Branches for Precise

Name Status Last Modified Last Commit
lp:ubuntu/precise-updates/curl Mature 2015-01-14 08:51:55 UTC 2015-01-14
68. * SECURITY UPDATE: URL request inject...

Author: Marc Deslauriers
Revision Date: 2015-01-14 08:51:55 UTC

* SECURITY UPDATE: URL request injection
  - debian/patches/CVE-2014-8150.patch: drop bad chars from URL in
    lib/url.c.
  - CVE-2014-8150

lp:ubuntu/precise-updates/coreutils Mature 2015-01-13 19:31:30 UTC 2015-01-13
31. * SECURITY UPDATE: infinite loop or c...

Author: Seth Arnold
Revision Date: 2015-01-13 19:31:30 UTC

* SECURITY UPDATE: infinite loop or crash in TZ environment variable
  handling.
  - debian/patches/CVE-2014-9471.dpatch: modify lib/parse-datetime.y and
    tests/misc/date to avoid crashing with malformed TZ
  - CVE-2014-9471

lp:ubuntu/precise-updates/pyyaml Mature 2015-01-12 22:36:11 UTC 2015-01-12
22. * SECURITY UPDATE: denial of service ...

Author: Steve Beattie
Revision Date: 2015-01-08 18:23:27 UTC

* SECURITY UPDATE: denial of service via triggered assertion
  - lib/yaml/scanner.py, lib3/yaml/scanner.py: remove assertion
  - origin: upstream commit
    https://bitbucket.org/xi/pyyaml/commits/ddf211a41bb231c365fece5599b7e484e6dc33fc
  - CVE-2014-9130

lp:ubuntu/precise-security/pyyaml Mature 2015-01-12 21:49:45 UTC 2015-01-12
22. * SECURITY UPDATE: denial of service ...

Author: Steve Beattie
Revision Date: 2015-01-08 18:23:27 UTC

* SECURITY UPDATE: denial of service via triggered assertion
  - lib/yaml/scanner.py, lib3/yaml/scanner.py: remove assertion
  - origin: upstream commit
    https://bitbucket.org/xi/pyyaml/commits/ddf211a41bb231c365fece5599b7e484e6dc33fc
  - CVE-2014-9130

lp:~israeldahl/ubuntu/precise/jwm/jwm_2.3.0 Development 2015-01-10 15:08:45 UTC 2015-01-10
21. changelog version

Author: Israel Dahl
Revision Date: 2015-01-10 15:08:45 UTC

changelog version

lp:ubuntu/precise-security/libyaml bug Mature 2015-01-08 18:17:27 UTC 2015-01-08
10. * SECURITY UPDATE: denial of service ...

Author: Steve Beattie
Revision Date: 2015-01-08 18:17:27 UTC

* SECURITY UPDATE: denial of service via triggered assertion
  - debian/patches/CVE-2014-9130.patch: remove assertion
  - CVE-2014-9130

lp:ubuntu/precise-updates/libyaml Mature 2015-01-08 18:17:27 UTC 2015-01-08
10. * SECURITY UPDATE: denial of service ...

Author: Steve Beattie
Revision Date: 2015-01-08 18:17:27 UTC

* SECURITY UPDATE: denial of service via triggered assertion
  - debian/patches/CVE-2014-9130.patch: remove assertion
  - CVE-2014-9130

lp:ubuntu/precise-security/libyaml-libyaml-perl Mature 2015-01-08 18:11:32 UTC 2015-01-08
11. * SECURITY UPDATE: denial of service ...

Author: Steve Beattie
Revision Date: 2015-01-08 18:11:32 UTC

* SECURITY UPDATE: denial of service via triggered assertion
  - debian/patches/CVE-2014-9130.patch: remove assertion
  - CVE-2014-9130

lp:ubuntu/precise-updates/libyaml-libyaml-perl Mature 2015-01-08 18:11:32 UTC 2015-01-08
11. * SECURITY UPDATE: denial of service ...

Author: Steve Beattie
Revision Date: 2015-01-08 18:11:32 UTC

* SECURITY UPDATE: denial of service via triggered assertion
  - debian/patches/CVE-2014-9130.patch: remove assertion
  - CVE-2014-9130

lp:ubuntu/precise-proposed/python-apt bug Mature 2015-01-08 17:39:10 UTC 2015-01-08
160. Update list of mirrors from launchpad...

Author: Brian Murray
Revision Date: 2015-01-06 16:55:37 UTC

Update list of mirrors from launchpad, using pre-build.sh hook.
(LP: #1397578)

lp:ubuntu/precise-proposed/nagios3 bug Mature 2015-01-08 17:38:57 UTC 2015-01-08
24. Don't retain host aliases or display ...

Author: Evan Broder
Revision Date: 2014-12-08 18:32:34 UTC

Don't retain host aliases or display names (LP: #1234376)

lp:ubuntu/precise-updates/bsd-mailx Mature 2015-01-07 19:58:58 UTC 2015-01-07
8. * SECURITY UPDATE: shell command inje...

Author: Marc Deslauriers
Revision Date: 2015-01-05 11:40:44 UTC

* SECURITY UPDATE: shell command injection
  - Apply OpenBSD patches from Todd Miller (taken from Debian update):
    + 80-remove_T.patch (remove undocumented/obsolete -T option)
    + 81-minus_f.patch (adjust -f processing)
    + 82-expandaddr.patch (fix CVE-2014-7844)
    + 83-nosendmail.patch (make -- work for option parsing suppression)
  - CVE-2014-7844

lp:ubuntu/precise-security/bsd-mailx Mature 2015-01-07 19:17:09 UTC 2015-01-07
8. * SECURITY UPDATE: shell command inje...

Author: Marc Deslauriers
Revision Date: 2015-01-05 11:40:44 UTC

* SECURITY UPDATE: shell command injection
  - Apply OpenBSD patches from Todd Miller (taken from Debian update):
    + 80-remove_T.patch (remove undocumented/obsolete -T option)
    + 81-minus_f.patch (adjust -f processing)
    + 82-expandaddr.patch (fix CVE-2014-7844)
    + 83-nosendmail.patch (make -- work for option parsing suppression)
  - CVE-2014-7844

lp:ubuntu/precise-updates/mime-support Mature 2015-01-07 18:49:41 UTC 2015-01-07
11. * SECURITY UPDATE: shell command inje...

Author: Marc Deslauriers
Revision Date: 2015-01-06 14:15:53 UTC

* SECURITY UPDATE: shell command injection in run-mailcap
  - Thanks to Salvatore Bonaccorso and Charles Plessy for the patch.
  - CVE-2014-7209

lp:ubuntu/precise-security/mime-support Mature 2015-01-07 17:59:46 UTC 2015-01-07
11. * SECURITY UPDATE: shell command inje...

Author: Marc Deslauriers
Revision Date: 2015-01-06 14:15:53 UTC

* SECURITY UPDATE: shell command injection in run-mailcap
  - Thanks to Salvatore Bonaccorso and Charles Plessy for the patch.
  - CVE-2014-7209

lp:ubuntu/precise-security/libssh Mature 2015-01-07 12:05:17 UTC 2015-01-07
23. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-01-07 12:05:17 UTC

* SECURITY UPDATE: denial of service via crafted kexinit packet
  - debian/patches/CVE-2014-8132.patch: properly set slots to NULL in
    src/kex.c.
  - CVE-2014-8132

lp:ubuntu/precise-updates/libssh Mature 2015-01-07 12:05:17 UTC 2015-01-07
23. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-01-07 12:05:17 UTC

* SECURITY UPDATE: denial of service via crafted kexinit packet
  - debian/patches/CVE-2014-8132.patch: properly set slots to NULL in
    src/kex.c.
  - CVE-2014-8132

lp:ubuntu/precise-security/nginx bug Mature 2015-01-06 18:34:33 UTC 2015-01-06
56. * SECURITY UPDATE: incorrect cached S...

Author: Lev Lazinskiy
Revision Date: 2014-12-05 22:25:50 UTC

* SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478)
  - debian/patches/CVE-2014-3616.patch: Use a random value for session id
    context, since there is no support for shared TLS Session Tickets in
    this version in src/event/ngx_event_openssl.c.
  - CVE-2014-3616

lp:ubuntu/precise-updates/python-apt Mature 2015-01-06 16:55:37 UTC 2015-01-06
160. Update list of mirrors from launchpad...

Author: Brian Murray
Revision Date: 2015-01-06 16:55:37 UTC

Update list of mirrors from launchpad, using pre-build.sh hook.
(LP: #1397578)

lp:ubuntu/precise-updates/dahdi-linux Mature 2015-01-05 18:18:35 UTC 2015-01-05
25. * debian/dkms.conf.in: Expose the tar...

Author: Stefan Bader
Revision Date: 2014-12-09 18:47:52 UTC

* debian/dkms.conf.in: Expose the target kernel version in a variable that
  is actually heeded by the make file. And also pass it in on every
  invokation of make (LP: #790558).
* debian/patches/kernel-v3-11-compat.patch: Refreshed patch because it
  broke building on 3.2 kernel which was missed because of the bug that
  caused the build to be always for the running kernel (LP: #1336253).

lp:ubuntu/precise-backports/python-gnupg bug Mature 2014-12-21 18:37:04 UTC 2014-12-21
9. No-change backport to precise (LP: #1...

Author: Felix Geyer
Revision Date: 2014-12-21 19:27:28 UTC

No-change backport to precise (LP: #1316188)

lp:ubuntu/precise-backports/dh-lua bug Mature 2014-12-21 11:37:29 UTC 2014-12-21
8. No-change backport to precise (LP: #1...

Author: Felix Geyer
Revision Date: 2014-12-21 12:19:47 UTC

No-change backport to precise (LP: #1401854)

lp:ubuntu/precise-proposed/python2.7 bug Mature 2014-12-18 19:11:49 UTC 2014-12-18
61. * Ensure failed connections to /dev/l...

Author: James Page
Revision Date: 2014-12-18 12:05:28 UTC

* Ensure failed connections to /dev/log are full closed, preventing
  infinite loop on logging applications due to socket state (LP: #1081022):
  - d/p/syslog.diff: Cherry picked fix from upstream bugtracker.

lp:ubuntu/precise-updates/python2.7 Mature 2014-12-18 12:05:28 UTC 2014-12-18
61. * Ensure failed connections to /dev/l...

Author: James Page
Revision Date: 2014-12-18 12:05:28 UTC

* Ensure failed connections to /dev/log are full closed, preventing
  infinite loop on logging applications due to socket state (LP: #1081022):
  - d/p/syslog.diff: Cherry picked fix from upstream bugtracker.

lp:ubuntu/precise-proposed/linux-lts-trusty bug Mature 2014-12-17 19:10:59 UTC 2014-12-17
24. [ Kamal Mostafa ] * Release Tracking...

Author: Kamal Mostafa
Revision Date: 2014-12-16 13:23:44 UTC

[ Kamal Mostafa ]

* Release Tracking Bug
  - LP: #1402952

[ AceLan Kao ]

* SAUCE: Add use_native_backlight quirk for HP ProBook 6570b
  - LP: #1359010

[ Andy Whitcroft ]

* Revert "SAUCE: (no-up) arm64: optimized copy_to_user and copy_from_user
  assembly code"
  - LP: #1398596
* [Config] updateconfigs to balance CONFIG_SCOM_DEBUGFS

[ Upstream Kernel Changes ]

* iwlwifi: mvm: fix merge damage
  - LP: #1393317
* iwlwifi: remove IWL_UCODE_TLV_FLAGS_SCHED_SCAN flag
  - LP: #1393317
* iwlwifi: mvm: disable scheduled scan to prevent firmware crash
  - LP: #1393317
* iwlwifi: mvm: enable scheduled scan on newest firmware
  - LP: #1393317
* x86: kvm: use alternatives for VMCALL vs. VMMCALL if kernel text is
  read-only
  - LP: #1379340
* phylib: introduce PHY_INTERFACE_MODE_XGMII for 10G PHY
  - LP: #1381084
* of: make of_get_phy_mode parse 'phy-connection-type'
  - LP: #1381084
* xen-netfront: Remove BUGs on paged skb data which crosses a page
  boundary
  - LP: #1275879
* ACPI / blacklist: blacklist Win8 OSI for Dell Vostro 3546
  - LP: #1383589
* powerpc/pseries: Fix endiannes issue in RTAS call from xmon
  - LP: #1396235
* mmc: sdhci-pci-o2micro: Fix Dell E5440 issue
  - LP: #1346067
* mfd: rtsx: Fix PM suspend for 5227 & 5249
  - LP: #1359052
* drivers:scsi:storvsc: Fix a bug in handling ring buffer failures that
  may result in I/O freeze
  - LP: #1400289
* arm64: optimized copy_to_user and copy_from_user assembly code
  - LP: #1400349
* net:socket: set msg_namelen to 0 if msg_name is passed as NULL in
  msghdr struct from userland.
  - LP: #1335478
* drm/radeon: initialize sadb to NULL in the audio code
  - LP: #1402714
* powerpc/vphn: NUMA node code expects big-endian
  - LP: #1401150
* ALSA: usb-audio: Fix device_del() sysfs warnings at disconnect
  - LP: #1402853
* ALSA: hda - Add mute LED pin quirk for HP 15 touchsmart
  - LP: #1334950, #1402853
* rcu: Make callers awaken grace-period kthread
  - LP: #1402853
* rcu: Use rcu_gp_kthread_wake() to wake up grace period kthreads
  - LP: #1402853
* net: sctp: fix NULL pointer dereference in af->from_addr_param on
  malformed packet
  - LP: #1402853
* KVM: x86: Don't report guest userspace emulation error to userspace
  - LP: #1402853
* [media] ttusb-dec: buffer overflow in ioctl
  - LP: #1402853
* arm64: __clear_user: handle exceptions on strb
  - LP: #1402853
* ARM: pxa: fix hang on startup with DEBUG_LL
  - LP: #1402853
* samsung-laptop: Add broken-acpi-video quirk for NC210/NC110
  - LP: #1402853
* acer-wmi: Add Aspire 5741 to video_vendor_dmi_table
  - LP: #1402853
* acer-wmi: Add acpi_backlight=video quirk for the Acer KAV80
  - LP: #1402853
* rbd: Fix error recovery in rbd_obj_read_sync()
  - LP: #1402853
* [media] ds3000: fix LNB supply voltage on Tevii S480 on initialization
  - LP: #1402853
* powerpc: do_notify_resume can be called with bad thread_info flags
  argument
  - LP: #1402853
* USB: kobil_sct: fix non-atomic allocation in write path
  - LP: #1402853
* USB: opticon: fix non-atomic allocation in write path
  - LP: #1402853
* regulator: max77693: Fix use of uninitialized regulator config
  - LP: #1402853
* USB: cdc-acm: add device id for GW Instek AFG-2225
  - LP: #1402853
* usb: Do not allow usb_alloc_streams on unconfigured devices
  - LP: #1402853
* usb-storage: handle a skipped data phase
  - LP: #1402853
* xhci: Switch only Intel Lynx Point-LP ports to EHCI on shutdown.
  - LP: #1402853
* xhci: no switching back on non-ULT Haswell
  - LP: #1402853
* of: Fix overflow bug in string property parsing functions
  - LP: #1402853
* spi: fsl-dspi: Fix CTAR selection
  - LP: #1402853
* Btrfs: fix kfree on list_head in btrfs_lookup_csums_range error cleanup
  - LP: #1402853
* staging:iio:ade7758: Fix NULL pointer deref when enabling buffer
  - LP: #1402853
* staging:iio:ade7758: Fix check if channels are enabled in prenable
  - LP: #1402853
* staging:iio:ade7758: Remove "raw" from channel name
  - LP: #1402853
* USB: cdc-acm: only raise DTR on transitions from B0
  - LP: #1402853
* serial: Fix divide-by-zero fault in uart_get_divisor()
  - LP: #1402853
* tty: Fix high cpu load if tty is unreleaseable
  - LP: #1402853
* tty: Prevent "read/write wait queue active!" log flooding
  - LP: #1402853
* tty/vt: don't set font mappings on vc not supporting this
  - LP: #1402853
* spi: pxa2xx: toggle clocks on suspend if not disabled by runtime PM
  - LP: #1402853
* sysfs: driver core: Fix glue dir race condition by gdp_mutex
  - LP: #1402853
* i2c: at91: don't account as iowait
  - LP: #1402853
* nfsd: don't try to reuse an expired DRC entry off the list
  - LP: #1402853
* nfsd: don't halt scanning the DRC LRU list when there's an RC_INPROG
  entry
  - LP: #1402853
* dm bufio: change __GFP_IO to __GFP_FS in shrinker callbacks
  - LP: #1402853
* xtensa: re-wire umount syscall to sys_oldumount
  - LP: #1402853
* dm raid: ensure superblock's size matches device's logical block size
  - LP: #1402853
* ahci: disable MSI instead of NCQ on Samsung pci-e SSDs on macbooks
  - LP: #1402853
* ahci: Add Device IDs for Intel Sunrise Point PCH
  - LP: #1402853
* power: charger-manager: Fix accessing invalidated power supply after
  charger unbind
  - LP: #1402853
* mac80211: use secondary channel offset IE also beacons during CSA
  - LP: #1402853
* mac80211: schedule the actual switch of the station before CSA count 0
  - LP: #1402853
* mac80211: properly flush delayed scan work on interface removal
  - LP: #1402853
* mac80211: fix use-after-free in defragmentation
  - LP: #1402853
* tun: Fix csum_start with VLAN acceleration
  - LP: #1402853
* macvtap: Fix csum_start when VLAN tags are present
  - LP: #1402853
* dm thin: grab a virtual cell before looking up the mapping
  - LP: #1402853
* KVM: x86: Fix uninitialized op->type for some immediate values
  - LP: #1402853
* crypto: caam - fix missing dma unmap on error path
  - LP: #1402853
* hwrng: pseries - port to new read API and fix stack corruption
  - LP: #1402853
* drm/radeon: set correct CE ram size for CIK
  - LP: #1402853
* drm/radeon: make sure mode init is complete in bandwidth_update
  - LP: #1402853
* drm/radeon: use gart for DMA IB tests
  - LP: #1402853
* drm/radeon: add missing crtc unlock when setting up the MC
  - LP: #1402853
* ALSA: hda_intel: Add Device IDs for Intel Sunrise Point PCH
  - LP: #1402853
* ALSA: hda_intel: Add DeviceIDs for Sunrise Point-LP
  - LP: #1402853
* Input: alps - ignore potential bare packets when device is out of sync
  - LP: #1402853
* Input: alps - allow up to 2 invalid packets without resetting device
  - LP: #1402853
* scsi: only re-lock door after EH on devices that were reset
  - LP: #1402853
* dm btree: fix a recursion depth bug in btree walking code
  - LP: #1402853
* parisc: Use compat layer for msgctl, shmat, shmctl and semtimedop
  syscalls
  - LP: #1402853
* ALSA: usb-audio: Fix memory leak in FTU quirk
  - LP: #1402853
* audit: keep inode pinned
  - LP: #1402853
* nfs: fix pnfs direct write memory leak
  - LP: #1402853
* nfs: Fix use of uninitialized variable in nfs_getattr()
  - LP: #1402853
* NFSv4: Ensure that we remove NFSv4.0 delegations when state has expired
  - LP: #1402853
* NFSv4.1: nfs41_clear_delegation_stateid shouldn't trust
  NFS_DELEGATED_STATE
  - LP: #1402853
* NFSv4: Fix races between nfs_remove_bad_delegation() and delegation
  return
  - LP: #1402853
* NFSv4: Ensure that we call FREE_STATEID when NFSv4.x stateids are
  revoked
  - LP: #1402853
* NFS: Don't try to reclaim delegation open state if recovery failed
  - LP: #1402853
* libceph: do not crash on large auth tickets
  - LP: #1402853
* ARM: 8191/1: decompressor: ensure I-side picks up relocated code
  - LP: #1402853
* ARM: 8198/1: make kuser helpers depend on MMU
  - LP: #1402853
* zram: avoid kunmap_atomic() of a NULL pointer
  - LP: #1402853
* Input: alps - ignore bad data on Dell Latitudes E6440 and E7440
  - LP: #1402853
* firewire: cdev: prevent kernel stack leaking into ioctl arguments
  - LP: #1402853
* md: Always set RECOVERY_NEEDED when clearing RECOVERY_FROZEN
  - LP: #1402853
* nfs: Don't busy-wait on SIGKILL in __nfs_iocounter_wait
  - LP: #1402853
* target: Don't call TFO->write_pending if data_length == 0
  - LP: #1402853
* vhost-scsi: Take configfs group dependency during
  VHOST_SCSI_SET_ENDPOINT
  - LP: #1402853
* srp-target: Retry when QP creation fails with ENOMEM
  - LP: #1402853
* ASoC: fsi: remove unsupported PAUSE flag
  - LP: #1402853
* ASoC: rsnd: remove unsupported PAUSE flag
  - LP: #1402853
* ib_isert: Add max_send_sge=2 minimum for control PDU responses
  - LP: #1402853
* iser-target: Handle DEVICE_REMOVAL event on network portal listener
  correctly
  - LP: #1402853
* ASoC: dpcm: Fix race between FE/BE updates and trigger
  - LP: #1402853
* mac80211: Fix regression that triggers a kernel BUG with CCMP
  - LP: #1402853
* rt2x00: do not align payload on modern H/W
  - LP: #1402853
* ath9k: Add version/revision macros for QCA9531
  - LP: #1402853
* ath9k: Fix RTC_DERIVED_CLK usage
  - LP: #1402853
* ASoC: sgtl5000: Fix SMALL_POP bit definition
  - LP: #1402853
* ALSA: usb-audio: Add ctrl message delay quirk for Marantz/Denon devices
  - LP: #1402853
* bitops: Fix shift overflow in GENMASK macros
  - LP: #1402853
* x86: Require exact match for 'noxsave' command line option
  - LP: #1402853
* drm/i915: drop WaSetupGtModeTdRowDispatch:snb
  - LP: #1402853
* ASoC: wm_adsp: Avoid attempt to free buffers that might still be in use
  - LP: #1402853
* can: dev: avoid calling kfree_skb() from interrupt context
  - LP: #1402853
* can: esd_usb2: fix memory leak on disconnect
  - LP: #1402853
* x86, mm: Set NX across entire PMD at boot
  - LP: #1402853
* of/irq: Drop obsolete 'interrupts' vs 'interrupts-extended' text
  - LP: #1402853
* of/base: Fix PowerPC address parsing hack
  - LP: #1402853
* clockevent: sun4i: Fix race condition in the probe code
  - LP: #1402853
* MIPS: oprofile: Fix backtrace on 64-bit kernel
  - LP: #1402853
* ACPI / PM: Ignore wakeup setting if the ACPI companion can't wake up
  - LP: #1402853
* IB/isert: Adjust CQ size to HW limits
  - LP: #1402853
* drm/radeon: fix endian swapping in vbios fetch for tdp table
  - LP: #1402853
* Linux 3.13.11-ckt12
  - LP: #1402853
* mm: Remove false WARN_ON from pagecache_isize_extended()
  - LP: #1402764

lp:ubuntu/precise-proposed/dahdi-linux bug Mature 2014-12-11 19:22:35 UTC 2014-12-11
25. * debian/dkms.conf.in: Expose the tar...

Author: Stefan Bader
Revision Date: 2014-12-09 18:47:52 UTC

* debian/dkms.conf.in: Expose the target kernel version in a variable that
  is actually heeded by the make file. And also pass it in on every
  invokation of make (LP: #790558).
* debian/patches/kernel-v3-11-compat.patch: Refreshed patch because it
  broke building on 3.2 kernel which was missed because of the bug that
  caused the build to be always for the running kernel (LP: #1336253).

lp:ubuntu/precise-proposed/lazr.restfulclient bug Mature 2014-12-11 17:08:38 UTC 2014-12-11
20. Always uppercase HTTP methods to matc...

Author: Colin Watson
Revision Date: 2014-12-11 16:44:14 UTC

Always uppercase HTTP methods to match httplib2 expectations
(LP: #1401544).

lp:ubuntu/precise-updates/lazr.restfulclient Mature 2014-12-11 16:44:14 UTC 2014-12-11
20. Always uppercase HTTP methods to matc...

Author: Colin Watson
Revision Date: 2014-12-11 16:44:14 UTC

Always uppercase HTTP methods to match httplib2 expectations
(LP: #1401544).

lp:ubuntu/precise-security/nvidia-graphics-drivers-304-updates Mature 2014-12-10 19:19:10 UTC 2014-12-10
8. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2014-12-09 18:55:51 UTC

[ Alberto Milone ]
* New upstream release.
* debian/substvars:
  - Add support for video ABIs up to 19.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/nvidia-graphics-drivers-304 Mature 2014-12-10 19:18:23 UTC 2014-12-10
7. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2014-12-09 18:52:16 UTC

[ Alberto Milone ]
* New upstream release.
* debian/substvars:
  - Add support for video ABIs up to 19.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/nvidia-graphics-drivers-331-updates Mature 2014-12-10 18:39:40 UTC 2014-12-10
4. [ Alberto Milone ] * debian/substvars...

Author: Alberto Milone
Revision Date: 2014-12-09 15:55:15 UTC

[ Alberto Milone ]
* debian/substvars:
  - Add support for video ABIs up to 19.
* debian/templates/dkms_nvidia.conf.in:
  - Drop all the patches.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/nvidia-graphics-drivers-331 Mature 2014-12-10 18:39:29 UTC 2014-12-10
4. [ Alberto Milone ] * debian/substvars...

Author: Alberto Milone
Revision Date: 2014-12-09 12:10:46 UTC

[ Alberto Milone ]
* debian/substvars:
  - Add support for video ABIs up to 19.
* debian/templates/dkms_nvidia.conf.in:
  - Drop all the patches.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/llvm-toolchain-3.4 Mature 2014-12-09 19:18:58 UTC 2014-12-09
10. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 11:01:26 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/x11proto-xext Mature 2014-12-09 19:08:35 UTC 2014-12-09
12. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:32:24 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-security/x11proto-input Mature 2014-12-09 19:08:19 UTC 2014-12-09
31. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:38:59 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-security/mesa-lts-trusty Mature 2014-12-09 19:07:55 UTC 2014-12-09
4. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:54:27 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/cloog-lts Mature 2014-12-09 19:07:34 UTC 2014-12-09
3. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:47:53 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-security/isl-lts Mature 2014-12-09 19:07:06 UTC 2014-12-09
3. No change rebuild for security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:49:26 UTC

No change rebuild for security pocket

lp:ubuntu/precise-security/wayland-lts-trusty Mature 2014-12-09 19:06:59 UTC 2014-12-09
3. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 11:57:41 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/nvidia-graphics-drivers-304-updates Mature 2014-12-09 18:55:51 UTC 2014-12-09
8. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2014-12-09 18:55:51 UTC

[ Alberto Milone ]
* New upstream release.
* debian/substvars:
  - Add support for video ABIs up to 19.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-updates/nvidia-graphics-drivers-304 Mature 2014-12-09 18:52:16 UTC 2014-12-09
7. [ Alberto Milone ] * New upstream rel...

Author: Alberto Milone
Revision Date: 2014-12-09 18:52:16 UTC

[ Alberto Milone ]
* New upstream release.
* debian/substvars:
  - Add support for video ABIs up to 19.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-proposed/xserver-xorg-video-intel-lts-trusty bug Mature 2014-12-09 17:45:47 UTC 2014-12-09
3. Backport to precise.

Author: Timo Aaltonen
Revision Date: 2014-11-21 10:41:58 UTC

Backport to precise.

lp:ubuntu/precise-updates/nvidia-graphics-drivers-331-updates Mature 2014-12-09 15:55:15 UTC 2014-12-09
4. [ Alberto Milone ] * debian/substvars...

Author: Alberto Milone
Revision Date: 2014-12-09 15:55:15 UTC

[ Alberto Milone ]
* debian/substvars:
  - Add support for video ABIs up to 19.
* debian/templates/dkms_nvidia.conf.in:
  - Drop all the patches.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-updates/nvidia-graphics-drivers-331 Mature 2014-12-09 12:10:46 UTC 2014-12-09
4. [ Alberto Milone ] * debian/substvars...

Author: Alberto Milone
Revision Date: 2014-12-09 12:10:46 UTC

[ Alberto Milone ]
* debian/substvars:
  - Add support for video ABIs up to 19.
* debian/templates/dkms_nvidia.conf.in:
  - Drop all the patches.
* SECURITY UPDATE:
  - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).

lp:ubuntu/precise-security/mutt Mature 2014-12-09 11:54:20 UTC 2014-12-09
39. * SECURITY UPDATE: heap-based overflo...

Author: Steve Beattie
Revision Date: 2014-12-09 11:54:20 UTC

* SECURITY UPDATE: heap-based overflow in mutt_substrdup() when
  handling headers beginning with newline.
  - debian/patches/ubuntu/mutt-CVE-2014-9116.patch
  - CVE-2014-9116

lp:ubuntu/precise-updates/mutt Mature 2014-12-09 11:54:20 UTC 2014-12-09
39. * SECURITY UPDATE: heap-based overflo...

Author: Steve Beattie
Revision Date: 2014-12-09 11:54:20 UTC

* SECURITY UPDATE: heap-based overflow in mutt_substrdup() when
  handling headers beginning with newline.
  - debian/patches/ubuntu/mutt-CVE-2014-9116.patch
  - CVE-2014-9116

lp:ubuntu/precise-security/linux-lts-trusty bug Mature 2014-12-09 11:09:22 UTC 2014-12-09
23. [ Luis Henriques ] * Release Trackin...

Author: Luis Henriques
Revision Date: 2014-12-09 11:09:22 UTC

[ Luis Henriques ]

* Release Tracking Bug
  - LP: #1399807

[ Upstream Kernel Changes ]

* x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C
  - LP: #1398795
  - CVE-2014-9090
* x86_64, traps: Rework bad_iret
  - LP: #1398795
  - CVE-2014-9090
* x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
  - LP: #1400314
  - CVE-2014-8134

lp:ubuntu/precise-updates/linux-lts-trusty Mature 2014-12-09 11:09:22 UTC 2014-12-09
23. [ Luis Henriques ] * Release Trackin...

Author: Luis Henriques
Revision Date: 2014-12-09 11:09:22 UTC

[ Luis Henriques ]

* Release Tracking Bug
  - LP: #1399807

[ Upstream Kernel Changes ]

* x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C
  - LP: #1398795
  - CVE-2014-9090
* x86_64, traps: Rework bad_iret
  - LP: #1398795
  - CVE-2014-9090
* x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
  - LP: #1400314
  - CVE-2014-8134

lp:ubuntu/precise-updates/isl-lts Mature 2014-12-06 12:49:26 UTC 2014-12-06
3. No change rebuild for security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:49:26 UTC

No change rebuild for security pocket

lp:ubuntu/precise-updates/cloog-lts Mature 2014-12-06 12:47:53 UTC 2014-12-06
3. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:47:53 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-security/libxfixes Mature 2014-12-06 12:19:12 UTC 2014-12-06
17. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:19:12 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/libxfixes Mature 2014-12-06 12:19:12 UTC 2014-12-06
17. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:19:12 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/libxi Mature 2014-12-06 12:16:55 UTC 2014-12-06
21. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:16:55 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/libxi bug Mature 2014-12-06 12:16:55 UTC 2014-12-06
22. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 12:16:55 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/wayland-lts-trusty Mature 2014-12-06 11:57:41 UTC 2014-12-06
3. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 11:57:41 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/llvm-toolchain-3.4 Mature 2014-12-06 11:01:26 UTC 2014-12-06
11. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 11:01:26 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/mesa-lts-trusty Mature 2014-12-06 10:54:27 UTC 2014-12-06
4. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:54:27 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/x11proto-gl Mature 2014-12-06 10:51:06 UTC 2014-12-06
11. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:51:06 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/x11proto-gl Mature 2014-12-06 10:51:06 UTC 2014-12-06
11. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:51:06 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-security/pixman bug Mature 2014-12-06 10:45:18 UTC 2014-12-06
30. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:45:18 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/pixman bug Mature 2014-12-06 10:45:18 UTC 2014-12-06
31. No change rebuild in the security pocket

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:45:18 UTC

No change rebuild in the security pocket

lp:ubuntu/precise-updates/x11proto-input Mature 2014-12-06 10:38:59 UTC 2014-12-06
31. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:38:59 UTC

No change rebuild for the security pocket

lp:ubuntu/precise-updates/x11proto-xext Mature 2014-12-06 10:32:24 UTC 2014-12-06
12. No change rebuild for the security po...

Author: Marc Deslauriers
Revision Date: 2014-12-06 10:32:24 UTC

No change rebuild for the security pocket

lp:~levlaz/ubuntu/precise/nginx/fix-for-1370478 (Has a merge proposal) Development 2014-12-06 03:46:08 UTC 2014-12-06
59. Added Correct Patch Headers

Author: Lev Lazinskiy
Revision Date: 2014-12-06 03:41:02 UTC

Added Correct Patch Headers

lp:ubuntu/precise-updates/nginx Mature 2014-12-05 22:25:50 UTC 2014-12-05
56. * SECURITY UPDATE: incorrect cached S...

Author: Lev Lazinskiy
Revision Date: 2014-12-05 22:25:50 UTC

* SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478)
  - debian/patches/CVE-2014-3616.patch: Use a random value for session id
    context, since there is no support for shared TLS Session Tickets in
    this version in src/event/ngx_event_openssl.c.
  - CVE-2014-3616

lp:ubuntu/precise-proposed/bcmwl bug Development 2014-12-04 23:13:22 UTC 2014-12-04
38. * New upstream release (LP: #1397028)...

Author: Alberto Milone
Revision Date: 2014-12-01 15:00:32 UTC

* New upstream release (LP: #1397028):
  - This is an official public release from Broadcom.
* debian/patches/0013-gcc.patch
  - Fix build with recent versions of GCC. Credit
    for the patch goes to Robert Ancell.
* debian/dkms.conf.in,
  debian/patches/0014-add-support-for-Linux-3.17.patch,
  debian/patches/0015-add-support-for-Linux-3.18.patch:
  - Drop patches for old kernels (now upstream)
  - Add support for Linux 3.17.
    Credit for the patch goes to Brian Norris.
  - Add support for Linux 3.18.
    Credit for the patch goes to Krzysztof Kolasa.

lp:ubuntu/precise-security/maas bug Mature 2014-12-04 20:29:46 UTC 2014-12-04
18. * Fix compatibility with mod-wsgi sec...

Author: Marc Deslauriers
Revision Date: 2014-12-04 14:00:28 UTC

* Fix compatibility with mod-wsgi security update (LP: #1399016)
  - debian/patches/home-directory.patch: specify a valid home directory
    for the maas user, since mod-wsgi no longer works without one.

lp:ubuntu/precise-security/graphviz Mature 2014-12-04 16:26:23 UTC 2014-12-04
44. * SECURITY UPDATE: Format string vuln...

Author: Seth Arnold
Revision Date: 2014-12-04 16:26:23 UTC

* SECURITY UPDATE: Format string vulnerability may allow attackers to
  cause a denial of service or possibly execute code.
  - debian/patches/CVE-2014-9157.patch: Fix format string vulnerability in
    lib/cgraph/scan.l yyerror() routine.
  - CVE-2014-9157

lp:ubuntu/precise-updates/graphviz Mature 2014-12-04 16:26:23 UTC 2014-12-04
44. * SECURITY UPDATE: Format string vuln...

Author: Seth Arnold
Revision Date: 2014-12-04 16:26:23 UTC

* SECURITY UPDATE: Format string vulnerability may allow attackers to
  cause a denial of service or possibly execute code.
  - debian/patches/CVE-2014-9157.patch: Fix format string vulnerability in
    lib/cgraph/scan.l yyerror() routine.
  - CVE-2014-9157

lp:ubuntu/precise-updates/tcpdump Mature 2014-12-04 14:37:37 UTC 2014-12-04
30. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-12-03 17:05:38 UTC

* SECURITY UPDATE: denial of service and possible code execution in
  olsr_print
  - debian/patches/CVE-2014-8767.patch: improve bounds checking and
    error handling in print-olsr.c.
  - CVE-2014-8767
* SECURITY UPDATE: denial of service and possible code execution in
  print-aodv.c
  - debian/patches/CVE-2014-8769.patch: improve bounds checking and
    length checking in print-aodv.c, aodv.h.
  - CVE-2014-8769
* SECURITY UPDATE: denial of service and possible code execution in
  print-ppp.c
  - debian/patches/CVE-2014-9140.patch: improve bounds checking in
    print-ppp.c.
  - CVE-2014-9140

lp:ubuntu/precise-security/tcpdump Mature 2014-12-04 14:14:08 UTC 2014-12-04
30. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-12-03 17:05:38 UTC

* SECURITY UPDATE: denial of service and possible code execution in
  olsr_print
  - debian/patches/CVE-2014-8767.patch: improve bounds checking and
    error handling in print-olsr.c.
  - CVE-2014-8767
* SECURITY UPDATE: denial of service and possible code execution in
  print-aodv.c
  - debian/patches/CVE-2014-8769.patch: improve bounds checking and
    length checking in print-aodv.c, aodv.h.
  - CVE-2014-8769
* SECURITY UPDATE: denial of service and possible code execution in
  print-ppp.c
  - debian/patches/CVE-2014-9140.patch: improve bounds checking in
    print-ppp.c.
  - CVE-2014-9140

lp:ubuntu/precise-updates/maas Mature 2014-12-04 14:00:28 UTC 2014-12-04
18. * Fix compatibility with mod-wsgi sec...

Author: Marc Deslauriers
Revision Date: 2014-12-04 14:00:28 UTC

* Fix compatibility with mod-wsgi security update (LP: #1399016)
  - debian/patches/home-directory.patch: specify a valid home directory
    for the maas user, since mod-wsgi no longer works without one.

lp:ubuntu/precise-proposed/ubiquity bug Development 2014-12-01 19:25:33 UTC 2014-12-01
509. Automatic update of included source p...

Author: St├ęphane Graber
Revision Date: 2012-07-30 10:36:51 UTC

Automatic update of included source packages: base-installer
1.122ubuntu7.1, debian-installer-utils 1.88ubuntu2.1, flash-kernel
2.28ubuntu42.2. (one-time update from precise-proposed) (LP: #1021293)

lp:ubuntu/precise-security/openvpn Mature 2014-12-01 17:11:38 UTC 2014-12-01
51. * SECURITY UPDATE: server denial of s...

Author: Marc Deslauriers
Revision Date: 2014-12-01 17:11:38 UTC

* SECURITY UPDATE: server denial of service via too-short control channel
  packets
  - debian/patches/CVE-2014-8104.patch: drop too-short control channel
    packets instead of asserting out in ssl.c.
  - CVE-2014-8104
* debian/patches/update_certs.patch: update test certs to fix FTBFS.

lp:ubuntu/precise-updates/openvpn Mature 2014-12-01 17:11:38 UTC 2014-12-01
51. * SECURITY UPDATE: server denial of s...

Author: Marc Deslauriers
Revision Date: 2014-12-01 17:11:38 UTC

* SECURITY UPDATE: server denial of service via too-short control channel
  packets
  - debian/patches/CVE-2014-8104.patch: drop too-short control channel
    packets instead of asserting out in ssl.c.
  - CVE-2014-8104
* debian/patches/update_certs.patch: update test certs to fix FTBFS.

lp:ubuntu/precise-updates/ppp Mature 2014-12-01 16:06:55 UTC 2014-12-01
26. * SECURITY UPDATE: possible privilege...

Author: Marc Deslauriers
Revision Date: 2014-11-25 16:17:49 UTC

* SECURITY UPDATE: possible privilege escalation via option parsing
  - debian/patches/CVE-2014-3158.patch: fix integer overflow in
    pppd/options.c.
  - CVE-2014-3158

lp:ubuntu/precise-security/ppp Mature 2014-12-01 15:43:00 UTC 2014-12-01
26. * SECURITY UPDATE: possible privilege...

Author: Marc Deslauriers
Revision Date: 2014-11-25 16:17:49 UTC

* SECURITY UPDATE: possible privilege escalation via option parsing
  - debian/patches/CVE-2014-3158.patch: fix integer overflow in
    pppd/options.c.
  - CVE-2014-3158

lp:ubuntu/precise-updates/libksba Mature 2014-11-27 20:34:37 UTC 2014-11-27
17. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-11-27 12:58:30 UTC

* SECURITY UPDATE: denial of service and possible code execution in
  ksba_oid_to_str().
  - debian/patches/CVE-2014-9087.patch: check value in src/oid.c, added
    test to tests/t-oid.c, tests/Makefile.am, fix unrelated typo in
    tests/t-dnparser.c.
  - CVE-2014-9087

lp:ubuntu/precise-security/libksba Mature 2014-11-27 19:45:57 UTC 2014-11-27
17. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-11-27 12:58:30 UTC

* SECURITY UPDATE: denial of service and possible code execution in
  ksba_oid_to_str().
  - debian/patches/CVE-2014-9087.patch: check value in src/oid.c, added
    test to tests/t-oid.c, tests/Makefile.am, fix unrelated typo in
    tests/t-dnparser.c.
  - CVE-2014-9087

lp:ubuntu/precise-updates/flac Mature 2014-11-27 19:35:33 UTC 2014-11-27
23. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2014-11-27 12:27:24 UTC

* SECURITY UPDATE: arbitrary code execution via crafted .flac file
  - debian/patches/CVE-2014-8962.patch: validate id in
    src/libFLAC/stream_decoder.c.
  - CVE-2014-8962
* SECURITY UPDATE: arbitrary code execution via crafted .flac file
  - debian/patches/CVE-2014-9028.patch: error out to avoid heap overflow
    in src/libFLAC/stream_decoder.c.
  - CVE-2014-9028

lp:ubuntu/precise-security/flac Mature 2014-11-27 19:07:20 UTC 2014-11-27
23. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2014-11-27 12:27:24 UTC

* SECURITY UPDATE: arbitrary code execution via crafted .flac file
  - debian/patches/CVE-2014-8962.patch: validate id in
    src/libFLAC/stream_decoder.c.
  - CVE-2014-8962
* SECURITY UPDATE: arbitrary code execution via crafted .flac file
  - debian/patches/CVE-2014-9028.patch: error out to avoid heap overflow
    in src/libFLAC/stream_decoder.c.
  - CVE-2014-9028

lp:ubuntu/precise-updates/webkitkde Mature 2014-11-24 17:28:53 UTC 2014-11-24
24. * SECURITY UPDATE: Insufficient Input...

Author: Jonathan Riddell
Revision Date: 2014-11-20 15:56:53 UTC

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
  Webkit Part
 - Add upstream_cve-2014-8600.diff to escape protocol twice: once
   for i18n, and once for HTML
 - https://www.kde.org/info/security/advisory-20141113-1.txt
 - CVE-2014-8600
 - LP: #1393479

lp:ubuntu/precise-security/kde-runtime bug Mature 2014-11-24 16:40:59 UTC 2014-11-24
19. * SECURITY UPDATE: Insufficient Input...

Author: Jonathan Riddell
Revision Date: 2014-11-20 15:46:42 UTC

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
  Webkit Part
 - Add upstream_CVE-2014-8600.diff to escape protocol twice: once
   for i18n, and once for HTML
 - https://www.kde.org/info/security/advisory-20141113-1.txt
 - CVE-2014-8600
 - LP: #1393479

lp:ubuntu/precise-security/webkitkde bug Mature 2014-11-24 16:21:24 UTC 2014-11-24
24. * SECURITY UPDATE: Insufficient Input...

Author: Jonathan Riddell
Revision Date: 2014-11-20 15:56:53 UTC

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
  Webkit Part
 - Add upstream_cve-2014-8600.diff to escape protocol twice: once
   for i18n, and once for HTML
 - https://www.kde.org/info/security/advisory-20141113-1.txt
 - CVE-2014-8600
 - LP: #1393479

lp:ubuntu/precise-updates/xserver-xorg-video-intel-lts-trusty Mature 2014-11-21 10:41:58 UTC 2014-11-21
3. Backport to precise.

Author: Timo Aaltonen
Revision Date: 2014-11-21 10:41:58 UTC

Backport to precise.

lp:ubuntu/precise-proposed/nfs-utils bug Mature 2014-11-20 20:19:40 UTC 2014-11-20
58. Fix mount.nfs so that it falls back t...

Author: Dave Chiluk
Revision Date: 2014-11-18 10:55:28 UTC

Fix mount.nfs so that it falls back to v3 when ipv4 and ipv6 name resolution
is present, but nfsv4 is not. present. LP: #1391662

lp:ubuntu/precise-updates/kde-runtime Mature 2014-11-20 15:46:42 UTC 2014-11-20
19. * SECURITY UPDATE: Insufficient Input...

Author: Jonathan Riddell
Revision Date: 2014-11-20 15:46:42 UTC

* SECURITY UPDATE: Insufficient Input Validation By IO Slaves and
  Webkit Part
 - Add upstream_CVE-2014-8600.diff to escape protocol twice: once
   for i18n, and once for HTML
 - https://www.kde.org/info/security/advisory-20141113-1.txt
 - CVE-2014-8600
 - LP: #1393479

lp:ubuntu/precise-proposed/landscape-client bug Mature 2014-11-19 18:23:03 UTC 2014-11-19
48. * New upstream version (LP: #1190510)...

Author: Chris Glass
Revision Date: 2013-09-20 10:10:28 UTC

* New upstream version (LP: #1190510)
 - New annotations exchange mechanism allows clients to send any key-value
   data to the landscape server (LP: #1123932)
 - Network devices now report their maximum theoretical speeds, and duplex
   status to landscape-server (LP: #1126331, LP: #1130733)
 - Landscape.client is now HA aware when HA is implemented using juju
   charms (LP: #1122508)
 - The landscape client will now trigger a reboot if server sends a
   reboot-required message. (LP: #1133005)
 - Big AMP code cleanup and refactoring in order to improve testing, improve
   performance and ease future maintainability (LP: #1165047, LP: #1169102,
   LP: #1170669)
 - Added logic to detect cloned (virtual) computers (LP: #1161856)
 - The landscape-client and landscape-common packages do not use or depend
   on dbus code anymore, and the dependencies to python-gi and gudev are
   dropped. The hardware info plugin now looks at /proc instead of querying
   DBus (LP: #1175553, LP: #1180691)
 - The ceph manager plugin is now a monitor plugin and thus does not require
   root privileges anymore. (LP: #1186973)
 - The detection logic for virtual machine was changed to account for the
   different semantics between Openstack Folsom and Grizzly, and was
   expanded to detect more hypervisors (LP: #1191843)
 - Removed legacy upgrader code from postinst since support for it was
   dropped.
 - The /etc/dbus-1/system.d/landscape.conf file was moved from the
   landscape-common package to the landscape-client-uii as part of
   LP: #1175553, LP: #1180691. No "Breaks" rule was added since the
   landscape-client-ui package requires the exact same version of
   landscape-common, which avoids the case outlined in
   http://www.debian.org/doc/debian-policy/footnotes.html#f53 .
* Removed the hardwareinfo patch since the changes were merged upstream
* Changed dh_clean -K to dh_prep (dh_clean -K is deprecated)
* Removed the packages arguments to dh_installman since all pacakges have
  manpages now.

lp:ubuntu/precise-security/ruby1.9.1 Mature 2014-11-19 15:31:09 UTC 2014-11-19
31. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-11-19 15:31:09 UTC

* SECURITY UPDATE: denial of service via XML expansion
  - debian/patches/CVE-2014-8090.patch: add REXML::Document#document
    to lib/rexml/document.rb, add warning to lib/rexml/entity.rb, added
    tests to test/rexml/test_document.rb.
  - CVE-2014-8090

lp:ubuntu/precise-updates/ruby1.9.1 Mature 2014-11-19 15:31:09 UTC 2014-11-19
31. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2014-11-19 15:31:09 UTC

* SECURITY UPDATE: denial of service via XML expansion
  - debian/patches/CVE-2014-8090.patch: add REXML::Document#document
    to lib/rexml/document.rb, add warning to lib/rexml/entity.rb, added
    tests to test/rexml/test_document.rb.
  - CVE-2014-8090

lp:ubuntu/precise-security/mod-wsgi bug Mature 2014-11-18 11:12:46 UTC 2014-11-18
22. * SECURITY UPDATE: possible privilege...

Author: Marc Deslauriers
Revision Date: 2014-11-18 11:12:46 UTC

* SECURITY UPDATE: possible privilege escalation via incorrect error
  checking
  - debian/patches/CVE-2014-8583.patch: restart process if privileges
    couldn't be dropped in mod_wsgi.c.
  - CVE-2014-8583

lp:ubuntu/precise-updates/mod-wsgi Mature 2014-11-18 11:12:46 UTC 2014-11-18
22. * SECURITY UPDATE: possible privilege...

Author: Marc Deslauriers
Revision Date: 2014-11-18 11:12:46 UTC

* SECURITY UPDATE: possible privilege escalation via incorrect error
  checking
  - debian/patches/CVE-2014-8583.patch: restart process if privileges
    couldn't be dropped in mod_wsgi.c.
  - CVE-2014-8583

lp:ubuntu/precise-updates/nfs-utils Mature 2014-11-18 10:55:28 UTC 2014-11-18
58. Fix mount.nfs so that it falls back t...

Author: Dave Chiluk
Revision Date: 2014-11-18 10:55:28 UTC

Fix mount.nfs so that it falls back to v3 when ipv4 and ipv6 name resolution
is present, but nfsv4 is not. present. LP: #1391662

lp:ubuntu/precise-backports/tcpdump bug Mature 2014-11-17 19:11:10 UTC 2014-11-17
30. No-change backport to precise (LP: #1...

Author: Felix Geyer
Revision Date: 2014-11-17 19:11:06 UTC

No-change backport to precise (LP: #1393373)

lp:ubuntu/precise-security/quassel bug Mature 2014-11-17 18:59:10 UTC 2014-11-17
89. * SECURITY UPDATE: out-of-bounds read...

Author: Felix Geyer
Revision Date: 2014-11-04 18:19:33 UTC

* SECURITY UPDATE: out-of-bounds read in ECB Blowfish decryption
  - debian/patches/CVE-2014-8483.patch: backport upstream patch
  - CVE-2014-8483
  - LP: #1388333

lp:ubuntu/precise-updates/eiciel Mature 2014-11-15 08:29:52 UTC 2014-11-15
13. Add participant filtering in the main...

Author: Dariusz Gadomski
Revision Date: 2014-09-26 09:17:05 UTC

Add participant filtering in the main window. (LP: #1361217)

lp:ubuntu/precise-updates/kde-workspace bug Mature 2014-11-15 05:20:59 UTC 2014-11-15
50. [ Jonathan Riddell ] * SECURITY UPDAT...

Author: Jamie Strandboge
Revision Date: 2014-11-06 14:22:00 UTC

[ Jonathan Riddell ]
* SECURITY UPDATE: Privilege Escalation via KDE Clock KCM polkit helper
 - Add upstream_clock-privilage-escalation.diff, checks which
   binary is being run
 - https://www.kde.org/info/security/advisory-20141106-1.txt
 - LP: #1389665

[ Jamie Strandboge ]
* update upstream_clock-privilage-escalation.diff to add exePath definition
  to fix a FTBFS, and also use exePath with hwclock and zic, like on newer
  releases

lp:ubuntu/precise-security/kde-workspace bug Mature 2014-11-15 05:20:48 UTC 2014-11-15
44. [ Jonathan Riddell ] * SECURITY UPDAT...

Author: Jamie Strandboge
Revision Date: 2014-11-06 14:22:00 UTC

[ Jonathan Riddell ]
* SECURITY UPDATE: Privilege Escalation via KDE Clock KCM polkit helper
 - Add upstream_clock-privilage-escalation.diff, checks which
   binary is being run
 - https://www.kde.org/info/security/advisory-20141106-1.txt
 - LP: #1389665

[ Jamie Strandboge ]
* update upstream_clock-privilage-escalation.diff to add exePath definition
  to fix a FTBFS, and also use exePath with hwclock and zic, like on newer
  releases

lp:ubuntu/precise-updates/konversation Mature 2014-11-15 04:55:06 UTC 2014-11-15
64. * SECURITY UPDATE: out-of-bounds read...

Author: Jonathan Riddell
Revision Date: 2014-11-04 17:38:21 UTC

* SECURITY UPDATE: out-of-bounds read on a heap-allocated array LP: #1389296
  - Add kubuntu_02_cve-2014-8483.diff to verify read bounds
  - CVE-2014-8483
  - https://www.kde.org/info/security/advisory-20140923-1.txt

lp:ubuntu/precise-security/konversation bug Mature 2014-11-15 04:54:59 UTC 2014-11-15
64. * SECURITY UPDATE: out-of-bounds read...

Author: Jonathan Riddell
Revision Date: 2014-11-04 17:38:21 UTC

* SECURITY UPDATE: out-of-bounds read on a heap-allocated array LP: #1389296
  - Add kubuntu_02_cve-2014-8483.diff to verify read bounds
  - CVE-2014-8483
  - https://www.kde.org/info/security/advisory-20140923-1.txt

101200 of 28265 results