Branches for Lucid

Name Status Last Modified Last Commit
lp:ubuntu/lucid-security/gnupg Mature 2014-08-19 09:44:38 UTC 2014-08-19
36. * SECURITY UPDATE: side-channel attac...

Author: Marc Deslauriers
Revision Date: 2014-08-19 09:44:38 UTC

* SECURITY UPDATE: side-channel attack on Elgamal encryption subkeys
  - debian/patches/CVE-2014-5270.dpatch: use sliding window method for
    exponentiation algorithm in mpi/mpi-pow.c.
  - CVE-2014-5270

lp:ubuntu/lucid-updates/gnupg Mature 2014-08-19 09:44:38 UTC 2014-08-19
36. * SECURITY UPDATE: side-channel attac...

Author: Marc Deslauriers
Revision Date: 2014-08-19 09:44:38 UTC

* SECURITY UPDATE: side-channel attack on Elgamal encryption subkeys
  - debian/patches/CVE-2014-5270.dpatch: use sliding window method for
    exponentiation algorithm in mpi/mpi-pow.c.
  - CVE-2014-5270

lp:ubuntu/lucid-updates/gpgme1.0 Mature 2014-08-06 14:10:20 UTC 2014-08-06
21. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-08-01 09:45:06 UTC

* SECURITY UPDATE: denial of service via different line lengths
  - debian/patches/CVE-2014-3564.dpatch: correctly calculate size of
    buffers in src/engine-gpgsm.c.
  - CVE-2014-3564

lp:ubuntu/lucid-security/gpgme1.0 Mature 2014-08-06 13:25:55 UTC 2014-08-06
21. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-08-01 09:45:06 UTC

* SECURITY UPDATE: denial of service via different line lengths
  - debian/patches/CVE-2014-3564.dpatch: correctly calculate size of
    buffers in src/engine-gpgsm.c.
  - CVE-2014-3564

lp:~tj/ubuntu/lucid/eglibc/lp1352504 bug Development 2014-08-04 21:00:00 UTC 2014-08-04
49. * SECURITY UPDATE: fix memory free SI...

Author: TJ
Revision Date: 2014-08-04 20:49:14 UTC

* SECURITY UPDATE: fix memory free SIGSEGV regression introduced by
  CVE-2013-4357.diff
  - debian/patches/any/fix_memory_free_regression_introduced_by_CVE-2013-4357.diff:
    fix incorrect free() of non-malloc-ed memory (LP: #1352504)

lp:ubuntu/lucid-proposed/postgresql-8.4 bug Mature 2014-07-30 09:52:26 UTC 2014-07-30
22. * New upstream bug fix release: (LP: ...

Author: Martin Pitt
Revision Date: 2014-07-24 18:17:34 UTC

* New upstream bug fix release: (LP: #1348176)
  - Various data integrity and other bug fixes.
  - Secure Unix-domain sockets of temporary postmasters started during make
     check.
     Any local user able to access the socket file could connect as the
     server's bootstrap superuser, then proceed to execute arbitrary code as
     the operating-system user running the test, as we previously noted in
     CVE-2014-0067. This change defends against that risk by placing the
     server's socket in a temporary, mode 0700 subdirectory of /tmp.
  - See release notes for details:
    http://www.postgresql.org/docs/current/static/release-8-4-22.html
* Drop pg_regress patch to run tests with socket in /tmp, obsolete with
  above upstream changes and not applicable any more.
* Add debian/postgresql-8.4.NEWS to point out that upstream support ends
  now.

lp:ubuntu/lucid-security/tomcat6 bug Mature 2014-07-24 15:49:36 UTC 2014-07-24
29. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-07-24 15:49:36 UTC

* SECURITY UPDATE: denial of service via malformed chunk size
  - debian/patches/CVE-2014-0075.patch: fix overflow in
    java/org/apache/coyote/http11/filters/ChunkedInputFilter.java.
  - CVE-2014-0075
* SECURITY UPDATE: file disclosure via XXE issue
  - debian/patches/CVE-2014-0096.patch: change globalXsltFile to be a
    relative path in conf/web.xml,
    java/org/apache/catalina/servlets/DefaultServlet.java,
    java/org/apache/catalina/servlets/LocalStrings.properties,
    webapps/docs/default-servlet.xml.
  - CVE-2014-0096
* SECURITY UPDATE: HTTP request smuggling attack via crafted
  Content-Length HTTP header
  - debian/patches/CVE-2014-0099.patch: correctly handle long values in
    java/org/apache/tomcat/util/buf/Ascii.java.
  - CVE-2014-0099

lp:ubuntu/lucid-updates/tomcat6 Mature 2014-07-24 15:49:36 UTC 2014-07-24
29. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-07-24 15:49:36 UTC

* SECURITY UPDATE: denial of service via malformed chunk size
  - debian/patches/CVE-2014-0075.patch: fix overflow in
    java/org/apache/coyote/http11/filters/ChunkedInputFilter.java.
  - CVE-2014-0075
* SECURITY UPDATE: file disclosure via XXE issue
  - debian/patches/CVE-2014-0096.patch: change globalXsltFile to be a
    relative path in conf/web.xml,
    java/org/apache/catalina/servlets/DefaultServlet.java,
    java/org/apache/catalina/servlets/LocalStrings.properties,
    webapps/docs/default-servlet.xml.
  - CVE-2014-0096
* SECURITY UPDATE: HTTP request smuggling attack via crafted
  Content-Length HTTP header
  - debian/patches/CVE-2014-0099.patch: correctly handle long values in
    java/org/apache/tomcat/util/buf/Ascii.java.
  - CVE-2014-0099

lp:ubuntu/lucid-security/gnupg2 Mature 2014-06-26 09:21:08 UTC 2014-06-26
17. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-06-26 09:21:08 UTC

* SECURITY UPDATE: denial of service via uncompressing garbled packets
  - debian/patches/CVE-2014-4617.patch: limit number of extra bytes in
    g10/compress.c.
  - CVE-2014-4617

lp:ubuntu/lucid-updates/gnupg2 Mature 2014-06-26 09:21:08 UTC 2014-06-26
17. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-06-26 09:21:08 UTC

* SECURITY UPDATE: denial of service via uncompressing garbled packets
  - debian/patches/CVE-2014-4617.patch: limit number of extra bytes in
    g10/compress.c.
  - CVE-2014-4617

lp:ubuntu/lucid-updates/chkrootkit Mature 2014-06-04 16:00:49 UTC 2014-06-04
15. * SECURITY UPDATE: root escalation vi...

Author: Marc Deslauriers
Revision Date: 2014-06-04 09:02:04 UTC

* SECURITY UPDATE: root escalation via missing quotes in slapper()
  - debian/patches/CVE-2014-0476.patch: make sure file_port is properly
    quoted in chkrootkit.
  - CVE-2014-0476

lp:ubuntu/lucid-security/chkrootkit Mature 2014-06-04 15:14:13 UTC 2014-06-04
15. * SECURITY UPDATE: root escalation vi...

Author: Marc Deslauriers
Revision Date: 2014-06-04 09:02:04 UTC

* SECURITY UPDATE: root escalation via missing quotes in slapper()
  - debian/patches/CVE-2014-0476.patch: make sure file_port is properly
    quoted in chkrootkit.
  - CVE-2014-0476

lp:ubuntu/lucid-updates/libxalan2-java Mature 2014-05-21 19:58:56 UTC 2014-05-21
8. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2014-03-31 13:20:32 UTC

* SECURITY UPDATE: information disclosure or arbitrary code execution via
  crafted XSLT programs
  - debian/patches/CVE-2014-0107.patch: disable external general
    entities, foreign attributes and access to the system properties in
    src/org/apache/xalan/transformer/TransformerImpl.java,
    src/org/apache/xalan/processor/XSLTElementProcessor.java,
    src/org/apache/xalan/processor/TransformerFactoryImpl.java,
    src/org/apache/xpath/functions/FuncSystemProperty.java.
  - CVE-2014-0107

lp:ubuntu/lucid-security/libxalan2-java Mature 2014-05-21 18:42:34 UTC 2014-05-21
8. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2014-03-31 13:20:32 UTC

* SECURITY UPDATE: information disclosure or arbitrary code execution via
  crafted XSLT programs
  - debian/patches/CVE-2014-0107.patch: disable external general
    entities, foreign attributes and access to the system properties in
    src/org/apache/xalan/transformer/TransformerImpl.java,
    src/org/apache/xalan/processor/XSLTElementProcessor.java,
    src/org/apache/xalan/processor/TransformerFactoryImpl.java,
    src/org/apache/xpath/functions/FuncSystemProperty.java.
  - CVE-2014-0107

lp:ubuntu/lucid-security/dovecot Mature 2014-05-14 13:20:49 UTC 2014-05-14
69. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-05-14 13:20:49 UTC

* SECURITY UPDATE: denial of service via SSL connection exhaustion
  - debian/patches/CVE-2014-3430.patch: properly close connections in
    src/imap-login/client.c, src/login-common/ssl-proxy-openssl.c,
    src/login-common/ssl-proxy.*, src/pop3-login/client.c.
  - CVE-2014-3430

lp:ubuntu/lucid-updates/dovecot Mature 2014-05-14 13:20:49 UTC 2014-05-14
69. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-05-14 13:20:49 UTC

* SECURITY UPDATE: denial of service via SSL connection exhaustion
  - debian/patches/CVE-2014-3430.patch: properly close connections in
    src/imap-login/client.c, src/login-common/ssl-proxy-openssl.c,
    src/login-common/ssl-proxy.*, src/pop3-login/client.c.
  - CVE-2014-3430

lp:ubuntu/lucid-security/python-imaging Mature 2014-04-15 14:20:05 UTC 2014-04-15
22. * SECURITY UPDATE: insecure use of te...

Author: Marc Deslauriers
Revision Date: 2014-03-31 10:26:39 UTC

* SECURITY UPDATE: insecure use of temporary files
  - PIL/EpsImagePlugin.py, PIL/Image.py, PIL/IptcImagePlugin.py,
    PIL/JpegImagePlugin.py: use tempfile.mkstemp().
  - https://github.com/wiredfool/Pillow/commit/1e331e3e6a40141ca8eee4f5da9f74e895423b66
  - CVE-2014-1932
  - CVE-2014-1933

lp:ubuntu/lucid-updates/nss Mature 2014-04-02 10:23:33 UTC 2014-04-02
33. * SECURITY UPDATE: incorrect IDNA wil...

Author: Marc Deslauriers
Revision Date: 2014-04-02 10:23:33 UTC

* SECURITY UPDATE: incorrect IDNA wildcard handling
  - debian/patches/CVE-2014-1492.patch: conform to RFC 6125 in
    nss/lib/certdb/certdb.c.
  - CVE-2014-1492

lp:ubuntu/lucid-updates/python-imaging Mature 2014-03-31 10:26:39 UTC 2014-03-31
22. * SECURITY UPDATE: insecure use of te...

Author: Marc Deslauriers
Revision Date: 2014-03-31 10:26:39 UTC

* SECURITY UPDATE: insecure use of temporary files
  - PIL/EpsImagePlugin.py, PIL/Image.py, PIL/IptcImagePlugin.py,
    PIL/JpegImagePlugin.py: use tempfile.mkstemp().
  - https://github.com/wiredfool/Pillow/commit/1e331e3e6a40141ca8eee4f5da9f74e895423b66
  - CVE-2014-1932
  - CVE-2014-1933

lp:ubuntu/lucid-backports/clamav bug Mature 2014-03-19 15:51:54 UTC 2014-03-19
27. * Source backport (LP: #1292943) - ...

Author: Scott Kitterman
Revision Date: 2014-03-19 11:09:05 UTC

* Source backport (LP: #1292943)
  - Drop use of non-existing dh-autoreconf
  - Disable LLVM on powerpc to avoid Lucid specific FTBFS

lp:ubuntu/lucid-security/net-snmp Mature 2014-03-11 10:10:12 UTC 2014-03-11
44. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-03-11 10:10:12 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285
* SECURITY UPDATE: denial of service via multiple-object requests
  - debian/patches/CVE-2014-2310.patch: fix lengths in
    agent/mibgroup/agentx/protocol.c.
  - CVE-2014-2310

lp:ubuntu/lucid-updates/net-snmp Mature 2014-03-11 10:10:12 UTC 2014-03-11
44. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-03-11 10:10:12 UTC

* SECURITY UPDATE: denial of service via AgentX subagent timeout
  - debian/patches/CVE-2012-6151.patch: track cancelled sessions in
    agent/mibgroup/agentx/{master.c,master_admin.c}, agent/snmp_agent.c,
    include/net-snmp/agent/snmp_agent.h.
  - CVE-2012-6151
* SECURITY UPDATE: denial of service in perl trap handler
  - debian/patches/CVE-2014-2285.patch: handle empty community string in
    perl/TrapReceiver/TrapReceiver.xs.
  - CVE-2014-2285
* SECURITY UPDATE: denial of service via multiple-object requests
  - debian/patches/CVE-2014-2310.patch: fix lengths in
    agent/mibgroup/agentx/protocol.c.
  - CVE-2014-2310

lp:ubuntu/lucid-proposed/ca-certificates-java Mature 2014-03-05 17:42:49 UTC 2014-03-05
8. * Backported to Ubuntu 10.04 LTS to p...

Author: Marc Deslauriers
Revision Date: 2014-03-05 09:51:13 UTC

* Backported to Ubuntu 10.04 LTS to properly support certificate
  files with UTF-8 encoded filenames.
* Use the locale C.UTF-8 for the hook script to be more robust.

lp:ubuntu/lucid-proposed/ca-certificates bug Mature 2014-03-05 13:32:47 UTC 2014-03-05
13. * Update ca-certificates database to ...

Author: Marc Deslauriers
Revision Date: 2014-02-07 13:58:53 UTC

* Update ca-certificates database to 20130906 (LP: #1257265, LP: #1271357):
  - backport changes from the Ubuntu 14.04 20130906ubuntu1 package
  - No longer ship cacert.org certificates (LP: #1258286)
  - No longer ship obsolete debconf.org certificates
  - No longer ship expired brasil.gov.br certificates
  - No longer ship expired signet.pl certificates
  - No longer ship gouv.fr certificates, now part of mozilla bundle
  - No longer ship telesec.de certificates, now part of mozilla bundle
  - mozilla/certdata2pem.py: Work around openssl issue by shipping both
    versions of the same signed roots. Previously, the script would
    simply overwrite the first one found in the certdata.txt with the
    later one since they both have the same CKA_LABEL, resulting in
    identical filenames. (LP: #1014640, LP: #1031333)

lp:ubuntu/lucid-security/ca-certificates-java bug Mature 2014-03-05 09:51:13 UTC 2014-03-05
9. * Backported to Ubuntu 10.04 LTS to p...

Author: Marc Deslauriers
Revision Date: 2014-03-05 09:51:13 UTC

* Backported to Ubuntu 10.04 LTS to properly support certificate
  files with UTF-8 encoded filenames.
* Use the locale C.UTF-8 for the hook script to be more robust.

lp:ubuntu/lucid-updates/ca-certificates-java Mature 2014-03-05 09:51:13 UTC 2014-03-05
9. * Backported to Ubuntu 10.04 LTS to p...

Author: Marc Deslauriers
Revision Date: 2014-03-05 09:51:13 UTC

* Backported to Ubuntu 10.04 LTS to properly support certificate
  files with UTF-8 encoded filenames.
* Use the locale C.UTF-8 for the hook script to be more robust.

lp:ubuntu/lucid-security/python2.6 Mature 2014-02-27 09:00:09 UTC 2014-02-27
53. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-02-27 09:00:09 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in socket.recvfrom_into
  - debian/patches/CVE-2014-1912.dpatch: check buffer length in
    Modules/socketmodule.c.
  - CVE-2014-1912

lp:ubuntu/lucid-updates/python2.6 Mature 2014-02-27 09:00:09 UTC 2014-02-27
53. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-02-27 09:00:09 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in socket.recvfrom_into
  - debian/patches/CVE-2014-1912.dpatch: check buffer length in
    Modules/socketmodule.c.
  - CVE-2014-1912

lp:ubuntu/lucid-updates/freeradius Mature 2014-02-26 13:36:58 UTC 2014-02-26
29. * SECURITY UPDATE: incorrect password...

Author: Marc Deslauriers
Revision Date: 2014-02-24 09:21:36 UTC

* SECURITY UPDATE: incorrect password expiration check
  - debian/patches/CVE-2011-4966.patch: check for both account and
    password expiration in src/modules/rlm_unix/rlm_unix.c.
  - CVE-2011-4966
* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in rlm_pap module
  - debian/patches/CVE-2013-2015.patch: properly handle buffer size in
    src/modules/rlm_pap/rlm_pap.c.
  - CVE-2014-2015

lp:ubuntu/lucid-security/freeradius Mature 2014-02-26 13:27:48 UTC 2014-02-26
29. * SECURITY UPDATE: incorrect password...

Author: Marc Deslauriers
Revision Date: 2014-02-24 09:21:36 UTC

* SECURITY UPDATE: incorrect password expiration check
  - debian/patches/CVE-2011-4966.patch: check for both account and
    password expiration in src/modules/rlm_unix/rlm_unix.c.
  - CVE-2011-4966
* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in rlm_pap module
  - debian/patches/CVE-2013-2015.patch: properly handle buffer size in
    src/modules/rlm_pap/rlm_pap.c.
  - CVE-2014-2015

lp:ubuntu/lucid-security/mysql-dfsg-5.1 bug Mature 2014-01-21 14:04:49 UTC 2014-01-21
44. * SECURITY UPDATE: Update to 5.1.73 t...

Author: Marc Deslauriers
Revision Date: 2014-01-16 19:41:38 UTC

* SECURITY UPDATE: Update to 5.1.73 to fix security issues (LP: #1269993)
  - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
  - CVE-2013-5908
  - CVE-2014-0386
  - CVE-2014-0393
  - CVE-2014-0401
  - CVE-2014-0402
  - CVE-2014-0412
  - CVE-2014-0437
* debian/patches/33_scripts__mysql_create_system_tables__no_test.dpatch:
  refreshed patch.

lp:ubuntu/lucid-security/hplip Mature 2014-01-20 11:03:10 UTC 2014-01-20
139. * SECURITY UPDATE: insecure temp file...

Author: Marc Deslauriers
Revision Date: 2014-01-20 11:03:10 UTC

* SECURITY UPDATE: insecure temp file use in pkit.py
  - debian/patches/CVE-2013-6402.dpatch: remove logging to temp file in
    base/pkit.py.
  - CVE-2013-6402

lp:ubuntu/lucid-updates/hplip Mature 2014-01-20 11:03:10 UTC 2014-01-20
139. * SECURITY UPDATE: insecure temp file...

Author: Marc Deslauriers
Revision Date: 2014-01-20 11:03:10 UTC

* SECURITY UPDATE: insecure temp file use in pkit.py
  - debian/patches/CVE-2013-6402.dpatch: remove logging to temp file in
    base/pkit.py.
  - CVE-2013-6402

lp:ubuntu/lucid-security/devscripts Mature 2014-01-17 08:27:59 UTC 2014-01-17
89. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2014-01-17 08:27:59 UTC

* SECURITY UPDATE: arbitrary code execution in uscan via crafted tarball
  - scripts/uscan.pl: improve tarball handling.
  - backport of 02c6850d973e3e1246fde72edab27f03d63acc52
  - backport of 4b7e58ee6000cdefac0682601cec6ecce0137467
  - CVE-2013-6888

lp:ubuntu/lucid-updates/devscripts Mature 2014-01-17 08:27:59 UTC 2014-01-17
89. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2014-01-17 08:27:59 UTC

* SECURITY UPDATE: arbitrary code execution in uscan via crafted tarball
  - scripts/uscan.pl: improve tarball handling.
  - backport of 02c6850d973e3e1246fde72edab27f03d63acc52
  - backport of 4b7e58ee6000cdefac0682601cec6ecce0137467
  - CVE-2013-6888

lp:ubuntu/lucid-updates/mysql-dfsg-5.1 Mature 2014-01-16 19:41:38 UTC 2014-01-16
44. * SECURITY UPDATE: Update to 5.1.73 t...

Author: Marc Deslauriers
Revision Date: 2014-01-16 19:41:38 UTC

* SECURITY UPDATE: Update to 5.1.73 to fix security issues (LP: #1269993)
  - http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
  - CVE-2013-5908
  - CVE-2014-0386
  - CVE-2014-0393
  - CVE-2014-0401
  - CVE-2014-0402
  - CVE-2014-0412
  - CVE-2014-0437
* debian/patches/33_scripts__mysql_create_system_tables__no_test.dpatch:
  refreshed patch.

lp:ubuntu/lucid-updates/linux-lts-backport-oneiric bug Mature 2014-01-15 21:39:30 UTC 2014-01-15
25. [Steve Conklin] * Release Tracking B...

Author: Steve Conklin
Revision Date: 2013-03-21 09:49:05 UTC

[Steve Conklin]

* Release Tracking Bug
  - LP: #1158541

[ Upstream Kernel Changes ]

* printk: fix buffer overflow when calling log_prefix function from
  call_console_drivers
  - LP: #1145196
* 3.0.66
  - LP: #1145196
* x86-32, mm: Remove reference to resume_map_numa_kva()
  - LP: #1145196
* mm: fix pageblock bitmap allocation
  - LP: #1145196
* timeconst.pl: Eliminate Perl warning
  - LP: #1145196
* genirq: Avoid deadlock in spurious handling
  - LP: #1145196
* posix-cpu-timers: Fix nanosleep task_struct leak
  - LP: #1145196
* hrtimer: Prevent hrtimer_enqueue_reprogram race
  - LP: #1145196
* ALSA: ali5451: remove irq enabling in pointer callback
  - LP: #1145196
* ALSA: rme32.c irq enabling after spin_lock_irq
  - LP: #1145196
* tty: set_termios/set_termiox should not return -EINTR
  - LP: #1145196
* xen: Send spinlock IPI to all waiters
  - LP: #1011792, #1145196
* Driver core: treat unregistered bus_types as having no devices
  - LP: #1145196
* mm: mmu_notifier: have mmu_notifiers use a global SRCU so they may
  safely schedule
  - LP: #1145196
* mm: mmu_notifier: make the mmu_notifier srcu static
  - LP: #1145196
* mmu_notifier_unregister NULL Pointer deref and multiple ->release()
  callouts
  - LP: #1145196
* KVM: s390: Handle hosts not supporting s390-virtio.
  - LP: #1145196
* s390/kvm: Fix store status for ACRS/FPRS
  - LP: #1145196
* inotify: remove broken mask checks causing unmount to be EINVAL
  - LP: #1145196
* ocfs2: unlock super lock if lockres refresh failed
  - LP: #1145196
* drivers/video/backlight/adp88?0_bl.c: fix resume
  - LP: #1145196
* tmpfs: fix use-after-free of mempolicy object
  - LP: #1145196
* mm/fadvise.c: drain all pagevecs if POSIX_FADV_DONTNEED fails to
  discard all pages
  - LP: #1145196
* NLM: Ensure that we resend all pending blocking locks after a reclaim
  - LP: #1145196
* p54usb: corrected USB ID for T-Com Sinus 154 data II
  - LP: #1145196
* ALSA: usb-audio: fix Roland A-PRO support
  - LP: #1145196
* ALSA: usb: Fix Processing Unit Descriptor parsers
  - LP: #1145196
* ext4: Free resources in some error path in ext4_fill_super
  - LP: #1145196
* ext4: add missing kfree() on error return path in add_new_gdb()
  - LP: #1145196
* sunvdc: Fix off-by-one in generic_request().
  - LP: #1145196
* drm/usb: bind driver to correct device
  - LP: #1145196
* drm/i915: disable shared panel fitter for pipe
  - LP: #1145196
* staging: comedi: disallow COMEDI_DEVCONFIG on non-board minors
  - LP: #1145196
* staging: vt6656: Fix URB submitted while active warning.
  - LP: #1145196
* ARM: PXA3xx: program the CSMSADRCFG register
  - LP: #1145196
* powerpc/kexec: Disable hard IRQ before kexec
  - LP: #1145196
* Purge existing TLB entries in set_pte_at and ptep_set_wrprotect
  - LP: #1145196
* pcmcia/vrc4171: Add missing spinlock init
  - LP: #1145196
* fbcon: don't lose the console font across generic->chip driver switch
  - LP: #1145196
* fb: rework locking to fix lock ordering on takeover
  - LP: #1145196
* bridge: set priority of STP packets
  - LP: #1145196
* xen-netback: correctly return errors from netbk_count_requests()
  - LP: #1145196
* xen-netback: cancel the credit timer when taking the vif down
  - LP: #1145196
* ipv4: fix a bug in ping_err().
  - LP: #1145196
* ipv6: use a stronger hash for tcp
  - LP: #1145196
* dca: check against empty dca_domains list before unregister provider
  - LP: #1145196
* USB: option: add and update Alcatel modems
  - LP: #1145196
* USB: option: add Yota / Megafon M100-1 4g modem
  - LP: #1145196
* USB: option: add Huawei "ACM" devices using protocol = vendor
  - LP: #1145196
* USB: ehci-omap: Fix autoloading of module
  - LP: #1145196
* USB: storage: properly handle the endian issues of idProduct
  - LP: #1145196
* USB: usb-storage: unusual_devs update for Super TOP SATA bridge
  - LP: #1145196
* Linux 3.0.67
  - LP: #1145196
* quota: autoload the quota_v2 module for QFMT_VFS_V1 quota format
  - LP: #1145196
* iommu/amd: Initialize device table after dma_ops
  - LP: #1145196
* posix-timer: Don't call idr_find() with out-of-range ID
  - LP: #1145196
* ftrace: Call ftrace cleanup module notifier after all other notifiers
  - LP: #1145196
* doc, xen: Mention 'earlyprintk=xen' in the documentation.
  - LP: #1145196
* doc, kernel-parameters: Document 'console=hvc<n>'
  - LP: #1145196
* x86: Make sure we can boot in the case the BDA contains pure garbage
  - LP: #1145196
* target: Add missing mapped_lun bounds checking during make_mappedlun
  setup
  - LP: #1145196
* ocfs2: ac->ac_allow_chain_relink=0 won't disable group relink
  - LP: #1145196
* xen-blkback: do not leak mode property
  - LP: #1145196
* idr: fix a subtle bug in idr_get_next()
  - LP: #1145196
* firewire: add minor number range check to fw_device_init()
  - LP: #1145196
* sysctl: fix null checking in bin_dn_node_address()
  - LP: #1145196
* ext4: fix race in ext4_mb_add_n_trim()
  - LP: #1145196
* svcrpc: make svc_age_temp_xprts enqueue under sv_lock
  - LP: #1145196
* unbreak automounter support on 64-bit kernel with 32-bit userspace (v2)
  - LP: #1145196
* x86: Do not leak kernel page mapping locations
  - LP: #1145196
* x86/apic: Work around boot failure on HP ProLiant DL980 G7 Server
  systems
  - LP: #1145196
* cpuset: fix cpuset_print_task_mems_allowed() vs rename() race
  - LP: #1145196
* cgroup: fix exit() vs rmdir() race
  - LP: #1145196
* dca: check against empty dca_domains list before unregister provider
  fix
  - LP: #1145196
* s390/kvm: Fix store status for ACRS/FPRS fix
  - LP: #1145196
* staging: comedi: ni_labpc: correct differential channel sequence for AI
  commands
  - LP: #1145196
* staging: comedi: ni_labpc: set up command4 register *after* command3
  - LP: #1145196
* staging: comedi: check s->async for poll(), read() and write()
  - LP: #1145196
* Linux 3.0.68
  - LP: #1145196
* keys: fix race with concurrent install_user_keyrings()
  - LP: #1152788
  - CVE-2013-1792
* ARM: VFP: fix emulation of second VFP instruction
  - LP: #1155651
* ARM: fix scheduling while atomic warning in alignment handling code
  - LP: #1155651
* SCSI: dc395x: uninitialized variable in device_alloc()
  - LP: #1155651
* target/pscsi: Fix page increment
  - LP: #1155651
* btrfs: Init io_lock after cloning btrfs device struct
  - LP: #1155651
* cifs: ensure that cifs_get_root() only traverses directories
  - LP: #1155651
* SUNRPC: Don't start the retransmission timer when out of socket space
  - LP: #1155651
* hw_random: make buffer usable in scatterlist.
  - LP: #1155651
* ath9k: fix RSSI dummy marker value
  - LP: #1155651
* md: raid0: fix error return from create_stripe_zones.
  - LP: #1155651
* hwmon: (sht15) Check return value of regulator_enable()
  - LP: #1155651
* drm/radeon: add primary dac adj quirk for R200 board
  - LP: #1155651
* ALSA: ice1712: Initialize card->private_data properly
  - LP: #1155651
* ALSA: vmaster: Fix slave change notification
  - LP: #1155651
* e1000e: fix pci-device enable-counter balance
  - LP: #1155651
* vfs: fix pipe counter breakage
  - LP: #1155651
* Fix memory leak in cpufreq stats.
  - LP: #1155651
* ftrace: Update the kconfig for DYNAMIC_FTRACE
  - LP: #1155651
* decnet: Fix disappearing sysctl entries
  - LP: #1155651
* dmi_scan: fix missing check for _DMI_ signature in smbios_present()
  - LP: #1155651
* Linux 3.0.69
  - LP: #1155651
* signal: always clear sa_restorer on execve
  - LP: #1153813
  - CVE-2013-0914

lp:ubuntu/lucid-proposed/linux-lts-backport-oneiric bug Mature 2014-01-15 15:13:22 UTC 2014-01-15
23. [Steve Conklin] * Release Tracking B...

Author: Steve Conklin
Revision Date: 2013-03-21 09:49:05 UTC

[Steve Conklin]

* Release Tracking Bug
  - LP: #1158541

[ Upstream Kernel Changes ]

* printk: fix buffer overflow when calling log_prefix function from
  call_console_drivers
  - LP: #1145196
* 3.0.66
  - LP: #1145196
* x86-32, mm: Remove reference to resume_map_numa_kva()
  - LP: #1145196
* mm: fix pageblock bitmap allocation
  - LP: #1145196
* timeconst.pl: Eliminate Perl warning
  - LP: #1145196
* genirq: Avoid deadlock in spurious handling
  - LP: #1145196
* posix-cpu-timers: Fix nanosleep task_struct leak
  - LP: #1145196
* hrtimer: Prevent hrtimer_enqueue_reprogram race
  - LP: #1145196
* ALSA: ali5451: remove irq enabling in pointer callback
  - LP: #1145196
* ALSA: rme32.c irq enabling after spin_lock_irq
  - LP: #1145196
* tty: set_termios/set_termiox should not return -EINTR
  - LP: #1145196
* xen: Send spinlock IPI to all waiters
  - LP: #1011792, #1145196
* Driver core: treat unregistered bus_types as having no devices
  - LP: #1145196
* mm: mmu_notifier: have mmu_notifiers use a global SRCU so they may
  safely schedule
  - LP: #1145196
* mm: mmu_notifier: make the mmu_notifier srcu static
  - LP: #1145196
* mmu_notifier_unregister NULL Pointer deref and multiple ->release()
  callouts
  - LP: #1145196
* KVM: s390: Handle hosts not supporting s390-virtio.
  - LP: #1145196
* s390/kvm: Fix store status for ACRS/FPRS
  - LP: #1145196
* inotify: remove broken mask checks causing unmount to be EINVAL
  - LP: #1145196
* ocfs2: unlock super lock if lockres refresh failed
  - LP: #1145196
* drivers/video/backlight/adp88?0_bl.c: fix resume
  - LP: #1145196
* tmpfs: fix use-after-free of mempolicy object
  - LP: #1145196
* mm/fadvise.c: drain all pagevecs if POSIX_FADV_DONTNEED fails to
  discard all pages
  - LP: #1145196
* NLM: Ensure that we resend all pending blocking locks after a reclaim
  - LP: #1145196
* p54usb: corrected USB ID for T-Com Sinus 154 data II
  - LP: #1145196
* ALSA: usb-audio: fix Roland A-PRO support
  - LP: #1145196
* ALSA: usb: Fix Processing Unit Descriptor parsers
  - LP: #1145196
* ext4: Free resources in some error path in ext4_fill_super
  - LP: #1145196
* ext4: add missing kfree() on error return path in add_new_gdb()
  - LP: #1145196
* sunvdc: Fix off-by-one in generic_request().
  - LP: #1145196
* drm/usb: bind driver to correct device
  - LP: #1145196
* drm/i915: disable shared panel fitter for pipe
  - LP: #1145196
* staging: comedi: disallow COMEDI_DEVCONFIG on non-board minors
  - LP: #1145196
* staging: vt6656: Fix URB submitted while active warning.
  - LP: #1145196
* ARM: PXA3xx: program the CSMSADRCFG register
  - LP: #1145196
* powerpc/kexec: Disable hard IRQ before kexec
  - LP: #1145196
* Purge existing TLB entries in set_pte_at and ptep_set_wrprotect
  - LP: #1145196
* pcmcia/vrc4171: Add missing spinlock init
  - LP: #1145196
* fbcon: don't lose the console font across generic->chip driver switch
  - LP: #1145196
* fb: rework locking to fix lock ordering on takeover
  - LP: #1145196
* bridge: set priority of STP packets
  - LP: #1145196
* xen-netback: correctly return errors from netbk_count_requests()
  - LP: #1145196
* xen-netback: cancel the credit timer when taking the vif down
  - LP: #1145196
* ipv4: fix a bug in ping_err().
  - LP: #1145196
* ipv6: use a stronger hash for tcp
  - LP: #1145196
* dca: check against empty dca_domains list before unregister provider
  - LP: #1145196
* USB: option: add and update Alcatel modems
  - LP: #1145196
* USB: option: add Yota / Megafon M100-1 4g modem
  - LP: #1145196
* USB: option: add Huawei "ACM" devices using protocol = vendor
  - LP: #1145196
* USB: ehci-omap: Fix autoloading of module
  - LP: #1145196
* USB: storage: properly handle the endian issues of idProduct
  - LP: #1145196
* USB: usb-storage: unusual_devs update for Super TOP SATA bridge
  - LP: #1145196
* Linux 3.0.67
  - LP: #1145196
* quota: autoload the quota_v2 module for QFMT_VFS_V1 quota format
  - LP: #1145196
* iommu/amd: Initialize device table after dma_ops
  - LP: #1145196
* posix-timer: Don't call idr_find() with out-of-range ID
  - LP: #1145196
* ftrace: Call ftrace cleanup module notifier after all other notifiers
  - LP: #1145196
* doc, xen: Mention 'earlyprintk=xen' in the documentation.
  - LP: #1145196
* doc, kernel-parameters: Document 'console=hvc<n>'
  - LP: #1145196
* x86: Make sure we can boot in the case the BDA contains pure garbage
  - LP: #1145196
* target: Add missing mapped_lun bounds checking during make_mappedlun
  setup
  - LP: #1145196
* ocfs2: ac->ac_allow_chain_relink=0 won't disable group relink
  - LP: #1145196
* xen-blkback: do not leak mode property
  - LP: #1145196
* idr: fix a subtle bug in idr_get_next()
  - LP: #1145196
* firewire: add minor number range check to fw_device_init()
  - LP: #1145196
* sysctl: fix null checking in bin_dn_node_address()
  - LP: #1145196
* ext4: fix race in ext4_mb_add_n_trim()
  - LP: #1145196
* svcrpc: make svc_age_temp_xprts enqueue under sv_lock
  - LP: #1145196
* unbreak automounter support on 64-bit kernel with 32-bit userspace (v2)
  - LP: #1145196
* x86: Do not leak kernel page mapping locations
  - LP: #1145196
* x86/apic: Work around boot failure on HP ProLiant DL980 G7 Server
  systems
  - LP: #1145196
* cpuset: fix cpuset_print_task_mems_allowed() vs rename() race
  - LP: #1145196
* cgroup: fix exit() vs rmdir() race
  - LP: #1145196
* dca: check against empty dca_domains list before unregister provider
  fix
  - LP: #1145196
* s390/kvm: Fix store status for ACRS/FPRS fix
  - LP: #1145196
* staging: comedi: ni_labpc: correct differential channel sequence for AI
  commands
  - LP: #1145196
* staging: comedi: ni_labpc: set up command4 register *after* command3
  - LP: #1145196
* staging: comedi: check s->async for poll(), read() and write()
  - LP: #1145196
* Linux 3.0.68
  - LP: #1145196
* keys: fix race with concurrent install_user_keyrings()
  - LP: #1152788
  - CVE-2013-1792
* ARM: VFP: fix emulation of second VFP instruction
  - LP: #1155651
* ARM: fix scheduling while atomic warning in alignment handling code
  - LP: #1155651
* SCSI: dc395x: uninitialized variable in device_alloc()
  - LP: #1155651
* target/pscsi: Fix page increment
  - LP: #1155651
* btrfs: Init io_lock after cloning btrfs device struct
  - LP: #1155651
* cifs: ensure that cifs_get_root() only traverses directories
  - LP: #1155651
* SUNRPC: Don't start the retransmission timer when out of socket space
  - LP: #1155651
* hw_random: make buffer usable in scatterlist.
  - LP: #1155651
* ath9k: fix RSSI dummy marker value
  - LP: #1155651
* md: raid0: fix error return from create_stripe_zones.
  - LP: #1155651
* hwmon: (sht15) Check return value of regulator_enable()
  - LP: #1155651
* drm/radeon: add primary dac adj quirk for R200 board
  - LP: #1155651
* ALSA: ice1712: Initialize card->private_data properly
  - LP: #1155651
* ALSA: vmaster: Fix slave change notification
  - LP: #1155651
* e1000e: fix pci-device enable-counter balance
  - LP: #1155651
* vfs: fix pipe counter breakage
  - LP: #1155651
* Fix memory leak in cpufreq stats.
  - LP: #1155651
* ftrace: Update the kconfig for DYNAMIC_FTRACE
  - LP: #1155651
* decnet: Fix disappearing sysctl entries
  - LP: #1155651
* dmi_scan: fix missing check for _DMI_ signature in smbios_present()
  - LP: #1155651
* Linux 3.0.69
  - LP: #1155651
* signal: always clear sa_restorer on execve
  - LP: #1153813
  - CVE-2013-0914

lp:ubuntu/lucid-updates/openafs bug Mature 2014-01-15 15:09:48 UTC 2014-01-15
26. * SECURITY UPDATE: Fix fileserver buf...

Author: Luke Faraone
Revision Date: 2013-03-05 02:23:07 UTC

* SECURITY UPDATE: Fix fileserver buffer overflow when parsing
  client-supplied ACL entries and protect against client parsing of bad ACL
  entries.
  - OPENAFS-SA-2013-001
  - CVE-2013-1794
  - LP: #114556
* SECURITY UPDATE: Fix ptserver buffer overflow via integer overflow in the
  IdToName RPC
  - OPENAFS-SA-2013-002
  - CVE-2013-1795
  - LP: #1145560

lp:ubuntu/lucid-updates/duplicity bug Mature 2014-01-09 17:50:48 UTC 2014-01-09
20. * debian/patches/08-dont-skip-first-c...

Author: Michael Terry
Revision Date: 2013-11-19 10:58:49 UTC

* debian/patches/08-dont-skip-first-chunk-on-restart.dpatch:
  - When restarting a backup, if the file we were in the middle of
    backing up is now deleted, don't skip the first 65k chunk of the
    next file. Patch backported from upstream trunk. LP: #1252484

lp:ubuntu/lucid-updates/libjpeg6b Mature 2013-12-19 20:06:34 UTC 2013-12-19
8. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2013-11-22 09:04:10 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.dpatch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.dpatch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

lp:ubuntu/lucid-security/libjpeg6b bug Mature 2013-12-19 19:53:03 UTC 2013-12-19
8. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2013-11-22 09:04:10 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.dpatch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.dpatch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

lp:ubuntu/lucid-security/openjpeg Mature 2013-12-12 15:37:31 UTC 2013-12-12
6. fake sync from Debian

Author: Seth Arnold
Revision Date: 2013-12-12 15:37:31 UTC

fake sync from Debian

lp:ubuntu/lucid-updates/openjpeg Mature 2013-12-12 15:37:31 UTC 2013-12-12
6. fake sync from Debian

Author: Seth Arnold
Revision Date: 2013-12-12 15:37:31 UTC

fake sync from Debian

lp:ubuntu/lucid-proposed/duplicity bug Mature 2013-11-21 23:53:39 UTC 2013-11-21
20. * debian/patches/08-dont-skip-first-c...

Author: Michael Terry
Revision Date: 2013-11-19 10:58:49 UTC

* debian/patches/08-dont-skip-first-chunk-on-restart.dpatch:
  - When restarting a backup, if the file we were in the middle of
    backing up is now deleted, don't skip the first 65k chunk of the
    next file. Patch backported from upstream trunk. LP: #1252484

lp:ubuntu/lucid-updates/libcommons-fileupload-java Mature 2013-11-13 15:37:15 UTC 2013-11-13
12. * SECURITY UPDATE: arbitrary file ove...

Author: Marc Deslauriers
Revision Date: 2013-11-07 09:52:16 UTC

* SECURITY UPDATE: arbitrary file overwrite via poison null byte
  - debian/patches/05_CVE-2013-2186.patch: properly validate repository
    in src/java/org/apache/commons/fileupload/disk/DiskFileItem.java.
  - CVE-2013-2186

lp:ubuntu/lucid-security/libcommons-fileupload-java Mature 2013-11-13 15:18:49 UTC 2013-11-13
12. * SECURITY UPDATE: arbitrary file ove...

Author: Marc Deslauriers
Revision Date: 2013-11-07 09:52:16 UTC

* SECURITY UPDATE: arbitrary file overwrite via poison null byte
  - debian/patches/05_CVE-2013-2186.patch: properly validate repository
    in src/java/org/apache/commons/fileupload/disk/DiskFileItem.java.
  - CVE-2013-2186

lp:ubuntu/lucid-updates/libxml-security-java Mature 2013-11-12 18:03:53 UTC 2013-11-12
9. * SECURITY UPDATE: XML signature spoo...

Author: Marc Deslauriers
Revision Date: 2013-09-10 11:44:34 UTC

* SECURITY UPDATE: XML signature spoofing via CanonicalizationMethod
  parameter
  - src/org/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java:
    don't allow non-standard c14n method.
  - http://svn.apache.org/viewvc?view=revision&revision=1493772
  - CVE-2013-2172

lp:ubuntu/lucid-security/libxml-security-java Mature 2013-11-12 17:53:56 UTC 2013-11-12
9. * SECURITY UPDATE: XML signature spoo...

Author: Marc Deslauriers
Revision Date: 2013-09-10 11:44:34 UTC

* SECURITY UPDATE: XML signature spoofing via CanonicalizationMethod
  parameter
  - src/org/jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java:
    don't allow non-standard c14n method.
  - http://svn.apache.org/viewvc?view=revision&revision=1493772
  - CVE-2013-2172

lp:~ubuntu-branches/ubuntu/lucid/ntp/lucid-200912090037 Development 2013-10-31 20:16:05 UTC 2013-10-31
38. ntp-ntptrace-man

Author: Chuck Short
Revision Date: 2009-12-07 20:03:59 UTC

ntp-ntptrace-man

lp:ubuntu/lucid-updates/vgabios Mature 2013-10-31 19:13:17 UTC 2013-10-31
14. debian/patches/add-stdvga.patch: buil...

Author: Serge Hallyn
Revision Date: 2013-01-03 15:02:18 UTC

debian/patches/add-stdvga.patch: build vgabios-stdvga.bin (LP: #1095301)

lp:ubuntu/lucid-proposed/vm-builder bug Mature 2013-10-23 07:55:12 UTC 2013-10-23
35. Incorporate fix to specify macaddr wh...

Author: Serge Hallyn
Revision Date: 2013-06-24 14:45:45 UTC

Incorporate fix to specify macaddr when using bridge (LP: #392097)

lp:~stub/ubuntu/lucid/python-swiftclient/devel Development 2013-10-03 17:33:08 UTC 2013-10-03
13. simplejson dependency

Author: Stuart Bishop
Revision Date: 2013-10-03 17:33:08 UTC

simplejson dependency

lp:~stub/ubuntu/lucid/python-iso8601/devel Development 2013-10-02 11:30:27 UTC 2013-10-02
8. Elucidate

Author: Stuart Bishop
Revision Date: 2013-10-02 11:29:56 UTC

Elucidate

lp:~stub/ubuntu/lucid/python-keystoneclient/devel Development 2013-10-02 10:15:44 UTC 2013-10-02
26. Dependencies

Author: Stuart Bishop
Revision Date: 2013-10-02 10:15:44 UTC

Dependencies

lp:~stub/ubuntu/lucid/requests/devel Development 2013-10-02 07:47:54 UTC 2013-10-02
21. Elucidation

Author: Stuart Bishop
Revision Date: 2013-10-02 07:47:54 UTC

Elucidation

lp:~stub/ubuntu/lucid/python-urllib3/devel Development 2013-10-02 07:27:15 UTC 2013-10-02
10. whoops

Author: Stuart Bishop
Revision Date: 2013-10-02 07:27:15 UTC

whoops

lp:~stub/ubuntu/lucid/python-eventlet/devel Development 2013-09-26 11:56:49 UTC 2013-09-26
22. Lucid Labotomy

Author: Stuart Bishop
Revision Date: 2013-09-26 11:56:14 UTC

Lucid Labotomy

lp:~stub/ubuntu/lucid/python-greenlet/devel Development 2013-09-25 16:50:39 UTC 2013-09-25
17. strip more

Author: Stuart Bishop
Revision Date: 2013-09-25 16:50:39 UTC

strip more

lp:ubuntu/lucid-updates/pyopenssl Mature 2013-09-23 18:39:28 UTC 2013-09-23
11. * SECURITY UPDATE: incorrect ssl cert...

Author: Marc Deslauriers
Revision Date: 2013-09-20 15:54:43 UTC

* SECURITY UPDATE: incorrect ssl cert validation via NUL byte in
  subjectAltName
  - debian/patches/CVE-2013-4314.patch: properly handle subjectAltName in
    src/crypto/x509ext.c, added tests to test/test_crypto.py.
  - CVE-2013-4314

lp:ubuntu/lucid-security/pyopenssl Mature 2013-09-23 18:02:48 UTC 2013-09-23
11. * SECURITY UPDATE: incorrect ssl cert...

Author: Marc Deslauriers
Revision Date: 2013-09-20 15:54:43 UTC

* SECURITY UPDATE: incorrect ssl cert validation via NUL byte in
  subjectAltName
  - debian/patches/CVE-2013-4314.patch: properly handle subjectAltName in
    src/crypto/x509ext.c, added tests to test/test_crypto.py.
  - CVE-2013-4314

lp:ubuntu/lucid-updates/python-defaults Mature 2013-09-18 05:40:20 UTC 2013-09-18
49. default to python 2.6 for pycompile. ...

Author: Rolf Leggewie
Revision Date: 2011-07-16 20:17:44 UTC

default to python 2.6 for pycompile. LP: #566441.

lp:ubuntu/lucid-security/python-httplib2 bug Mature 2013-09-09 13:07:25 UTC 2013-09-09
8. * SECURITY UPDATE: Incorrect SSL cert...

Author: Marc Deslauriers
Revision Date: 2013-09-06 10:03:40 UTC

* SECURITY UPDATE: Incorrect SSL certificate checking with multiple
  requests (LP: #1175272)
  - debian/patches/CVE-2013-2037.patch: close connection on cert mismatch
    in python2/httplib2/__init__.py.
  - CVE-2013-2037

lp:ubuntu/lucid-proposed/python-defaults bug Mature 2013-09-09 12:56:28 UTC 2013-09-09
49. default to python 2.6 for pycompile. ...

Author: Rolf Leggewie
Revision Date: 2011-07-16 20:17:44 UTC

default to python 2.6 for pycompile. LP: #566441.

lp:ubuntu/lucid-updates/python-httplib2 Mature 2013-09-06 10:03:40 UTC 2013-09-06
8. * SECURITY UPDATE: Incorrect SSL cert...

Author: Marc Deslauriers
Revision Date: 2013-09-06 10:03:40 UTC

* SECURITY UPDATE: Incorrect SSL certificate checking with multiple
  requests (LP: #1175272)
  - debian/patches/CVE-2013-2037.patch: close connection on cert mismatch
    in python2/httplib2/__init__.py.
  - CVE-2013-2037

lp:ubuntu/lucid-updates/cloud-init bug Mature 2013-08-14 21:29:16 UTC 2013-08-14
18. * add ability to configure Acquire::h...

Author: Scott Moser
Revision Date: 2012-03-16 14:32:50 UTC

* add ability to configure Acquire::http::Pipeline-Depth via
  cloud-config setting 'apt_pipelining' (LP: #948461)
* debian/cloud-init.postinst: address population of apt_pipeline
  setting on installation.

lp:ubuntu/lucid-updates/net-retriever Mature 2013-08-02 09:29:29 UTC 2013-08-02
23. Deduplicate Packages files entirely i...

Author: Colin Watson
Revision Date: 2013-07-16 13:27:08 UTC

Deduplicate Packages files entirely in C, massively speeding it up for
large files (LP: #1067934).

lp:ubuntu/lucid-proposed/cloud-init bug Mature 2013-08-01 22:10:19 UTC 2013-08-01
20. * add ability to configure Acquire::h...

Author: Scott Moser
Revision Date: 2012-03-16 14:32:50 UTC

* add ability to configure Acquire::http::Pipeline-Depth via
  cloud-config setting 'apt_pipelining' (LP: #948461)
* debian/cloud-init.postinst: address population of apt_pipeline
  setting on installation.

lp:ubuntu/lucid-proposed/net-retriever bug Mature 2013-07-22 17:18:00 UTC 2013-07-22
23. Deduplicate Packages files entirely i...

Author: Colin Watson
Revision Date: 2013-07-16 13:27:08 UTC

Deduplicate Packages files entirely in C, massively speeding it up for
large files (LP: #1067934).

lp:ubuntu/lucid-updates/libopenid-ruby Mature 2013-07-15 02:31:53 UTC 2013-07-15
6. * SECURITY UPDATE: XML denial of serv...

Author: Christian Kuersteiner
Revision Date: 2013-06-20 15:51:01 UTC

* SECURITY UPDATE: XML denial of service attack (LP: #1190491)
  - debian/patches/CVE-2013-1812.patch: lib/openid/fetchers.rb,
    lib/openid/yadis/xrds.rb: limit fetching file size & disable XML entity
    expansion. Based on upstream patch.
  - CVE-2013-1812

lp:ubuntu/lucid-proposed/linux-ec2 bug Mature 2013-07-10 15:19:48 UTC 2013-07-10
63. [ Stefan Bader ] * Rebased to Ubuntu...

Author: Stefan Bader
Revision Date: 2013-07-10 12:39:45 UTC

[ Stefan Bader ]

* Rebased to Ubuntu-2.6.32-50.112
* Release Tracking Bug
  - LP: #1199600

[ Ubuntu: 2.6.32-50.112 ]

* block: do not pass disk names as format strings
  - LP: #1189832
  - CVE-2013-2851
* drivers/cdrom/cdrom.c: use kzalloc() for failing hardware
  - LP: #1191463
  - CVE-2013-2164
* ipv6: ip6_sk_dst_check() must not assume ipv6 dst
  - LP: #1198293
  - CVE-2013-2232
* af_key: fix info leaks in notify messages
  - LP: #1198294
  - CVE-2013-2234
* af_key: initialize satype in key_notify_policy_flush()
  - LP: #1198296
  - CVE-2013-2237

lp:ubuntu/lucid-security/libopenid-ruby bug Mature 2013-07-06 01:33:39 UTC 2013-07-06
6. * SECURITY UPDATE: XML denial of serv...

Author: Christian Kuersteiner
Revision Date: 2013-06-20 15:51:01 UTC

* SECURITY UPDATE: XML denial of service attack (LP: #1190491)
  - debian/patches/CVE-2013-1812.patch: lib/openid/fetchers.rb,
    lib/openid/yadis/xrds.rb: limit fetching file size & disable XML entity
    expansion. Based on upstream patch.
  - CVE-2013-1812

lp:ubuntu/lucid-proposed/eglibc bug Mature 2013-06-25 06:19:54 UTC 2013-06-25
48. * Pull three interdependent patches f...

Author: Adam Conrad
Revision Date: 2012-11-14 16:14:37 UTC

* Pull three interdependent patches from Debian to fix AVX detection
  problems on kernels or CPUs that lack support for it (LP: #979003):
  - amd64/cvs-avx-detection.diff: Improved detection on old kernels.
  - amd64/cvs-dl_trampoline-cfi.diff: fix CFI in dl_trampoline code.
  - amd64/cvs-avx-osxsave.diff: Disable AVX without OSXAVE support.
* Also backport amd64/submitted-tst-audit6-avx.diff from oneiric to
  skip tests if AVX extensions are not available on the build host.
* Use non-deprecated --reject-format=unified QUILT_PATCH_OPTS option.

lp:ubuntu/lucid-updates/vm-builder Mature 2013-06-24 14:45:45 UTC 2013-06-24
35. Incorporate fix to specify macaddr wh...

Author: Serge Hallyn
Revision Date: 2013-06-24 14:45:45 UTC

Incorporate fix to specify macaddr when using bridge (LP: #392097)

lp:ubuntu/lucid-security/linux-ec2 bug Mature 2013-06-19 09:57:14 UTC 2013-06-19
62. [ Stefan Bader ] * Rebased to Ubuntu...

Author: Stefan Bader
Revision Date: 2013-06-19 09:57:14 UTC

[ Stefan Bader ]

* Rebased to Ubuntu-2.6.32-49.111
* SAUCE: ec2: Backport x86/mm: Check if PUD is large when validating a
  kernel address
  - LP: #1193044
* SAUCE: ec2: Backport x86, ioapic: initialize nr_ioapic_registers early
  in mp_register_ioapic()
  - LP: #1193044
* Release Tracking Bug
  - LP: #1193202

[ Ubuntu: 2.6.32-49.111 ]

* Revert "pcdp: use early_ioremap/early_iounmap to access pcdp table"
  - LP: #1193044
* Revert "block: improve queue_should_plug() by looking at IO depths"
  - LP: #1193044
* kernel/signal.c: stop info leak via the tkill and the tgkill syscalls
  - LP: #1187732
  - CVE-2013-2141
* b43: stop format string leaking into error msgs
  - LP: #1189833
  - CVE-2013-2852
* 2.6.32.y: timekeeping: Fix nohz issue with commit
  61b76840ddee647c0c223365378c3f394355b7d7
  - LP: #1193044
* clockevents: Don't allow dummy broadcast timers
  - LP: #1193044
* posix-cpu-timers: Fix nanosleep task_struct leak
  - LP: #1193044
* timer: Don't reinitialize the cpu base lock during CPU_UP_PREPARE
  - LP: #1193044
* tick: Cleanup NOHZ per cpu data on cpu down
  - LP: #1193044
* kbuild: Fix gcc -x syntax
  - LP: #1193044
* gen_init_cpio: avoid stack overflow when expanding
  - LP: #1193044
* coredump: prevent double-free on an error path in core dumper
  - LP: #1193044
* kernel/sys.c: call disable_nonboot_cpus() in kernel_restart()
  - LP: #1193044
* ring-buffer: Fix race between integrity check and readers
  - LP: #1193044
* genalloc: stop crashing the system when destroying a pool
  - LP: #1193044
* kernel/resource.c: fix stack overflow in __reserve_region_with_split()
  - LP: #1193044
* Driver core: treat unregistered bus_types as having no devices
  - LP: #1193044
* cgroup: remove incorrect dget/dput() pair in cgroup_create_dir()
  - LP: #1193044
* Fix a dead loop in async_synchronize_full()
  - LP: #1193044
* tracing: Don't call page_to_pfn() if page is NULL
  - LP: #1193044
* tracing: Fix double free when function profile init failed
  - LP: #1193044
* mm: Fix PageHead when !CONFIG_PAGEFLAGS_EXTENDED
  - LP: #1193044
* mm: bugfix: set current->reclaim_state to NULL while returning from
  kswapd()
  - LP: #1193044
* mm: fix invalidate_complete_page2() lock ordering
  - LP: #1193044
* mempolicy: fix a race in shared_policy_replace()
  - LP: #1193044
* ALSA: hda - More ALC663 fixes and support of compatible chips
  - LP: #1193044
* ALSA: hda - Add a pin-fix for FSC Amilo Pi1505
  - LP: #1193044
* ALSA: seq: Fix missing error handling in snd_seq_timer_open()
  - LP: #1193044
* ALSA: ac97 - Fix missing NULL check in snd_ac97_cvol_new()
  - LP: #1193044
* x86, ioapic: initialize nr_ioapic_registers early in
  mp_register_ioapic()
  - LP: #1193044
* x86: Don't use the EFI reboot method by default
  - LP: #1193044
* x86, random: make ARCH_RANDOM prompt if EMBEDDED, not EXPERT
  - LP: #1193044
* x86/mm: Check if PUD is large when validating a kernel address
  - LP: #1193044
* x86, mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates
  - LP: #1193044
* xen/bootup: allow read_tscp call for Xen PV guests.
  - LP: #1193044
* xen/bootup: allow {read|write}_cr8 pvops call.
  - LP: #1193044
* KVM: x86: relax MSR_KVM_SYSTEM_TIME alignment check
  - LP: #1193044
* KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set
  (CVE-2012-4461)
  - LP: #1193044
* MCE: Fix vm86 handling for 32bit mce handler
  - LP: #1193044
* ACPI / cpuidle: Fix NULL pointer issues when cpuidle is disabled
  - LP: #1193044
* alpha: Add irongate_io to PCI bus resources
  - LP: #1193044
* PARISC: fix user-triggerable panic on parisc
  - LP: #1193044
* serial: 8250, increase PASS_LIMIT
  - LP: #1193044
* drivers/char/ipmi: memcpy, need additional 2 bytes to avoid memory
  overflow
  - LP: #1193044
* w1: fix oops when w1_search is called from netlink connector
  - LP: #1193044
* staging: comedi: ni_labpc: correct differential channel sequence for AI
  commands
  - LP: #1193044
* staging: comedi: ni_labpc: set up command4 register *after* command3
  - LP: #1193044
* staging: comedi: comedi_test: fix race when cancelling command
  - LP: #1193044
* staging: comedi: fix memory leak for saved channel list
  - LP: #1193044
* staging: comedi: s626: don't dereference insn->data
  - LP: #1193044
* staging: comedi: jr3_pci: fix iomem dereference
  - LP: #1193044
* staging: comedi: don't dereference user memory for INSN_INTTRIG
  - LP: #1193044
* staging: comedi: check s->async for poll(), read() and write()
  - LP: #1193044
* staging: comedi: das08: Correct AO output for das08jr-16-ao
  - LP: #1193044
* staging: vt6656: [BUG] out of bound array reference in RFbSetPower.
  - LP: #1193044
* libata: fix Null pointer dereference on disk error
  - LP: #1193044
* scsi: Silence unnecessary warnings about ioctl to partition
  - LP: #1193044
* scsi: use __uX types for headers exported to user space
  - LP: #1193044
* fix crash in scsi_dispatch_cmd()
  - LP: #1193044
* SCSI: bnx2i: Fixed NULL ptr deference for 1G bnx2 Linux iSCSI offload
  - LP: #1193044
* crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent
  data corruption
  - LP: #1193044
* xfrm_user: return error pointer instead of NULL #2
  - LP: #1193044
* r8169: correct settings of rtl8102e.
  - LP: #1193044
* r8169: remove the obsolete and incorrect AMD workaround
  - LP: #1193044
* r8169: Add support for D-Link 530T rev C1 (Kernel Bug 38862)
  - LP: #1193044
* r8169: incorrect identifier for a 8168dp
  - LP: #1193044
* b43legacy: Fix crash on unload when firmware not available
  - LP: #1193044
* tg3: Avoid null pointer dereference in tg3_interrupt in netconsole mode
  - LP: #1193044
* IPoIB: Fix use-after-free of multicast object
  - LP: #1193044
* telephony: ijx: buffer overflow in ixj_write_cid()
  - LP: #1193044
* Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER)
  - LP: #1193044
* xhci: Make handover code more robust
  - LP: #1193044
* USB: whiteheat: fix memory leak in error path
  - LP: #1193044
* USB: serial: Fix memory leak in sierra_release()
  - LP: #1193044
* USB: mos7840: fix urb leak at release
  - LP: #1193044
* USB: mos7840: fix port-device leak in error path
  - LP: #1193044
* USB: garmin_gps: fix memory leak on disconnect
  - LP: #1193044
* USB: serial: ftdi_sio: Handle the old_termios == 0 case e.g.
  uart_resume_port()
  - LP: #1193044
* USB: ftdi_sio: Quiet sparse noise about using plain integer was NULL
  pointer
  - LP: #1193044
* epoll: prevent missed events on EPOLL_CTL_MOD
  - LP: #1193044
* fs/fscache/stats.c: fix memory leak
  - LP: #1193044
* sysfs: sysfs_pathname/sysfs_add_one: Use strlcat() instead of strcat()
  - LP: #1193044
* jbd: Delay discarding buffers in journal_unmap_buffer
  - LP: #1193044
* jbd: Fix assertion failure in commit code due to lacking transaction
  credits
  - LP: #1193044
* jbd: Fix lock ordering bug in journal_unmap_buffer()
  - LP: #1193044
* ext4: Fix fs corruption when make_indexed_dir() fails
  - LP: #1193044
* ext4: don't dereference null pointer when make_indexed_dir() fails
  - LP: #1193044
* ext4: fix memory leak in ext4_xattr_set_acl()'s error path
  - LP: #1193044
* ext4: online defrag is not supported for journaled files
  - LP: #1193044
* ext4: always set i_op in ext4_mknod()
  - LP: #1193044
* ext4: fix fdatasync() for files with only i_size changes
  - LP: #1193044
* ext4: lock i_mutex when truncating orphan inodes
  - LP: #1193044
* ext4: fix race in ext4_mb_add_n_trim()
  - LP: #1193044
* ext4: limit group search loop for non-extent files
  - LP: #1193044
* CVE-2012-4508 kernel: ext4: AIO vs fallocate stale data exposure
  - LP: #1193044
  - CVE-2012-4508 kernel: ext4: AIO vs fallocate stale data exposure
* ext4: make orphan functions be no-op in no-journal mode
  - LP: #1193044
* ext4: avoid hang when mounting non-journal filesystems with orphan list
  - LP: #1193044
* udf: fix memory leak while allocating blocks during write
  - LP: #1193044
* udf: Fix bitmap overflow on large filesystems with small block size
  - LP: #1193044
* fs/cifs/cifs_dfs_ref.c: fix potential memory leakage
  - LP: #1193044
* fat: Fix stat->f_namelen
  - LP: #1193044
* hfsplus: fix potential overflow in hfsplus_file_truncate()
  - LP: #1193044
* btrfs: use rcu_barrier() to wait for bdev puts at unmount
  - LP: #1193044
* kernel panic when mount NFSv4
  - LP: #1193044
* nfsd4: fix oops on unusual readlike compound
  - LP: #1193044
* net/core: Fix potential memory leak in dev_set_alias()
  - LP: #1193044
* net: reduce net_rx_action() latency to 2 HZ
  - LP: #1193044
* softirq: reduce latencies
  - LP: #1193044
* af_packet: remove BUG statement in tpacket_destruct_skb
  - LP: #1193044
* bridge: set priority of STP packets
  - LP: #1193044
* bonding: Fix slave selection bug.
  - LP: #1193044
* ipv4: check rt_genid in dst_check
  - LP: #1193044
* net_sched: gact: Fix potential panic in tcf_gact().
  - LP: #1193044
* net: sched: integer overflow fix
  - LP: #1193044
* net: prevent setting ttl=0 via IP_TTL
  - LP: #1193044
* net: guard tcp_set_keepalive() to tcp sockets
  - LP: #1193044
* inet: add RCU protection to inet->opt
  - LP: #1193044
* tcp: allow splice() to build full TSO packets
  - LP: #1193044
* tcp: fix MSG_SENDPAGE_NOTLAST logic
  - LP: #1193044
* tcp: preserve ACK clocking in TSO
  - LP: #1193044
* unix: fix a race condition in unix_release()
  - LP: #1193044
* sctp: fix memory leak in sctp_datamsg_from_user() when copy from user
  space fails
  - LP: #1193044
* net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree
  - LP: #1193044
* net: sctp: sctp_endpoint_free: zero out secret key data
  - LP: #1193044
* net: sctp: sctp_auth_key_put: use kzfree instead of kfree
  - LP: #1193044
* netfilter: nf_ct_ipv4: packets with wrong ihl are invalid
  - LP: #1193044
* ipvs: allow transmit of GRO aggregated skbs
  - LP: #1193044
* ipvs: IPv6 MTU checking cleanup and bugfix
  - LP: #1193044
* isdnloop: fix and simplify isdnloop_init()
  - LP: #1193044
* mpt2sas: Send default descriptor for RAID pass through in mpt2ctl
  - LP: #1193044
* x86, ptrace: fix build breakage with gcc 4.7
  - LP: #1193044
* Linux 2.6.32.61
  - LP: #1193044

lp:ubuntu/lucid-updates/linux-ec2 Mature 2013-06-19 09:57:14 UTC 2013-06-19
62. [ Stefan Bader ] * Rebased to Ubuntu...

Author: Stefan Bader
Revision Date: 2013-06-19 09:57:14 UTC

[ Stefan Bader ]

* Rebased to Ubuntu-2.6.32-49.111
* SAUCE: ec2: Backport x86/mm: Check if PUD is large when validating a
  kernel address
  - LP: #1193044
* SAUCE: ec2: Backport x86, ioapic: initialize nr_ioapic_registers early
  in mp_register_ioapic()
  - LP: #1193044
* Release Tracking Bug
  - LP: #1193202

[ Ubuntu: 2.6.32-49.111 ]

* Revert "pcdp: use early_ioremap/early_iounmap to access pcdp table"
  - LP: #1193044
* Revert "block: improve queue_should_plug() by looking at IO depths"
  - LP: #1193044
* kernel/signal.c: stop info leak via the tkill and the tgkill syscalls
  - LP: #1187732
  - CVE-2013-2141
* b43: stop format string leaking into error msgs
  - LP: #1189833
  - CVE-2013-2852
* 2.6.32.y: timekeeping: Fix nohz issue with commit
  61b76840ddee647c0c223365378c3f394355b7d7
  - LP: #1193044
* clockevents: Don't allow dummy broadcast timers
  - LP: #1193044
* posix-cpu-timers: Fix nanosleep task_struct leak
  - LP: #1193044
* timer: Don't reinitialize the cpu base lock during CPU_UP_PREPARE
  - LP: #1193044
* tick: Cleanup NOHZ per cpu data on cpu down
  - LP: #1193044
* kbuild: Fix gcc -x syntax
  - LP: #1193044
* gen_init_cpio: avoid stack overflow when expanding
  - LP: #1193044
* coredump: prevent double-free on an error path in core dumper
  - LP: #1193044
* kernel/sys.c: call disable_nonboot_cpus() in kernel_restart()
  - LP: #1193044
* ring-buffer: Fix race between integrity check and readers
  - LP: #1193044
* genalloc: stop crashing the system when destroying a pool
  - LP: #1193044
* kernel/resource.c: fix stack overflow in __reserve_region_with_split()
  - LP: #1193044
* Driver core: treat unregistered bus_types as having no devices
  - LP: #1193044
* cgroup: remove incorrect dget/dput() pair in cgroup_create_dir()
  - LP: #1193044
* Fix a dead loop in async_synchronize_full()
  - LP: #1193044
* tracing: Don't call page_to_pfn() if page is NULL
  - LP: #1193044
* tracing: Fix double free when function profile init failed
  - LP: #1193044
* mm: Fix PageHead when !CONFIG_PAGEFLAGS_EXTENDED
  - LP: #1193044
* mm: bugfix: set current->reclaim_state to NULL while returning from
  kswapd()
  - LP: #1193044
* mm: fix invalidate_complete_page2() lock ordering
  - LP: #1193044
* mempolicy: fix a race in shared_policy_replace()
  - LP: #1193044
* ALSA: hda - More ALC663 fixes and support of compatible chips
  - LP: #1193044
* ALSA: hda - Add a pin-fix for FSC Amilo Pi1505
  - LP: #1193044
* ALSA: seq: Fix missing error handling in snd_seq_timer_open()
  - LP: #1193044
* ALSA: ac97 - Fix missing NULL check in snd_ac97_cvol_new()
  - LP: #1193044
* x86, ioapic: initialize nr_ioapic_registers early in
  mp_register_ioapic()
  - LP: #1193044
* x86: Don't use the EFI reboot method by default
  - LP: #1193044
* x86, random: make ARCH_RANDOM prompt if EMBEDDED, not EXPERT
  - LP: #1193044
* x86/mm: Check if PUD is large when validating a kernel address
  - LP: #1193044
* x86, mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates
  - LP: #1193044
* xen/bootup: allow read_tscp call for Xen PV guests.
  - LP: #1193044
* xen/bootup: allow {read|write}_cr8 pvops call.
  - LP: #1193044
* KVM: x86: relax MSR_KVM_SYSTEM_TIME alignment check
  - LP: #1193044
* KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set
  (CVE-2012-4461)
  - LP: #1193044
* MCE: Fix vm86 handling for 32bit mce handler
  - LP: #1193044
* ACPI / cpuidle: Fix NULL pointer issues when cpuidle is disabled
  - LP: #1193044
* alpha: Add irongate_io to PCI bus resources
  - LP: #1193044
* PARISC: fix user-triggerable panic on parisc
  - LP: #1193044
* serial: 8250, increase PASS_LIMIT
  - LP: #1193044
* drivers/char/ipmi: memcpy, need additional 2 bytes to avoid memory
  overflow
  - LP: #1193044
* w1: fix oops when w1_search is called from netlink connector
  - LP: #1193044
* staging: comedi: ni_labpc: correct differential channel sequence for AI
  commands
  - LP: #1193044
* staging: comedi: ni_labpc: set up command4 register *after* command3
  - LP: #1193044
* staging: comedi: comedi_test: fix race when cancelling command
  - LP: #1193044
* staging: comedi: fix memory leak for saved channel list
  - LP: #1193044
* staging: comedi: s626: don't dereference insn->data
  - LP: #1193044
* staging: comedi: jr3_pci: fix iomem dereference
  - LP: #1193044
* staging: comedi: don't dereference user memory for INSN_INTTRIG
  - LP: #1193044
* staging: comedi: check s->async for poll(), read() and write()
  - LP: #1193044
* staging: comedi: das08: Correct AO output for das08jr-16-ao
  - LP: #1193044
* staging: vt6656: [BUG] out of bound array reference in RFbSetPower.
  - LP: #1193044
* libata: fix Null pointer dereference on disk error
  - LP: #1193044
* scsi: Silence unnecessary warnings about ioctl to partition
  - LP: #1193044
* scsi: use __uX types for headers exported to user space
  - LP: #1193044
* fix crash in scsi_dispatch_cmd()
  - LP: #1193044
* SCSI: bnx2i: Fixed NULL ptr deference for 1G bnx2 Linux iSCSI offload
  - LP: #1193044
* crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent
  data corruption
  - LP: #1193044
* xfrm_user: return error pointer instead of NULL #2
  - LP: #1193044
* r8169: correct settings of rtl8102e.
  - LP: #1193044
* r8169: remove the obsolete and incorrect AMD workaround
  - LP: #1193044
* r8169: Add support for D-Link 530T rev C1 (Kernel Bug 38862)
  - LP: #1193044
* r8169: incorrect identifier for a 8168dp
  - LP: #1193044
* b43legacy: Fix crash on unload when firmware not available
  - LP: #1193044
* tg3: Avoid null pointer dereference in tg3_interrupt in netconsole mode
  - LP: #1193044
* IPoIB: Fix use-after-free of multicast object
  - LP: #1193044
* telephony: ijx: buffer overflow in ixj_write_cid()
  - LP: #1193044
* Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER)
  - LP: #1193044
* xhci: Make handover code more robust
  - LP: #1193044
* USB: whiteheat: fix memory leak in error path
  - LP: #1193044
* USB: serial: Fix memory leak in sierra_release()
  - LP: #1193044
* USB: mos7840: fix urb leak at release
  - LP: #1193044
* USB: mos7840: fix port-device leak in error path
  - LP: #1193044
* USB: garmin_gps: fix memory leak on disconnect
  - LP: #1193044
* USB: serial: ftdi_sio: Handle the old_termios == 0 case e.g.
  uart_resume_port()
  - LP: #1193044
* USB: ftdi_sio: Quiet sparse noise about using plain integer was NULL
  pointer
  - LP: #1193044
* epoll: prevent missed events on EPOLL_CTL_MOD
  - LP: #1193044
* fs/fscache/stats.c: fix memory leak
  - LP: #1193044
* sysfs: sysfs_pathname/sysfs_add_one: Use strlcat() instead of strcat()
  - LP: #1193044
* jbd: Delay discarding buffers in journal_unmap_buffer
  - LP: #1193044
* jbd: Fix assertion failure in commit code due to lacking transaction
  credits
  - LP: #1193044
* jbd: Fix lock ordering bug in journal_unmap_buffer()
  - LP: #1193044
* ext4: Fix fs corruption when make_indexed_dir() fails
  - LP: #1193044
* ext4: don't dereference null pointer when make_indexed_dir() fails
  - LP: #1193044
* ext4: fix memory leak in ext4_xattr_set_acl()'s error path
  - LP: #1193044
* ext4: online defrag is not supported for journaled files
  - LP: #1193044
* ext4: always set i_op in ext4_mknod()
  - LP: #1193044
* ext4: fix fdatasync() for files with only i_size changes
  - LP: #1193044
* ext4: lock i_mutex when truncating orphan inodes
  - LP: #1193044
* ext4: fix race in ext4_mb_add_n_trim()
  - LP: #1193044
* ext4: limit group search loop for non-extent files
  - LP: #1193044
* CVE-2012-4508 kernel: ext4: AIO vs fallocate stale data exposure
  - LP: #1193044
  - CVE-2012-4508 kernel: ext4: AIO vs fallocate stale data exposure
* ext4: make orphan functions be no-op in no-journal mode
  - LP: #1193044
* ext4: avoid hang when mounting non-journal filesystems with orphan list
  - LP: #1193044
* udf: fix memory leak while allocating blocks during write
  - LP: #1193044
* udf: Fix bitmap overflow on large filesystems with small block size
  - LP: #1193044
* fs/cifs/cifs_dfs_ref.c: fix potential memory leakage
  - LP: #1193044
* fat: Fix stat->f_namelen
  - LP: #1193044
* hfsplus: fix potential overflow in hfsplus_file_truncate()
  - LP: #1193044
* btrfs: use rcu_barrier() to wait for bdev puts at unmount
  - LP: #1193044
* kernel panic when mount NFSv4
  - LP: #1193044
* nfsd4: fix oops on unusual readlike compound
  - LP: #1193044
* net/core: Fix potential memory leak in dev_set_alias()
  - LP: #1193044
* net: reduce net_rx_action() latency to 2 HZ
  - LP: #1193044
* softirq: reduce latencies
  - LP: #1193044
* af_packet: remove BUG statement in tpacket_destruct_skb
  - LP: #1193044
* bridge: set priority of STP packets
  - LP: #1193044
* bonding: Fix slave selection bug.
  - LP: #1193044
* ipv4: check rt_genid in dst_check
  - LP: #1193044
* net_sched: gact: Fix potential panic in tcf_gact().
  - LP: #1193044
* net: sched: integer overflow fix
  - LP: #1193044
* net: prevent setting ttl=0 via IP_TTL
  - LP: #1193044
* net: guard tcp_set_keepalive() to tcp sockets
  - LP: #1193044
* inet: add RCU protection to inet->opt
  - LP: #1193044
* tcp: allow splice() to build full TSO packets
  - LP: #1193044
* tcp: fix MSG_SENDPAGE_NOTLAST logic
  - LP: #1193044
* tcp: preserve ACK clocking in TSO
  - LP: #1193044
* unix: fix a race condition in unix_release()
  - LP: #1193044
* sctp: fix memory leak in sctp_datamsg_from_user() when copy from user
  space fails
  - LP: #1193044
* net: sctp: sctp_setsockopt_auth_key: use kzfree instead of kfree
  - LP: #1193044
* net: sctp: sctp_endpoint_free: zero out secret key data
  - LP: #1193044
* net: sctp: sctp_auth_key_put: use kzfree instead of kfree
  - LP: #1193044
* netfilter: nf_ct_ipv4: packets with wrong ihl are invalid
  - LP: #1193044
* ipvs: allow transmit of GRO aggregated skbs
  - LP: #1193044
* ipvs: IPv6 MTU checking cleanup and bugfix
  - LP: #1193044
* isdnloop: fix and simplify isdnloop_init()
  - LP: #1193044
* mpt2sas: Send default descriptor for RAID pass through in mpt2ctl
  - LP: #1193044
* x86, ptrace: fix build breakage with gcc 4.7
  - LP: #1193044
* Linux 2.6.32.61
  - LP: #1193044

lp:ubuntu/lucid-updates/stunnel4 Mature 2013-06-18 00:33:05 UTC 2013-06-18
9. fake sync from Debian

Author: Seth Arnold
Revision Date: 2013-06-10 16:05:27 UTC

fake sync from Debian

lp:ubuntu/lucid-security/stunnel4 Mature 2013-06-18 00:09:28 UTC 2013-06-18
9. fake sync from Debian

Author: Seth Arnold
Revision Date: 2013-06-10 16:05:27 UTC

fake sync from Debian

lp:ubuntu/lucid-updates/xml-light Mature 2013-06-06 21:33:12 UTC 2013-06-06
13. * SECURITY-UPDATE: Fix to prevent has...

Author: Christian Kuersteiner
Revision Date: 2013-06-05 13:53:52 UTC

* SECURITY-UPDATE: Fix to prevent hash collision attack (LP: #1186860)
  - debian/patches/05_CVE_2012_3514.dpatch: dtd.ml: Use Map(String) instead
    of Hash for DTD proof. Based on upstream patch.
  - CVE-2012-3514

lp:ubuntu/lucid-security/xml-light bug Mature 2013-06-06 21:08:58 UTC 2013-06-06
13. * SECURITY-UPDATE: Fix to prevent has...

Author: Christian Kuersteiner
Revision Date: 2013-06-05 13:53:52 UTC

* SECURITY-UPDATE: Fix to prevent hash collision attack (LP: #1186860)
  - debian/patches/05_CVE_2012_3514.dpatch: dtd.ml: Use Map(String) instead
    of Hash for DTD proof. Based on upstream patch.
  - CVE-2012-3514

lp:ubuntu/lucid-updates/libxxf86vm Mature 2013-06-06 08:40:35 UTC 2013-06-06
8. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-28 14:21:09 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - ef95f1c3737d9efc7d97fb1784f80ef3540a846b
  - a89b1ad3377bfef9bab52f15f98b00f6540d531a
  - 8ed00bd0a7c44c7fece687e2566d920ea74ef809
  - 6c82906f25abcb0f8ec92bcdaf1872bd8b63ca5d
  - d0355b28dd53fba6fb29c350e090ed4a73d4c480
  - 284a88e21fc05a63466115b33efa411c60d988c9
  - 47bb28ac0e6e49d3b6eb90c7c215f2fcf54f1a95
  - 4c4123441e40da97acd10f58911193ad3dcef5cd
  - CVE-2013-2001

lp:ubuntu/lucid-updates/libxtst Mature 2013-06-06 08:40:12 UTC 2013-06-06
14. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-28 13:45:53 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-2063.patch: fix multiple overflows.
  - CVE-2013-2063

lp:ubuntu/lucid-updates/libxt Mature 2013-06-06 08:39:55 UTC 2013-06-06
8. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-29 08:35:46 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-2002.patch: fix memory corruption in
    src/ResConfig.c.
  - CVE-2013-2002
* SECURITY UPDATE: denial of service and possible code execution via
  use of uninitialized pointers
  - debian/patches/CVE-2013-2005.patch: properly handle pointers in
    src/Selection.c.
  - CVE-2013-2005

lp:ubuntu/lucid-updates/libxrender Mature 2013-06-06 08:39:27 UTC 2013-06-06
7. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-28 11:15:38 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - 73e77eb21d649edc1ce1746739f9358e337b2935
  - e52853974664289fe42a92909667ed77cfa1cec5
  - 9e577d40322b9e3d8bdefec0eefa44d8ead451a4
  - 786f78fd8df6d165ccbc81f306fd9f22b5c1551c
  - CVE-2013-1987

lp:ubuntu/lucid-updates/libxext Mature 2013-06-06 08:32:41 UTC 2013-06-06
18. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-28 09:22:53 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-1982.patch: Fix multiple integer overflows.
  - CVE-2013-1982

lp:ubuntu/lucid-updates/libx11 Mature 2013-06-05 21:14:05 UTC 2013-06-05
41. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-29 16:38:42 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-1981.patch: fix multiple integer overflows.
  - CVE-2013-1981
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect length and bounds checking
  - debian/patches/CVE-2013-1997.patch: properly calculate lengths.
  - CVE-2013-1997
* SECURITY UPDATE: denial of service and possible code execution via
  stack overflow from recursive #include
  - debian/patches/CVE-2013-2004.patch: set limit on depth.
  - CVE-2013-2004
* debian/patches/001_hide_xeatdatawords.diff: Hide _XEatDataWords by
  default.

lp:ubuntu/lucid-updates/libxcb Mature 2013-06-05 21:10:47 UTC 2013-06-05
19. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-27 16:25:22 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - 1b33867fa996034deb50819ae54640be501f8d20
  - CVE-2013-2064

lp:ubuntu/lucid-updates/libxi Mature 2013-06-05 19:34:12 UTC 2013-06-05
25. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-29 10:40:33 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-1984.patch: fix multiple integer overflows.
  - CVE-2013-1984
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations from signedness issues
  - debian/patches/CVE-2013-1995.patch: fix signedness issues in
    src/XListDev.c.
  - CVE-2013-1995
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect length and bounds checking
  - debian/patches/CVE-2013-1998.patch: properly check lengths and
    indexes in src/XGetBMap.c, src/XIPassiveGrab.c, src/XQueryDv.c.
  - CVE-2013-1998

lp:ubuntu/lucid-security/libxi Mature 2013-06-05 19:04:59 UTC 2013-06-05
25. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-29 10:40:33 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-1984.patch: fix multiple integer overflows.
  - CVE-2013-1984
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations from signedness issues
  - debian/patches/CVE-2013-1995.patch: fix signedness issues in
    src/XListDev.c.
  - CVE-2013-1995
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect length and bounds checking
  - debian/patches/CVE-2013-1998.patch: properly check lengths and
    indexes in src/XGetBMap.c, src/XIPassiveGrab.c, src/XQueryDv.c.
  - CVE-2013-1998

lp:ubuntu/lucid-security/libxt Mature 2013-06-05 18:18:15 UTC 2013-06-05
8. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-29 08:35:46 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-2002.patch: fix memory corruption in
    src/ResConfig.c.
  - CVE-2013-2002
* SECURITY UPDATE: denial of service and possible code execution via
  use of uninitialized pointers
  - debian/patches/CVE-2013-2005.patch: properly handle pointers in
    src/Selection.c.
  - CVE-2013-2005

lp:ubuntu/lucid-security/libxrender Mature 2013-06-05 18:18:14 UTC 2013-06-05
7. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-28 11:15:38 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - 73e77eb21d649edc1ce1746739f9358e337b2935
  - e52853974664289fe42a92909667ed77cfa1cec5
  - 9e577d40322b9e3d8bdefec0eefa44d8ead451a4
  - 786f78fd8df6d165ccbc81f306fd9f22b5c1551c
  - CVE-2013-1987

lp:ubuntu/lucid-security/libxxf86vm Mature 2013-06-05 18:16:18 UTC 2013-06-05
8. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-28 14:21:09 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - ef95f1c3737d9efc7d97fb1784f80ef3540a846b
  - a89b1ad3377bfef9bab52f15f98b00f6540d531a
  - 8ed00bd0a7c44c7fece687e2566d920ea74ef809
  - 6c82906f25abcb0f8ec92bcdaf1872bd8b63ca5d
  - d0355b28dd53fba6fb29c350e090ed4a73d4c480
  - 284a88e21fc05a63466115b33efa411c60d988c9
  - 47bb28ac0e6e49d3b6eb90c7c215f2fcf54f1a95
  - 4c4123441e40da97acd10f58911193ad3dcef5cd
  - CVE-2013-2001

lp:ubuntu/lucid-security/libxtst Mature 2013-06-05 18:14:57 UTC 2013-06-05
14. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-28 13:45:53 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-2063.patch: fix multiple overflows.
  - CVE-2013-2063

lp:ubuntu/lucid-security/libx11 Mature 2013-06-05 17:30:29 UTC 2013-06-05
41. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-29 16:38:42 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-1981.patch: fix multiple integer overflows.
  - CVE-2013-1981
* SECURITY UPDATE: denial of service and possible code execution via
  incorrect length and bounds checking
  - debian/patches/CVE-2013-1997.patch: properly calculate lengths.
  - CVE-2013-1997
* SECURITY UPDATE: denial of service and possible code execution via
  stack overflow from recursive #include
  - debian/patches/CVE-2013-2004.patch: set limit on depth.
  - CVE-2013-2004
* debian/patches/001_hide_xeatdatawords.diff: Hide _XEatDataWords by
  default.

lp:ubuntu/lucid-security/libxext Mature 2013-06-05 17:20:12 UTC 2013-06-05
18. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-28 09:22:53 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - debian/patches/CVE-2013-1982.patch: Fix multiple integer overflows.
  - CVE-2013-1982

lp:ubuntu/lucid-security/libxcb Mature 2013-06-05 17:16:05 UTC 2013-06-05
19. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2013-05-27 16:25:22 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect memory size calculations
  - 1b33867fa996034deb50819ae54640be501f8d20
  - CVE-2013-2064

lp:~andreserl/ubuntu/lucid/vsftpd/vsftpd-apport-531978 bug(Has a merge proposal) Development 2013-06-05 06:25:44 UTC 2013-06-05
24. * Add apport hook (LP: #531978): - ...

Author: Andres Rodriguez
Revision Date: 2010-03-10 19:56:49 UTC

* Add apport hook (LP: #531978):
  - debian/vsftpd.apport: Added.
  - debian/control: Build-depends on dh-apport.
  - debian/rules: Add --with apport.

lp:ubuntu/lucid-proposed/openssl bug Mature 2013-06-03 20:37:34 UTC 2013-06-03
54. * SECURITY UPDATE: Disable compressio...

Author: Seth Arnold
Revision Date: 2013-06-03 20:37:34 UTC

* SECURITY UPDATE: Disable compression to avoid CRIME systemwide
  (LP: #1187195)
  - CVE-2012-4929
  - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
    zlib to compress SSL/TLS unless the environment variable
    OPENSSL_DEFAULT_ZLIB is set in the environment during library
    initialization.
  - Introduced to assist with programs not yet updated to provide their own
    controls on compression, such as Postfix
  - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch

lp:ubuntu/lucid-proposed/dhcp3 bug Mature 2013-05-24 02:14:12 UTC 2013-05-24
63. * Include patch from RedHat/Fedora to...

Author: St├ęphane Graber
Revision Date: 2013-05-23 19:58:28 UTC

* Include patch from RedHat/Fedora to deal with hardware/xen/virtio offload
  of UDP checksums. (LP: #930962)
* Update apparmor profile to add required the "network packet raw" rule
  for the checksum change.

lp:ubuntu/lucid-updates/dhcp3 Mature 2013-05-23 19:58:28 UTC 2013-05-23
63. * Include patch from RedHat/Fedora to...

Author: St├ęphane Graber
Revision Date: 2013-05-23 19:58:28 UTC

* Include patch from RedHat/Fedora to deal with hardware/xen/virtio offload
  of UDP checksums. (LP: #930962)
* Update apparmor profile to add required the "network packet raw" rule
  for the checksum change.

101200 of 23021 results