Branches for Precise

Name Status Last Modified Last Commit
lp:ubuntu/precise-updates/ubuntu-advantage-tools Mature 2017-05-02 16:58:29 UTC 2017-05-02
1. Initial Release. LP: #1686183

Author: Dimitri John Ledkov
Revision Date: 2017-04-28 15:04:47 UTC

Initial Release. LP: #1686183

lp:ubuntu/precise-proposed/ubuntu-advantage-tools bug Mature 2017-04-29 07:53:27 UTC 2017-04-29
1. Initial Release. LP: #1686183

Author: Dimitri John Ledkov
Revision Date: 2017-04-28 15:04:47 UTC

Initial Release. LP: #1686183

lp:~openstack-charmers/ubuntu/precise/serverstack-dns/trunk Development 2017-04-10 09:14:00 UTC 2017-04-10
21. Handle instance adding on startup better

Author: James Page
Revision Date: 2017-04-10 09:14:00 UTC

Handle instance adding on startup better

lp:ubuntu/precise-proposed/linux-meta-ti-omap4 bug Development 2017-02-08 16:00:00 UTC 2017-02-08
114. linux ABI 3.2.0-1500

Author: Thadeu Lima de Souza Cascardo
Revision Date: 2017-02-08 16:00:00 UTC

linux ABI 3.2.0-1500

lp:ubuntu/precise-proposed/linux-backports-modules-3.2.0 bug Mature 2017-02-06 11:14:05 UTC 2017-02-06
99. Bump ABI

Author: Ben Romer
Revision Date: 2017-02-06 11:14:05 UTC

Bump ABI

lp:ubuntu/precise-security/mysql-5.5 bug(Has a merge proposal) Mature 2017-01-18 08:37:01 UTC 2017-01-18
37. * SECURITY UPDATE: Update to 5.5.54 t...

Author: Marc Deslauriers
Revision Date: 2017-01-18 08:37:01 UTC

* SECURITY UPDATE: Update to 5.5.54 to fix security issues
  - CVE-2017-3238
  - CVE-2017-3243
  - CVE-2017-3244
  - CVE-2017-3258
  - CVE-2017-3265
  - CVE-2017-3291
  - CVE-2017-3312
  - CVE-2017-3313
  - CVE-2017-3317
  - CVE-2017-3318
* debian/patches/fix_test_events_2.patch: fix date in test.

lp:ubuntu/precise-updates/mysql-5.5 Mature 2017-01-18 08:37:01 UTC 2017-01-18
37. * SECURITY UPDATE: Update to 5.5.54 t...

Author: Marc Deslauriers
Revision Date: 2017-01-18 08:37:01 UTC

* SECURITY UPDATE: Update to 5.5.54 to fix security issues
  - CVE-2017-3238
  - CVE-2017-3243
  - CVE-2017-3244
  - CVE-2017-3258
  - CVE-2017-3265
  - CVE-2017-3291
  - CVE-2017-3312
  - CVE-2017-3313
  - CVE-2017-3317
  - CVE-2017-3318
* debian/patches/fix_test_events_2.patch: fix date in test.

lp:ubuntu/precise-proposed/linux-signed-lts-trusty Mature 2017-01-12 15:07:11 UTC 2017-01-12
76. Master Version 3.13.0-108.155~precise1

Author: John Donnelly
Revision Date: 2017-01-12 15:07:11 UTC

Master Version 3.13.0-108.155~precise1

lp:ubuntu/precise-security/linux-signed-lts-trusty Mature 2017-01-12 15:07:11 UTC 2017-01-12
76. Master Version 3.13.0-108.155~precise1

Author: John Donnelly
Revision Date: 2017-01-12 15:07:11 UTC

Master Version 3.13.0-108.155~precise1

lp:ubuntu/precise-updates/linux-signed-lts-trusty Mature 2017-01-12 15:07:11 UTC 2017-01-12
76. Master Version 3.13.0-108.155~precise1

Author: John Donnelly
Revision Date: 2017-01-12 15:07:11 UTC

Master Version 3.13.0-108.155~precise1

lp:ubuntu/precise-proposed/linux-meta-lts-trusty bug Mature 2017-01-11 13:26:59 UTC 2017-01-11
66. linux ABI 3.13.0-108

Author: John Donnelly
Revision Date: 2017-01-11 13:26:59 UTC

linux ABI 3.13.0-108

lp:ubuntu/precise-security/linux-meta-lts-trusty Mature 2017-01-11 13:26:59 UTC 2017-01-11
66. linux ABI 3.13.0-108

Author: John Donnelly
Revision Date: 2017-01-11 13:26:59 UTC

linux ABI 3.13.0-108

lp:ubuntu/precise-updates/linux-meta-lts-trusty Mature 2017-01-11 13:26:59 UTC 2017-01-11
66. linux ABI 3.13.0-108

Author: John Donnelly
Revision Date: 2017-01-11 13:26:59 UTC

linux ABI 3.13.0-108

lp:ubuntu/precise-security/linux-meta-ti-omap4 Mature 2017-01-10 14:12:27 UTC 2017-01-10
113. linux ABI 3.2.0-1499

Author: John Donnelly
Revision Date: 2017-01-10 14:12:27 UTC

linux ABI 3.2.0-1499

lp:ubuntu/precise-updates/linux-meta-ti-omap4 Mature 2017-01-10 14:12:27 UTC 2017-01-10
113. linux ABI 3.2.0-1499

Author: John Donnelly
Revision Date: 2017-01-10 14:12:27 UTC

linux ABI 3.2.0-1499

lp:ubuntu/precise-security/linux-backports-modules-3.2.0 bug Mature 2017-01-09 11:14:17 UTC 2017-01-09
98. Bump ABI

Author: John Donnelly
Revision Date: 2017-01-09 11:14:17 UTC

Bump ABI

lp:ubuntu/precise-updates/linux-backports-modules-3.2.0 Mature 2017-01-09 11:14:17 UTC 2017-01-09
98. Bump ABI

Author: John Donnelly
Revision Date: 2017-01-09 11:14:17 UTC

Bump ABI

lp:ubuntu/precise-security/python3.2 Mature 2016-11-15 14:34:45 UTC 2016-11-15
41. * SECURITY UPDATE: StartTLS stripping...

Author: Steve Beattie
Revision Date: 2016-11-15 14:34:45 UTC

* SECURITY UPDATE: StartTLS stripping attack
  - debian/patches/CVE-2016-0772.patch: raise an error when
    STARTTLS fails in Lib/smtplib.py.
  - CVE-2016-0772
* SECURITY UPDATE: use of HTTP_PROXY flag supplied by attacker in CGI
  scripts (aka HTTPOXY attack)
  - debian/patches/CVE-2016-1000110.patch: if running as CGI
    script, forget HTTP_PROXY in Lib/urllib.py, add test to
    Lib/test/test_urllib.py, add documentation.
  - CVE-2016-1000110
* SECURITY UPDATE: Integer overflow when handling zipfiles
  - debian/patches/CVE-2016-5636-pre.patch: check for negative size in
    Modules/zipimport.c
  - debian/patches/CVE-2016-5636.patch: check for too large value in
    Modules/zipimport.c
  - CVE-2016-5636
* SECURITY UPDATE: CRLF injection vulnerability in the
  HTTPConnection.putheader
  - debian/patches/CVE-2016-5699.patch: disallow newlines in
    putheader() arguments when not followed by spaces or tabs in
    Lib/httplib.py, add tests in Lib/test/test_httplib.py
  - CVE-2016-5699

lp:ubuntu/precise-updates/python3.2 Mature 2016-11-15 14:34:45 UTC 2016-11-15
41. * SECURITY UPDATE: StartTLS stripping...

Author: Steve Beattie
Revision Date: 2016-11-15 14:34:45 UTC

* SECURITY UPDATE: StartTLS stripping attack
  - debian/patches/CVE-2016-0772.patch: raise an error when
    STARTTLS fails in Lib/smtplib.py.
  - CVE-2016-0772
* SECURITY UPDATE: use of HTTP_PROXY flag supplied by attacker in CGI
  scripts (aka HTTPOXY attack)
  - debian/patches/CVE-2016-1000110.patch: if running as CGI
    script, forget HTTP_PROXY in Lib/urllib.py, add test to
    Lib/test/test_urllib.py, add documentation.
  - CVE-2016-1000110
* SECURITY UPDATE: Integer overflow when handling zipfiles
  - debian/patches/CVE-2016-5636-pre.patch: check for negative size in
    Modules/zipimport.c
  - debian/patches/CVE-2016-5636.patch: check for too large value in
    Modules/zipimport.c
  - CVE-2016-5636
* SECURITY UPDATE: CRLF injection vulnerability in the
  HTTPConnection.putheader
  - debian/patches/CVE-2016-5699.patch: disallow newlines in
    putheader() arguments when not followed by spaces or tabs in
    Lib/httplib.py, add tests in Lib/test/test_httplib.py
  - CVE-2016-5699

lp:~powersj/ubuntu/precise/debootstrap/add_zesty Development 2016-10-25 21:50:45 UTC 2016-10-25
2. Add (Ubuntu) zesty as a symlink to gu...

Author: Joshua Powers
Revision Date: 2016-10-25 21:47:49 UTC

Add (Ubuntu) zesty as a symlink to gutsy. (LP: #1636583)

lp:~freyes/ubuntu/precise/serverstack-dns/index-out-of-range (Has a merge proposal) Development 2016-09-13 17:08:34 UTC 2016-09-13
17. Skip empty lines when iterating hosts...

Author: Felipe Reyes
Revision Date: 2016-09-13 17:03:17 UTC

Skip empty lines when iterating hosts file

If the hosts file contains empty lines a list index out of range exception
is raised

Traceback (most recent call last):
  File "/usr/bin/serverstack-tenant-dns", line 256, in <module>
    add_current_instances()
  File "/usr/bin/serverstack-tenant-dns", line 144, in add_current_instances
    add_host_entry(hostname, ip_addr, "")
  File "/usr/bin/serverstack-tenant-dns", line 81, in add_host_entry
    hn = _hostname[1]
IndexError: list index out of range

lp:ubuntu/precise-security/python-imaging Mature 2016-09-09 14:45:49 UTC 2016-09-09
29. * SECURITY UPDATE: Fixes for buffer o...

Author: Emily Ratliff
Revision Date: 2016-09-09 14:45:49 UTC

* SECURITY UPDATE: Fixes for buffer overflows
  - PIL/IcnsImagePlugin.py, libImaging/PcdDecode.c, libImaging/FliDecode.c
  - CVE-2016-0775
  - CVE-2016-2533
  - CVE-2014-3596
  - Kudos to Andrew Drake and Eric Soroos for discovering these issues.

lp:ubuntu/precise-updates/python-imaging Mature 2016-09-09 14:45:49 UTC 2016-09-09
29. * SECURITY UPDATE: Fixes for buffer o...

Author: Emily Ratliff
Revision Date: 2016-09-09 14:45:49 UTC

* SECURITY UPDATE: Fixes for buffer overflows
  - PIL/IcnsImagePlugin.py, libImaging/PcdDecode.c, libImaging/FliDecode.c
  - CVE-2016-0775
  - CVE-2016-2533
  - CVE-2014-3596
  - Kudos to Andrew Drake and Eric Soroos for discovering these issues.

lp:ubuntu/precise-security/libgcrypt11 Mature 2016-08-17 13:41:27 UTC 2016-08-17
37. * SECURITY UPDATE: random number gene...

Author: Marc Deslauriers
Revision Date: 2016-08-17 13:41:27 UTC

* SECURITY UPDATE: random number generator prediction
  - debian/patches/CVE-2016-6313-1.patch: improve the diagram showing the
    random mixing in random/random-csprng.c.
  - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
    csprng pool in random/random-csprng.c.
  - CVE-2016-6313

lp:ubuntu/precise-updates/libgcrypt11 Mature 2016-08-17 13:41:27 UTC 2016-08-17
37. * SECURITY UPDATE: random number gene...

Author: Marc Deslauriers
Revision Date: 2016-08-17 13:41:27 UTC

* SECURITY UPDATE: random number generator prediction
  - debian/patches/CVE-2016-6313-1.patch: improve the diagram showing the
    random mixing in random/random-csprng.c.
  - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
    csprng pool in random/random-csprng.c.
  - CVE-2016-6313

lp:ubuntu/precise-updates/eglibc bug Mature 2016-08-11 06:12:57 UTC 2016-08-11
322. * REGRESSION UPDATE: revert CVE-2014-...

Author: Steve Beattie
Revision Date: 2016-05-26 00:08:17 UTC

* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
  dependency from libm to libc (LP: #1585614)
  - debian/patches/any/CVE-2014-9761-2.diff: keep exporting
    __strto*_nan symbols added to libc.

lp:ubuntu/precise-security/eglibc bug Mature 2016-08-11 06:12:54 UTC 2016-08-11
319. * REGRESSION UPDATE: revert CVE-2014-...

Author: Steve Beattie
Revision Date: 2016-05-26 00:08:17 UTC

* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
  dependency from libm to libc (LP: #1585614)
  - debian/patches/any/CVE-2014-9761-2.diff: keep exporting
    __strto*_nan symbols added to libc.

lp:~dsiuchninski/ubuntu/precise/nvidia-settings/nvidia-settings bug(Has a merge proposal) Development 2016-06-02 06:17:12 UTC 2016-06-02
47. debian/control: Changed a typo in the...

Author: Donald Siuchninski
Revision Date: 2012-07-30 04:06:12 UTC

debian/control: Changed a typo in the package description; changed 'of' to 'for' (LP: #306178)

lp:~pali/ubuntu/precise/libva/libva Development 2016-05-21 08:19:21 UTC 2016-05-21
29. Upgrade to version 1.7.0-2 from Debian

Author: Pali
Revision Date: 2016-05-21 08:19:21 UTC

Upgrade to version 1.7.0-2 from Debian

lp:ubuntu/precise-security/libtasn1-3 Mature 2016-04-26 14:20:41 UTC 2016-04-26
24. * SECURITY UPDATE: infinite loop via ...

Author: Marc Deslauriers
Revision Date: 2016-04-26 14:20:41 UTC

* SECURITY UPDATE: infinite loop via malformed DER cert
  - debian/patches/CVE-2016-4008-1.patch: catch invalid input cases early
    in lib/decoding.c.
  - debian/patches/CVE-2016-4008-2.patch: properly account bytes read in
    lib/decoding.c.
  - CVE-2016-4008

lp:ubuntu/precise-updates/libtasn1-3 Mature 2016-04-26 14:20:41 UTC 2016-04-26
24. * SECURITY UPDATE: infinite loop via ...

Author: Marc Deslauriers
Revision Date: 2016-04-26 14:20:41 UTC

* SECURITY UPDATE: infinite loop via malformed DER cert
  - debian/patches/CVE-2016-4008-1.patch: catch invalid input cases early
    in lib/decoding.c.
  - debian/patches/CVE-2016-4008-2.patch: properly account bytes read in
    lib/decoding.c.
  - CVE-2016-4008

lp:ubuntu/precise-proposed/cloud-init bug Mature 2016-04-25 20:56:20 UTC 2016-04-25
224. releasing package cloud-init version ...

Author: Scott Moser
Revision Date: 2016-04-25 20:53:28 UTC

releasing package cloud-init version 0.6.3-0ubuntu1.25

lp:ubuntu/precise-security/libstruts1.2-java Mature 2016-04-14 14:17:20 UTC 2016-04-14
12. fake sync from Debian

Author: Marc Deslauriers
Revision Date: 2016-04-14 14:17:20 UTC

fake sync from Debian

lp:ubuntu/precise-updates/libstruts1.2-java Mature 2016-04-14 14:17:20 UTC 2016-04-14
12. fake sync from Debian

Author: Marc Deslauriers
Revision Date: 2016-04-14 14:17:20 UTC

fake sync from Debian

lp:ubuntu/precise-proposed/eglibc bug Mature 2016-04-08 23:59:46 UTC 2016-04-08
315. * SECURITY UPDATE: buffer overflow in...

Author: Steve Beattie
Revision Date: 2016-04-08 23:59:46 UTC

* SECURITY UPDATE: buffer overflow in gethostbyname_r and related
  functions
  - debian/patches/any/CVE-2015-1781.diff: take alignment padding
    into account when computing if buffer is too small.
  - CVE-2015-1781
* SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice
  - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files
    database during iteration.
  - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state
    between getXXent and getXXbyYY NSS calls.
  - CVE-2014-8121
* SECURITY UPDATE: glibc unbounded stack usage in NaN strtod
  conversion
  - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing
    of NaN payloads.
  - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions
    handling of payload strings
  - CVE-2014-9761
* SECURITY UPDATE: out of range data to strftime() causes segfault
  (denial of service)
  - debian/patches/any/CVE-2015-8776.diff: add range checks to
    strftime() processing
  - CVE-2015-8776
* SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid
  AT_SECURE programs (e.g. setuid), allowing disabling of pointer
  mangling
  - debian/patches/any/CVE-2015-8777.diff: Always enable pointer
    guard
  - CVE-2015-8777
* SECURITY UPDATE: integer overflow in hcreate and hcreate_r
  - debian/patches/any/CVE-2015-8778.diff: check for large inputs
  - CVE-2015-8778
* SECURITY UPDATE: unbounded stack allocation in catopen()
  - debian/patches/any/CVE-2015-8779.diff: stop using unbounded
    alloca()
  - CVE-2015-8779
* SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r
  - debian/patches/any/CVE-2016-3075.diff: do not make unneeded
    memory copy on the stack.
  - CVE-2016-3075
* SECURITY UPDATE: pt_chown privilege escalation
  - debian/patches/any/CVE-2016-2856-pre.diff: add option to
    enable/disable pt_chown.
  - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel
    about pty group and permission mode
  - debian/debhelper.in/libc-bin.install: drop installation of
    pt_chown
  - CVE-2016-2856, CVE-2013-2207
* debian/debhelper.in/libc.postinst: add reboot notifications for
  security updates (LP: #1546457)

lp:ubuntu/precise-security/libav bug Mature 2016-04-01 08:30:13 UTC 2016-04-01
32. * SECURITY UPDATE: invalid memory acc...

Author: Marc Deslauriers
Revision Date: 2016-04-01 08:30:13 UTC

* SECURITY UPDATE: invalid memory access via crafted MJPEG data
  - debian/patches/CVE-2014-8541.patch: check for pixel format changes in
    libavcodec/mjpegdec.c.
  - CVE-2014-8541
* SECURITY UPDATE: out of array access in ff_mjpeg_decode_sof
  - debian/patches/CVE-2015-1872.patch: check number of components in
    libavcodec/mjpegdec.c.
  - CVE-2015-1872
* SECURITY UPDATE: out of bounds array access in msrle_decode_pal4
  - debian/patches/CVE-2015-3395.patch: determine frame size in
    libavcodec/msrledec.c.
  - CVE-2015-3395
* SECURITY UPDATE: size issue in ff_h263_decode_picture_header
  - debian/patches/CVE-2015-5479.patch: check both dimensions in
    libavcodec/ituh263dec.c.
  - CVE-2015-5479
* SECURITY UPDATE: out of bounds array access in decode_ihdr_chunk
  - debian/patches/CVE-2015-6818.patch: only allow one IHDR chunk in
    libavcodec/pngdec.c.
  - CVE-2015-6818
* SECURITY UPDATE: out of bounds array access in ff_sbr_apply
  - debian/patches/CVE-2015-6820.patch: check that the element type
    matches in libavcodec/aacsbr.c, libavcodec/sbr.h.
  - CVE-2015-6820
* SECURITY UPDATE: uninitialized memory access in sws_init_context
  - debian/patches/CVE-2015-6824.patch: clear buffers in
    libswscale/utils.c
  - CVE-2015-6824
* SECURITY UPDATE: invalid pointer use in ff_rv34_decode_init_thread_copy
  - debian/patches/CVE-2015-6826.patch: clear pointers in
    libavcodec/rv34.c.
  - CVE-2015-6826
* SECURITY UPDATE: integer overflow in ff_ivi_init_planes
  - debian/patches/CVE-2015-8364.patch: check image dimensions in
    libavcodec/ivi_common.c.
  - CVE-2015-8364
* SECURITY UPDATE: out of bounds array access in smka_decode_frame
  - debian/patches/CVE-2015-8365.patch: validate data size in
    libavcodec/smacker.c.
  - CVE-2015-8365
* SECURITY UPDATE: cross-origin attack and arbitrary file read via the
  concat protocol
  - debian/confflags: disable concat protocol.
  - CVE-2016-1897
  - CVE-2016-1898
* SECURITY UPDATE: integer overflow in asf_write_packet
  - debian/patches/CVE-2016-2326.patch: check pts in
    libavformat/asfenc.c.
  - CVE-2016-2326
* SECURITY UPDATE: out of bounds array access via tga file
  - debian/patches/CVE-2016-2330.patch: fix lzw buffer size in
    libavcodec/gif.c.
  - CVE-2016-2330

lp:ubuntu/precise-updates/libav Mature 2016-04-01 08:30:13 UTC 2016-04-01
32. * SECURITY UPDATE: invalid memory acc...

Author: Marc Deslauriers
Revision Date: 2016-04-01 08:30:13 UTC

* SECURITY UPDATE: invalid memory access via crafted MJPEG data
  - debian/patches/CVE-2014-8541.patch: check for pixel format changes in
    libavcodec/mjpegdec.c.
  - CVE-2014-8541
* SECURITY UPDATE: out of array access in ff_mjpeg_decode_sof
  - debian/patches/CVE-2015-1872.patch: check number of components in
    libavcodec/mjpegdec.c.
  - CVE-2015-1872
* SECURITY UPDATE: out of bounds array access in msrle_decode_pal4
  - debian/patches/CVE-2015-3395.patch: determine frame size in
    libavcodec/msrledec.c.
  - CVE-2015-3395
* SECURITY UPDATE: size issue in ff_h263_decode_picture_header
  - debian/patches/CVE-2015-5479.patch: check both dimensions in
    libavcodec/ituh263dec.c.
  - CVE-2015-5479
* SECURITY UPDATE: out of bounds array access in decode_ihdr_chunk
  - debian/patches/CVE-2015-6818.patch: only allow one IHDR chunk in
    libavcodec/pngdec.c.
  - CVE-2015-6818
* SECURITY UPDATE: out of bounds array access in ff_sbr_apply
  - debian/patches/CVE-2015-6820.patch: check that the element type
    matches in libavcodec/aacsbr.c, libavcodec/sbr.h.
  - CVE-2015-6820
* SECURITY UPDATE: uninitialized memory access in sws_init_context
  - debian/patches/CVE-2015-6824.patch: clear buffers in
    libswscale/utils.c
  - CVE-2015-6824
* SECURITY UPDATE: invalid pointer use in ff_rv34_decode_init_thread_copy
  - debian/patches/CVE-2015-6826.patch: clear pointers in
    libavcodec/rv34.c.
  - CVE-2015-6826
* SECURITY UPDATE: integer overflow in ff_ivi_init_planes
  - debian/patches/CVE-2015-8364.patch: check image dimensions in
    libavcodec/ivi_common.c.
  - CVE-2015-8364
* SECURITY UPDATE: out of bounds array access in smka_decode_frame
  - debian/patches/CVE-2015-8365.patch: validate data size in
    libavcodec/smacker.c.
  - CVE-2015-8365
* SECURITY UPDATE: cross-origin attack and arbitrary file read via the
  concat protocol
  - debian/confflags: disable concat protocol.
  - CVE-2016-1897
  - CVE-2016-1898
* SECURITY UPDATE: integer overflow in asf_write_packet
  - debian/patches/CVE-2016-2326.patch: check pts in
    libavformat/asfenc.c.
  - CVE-2016-2326
* SECURITY UPDATE: out of bounds array access via tga file
  - debian/patches/CVE-2016-2330.patch: fix lzw buffer size in
    libavcodec/gif.c.
  - CVE-2016-2330

lp:ubuntu/precise-proposed/whoopsie-daisy bug Mature 2016-02-22 23:22:36 UTC 2016-02-22
36. src/whoopsie.c: Move UnreportableReas...

Author: Brian Murray
Revision Date: 2015-11-09 13:34:23 UTC

src/whoopsie.c: Move UnreportableReason from fields we don't send to
errors to fields we do, that way we know apport's opinion of the crash.
(LP: #1382233)

lp:ubuntu/precise-security/gnutls26 bug Mature 2016-02-22 18:40:35 UTC 2016-02-22
44. debian/patches/compare_ca_name_and_ke...

Author: Marc Deslauriers
Revision Date: 2016-02-05 13:51:23 UTC

debian/patches/compare_ca_name_and_key.patch: when comparing a CA
certificate with the trusted list compare the name and key. This will
allow the future removal of 1024-bit RSA keys from the ca-certificates
package.

lp:~sajoupa/ubuntu/precise/weathermap4rrd/weathermap4rrd-fix-rrdtool-version-support (Has a merge proposal) Development 2016-02-12 07:38:22 UTC 2016-02-12
5. [sajoupa] Avoiding regressions when r...

Author: Laurent Sesques
Revision Date: 2016-02-12 07:35:19 UTC

[sajoupa] Avoiding regressions when rrd's version is incremented

lp:ubuntu/precise-updates/gnutls26 Mature 2016-02-05 13:51:23 UTC 2016-02-05
44. debian/patches/compare_ca_name_and_ke...

Author: Marc Deslauriers
Revision Date: 2016-02-05 13:51:23 UTC

debian/patches/compare_ca_name_and_key.patch: when comparing a CA
certificate with the trusted list compare the name and key. This will
allow the future removal of 1024-bit RSA keys from the ca-certificates
package.

lp:~ionic/ubuntu/precise/reprepro/precise Development 2016-01-24 14:39:43 UTC 2016-01-24
33. Merge with current precise package. ...

Author: Mihai Moldovan
Revision Date: 2016-01-24 14:39:43 UTC

Merge with current precise package.

Changes:
* debian/patches: Add 0001fix-snapshot-restore.patch (LP: #1311497).
* debian/rules: Add dh_quilt_patch/dh_quilt_unpatch. Needed to apply
  patches.
* debian/control: Add quilt to Build-Depends. Needed to apply patches.

dbgsym patch applied on top, version number adapted.

lp:~crunch.io/ubuntu/precise/tmpwatch/unstable Development 2015-12-11 02:40:45 UTC 2015-12-11
4. More lint fixes

Author: Joseph S Tate
Revision Date: 2015-12-11 02:39:39 UTC

More lint fixes

lp:~niedbalski/ubuntu/precise/serverstack-dns/add-current-instances (Has a merge proposal) Development 2015-11-18 14:31:10 UTC 2015-11-18
15. Defaults to false, non invasive change

Author: Jorge Niedbalski
Revision Date: 2015-11-18 14:31:10 UTC

Defaults to false, non invasive change

lp:ubuntu/precise-updates/whoopsie-daisy Mature 2015-11-09 13:34:23 UTC 2015-11-09
36. src/whoopsie.c: Move UnreportableReas...

Author: Brian Murray
Revision Date: 2015-11-09 13:34:23 UTC

src/whoopsie.c: Move UnreportableReason from fields we don't send to
errors to fields we do, that way we know apport's opinion of the crash.
(LP: #1382233)

lp:~ubuntu-core-dev/ubuntu/precise/apport/ubuntu bug Development 2015-11-06 16:33:51 UTC 2015-11-06
2013. releasing package apport version 2.0....

Author: Brian Murray
Revision Date: 2015-11-06 15:30:31 UTC

releasing package apport version 2.0.1-0ubuntu17.14

lp:ubuntu/precise-security/miniupnpc bug Mature 2015-10-20 21:07:56 UTC 2015-10-20
9. * SECURITY UPDATE: buffer overflow in...

Author: Steve Beattie
Revision Date: 2015-10-15 18:35:20 UTC

* SECURITY UPDATE: buffer overflow in XML parser (LP: #1506017)
  - igd_desc_parse.c: fix buffer overflow in
  - https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
  - CVE-2015-6031

lp:ubuntu/precise-proposed/tzdata bug Mature 2015-10-20 11:14:06 UTC 2015-10-20
97. New upstream release with future time...

Author: Adam Conrad
Revision Date: 2015-10-20 11:01:03 UTC

New upstream release with future timestamp updates for Fiji, Norfolk
Island, and Turkey, and a new timezone for Fort Nelson (LP: #1502058)

lp:ubuntu/precise-security/tzdata bug Mature 2015-10-20 11:01:03 UTC 2015-10-20
97. New upstream release with future time...

Author: Adam Conrad
Revision Date: 2015-10-20 11:01:03 UTC

New upstream release with future timestamp updates for Fiji, Norfolk
Island, and Turkey, and a new timezone for Fort Nelson (LP: #1502058)

lp:ubuntu/precise-updates/tzdata Mature 2015-10-20 11:01:03 UTC 2015-10-20
97. New upstream release with future time...

Author: Adam Conrad
Revision Date: 2015-10-20 11:01:03 UTC

New upstream release with future timestamp updates for Fiji, Norfolk
Island, and Turkey, and a new timezone for Fort Nelson (LP: #1502058)

lp:~julian-ladisch/ubuntu/precise/phpmyadmin/3.4.11.1-2+deb7u1 bug Development 2015-10-16 10:24:12 UTC 2015-10-16
77. * Fix security issues: - CVE-2014-1...

Author: Julian Ladisch
Revision Date: 2015-10-16 10:14:29 UTC

* Fix security issues:
  - CVE-2014-1879: Self-XSS due to unescaped HTML output in import.
    LP: #1441590
  - CVE-2013-5003: SQL injection vulnerabilities (control user) (3.4.x is not affected).
  - CVE-2013-5002: Self-XSS due in schema export (3.4.x is not affected).
  - CVE-2013-4996: XSS in Logo Link and Trusted Proxy List (3.4.x is not affected).
  - CVE-2013-4995: XSS in HTML Output when executing a SQL query (3.4.x is not affected).
* Fix security issue:
  - CVE-2013-3239: Locally Saved SQL Dump File Multiple File Extension
    Remote Code Execution (3.4.x is not affected).
* New upstream security release.
  - CVE-2012-4345, CVE-2012-4579: Multiple XSS in Table operations,
    Database structure, Trigger and Visualize GIS data pages.
    LP: #1441587
* New upstream release.
* Add alternative dependency to php5-mysqlnd (closes: #665812).
* New upstream release.
  - CVE-2012-1902: Path disclosure due to missing verification of file presence.
    LP: #1441568
* Checked for policy 3.9.3, no changes.

lp:ubuntu/precise-proposed/squid3 bug Mature 2015-10-16 03:24:11 UTC 2015-10-16
40. d/squid3.upstart: Use SIGINT to termi...

Author: Tiago Stürmer Daitx
Revision Date: 2015-10-14 02:54:20 UTC

d/squid3.upstart: Use SIGINT to terminate squid and wait at most 40
seconds for it to finish. (LP: #1073478)

lp:ubuntu/precise-updates/miniupnpc Mature 2015-10-15 18:35:20 UTC 2015-10-15
9. * SECURITY UPDATE: buffer overflow in...

Author: Steve Beattie
Revision Date: 2015-10-15 18:35:20 UTC

* SECURITY UPDATE: buffer overflow in XML parser (LP: #1506017)
  - igd_desc_parse.c: fix buffer overflow in
  - https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
  - CVE-2015-6031

lp:ubuntu/precise-updates/commons-httpclient Mature 2015-10-14 15:35:39 UTC 2015-10-14
11. * SECURITY UPDATE: improper certifica...

Author: Marc Deslauriers
Revision Date: 2015-10-01 09:05:17 UTC

* SECURITY UPDATE: improper certificate hostname verification
  - debian/patches/06_fix_CVE-2012-5783.patch: fix CN extraction and
    wildcard verification in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - debian/patches/CVE-2014-3577.patch: fix Common Name logic in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2012-5783
  - CVE-2012-6153
  - CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
  - debian/patches/CVE-2015-5262.patch: respect configured timeout in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.

lp:ubuntu/precise-security/commons-httpclient Mature 2015-10-14 15:26:55 UTC 2015-10-14
11. * SECURITY UPDATE: improper certifica...

Author: Marc Deslauriers
Revision Date: 2015-10-01 09:05:17 UTC

* SECURITY UPDATE: improper certificate hostname verification
  - debian/patches/06_fix_CVE-2012-5783.patch: fix CN extraction and
    wildcard verification in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - debian/patches/CVE-2014-3577.patch: fix Common Name logic in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2012-5783
  - CVE-2012-6153
  - CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
  - debian/patches/CVE-2015-5262.patch: respect configured timeout in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.

lp:ubuntu/precise-security/gdk-pixbuf Mature 2015-10-10 07:55:26 UTC 2015-10-10
44. * SECURITY UPDATE: Heap overflow and ...

Author: Steve Beattie
Revision Date: 2015-10-10 07:55:26 UTC

* SECURITY UPDATE: Heap overflow and DoS with tga files
  - debian/patches/CVE-2015-7673-1.patch: pass on OOM conditions in
    make_weights functions in gdk-pixbuf/pixops/pixops.c
  - debian/patches/CVE-2015-7673-2.patch: Wrap TGAColormap struct in
    its own API in gdk-pixbuf/io-tga.c
  - debian/patches/CVE-2015-7673-3.patch: always parse colormaps in
    gdk-pixbuf/io-tga.c
* SECURITY UPDATE: heap overflow when scaling GIF images
  - debian/patches/CVE-2015-767.patch: ensure variables are large
    enough when shifting bits in gdk-pixbuf/pixops/pixops.c

lp:ubuntu/precise-updates/gdk-pixbuf Mature 2015-10-10 07:55:26 UTC 2015-10-10
44. * SECURITY UPDATE: Heap overflow and ...

Author: Steve Beattie
Revision Date: 2015-10-10 07:55:26 UTC

* SECURITY UPDATE: Heap overflow and DoS with tga files
  - debian/patches/CVE-2015-7673-1.patch: pass on OOM conditions in
    make_weights functions in gdk-pixbuf/pixops/pixops.c
  - debian/patches/CVE-2015-7673-2.patch: Wrap TGAColormap struct in
    its own API in gdk-pixbuf/io-tga.c
  - debian/patches/CVE-2015-7673-3.patch: always parse colormaps in
    gdk-pixbuf/io-tga.c
* SECURITY UPDATE: heap overflow when scaling GIF images
  - debian/patches/CVE-2015-767.patch: ensure variables are large
    enough when shifting bits in gdk-pixbuf/pixops/pixops.c

lp:ubuntu/precise-updates/python-tz Mature 2015-10-09 16:24:54 UTC 2015-10-09
28. * debian/patches/use_utf8_encoding.pa...

Author: Robert C Jennings
Revision Date: 2015-10-02 09:43:15 UTC

* debian/patches/use_utf8_encoding.patch:
  - use utf8 encoding to be compatible with new tzdata versions
    (lp: #1473533)

lp:ubuntu/precise-proposed/linux-meta bug Mature 2015-10-05 14:20:57 UTC 2015-10-05
337. [ Brad Figg ] Bump ABI

Author: Brad Figg
Revision Date: 2015-10-05 14:20:57 UTC

[ Brad Figg ]

Bump ABI

lp:ubuntu/precise-security/linux-meta Mature 2015-10-05 14:20:57 UTC 2015-10-05
337. [ Brad Figg ] Bump ABI

Author: Brad Figg
Revision Date: 2015-10-05 14:20:57 UTC

[ Brad Figg ]

Bump ABI

lp:ubuntu/precise-updates/linux-meta Mature 2015-10-05 14:20:57 UTC 2015-10-05
337. [ Brad Figg ] Bump ABI

Author: Brad Figg
Revision Date: 2015-10-05 14:20:57 UTC

[ Brad Figg ]

Bump ABI

lp:ubuntu/precise-proposed/python-tz bug Mature 2015-10-02 16:41:00 UTC 2015-10-02
28. * debian/patches/use_utf8_encoding.pa...

Author: Robert C Jennings
Revision Date: 2015-10-02 09:43:15 UTC

* debian/patches/use_utf8_encoding.patch:
  - use utf8 encoding to be compatible with new tzdata versions
    (lp: #1473533)

lp:ubuntu/precise-security/rpcbind Mature 2015-09-30 17:09:14 UTC 2015-09-30
23. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-09-25 08:18:39 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  use-after-free
  - debian/patches/CVE-2015-7236.patch: fix memory corruption in
    PMAP_CALLIT code in src/rpcb_svc_com.c.
  - CVE-2015-7236

lp:ubuntu/precise-security/dkms bug Mature 2015-09-30 16:13:41 UTC 2015-09-30
52. dkms_apport.py: update to the recent ...

Author: Marc Deslauriers
Revision Date: 2015-09-30 07:35:45 UTC

dkms_apport.py: update to the recent apport.utils api changes
(lp: #1499842)

lp:ubuntu/precise-updates/dkms bug Mature 2015-09-30 07:35:45 UTC 2015-09-30
52. dkms_apport.py: update to the recent ...

Author: Marc Deslauriers
Revision Date: 2015-09-30 07:35:45 UTC

dkms_apport.py: update to the recent apport.utils api changes
(lp: #1499842)

lp:ubuntu/precise-updates/nvidia-graphics-drivers-340-updates Mature 2015-09-28 13:36:27 UTC 2015-09-28
3. * Initial release (replaces nvidia-gr...

Author: Alberto Milone
Revision Date: 2015-08-27 16:59:02 UTC

* Initial release (replaces nvidia-graphics-drivers-331-updates).
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

lp:ubuntu/precise-updates/nvidia-graphics-drivers-340 Mature 2015-09-28 13:35:57 UTC 2015-09-28
3. * Initial release (replaces nvidia-gr...

Author: Alberto Milone
Revision Date: 2015-08-27 16:35:39 UTC

* Initial release (replaces nvidia-graphics-drivers-331).
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

lp:ubuntu/precise-security/nvidia-graphics-drivers-304-updates bug Mature 2015-09-28 13:28:24 UTC 2015-09-28
9. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2015-09-16 16:50:36 UTC

[ Alberto Milone ]
* New upstream release:
  - Removed libvdpau and libvdpau_trace from the NVIDIA driver
    package. VDPAU is not supported on the legacy hardware
    supported on the release 304 legacy driver branch. The
    libvdpau_nvidia vendor library is still included, so users who
    wish to use VDPAU with newer hardware that still works with
    release 304 drivers may install libvdpau from packages provided
    by the OS vendor where available, or from the source code
    available at:
    http://people.freedesktop.org/~aplattner/vdpau/
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

lp:ubuntu/precise-security/nvidia-graphics-drivers-304 bug Mature 2015-09-28 13:25:13 UTC 2015-09-28
8. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2015-09-16 16:43:44 UTC

[ Alberto Milone ]
* New upstream release:
  - Removed libvdpau and libvdpau_trace from the NVIDIA driver
    package. VDPAU is not supported on the legacy hardware
    supported on the release 304 legacy driver branch. The
    libvdpau_nvidia vendor library is still included, so users who
    wish to use VDPAU with newer hardware that still works with
    release 304 drivers may install libvdpau from packages provided
    by the OS vendor where available, or from the source code
    available at:
    http://people.freedesktop.org/~aplattner/vdpau/
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

lp:ubuntu/precise-security/nvidia-graphics-drivers-340-updates bug Mature 2015-09-28 13:23:41 UTC 2015-09-28
3. * Initial release (replaces nvidia-gr...

Author: Alberto Milone
Revision Date: 2015-08-27 16:59:02 UTC

* Initial release (replaces nvidia-graphics-drivers-331-updates).
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

lp:ubuntu/precise-security/nvidia-graphics-drivers-340 bug Mature 2015-09-28 13:23:29 UTC 2015-09-28
3. * Initial release (replaces nvidia-gr...

Author: Alberto Milone
Revision Date: 2015-08-27 16:35:39 UTC

* Initial release (replaces nvidia-graphics-drivers-331).
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

lp:ubuntu/precise-updates/rpcbind bug Mature 2015-09-25 08:18:39 UTC 2015-09-25
26. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-09-25 08:18:39 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  use-after-free
  - debian/patches/CVE-2015-7236.patch: fix memory corruption in
    PMAP_CALLIT code in src/rpcb_svc_com.c.
  - CVE-2015-7236

lp:ubuntu/precise-proposed/dkms bug Mature 2015-09-23 15:39:35 UTC 2015-09-23
55. d/s/autopkgtest: only collect logs if...

Author: Andy Whitcroft
Revision Date: 2015-09-23 15:39:40 UTC

d/s/autopkgtest: only collect logs if there are any. (LP: #1498896)

lp:ubuntu/precise-security/jockey Mature 2015-09-21 15:27:32 UTC 2015-09-21
149. * data/handlers/nvidia.py: - Add su...

Author: Marc Deslauriers
Revision Date: 2015-09-21 15:27:32 UTC

* data/handlers/nvidia.py:
  - Add support for nvidia-340 and nvidia-340-updates
* This package does _not_ contain the changes from 0.9.7-0ubuntu7.16 in
  precise-proposed.

lp:ubuntu/precise-updates/jockey Mature 2015-09-21 15:27:32 UTC 2015-09-21
149. * data/handlers/nvidia.py: - Add su...

Author: Marc Deslauriers
Revision Date: 2015-09-21 15:27:32 UTC

* data/handlers/nvidia.py:
  - Add support for nvidia-340 and nvidia-340-updates
* This package does _not_ contain the changes from 0.9.7-0ubuntu7.16 in
  precise-proposed.

lp:~timo-jyrinki/ubuntu/precise/mozvoikko/new_upstream_signed_release bug(Has a merge proposal) Development 2015-09-18 14:05:23 UTC 2015-09-18
28. Use a more proper install method and ...

Author: Timo Jyrinki
Revision Date: 2015-09-18 14:05:23 UTC

Use a more proper install method and only use the signatures from the upstream xpi

lp:ubuntu/precise-proposed/xe-guest-utilities bug Mature 2015-09-18 03:57:28 UTC 2015-09-18
4. Drop 'depends' for cloud-init (LP: #1...

Author: Ben Howard
Revision Date: 2015-09-17 08:53:32 UTC

Drop 'depends' for cloud-init (LP: #1496730).

lp:ubuntu/precise-proposed/udev bug Mature 2015-09-17 19:24:59 UTC 2015-09-17
227. 0git-keymaps.patch: Add 0x88 to dell-...

Author: Martin Pitt
Revision Date: 2015-09-11 15:06:10 UTC

0git-keymaps.patch: Add 0x88 to dell-touchpad to fix wireless switch on
Dell Latitude and Precision. (LP: #1441849)

lp:ubuntu/precise-updates/xe-guest-utilities Mature 2015-09-17 08:53:32 UTC 2015-09-17
4. Drop 'depends' for cloud-init (LP: #1...

Author: Ben Howard
Revision Date: 2015-09-17 08:53:32 UTC

Drop 'depends' for cloud-init (LP: #1496730).

lp:ubuntu/precise-updates/nvidia-graphics-drivers-304-updates Mature 2015-09-16 16:50:36 UTC 2015-09-16
9. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2015-09-16 16:50:36 UTC

[ Alberto Milone ]
* New upstream release:
  - Removed libvdpau and libvdpau_trace from the NVIDIA driver
    package. VDPAU is not supported on the legacy hardware
    supported on the release 304 legacy driver branch. The
    libvdpau_nvidia vendor library is still included, so users who
    wish to use VDPAU with newer hardware that still works with
    release 304 drivers may install libvdpau from packages provided
    by the OS vendor where available, or from the source code
    available at:
    http://people.freedesktop.org/~aplattner/vdpau/
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

lp:ubuntu/precise-updates/nvidia-graphics-drivers-304 Mature 2015-09-16 16:43:44 UTC 2015-09-16
8. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2015-09-16 16:43:44 UTC

[ Alberto Milone ]
* New upstream release:
  - Removed libvdpau and libvdpau_trace from the NVIDIA driver
    package. VDPAU is not supported on the legacy hardware
    supported on the release 304 legacy driver branch. The
    libvdpau_nvidia vendor library is still included, so users who
    wish to use VDPAU with newer hardware that still works with
    release 304 drivers may install libvdpau from packages provided
    by the OS vendor where available, or from the source code
    available at:
    http://people.freedesktop.org/~aplattner/vdpau/
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

lp:ubuntu/precise-proposed/ntp bug Mature 2015-09-16 16:33:27 UTC 2015-09-16
62. * Fix use-after-free in routing socke...

Author: Eric Desrochers
Revision Date: 2015-08-26 15:07:58 UTC

* Fix use-after-free in routing socket code (LP: #1481388)
  - debian/patches/use-after-free-in-routing-socket.patch
    fix logic in ntpd/ntp_io.c
* Fix to ignore ENOBUFS on routing netlink socket
  - debian/patches/ignore-ENOBUFS-on-routing-netlink-socket.patch
    fix logic in ntpd/ntp_io.c

lp:ubuntu/precise-updates/udev Mature 2015-09-11 15:06:10 UTC 2015-09-11
227. 0git-keymaps.patch: Add 0x88 to dell-...

Author: Martin Pitt
Revision Date: 2015-09-11 15:06:10 UTC

0git-keymaps.patch: Add 0x88 to dell-touchpad to fix wireless switch on
Dell Latitude and Precision. (LP: #1441849)

lp:ubuntu/precise-security/freetype bug Mature 2015-09-10 17:28:24 UTC 2015-09-10
50. * SECURITY UPDATE: uninitialized memo...

Author: Marc Deslauriers
Revision Date: 2015-09-10 07:10:41 UTC

* SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
  - debian/patches-freetype/savannah-bug-41309.patch: fix use of
    uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
    src/type1/t1load.c, src/type42/t42parse.c.
  - No CVE number
* SECURITY UPDATE: denial of service via infinite loop in parse_encode
  (LP: #1492124)
  - debian/patches-freetype/savannah-bug-41590.patch: protect against
    invalid charcode in src/type1/t1load.c.
  - No CVE number

lp:ubuntu/precise-updates/freetype Mature 2015-09-10 07:10:41 UTC 2015-09-10
50. * SECURITY UPDATE: uninitialized memo...

Author: Marc Deslauriers
Revision Date: 2015-09-10 07:10:41 UTC

* SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
  - debian/patches-freetype/savannah-bug-41309.patch: fix use of
    uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
    src/type1/t1load.c, src/type42/t42parse.c.
  - No CVE number
* SECURITY UPDATE: denial of service via infinite loop in parse_encode
  (LP: #1492124)
  - debian/patches-freetype/savannah-bug-41590.patch: protect against
    invalid charcode in src/type1/t1load.c.
  - No CVE number

lp:ubuntu/precise-proposed/e2fsprogs bug Mature 2015-09-09 16:18:46 UTC 2015-09-09
61. fix rule-violating lblk->pblk mapping...

Author: Seyeong Kim
Revision Date: 2015-09-01 10:57:56 UTC

fix rule-violating lblk->pblk mappings on bigalloc filesystems (LP: #1321418)

lp:ubuntu/precise-updates/openslp-dfsg Mature 2015-09-03 17:34:53 UTC 2015-09-03
8. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-08-28 15:55:17 UTC

* SECURITY UPDATE: denial of service via out-of-bounds buffer access
  - debian/patches/CVE-2012-4428.patch: fix handling of string-list in
    common/slp_compare.c
  - CVE-2012-4428
* SECURITY UPDATE: denial of service via double free flaw
  - debian/patches/CVE-2015-5177.patch: fix double free if
    SLPDKnownDAAdd() fails in slpd/slpd_knownda.c.
  - CVE-2015-5177

lp:ubuntu/precise-security/openslp-dfsg Mature 2015-09-03 16:52:57 UTC 2015-09-03
8. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-08-28 15:55:17 UTC

* SECURITY UPDATE: denial of service via out-of-bounds buffer access
  - debian/patches/CVE-2012-4428.patch: fix handling of string-list in
    common/slp_compare.c
  - CVE-2012-4428
* SECURITY UPDATE: denial of service via double free flaw
  - debian/patches/CVE-2015-5177.patch: fix double free if
    SLPDKnownDAAdd() fails in slpd/slpd_knownda.c.
  - CVE-2015-5177

lp:ubuntu/precise-security/libvdpau Mature 2015-09-03 16:49:15 UTC 2015-09-03
11. * SECURITY UPDATE: privilege escalati...

Author: Marc Deslauriers
Revision Date: 2015-09-02 09:16:53 UTC

* SECURITY UPDATE: privilege escalation when used in setuid or setgid
  applications
  - debian/patches/CVE-2015-5xxx.patch: use secure_getenv and protect
    against directory traversal in configure.ac, src/Makefile.am,
    src/util.h, src/vdpau_wrapper.c, trace/vdpau_trace.cpp.
  - CVE-2015-5198
  - CVE-2015-5199
  - CVE-2015-5200

lp:ubuntu/precise-updates/libvdpau Mature 2015-09-02 09:16:53 UTC 2015-09-02
11. * SECURITY UPDATE: privilege escalati...

Author: Marc Deslauriers
Revision Date: 2015-09-02 09:16:53 UTC

* SECURITY UPDATE: privilege escalation when used in setuid or setgid
  applications
  - debian/patches/CVE-2015-5xxx.patch: use secure_getenv and protect
    against directory traversal in configure.ac, src/Makefile.am,
    src/util.h, src/vdpau_wrapper.c, trace/vdpau_trace.cpp.
  - CVE-2015-5198
  - CVE-2015-5199
  - CVE-2015-5200

lp:ubuntu/precise-security/bind9 Mature 2015-09-01 14:07:19 UTC 2015-09-01
59. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-09-01 14:07:19 UTC

* SECURITY UPDATE: denial of service in DNSSEC-signed record validation
  via malformed keys
  - fix validation inlib/dns/hmac_link.c, lib/dns/include/dst/dst.h,
    lib/dns/ncache.c, lib/dns/openssldh_link.c,
    lib/dns/openssldsa_link.c, lib/dns/opensslrsa_link.c,
    lib/dns/resolver.c.
  - CVE-2015-5722

lp:ubuntu/precise-updates/bind9 Mature 2015-09-01 14:07:19 UTC 2015-09-01
59. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-09-01 14:07:19 UTC

* SECURITY UPDATE: denial of service in DNSSEC-signed record validation
  via malformed keys
  - fix validation inlib/dns/hmac_link.c, lib/dns/include/dst/dst.h,
    lib/dns/ncache.c, lib/dns/openssldh_link.c,
    lib/dns/openssldsa_link.c, lib/dns/opensslrsa_link.c,
    lib/dns/resolver.c.
  - CVE-2015-5722

lp:ubuntu/precise-updates/e2fsprogs Mature 2015-09-01 10:57:56 UTC 2015-09-01
61. fix rule-violating lblk->pblk mapping...

Author: Seyeong Kim
Revision Date: 2015-09-01 10:57:56 UTC

fix rule-violating lblk->pblk mappings on bigalloc filesystems (LP: #1321418)

lp:ubuntu/precise-security/expat Mature 2015-08-28 09:33:57 UTC 2015-08-28
14. * SECURITY UPDATE: integer overflows ...

Author: Marc Deslauriers
Revision Date: 2015-08-28 09:33:57 UTC

* SECURITY UPDATE: integer overflows in XML_GetBuffer
  - debian/patches/CVE-2015-1283.dpatch: add checks to lib/xmlparse.c.
  - CVE-2015-1283

lp:ubuntu/precise-updates/expat Mature 2015-08-28 09:33:57 UTC 2015-08-28
14. * SECURITY UPDATE: integer overflows ...

Author: Marc Deslauriers
Revision Date: 2015-08-28 09:33:57 UTC

* SECURITY UPDATE: integer overflows in XML_GetBuffer
  - debian/patches/CVE-2015-1283.dpatch: add checks to lib/xmlparse.c.
  - CVE-2015-1283

lp:ubuntu/precise-security/enigmail bug Mature 2015-08-26 21:42:29 UTC 2015-08-26
48. * New upstream release v1.8.2 to supp...

Author: Chris Coulson
Revision Date: 2015-08-26 20:08:27 UTC

* New upstream release v1.8.2 to support Thunderbird 38
  - Fixes LP: #1489103 - Per-account settings missing after Thunderbird
    update

* Depend on gnupg2 instead of gnupg. Whilst this enigmail version still
  works with gnupg 1.4.*, it pops up an alert warning that it will be the
  last version to do so
  - update debian/control

lp:ubuntu/precise-updates/enigmail Mature 2015-08-26 20:08:27 UTC 2015-08-26
48. * New upstream release v1.8.2 to supp...

Author: Chris Coulson
Revision Date: 2015-08-26 20:08:27 UTC

* New upstream release v1.8.2 to support Thunderbird 38
  - Fixes LP: #1489103 - Per-account settings missing after Thunderbird
    update

* Depend on gnupg2 instead of gnupg. Whilst this enigmail version still
  works with gnupg 1.4.*, it pops up an alert warning that it will be the
  last version to do so
  - update debian/control

lp:ubuntu/precise-security/subversion Mature 2015-08-20 08:53:48 UTC 2015-08-20
61. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-08-20 08:53:48 UTC

* SECURITY UPDATE: denial of service via non-existing REPORT request
  - debian/patches/CVE-2014-3580.patch: make sure repo paths are
    specified in subversion/mod_dav_svn/reports/deleted-rev.c,
    subversion/mod_dav_svn/reports/file-revs.c,
    subversion/mod_dav_svn/reports/get-location-segments.c,
    subversion/mod_dav_svn/reports/get-locations.c,
    subversion/mod_dav_svn/reports/log.c,
    subversion/mod_dav_svn/reports/mergeinfo.c.
  - CVE-2014-3580
* SECURITY UPDATE: denial of service via crafted parameter combinations
  - debian/patches/CVE-2015-0248.patch: properly handle missing revision
    numbers in subversion/mod_dav_svn/reports/get-location-segments.c,
    subversion/svnserve/serve.c.
  - CVE-2015-0248
* SECURITY UPDATE: svn:author property spoofing issue
  - debian/patches/CVE-2015-0251.patch: restrict svn:author modifications
    in subversion/mod_dav_svn/deadprops.c.
  - CVE-2015-0251
* SECURITY UPDATE: sensitive path information disclosure
  - debian/patches/CVE-2015-3187.patch: fix order in
    subversion/libsvn_repos/rev_hunt.c, added tests to
    subversion/tests/cmdline/authz_tests.py,
    subversion/tests/libsvn_repos/repos-test.c.
  - CVE-2015-3187

lp:ubuntu/precise-updates/subversion Mature 2015-08-20 08:53:48 UTC 2015-08-20
61. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-08-20 08:53:48 UTC

* SECURITY UPDATE: denial of service via non-existing REPORT request
  - debian/patches/CVE-2014-3580.patch: make sure repo paths are
    specified in subversion/mod_dav_svn/reports/deleted-rev.c,
    subversion/mod_dav_svn/reports/file-revs.c,
    subversion/mod_dav_svn/reports/get-location-segments.c,
    subversion/mod_dav_svn/reports/get-locations.c,
    subversion/mod_dav_svn/reports/log.c,
    subversion/mod_dav_svn/reports/mergeinfo.c.
  - CVE-2014-3580
* SECURITY UPDATE: denial of service via crafted parameter combinations
  - debian/patches/CVE-2015-0248.patch: properly handle missing revision
    numbers in subversion/mod_dav_svn/reports/get-location-segments.c,
    subversion/svnserve/serve.c.
  - CVE-2015-0248
* SECURITY UPDATE: svn:author property spoofing issue
  - debian/patches/CVE-2015-0251.patch: restrict svn:author modifications
    in subversion/mod_dav_svn/deadprops.c.
  - CVE-2015-0251
* SECURITY UPDATE: sensitive path information disclosure
  - debian/patches/CVE-2015-3187.patch: fix order in
    subversion/libsvn_repos/rev_hunt.c, added tests to
    subversion/tests/cmdline/authz_tests.py,
    subversion/tests/libsvn_repos/repos-test.c.
  - CVE-2015-3187

lp:ubuntu/precise-security/net-snmp Mature 2015-08-13 10:31:34 UTC 2015-08-13
58. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-08-13 10:31:34 UTC

* SECURITY UPDATE: denial of service via crafted SNMP trap message
  - debian/patches/CVE-2014-3565.patch: handle variables with wrong types
    in snmplib/mib.c.
  - CVE-2014-3565
* SECURITY UPDATE: denial of service and possible code execution via
  incompletely parsed varBind variables
  - debian/patches/CVE-2015-5621.patch: don't return incorrectly parsed
    varbinds in snmplib/snmp_api.c.
  - CVE-2015-5621

1100 of 28339 results