From archive at ubuntu.com Sat Oct 2 21:03:28 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Sat, 02 Oct 2010 21:03:28 -0000 Subject: [ubuntu/karmic-security] smbind_0.4.7-3+lenny1build0.9.10.1_i386_translations.tar.gz (delayed), smbind 0.4.7-3+lenny1build0.9.10.1 (Accepted) Message-ID: <20101002210328.26623.72795.launchpad@cocoplum.canonical.com> smbind (0.4.7-3+lenny1build0.9.10.1) karmic-security; urgency=low * fake sync from Debian smbind (0.4.7-3+lenny1) stable-security; urgency=high * Fix sql injection in src/include.php Date: Fri, 01 Oct 2010 17:42:47 -0700 Changed-By: Kees Cook Maintainer: Giuseppe Iuculano https://launchpad.net/ubuntu/karmic/+source/smbind/0.4.7-3+lenny1build0.9.10.1 -------------- next part -------------- Format: 1.8 Date: Fri, 01 Oct 2010 17:42:47 -0700 Source: smbind Binary: smbind Architecture: source Version: 0.4.7-3+lenny1build0.9.10.1 Distribution: karmic-security Urgency: high Maintainer: Giuseppe Iuculano Changed-By: Kees Cook Description: smbind - PHP-based tool for managing DNS zones for BIND Changes: smbind (0.4.7-3+lenny1build0.9.10.1) karmic-security; urgency=low . * fake sync from Debian . smbind (0.4.7-3+lenny1) stable-security; urgency=high . * Fix sql injection in src/include.php Checksums-Sha1: 4e1a45688a4dfa6f53680f44af5c4ed5d6c1f27d 1128 smbind_0.4.7-3+lenny1build0.9.10.1.dsc ac50564b5f81c2741634fdacc371d4ea2d0397a8 12765 smbind_0.4.7-3+lenny1build0.9.10.1.diff.gz Checksums-Sha256: 6cb890729cc90f98ddae28a13b72ef8daee4e220e2fcb5b59f405230e4fc1ff3 1128 smbind_0.4.7-3+lenny1build0.9.10.1.dsc 6d7227f1fdfb1ded89ab5c6b0905d0301e759bfe691fe14d36edd1ac14918de2 12765 smbind_0.4.7-3+lenny1build0.9.10.1.diff.gz Files: b03ee6a1e6d4da2dd728d24411de7edd 1128 web optional smbind_0.4.7-3+lenny1build0.9.10.1.dsc b110a207b34e78fb775f9a2981f096d4 12765 web optional smbind_0.4.7-3+lenny1build0.9.10.1.diff.gz From archive at ubuntu.com Tue Oct 5 16:03:41 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Tue, 05 Oct 2010 16:03:41 -0000 Subject: [ubuntu/karmic-security] mistelix_0.30-0ubuntu1.1_armel_translations.tar.gz, mistelix_0.30-0ubuntu1.1_sparc_translations.tar.gz (delayed), mistelix_0.30-0ubuntu1.1_i386_translations.tar.gz, mistelix_0.30-0ubuntu1.1_amd64_translations.tar.gz, mistelix_0.30-0ubuntu1.1_lpia_translations.tar.gz, mistelix_0.30-0ubuntu1.1_powerpc_translations.tar.gz, mistelix_0.30-0ubuntu1.1_ia64_translations.tar.gz, mistelix 0.30-0ubuntu1.1 (Accepted) Message-ID: <20101005160341.7870.68220.launchpad@cocoplum.canonical.com> mistelix (0.30-0ubuntu1.1) karmic-security; urgency=low * SECURITY UPDATE: insecure LD_LIBRARY_PATH redefinition (LP: #651054) - Add debian/patches/insecure-library-loading.patch - Patch based on work by Siegfried-Angel Gevatter Pujals - CVE-2010-3365 Date: Mon, 04 Oct 2010 14:42:27 -0500 Changed-By: Jamie Strandboge Maintainer: Siegfried-Angel Gevatter Pujals https://launchpad.net/ubuntu/karmic/+source/mistelix/0.30-0ubuntu1.1 -------------- next part -------------- Format: 1.8 Date: Mon, 04 Oct 2010 14:42:27 -0500 Source: mistelix Binary: mistelix Architecture: source Version: 0.30-0ubuntu1.1 Distribution: karmic-security Urgency: low Maintainer: Siegfried-Angel Gevatter Pujals Changed-By: Jamie Strandboge Description: mistelix - DVD authoring and slideshow creation application Changes: mistelix (0.30-0ubuntu1.1) karmic-security; urgency=low . * SECURITY UPDATE: insecure LD_LIBRARY_PATH redefinition (LP: #651054) - Add debian/patches/insecure-library-loading.patch - Patch based on work by Siegfried-Angel Gevatter Pujals - CVE-2010-3365 Checksums-Sha1: 54fce174126febd9d49761a48122a7f09c68b807 2255 mistelix_0.30-0ubuntu1.1.dsc 8e689cf7280c73af8218cce2b8e7243494b22f97 5872 mistelix_0.30-0ubuntu1.1.diff.gz Checksums-Sha256: b48ac27e0fd02aeff0b51cf94c9538b81807655614877d4feb40f32638c28e06 2255 mistelix_0.30-0ubuntu1.1.dsc 705ebd4f042599933f6803e6e5ad7bdb67e48525e6f877d72f880404d54d0795 5872 mistelix_0.30-0ubuntu1.1.diff.gz Files: f83e1d1e32883eaf26f0b0beb563ceb4 2255 graphics optional mistelix_0.30-0ubuntu1.1.dsc 3c5bee21b6a7183c8dc2df02d763761a 5872 graphics optional mistelix_0.30-0ubuntu1.1.diff.gz Launchpad-Bugs-Fixed: 651054 From archive at ubuntu.com Tue Oct 5 16:03:46 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Tue, 05 Oct 2010 16:03:46 -0000 Subject: [ubuntu/karmic-security] xpdf, xpdf (delayed) 3.02-1.4ubuntu2.9.10.1 (Accepted) Message-ID: <20101005160346.7870.30360.launchpad@cocoplum.canonical.com> xpdf (3.02-1.4ubuntu2.9.10.1) karmic-security; urgency=low [ Nicolas Valcárcel Scerpella ] * SECURITY UPDATE: Integer overflow in SplashBitmap::SplashBitmap which might allow remote attackers to execute arbitrary code or an application crash via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-1188 and CVE-2009-3603 * SECURITY UPDATE: NULL pointer dereference or heap-based buffer overflow in Splash::drawImage which might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-3604 * SECURITY UPDATE: Integer overflow in the PSOutputDev::doImageL1Sep which might allow remote attackers to execute arbitrary code via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-3606 * SECURITY UPDATE: Integer overflow in the ObjectStream::ObjectStream which might allow remote attackers to execute arbitrary code via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-3608 * SECURITY UPDATE: Integer overflow in the ImageStream::ImageStream which might allow remote attackers to cause a denial of service via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-3609 * SECURITY UPDATE: Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0146 * SECURITY UPDATE: Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0147 * SECURITY UPDATE: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn." - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0165 * SECURITY UPDATE: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0166 * SECURITY UPDATE: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0799 * SECURITY UPDATE: Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0800 * SECURITY UPDATE: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1179 * SECURITY UPDATE: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1180 * SECURITY UPDATE: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1181 * SECURITY UPDATE: Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1182 * SECURITY UPDATE: The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1183 [ Jamie Strandboge ] * debian/patches/00list: don't apply 41_lesstif_cpp.dpatch, no longer needed on Karmic Date: Mon, 04 Oct 2010 15:07:39 -0500 Changed-By: Jamie Strandboge Maintainer: Ubuntu MOTU Developers https://launchpad.net/ubuntu/karmic/+source/xpdf/3.02-1.4ubuntu2.9.10.1 -------------- next part -------------- Format: 1.8 Date: Mon, 04 Oct 2010 15:07:39 -0500 Source: xpdf Binary: xpdf xpdf-common xpdf-reader xpdf-utils Architecture: source Version: 3.02-1.4ubuntu2.9.10.1 Distribution: karmic-security Urgency: low Maintainer: Ubuntu MOTU Developers Changed-By: Jamie Strandboge Description: xpdf - Portable Document Format (PDF) suite xpdf-common - Portable Document Format (PDF) suite -- common files xpdf-reader - Portable Document Format (PDF) suite -- viewer for X11 xpdf-utils - Portable Document Format (PDF) suite -- utilities Changes: xpdf (3.02-1.4ubuntu2.9.10.1) karmic-security; urgency=low . [ Nicolas Valcárcel Scerpella ] * SECURITY UPDATE: Integer overflow in SplashBitmap::SplashBitmap which might allow remote attackers to execute arbitrary code or an application crash via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-1188 and CVE-2009-3603 * SECURITY UPDATE: NULL pointer dereference or heap-based buffer overflow in Splash::drawImage which might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-3604 * SECURITY UPDATE: Integer overflow in the PSOutputDev::doImageL1Sep which might allow remote attackers to execute arbitrary code via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-3606 * SECURITY UPDATE: Integer overflow in the ObjectStream::ObjectStream which might allow remote attackers to execute arbitrary code via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-3608 * SECURITY UPDATE: Integer overflow in the ImageStream::ImageStream which might allow remote attackers to cause a denial of service via a crafted PDF document. - fix-CVE-2009-1188,3603,2009,3604,3606,3608,3609.dpatch: Patch backported from debian - CVE-2009-3609 * SECURITY UPDATE: Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0146 * SECURITY UPDATE: Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0147 * SECURITY UPDATE: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as used in Poppler and other products, when running on Mac OS X, has unspecified impact, related to "g*allocn." - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0165 * SECURITY UPDATE: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0166 * SECURITY UPDATE: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0799 * SECURITY UPDATE: Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-0800 * SECURITY UPDATE: Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1179 * SECURITY UPDATE: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1180 * SECURITY UPDATE: The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1181 * SECURITY UPDATE: Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1182 * SECURITY UPDATE: The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file. - fix-CVE-2009-0146,0147,0165,0166,0799,0800,1179-1183.dpatch: Patch backported from debian - CVE-2009-1183 . [ Jamie Strandboge ] * debian/patches/00list: don't apply 41_lesstif_cpp.dpatch, no longer needed on Karmic Checksums-Sha1: e773a12d4e5787d6c664af3530966323382ea7ef 2030 xpdf_3.02-1.4ubuntu2.9.10.1.dsc b960584e44d38659c074fc51a0386fbbb9e6f893 46802 xpdf_3.02-1.4ubuntu2.9.10.1.diff.gz Checksums-Sha256: 5c495a12108373ee82a04dcf0d68049cdf4993ff905a0fbf91613826457db351 2030 xpdf_3.02-1.4ubuntu2.9.10.1.dsc 486608d4ae0787d6f8c06dfb063ebe68e12263f862faef0a08f623b6914a31e1 46802 xpdf_3.02-1.4ubuntu2.9.10.1.diff.gz Files: 66a840ebb6ef8abd162476c1d4caa1a4 2030 text optional xpdf_3.02-1.4ubuntu2.9.10.1.dsc 3b111fa4e8d92f20f7bf8e09ccb5a645 46802 text optional xpdf_3.02-1.4ubuntu2.9.10.1.diff.gz Original-Maintainer: Hamish Moffatt From archive at ubuntu.com Wed Oct 6 17:04:10 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Wed, 06 Oct 2010 17:04:10 -0000 Subject: [ubuntu/karmic-security] lvm2_2.02.39-0ubuntu11.1_ia64_translations.tar.gz, lvm2_2.02.39-0ubuntu11.1_powerpc_translations.tar.gz, lvm2, lvm2_2.02.39-0ubuntu11.1_amd64_translations.tar.gz, lvm2_2.02.39-0ubuntu11.1_lpia_translations.tar.gz, lvm2_2.02.39-0ubuntu11.1_armel_translations.tar.gz, lvm2_2.02.39-0ubuntu11.1_sparc_translations.tar.gz (delayed), lvm2_2.02.39-0ubuntu11.1_i386_translations.tar.gz 2.02.39-0ubuntu11.1 (Accepted) Message-ID: <20101006170410.16996.63452.launchpad@cocoplum.canonical.com> lvm2 (2.02.39-0ubuntu11.1) karmic-security; urgency=low * SECURITY UPDATE: unprivileged logical volume manipulation with clvmd - debian/patches/CVE-2010-2526.patch: revert to using a pathname-based socket in order to enforce correct permissions. - CVE-2010-2526 Date: Thu, 23 Sep 2010 14:26:58 -0400 Changed-By: Marc Deslauriers Maintainer: Ubuntu Core developers https://launchpad.net/ubuntu/karmic/+source/lvm2/2.02.39-0ubuntu11.1 -------------- next part -------------- Format: 1.8 Date: Thu, 23 Sep 2010 14:26:58 -0400 Source: lvm2 Binary: lvm2 lvm2-udeb clvm Architecture: source Version: 2.02.39-0ubuntu11.1 Distribution: karmic-security Urgency: low Maintainer: Ubuntu Core developers Changed-By: Marc Deslauriers Description: clvm - Cluster LVM Daemon for lvm2 lvm2 - The Linux Logical Volume Manager lvm2-udeb - The Linux Logical Volume Manager (udeb) Changes: lvm2 (2.02.39-0ubuntu11.1) karmic-security; urgency=low . * SECURITY UPDATE: unprivileged logical volume manipulation with clvmd - debian/patches/CVE-2010-2526.patch: revert to using a pathname-based socket in order to enforce correct permissions. - CVE-2010-2526 Checksums-Sha1: be79c716c8d3921e1ac1c246d90525732e1f6a52 1354 lvm2_2.02.39-0ubuntu11.1.dsc baf46bc08612aa5cc1fa07e13d545bec0b871a1c 22542 lvm2_2.02.39-0ubuntu11.1.diff.gz Checksums-Sha256: 22ce8c4cd72f1eaf9e4394a2dc2bc9f1fc0f1fe9228cd829522e6271baf1e720 1354 lvm2_2.02.39-0ubuntu11.1.dsc 1c98ed80f1580b3e3e786948a60f02d45dbd2a7b7a6594c075f50fc510153214 22542 lvm2_2.02.39-0ubuntu11.1.diff.gz Files: d4a27fe8a44100ea20c54badb059b1bf 1354 admin optional lvm2_2.02.39-0ubuntu11.1.dsc b709f6d8ca6b08b4918f4bf27611b7a9 22542 admin optional lvm2_2.02.39-0ubuntu11.1.diff.gz Original-Maintainer: Debian LVM Team From gary.lasker at canonical.com Thu Oct 7 09:50:15 2010 From: gary.lasker at canonical.com (Gary Lasker) Date: Thu, 07 Oct 2010 09:50:15 -0000 Subject: [ubuntu/karmic-proposed] tzdata 2010m-0ubuntu0.9.10 (Accepted) Message-ID: <20101007095015.8732.66467.launchpad@soybean.canonical.com> tzdata (2010m-0ubuntu0.9.10) karmic-proposed; urgency=low * New upstream release 2010m: (LP: #649348) - Asia: No DST in Hong Kong in 1977 - zone.tab: Remove obsolete association of Vostok Station with South Magnetic Pole; add association with Lake Vostok (thanks to Petr Machata for finding the problem) * da.po: Add Danish translation from Joe Hansen (thanks Aurelien Jarno) Date: Wed, 06 Oct 2010 15:40:04 -0400 Changed-By: Gary Lasker Maintainer: Ubuntu Developers Signed-By: Martin Pitt https://edge.launchpad.net/ubuntu/karmic/+source/tzdata/2010m-0ubuntu0.9.10 -------------- next part -------------- Format: 1.8 Date: Wed, 06 Oct 2010 15:40:04 -0400 Source: tzdata Binary: tzdata tzdata-java Architecture: source Version: 2010m-0ubuntu0.9.10 Distribution: karmic-proposed Urgency: low Maintainer: Ubuntu Developers Changed-By: Gary Lasker Description: tzdata - time zone and daylight-saving time data tzdata-java - time zone and daylight-saving time data for use by java runtimes Launchpad-Bugs-Fixed: 649348 Changes: tzdata (2010m-0ubuntu0.9.10) karmic-proposed; urgency=low . * New upstream release 2010m: (LP: #649348) - Asia: No DST in Hong Kong in 1977 - zone.tab: Remove obsolete association of Vostok Station with South Magnetic Pole; add association with Lake Vostok (thanks to Petr Machata for finding the problem) * da.po: Add Danish translation from Joe Hansen (thanks Aurelien Jarno) Checksums-Sha1: f989a5c3bd0cc5d9803c99ce4c9ead9df0f5bf71 1886 tzdata_2010m-0ubuntu0.9.10.dsc 3e74330984b6aeb47cf27de2b860b2c69b2a0731 191470 tzdata_2010m.orig.tar.gz 340e3abaa8e3eb22f715717a44a68a5b89d54a04 245409 tzdata_2010m-0ubuntu0.9.10.diff.gz Checksums-Sha256: 42e7a8f37fb29f6481bfd7ebaaa157a253225c0e1eaf7c0d9f8d6d44f3f8fcf8 1886 tzdata_2010m-0ubuntu0.9.10.dsc 1454a13a32e23e81195404d00ab97a64a356e9a5852fc7d121ed7e58cbdb75aa 191470 tzdata_2010m.orig.tar.gz ab07c6d4bf758ef8605e122a50c20eb014927e2ef681aad436b6d9b55e4e7458 245409 tzdata_2010m-0ubuntu0.9.10.diff.gz Files: 5c866f3ed8bd9d2774872a95ce4a80bc 1886 libs required tzdata_2010m-0ubuntu0.9.10.dsc 9e33cb126c8cb6673f39390d347fb0e2 191470 libs required tzdata_2010m.orig.tar.gz 3bfdd4d8f6adc194193c00a3328f496b 245409 libs required tzdata_2010m-0ubuntu0.9.10.diff.gz Original-Maintainer: GNU Libc Maintainers From archive at ubuntu.com Thu Oct 7 14:06:19 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Thu, 07 Oct 2010 14:06:19 -0000 Subject: [ubuntu/karmic-security] postgresql-8.4_8.4.5-0ubuntu9.10_lpia_translations.tar.gz, postgresql-8.4, postgresql-8.4_8.4.5-0ubuntu9.10_sparc_translations.tar.gz (delayed), postgresql-8.4_8.4.5-0ubuntu9.10_i386_translations.tar.gz, postgresql-8.4_8.4.5-0ubuntu9.10_amd64_translations.tar.gz, postgresql-8.4_8.4.5-0ubuntu9.10_ia64_translations.tar.gz, postgresql-8.4_8.4.5-0ubuntu9.10_armel_translations.tar.gz, postgresql-8.4_8.4.5-0ubuntu9.10_powerpc_translations.tar.gz 8.4.5-0ubuntu9.10 (Accepted) Message-ID: <20101007140619.22334.56439.launchpad@cocoplum.canonical.com> postgresql-8.4 (8.4.5-0ubuntu9.10) karmic-security; urgency=low * New upstream security/bug fix update: (LP: #655293) - Use a separate interpreter for each calling SQL userid in PL/Perl and PL/Tcl. This change prevents security problems that can be caused by subverting Perl or Tcl code that will be executed later in the same session under another SQL user identity (for example, within a SECURITY DEFINER function). Most scripting languages offer numerous ways that that might be done, such as redefining standard functions or operators called by the target function. Without this change, any SQL user with Perl or Tcl language usage rights can do essentially anything with the SQL privileges of the target function's owner. The cost of this change is that intentional communication among Perl and Tcl functions becomes more difficult. To provide an escape hatch, PL/PerlU and PL/TclU functions continue to use only one interpreter per session. This is not considered a security issue since all such functions execute at the trust level of a database superuser already. It is likely that third-party procedural languages that claim to offer trusted execution have similar security issues. We advise contacting the authors of any PL you are depending on for security-critical purposes. Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). - Prevent possible crashes in pg_get_expr() by disallowing it from being called with an argument that is not one of the system catalog columns it's intended to be used with. - Fix incorrect placement of placeholder evaluation. This bug could result in query outputs being non-null when they should be null, in cases where the inner side of an outer join is a sub-select with non-strict expressions in its output list. - Fix possible duplicate scans of UNION ALL member relations. - Fix "cannot handle unplanned sub-select" error. This occurred when a sub-select contains a join alias reference that expands into an expression containing another sub-select. - Fix mishandling of whole-row Vars that reference a view or sub-select and appear within a nested sub-select. - Fix mishandling of cross-type IN comparisons. This could result in failures if the planner tried to implement an IN join with a sort-then-unique-then-plain-join plan. - Fix computation of "ANALYZE" statistics for tsvector columns. The original coding could produce incorrect statistics, leading to poor plan choices later. - Improve planner's estimate of memory used by array_agg(), string_agg(), and similar aggregate functions. The previous drastic underestimate could lead to out-of-memory failures due to inappropriate choice of a hash-aggregation plan. - Fix failure to mark cached plans as transient. If a plan is prepared while "CREATE INDEX CONCURRENTLY" is in progress for one of the referenced tables, it is supposed to be re-planned once the index is ready for use. This was not happening reliably. - Reduce PANIC to ERROR in some occasionally-reported btree failure cases, and provide additional detail in the resulting error messages. This should improve the system's robustness with corrupted indexes. - Fix incorrect search logic for partial-match queries with GIN indexes. Cases involving AND/OR combination of several GIN index conditions didn't always give the right answer, and were sometimes much slower than necessary. - Prevent show_session_authorization() from crashing within autovacuum processes. - Defend against functions returning setof record where not all the returned rows are actually of the same rowtype. - Fix possible corruption of pending trigger event lists during subtransaction rollback. This could lead to a crash or incorrect firing of triggers. - Fix possible failure when hashing a pass-by-reference function result. - Improve merge join's handling of NULLs in the join columns. A merge join can now stop entirely upon reaching the first NULL, if the sort order is such that NULLs sort high. - Take care to fsync the contents of lockfiles (both "postmaster.pid" and the socket lockfile) while writing them. This omission could result in corrupted lockfile contents if the machine crashes shortly after postmaster start. That could in turn prevent subsequent attempts to start the postmaster from succeeding, until the lockfile is manually removed. - Avoid recursion while assigning XIDs to heavily-nested subtransactions. The original coding could result in a crash if there was limited stack space. - Avoid holding open old WAL segments in the walwriter process. The previous coding would prevent removal of no-longer-needed segments. - Fix log_line_prefix's %i escape, which could produce junk early in backend startup. - Prevent misinterpretation of partially-specified relation options for TOAST tables. In particular, fillfactor would be read as zero if any other reloption had been set for the table, leading to serious bloat. - Fix inheritance count tracking in "ALTER TABLE ... ADD CONSTRAINT" - Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE" when archiving is enabled. - Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to be interrupted by query-cancel. - Improve "CREATE INDEX"'s checking of whether proposed index expressions are immutable. - Fix "REASSIGN OWNED" to handle operator classes and families. - Fix possible core dump when comparing two empty tsquery values. - Fix LIKE's handling of patterns containing % followed by _. We've fixed this before, but there were still some incorrectly-handled cases. - Re-allow input of Julian dates prior to 0001-01-01 AD. Input such as 'J100000'::date worked before 8.4, but was unintentionally broken by added error-checking. - Fix PL/pgSQL to throw an error, not crash, if a cursor is closed within a FOR loop that is iterating over that cursor. - In PL/Python, defend against null pointer results from PyCObject_AsVoidPtr and PyCObject_FromVoidPtr. - In libpq, fix full SSL certificate verification for the case where both host and hostaddr are specified. - Make psql recognize "DISCARD ALL" as a command that should not be encased in a transaction block in autocommit-off mode. - Fix some issues in pg_dump's handling of SQL/MED objects. Notably, pg_dump would always fail if run by a non-superuser, which was not intended. - Improve pg_dump and pg_restore's handling of non-seekable archive files. This is important for proper functioning of parallel restore. - Improve parallel pg_restore's ability to cope with selective restore (-L option). The original code tended to fail if the -L file commanded a non-default restore ordering. - Fix ecpg to process data from RETURNING clauses correctly. - Fix some memory leaks in ecpg. - Improve "contrib/dblink"'s handling of tables containing dropped columns. - Fix connection leak after "duplicate connection name" errors in "contrib/dblink". - Fix "contrib/dblink" to handle connection names longer than 62 bytes correctly. - Add hstore(text, text) function to "contrib/hstore". This function is the recommended substitute for the now-deprecated => operator. It was back-patched so that future-proofed code can be used with older server versions. Note that the patch will be effective only after "contrib/hstore" is installed or reinstalled in a particular database. Users might prefer to execute the "CREATE FUNCTION" command by hand, instead. - Update build infrastructure and documentation to reflect the source code repository's move from CVS to Git. Date: Tue, 05 Oct 2010 22:11:42 +0200 Changed-By: Martin Pitt Maintainer: Ubuntu Core Developers https://launchpad.net/ubuntu/karmic/+source/postgresql-8.4/8.4.5-0ubuntu9.10 -------------- next part -------------- Format: 1.8 Date: Tue, 05 Oct 2010 22:11:42 +0200 Source: postgresql-8.4 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib Architecture: source Version: 8.4.5-0ubuntu9.10 Distribution: karmic-security Urgency: low Maintainer: Ubuntu Core Developers Changed-By: Martin Pitt Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql - object-relational SQL database (supported version) postgresql-8.4 - object-relational SQL database, version 8.4 server postgresql-client - front-end programs for PostgreSQL (supported version) postgresql-client-8.4 - front-end programs for PostgreSQL 8.4 postgresql-contrib - additional facilities for PostgreSQL (supported version) postgresql-contrib-8.4 - additional facilities for PostgreSQL postgresql-doc - documentation for the PostgreSQL database management system postgresql-doc-8.4 - documentation for the PostgreSQL database management system postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming Changes: postgresql-8.4 (8.4.5-0ubuntu9.10) karmic-security; urgency=low . * New upstream security/bug fix update: (LP: #655293) - Use a separate interpreter for each calling SQL userid in PL/Perl and PL/Tcl. This change prevents security problems that can be caused by subverting Perl or Tcl code that will be executed later in the same session under another SQL user identity (for example, within a SECURITY DEFINER function). Most scripting languages offer numerous ways that that might be done, such as redefining standard functions or operators called by the target function. Without this change, any SQL user with Perl or Tcl language usage rights can do essentially anything with the SQL privileges of the target function's owner. The cost of this change is that intentional communication among Perl and Tcl functions becomes more difficult. To provide an escape hatch, PL/PerlU and PL/TclU functions continue to use only one interpreter per session. This is not considered a security issue since all such functions execute at the trust level of a database superuser already. It is likely that third-party procedural languages that claim to offer trusted execution have similar security issues. We advise contacting the authors of any PL you are depending on for security-critical purposes. Our thanks to Tim Bunce for pointing out this issue (CVE-2010-3433). - Prevent possible crashes in pg_get_expr() by disallowing it from being called with an argument that is not one of the system catalog columns it's intended to be used with. - Fix incorrect placement of placeholder evaluation. This bug could result in query outputs being non-null when they should be null, in cases where the inner side of an outer join is a sub-select with non-strict expressions in its output list. - Fix possible duplicate scans of UNION ALL member relations. - Fix "cannot handle unplanned sub-select" error. This occurred when a sub-select contains a join alias reference that expands into an expression containing another sub-select. - Fix mishandling of whole-row Vars that reference a view or sub-select and appear within a nested sub-select. - Fix mishandling of cross-type IN comparisons. This could result in failures if the planner tried to implement an IN join with a sort-then-unique-then-plain-join plan. - Fix computation of "ANALYZE" statistics for tsvector columns. The original coding could produce incorrect statistics, leading to poor plan choices later. - Improve planner's estimate of memory used by array_agg(), string_agg(), and similar aggregate functions. The previous drastic underestimate could lead to out-of-memory failures due to inappropriate choice of a hash-aggregation plan. - Fix failure to mark cached plans as transient. If a plan is prepared while "CREATE INDEX CONCURRENTLY" is in progress for one of the referenced tables, it is supposed to be re-planned once the index is ready for use. This was not happening reliably. - Reduce PANIC to ERROR in some occasionally-reported btree failure cases, and provide additional detail in the resulting error messages. This should improve the system's robustness with corrupted indexes. - Fix incorrect search logic for partial-match queries with GIN indexes. Cases involving AND/OR combination of several GIN index conditions didn't always give the right answer, and were sometimes much slower than necessary. - Prevent show_session_authorization() from crashing within autovacuum processes. - Defend against functions returning setof record where not all the returned rows are actually of the same rowtype. - Fix possible corruption of pending trigger event lists during subtransaction rollback. This could lead to a crash or incorrect firing of triggers. - Fix possible failure when hashing a pass-by-reference function result. - Improve merge join's handling of NULLs in the join columns. A merge join can now stop entirely upon reaching the first NULL, if the sort order is such that NULLs sort high. - Take care to fsync the contents of lockfiles (both "postmaster.pid" and the socket lockfile) while writing them. This omission could result in corrupted lockfile contents if the machine crashes shortly after postmaster start. That could in turn prevent subsequent attempts to start the postmaster from succeeding, until the lockfile is manually removed. - Avoid recursion while assigning XIDs to heavily-nested subtransactions. The original coding could result in a crash if there was limited stack space. - Avoid holding open old WAL segments in the walwriter process. The previous coding would prevent removal of no-longer-needed segments. - Fix log_line_prefix's %i escape, which could produce junk early in backend startup. - Prevent misinterpretation of partially-specified relation options for TOAST tables. In particular, fillfactor would be read as zero if any other reloption had been set for the table, leading to serious bloat. - Fix inheritance count tracking in "ALTER TABLE ... ADD CONSTRAINT" - Fix possible data corruption in "ALTER TABLE ... SET TABLESPACE" when archiving is enabled. - Allow "CREATE DATABASE" and "ALTER DATABASE ... SET TABLESPACE" to be interrupted by query-cancel. - Improve "CREATE INDEX"'s checking of whether proposed index expressions are immutable. - Fix "REASSIGN OWNED" to handle operator classes and families. - Fix possible core dump when comparing two empty tsquery values. - Fix LIKE's handling of patterns containing % followed by _. We've fixed this before, but there were still some incorrectly-handled cases. - Re-allow input of Julian dates prior to 0001-01-01 AD. Input such as 'J100000'::date worked before 8.4, but was unintentionally broken by added error-checking. - Fix PL/pgSQL to throw an error, not crash, if a cursor is closed within a FOR loop that is iterating over that cursor. - In PL/Python, defend against null pointer results from PyCObject_AsVoidPtr and PyCObject_FromVoidPtr. - In libpq, fix full SSL certificate verification for the case where both host and hostaddr are specified. - Make psql recognize "DISCARD ALL" as a command that should not be encased in a transaction block in autocommit-off mode. - Fix some issues in pg_dump's handling of SQL/MED objects. Notably, pg_dump would always fail if run by a non-superuser, which was not intended. - Improve pg_dump and pg_restore's handling of non-seekable archive files. This is important for proper functioning of parallel restore. - Improve parallel pg_restore's ability to cope with selective restore (-L option). The original code tended to fail if the -L file commanded a non-default restore ordering. - Fix ecpg to process data from RETURNING clauses correctly. - Fix some memory leaks in ecpg. - Improve "contrib/dblink"'s handling of tables containing dropped columns. - Fix connection leak after "duplicate connection name" errors in "contrib/dblink". - Fix "contrib/dblink" to handle connection names longer than 62 bytes correctly. - Add hstore(text, text) function to "contrib/hstore". This function is the recommended substitute for the now-deprecated => operator. It was back-patched so that future-proofed code can be used with older server versions. Note that the patch will be effective only after "contrib/hstore" is installed or reinstalled in a particular database. Users might prefer to execute the "CREATE FUNCTION" command by hand, instead. - Update build infrastructure and documentation to reflect the source code repository's move from CVS to Git. Checksums-Sha1: a11b899b7d0dbf3e212e5e4bf400cf98b1ea347e 2440 postgresql-8.4_8.4.5-0ubuntu9.10.dsc 17b83944d892f3e592c615184e41d720239ba596 17590296 postgresql-8.4_8.4.5.orig.tar.gz bd755600a910411612dcbb9675a9ef9c667598fd 37946 postgresql-8.4_8.4.5-0ubuntu9.10.diff.gz Checksums-Sha256: 8da479420df65c625cd6be9f624cb9be08fce64b3280e483b50a767e9d87eafb 2440 postgresql-8.4_8.4.5-0ubuntu9.10.dsc c2eeb85a871cb7c3f494ce247e729758854e9f4a193fb5aade0e0709e8e466b3 17590296 postgresql-8.4_8.4.5.orig.tar.gz 1653827f08013e6ca7c216955526edceea553b1eabe856ffb6c31b7a5bcbd612 37946 postgresql-8.4_8.4.5-0ubuntu9.10.diff.gz Files: 70badcc1df2ae436b279b50a2ce97f73 2440 database optional postgresql-8.4_8.4.5-0ubuntu9.10.dsc 8ddea33493bf5cf6f5ea62212bb079df 17590296 database optional postgresql-8.4_8.4.5.orig.tar.gz e83c022302e5f99f346c59a259da9cd2 37946 database optional postgresql-8.4_8.4.5-0ubuntu9.10.diff.gz Launchpad-Bugs-Fixed: 655293 Original-Maintainer: Martin Pitt From archive at ubuntu.com Thu Oct 7 14:24:32 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Thu, 07 Oct 2010 14:24:32 -0000 Subject: [ubuntu/karmic-security] openssl_0.9.8g-16ubuntu3.3_i386_translations.tar.gz, openssl_0.9.8g-16ubuntu3.3_ia64_translations.tar.gz, openssl_0.9.8g-16ubuntu3.3_powerpc_translations.tar.gz, openssl_0.9.8g-16ubuntu3.3_lpia_translations.tar.gz, openssl, openssl_0.9.8g-16ubuntu3.3_armel_translations.tar.gz, openssl_0.9.8g-16ubuntu3.3_amd64_translations.tar.gz, openssl_0.9.8g-16ubuntu3.3_sparc_translations.tar.gz (delayed) 0.9.8g-16ubuntu3.3 (Accepted) Message-ID: <20101007142432.29802.4340.launchpad@cocoplum.canonical.com> openssl (0.9.8g-16ubuntu3.3) karmic-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via unchecked bn_wexpand return values. (LP: #655884) - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c, engines/e_ubsec.c: check return values. - http://cvs.openssl.org/chngview?cn=18936 - http://cvs.openssl.org/chngview?cn=19309 - CVE-2009-3245 * SECURITY UPDATE: denial of service and possible code execution via crafted private key with an invalid prime. - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it. - http://www.mail-archive.com/openssl-dev at openssl.org/msg28049.html - CVE-2010-2939 Date: Wed, 06 Oct 2010 17:38:20 -0400 Changed-By: Marc Deslauriers Maintainer: Ubuntu Core Developers https://launchpad.net/ubuntu/karmic/+source/openssl/0.9.8g-16ubuntu3.3 -------------- next part -------------- Format: 1.8 Date: Wed, 06 Oct 2010 17:38:20 -0400 Source: openssl Binary: openssl openssl-doc libssl0.9.8 libcrypto0.9.8-udeb libssl-dev libssl0.9.8-dbg Architecture: source Version: 0.9.8g-16ubuntu3.3 Distribution: karmic-security Urgency: low Maintainer: Ubuntu Core Developers Changed-By: Marc Deslauriers Description: libcrypto0.9.8-udeb - crypto shared library - udeb (udeb) libssl-dev - SSL development libraries, header files and documentation libssl0.9.8 - SSL shared libraries libssl0.9.8-dbg - Symbol tables for libssl and libcrypto openssl - Secure Socket Layer (SSL) binary and related cryptographic tools openssl-doc - Secure Socket Layer (SSL) documentation Changes: openssl (0.9.8g-16ubuntu3.3) karmic-security; urgency=low . * SECURITY UPDATE: denial of service and possible code execution via unchecked bn_wexpand return values. (LP: #655884) - crypto/bn/{bn_mul,bn_div,bn_gf2m}.c, crypto/ec/ec2_smpl.c, engines/e_ubsec.c: check return values. - http://cvs.openssl.org/chngview?cn=18936 - http://cvs.openssl.org/chngview?cn=19309 - CVE-2009-3245 * SECURITY UPDATE: denial of service and possible code execution via crafted private key with an invalid prime. - ssl/s3_clnt.c: set bn_ctx to NULL after freeing it. - http://www.mail-archive.com/openssl-dev at openssl.org/msg28049.html - CVE-2010-2939 Checksums-Sha1: 3d1c326ab6458d8b61b98617370e186b0d9929dd 2078 openssl_0.9.8g-16ubuntu3.3.dsc 3e90302257343a97a4279a40ba33e4f4c7dc00e8 76466 openssl_0.9.8g-16ubuntu3.3.diff.gz Checksums-Sha256: 590d94ed6f4515276cfeb436fdd1ca16ef6ca2cb1cb57e2a0411eb08a45cabbd 2078 openssl_0.9.8g-16ubuntu3.3.dsc 1b0247a9293c8fa03433d1b8528c5907fdd7654d9c2a2e6f61007f9db577f4d5 76466 openssl_0.9.8g-16ubuntu3.3.diff.gz Files: 80e5d4dc5237d6b27a5a9fa8ee2c7599 2078 utils optional openssl_0.9.8g-16ubuntu3.3.dsc d0c364cf8057acb34f1d00072f695507 76466 utils optional openssl_0.9.8g-16ubuntu3.3.diff.gz Launchpad-Bugs-Fixed: 655884 Original-Maintainer: Debian OpenSSL Team From brian.thomason at canonical.com Mon Oct 11 06:00:36 2010 From: brian.thomason at canonical.com (Brian Thomason) Date: Mon, 11 Oct 2010 06:00:36 -0000 Subject: [ubuntu/karmic] uex 1.2.0.12-1karmic1 (Accepted) Message-ID: <20101011060036.14744.66541.launchpad@cocoplum.canonical.com> uex (1.2.0.12-1karmic1) karmic; urgency=low * Properly indented feature list in long desc Date: Mon, 11 Oct 2010 01:52:56 -0400 Changed-By: Brian Thomason Maintainer: IDM Computer Solutions, Inc. https://launchpad.net/ubuntu/karmic/+source/uex/1.2.0.12-1karmic1 -------------- next part -------------- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 11 Oct 2010 01:52:56 -0400 Source: uex Binary: uex Architecture: source Version: 1.2.0.12-1karmic1 Distribution: karmic Urgency: low Maintainer: IDM Computer Solutions, Inc. Changed-By: Brian Thomason Description: uex - UltraEdit is a text, hex, and programming language editor Changes: uex (1.2.0.12-1karmic1) karmic; urgency=low . * Properly indented feature list in long desc Checksums-Sha1: b138d58699d55de1f46af52ad9a32e32382e5b31 1026 uex_1.2.0.12-1karmic1.dsc 7d104a64924c6ada9612e39a8161343a154fcd41 127923247 uex_1.2.0.12.orig.tar.gz 7daedb8394078d5786f6e37a296a4668455ab32a 16048 uex_1.2.0.12-1karmic1.diff.gz Checksums-Sha256: 15a19021767abc4618675b7d99c13b74b68e1f2b0064f4aca3588b6fd817e9a1 1026 uex_1.2.0.12-1karmic1.dsc 7ee001b90b8b18763cbfdf179265005ef9cab2ef2e229d336cb958d881d11b77 127923247 uex_1.2.0.12.orig.tar.gz d39354aebd7c89e48e14af87db6e387d750acf27dba6d61af8745b92a92739d6 16048 uex_1.2.0.12-1karmic1.diff.gz Files: 02c5585ad3fe20fcb00e80f487c01d83 1026 partner/editors extra uex_1.2.0.12-1karmic1.dsc 686541d8c2f93702f2c473ef7bc9d5eb 127923247 partner/editors extra uex_1.2.0.12.orig.tar.gz 0977ef5d9d73a16c840fcbb8282c17c4 16048 partner/editors extra uex_1.2.0.12-1karmic1.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyypuwACgkQOb4zNfJqN5ewoQCfU29SFHM9Gu9g0bgf7eGVNKqu DI0AnjWI39QEhy0zjNz+au013XD8i9/x =yGTM -----END PGP SIGNATURE----- From staff.rm at openbravo.com Mon Oct 11 21:15:50 2010 From: staff.rm at openbravo.com (Openbravo Release Management Team) Date: Mon, 11 Oct 2010 21:15:50 -0000 Subject: [ubuntu/karmic] openbravo-erp 2.50MP-22-1karmic1 (Accepted) Message-ID: <20101011211550.6612.81872.launchpad@cocoplum.canonical.com> openbravo-erp (2.50MP-22-1karmic1) karmic; urgency=low * New upstream release: 2.50MP22 for karmic Date: Thu, 30 Sep 2010 21:23:12 +0200 Changed-By: Openbravo Release Management Team Maintainer: Brian Thomason Signed-By: Brian Thomason https://launchpad.net/ubuntu/karmic/+source/openbravo-erp/2.50MP-22-1karmic1 -------------- next part -------------- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 30 Sep 2010 21:23:12 +0200 Source: openbravo-erp Binary: openbravo-erp Architecture: source Version: 2.50MP-22-1karmic1 Distribution: karmic Urgency: low Maintainer: Brian Thomason Changed-By: Openbravo Release Management Team Description: openbravo-erp - Enterprise Resource Planning solution Changes: openbravo-erp (2.50MP-22-1karmic1) karmic; urgency=low . * New upstream release: 2.50MP22 for karmic Checksums-Sha1: 851016f7a77229dea266faa1edb56729798cfd7a 1125 openbravo-erp_2.50MP-22-1karmic1.dsc 5891576b093f8dd28a33169b9c08d5e2a797d3fe 120712770 openbravo-erp_2.50MP-22.orig.tar.gz 9627e27f425ccdc2a7768ce23cbf20f9b02d0a9d 8838 openbravo-erp_2.50MP-22-1karmic1.diff.gz Checksums-Sha256: c000d6a3088b6518158ed1d1432ca3f4e6e39a39635457c4a28dc422f2e8c61e 1125 openbravo-erp_2.50MP-22-1karmic1.dsc 9ba4057b5cda7cfb65106afdcb0bbf912d25a94ec885a6d5f285d65399a53b27 120712770 openbravo-erp_2.50MP-22.orig.tar.gz 0f3ed4a3df8fbcdc75e9dd672f42e2df1aa417b19e2c265a60416eb75717a450 8838 openbravo-erp_2.50MP-22-1karmic1.diff.gz Files: c049409e701132ecb89dbead060342bb 1125 partner/web extra openbravo-erp_2.50MP-22-1karmic1.dsc 207756bd99451d650dd41c7e09637e78 120712770 partner/web extra openbravo-erp_2.50MP-22.orig.tar.gz c65332203571bcab821306ee1896f8cc 8838 partner/web extra openbravo-erp_2.50MP-22-1karmic1.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyze7UACgkQOb4zNfJqN5fszACfQW1LC05JWjIbw9KhCpo835Pn 624An0gOuyXbeGEEt4j/GTFswUZ666eT =S/RK -----END PGP SIGNATURE----- From brian.thomason at canonical.com Wed Oct 13 20:00:30 2010 From: brian.thomason at canonical.com (Brian Thomason) Date: Wed, 13 Oct 2010 20:00:30 -0000 Subject: [ubuntu/karmic] acroread 9.4-1karmic1 (Accepted) Message-ID: <20101013200030.28561.75530.launchpad@cocoplum.canonical.com> acroread (9.4-1karmic1) karmic; urgency=low * Initial release of 9.4 for Karmic Date: Wed, 13 Oct 2010 15:50:14 -0400 Changed-By: Brian Thomason https://launchpad.net/ubuntu/karmic/+source/acroread/9.4-1karmic1 -------------- next part -------------- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 13 Oct 2010 15:50:14 -0400 Source: acroread Binary: acroread Architecture: source Version: 9.4-1karmic1 Distribution: karmic Urgency: low Maintainer: Brian Thomason Changed-By: Brian Thomason Description: acroread - Adobe Reader Changes: acroread (9.4-1karmic1) karmic; urgency=low . * Initial release of 9.4 for Karmic Checksums-Sha1: eaec035c6a550c8396664afb9f87ccd515797f5b 1189 acroread_9.4-1karmic1.dsc 84ea4987236073d5d91c4b06beb2b7b226da2f11 5870 acroread_9.4-1karmic1.diff.gz Checksums-Sha256: 69a2011b51d2f5e8b311c9cd4ffc7d677a8f9b9782ed6e9dbb4dcd12a096788f 1189 acroread_9.4-1karmic1.dsc 26770da4081d1bf1d4660adb647bd86fe4a81fd74faf21911fa1da17a127a299 5870 acroread_9.4-1karmic1.diff.gz Files: 450f420c186d56ccacbc88346771b20f 1189 partner/text extra acroread_9.4-1karmic1.dsc 0d70b998e2a778b21f869e4c2fb1984f 5870 partner/text extra acroread_9.4-1karmic1.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAky2DY4ACgkQOb4zNfJqN5eoSACeMux1186m8RjcgmqwChQ6pmFg MasAnj8ZPvPICk3/9pVted7CHuutleGC =t25M -----END PGP SIGNATURE----- From brian.thomason at canonical.com Wed Oct 13 20:15:31 2010 From: brian.thomason at canonical.com (Brian Thomason) Date: Wed, 13 Oct 2010 20:15:31 -0000 Subject: [ubuntu/karmic] adobereader-deu 9.4-1karmic1 (Accepted) Message-ID: <20101013201531.1473.90826.launchpad@cocoplum.canonical.com> adobereader-deu (9.4-1karmic1) karmic; urgency=low * New upstream release Date: Wed, 13 Oct 2010 15:15:05 -0400 Changed-By: Brian Thomason https://launchpad.net/ubuntu/karmic/+source/adobereader-deu/9.4-1karmic1 -------------- next part -------------- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 13 Oct 2010 15:15:05 -0400 Source: adobereader-deu Binary: adobereader-deu Architecture: source Version: 9.4-1karmic1 Distribution: karmic Urgency: low Maintainer: Brian Thomason Changed-By: Brian Thomason Description: adobereader-deu - Adobe Reader Changes: adobereader-deu (9.4-1karmic1) karmic; urgency=low . * New upstream release Checksums-Sha1: 0e99fdf51d9de27cb6e0b85affe81779ffb5b170 1245 adobereader-deu_9.4-1karmic1.dsc 1819f9a91c6dadda7cfcd6f0d4a279d700a529f7 68794636 adobereader-deu_9.4.orig.tar.gz 267380092488545d07f4fadd5644624afd7510b8 5001 adobereader-deu_9.4-1karmic1.diff.gz Checksums-Sha256: 1fdd316c5d65430b4185ab8c6407be1c0a5762e9bec51869b21ef436d44b93d2 1245 adobereader-deu_9.4-1karmic1.dsc be761842dd40180390e8331cf9c88eea0beb28a8bb225a15656c8aad76f5969c 68794636 adobereader-deu_9.4.orig.tar.gz 517088b8c499b59dd6efe5e32420dd054492b57ae8cfd6ccb15665234dc28421 5001 adobereader-deu_9.4-1karmic1.diff.gz Files: 3cff9b769dedf04e5e191b4ec2343c2b 1245 partner/text extra adobereader-deu_9.4-1karmic1.dsc d268529c6f435b727c1812205d27bfbf 68794636 partner/text extra adobereader-deu_9.4.orig.tar.gz 913c069db72f6c15a76e07e7cd86fd20 5001 partner/text extra adobereader-deu_9.4-1karmic1.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAky2BWEACgkQOb4zNfJqN5d5hwCfQrP0X7n9/vOGPmRiWM4r1bMh zPcAnR2g0xz8+o9aQ98XPxZK53mX52LW =LXtJ -----END PGP SIGNATURE----- From archive at ubuntu.com Tue Oct 19 16:03:27 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Tue, 19 Oct 2010 16:03:27 -0000 Subject: [ubuntu/karmic-security] poppler (delayed), poppler 0.12.0-0ubuntu2.3 (Accepted) Message-ID: <20101019160327.29341.28964.launchpad@cocoplum.canonical.com> poppler (0.12.0-0ubuntu2.3) karmic-security; urgency=low * SECURITY UPDATE: possible arbitrary code execution via malformed PDF - debian/patches/13_security_CVE-2010-3702.patch: properly initialize parser in poppler/Gfx.cc. - CVE-2010-3702 * SECURITY UPDATE: possible arbitrary code execution via malformed PDF - debian/patches/14_security_CVE-2010-3703.patch: Properly initialize stack in poppler/Function.cc. - CVE-2010-3703 * SECURITY UPDATE: possible arbitrary code execution via malformed PDF - debian/patches/15_security_CVE-2010-3704.patch: make sure code isn't < 0 in fofi/FoFiType1.cc. - CVE-2010-3704 Date: Wed, 13 Oct 2010 16:02:02 -0400 Changed-By: Marc Deslauriers Maintainer: Ubuntu Core Developers https://launchpad.net/ubuntu/karmic/+source/poppler/0.12.0-0ubuntu2.3 -------------- next part -------------- Format: 1.8 Date: Wed, 13 Oct 2010 16:02:02 -0400 Source: poppler Binary: libpoppler5 libpoppler-dev libpoppler-glib4 libpoppler-glib-dev libpoppler-qt2 libpoppler-qt-dev libpoppler-qt4-3 libpoppler-qt4-dev poppler-utils poppler-dbg Architecture: source Version: 0.12.0-0ubuntu2.3 Distribution: karmic-security Urgency: low Maintainer: Ubuntu Core Developers Changed-By: Marc Deslauriers Description: libpoppler-dev - PDF rendering library -- development files libpoppler-glib-dev - PDF rendering library -- development files (GLib interface) libpoppler-glib4 - PDF rendering library (GLib-based shared library) libpoppler-qt-dev - PDF rendering library -- development files (Qt 3 interface) libpoppler-qt2 - PDF rendering library (Qt 3 based shared library) libpoppler-qt4-3 - PDF rendering library (Qt 4 based shared library) libpoppler-qt4-dev - PDF rendering library -- development files (Qt 4 interface) libpoppler5 - PDF rendering library poppler-dbg - PDF rendering library - detached debugging symbols poppler-utils - PDF utilitites (based on libpoppler) Changes: poppler (0.12.0-0ubuntu2.3) karmic-security; urgency=low . * SECURITY UPDATE: possible arbitrary code execution via malformed PDF - debian/patches/13_security_CVE-2010-3702.patch: properly initialize parser in poppler/Gfx.cc. - CVE-2010-3702 * SECURITY UPDATE: possible arbitrary code execution via malformed PDF - debian/patches/14_security_CVE-2010-3703.patch: Properly initialize stack in poppler/Function.cc. - CVE-2010-3703 * SECURITY UPDATE: possible arbitrary code execution via malformed PDF - debian/patches/15_security_CVE-2010-3704.patch: make sure code isn't < 0 in fofi/FoFiType1.cc. - CVE-2010-3704 Checksums-Sha1: e21fc3388f3b89919e8b075d5f279358152d3bb4 2333 poppler_0.12.0-0ubuntu2.3.dsc 89919814e18fa3f5c60aeb9c53aa0f76a35d9988 16162 poppler_0.12.0-0ubuntu2.3.diff.gz Checksums-Sha256: 459ca7551bc9172eee5eb630794dd1f9eefb11e71fc81973a2d9e4f6525051bd 2333 poppler_0.12.0-0ubuntu2.3.dsc a2673eeaa6b72ed29506b5eafe02b0b9d74f2a952026a234f09bf48d47aa4ab1 16162 poppler_0.12.0-0ubuntu2.3.diff.gz Files: 0ca7e3c51f46e811ab8b764d19735017 2333 devel optional poppler_0.12.0-0ubuntu2.3.dsc e2f7027909f54a82d3b05a5dab49bfe3 16162 devel optional poppler_0.12.0-0ubuntu2.3.diff.gz Original-Maintainer: Loic Minier From archive at ubuntu.com Tue Oct 19 18:07:11 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Tue, 19 Oct 2010 18:07:11 -0000 Subject: [ubuntu/karmic-security] linux-ec2 (delayed), linux-ec2 2.6.31-307.21 (Accepted) Message-ID: <20101019180711.29946.71496.launchpad@cocoplum.canonical.com> linux-ec2 (2.6.31-307.21) karmic-security; urgency=low [ John Johansen ] * Rebased to 2.6.31-22.67 [ Ubuntu: 2.6.31-22.67 ] * Local privilege escalation vulnerability in RDS sockets - CVE-2010-3904 * v4l: disable dangerous buggy compat function - CVE-2010-2963 * mm: Do not assume ENOMEM when looking at a split stack vma - LP: #646114 * mm: Use helper to find real vma with stack guard page - LP: #646114 * Fix race in tty_fasync() properly - CVE-2009-4895 * ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files - CVE-2010-2066 * xfs: prevent swapext from operating on write-only files - CVE-2010-2226 * cifs: Fix a kernel BUG with remote OS/2 server (try #3) - CVE-2010-2248 * ethtool: Fix potential user buffer overflow for ETHTOOL_{G, S}RXFH - CVE-2010-2478 * l2tp: Fix oops in pppol2tp_xmit - CVE-2010-2495 * nfsd4: bug in read_buf - CVE-2010-2521 * CIFS: Fix a malicious redirect problem in the DNS lookup code - CVE-2010-2524 * GFS2: rename causes kernel Oops - CVE-2010-2798 * net sched: fix some kernel memory leaks - CVE-2010-2942 * jfs: don't allow os2 xattr namespace overlap with others - CVE-2010-2946 * irda: Correctly clean up self->ias_obj on irda_bind() failure. - CVE-2010-2954 * wireless extensions: fix kernel heap content leak - CVE-2010-2955 * ext4: consolidate in_range() definitions - CVE-2010-3015 * aio: check for multiplication overflow in do_io_submit - CVE-2010-3067 * xfs: prevent reading uninitialized stack memory - CVE-2010-3078 * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open() - CVE-2010-3080 * niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL - CVE-2010-3084 * rose: Fix signedness issues wrt. digi count. - CVE-2010-3310 * sctp: Do not reset the packet during sctp_packet_config(). - CVE-2010-3432 * Fix pktcdvd ioctl dev_minor range check - CVE-2010-3437 * ALSA: prevent heap corruption in snd_ctl_new() - CVE-2010-3442 * net sched: fix kernel leak in act_police - CVE-2010-3477 * Fix out-of-bounds reading in sctp_asoc_get_hmac() - CVE-2010-3705 * ocfs2: Don't walk off the end of fast symlinks. - CVE-2010-NNN2 linux-ec2 (2.6.31-307.20) karmic-proposed; urgency=low [ Stefan Bader ] * Rebased to 2.6.31-22.66 [ Ubuntu: 2.6.31-22.66 ] * SAUCE: (no-up) Modularize vesafb -- fix initialization - LP: #611471 * SAUCE: sched: update load count only once per cpu in 10 tick update window - LP: #513848 * (pre-stable) x86-32, resume: do a global tlb flush in S4 resume - LP: #531309 * PCI: Ensure we re-enable devices on resume - LP: #566149 [ Ubuntu: 2.6.31-22.65 ] * x86-64, compat: Test %rax for the syscall number, not %eax - CVE-2010-3301 * x86-64, compat: Retruncate rax after ia32 syscall entry tracing - CVE-2010-3301 * compat: Make compat_alloc_user_space() incorporate the access_ok() - CVE-2010-3081 Date: Sun, 17 Oct 2010 17:39:55 -0700 Changed-By: John Johansen Maintainer: Ubuntu Kernel Team https://launchpad.net/ubuntu/karmic/+source/linux-ec2/2.6.31-307.21 -------------- next part -------------- Format: 1.8 Date: Sun, 17 Oct 2010 17:39:55 -0700 Source: linux-ec2 Binary: linux-ec2-source-2.6.31 linux-ec2-doc linux-headers-2.6.31-307 linux-image-2.6.31-307-ec2 linux-headers-2.6.31-307-ec2 linux-image-debug-2.6.31-307-ec2 kernel-image-2.6.31-307-generic-di nic-modules-2.6.31-307-generic-di nic-shared-modules-2.6.31-307-generic-di serial-modules-2.6.31-307-generic-di ppp-modules-2.6.31-307-generic-di firewire-core-modules-2.6.31-307-generic-di scsi-modules-2.6.31-307-generic-di plip-modules-2.6.31-307-generic-di floppy-modules-2.6.31-307-generic-di fat-modules-2.6.31-307-generic-di nfs-modules-2.6.31-307-generic-di md-modules-2.6.31-307-generic-di usb-modules-2.6.31-307-generic-di pcmcia-storage-modules-2.6.31-307-generic-di fb-modules-2.6.31-307-generic-di input-modules-2.6.31-307-generic-di mouse-modules-2.6.31-307-generic-di irda-modules-2.6.31-307-generic-di parport-modules-2.6.31-307-generic-di nic-pcmcia-modules-2.6.31-307-generic-di pcmcia-modules-2.6.31-307-generic-di nic-usb-modules-2.6.31-307-generic-di sata-modules-2.6.31-307-generic-di crypto-modules-2.6.31-307-generic-di char-modules-2.6.31-307-generic-di fs-core-modules-2.6.31-307-generic-di fs-secondary-modules-2.6.31-307-generic-di pata-modules-2.6.31-307-generic-di storage-core-modules-2.6.31-307-generic-di block-modules-2.6.31-307-generic-di message-modules-2.6.31-307-generic-di virtio-modules-2.6.31-307-generic-di Architecture: source Version: 2.6.31-307.21 Distribution: karmic-security Urgency: low Maintainer: Ubuntu Kernel Team Changed-By: John Johansen Description: block-modules-2.6.31-307-generic-di - Block storage devices (udeb) char-modules-2.6.31-307-generic-di - Character module support (udeb) crypto-modules-2.6.31-307-generic-di - crypto modules (udeb) fat-modules-2.6.31-307-generic-di - FAT filesystem support (udeb) fb-modules-2.6.31-307-generic-di - Framebuffer modules (udeb) firewire-core-modules-2.6.31-307-generic-di - Firewire (IEEE-1394) Support (udeb) floppy-modules-2.6.31-307-generic-di - Floppy driver support (udeb) fs-core-modules-2.6.31-307-generic-di - Base filesystem modules (udeb) fs-secondary-modules-2.6.31-307-generic-di - Extra filesystem modules (udeb) input-modules-2.6.31-307-generic-di - Support for various input methods (udeb) irda-modules-2.6.31-307-generic-di - Support for Infrared protocols (udeb) kernel-image-2.6.31-307-generic-di - Linux kernel binary image for the Debian installer (udeb) linux-ec2-doc - Linux kernel specific documentation for version 2.6.31 linux-ec2-source-2.6.31 - Linux kernel source for version 2.6.31 with Ubuntu patches linux-headers-2.6.31-307 - Header files related to Linux kernel version 2.6.31 linux-headers-2.6.31-307-ec2 - Linux kernel headers for version 2.6.31 on x86/x86_64 linux-image-2.6.31-307-ec2 - Linux kernel image for version 2.6.31 on x86/x86_64 linux-image-debug-2.6.31-307-ec2 - Linux kernel debug image for version 2.6.31 on x86/x86_64 md-modules-2.6.31-307-generic-di - Multi-device support (raid, device-mapper, lvm) (udeb) message-modules-2.6.31-307-generic-di - Fusion and i2o storage modules (udeb) mouse-modules-2.6.31-307-generic-di - Mouse support (udeb) nfs-modules-2.6.31-307-generic-di - NFS filesystem drivers (udeb) nic-modules-2.6.31-307-generic-di - Network interface support (udeb) nic-pcmcia-modules-2.6.31-307-generic-di - PCMCIA network interface support (udeb) nic-shared-modules-2.6.31-307-generic-di - nic shared modules (udeb) nic-usb-modules-2.6.31-307-generic-di - USB network interface support (udeb) parport-modules-2.6.31-307-generic-di - Parallel port support (udeb) pata-modules-2.6.31-307-generic-di - PATA support modules (udeb) pcmcia-modules-2.6.31-307-generic-di - PCMCIA Modules (udeb) pcmcia-storage-modules-2.6.31-307-generic-di - PCMCIA storage support (udeb) plip-modules-2.6.31-307-generic-di - PLIP (parallel port) networking support (udeb) ppp-modules-2.6.31-307-generic-di - PPP (serial port) networking support (udeb) sata-modules-2.6.31-307-generic-di - SATA storage support (udeb) scsi-modules-2.6.31-307-generic-di - SCSI storage support (udeb) serial-modules-2.6.31-307-generic-di - Serial port support (udeb) storage-core-modules-2.6.31-307-generic-di - Core storage support (udeb) usb-modules-2.6.31-307-generic-di - Core USB support (udeb) virtio-modules-2.6.31-307-generic-di - VirtIO Modules (udeb) Changes: linux-ec2 (2.6.31-307.21) karmic-security; urgency=low . [ John Johansen ] . * Rebased to 2.6.31-22.67 . [ Ubuntu: 2.6.31-22.67 ] . * Local privilege escalation vulnerability in RDS sockets - CVE-2010-3904 * v4l: disable dangerous buggy compat function - CVE-2010-2963 * mm: Do not assume ENOMEM when looking at a split stack vma - LP: #646114 * mm: Use helper to find real vma with stack guard page - LP: #646114 * Fix race in tty_fasync() properly - CVE-2009-4895 * ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files - CVE-2010-2066 * xfs: prevent swapext from operating on write-only files - CVE-2010-2226 * cifs: Fix a kernel BUG with remote OS/2 server (try #3) - CVE-2010-2248 * ethtool: Fix potential user buffer overflow for ETHTOOL_{G, S}RXFH - CVE-2010-2478 * l2tp: Fix oops in pppol2tp_xmit - CVE-2010-2495 * nfsd4: bug in read_buf - CVE-2010-2521 * CIFS: Fix a malicious redirect problem in the DNS lookup code - CVE-2010-2524 * GFS2: rename causes kernel Oops - CVE-2010-2798 * net sched: fix some kernel memory leaks - CVE-2010-2942 * jfs: don't allow os2 xattr namespace overlap with others - CVE-2010-2946 * irda: Correctly clean up self->ias_obj on irda_bind() failure. - CVE-2010-2954 * wireless extensions: fix kernel heap content leak - CVE-2010-2955 * ext4: consolidate in_range() definitions - CVE-2010-3015 * aio: check for multiplication overflow in do_io_submit - CVE-2010-3067 * xfs: prevent reading uninitialized stack memory - CVE-2010-3078 * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open() - CVE-2010-3080 * niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL - CVE-2010-3084 * rose: Fix signedness issues wrt. digi count. - CVE-2010-3310 * sctp: Do not reset the packet during sctp_packet_config(). - CVE-2010-3432 * Fix pktcdvd ioctl dev_minor range check - CVE-2010-3437 * ALSA: prevent heap corruption in snd_ctl_new() - CVE-2010-3442 * net sched: fix kernel leak in act_police - CVE-2010-3477 * Fix out-of-bounds reading in sctp_asoc_get_hmac() - CVE-2010-3705 * ocfs2: Don't walk off the end of fast symlinks. - CVE-2010-NNN2 . linux-ec2 (2.6.31-307.20) karmic-proposed; urgency=low . [ Stefan Bader ] . * Rebased to 2.6.31-22.66 . [ Ubuntu: 2.6.31-22.66 ] . * SAUCE: (no-up) Modularize vesafb -- fix initialization - LP: #611471 * SAUCE: sched: update load count only once per cpu in 10 tick update window - LP: #513848 * (pre-stable) x86-32, resume: do a global tlb flush in S4 resume - LP: #531309 * PCI: Ensure we re-enable devices on resume - LP: #566149 . [ Ubuntu: 2.6.31-22.65 ] . * x86-64, compat: Test %rax for the syscall number, not %eax - CVE-2010-3301 * x86-64, compat: Retruncate rax after ia32 syscall entry tracing - CVE-2010-3301 * compat: Make compat_alloc_user_space() incorporate the access_ok() - CVE-2010-3081 Checksums-Sha1: dd0baa2ac945aea388aa7879d444691b184cd97e 3346 linux-ec2_2.6.31-307.21.dsc 642ce409166104e9ce3b8b36a0b807326f411f60 9299794 linux-ec2_2.6.31-307.21.diff.gz Checksums-Sha256: 7df44e577582b756971ae415a2b6a1ff355efbf8af68ecf6685491d6e294aff7 3346 linux-ec2_2.6.31-307.21.dsc a338158ecab153127eff0e3f8ce7c8d194f6b2568ffe92bbb7daf31db8c08cf6 9299794 linux-ec2_2.6.31-307.21.diff.gz Files: 1a1875470d51311def6aeaaffe950259 3346 devel optional linux-ec2_2.6.31-307.21.dsc 1f489361f6806eca15d52686fca1563e 9299794 devel optional linux-ec2_2.6.31-307.21.diff.gz Launchpad-Bugs-Fixed: 513848 531309 566149 611471 646114 646114 From archive at ubuntu.com Tue Oct 19 18:07:37 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Tue, 19 Oct 2010 18:07:37 -0000 Subject: [ubuntu/karmic-security] linux (delayed), linux 2.6.31-22.67 (Accepted) Message-ID: <20101019180737.29946.52221.launchpad@cocoplum.canonical.com> linux (2.6.31-22.67) karmic-security; urgency=low [ Upstream Kernel Changes ] * Local privilege escalation vulnerability in RDS sockets - CVE-2010-3904 * v4l: disable dangerous buggy compat function - CVE-2010-2963 * mm: Do not assume ENOMEM when looking at a split stack vma - LP: #646114 * mm: Use helper to find real vma with stack guard page - LP: #646114 * Fix race in tty_fasync() properly - CVE-2009-4895 * ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files - CVE-2010-2066 * xfs: prevent swapext from operating on write-only files - CVE-2010-2226 * cifs: Fix a kernel BUG with remote OS/2 server (try #3) - CVE-2010-2248 * ethtool: Fix potential user buffer overflow for ETHTOOL_{G, S}RXFH - CVE-2010-2478 * l2tp: Fix oops in pppol2tp_xmit - CVE-2010-2495 * nfsd4: bug in read_buf - CVE-2010-2521 * CIFS: Fix a malicious redirect problem in the DNS lookup code - CVE-2010-2524 * GFS2: rename causes kernel Oops - CVE-2010-2798 * net sched: fix some kernel memory leaks - CVE-2010-2942 * jfs: don't allow os2 xattr namespace overlap with others - CVE-2010-2946 * irda: Correctly clean up self->ias_obj on irda_bind() failure. - CVE-2010-2954 * wireless extensions: fix kernel heap content leak - CVE-2010-2955 * ext4: consolidate in_range() definitions - CVE-2010-3015 * aio: check for multiplication overflow in do_io_submit - CVE-2010-3067 * xfs: prevent reading uninitialized stack memory - CVE-2010-3078 * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open() - CVE-2010-3080 * niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL - CVE-2010-3084 * rose: Fix signedness issues wrt. digi count. - CVE-2010-3310 * sctp: Do not reset the packet during sctp_packet_config(). - CVE-2010-3432 * Fix pktcdvd ioctl dev_minor range check - CVE-2010-3437 * ALSA: prevent heap corruption in snd_ctl_new() - CVE-2010-3442 * net sched: fix kernel leak in act_police - CVE-2010-3477 * Fix out-of-bounds reading in sctp_asoc_get_hmac() - CVE-2010-3705 * ocfs2: Don't walk off the end of fast symlinks. - CVE-2010-NNN2 Date: Wed, 06 Oct 2010 16:05:21 +0100 Changed-By: Steve Conklin Maintainer: Ubuntu Kernel Team https://launchpad.net/ubuntu/karmic/+source/linux/2.6.31-22.67 -------------- next part -------------- Format: 1.8 Date: Wed, 06 Oct 2010 16:05:21 +0100 Source: linux Binary: linux-source-2.6.31 linux-doc linux-headers-2.6.31-22 linux-libc-dev linux-image-2.6.31-22-386 linux-headers-2.6.31-22-386 linux-image-debug-2.6.31-22-386 linux-image-2.6.31-22-generic linux-headers-2.6.31-22-generic linux-image-debug-2.6.31-22-generic linux-image-2.6.31-22-generic-pae linux-headers-2.6.31-22-generic-pae linux-image-debug-2.6.31-22-generic-pae linux-image-2.6.31-22-ia64 linux-headers-2.6.31-22-ia64 linux-image-debug-2.6.31-22-ia64 linux-image-2.6.31-22-lpia linux-headers-2.6.31-22-lpia linux-image-debug-2.6.31-22-lpia linux-image-2.6.31-22-powerpc linux-headers-2.6.31-22-powerpc linux-image-debug-2.6.31-22-powerpc linux-image-2.6.31-22-powerpc-smp linux-headers-2.6.31-22-powerpc-smp linux-image-debug-2.6.31-22-powerpc-smp linux-image-2.6.31-22-powerpc64-smp linux-headers-2.6.31-22-powerpc64-smp linux-image-debug-2.6.31-22-powerpc64-smp linux-image-2.6.31-22-server linux-headers-2.6.31-22-server linux-image-debug-2.6.31-22-server linux-image-2.6.31-22-sparc64 linux-headers-2.6.31-22-sparc64 linux-image-debug-2.6.31-22-sparc64 linux-image-2.6.31-22-sparc64-smp linux-headers-2.6.31-22-sparc64-smp linux-image-debug-2.6.31-22-sparc64-smp linux-image-2.6.31-22-virtual kernel-image-2.6.31-22-generic-di nic-modules-2.6.31-22-generic-di nic-shared-modules-2.6.31-22-generic-di serial-modules-2.6.31-22-generic-di ppp-modules-2.6.31-22-generic-di firewire-core-modules-2.6.31-22-generic-di scsi-modules-2.6.31-22-generic-di plip-modules-2.6.31-22-generic-di floppy-modules-2.6.31-22-generic-di fat-modules-2.6.31-22-generic-di nfs-modules-2.6.31-22-generic-di md-modules-2.6.31-22-generic-di usb-modules-2.6.31-22-generic-di pcmcia-storage-modules-2.6.31-22-generic-di fb-modules-2.6.31-22-generic-di input-modules-2.6.31-22-generic-di mouse-modules-2.6.31-22-generic-di irda-modules-2.6.31-22-generic-di parport-modules-2.6.31-22-generic-di nic-pcmcia-modules-2.6.31-22-generic-di pcmcia-modules-2.6.31-22-generic-di nic-usb-modules-2.6.31-22-generic-di sata-modules-2.6.31-22-generic-di crypto-modules-2.6.31-22-generic-di char-modules-2.6.31-22-generic-di fs-core-modules-2.6.31-22-generic-di fs-secondary-modules-2.6.31-22-generic-di pata-modules-2.6.31-22-generic-di storage-core-modules-2.6.31-22-generic-di block-modules-2.6.31-22-generic-di message-modules-2.6.31-22-generic-di virtio-modules-2.6.31-22-generic-di Architecture: source Version: 2.6.31-22.67 Distribution: karmic-security Urgency: low Maintainer: Ubuntu Kernel Team Changed-By: Steve Conklin Description: block-modules-2.6.31-22-generic-di - Block storage devices (udeb) char-modules-2.6.31-22-generic-di - Character module support (udeb) crypto-modules-2.6.31-22-generic-di - crypto modules (udeb) fat-modules-2.6.31-22-generic-di - FAT filesystem support (udeb) fb-modules-2.6.31-22-generic-di - Framebuffer modules (udeb) firewire-core-modules-2.6.31-22-generic-di - Firewire (IEEE-1394) Support (udeb) floppy-modules-2.6.31-22-generic-di - Floppy driver support (udeb) fs-core-modules-2.6.31-22-generic-di - Base filesystem modules (udeb) fs-secondary-modules-2.6.31-22-generic-di - Extra filesystem modules (udeb) input-modules-2.6.31-22-generic-di - Support for various input methods (udeb) irda-modules-2.6.31-22-generic-di - Support for Infrared protocols (udeb) kernel-image-2.6.31-22-generic-di - Linux kernel binary image for the Debian installer (udeb) linux-doc - Linux kernel specific documentation for version 2.6.31 linux-headers-2.6.31-22 - Header files related to Linux kernel version 2.6.31 linux-headers-2.6.31-22-386 - Linux kernel headers for version 2.6.31 on i386 linux-headers-2.6.31-22-generic - Linux kernel headers for version 2.6.31 on x86/x86_64 linux-headers-2.6.31-22-generic-pae - Linux kernel headers for version 2.6.31 on x86 linux-headers-2.6.31-22-ia64 - Linux kernel headers for version 2.6.31 on IA-64 SMP linux-headers-2.6.31-22-lpia - Linux kernel headers for version 2.6.31 on Intel Atom processors linux-headers-2.6.31-22-powerpc - Linux kernel headers for version 2.6.31 on 32-bit PowerPC linux-headers-2.6.31-22-powerpc-smp - Linux kernel headers for version 2.6.31 on 32-bit PowerPC SMP linux-headers-2.6.31-22-powerpc64-smp - Linux kernel headers for version 2.6.31 on 64-bit PowerPC SMP linux-headers-2.6.31-22-server - Linux kernel headers for version 2.6.31 on x86_64 linux-headers-2.6.31-22-sparc64 - Linux kernel headers for version 2.6.31 on 64-bit UltraSPARC linux-headers-2.6.31-22-sparc64-smp - Linux kernel headers for version 2.6.31 on 64-bit UltraSPARC SMP linux-image-2.6.31-22-386 - Linux kernel image for version 2.6.31 on i386 linux-image-2.6.31-22-generic - Linux kernel image for version 2.6.31 on x86/x86_64 linux-image-2.6.31-22-generic-pae - Linux kernel image for version 2.6.31 on x86 linux-image-2.6.31-22-ia64 - Linux kernel image for version 2.6.31 on IA-64 SMP linux-image-2.6.31-22-lpia - Linux kernel image for version 2.6.31 on Intel Atom processors linux-image-2.6.31-22-powerpc - Linux kernel image for version 2.6.31 on 32-bit PowerPC linux-image-2.6.31-22-powerpc-smp - Linux kernel image for version 2.6.31 on 32-bit PowerPC SMP linux-image-2.6.31-22-powerpc64-smp - Linux kernel image for version 2.6.31 on 64-bit PowerPC SMP linux-image-2.6.31-22-server - Linux kernel image for version 2.6.31 on x86_64 linux-image-2.6.31-22-sparc64 - Linux kernel image for version 2.6.31 on 64-bit UltraSPARC linux-image-2.6.31-22-sparc64-smp - Linux kernel image for version 2.6.31 on 64-bit UltraSPARC SMP linux-image-2.6.31-22-virtual - Linux kernel image for version 2.6.31 on x86/x86_64 linux-image-debug-2.6.31-22-386 - Linux kernel debug image for version 2.6.31 on i386 linux-image-debug-2.6.31-22-generic - Linux kernel debug image for version 2.6.31 on x86/x86_64 linux-image-debug-2.6.31-22-generic-pae - Linux kernel debug image for version 2.6.31 on x86 linux-image-debug-2.6.31-22-ia64 - Linux kernel debug image for version 2.6.31 on IA-64 SMP linux-image-debug-2.6.31-22-lpia - Linux kernel debug image for version 2.6.31 on Intel Atom process linux-image-debug-2.6.31-22-powerpc - Linux kernel debug image for version 2.6.31 on 32-bit PowerPC linux-image-debug-2.6.31-22-powerpc-smp - Linux kernel debug image for version 2.6.31 on 32-bit PowerPC SMP linux-image-debug-2.6.31-22-powerpc64-smp - Linux kernel debug image for version 2.6.31 on 64-bit PowerPC SMP linux-image-debug-2.6.31-22-server - Linux kernel debug image for version 2.6.31 on x86_64 linux-image-debug-2.6.31-22-sparc64 - Linux kernel debug image for version 2.6.31 on 64-bit UltraSPARC linux-image-debug-2.6.31-22-sparc64-smp - Linux kernel debug image for version 2.6.31 on 64-bit UltraSPARC linux-libc-dev - Linux Kernel Headers for development linux-source-2.6.31 - Linux kernel source for version 2.6.31 with Ubuntu patches md-modules-2.6.31-22-generic-di - Multi-device support (raid, device-mapper, lvm) (udeb) message-modules-2.6.31-22-generic-di - Fusion and i2o storage modules (udeb) mouse-modules-2.6.31-22-generic-di - Mouse support (udeb) nfs-modules-2.6.31-22-generic-di - NFS filesystem drivers (udeb) nic-modules-2.6.31-22-generic-di - Network interface support (udeb) nic-pcmcia-modules-2.6.31-22-generic-di - PCMCIA network interface support (udeb) nic-shared-modules-2.6.31-22-generic-di - nic shared modules (udeb) nic-usb-modules-2.6.31-22-generic-di - USB network interface support (udeb) parport-modules-2.6.31-22-generic-di - Parallel port support (udeb) pata-modules-2.6.31-22-generic-di - PATA support modules (udeb) pcmcia-modules-2.6.31-22-generic-di - PCMCIA Modules (udeb) pcmcia-storage-modules-2.6.31-22-generic-di - PCMCIA storage support (udeb) plip-modules-2.6.31-22-generic-di - PLIP (parallel port) networking support (udeb) ppp-modules-2.6.31-22-generic-di - PPP (serial port) networking support (udeb) sata-modules-2.6.31-22-generic-di - SATA storage support (udeb) scsi-modules-2.6.31-22-generic-di - SCSI storage support (udeb) serial-modules-2.6.31-22-generic-di - Serial port support (udeb) storage-core-modules-2.6.31-22-generic-di - Core storage support (udeb) usb-modules-2.6.31-22-generic-di - Core USB support (udeb) virtio-modules-2.6.31-22-generic-di - VirtIO Modules (udeb) Changes: linux (2.6.31-22.67) karmic-security; urgency=low . [ Upstream Kernel Changes ] . * Local privilege escalation vulnerability in RDS sockets - CVE-2010-3904 * v4l: disable dangerous buggy compat function - CVE-2010-2963 * mm: Do not assume ENOMEM when looking at a split stack vma - LP: #646114 * mm: Use helper to find real vma with stack guard page - LP: #646114 * Fix race in tty_fasync() properly - CVE-2009-4895 * ext4: Make sure the MOVE_EXT ioctl can't overwrite append-only files - CVE-2010-2066 * xfs: prevent swapext from operating on write-only files - CVE-2010-2226 * cifs: Fix a kernel BUG with remote OS/2 server (try #3) - CVE-2010-2248 * ethtool: Fix potential user buffer overflow for ETHTOOL_{G, S}RXFH - CVE-2010-2478 * l2tp: Fix oops in pppol2tp_xmit - CVE-2010-2495 * nfsd4: bug in read_buf - CVE-2010-2521 * CIFS: Fix a malicious redirect problem in the DNS lookup code - CVE-2010-2524 * GFS2: rename causes kernel Oops - CVE-2010-2798 * net sched: fix some kernel memory leaks - CVE-2010-2942 * jfs: don't allow os2 xattr namespace overlap with others - CVE-2010-2946 * irda: Correctly clean up self->ias_obj on irda_bind() failure. - CVE-2010-2954 * wireless extensions: fix kernel heap content leak - CVE-2010-2955 * ext4: consolidate in_range() definitions - CVE-2010-3015 * aio: check for multiplication overflow in do_io_submit - CVE-2010-3067 * xfs: prevent reading uninitialized stack memory - CVE-2010-3078 * ALSA: seq/oss - Fix double-free at error path of snd_seq_oss_open() - CVE-2010-3080 * niu: Fix kernel buffer overflow for ETHTOOL_GRXCLSRLALL - CVE-2010-3084 * rose: Fix signedness issues wrt. digi count. - CVE-2010-3310 * sctp: Do not reset the packet during sctp_packet_config(). - CVE-2010-3432 * Fix pktcdvd ioctl dev_minor range check - CVE-2010-3437 * ALSA: prevent heap corruption in snd_ctl_new() - CVE-2010-3442 * net sched: fix kernel leak in act_police - CVE-2010-3477 * Fix out-of-bounds reading in sctp_asoc_get_hmac() - CVE-2010-3705 * ocfs2: Don't walk off the end of fast symlinks. - CVE-2010-NNN2 Checksums-Sha1: 59fb15bb87f600a32f27d5acdce475b90f59c1db 4422 linux_2.6.31-22.67.dsc 809f549d4145dcbac1ea551cdb5f26f7c4f34c31 2994154 linux_2.6.31-22.67.diff.gz Checksums-Sha256: 16b8b7150715bb6a1c645914b5c797cf9e0fba5082438170586a623db7e951e3 4422 linux_2.6.31-22.67.dsc ddfd8365ebf16bd5785b06956de0f32796b3251fbc75a0f40a72e2285e9d0407 2994154 linux_2.6.31-22.67.diff.gz Files: 31f292eea4a6de474e6af0fea887aeef 4422 devel optional linux_2.6.31-22.67.dsc d4c0b765b973f6461a4c2ec22297cd6e 2994154 devel optional linux_2.6.31-22.67.diff.gz Launchpad-Bugs-Fixed: 646114 646114 From robert.hooker at canonical.com Wed Oct 20 15:40:37 2010 From: robert.hooker at canonical.com (Robert Hooker) Date: Wed, 20 Oct 2010 15:40:37 -0000 Subject: [ubuntu/karmic-proposed] xserver-xorg-video-intel 2:2.9.0-1ubuntu2.2 (Accepted) Message-ID: <20101020154037.9742.90074.launchpad@palladium.canonical.com> xserver-xorg-video-intel (2:2.9.0-1ubuntu2.2) karmic-proposed; urgency=low * Add 102_b43_pciid_update.patch. Fixes detection of a new b43 chipset revision that is being shipped. Without this the drivers will not attempt to load even though this chipset is the same as the previous b43 ones. Backport of upstream commit 55b5fe8880. (LP: #640214) Date: Thu, 16 Sep 2010 18:52:24 -0400 Changed-By: Robert Hooker Maintainer: Ubuntu Developers Signed-By: Bryce Harrington https://edge.launchpad.net/ubuntu/karmic/+source/xserver-xorg-video-intel/2:2.9.0-1ubuntu2.2 -------------- next part -------------- Format: 1.8 Date: Thu, 16 Sep 2010 18:52:24 -0400 Source: xserver-xorg-video-intel Binary: xserver-xorg-video-intel xserver-xorg-video-intel-dbg Architecture: source Version: 2:2.9.0-1ubuntu2.2 Distribution: karmic-proposed Urgency: low Maintainer: Ubuntu Developers Changed-By: Robert Hooker Description: xserver-xorg-video-intel - X.Org X server -- Intel i8xx, i9xx display driver xserver-xorg-video-intel-dbg - X.Org X server -- Intel i8xx, i9xx display driver (debug symbols) Launchpad-Bugs-Fixed: 640214 Changes: xserver-xorg-video-intel (2:2.9.0-1ubuntu2.2) karmic-proposed; urgency=low . * Add 102_b43_pciid_update.patch. Fixes detection of a new b43 chipset revision that is being shipped. Without this the drivers will not attempt to load even though this chipset is the same as the previous b43 ones. Backport of upstream commit 55b5fe8880. (LP: #640214) Checksums-Sha1: f112a3df340fb7a72c294c74720279e0213e1c93 2096 xserver-xorg-video-intel_2.9.0-1ubuntu2.2.dsc 7444ffd5376c09a98be71e2c80774d32eef1be34 322732 xserver-xorg-video-intel_2.9.0-1ubuntu2.2.diff.gz Checksums-Sha256: ec0337598472856342649b3a7f4f080ce32fd2f882ceb80361a6b5b818d5c9a7 2096 xserver-xorg-video-intel_2.9.0-1ubuntu2.2.dsc 71fc5b24b4e85835cb83972665ba6d2df03746940c3b90925a2ffb8ad2e28289 322732 xserver-xorg-video-intel_2.9.0-1ubuntu2.2.diff.gz Files: 1819ddd9014db7307d89181cad804257 2096 x11 optional xserver-xorg-video-intel_2.9.0-1ubuntu2.2.dsc 2970253ae3bce2495c3dd0a76f6b7b39 322732 x11 optional xserver-xorg-video-intel_2.9.0-1ubuntu2.2.diff.gz Original-Maintainer: Debian X Strike Force From archive at ubuntu.com Thu Oct 21 22:05:54 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Thu, 21 Oct 2010 22:05:54 -0000 Subject: [ubuntu/karmic-security] libvirt_0.7.0-1ubuntu13.2_powerpc_translations.tar.gz, libvirt_0.7.0-1ubuntu13.2_sparc_translations.tar.gz (delayed), libvirt_0.7.0-1ubuntu13.2_ia64_translations.tar.gz, libvirt_0.7.0-1ubuntu13.2_amd64_translations.tar.gz, libvirt, libvirt_0.7.0-1ubuntu13.2_lpia_translations.tar.gz, libvirt_0.7.0-1ubuntu13.2_i386_translations.tar.gz, libvirt_0.7.0-1ubuntu13.2_armel_translations.tar.gz 0.7.0-1ubuntu13.2 (Accepted) Message-ID: <20101021220554.11837.41710.launchpad@cocoplum.canonical.com> libvirt (0.7.0-1ubuntu13.2) karmic-security; urgency=low * SECURITY UPDATE: force qemu-img backing stores creation to have a defined disk format. - debian/patches/CVE-2010-2239: explicitly set the user defined backing store format when creating a new image - CVE-2010-2239 * SECURITY UPDATE: fix to disallow privileged users in guests from accessing privileged resources, such as NFS - debian/patches/9901-CVE-2010-2242.patch: set iptables masqerading rules to use ports 1024-65535 - CVE-2010-2242 Date: Wed, 01 Sep 2010 14:55:47 -0500 Changed-By: Jamie Strandboge Maintainer: Ubuntu Developers https://launchpad.net/ubuntu/karmic/+source/libvirt/0.7.0-1ubuntu13.2 -------------- next part -------------- Format: 1.8 Date: Wed, 01 Sep 2010 14:55:47 -0500 Source: libvirt Binary: libvirt-bin libvirt0 libvirt0-dbg libvirt-doc libvirt-dev python-libvirt Architecture: source Version: 0.7.0-1ubuntu13.2 Distribution: karmic-security Urgency: low Maintainer: Ubuntu Developers Changed-By: Jamie Strandboge Description: libvirt-bin - the programs for the libvirt library libvirt-dev - development files for the libvirt library libvirt-doc - documentation for the libvirt library libvirt0 - library for interfacing with different virtualization systems libvirt0-dbg - library for interfacing with different virtualization systems python-libvirt - libvirt Python bindings Changes: libvirt (0.7.0-1ubuntu13.2) karmic-security; urgency=low . * SECURITY UPDATE: force qemu-img backing stores creation to have a defined disk format. - debian/patches/CVE-2010-2239: explicitly set the user defined backing store format when creating a new image - CVE-2010-2239 * SECURITY UPDATE: fix to disallow privileged users in guests from accessing privileged resources, such as NFS - debian/patches/9901-CVE-2010-2242.patch: set iptables masqerading rules to use ports 1024-65535 - CVE-2010-2242 Checksums-Sha1: 01d6de05f1228a10aac5d65dbcd271b5d56c6ba0 1844 libvirt_0.7.0-1ubuntu13.2.dsc 82ffacce2fb5a060415f3b7719d574df921a5bcb 744905 libvirt_0.7.0-1ubuntu13.2.diff.gz Checksums-Sha256: 0e2e823429ec1572baeb5a92ff31dd4903a7b5c3a86b4a4a9347ef88bcd5f29f 1844 libvirt_0.7.0-1ubuntu13.2.dsc becedab02b01197ad1eefe62b91772f83d98309bd211de28011021fbaef6c638 744905 libvirt_0.7.0-1ubuntu13.2.diff.gz Files: 328ca43be60d06e65efa223ba0c71e60 1844 libs optional libvirt_0.7.0-1ubuntu13.2.dsc 877af87d6d665e02bc23789905dd6512 744905 libs optional libvirt_0.7.0-1ubuntu13.2.diff.gz Original-Maintainer: Debian Libvirt Maintainers From archive at ubuntu.com Fri Oct 22 18:05:17 2010 From: archive at ubuntu.com (Ubuntu Installer) Date: Fri, 22 Oct 2010 18:05:17 -0000 Subject: [ubuntu/karmic-security] eglibc_2.10.1-0ubuntu18_ia64_translations.tar.gz, eglibc_2.10.1-0ubuntu18_amd64_translations.tar.gz, eglibc_2.10.1-0ubuntu18_powerpc_translations.tar.gz (delayed), eglibc_2.10.1-0ubuntu18_i386_translations.tar.gz, eglibc_2.10.1-0ubuntu18_lpia_translations.tar.gz, eglibc_2.10.1-0ubuntu18_armel_translations.tar.gz, eglibc 2.10.1-0ubuntu18 (Accepted) Message-ID: <20101022180517.28755.73223.launchpad@cocoplum.canonical.com> eglibc (2.10.1-0ubuntu18) karmic-security; urgency=low * SECURITY UPDATE: root escalation via LD_AUDIT DST expansion. - debian/patches/any/dst-expansion-fix.diff: upstream fixes. - CVE-2010-3847 - debian/patches/any/disable-ld_audit.diff: turn off LD_AUDIT for setuid binaries. Date: Thu, 21 Oct 2010 14:29:51 -0700 Changed-By: Kees Cook Maintainer: Ubuntu Core developers https://launchpad.net/ubuntu/karmic/+source/eglibc/2.10.1-0ubuntu18 -------------- next part -------------- Format: 1.8 Date: Thu, 21 Oct 2010 14:29:51 -0700 Source: eglibc Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-sparcv9b libc6-sparcv9v libc6-sparcv9v2 libc6-sparc64b libc6-sparc64v libc6-sparc64v2 libc6-i686 libc6-xen libc0.1-i686 libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb Architecture: source Version: 2.10.1-0ubuntu18 Distribution: karmic-security Urgency: low Maintainer: Ubuntu Core developers Changed-By: Kees Cook Description: eglibc-source - Embedded GNU C Library: sources glibc-doc - GNU C Library: Documentation libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc0.1 - GNU C Library: Shared libraries libc0.1-dbg - GNU C Library: detached debugging symbols libc0.1-dev - GNU C Library: Development Libraries and Header Files libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64 libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized] libc0.1-pic - GNU C Library: PIC archive library libc0.1-prof - GNU C Library: Profiling Libraries libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3 - GNU C Library: Shared libraries libc0.3-dbg - GNU C Library: detached debugging symbols libc0.3-dev - GNU C Library: Development Libraries and Header Files libc0.3-pic - GNU C Library: PIC archive library libc0.3-prof - GNU C Library: Profiling Libraries libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb) libc6 - GNU C Library: Shared libraries libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64 libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64 libc6-dev-s390x - GNU C Library: 64bit Development Libraries for IBM zSeries libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64 libc6-i686 - GNU C Library: Shared libraries [i686 optimized] libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64 libc6-pic - GNU C Library: PIC archive library libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64 libc6-prof - GNU C Library: Profiling Libraries libc6-s390x - GNU C Library: 64bit Shared libraries for IBM zSeries libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC libc6-sparc64b - GNU C Library: 64bit Shared libraries for UltraSPARC [v9b optimiz libc6-sparc64v - GNU C Library: 64bit Shared libraries for UltraSPARC [v9v optimiz libc6-sparc64v2 - GNU C Library: 64bit Shared libraries for UltraSPARC [v9v2 optimi libc6-sparcv9b - GNU C Library: Shared libraries [v9b optimized] libc6-sparcv9v - GNU C Library: Shared libraries [v9v optimized] libc6-sparcv9v2 - GNU C Library: Shared libraries [v9v2 optimized] libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) libc6-xen - GNU C Library: Shared libraries [Xen version] libc6.1 - GNU C Library: Shared libraries libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized) libc6.1-dbg - GNU C Library: detached debugging symbols libc6.1-dev - GNU C Library: Development Libraries and Header Files libc6.1-pic - GNU C Library: PIC archive library libc6.1-prof - GNU C Library: Profiling Libraries libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb) libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb) locales - GNU C Library: National Language (locale) data [support] locales-all - GNU C Library: Precompiled locale data nscd - GNU C Library: Name Service Cache Daemon Changes: eglibc (2.10.1-0ubuntu18) karmic-security; urgency=low . * SECURITY UPDATE: root escalation via LD_AUDIT DST expansion. - debian/patches/any/dst-expansion-fix.diff: upstream fixes. - CVE-2010-3847 - debian/patches/any/disable-ld_audit.diff: turn off LD_AUDIT for setuid binaries. Checksums-Sha1: 96ac542e1c71a069ec18afd01e54f17a1498f81d 3023 eglibc_2.10.1-0ubuntu18.dsc 890ef53c87892b69aefd8990b5e0084ca16330b3 2765791 eglibc_2.10.1-0ubuntu18.diff.gz Checksums-Sha256: 5d547577465f96de9857bafbbfa55e38bf55401771f6eb5edae367690a01c7fc 3023 eglibc_2.10.1-0ubuntu18.dsc d8fe88a3ee68f50418d3bd9f69d5251634e92eb94159b350d1d608c4141900a6 2765791 eglibc_2.10.1-0ubuntu18.diff.gz Files: 213c1f15d835af858a79f27b8b500d10 3023 libs required eglibc_2.10.1-0ubuntu18.dsc ea2e5d6823fb637dce2817cdcd00ffdc 2765791 libs required eglibc_2.10.1-0ubuntu18.diff.gz Original-Maintainer: GNU Libc Maintainers From sconklin at canonical.com Tue Oct 26 16:34:26 2010 From: sconklin at canonical.com (Steve Conklin) Date: Tue, 26 Oct 2010 16:34:26 -0000 Subject: [ubuntu/karmic-proposed] linux 2.6.31-22.68 (Accepted) Message-ID: <20101026163426.11977.44237.launchpad@potassium.ubuntu.com> linux (2.6.31-22.68) karmic-proposed; urgency=low [ Andy Whitcroft ] * SAUCE: docs -- fix doc strings for fc_event_seq [ Brad Figg ] * SAUCE: (no-up) Modularize vesafb -- fix initialization - LP: #611471 [ Chase Douglas ] * SAUCE: sched: update load count only once per cpu in 10 tick update window - LP: #513848 [ Ike Panhc ] * SAUCE: agp/intel: Add second set of PCI-IDs for B43 - LP: #640214 * SAUCE: drm/i915: Add second set of PCI-IDs for B43 - LP: #640214 [ Steve Conklin ] * SAUCE: Fix compile error on ia64, powerpc, and sparc [ Upstream Kernel Changes ] * (pre-stable) x86-32, resume: do a global tlb flush in S4 resume - LP: #531309 * PCI: Ensure we re-enable devices on resume - LP: #566149 Date: Fri, 22 Oct 2010 09:05:13 -0500 Changed-By: Steve Conklin Maintainer: Ubuntu Kernel Team Signed-By: Steve Conklin https://edge.launchpad.net/ubuntu/karmic/+source/linux/2.6.31-22.68 -------------- next part -------------- Format: 1.8 Date: Fri, 22 Oct 2010 09:05:13 -0500 Source: linux Binary: linux-source-2.6.31 linux-doc linux-headers-2.6.31-22 linux-libc-dev linux-image-2.6.31-22-386 linux-headers-2.6.31-22-386 linux-image-debug-2.6.31-22-386 linux-image-2.6.31-22-generic linux-headers-2.6.31-22-generic linux-image-debug-2.6.31-22-generic linux-image-2.6.31-22-generic-pae linux-headers-2.6.31-22-generic-pae linux-image-debug-2.6.31-22-generic-pae linux-image-2.6.31-22-ia64 linux-headers-2.6.31-22-ia64 linux-image-debug-2.6.31-22-ia64 linux-image-2.6.31-22-lpia linux-headers-2.6.31-22-lpia linux-image-debug-2.6.31-22-lpia linux-image-2.6.31-22-powerpc linux-headers-2.6.31-22-powerpc linux-image-debug-2.6.31-22-powerpc linux-image-2.6.31-22-powerpc64-smp linux-headers-2.6.31-22-powerpc64-smp linux-image-debug-2.6.31-22-powerpc64-smp linux-image-2.6.31-22-powerpc-smp linux-headers-2.6.31-22-powerpc-smp linux-image-debug-2.6.31-22-powerpc-smp linux-image-2.6.31-22-server linux-headers-2.6.31-22-server linux-image-debug-2.6.31-22-server linux-image-2.6.31-22-sparc64 linux-headers-2.6.31-22-sparc64 linux-image-debug-2.6.31-22-sparc64 linux-image-2.6.31-22-sparc64-smp linux-headers-2.6.31-22-sparc64-smp linux-image-debug-2.6.31-22-sparc64-smp linux-image-2.6.31-22-virtual kernel-image-2.6.31-22-generic-di nic-modules-2.6.31-22-generic-di nic-shared-modules-2.6.31-22-generic-di serial-modules-2.6.31-22-generic-di ppp-modules-2.6.31-22-generic-di firewire-core-modules-2.6.31-22-generic-di scsi-modules-2.6.31-22-generic-di plip-modules-2.6.31-22-generic-di floppy-modules-2.6.31-22-generic-di fat-modules-2.6.31-22-generic-di nfs-modules-2.6.31-22-generic-di md-modules-2.6.31-22-generic-di usb-modules-2.6.31-22-generic-di pcmcia-storage-modules-2.6.31-22-generic-di fb-modules-2.6.31-22-generic-di input-modules-2.6.31-22-generic-di mouse-modules-2.6.31-22-generic-di irda-modules-2.6.31-22-generic-di parport-modules-2.6.31-22-generic-di nic-pcmcia-modules-2.6.31-22-generic-di pcmcia-modules-2.6.31-22-generic-di nic-usb-modules-2.6.31-22-generic-di sata-modules-2.6.31-22-generic-di crypto-modules-2.6.31-22-generic-di char-modules-2.6.31-22-generic-di fs-core-modules-2.6.31-22-generic-di fs-secondary-modules-2.6.31-22-generic-di pata-modules-2.6.31-22-generic-di storage-core-modules-2.6.31-22-generic-di block-modules-2.6.31-22-generic-di message-modules-2.6.31-22-generic-di virtio-modules-2.6.31-22-generic-di Architecture: source Version: 2.6.31-22.68 Distribution: karmic-proposed Urgency: low Maintainer: Ubuntu Kernel Team Changed-By: Steve Conklin Description: block-modules-2.6.31-22-generic-di - Block storage devices (udeb) char-modules-2.6.31-22-generic-di - Character module support (udeb) crypto-modules-2.6.31-22-generic-di - crypto modules (udeb) fat-modules-2.6.31-22-generic-di - FAT filesystem support (udeb) fb-modules-2.6.31-22-generic-di - Framebuffer modules (udeb) firewire-core-modules-2.6.31-22-generic-di - Firewire (IEEE-1394) Support (udeb) floppy-modules-2.6.31-22-generic-di - Floppy driver support (udeb) fs-core-modules-2.6.31-22-generic-di - Base filesystem modules (udeb) fs-secondary-modules-2.6.31-22-generic-di - Extra filesystem modules (udeb) input-modules-2.6.31-22-generic-di - Support for various input methods (udeb) irda-modules-2.6.31-22-generic-di - Support for Infrared protocols (udeb) kernel-image-2.6.31-22-generic-di - Linux kernel binary image for the Debian installer (udeb) linux-doc - Linux kernel specific documentation for version 2.6.31 linux-headers-2.6.31-22 - Header files related to Linux kernel version 2.6.31 linux-headers-2.6.31-22-386 - Linux kernel headers for version 2.6.31 on i386 linux-headers-2.6.31-22-generic - Linux kernel headers for version 2.6.31 on x86/x86_64 linux-headers-2.6.31-22-generic-pae - Linux kernel headers for version 2.6.31 on x86 linux-headers-2.6.31-22-ia64 - Linux kernel headers for version 2.6.31 on IA-64 SMP linux-headers-2.6.31-22-lpia - Linux kernel headers for version 2.6.31 on Intel Atom processors linux-headers-2.6.31-22-powerpc - Linux kernel headers for version 2.6.31 on 32-bit PowerPC linux-headers-2.6.31-22-powerpc-smp - Linux kernel headers for version 2.6.31 on 32-bit PowerPC SMP linux-headers-2.6.31-22-powerpc64-smp - Linux kernel headers for version 2.6.31 on 64-bit PowerPC SMP linux-headers-2.6.31-22-server - Linux kernel headers for version 2.6.31 on x86_64 linux-headers-2.6.31-22-sparc64 - Linux kernel headers for version 2.6.31 on 64-bit UltraSPARC linux-headers-2.6.31-22-sparc64-smp - Linux kernel headers for version 2.6.31 on 64-bit UltraSPARC SMP linux-image-2.6.31-22-386 - Linux kernel image for version 2.6.31 on i386 linux-image-2.6.31-22-generic - Linux kernel image for version 2.6.31 on x86/x86_64 linux-image-2.6.31-22-generic-pae - Linux kernel image for version 2.6.31 on x86 linux-image-2.6.31-22-ia64 - Linux kernel image for version 2.6.31 on IA-64 SMP linux-image-2.6.31-22-lpia - Linux kernel image for version 2.6.31 on Intel Atom processors linux-image-2.6.31-22-powerpc - Linux kernel image for version 2.6.31 on 32-bit PowerPC linux-image-2.6.31-22-powerpc-smp - Linux kernel image for version 2.6.31 on 32-bit PowerPC SMP linux-image-2.6.31-22-powerpc64-smp - Linux kernel image for version 2.6.31 on 64-bit PowerPC SMP linux-image-2.6.31-22-server - Linux kernel image for version 2.6.31 on x86_64 linux-image-2.6.31-22-sparc64 - Linux kernel image for version 2.6.31 on 64-bit UltraSPARC linux-image-2.6.31-22-sparc64-smp - Linux kernel image for version 2.6.31 on 64-bit UltraSPARC SMP linux-image-2.6.31-22-virtual - Linux kernel image for version 2.6.31 on x86/x86_64 linux-image-debug-2.6.31-22-386 - Linux kernel debug image for version 2.6.31 on i386 linux-image-debug-2.6.31-22-generic - Linux kernel debug image for version 2.6.31 on x86/x86_64 linux-image-debug-2.6.31-22-generic-pae - Linux kernel debug image for version 2.6.31 on x86 linux-image-debug-2.6.31-22-ia64 - Linux kernel debug image for version 2.6.31 on IA-64 SMP linux-image-debug-2.6.31-22-lpia - Linux kernel debug image for version 2.6.31 on Intel Atom process linux-image-debug-2.6.31-22-powerpc - Linux kernel debug image for version 2.6.31 on 32-bit PowerPC linux-image-debug-2.6.31-22-powerpc-smp - Linux kernel debug image for version 2.6.31 on 32-bit PowerPC SMP linux-image-debug-2.6.31-22-powerpc64-smp - Linux kernel debug image for version 2.6.31 on 64-bit PowerPC SMP linux-image-debug-2.6.31-22-server - Linux kernel debug image for version 2.6.31 on x86_64 linux-image-debug-2.6.31-22-sparc64 - Linux kernel debug image for version 2.6.31 on 64-bit UltraSPARC linux-image-debug-2.6.31-22-sparc64-smp - Linux kernel debug image for version 2.6.31 on 64-bit UltraSPARC linux-libc-dev - Linux Kernel Headers for development linux-source-2.6.31 - Linux kernel source for version 2.6.31 with Ubuntu patches md-modules-2.6.31-22-generic-di - Multi-device support (raid, device-mapper, lvm) (udeb) message-modules-2.6.31-22-generic-di - Fusion and i2o storage modules (udeb) mouse-modules-2.6.31-22-generic-di - Mouse support (udeb) nfs-modules-2.6.31-22-generic-di - NFS filesystem drivers (udeb) nic-modules-2.6.31-22-generic-di - Network interface support (udeb) nic-pcmcia-modules-2.6.31-22-generic-di - PCMCIA network interface support (udeb) nic-shared-modules-2.6.31-22-generic-di - nic shared modules (udeb) nic-usb-modules-2.6.31-22-generic-di - USB network interface support (udeb) parport-modules-2.6.31-22-generic-di - Parallel port support (udeb) pata-modules-2.6.31-22-generic-di - PATA support modules (udeb) pcmcia-modules-2.6.31-22-generic-di - PCMCIA Modules (udeb) pcmcia-storage-modules-2.6.31-22-generic-di - PCMCIA storage support (udeb) plip-modules-2.6.31-22-generic-di - PLIP (parallel port) networking support (udeb) ppp-modules-2.6.31-22-generic-di - PPP (serial port) networking support (udeb) sata-modules-2.6.31-22-generic-di - SATA storage support (udeb) scsi-modules-2.6.31-22-generic-di - SCSI storage support (udeb) serial-modules-2.6.31-22-generic-di - Serial port support (udeb) storage-core-modules-2.6.31-22-generic-di - Core storage support (udeb) usb-modules-2.6.31-22-generic-di - Core USB support (udeb) virtio-modules-2.6.31-22-generic-di - VirtIO Modules (udeb) Launchpad-Bugs-Fixed: 513848 531309 566149 611471 640214 640214 Changes: linux (2.6.31-22.68) karmic-proposed; urgency=low . [ Andy Whitcroft ] . * SAUCE: docs -- fix doc strings for fc_event_seq . [ Brad Figg ] . * SAUCE: (no-up) Modularize vesafb -- fix initialization - LP: #611471 . [ Chase Douglas ] . * SAUCE: sched: update load count only once per cpu in 10 tick update window - LP: #513848 . [ Ike Panhc ] . * SAUCE: agp/intel: Add second set of PCI-IDs for B43 - LP: #640214 * SAUCE: drm/i915: Add second set of PCI-IDs for B43 - LP: #640214 . [ Steve Conklin ] . * SAUCE: Fix compile error on ia64, powerpc, and sparc . [ Upstream Kernel Changes ] . * (pre-stable) x86-32, resume: do a global tlb flush in S4 resume - LP: #531309 * PCI: Ensure we re-enable devices on resume - LP: #566149 Checksums-Sha1: 6fe7541ce52ece597791920a05c8c35ba2af19f4 4384 linux_2.6.31-22.68.dsc 8b2bc516ffd693b711f9337491fabfa5ffe2a7e9 2870623 linux_2.6.31-22.68.diff.gz Checksums-Sha256: 9ae55a649a39e528aa2e0af6dbfec54fa35577317a2b54ae22b976e8bc731f05 4384 linux_2.6.31-22.68.dsc b4e8c65e97ed12f3174e82cae5782fa2f591df898405af57a8f7579492014c88 2870623 linux_2.6.31-22.68.diff.gz Files: f3c80a1aa40e1f3b0db655fd668a0b98 4384 devel optional linux_2.6.31-22.68.dsc 5d9b23e5d6261b40ca474b681f44d99f 2870623 devel optional linux_2.6.31-22.68.diff.gz From sladen at ubuntu.com Tue Oct 26 18:05:14 2010 From: sladen at ubuntu.com (Paul Sladen) Date: Tue, 26 Oct 2010 18:05:14 -0000 Subject: [ubuntu/karmic-proposed] ubuntu-font-family-sources 0.69+ufl-0ubuntu1~karmic1 (Accepted) Message-ID: <20101026180514.25995.36931.launchpad@wampee.canonical.com> ubuntu-font-family-sources (0.69+ufl-0ubuntu1~karmic1) karmic-proposed; urgency=low * Backport/SRU for Ubuntu 9.10 (LP: #650889) Date: Thu, 14 Oct 2010 16:30:00 +0100 Changed-By: Paul Sladen Maintainer: Paul Sladen Signed-By: Paul Sladen https://edge.launchpad.net/ubuntu/karmic/+source/ubuntu-font-family-sources/0.69+ufl-0ubuntu1~karmic1 -------------- next part -------------- Format: 1.8 Date: Thu, 14 Oct 2010 16:30:00 +0100 Source: ubuntu-font-family-sources Binary: ttf-ubuntu-font-family Architecture: source Version: 0.69+ufl-0ubuntu1~karmic1 Distribution: karmic-proposed Urgency: low Maintainer: Paul Sladen Changed-By: Paul Sladen Description: ttf-ubuntu-font-family - Ubuntu Font Family, sans-serif typeface hinted for clarity Launchpad-Bugs-Fixed: 650889 Changes: ubuntu-font-family-sources (0.69+ufl-0ubuntu1~karmic1) karmic-proposed; urgency=low . * Backport/SRU for Ubuntu 9.10 (LP: #650889) Checksums-Sha1: 51916135227a2d301811c1040c8a439674f6aaea 1217 ubuntu-font-family-sources_0.69+ufl-0ubuntu1~karmic1.dsc 862ca824dc4d37bd9376870cfcc46d98270253aa 4514 ubuntu-font-family-sources_0.69+ufl-0ubuntu1~karmic1.diff.gz Checksums-Sha256: c81c93b090e96ff94a9402e79d13825b861158cae0c5a2e840a10007e285db4e 1217 ubuntu-font-family-sources_0.69+ufl-0ubuntu1~karmic1.dsc 7a2bd865dd805df1b9a2fa63c39a0448b3d65670e310d0b029d0818218891e12 4514 ubuntu-font-family-sources_0.69+ufl-0ubuntu1~karmic1.diff.gz Files: 5f2e1e0c9f38843510fb96c342cc70b6 1217 fonts optional ubuntu-font-family-sources_0.69+ufl-0ubuntu1~karmic1.dsc f83b2bb7b5f2b77432e81d4ef832cc67 4514 fonts optional ubuntu-font-family-sources_0.69+ufl-0ubuntu1~karmic1.diff.gz