Branches for Precise

Name Status Last Modified Last Commit
lp:ubuntu/precise-proposed/dahdi-linux bug Mature 2014-12-11 19:22:35 UTC 2014-12-11
25. * debian/dkms.conf.in: Expose the tar...

Author: Stefan Bader
Revision Date: 2014-12-09 18:47:52 UTC

* debian/dkms.conf.in: Expose the target kernel version in a variable that
  is actually heeded by the make file. And also pass it in on every
  invokation of make (LP: #790558).
* debian/patches/kernel-v3-11-compat.patch: Refreshed patch because it
  broke building on 3.2 kernel which was missed because of the bug that
  caused the build to be always for the running kernel (LP: #1336253).

lp:ubuntu/precise-proposed/lazr.restfulclient bug Mature 2014-12-11 17:08:38 UTC 2014-12-11
20. Always uppercase HTTP methods to matc...

Author: Colin Watson
Revision Date: 2014-12-11 16:44:14 UTC

Always uppercase HTTP methods to match httplib2 expectations
(LP: #1401544).

lp:ubuntu/precise-updates/lazr.restfulclient Mature 2014-12-11 16:44:14 UTC 2014-12-11
20. Always uppercase HTTP methods to matc...

Author: Colin Watson
Revision Date: 2014-12-11 16:44:14 UTC

Always uppercase HTTP methods to match httplib2 expectations
(LP: #1401544).

lp:ubuntu/precise-security/nvidia-graphics-drivers-304-updates Mature 2014-12-10 19:19:10 UTC 2014-12-10
8. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2014-12-09 18:55:51 UTC

[ Alberto Milone ]
* New upstream release.
* debian/substvars:
  - Add support for video ABIs up to 19.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/nvidia-graphics-drivers-304 Mature 2014-12-10 19:18:23 UTC 2014-12-10
7. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2014-12-09 18:52:16 UTC

[ Alberto Milone ]
* New upstream release.
* debian/substvars:
  - Add support for video ABIs up to 19.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/nvidia-graphics-drivers-331-updates Mature 2014-12-10 18:39:40 UTC 2014-12-10
4. [ Alberto Milone ] * debian/substvars...

Author: Alberto Milone
Revision Date: 2014-12-09 15:55:15 UTC

[ Alberto Milone ]
* debian/substvars:
  - Add support for video ABIs up to 19.
* debian/templates/dkms_nvidia.conf.in:
  - Drop all the patches.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/nvidia-graphics-drivers-331 Mature 2014-12-10 18:39:29 UTC 2014-12-10
4. [ Alberto Milone ] * debian/substvars...

Author: Alberto Milone
Revision Date: 2014-12-09 12:10:46 UTC

[ Alberto Milone ]
* debian/substvars:
  - Add support for video ABIs up to 19.
* debian/templates/dkms_nvidia.conf.in:
  - Drop all the patches.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/llvm-toolchain-3.4 Mature 2014-12-09 19:18:58 UTC 2014-12-09
10. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 11:01:26 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/x11proto-xext Mature 2014-12-09 19:08:35 UTC 2014-12-09
12. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:32:24 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-security/x11proto-input Mature 2014-12-09 19:08:19 UTC 2014-12-09
31. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:38:59 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-security/mesa-lts-trusty Mature 2014-12-09 19:07:55 UTC 2014-12-09
4. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:54:27 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/cloog-lts Mature 2014-12-09 19:07:34 UTC 2014-12-09
3. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:47:53 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-security/isl-lts Mature 2014-12-09 19:07:06 UTC 2014-12-09
3. No change rebuild for security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:49:26 UTC

No change rebuild for security pocket

lp:ubuntu/precise-security/wayland-lts-trusty Mature 2014-12-09 19:06:59 UTC 2014-12-09
3. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 11:57:41 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/nvidia-graphics-drivers-304-updates Mature 2014-12-09 18:55:51 UTC 2014-12-09
8. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2014-12-09 18:55:51 UTC

[ Alberto Milone ]
* New upstream release.
* debian/substvars:
  - Add support for video ABIs up to 19.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-updates/nvidia-graphics-drivers-304 Mature 2014-12-09 18:52:16 UTC 2014-12-09
7. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2014-12-09 18:52:16 UTC

[ Alberto Milone ]
* New upstream release.
* debian/substvars:
  - Add support for video ABIs up to 19.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-proposed/xserver-xorg-video-intel-lts-trusty bug Mature 2014-12-09 17:45:47 UTC 2014-12-09
3. Backport to precise.

Author: Timo Aaltonen
Revision Date: 2014-11-21 10:41:58 UTC

Backport to precise.

lp:ubuntu/precise-updates/nvidia-graphics-drivers-331-updates Mature 2014-12-09 15:55:15 UTC 2014-12-09
4. [ Alberto Milone ] * debian/substvars...

Author: Alberto Milone
Revision Date: 2014-12-09 15:55:15 UTC

[ Alberto Milone ]
* debian/substvars:
  - Add support for video ABIs up to 19.
* debian/templates/dkms_nvidia.conf.in:
  - Drop all the patches.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-updates/nvidia-graphics-drivers-331 Mature 2014-12-09 12:10:46 UTC 2014-12-09
4. [ Alberto Milone ] * debian/substvars...

Author: Alberto Milone
Revision Date: 2014-12-09 12:10:46 UTC

[ Alberto Milone ]
* debian/substvars:
  - Add support for video ABIs up to 19.
* debian/templates/dkms_nvidia.conf.in:
  - Drop all the patches.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/mutt Mature 2014-12-09 11:54:20 UTC 2014-12-09
39. * SECURITY UPDATE: heap-based overflo...

Author: Steve Beattie
Revision Date: 2014-12-09 11:54:20 UTC

* SECURITY UPDATE: heap-based overflow in mutt_substrdup() when
  handling headers beginning with newline.
  - debian/patches/ubuntu/mutt-CVE-2014-9116.patch
  - CVE-2014-9116

lp:ubuntu/precise-updates/mutt Mature 2014-12-09 11:54:20 UTC 2014-12-09
39. * SECURITY UPDATE: heap-based overflo...

Author: Steve Beattie
Revision Date: 2014-12-09 11:54:20 UTC

* SECURITY UPDATE: heap-based overflow in mutt_substrdup() when
  handling headers beginning with newline.
  - debian/patches/ubuntu/mutt-CVE-2014-9116.patch
  - CVE-2014-9116

lp:ubuntu/precise-security/linux-lts-trusty bug Mature 2014-12-09 11:09:22 UTC 2014-12-09
23. [ Luis Henriques ] * Release Trackin...

Author: Luis Henriques
Revision Date: 2014-12-09 11:09:22 UTC

[ Luis Henriques ]

* Release Tracking Bug
  - LP: #1399807

[ Upstream Kernel Changes ]

* x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C
  - LP: #1398795
  - CVE-2014-9090
* x86_64, traps: Rework bad_iret
  - LP: #1398795
  - CVE-2014-9090
* x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
  - LP: #1400314
  - CVE-2014-8134

lp:ubuntu/precise-updates/linux-lts-trusty Mature 2014-12-09 11:09:22 UTC 2014-12-09
23. [ Luis Henriques ] * Release Trackin...

Author: Luis Henriques
Revision Date: 2014-12-09 11:09:22 UTC

[ Luis Henriques ]

* Release Tracking Bug
  - LP: #1399807

[ Upstream Kernel Changes ]

* x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C
  - LP: #1398795
  - CVE-2014-9090
* x86_64, traps: Rework bad_iret
  - LP: #1398795
  - CVE-2014-9090
* x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
  - LP: #1400314
  - CVE-2014-8134

lp:ubuntu/precise-updates/isl-lts Mature 2014-12-06 12:49:26 UTC 2014-12-06
3. No change rebuild for security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:49:26 UTC

No change rebuild for security pocket

lp:ubuntu/precise-updates/cloog-lts Mature 2014-12-06 12:47:53 UTC 2014-12-06
3. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:47:53 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-security/libxfixes Mature 2014-12-06 12:19:12 UTC 2014-12-06
17. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:19:12 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/libxfixes Mature 2014-12-06 12:19:12 UTC 2014-12-06
17. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:19:12 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/libxi Mature 2014-12-06 12:16:55 UTC 2014-12-06
21. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:16:55 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/libxi bug Mature 2014-12-06 12:16:55 UTC 2014-12-06
22. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:16:55 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/wayland-lts-trusty Mature 2014-12-06 11:57:41 UTC 2014-12-06
3. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 11:57:41 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/llvm-toolchain-3.4 Mature 2014-12-06 11:01:26 UTC 2014-12-06
11. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 11:01:26 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/mesa-lts-trusty Mature 2014-12-06 10:54:27 UTC 2014-12-06
4. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:54:27 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/x11proto-gl Mature 2014-12-06 10:51:06 UTC 2014-12-06
11. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:51:06 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/x11proto-gl Mature 2014-12-06 10:51:06 UTC 2014-12-06
11. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:51:06 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/pixman bug Mature 2014-12-06 10:45:18 UTC 2014-12-06
30. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:45:18 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/pixman bug Mature 2014-12-06 10:45:18 UTC 2014-12-06
31. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:45:18 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/x11proto-input Mature 2014-12-06 10:38:59 UTC 2014-12-06
31. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:38:59 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-updates/x11proto-xext Mature 2014-12-06 10:32:24 UTC 2014-12-06
12. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:32:24 UTC

No change rebuild for the security pocket

lp:~levlaz/ubuntu/precise/nginx/fix-for-1370478 (Has a merge proposal) Development 2014-12-06 03:46:08 UTC 2014-12-06
59. Added Correct Patch Headers

Author: Lev Lazinskiy
Revision Date: 2014-12-06 03:41:02 UTC

Added Correct Patch Headers

lp:ubuntu/precise-updates/nginx Mature 2014-12-05 22:25:50 UTC 2014-12-05
56. * SECURITY UPDATE: incorrect cached S...

Author: Lev Lazinskiy
Revision Date: 2014-12-05 22:25:50 UTC

* SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478)
  - debian/patches/CVE-2014-3616.patch: Use a random value for session id
    context, since there is no support for shared TLS Session Tickets in
    this version in src/event/ngx_event_openssl.c.
  - CVE-2014-3616

lp:ubuntu/precise-proposed/bcmwl bug Development 2014-12-04 23:13:22 UTC 2014-12-04
38. * New upstream release (LP: #1397028)...

Author: Alberto Milone
Revision Date: 2014-12-01 15:00:32 UTC

* New upstream release (LP: #1397028):
  - This is an official public release from Broadcom.
* debian/patches/0013-gcc.patch
  - Fix build with recent versions of GCC. Credit
    for the patch goes to Robert Ancell.
* debian/dkms.conf.in,
  debian/patches/0014-add-support-for-Linux-3.17.patch,
  debian/patches/0015-add-support-for-Linux-3.18.patch:
  - Drop patches for old kernels (now upstream)
  - Add support for Linux 3.17.
    Credit for the patch goes to Brian Norris.
  - Add support for Linux 3.18.
    Credit for the patch goes to Krzysztof Kolasa.

lp:ubuntu/precise-security/maas bug Mature 2014-12-04 20:29:46 UTC 2014-12-04
18. * Fix compatibility with mod-wsgi sec...

Author: Marc Deslauriers
Revision Date: 2014-12-04 14:00:28 UTC

* Fix compatibility with mod-wsgi security update (LP: #1399016)
  - debian/patches/home-directory.patch: specify a valid home directory
    for the maas user, since mod-wsgi no longer works without one.

lp:ubuntu/precise-security/graphviz Mature 2014-12-04 16:26:23 UTC 2014-12-04
44. * SECURITY UPDATE: Format string vuln...

Author: Seth Arnold
Revision Date: 2014-12-04 16:26:23 UTC

* SECURITY UPDATE: Format string vulnerability may allow attackers to
  cause a denial of service or possibly execute code.
  - debian/patches/CVE-2014-9157.patch: Fix format string vulnerability in
    lib/cgraph/scan.l yyerror() routine.
  - CVE-2014-9157

lp:ubuntu/precise-updates/graphviz Mature 2014-12-04 16:26:23 UTC 2014-12-04
44. * SECURITY UPDATE: Format string vuln...

Author: Seth Arnold
Revision Date: 2014-12-04 16:26:23 UTC

* SECURITY UPDATE: Format string vulnerability may allow attackers to
  cause a denial of service or possibly execute code.
  - debian/patches/CVE-2014-9157.patch: Fix format string vulnerability in
    lib/cgraph/scan.l yyerror() routine.
  - CVE-2014-9157

lp:ubuntu/precise-updates/tcpdump Mature 2014-12-04 14:37:37 UTC 2014-12-04
30. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-12-03 17:05:38 UTC

* SECURITY UPDATE: denial of service and possible code execution in
  olsr_print
  - debian/patches/CVE-2014-8767.patch: improve bounds checking and
    error handling in print-olsr.c.
  - CVE-2014-8767
* SECURITY UPDATE: denial of service and possible code execution in
  print-aodv.c
  - debian/patches/CVE-2014-8769.patch: improve bounds checking and
    length checking in print-aodv.c, aodv.h.
  - CVE-2014-8769
* SECURITY UPDATE: denial of service and possible code execution in
  print-ppp.c
  - debian/patches/CVE-2014-9140.patch: improve bounds checking in
    print-ppp.c.
  - CVE-2014-9140

lp:ubuntu/precise-security/tcpdump Mature 2014-12-04 14:14:08 UTC 2014-12-04
30. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-12-03 17:05:38 UTC

* SECURITY UPDATE: denial of service and possible code execution in
  olsr_print
  - debian/patches/CVE-2014-8767.patch: improve bounds checking and
    error handling in print-olsr.c.
  - CVE-2014-8767
* SECURITY UPDATE: denial of service and possible code execution in
  print-aodv.c
  - debian/patches/CVE-2014-8769.patch: improve bounds checking and
    length checking in print-aodv.c, aodv.h.
  - CVE-2014-8769
* SECURITY UPDATE: denial of service and possible code execution in
  print-ppp.c
  - debian/patches/CVE-2014-9140.patch: improve bounds checking in
    print-ppp.c.
  - CVE-2014-9140

lp:ubuntu/precise-updates/maas Mature 2014-12-04 14:00:28 UTC 2014-12-04
18. * Fix compatibility with mod-wsgi sec...

Author: Marc Deslauriers
Revision Date: 2014-12-04 14:00:28 UTC

* Fix compatibility with mod-wsgi security update (LP: #1399016)
  - debian/patches/home-directory.patch: specify a valid home directory
    for the maas user, since mod-wsgi no longer works without one.

lp:ubuntu/precise-proposed/ubiquity bug Development 2014-12-01 19:25:33 UTC 2014-12-01
509. Automatic update of included source p...

Author: Stéphane Graber
Revision Date: 2012-07-30 10:36:51 UTC

Automatic update of included source packages: base-installer
1.122ubuntu7.1, debian-installer-utils 1.88ubuntu2.1, flash-kernel
2.28ubuntu42.2. (one-time update from precise-proposed) (LP: #1021293)

lp:ubuntu/precise-security/openvpn Mature 2014-12-01 17:11:38 UTC 2014-12-01
51. * SECURITY UPDATE: server denial of s...

Author: Marc Deslauriers
Revision Date: 2014-12-01 17:11:38 UTC

* SECURITY UPDATE: server denial of service via too-short control channel
  packets
  - debian/patches/CVE-2014-8104.patch: drop too-short control channel
    packets instead of asserting out in ssl.c.
  - CVE-2014-8104
* debian/patches/update_certs.patch: update test certs to fix FTBFS.

lp:ubuntu/precise-updates/openvpn Mature 2014-12-01 17:11:38 UTC 2014-12-01
51. * SECURITY UPDATE: server denial of s...

Author: Marc Deslauriers
Revision Date: 2014-12-01 17:11:38 UTC

* SECURITY UPDATE: server denial of service via too-short control channel
  packets
  - debian/patches/CVE-2014-8104.patch: drop too-short control channel
    packets instead of asserting out in ssl.c.
  - CVE-2014-8104
* debian/patches/update_certs.patch: update test certs to fix FTBFS.

lp:ubuntu/precise-updates/ppp Mature 2014-12-01 16:06:55 UTC 2014-12-01
26. * SECURITY UPDATE: possible privilege...

Author: Marc Deslauriers
Revision Date: 2014-11-25 16:17:49 UTC

* SECURITY UPDATE: possible privilege escalation via option parsing
  - debian/patches/CVE-2014-3158.patch: fix integer overflow in
    pppd/options.c.
  - CVE-2014-3158

lp:ubuntu/precise-security/ppp Mature 2014-12-01 15:43:00 UTC 2014-12-01
26. * SECURITY UPDATE: possible privilege...

Author: Marc Deslauriers
Revision Date: 2014-11-25 16:17:49 UTC

* SECURITY UPDATE: possible privilege escalation via option parsing
  - debian/patches/CVE-2014-3158.patch: fix integer overflow in
    pppd/options.c.
  - CVE-2014-3158

lp:ubuntu/precise-updates/libksba Mature 2014-11-27 20:34:37 UTC 2014-11-27
17. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-11-27 12:58:30 UTC

* SECURITY UPDATE: denial of service and possible code execution in
  ksba_oid_to_str().
  - debian/patches/CVE-2014-9087.patch: check value in src/oid.c, added
    test to tests/t-oid.c, tests/Makefile.am, fix unrelated typo in
    tests/t-dnparser.c.
  - CVE-2014-9087

lp:ubuntu/precise-security/libksba Mature 2014-11-27 19:45:57 UTC 2014-11-27
17. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-11-27 12:58:30 UTC

* SECURITY UPDATE: denial of service and possible code execution in
  ksba_oid_to_str().
  - debian/patches/CVE-2014-9087.patch: check value in src/oid.c, added
    test to tests/t-oid.c, tests/Makefile.am, fix unrelated typo in
    tests/t-dnparser.c.
  - CVE-2014-9087

lp:ubuntu/precise-updates/flac Mature 2014-11-27 19:35:33 UTC 2014-11-27
23. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2014-11-27 12:27:24 UTC

* SECURITY UPDATE: arbitrary code execution via crafted .flac file
  - debian/patches/CVE-2014-8962.patch: validate id in
    src/libFLAC/stream_decoder.c.
  - CVE-2014-8962
* SECURITY UPDATE: arbitrary code execution via crafted .flac file
  - debian/patches/CVE-2014-9028.patch: error out to avoid heap overflow
    in src/libFLAC/stream_decoder.c.
  - CVE-2014-9028

lp:ubuntu/precise-security/flac Mature 2014-11-27 19:07:20 UTC 2014-11-27
23. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2014-11-27 12:27:24 UTC

* SECURITY UPDATE: arbitrary code execution via crafted .flac file
  - debian/patches/CVE-2014-8962.patch: validate id in
    src/libFLAC/stream_decoder.c.
  - CVE-2014-8962
* SECURITY UPDATE: arbitrary code execution via crafted .flac file
  - debian/patches/CVE-2014-9028.patch: error out to avoid heap overflow
    in src/libFLAC/stream_decoder.c.
  - CVE-2014-9028

lp:ubuntu/precise-updates/webkitkde Mature 2014-11-24 17:28:53 UTC 2014-11-24
24. * SECURITY UPDATE: Insufficient Input...

Author: Jonathan Riddell
Revision Date: 2014-11-20 15:56:53 UTC

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
  Webkit Part
 - Add upstream_cve-2014-8600.diff to escape protocol twice: once
   for i18n, and once for HTML
 - https://www.kde.org/info/security/advisory-20141113-1.txt
 - CVE-2014-8600
 - LP: #1393479

lp:ubuntu/precise-security/kde-runtime bug Mature 2014-11-24 16:40:59 UTC 2014-11-24
19. * SECURITY UPDATE: Insufficient Input...

Author: Jonathan Riddell
Revision Date: 2014-11-20 15:46:42 UTC

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
  Webkit Part
 - Add upstream_CVE-2014-8600.diff to escape protocol twice: once
   for i18n, and once for HTML
 - https://www.kde.org/info/security/advisory-20141113-1.txt
 - CVE-2014-8600
 - LP: #1393479

lp:ubuntu/precise-security/webkitkde bug Mature 2014-11-24 16:21:24 UTC 2014-11-24
24. * SECURITY UPDATE: Insufficient Input...

Author: Jonathan Riddell
Revision Date: 2014-11-20 15:56:53 UTC

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
  Webkit Part
 - Add upstream_cve-2014-8600.diff to escape protocol twice: once
   for i18n, and once for HTML
 - https://www.kde.org/info/security/advisory-20141113-1.txt
 - CVE-2014-8600
 - LP: #1393479

lp:ubuntu/precise-updates/xserver-xorg-video-intel-lts-trusty Mature 2014-11-21 10:41:58 UTC 2014-11-21
3. Backport to precise.

Author: Timo Aaltonen
Revision Date: 2014-11-21 10:41:58 UTC

Backport to precise.

lp:ubuntu/precise-proposed/nfs-utils bug Mature 2014-11-20 20:19:40 UTC 2014-11-20
58. Fix mount.nfs so that it falls back t...

Author: Dave Chiluk
Revision Date: 2014-11-18 10:55:28 UTC

Fix mount.nfs so that it falls back to v3 when ipv4 and ipv6 name resolution
is present, but nfsv4 is not. present. LP: #1391662

lp:ubuntu/precise-updates/kde-runtime Mature 2014-11-20 15:46:42 UTC 2014-11-20
19. * SECURITY UPDATE: Insufficient Input...

Author: Jonathan Riddell
Revision Date: 2014-11-20 15:46:42 UTC

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
  Webkit Part
 - Add upstream_CVE-2014-8600.diff to escape protocol twice: once
   for i18n, and once for HTML
 - https://www.kde.org/info/security/advisory-20141113-1.txt
 - CVE-2014-8600
 - LP: #1393479

lp:ubuntu/precise-proposed/landscape-client bug Mature 2014-11-19 18:23:03 UTC 2014-11-19
48. * New upstream version (LP: #1190510)...

Author: Chris Glass
Revision Date: 2013-09-20 10:10:28 UTC

* New upstream version (LP: #1190510)
 - New annotations exchange mechanism allows clients to send any key-value
   data to the landscape server (LP: #1123932)
 - Network devices now report their maximum theoretical speeds, and duplex
   status to landscape-server (LP: #1126331, LP: #1130733)
 - Landscape.client is now HA aware when HA is implemented using juju
   charms (LP: #1122508)
 - The landscape client will now trigger a reboot if server sends a
   reboot-required message. (LP: #1133005)
 - Big AMP code cleanup and refactoring in order to improve testing, improve
   performance and ease future maintainability (LP: #1165047, LP: #1169102,
   LP: #1170669)
 - Added logic to detect cloned (virtual) computers (LP: #1161856)
 - The landscape-client and landscape-common packages do not use or depend
   on dbus code anymore, and the dependencies to python-gi and gudev are
   dropped. The hardware info plugin now looks at /proc instead of querying
   DBus (LP: #1175553, LP: #1180691)
 - The ceph manager plugin is now a monitor plugin and thus does not require
   root privileges anymore. (LP: #1186973)
 - The detection logic for virtual machine was changed to account for the
   different semantics between Openstack Folsom and Grizzly, and was
   expanded to detect more hypervisors (LP: #1191843)
 - Removed legacy upgrader code from postinst since support for it was
   dropped.
 - The /etc/dbus-1/system.d/landscape.conf file was moved from the
   landscape-common package to the landscape-client-uii as part of
   LP: #1175553, LP: #1180691. No "Breaks" rule was added since the
   landscape-client-ui package requires the exact same version of
   landscape-common, which avoids the case outlined in
   http://www.debian.org/doc/debian-policy/footnotes.html#f53 .
* Removed the hardwareinfo patch since the changes were merged upstream
* Changed dh_clean -K to dh_prep (dh_clean -K is deprecated)
* Removed the packages arguments to dh_installman since all pacakges have
  manpages now.

lp:ubuntu/precise-security/ruby1.9.1 Mature 2014-11-19 15:31:09 UTC 2014-11-19
31. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-11-19 15:31:09 UTC

* SECURITY UPDATE: denial of service via XML expansion
  - debian/patches/CVE-2014-8090.patch: add REXML::Document#document
    to lib/rexml/document.rb, add warning to lib/rexml/entity.rb, added
    tests to test/rexml/test_document.rb.
  - CVE-2014-8090

lp:ubuntu/precise-updates/ruby1.9.1 Mature 2014-11-19 15:31:09 UTC 2014-11-19
31. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-11-19 15:31:09 UTC

* SECURITY UPDATE: denial of service via XML expansion
  - debian/patches/CVE-2014-8090.patch: add REXML::Document#document
    to lib/rexml/document.rb, add warning to lib/rexml/entity.rb, added
    tests to test/rexml/test_document.rb.
  - CVE-2014-8090

lp:ubuntu/precise-security/mod-wsgi bug Mature 2014-11-18 11:12:46 UTC 2014-11-18
22. * SECURITY UPDATE: possible privilege...

Author: Marc Deslauriers
Revision Date: 2014-11-18 11:12:46 UTC

* SECURITY UPDATE: possible privilege escalation via incorrect error
  checking
  - debian/patches/CVE-2014-8583.patch: restart process if privileges
    couldn't be dropped in mod_wsgi.c.
  - CVE-2014-8583

lp:ubuntu/precise-updates/mod-wsgi Mature 2014-11-18 11:12:46 UTC 2014-11-18
22. * SECURITY UPDATE: possible privilege...

Author: Marc Deslauriers
Revision Date: 2014-11-18 11:12:46 UTC

* SECURITY UPDATE: possible privilege escalation via incorrect error
  checking
  - debian/patches/CVE-2014-8583.patch: restart process if privileges
    couldn't be dropped in mod_wsgi.c.
  - CVE-2014-8583

lp:ubuntu/precise-updates/nfs-utils Mature 2014-11-18 10:55:28 UTC 2014-11-18
58. Fix mount.nfs so that it falls back t...

Author: Dave Chiluk
Revision Date: 2014-11-18 10:55:28 UTC

Fix mount.nfs so that it falls back to v3 when ipv4 and ipv6 name resolution
is present, but nfsv4 is not. present. LP: #1391662

lp:ubuntu/precise-backports/tcpdump bug Mature 2014-11-17 19:11:10 UTC 2014-11-17
30. No-change backport to precise (LP: #1...

Author: Felix Geyer
Revision Date: 2014-11-17 19:11:06 UTC

No-change backport to precise (LP: #1393373)

lp:ubuntu/precise-security/quassel bug Mature 2014-11-17 18:59:10 UTC 2014-11-17
89. * SECURITY UPDATE: out-of-bounds read...

Author: Felix Geyer
Revision Date: 2014-11-04 18:19:33 UTC

* SECURITY UPDATE: out-of-bounds read in ECB Blowfish decryption
  - debian/patches/CVE-2014-8483.patch: backport upstream patch
  - CVE-2014-8483
  - LP: #1388333

lp:ubuntu/precise-updates/eiciel Mature 2014-11-15 08:29:52 UTC 2014-11-15
13. Add participant filtering in the main...

Author: Dariusz Gadomski
Revision Date: 2014-09-26 09:17:05 UTC

Add participant filtering in the main window. (LP: #1361217)

lp:ubuntu/precise-updates/kde-workspace bug Mature 2014-11-15 05:20:59 UTC 2014-11-15
50. [ Jonathan Riddell ] * SECURITY UPDAT...

Author: Jamie Strandboge
Revision Date: 2014-11-06 14:22:00 UTC

[ Jonathan Riddell ]
* SECURITY UPDATE: Privilege Escalation via KDE Clock KCM polkit helper
 - Add upstream_clock-privilage-escalation.diff, checks which
   binary is being run
 - https://www.kde.org/info/security/advisory-20141106-1.txt
 - LP: #1389665

[ Jamie Strandboge ]
* update upstream_clock-privilage-escalation.diff to add exePath definition
  to fix a FTBFS, and also use exePath with hwclock and zic, like on newer
  releases

lp:ubuntu/precise-security/kde-workspace bug Mature 2014-11-15 05:20:48 UTC 2014-11-15
44. [ Jonathan Riddell ] * SECURITY UPDAT...

Author: Jamie Strandboge
Revision Date: 2014-11-06 14:22:00 UTC

[ Jonathan Riddell ]
* SECURITY UPDATE: Privilege Escalation via KDE Clock KCM polkit helper
 - Add upstream_clock-privilage-escalation.diff, checks which
   binary is being run
 - https://www.kde.org/info/security/advisory-20141106-1.txt
 - LP: #1389665

[ Jamie Strandboge ]
* update upstream_clock-privilage-escalation.diff to add exePath definition
  to fix a FTBFS, and also use exePath with hwclock and zic, like on newer
  releases

lp:ubuntu/precise-updates/konversation Mature 2014-11-15 04:55:06 UTC 2014-11-15
64. * SECURITY UPDATE: out-of-bounds read...

Author: Jonathan Riddell
Revision Date: 2014-11-04 17:38:21 UTC

* SECURITY UPDATE: out-of-bounds read on a heap-allocated array LP: #1389296
  - Add kubuntu_02_cve-2014-8483.diff to verify read bounds
  - CVE-2014-8483
  - https://www.kde.org/info/security/advisory-20140923-1.txt

lp:ubuntu/precise-security/konversation bug Mature 2014-11-15 04:54:59 UTC 2014-11-15
64. * SECURITY UPDATE: out-of-bounds read...

Author: Jonathan Riddell
Revision Date: 2014-11-04 17:38:21 UTC

* SECURITY UPDATE: out-of-bounds read on a heap-allocated array LP: #1389296
  - Add kubuntu_02_cve-2014-8483.diff to verify read bounds
  - CVE-2014-8483
  - https://www.kde.org/info/security/advisory-20140923-1.txt

lp:ubuntu/precise-security/enigmail bug Mature 2014-11-14 07:46:24 UTC 2014-11-14
47. * SECURITY UPDATE: wrong encryption w...

Author: Marc Deslauriers
Revision Date: 2014-11-14 07:46:24 UTC

* SECURITY UPDATE: wrong encryption when only BCC is used
  - New upstream release v1.7.2
  - CVE-2014-5369

lp:ubuntu/precise-updates/enigmail Mature 2014-11-14 07:46:24 UTC 2014-11-14
47. * SECURITY UPDATE: wrong encryption w...

Author: Marc Deslauriers
Revision Date: 2014-11-14 07:46:24 UTC

* SECURITY UPDATE: wrong encryption when only BCC is used
  - New upstream release v1.7.2
  - CVE-2014-5369

lp:ubuntu/precise-security/kdepimlibs Mature 2014-11-05 13:24:31 UTC 2014-11-05
120. No change rebuild for security

Author: Jamie Strandboge
Revision Date: 2014-11-05 13:24:31 UTC

No change rebuild for security

lp:ubuntu/precise-updates/kdepimlibs Mature 2014-11-05 13:24:31 UTC 2014-11-05
120. No change rebuild for security

Author: Jamie Strandboge
Revision Date: 2014-11-05 13:24:31 UTC

No change rebuild for security

lp:~ci-engineering-private/ubuntu/precise/autodep8/uci-engine Development 2014-11-05 11:41:58 UTC 2014-11-05
14. Switch maintainer to Autopkgtest team...

Author: Martin Pitt
Revision Date: 2014-10-30 10:00:30 UTC

Switch maintainer to Autopkgtest team, and add myself as uploader

With Antonio's consent, discussed on IRC.

lp:ubuntu/precise-backports/drmips bug Mature 2014-11-04 22:46:22 UTC 2014-11-04
3. No-change backport to precise (LP: #1...

Author: Felix Geyer
Revision Date: 2014-11-04 23:16:27 UTC

No-change backport to precise (LP: #1387702)

lp:ubuntu/precise-updates/quassel Mature 2014-11-04 18:19:33 UTC 2014-11-04
89. * SECURITY UPDATE: out-of-bounds read...

Author: Felix Geyer
Revision Date: 2014-11-04 18:19:33 UTC

* SECURITY UPDATE: out-of-bounds read in ECB Blowfish decryption
  - debian/patches/CVE-2014-8483.patch: backport upstream patch
  - CVE-2014-8483
  - LP: #1388333

lp:ubuntu/precise-proposed/ejabberd bug Mature 2014-11-03 21:02:19 UTC 2014-11-03
28. * Add digest-uri-virtual-hosts.patch ...

Author: Richard Hansen
Revision Date: 2013-11-15 15:13:02 UTC

* Add digest-uri-virtual-hosts.patch from upstream commit f434501
  - Fixes a problem with Pidgin not being able to log in on a server
    with multiple virtual hosts and SRV records (LP: #1097366)

lp:ubuntu/precise-proposed/apt bug Mature 2014-10-30 21:40:55 UTC 2014-10-30
196. [ David Kalnischkies ] * methods/http...

Author: Michael Vogt
Revision Date: 2014-10-17 09:57:34 UTC

[ David Kalnischkies ]
* methods/http.cc:
  - retry without partial data after a 416 response (closes: 710924)
    LP: #1382401

lp:ubuntu/precise-proposed/eiciel bug Mature 2014-10-30 21:20:23 UTC 2014-10-30
13. Add participant filtering in the main...

Author: Dariusz Gadomski
Revision Date: 2014-09-26 09:17:05 UTC

Add participant filtering in the main window. (LP: #1361217)

lp:ubuntu/precise-security/wget Mature 2014-10-30 17:33:12 UTC 2014-10-30
27. * SECURITY UPDATE: remote code execut...

Author: Marc Deslauriers
Revision Date: 2014-10-30 10:08:40 UTC

* SECURITY UPDATE: remote code execution via absolute path traversal
  vulnerability in FTP
  - debian/patches/CVE-2014-4877.patch: don't create local symlinks in
    src/init.c, check for duplicate file nodes in src/ftp.c, updated
    documentation in doc/wget.texi.
  - CVE-2014-4877

lp:ubuntu/precise-updates/wget Mature 2014-10-30 10:08:40 UTC 2014-10-30
27. * SECURITY UPDATE: remote code execut...

Author: Marc Deslauriers
Revision Date: 2014-10-30 10:08:40 UTC

* SECURITY UPDATE: remote code execution via absolute path traversal
  vulnerability in FTP
  - debian/patches/CVE-2014-4877.patch: don't create local symlinks in
    src/init.c, check for duplicate file nodes in src/ftp.c, updated
    documentation in doc/wget.texi.
  - CVE-2014-4877

lp:ubuntu/precise-updates/nvidia-prime bug Mature 2014-10-30 08:32:22 UTC 2014-10-30
5. [ Daniel Dadap ] * prime-xconfig: -...

Author: Alberto Milone
Revision Date: 2014-02-21 09:59:12 UTC

[ Daniel Dadap ]
* prime-xconfig:
  - Format the BusID string correctly (LP: #1282796).
    The BusID string created by prime-xconfig had several problems:
    1) It was missing the bus type "PCI", as recommended by
       xorg.conf(5).
    2) Values were written in hexadecimal, as reported by lspci,
       instead of decimal, as expected by the server. (See the
       comment at the top of xf86ParsePciBusString().)
    3) The PCI domain was not specified.
    Giving the BusID string in the wrong format could cause the X
    server to fail to parse the BusID, or to parse numbers in the
    wrong base. On systems with more than one PCI domain, `lspci -n`
    output would include the domain number, which is omitted by
    default on systems with only one PCI domain. nv_get_id()
    expects the bus number to be the first field, which would not be
    correct when `lspci -n` reports the domain, as it does on
    systems with multiple domains.
    Fix these issues by always reporting the domain with `lspci -Dn`
    and using it in the BusID string, prepending "PCI:" to the
    BusID string, and printing all numeric values in decimal.

lp:ubuntu/precise-proposed/distro-info-data bug Development 2014-10-29 10:16:42 UTC 2014-10-29
10. * Copy data from Utopic (LP: #1381995...

Author: Iain Lane
Revision Date: 2014-10-16 12:06:41 UTC

* Copy data from Utopic (LP: #1381995)
  - Drop ".0" suffixes from Debian 7 "wheezy" and 8 "jessie"
  - Correct Debian 6 "squeeze" EOL date
  - Correct Ubuntu 14.10 "utopic" release date
  - Correct Ubuntu 13.04 "raring" EOL date
  - Correct Ubuntu 12.10 "quantal" EOL date
  - Add Ubuntu 15.04, "Vivid Vervet" (with provisional release date)

lp:ubuntu/precise-proposed/xchat-gnome bug Mature 2014-10-28 21:13:54 UTC 2014-10-28
76. * Don't force the use of SSLv3 (LP: #...

Author: Marc Deslauriers
Revision Date: 2014-10-20 10:32:45 UTC

* Don't force the use of SSLv3 (LP: #1381484)
  - debian/patches/dont_force_sslv3.patch: use SSLv23_client_method() so
    the best method gets automatically negotiated in src/common/ssl.c.

lp:ubuntu/precise-proposed/dovecot bug Mature 2014-10-28 17:27:43 UTC 2014-10-28
93. * Backport support for the ssl_protoc...

Author: Marc Deslauriers
Revision Date: 2014-10-27 12:46:22 UTC

* Backport support for the ssl_protocols setting to easily allow
  disabling SSLv3. (LP: #1381537)
  - debian/patches/backport_ssl_protocols.patch: added new setting to
    src/login-common/login-settings.c, src/login-common/login-settings.h,
    src/login-common/ssl-proxy-openssl.c, src/config/all-settings.c.

lp:ubuntu/precise-updates/dovecot Mature 2014-10-27 12:46:22 UTC 2014-10-27
93. * Backport support for the ssl_protoc...

Author: Marc Deslauriers
Revision Date: 2014-10-27 12:46:22 UTC

* Backport support for the ssl_protocols setting to easily allow
  disabling SSLv3. (LP: #1381537)
  - debian/patches/backport_ssl_protocols.patch: added new setting to
    src/login-common/login-settings.c, src/login-common/login-settings.h,
    src/login-common/ssl-proxy-openssl.c, src/config/all-settings.c.

lp:~utlemming/ubuntu/precise/precise/lp1383794 Development 2014-10-22 16:44:21 UTC 2014-10-22
214. debian/patches/lp-1383794-gce-short_n...

Author: Ben Howard
Revision Date: 2014-10-22 16:30:08 UTC

debian/patches/lp-1383794-gce-short_name.patch: Use shortname over FQDN
for GCE (LP: #1383794).

lp:ubuntu/precise-security/libxml2 bug Mature 2014-10-22 12:16:42 UTC 2014-10-22
64. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-10-22 12:16:42 UTC

* SECURITY UPDATE: denial of service via entity expansion
  - parser.c, SAX2.c, include/libxml/entities.h: refactor entity checking
    and add additional tests.
  - https://git.gnome.org/browse/libxml2/commit/?id=a3f1e3e5712257fd279917a9158278534e8f4b72
  - https://git.gnome.org/browse/libxml2/commit/?id=cff2546f13503ac028e4c1f63c7b6d85f2f2d777
  - https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230
  - CVE-2014-3660

lp:ubuntu/precise-updates/libxml2 Mature 2014-10-22 12:16:42 UTC 2014-10-22
64. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-10-22 12:16:42 UTC

* SECURITY UPDATE: denial of service via entity expansion
  - parser.c, SAX2.c, include/libxml/entities.h: refactor entity checking
    and add additional tests.
  - https://git.gnome.org/browse/libxml2/commit/?id=a3f1e3e5712257fd279917a9158278534e8f4b72
  - https://git.gnome.org/browse/libxml2/commit/?id=cff2546f13503ac028e4c1f63c7b6d85f2f2d777
  - https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230
  - CVE-2014-3660

lp:ubuntu/precise-proposed/evolution-data-server bug Mature 2014-10-20 19:59:22 UTC 2014-10-20
177. debian/patches/evolution-data-server-...

Author: Iain Lane
Revision Date: 2014-10-17 10:53:58 UTC

debian/patches/evolution-data-server-3.10.4-poodle-enable-tls-for-ssl.patch:
Enable all SSL/TLS versions supported by NSS (LP: #1382133)

lp:ubuntu/precise-updates/xchat-gnome Mature 2014-10-20 10:32:45 UTC 2014-10-20
76. * Don't force the use of SSLv3 (LP: #...

Author: Marc Deslauriers
Revision Date: 2014-10-20 10:32:45 UTC

* Don't force the use of SSLv3 (LP: #1381484)
  - debian/patches/dont_force_sslv3.patch: use SSLv23_client_method() so
    the best method gets automatically negotiated in src/common/ssl.c.

lp:~qtjambi-community/ubuntu/precise/qtjambi-snapshot/debian Development 2014-10-18 17:20:46 UTC 2014-10-18
209. Attempt to fix the build by disabling...

Author: João Almeida
Revision Date: 2014-10-18 17:20:46 UTC

Attempt to fix the build by disabling 08_reject_enum_QAccessible::Role_Button since it was fixed in master since 4-June-2014

lp:ubuntu/precise-backports/asic0x bug Mature 2014-10-18 16:59:17 UTC 2014-10-18
3. No-change backport to precise (LP: #1...

Author: Felix Geyer
Revision Date: 2014-10-18 18:47:27 UTC

No-change backport to precise (LP: #1381727)

lp:ubuntu/precise-updates/evolution-data-server Mature 2014-10-17 10:53:58 UTC 2014-10-17
177. debian/patches/evolution-data-server-...

Author: Iain Lane
Revision Date: 2014-10-17 10:53:58 UTC

debian/patches/evolution-data-server-3.10.4-poodle-enable-tls-for-ssl.patch:
Enable all SSL/TLS versions supported by NSS (LP: #1382133)

101200 of 28258 results