Branches for Raring

Author: Darryl L. Miles
Revision Date: 2015-06-02 17:16:44 UTC

maint/bzr_push.sh Auto copy, commit and push for: control.snapshot (snapshot)

Author: Richard Hansen
Revision Date: 2013-08-08 05:40:17 UTC

convert to 3.0 (quilt) format

Author: Chris J Arges
Revision Date: 2013-09-05 16:20:14 UTC

src/wait-for-root.c: udev_monitor_receive_device() might still
return NULL even with a blocking socket if recvmsg() fails with
ENOBUFS. Retry every second in that case. Thanks to Tetsuo Handa for
debugging this and the patch! (LP: #1215911)

Author: PS Jenkins bot
Revision Date: 2013-04-09 00:02:08 UTC

Automatic snapshot from revision 158

Author: Steve Langasek
Revision Date: 2013-09-24 14:21:08 UTC

Backport gnu-efi from saucy to raring to support new versions of
shim. LP: #1229572.

Author: Colin Watson
Revision Date: 2013-11-08 12:45:44 UTC

Preseed netcfg/disable_autoconfig rather than deprecated
netcfg/disable_dhcp (LP: #879605).

Author: Mathieu Trudel-Lapierre
Revision Date: 2013-12-02 08:56:17 UTC

debian/patches/lp330608_dxteam_gsm_connect_text.patch: refresh patch:
remove some additional g_free() calls that were being made on a const
string for a NM internal pointer containing the connection ID, which should
not be freed. Thanks to Jean-Pierre Rupp for the fix. (LP: #1185330)

Author: Marc Deslauriers
Revision Date: 2014-01-10 12:46:09 UTC

* SECURITY UPDATE: arbitrary code execution in uscan via crafted tarball
  - scripts/uscan.pl: improve tarball handling.
  - 02c6850d973e3e1246fde72edab27f03d63acc52
  - 4b7e58ee6000cdefac0682601cec6ecce0137467
  - CVE-2013-6888

Author: Marc Deslauriers
Revision Date: 2014-01-10 12:46:09 UTC

* SECURITY UPDATE: arbitrary code execution in uscan via crafted tarball
  - scripts/uscan.pl: improve tarball handling.
  - 02c6850d973e3e1246fde72edab27f03d63acc52
  - 4b7e58ee6000cdefac0682601cec6ecce0137467
  - CVE-2013-6888

Author: Felix Geyer
Revision Date: 2014-01-04 16:18:48 UTC

* SECURITY UPDATE: disable insecure OTRv1 protocol to prevent downgrade
  attacks (LP: #1266016)
  - Add disable_otr_v1.patch, patch taken from Debian

Author: Felix Geyer
Revision Date: 2014-01-04 16:18:48 UTC

* SECURITY UPDATE: disable insecure OTRv1 protocol to prevent downgrade
  attacks (LP: #1266016)
  - Add disable_otr_v1.patch, patch taken from Debian

Author: Marc Deslauriers
Revision Date: 2014-01-14 13:34:59 UTC

* SECURITY UPDATE: buffer overflow in yyerror()
  - debian/patches/CVE-2014-0978.patch: don't overflow buf in
    lib/cgraph/scan.l.
  - CVE-2014-0978
* SECURITY UPDATE: buffer overflow in yyerror() security fix
  - debian/patches/CVE-2014-1235.patch: once again, don't overflow buf
    in lib/cgraph/scan.l.
  - CVE-2014-1235
* SECURITY UPDATE: buffer overflow in chkNum of scanner
  - debian/patches/CVE-2014-1236.patch: don't overflow buf in
    lib/cgraph/scan.l.
  - CVE-2014-1236

Author: Marc Deslauriers
Revision Date: 2014-01-14 13:34:59 UTC

* SECURITY UPDATE: buffer overflow in yyerror()
  - debian/patches/CVE-2014-0978.patch: don't overflow buf in
    lib/cgraph/scan.l.
  - CVE-2014-0978
* SECURITY UPDATE: buffer overflow in yyerror() security fix
  - debian/patches/CVE-2014-1235.patch: once again, don't overflow buf
    in lib/cgraph/scan.l.
  - CVE-2014-1235
* SECURITY UPDATE: buffer overflow in chkNum of scanner
  - debian/patches/CVE-2014-1236.patch: don't overflow buf in
    lib/cgraph/scan.l.
  - CVE-2014-1236

Author: Daniel Holbach
Revision Date: 2013-08-05 11:08:21 UTC

debian/patches/99_add_microsoft_mice.patch: add Microsoft Sculpt/Wedge
mouse (LP: #1094744, LP: #1158462). Thanks, Marcos Barbosa, Anton Anikin
and Anthony Wong for the patch.

Author: Marc Deslauriers
Revision Date: 2014-01-14 08:23:26 UTC

[ Johan Van de Wauw ]
* Add patch to fix CVE-2013-7262, an SQL injection vulnerability in the
  msPostGISLayerSetTimeFilter function in mappostgis.c. (LP: #1267616)

[ Marc Deslauriers ]
* Fix FTBFS by linking executables with -ldl.

Author: Marc Deslauriers
Revision Date: 2014-01-14 08:23:26 UTC

[ Johan Van de Wauw ]
* Add patch to fix CVE-2013-7262, an SQL injection vulnerability in the
  msPostGISLayerSetTimeFilter function in mappostgis.c. (LP: #1267616)

[ Marc Deslauriers ]
* Fix FTBFS by linking executables with -ldl.

Author: Thomas Ward
Revision Date: 2014-01-13 12:20:57 UTC

* SECURITY UPDATE: null pointer dereference in webadmin (LP: #1268658)
  - debian/patches/CVE-2013-2130.diff: Patch from Debian based on upstream to
    fix null pointer dereferences.
  - CVE-2013-2130

Author: Thomas Ward
Revision Date: 2014-01-13 12:20:57 UTC

* SECURITY UPDATE: null pointer dereference in webadmin (LP: #1268658)
  - debian/patches/CVE-2013-2130.diff: Patch from Debian based on upstream to
    fix null pointer dereferences.
  - CVE-2013-2130

Author: Felix Geyer
Revision Date: 2014-01-10 18:09:14 UTC

No-change backport to raring (LP: #1247541)

Author: Stefano Rivera
Revision Date: 2013-10-18 17:37:59 UTC

* Update data from distro-info-data 0.17
  - Add Ubuntu 14.04, Trusty Tahr LP: (Closes: #726696, LP: #1241673)

Author: Marc Deslauriers
Revision Date: 2014-01-10 09:42:41 UTC

* SECURITY UPDATE: denial of service when processing NSEC3-signed zone
  queries
  - debian/patches/CVE-2014-0591.patch: don't call memcpy with
    overlapping ranges in bin/named/query.c.
  - patch backported from 9.9.4-P2.
  - CVE-2014-0591

Author: Marc Deslauriers
Revision Date: 2014-01-10 09:42:41 UTC

* SECURITY UPDATE: denial of service when processing NSEC3-signed zone
  queries
  - debian/patches/CVE-2014-0591.patch: don't call memcpy with
    overlapping ranges in bin/named/query.c.
  - patch backported from 9.9.4-P2.
  - CVE-2014-0591

Author: Marc Deslauriers
Revision Date: 2014-01-09 07:54:31 UTC

* SECURITY REGRESSION: Incorrect default file mode (LP: #1267385)
  - debian/patches/CVE-2013-4969-regression.patch: fix incorrect file
    mode in lib/puppet/type/file.rb, lib/puppet/util.rb,
    spec/unit/type/file_spec.rb.
  - CVE-2013-4969

Author: Marc Deslauriers
Revision Date: 2014-01-09 07:54:31 UTC

* SECURITY REGRESSION: Incorrect default file mode (LP: #1267385)
  - debian/patches/CVE-2013-4969-regression.patch: fix incorrect file
    mode in lib/puppet/type/file.rb, lib/puppet/util.rb,
    spec/unit/type/file_spec.rb.
  - CVE-2013-4969

Author: Marc Deslauriers
Revision Date: 2014-01-08 14:55:58 UTC

* SECURITY UPDATE: denial of service via invalid TLS handshake
  - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
    ssl/s3_both.c.
  - CVE-2013-4353
* SECURITY UPDATE: denial of service via incorrect data structure
  - debian/patches/CVE-2013-6449.patch: check for handshake digests in
    ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
    ssl/s3_lib.c.
  - CVE-2013-6449
* SECURITY UPDATE: denial of service via DTLS retransmission
  - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
    crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
    ssl/ssl_locl.h,ssl/t1_enc.c.
  - CVE-2013-6450
* debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
  default unless explicitly requested.

Author: Marc Deslauriers
Revision Date: 2014-01-08 14:55:58 UTC

* SECURITY UPDATE: denial of service via invalid TLS handshake
  - debian/patches/CVE-2013-4353.patch: handle no new cipher setup in
    ssl/s3_both.c.
  - CVE-2013-4353
* SECURITY UPDATE: denial of service via incorrect data structure
  - debian/patches/CVE-2013-6449.patch: check for handshake digests in
    ssl/s3_both.c,ssl/s3_pkt.c,ssl/t1_enc.c, use proper version in
    ssl/s3_lib.c.
  - CVE-2013-6449
* SECURITY UPDATE: denial of service via DTLS retransmission
  - debian/patches/CVE-2013-6450.patch: fix DTLS retransmission in
    crypto/evp/digest.c,ssl/d1_both.c,ssl/s3_pkt.c,ssl/s3_srvr.c,
    ssl/ssl_locl.h,ssl/t1_enc.c.
  - CVE-2013-6450
* debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
  default unless explicitly requested.

Author: Marc Deslauriers
Revision Date: 2013-12-30 17:35:09 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  stack overflow
  - debian/patches/CVE-2013-6462.patch: limit sscanf field in
    src/bitmap/bdfread.c.
  - CVE-2013-6462

Author: Marc Deslauriers
Revision Date: 2013-12-30 17:35:09 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  stack overflow
  - debian/patches/CVE-2013-6462.patch: limit sscanf field in
    src/bitmap/bdfread.c.
  - CVE-2013-6462

Author: Tim Lunn
Revision Date: 2013-05-23 17:45:44 UTC

* Merge changes from lightdm to fix plymouth race (LP: #982889)
  - lightdm.upstart: Add a start condition on plymouth-ready, and
    drop conditions already handled by plymouth-splash.
  - control: Depend on the new plymouth version that provides plymouth-ready.

Author: Chris J Arges
Revision Date: 2013-10-15 14:50:33 UTC

Fix ip netns delete failures. (LP: #1238981)

Author: Maarten Lankhorst
Revision Date: 2013-12-10 13:26:08 UTC

Copy saucy package back to raring. (LP: #1253041)

Author: Ben Collins
Revision Date: 2013-12-22 12:06:13 UTC

Bump ABI

Author: Ben Collins
Revision Date: 2013-12-22 12:06:13 UTC

Bump ABI

Author: Ben Collins
Revision Date: 2013-12-22 12:06:13 UTC

Bump ABI

Author: Marc Deslauriers
Revision Date: 2013-12-20 10:39:43 UTC

* SECURITY UPDATE: New upstream release (LP: #1263135)
  - Distrusts AC DG Tresor SSL CA

Author: Marc Deslauriers
Revision Date: 2013-12-20 10:39:43 UTC

* SECURITY UPDATE: New upstream release (LP: #1263135)
  - Distrusts AC DG Tresor SSL CA

Author: Jamie Strandboge
Revision Date: 2013-12-03 16:07:28 UTC

* SECURITY UPDATE: XSS in Volumes and Network Topology pages
  - debian/patches/CVE-2013-6406: html.escape() various items in
    volumes/tables.py and volume_snapshots/tables.py
  - CVE-2013-6406 (also referred to as CVE-2013-6858)
  - LP: #1247675

Author: Marc Deslauriers
Revision Date: 2013-11-22 08:58:58 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.patch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.patch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

Author: Marc Deslauriers
Revision Date: 2013-11-22 09:59:18 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.patch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.patch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

Author: Marc Deslauriers
Revision Date: 2013-11-22 08:58:58 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.patch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.patch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

Author: Marc Deslauriers
Revision Date: 2013-11-22 09:59:18 UTC

* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.patch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.patch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

Author: Marc Deslauriers
Revision Date: 2013-12-18 11:14:22 UTC

* SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
  Cryptanalysis attack
  - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
    operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
    MPIs used as input to secret key functions in cipher/dsa.c,
    cipher/elgamal.c, cipher/rsa.c.
  - CVE-2013-4576

Author: Marc Deslauriers
Revision Date: 2013-12-18 11:14:22 UTC

* SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
  Cryptanalysis attack
  - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
    operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
    MPIs used as input to secret key functions in cipher/dsa.c,
    cipher/elgamal.c, cipher/rsa.c.
  - CVE-2013-4576

Author: Marc Deslauriers
Revision Date: 2013-12-17 12:47:31 UTC

* SECURITY UPDATE: missing CN verification when signature verification is
  disabled in GnuTLS backend.
  - debian/patches/CVE-2013-6422.patch: still verify host when
    CURLOPT_SSL_VERIFYPEER isn't set in lib/gtls.c.
  - CVE-2013-6422

Author: Marc Deslauriers
Revision Date: 2013-12-17 12:47:31 UTC

* SECURITY UPDATE: missing CN verification when signature verification is
  disabled in GnuTLS backend.
  - debian/patches/CVE-2013-6422.patch: still verify host when
    CURLOPT_SSL_VERIFYPEER isn't set in lib/gtls.c.
  - CVE-2013-6422

Author: Maarten Lankhorst
Revision Date: 2013-11-27 14:02:28 UTC

* Copy package from saucy. (LP: #1253041)
* Drop pci-id patches, upstream.

Author: Maarten Lankhorst
Revision Date: 2013-12-10 13:26:08 UTC

Copy saucy package back to raring. (LP: #1253041)

Author: Brian Murray
Revision Date: 2013-12-16 15:46:54 UTC

[ Chris Wulff ]
Initialise threads, before starting background task thread. (LP:
#915626)

Author: Brian Murray
Revision Date: 2013-12-16 15:46:54 UTC

[ Chris Wulff ]
Initialise threads, before starting background task thread. (LP:
#915626)

Author: Colin Watson
Revision Date: 2013-02-08 20:39:31 UTC

* Merge packaging from armhf-cross-toolchain-base 1.101:
  - Bump eglibc to 2.17.

Author: Marc Deslauriers
Revision Date: 2013-09-27 09:07:13 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  strcoll overflows
  - debian/patches/any/CVE-2012-44xx.diff: fix overflows in
    string/strcoll_l.c, add test to string/tst-strcoll-overflow.c,
    string/Makefile.
  - CVE-2012-4412
  - CVE-2012-4424
* SECURITY UPDATE: denial of service in regular expression matcher
  - debian/patches/any/CVE-2013-0242.diff: fix buffer overrun in
    posix/regexec.c, add test to posix/bug-regex34.c, posix/Makefile.
  - CVE-2013-0242
* SECURITY UPDATE: denial of service in getaddrinfo
  - debian/patches/any/CVE-2013-1914.diff: fix overflow in
    sysdeps/posix/getaddrinfo.c.
  - CVE-2013-1914
* SECURITY UPDATE: denial of service and possible code execution via
  readdir_r
  - debian/patches/any/CVE-2013-4237.diff: enforce NAME_MAX limit in
    sysdeps/posix/readdir_r.c, add errcode to sysdeps/posix/dirstream.h,
    sysdeps/posix/opendir.c, sysdeps/posix/rewinddir.c, remove
    GETDENTS_64BIT_ALIGNED from
    sysdeps/unix/sysv/linux/i386/readdir64_r.c,
    sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c.
  - CVE-2013-4237
* SECURITY UPDATE: denial of service and possible code execution via
  overflows in memory allocator
  - debian/patches/any/CVE-2013-4332.diff: check for overflows in
    malloc/malloc.c.
  - CVE-2013-4332

Author: Marc Deslauriers
Revision Date: 2013-09-27 09:07:13 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  strcoll overflows
  - debian/patches/any/CVE-2012-44xx.diff: fix overflows in
    string/strcoll_l.c, add test to string/tst-strcoll-overflow.c,
    string/Makefile.
  - CVE-2012-4412
  - CVE-2012-4424
* SECURITY UPDATE: denial of service in regular expression matcher
  - debian/patches/any/CVE-2013-0242.diff: fix buffer overrun in
    posix/regexec.c, add test to posix/bug-regex34.c, posix/Makefile.
  - CVE-2013-0242
* SECURITY UPDATE: denial of service in getaddrinfo
  - debian/patches/any/CVE-2013-1914.diff: fix overflow in
    sysdeps/posix/getaddrinfo.c.
  - CVE-2013-1914
* SECURITY UPDATE: denial of service and possible code execution via
  readdir_r
  - debian/patches/any/CVE-2013-4237.diff: enforce NAME_MAX limit in
    sysdeps/posix/readdir_r.c, add errcode to sysdeps/posix/dirstream.h,
    sysdeps/posix/opendir.c, sysdeps/posix/rewinddir.c, remove
    GETDENTS_64BIT_ALIGNED from
    sysdeps/unix/sysv/linux/i386/readdir64_r.c,
    sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c.
  - CVE-2013-4237
* SECURITY UPDATE: denial of service and possible code execution via
  overflows in memory allocator
  - debian/patches/any/CVE-2013-4332.diff: check for overflows in
    malloc/malloc.c.
  - CVE-2013-4332

Author: Dimitri John Ledkov
Revision Date: 2012-12-20 11:28:01 UTC

Respect DEB_HOST_GNU_TYPE when selecting CC for cross-compiling.

Author: Harald Sitter
Revision Date: 2013-12-10 15:28:24 UTC

Add kubuntu_fix_udev_property_access.patch to fix a crash when accessing
the NAME property of mice (LP: #737856)

Author: Camm Maguire
Revision Date: 2013-01-13 17:54:15 UTC

HOME="/tmp" environment for make DOC

Author: Seth Arnold
Revision Date: 2013-06-03 18:13:47 UTC

* SECURITY UPDATE: Disable compression to avoid CRIME systemwide
  (LP: #1187195)
  - CVE-2012-4929
  - debian/patches/openssl-1.0.1e-env-zlib.patch: disable default use of
    zlib to compress SSL/TLS unless the environment variable
    OPENSSL_DEFAULT_ZLIB is set in the environment during library
    initialization.
  - Introduced to assist with programs not yet updated to provide their own
    controls on compression, such as Postfix
  - http://pkgs.fedoraproject.org/cgit/openssl.git/plain/openssl-1.0.1e-env-zlib.patch

Author: Marc Deslauriers
Revision Date: 2013-02-15 15:27:58 UTC

* Fix local resolving when used with libvirt and bind-dynamic (LP: #1126488)
  - debian/patches/fix_tcp_queries.patch: Correct behaviour for TCP
    queries to allowed address via banned interface in src/dnsmasq.*,
    src/network.c.
  - debian/patches/fix_wrong_interface.patch: Handle wrong interface for
    locally-routed packets in src/dnsmasq.*, src/forward.c, src/network.c,
    src/tftp.

Author: Daniel Baumann
Revision Date: 2012-12-10 11:23:06 UTC

* Adding patch from upstream to make filenames not prefixed to output by
  default when searching one file (Closes: #694024).
* Updating to standards version 3.9.4.

Author: Steve Langasek
Revision Date: 2012-11-05 00:48:07 UTC

 * Merge from Debian unstable, remaining changes:
   - Handle removal of obsolete init script on upgrade.
   - Convert rpcbind to Upstart
   - Fix to look directly in /run instead of via the /var/run symlink
 * Dropped changes:
   - No dpkg pre-depends needed post-LTS, versioned dep also satisfied
     already in Debian stable.

Author: Daniel Baumann
Revision Date: 2012-06-30 15:02:50 UTC

* Using compression level 9 also for binary packages.
* Switching to xz compression.
* Updating copyright file to format version 1.0.
* Updating to debhelper version 9.
* Updating to standards version 3.9.3.

Author: Martin Pitt
Revision Date: 2013-03-13 07:02:07 UTC

No-change rebuild against libudev1

Author: Harald Sitter
Revision Date: 2013-12-10 15:28:24 UTC

Add kubuntu_fix_udev_property_access.patch to fix a crash when accessing
the NAME property of mice (LP: #737856)

Author: Robert Ancell
Revision Date: 2012-11-13 10:26:43 UTC

New upstream release

Author: Marc Deslauriers
Revision Date: 2013-03-21 13:22:10 UTC

* SECURITY UPDATE: incorrect ssl cert validation (LP: #1117411)
  - debian/patches/CVE-2013-0240.patch: properly validate ssl certs and
    fix cancellation in src/goa/goaenums.h, src/goa/goaerror.c,
    src/goabackend/goaewsclient.c, src/goabackend/goaewsclient.h,
    src/goabackend/goaexchangeprovider.c,
    src/goabackend/goagoogleprovider.c,
    src/goabackend/goahttpclient.*, src/goabackend/goautils.*,
    src/goabackend/goawebview.c.
  - debian/libgoa-1.0-0.symbols: updated with new symbol.
  - CVE-2013-0240
  - CVE-2013-1799

Author: Marc Deslauriers
Revision Date: 2013-12-06 13:26:35 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  huge color maps in xwd plugin
  - debian/patches/CVE-2013-1913.patch: limit number of color map entries
    in plug-ins/common/file-xwd.c.
  - CVE-2013-1913
* SECURITY UPDATE: denial of service and possible code execution via
  large number of color map entries in xwd plugin
  - debian/patches/CVE-2013-1978.patch: validate number of color map
    entries in plug-ins/common/file-xwd.c
  - CVE-2013-1978

Author: Marc Deslauriers
Revision Date: 2013-12-06 13:26:35 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  huge color maps in xwd plugin
  - debian/patches/CVE-2013-1913.patch: limit number of color map entries
    in plug-ins/common/file-xwd.c.
  - CVE-2013-1913
* SECURITY UPDATE: denial of service and possible code execution via
  large number of color map entries in xwd plugin
  - debian/patches/CVE-2013-1978.patch: validate number of color map
    entries in plug-ins/common/file-xwd.c
  - CVE-2013-1978

Author: Kaj Ailomaa
Revision Date: 2013-12-08 19:04:19 UTC

Bump ABI

Author: Kaj Ailomaa
Revision Date: 2013-12-08 19:04:19 UTC

Bump ABI

Author: Kaj Ailomaa
Revision Date: 2013-12-08 19:04:19 UTC

Bump ABI

Author: Mathieu Trudel-Lapierre
Revision Date: 2013-12-02 08:56:17 UTC

debian/patches/lp330608_dxteam_gsm_connect_text.patch: refresh patch:
remove some additional g_free() calls that were being made on a const
string for a NM internal pointer containing the connection ID, which should
not be freed. Thanks to Jean-Pierre Rupp for the fix. (LP: #1185330)

Author: Brad Figg
Revision Date: 2013-12-04 11:44:31 UTC

Ubuntu-3.5.0-237.53

Author: Brad Figg
Revision Date: 2013-12-04 11:44:31 UTC

Ubuntu-3.5.0-237.53

Author: Jamie Strandboge
Revision Date: 2013-12-03 12:09:34 UTC

* SECURITY UPDATE: Fix underflow when bottom is close to MIN_INT
  - debian/patches/security-lp1197921.patch: verify (t)->bottom > (t)->top)
  - LP: #1197921
  - CVE-YYYY-NNNN

Author: Jamie Strandboge
Revision Date: 2013-12-03 16:07:28 UTC

* SECURITY UPDATE: XSS in Volumes and Network Topology pages
  - debian/patches/CVE-2013-6406: html.escape() various items in
    volumes/tables.py and volume_snapshots/tables.py
  - CVE-2013-6406 (also referred to as CVE-2013-6858)
  - LP: #1247675

Author: Steve Conklin
Revision Date: 2013-12-02 18:00:12 UTC

linux ABI 3.8.0-35

Author: Steve Conklin
Revision Date: 2013-12-02 18:00:12 UTC

linux ABI 3.8.0-35

Author: Steve Conklin
Revision Date: 2013-12-02 18:00:12 UTC

linux ABI 3.8.0-35

Author: Steve Conklin
Revision Date: 2013-12-02 17:55:50 UTC

Version 3.8.0-35.50

Author: Steve Conklin
Revision Date: 2013-12-02 17:55:50 UTC

Version 3.8.0-35.50

Author: Steve Conklin
Revision Date: 2013-12-02 17:55:50 UTC

Version 3.8.0-35.50

Author: Ben Howard
Revision Date: 2013-11-22 12:14:36 UTC

Backport from trusty to raring for Joyent IaaS (LP: #1248000).

Author: Steve Langasek
Revision Date: 2013-08-01 09:13:34 UTC

debian/patches/Fix-missing-prototype-of-ply_get_timestamp.patch:
Fix missing prototype of ply_get_timestamp(). LP: #1187318.

Author: Steve Langasek
Revision Date: 2013-08-01 09:13:34 UTC

debian/patches/Fix-missing-prototype-of-ply_get_timestamp.patch:
Fix missing prototype of ply_get_timestamp(). LP: #1187318.

Author: Iain Lane
Revision Date: 2013-11-27 11:45:09 UTC

No-change backport to raring (LP: #1252729)

Author: Marc Deslauriers
Revision Date: 2013-11-26 11:36:50 UTC

* SECURITY UPDATE: safe level restriction bypass via DL and Fiddle
  - debian/patches/CVE-2013-2065.patch: perform taint checking in
    ext/dl/lib/dl/func.rb, ext/fiddle/function.c.
  - CVE-2013-2065
* SECURITY UPDATE: denial of service and possible code execution via
  heap overflow in floating point parsing.
  - debian/patches/CVE-2013-4164.patch: check lengths in util.c, added
    test to test/ruby/test_float.rb.
  - CVE-2013-4164

Author: Marc Deslauriers
Revision Date: 2013-11-26 11:36:50 UTC

* SECURITY UPDATE: safe level restriction bypass via DL and Fiddle
  - debian/patches/CVE-2013-2065.patch: perform taint checking in
    ext/dl/lib/dl/func.rb, ext/fiddle/function.c.
  - CVE-2013-2065
* SECURITY UPDATE: denial of service and possible code execution via
  heap overflow in floating point parsing.
  - debian/patches/CVE-2013-4164.patch: check lengths in util.c, added
    test to test/ruby/test_float.rb.
  - CVE-2013-4164

Author: Brian Murray
Revision Date: 2013-11-06 09:40:08 UTC

Fix incorrectly displayed file names with UTF-8 characters.
Add -DNO_WORKING_ISPRINT to build flags. (LP: #1199239, LP: #580961)

Author: Ben Howard
Revision Date: 2013-11-22 12:14:36 UTC

Backport from trusty to raring for Joyent IaaS (LP: #1248000).

Author: Thomas Ward
Revision Date: 2013-11-21 13:24:46 UTC

* SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
  - debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
    to account for a space character, fixing an issue which could result in
    security restrictions being bypassed
  - CVE-2013-4547

Author: Michael Terry
Revision Date: 2013-11-19 10:08:29 UTC

* debian/patches/03-dont-skip-first-chunk-on-restart.dpatch:
  - When restarting a backup, if the file we were in the middle of
    backing up is now deleted, don't skip the first 65k chunk of the
    next file. Patch backported from upstream trunk. LP: #1252484

Author: Thomas Ward
Revision Date: 2013-11-21 13:24:46 UTC

* SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
  - debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
    to account for a space character, fixing an issue which could result in
    security restrictions being bypassed
  - CVE-2013-4547

Author: Aron Xu
Revision Date: 2013-11-16 11:15:45 UTC

Go with Google by default, original default isn't available anymore.
(LP: #1251799)

Author: Felix Geyer
Revision Date: 2013-11-15 19:39:26 UTC

No-change backport to raring (LP: #1251694)

Author: Sebastien Bacher
Revision Date: 2013-11-13 19:41:06 UTC

* Backport saucy fix to raring (lp: #1250975)
[ Dmitry Shachnev ]
* Re-add some parts of Ubuntu delta accidentally dropped in previous
  upload.

Author: Marc Deslauriers
Revision Date: 2013-11-07 09:43:18 UTC

* SECURITY UPDATE: arbitrary file overwrite via poison null byte
  - debian/patches/CVE-2013-2186.patch: properly validate repository in
    src/java/org/apache/commons/fileupload/disk/DiskFileItem.java.
  - CVE-2013-2186

Author: Marc Deslauriers
Revision Date: 2013-11-07 09:43:18 UTC

* SECURITY UPDATE: arbitrary file overwrite via poison null byte
  - debian/patches/CVE-2013-2186.patch: properly validate repository in
    src/java/org/apache/commons/fileupload/disk/DiskFileItem.java.
  - CVE-2013-2186

Author: Colin Watson
Revision Date: 2013-11-08 12:45:44 UTC

Preseed netcfg/disable_autoconfig rather than deprecated
netcfg/disable_dhcp (LP: #879605).

Author: Dmitry Shachnev
Revision Date: 2013-09-19 18:14:03 UTC

Use GlobalParams module from Poppler and move all settings that
are not available in Poppler to a separate file (LP: #943195).

Author: Marc Deslauriers
Revision Date: 2013-11-09 10:48:01 UTC

Update to 0.8.9 to fix multiple security issues (LP: #1249621)

Author: Marc Deslauriers
Revision Date: 2013-11-09 14:21:58 UTC

* Rebuild against new libav
  - debian/control: bump Build-Depends