Branches for Precise

Name Status Last Modified Last Commit
lp:ubuntu/precise-security/libhttp-body-perl Mature 2015-05-27 03:24:01 UTC 2015-05-27
12. fake sync from Debian

Author: Tyler Hicks
Revision Date: 2015-05-15 12:40:08 UTC

fake sync from Debian

lp:ubuntu/precise-updates/das-watchdog Mature 2015-05-27 02:43:44 UTC 2015-05-27
6. fake sync from Debian

Author: Tyler Hicks
Revision Date: 2015-05-15 12:08:01 UTC

fake sync from Debian

lp:ubuntu/precise-security/das-watchdog Mature 2015-05-27 02:43:40 UTC 2015-05-27
6. fake sync from Debian

Author: Tyler Hicks
Revision Date: 2015-05-15 12:08:01 UTC

fake sync from Debian

lp:ubuntu/precise-updates/a2ps Mature 2015-05-27 00:43:51 UTC 2015-05-27
9. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-12 16:11:54 UTC

fake sync from Debian

lp:ubuntu/precise-security/a2ps Mature 2015-05-27 00:43:44 UTC 2015-05-27
9. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-12 16:11:54 UTC

fake sync from Debian

lp:ubuntu/precise-updates/super Mature 2015-05-26 23:55:58 UTC 2015-05-26
10. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-14 12:50:31 UTC

fake sync from Debian

lp:ubuntu/precise-security/super Mature 2015-05-26 23:55:54 UTC 2015-05-26
10. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-14 12:50:31 UTC

fake sync from Debian

lp:ubuntu/precise-updates/arj Mature 2015-05-26 18:23:19 UTC 2015-05-26
11. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-13 00:47:20 UTC

fake sync from Debian

lp:ubuntu/precise-security/arj Mature 2015-05-26 18:23:14 UTC 2015-05-26
11. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-13 00:47:20 UTC

fake sync from Debian

lp:ubuntu/precise-updates/xerces-c Mature 2015-05-26 08:03:14 UTC 2015-05-26
9. fake sync from Debian

Author: Tyler Hicks
Revision Date: 2015-05-15 11:37:29 UTC

fake sync from Debian

lp:ubuntu/precise-security/xerces-c Mature 2015-05-26 08:03:11 UTC 2015-05-26
9. fake sync from Debian

Author: Tyler Hicks
Revision Date: 2015-05-15 11:37:29 UTC

fake sync from Debian

lp:ubuntu/precise-updates/dulwich Mature 2015-05-26 05:58:23 UTC 2015-05-26
32. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-13 22:28:43 UTC

fake sync from Debian

lp:ubuntu/precise-security/dulwich Mature 2015-05-26 05:58:16 UTC 2015-05-26
32. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-13 22:28:43 UTC

fake sync from Debian

lp:ubuntu/precise-updates/xbuffy Mature 2015-05-26 05:13:11 UTC 2015-05-26
8. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-12 15:29:54 UTC

fake sync from Debian

lp:ubuntu/precise-security/xbuffy Mature 2015-05-26 05:13:06 UTC 2015-05-26
8. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-12 15:29:54 UTC

fake sync from Debian

lp:ubuntu/precise-updates/hardening-wrapper Mature 2015-05-26 03:28:41 UTC 2015-05-26
30. hardened-cc: don't set -Wformat optio...

Author: Chris Coulson
Revision Date: 2015-04-30 18:49:28 UTC

hardened-cc: don't set -Wformat options if they are already set
(LP: #1347257)

lp:ubuntu/precise-security/hardening-wrapper bug Mature 2015-05-26 03:28:35 UTC 2015-05-26
30. hardened-cc: don't set -Wformat optio...

Author: Chris Coulson
Revision Date: 2015-04-30 18:49:28 UTC

hardened-cc: don't set -Wformat options if they are already set
(LP: #1347257)

lp:ubuntu/precise-updates/unrar-nonfree Mature 2015-05-26 03:22:24 UTC 2015-05-26
22. * SECURITY UPDATE: symlink directory ...

Author: Felix Geyer
Revision Date: 2015-05-03 23:09:30 UTC

* SECURITY UPDATE: symlink directory traversal vulnerability (LP: #1451260)
  - debian/patches/fix-dir-traversal: backported the upstream fix

lp:ubuntu/precise-security/unrar-nonfree bug Mature 2015-05-26 03:22:17 UTC 2015-05-26
22. * SECURITY UPDATE: symlink directory ...

Author: Felix Geyer
Revision Date: 2015-05-03 23:09:30 UTC

* SECURITY UPDATE: symlink directory traversal vulnerability (LP: #1451260)
  - debian/patches/fix-dir-traversal: backported the upstream fix

lp:ubuntu/precise-updates/libdbd-firebird-perl Mature 2015-05-26 00:20:41 UTC 2015-05-26
8. fake sync from Debian

Author: Tyler Hicks
Revision Date: 2015-05-15 14:43:17 UTC

fake sync from Debian

lp:ubuntu/precise-security/libdbd-firebird-perl Mature 2015-05-26 00:20:35 UTC 2015-05-26
8. fake sync from Debian

Author: Tyler Hicks
Revision Date: 2015-05-15 14:43:17 UTC

fake sync from Debian

lp:ubuntu/precise-updates/checkpw Mature 2015-05-25 16:39:03 UTC 2015-05-25
5. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-12 12:41:51 UTC

fake sync from Debian

lp:ubuntu/precise-security/checkpw Mature 2015-05-25 16:38:57 UTC 2015-05-25
5. fake sync from Debian

Author: Steve Beattie
Revision Date: 2015-05-12 12:41:51 UTC

fake sync from Debian

lp:ubuntu/precise-security/dnsmasq Mature 2015-05-24 20:03:35 UTC 2015-05-24
25. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-05-01 10:37:44 UTC

* SECURITY UPDATE: denial of service and memory disclosure via malformed
  DNS requests
  - src/rfc1035.c: properly handle skip_questions return value.
  - ad4a8ff7d9097008d7623df8543df435bfddeac8
  - CVE-2015-3294

lp:ubuntu/precise-proposed/dosfstools bug Mature 2015-05-24 17:13:50 UTC 2015-05-24
25. Add git-check-dirty-bit.patch: Check ...

Author: Martin Pitt
Revision Date: 2015-04-07 12:19:39 UTC

Add git-check-dirty-bit.patch: Check boot sector for dirty bit, to allow
dosfsck to repair partitions which didn't get unmounted properly.
(LP: #1322976)

lp:ubuntu/precise-proposed/gnome-do bug Mature 2015-05-24 17:12:16 UTC 2015-05-24
28. * debian/control: Update Homepage: to...

Author: Chris Halse Rogers
Revision Date: 2015-04-14 11:17:20 UTC

* debian/control: Update Homepage: to not point at spam URL. (LP: #1442873)
* debian/patches/04_fix_website_address.patch:
  - Update help links to not point at spam URL. (LP: #1363589)

lp:ubuntu/precise-proposed/usb-creator bug Mature 2015-05-24 14:17:30 UTC 2015-05-24
67. Find and use the syslinux from the so...

Author: Mathieu Trudel-Lapierre
Revision Date: 2015-04-27 12:49:12 UTC

Find and use the syslinux from the source squashfs. (LP: #1325801)

lp:ubuntu/precise-updates/libxml-libxml-perl Mature 2015-05-24 12:07:41 UTC 2015-05-24
12. * SECURITY UPDATE: XEE due to expand_...

Author: Marc Deslauriers
Revision Date: 2015-05-01 11:06:09 UTC

* SECURITY UPDATE: XEE due to expand_entities parameter being ignored
  - debian/patches/CVE-20xx-xxxx.patch: preserve unset options after a
    _clone() call in LibXML.pm, added test to t/43options.t.
  - CVE-2015-3451

lp:ubuntu/precise-security/libxml-libxml-perl Mature 2015-05-24 12:07:34 UTC 2015-05-24
12. * SECURITY UPDATE: XEE due to expand_...

Author: Marc Deslauriers
Revision Date: 2015-05-01 11:06:09 UTC

* SECURITY UPDATE: XEE due to expand_entities parameter being ignored
  - debian/patches/CVE-20xx-xxxx.patch: preserve unset options after a
    _clone() call in LibXML.pm, added test to t/43options.t.
  - CVE-2015-3451

lp:ubuntu/precise-security/tcpdump bug Mature 2015-05-24 10:04:35 UTC 2015-05-24
31. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-04-24 15:15:57 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  multiple issues (LP: #1444363)
  - debian/patches/60_cve-2015-0261.diff: check lengths in
    print-mobility.c.
  - debian/patches/60_cve-2015-2153.diff: check length in
    print-rpki-rtr.c.
  - debian/patches/60_cve-2015-2153-fix-regression.diff: more length
    checks in print-rpki-rtr.c.
  - debian/patches/60_cve-2015-2154.diff: check lengths in
    print-isoclns.c.
  - debian/patches/60_cve-2015-2155.diff: make sure ops->print is valid
    in print-forces.c.
  - CVE-2015-0261
  - CVE-2015-2153
  - CVE-2015-2154
  - CVE-2015-2155

lp:~saiarcot895/ubuntu/precise/werken.xpath/fix-symlink bug(Has a merge proposal) Development 2015-05-22 02:15:02 UTC 2015-05-22
10. Fix symlink to werken.xpath.jar (LP: ...

Author: Saikrishna Arcot
Revision Date: 2015-05-22 02:14:34 UTC

Fix symlink to werken.xpath.jar (LP: #1455275).

lp:~ubuntu-core-dev/ubuntu/precise/apport/ubuntu bug Development 2015-05-21 17:01:39 UTC 2015-05-21
2002. releasing package apport version 2.0....

Author: Martin Pitt
Revision Date: 2015-05-13 11:58:25 UTC

releasing package apport version 2.0.1-0ubuntu17.9

lp:ubuntu/precise-updates/openldap Mature 2015-05-19 11:53:17 UTC 2015-05-19
51. * SECURITY UPDATE: denial of service ...

Author: Felipe Reyes
Revision Date: 2015-05-19 11:53:17 UTC

* SECURITY UPDATE: denial of service via an LDAP search query
  with attrsOnly set to true. (LP: #1446809)
  - debian/patches/CVE-2012-1164.1.patch: don't leave empty slots in
    normalized attr values
  - debian/patches/CVE-2012-1164.2.patch: add FIXME comment, note that
    current patch is not ideal
  - debian/patches/CVE-2012-1164.3.patch: fix attr_dup2 when no values are
    present (attrsOnly = TRUE)
  - CVE-2012-1164
* SECURITY UPDATE: fix rwm overlay reference counting
  - debian/patches/CVE-2013-4449.patch: fix reference counting
  - CVE-2013-4449
* SECURITY UPDATE: fix NULL pointer dereference in deref_parseCtrl()
  - debian/patches/CVE-2015-1545.patch: require non-empty AttributeList
  - CVE-2015-1545

lp:ubuntu/precise-updates/distro-info-data Mature 2015-05-07 10:17:03 UTC 2015-05-07
11. * Copy data from 0.27 (LP: #1452825) ...

Author: Stefano Rivera
Revision Date: 2015-05-07 10:17:03 UTC

* Copy data from 0.27 (LP: #1452825)
  - Add Debian 8 "jessie"s release date.
  - Add Debian 9 "stretch" and 10 "buster", with provisional release dates.
  - Update Ubuntu 15.04 "vivid"s release and EOL dates.
  - Add Ubuntu 15.10 "Wily Werewolf", with a provisional release date.

lp:ubuntu/precise-security/clamav bug Mature 2015-05-04 15:50:41 UTC 2015-05-04
124. * Updated to 0.98.7 to fix multiple i...

Author: Marc Deslauriers
Revision Date: 2015-05-04 15:50:41 UTC

* Updated to 0.98.7 to fix multiple issues
  - CVE-2015-2170
  - CVE-2015-2221
  - CVE-2015-2222
  - CVE-2015-2305
  - CVE-2015-2668
* Refreshed patches for 0.98.7:
  - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
  - d/p/0018-llvm-don-t-use-system-libs.patch

lp:ubuntu/precise-updates/clamav bug Mature 2015-05-04 15:50:41 UTC 2015-05-04
126. * Updated to 0.98.7 to fix multiple i...

Author: Marc Deslauriers
Revision Date: 2015-05-04 15:50:41 UTC

* Updated to 0.98.7 to fix multiple issues
  - CVE-2015-2170
  - CVE-2015-2221
  - CVE-2015-2222
  - CVE-2015-2305
  - CVE-2015-2668
* Refreshed patches for 0.98.7:
  - d/p/0010-hardcode-LLVM-linker-flag-because-llvm-config-return.patch
  - d/p/0018-llvm-don-t-use-system-libs.patch

lp:ubuntu/precise-updates/dnsmasq Mature 2015-05-01 10:37:44 UTC 2015-05-01
26. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-05-01 10:37:44 UTC

* SECURITY UPDATE: denial of service and memory disclosure via malformed
  DNS requests
  - src/rfc1035.c: properly handle skip_questions return value.
  - ad4a8ff7d9097008d7623df8543df435bfddeac8
  - CVE-2015-3294

lp:ubuntu/precise-security/libtasn1-3 Mature 2015-05-01 09:46:08 UTC 2015-05-01
23. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-05-01 09:46:08 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  overflow in _asn1_extract_der_octet.
  - debian/patches/CVE-2015-3622.patch: properly handle length in
    lib/decoding.c.
  - CVE-2015-3622

lp:ubuntu/precise-updates/libtasn1-3 Mature 2015-05-01 09:46:08 UTC 2015-05-01
23. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-05-01 09:46:08 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  overflow in _asn1_extract_der_octet.
  - debian/patches/CVE-2015-3622.patch: properly handle length in
    lib/decoding.c.
  - CVE-2015-3622

lp:ubuntu/precise-security/curl bug Mature 2015-04-29 14:03:35 UTC 2015-04-29
69. * SECURITY UPDATE: NTLM connection re...

Author: Marc Deslauriers
Revision Date: 2015-04-29 14:03:35 UTC

* SECURITY UPDATE: NTLM connection reuse when unauthenticated
  - debian/patches/CVE-2015-3143.patch: require credentials to match in
    lib/url.c.
  - CVE-2015-3143
* SECURITY UPDATE: negotiate not treated as connection-oriented
  - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
    each exchange and close Negotiate connections when done in
    lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
  - CVE-2015-3148

lp:ubuntu/precise-updates/curl Mature 2015-04-29 14:03:35 UTC 2015-04-29
69. * SECURITY UPDATE: NTLM connection re...

Author: Marc Deslauriers
Revision Date: 2015-04-29 14:03:35 UTC

* SECURITY UPDATE: NTLM connection reuse when unauthenticated
  - debian/patches/CVE-2015-3143.patch: require credentials to match in
    lib/url.c.
  - CVE-2015-3143
* SECURITY UPDATE: negotiate not treated as connection-oriented
  - debian/patches/CVE-2015-3148.patch: don't clear GSSAPI state between
    each exchange and close Negotiate connections when done in
    lib/http.c, lib/http_negotiate.c, lib/http_negotiate_sspi.c.
  - CVE-2015-3148

lp:ubuntu/precise/pkg-create-dbgsym bug Mature 2015-04-28 14:10:57 UTC 2015-04-28
209. releasing package pkg-create-dbgsym v...

Author: Martin Pitt
Revision Date: 2015-04-28 14:08:35 UTC

releasing package pkg-create-dbgsym version 0.50.1

lp:ubuntu/precise-security/linux-meta-lowlatency Mature 2015-04-28 10:40:18 UTC 2015-04-28
52. Bump ABI

Author: Kaj Ailomaa
Revision Date: 2015-04-28 10:40:18 UTC

Bump ABI

lp:ubuntu/precise-updates/linux-meta-lowlatency Mature 2015-04-28 10:40:18 UTC 2015-04-28
52. Bump ABI

Author: Kaj Ailomaa
Revision Date: 2015-04-28 10:40:18 UTC

Bump ABI

lp:ubuntu/precise-proposed/linux-meta-lowlatency bug Development 2015-04-28 10:40:18 UTC 2015-04-28
52. Bump ABI

Author: Kaj Ailomaa
Revision Date: 2015-04-28 10:40:18 UTC

Bump ABI

lp:ubuntu/precise-proposed/tzdata bug Mature 2015-04-26 16:44:56 UTC 2015-04-26
95. New upstream release with yet another...

Author: Adam Conrad
Revision Date: 2015-04-26 16:44:56 UTC

New upstream release with yet another urgent DST change for Egypt.

lp:ubuntu/precise-security/tzdata bug Mature 2015-04-26 16:44:56 UTC 2015-04-26
95. New upstream release with yet another...

Author: Adam Conrad
Revision Date: 2015-04-26 16:44:56 UTC

New upstream release with yet another urgent DST change for Egypt.

lp:ubuntu/precise-updates/tzdata Mature 2015-04-26 16:44:56 UTC 2015-04-26
95. New upstream release with yet another...

Author: Adam Conrad
Revision Date: 2015-04-26 16:44:56 UTC

New upstream release with yet another urgent DST change for Egypt.

lp:ubuntu/precise-updates/tcpdump Mature 2015-04-24 15:15:57 UTC 2015-04-24
31. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-04-24 15:15:57 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  multiple issues (LP: #1444363)
  - debian/patches/60_cve-2015-0261.diff: check lengths in
    print-mobility.c.
  - debian/patches/60_cve-2015-2153.diff: check length in
    print-rpki-rtr.c.
  - debian/patches/60_cve-2015-2153-fix-regression.diff: more length
    checks in print-rpki-rtr.c.
  - debian/patches/60_cve-2015-2154.diff: check lengths in
    print-isoclns.c.
  - debian/patches/60_cve-2015-2155.diff: make sure ops->print is valid
    in print-forces.c.
  - CVE-2015-0261
  - CVE-2015-2153
  - CVE-2015-2154
  - CVE-2015-2155

lp:ubuntu/precise-security/libmodule-signature-perl Mature 2015-04-24 12:02:12 UTC 2015-04-24
14. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2015-04-24 12:02:12 UTC

* SECURITY UPDATE: arbitrary code execution and incorrect signature
  verification
  - debian/patches/CVE-2015-340x.patch: properly handle temp files and
    headers in lib/Module/Signature.pm, Makefile.PL.
  - debian/patches/CVE-2015-3409.patch: don't load modules from relative
    paths in lib/Module/Signature.pm.
  - CVE-2015-3406
  - CVE-2015-3407
  - CVE-2015-3408
  - CVE-2015-3409

lp:ubuntu/precise-updates/libmodule-signature-perl Mature 2015-04-24 12:02:12 UTC 2015-04-24
14. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2015-04-24 12:02:12 UTC

* SECURITY UPDATE: arbitrary code execution and incorrect signature
  verification
  - debian/patches/CVE-2015-340x.patch: properly handle temp files and
    headers in lib/Module/Signature.pm, Makefile.PL.
  - debian/patches/CVE-2015-3409.patch: don't load modules from relative
    paths in lib/Module/Signature.pm.
  - CVE-2015-3406
  - CVE-2015-3407
  - CVE-2015-3408
  - CVE-2015-3409

lp:ubuntu/precise-security/usb-creator bug Mature 2015-04-23 13:20:50 UTC 2015-04-23
66. * SECURITY UPDATE: privilege escalati...

Author: Marc Deslauriers
Revision Date: 2015-04-22 23:18:51 UTC

* SECURITY UPDATE: privilege escalation via missing polkit check
  (LP: #1447396)
  - bin/usb-creator-helper, dbus/com.ubuntu.usbcreator.policy.in: add
    proper polkit integration for KVM use.
  - CVE number pending

lp:ubuntu/precise-updates/usb-creator Mature 2015-04-22 23:18:51 UTC 2015-04-22
66. * SECURITY UPDATE: privilege escalati...

Author: Marc Deslauriers
Revision Date: 2015-04-22 23:18:51 UTC

* SECURITY UPDATE: privilege escalation via missing polkit check
  (LP: #1447396)
  - bin/usb-creator-helper, dbus/com.ubuntu.usbcreator.policy.in: add
    proper polkit integration for KVM use.
  - CVE number pending

lp:ubuntu/precise-security/gst-plugins-bad0.10 Mature 2015-04-15 19:48:35 UTC 2015-04-15
72. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-04-15 11:44:46 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect nal size
  - debian/patches/CVE-2015-0797.patch: check nal size in
    gst/videoparsers/gsth264parse.c.
  - CVE-2015-0797

lp:ubuntu/precise-updates/gst-plugins-bad0.10 Mature 2015-04-15 11:44:46 UTC 2015-04-15
72. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2015-04-15 11:44:46 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  incorrect nal size
  - debian/patches/CVE-2015-0797.patch: check nal size in
    gst/videoparsers/gsth264parse.c.
  - CVE-2015-0797

lp:ubuntu/precise-updates/libxi bug Mature 2015-04-13 18:04:50 UTC 2015-04-13
23. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 07:54:36 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-updates/libsdl1.2 Mature 2015-04-13 18:04:43 UTC 2015-04-13
39. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:17:25 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-security/libsdl1.2 Mature 2015-04-13 17:41:08 UTC 2015-04-13
39. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:17:25 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-security/libxi Mature 2015-04-13 17:39:42 UTC 2015-04-13
22. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 07:54:36 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-security/libxfixes Mature 2015-04-13 17:39:27 UTC 2015-04-13
18. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:09:50 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-security/libxext Mature 2015-04-13 17:39:02 UTC 2015-04-13
26. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 07:52:26 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - No change rebuild against libx11 in release pocket
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-security/x11proto-core Mature 2015-04-13 17:38:27 UTC 2015-04-13
20. No change rebuild in the -security po...

Author: Marc Deslauriers
Revision Date: 2015-04-08 08:05:09 UTC

No change rebuild in the -security pocket

lp:ubuntu/precise-security/xserver-xorg-video-vmware Mature 2015-04-13 17:38:21 UTC 2015-04-13
38. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:44:10 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-security/libxp Mature 2015-04-13 17:37:57 UTC 2015-04-13
12. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:40:40 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-security/libxrandr Mature 2015-04-13 17:37:55 UTC 2015-04-13
28. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:15:51 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-security/libxv Mature 2015-04-13 17:37:42 UTC 2015-04-13
17. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:20:34 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-security/libxrender Mature 2015-04-13 17:31:04 UTC 2015-04-13
13. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-08 08:23:37 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE number pending

lp:ubuntu/precise-security/libx11 Mature 2015-04-13 17:29:11 UTC 2015-04-13
60. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-08 08:01:09 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/patches/makebigreq_overflow.patch: don't move the last word in
    MakeBigReq in include/X11/Xlibint.h.
  - CVE number pending

lp:ubuntu/precise-security/ntp Mature 2015-04-13 09:06:54 UTC 2015-04-13
63. * SECURITY UPDATE: symmetric key unau...

Author: Marc Deslauriers
Revision Date: 2015-04-13 09:06:54 UTC

* SECURITY UPDATE: symmetric key unauthenticated packet MITM attack
  - debian/patches/CVE-2015-1798.patch: reject packets without MAC in
    ntpd/ntp_proto.c.
  - CVE-2015-1798
* SECURITY UPDATE: symmetric association DoS attack
  - debian/patches/CVE-2015-1799.patch: don't update state variables when
    authentication fails in ntpd/ntp_proto.c.
  - CVE-2015-1799
* SECURITY UPDATE: ntp-keygen infinite loop or lack of randonmess on big
  endian platforms
  - debian/patches/ntp-keygen-endless-loop.patch: fix logic in
    util/ntp-keygen.c.
  - CVE number pending

lp:ubuntu/precise-updates/ntp Mature 2015-04-13 09:06:54 UTC 2015-04-13
63. * SECURITY UPDATE: symmetric key unau...

Author: Marc Deslauriers
Revision Date: 2015-04-13 09:06:54 UTC

* SECURITY UPDATE: symmetric key unauthenticated packet MITM attack
  - debian/patches/CVE-2015-1798.patch: reject packets without MAC in
    ntpd/ntp_proto.c.
  - CVE-2015-1798
* SECURITY UPDATE: symmetric association DoS attack
  - debian/patches/CVE-2015-1799.patch: don't update state variables when
    authentication fails in ntpd/ntp_proto.c.
  - CVE-2015-1799
* SECURITY UPDATE: ntp-keygen infinite loop or lack of randonmess on big
  endian platforms
  - debian/patches/ntp-keygen-endless-loop.patch: fix logic in
    util/ntp-keygen.c.
  - CVE number pending

lp:ubuntu/precise-updates/xserver-xorg-video-vmware Mature 2015-04-13 08:44:10 UTC 2015-04-13
38. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:44:10 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-updates/libxp Mature 2015-04-13 08:40:40 UTC 2015-04-13
12. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:40:40 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-updates/libxv Mature 2015-04-13 08:20:34 UTC 2015-04-13
17. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:20:34 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-updates/libxrandr Mature 2015-04-13 08:15:51 UTC 2015-04-13
28. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:15:51 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-updates/libxfixes Mature 2015-04-13 08:09:50 UTC 2015-04-13
18. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 08:09:50 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-updates/libxext Mature 2015-04-13 07:52:26 UTC 2015-04-13
26. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-13 07:52:26 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - No change rebuild against libx11 in release pocket
  - debian/control: change Build-Depends to libx11 security update
  - CVE-2013-7439

lp:ubuntu/precise-updates/libxrender Mature 2015-04-08 08:23:37 UTC 2015-04-08
13. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-08 08:23:37 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/control: change Build-Depends to libx11 security update
  - CVE number pending

lp:ubuntu/precise-updates/x11proto-core Mature 2015-04-08 08:05:09 UTC 2015-04-08
20. No change rebuild in the -security po...

Author: Marc Deslauriers
Revision Date: 2015-04-08 08:05:09 UTC

No change rebuild in the -security pocket

lp:ubuntu/precise-updates/libx11 Mature 2015-04-08 08:01:09 UTC 2015-04-08
60. * SECURITY UPDATE: buffer overflow in...

Author: Marc Deslauriers
Revision Date: 2015-04-08 08:01:09 UTC

* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
  - debian/patches/makebigreq_overflow.patch: don't move the last word in
    MakeBigReq in include/X11/Xlibint.h.
  - CVE number pending

lp:ubuntu/precise-updates/eglibc bug Mature 2015-04-08 07:27:45 UTC 2015-04-08
319. * cvs-vfprintf-multibyte.diff: Fix "m...

Author: Adam Conrad
Revision Date: 2015-03-25 13:28:41 UTC

* cvs-vfprintf-multibyte.diff: Fix "memory exhausted" bug in who, by no
  longer parsing %s format arguments as multibyte strings (LP: #1109327)
* cvs-__SSE_MATH__-feraiseexcept.diff: Check for __SSE_MATH__ in x86_64
  feraiseexcept to fix backported -m32 builds of GCC 4.8 (LP: #1165387)
* cvs-canonical-name.diff: Don't incorrectly do a PTR lookup when asked
  to do a canonical lookup for a host using AI_CANONNAME (LP: #1057526)
* cvs-atomic-fastbins.diff: Fix race in free() of fastbin (LP: #1020210)

lp:~pali/ubuntu/precise/lsb/lsb-messages Development 2015-04-05 18:47:09 UTC 2015-04-05
46. * bzr merge lp:ubuntu/precise-updates...

Author: Pali
Revision Date: 2015-04-05 18:27:32 UTC

* bzr merge lp:ubuntu/precise-updates/lsb

lp:~pali/ubuntu/precise/initramfs-tools/initramfs-tools-messages Development 2015-04-05 18:46:44 UTC 2015-04-05
242. * bzr merge lp:ubuntu/precise-updates...

Author: Pali
Revision Date: 2015-04-05 18:13:56 UTC

* bzr merge lp:ubuntu/precise-updates/initramfs-tools

lp:~pali/ubuntu/precise/kubuntu-default-settings-pali/kubuntu-default-settings-pali-messages Development 2015-04-05 18:46:14 UTC 2015-04-05
311. * bzr merge lp:ubuntu/precise/kubuntu...

Author: Pali
Revision Date: 2015-04-05 18:00:44 UTC

* bzr merge lp:ubuntu/precise/kubuntu-default-settings

lp:~pali/ubuntu/precise/plymouth/plymouth-messages Development 2015-04-05 18:45:50 UTC 2015-04-05
1407. * bzr merge lp:ubuntu/precise-updates...

Author: Pali
Revision Date: 2015-04-05 17:14:06 UTC

* bzr merge lp:ubuntu/precise-updates/plymouth

lp:ubuntu/precise-security/tiff bug Mature 2015-04-01 20:25:11 UTC 2015-04-01
32. * SECURITY REGRESSION: regression whe...

Author: Marc Deslauriers
Revision Date: 2015-04-01 14:08:49 UTC

* SECURITY REGRESSION: regression when saving TIFF files with compression
  predictor (LP: #1439186)
  - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
    fix is available.

lp:ubuntu/precise-updates/lightdm bug Mature 2015-04-01 17:58:20 UTC 2015-04-01
77. * debian/patches/15_gsources.patch: ...

Author: Robert Ancell
Revision Date: 2015-03-17 14:21:43 UTC

* debian/patches/15_gsources.patch:
  - Correctly remove GSources on finalize (LP: #1431654)

lp:ubuntu/precise-proposed/cloud-init bug Mature 2015-04-01 15:16:38 UTC 2015-04-01
215. Backport support for fetching passwor...

Author: Dan Watkins
Revision Date: 2015-03-11 16:56:20 UTC

Backport support for fetching passwords in CloudStack (LP: #1422388).

lp:ubuntu/precise-updates/tiff Mature 2015-04-01 14:08:49 UTC 2015-04-01
32. * SECURITY REGRESSION: regression whe...

Author: Marc Deslauriers
Revision Date: 2015-04-01 14:08:49 UTC

* SECURITY REGRESSION: regression when saving TIFF files with compression
  predictor (LP: #1439186)
  - debian/patches/CVE-2014-8128-5.patch: disable until proper upstream
    fix is available.

lp:ubuntu/precise-security/gnupg2 bug Mature 2015-04-01 14:03:14 UTC 2015-04-01
23. * Screen responses from keyservers (L...

Author: Marc Deslauriers
Revision Date: 2015-03-27 08:20:03 UTC

* Screen responses from keyservers (LP: #1409117)
  - d/p/0001-Screen-keyserver-responses.patch
  - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
  - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
  - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
* Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
  - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
  - debian/rules: build with --enable-large-secmem
* SECURITY UPDATE: invalid memory read via invalid keyring
  - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
    a keyring in g10/keyring.c.
  - CVE-2015-1606
* SECURITY UPDATE: memcpy with overlapping ranges
  - debian/patches/CVE-2015-1607.patch: use inline functions to convert
    buffer data to scalars in common/iobuf.c, g10/build-packet.c,
    g10/getkey.c, g10/keygen.c, g10/keyid.c, g10/main.h, g10/misc.c,
    g10/parse-packet.c, g10/tdbio.c, g10/trustdb.c, include/host2net.h,
    kbx/keybox-dump.c, kbx/keybox-openpgp.c, kbx/keybox-search.c,
    kbx/keybox-update.c, scd/apdu.c, scd/app-openpgp.c,
    scd/ccid-driver.c, scd/pcsc-wrapper.c, tools/ccidmon.c.
  - CVE-2015-1607

lp:ubuntu/precise-updates/gnupg2 Mature 2015-03-27 08:20:03 UTC 2015-03-27
23. * Screen responses from keyservers (L...

Author: Marc Deslauriers
Revision Date: 2015-03-27 08:20:03 UTC

* Screen responses from keyservers (LP: #1409117)
  - d/p/0001-Screen-keyserver-responses.patch
  - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
  - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
  - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
* Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
  - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
  - debian/rules: build with --enable-large-secmem
* SECURITY UPDATE: invalid memory read via invalid keyring
  - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
    a keyring in g10/keyring.c.
  - CVE-2015-1606
* SECURITY UPDATE: memcpy with overlapping ranges
  - debian/patches/CVE-2015-1607.patch: use inline functions to convert
    buffer data to scalars in common/iobuf.c, g10/build-packet.c,
    g10/getkey.c, g10/keygen.c, g10/keyid.c, g10/main.h, g10/misc.c,
    g10/parse-packet.c, g10/tdbio.c, g10/trustdb.c, include/host2net.h,
    kbx/keybox-dump.c, kbx/keybox-openpgp.c, kbx/keybox-search.c,
    kbx/keybox-update.c, scd/apdu.c, scd/app-openpgp.c,
    scd/ccid-driver.c, scd/pcsc-wrapper.c, tools/ccidmon.c.
  - CVE-2015-1607

lp:ubuntu/precise-proposed/eglibc bug Mature 2015-03-26 19:27:29 UTC 2015-03-26
314. * cvs-vfprintf-multibyte.diff: Fix "m...

Author: Adam Conrad
Revision Date: 2015-03-25 13:28:41 UTC

* cvs-vfprintf-multibyte.diff: Fix "memory exhausted" bug in who, by no
  longer parsing %s format arguments as multibyte strings (LP: #1109327)
* cvs-__SSE_MATH__-feraiseexcept.diff: Check for __SSE_MATH__ in x86_64
  feraiseexcept to fix backported -m32 builds of GCC 4.8 (LP: #1165387)
* cvs-canonical-name.diff: Don't incorrectly do a PTR lookup when asked
  to do a canonical lookup for a host using AI_CANONNAME (LP: #1057526)
* cvs-atomic-fastbins.diff: Fix race in free() of fastbin (LP: #1020210)

lp:ubuntu/precise-security/libgcrypt11 Mature 2015-03-26 08:51:49 UTC 2015-03-26
35. * SECURITY UPDATE: sidechannel attack...

Author: Marc Deslauriers
Revision Date: 2015-03-26 08:51:49 UTC

* SECURITY UPDATE: sidechannel attack on Elgamal
  - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
    cipher/elgamal.c.
  - CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
  - debian/patches/CVE-2015-0837.patch: avoid timing variations in
    mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
  - CVE-2015-0837

lp:ubuntu/precise-updates/libgcrypt11 Mature 2015-03-26 08:51:49 UTC 2015-03-26
35. * SECURITY UPDATE: sidechannel attack...

Author: Marc Deslauriers
Revision Date: 2015-03-26 08:51:49 UTC

* SECURITY UPDATE: sidechannel attack on Elgamal
  - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
    cipher/elgamal.c.
  - CVE-2014-3591
* SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
  - debian/patches/CVE-2015-0837.patch: avoid timing variations in
    mpi/mpi-pow.c, mpi/mpiutil.c, src/mpi.h.
  - CVE-2015-0837

lp:ubuntu/precise-updates/batik Mature 2015-03-25 13:05:29 UTC 2015-03-25
12. * SECURITY UPDATE: XML external entit...

Author: Marc Deslauriers
Revision Date: 2015-03-24 10:52:23 UTC

* SECURITY UPDATE: XML external entity information disclosure
  - debian/patches/cve_2015_0250.patch: disable external entities in
    sources/org/apache/batik/dom/util/SAXDocumentFactory.java.
  - Thanks to Debian for the patch backport.
  - CVE-2015-0250

lp:ubuntu/precise-security/batik Mature 2015-03-25 12:53:12 UTC 2015-03-25
12. * SECURITY UPDATE: XML external entit...

Author: Marc Deslauriers
Revision Date: 2015-03-24 10:52:23 UTC

* SECURITY UPDATE: XML external entity information disclosure
  - debian/patches/cve_2015_0250.patch: disable external entities in
    sources/org/apache/batik/dom/util/SAXDocumentFactory.java.
  - Thanks to Debian for the patch backport.
  - CVE-2015-0250

lp:ubuntu/precise-security/gnutls26 Mature 2015-03-20 09:26:34 UTC 2015-03-20
41. * SECURITY UPDATE: signature forgery ...

Author: Marc Deslauriers
Revision Date: 2015-03-20 09:26:34 UTC

* SECURITY UPDATE: signature forgery issue
  - debian/patches/CVE-2015-0282.patch: make sure the signature
    algorithms match in lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
    lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/x509/common.h,
    lib/x509/crq.c, lib/x509/privkey.c, lib/x509/verify.c,
    lib/x509/x509.c, lib/x509/x509_int.h.
  - CVE-2015-0282
* SECURITY UPDATE: certificate algorithm consistency issue
  - debian/patches/CVE-2015-0294.patch: make sure the two signature
    algorithms match on cert import in lib/x509/x509.c.
  - CVE-2015-0294

lp:ubuntu/precise-updates/gnutls26 Mature 2015-03-20 09:26:34 UTC 2015-03-20
41. * SECURITY UPDATE: signature forgery ...

Author: Marc Deslauriers
Revision Date: 2015-03-20 09:26:34 UTC

* SECURITY UPDATE: signature forgery issue
  - debian/patches/CVE-2015-0282.patch: make sure the signature
    algorithms match in lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
    lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/x509/common.h,
    lib/x509/crq.c, lib/x509/privkey.c, lib/x509/verify.c,
    lib/x509/x509.c, lib/x509/x509_int.h.
  - CVE-2015-0282
* SECURITY UPDATE: certificate algorithm consistency issue
  - debian/patches/CVE-2015-0294.patch: make sure the two signature
    algorithms match on cert import in lib/x509/x509.c.
  - CVE-2015-0294

lp:ubuntu/precise-proposed/network-manager-applet bug Mature 2015-03-19 20:13:42 UTC 2015-03-19
94. Backport foo_client_setup from 0.9.8....

Author: Seyeong Kim
Revision Date: 2015-03-16 08:18:00 UTC

Backport foo_client_setup from 0.9.8.8 src/applet.c (LP: #1424119)

lp:~crunch.io/ubuntu/precise/awscli/unstable Development 2015-03-18 19:13:52 UTC 2015-03-18
10. Backport to precise

Author: Joseph S Tate
Revision Date: 2015-03-18 19:10:04 UTC

Backport to precise

lp:ubuntu/precise-security/libxfont Mature 2015-03-18 07:33:04 UTC 2015-03-18
31. * SECURITY UPDATE: arbitrary code exe...

Author: Marc Deslauriers
Revision Date: 2015-03-18 07:33:04 UTC

* SECURITY UPDATE: arbitrary code exection via invalid property count
  - debian/patches/CVE-2015-1802.patch: check for integer overflow in
    src/bitmap/bdfread.c.
  - CVE-2015-1802
* SECURITY UPDATE: arbitrary code execution via bitmap data parse failure
  - debian/patches/CVE-2015-1803.patch: bail out if bitmap can't be read
    in src/bitmap/bdfread.c.
  - CVE-2015-1803
* SECURITY UPDATE: arbitrary code execution via invalid metrics
  - debian/patches/CVE-2015-1804.patch: ensure metrics fit in struct in
    src/bitmap/bdfread.c.
  - CVE-2015-1804

101200 of 28343 results