22:09:13 UTC

* Rebuild for 2.6.24-31 (LP: #875058)
  - debian/control: s/2.6.24-28/2.6.24-31/g

lp:ubuntu/hardy-security/samba bug Mature 2012-04-13 00:46:01 UTC 2012-04-13
53. [ Steve Beattie ] * SECURITY UPDATE: ...

Author: Tyler Hicks
Revision Date: 2012-04-12 05:28:44 UTC

[ Steve Beattie ]
* SECURITY UPDATE: unauthenticated remote code execution via
  RPC calls (LP: #978458)
  - debian/patches/security-CVE-2012-1182.patch: make variable length
    check be consistent with memory allocation size computation.
  - CVE-2012-1182

lp:ubuntu/hardy-updates/samba bug Mature 2012-04-12 05:28:44 UTC 2012-04-12
53. [ Steve Beattie ] * SECURITY UPDATE: ...

Author: Tyler Hicks
Revision Date: 2012-04-12 05:28:44 UTC

[ Steve Beattie ]
* SECURITY UPDATE: unauthenticated remote code execution via
  RPC calls (LP: #978458)
  - debian/patches/security-CVE-2012-1182.patch: make variable length
    check be consistent with memory allocation size computation.
  - CVE-2012-1182

lp:ubuntu/hardy-updates/mdadm bug Mature 2012-04-11 07:49:23 UTC 2012-04-11
30. * Fixes for LP: #290885, backported f...

Author: Dustin Kirkland 
Revision Date: 2008-11-06 22:15:08 UTC

* Fixes for LP: #290885, backported from Intrepid to Hardy
* Backport functionality to enable booting degraded RAID from Intrepid to
  Hardy
* debian/control: these fixes require initramfs-tools >= 0.85eubuntu39.3
* debian/initramfs/init-premount: enhance the init handling to allow for
  booting a degraded RAID, and add the appropriate fail hook
* debian/mdadm-udeb.dirs, debian/mdadm.config, debian/mdadm.postinst,
  debian/po/*, debian/install-rc, debian/mdadm-udeb.templates:
  partman/install/debconf boot-degraded-raid configurability
* check.d/root_on_raid, check.d/_numbers: installer script to determine if /
  or /boot is on a RAID device

lp:ubuntu/hardy-proposed/mdadm Mature 2012-04-11 07:48:16 UTC 2012-04-11
30. * Fixes for LP: #290885, backported f...

Author: Dustin Kirkland 
Revision Date: 2008-11-06 22:15:08 UTC

* Fixes for LP: #290885, backported from Intrepid to Hardy
* Backport functionality to enable booting degraded RAID from Intrepid to
  Hardy
* debian/control: these fixes require initramfs-tools >= 0.85eubuntu39.3
* debian/initramfs/init-premount: enhance the init handling to allow for
  booting a degraded RAID, and add the appropriate fail hook
* debian/mdadm-udeb.dirs, debian/mdadm.config, debian/mdadm.postinst,
  debian/po/*, debian/install-rc, debian/mdadm-udeb.templates:
  partman/install/debconf boot-degraded-raid configurability
* check.d/root_on_raid, check.d/_numbers: installer script to determine if /
  or /boot is on a RAID device

lp:ubuntu/hardy/mdadm Mature 2012-04-11 07:48:09 UTC 2012-04-11
29. debian/initramfs/init-premount: Make ...

Author: Luke Yelavich
Revision Date: 2008-02-18 12:10:40 UTC

debian/initramfs/init-premount: Make sure the script exists when it is called
with mountfail.

lp:ubuntu/hardy-security/ruby1.8 bug Development 2012-04-11 07:09:20 UTC 2012-04-11
24. * SECURITY UPDATE: certificate spoofi...

Author: Marc Deslauriers
Revision Date: 2009-07-15 13:06:03 UTC

* SECURITY UPDATE: certificate spoofing via invalid return value check
  in OCSP_basic_verify
  - debian/patches/904_security_CVE-2009-0642.dpatch: also check for -1
    return code in ext/openssl/ossl_ocsp.c.
  - CVE-2009-0642
* SECURITY UPDATE: denial of service in BigDecimal library via string
  argument that represents a large number (LP: #385436)
  - debian/patches/905_security_CVE-2009-1904.dpatch: handle large
    numbers properly in ext/bigdecimal/bigdecimal.c.
  - CVE-2009-1904

lp:ubuntu/hardy/ruby1.8 Mature 2012-04-11 07:08:17 UTC 2012-04-11
18. * Merge from debian unstable, remaini...

Author: Michael Vogt
Revision Date: 2007-11-23 16:08:57 UTC

* Merge from debian unstable, remaining changes:
  - Adjust configure options for lpia.
  - add -g when build with noopt

lp:ubuntu/hardy-updates/icu bug Mature 2012-04-11 02:41:23 UTC 2012-04-11
18. * SECURITY UPDATE: fix improper handl...

Author: Jamie Strandboge
Revision Date: 2009-10-07 11:33:48 UTC

* SECURITY UPDATE: fix improper handling of invalid byte sequences
  during Unicode conversion
  - debian/07-CVE-2009-0153.patch: backported patch thanks to RedHat via
    Debian
  - 03-redhat.icu5797.patch, 04-redhat.icu6001.patch, and
    05-redhat.icu6002.patch required for applying 07-CVE-2009-0153.patch
    with 06-CVE-2008-1036.patch needing adjustments. Patch from Debian.
  - CVE-2009-0153

lp:ubuntu/hardy-security/icu Mature 2012-04-11 02:40:43 UTC 2012-04-11
18. * SECURITY UPDATE: fix improper handl...

Author: Jamie Strandboge
Revision Date: 2009-10-07 11:33:48 UTC

* SECURITY UPDATE: fix improper handling of invalid byte sequences
  during Unicode conversion
  - debian/07-CVE-2009-0153.patch: backported patch thanks to RedHat via
    Debian
  - 03-redhat.icu5797.patch, 04-redhat.icu6001.patch, and
    05-redhat.icu6002.patch required for applying 07-CVE-2009-0153.patch
    with 06-CVE-2008-1036.patch needing adjustments. Patch from Debian.
  - CVE-2009-0153

lp:ubuntu/hardy/icu Mature 2012-04-11 02:40:39 UTC 2012-04-11
16. * Add debian/patches/00-cve-2007-4770...

Author: Jay Berkenbilt
Revision Date: 2008-02-07 12:58:34 UTC

* Add debian/patches/00-cve-2007-4770-4771.patch created from with
  svn diff -c 23292 \
  http://source.icu-project.org/repos/icu/icu/branches/maint/maint-3-8
  to address the following security vulnerablilities:
   - CVE-2007-4770: reference to non-existent capture group may
     cause access to invalid memory
   - CVE-2007-4771: buffer overflow in regexcmp.cpp
  (Closes: #463688)
* Updated standards version to 3.7.3: no changes required.

lp:ubuntu/hardy-proposed/mysql-dfsg-5.0 bug Mature 2012-04-10 22:07:25 UTC 2012-04-10
43. * SECURITY UPDATE: Update to 5.0.96 t...

Author: Marc Deslauriers
Revision Date: 2012-03-28 09:25:59 UTC

* SECURITY UPDATE: Update to 5.0.96 to fix security issues (LP: #965523)
  - http://dev.mysql.com/doc/refman/5.0/en/news-5-0-96.html

lp:ubuntu/hardy-security/libpng bug Development 2012-04-05 08:47:42 UTC 2012-04-05
20. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-04-05 08:47:42 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  memory corruption issue.
  - pngset.c: correctly restore to previous condition.
  - Patch from Debian's 1.2.44-1+squeeze4 update
  - CVE-2011-3048

lp:ubuntu/hardy-updates/libpng Development 2012-04-05 08:47:42 UTC 2012-04-05
20. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2012-04-05 08:47:42 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  memory corruption issue.
  - pngset.c: correctly restore to previous condition.
  - Patch from Debian's 1.2.44-1+squeeze4 update
  - CVE-2011-3048

lp:ubuntu/hardy-updates/virtualbox-ose-modules bug Mature 2012-03-27 22:09:13 UTC 2012-03-27
36. * Rebuild for 2.6.24-31 (LP: #875058)...

Author: Daniel Hahler
Revision Date: 2012-03-27 22:09:13 UTC

* Rebuild for 2.6.24-31 (LP: #875058)
  - debian/control: s/2.6.24-28/2.6.24-31/g

lp:ubuntu/hardy-updates/apache2 bug Mature 2012-02-16 20:10:22 UTC 2012-02-16
37. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2012-02-14 10:49:11 UTC

* SECURITY UPDATE: arbitrary code execution via crafted SetEnvIf
  directive (LP: #811422)
  - debian/patches/220_CVE-2011-3607.dpatch: validate length in
    server/util.c.
  - CVE-2011-3607
* SECURITY UPDATE: another mod_proxy reverse proxy exposure
  - debian/patches/221_CVE-2011-4317.dpatch: validate additional URIs in
    modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy.c,
    server/protocol.c.
  - CVE-2011-4317
* SECURITY UPDATE: denial of service and possible code execution via
  type field modification within a scoreboard shared memory segment
  - debian/patches/222_CVE-2012-0031.dpatch: check type field in
    server/scoreboard.c.
  - CVE-2012-0031
* SECURITY UPDATE: cookie disclosure via Bad Request errors
  - debian/patches/223_CVE-2012-0053.dpatch: check lengths in
    server/protocol.c.
  - CVE-2012-0053

lp:ubuntu/hardy-security/apache2 bug Mature 2012-02-16 19:57:16 UTC 2012-02-16
38. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2012-02-14 10:49:11 UTC

* SECURITY UPDATE: arbitrary code execution via crafted SetEnvIf
  directive (LP: #811422)
  - debian/patches/220_CVE-2011-3607.dpatch: validate length in
    server/util.c.
  - CVE-2011-3607
* SECURITY UPDATE: another mod_proxy reverse proxy exposure
  - debian/patches/221_CVE-2011-4317.dpatch: validate additional URIs in
    modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy.c,
    server/protocol.c.
  - CVE-2011-4317
* SECURITY UPDATE: denial of service and possible code execution via
  type field modification within a scoreboard shared memory segment
  - debian/patches/222_CVE-2012-0031.dpatch: check type field in
    server/scoreboard.c.
  - CVE-2012-0031
* SECURITY UPDATE: cookie disclosure via Bad Request errors
  - debian/patches/223_CVE-2012-0053.dpatch: check lengths in
    server/protocol.c.
  - CVE-2012-0053

lp:ubuntu/hardy-security/devscripts Mature 2012-02-15 03:33:36 UTC 2012-02-15
53. * SECURITY UPDATE: Arbitrary code exe...

Author: Tyler Hicks
Revision Date: 2012-02-15 03:33:36 UTC

* SECURITY UPDATE: Arbitrary code execution via crafted filenames in .dsc
  and .changes files
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Raphael Geissert for the original patch.
  - CVE-2012-0210
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
  level directory of the original upstream source tarball
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Adam D. Barratt for the original patch.
  - CVE-2012-0211
* SECURITY UPDATE: Arbritray code execution via crafted filenames in
  arguments passed to debdiff
  - scripts/debdiff.pl: Perform input sanitization on filenames. Based on
    upstream patches.
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=87f88232eb643f0c118c6ba38db8e966915b450f
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=76227af1ee8d68f4844f642325eac903ca21e739
  - CVE-2012-0212
* scripts/debdiff.pl: Remove undocumented functionality which treated
  files with extentionless filenames as packages. Thanks to Adam D. Barratt
  for the original patch.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659559

lp:ubuntu/hardy-updates/devscripts Development 2012-02-15 03:33:36 UTC 2012-02-15
53. * SECURITY UPDATE: Arbitrary code exe...

Author: Tyler Hicks
Revision Date: 2012-02-15 03:33:36 UTC

* SECURITY UPDATE: Arbitrary code execution via crafted filenames in .dsc
  and .changes files
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Raphael Geissert for the original patch.
  - CVE-2012-0210
* SECURITY UPDATE: Arbitrary code execution via crafted filenames in the top
  level directory of the original upstream source tarball
  - scripts/debdiff.pl: Perform input sanitization on filenames. Thanks to
    Adam D. Barratt for the original patch.
  - CVE-2012-0211
* SECURITY UPDATE: Arbritray code execution via crafted filenames in
  arguments passed to debdiff
  - scripts/debdiff.pl: Perform input sanitization on filenames. Based on
    upstream patches.
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=87f88232eb643f0c118c6ba38db8e966915b450f
  - http://anonscm.debian.org/gitweb/?p=devscripts/devscripts.git;a=commitdiff;h=76227af1ee8d68f4844f642325eac903ca21e739
  - CVE-2012-0212
* scripts/debdiff.pl: Remove undocumented functionality which treated
  files with extentionless filenames as packages. Thanks to Adam D. Barratt
  for the original patch.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659559

lp:ubuntu/hardy-security/pdns bug Mature 2012-02-10 20:54:19 UTC 2012-02-10
20. * SECURITY UPDATE: temporary DoS with...

Author: Imre Gergely
Revision Date: 2012-02-08 23:24:53 UTC

* SECURITY UPDATE: temporary DoS with specially crafted packets (LP: #918588)
  - debian/patches/CVE-2012-0206.dpatch: prevent the auth servers from
    entering a packet loop. Based on upstream suggestion.
  - CVE-2012-0206

lp:ubuntu/hardy-updates/pdns Mature 2012-02-08 23:24:53 UTC 2012-02-08
20. * SECURITY UPDATE: temporary DoS with...

Author: Imre Gergely
Revision Date: 2012-02-08 23:24:53 UTC

* SECURITY UPDATE: temporary DoS with specially crafted packets (LP: #918588)
  - debian/patches/CVE-2012-0206.dpatch: prevent the auth servers from
    entering a packet loop. Based on upstream suggestion.
  - CVE-2012-0206

lp:ubuntu/hardy-updates/spamassassin bug Mature 2012-01-25 19:35:53 UTC 2012-01-25
23. 70_remove_open-whois.org.dpatch: Remo...

Author: Clint Byrum
Revision Date: 2010-12-02 00:21:30 UTC

70_remove_open-whois.org.dpatch: Remove open-whois.org (LP: #551655)

lp:ubuntu/hardy-backports/spamassassin bug Mature 2012-01-25 19:35:35 UTC 2012-01-25
24. [ Clint Byrum ] 70_remove_open-whois....

Author: Scott Kitterman
Revision Date: 2010-12-02 07:22:43 UTC

[ Clint Byrum ]
70_remove_open-whois.org.dpatch: Remove open-whois.org (LP: #551655)

lp:ubuntu/hardy-updates/openswan Mature 2012-01-18 15:34:40 UTC 2012-01-18
17. * SECURITY UPDATE: symlink attack thr...

Author: Harald Jenny
Revision Date: 2012-01-17 16:53:31 UTC

* SECURITY UPDATE: symlink attack through predictable filenames in /tmp
  - debian/patches/02-fix-unsecure-tmp-file.dpatch: change
    programs/livetest/livetest.in to use mktemp for temporary file creation.
    Patch taken from Debian openswan 1:2.4.12+dfsg-1.3 package.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374
* SECURITY UPDATE: denial of service attack via malicious Dead Peer Detection
  packet
  - debian/patches/03-CVE-2009-0790.dpatch: adjust programs/pluto/demux.c to
    check for a possbile NULL value. Patch taken from Debian openswan
    1:2.4.12+dfsg-1.3+lenny1 package.
  - CVE-2009-0790
* SECURITY UPDATE: denial of service attack via specially crafted X.509
  certificate
  - debian/patches/04-CVE-2009-2185.dpatch: create include/oswtime.h and
    modify programs/pluto/asn1.c as well as lib/libopenswan/optionsfrom.c to
    do proper checks on certificate objects length. Patch taken from Debian
    openswan 1:2.4.12+dfsg-1.3+lenny2 package.
  - CVE-2009-2185
* SECURITY UPDATE: denial of service attack via deliberately interrupted
  IPSec connection attempt
  - debian/patches/05-2.4.9-CVE-2011-4073.dpatch: change
    programs/pluto/ikev1_continuations.h and programs/pluto/ikev1_quick.c to
    check for vanished ISAKMP SA in Quick Mode negotiation. Patch taken from
    Debian openswan 1:2.4.12+dfsg-1.3+lenny3 package and slightly modified.
  - CVE-2011-4073
(LP: #917754)

lp:ubuntu/hardy-security/openswan bug Mature 2012-01-18 15:17:37 UTC 2012-01-18
17. * SECURITY UPDATE: symlink attack thr...

Author: Harald Jenny
Revision Date: 2012-01-17 16:53:31 UTC

* SECURITY UPDATE: symlink attack through predictable filenames in /tmp
  - debian/patches/02-fix-unsecure-tmp-file.dpatch: change
    programs/livetest/livetest.in to use mktemp for temporary file creation.
    Patch taken from Debian openswan 1:2.4.12+dfsg-1.3 package.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374
* SECURITY UPDATE: denial of service attack via malicious Dead Peer Detection
  packet
  - debian/patches/03-CVE-2009-0790.dpatch: adjust programs/pluto/demux.c to
    check for a possbile NULL value. Patch taken from Debian openswan
    1:2.4.12+dfsg-1.3+lenny1 package.
  - CVE-2009-0790
* SECURITY UPDATE: denial of service attack via specially crafted X.509
  certificate
  - debian/patches/04-CVE-2009-2185.dpatch: create include/oswtime.h and
    modify programs/pluto/asn1.c as well as lib/libopenswan/optionsfrom.c to
    do proper checks on certificate objects length. Patch taken from Debian
    openswan 1:2.4.12+dfsg-1.3+lenny2 package.
  - CVE-2009-2185
* SECURITY UPDATE: denial of service attack via deliberately interrupted
  IPSec connection attempt
  - debian/patches/05-2.4.9-CVE-2011-4073.dpatch: change
    programs/pluto/ikev1_continuations.h and programs/pluto/ikev1_quick.c to
    check for vanished ISAKMP SA in Quick Mode negotiation. Patch taken from
    Debian openswan 1:2.4.12+dfsg-1.3+lenny3 package and slightly modified.
  - CVE-2011-4073
(LP: #917754)

lp:ubuntu/hardy-proposed/update-manager bug Mature 2012-01-18 10:09:26 UTC 2012-01-18
151. * UpdateManager/Core/MetaRelease.py, ...

Author: Michael Vogt
Revision Date: 2012-01-18 10:09:26 UTC

* UpdateManager/Core/MetaRelease.py, UpdateManager/MetaReleaseGObject.py:
  - fix "no longer supported" message (LP: #364583)

lp:ubuntu/hardy-proposed/debian-installer-utils bug Mature 2012-01-06 12:23:00 UTC 2012-01-06
30. [ Scott Moser ] Add --quiet to dpkg-d...

Author: Colin Watson
Revision Date: 2012-01-06 12:23:00 UTC

[ Scott Moser ]
Add --quiet to dpkg-divert calls in chroot_setup.

lp:ubuntu/hardy-updates/debian-installer-utils Mature 2012-01-06 12:23:00 UTC 2012-01-06
30. [ Scott Moser ] Add --quiet to dpkg-d...

Author: Colin Watson
Revision Date: 2012-01-06 12:23:00 UTC

[ Scott Moser ]
Add --quiet to dpkg-divert calls in chroot_setup.

lp:ubuntu/hardy-updates/selinux Mature 2012-01-04 00:35:07 UTC 2012-01-04
3. SECURITY UPDATE: fix unsafe lockfile ...

Author: Jamie Strandboge
Revision Date: 2011-12-21 12:27:41 UTC

SECURITY UPDATE: fix unsafe lockfile creation. The scope of this
is limited by when this script is run, but it is still worthwhile
to get this cleaned up (LP: #876994)

lp:ubuntu/hardy-security/selinux bug Mature 2012-01-04 00:11:25 UTC 2012-01-04
3. SECURITY UPDATE: fix unsafe lockfile ...

Author: Jamie Strandboge
Revision Date: 2011-12-21 12:27:41 UTC

SECURITY UPDATE: fix unsafe lockfile creation. The scope of this
is limited by when this script is run, but it is still worthwhile
to get this cleaned up (LP: #876994)

lp:ubuntu/hardy-backports/postgresql-8.4 Mature 2011-12-15 10:14:04 UTC 2011-12-15
12. Automated backport upload; no source ...

Author: Ubuntu Archive Auto-Sync
Revision Date: 2011-12-15 10:14:04 UTC

Automated backport upload; no source changes.

lp:ubuntu/hardy-security/bzip2 Mature 2011-12-12 11:32:00 UTC 2011-12-12
15. * SECURITY UPDATE: Fix temporary file...

Author: Tyler Hicks
Revision Date: 2011-12-12 11:32:00 UTC

* SECURITY UPDATE: Fix temporary file creation race condition
  - bzexe: Ensure link target is a regular file. Patch from vladz.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862#5
  - CVE-2011-4089

lp:ubuntu/hardy-updates/bzip2 Mature 2011-12-12 11:32:00 UTC 2011-12-12
15. * SECURITY UPDATE: Fix temporary file...

Author: Tyler Hicks
Revision Date: 2011-12-12 11:32:00 UTC

* SECURITY UPDATE: Fix temporary file creation race condition
  - bzexe: Ensure link target is a regular file. Patch from vladz.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632862#5
  - CVE-2011-4089

lp:~canonical-bazaar/ubuntu/hardy/bzr-builder/cat bug Development 2011-12-11 02:24:50 UTC 2011-12-11
41. releasing version 0.7.2+bzr162-0ubunt...

Author: Jelmer Vernooij
Revision Date: 2011-12-11 02:24:50 UTC

releasing version 0.7.2+bzr162-0ubuntu1~1.IS.8.04

lp:ubuntu/hardy-security/python-apt Mature 2011-11-28 16:21:31 UTC 2011-11-28
60. No change rebuild for security. This ...

Author: Marc Deslauriers
Revision Date: 2011-11-28 09:38:19 UTC

No change rebuild for security. This is needed to build update-manager
in the security pocket.

lp:ubuntu/hardy-updates/python-apt bug Mature 2011-11-28 09:38:19 UTC 2011-11-28
60. No change rebuild for security. This ...

Author: Marc Deslauriers
Revision Date: 2011-11-28 09:38:19 UTC

No change rebuild for security. This is needed to build update-manager
in the security pocket.

lp:ubuntu/hardy-backports/pdns-recursor Mature 2011-11-16 09:15:11 UTC 2011-11-16
10. * Backport to hardy: - Use source f...

Author: Evan Broder
Revision Date: 2011-11-10 23:47:14 UTC

* Backport to hardy:
  - Use source format 1.0, and use the old quilt makefile include (Hardy
    predates dh_quilt_patch and the quilt sequence)
  - Drop debhelper build-dependency version
  - Replace override_% syntax with old-style dh --before and dh --after
    syntax

lp:~abhishekkumarsingh-cse/ubuntu/hardy/synce-dccm/hardy bug(Has a merge proposal) Development 2011-11-05 11:27:45 UTC 2011-11-05
6. * * #!/bin/sh is changed to #!/bin/b...

Author: Abhishek kumar singh
Revision Date: 2011-10-18 10:59:31 UTC

*
* #!/bin/sh is changed to #!/bin/bash.

lp:ubuntu/hardy-updates/icecc Mature 2011-11-01 15:15:17 UTC 2011-11-01
8. backport patch from Aloisio Almeida J...

Author: Rolf Leggewie
Revision Date: 2011-07-29 22:25:11 UTC

backport patch from Aloisio Almeida Jr to fix logging. LP: #697788

lp:ubuntu/hardy-proposed/icecc bug Mature 2011-10-26 08:02:38 UTC 2011-10-26
8. backport patch from Aloisio Almeida J...

Author: Rolf Leggewie
Revision Date: 2011-07-29 22:25:11 UTC

backport patch from Aloisio Almeida Jr to fix logging. LP: #697788

lp:ubuntu/hardy-updates/gnome-games bug Mature 2011-10-26 01:28:28 UTC 2011-10-26
72. The glib version used to build the pr...

Author: Sebastien Bacher
Revision Date: 2008-07-17 11:37:33 UTC

The glib version used to build the previous revision had buggy big endian
detection code, no change upload to rebuild using the new fixed version
(bug #245150)

lp:ubuntu/hardy-proposed/gnome-games Mature 2011-10-26 01:27:39 UTC 2011-10-26
72. The glib version used to build the pr...

Author: Sebastien Bacher
Revision Date: 2008-07-17 11:37:33 UTC

The glib version used to build the previous revision had buggy big endian
detection code, no change upload to rebuild using the new fixed version
(bug #245150)

lp:ubuntu/hardy/gnome-games Mature 2011-10-26 01:27:33 UTC 2011-10-26
67. * debian/patches/81_dont_change_ggz_b...

Author: Sebastien Bacher
Revision Date: 2008-04-09 23:38:32 UTC

* debian/patches/81_dont_change_ggz_build_requirements.patch,
  debian/patches/99_reautoconf.patch:
  - revert the upstream changes which require the server directory

lp:ubuntu/hardy/webkitkde Mature 2011-10-25 17:15:21 UTC 2011-10-25
4. * New upstream release * Dropped kubu...

Author: Richard Johnson
Revision Date: 2008-01-14 10:25:58 UTC

* New upstream release
* Dropped kubuntu_01_no_progress_dialogue.diff - implemented upstream
* Updated debian/cdbs to contain the latest checkout in use for our KDE 4
  packages
* Updated debian/rules accordingly
* Updated debian/control - bumped standards to 3.7.3 and libqtwebkit-dev to
  0~svn27674-2

lp:ubuntu/hardy-security/git-core bug Mature 2011-10-25 17:07:24 UTC 2011-10-25
41. [ David Leadbeater ] * SECURITY UPDAT...

Author: Marc Deslauriers
Revision Date: 2009-02-12 15:49:08 UTC

[ David Leadbeater ]
* SECURITY UPDATE: Fix remote code execution in gitweb (LP: #317052)
  - CVE-2008-5516: http://repo.or.cz/w/git.git?a=commitdiff;h=c582abae
  - CVE-2008-5517: http://repo.or.cz/w/git.git?a=commitdiff;h=516381d5

[ Marc Deslauriers ]
* SECURITY UPDATE: arbitrary code execution via long PATH in diff_addremove
  and diff_change (LP: #248750)
  - debian/diff/0007-SECURITY-CVE-2008-3546.diff: safely build the full path.
  - CVE-2008-3546
* SECURITY UPDATE: arbitrary command execution via diff.external configuration
  variable.
  - debian/diff/0008-SECURITY-CVE-2008-5916.diff: remove unused legacy-style
    URI code in gitweb/gitweb.perl.
  - CVE-2008-5916

lp:ubuntu/hardy-updates/git-core Mature 2011-10-25 17:06:42 UTC 2011-10-25
41. [ David Leadbeater ] * SECURITY UPDAT...

Author: Marc Deslauriers
Revision Date: 2009-02-12 15:49:08 UTC

[ David Leadbeater ]
* SECURITY UPDATE: Fix remote code execution in gitweb (LP: #317052)
  - CVE-2008-5516: http://repo.or.cz/w/git.git?a=commitdiff;h=c582abae
  - CVE-2008-5517: http://repo.or.cz/w/git.git?a=commitdiff;h=516381d5

[ Marc Deslauriers ]
* SECURITY UPDATE: arbitrary code execution via long PATH in diff_addremove
  and diff_change (LP: #248750)
  - debian/diff/0007-SECURITY-CVE-2008-3546.diff: safely build the full path.
  - CVE-2008-3546
* SECURITY UPDATE: arbitrary command execution via diff.external configuration
  variable.
  - debian/diff/0008-SECURITY-CVE-2008-5916.diff: remove unused legacy-style
    URI code in gitweb/gitweb.perl.
  - CVE-2008-5916

lp:ubuntu/hardy/git-core Mature 2011-10-25 17:06:13 UTC 2011-10-25
40. debian/rules: Use wish8.4 for the tcl...

Author: Bryan Donlan
Revision Date: 2008-04-06 18:53:53 UTC

debian/rules: Use wish8.4 for the tcl interpreter, to match our dependency
in debian/control. (LP: #196846)

lp:ubuntu/hardy/kbd Mature 2011-10-25 16:44:06 UTC 2011-10-25
11. loadkeys_console-setup.patch: Use ckb...

Author: Colin Watson
Revision Date: 2008-02-04 14:19:21 UTC

loadkeys_console-setup.patch: Use ckbcomp to get the keyboard layout if
other data files are not available (LP: #83487).

lp:ubuntu/hardy/norwegian Mature 2011-10-25 16:43:49 UTC 2011-10-25
6. Drop build-dependency on ssed (last u...

Author: Matthias Klose
Revision Date: 2007-11-28 09:35:36 UTC

Drop build-dependency on ssed (last use in main); we don't care
about how fast the package is built.

lp:ubuntu/hardy/linuxtv-dvb-apps Mature 2011-10-25 14:18:11 UTC 2011-10-25
6. [ Mark Purcell ] * Update scan files ...

Author: Debian VDR Team
Revision Date: 2007-08-06 21:41:18 UTC

[ Mark Purcell ]
* Update scan files from 20070804
  - initial-tuning-data files duplication between dvb-utils & kaffeine
  (Closes: #419566)
* Add myself to uploaders
* Add debian/compat: lintian debian-rules-sets-DH_COMPAT

lp:ubuntu/hardy/fvwm-crystal Mature 2011-10-25 14:01:51 UTC 2011-10-25
4. * Non-maintainer upload. * Remove moz...

Author: Gonéri Le Bouder
Revision Date: 2007-01-24 22:16:48 UTC

* Non-maintainer upload.
* Remove mozilla, opera and acroread icons and remplace them with icons from
  kde-icons-crystalclear (Closes: 389127).
  - update debian/copyright to precis these icons origin
  - rename mozilla menu entrys
* Remove these non-free icons set: doom doom3 firefox lxdoom mozilla-firefox
  mozilla-thunderbird quake4 realplayer thunderbird ubuntu ut2004 vmware
  skype
* Use local charset instead of ISO-8859-1 in menus (Closes: #392824)

lp:ubuntu/hardy/otrs2 Mature 2011-10-25 13:54:06 UTC 2011-10-25
9. * new upstream release * Add Vcs and ...

Author: Torsten Werner
Revision Date: 2007-12-08 21:43:01 UTC

* new upstream release
* Add Vcs and Homepage headers to debian/control.
* Switch to debhelper 5.
* Add dutch debconf translation. (Closes: #449414)

lp:ubuntu/hardy/childsplay-alphabet-sounds-sv Mature 2011-10-25 13:45:32 UTC 2011-10-25
4. Put soundifles on '/usr/share/childsp...

Author: Sergio Talens-Oliag
Revision Date: 2006-12-21 23:55:13 UTC

Put soundifles on '/usr/share/childsplay/Data/AlphabetSounds/sv' instead
of '/usr/share/childsplay/Data/AlphabetSounds' (Closes: Bug#403992).

lp:ubuntu/hardy/klavaro Mature 2011-10-25 12:56:26 UTC 2011-10-25
7. New upstream release.

Author: Bart Martens
Revision Date: 2008-01-12 20:16:08 UTC

New upstream release.

lp:ubuntu/hardy/pyexiv2 Mature 2011-10-25 12:28:50 UTC 2011-10-25
3. No-change rebuild against libexiv2-2.

Author: Steve Langasek
Revision Date: 2008-02-20 09:20:08 UTC

No-change rebuild against libexiv2-2.

lp:ubuntu/hardy/console-tools Mature 2011-10-25 12:26:11 UTC 2011-10-25
26. Remove shlibs.local. It wasn't needed...

Author: Soren Hansen
Revision Date: 2008-02-06 21:58:40 UTC

Remove shlibs.local. It wasn't needed and made console-tools-udeb depend
on libconsole (not -udeb).

lp:ubuntu/hardy/suomi-malaga Mature 2011-10-25 12:19:39 UTC 2011-10-25
8. * New upstream version * Update stand...

Author: Timo Jyrinki
Revision Date: 2008-01-10 22:16:23 UTC

* New upstream version
* Update standards-version to 3.7.3 (no changes)
* Use new official "Homepage" field in control file
* Add new Vcs-* fields as supported in dpkg 1.14.6 (thanks to Teemu Likonen)

lp:ubuntu/hardy/childsplay-alphabet-sounds-ca Mature 2011-10-25 12:08:39 UTC 2011-10-25
3. New upstream release.

Author: Sergio Talens-Oliag
Revision Date: 2006-10-01 00:38:19 UTC

New upstream release.

lp:ubuntu/hardy/openclipart Mature 2011-10-25 11:43:08 UTC 2011-10-25
5. * debian/rules: set /bin/bash as defa...

Author: Luca Falavigna
Revision Date: 2008-01-07 00:14:53 UTC

* debian/rules: set /bin/bash as default shell, fix FTBFS
* debian/control: update Maintainer field as per spec

lp:ubuntu/hardy/kde-icons-crystalproject Mature 2011-10-25 10:27:04 UTC 2011-10-25
2. Upstream renamed Crystal Clear to Cry...

Author: Bastian Venthur
Revision Date: 2007-07-23 17:59:50 UTC

Upstream renamed Crystal Clear to Crystal Project, so do I

lp:ubuntu/hardy-security/pam bug Mature 2011-10-24 19:24:23 UTC 2011-10-24
30. * SECURITY UPDATE: possible code exec...

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:31:55 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in
    Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3149

lp:ubuntu/hardy-security/open-iscsi bug Mature 2011-10-20 21:52:59 UTC 2011-10-20
9. * SECURITY UPDATE: temporary file vul...

Author: Jamie Strandboge
Revision Date: 2011-10-20 14:23:00 UTC

* SECURITY UPDATE: temporary file vulnerability (LP: #408915)
  - utils/iscsi_discovery: use mktemp to store iscsiadm -m discovery result
    rather than writing it to an insecurely-created temporary file. Move
    cleanup sooner so we don't leave files around if nothing is discovered.
  - CVE-2009-1297

lp:ubuntu/hardy-updates/open-iscsi bug Mature 2011-10-20 14:23:00 UTC 2011-10-20
9. * SECURITY UPDATE: temporary file vul...

Author: Jamie Strandboge
Revision Date: 2011-10-20 14:23:00 UTC

* SECURITY UPDATE: temporary file vulnerability (LP: #408915)
  - utils/iscsi_discovery: use mktemp to store iscsiadm -m discovery result
    rather than writing it to an insecurely-created temporary file. Move
    cleanup sooner so we don't leave files around if nothing is discovered.
  - CVE-2009-1297

lp:ubuntu/hardy-updates/pam Development 2011-10-18 10:31:55 UTC 2011-10-18
30. * SECURITY UPDATE: possible code exec...

Author: Marc Deslauriers
Revision Date: 2011-10-18 10:31:55 UTC

* SECURITY UPDATE: possible code execution via incorrect environment file
  parsing (LP: #874469)
  - debian/patches-applied/CVE-2011-3148.patch: correctly count leading
    whitespace when parsing environment file in
    Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3148
* SECURITY UPDATE: denial of service via overflowed environment variable
  expansion (LP: #874565)
  - debian/patches-applied/CVE-2011-3149.patch: when overflowing, exit
    with PAM_BUF_ERR in Linux-PAM/modules/pam_env/pam_env.c.
  - CVE-2011-3149

lp:ubuntu/hardy-security/tomcat5.5 bug Mature 2011-10-13 00:10:29 UTC 2011-10-13
11. * SECURITY UPDATE: Apache Tomcat Auth...

Author: James Page
Revision Date: 2011-09-26 11:42:02 UTC

* SECURITY UPDATE: Apache Tomcat Authentication bypass and information
  disclosure (LP: #843701).
 - connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java: Prevent AJP
   request forgery via unread request body packet - upstream patch from Mark
   Thomas
 - http://svn.apache.org/viewvc?view=revision&revision=1162960
 - CVE-2011-3190

lp:ubuntu/hardy/flashplugin-nonfree Mature 2011-10-12 21:01:43 UTC 2011-10-12
45. * fix "frequent crashes with flash on...

Author: Alexander Sack
Revision Date: 2008-04-16 00:39:41 UTC

* fix "frequent crashes with flash on youtube"; we fix this by
  demoting libflashsupport from depends: to suggests: (LP: #192888)
  This has positive as well as negative consequences:
   (+) increased stability for firefox and nspluginwrapper
   (-) pulseaudio users reported that this breaks sound if flash
       while other applications are running that use the sound
       device for output.
  Users that installed libflashsupport during hardy cycle should
  uninstall it to increase stability.
  - update debian/control

lp:~testing-cabal/ubuntu/hardy/python-testtools/hardy-tweaks Development 2011-10-12 00:55:42 UTC 2011-10-12
37. Add build-conflicts with python-twist...

Author: Jelmer Vernooij
Revision Date: 2011-10-12 00:54:19 UTC

Add build-conflicts with python-twisted (the version in hardy is too old).

lp:ubuntu/hardy-backports/nginx bug Mature 2011-10-07 19:10:29 UTC 2011-10-07
14. * SECURITY UPDATE: - Merge r3528 ...

Author: Neal Poole
Revision Date: 2011-07-12 22:31:10 UTC

* SECURITY UPDATE:
    - Merge r3528 from upstream repository to mitigate
      potential null byte vulnerability (LP: #803720)

lp:ubuntu/hardy-proposed/puppet bug Mature 2011-10-05 20:32:25 UTC 2011-10-05
12. * SECURITY UPDATE: unauthenticated di...

Author: Jamie Strandboge
Revision Date: 2011-10-05 14:48:27 UTC

* SECURITY UPDATE: unauthenticated directory traversal allows writing of
  arbitrary files as puppet master. Patch thanks to Daniel Pittman from
  upstream puppet.
  - 5107c5a979d74d9da40a4cb8362f8ea3e7fb0dd5
  - CVE-2011-3848
  - LP: #861182
* SECURITY UPDATE: k5login can overwrite arbitrary files as root
  - adjust type/k5login.rb to securely open the file before writing to it as
    root. Patch thanks to Daniel Pittman from upstream puppet.
  - 17bf848bd1fa40fb56e6a83e2ac823e6cce60479
  - CVE-2011-3869

lp:~canonical-bazaar/ubuntu/hardy/bzr/cat Development 2011-10-03 22:50:59 UTC 2011-10-03
3965. releasing version 2.4.0-0ubuntu2~11.I...

Author: Jelmer Vernooij
Revision Date: 2011-10-03 22:50:59 UTC

releasing version 2.4.0-0ubuntu2~11.IS.8.04

lp:~james-page/ubuntu/hardy/tomcat6/CVE-2011-3190 bug Development 2011-09-26 15:56:27 UTC 2011-09-26
4. * SECURITY UPDATE: Apache Tomcat Auth...

Author: James Page
Revision Date: 2011-09-26 15:54:38 UTC

* SECURITY UPDATE: Apache Tomcat Authentication bypass and information
  disclosure (LP: #843701).
 - d/patches/security-CVE-2011-3190.patch: Patch from upstream to Prevent AJP
   request forgery via unread request body packet.
 - CVE-2011-3190

lp:ubuntu/hardy-updates/tomcat5.5 bug Mature 2011-09-26 11:42:02 UTC 2011-09-26
11. * SECURITY UPDATE: Apache Tomcat Auth...

Author: James Page
Revision Date: 2011-09-26 11:42:02 UTC

* SECURITY UPDATE: Apache Tomcat Authentication bypass and information
  disclosure (LP: #843701).
 - connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java: Prevent AJP
   request forgery via unread request body packet - upstream patch from Mark
   Thomas
 - http://svn.apache.org/viewvc?view=revision&revision=1162960
 - CVE-2011-3190

lp:~james-page/ubuntu/hardy/tomcat5.5/CVE-2011-3190 bug Development 2011-09-26 10:57:24 UTC 2011-09-26
12. * SECURITY UPDATE: Apache Tomcat Auth...

Author: James Page
Revision Date: 2011-09-26 10:56:33 UTC

* SECURITY UPDATE: Apache Tomcat Authentication bypass and information
  disclosure (LP: #843701).
 - connectors/jk/java/org/apache/coyote/ajp/AjpAprProcessor.java: Prevent AJP
   request forgery via unread request body packet - upstream patch.
 - CVE-2011-3190

lp:ubuntu/hardy-updates/bcfg2 Mature 2011-09-09 04:12:14 UTC 2011-09-09
10. * SECURITY UPDATE: missing input sani...

Author: Julian Taylor
Revision Date: 2011-09-08 15:27:29 UTC

* SECURITY UPDATE: missing input sanitization allowing execution
  of arbitrary commands (LP: #844743)
  - backported fix from upstream by Chris St. Pierre
  - https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1
  - CVE-2011-3211

lp:ubuntu/hardy-security/bcfg2 bug Mature 2011-09-09 03:21:25 UTC 2011-09-09
10. * SECURITY UPDATE: missing input sani...

Author: Julian Taylor
Revision Date: 2011-09-08 15:27:29 UTC

* SECURITY UPDATE: missing input sanitization allowing execution
  of arbitrary commands (LP: #844743)
  - backported fix from upstream by Chris St. Pierre
  - https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1
  - CVE-2011-3211

lp:~canonical-bazaar/ubuntu/hardy/bzrtools/cat Development 2011-08-31 10:31:11 UTC 2011-08-31
728. Fix clean.

Author: Jelmer Vernooij
Revision Date: 2011-08-31 10:31:11 UTC

Fix clean.

lp:~canonical-bazaar/ubuntu/hardy/python-debian/cat Development 2011-08-23 18:17:34 UTC 2011-08-23
208. Merge lucid-cat.

Author: Jelmer Vernooij
Revision Date: 2011-08-23 18:17:34 UTC

Merge lucid-cat.

lp:~canonical-bazaar/ubuntu/hardy/quilt/cat Development 2011-08-23 18:04:44 UTC 2011-08-23
16. releasing version 0.48-5~0.IS.8.04

Author: Jelmer Vernooij
Revision Date: 2011-08-23 18:04:27 UTC

releasing version 0.48-5~0.IS.8.04

lp:ubuntu/hardy-security/foomatic-filters Mature 2011-08-22 15:18:24 UTC 2011-08-22
16. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2011-08-03 12:37:16 UTC

* SECURITY UPDATE: arbitrary code execution via crafted PPD file
  - debian/patches/CVE-2011-2697.patch: don't parse named options when
    running as a filter in foomatic-rip.in.
  - CVE-2011-2697

lp:ubuntu/hardy-proposed/base-installer bug Mature 2011-08-18 17:28:41 UTC 2011-08-18
48. Honour apt-setup/security_path when c...

Author: Colin Watson
Revision Date: 2011-08-16 11:24:38 UTC

Honour apt-setup/security_path when constructing initial security
entries in sources.list (LP: #820306).

lp:ubuntu/hardy-updates/base-installer Mature 2011-08-16 11:24:38 UTC 2011-08-16
48. Honour apt-setup/security_path when c...

Author: Colin Watson
Revision Date: 2011-08-16 11:24:38 UTC

Honour apt-setup/security_path when constructing initial security
entries in sources.list (LP: #820306).

lp:ubuntu/hardy-security/dhcp3 Development 2011-08-11 11:54:18 UTC 2011-08-11
38. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2011-08-11 11:54:18 UTC

* SECURITY UPDATE: denial of service via specially crafted packets
  - debian/patches/CVE-2011-2748-2749.dpatch: tighten up restriction in
    common/discover.c, properly calculate length in common/options.c,
    validate packet->options in server/dhcp.c.
  - CVE-2011-2748
  - CVE-2011-2749

lp:ubuntu/hardy-updates/dhcp3 Development 2011-08-11 11:54:18 UTC 2011-08-11
38. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2011-08-11 11:54:18 UTC

* SECURITY UPDATE: denial of service via specially crafted packets
  - debian/patches/CVE-2011-2748-2749.dpatch: tighten up restriction in
    common/discover.c, properly calculate length in common/options.c,
    validate packet->options in server/dhcp.c.
  - CVE-2011-2748
  - CVE-2011-2749

lp:ubuntu/hardy-updates/foomatic-filters Mature 2011-08-03 12:37:16 UTC 2011-08-03
16. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2011-08-03 12:37:16 UTC

* SECURITY UPDATE: arbitrary code execution via crafted PPD file
  - debian/patches/CVE-2011-2697.patch: don't parse named options when
    running as a filter in foomatic-rip.in.
  - CVE-2011-2697

lp:ubuntu/hardy-proposed/vzctl bug Mature 2011-07-28 06:12:51 UTC 2011-07-28
11. Fix bash 4.2 problem (LP: #732322)

Author: Marc Gariépy
Revision Date: 2011-07-21 17:12:19 UTC

Fix bash 4.2 problem (LP: #732322)

lp:ubuntu/hardy-security/mapserver bug Mature 2011-07-25 18:19:39 UTC 2011-07-25
20. * SECURITY UPDATE: SQL Injection and ...

Author: Alan Boudreault
Revision Date: 2011-07-12 01:07:50 UTC

* SECURITY UPDATE: SQL Injection and buffer overflows (LP: #809133)
  - debian/patches/09_wfs_sql_injection.dpatch: Fix possible WFS
    SQL injection and buffer overflows in OGC Filter Encoding
    support. [http://trac.osgeo.org/mapserver/ticket/3874]
    [http://trac.osgeo.org/mapserver/ticket/3903]
  - CVE-2011-2703, CVE-2011-2704

lp:ubuntu/hardy-updates/vzctl Mature 2011-07-21 17:12:19 UTC 2011-07-21
11. Fix bash 4.2 problem (LP: #732322)

Author: Marc Gariépy
Revision Date: 2011-07-21 17:12:19 UTC

Fix bash 4.2 problem (LP: #732322)

lp:ubuntu/hardy-security/logrotate Mature 2011-07-21 16:20:44 UTC 2011-07-21
5. * SECURITY UPDATE: race condition and...

Author: Marc Deslauriers
Revision Date: 2011-06-17 14:25:03 UTC

* SECURITY UPDATE: race condition and symlink attacks
  - debian/patches/CVE-2011-1098-1548.patch: prevent races and symlink
    attacks in logrotate.c.
  - CVE-2011-1098
  - CVE-2011-1548
* SECURITY UPDATE: denial of service via invalid characters in log
  filename
  - debian/patches/CVE-2011-1155.patch: properly escape filenames in
    logrotate.c.
  - CVE-2011-1155

lp:~bzr/ubuntu/hardy/bzr/bzr-ppa bug Development 2011-07-17 23:30:45 UTC 2011-07-17
167. Merge 2.3.4

Author: Max Bowsher
Revision Date: 2011-07-17 23:30:45 UTC

Merge 2.3.4

lp:ubuntu/hardy-security/nginx bug Mature 2011-07-13 14:11:17 UTC 2011-07-13
13. * SECURITY UPDATE: - Merge r3528 ...

Author: Neal Poole
Revision Date: 2011-07-12 21:41:00 UTC

* SECURITY UPDATE:
    - Merge r3528 from upstream repository to mitigate
      potential null byte vulnerability (LP: #803720)

lp:ubuntu/hardy/xfce4-utils bug Mature 2011-07-13 02:43:35 UTC 2011-07-13
33. * Merge from Debian unstable. Remaini...

Author: Lionel Le Folgoc
Revision Date: 2008-01-27 11:21:56 UTC

* Merge from Debian unstable. Remaining Ubuntu changes:
  - switch to cdbs
  - debian/control:
    + b-d on autotools-dev, debhelper (>= 5), cdbs and drop chrpath
    + adhere to DebianMaintainerField
  - debian/patches/00_xdg_data_dirs.patch:
    make sure to add /etc/xdg/xubuntu even if XDG_DATA_DIRS is already set
  - debian/patches/02_xfce4-about_return_version.patch:
    patch to print Xfce4 version when passed arg "--xfce-version" as part of
    the about-this-computer spec
  - debian/rules: pass --enable-dbus --with-vendor-info=Ubuntu to ./configure
  - debian/compat: bump to 5.
* debian/control:
  - drop quilt from b-d
  - do not depend on exo-utils (not in the archive yet).
* debian/patches/series: dropped.

lp:ubuntu/hardy-updates/nginx bug Mature 2011-07-12 21:41:00 UTC 2011-07-12
13. * SECURITY UPDATE: - Merge r3528 ...

Author: Neal Poole
Revision Date: 2011-07-12 21:41:00 UTC

* SECURITY UPDATE:
    - Merge r3528 from upstream repository to mitigate
      potential null byte vulnerability (LP: #803720)

lp:ubuntu/hardy-updates/mapserver bug Mature 2011-07-12 01:07:50 UTC 2011-07-12
20. * SECURITY UPDATE: SQL Injection and ...

Author: Alan Boudreault
Revision Date: 2011-07-12 01:07:50 UTC

* SECURITY UPDATE: SQL Injection and buffer overflows (LP: #809133)
  - debian/patches/09_wfs_sql_injection.dpatch: Fix possible WFS
    SQL injection and buffer overflows in OGC Filter Encoding
    support. [http://trac.osgeo.org/mapserver/ticket/3874]
    [http://trac.osgeo.org/mapserver/ticket/3903]
  - CVE-2011-2703, CVE-2011-2704

lp:ubuntu/hardy-security/mumble bug Mature 2011-06-24 20:49:35 UTC 2011-06-24
5. * SECURITY UPDATE: /etc/mumble-server...

Author: Felix Geyer
Revision Date: 2011-01-20 13:02:50 UTC

* SECURITY UPDATE: /etc/mumble-server.ini is world readable. (LP: #704674)
  - debian/mumble-server.postinst: Set permissions of mumble-server.ini to
    0640 and the owner to root:mumble-server.

lp:ubuntu/hardy-updates/mumble Mature 2011-06-24 20:49:14 UTC 2011-06-24
5. * SECURITY UPDATE: /etc/mumble-server...

Author: Felix Geyer
Revision Date: 2011-01-20 13:02:50 UTC

* SECURITY UPDATE: /etc/mumble-server.ini is world readable. (LP: #704674)
  - debian/mumble-server.postinst: Set permissions of mumble-server.ini to
    0640 and the owner to root:mumble-server.

lp:ubuntu/hardy-updates/nbd Mature 2011-06-22 07:30:11 UTC 2011-06-22
20. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2011-04-20 10:08:22 UTC

* SECURITY UPDATE: arbitrary code execution via long request (LP: #718300)
  - nbd-server.c: fix buffer size checking.
  - https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8
  - CVE-2011-0530

lp:ubuntu/hardy-security/nbd bug Development 2011-06-21 12:21:06 UTC 2011-06-21
20. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2011-04-20 10:08:22 UTC

* SECURITY UPDATE: arbitrary code execution via long request (LP: #718300)
  - nbd-server.c: fix buffer size checking.
  - https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8
  - CVE-2011-0530

lp:ubuntu/hardy-updates/logrotate Development 2011-06-17 14:25:03 UTC 2011-06-17
5. * SECURITY UPDATE: race condition and...

Author: Marc Deslauriers
Revision Date: 2011-06-17 14:25:03 UTC

* SECURITY UPDATE: race condition and symlink attacks
  - debian/patches/CVE-2011-1098-1548.patch: prevent races and symlink
    attacks in logrotate.c.
  - CVE-2011-1098
  - CVE-2011-1548
* SECURITY UPDATE: denial of service via invalid characters in log
  filename
  - debian/patches/CVE-2011-1155.patch: properly escape filenames in
    logrotate.c.
  - CVE-2011-1155

lp:ubuntu/hardy-updates/sysvinit bug Mature 2011-06-11 19:42:24 UTC 2011-06-11
87. Remove initscripts/etc/network/if-up....

Author: Timo Aaltonen
Revision Date: 2009-01-07 18:49:25 UTC

Remove initscripts/etc/network/if-up.d/mountnfs.orig. (LP: #314772)

lp:ubuntu/hardy-proposed/sysvinit Mature 2011-06-11 19:41:24 UTC 2011-06-11
87. Remove initscripts/etc/network/if-up....

Author: Timo Aaltonen
Revision Date: 2009-01-07 18:49:25 UTC

Remove initscripts/etc/network/if-up.d/mountnfs.orig. (LP: #314772)

101200 of 18863 results