Ubuntu

Bazaar branches for Lucid

Name Status Last Modified Last Commit
lp:ubuntu/lucid-security/python-imaging Mature 2014-04-15 14:20:05 UTC 2014-04-15
22. * SECURITY UPDATE: insecure use of te...

Author: Marc Deslauriers
Revision Date: 2014-03-31 10:26:39 UTC

* SECURITY UPDATE: insecure use of temporary files
  - PIL/EpsImagePlugin.py, PIL/Image.py, PIL/IptcImagePlugin.py,
    PIL/JpegImagePlugin.py: use tempfile.mkstemp().
  - https://github.com/wiredfool/Pillow/commit/1e331e3e6a40141ca8eee4f5da9f74e895423b66
  - CVE-2014-1932
  - CVE-2014-1933

lp:ubuntu/lucid-proposed/linux-meta-ec2 bug Mature 2014-04-02 16:11:50 UTC 2014-04-02
47. Bump linux-ec2 ABI to 363 for propose...

Author: Stefan Bader
Revision Date: 2014-04-02 16:11:50 UTC

Bump linux-ec2 ABI to 363 for proposed release

lp:ubuntu/lucid-security/nss bug Mature 2014-04-02 10:23:33 UTC 2014-04-02
33. * SECURITY UPDATE: incorrect IDNA wil...

Author: Marc Deslauriers
Revision Date: 2014-04-02 10:23:33 UTC

* SECURITY UPDATE: incorrect IDNA wildcard handling
  - debian/patches/CVE-2014-1492.patch: conform to RFC 6125 in
    nss/lib/certdb/certdb.c.
  - CVE-2014-1492

lp:ubuntu/lucid-updates/nss Mature 2014-04-02 10:23:33 UTC 2014-04-02
33. * SECURITY UPDATE: incorrect IDNA wil...

Author: Marc Deslauriers
Revision Date: 2014-04-02 10:23:33 UTC

* SECURITY UPDATE: incorrect IDNA wildcard handling
  - debian/patches/CVE-2014-1492.patch: conform to RFC 6125 in
    nss/lib/certdb/certdb.c.
  - CVE-2014-1492

lp:ubuntu/lucid-proposed/linux-backports-modules-2.6.32 bug Development 2014-04-01 10:32:44 UTC 2014-04-01
55. Start new release (and bump ABI)

Author: Brad Figg
Revision Date: 2014-04-01 10:32:44 UTC

Start new release (and bump ABI)

lp:ubuntu/lucid-updates/python-imaging Mature 2014-03-31 10:26:39 UTC 2014-03-31
22. * SECURITY UPDATE: insecure use of te...

Author: Marc Deslauriers
Revision Date: 2014-03-31 10:26:39 UTC

* SECURITY UPDATE: insecure use of temporary files
  - PIL/EpsImagePlugin.py, PIL/Image.py, PIL/IptcImagePlugin.py,
    PIL/JpegImagePlugin.py: use tempfile.mkstemp().
  - https://github.com/wiredfool/Pillow/commit/1e331e3e6a40141ca8eee4f5da9f74e895423b66
  - CVE-2014-1932
  - CVE-2014-1933

lp:ubuntu/lucid-updates/clamav bug Mature 2014-03-27 19:13:19 UTC 2014-03-27
94. Rebuild as a security update (LP: #12...

Author: Marc Deslauriers
Revision Date: 2014-03-27 10:08:44 UTC

Rebuild as a security update (LP: #1296856)

lp:ubuntu/lucid-security/clamav bug Mature 2014-03-27 19:12:48 UTC 2014-03-27
90. Rebuild as a security update (LP: #12...

Author: Marc Deslauriers
Revision Date: 2014-03-27 10:08:44 UTC

Rebuild as a security update (LP: #1296856)

lp:ubuntu/lucid-proposed/postgresql-8.4 bug Mature 2014-03-24 07:51:15 UTC 2014-03-24
21. New upstream bug fix release. No secu...

Author: Martin Pitt
Revision Date: 2014-03-18 10:37:05 UTC

New upstream bug fix release. No security issues or major data loss fixes
this time, see release.html for details. (LP: #1294006)

lp:ubuntu/lucid-backports/clamav bug Mature 2014-03-19 15:51:54 UTC 2014-03-19
27. * Source backport (LP: #1292943) - ...

Author: Scott Kitterman
Revision Date: 2014-03-19 11:09:05 UTC

* Source backport (LP: #1292943)
  - Drop use of non-existing dh-autoreconf
  - Disable LLVM on powerpc to avoid Lucid specific FTBFS

lp:ubuntu/lucid-updates/postgresql-8.4 bug Mature 2014-03-18 10:37:05 UTC 2014-03-18
21. New upstream bug fix release. No secu...

Author: Martin Pitt
Revision Date: 2014-03-18 10:37:05 UTC

New upstream bug fix release. No security issues or major data loss fixes
this time, see release.html for details. (LP: #1294006)

lp:ubuntu/lucid-proposed/tzdata bug Mature 2014-03-14 00:28:53 UTC 2014-03-14
83. * New upstream release, with updated ...

Author: Adam Conrad
Revision Date: 2014-03-13 17:44:33 UTC

* New upstream release, with updated Turkish DST (LP: #1290193)
* Remove solar87, solar88, solar89, following upstream removal.

lp:ubuntu/lucid-updates/tzdata bug Mature 2014-03-13 17:44:33 UTC 2014-03-13
83. * New upstream release, with updated ...

Author: Adam Conrad
Revision Date: 2014-03-13 17:44:33 UTC

* New upstream release, with updated Turkish DST (LP: #1290193)
* Remove solar87, solar88, solar89, following upstream removal.

lp:ubuntu/lucid-security/mutt Mature 2014-03-12 10:59:56 UTC 2014-03-12
30. * SECURITY UPDATE: buffer overflow in...

Author: Steve Beattie
Revision Date: 2014-03-12 10:59:56 UTC

* SECURITY UPDATE: buffer overflow in header processing after
  address expansion.
  - debian/patches/ubuntu/mutt-CVE-2014-0467.patch
  - CVE-2014-0467

lp:ubuntu/lucid-updates/mutt Mature 2014-03-12 10:59:56 UTC 2014-03-12
30. * SECURITY UPDATE: buffer overflow in...

Author: Steve Beattie
Revision Date: 2014-03-12 10:59:56 UTC

* SECURITY UPDATE: buffer overflow in header processing after
  address expansion.
  - debian/patches/ubuntu/mutt-CVE-2014-0467.patch
  - CVE-2014-0467

lp:ubuntu/lucid-security/net-snmp Mature 2014-03-11 10:10:12 UTC 2014-03-11
44. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-03-11 10:10:12 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285
* SECURITY UPDATE: denial of service via multiple-object requests
  - debian/patches/CVE-2014-2310.patch: fix lengths in
    agent/mibgroup/agentx/protocol.c.
  - CVE-2014-2310

lp:ubuntu/lucid-updates/net-snmp Mature 2014-03-11 10:10:12 UTC 2014-03-11
44. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-03-11 10:10:12 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285
* SECURITY UPDATE: denial of service via multiple-object requests
  - debian/patches/CVE-2014-2310.patch: fix lengths in
    agent/mibgroup/agentx/protocol.c.
  - CVE-2014-2310

lp:ubuntu/lucid-security/sudo Mature 2014-03-10 13:43:32 UTC 2014-03-10
42. * SECURITY UPDATE: security policy by...

Author: Marc Deslauriers
Revision Date: 2014-03-10 13:43:32 UTC

* SECURITY UPDATE: security policy bypass when env_reset is disabled
  - env.c: fix logic inversion
  - http://www.sudo.ws/repos/sudo/rev/748cefb49422
  - CVE-2014-0106

lp:ubuntu/lucid-updates/sudo Mature 2014-03-10 13:43:32 UTC 2014-03-10
42. * SECURITY UPDATE: security policy by...

Author: Marc Deslauriers
Revision Date: 2014-03-10 13:43:32 UTC

* SECURITY UPDATE: security policy bypass when env_reset is disabled
  - env.c: fix logic inversion
  - http://www.sudo.ws/repos/sudo/rev/748cefb49422
  - CVE-2014-0106

lp:ubuntu/lucid-proposed/ca-certificates-java Mature 2014-03-05 17:42:49 UTC 2014-03-05
8. * Backported to Ubuntu 10.04 LTS to p...

Author: Marc Deslauriers
Revision Date: 2014-03-05 09:51:13 UTC

* Backported to Ubuntu 10.04 LTS to properly support certificate
  files with UTF-8 encoded filenames.
* Use the locale C.UTF-8 for the hook script to be more robust.

lp:ubuntu/lucid-security/tomcat6 bug Mature 2014-03-05 14:53:54 UTC 2014-03-05
28. * SECURITY UPDATE: request smuggling ...

Author: Marc Deslauriers
Revision Date: 2014-03-05 14:53:54 UTC

* SECURITY UPDATE: request smuggling attack via content-length headers
  - debian/patches/CVE-2013-4286.patch: handle multiple content lengths
    in java/org/apache/coyote/ajp/AbstractAjpProcessor.java,
    java/org/apache/coyote/ajp/AjpProcessor.java, handle content length
    and chunked encoding being both specified in
    java/org/apache/coyote/http11/Http11AprProcessor.java,
    java/org/apache/coyote/http11/Http11NioProcessor.java,
    java/org/apache/coyote/http11/Http11Processor.java.
  - CVE-2013-4286
* SECURITY UPDATE: denial of service via chunked transfer coding
  - debian/patches/CVE-2013-4322.patch: limit length of extension data in
    java/org/apache/coyote/Constants.java,
    java/org/apache/coyote/http11/filters/ChunkedInputFilter.java,
    webapps/docs/config/systemprops.xml.
  - CVE-2013-4322

lp:ubuntu/lucid-updates/tomcat6 Mature 2014-03-05 14:53:54 UTC 2014-03-05
28. * SECURITY UPDATE: request smuggling ...

Author: Marc Deslauriers
Revision Date: 2014-03-05 14:53:54 UTC

* SECURITY UPDATE: request smuggling attack via content-length headers
  - debian/patches/CVE-2013-4286.patch: handle multiple content lengths
    in java/org/apache/coyote/ajp/AbstractAjpProcessor.java,
    java/org/apache/coyote/ajp/AjpProcessor.java, handle content length
    and chunked encoding being both specified in
    java/org/apache/coyote/http11/Http11AprProcessor.java,
    java/org/apache/coyote/http11/Http11NioProcessor.java,
    java/org/apache/coyote/http11/Http11Processor.java.
  - CVE-2013-4286
* SECURITY UPDATE: denial of service via chunked transfer coding
  - debian/patches/CVE-2013-4322.patch: limit length of extension data in
    java/org/apache/coyote/Constants.java,
    java/org/apache/coyote/http11/filters/ChunkedInputFilter.java,
    webapps/docs/config/systemprops.xml.
  - CVE-2013-4322

lp:ubuntu/lucid-proposed/ca-certificates bug Mature 2014-03-05 13:32:47 UTC 2014-03-05
13. * Update ca-certificates database to ...

Author: Marc Deslauriers
Revision Date: 2014-02-07 13:58:53 UTC

* Update ca-certificates database to 20130906 (LP: #1257265, LP: #1271357):
  - backport changes from the Ubuntu 14.04 20130906ubuntu1 package
  - No longer ship cacert.org certificates (LP: #1258286)
  - No longer ship obsolete debconf.org certificates
  - No longer ship expired brasil.gov.br certificates
  - No longer ship expired signet.pl certificates
  - No longer ship gouv.fr certificates, now part of mozilla bundle
  - No longer ship telesec.de certificates, now part of mozilla bundle
  - mozilla/certdata2pem.py: Work around openssl issue by shipping both
    versions of the same signed roots. Previously, the script would
    simply overwrite the first one found in the certdata.txt with the
    later one since they both have the same CKA_LABEL, resulting in
    identical filenames. (LP: #1014640, LP: #1031333)

lp:ubuntu/lucid-security/ca-certificates-java bug Mature 2014-03-05 09:51:13 UTC 2014-03-05
9. * Backported to Ubuntu 10.04 LTS to p...

Author: Marc Deslauriers
Revision Date: 2014-03-05 09:51:13 UTC

* Backported to Ubuntu 10.04 LTS to properly support certificate
  files with UTF-8 encoded filenames.
* Use the locale C.UTF-8 for the hook script to be more robust.

lp:ubuntu/lucid-updates/ca-certificates-java Mature 2014-03-05 09:51:13 UTC 2014-03-05
9. * Backported to Ubuntu 10.04 LTS to p...

Author: Marc Deslauriers
Revision Date: 2014-03-05 09:51:13 UTC

* Backported to Ubuntu 10.04 LTS to properly support certificate
  files with UTF-8 encoded filenames.
* Use the locale C.UTF-8 for the hook script to be more robust.

lp:ubuntu/lucid-security/gnutls26 Mature 2014-03-03 14:30:43 UTC 2014-03-03
24. * SECURITY UPDATE: certificate valida...

Author: Marc Deslauriers
Revision Date: 2014-03-03 14:30:43 UTC

* SECURITY UPDATE: certificate validation bypass
  - debian/patches/CVE-2014-0092.patch: correct return codes in
    lib/x509/verify.c.
  - CVE-2014-0092

lp:ubuntu/lucid-updates/gnutls26 bug Mature 2014-03-03 14:30:43 UTC 2014-03-03
25. * SECURITY UPDATE: certificate valida...

Author: Marc Deslauriers
Revision Date: 2014-03-03 14:30:43 UTC

* SECURITY UPDATE: certificate validation bypass
  - debian/patches/CVE-2014-0092.patch: correct return codes in
    lib/x509/verify.c.
  - CVE-2014-0092

lp:ubuntu/lucid-security/python2.6 Mature 2014-02-27 09:00:09 UTC 2014-02-27
53. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-02-27 09:00:09 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in socket.recvfrom_into
  - debian/patches/CVE-2014-1912.dpatch: check buffer length in
    Modules/socketmodule.c.
  - CVE-2014-1912

lp:ubuntu/lucid-updates/python2.6 Mature 2014-02-27 09:00:09 UTC 2014-02-27
53. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-02-27 09:00:09 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in socket.recvfrom_into
  - debian/patches/CVE-2014-1912.dpatch: check buffer length in
    Modules/socketmodule.c.
  - CVE-2014-1912

lp:ubuntu/lucid-updates/freeradius Mature 2014-02-26 13:36:58 UTC 2014-02-26
29. * SECURITY UPDATE: incorrect password...

Author: Marc Deslauriers
Revision Date: 2014-02-24 09:21:36 UTC

* SECURITY UPDATE: incorrect password expiration check
  - debian/patches/CVE-2011-4966.patch: check for both account and
    password expiration in src/modules/rlm_unix/rlm_unix.c.
  - CVE-2011-4966
* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in rlm_pap module
  - debian/patches/CVE-2013-2015.patch: properly handle buffer size in
    src/modules/rlm_pap/rlm_pap.c.
  - CVE-2014-2015

lp:ubuntu/lucid-security/freeradius Mature 2014-02-26 13:27:48 UTC 2014-02-26
29. * SECURITY UPDATE: incorrect password...

Author: Marc Deslauriers
Revision Date: 2014-02-24 09:21:36 UTC

* SECURITY UPDATE: incorrect password expiration check
  - debian/patches/CVE-2011-4966.patch: check for both account and
    password expiration in src/modules/rlm_unix/rlm_unix.c.
  - CVE-2011-4966
* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in rlm_pap module
  - debian/patches/CVE-2013-2015.patch: properly handle buffer size in
    src/modules/rlm_pap/rlm_pap.c.
  - CVE-2014-2015

lp:ubuntu/lucid-security/postgresql-8.4 bug Mature 2014-02-25 19:51:31 UTC 2014-02-25
21. * New upstream security/bugfix releas...

Author: Martin Pitt
Revision Date: 2014-02-20 14:10:35 UTC

* New upstream security/bugfix release. (LP: #1282677)
  - Shore up GRANT ... WITH ADMIN OPTION restrictions.
    Granting a role without ADMIN OPTION is supposed to prevent the grantee
    from adding or removing members from the granted role, but this
    restriction was easily bypassed by doing SET ROLE first. The security
    impact is mostly that a role member can revoke the access of others,
    contrary to the wishes of his grantor. Unapproved role member additions
    are a lesser concern, since an uncooperative role member could provide
    most of his rights to others anyway by creating views or SECURITY
    DEFINER functions. (CVE-2014-0060)
  - Prevent privilege escalation via manual calls to PL validator functions.
    The primary role of PL validator functions is to be called implicitly
    during CREATE FUNCTION, but they are also normal SQL functions that a
    user can call explicitly. Calling a validator on a function actually
    written in some other language was not checked for and could be
    exploited for privilege-escalation purposes. The fix involves adding a
    call to a privilege-checking function in each validator function.
    Non-core procedural languages will also need to make this change to
    their own validator functions, if any. (CVE-2014-0061)
  - Avoid multiple name lookups during table and index DDL.
    If the name lookups come to different conclusions due to concurrent
    activity, we might perform some parts of the DDL on a different table
    than other parts. At least in the case of CREATE INDEX, this can be used
    to cause the permissions checks to be performed against a different
    table than the index creation, allowing for a privilege escalation
    attack. (CVE-2014-0062)
  - Prevent buffer overrun with long datetime strings.
    The MAXDATELEN constant was too small for the longest possible value of
    type interval, allowing a buffer overrun in interval_out(). Although the
    datetime input functions were more careful about avoiding buffer
    overrun, the limit was short enough to cause them to reject some valid
    inputs, such as input containing a very long timezone name. The ecpg
    library contained these vulnerabilities along with some of its own.
    (CVE-2014-0063)
  - Prevent buffer overrun due to integer overflow in size calculations.
    Several functions, mostly type input functions, calculated an allocation
    size without checking for overflow. If overflow did occur, a too-small
    buffer would be allocated and then written past. (CVE-2014-0064)
  - Prevent overruns of fixed-size buffers.
    Use strlcpy() and related functions to provide a clear guarantee that
    fixed-size buffers are not overrun. Unlike the preceding items, it is
    unclear whether these cases really represent live issues, since in most
    cases there appear to be previous constraints on the size of the input
    string. Nonetheless it seems prudent to silence all Coverity warnings of
    this type. (CVE-2014-0065)
  - Avoid crashing if crypt() returns NULL.
    There are relatively few scenarios in which crypt() could return NULL,
    but contrib/chkpass would crash if it did. One practical case in which
    this could be an issue is if libc is configured to refuse to execute
    unapproved hashing algorithms (e.g., "FIPS mode"). (CVE-2014-0066)
  - Document risks of make check in the regression testing instructions
    Since the temporary server started by make check uses "trust"
    authentication, another user on the same machine could connect to it as
    database superuser, and then potentially exploit the privileges of the
    operating-system user who started the tests. A future release will
    probably incorporate changes in the testing procedure to prevent this
    risk, but some public discussion is needed first. So for the moment,
    just warn people against using make check when there are untrusted users
    on the same machine. (CVE-2014-0067)
* The upstream tarballs no longer contain a plain HISTORY file, but point to
  the html documentation. Add 70-history.patch to note the location of these
  files in our changelog.gz file.

lp:ubuntu/lucid-security/linux-meta-ec2 Mature 2014-02-19 18:19:50 UTC 2014-02-19
46. Bump linux-ec2 ABI to 362 for propose...

Author: Stefan Bader
Revision Date: 2014-02-19 18:19:50 UTC

Bump linux-ec2 ABI to 362 for proposed release

lp:ubuntu/lucid-updates/linux-meta-ec2 Mature 2014-02-19 18:19:50 UTC 2014-02-19
46. Bump linux-ec2 ABI to 362 for propose...

Author: Stefan Bader
Revision Date: 2014-02-19 18:19:50 UTC

Bump linux-ec2 ABI to 362 for proposed release

lp:ubuntu/lucid-security/linux-backports-modules-2.6.32 Mature 2014-02-18 16:55:17 UTC 2014-02-18
54. Start new release (and bump ABI)

Author: Brad Figg
Revision Date: 2014-02-18 16:55:17 UTC

Start new release (and bump ABI)

lp:ubuntu/lucid-updates/linux-backports-modules-2.6.32 bug Mature 2014-02-18 16:55:17 UTC 2014-02-18
54. Start new release (and bump ABI)

Author: Brad Figg
Revision Date: 2014-02-18 16:55:17 UTC

Start new release (and bump ABI)

lp:ubuntu/lucid-security/linux-meta bug Mature 2014-02-18 16:49:51 UTC 2014-02-18
213. [ Brad Figg ] Bump ABI

Author: Brad Figg
Revision Date: 2014-02-18 16:49:51 UTC

[ Brad Figg ]

Bump ABI

lp:ubuntu/lucid-updates/linux-meta bug Mature 2014-02-18 16:49:51 UTC 2014-02-18
213. [ Brad Figg ] Bump ABI

Author: Brad Figg
Revision Date: 2014-02-18 16:49:51 UTC

[ Brad Figg ]

Bump ABI

lp:ubuntu/lucid-security/linux-ports-meta Mature 2014-02-18 16:48:14 UTC 2014-02-18
76. Bump ABI

Author: Brad Figg
Revision Date: 2014-02-18 16:48:14 UTC

Bump ABI

lp:ubuntu/lucid-updates/linux-ports-meta Mature 2014-02-18 16:48:14 UTC 2014-02-18
76. Bump ABI

Author: Brad Figg
Revision Date: 2014-02-18 16:48:14 UTC

Bump ABI

lp:ubuntu/lucid-security/ca-certificates bug Mature 2014-02-07 13:58:53 UTC 2014-02-07
13. * Update ca-certificates database to ...

Author: Marc Deslauriers
Revision Date: 2014-02-07 13:58:53 UTC

* Update ca-certificates database to 20130906 (LP: #1257265, LP: #1271357):
  - backport changes from the Ubuntu 14.04 20130906ubuntu1 package
  - No longer ship cacert.org certificates (LP: #1258286)
  - No longer ship obsolete debconf.org certificates
  - No longer ship expired brasil.gov.br certificates
  - No longer ship expired signet.pl certificates
  - No longer ship gouv.fr certificates, now part of mozilla bundle
  - No longer ship telesec.de certificates, now part of mozilla bundle
  - mozilla/certdata2pem.py: Work around openssl issue by shipping both
    versions of the same signed roots. Previously, the script would
    simply overwrite the first one found in the certdata.txt with the
    later one since they both have the same CKA_LABEL, resulting in
    identical filenames. (LP: #1014640, LP: #1031333)

lp:ubuntu/lucid-updates/ca-certificates Mature 2014-02-07 13:58:53 UTC 2014-02-07
13. * Update ca-certificates database to ...

Author: Marc Deslauriers
Revision Date: 2014-02-07 13:58:53 UTC

* Update ca-certificates database to 20130906 (LP: #1257265, LP: #1271357):
  - backport changes from the Ubuntu 14.04 20130906ubuntu1 package
  - No longer ship cacert.org certificates (LP: #1258286)
  - No longer ship obsolete debconf.org certificates
  - No longer ship expired brasil.gov.br certificates
  - No longer ship expired signet.pl certificates
  - No longer ship gouv.fr certificates, now part of mozilla bundle
  - No longer ship telesec.de certificates, now part of mozilla bundle
  - mozilla/certdata2pem.py: Work around openssl issue by shipping both
    versions of the same signed roots. Previously, the script would
    simply overwrite the first one found in the certdata.txt with the
    later one since they both have the same CKA_LABEL, resulting in
    identical filenames. (LP: #1014640, LP: #1031333)

lp:ubuntu/lucid-security/curl bug Mature 2014-01-31 08:37:13 UTC 2014-01-31
47. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2014-01-31 08:37:13 UTC

* SECURITY UPDATE: information disclosure via incorrect NTLM credential
  reuse
  - debian/patches/CVE-2014-0015.patch: don't reuse connections if NTLM
    auth is used in lib/url.c.
  - CVE-2014-0015

lp:ubuntu/lucid-updates/curl bug Mature 2014-01-31 08:37:13 UTC 2014-01-31
47. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2014-01-31 08:37:13 UTC

* SECURITY UPDATE: information disclosure via incorrect NTLM credential
  reuse
  - debian/patches/CVE-2014-0015.patch: don't reuse connections if NTLM
    auth is used in lib/url.c.
  - CVE-2014-0015

lp:ubuntu/lucid-security/nspr Mature 2014-01-22 16:02:50 UTC 2014-01-22
22. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-01-22 16:02:50 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  integer overflow in PL_ArenaAllocate
  - debian/patches/CVE-2013-5607.patch: properly check size in
    mozilla/nsprpub/lib/ds/plarena.c.
  - CVE-2013-5607

lp:ubuntu/lucid-updates/nspr Mature 2014-01-22 16:02:50 UTC 2014-01-22
22. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-01-22 16:02:50 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  integer overflow in PL_ArenaAllocate
  - debian/patches/CVE-2013-5607.patch: properly check size in
    mozilla/nsprpub/lib/ds/plarena.c.
  - CVE-2013-5607

lp:ubuntu/lucid-security/mysql-dfsg-5.1 bug Mature 2014-01-21 14:04:49 UTC 2014-01-21
44. * SECURITY UPDATE: Update to 5.1.73 t...

Author: Marc Deslauriers
Revision Date: 2014-01-16 19:41:38 UTC

* SECURITY UPDATE: Update to 5.1.73 to fix security issues (LP: #1269993)
  - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
  - CVE-2013-5908
  - CVE-2014-0386
  - CVE-2014-0393
  - CVE-2014-0401
  - CVE-2014-0402
  - CVE-2014-0412
  - CVE-2014-0437
* debian/patches/33_scripts__mysql_create_system_tables__no_test.dpatch:
  refreshed patch.

lp:ubuntu/lucid-security/hplip Mature 2014-01-20 11:03:10 UTC 2014-01-20
139. * SECURITY UPDATE: insecure temp file...

Author: Marc Deslauriers
Revision Date: 2014-01-20 11:03:10 UTC

* SECURITY UPDATE: insecure temp file use in pkit.py
  - debian/patches/CVE-2013-6402.dpatch: remove logging to temp file in
    base/pkit.py.
  - CVE-2013-6402

lp:ubuntu/lucid-updates/hplip Mature 2014-01-20 11:03:10 UTC 2014-01-20
139. * SECURITY UPDATE: insecure temp file...

Author: Marc Deslauriers
Revision Date: 2014-01-20 11:03:10 UTC

* SECURITY UPDATE: insecure temp file use in pkit.py
  - debian/patches/CVE-2013-6402.dpatch: remove logging to temp file in
    base/pkit.py.
  - CVE-2013-6402

lp:ubuntu/lucid-security/devscripts Mature 2014-01-17 08:27:59 UTC 2014-01-17
89. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2014-01-17 08:27:59 UTC

* SECURITY UPDATE: arbitrary code execution in uscan via crafted tarball
  - scripts/uscan.pl: improve tarball handling.
  - backport of 02c6850d973e3e1246fde72edab27f03d63acc52
  - backport of 4b7e58ee6000cdefac0682601cec6ecce0137467
  - CVE-2013-6888

lp:ubuntu/lucid-updates/devscripts Mature 2014-01-17 08:27:59 UTC 2014-01-17
89. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2014-01-17 08:27:59 UTC

* SECURITY UPDATE: arbitrary code execution in uscan via crafted tarball
  - scripts/uscan.pl: improve tarball handling.
  - backport of 02c6850d973e3e1246fde72edab27f03d63acc52
  - backport of 4b7e58ee6000cdefac0682601cec6ecce0137467
  - CVE-2013-6888

lp:ubuntu/lucid-updates/mysql-dfsg-5.1 Mature 2014-01-16 19:41:38 UTC 2014-01-16
44. * SECURITY UPDATE: Update to 5.1.73 t...

Author: Marc Deslauriers
Revision Date: 2014-01-16 19:41:38 UTC

* SECURITY UPDATE: Update to 5.1.73 to fix security issues (LP: #1269993)
  - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
  - CVE-2013-5908
  - CVE-2014-0386
  - CVE-2014-0393
  - CVE-2014-0401
  - CVE-2014-0402
  - CVE-2014-0412
  - CVE-2014-0437
* debian/patches/33_scripts__mysql_create_system_tables__no_test.dpatch:
  refreshed patch.

lp:ubuntu/lucid-updates/graphviz Mature 2014-01-16 14:10:03 UTC 2014-01-16
32. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2014-01-14 13:37:26 UTC

* SECURITY UPDATE: buffer overflow in yyerror()
  - debian/patches/CVE-2014-0978.patch: don't overflow buf in
    lib/cgraph/scan.l.
  - CVE-2014-0978
* SECURITY UPDATE: buffer overflow in yyerror() security fix
  - debian/patches/CVE-2014-1235.patch: once again, don't overflow buf
    in lib/cgraph/scan.l.
  - CVE-2014-1235
* SECURITY UPDATE: buffer overflow in chkNum of scanner
  - debian/patches/CVE-2014-1236.patch: don't overflow buf in
    lib/cgraph/scan.l.
  - CVE-2014-1236

lp:ubuntu/lucid-security/graphviz Mature 2014-01-16 13:50:50 UTC 2014-01-16
32. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2014-01-14 13:37:26 UTC

* SECURITY UPDATE: buffer overflow in yyerror()
  - debian/patches/CVE-2014-0978.patch: don't overflow buf in
    lib/cgraph/scan.l.
  - CVE-2014-0978
* SECURITY UPDATE: buffer overflow in yyerror() security fix
  - debian/patches/CVE-2014-1235.patch: once again, don't overflow buf
    in lib/cgraph/scan.l.
  - CVE-2014-1235
* SECURITY UPDATE: buffer overflow in chkNum of scanner
  - debian/patches/CVE-2014-1236.patch: don't overflow buf in
    lib/cgraph/scan.l.
  - CVE-2014-1236

lp:ubuntu/lucid-updates/linux-lts-backport-oneiric bug Mature 2014-01-15 21:39:30 UTC 2014-01-15
25. [Steve Conklin] * Release Tracking B...

Author: Steve Conklin
Revision Date: 2013-03-21 09:49:05 UTC

[Steve Conklin]

* Release Tracking Bug
  - LP: #1158541

[ Upstream Kernel Changes ]

* printk: fix buffer overflow when calling log_prefix function from
  call_console_drivers
  - LP: #1145196
* 3.0.66
  - LP: #1145196
* x86-32, mm: Remove reference to resume_map_numa_kva()
  - LP: #1145196
* mm: fix pageblock bitmap allocation
  - LP: #1145196
* timeconst.pl: Eliminate Perl warning
  - LP: #1145196
* genirq: Avoid deadlock in spurious handling
  - LP: #1145196
* posix-cpu-timers: Fix nanosleep task_struct leak
  - LP: #1145196
* hrtimer: Prevent hrtimer_enqueue_reprogram race
  - LP: #1145196
* ALSA: ali5451: remove irq enabling in pointer callback
  - LP: #1145196
* ALSA: rme32.c irq enabling after spin_lock_irq
  - LP: #1145196
* tty: set_termios/set_termiox should not return -EINTR
  - LP: #1145196
* xen: Send spinlock IPI to all waiters
  - LP: #1011792, #1145196
* Driver core: treat unregistered bus_types as having no devices
  - LP: #1145196
* mm: mmu_notifier: have mmu_notifiers use a global SRCU so they may
  safely schedule
  - LP: #1145196
* mm: mmu_notifier: make the mmu_notifier srcu static
  - LP: #1145196
* mmu_notifier_unregister NULL Pointer deref and multiple ->release()
  callouts
  - LP: #1145196
* KVM: s390: Handle hosts not supporting s390-virtio.
  - LP: #1145196
* s390/kvm: Fix store status for ACRS/FPRS
  - LP: #1145196
* inotify: remove broken mask checks causing unmount to be EINVAL
  - LP: #1145196
* ocfs2: unlock super lock if lockres refresh failed
  - LP: #1145196
* drivers/video/backlight/adp88?0_bl.c: fix resume
  - LP: #1145196
* tmpfs: fix use-after-free of mempolicy object
  - LP: #1145196
* mm/fadvise.c: drain all pagevecs if POSIX_FADV_DONTNEED fails to
  discard all pages
  - LP: #1145196
* NLM: Ensure that we resend all pending blocking locks after a reclaim
  - LP: #1145196
* p54usb: corrected USB ID for T-Com Sinus 154 data II
  - LP: #1145196
* ALSA: usb-audio: fix Roland A-PRO support
  - LP: #1145196
* ALSA: usb: Fix Processing Unit Descriptor parsers
  - LP: #1145196
* ext4: Free resources in some error path in ext4_fill_super
  - LP: #1145196
* ext4: add missing kfree() on error return path in add_new_gdb()
  - LP: #1145196
* sunvdc: Fix off-by-one in generic_request().
  - LP: #1145196
* drm/usb: bind driver to correct device
  - LP: #1145196
* drm/i915: disable shared panel fitter for pipe
  - LP: #1145196
* staging: comedi: disallow COMEDI_DEVCONFIG on non-board minors
  - LP: #1145196
* staging: vt6656: Fix URB submitted while active warning.
  - LP: #1145196
* ARM: PXA3xx: program the CSMSADRCFG register
  - LP: #1145196
* powerpc/kexec: Disable hard IRQ before kexec
  - LP: #1145196
* Purge existing TLB entries in set_pte_at and ptep_set_wrprotect
  - LP: #1145196
* pcmcia/vrc4171: Add missing spinlock init
  - LP: #1145196
* fbcon: don't lose the console font across generic->chip driver switch
  - LP: #1145196
* fb: rework locking to fix lock ordering on takeover
  - LP: #1145196
* bridge: set priority of STP packets
  - LP: #1145196
* xen-netback: correctly return errors from netbk_count_requests()
  - LP: #1145196
* xen-netback: cancel the credit timer when taking the vif down
  - LP: #1145196
* ipv4: fix a bug in ping_err().
  - LP: #1145196
* ipv6: use a stronger hash for tcp
  - LP: #1145196
* dca: check against empty dca_domains list before unregister provider
  - LP: #1145196
* USB: option: add and update Alcatel modems
  - LP: #1145196
* USB: option: add Yota / Megafon M100-1 4g modem
  - LP: #1145196
* USB: option: add Huawei "ACM" devices using protocol = vendor
  - LP: #1145196
* USB: ehci-omap: Fix autoloading of module
  - LP: #1145196
* USB: storage: properly handle the endian issues of idProduct
  - LP: #1145196
* USB: usb-storage: unusual_devs update for Super TOP SATA bridge
  - LP: #1145196
* Linux 3.0.67
  - LP: #1145196
* quota: autoload the quota_v2 module for QFMT_VFS_V1 quota format
  - LP: #1145196
* iommu/amd: Initialize device table after dma_ops
  - LP: #1145196
* posix-timer: Don't call idr_find() with out-of-range ID
  - LP: #1145196
* ftrace: Call ftrace cleanup module notifier after all other notifiers
  - LP: #1145196
* doc, xen: Mention 'earlyprintk=xen' in the documentation.
  - LP: #1145196
* doc, kernel-parameters: Document 'console=hvc<n>'
  - LP: #1145196
* x86: Make sure we can boot in the case the BDA contains pure garbage
  - LP: #1145196
* target: Add missing mapped_lun bounds checking during make_mappedlun
  setup
  - LP: #1145196
* ocfs2: ac->ac_allow_chain_relink=0 won't disable group relink
  - LP: #1145196
* xen-blkback: do not leak mode property
  - LP: #1145196
* idr: fix a subtle bug in idr_get_next()
  - LP: #1145196
* firewire: add minor number range check to fw_device_init()
  - LP: #1145196
* sysctl: fix null checking in bin_dn_node_address()
  - LP: #1145196
* ext4: fix race in ext4_mb_add_n_trim()
  - LP: #1145196
* svcrpc: make svc_age_temp_xprts enqueue under sv_lock
  - LP: #1145196
* unbreak automounter support on 64-bit kernel with 32-bit userspace (v2)
  - LP: #1145196
* x86: Do not leak kernel page mapping locations
  - LP: #1145196
* x86/apic: Work around boot failure on HP ProLiant DL980 G7 Server
  systems
  - LP: #1145196
* cpuset: fix cpuset_print_task_mems_allowed() vs rename() race
  - LP: #1145196
* cgroup: fix exit() vs rmdir() race
  - LP: #1145196
* dca: check against empty dca_domains list before unregister provider
  fix
  - LP: #1145196
* s390/kvm: Fix store status for ACRS/FPRS fix
  - LP: #1145196
* staging: comedi: ni_labpc: correct differential channel sequence for AI
  commands
  - LP: #1145196
* staging: comedi: ni_labpc: set up command4 register *after* command3
  - LP: #1145196
* staging: comedi: check s->async for poll(), read() and write()
  - LP: #1145196
* Linux 3.0.68
  - LP: #1145196
* keys: fix race with concurrent install_user_keyrings()
  - LP: #1152788
  - CVE-2013-1792
* ARM: VFP: fix emulation of second VFP instruction
  - LP: #1155651
* ARM: fix scheduling while atomic warning in alignment handling code
  - LP: #1155651
* SCSI: dc395x: uninitialized variable in device_alloc()
  - LP: #1155651
* target/pscsi: Fix page increment
  - LP: #1155651
* btrfs: Init io_lock after cloning btrfs device struct
  - LP: #1155651
* cifs: ensure that cifs_get_root() only traverses directories
  - LP: #1155651
* SUNRPC: Don't start the retransmission timer when out of socket space
  - LP: #1155651
* hw_random: make buffer usable in scatterlist.
  - LP: #1155651
* ath9k: fix RSSI dummy marker value
  - LP: #1155651
* md: raid0: fix error return from create_stripe_zones.
  - LP: #1155651
* hwmon: (sht15) Check return value of regulator_enable()
  - LP: #1155651
* drm/radeon: add primary dac adj quirk for R200 board
  - LP: #1155651
* ALSA: ice1712: Initialize card->private_data properly
  - LP: #1155651
* ALSA: vmaster: Fix slave change notification
  - LP: #1155651
* e1000e: fix pci-device enable-counter balance
  - LP: #1155651
* vfs: fix pipe counter breakage
  - LP: #1155651
* Fix memory leak in cpufreq stats.
  - LP: #1155651
* ftrace: Update the kconfig for DYNAMIC_FTRACE
  - LP: #1155651
* decnet: Fix disappearing sysctl entries
  - LP: #1155651
* dmi_scan: fix missing check for _DMI_ signature in smbios_present()
  - LP: #1155651
* Linux 3.0.69
  - LP: #1155651
* signal: always clear sa_restorer on execve
  - LP: #1153813
  - CVE-2013-0914

lp:ubuntu/lucid-proposed/linux-lts-backport-oneiric bug Mature 2014-01-15 15:13:22 UTC 2014-01-15
23. [Steve Conklin] * Release Tracking B...

Author: Steve Conklin
Revision Date: 2013-03-21 09:49:05 UTC

[Steve Conklin]

* Release Tracking Bug
  - LP: #1158541

[ Upstream Kernel Changes ]

* printk: fix buffer overflow when calling log_prefix function from
  call_console_drivers
  - LP: #1145196
* 3.0.66
  - LP: #1145196
* x86-32, mm: Remove reference to resume_map_numa_kva()
  - LP: #1145196
* mm: fix pageblock bitmap allocation
  - LP: #1145196
* timeconst.pl: Eliminate Perl warning
  - LP: #1145196
* genirq: Avoid deadlock in spurious handling
  - LP: #1145196
* posix-cpu-timers: Fix nanosleep task_struct leak
  - LP: #1145196
* hrtimer: Prevent hrtimer_enqueue_reprogram race
  - LP: #1145196
* ALSA: ali5451: remove irq enabling in pointer callback
  - LP: #1145196
* ALSA: rme32.c irq enabling after spin_lock_irq
  - LP: #1145196
* tty: set_termios/set_termiox should not return -EINTR
  - LP: #1145196
* xen: Send spinlock IPI to all waiters
  - LP: #1011792, #1145196
* Driver core: treat unregistered bus_types as having no devices
  - LP: #1145196
* mm: mmu_notifier: have mmu_notifiers use a global SRCU so they may
  safely schedule
  - LP: #1145196
* mm: mmu_notifier: make the mmu_notifier srcu static
  - LP: #1145196
* mmu_notifier_unregister NULL Pointer deref and multiple ->release()
  callouts
  - LP: #1145196
* KVM: s390: Handle hosts not supporting s390-virtio.
  - LP: #1145196
* s390/kvm: Fix store status for ACRS/FPRS
  - LP: #1145196
* inotify: remove broken mask checks causing unmount to be EINVAL
  - LP: #1145196
* ocfs2: unlock super lock if lockres refresh failed
  - LP: #1145196
* drivers/video/backlight/adp88?0_bl.c: fix resume
  - LP: #1145196
* tmpfs: fix use-after-free of mempolicy object
  - LP: #1145196
* mm/fadvise.c: drain all pagevecs if POSIX_FADV_DONTNEED fails to
  discard all pages
  - LP: #1145196
* NLM: Ensure that we resend all pending blocking locks after a reclaim
  - LP: #1145196
* p54usb: corrected USB ID for T-Com Sinus 154 data II
  - LP: #1145196
* ALSA: usb-audio: fix Roland A-PRO support
  - LP: #1145196
* ALSA: usb: Fix Processing Unit Descriptor parsers
  - LP: #1145196
* ext4: Free resources in some error path in ext4_fill_super
  - LP: #1145196
* ext4: add missing kfree() on error return path in add_new_gdb()
  - LP: #1145196
* sunvdc: Fix off-by-one in generic_request().
  - LP: #1145196
* drm/usb: bind driver to correct device
  - LP: #1145196
* drm/i915: disable shared panel fitter for pipe
  - LP: #1145196
* staging: comedi: disallow COMEDI_DEVCONFIG on non-board minors
  - LP: #1145196
* staging: vt6656: Fix URB submitted while active warning.
  - LP: #1145196
* ARM: PXA3xx: program the CSMSADRCFG register
  - LP: #1145196
* powerpc/kexec: Disable hard IRQ before kexec
  - LP: #1145196
* Purge existing TLB entries in set_pte_at and ptep_set_wrprotect
  - LP: #1145196
* pcmcia/vrc4171: Add missing spinlock init
  - LP: #1145196
* fbcon: don't lose the console font across generic->chip driver switch
  - LP: #1145196
* fb: rework locking to fix lock ordering on takeover
  - LP: #1145196
* bridge: set priority of STP packets
  - LP: #1145196
* xen-netback: correctly return errors from netbk_count_requests()
  - LP: #1145196
* xen-netback: cancel the credit timer when taking the vif down
  - LP: #1145196
* ipv4: fix a bug in ping_err().
  - LP: #1145196
* ipv6: use a stronger hash for tcp
  - LP: #1145196
* dca: check against empty dca_domains list before unregister provider
  - LP: #1145196
* USB: option: add and update Alcatel modems
  - LP: #1145196
* USB: option: add Yota / Megafon M100-1 4g modem
  - LP: #1145196
* USB: option: add Huawei "ACM" devices using protocol = vendor
  - LP: #1145196
* USB: ehci-omap: Fix autoloading of module
  - LP: #1145196
* USB: storage: properly handle the endian issues of idProduct
  - LP: #1145196
* USB: usb-storage: unusual_devs update for Super TOP SATA bridge
  - LP: #1145196
* Linux 3.0.67
  - LP: #1145196
* quota: autoload the quota_v2 module for QFMT_VFS_V1 quota format
  - LP: #1145196
* iommu/amd: Initialize device table after dma_ops
  - LP: #1145196
* posix-timer: Don't call idr_find() with out-of-range ID
  - LP: #1145196
* ftrace: Call ftrace cleanup module notifier after all other notifiers
  - LP: #1145196
* doc, xen: Mention 'earlyprintk=xen' in the documentation.
  - LP: #1145196
* doc, kernel-parameters: Document 'console=hvc<n>'
  - LP: #1145196
* x86: Make sure we can boot in the case the BDA contains pure garbage
  - LP: #1145196
* target: Add missing mapped_lun bounds checking during make_mappedlun
  setup
  - LP: #1145196
* ocfs2: ac->ac_allow_chain_relink=0 won't disable group relink
  - LP: #1145196
* xen-blkback: do not leak mode property
  - LP: #1145196
* idr: fix a subtle bug in idr_get_next()
  - LP: #1145196
* firewire: add minor number range check to fw_device_init()
  - LP: #1145196
* sysctl: fix null checking in bin_dn_node_address()
  - LP: #1145196
* ext4: fix race in ext4_mb_add_n_trim()
  - LP: #1145196
* svcrpc: make svc_age_temp_xprts enqueue under sv_lock
  - LP: #1145196
* unbreak automounter support on 64-bit kernel with 32-bit userspace (v2)
  - LP: #1145196
* x86: Do not leak kernel page mapping locations
  - LP: #1145196
* x86/apic: Work around boot failure on HP ProLiant DL980 G7 Server
  systems
  - LP: #1145196
* cpuset: fix cpuset_print_task_mems_allowed() vs rename() race
  - LP: #1145196
* cgroup: fix exit() vs rmdir() race
  - LP: #1145196
* dca: check against empty dca_domains list before unregister provider
  fix
  - LP: #1145196
* s390/kvm: Fix store status for ACRS/FPRS fix
  - LP: #1145196
* staging: comedi: ni_labpc: correct differential channel sequence for AI
  commands
  - LP: #1145196
* staging: comedi: ni_labpc: set up command4 register *after* command3
  - LP: #1145196
* staging: comedi: check s->async for poll(), read() and write()
  - LP: #1145196
* Linux 3.0.68
  - LP: #1145196
* keys: fix race with concurrent install_user_keyrings()
  - LP: #1152788
  - CVE-2013-1792
* ARM: VFP: fix emulation of second VFP instruction
  - LP: #1155651
* ARM: fix scheduling while atomic warning in alignment handling code
  - LP: #1155651
* SCSI: dc395x: uninitialized variable in device_alloc()
  - LP: #1155651
* target/pscsi: Fix page increment
  - LP: #1155651
* btrfs: Init io_lock after cloning btrfs device struct
  - LP: #1155651
* cifs: ensure that cifs_get_root() only traverses directories
  - LP: #1155651
* SUNRPC: Don't start the retransmission timer when out of socket space
  - LP: #1155651
* hw_random: make buffer usable in scatterlist.
  - LP: #1155651
* ath9k: fix RSSI dummy marker value
  - LP: #1155651
* md: raid0: fix error return from create_stripe_zones.
  - LP: #1155651
* hwmon: (sht15) Check return value of regulator_enable()
  - LP: #1155651
* drm/radeon: add primary dac adj quirk for R200 board
  - LP: #1155651
* ALSA: ice1712: Initialize card->private_data properly
  - LP: #1155651
* ALSA: vmaster: Fix slave change notification
  - LP: #1155651
* e1000e: fix pci-device enable-counter balance
  - LP: #1155651
* vfs: fix pipe counter breakage
  - LP: #1155651
* Fix memory leak in cpufreq stats.
  - LP: #1155651
* ftrace: Update the kconfig for DYNAMIC_FTRACE
  - LP: #1155651
* decnet: Fix disappearing sysctl entries
  - LP: #1155651
* dmi_scan: fix missing check for _DMI_ signature in smbios_present()
  - LP: #1155651
* Linux 3.0.69
  - LP: #1155651
* signal: always clear sa_restorer on execve
  - LP: #1153813
  - CVE-2013-0914

lp:ubuntu/lucid-updates/openafs bug Mature 2014-01-15 15:09:48 UTC 2014-01-15
26. * SECURITY UPDATE: Fix fileserver buf...

Author: Luke Faraone
Revision Date: 2013-03-05 02:23:07 UTC

* SECURITY UPDATE: Fix fileserver buffer overflow when parsing
  client-supplied ACL entries and protect against client parsing of bad ACL
  entries.
  - OPENAFS-SA-2013-001
  - CVE-2013-1794
  - LP: #114556
* SECURITY UPDATE: Fix ptserver buffer overflow via integer overflow in the
  IdToName RPC
  - OPENAFS-SA-2013-002
  - CVE-2013-1795
  - LP: #1145560

lp:ubuntu/lucid-security/bind9 Mature 2014-01-10 09:45:07 UTC 2014-01-10
31. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-01-10 09:45:07 UTC

* SECURITY UPDATE: denial of service when processing NSEC3-signed zone
  queries
  - debian/patches/CVE-2014-0591.patch: don't call memcpy with
    overlapping ranges in bin/named/query.c.
  - patch backported from 9.8.6-P2.
  - CVE-2014-0591

lp:ubuntu/lucid-updates/bind9 Mature 2014-01-10 09:45:07 UTC 2014-01-10
31. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-01-10 09:45:07 UTC

* SECURITY UPDATE: denial of service when processing NSEC3-signed zone
  queries
  - debian/patches/CVE-2014-0591.patch: don't call memcpy with
    overlapping ranges in bin/named/query.c.
  - patch backported from 9.8.6-P2.
  - CVE-2014-0591

lp:ubuntu/lucid-updates/duplicity bug Mature 2014-01-09 17:50:48 UTC 2014-01-09
20. * debian/patches/08-dont-skip-first-c...

Author: Michael Terry
Revision Date: 2013-11-19 10:58:49 UTC

* debian/patches/08-dont-skip-first-chunk-on-restart.dpatch:
  - When restarting a backup, if the file we were in the middle of
    backing up is now deleted, don't skip the first 65k chunk of the
    next file. Patch backported from upstream trunk. LP: #1252484

lp:ubuntu/lucid-security/libxfont Mature 2013-12-30 17:39:34 UTC 2013-12-30
25. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-12-30 17:39:34 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  stack overflow
  - debian/patches/CVE-2013-6462.patch: limit sscanf field in
    src/bitmap/bdfread.c.
  - CVE-2013-6462

lp:ubuntu/lucid-updates/libxfont Mature 2013-12-30 17:39:34 UTC 2013-12-30
25. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-12-30 17:39:34 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  stack overflow
  - debian/patches/CVE-2013-6462.patch: limit sscanf field in
    src/bitmap/bdfread.c.
  - CVE-2013-6462

lp:ubuntu/lucid-updates/libjpeg6b Mature 2013-12-19 20:06:34 UTC 2013-12-19
8. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2013-11-22 09:04:10 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.dpatch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.dpatch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

lp:ubuntu/lucid-security/libjpeg6b bug Mature 2013-12-19 19:53:03 UTC 2013-12-19
8. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2013-11-22 09:04:10 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.dpatch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.dpatch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

lp:ubuntu/lucid-security/gnupg Mature 2013-12-18 11:18:09 UTC 2013-12-18
34. * SECURITY UPDATE: RSA Key Extraction...

Author: Marc Deslauriers
Revision Date: 2013-12-18 11:18:09 UTC

* SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
  Cryptanalysis attack
  - debian/patches/CVE-2013-4576.dpatch: Use blinding for the RSA secret
    operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
    MPIs used as input to secret key functions in cipher/dsa.c,
    cipher/elgamal.c, cipher/rsa.c.
  - CVE-2013-4576

lp:ubuntu/lucid-updates/gnupg Mature 2013-12-18 11:18:09 UTC 2013-12-18
34. * SECURITY UPDATE: RSA Key Extraction...

Author: Marc Deslauriers
Revision Date: 2013-12-18 11:18:09 UTC

* SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
  Cryptanalysis attack
  - debian/patches/CVE-2013-4576.dpatch: Use blinding for the RSA secret
    operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
    MPIs used as input to secret key functions in cipher/dsa.c,
    cipher/elgamal.c, cipher/rsa.c.
  - CVE-2013-4576

lp:ubuntu/lucid-security/openjpeg Mature 2013-12-12 15:37:31 UTC 2013-12-12
6. fake sync from Debian

Author: Seth Arnold
Revision Date: 2013-12-12 15:37:31 UTC

fake sync from Debian

lp:ubuntu/lucid-updates/openjpeg Mature 2013-12-12 15:37:31 UTC 2013-12-12
6. fake sync from Debian

Author: Seth Arnold
Revision Date: 2013-12-12 15:37:31 UTC

fake sync from Debian

lp:ubuntu/lucid-security/openssl bug Mature 2013-12-11 06:21:29 UTC 2013-12-11
54. * SECURITY UPDATE: Disable compressio...

Author: Seth Arnold
Revision Date: 2013-06-03 20:37:34 UTC

* SECURITY UPDATE: Disable compression to avoid CRIME systemwide
  (LP: #1187195)
  - CVE-2012-4929
  - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
    zlib to compress SSL/TLS unless the environment variable
    OPENSSL_DEFAULT_ZLIB is set in the environment during library
    initialization.
  - Introduced to assist with programs not yet updated to provide their own
    controls on compression, such as Postfix
  - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch

lp:ubuntu/lucid-proposed/duplicity bug Mature 2013-11-21 23:53:39 UTC 2013-11-21
20. * debian/patches/08-dont-skip-first-c...

Author: Michael Terry
Revision Date: 2013-11-19 10:58:49 UTC

* debian/patches/08-dont-skip-first-chunk-on-restart.dpatch:
  - When restarting a backup, if the file we were in the middle of
    backing up is now deleted, don't skip the first 65k chunk of the
    next file. Patch backported from upstream trunk. LP: #1252484

lp:ubuntu/lucid-updates/libcommons-fileupload-java Mature 2013-11-13 15:37:15 UTC 2013-11-13
12. * SECURITY UPDATE: arbitrary file ove...

Author: Marc Deslauriers
Revision Date: 2013-11-07 09:52:16 UTC

* SECURITY UPDATE: arbitrary file overwrite via poison null byte
  - debian/patches/05_CVE-2013-2186.patch: properly validate repository
    in src/java/org/apache/commons/fileupload/disk/DiskFileItem.java.
  - CVE-2013-2186

lp:ubuntu/lucid-security/libcommons-fileupload-java Mature 2013-11-13 15:18:49 UTC 2013-11-13
12. * SECURITY UPDATE: arbitrary file ove...

Author: Marc Deslauriers
Revision Date: 2013-11-07 09:52:16 UTC

* SECURITY UPDATE: arbitrary file overwrite via poison null byte
  - debian/patches/05_CVE-2013-2186.patch: properly validate repository
    in src/java/org/apache/commons/fileupload/disk/DiskFileItem.java.
  - CVE-2013-2186

lp:ubuntu/lucid-updates/libxml-security-java Mature 2013-11-12 18:03:53 UTC 2013-11-12
9. * SECURITY UPDATE: XML signature spoo...

Author: Marc Deslauriers
Revision Date: 2013-09-10 11:44:34 UTC

* SECURITY UPDATE: XML signature spoofing via CanonicalizationMethod
  parameter
  - src/org/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java:
    don't allow non-standard c14n method.
  - http://svn.apache.org/viewvc?view=revision&revision=1493772
  - CVE-2013-2172

lp:ubuntu/lucid-security/libxml-security-java Mature 2013-11-12 17:53:56 UTC 2013-11-12
9. * SECURITY UPDATE: XML signature spoo...

Author: Marc Deslauriers
Revision Date: 2013-09-10 11:44:34 UTC

* SECURITY UPDATE: XML signature spoofing via CanonicalizationMethod
  parameter
  - src/org/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java:
    don't allow non-standard c14n method.
  - http://svn.apache.org/viewvc?view=revision&revision=1493772
  - CVE-2013-2172

lp:~ubuntu-branches/ubuntu/lucid/ntp/lucid-200912090037 Development 2013-10-31 20:16:05 UTC 2013-10-31
38. ntp-ntptrace-man

Author: Chuck Short
Revision Date: 2009-12-07 20:03:59 UTC

ntp-ntptrace-man

lp:ubuntu/lucid-updates/vgabios Mature 2013-10-31 19:13:17 UTC 2013-10-31
14. debian/patches/add-stdvga.patch: buil...

Author: Serge Hallyn
Revision Date: 2013-01-03 15:02:18 UTC

debian/patches/add-stdvga.patch: build vgabios-stdvga.bin (LP: #1095301)

lp:ubuntu/lucid-updates/python-django bug Mature 2013-10-30 02:06:52 UTC 2013-10-30
35. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-09-20 09:33:23 UTC

* SECURITY UPDATE: denial of service via long passwords (LP: #1225784)
  - debian/patches/CVE-2013-1443.patch: enforce a maximum password length
    in django/contrib/auth/forms.py, django/contrib/auth/models.py,
    django/contrib/auth/tests/basic.py.
  - CVE-2013-1443
* SECURITY UPDATE: directory traversal with ssi template tag
  - debian/patches/CVE-2013-4315.patch: properly check absolute path in
    django/template/defaulttags.py,
    tests/regressiontests/templates/tests.py,
    tests/regressiontests/templates/templates/*.
  - CVE-2013-4315
* SECURITY UPDATE: possible XSS via is_safe_url
  - debian/patches/security-is_safe_url.patch: properly reject URLs which
    specify a scheme other then HTTP or HTTPS.
  - https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/
  - No CVE number

lp:ubuntu/lucid-security/python-django bug Mature 2013-10-30 02:06:49 UTC 2013-10-30
35. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-09-20 09:33:23 UTC

* SECURITY UPDATE: denial of service via long passwords (LP: #1225784)
  - debian/patches/CVE-2013-1443.patch: enforce a maximum password length
    in django/contrib/auth/forms.py, django/contrib/auth/models.py,
    django/contrib/auth/tests/basic.py.
  - CVE-2013-1443
* SECURITY UPDATE: directory traversal with ssi template tag
  - debian/patches/CVE-2013-4315.patch: properly check absolute path in
    django/template/defaulttags.py,
    tests/regressiontests/templates/tests.py,
    tests/regressiontests/templates/templates/*.
  - CVE-2013-4315
* SECURITY UPDATE: possible XSS via is_safe_url
  - debian/patches/security-is_safe_url.patch: properly reject URLs which
    specify a scheme other then HTTP or HTTPS.
  - https://www.djangoproject.com/weblog/2013/aug/13/security-releases-issued/
  - No CVE number

lp:ubuntu/lucid-proposed/vm-builder bug Mature 2013-10-23 07:55:12 UTC 2013-10-23
35. Incorporate fix to specify macaddr wh...

Author: Serge Hallyn
Revision Date: 2013-06-24 14:45:45 UTC

Incorporate fix to specify macaddr when using bridge (LP: #392097)

lp:ubuntu/lucid-security/gnupg2 Mature 2013-10-07 15:52:58 UTC 2013-10-07
16. * SECURITY UPDATE: incorrect no-usage...

Author: Marc Deslauriers
Revision Date: 2013-10-07 15:52:58 UTC

* SECURITY UPDATE: incorrect no-usage-permitted flag handling
  - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
    in g10/getkey.c, g10/keygen.c, include/cipher.h.
  - CVE-2013-4351
* SECURITY UPDATE: denial of service via infinite recursion
  - debian/patches/CVE-2013-4402.patch: set limits on number of filters
    and nested packets in common/iobuf.c, g10/mainproc.c.
  - CVE-2013-4402

lp:ubuntu/lucid-updates/gnupg2 Mature 2013-10-07 15:52:58 UTC 2013-10-07
16. * SECURITY UPDATE: incorrect no-usage...

Author: Marc Deslauriers
Revision Date: 2013-10-07 15:52:58 UTC

* SECURITY UPDATE: incorrect no-usage-permitted flag handling
  - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
    in g10/getkey.c, g10/keygen.c, include/cipher.h.
  - CVE-2013-4351
* SECURITY UPDATE: denial of service via infinite recursion
  - debian/patches/CVE-2013-4402.patch: set limits on number of filters
    and nested packets in common/iobuf.c, g10/mainproc.c.
  - CVE-2013-4402

lp:~stub/ubuntu/lucid/python-swiftclient/devel Development 2013-10-03 17:33:08 UTC 2013-10-03
13. simplejson dependency

Author: Stuart Bishop
Revision Date: 2013-10-03 17:33:08 UTC

simplejson dependency

lp:~stub/ubuntu/lucid/python-iso8601/devel Development 2013-10-02 11:30:27 UTC 2013-10-02
8. Elucidate

Author: Stuart Bishop
Revision Date: 2013-10-02 11:29:56 UTC

Elucidate

lp:~stub/ubuntu/lucid/python-keystoneclient/devel Development 2013-10-02 10:15:44 UTC 2013-10-02
26. Dependencies

Author: Stuart Bishop
Revision Date: 2013-10-02 10:15:44 UTC

Dependencies

lp:~stub/ubuntu/lucid/requests/devel Development 2013-10-02 07:47:54 UTC 2013-10-02
21. Elucidation

Author: Stuart Bishop
Revision Date: 2013-10-02 07:47:54 UTC

Elucidation

lp:~stub/ubuntu/lucid/python-urllib3/devel Development 2013-10-02 07:27:15 UTC 2013-10-02
10. whoops

Author: Stuart Bishop
Revision Date: 2013-10-02 07:27:15 UTC

whoops

lp:ubuntu/lucid-security/eglibc bug Mature 2013-10-01 20:14:40 UTC 2013-10-01
47. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-10-01 20:14:40 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  strcoll overflows
  - debian/patches/any/CVE-2012-44xx.diff: fix overflows in
    string/strcoll_l.c, add test to string/tst-strcoll-overflow.c,
    string/Makefile.
  - CVE-2012-4412
  - CVE-2012-4424
* SECURITY UPDATE: denial of service in regular expression matcher
  - debian/patches/any/CVE-2013-0242.diff: fix buffer overrun in
    posix/regexec.c, add test to posix/bug-regex34.c, posix/Makefile.
  - CVE-2013-0242
* SECURITY UPDATE: denial of service in getaddrinfo
  - debian/patches/any/CVE-2013-1914.diff: fix overflow in
    sysdeps/posix/getaddrinfo.c, add libc_hidden_proto for
    __libc_alloca_cutoff in include/alloca.h, nptl/Versions,
    nptl/alloca_cutoff.c.
  - CVE-2013-1914
* SECURITY UPDATE: denial of service and possible code execution via
  readdir_r
  - debian/patches/any/CVE-2013-4237.diff: enforce NAME_MAX limit in
    sysdeps/unix/readdir_r.c, add errcode to sysdeps/unix/dirstream.h,
    sysdeps/unix/opendir.c, sysdeps/unix/rewinddir.c, remove
    GETDENTS_64BIT_ALIGNED from
    sysdeps/unix/sysv/linux/i386/readdir64_r.c,
    sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c.
  - CVE-2013-4237
* SECURITY UPDATE: denial of service and possible code execution via
  overflows in memory allocator
  - debian/patches/any/CVE-2013-4332.diff: check for overflows in
    malloc/malloc.c.
  - CVE-2013-4332

lp:ubuntu/lucid-updates/eglibc bug Mature 2013-10-01 20:14:40 UTC 2013-10-01
53. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-10-01 20:14:40 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  strcoll overflows
  - debian/patches/any/CVE-2012-44xx.diff: fix overflows in
    string/strcoll_l.c, add test to string/tst-strcoll-overflow.c,
    string/Makefile.
  - CVE-2012-4412
  - CVE-2012-4424
* SECURITY UPDATE: denial of service in regular expression matcher
  - debian/patches/any/CVE-2013-0242.diff: fix buffer overrun in
    posix/regexec.c, add test to posix/bug-regex34.c, posix/Makefile.
  - CVE-2013-0242
* SECURITY UPDATE: denial of service in getaddrinfo
  - debian/patches/any/CVE-2013-1914.diff: fix overflow in
    sysdeps/posix/getaddrinfo.c, add libc_hidden_proto for
    __libc_alloca_cutoff in include/alloca.h, nptl/Versions,
    nptl/alloca_cutoff.c.
  - CVE-2013-1914
* SECURITY UPDATE: denial of service and possible code execution via
  readdir_r
  - debian/patches/any/CVE-2013-4237.diff: enforce NAME_MAX limit in
    sysdeps/unix/readdir_r.c, add errcode to sysdeps/unix/dirstream.h,
    sysdeps/unix/opendir.c, sysdeps/unix/rewinddir.c, remove
    GETDENTS_64BIT_ALIGNED from
    sysdeps/unix/sysv/linux/i386/readdir64_r.c,
    sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c.
  - CVE-2013-4237
* SECURITY UPDATE: denial of service and possible code execution via
  overflows in memory allocator
  - debian/patches/any/CVE-2013-4332.diff: check for overflows in
    malloc/malloc.c.
  - CVE-2013-4332

lp:~stub/ubuntu/lucid/python-eventlet/devel Development 2013-09-26 11:56:49 UTC 2013-09-26
22. Lucid Labotomy

Author: Stuart Bishop
Revision Date: 2013-09-26 11:56:14 UTC

Lucid Labotomy

lp:~stub/ubuntu/lucid/python-greenlet/devel Development 2013-09-25 16:50:39 UTC 2013-09-25
17. strip more

Author: Stuart Bishop
Revision Date: 2013-09-25 16:50:39 UTC

strip more

lp:ubuntu/lucid-updates/pyopenssl Mature 2013-09-23 18:39:28 UTC 2013-09-23
11. * SECURITY UPDATE: incorrect ssl cert...

Author: Marc Deslauriers
Revision Date: 2013-09-20 15:54:43 UTC

* SECURITY UPDATE: incorrect ssl cert validation via NUL byte in
  subjectAltName
  - debian/patches/CVE-2013-4314.patch: properly handle subjectAltName in
    src/crypto/x509ext.c, added tests to test/test_crypto.py.
  - CVE-2013-4314

lp:ubuntu/lucid-security/pyopenssl Mature 2013-09-23 18:02:48 UTC 2013-09-23
11. * SECURITY UPDATE: incorrect ssl cert...

Author: Marc Deslauriers
Revision Date: 2013-09-20 15:54:43 UTC

* SECURITY UPDATE: incorrect ssl cert validation via NUL byte in
  subjectAltName
  - debian/patches/CVE-2013-4314.patch: properly handle subjectAltName in
    src/crypto/x509ext.c, added tests to test/test_crypto.py.
  - CVE-2013-4314

lp:ubuntu/lucid-updates/python-defaults Mature 2013-09-18 05:40:20 UTC 2013-09-18
49. default to python 2.6 for pycompile. ...

Author: Rolf Leggewie
Revision Date: 2011-07-16 20:17:44 UTC

default to python 2.6 for pycompile. LP: #566441.

lp:ubuntu/lucid-security/python-httplib2 bug Mature 2013-09-09 13:07:25 UTC 2013-09-09
8. * SECURITY UPDATE: Incorrect SSL cert...

Author: Marc Deslauriers
Revision Date: 2013-09-06 10:03:40 UTC

* SECURITY UPDATE: Incorrect SSL certificate checking with multiple
  requests (LP: #1175272)
  - debian/patches/CVE-2013-2037.patch: close connection on cert mismatch
    in python2/httplib2/__init__.py.
  - CVE-2013-2037

lp:ubuntu/lucid-proposed/python-defaults bug Mature 2013-09-09 12:56:28 UTC 2013-09-09
49. default to python 2.6 for pycompile. ...

Author: Rolf Leggewie
Revision Date: 2011-07-16 20:17:44 UTC

default to python 2.6 for pycompile. LP: #566441.

lp:ubuntu/lucid-updates/python-httplib2 Mature 2013-09-06 10:03:40 UTC 2013-09-06
8. * SECURITY UPDATE: Incorrect SSL cert...

Author: Marc Deslauriers
Revision Date: 2013-09-06 10:03:40 UTC

* SECURITY UPDATE: Incorrect SSL certificate checking with multiple
  requests (LP: #1175272)
  - debian/patches/CVE-2013-2037.patch: close connection on cert mismatch
    in python2/httplib2/__init__.py.
  - CVE-2013-2037

lp:ubuntu/lucid-updates/cloud-init bug Mature 2013-08-14 21:29:16 UTC 2013-08-14
18. * add ability to configure Acquire::h...

Author: Scott Moser
Revision Date: 2012-03-16 14:32:50 UTC

* add ability to configure Acquire::http::Pipeline-Depth via
  cloud-config setting 'apt_pipelining' (LP: #948461)
* debian/cloud-init.postinst: address population of apt_pipeline
  setting on installation.

lp:ubuntu/lucid-updates/net-retriever Mature 2013-08-02 09:29:29 UTC 2013-08-02
23. Deduplicate Packages files entirely i...

Author: Colin Watson
Revision Date: 2013-07-16 13:27:08 UTC

Deduplicate Packages files entirely in C, massively speeding it up for
large files (LP: #1067934).

lp:ubuntu/lucid-proposed/cloud-init bug Mature 2013-08-01 22:10:19 UTC 2013-08-01
20. * add ability to configure Acquire::h...

Author: Scott Moser
Revision Date: 2012-03-16 14:32:50 UTC

* add ability to configure Acquire::http::Pipeline-Depth via
  cloud-config setting 'apt_pipelining' (LP: #948461)
* debian/cloud-init.postinst: address population of apt_pipeline
  setting on installation.

lp:ubuntu/lucid-security/libgcrypt11 Mature 2013-08-01 01:33:23 UTC 2013-08-01
22. * SECURITY UPDATE: The path of execut...

Author: Seth Arnold
Revision Date: 2013-07-30 18:05:18 UTC

* SECURITY UPDATE: The path of execution in an exponentiation function may
  depend upon secret key data, allowing a local attacker to determine the
  contents of the secret key through a side-channel attack.
  - debian/patches/21-CVE-2013-4242.diff: always perform the mpi_mul for
    exponents in secure memory. Based on upstream patch.
  - CVE-2013-4242

1100 of 22995 results